Tag / hack

by Kush

How to Unblock Internet Filter

These days, schools are so strapped for cash, they cant afford the Internet bandwidth for students to do useful and fun thing on school computers. Some schools expect students to actually do work during IT lessons, and some IT departments just don’t like YouTube. However, the days are over when they can lock down the system enough to stop determined students from using the Internet as they please.

De-filters

These are websites which take a URL, and collect the content for you. The work because the filters only see you downloading data from an unblocked website (the de-filter); the connection to the banned site is from another external web server so it doesn’t pass through your schools filters.

These are some good de-filter websites:

These are just a few of the hundreds of de-filter websites revealed by a quick google search. Where possible, tick the box that turns on some kind of encryption. This prevents the IT department seeing what sites you gave unblocked. Also, sites that use the HTTPS protocol are even harder to be caught with.

hide my ass

However, de-filter sites do not always unblock active content such as flash, or videos so they are not perfect. If you find a good de-filter, don’t give it to anyone because it will soon spread round the school, and end up blocked.

 

Using a new proxy

Most school filters work by directing all traffic through a proxy server, which scans URLs for blocked keywords. Internet Explorer uses the system wide proxy for HTTP. However, FireFox can have its own proxy set. Firefox will route all traffic through the open proxy server, avoiding using banned keywords in the URL. This traffic will then be sent through the filter proxy by the operating system, but will not be blocked if all has worked well.

1) Get a copy of FireFox on a memory stick. It’s best to use the portable version available here because it wont leave evidence of running FireFox on the main system hard drive. This version also remembers your bookmarks, passwords etc.

2) Set up FireFox to a proxy. Open the Tools menu, then click Options. Then click the Connection Settings button in the resultant window. Click the radio button for “Manual proxy configuration”, and fill in relevant proxies/port numbers. A list of free proxies and port numbers is available here. Now, all should work as planned.

HTTPS

This is the most simple of them all but sometimes does not to work. It’s as simple as just adding an S on to the http. so lets say for example http://www.facebook.com/ you would change it to https://www.facebook.com/

https facebook

UltraSurf

In my high school we use a program called UltraSurf. http://www.ultrareach.com/ All you need to do is download this to a flash drive (some kids save it to our student drives on our network, but I don’t suggest this as the IT department will find out) and when you are at school run it. It will pop up with a new browser window and viola! Surf the net as you please!

URL Filter Bypassing

It’s possible for internal employees to bypass Web-content filtering applications and logging mechanisms to browse to sites that they shouldn’t go to — potentially covering up malicious behavior and Internet usage.

Easier hack is to exploit the general mechanism built into URL filtering systems that filter Web traffic based on specific URLs and keywords (words that match a list or meet a certain criteria). Users take advantage of this practice by converting the URL to an IP address and then to its binary equivalent. The following steps can bypass URL filtering in such browsers as Netscape and Mozilla:

  •  Obtain the IP address for the Web site.

For example, a gambling Web site (www.go-gamblin.com) blocked in Web-content filtering software has this IP address: 10.22.33.44 This is an invalid public address, but it’s okay for this example; you may want to filter out Web addresses on your internal network as well.

  • Convert each individual number in the IP address to an eight-digit binary number. Numbers that may have fewer than eight digits in their binary form must be padded with leading zeroes to fill in the missing digits.

For example, the binary number 1 is padded to 00000001 by adding seven zeroes. The four individual numbers in the IP address in Step 1 have these equivalent eight-digit binary numbers:

10 = 00001010

22 = 00010110

33 = 00100001

44 = 00101100

The Windows Calculator can automatically convert numbers from decimal to binary notation:

i. Choose View➪Scientific.

ii. Click the Dec option button.

iii. Enter the number in decimal value.

iv. Click the Bin option button to show the number in binary format.

  •  Assemble the four 8-digit binary numbers into one 32-digit binary number. For example, the complete 32-digit binary equivalent for 10.22.33.44 is 00001010000101100010000100101100 Don’t add the binary numbers. Just organize them in the same order as the original IP address without the separating periods.
  • Convert the 32-digit binary number to a decimal number. For example, the 32-digit binary number 00001010000101100010000100101100 equals the decimal number 169222444. The decimal number doesn’t need to be padded to a specific length
  • Plug the decimal number into the Web browser’s address field, like this: http://169222444
  • The Web page loads easy as pie! The preceding steps won’t bypass URLs in Internet Explorer.
by Kush

Bypass Microsoft Windows 7 Password

Learn how to easily override the access to Windows XP or Windows 7 PCs, without knowing the password, by using a very simple trick.

Whether you have forgotten your own password, or you want to hack into another user account on Windows XP or Windows 7 PCs, here is a very easy trick or method, which does not require you to download any third-party utility or run complex commands. This is a very straightforward trick and the necessary requirements are already present with you. You may consider this method a security flaw in Windows, but there are ways that you can also block it before somebody else uses it to get into your PC.

However, if you do so, there are chances that you might not be able to use it yourself, if you get locked out of your own account. You might then need to use other resources (like Linux) to crack/reset your password. It is always advisable to enable the ‘Administrator’ account and set a password to it. In this way, you can get into the Administrator account and reset other user passwords.

Let’s get started

Windows, be it Windows XP, Windows Vista or Windows 7, has a built-in feature called ‘Sticky Keys’. This is an accessibility feature that was implemented to help people with certain types of physical disabilities and also to help reduce the strain of repetitive keystrokes. It helps serializing keystrokes, instead of pressing multiple keys at the same time. You can find out more from the system’s control panel. In this article, we shall show you how to take advantage of this feature in Windows and turn it into a password hacking option.

Step 1

The trick involves replacing the Sticky Keys control panel with the command prompt and then triggering the password reset commands from within the command prompt window. However, doing this is not as easy as said. Since the Sticky Keys cannot be easily renamed when the PC is logged in, we have to do it from the recovery mode.

In this workshop, Sticky Keys is not actually used to hack the password, but we shall make use of its features to pull up the command prompt in administrator mode and do the needful. We would need to pull up the command prompt before the PC is logged-in, in order to change the password. However, since the command prompt cannot be accessed during pre-login, the Sticky Keys option can be used here. Nevertheless, to get the necessary hack in place, we need to run a few commands. Let’s proceed ahead on how to do it.

bypass-windows

Step 2

First, you need to boot your PC using your Windows installation DVD. Make sure you have your BIOS set to boot from the optical drive. Once you boot from the OS installation DVD, select the option to repair your computer. Windows will start loading the necessary files it needs and starts searching for problems that it can detect.

Note: This will take a bit of time depending on your computer’s speed. After a while, you will be asked to choose the location of the installed Windows OS on your hard drive. Choose the appropriate one and click on the ‘Next’ button. After the recovery mode checks for options, it will then will pop-up a window asking if you want to restore your system to an earlier point using the System Restore option. Decline the offer and press the cancel button.

hack windows 7

Step 3

The next screen will state that Startup Repair cannot repair your computer automatically and ask you to choose to send the information report to Microsoft. This time once again, decline the option and click on ‘Don’t send’. The next window will ask you once more what it should do now.

hack windows

 

Click on the link which reads ‘View advanced options for system recovery and support’.

 

hack windows

 

This link will take you to the options page where you should click on the ‘Command Prompt’ link.

hack windows

Once clicked, you will have the command prompt window where you should type the following commands as given below –

cmd commands

In this example we have taken C drive, you have to put that drive in which windows is installed.

Step 6

 

Now that you have finished with the necessary requirements to run the command prompt using the Sticky Keys function during the login period, you can restart the PC and boot the computer normally without the DVD. After the PC has booted into Windows, you will land on the login page, where you need to enter the password for the user. Assuming you have forgotten the password and need to reset it, here is what you have to do. Hit the ‘Shift’ key five times. The Sticky Keys will sense the shift key being pressed five times and will try pop-up the Sticky Keys utility. Click Yes.

 Step 7

However, since we have replaced the original Sticky Keys utility with the Command Prompt utility, you will see the Command Prompt window pop-up. This window will allow you to make any changes to the system using the default administrative privileges. Here, simply type the command to change the password of the user, which you have either forgotten or are trying to hack into. Type the command as follows:

  • net user <username> 123

here 123 is password.

Step 8

Once done, you can exit the command prompt window and login using the new password.

You can use this method to gain access to any user profile whenever you have forgotten the password. However, since it is a very simple method, you can run the risk of anyone gaining unauthorized access to your PC. If you feel this can cause a security issue or threat to your personal and important data, you can disable Sticky Keys permanently from the control panel.

 

Note: This workshop highlights a method of gaining access to a Windows PC and is for knowledge purposes. We urge you not to use this for any illegal purposes. Use this method at your own risk.