Monday
restore damaged or currupted .zip files
Now, if you want to unzip the corrupted file then it cannot happen because once you try to unzip it, it will show you an error dialogue box and nothing will come out of it. Today we will be telling you about a tool named as Zip2Fix and this will help you to extract any piece of file which is available in that corrupt ZIP file.
You can see the screenshot of the tool mentioned above, now here you will have to open that corrupt file in this application window using the ‘Open’ button and then it will automatically extract all the undamaged files available in that ZIP archive and it will display the log in the middle of the application window. You can also save the log with the help of ‘Save Log’ button in the application window. Rest of the button will exit the application and tell you more about the application.
It is a portable tool, so you can carry it anywhere as it is very rare for a ZIP file to get corrupt. You are only supposed to open the file and then this freeware will take care of the undamaged files in the ZIP archive. As you might not use this tool every day, so you can keep it in any of your software backup folder. The size of this tool is around 600KB and it has been checked with Windows 7 32-bit Ultimate. So, if you face any problem while using this tool, then please let us know.
Download Zip2Fix
Saturday
MOBILedit! Forensic v2.99.0.19 extract mobile information
Mobile phones contain some of the most important evidence in criminal investigations. Law enforcement agencies around the world need every possible advantage to help solve crimes. In many instances, mobile phones contain the important incriminating evidence that legal investigators require to solve a case. MOBILedit! Forensic has changed the way this evidence is obtained and presented. It provides reports with tamper-proof and indisputable evidence in a court of law. This report details out every piece of information in the phone such as call history, list of contacts, messages, photos, voice recordings, video, files, calendar, tasks, notes etc. MOBILedit! Forensic is a must-have for any forensic agent looking for that extra edge.
How It Works
With just a single click, MOBILedit! Forensic collects all possible data from the mobile phone and generates an extensive report onto a PC that can be stored or printed. MOBILedit! Forensic is the most universal cellular phone solution with architecture able to support virtually all phones. MOBILedit! Forensic allows you to customize the
Global Compatibility
MOBILedit! Forensic caters to the entire world with reports that can be generated in any
In summary, MOBILedit! Forensic allows you to read data from a phone directly onto a PC. This data can be saved to a file or exported into any supported format.
Because no data can be altered, it is completely concrete and admissible in a court of law.
Security
MOBILedit! Forensic reports are secure, as the final report document is created without the touch of a human hand. MOBILedit! Forensic is read-only so it prevents changes in the device, which could mean the disappearance of evidence. All items are also protected against later modifications by hash code used in digital signatures. All blocks of data like the phonebook are protected by the MD5 hash algorithm. Each item has its own short MD5 code to help you quickly locate the possible place of modification.
You are able to generate reports from devices presently connected to the computer and reports from phones connected in the past using the backup file. So if you are pressed for time, you can simply run backups and later generate nice reports.
Features:
* Analyze phones via Bluetooth, IrDA or cable connection
* Analyze phonebook, last dialed numbers, missed calls, received calls, SMS messages, multimedia messages, photos, files, phone details, calendar, notes, tasks and more
* Large quantity of phones supported
* Frequent updates and upgrades with new features and more phones
* Direct SIM analyzer through SIM readers
* Reads deleted messages from the SIM card
* Reports Generator based on your templates
* Print reports ready for courtroom
* Reports generated in any language
* Make backup now and reports when needed
* Manual investigation mode
* Secure and tamper-proof using MD5 hash
* Compliant with Word or any other RTF editor
* View formatted reports in browser including original pictures
* Exports to Word, Excel/XLS, browser, XML/XSL
* Complete solution including
* XML export - seamlessly connect MOBILedit! Forensic data with other systems
* Preferred/forbidden networks
* Hex dump viewer
Thursday
Crack WEP password (wi-fi)
JOIN OUR FACEBOOK GROUP
To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there on the taskbar in the lower left corner, second button to the right. Now, the commands.
backtrack download page :click here
First run the following to get a list of your network interfaces:
airmon-ng
The only one I've got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).
Now, run the following four commands. See the output that I got for them in the screenshot below.
airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)
Now it's time to pick your network. Run:
airodump-ng (interface)
To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.
Now we're going to watch what's going on with that network you chose and capture that information to a file. Run:
airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)
Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). I chose "yoyo," which is the network's name I'm cracking.
You'll get output like what's in the window in the background pictured below. Leave that one be. Open a new Konsole window in the foreground, and enter this command:
aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)
Here the ESSID is the access point's SSID name, which in my case is yoyo. What you want to get after this command is the reassuring "Association successful" message with that smiley face.
You're almost there. Now it's time for:
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)
Here we're creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets. (Also, I was unable to surf the web with the yoyo network on a separate computer while this was going on.) Here's the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack. Watch the number in the "#Data" column—you want it to go above 10,000. (Pictured below it's only at 854.)
Depending on the power of your network (mine is inexplicably low at -32 in that screenshot, even though the yoyo AP was in the same room as my adapter), this process could take some time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In fact, you may need more than 10k, though that seems to be a working threshold for many.
Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and run the following to crack that data you've collected:
aircrack-ng -b (bssid) (file name-01.cap)
Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it's the one with .cap as the extension.
If you didn't get enough data, aircrack will fail and tell you to try again with more. If it succeeds, it will look like this:
The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the network.
Problems Along the Way
With this article I set out to prove that cracking WEP is a relatively "easy" process for someone determined and willing to get the hardware and software going. I still think that's true, but unlike the guy in the video below, I had several difficulties along the way. In fact, you'll notice that the last screenshot up there doesn't look like the others—it's because it's not mine. Even though the AP which I was cracking was my own and in the same room as my Alfa, the power reading on the signal was always around -30, and so the data collection was very slow, and BackTrack would consistently crash before it was complete. After about half a dozen attempts (and trying BackTrack on both my Mac and PC, as a live CD and a virtual machine), I still haven't captured enough data for aircrack to decrypt the key.
So while this process is easy in theory, your mileage may vary depending on your hardware, proximity to the AP point, and the way the planets are aligned. Oh yeah, and if you're on deadline—Murphy's Law almost guarantees it won't work if you're on deadline.
Saturday
troubleshoot windows 7 software/driver problems
JOIN OUR FACEBOOK GROUP
While checking control panel
options, I found a very useful feature of Windows 7. Windows 7 is indeed most advanced and mysterious OS. It has self-diagnostic and self-repairing/optimization methods. Have anybody ever checked Windows event logs to see how much more is tracked? Personally, I disable all Windows logs to prevent unnecessary I/O load (although low impact only). Now moving to tutorial:
Open Control Panel and change view to small icons. Open 'Performance Information and Tools'. In left pane, click Advanced tools. In Advanced Tools, check if any issue is listed under Performance issues. If any issue is listed there, then click it and read the information in the dialog box that shows problematic programs/drivers. It also offer even log link to see tracking detail.
Now it is up to you to solve the problem
via uninstalling/upgrading program/driver
While checking control panel
options, I found a very useful feature of Windows 7. Windows 7 is indeed most advanced and mysterious OS. It has self-diagnostic and self-repairing/optimization methods. Have anybody ever checked Windows event logs to see how much more is tracked? Personally, I disable all Windows logs to prevent unnecessary I/O load (although low impact only). Now moving to tutorial:
Open Control Panel and change view to small icons. Open 'Performance Information and Tools'. In left pane, click Advanced tools. In Advanced Tools, check if any issue is listed under Performance issues. If any issue is listed there, then click it and read the information in the dialog box that shows problematic programs/drivers. It also offer even log link to see tracking detail.
Now it is up to you to solve the problem
via uninstalling/upgrading program/driver
Wednesday
Transfer WITH GREATER SPEED...
JOIN OUR FACEBOOK GROUP
FastCopy 2.08 (57 seconds) ExtremeCopy Pro 1.5.1 (57 seconds) * TeraCopy 2.12 (65 seconds) * RichCopy 4.0.217 (66 seconds) * KillCopy 2.85 (74 seconds) Ultracopier 0.2.0.15 (75 seconds) PerigeeCopy 1.2 (75 seconds) * Robocopy (75 seconds) Windows 7 (76 seconds) Copy Handler 1.32.276 (77 seconds) * MiniCopier 0.5 (79 seconds) Copywhiz 4.0 Build 3 (82 seconds) SuperCopier 2.2 (86 seconds) * Roadkil’s Unstoppable Copier 5.2 (86 seconds) QCopy 1.0.2 (409 seconds)
Many of us know that it is possible to copy or move files & folders in Windows by either using your mouse to right click, select Copy and then Paste, or your keyboard’s shortcut key CTRL+C to copy, CTRL+X to cut (for moving) and CTRL+V to paste. The biggest factor on the time taken to copy or move the files very much depend on the hard drive’s speed (5400RPM, 7200RPM, SSD) and also the interface (PATA, SATA, SCSI). However, it is still possible to shorten the duration in copying or moving files if you use third party software to do it instead of relying on the Windows built-in function
I simply copied a folder containing 2319 files, ranging from files as small as 1KB to as big as 700MB to another hard drive using the software’s default settings. The file copying testing methodology which I used is very simple and I have to admit that it is not enough to determine which is the “best” or “fastest” file copying software. However, the results does give you a hint on which file copy software you should be try and avoid.
I am quite surprise to find that only about half of the file copy software is able to copy faster than the default Windows 7 copy function and the rest takes longer time to finish copying. Hopefully this simple test will be an eye opener to those that are using the slower file copy software.
The good thing about file copying software is the ability to that failed tresumeo copy. In Windows, if the copy failed, you’d have recopy and replace existing files that are already copied. Some file copy software above that are marked with an asterisk (*) are those that can completely replace Explorer copy and move functions, allowing you work with files as usual. For example, using the hotkey CTRL+C and CTRL+V will automatically make the file copy software to copy and paste instead of using the Windows built-in copy function.
Tuesday
install windows 7 from usb(min:4gb)
JOIN OUR FACEBOOK GROUP
Installing Windows 7 using a pendrive is very much faster than that from DVD/CD. You just need to follow some small steps to do this. You can keep this pendrive/USB drive for future installation of Windows 7. If you are a beginner or dont want to get messed up by typing in all commands, here is a Free Utility To Create A Bootable USB To Install Windows 7, Vista & Server 2008(http://cid-f52381d9f2fd5fd8.skydrive.live.com/browse.aspx/ABUSB). This tool will help you to automate the process of bootable pendrive’s and you can install windows 7 from pendrive easily. If not you can follow this guide to install windows 7 from a pendrive.
installing of utility
Check USB drive (To check whether your USB drive is connected or not)
Format USB Drive
Choose DVD or ISO image (To copy the needed files to USB drive)
Start the process to create bootable USB drive
Bootable USB automatically runs the required commands in Windows 7 / vista fro making the USB drive bootable. All you need to do is to follow these four simple steps.
Note: Windows XP users cant Run this utility. If you try to run it Bootable USB will show a message saying that ” Unsupported Opperating System. Supported Operating systems are Windows Vista (SP1 or later) “. On Vista with no SP there is an error diskpart which is solved later by microsft on SP1 and later.
And before selecting the DVD or ISO image of the Windows 7 or Vista installation make sure it is free of errors.
Bootable USB works with 64 bit versions of Windows 7, Vista too. Bootable USB is a nice and sleek application that is of great use in creating A Bootable USB To Install Windows 7.
Make sure you have a Pendrive or USB drive with a minimum of 4 GB space and you have the Windows 7 installation DVD. This tutorial is best suited if you have a Windows 7 DVD with you else you need to change it
...............................................
Format the Pendrive or USB drive in NTFS format first.
From the start menu right click on the command prompt and select “Run as administrator“.
Now type the following commands (Press enter key after each command).
diskpart. This is to open the disk partition program.
Now to show the list of drives type list disk.
You can see disk’s listed there. Note down the disk number of your pendrive eg. Disk .
Now type SELECT DISK X (where X is the number you noted down for the pendrive from step 5)
Now type CLEAN.
Now type the following commands by pressing enter after each one.
CREATE PARTITION PRIMARY
SELECT PARTITION 1 (Assuming your pendrive/ USB drive is 1).
ACTIVE
FORMAT FS=NTFS
ASSIGN
EXIT(Now the disk partition program will exit). Now we need to give some more commands.
Now insert the Windows 7 Installation DVD and to your DVD drive.
Here i am assuming DVD drive as G and Pendrive as I.(Change it accordingly).
Now type G:CD BOOT
Now type this command BOOTSECT.EXE/NT60 I: to update your USB drive with bootmgr code.
Finally copy all the contents from the Windows 7 DVD to your Pendrive. Make sure you don’t cause any errors.
Plug / Insert your pendrive to your PC and restart the system.
Now Enter the Bios system accordingly by pressing the key delete.(This may vary some times it will be F2 or F12. It depends on the type of your system. Any how during the start up your system will display which key to press to enter the Bios).
Now select the USB/ Pendrive as the first boot driver.(Set the first boot priority to USB drive.).
Now save the settings in Bios and restart and you will be able to Install Windows 7 using that pendrive.
BIOS Password Backdoors in Laptops
JOIN OUR FACEBOOK GROUP
in ebay there are lots of guys selling this tricks $45 and above.this is simple trick u can do it..i got it from dogbert article..hack heck team always gratitude for that
laptops bios locked with password, a checksum of that password is stored to a sector of the FlashROM - this is a chip on the mainboard of the device which also contains the BIOS and other settings, e.g. memory timings. For most brands, this checksum is displayed after entering an invalid password for the third time:
The dramatic 'System Disabled' message is just scare tactics: when you remove all power from the laptop and reboot it, there are not new penalties such as additional passwords, locks and so on. From such a checksum (also called "hash"), valid passwords can be found by means of brute-forcing. Another method commonly used is that instead of a checksum, a number is displayed from which a randomly generated password can be calculated. Quite often, vendors also resort to storing the password in plain text, and instead of printing out just a checksum, an encrypted version of the password is shown. Either way, my scripts can be used to derive valid passwords with the hash.
Some vendors have implemented obfuscation measures to hide the hash from the end user - for instance, some FSI laptops require you to enter three special passwords for the hash to show up (see other post). HP/Compaq laptops only show the hash if the F2 or F12 key has been pressed prior to entering an invalid password for the last time.
Depending on the "format" of the number code/hash (e.g. whether only numbers or both numbers and letters are used, whether it contains dashes, etc.), you need to choose the right script - it is mostly just a matter of trying all of them and finding the one that matches your laptop. It does not matter on what machine the script are executed, i.e. there is no reason to run them on the locked laptop.
This is an overview of the algorithms that I looked at so far:
The .NET runtime libraries are required for running the Windows binary files (extension .exe). If the binary files (.exe) don't work out for you, install Python 2.6(not 3.0!) and run the .py script directly by double-clicking them. Make sure that you correctly read each letter (e.g. number '1' vs letter 'l').
Please comment on what make/model the scripts work and on what they don't. Also, be aware that some vendors use other schemes for master passwords - among them are e.g. IBM/Lenovo. Please understand that my motivation for reverse-engineering comes from a personal interest. If you find that your laptop does not display a hash or the scripts do not work for you for whatever reason, please use the vendor support. I will not accept offers to look at the specifics of certain models
The dramatic 'System Disabled' message is just scare tactics: when you remove all power from the laptop and reboot it, there are not new penalties such as additional passwords, locks and so on. From such a checksum (also called "hash"), valid passwords can be found by means of brute-forcing. Another method commonly used is that instead of a checksum, a number is displayed from which a randomly generated password can be calculated. Quite often, vendors also resort to storing the password in plain text, and instead of printing out just a checksum, an encrypted version of the password is shown. Either way, my scripts can be used to derive valid passwords with the hash.
Some vendors have implemented obfuscation measures to hide the hash from the end user - for instance, some FSI laptops require you to enter three special passwords for the hash to show up (see other post). HP/Compaq laptops only show the hash if the F2 or F12 key has been pressed prior to entering an invalid password for the last time.
Depending on the "format" of the number code/hash (e.g. whether only numbers or both numbers and letters are used, whether it contains dashes, etc.), you need to choose the right script - it is mostly just a matter of trying all of them and finding the one that matches your laptop. It does not matter on what machine the script are executed, i.e. there is no reason to run them on the locked laptop.
This is an overview of the algorithms that I looked at so far:
| Vendor | Hash Encoding | Example of Hash Code/Serial | Scripts |
|---|---|---|---|
| Compaq | 5 decimal digits | 12345 | pwgen-5dec.py Windows binary |
| Dell | serial number | 1234567-595B 1234567-D35B 1234567-2A7B | Windows binary&source |
| Fujitsu-Siemens | 5 decimal digits | 12345 | pwgen-5dec.py Windows binary |
| Fujitsu-Siemens | 8 hexadecimal digits | DEADBEEF | pwgen-fsi-hex.py Windows binary |
| Fujitsu-Siemens | 5x4 hexadecimal digits | AAAA-BBBB-CCCC-DEAD-BEEF | pwgen-fsi-hex.py Windows binary |
| Fujitsu-Siemens | 5x4 decimal digits | 1234-4321-1234-4321-1234 | pwgen-fsi-5x4dec.py Windows binary |
| Hewlett-Packard | 5 decimal digits | 12345 | pwgen-5dec.py Windows binary |
| Hewlett-Packard/Compaq Netbooks | 10 characters | CNU1234ABC | pwgen-hpmini.py Windows binary |
| Insyde H20 (generic) | 8 decimal digits | 03133610 | pwgen-insyde.py Windows binary |
| Phoenix (generic) | 5 decimal digits | 12345 | pwgen-5dec.py Windows binary |
| Samsung | 12 hexadecimal digits | 07088120410C0000 | pwgen-samsung.py Windows binary |
The .NET runtime libraries are required for running the Windows binary files (extension .exe). If the binary files (.exe) don't work out for you, install Python 2.6(not 3.0!) and run the .py script directly by double-clicking them. Make sure that you correctly read each letter (e.g. number '1' vs letter 'l').
Please comment on what make/model the scripts work and on what they don't. Also, be aware that some vendors use other schemes for master passwords - among them are e.g. IBM/Lenovo. Please understand that my motivation for reverse-engineering comes from a personal interest. If you find that your laptop does not display a hash or the scripts do not work for you for whatever reason, please use the vendor support. I will not accept offers to look at the specifics of certain models
Subscribe to:
Posts (Atom)