How to hack crack or by pass cyberoam in college or office

How to hack crack or by pass cyberoam in college or office 

 Hello Friends, today I am going to explain you How to hack crack or bypass cyberoam websense and all other security firewalls that college, institutions, offices use to block websites at their respective places. Most of colleges, school and offices nowadays prefers a hardware firewall to block the users to access the restricted websites. Most of my friends have asked me about that how to access blocked websites or bypass cyberoam or simply cracking the cyberoam to access restricted websites in their college and offices, i have explained some methods earlier also but those loopholes are now fixed and those methods to hack cyberoam and websense doesn't work effectively now and also hacking through proxy is quite tedious task as first of all we have to search for good working proxy websites which in itself is a very tedious task, and most of times it is also blocked. So it actually wastes lot of our precious times and most important daily. So why don't we have a permanent solution for it. The method that i will explain today is really awesome and doesn't require much effort and thus its quite easy and the most important its 100% working. So friends read on for detailed hack.... Hacking or bypassing or cracking cyberoam For hacking Cyberoam or Websense you must know How cyberoam and websense works? If you know how it works then you can easily find flaws in it and hack or bypass it very easily. So friends lets learn how cyberoam actually works. Cyberoam is a 8 layer hardware firewall that offers stateful and deep packet inspection for network and web applications and user based identity security. Thus the firewall is quite secured. Now how we can hack that 8 layer security its the main important question here, as i have mentioned above that main working and blocking of any website or application by cyberoam is basically done at deep packet inspection step, now here the flaw in any security firewall lies, also in case of cyberoam and websense too. They block all websites by parsing their content and if their content contains the restricted keywords then they block that websites. They also use category blocking which also works on same concept. The flaw is with websites that uses SSL feature, the websites that contains SSL lock i.e. the websites that uses https are not blocked by them. They have to block these websites manually which is a very hectic task and believe me nobody blocks them. So the proxy websites that uses https i.e. SSL proxies are also not blocked by these websites. Only those proxies are blocked which are known or being heavily used. But the tool that i give you create SSL proxies by itself that means its proxies cannot be blocked. So friends this tool rocks..:P :) 
Things that we need to hack cyberoam, websense and any such such hardware firewall:-
 1. TOR browser ( a anonymous web browser like Mozilla which has inbuilt proxy finder that bypasses the websites easily that are being blocked by cyberoam or websense).
 2. A USB or pendrive ( where you will keep the portable version of TOR browser) 
 3. If USB drives are disabled we will use different drive for its installation. (also portable version of TOR can be executed from any place).
 Steps to hack Cyberoam:-
1. Download the TOR web browser. To download TOR browser: CLICK HERE 
2. Now install the TOR web browser. In case of portable version it will extract. For Installation and usage Instructions visit here: CLICK HERE 
3. Now open the TOR browser and start surfing your favorite website like facebook, orkut, gmail ..everything at you office....
 4. That's all the hack. I hope you all have liked it. Note: Have a portable version in your pen drive or USB drive and enjoy where ever you want.

HACKING THE WAL-MART ARMORGUARD by:-Raghib(rags)

HACKING THE WAL-MART ARMOR GUARD

by:-Raghib(rags)

COMPUTER PROTECTION SYSTEM.

***NOTE***

To use this, you must have a system disk (i.e. a disk that has been

formatted using [format a: /s]) in 3.5" format under Windows 95, because that

is what they sell all of their computers with.

***NOTE***

In this file, instructions to be input into the computer are surrounded

by [ and ].  Keys are surrounded by < and >.  So if I say "hit [<CTRL>-<F1>] I

mean to hold down the control button and hit F1.

The armorguard is a program that prevents you from writing to the

directories, changing the attributes of files, and deleting files.  It 

basically prevents you from doing anything cool.

The first thing to do is to go into Wal-Mart.  Now, go to the 

computer section and turn off the screen saver.  Shut down as many apps as

you can with the [<CTRL>-<ALT>-<DEL>] and then choosing a program and 

hitting enter.  You cannot simply do this to the ArmorGuard program.  

The next thing to do is to go to the DOS PROMPT.  Most Wal-Marts

take the mouse ball out of all of the display mice to make it harder to 

control the system.  If you are adept at putting your finger inside the mouse

and controlling it that way, fine.  Otherwise, just hit [<CTRL>-<ALT>-<ESC>].

This activates the start menu.  Select "Programs", hit enter, then go down to 

near the bottom of the "Programs" menu and select "MS-DOS PROMPT".  Hit enter.

Now you are in a DOS window and in the C:\Windows directory.  Hit

[cd..] and then hit [fdisk /mbr], which restores the master boot record, 

preventing the password prompt from coming up when you reset the computer.

Now just hit [<CTRL>-<ALT>-<DEL>] twice (once gets you to task manager,

twice reboots) and wait.  When you see

Starting Windows 95...

on the screen, hit [<F8>] really fast just once, then choose "Verify

each step" (or something to that effect), usually choice number 4.  It will 

give you an A: prompt and say "Please give the path of your command interpreter, 

i.e. C:\WINDOWS\COMMAND.COM".  At this point, put the system disk you have 

made in the drive and hit [A:\COMMAND.COM].  Say "Yes" to everything except

the following:

Log this bootup? (Bootlog.txt)? (y/n)

C:\armguard.exe? (y/n)

(***OR ANYTHING ELSE STARTING WITH "C:\ARM", LIKE "C:\ARMOR",

for instance.)

If you have done this right, ARMGUARD SHOULDN'T COME UP AT ALL.  If

it does, hit "command prompt only" instead of "Verify each step" and then

specify C:\AUTOEXEC.BAT and C:\CONFIG.SYS if it asks for the configuration

and the startup file.  (IN THE OPPOSITE ORDER.  CONFIG.SYS IS THE CONFIG FILE,

AUTOEXEC.BAT IS THE STARTUP FILE.)  Then immediately hit [<F4>] and it will

give you step-by-step confirmation for each item.  See above for the ones

to say no to.  Then you want to hit 

[C:\WINDOWS\COMMAND\EDIT.COM C:\WINDOWS\WIN.INI]

and the DOS edit program will come up.  Choose "Search" and hit "Find" and 

then tell it to find ARM and make sure it's NOT on match whole word only.

Delete any line with ARM in it that looks like a part of ArmorGuard.  This 

should prevent it from coming up on Windows.

*******IF NONE OF THIS WORKS, YOU HAVE TO TAKE THE READ-ONLY AND ARCHIVE

ATTRIBUTES OFF OF THE WIN.INI, SYSTEM.INI, AUTOEXEC.BAT, AND CONFIG.SYS FILES

BY HITTING [ATTRIB -A -R (c:\WHATEVERFILE.YOUWANTTODOTHISTO)]

*******I'D ALSO RECOMMEND EDITING THE AUTOEXEC.BAT FILE TO PREVENT ARMGUARD

FROM EVER COMING UP AGAIN.

****************THINGS TO DO AFTER HACKING ARMORGUARD***********

Hmmm....

USE YOUR IMAGINATION!

Think of this:  Hit "shut down in MS-DOS mode" or start up in MS-DOS mode,

put your boot disk in drive a: and hit the following commands

[A:]

[FORMAT C:]

and then confirm this.  You have just started the permanent erasing of 

EVERYTHING on the hard drive.  You can also do some other cool stuff with 

it too, just basically IF YOU WOULD DO IT TO SOMEONE YOU HATE, DO IT TO

WAL-MART.  Personally, I'd think that INSTEAD OF ERASING THE HARD DRIVE, I'D

WRITE A VIRUS AND PUT IT ON THE COMPUTER.  THAT WOULD REALLY BE MORE FUN. 

JUST STORE IT ON A FLOPPY AND COPY IT.  

HAVE FUN, DON'T GET CAUGHT.

SINCERELY, 

RAGHIB(RAGS)

Tweet

Hacking Webpages

Hacking Webpages

Getting the Password File Through FTP

Ok well one of the easiest ways of getting superuser access is through

anonymous ftp access into a webpage. First you need learn a little about

the password file...

root:User:d7Bdg:1n2HG2:1127:20:Superuser

TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh

BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh

This is an example of a regular encrypted password file. The Superuser is

the part that gives you root. That's the main part of the file.

root:x:0:1:Superuser:/:

ftp:x:202:102:Anonymous ftp:/u1/ftp:

ftpadmin:x:203:102:ftp Administrator:/u1/ftp

This is another example of a password file, only this one has one little

difference, it's shadowed. Shadowed password files don't let you view or

copy the actual encrypted password.  This causes problems for the password

cracker and dictionary maker(both explained later in the text). Below is

another example of a shadowed password file:

root:x:0:1:0000-Admin(0000):/:/usr/bin/csh

daemon:x:1:1:0000-Admin(0000):/:

bin:x:2:2:0000-Admin(0000):/usr/bin:

sys:x:3:3:0000-Admin(0000):/:

adm:x:4:4:0000-Admin(0000):/var/adm:

lp:x:71:8:0000-lp(0000):/usr/spool/lp:

smtp:x:0:0:mail daemon user:/:

uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:

nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico

listen:x:37:4:Network Admin:/usr/net/nls:

nobody:x:60001:60001:uid no body:/:

noaccess:x:60002:60002:uid no access:/:

webmastr:x:53:53:WWW Admin:/export/home/webmastr:/usr/bin/csh

pin4geo:x:55:55:PinPaper Admin:/export/home/webmastr/new/gregY/test/pin4geo:/bin/false

ftp:x:54:54:Anonymous FTP:/export/home/anon_ftp:/bin/false

Shadowed password files have an "x" in the place of a password or sometimes

they are disguised as an * as well.

Now that you know a little more about what the actual password file looks

like you should be able to identify a normal encrypted pw from a shadowed

pw file. We can now go on to talk about how to crack it.

Cracking a password file isn't as complicated as it would seem, although the

files vary from system to system. 1.The first step that you would take is

to download or copy the file. 2. The second step is to find a password

cracker and a dictionary maker. Although it's nearly impossible to find a

good cracker there are a few ok ones out there. I recomend that you look

for Cracker Jack, John the Ripper, Brute Force Cracker, or Jack the Ripper.

Now for a dictionary maker or a dictionary file...  When you start a

cracking prog you will be asked to find the the password file. That's where

a dictionary maker comes in. You can download one from nearly every hacker

page on the net.  A dictionary maker finds all the possible letter

combinations with the alphabet that you choose(ASCII, caps, lowercase, and

numeric letters may also be added) .  We will be releasing our pasword file

to the public soon, it will be called, Psychotic Candy, "The Perfect Drug."

As far as we know it will be one of the largest in circulation. 3. You then start up the cracker and follow the directions that it gives

you.

The PHF Technique

Well I wasn't sure if I should include this section due to the fact that

everybody already knows it and most servers have already found out about

the bug and fixed it. But since I have been asked questions about the phf

I decided to include it.

The phf technique is by far the easiest way of getting a password file

(although it doesn't work 95% of the time). But to do the phf all you do

is open a browser and type in the following link:

http://webpage_goes_here/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd 

You replace the webpage_goes_here with the domain. So if you were trying to

get the pw file for www.webpage.com you would type:

http://www.webpage.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd

and that's it! You just sit back and copy the file(if it works).

The best way to get root is with an exploit. Exploits are explained in the

next chapter.

Tweet

8 People Can Use The Same Msn Dial Up Account

8 People Can Use The Same Msn Dial Up Account

its easy really. want to have an entire family on dial-up with just one bill?

step one. purchase 20 dollar a month subscription to MSN unlimited access dial up. This will include an MSN 9 cd which you will need. With the software installed, fill up your secondary account slots with new users. Make sure you pick @msn if it gives you the choice, hotmail email addresses will not work..

say the secondary account is johnsmith@msn.com type in the Dial up connection

USER : MSN/johnsmith

PASS: ******* (whatever)

connect to your local msn phone number and the other people you gave secondary accounts to will be able to do the same, while you are connected. Its a sweet deal considering everyone is paying about 2 bucks a month for internet access, especially if you cannot get broadband. if you wanted to sell off the access to people you could actually make money doing this.. but i do not suggest it.

I used to be an msn tech and this was a little known secret even to most of the employees.

After you do this you do not need the software any more. I would suggest keeping it on to micromanage everyone else's accounts. and for the simple fact that if they don't pitch in, cut them off HEHEHE

i'm on broadband now so i dont care if i tell you my little secret. anyone else knew of this?

Backtracking EMAIL Messages

Backtracking EMAIL Messages  

Tracking email back to its source: Twisted Evil

cause i hate spammers... Evil or Very Mad

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I've changed my email address and the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.

Return-Path: <s359dyxtt@yahoo.com>

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])

by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7

for <davar@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>

From: "Maricela Paulson" <s359dyxtt@yahoo.com>

Reply-To: "Maricela Paulson" <s359dyxtt@yahoo.com>

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"

According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.

Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)

12.0.0.0 - 12.255.255.255

Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)

12.218.168.0 - 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15

# Enter ? for additional hints on searching ARIN's WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost

Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com

Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom's web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host's IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.