Tuesday, May 26, 2009

how to bypass Pc Security all versions

hi all,
about 6 months ago in our college they decided to restrict us with some kind of software which is its task is to lock folders and drives and so many other cool things.
well on that time I wasn't so curious about that until one of my friend told me that he is in trouble with these kind of crappy restrictions.

after that I start to investigation on "pc security" and the solution was simple and funny.

when you install this s/w on your computer it will put 2 exe files in your windows directory and startup called:

winwd.exe
sdeamon.exe

and if you bring on the task manager you gonna find them there and if you try to end task these two files you will see they gonna start their job again.

well at first try I start to rename them from windows directory and then try to kill them from task manager and BINGO it was successful try.
it is quite easy first try to rename or delete these two files from windows directory then kill them from task manager.
I also write a tiny c++ code for automating this task :

//code in vc++.net 2008
int _tmain(int argc, _TCHAR* argv[])
{
TCHAR windiro[INFO_BUFFER_SIZE];
TCHAR windir[INFO_BUFFER_SIZE];
TCHAR exec[8];
TCHAR s1[]=_T("\\sdeamon.exe");
TCHAR s2[]=_T("\\winwd.exe");
_tprintf(_T("bypassing pcsecurity \n"));




GetWindowsDirectory(windir,INFO_BUFFER_SIZE);
GetWindowsDirectory(windiro,INFO_BUFFER_SIZE);
_tcscat(windir,s1);
_tcscat(windiro,s2);
_tprintf(windir);
_tprintf(windiro);

DeleteFile(windir);
DeleteFile(windiro);
HINSTANCE nr = ShellExecute(NULL,_T("open"),_T("taskkill"),_T("/f /im sdaemon.exe"),_T("C:\\"),SW_SHOWNA);
HINSTANCE nr1 = ShellExecute(NULL,_T("open"),_T("taskkill"),_T("/f /im winwd.exe"),_T("C:\\"),SW_SHOWNA);
if (nr == 0)
_tprintf(_T("successful"));
else
_tprintf(_T("unsuccessful"));
int i;
_tscanf(exec);
return 0;

}

Njoy.

how to execute asp.net files with different extension

Hi again.
You might be wondering that sometimes some websites choose different extensions for their web pages as an instance their web site is build by asp.net and you are supposed to see aspx extension at the end of their address but it is not like that you will see something like acme.

Well here I'm gonna show you how to make change.
thanks to the Microsoft and his new understanding of how to build our life easier, this job will done only in matter of 5 minutes or less .

go to your WINDOWS\Microsoft.NET\Framework\{frame work version}\CONFIG

here you will find the heart of your asp.net config files such as machine.config , web.config , etc...

open web.config

and follow the below XML file





<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>

<handlers>
<add name="ASPNETLikeHandler-Classic" path="*.acme"
verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll"
requireAccess="Script" preCondition="classicMode,runtimeVersionv2.0,bitness32"
/>
<add name="ASPNETLikeHandler" path="*.acme"
verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.PageHandlerFactory" modules="ManagedPipelineHandler"
requireAccess="Script" preCondition="integratedMode" />
</handlers>

<validation validateIntegratedModeConfiguration="false" />
</system.webServer>

<system.web>
<compilation>
<buildProviders>

<add extension=".acme" type="System.Web.Compilation.PageBuildProvider"
/>
</buildProviders>
</compilation>
<httpHandlers>

<add path="*.acme" type="System.Web.UI.PageHandlerFactory"
verb="*" />
</httpHandlers>
</system.web>
</configuration>




I assume that your familiar with how to make changes in web.config.
ciao.

Monday, May 25, 2009

catching captcha image part 1 C#

Hey there,
Today I had a nice experience with a spammer software which was written by c#.net and it was packed by .net reactor .
I was astonished that how come the programmer was able to trick blog site according to their captcha system.
because their way of implementing the captcha system is horribly hard to expose , sometimes I was thinking by myself that how can I mess with this captcha thing.
Well today I was lucky and got my answer and that poor programmer was unlucky .
I unpack his code and understand several things which I'm going to sum up them :
1- if you wana write a spammer most of the times you can't use webclient or webrequest classes well you should do it by the help of webBrowser or shdocvw which ever you are comfortable with.

2-suppose you navigate a site , something like "www.acmeblog.com" you should wait until the document load full in your container how can we wait that much?
using DocumentCompleted event
or
using something like following:
while (webBrowser.ReadyState != WebBrowserReadyState.Complete)
{
Application.DoEvents();
}
until it is loaded it is not going to do anything except loading your page.

I cross my heart that just two things I've learnt from that lame programmer, I got rest of these tips by my own A$$:

3-In some websites getting captcha picture is a hard job first of all maybe it's not going to show itself at first until you fire some other events like focusing on some textbox or clicking a button well you should use a bit of knowledge of how to deal with javascript and how to find the badboy in a goodplace, well I did it by the help of firefox and firebug to find the which script was being run (I'm not gonna teach how to use firebug).

to execute the script by your self and on your own way you can accomplish this task by using :
WebBrowser.Document.InvokeScript("your_script_name");

4-sometimes the web designers fantasize that they are very clever and they can do something that no one else can do that in all around the world !
can you imagine how stupid they are???
well they are going to show captcha image without any name or id tag i mean something like below:


< src="hxxp://acmeblog.com/comments/Captcha.ashx?6233633">



as you can see there is no clue that gonna help us to get the src tag.
well how can we overcome this problem? easy peasy japanesey

with the help of foreach{} statement and search inside htmlelement we can find out our sweat captcha , you can see in the following :

foreach (HtmlElement img in wb.Document.Images)
{

isitcaptcha = img.OuterHtml.IndexOf("Captcha", 0);
if (isitcaptcha > 0)
{
captchaimg = img.OuterHtml.ToString();
.
.
.

5-well we've got our captcha source till now, then we have to be nimble and show this captcha quickly otherwise again the web designer will think that he was much smarter than you.
by showing the image inside a webBrowser you can have a copy of that captch on your own.

6-last and worth one : how to save that goddamn captch image out of my webbrowser?
believe me or not it is a very tedious job I was searching around 6 hours through the libraries (I mean .net library not a goddamn ordinary library where people going there and read Harry Potter)
Internet and my books until I found this useful webblog and his tricky way of saving webbrowser pictures.

below you can find a very first edition of what I've done :

http://rapidshare.com/files/237216229/spam_test.rar


inside code you will find a bunch of comments nonsense don't worry they are written in Persian and they won't harm you ;)

next episode I will teach you how to OCR captcha and retrieve it as a text :D

ciao.