heres something cool

[grimdesire]

i just joined this site and i dont know if anyone knows about this stuff or not, its very simple and helpful.

first off hacking a pass on windows xp, open command prompt, type in: net user administrator *

type this exactly as above, it will then ask you to set password type the password in the command prompt it will not show up but it

is typing it, hit enter after typing the password you want, and it will ask that you confirm it do so, wow you just changed the password.

must be logged in as administrator to do this.

also how to beat a school filter, first open notpad and type:

ping *the website name*

pause ::

after typing this save it as, *name*. bat, save it to your desk top

now after its on desktop click on it and run it, it will ping the site with 32 bits of data, and will receive packets from the site

it will display a number, eg.  280. 190. 98. 12, type the number it displays into address bar in internet and your done the page should load even if its

blocked.

[VaKo]

Thats not going to be any use if the box the sites on uses virtual hosting now is it?

[SomeoneE1se]

...wow...

[digip]

:shock: I am not even trying to make fun, but seriously, did some one here on the forums create that account just to post that as a spoof?

Otherwise, few things. The first part about changing the password is just the way to do it from a command prompt instead of using the GUI.

ex's: http://www.petri.co.il/change_user_passwor...mand_prompt.htm

and Second, using the IP address only works if the filtering software does not vaildate through DNS. You could even do the old sci-calculator trick and write it out in binary>octet and it should still filter it out, but it depends on the filtering software in use. Most schools are pretty lax on this sort of thing to begin with.

third: 280. 190. 98. 12 is nto a real IP address. They do not go beyond 255.255.255.255 "280" is not possible. But Lets say the address was www.hak5.org and it resolved to 74.208.74.96 you could also write it as http://1255164512/ Lets try that again, since Hak5 blocks Obfuscated ip addresses. Now, if it were GOOGLE, then:

http://www.google.com resolves to 209.85.173.147 which resolves to 11010001010101011010110110010011 which resolves to http://3512053139/

If anyone wants to know how this works let me know if you can't figure it out: http://3512053139/ = google.com

[SmoothCriminal]

http://bp2.blogger.com/_TVfEjAyW4Fk/RzumZQusGkI/AAAAAAAAENE/ZmHKqT0jdoA/s400/1.jpg[/img]

Is this to harsh?

[Deveant]

If anyone wants to know how this works let me know if you can't figure it out: http://3512053139/ = google.com

Lets see how long i pee?

[digip]

If anyone wants to know how this works let me know if you can't figure it out: http://3512053139/ = google.com

Lets see how long i pee?

A little VB6 app I created that does this easily: http://www.twistedpairrecords.com/digip/Obfuscated.rar

Anyone like to help me make one in a bat script? Without the urine... ;)

[leetninja]

Just for kicks....

http://www.forumspile.com/Misc-Failure.jpg[/img]

[unasoto]

also how to beat a school filter, first open notpad and type:

ping *the website name*

pause ::

after typing this save it as, *name*. bat, save it to your desk top

now wouldn't the filter block the ping?

[SomeoneE1se]

also how to beat a school filter, first open notpad and type:

ping *the website name*

pause ::

after typing this save it as, *name*. bat, save it to your desk top

now wouldn't the filter block the ping?

only if it filters DNS too, a lot don't

[Sparda]

The ping only serves to resolve the host name. A filtered DNS server would do this but a unfiltered DNS server with a proxy that blocks by host name won't.

[digip]

I started part of a bat script I am working on to do what I did above.

I have parsed out the first part of the ip address from the ping command and put each section into a variable. Now I need a routine to take each variable and do the convertins sections. First each variable needs to converted from a number to binary string. Then each string needs to be padded with 0's on the fron of each string to make each string 8 numbers long, so if one of the converted numbers was say 127 it would need to be converted to "1111111" which would need to be padded to "01111111"

Then I need to combine each to one long binary string. ex "01111111" +  "01111111" + "01111111" +  "01111111" would become

"01111111011111110111111101111111"

Then take the binary and convet it back to plain text which would become "2139062143" and then used as "http://2139062143"

Here is what I came up with so far but still need all the asc to binary and back, etc:

:top
@echo off
cls
SET /P website="What site to ping: "
cls
::PING %website% 
FOR /F "usebackq tokens=2 delims=[]" %%i in (`ping -n 1 %website%`) do set foundip=%%i

echo IP Address resolves to %foundip%

FOR /F "tokens=1,2,3,4 delims=...." %%i in ('echo .%foundip%') do @echo %%i %%j %%k %%l

::in need of a routine for converting string to binary bases and then combine and then convert back to whole number::

:retry
set /p query="Try another address. Y/N: "
if %query% == Y goto:top
if %query% == y goto:top
if %query% == N goto:bottom
if %query% == n goto:bottom
cls
goto:retry

:bottom

Some of you are probably asking why I am trying to do this in a bat script, but I just want to see if it can even be done and learn how to do it in a bat script. I did it in vb6, but that was way too easy....

My next challenge is going to make it in PHP. PHP seems even easier though since a lot of the converting functions are built into php.

[soulbleed]

I'll work on the nt shell version and post back when it's done.

[natural_orange]

Using " Net Administrator *"  is not hacking in anyway shape or form. Using a password reset floppy/cd is more of a hack than that.

Also:

I just wrote a VB.NET app to convert a hostname to an integer ipaddress.  Although this won't work for anything that uses host headers (shared hosting).

If you put the http://1086311198 into the Run Command, it will convert it to an ipaddress before sending it to your browser.

[digip]

Just made a little one in PHP. Need someone to add a few lines to the ip address section to strip out characters that are not numbers. I was lazy and left it open to letters, which would not work for obviosu reasons, but it works if you enter the numbers correctly.

<html>
<head>
<title>Obfuscate IP Address</title>
</head>
<body bgcolor="white" link="red" vlink="gray">
<font color="#97C0C1" >
<center>
<BR><BR><BR>
URL Obfuscation in PHP
<BR><BR>
<table border="0"><TR><TD valign="top" align="center">
<font color="#97C0C1" >
<form id="Form0" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<input type="text" name="Domain" value="" size="22" /><input type="submit" name="Form0_Submit" value="Get Ip Address"></form>
<?

if ($_POST['Domain'] == ""){
echo ""; }
else {
echo " ".gethostbyname($_POST['Domain']);
}

?>
<BR><BR>
</tr>
</td>

<tr>
<TD valign="top" align="center">
<BR><BR>
<font color="#97C0C1" >
<form id="Form1" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
IP Address : 
<input type="text" name="Phrase1" value="" size="3" maxlength="3" /> 
<input type="text" name="Phrase2" value="" size="3" maxlength="3" /> 
<input type="text" name="Phrase3" value="" size="3" maxlength="3" /> 
<input type="text" name="Phrase4" value="" size="3" maxlength="3" /> 

<input type="hidden" name="SubmitCheck" value="sent" />
<input type="Submit" name="Form1_Submit" value="oBfuscate iT" /></form>
<font color="#97C0C1">
<?php
if($_POST['Phrase1'] == "") {
echo ""; }
else {
/*echo ($_POST['Phrase1'] . " " . sha1($_POST['Phrase1']));*/
/*$p1 = "00000000".decbin($_POST['Phrase1']);*/
$p1 = str_pad(decbin($_POST['Phrase1']),8,"0",STR_PAD_LEFT);
$p2 = str_pad(decbin($_POST['Phrase2']),8,"0",STR_PAD_LEFT);
$p3 = str_pad(decbin($_POST['Phrase3']),8,"0",STR_PAD_LEFT);
$p4 = str_pad(decbin($_POST['Phrase4']),8,"0",STR_PAD_LEFT);
$binBack = $p1.$p2.$p3.$p4;
echo  $p1.$p2.$p3.$p4;
echo ("<BR><a href='http://". bindec($binBack). "/' target='new'>http://" . bindec($binBack) ."/</a></font>");
}
?>
<BR>
</td></tr></table></center>
</body>
</html>

There may be a few errors in there but nothing that keeps it from working. I do every thing in Notepad so it's hard to go through and see when your missing the little things that aren't highlighted like in most editors.

Can anyone recommend a good editor with color highlighting for tags, etc...

[remkow]

Can anyone recommend a good editor with color highlighting for tags, etc...

I use notepad++ for almost everything and I love it =)

[digip]

Can anyone recommend a good editor with color highlighting for tags, etc...

I use notepad++ for almost everything and I love it =)

Thank you. That makes things SO much easier when elements are highlighted. I often forget things like semicolons in php and this makes it easier to spot mistakes in my code.

[jollyrancher82]

I am assuming the cool part is still to come for this post.

[VaKo]

i think the cool boat sank on route

[soulbleed]

Digip, here's the batch version.

@echo off
setlocal enableextensions

if "%1" == "" (
  echo.
  echo Usage: %~n0 [Host name]
  goto :eof
)
ping -n 1 %1 > nul
if errorlevel 1 (
  echo Host not found or not alive && goto :eof
)

for /f "tokens=2 delims=[]" %%f in ('ping -n 1 %1') do (
  for /f "tokens=1-4 delims=." %%a in ("%%f") do (
    set octet=%%a
    set octet1=%%b
    set octet2=%%c
    set octet3=%%d
  )
)

findstr "'%skip%VBS" "%~f0" > %temp%tmp$$$.vbs
cscript //nologo %temp%tmp$$$.vbs %octet% %octet1% %octet2% %octet3% > %temp%tmp$$$.bat

call %temp%tmp$$$.bat
echo. & echo %1 in binary = %bin_%.%bin_1%.%bin_2%.%bin_3%
set /a int=(%octet% * 16777216) + (%octet1% * 65536) + (%octet2% * 256) + (%octet3%)
echo %1 as integer = %int%
echo %1 as IP address = %octet%.%octet1%.%octet2%.%octet3%

for %%f in (%temp%tmp$$$.vbs %temp%tmp$$$.bat) do (
   if exist %%f (
     del %%f
   )
)
endlocal & goto :eof
'
number=Wscript.Arguments.Unnamed(0)                'VBS
base=2                                'VBS
digit="0123456789ABCDEF"                    'VBS
result=""                            'VBS
while number <> 0                        'VBS
  i = number -base * int(number/base)                'VBS
  result = mid(digit,i+1,1) & result                'VBS
  number= int(number/base)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_=" & Right("000000000" & result ,8)    'VBS

number1=Wscript.Arguments.Unnamed(1)                'VBS
base1=2                                'VBS
digit1="0123456789ABCDEF"                    'VBS
result1=""                            'VBS
while number1 <> 0                        'VBS
  i = number1 -base1 * int(number1/base1)            'VBS
  result1 = mid(digit1,i+1,1) & result1                'VBS
  number1= int(number1/base1)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_1=" & Right("000000000" & result1 ,8)    'VBS

number2=Wscript.Arguments.Unnamed(2)                'VBS
base2=2                                'VBS
digit2="0123456789ABCDEF"                    'VBS
result2=""                            'VBS
while number2 <> 0                        'VBS
  i = number2 -base2 * int(number2/base2)            'VBS
  result2 = mid(digit2,i+1,1) & result2                'VBS
  number2= int(number2/base2)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_2=" & Right("000000000" & result2 ,8)    'VBS

number3=Wscript.Arguments.Unnamed(3)                'VBS
base3=2                                'VBS
digit3="0123456789ABCDEF"                    'VBS
result3=""                            'VBS
while number3 <> 0                        'VBS
  i = number3 -base3 * int(number3/base3)            'VBS
  result3 = mid(digit3,i+1,1) & result3                'VBS
  number3= int(number3/base3)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_3=" & Right("000000000" & result3 ,8)    'VBS

The VBScript could be in a for loop, but since I don't know any VBScript, (except what I learned writing this script) I didn't know how to do it.

[digip]

Digip, here's the batch version.

@echo off
setlocal enableextensions

if "%1" == "" (
  echo.
  echo Usage: %~n0 [Host name]
  goto :eof
)
ping -n 1 %1 > nul
if errorlevel 1 (
  echo Host not found or not alive && goto :eof
)

for /f "tokens=2 delims=[]" %%f in ('ping -n 1 %1') do (
  for /f "tokens=1-4 delims=." %%a in ("%%f") do (
    set octet=%%a
    set octet1=%%b
    set octet2=%%c
    set octet3=%%d
  )
)

findstr "'%skip%VBS" "%~f0" > %temp%tmp$$$.vbs
cscript //nologo %temp%tmp$$$.vbs %octet% %octet1% %octet2% %octet3% > %temp%tmp$$$.bat

call %temp%tmp$$$.bat
echo. & echo %1 in binary = %bin_%.%bin_1%.%bin_2%.%bin_3%
set /a int=(%octet% * 16777216) + (%octet1% * 65536) + (%octet2% * 256) + (%octet3%)
echo %1 as integer = %int%
echo %1 as IP address = %octet%.%octet1%.%octet2%.%octet3%

for %%f in (%temp%tmp$$$.vbs %temp%tmp$$$.bat) do (
   if exist %%f (
     del %%f
   )
)
endlocal & goto :eof
'
number=Wscript.Arguments.Unnamed(0)                'VBS
base=2                                'VBS
digit="0123456789ABCDEF"                    'VBS
result=""                            'VBS
while number <> 0                        'VBS
  i = number -base * int(number/base)                'VBS
  result = mid(digit,i+1,1) & result                'VBS
  number= int(number/base)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_=" & Right("000000000" & result ,8)    'VBS

number1=Wscript.Arguments.Unnamed(1)                'VBS
base1=2                                'VBS
digit1="0123456789ABCDEF"                    'VBS
result1=""                            'VBS
while number1 <> 0                        'VBS
  i = number1 -base1 * int(number1/base1)            'VBS
  result1 = mid(digit1,i+1,1) & result1                'VBS
  number1= int(number1/base1)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_1=" & Right("000000000" & result1 ,8)    'VBS

number2=Wscript.Arguments.Unnamed(2)                'VBS
base2=2                                'VBS
digit2="0123456789ABCDEF"                    'VBS
result2=""                            'VBS
while number2 <> 0                        'VBS
  i = number2 -base2 * int(number2/base2)            'VBS
  result2 = mid(digit2,i+1,1) & result2                'VBS
  number2= int(number2/base2)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_2=" & Right("000000000" & result2 ,8)    'VBS

number3=Wscript.Arguments.Unnamed(3)                'VBS
base3=2                                'VBS
digit3="0123456789ABCDEF"                    'VBS
result3=""                            'VBS
while number3 <> 0                        'VBS
  i = number3 -base3 * int(number3/base3)            'VBS
  result3 = mid(digit3,i+1,1) & result3                'VBS
  number3= int(number3/base3)                    'VBS
Wend                                'VBS
Wscript.Echo "@set bin_3=" & Right("000000000" & result3 ,8)    'VBS

The VBScript could be in a for loop, but since I don't know any VBScript, (except what I learned writing this script) I didn't know how to do it.

That was actually pretty damn cool. I don't care what the others say, even if it's not "uber leet" code or something, I still got something out of it. I like how you combined all the wscript at the bottom instead of a seperate file that gets called in. Also how you made it seem like a .com file with the whole "Usage: %~n0 [Host name]" part. Slick!

[digip]

I am assuming the cool part is still to come for this post.

Sorry we are all not smart enough to write our own OS but some of us are still learning...