Saturday, November 29, 2008

Rapidshare Free Download

WITHOUT premium account,you can download multiple files..no need to wait!
It also provides resume support for rapidshare links. Just copy-paste links into it and start downloading.

Download


http://rapidshare.com/files/58312296/BestRapidshareDownloader.zip.html
Posted by at No comments:

Regedit Disable Or Enabled Manually

'Enable/Disable Registry Editing tools
'© Doug Knox - rev 12/06/99

Option Explicit

'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools are now "

'This section tries to read the registry key value. If not present an
'error is generated. Normal error return should be 0 if value is
'present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
'Create the registry key value for DisableRegistryTools with value 0
WSHShell.RegWrite p, 0, itemtype
End If

'If the key is present, or was created, it is toggled
'Confirmations can be disabled by commenting out
'the two MyBox lines below

If n = 0 Then
n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If



Create the Notepad.txt
Copy & Paste this content in Notepad and save it .vbs extension.(Notepad.vbs)
Then double-click on it.One Message will appears...
If your regedit enable it will going to disable..
If your regedit disable it will going to enable..
Posted by at No comments:

Rootkit & backdoor in vb6.

Any body interested in rootkit.i have made a rootkit with a backdoor it's simple.i coded in vb6.The running backdoor process do not view in 'Task Manager' and any other process viewer.The backdoor just open 2 TCP port in ur computer (9800,9898),one for command passing and another File Sending.

I used a Kernel Mode drivers for changing _EPROCESS structure(for hiding the process).because it has an administrative privileged.
The Structure Of _EPROCESS is given below.
typedef struct _EPROCESS
{
/*000*/ KPROCESS Pcb;
/*06C*/ NTSTATUS ExitStatus;
/*070*/ KEVENT LockEvent;
/*080*/ DWORD LockCount;
/*084*/ DWORD d084;
/*088*/ LARGE_INTEGER CreateTime;
/*090*/ LARGE_INTEGER ExitTime;
/*098*/ PVOID LockOwner;
/*09C*/ DWORD UniqueProcessId;
/*0A0*/ LIST_ENTRY ActiveProcessLinks;
the ...
list goes on... }
EPROCESS;


and the LIST_ENTRY is


typedef struct _LIST_ENTRY
{
struct _LIST_ENTRY *Flink;
struct _LIST_ENTRY *Blink;
}
LIST_ENTRY;
hear the Flink is forword to the next PID of the Process which will be hidden
and backword to previous PID of the porcess.
Posted by at 4 comments:

Ultimate windows and pc tips tricks tweaks and hacks: email tracking

Ultimate windows and pc tips tricks tweaks and hacks: email tracking
Posted by at No comments:
Subscribe to: Comments (Atom)