How to Crack the Account Password on Any Operating System

Computer passwords are like locks on doors – they keep honest people honest. If someone wishes to gain access to your laptop or computer, a simple login password will not stop them. Most computer users do not realize how simple it is to access the login password for a computer, and end up leaving vulnerable data on their computer, unencrypted and easy to access.

Are you curious how easy it is for someone to gain access to your computer? If so, read on to see the technique one might use to figure out your computer password.

Windows 
Windows is still the most popular operating system, and the method used to discover the login password is 
the easiest. The program used is called Ophcrack, and it is free. Ophcrack is based on Slackware, and uses rainbow tables to solve passwords up to 14 characters in length. The time required to solve a password? Generally 10 seconds. The expertise needed? None.
Simply download the Ophcrack ISO and burn it to a CD (or load it onto a USB drive via UNetbootin). Insert the CD into a machine you would like to gain access to, then press and hold the power button until the computer shuts down. Turn the computer back on and enter BIOS at startup. Change the boot sequence to CD before HDD, then save and exit.

The computer will restart and Ophcrack will be loaded. Sit back and watch as it does all the work for your. Write down the password it gives you, remove the disc, restart the computer, and log in as if it were you own machine.

Mac

The second most popular operating system, OS X is no safer when it comes to password cracking then Windows.

The easiest method would be to use Ophcrack on this, also, as it works with Mac and Linux in addition to Windows. However, there are other methods that can be used, as demonstrated below.

If the Mac runs OS X 10.4, then you only need the installation CD. Insert it into the computer, reboot. When it starts up, select UTILITIES > RESET PASSWORD. Choose a new password and then use that to log in.

If the Mac runs OS X 10.5, restart the computer and press COMMAND + S. When at the prompt, type:

fsck -fy

mount -uw /

launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist

dscl . -passwd /Users/UserName newpassword


That’s it. Now that the password is reset, you can login.

Linux

Finally, there is Linux, an operating system quickly gaining popularity in mainstream, but not so common you’re likely to come across it. Though Mac and Linux are both based on Unix, it is easier to change the password in Linux than it is OS X.

To change the password, turn on the computer and press the ESC key when GRUB appears. Scroll down and highlight ‘Recovery Mode’ and press the ‘B’ key; this will cause you to enter ‘Single User Mode’.

You’re now at the prompt, and logged in as ‘root’ by default. Type ‘passwd’ and then choose a new password. This will change the root password to whatever you enter. If you’re interested in only gaining access to a single account on the system, however, then type ‘passwd username’ replacing ‘username’ with the login name for the account you would like to alter the password for.

Conclusion

There you have it – that is how simple it is for someone to hack your password. It requires no technical skills, no laborious tasks, only simple words or programs. The moral of the story? Encrypt your data to keep it safe. Don’t use only a password, but actually encryption, such as Blowfish or AES-128. There are a number of programs that can do this – TrueCrypt for Windows, or the native encryption found on Ubuntu, creating a disk image in Mac, etc.

Hibernate - Enable or Disable (restore or delete the hiberfil.sys file)

This tutorial will show you how to enable or disable hibernate and restore or delete the hiberfil.sys file inWindows 7 and Windows 8.

When hibernate is disabled, the Hibernate option is missing from the Start Menu (Windows 7 only), Shut Down Windows dialog, Power menu (Windows 8 only) and the Advanced Power Plan Options.

You must be logged in as an administrator to be able to do the steps in this tutorial.

Note

By default, the size of the hidden protected OS hibernation file (C:\hiberfil.sys) is 75% of the total amount of installed RAM on your computer.


Tip

You can set your computer to either use or not use the Hybrid or Hibernate sleep mode option from the Advanced Power Plan Options.
In Windows 7, you will only see Hibernate listed in the Start Menu power button arrow menu if you have Hybrid turned off in the Advanced Power Plan Options.

OPTION ONE 

To Enable or Disable Hibernate in a Elevated Command Prompt

1. To Enable Hibernate
NOTE: This step will restore the hiberfil.sys file, and the Allow hybrid sleep and Hibernate after Power Options underSleep.
A) Open a Elevated Command Prompt.

B) In the elevated command prompt, type powercfg -h on and press Enter.

C) Close the elevated command prompt.

D) If you would also like to have hibernate turned on, then you will also need do to step 2 in OPTION FOUR below.

2. To Disable Hibernate
NOTE: This step will disable hibernation, delete the hiberfil.sys file, and remove the Allow hybrid sleep and Hibernate afterPower Options under Sleep. This will also disable fast startup in Windows 8.


1. Open a Elevated Command Prompt.

2. In the elevated command prompt, type powercfg -h off and press Enter.

3. Close the elevated command prompt.


OPTION TWO 

To Enable or Disable Hibernate in Registry Editor
1. Open the Start Menu, type regedit in the search box, and press Enter.

2. In regedit, navigate to the location below.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power

3. In the right pane of the Power key, double click/tap on HibernateEnabled, and do step 4 or 5 below for what you would like to do.

4. To Enable Hibernate

NOTE: This step will restore the hiberfil.sys file, and the Allow hybrid sleep and Hibernate after Power Options underSleep.

A) Type in 1, and click/tap on OK.

B) Go to step 6.

5. To Disable Hibernate

NOTE: This step will disable hibernation, delete the hiberfil.sys file, and remove the Allow hybrid sleep and Hibernate afterPower Options under Sleep. This will also disable fast startup in Windows 8.

A) Type in 0 (zero), and click/tap on OK.

B) Go to step 6.

6. Close regedit, and restart the computer to apply the changes.

7. If you would also like to have hibernate turned on, then you will also need do to step 2 in OPTION FOUR below.


OPTION THREE

To Turn Hibernate On or Off in Power Options


NOTE: This option does not disable hibernate, but only turns it on or off for your power plan.

1. Do either step 2 or 3 below for what you would like to do.

2. To Turn On Hibernate

NOTE: You could also use a hibernate shortcut to manually put the computer into hibernation instead or in addition to this option.

A) If you have not already, then you will need to enable hibernate using either OPTION ONE, OPTION TWO, orOPTION THREE above first.

B) Open the Advanced Power Plan Settings for your power plan, then expand Sleep.

C) Under Hibernate after, set the Setting (Minutes) to how many minutes you want your computer to sit idle for before it goes into hibernation.

D) Go to step 4.

3. To Turn Off Hibernate 

NOTE: If you disabled hibernate using OPTION 1, 2, or 3 above, then there's no need to do this since Hibernate after andAllow hybrid sleep will no longer be listed in your power options.
A) Open the Advanced Power Plan Settings for your power plan, and expand Sleep.

B) Under Hibernate after, set the Setting (Minutes) to Never.

C) Under Allow hybrid sleep, set Setting to Off.

D) Go to step 4.
4. When finished, click/tap on OK.

That's it.

All about installing and Configuring WordPress


WordPress is perhaps the best free, open-source blogging script, provided with the ultimate flexibility of using your own server and domain name, without the compulsion to display any credits/links.

WordPress is the most widely used blogging software, powering more than 70 million blogs.

All right Sparky, let’s install WordPress

It must be installed on a web hosting server. For the fastest possible install, I recommend using paid hosting as you simply click on a button (usually in CPanel->Fantastico) to get it running.
The above is the easy way of installing WordPress and having a blog ready in 5 minutes.
If you like to install your blog manually (which is recommended for experienced users), follow the simple steps:
  1. Get domain name and hosting
    Hosting providers can be easily found from the wordpress.org website’s recommended list. Most hosting providers will give away a free domain, or you can buy one from name.com, godaddy, bigrock, etc.
  2. Access the cPanel or other management utility on your hosting account.
  3. Create MySQL database
    • Click on MySQL Databases, click Create New Database (name it anything you like, note it down)
    • Create a new user and assign all permissions to this user on the previous database. Note the name of user as well.
  4. Access the file manager or use FTP.
    • Download the latest wordpress installation zip from wordpress.org
    • Upload it to your server through the file manager.
    • Unzip it in the directory “public_html”, or if you are more experienced and know what you are doing, chose any directory you like.
    • IF you used FTP, you’ll need to upload the unzipped files.
  5. Go to http://your-domain/ or if you chose a custom directory while extracting, go to that path.
  6. Follow the on-screen instructions.
    • When asked for MySQL database name and user name, enter what you noted earlier.
    • For MySQL server, enter localhost (this will work in 99.9% cases. If not ask your hosting company for this)
    • Choose the admin accounts username and password.
    • DO NOT CHOOSE “admin” as the username (this makes it easiest to hack into your blog)
    • Choose a title for your blog, a description, a valid email, and make sure to tick on make my blog visible on search engines (obviously, if you intend to do so)
  7. Go to the settings menu and make sure all settings are according to your preferences.
    • Create a Backup User User With Administrative Privilege
      Though not necessary, it is recommended to create a new user so that just in case someone thinking himself to be smart tries to compromise your blog, you can gain it again.
    • Change Blog Title & Tag Line (if you didn’t do this earlier)
      Your blog is not “just another wordpress blog”. Make it unique and give it a nice title and tag line, so that people visit it more than a single time. To do that go to Settings -> General and update the information there.
    • Disable Option For Anyone To Register
      Unless you want people to register and spam your site, you do not require this feature, go to Settings –> General and uncheck the checkbox next to “Anyone Can Register” and save it.
      If you want to make an interactive blog, with comments, and don’t want to moderate loads of spam, I HIGHLY RECOMMEND using disqus commenting system (don’t worry, it’s all free and takes seconds to setup. Just search for disqus in Plugins->add New->Search)
    • Setup your Timezone, Date & Time Format
      On the general settings page, setup the timezone for your country and change the date & time format that you’re most comfortable with (I like dd/mm/yyyy).
    • Configure Writing  Settings
      Go to Options –> Writing and configure how you want the write panel to display, and also other options related to converting content and correcting improper HTML in the post to be XHTML valid (recommended if you have a habit of copying html content from other websites).
    • Remote Publishing
      If you plan to publish posts from a client like word or any other external editor, you will have to enable remote publishing, without which you will not be able to publish using a external tool or device.
      If you want to blog using email, you can also set that up on this page.
    • Add Ping Servers
      Whenever you publish a new post, people will not have dreams of you posting it. Luckily, WordPress allows bloggers to automatically ping loads of services whenever you publish a post.
      In the Settings –> Writing options page you can enter a list of Update services WordPress needs to ping when you write a new post.

    • Setup Reading Options
By default WordPress will show the latest posts on the home page, however you can also show a static page instead of it (recommended if blog is your home page), to change this go to Settings –> Reading and change the default page that should be shown when someone visits your website/blog.
You can also change the number of posts that will be displayed on each page of your blog and the number of posts that should be shown in the RSS feeds.
You can also set whether to show full or partial content in feeds, I suggest you keep it as partial content. (as full content is easy to be scraped by content scrapers)
    • Commenting, Trackbacks, Pinging & More
Whenever you write a new post for your blog, your post may include a link to another site. WordPress provides you with an option to automatically notify the other blog in the form of a trackback or pingback.
Similarly, other blogs may link to you and decide to notify your bolg. In this case WordPress has the ability to provide to send you trackbacks & pingbacks.
If you do not want this functionality,  you can go to Settings –> Discussions and disable it.
You can also customize if you want to allow other users to comment on your posts, the criteria for allowing users to comment on your posts and so on.
The avatars displayed for  commentators/you can also be changed on this page.
    • Setup Media Options For Images
      Whenever you upload a image to your blog, WordPress will re-size and display it accordingly, if you want to change the size of the thumbnails you can go to Settings –> Media.
    • Permalinks
      It is a wonder full feature of WordPress  it allows users to setup how the URL for your blog posts should look like. Optimized permalinks settings are really good for SEO.
      In addition to the available templates, you can also setup custom permalinks by using tags. An exhaustive list can be found on wordpress.org
  1. That’s it. Go to Posts->Add new and get rollin!  (You may want to remove the sample post and sample page wordpress includes for testing)

Top 15 Open Source/Free Security/Hacking Tools

1. Nmap
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap homepage.

2. Wireshark
Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. Wireshark homepage.

3. Metasploit Community edition
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners. This helps prioritize remediation and eliminate false positives, providing true security risk intelligence. Metasploit community edition homepage.

4. Nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Nikto2 homepage.

5. John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. John the Ripper homepage.

6. ettercap
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ettercap homepage.

7. NexPose Community edition

The Nexpose Community Edition is a free, single-user vulnerability management solution. Nexpose Community Edition is powered by the same scan engine as Nexpose Enterprise and offers many of the same features. Nexpose homepage.

8. Ncat
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses. ncat homepage.

9. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. kismet homepage.

10. w3af
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. w3af homepage.

11. hping
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. hping homepage.

12. burpsuite
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. BurpSuite homepage.

13. THC-Hydra
A very fast network logon cracker which support many different services.  hydra homepage.

14. sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. sqlmap homepage.

15. webscarab
WebScarab has a large amount of functionality, and as such can be quite intimidating to the new user. But, for the simplest case, intercepting and modifying requests and responses between a browser and HTTP/S server, there is not a lot that needs to be learned. WebScarab homepage.