dslogo1.gif
Home
Tutorials
Password Crackers
Dictionary/Word Lists
Unix
Encryption
Port Scanners
Privacy/Anonymity
Trojans
Contact/About Me
The Lighter Side
Proxy Servers
Password Managers
Anti-Trojan/Virus
Personal Firewalls
Anti-Spyware
Secure File Deletion
Internet Cleanup Tools
PC Access Control
System Utilities
Email Security
Instant Messengers
Virus Creation Software
IRC
Web Development
Digital Soldier M.A.M.E
Digital Soldier Wallpaper
Digital Soldier Emulation
Digital Soldier Javascripts
Digital Soldier Games Spot

Introduction to Hacking, Part II
Hacking into Windows 9x
by euDaemon
The Liberation of Information Specialist Team
L_I_S_T@email.ro

Disclaimer (I have to do this so that I don't get into trouble): We, whoever we are at the current time, are not responsible for your actions as the result of anything, especially such things that pertain to this site. If your ignorance of local, state, and/or federal laws pertaining to anything mentioned to or hinted at by us lands you in a position you don't like (i.e prison, jail, or the liable end of a lawsuit), remember that it is not L.I.S.T., it's members, God's, Jesus's, Allah's, Jehovah's, or anybody else's responsibility but your own. We didn't make you do anything, nor would we. It is also the intention of this disclaimer that we hold to, not it's exact wording: if you think there's a legal loophole that you've found that holds us liable for you're actions, you're most likely right. However it is the spirit of this disclaimer that should be followed.

I. Introduction
II. Hacking into Windows
III. Fun stuff
IV. Conclusion


I. Introduction

You might think that hacking is extremely complicated and you need to be a rocket scientist to figure any of it out. For some hacking, this is just about true. However, if you know much about Windows at all, or MS-DOS for that matter (for those of you who have only been subjected to Windows 9x, MS-DOS (usually just called DOS) is an ancient Microsoft operating system (OS) on which Windows originally ran on top of), then you've probably hacked and not even known it. If you've ever edited a .ini file to cover your tracks on the web browser, that's a form of hacking. If you've ever edited a shareware program so that it wouldn't stop working after ten days, that's a form of hacking. If you've ever fooled with the Windows registry, that's a form of hacking. Okay, I hope that I've gotten my point across by now. For those slow people out there, my point is that hacking can be extremely easy.

For this file, I'm going to assume that you have no previous hacking experience. I'm also going to assume that you have physical access to the machine you want to work on. Now, I'm going out on a limb for you guys, because I never like to assume (If you've ever read anything by the great Dick Marcinko, you know it makes an ASS out of U and ME). Anyway, here are some very simple ways to get into Windows 9x. There is nothing advanced in here; this file is just for newbies.


II. Hacking into Windows

Okay, the very simplest way to hack into Windows 9x is this: If they don't have a CMOS password, and don't have any security programs running, you could probably just press the "Cancel" button or press <Esc> at the login window. From here you could probably do just about anything you could do if you had a username and password. Another option is to boot it up in Safe Mode. Safe Mode looks really ugly, but you can probably do whatever you want, since it doesn't need a username and password. To do this,

However, if they have some kind of security program or are smart enough to figure out enough about Windows to configure it so that you can't do anything from the default screen, you'll probably want to get your hands on a username and password. The password files are located in the C:\windows directory, and end with .pwl. What you'll want to do is hold <Shift> while the computer is booting. This is called a "bare boot." This will put you into MS-DOS. Get yourself into the C:\windows directory (type "cd windows"), then type "dir *.pwl". This will list all files ending in .pwl. Now, the first part of some of these files are usernames, and of some others the first part is a password. If you want to try matching up some usernames and passwords, go ahead. You may be able to match some. Even if you can't, the best way to learn is to try out things.

Okay, so you weren't able to match up any users and passwords. Now what? Well, you can just delete them. Before I tell you how to do this, though, know that you should make backups of them if you don't want anyone to know you've been there. If someone thinks someone else has been into their computer, the first place they'll check is the .pwl files if they know what they're doing. So, instead of deleting them, we'll just rename them: type "ren *.pwl *.xxx" (xxx can be anything you want it to be; just remember what it is). Now the computer thinks that there are no users, and you can type in any password you damn well feel like. Nifty, eh?

Now, if you try to press the keys during startup and nothing happens, it's probably because of the msdos.sys file. Probably the easiest way to break into a computer when the boot keys are disabled is to use a boot disk (speaking of which, you should have one; if you don't make one. Just go to the Control Panel, click on Add/Remove Programs, then Startup Disk. Follow the directions). Just put the disk into the floppy drive before you turn the computer on. It should start up in DOS. Type "c:" to change to drive C:\ (normally the hard drive). Now you can do whatever you want. Oh, by the way, for those of you with absolutely no experience in DOS, here's some commands ([dir] represents the name of the directory, and [path/file] represents path and file names, like c:\windows\msdos.sys):

dir                 Displays the contents of the current directory
cd [dir]            Change to sub directory [dir] ("cd.." moves up a directory)
copy [path\file] [path2\file2]    Copy file
move [path\file] [path2\file2]    Move file
ren [path\file] [path2\file2]    Rename, basically the same as move
del [path\file]            Delete file
type [path\file]        Displays file contents
edit [path\file]        Opens file in MS-DOS editor
md [dir]            Make directory [dir]

There are plenty more, but this should get you started. For help, type in "help" or "help [command]" where [command] is the command you want help on.

Okay, now that you're a DOS genius, it's time for you to edit the msdos.sys file. Make sure you made a backup just in case, make sure you're in the C:\windows directory, and type (you should know this now) "edit msdos.sys". Now, if "BootKeys=0" or "BootDelay=0" is in there anywhere, then that's what you're problem was. "BootKeys=0" will disable the boot keys, and "BootDelay=0" will give you absolutely no time to press them. Delete these from the file, then exit (press Alt+F, X). Now, everything should be fine.


III. Fun Stuff

As you should have guessed by now, the real power of Windows doesn't lie in Windows at all. Rather, it lies in DOS. Now, there are lots of fun things you can do from DOS. There are three files that are absolutely critical to any Windows machine (Actually, there are quite a few more, but I won't tell you about them yet). They are: config.sys, msdos.sys, and autoexec.bat. The config.sys, msdos.sys, and autoexec.bat files basically tell the computer what to do during the boot process. These are easily edited with the MS-DOS editor (just type "edit [filename]").

This section is for those of you who want your target to know that someone has broken into his computer.

One thing that I like to do is write an infinite batch loop, and place it in the autoexec.bat file. To do this, type "edit [whatever you want to call the damn thing].bat" at the DOS prompt. Make sure it ends in .bat. Now type in the following:

    @ECHO OFF    This tells the computer not to display what it's doing on the screen
    :Loop        You can call this whatever you want; it's just a place identifier
    ECHO You blow!    This tells the computer to display "You blow!" on the screen
    GOTO Loop    This tells the computer to go back to :Loop and run everything below it

Now, in the autoexec.bat file, type in "CALL [whatever you called it].bat". You can put this anywhere you want to in the file, as long as it's before "win" Now, whenever your target boots their computer, they'll see the screen repeatedly display "You blow!" or whatever you told it to display until they press Ctrl-C or restart their computer. Pretty easy, huh? For those of you that want to learn how to program, probably the easiest programs to write are batch files. You can find more info on how to write them in DOS help.

Or, alternately, you could write a file that displays "Formatting C:" when the computer boots up. Just be careful that they don't have a heartattack. Or, if you are really really mean, you could actually format their hard drive. Or, you could write a line in the autoexec.bat file to format their hard drive (I forget the switch you need to format without it prompting for verification, though, you'll have to look it up for yourself if you want to do this).

Something else you could do is press F1 or Ctrl-Alt-S or whatever (it depends on the computer) during startup to get into Setup. The computer will tell you what you have to press to get into it. From here, you can configure all kinds of nifty things.


IV. Conclusion

If you see anything interesting, play around with it. After all, a hacker's greatest asset is his curiosity. However, it is also his worst enemy, so be prepared for the worst. If you're working on your own machine, as you should be doing, before you try to break into someone else's computer, make sure everything is backed up and that you have a boot disk. If you're on someone else's computer, back up everything you mess with, just in case. And know that if you get caught, you could end up with a trip for one to the brig for the summer.

Hope for the best, but plan for the worst.

-eD