Google+ Badge

Friday, 26 July 2013

how to make a new web site

how to make a new web site

Colour Palletes

HTMLlock <---Need

well, if you want text seperate from image, you could just do this:

<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">

your text here, it's totally fun, yeah yeah yeah


<img src="your picture here">


if you want to have the image on the left side, and text on the right side, just reverse the code like so:

<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
<td valign="bottom" align="left">

<img src="your picture here">



your text here, it's totally fun, yeah yeah yeah


How To Make A Kvcd

 how to make a kvcd or in other words how to get 700meg avi file down to about 450megs to make
a vcd without any picture loss

so youve download a movie its in avi format you want to watch it on your dvd player so
you reencode it it comes out to about 1100 maybe 1200 megs so you got to split it and save on
2 disks well the following tut will show you how to do it on one disk

first you are going to need some tools





and some dlls


put the above dlls in the same folder as heada3che



put these 2 in the same folder

you will have to have nero as well but im hoping you have that already if not it on this forum


again its on this forum

you will need some templates


right click all the pal templates if your dvd player is pal or ntsc if ntsc

save them to the template folder in the tmpegnc folder

so to begin

open virtualdub

goto file
open video file

locate the avi file you want to convert
if you get a warning ignore it
click the audio button at the top
make sure source audio and direct stream copy have a black dot next to it
goto file
save wav
now you have to call this with a .ac3 extension
for example view from the top.ac3
i would save this in the same file your avi is
so youve named it press save
box will open let it do its thing this is taking the sound from the film
now press audio and select no audio
you should have a black dot next to no audio and direct stream copy
goto video
select direct stream copy
goto file save as avi
save the file what you want again put in the same folder as the original avi
to make life easier i call mine the film title no sound ie viewfromthetopnosound
press save
this is now saving the film without sound

you can now close virtualdub

open besweet
scary looking box appears
dont worry heres what to do
at the besweet.exe locate the besweet folder it will show besweet.exe in the enter file name box
click on this and at the bottom it will say valid press ok
now goto input and find the ac3 file we just made you will need to change the enter file name from .Lst to .ac3
double click on the ac3 file you made and at the bottom it will say valid press ok
now looking at the gui make sure Use ac3 decoder is tick
downconvert sample rate is ticked
in the toolame dropdown box make sure it says mp2 leave the rest alone
now press copy command to clipboard
goto start
and right click paste
press ok
if all the settings are correct a black box will open and the ac3 will be transcoding to mp2
if not check the boxes are ticked
if ok leave it to do its thing
once the black box has disappered close besweet

open heada3che
hopefully you put all the dlls in the heada3che folder other wise you will get error messages
so make sure you do that
done it ok lets go
press source file
find the new mp2 file we just made
change the destination format to mp2
press start
thats it once its finished close headac3he

for your info
things are going to start looking messy inside your folder so if you want
you can delete some things
goto the folder where youre original avi file is
you can delete the ac3 file
and the mp2 file without the .2 in it
ie you will have two file names the same one with .2 on the end keep this one
this is so we dont get confused later

open tmpegnc
close the wizard if it opens
press the video source browse button
find the file we made with nosound on the end ie viewfromthetopnosound
now if you had gone to the kvcd page and downloaded all the templates this will help
if not go do that now
done it right lets go
now im afraid im not in front of your pc doing this for you so i hope i explain well
press load
you will see a load of files in front of you some starting with kvcd
right this is trial and error stuff now pick the first one begining with kvcd highlight it press open
now press start what will happen is the preview box in front of you will start encoding
now depending on the make up of the original avi file will effect the outcome of the finished film
so if you look at the box and all you see is a tiny box with film thats the size it will come out
if it looks weird press stop and reload a different template the best result is one that looks like widescreen
i hope that made sense

just press start and overwrite the file
any way let it do its thing depending on your pc specs depends how long this takes

so lets assume its done
press file mpeg tools the first box should be simple multiplex press the video input browse button
and find the new file we just made it will have a m1v extension
press the audio input browse button find the mp2 file with the .2 in the title the output
box will be automatically set to mpeg
press run
let it do its thing

close tmpgenc

open nero
select vcd
untick the create standard compliant cd
press new
find the new file we have made it will be in the original avi folder but will have a mpeg extension
now you have to drag this into the left box dont right click and copy to compliation
a box will appear and a blue line will go across if a warning comes up with not being a compliant vcd ignore carry on
press burn and burn at the speed you want
once finished press the ok box
press done the disk will come out and now to test
put it in your dvd player and hay presto the film kicks in

depending if your dvd player can play vcds that is

that i cant help you with 

How to make a Free Phone Call

                                                ³  Filename: FREEMSG.TXT ³
                                                ³ Title: Free LD Msgs    ³
                                                ³     By: Captain Hack   ³
                                                ³   Released: 09/06/95   ³
                                                ³   Danger: °°°°°°°°°°   ³
        This is an easy way to get quick messages to someone from a
payfone either LD or when you don't have change to make a call. It works
best using 1-800-COLLECT. Some other carriers will also work, assuming
they use computerized routing of the collect call.

        1) Call 1-800-COLLECT (or your other carrier) Enter the #
           of the recipient of the message when prompted.

        2) When you are asked to say your name, you have about *6*
           seconds to record your message. Examples include:

           "It's John, call me at 555-1212"

           "My plane will get in at 6:55 pm, Terminal D, USAir"

           "Mom, come pick me up at the Gym Doors of the school"

           You get the idea.

        3) Allow the recieving party to reject the call. They will recieve
           your message, and can hang up. You MUST stay on the line until
           you are told that your call has been refused. That will ensure
           that the other end heard your message. Also, the "name" will be
           repeated twice, so if there is a date or fone number in it, the
           recieving party will hear it a second time if they miss it.

Be aware that although 1-800-COLLECT doesn't screen the "name" that is
recorded, they may notice a large number of refused calls from a reciever.
You shouldn't use this all the time, but it can be handy.


How to Hack UNIX System


UNIXSYSV.HAK - File on hacking Unix System V's

                    From THE HACKER'S GUIDE TO W.S.U. comes
                     the ultimate in weekend entertainment

                           How to Hack UNIX System V
                      includes the INTRODUCTION TO HACKING
                           and HOW TO NOT GET CAUGHT

                           Last Revision: 1-18-89
                                 Version: 2.0

    Hacking is the art of attempting everything until something finally works.
The average hacker is usually only armed with educated guesses.  Why hack?
Generally, you have some reason.  My favorite reason being that it's fun.  But
these days are getting pretty suspicious and you have to watch yourself when
hacking even if you don't have malicious intents.  Hacking is lots of work and
is also dangerous.  So be careful and don't get caught!

    Okay great, how do I avoid getting caught?  That depends on what you are
doing.  In this file I will be discussing UNIX System V and therefore my
suggestions should only be taken as pertaining to that.  Even if you follow
my suggestions, you can still get caught.  Some operators are extremely
persistant and will stop at nothing to nail you.  If modems start answering
when you pick up a phone, or you become known as the "human carrier" by your
friends, then I suggest you lay low for awhile.
    Here are some obvious things to be aware of when you are hacking by modem,
I thought I'd include them in case you overlook them.  You should always be
on the lookout for these types of suspicious activity.
    1] Excessive line noise in an area that usually has none.
    2] You hear other voices simultaneously on the phone line.
       This occasionally happens normally with the old analog FDM
       multiplex equipment.  But it also can be caused by a wire tap,
       so try to be careful here!  * See the note on wire taps.
    3] Any van or minivan parked next to:
        a] A telephone pole.
        b] An underground steam vent hole.
        c] Also watch for cloth tee-pees with MA BELL symbols on them
           near poles or steam vents.
       This is a *DEAD GIVAWAY*!!!  If you see this, cease all hacking
       for at least a month!  (An make sure that the vans are GONE,
       --NOT-- just moved to another location!)
       >> Check for wires going to the van from the pole, or vent.  And
          check to see if the van is white (FBI uses these alot) or a
          phone co. van.
    4] Watch the abandoned rooms in your building, if they suddenly have
       lots of equipment in them, take note here!
    5] Anything unusual about the way your phone service operates that
       the neighbors don't seem to have going on!
That's all I can come up with right now.  But I'm sure there are more.

Belive it or not, this is still one of the most commonly used methods
of nabbing a hacker.  The above list is a good guide to detecting an active
wire tap.  If you can afford the equipment, you can do what is know as a
"sweep" of the phone line every now and then.  Another thing you can do is
build a device which monitors the phone line voltage.  If the voltage suddenly
drops during use, you either have a wire tap or someone picked up an extension.
Here are some specs for monitoring line voltage:
    Ringer voltage:90V at 20-30Hz
    Clear voltage:600V (Watch out!  This will toast any MOV you have
                        in your modem!  Usually this is used to fuse noisy
                        phone lines shut.)
The average cops don't have the equipment to properly implement a wire tap,
much less a data tap.  However, I have heard of data cops in Seattle and

    Here is yet another way you can get your butt caught.  It is getting
easier and easier for the average person to trace phone calls.  I just
found out a few days ago that dialing 33 on an on-campus phone will trace
the last call to that phone.  Rest assured that an operator will use this
to nab you if he can.  This however, only affects remote dial-ups, and not
the on-campus links.  Remote dial-ups used to be so safe, but no more...
-- more --A good place to hack from is a nearby terminal room.  *NOT* in the same
building that you live in!  Do it at night, so if there is a system operator
at all on duty late he will probably be sleeping.

    This is a fairly new method of catching hackers, and I really don't think
the average hacker has much to worry from it.  It is too complex to implement
and doesn't even work most of the time.  Especially if you're in an area that
has lots of TV's or computer monitors.  The device used basicly reads the
faint radio frequencies created by your monitor and translates them back into
a video signal.  When it actually does work the guy running it can see exactly
what you are seeing on your monitor.  Pretty tricky, but he has to be able to
pick out your signal first.

    Alright boys and girls, on top of everything else in the world we now are
bless with the wonders of Electronic Standardized Switching.  Or otherwise
known as ESS.  Remember that sharp increase in your phone bill about a year
ago?  "It's a new computerized system designed to allow quicker routing of
your calls".  Bullshit.  It sole purpose is to catch phreakers.  That's all
it does, and it does it well.  With this, the phone co. can trace a call in
-- more --.55 seconds to anywhere.  It keeps records on all calls, including local!
And just about every phone box in the books will not only refuse to work,
ESS will notify the cops when you try to use it!
    Have some faith.  ESS is not exactly the end of the world either.  Like
every system ever come up with, people will hack it.  And eventually it will
be just as easy to hack ESS as it was to do on the old phone system.

                       Okay!  Enough beginner's stuff!
                      Onward to hacking UNIX System V !

Not much here:  I just started this paper, and am still looking for
                anything I can add to it!
Remember:  The operator can see what you are doing at all times!  But
           usually they don't care or the information scrolls by so
           fast they don't have time to read it.
Note:  If you flub up your password or try to access secured files, the
       system will automaticly record everything that you do!  And on
       some systems, the system will record everything you do anyway!

    This is the heart of hacking a UNIX system.  You don't want to do any
hacking under any ID that can be associated with you.  And you don't want
to use another user's ID more than once if at all possible.

    There really is no way to get a name and password without first having
some level of access to the system.  How do I get in then?  I rely on the
fact that our GANDALF data switch is extremely unstable.  1 out of 5 logins
will drop you under someone else's name *NO QUESTIONS ASKED*.  Just change
parity (8N1 to E71) alot while GANDALF is loading UNIX.  Eventually, you
will get in this way.  This happens because a user hung up on the phone
line without loggig off!  So be sure to log yourself off the system when
you finish with *ANY* work.

    They saw.  A couple of days ago I was doing this and somehow I was
logged off of the system.  The words "LOGOFF" just appeared on my command
prompt and entered themselfs.  I suspect the guy whose number I used was in
-- more --the terminal room monitored by a superuser.  And he just told the SU that
there appeared to be two of him.  (Probably used the WHO command).

    Believe it or not, UNIX will actually allow you to lock out other
users from the system.  First, you select a target person.  Then you place
the file VI.LOGIN in their default directory (the one that UNIX automaticly
loads them into when they log onto the system).  You set up VI.LOGIN like

          VI.LOGIN   (Just the file name!)

So VI.LOGIN only contains one command.  VI.LOGIN is automaticly executed
when a person logs onto the system.  So as soon as your pigeon gets onto the
system he immeadiatly gets logged off!

Suggested Uses:  On a Prof a few days before your assignment is due.
                 Someone you really don't like (wait a few weeks so they
                    don't figure it out right away!)
                 It might work on the ROOT (The SuperUser's name)

    Here is yet another way to gather SEVERAL users names AND PASSWORDS.
First, (the hard part) wait until the beginning of a semester.  Now,
somehow you have to get a list of the ID numbers for students in UNIX-
oriented classes.  You can usually find one of these lists posted outside
a professor's office (try the computer science building) or one of many
other places.  Anyways, you have a list of student ID numbers.

    Now, preferably on the first day of class, start logging in as a few
(maybe 3-4) students.  I prefer to use ID's from low-level (100's) classes
as the students will just think that they've screwed up.  Log into the
system, and if the student hasn't been on the system before, you will
be prompted for a password!  And viola!  You not only have access but also
you have the password of your choice.  This happens because the computing
faculty is too lazy to pass out customized passwords to thier students.
New students are expected to select their own passwords, but that means
that the system won't be able to tell who is who!

Suggested Uses:  Most likely your access won't stay good for more than
                 a few days.  You might want to take full advantage of it
                 and really cause some havoc.  For one thing, you could
                 lock out an entire computer class!  (See LOCK OUT
                 described above).  If you're really good, and can crack
                 the coded passwords in the PASSWRDS file, then you can
                 get the Super-User (SU) password and have all the fun
                 you want!

                                   THE END

                                And Remember!
            This paper was provided for educational purposes only!

                              Special thanks to:
                              The Mad Phone-Man
                              The Grey Sorcerer
                               The Sneak Thief
                               Harry Hackalot



ok..... here are the full details.....

this works whether its windows 2000 or windows xp or windows xp SP1 or SP2 or windows server 2003....

this works even if syskey encryption is employed...

if it is FAT filesystem...

just copy the sam file like stated in the first post to an empty floppy disk and take it home. I'll tell u what to do with it later... DON'T DELETE THE ORIGINAL SAM FILE. just remove its attributes. the sam file is a file called SAM with no extension. YOU MUST ALSO GET.... a file called SYSTEM which is in the same folder as SAM. both files have no extensions...

if it is NTFS....

u have to download a program called NTFSPro.... it allows u to read from ntfs drives... the demo version allows read only. the full version is read-write.... you use the program to create an unbootable disk (so u will still need another bootable disk and an empty disk) that has the required files to access NTFS.

use the boot disk to get into dos, then use the disks created with ntfspro to be able to access the filesystem, then copy the SAM and SYSTEM files to another empty disk to take home....

AT HOME: u have to get a program called SAMInside. it doesn't matter if it is demo version. SAMInside will open the SAM file and extract all the user account information and their passwords, including administrator. SAMInside will ask for the SYSTEM file too if the computer you took the SAM file from has syskey enabled. syskey encrypts the SAM file. SAMInside uses SYSTEM file to decrypt the SAM file. After SAMInside finishes, u still see user accounts and hashes beside them. the hashes are the encoded passwords. Use SAMInside to export the accounts and their hashes as a pwdump file into another program, called LophtCrack. it is currently in version 5, it is named LC5. the previous version, LC4 is just as good. u need the full or cracked version of the program. LC5 uses a brute force method by trying all possible combinations of letters numbers, and unprintable characters to find the correct password from the hashes in the pwdump file imported into it from SAMInside. This process of trying all passwords might take 5 minutes if the password is easy, up to a year if the password is long and hard (really really hard). LC5 howver, unlike LC4, is almost 100 times faster. both can be configured to try dictionary and common words before using all possible combinations of everything. Once the correct password is found, it will display the passwords in clear beside each account, including administrator.

I use this method so many times. I've compromised the whole school computer infrastructure. LC4 usually took between 1 second and 10 minutes to find the passwords because they were common words found in any english dictionary. I haven't used LC5 yet.

If there is anything unclear, anything I overlooked, plz tell me so that I can turn this into a very easy to follow tutorial to help anybody crack any windowz pass.

Programs needed: SAMInside (doesn't matter which version or if demo)
LC4 or LC5 (lophtcrack)( must be full version)
NTFSPro (doesn't matter if demo)
any bootdisk maker

Cracked or full version software can be found on any warez site. If u don"t know what that is or where to get the programs, post a message and I'll tell u or give them to u.

P.S: I might not keep track of this forum, because I'm going to create a new topic and post tutorial there. if u want to post, plz post there.

How to get a Shell in 24 hours

                          _________  ___  _______    
   \~=._      _.=~/      /   _____/ |   | \      \       \~=._      _.=~/
    \   ~=__=~   /       \_____  \  |   | /   |   \       \   ~=__=~   /
     \_.=~  ~=._/        /        \ |   |/    |    \       \_.=~  ~=._/
 _.=~ \        / ~=._   /_______  / |___|\____|__  /    .=~ \        / ~=.
L------\------/------7          \/               \/   L------\------/------7
        \    /                                                \    /
         \  /                  \  /  
          \/                                                    \/
 * Have a shell in 24hours after reading this, or your money back. *
A Darkfool Text- member of SIN
I have read many a hacking e-zines, and 'how to hack' documents before. They
are ok, interesting etc.  but they always show you how to get root through a
shell, what people seem to forget is the fact that you have to actually get
the password before you can use a shell to an account. You might be lucky
and find that l:guest p:guest will work. In this text I will show you how
easy hacking is ( on old deformed systems ) and how you can get a shell of
some sort in 24 hours after reading this. I am not going to go on to explain
how to get root after getting a shell as there are 1000's of texts and C
programs which explain this.
OK, the very first thing you need to do is to have a WWW browser, a telnet
program, john the ripper kracker program ( i recommend ) and a good
dictionary file.
WWW Browser - Netrape or MSIE are fine
Telnet Program - One which lets you set which port you want to connect to
John The Ripper - Will be at
Dictionary File - Found at many hacking web sites. Do a search for one
Ok, every net user/wanna be hacker will have most of those programs and if
ya don't there really easy to get a hold of.
OK, now I am going to tell you something about Japan. They make your stero,
they made the bits inside your computer, they made your car, they made
everything electronic around you, you have their eyes at the end of your
nob, but they are rubbish at one thing, the internet and security. The
honestly don't know anything about internet security, I have rooted or got
shells on many a japanese servers. These are my favourite systems to attack
because they are soooooo easy. I am also told that Australian servers are
very easy too, some Berkeley UNiversity machines are very easy to krack too.
Next thing you got to do is fire up your WWW browser. Goto AltaVista if you don't know already this is a search
engine which has some very nice advance features.
Once here in the search field box type this and press search,
this looks for all URL's with in.  This is academic places in Japan,
similar to the US which has .edu instead. You will be presented with a load
of web pages which text you probably can't read because its all in some
funny language. More importantly is the URL which they point out, for
example,    , notice the at the end of it.
Click on the link to the site ( longer server urls are easier to break into
BTW ). When the URL appears on the WWW browser box at the top of the screen
add this line to the end of it.
To all you 313375 out there, yes, i know this is the phf technique and it is
virtually dead, but you'll be surpised where you can use this.
This technique of finding the password file to the system is old, it was
first used in November 1996 on the FBI web page by a few hackers. It has
been patched up by a lot of servers, so this won't work on or
most of www.*.com  but still works on many University servers outside of EU
and US.
Ok, once the URL has been entered you will see a number or things :-
Error 404
/cgi-bin/phf is not found on this server
You do not have permission to view /cgi-bin/phf/ on this server
There are a number of other things the server might say, but the thing you
want it to say is the following :-
www-admin:rYsKMjnvRppro:100:11:WWW administrator:/home/Common/WWW:/bin/csh
maemae:dvUMqNmeeENFs:1016:10:Akiko Maeda:/home/user/maemae:/bin/csh
watanaby:ewF90K0gwXVD6:1006:10:Yoshiaki WATANABE:/home/user/watanaby:/bin/csh
kake:kFph8HEM/aaAA:1007:10:Tetsuro KAKESHITA:/home/user/kake:/bin/csh
This means you have hit the jackpot !
If you get something similar to this but all lines have something similar to
the following :-
www-admin:*:100:11:WWW administrator:/home/Common/WWW:/bin/csh
kangaroo:*:1012:10:Hisaharu  TANAKA:/home/user/kangaroo:/usr/local/bin/tcsh
maemae:*:1016:10:Akiko Maeda:/home/user/maemae:/bin/csh
watanaby:*:1006:10:Yoshiaki WATANABE:/home/user/watanaby:/bin/csh
kake:*:1007:10:Tetsuro KAKESHITA:/home/user/kake:/bin/csh
( notice the * )  if you don't know already this means its shadowed and you
cannot work out the password using a shadowed file.
If some but not all of the logins have * in them its ok, its worthwhile
getting the ones which aren't shadowed, hey, a shell is a shell !
Get all the lines which aren't shadowed and then paste them into notepad,
write the name of the server in the top line of the file and save it.
Ok now for the next bit, this is fairly simple but can be a lengthy process
depending upon which speed machine you have and how big your password file
is and dictionary file. Use john the ripper or whatever password cracker you
are using, although i recommend john the ripper because its quick. This will
probably take a long time so go to the pub or have a drive or something.......
If you are lucky enough to work out the passwords to the logins then well
done, if you don't, them find another server or increase the size of your
dictionary file, make it as big as you can, the bigger the better, the more
luck you will have in finding the password.
OK, you got some passwords to a few logins, if you got root them jump around
the room with joy ( I do ). If you didn't then, well, atleast you got
yourself some shells. Now, if you want to keep these shells without anyone
knowing then your best bet is to telnet to the site at port 79, you will
have a blank prompt, here type in the username of the account you cracked,
it will tell you the last time they logged in, do this for all the accounts,
use the account which isn't used very much, the best ones are the ones which
say ' User Never Logged On ' because then the account is basically yours !
{ Note: If you get root type the following at the shell prompt :-
echo "myserver::0:0:Test User:/:/bin/csh" >> \etc\passwd
This wil allow you to login to the server with l:myserver so you don't get
admin suspicous when they see people login in as root. }
Hide yourself as much as possible, if you already have a shell then go
through that first when logging on, or, telnet to the hacked shell and then
re-telnet to the hacked shell using the hacked shell, if you see what I
mean, so your who appears as localhost. Get some C scripts which delete your
presence etc...
Thats it, if there's demand to explain this in further detail then please
e-mail me telling me you want a follow up, I don't do personal help so don't
e-mail me asking for help PLEASE DON'T !
Thats it.....
" Stay cool and be somebodys darkfool this year "
Saying a quick hello to #prophet undernet. Visit me on #sin.
I am at
and also a lot of japanese servers ;)
 " Stay Cool and be somebody's Darkfool "

How to fix Windows Installer problem

 Do you experience this kind of problem whenever you attemp to install an application in windows box (2k, xp)?

"The Windows Installer service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance."

The ms website knowledge article 324516 gives 2 methods as a way of fixing this problem, but you might be very lucky if any of the 2 fixes the problem, alot of guys end up formating their systems and doing fresh windows installations or try wired ways of fixing it.

Well, the solution is very easy:

1. right click your root windows installation drive i.e drive where you installed windows
2. click properties at the bottom
3. select security tab
4. click Add and scroll down to SYSTEM account click add and click OK.
5. allow Full control permission and click Apply and then Ok.

This should solve your problem with windows installer.

How to fix corrupted files in XP

//     ** How to fix corrupted files in XP ** //
//  ** This tutorial was writing by: H|LLJD00 ** //
//        ** H|LLJD00 does not take any responsibility for your actions ** //
//  ** H|LLJD00 takes no responsible for any damage caused by this tutorial **  //

** Contents **
(1) Introduction
(2) Required
(3) Actual Tutorial
(4) Copyright Notice

// Introduction //
This tutorial has been made so people that are having problems with corrupted files, can learn how to fix them easy.

// Required //
+ Windows XP operating system
+ Windows XP cd

// Right to the tutorial //
+ Place the xp cd in your cd/dvd drive
+ Go to start
+ run
+ type in 'sfc /scannow' (without the ')

Now it should all load, and fix all your corrupted file on windows XP :)

//                           ** (c) Copyright 2003 H|LLJD00. All Rights Reserved **                               //
// ** If you wish to use this tutorial on your website please leave all credit and detials as it is. Thank you ** //

How to find Security Holes

From: Manifestation
Subject: Security holes manifest themselves in (broadly) four ways...
Date: 11.10.93

( Please contribute by sending E-Mail to <> ... )

[quoting from the FAQ]
Security holes manifest themselves in (broadly) four ways:

1) Physical Security Holes.

- Where the potential problem is caused by giving unauthorised persons
physical access to the machine, where this might allow them to perform
things that they shouldn't be able to do.

A good example of this would be a public workstation room where it would
be trivial for a user to reboot a machine into single-user mode and muck
around with the workstation filestore, if precautions are not taken.

Another example of this is the need to restrict access to confidential
backup tapes, which may (otherwise) be read by any user with access to
the tapes and a tape drive, whether they are meant to have permission or

2) Software Security Holes

- Where the problem is caused by badly written items of "privledged"
software (daemons, cronjobs) which can be compromised into doing things
which they shouldn't oughta.

The most famous example of this is the "sendmail debug" hole (see
bibliography) which would enable a cracker to bootstrap a "root" shell.
This could be used to delete your filestore, create a new account, copy
your password file, anything.

(Contrary to popular opinion, crack attacks via sendmail were not just
restricted to the infamous "Internet Worm" - any cracker could do this
by using "telnet" to port 25 on the target machine.  The story behind a
similar hole (this time in the EMACS "move-mail" software) is described
in [Stoll].)

New holes like this appear all the time, and your best hopes are to:

  a: try to structure your system so that as little software as possible
  runs with root/daemon/bin privileges, and that which does is known to
  be robust.

  b: subscribe to a mailing list which can get details of problems
  and/or fixes out to you as quickly as possible, and then ACT when you
  receive information.

>From: Wes Morgan <>
> c: When installing/upgrading a given system, try to install/enable only
> those software packages for which you have an immediate or foreseeable
> need.  Many packages include daemons or utilities which can reveal
> information to outsiders.  For instance, AT&T System V Unix' accounting
> package includes acctcom(1), which will (by default) allow any user to
> review the daily accounting data for any other user.  Many TCP/IP packa-
> ges automatically install/run programs such as rwhod, fingerd, and
> <occasionally> tftpd, all of which can present security problems.
> Careful system administration is the solution.  Most of these programs
> are initialized/started at boot time; you may wish to modify your boot
> scripts (usually in the /etc, /etc/rc, /etc/rcX.d directories) to pre-
> vent their execution.  You may wish to remove some utilities completely.
> For some utilities, a simple chmod(1) can prevent access from unauthorized
> users.
> tend to install/run everything in the package without asking you.  Most
> installation documentation includes lists of "the programs included in
> this package"; be sure to review it.

3) Incompatible Usage Security Holes

- Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole.

Problems like this are a pain to find once a system is set up and
running, so it is better to build your system with them in mind.  It's
never too late to have a rethink, though.

Some examples are detailed below; let's not go into them here, it would
only spoil the surprise.

4) Choosing a suitable security philosophy and maintaining it.

>From: Gene Spafford <>
>The fourth kind of security problem is one of perception and
>understanding.  Perfect software, protected hardware, and compatible
>components don't work unless you have selected an appropriate security
>policy and turned on the parts of your system that enforce it.  Having
>the best password mechanism in the world is worthless if your users
>think that their login name backwards is a good password! Security is
>relative to a policy (or set of policies) and the operation of a system
>in conformance with that policy.


From: Hacking
Subject: Hacking Ideas
Date: 11/10/93

( Please contribute by sending E-Mail to <> ... )

[ Many ideas taken from: HaxNet - APG V1.3 : Guide to finding new holes]

NOTE: I think this should be divided into general categories:
1) General principles
2) Looking for holes in src (most items here)
3) Looking in binary distributions
4) Looking in site specific configurations

  The following general classifications suggest themselves:
2) Return codes/error conditions
3) unexpected input
4) race conditions
5) authentication
6) implicit trust
7) parameters
8) permissions
9) interrupts
10) I/O
11) symbolic links
12) Daemons, particularly those taking user input.
13) Kernel race conditions
14) what else? - please add categories

(Suggested splitting of above into main and sub-catagories)
I:   Suid binaries and scripts
     unexpected user interactions
     flawed liberary calls
     implicit assumptions of external conditions (sym links, loc. paths)
     race conditions
II:  daemons running with priviliged uid's
     race conditions
     poor file protectons
     implicit file protections
III: Kernel problems
     Kernel race conditions
     device driver code

The following four step method was created by System Development
Corporation, who report a 65% success rate on the flaw hypotheses
generated.  Doing a comprehensive search for operating system flaws
requires four steps:

Step 1) Knowledge of system control structure.
  To find security holes, and identifying design weaknesses it is
necessary to understand the system control structure, and layers.
  One should be able to list the:
A) security objects: items to be protected. ie: a users file.
B) control objects: items that protect security objects. ie: a i-node
C) mutual objects  : objects in both classes. ie: the password file
  With such a list, it is possible to graphically represent a control
hierarchy and identify potential points of attack. Making flow charts
to give a visual breakdown of relationships definitely helps.
  Reading the various users, operators, and administrators manuals should
provide this information.
(following para's should probably be moved to a "legal" section)
  Reading and greping source code should also prove valuable. For those
without a source licence, I would suggest we use LINUX, NET2, and BSD386
distributions in order to stay legal. At some future time we may be able
to form a working contract between someone or a company with legal access
to other distributions and members actively participating in this project.
  It appears that extracts of proprietary code may be used for academic
study, so long as they are not reused in a commercial product - more
checking is necessary though.

Step 2) Generate an inventory of suspected flaws. (i.e. flaw hypotheses)
In particular we want:
  Code history:
    What UNIX src does a particular flavor derive from? This is important
for cross references (very often only one vendor patches certain code,
which may get reused, in it's unpatched reincarnation by others)
  A solid cross reference:
    Who checked which bug in what OS and what version prevents us from
duplicating work.

  A good start would be listing all the suid binaries on the various OS
flavors/versions. Then try to work out why each program is suid. i.e.:
    rcp is suid root because it must use a privilaged port to do user
    name authentication.
  Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
  We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
  Any sugestions on how to implement such a DB?

Step 3) Confirm hypotheses. (test and exploit flaws)

Step 4) Make generalizations of the underlying system weaknesses, for
        which the flaw represents a specific instance.

Tool Box:
AGREP: I suggest everyone obtain, and install agrep from:
    ftp /agrep/agrep.tar.Z
  Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e. <psudocode>
      agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or    agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
            OR execvp()]} /usr/local/src/*.c

PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.


CRASH: Posted to USENET (what FTP archive?) (descrip?)

PAPERS: There are several papers that discuss methods of finding flaws, and
  present test suites.
  1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
    Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
    Dec '90. Describes a test suite for testing random input strings.
    Results indicated that 25% of the programs hung, crashed, or misbehaved.
    In one case the OS crashed. An understanding of buffer and register
    layout on the environment in question, and the expected input is likely
    to produce the desired results.
  2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
    Conference on Systems and Software, pages 275-284, Kona, HI, January '89
  3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
    Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
  4) A paper by IBM was mentioned that was submitted to USENIX a few years
    ago. (Anyone have a citation?).

Specific Flaws to Check For:
1) Look for routines that don't do boundary checking, or verify input.
   ie: the gets() family of routines, where it is possible to overwrite
   buffer boundaries. ( sprintf()?, gets(), etc. )
   also: strcpy() which is why most src has:
     #define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))

2) SUID/SGID routines written in one of the shells, instead of C or

3) SUID/SGID routines written in PERL that don't use the "taintperl"

4) SUID/SGID routines that use the system(), popen(), execlp(), or
   execvp() calls to run something else.

5) Any program that uses relative path names inside the program.

6) The use of relative path names to specify dynamically linked libraries.
   (look in Makefile).

7) Routines that don't check error return codes from system calls. (ie:
   fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug

8) Holes can often be found in code that:
  A) is ported to a new environment.
  B) receives unexpected input.
  C) interacts with other local software.
  D) accesses system files like passwd, L.sys, etc.
  E) reads input from a publicly writable file/directory.
  F) diagnostic programs which are typically not user-proofed.

9) Test code for unexpected input. Coverage, data flow, and mutation
   testing tools are available.

10) Look in man pages, and users guides for warnings against doing X, and
   try variations of X. Ditto for "bugs" section.

11) Look for seldom used, or unusual functions or commands - read backwards.
   In particular looking for undocumented flags/arguments may prove useful.
   Check flags that were in prior releases, or in other OS versions. Check
   for options that other programs might use. For instance telnet uses -h
   option to login ...
     right, as most login.c's I've seen have:
          if((getuid()) && hflag){

12) Look for race conditions.

13) Failure of software to authenticate that it is really communicating
   with the desired software or hardware module it wants to be accessing.

14) Lack or error detection to reset protection mechanisms following an

15) Poor implementation resulting in, for example, condition codes being
   improperly tested.

16) Implicit trust: Routine B assumes routine A's parameters are correct
   because routine A is a system process.

17) System stores it's data or references user parameters in the users
   address space.

18) Inter process communication: return conditions (passwd OK, illegal
   parameter, segment error, etc) can provide a significant wedge, esp.
   when combined with (17).

19) User parameters may not be adequately checked.

20) Addresses that overlap or refer to system areas.

21) Condition code checks may be omitted.

22) Failure to anticipate unusual or extraordinary parameters.

23) Look for system levels where the modules involved were written by
   different programmers, or groups of programmers - holes are likely
   to be found.

24) Registers that point to the location of a parameters value instead
   of passing the value itself.

25) Any program running with system privileges. (too many progs are given
   uid 0, to facilitate access to certain tables, etc.)

26) Group or world readable temporary files, buffers, etc.

27) Lack of threshold values, and lack of logging/notification once these
   have been triggered.

28) Changing parameters of critical system areas prior to their execution
   by a concurrent process. (race conditions)

29) Inadequate boundary checking at compile time, for example, a user
   may be able to execute machine code disguised as data in a data area.
   (if text and data areas are shared)

30) Improperly handling user generated asynchronous interrupts. Users
   interrupting a process, performing an operation, and either returning
   to continue the process or begin another will frequently leave the
   system in an unprotected state. Partially written files are left open,
   improper writing of protection infraction messages, improper setting
   of protection bits, etc often occur.

31) Code that uses fopen(3) without setting the umask. ( eg: at(1), etc. )
  In general, code that does not reset the real and effective uid before

32) Trace is your friend (or truss in SVR4) for helping figure out what
  system calls a program is using.

33) Scan /usr/local fs's closely. Many admins will install software from
  the net. Often you'll find tcpdump, top, nfswatch, ... suid'd root for
  their ease of use.

34) Check suid programs to see if they are the ones originally put on the
  system. Admins will sometimes put in a passwd replacement which is less
  secure than the distributed version.

35) Look for programs that were there to install software or loadable
  kernel modules.

36) Dynamically linked programs in general. Remember LD_PRELOAD, I think
  that was the variable.

37) I/O channel programming is a prime target. Look for logical errors,
  inconsistencies, and omissions.

38) See if it's possible for a I/O channel program to modify itself, loop
  back, and then execute the newly modified code. (instruction pre-load
  may screw this up)

39) If I/O channels act as independent processors they may have unlimited
  access to memory, thus system code may be modified in memory prior to

40) Look for bugs requiring flaws in multiple pieces of software, i.e. say
  program a can be used to change config file /etc/a now program b assumes
  the information in a to be correct and this leads to unexpected results
  (just look at how many programs trust /etc/utmp)

41) Any program, especially those suid/sgid, that allow shell escapes.

How to find MP3's real quickly

Another good way of finding MP3s (or other formats) is using Google and typing the following:

parent + directory + mp3 + OR + wma+ #dido#

Replace #dido# by whatever artist you wish to find, for example:

parent + directory + mp3 + OR + wma+ #Lamb#

You should get plenty of dirs with MP3s or WMA files (you could add OGG, etc, to the query). Cheers.

How To Find Ftp's The Easy Way'

How To Find Ftp's The Easy Way'

I use google cuz its the best search engine en everyone can acces .
The easiest search quote is "index of ..."
Some kind of examples are:

index of ftp/ +mp3
index of ftp/ +divx
index of ftp/ +"whateveryouwant"

Google has many operators that should help you to specify your search
There are also lots of advanced operators available
here are a few:


allintitle: "index of ftp/mp3"

try to combine things and maybe u'll find something

How to find a remote IP

How to find a remote IP

Method 1

To view someone's IP# when they send you hotmail email do this:
1) Click "Options" on the upper right side of the page.
2) On the left side of the page, Click "Mail"
3) Click "Mail Display Settings"
4) Under "Message Headers" select "Full" or "Advanced"
5) Click ok

Method 2
reg a dydns account and install the ip pointer, so each time you ping the host name you regestored

for example:
you regestor the host name, then you keep a little software running on the target host. The little software will keep update your IP to server.

so at your pc just start cmd, and ping, it will give you the most updated ip address.

Method 3
neverender, what doesn't work for you? Simply type in nc -vvv -l -p 80 on your box, which will set it to listen in verbose mode on port 80. Then give them a link to your IP address (for example: and tell them to type it in their browser. The browser should resolve the address as well as append port 80 automatically. Just make sure that your friend is not very computer literate.

Method 4
Just download a very simple server such as this one and install it on your comp. Then run it and give your ip to the person you want and tell them to connect to it through a browser. Your server will log their connection and you will get their IP.


Other Ways and make a "spy poll" to put in ur profile, this will tell u the IP of anybody who answers ur poll there is a page for doin it (i dont like it, but it works)
-or irc

Here is a more detailed tutorial about using NetCat.

Windows users can download NetCat from here:

how to execute chm files in linux

 how to execute chm files in linux

 download the following rpms on ur pc:-

and also install them in the same sequence. using the command:-

rpm -ivh <package name>

Note:- i am giving the path of packages for fedora cpre 3. if want for any other os take a look at the following sites.

xchm: - platform independent for all redhat's.............

How To Download Movies, From IRC

 First off welcome to the wonderful world of TMD!

--------------------- SETTING UP mIRC ---------------------

First of all you need to download mIRC from /, this program will let you connect to the server and channel to download movies. Once installed run mIRC, and you will be presented with the mIRC options. The first thing you will see is the "Connect" options. Set the options as follows:

IRC Network: Select "Criten" from the dropdown list.
Full Name: Enter what you feel comfortable with.
Email Address: Enter your email address.
Nickname: Enter the nickname you want.
Alternative: If the nickname you picked isn't available this is the one it will use.

*If Criten isn't listed in the IRC Networks, hit the "Add" button.
Description: Criten
IRC Server:
Port(s): 6667
Group: Criten
Password: Leave Blank
Hit the "Add" Button to finish

Next we will move down to "DCC". Select "Auto-get file" (this will automaticly accept the files that are sent to you), click "YES" in the window that opens. Right next to the "Auto-get file" click on the "Minimize" option. Below that select select "Resume" from the drop-down list under "If file exists:". This option sets mIRC to automaticly resume any failed sends you may get instead of overwriting them.

Continuing in the "DCC" section, go down to "Folders". In the "DCC Ignore:" box select from the drop-down list "Disabled", then untick the "Turn ignore back on in:" box.

mIRC is now setup correctly to download movies from TMD! Hit "OK" on the bottom of the Options window and move on to the next part.

--------------- CONNECTING TO #TMD-MOVIEZ ---------------

In the upper left hand corner of mIRC you will see the "Connect" button in the tool bar, click it to connet to Once it has connected (be patient it can take a while to finally connect on some days), a window will pop-up, this is the mIRC Channels list. On the right side of the window click the "Add" button. Another window will pop up, set it as follows:

Channel: Type in "#TMD-Moviez" (without the quotes)
Password: Leave blank.
Description: Just type in "TMD Moviez" or something of the sort.
Networks: Click the "Add" button and from the drop-down list select "Criten", then click "OK".

If you wish mIRC to automaticly connect to this channel once connected to the server, check the "Join channel on connect" box in the options. You may also wish to add the channel "#TMD" (Our chat channel) by repeating these steps.

Now click "OK" and it will show the mIRC Channels List again with the channel you just added. While the new channel is still selected click "Join" on the right side.

You can also type in /join #TMD-Moviez

A new window will appear with a bunch of text scrolling by, if you see this, than you did everything correctly! You are now in #TMD-Moviez! Move on to the next section for the fun part.

----------------- FINDING AND DOWNLOADING FILES -----------------

The things you see scrolling are ads and searches mainly. It is the ads that you may want to watch for. They consist of info about the server like this:

*********** Only an example server... Not a real one! ********

[2:29am] <TMD-Maveric> File Server Online Triggers:½/ctcp TMD-Maveric !Maveric's Moviez!╗ Min:½6.4 Kbs╗ Sends:½2/2╗ Queues:½10/10╗ Accessed:½3295 times╗ Online:½0/4╗ RCPS:½42.8 Kbs by kuki╗ Served:½95.6G in 785 files╗ Current BW:½41 Kbs╗ AQT:½1hr 15mins╗ Serving:½279 files╗ MOTD: -= :: (»`À.©©.->All the newest from distro!!<-.©©.À┤») :: =- ùI-n-v-i-s-i-o-nù

Really the only thing you need to know to get started is how to connect to the file server and get a file.
The trigger is what you type into the channel to connect to the server. The trigger above would be "/ctcp TMD-Maveric !Maveric's Moviez!" (without the quotes) as noted by the "Triggers:½ ╗" You always type what is inbetween the ½╗. You will know you are connected when a window pops up with:

Serving YourNickname
Waiting for acknowledgement...
DCC Chat connection established

Then you will see alot of text fly by which you can read if you want, but it is not needed. You will be left with something like this "[\]", that is the root directory of the server. To view the files in that directory you type "dir". At that point the directory contents will be show like this:

[2:40am] <TMD-Maveric> dir
[2:40am] <TMD-Maveric> [\*.*]
[2:40am] <TMD-Maveric> DVD RIPS
[2:40am] <TMD-Maveric> MOVIEZ
[2:41am] <TMD-Maveric> [tmd] 121 mb
[2:41am] <TMD-Maveric> [tmd] 115 mb
[2:40am] <TMD-Maveric> End of list.

The ones in all caps are directories, and the others are files signified by the the name and size of the file. If you want to go to a directory you need to type "cd <directory name>". Then you need to type "dir" again to see the contents. You should see something like this:

[2:44am] <TMD-Maveric>cd moviez
[2:44am] <TMD-Maveric> [\moviez]
[2:44am] <TMD-Maveric> dir
[2:44am] <TMD-Maveric> [\moviez\*.*]
[2:44am] <TMD-Maveric> ..
[2:44am] <TMD-Maveric> A RUMOR OF ANGELS
[2:44am] <TMD-Maveric> ALI G INDAHOUSE
[2:44am] <TMD-Maveric> AVENGING ANGELO
[2:44am] <TMD-Maveric> BALLISTIC - ECKS VS SEVER
[2:44am] <TMD-Maveric> BARBERSHOP
[2:44am] <TMD-Maveric> BARBERSHOP (UNCUT)
[2:45am] <TMD-Maveric> [tmd]nailed.(evil).scr.(1of2).avi 169 mb
[2:45am] <TMD-Maveric> [tmd]nailed.(evil).scr.(2of2).avi 59.3 mb
[2:45am] <TMD-Maveric> End of list.

Now to get a file you need to type "get <filename>". At that point you will either be sent the file, placed in queue for the file, of told that there isn't a free spot in the queue for you. Looking like this:

[2:50am] <TMD-Maveric> get [tmd]nailed.(evil).scr.(1of2).avi
[2:50am] <TMD-Maveric> Sending [tmd]nailed.(evil).scr.(1of2).avi ½169MB╗.
OR [2:50am] <TMD-Maveric>The file has been queued in slot 1
OR [2:50am] <TMD-Maveric> Sorry but the Maximum Allowed Queues of 10 has been reached. Please try again later.

The window may say something like "idle connection closing in 30 seconds", when you are finished either type "exit" or let the connection close. You will still get your download!
TIP: To quicky enter the filename you should copy and paste it. mIRC automaticly copys what ever text is selected to the clipboard. So select the filename (when you let go of the mouse button the selection will disappear) then use Ctrl+V (or right click and choose paste) to paste it.

A few other things you should know is how to go back a directory ("cd .."), how to see what files are sending ("sends"), and how to see who is in the queue ("queues").

Now to find the movie you are looking for.... As you may have seen in the chat screen you can search for what file you are looking for. This is done by using "@find <moviename>". So if you were looking for "The Ring" then you would type "@find the ring". If any matching files were found new windows will open with the results. You will see these flashing red in the top bar. Clicking on them will display the results for each server the file was found in, looking a bit like this:

<Nickname-of-server> [@Find Results] -=SysReset 2.50=-
<Nickname-of-server> Found [2] files on Trigger [/ctcp Nickname-of-server !TRIGGER!] - Queues: [20/25]
<Nickname-of-server> File: [The Ring\[tmd]the.ring.(ftf).ts.(2of2).avi] - Size [149.7MB]
<Nickname-of-server> File: [The Ring\[tmd]the.ring.(ftf).ts.(1of2).avi] - Size [130.1MB]
<Nickname-of-server> End of @Find.

The things to pay attention to is the trigger and the "Queues". The "queues" tell you how many people are in line to get a file from this server. [20/25] means there are 20 people in line out of an available 25 slots. The fewer amout of people in the queue the shorter amount of time you have to wait before downloading. Once you find a good server, type in the trigger that is show and you will be connected to the file server.
TIP: To close all the windows that opened as a result of the @find type "/close -m" in the channel.

----------------- COMMON ERRORS AND PROBLEMS -----------------

Error: "You need to identify a registered nick to join..."
Solution: To register: type in (without quotes) "/msg NickServ REGISTER password youremailaddress". That will register your current nickname using the password and email specified. To identify type in (without quotes) "/msg NickServ IDENTIFY password" where password is the password you registered with.

Problem: "The video doesn't play right!"
Solution: Be sure to download and install the TMD Codec. If after you have intalled the codec the video still doesn't work, make sure you download the entire file, the file sizes are listed on our MoveBot.

Error: "No more connections allowed in your connection class"
Solution: This just means the server is full. There is nothing to do but wait till it connects. Patience is a virtue!

Problem: "I have been banned from the channel, what do I do?"
Solution: Most bans only last a minute, so try to join the channel later. If you still can not join, then private message the OP that banned you in #TMD. To send a private message type "/msg <username> <message>" in the channel substituting <username> with the username of the person that banned you, and <message> with the message you want to send.

Problem: "I downloaded a movie but the quality is bad!"
Solution: There is nothing you can do about it! TMD encodes movies that were supplied by a "ripping" group. We encoded those files to make them more compact for easy downloading, while keeping the best quality we can. Some movies we get are bad quality to begin with, and we do what we can with what we have to work with.

Problem: "How do I know what new movies have been released?"
Solution: We have a bot in #TMD-Moviez and #TMD, simply type "!newmoviez" into the channel for the last 10 releases. Type "!moviebot" for all of the bots commands.


It all can be quite confusing at first glance, but after a week or two it seems simple! Any other questions you may have can probably be answered by going to #TMD. I hope this helps everybody.

****Written By Maveric****

How To Download Bittorrent Files

 Downloading BitTorrent Files

What is BitTorrent in Plain English?

BitTorrent is a program you download. It is similar to a peer-to-peer file sharing service. Basically it goes like this: You download the installer. You get the link to a file that ends in .torrent and enter that URL into your browser (preferably Internet Explorer). This opens the BitTorrent download window. It starts downloading the file, or episode that you wanted (eg. alias2x01.torrent). As it downloads, it uploads the parts that you have to other people so many people can get it at once. When you've finished downloading the file, you can leave the window open (don't press finish or close the window) and other people can still download from you. This is very much encouraged.

I'm new to all this. How do I download with BitTorrent???

First we need to download and install a BitTorrent client

Official client 3.3

Experimental client 3.2.1b-2

TheShad0w Experimental S-5.8.3


burst! RC5d
BT++ 0.5.4 alpha [code]


Nova Torrent 0.2.0

SimpleBT 0.1.9

BitAnarch 1.0.5a

Personal Torrent Collector

Effusion 0.3.3 beta

Snark 0.5 beta

ByteTorrent 0.95

ABC 2.5


If you?re client freezes during D/Ls, it?s a problem with you?re network card or modem, this happens when you connect to more peers than you?re card or modem can handle & windows shuts it down. There is a cure. Shad0ws Experimental client allows you to set how many incoming peers to allow.

All about BT:

How to D/L Torrent files

BitTorrent is not like other peer-to-peer applications (such as Winmx, Kazaa, Gnutella, etc.) in that it does not have its own \"universe.\" Put another way, BT lives on top of the Web, which means that all of the searching/listing of available files is done on the web. When you find a file you want to download, you click on it and the BitTorrent client program will run and ask you where to put it, and then start downloading. Or you save target as. Save the file somewhere then click on it when you?re ready to start the D/L.

It doesn't do anything it says:
Problem connecting to tracker - timeout exceeded
Problem connecting to tracker - HTTP Error 503: Connect failed
Problem connecting to tracker - [Error socket error] (10061, \" Connection refused\")
Problem connecting to tracker - (111, \'Connection refused\'

Generally just wait ... this normally means that the \'Tracker\' is maybe too busy. Leave your window open and it will try to connect every 2 minutes or so.

Note: BT dose resume downloads, just click the torrent file again when you are ready to resume the D/L and save it to same place as the original. All clients have an option for default D/L directory. I suggest setting this option.

My speed is always very slow!!!!!!!!!!

Speeds can be real slow if your one of the below, they all can bet set to allow BT in and out

#1 behind a firewall
#2 behind a router
#3 on a network
#4 Xps firewall is enabled

ports 6881 thru 6999 need to be open to get good speeds

If you need info on bit torrent and how to set it up with a firewall or router


Get general info on how torrent works and how it uses ports


Where do I get torrent files???

Suprnova mirrors are the best site?s, updated every 20 minutes.


There are others you can use here is another one:

Places to find other torrent sites

Torrent Search engine

Keeping up with the torrent network


What does PeerGuardian actually do?

PeerGuardian does two things to help P2P users. The first is the obvious one, it closes connections on certain IP addresses. The second is that it optionally logs all connections made to your computer. The reason for this is so that if you do use PeerGuardian but still get sent a legal threat, you can cross-reference the date/time of the alleged infringement with the log. This gives us a list of IPs, one of which will be the IP that's doing the busting. It's basically to help us identify which IPs are doing the busting and weren't known to PeerGuardian before. - Hope that makes sense.

Is PeerGuardian 100% Protection?

CERTAINLY NOT!!! - PeerGuardian relies on users sharing information to stay up to date. It IS contributory to protection and (I'm not trying to blow my own trumpet here!!) it seems to be the most up-to-date and open database of this nature on the internet (as far as I know). The more people who are using full-logging and report the relevant IPs when they get a C&D threat (see above paragraph), the more people we can save. ANONYMOUS P2P is the way ahead IMHO, PeerGuardian isn't 100% effective.. I've NEVER claimed that and never will and I look forward to the day that PG (not just the app, more.. the database and communication between p2p'ers on blocking IPs) becomes totally redundant. I'm just trying to help supply the next-best thing until we get to that stage.

I use PeerGuardian and have still been sent a legal threat.

What do I do?

First of all, stop sharing the file you got busted with. If you're worried, try sharing older/rarer files. If you share Bourne Identity, Terminator 3 and a load of Busta Rhymes mp3s after being busted, you'll be asking for trouble. Second thing to do, check the "full connection log" in PeerGuardian. (you did have it enabled didn't you?) - Work out the difference in timezones on the infringement warning and cross-reference it with the log. From this you should be able to identify a handful of IPs. Either post that list to the PG forums for one of our admins/moderators/members to investigate or investigate it yourself and post the p2p enemy IP to the on-line database. - There are plans to automate this whole process in the future.


Well it isn't really much of a tutorial but I spent a lot of time on this so please help me out if it is wrong.


How to do a high Quality DivX rip

How to do a high Quality DivX rip

First and foremost, go to

and go to their downloads section.
get the following files:
under Audio:
Besweet GUI

Under Codecs:
DivX 5.2.1 Pro

Under Divx/Mpeg-4 encoders:
Nandub 1.0RC2

then get this:
alternatively, get any version of virtualdub that includes mp3 support.

these are all the required tools, there are ways with fewer items, but they produce very inferior outputs. Besides, after you get used to it, the whole process is really easy.

Okay, first and foremost, pull out Nandub. This is the step that takes the longest, as well as where you will make most of your decisions. I am going to assume that you are making a 1 cd rip. If you do what is in this faq, there won't be much reason to do anything else. Twisted Evil

First of all, run Nandub . It will pop up a dialogue box, and want to know if you are making a new project or resuming an old. New, of course. Give it a name and tell fairuse where you want it to store its data. Fairuse is about to rip the entire movie to your harddrive(nice if you want to go rent a movie and return it the next day).

Then it will ask for your DVD drive with a dvd in it. give it. Then, select which video stream you want. This is usually pretty obvious as the movie stream is the one that is an hour or so long. If there are two of these, check out the other tags. which languages and so on. worst case senario is that you have to trial and error. but that is rare. choose the long stream and hit next.

This is where Nandub rips everything to your hard drive. depending on the speed of various components in your computer, and the length of the movie, this could take a while. let it finish. and then move on.

Once all that is done, the really important screen pops up. this is where you set resolutions and video length. first, cut off the ending credits with the slider, but DO NOT mess with the beginning, as the sound and video frames need to start at the same point for sync. Then hit auto set for the cropping region, this is usually just fine. Then decide whether or not you want subtitles, which would be the subpicture stream. When you're done, hit next.

Set the field mode to IVTC. This will give you better quality for size, as it runs at 24 frames instead of 30, due to the nature of divx, there won't be any noticeable difference in quality, but 6 less frames to deal with each second(and to store data for) really add up. Besides this is the correct mode for all movies anyway. NExt.

This is where you set FINAL file size, including audio, for 1 cd rip, set to 690, for 2, set to double that. Then follow the directions they give you and choose a final resolution that has between a 120:1 and 150:1 (if possible, sometimes the movie is compression ratio. NEXT!

This screen is where you determine quality. The autoadd button is usefull, and will give you decent quality, with 4 encodings. What this does is encode the movie 4 times, and then mix the frames to creat the final encoding, with the most efficient possible encoding for each frame. which is how we get bad ass quality for a single cd. I usually go for 8 encodings, as on my athlon 1600+ this rarely takes more than 8 hours to do, so I just go to sleep, wake up, and its done.

Then add the audio encoding that you want.

Hit next.
And let the bastard fly. Depending on what you set, and your computer, this could take from a few hours to a few days. CPU's of 1.2Ghz+ are nice right about here. You can do stuff while this is going on, but it makes things take much longer.

In the end you will have a bunch of encodings in the folder you specified at the beginning, the 4+ you chose and the final. You will also have an AC3 stream. Take the final AVI and toss it someplace to await the rest of the audio work you have to do, and you can erase the other encodings, freeing up a few gigs in the process of space.


Ok, this is where Besweet comes in.

Extract BeSweet and the GUI into the same folder. Now Run the GUI.

At the top there are three fields. One for BeSweet which you should point at the besweet.exe that you should have unzipped to the same directory you are running the Gui from, A field for the AC3 stream, which is in the folder where you sent the encoded video from Fairuse, and an output mp3. The output mp3 has to be an existing file, so make a text file, rename it (yourmovie).mp3 and just say yeah, its cool to change the extension and make things weird. besweet will overwrite it so don't worry. point the third field at that file. The default values for stuff should be fine. but to make sure go to Azid 1(on the left) and select stereo, and then go to Lame 2 and select constant bit rate, and 128(assuming that is what you want). then click on besweet again, and finally, click on AC3 to MP3.

Let the bastard fly.

Now. When its done you should have an mp3 that is the entire soundtrack for the movie. This is where virtualdub comes in. run the virtualdub mp3 version. go to File:open video file and select the final encoding that you had from way back. Then go to audio and select mp3 audio. it will ask you for the file, give it the mp3. Go to audio again and make sure direct stream copy is selected. Then go to video and make sure that direct stream copy is also selected. Finally go to file again and SAVE AVI. give it a file name and let the bastard fly. This final file is your movie. Beautiful and glorious. Congratulations, its a DivX rip. Aren't you proud. burn to cd, and give copies to all your friends.

Note: These is a RIP

How to dial out of a UNIX System

Unauthorised Access UK  0636-708063  10pm-7am  12oo/24oo
                     HOW TO DIAL OUT ON A UNIX SYSTEM.
 This document makes the assumption that you are currently logged on to the
 system and are sitting in a shell environment.
         1. First of all we need to locate the L-devices file.
            It should be found in the /usr/lib/uucp directory,
            but in case it isn't typing:
                       find / -name L-devices -print
            will show you where it is.
            If you can't find it then don't worry as we can get
            around it, only it will take a bit of trial and error.
         2. If you found the L-devices file then we need to list
            it by typing:
                       cat L-devices
            If it runs off the screen then type:
                       cat L-devices | more
            This will page the output - space displays the next
            page and return will show the next line while q quits.
            This file shows us to which serial line (port) the
            modems (ACU's) are connected, it also shows when they
            can be called and the baud rate.
            We are interested in the serial line and the baud rate.
            Choose a line with your desired speed and make a note of
            the serial line. The speed is shown as 2400,1200,300 etc.
            and the serial line as ttynn where nn is a number.
         3. If you couldn't find/list the L-devices file then type:
                       who am i
            This will show which serial line you are on, and as you
            are on a modem then it's a fair bet that the others are
            not too far away. e.g. If you are on line tty07 then
            there's a good chance of a modem being on tty06,tty08 or
         4. Now we need to make a direct connection to the modem by
                       cu -sbaud -l/dev/ttynn dir
            where baud and ttynn are your desired speed and serial
            line respectively.
            If you couldn't find/list the L-devices file then this is
            where the trial and error I told you about comes in.
            When you get it right it should come up with 'Connected'.
         5. Now we are talking directly to the modem. As a precaution
            at this point I suggest saving the modem's current config
            by typing:
            Don't worry if you can't see what you are typing as it is
            probably in quiet mode with echo off.
            Now restore the factory default settings by typing:
            Now you can set up the modem as you require it, just as
            you would with your own and use it as normal.
            When you have finished type:
            to restore the modem back to it's initial state, then
            It should come up 'Disconnected' and you should now be
            back in your shell.
 It is probably best to try and log on to a RACE system on an 0800 number
 as then it won't cost you a penny to call your favourite BBS's.
 If you have any problems or need any UNIX information then send mail to
 me on HackerNet and I'll see what I can do for you.
 Wishing you all many, many, happy hours of hacking - THE ANALYST.
Downloaded From P-80 International Information Systems 304-744-2253