Hacks By Camwi

My Favorite Apps

2009-02-14T13:19:00.005-06:00

Hey, it's been almost half of a year that I haven't posted, in fact I haven't posted anything at all... :(

Well, today I'm here to present you with my list of favorite applications, although with no specific order. Camwi pretty much included a giant list of applications in the past but I'll highlight the really, really good ones. Please keep in mind this is my opinion, and they won't be completely be accurate but I'm sure you will be impressed.

1. File Compressor - Alzip

Part of the AL-series, I find Alzip the most useful tool. Although sometimes WinRAR is better, Alzip is a little better to use and definitely won't give you that stupid "You must register WinRAR" error every time you want to extract something. With support for 36 archive formats, including .iso and .bin files, this is great. It can also zip files up in an .exe file for users that doesn't have a decompression program (but who doesn't?).

But I've had slight problems with this in the past. It doesn't work too well with .7zip files, or .tar files. When I downloaded backups from cPanel, it just wouldn't extract .tar files properly. So I use a different program. It's not always this happens, just from time to time.

Download ALZIP here: http://www.altools.com/image/ALZipv6.7.exe

2. Internet Downloading Manager - Free Download Manager (FDM)

With support for flash downloading and conversion, and support for bittorent, I found this tool very useful. Like the usual stuff, it can continue failed/disconnected downloads and enhance speeds for downloading. It's very organized, and you can redownload stuff that you deleted accidentally, and much more. It's just great.

Download FDM here: http://www.freedownloadmanager.org/download.htm

3. Internet Browser - Mozilla Firefox

Obviously one of the best. Of course there's Opera, but if you want a light, fast browser, you should consider getting Firefox. It's better than Internet Explorer if you're still using that crap, and it's better than the new rubbish Google Chrome.

It offers a nice history browsing feature under the address bar, and it'll show the title of the webpage, the favicon, and its description. That's probably the most amazing feature I've seen yet. Not only that, I've noticed that it actually does load pages faster than IE (not saying it improves your internet, no, but it makes good use of its webpage caches). Firefox is one of the greatest things I've used, it would definitely fit into my best applications list.

Download Firefox here: http://www.mozilla.com/en-US/firefox/

4. Mail Handling Program - Windows Live Mail

Surprisingly, this mail handler from the Windows Live series is actually useful unlike the rest of the tools other than the messenger itself. Windows Live Mail automatically takes care of your hotmail account and integrates itself to the Windows Live Messenger (if installed) and fetches mail from there.

It easily handles your live account, but it also handles other accounts well too. That's not a surprise since it must be a feature for mail-handlers to have different accounts. It allows POP3, IMAP and HTTP mail servers. Can't say much more but you'll be impressed once you see it.

Download WLM here: http://download.live.com/

5. VoIP Program - Skype

This is great. Skype is just great. You can call landlines with a subscription of 3 dollars. Save two cups of coffee for later and you can get phone service for a month. How cheap is that?

Although it shouldn't be a replacement for your phone (as it does not provide connection to emergency numbers such as 911) it'll be a lot cheaper than using your mobile phone. You can even call computers or normal phones on your PSP, but you have to know Sony, you have to buy their stupid specially designed headset and remote for 30$, I've heard hacks around this but I'm not sure as I haven't done it myself.

With fast (sometimes choppy when the network gets busy) and an extremely good quality call, Skype is the best VoIP program (there's a Korean program that's better than Skype but I won't discuss it since it doesn't support English yet) as of yet, and like most it provides support for video calls.

Download Skype here: www.skype.com

6. Video Playback Application: GOM Player

Forget realplayer, forget windows media player, forget everything. Forget getting stupid codecs that you have to manually find and install it yourself. That's completely obsolete, with GOM player.

GOM player includes codecs in the setup package (the core files) so you won't have to risk downloading codecs that could be a virus. It can also play AVI files that aren't even done downloading, or in other words it can play videos with a broken index.

Like other players, GOM player provides support for subtitles.

Download GOM player here: http://www.gomlab.com/eng/GMP_download.html

7. Personal Webhosting - Abyss Web Server

And you were expecting Apache. Yeah, Apache is better than Abyss by a long shot if we were talking about commercial hosting, but we're talking about personal, private webhosting that's probably just used to test websites.

Abyss Web Server is well made- its control panel is very impressive. Look:

Takes about 10 minutes to set that up. That's amazing, if you ask me. It supports CGI, PHP and other things like always.

Download Abyss here: http://www.aprelium.com/abyssws/

8. File Conversion - FormatFactory

Simply the easiest. It supports mostly all of audio/video formats today, and can convert them to any format you want. It's simple, quick, and light. I have not much to say but see for yourself.

Download FF here: http://www.formatoz.com/download.html

-------

This concludes part 1. I'll post the rest later. 'Till then, try some of these out!

Disturbed at DFW Nokia Theatre - PRESALE TICKET CODE

2009-01-30T14:35:00.006-06:00

Disturbed is gonna be intown at DFW Nokia Theatre.
Here, on HBC, You will find the code to get PRESALE TICKETS!

When you go Ticketmaster, the code for presale tickets is: "indestructible".

Have fun everyone, and Look to see if you see me there.

And a little info about Disturbed:

2009 Disturbed Concerts

If you would like to attend a Disturbed show live in person, CoastToCoastTickets.com is your source. CoastToCoastTickets.com provides schedules and information for Disturbed. Whether you just want tickets that will get you into the show or you prefer premium seats, we make it easy to buy Disturbed tickets online or by phone.

Disturbed History

Disturbed came together when guitarist Dan Donegan, drummer Mike Wengren, and bassist Fuzz joined up with singer David Draiman. The heavy metal band formed as Disturbed in 1997. The addition of Draiman to the band is what provided the cohesion needed for the band to strike out. Draiman grew up in a religious family. He rebelled from his parent's strict rule and was eventually expelled from five boarding schools during his youth. Like many hard rockers, metal music became an outlet for pent up anger. Draiman was no exception.

The thrashing sound of Disturbed began to build a following on Chicago's south side. Eventually, a demo tape led to a contract with Giant Records. The foursome released their debut album, titled The Sickness, in March of 2000. In order to promote the new album the band joined OzzFest in 2001. The decision was a good one. By the time the tour was over, the band had gained a national fan following and managed to break away to headline their own tour by the fall of 2001. During that time Disturbed also recorded a new version of wrestler Steve Austin's theme song. Surprisingly, the single received significant radio play.

Command & Conquer: Red Alert 3 - Multi Pack - Maps, LAN COOP, And more!

2008-11-30T22:20:00.002-06:00

Ok everyone, its been a good while since my last release, so I am bringing you a Multi pack for CNC RA3!

Maps, LAN COOP Fix, and more!

Make sure you read one of the readme files, there are 3 types; README.txt, README.html, and README.nfo

Hope everyone likes it and a little thanks is good enough.

http://www.HacksByCamwi.com/Files/RA3_Multipack.rar

Forums are ready for Full public access.

2008-11-21T17:14:00.000-06:00

Refer to the previous post for the URL.

Forums Are Semi-Working.

2008-11-18T21:19:00.002-06:00

www.hacksbycamwi.com/forums

OR

www.forums.hacksbycamwi.com

Feel free to try them out anytime, I'm still working the kinks out but it should be workin good in no time, and the name is only for now until I get it done, Haha.

System Update

2008-11-10T17:53:00.003-06:00

Well, I've updated to Vista Ultimate, 64 bit of course...
Also, threw out my old 2 gigs of Ram, (I think they were bad, and out of warranty) and installed 4 gigs of Ram!

Also, new 320 Gig SATA Hard drive with a 16 mb cache.

I must say, this beast is quite fast, also, Crysis and Far Cry2 look awesome with DX10.

About my "Not-Being-Here-ism"

2008-11-10T17:47:00.001-06:00

Sorry, everyone, I have been really sick, I plan on making more posts very soon.

And again, I am still looking for more authors, if you're interested.

Spore..... LEAKED!

2008-08-31T13:40:00.003-05:00

That's right, the FULL COMPLETE VERSION of Spore has been leaked.

Pics for eye candy.

I'm sure The Torrents are gonna start rushing in.

SOURCE: http://forums.facepunchstudios.com/showthread.php?t=603042

How to Keep the RIAA/DRM guys off your tail.

2008-08-17T01:50:00.002-05:00

If you live in the United States, France, UK, you may be thinking that getting music and movies from ThePirateBay isn't such a great idea anymore.

Well, you're wrong. By taking these easy steps, you can protect your privacy from the prying eyes of RIAA/MPAA and the gov't. The result? No one will come knocking your door, or if they do, they won't have any proof.

Important:

Make sure you have a strong password for your login/encryption, a password like 'iruletheworld' won't do. "G7s&8bnu9#8vHU" will. If you can't remember it, write it somewhere and put it in a SAFE, HIDDEN location.
Get a good password here.

Clarification:

The way anti p2p guys find you is by entering the swarm themselves and logging the IP's, which are visible even if you enable encryption. The IP must be visible in order for the data packets to reach destination.
That's why the only true defense is encrypting all your hard disk, if and when they come, they won't be able to find any illegal stuff. Just an encrypted blob. The rest of the tips are just to minimize the risk of them coming after you.

Bittorrent Clients

Always try to use the latest version of your bittorrent client
Use popular and acknowledged clients (uTorrent, Transmission open source)
Force outgoing encryption, enable port randomization(optional), disable "Allow legacy connections"
(Optional) Try to get an invite to a private bittorent tracker. Check the net for those who don't keep logs. Usually anti p2p organization focus on open and very popular trackers such as ThePirateBay. Let's make it clear that they do in fact track private trackers, but in my tests I found less 'hostile' connections from Media Defender and the likes.

Block unwanted IP's

To block all connections from government, anti peer 2 peer organizations download Peer Guardian.
Peer Guardian works by blocking all connections from blacklisted IP's known to be Government or Anti P2P. The blacklist updates frequently and is very effective in my tests.
PeerGuardian is Open Source and works with Windows XP

Encryption

If your IP pops up as 'interesting' they will pay you a visit. Having everything encrypted is your advantage. Don't worry about NSA using their supercomputers to crack the encryption (as some alarmists say). They have better things to do.

Enable full drive encryption if possible.
Create a separate partition(recommended if you don't want full drive encryption) for your downloads and install True Crypt.
True Crypt is a "free open source disk encryption utility for Windows Vista/XP, Mac OS X and Linux". It's easy to use, just follow the help files if you get stuck.
If you have Windows Vista and a TPM chip, enable Bitlocker encryption ; on Mac OS X you can use FileVault

Network

If your wireless router supports this option, create a separate SSID and set it to Open. Anyone will be able to connect and you can't be liable(someone in the comments said this won't work in the US anymore).
For your general privacy enable WPA2 with TKIP security on your router, and also change the default admin password.
If you have Dynamic IP it's a good idea to restart your router every couple of days. You get a new IP address this way(someone in the comments said this only slows them down; if they are after you they WILL find you no matter what; let's just say you won't be transferring 30 GB on an IP but on 10 different IPs, who do you think they'll track down first?).
Avoid AT&T Internet service at all costs, they are known to work very close to the different security agencies and anti P2P organizations.

Bonus Tip:
People have suggested in the comments that using a VPN(a virtual encrypted private network) is the only way to can't track you. There are available commercial services like Relakks from our friends at The Pirate Bay.

Looking for Co-authors

2008-08-16T22:20:00.001-05:00

If you're interested, contact me at Camwi_003@hacksbycamwi.com

Thanks.

Lots of Free Software.

2008-08-02T16:31:00.000-05:00

Altec Multi-Purpose Speaker Review

2008-07-20T22:32:00.005-05:00

Wal-Mart Link

Ever seen these speakers at Walmart for 25-30 bucks? I bought a pair, and here's my review on them.

First off, theres 2 speakers, and a sub woofer, theres 3 knobs on one of the speakers, Volume, Bass, and Treble.

There's also a Headphone and Mic Jack on the same speaker, and the green/red combo cord to go with it.

Pros
Cheap
Great High sounds
Available at local Wal-Mart's

Cons
So-called "Subwoofer" speaker is 4 inches and Paper.
Wasted space on speakers, could be made thinner.
Not sure if this is a con, but the speakers are very lightweight.

Bottom Line.
If you need some quick speakers, get them, the price is amazing for what you get.
I have my set in my bathroom for my iPod.

Or if you need them for a quick pc build, they are not bad at all.

Back From Vacation

2008-07-19T22:19:00.000-05:00

So, I'm back, finally.....

More Articles in good time.

I'm on vacation!

2008-07-16T23:11:00.002-05:00

For those of you that don't know, I'm on vacation. Currently using the neighbors internet that I cracked the wep key for.....

Google "Port Aransas" in texas of course, and you might see where I am,

Got to go, more info later.

2008-07-12T20:01:00.004-05:00

For those of you who don't know, Obsidian Conflict is one of a couple big coop mods on half life 2. This is about the patch however, not the mod, wanna learn about the mod? Basically they have new NPCs, new weapons, a customizable HUD and flashlight, as well as support for half life source through half life 2: episode 2.
http://www.obsidianconflict.com/

Big changes:
-Now on the orange box.
-Fixed random crashes. At least I'm pretty sure they're all fixed. Go yell at the beta testers if you do find any.
-Custom model support.
-Ironsights. They serve no real purpose, just a fun little thing you can do.
-Alyxgun a usable weapon. (thanks to HL2:CTF for letting the team use that model)
-Merchant now is fully operational. (RE4 voice not included)
-Scripted weapons, fully usable with both normal people and NPCs.
-Lag compensation now makes firing accurately possible in the mist of combat.
-The ichthyosaur works now as a real enemy.
-Scripts for the entire half life 2 campaign, and most of the episodes. I think they also got half life source scripts working but not sure on that one.
-An inventory for small props (like keys)
-Boosting now works.
-A lot of new maps.

"After one and a half years, we have finally finished Obsidian Conflict version 1.3. There are lot of reasons for the many delays (real life, bugs popping out of nowhere, and the change to the Orange Box engine, which brought the mod back to a very broken stage and stifled our passion), but in the end we finally made it and we are proud to present you version 1.3, which is a gigantic step forward from the now-crippled version 1.23.
New features, new maps and the full Half-Life 2 and Episodes story playable in co-op is what you will get with 1.3. So what are you waiting for? Head over to the downloads section and get your copy today!"

NetTools - Powerful Network App

2008-07-12T12:19:00.007-05:00

THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY! IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY THE AUTHOR DOES NOT TAKE ANY RESPONSIBILITY FOR IT.

Net Tools is cutting-edge security and network monitoring software for the Internet and Local Area Networks, providing clients with the ability and confidence to meet the challenges of tomorrow's technology. Keeping pace with the industry trends, we offer professional tools that support the latest standards, protocols, software, and hardware for both wired and wireless networks. The main goal is the creation of high quality software. Net Tools is a very strong combination of network scanning, security, file, system, and administrator tools useful in diagnosing networks and monitoring your PC and computer's network connections for system administrators. Next to the essential core tools it includes a lot of extra valuable features. It’s a Swiss Army knife for everyone interested in a set of powerful network tools for everyday use. This all-in-one toolkit includes also a lot of handy file and system utilities next to the huge amount of network tools. The menus are fully configurable, so in this way you won’t get lost in the extremely large amount of essential tools. All the additional features will make this application a must have for all system administrators. There are numerous constructive and valuable applications included in Net Tools that can be used for a great amount of purposes. The latest version of Net Tools is hybrid; it means that it’s capable of working together with applications that are made and designed for Net Tools, so in this way more flexibility and user-friendliness is obtained. This software is designed for the Microsoft Windows OS (Windows 98, NT, 2000, 2003, XP, Vista). It’s entirely compatible and has thoroughly been tested on Windows XP. With the 175+ tools it is a great collection of useful tools for network users. The size of Net Tools 5.0.70 is approximately 25 Mb.

Here's a Massive List of whats included:

1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
8) Trace Route (2 ways)
9) TCP/IP Configuration
10) Online - Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
63) Credit Card Number Validate and Generate
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect - Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
106) Sniffer.NET
107) File Shredder
108) Local Access Enumerater
109) Steganographer (Art of hiding secret data in pictures)
110) Subnet Calculater
111) Domain to IP (DNS)
112) Get SNMP Variables
113) Internet Explorer Password Revealer
114) Advanced Multi Port Scanner
115) Port Identification List (+port scanner)
116) Get Quick Net Info
117) Get Remote MAC Address
118) Share Add
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
132) Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer's IP, Wake On LAN)
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
137) NetTools Notepad (encrypt your sensitive data)
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, ... All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
149) NetTools Macro Recorder/Player (Keybord and Mouse Hook)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) GeoLocate IP
154) Google PageRank Calculator
155) Google Link Crawler (Web Result Grabber)
156) Network Adapter Binder
157) Remote LAN PC Lister
158) Fast Sinusoidal Encryption
159) Software Scanner
160) Fast FTP Client
161) Network Traffic Analysis
162) Network Traffic Visualiser
163) Internet Protocol Scanner
164) Net Meter (Bandwidth Traffic Meter)
165) Net Configuration Switcher
166) Advanced System Hardware Info
167) Live System Information
168) Network Profiler
169) Network Browser
170) Quick Website Maker and Web Gallery Creator
171) Remote PC Shutdown
172) Serial Port Terminal
173) Standard Encryptor
174) Tray Minimizer
175) Extra Tools (nmap console & win32 version)

And many extra features and utilities are included in this package!

Screenshots

http://users.pandora.be/ahmadi/ntscreenshot9.JPG
http://users.pandora.be/ahmadi/ntscreenshot8.JPG
http://users.pandora.be/ahmadi/ntscreenshot7.JPG

Convinced yet?

Download it HERE.

How to turn Firefox into a WebApp Assault Kit.

2008-07-11T15:51:00.000-05:00

By using some brilliant Firefox extensions you can turn your Firefox-install into a perfect web-application assault kit.

Sometimes I do freelance work as a web-developer and other times i pen-test web sites on request (as a part of my work). I have been doing this for some years now, and by now I’ve collected some Firefox extensions to make the pen-testing a little more enjoyable (read: easier).

So in this post I’m gonna list some Firefox extensions that I use for pen-testing web-applications. But mark my words, these extensions will not turn you into a security professional just because you use them; you will still need knowledge. With knowledge comes power and with great power comes great responsibility, remember that!

Listed in alphabetical order:

Add N Edit Cookies:
Add N Edit Cookies gives you the ability to easily alter, edit or delete cookies, you can’t imagine how many sites there are that uses cookie variables like ‘admin = 0′…

Cookie Watcher:
This little extension shows the value of a selected cookie in your statusbar, this makes it easier to see when or if a cookie changes and that makes it easier to “reverse engineer” it.

Extended Cookie Manager:
This has the same functionality as the popular extension NoScript, but for cookies!

Firebug:
Gives you the ability to edit, debug, and monitor CSS, HTML, and JavaScript live in any web page. (Client-side off course)

FoxyProxy:
Did someone say switching proxies? This extension adds a small icon into your toolbar that shows the current proxy status and a drop down menu of proxies (which you manage in FP’s proxy-manager). It also gives you a nicer and more advanced proxy-manager!

HackBar:
A toolbar that helps you find and exploit SQL-injections.

Live HTTP Headers:
View the HTTP headers of a page requests while you are browsing, now you can ditch ettercap and ethereal ^H^H^H^H^H^H^H^Hwireshark.

Modify Headers:
Did someone say HTTP Header Injection? This tool gives you the power you need to alter any header Firefox sends out, persistent or temporarily.

NoScript:
NoScript allows JavaScript, Java, Flash and any other plugins only for your trusted domain(s). Great for protecting yourself towards the authorities. (Yes, Java can reveal your real IP-number)

RefControl:
Control what gets sent as the HTTP-Referer on a per-site basis.

Tamper Data:
I love this extension; it gives you the ability to view and modify everything from headers to POST-requests sent from your browser. A must have in every web-application hackers toolkit!

User Agent Switcher:
Adds a menu and a toolbar button to switch the user-agent of the browser.

Note that many of these extensions does pretty much the same thing, but they complement each other.

FormatFactory - File Converter

2008-07-11T00:25:00.003-05:00

I haven't tried this yet but I am downloading this as i am typing.

FormatFactory is a multifunctional media converter.
Provides functions below:
All to MP4/3GP/MPG/AVI/WMV/FLV/SWF.
All to MP3//WMA/MMF/AMR/OGG/M4A/WAV.
All to JPG/BMP/PNG/TIF/ICO/....
Rip DVD to video file.
MP4 files support iPod/iPhone/PSP format.
Source files support RMVB.

FormatFactory's Feature:
1 support converting all popular video,audio,picture formats to others.
2 Repair damaged video and audio file.
3 Reducing Multimedia file size.
4 Support iphone,ipod multimedia file formats.
5 Picture converting supports Zoom,Rotate/Flip,tags.
6 DVD Ripper.

Get it here.
Right Click > Save.

Got a scratched Disk that won't play? Try GameCopyWorld!

2008-07-07T22:30:00.003-05:00

http://www.gamecopyworld.com/

Perfect example from a week or two ago from me,

Conner brought his computer over to my house to play some crysis and show off his video card, but his crysis disk was WAY scratched to hell.

I was getting patches for him as he was 3dmark-ing and once I got the latest one, I went over to game copy world, looked up crysis, and found one that would work (It was 32-bit though).

Sure enough, after replacing the crysis.exe it worked just fine

I HIGHLY recommend that you change the name of the original *.exe to something like "Crysis_OLD.exe" before you install the new one if it doesn't work for some reason.

Have fun (With out disks!)

HacksByCamwi.com Redirects!

2008-07-07T22:17:00.003-05:00

Ok, so the temporary index.html for HacksByCamwi.com will just redirect to here for now, until I get some other things done first.

Try it out.

CLICK MEH

System Update - Summer '08

2008-07-07T17:53:00.004-05:00

All kinds of new stuff...

(I have replaced the light bulb already.)

Bought a Domain.

2008-06-30T21:08:00.001-05:00

www.HacksByCamwi.com has been bought by me and I bought a web host, 300 Gigs Space, 3,000 Gigs Bandwith.

Also, Camwi_003@HacksByCamwi.com also goes to me.

Expect More website updates as time goes on.

My GCombat Minigun

2008-06-14T19:36:00.001-05:00

Needless to say, Its epic, Its easy if you don't know how to make one.

Windows XP Commands for cmd.exe

2008-06-13T16:44:00.000-05:00

ADDUSERS Add or list users to/from a CSV file
ARP      Address Resolution Protocol
ASSOC    Change file extension associations
ASSOCIAT One step file association
AT       Schedule a command to run at a later time
ATTRIB   Change file attributes

BOOTCFG  Edit Windows boot settings
BROWSTAT Get domain, browser and PDC info

CACLS    Change file permissions
CALL     Call one batch program from another
CD       Change Directory - move to a specific Folder
CHANGE   Change Terminal Server Session properties
CHKDSK   Check Disk - check and repair disk problems
CHKNTFS  Check the NTFS file system
CHOICE   Accept keyboard input to a batch file
CIPHER   Encrypt or Decrypt files/folders
CleanMgr Automated cleanup of Temp files, recycle bin
CLEARMEM Clear memory leaks
CLIP     Copy STDIN to the Windows clipboard.
CLS      Clear the screen
CLUSTER  Windows Clustering
CMD      Start a new CMD shell
COLOR    Change colors of the CMD window
COMP     Compare the contents of two files or sets of files
COMPACT  Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
CON2PRT  Connect or disconnect a Printer
CONVERT  Convert a FAT drive to NTFS.
COPY     Copy one or more files to another location
CSCcmd   Client-side caching (Offline Files)
CSVDE    Import or Export Active Directory data

DATE     Display or set the date
Dcomcnfg DCOM Configuration Utility
DEFRAG   Defragment hard drive
DEL      Delete one or more files
DELPROF  Delete NT user profiles
DELTREE  Delete a folder and all subfolders
DevCon   Device Manager Command Line Utility
DIR      Display a list of files and folders
DIRUSE   Display disk usage
DISKCOMP Compare the contents of two floppy disks
DISKCOPY Copy the contents of one floppy disk to another
DNSSTAT  DNS Statistics
DOSKEY   Edit command line, recall commands, and create macros
DSADD    Add user (computer, group..) to active directory
DSQUERY  List items in active directory
DSMOD    Modify user (computer, group..) in active directory

ECHO     Display message on screen
ENDLOCAL End localisation of environment changes in a batch file
ERASE    Delete one or more files
EXIT     Quit the CMD shell
EXPAND   Uncompress files
EXTRACT  Uncompress CAB files

FC       Compare two files
FDISK    Disk Format and partition
FIND     Search for a text string in a file
FINDSTR  Search for strings in files
FOR /F   Loop command: against a set of files
FOR /F   Loop command: against the results of another command
FOR      Loop command: all options Files, Directory, List
FORFILES Batch process multiple files
FORMAT   Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL   File and Volume utilities
FTP      File Transfer Protocol
FTYPE    Display or modify file types used in file extension associations

GLOBAL   Display membership of global groups
GOTO     Direct a batch program to jump to a labelled line

HELP     Online Help
HFNETCHK Network Security Hotfix Checker

IF       Conditionally perform a command
IFMEMBER Is the current user in an NT Workgroup
IPCONFIG Configure IP

KILL     Remove a program from memory

LABEL    Edit a disk label
LOCAL    Display membership of local groups
LOGEVENT Write text to the NT event viewer.
LOGOFF   Log a user off
LOGTIME  Log the date and time in a file

MAPISEND Send email from the command line
MEM      Display memory usage
MD       Create new folders
MKLINK   Create a symbolic link (linkd)
MODE     Configure a system device
MORE     Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE     Move files from one folder to another
MOVEUSER Move a user from one domain to another
MSG      Send a message
MSIEXEC  Microsoft Windows Installer
MSINFO   Windows NT diagnostics
MSTSC    Terminal Server Connection (Remote Desktop Protocol)
MUNGE    Find and Replace text within file(s)
MV       Copy in-use files

NET      Manage network resources
NETDOM   Domain Manager
NETSH    Configure network protocols
NETSVC   Command-line Service Controller
NBTSTAT  Display networking statistics (NetBIOS over TCP/IP)
NETSTAT  Display networking statistics (TCP/IP)
NOW      Display the current Date and Time
NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights

PATH     Display or set a search path for executable files
PATHPING Trace route plus network latency and packet loss
PAUSE    Suspend processing of a batch file and display a message
PERMS    Show permissions for a user
PERFMON  Performance Monitor
PING     Test a network connection
POPD     Restore the previous value of the current directory saved by PUSHD
PORTQRY  Display the status of ports and services
PRINT    Print a text file
PRNCNFG  Display, configure or rename a printer
PRNMNGR  Add, delete, list printers set the default printer
PROMPT   Change the command prompt
PsExec     Execute process remotely
PsFile     Show files opened remotely
PsGetSid   Display the SID of a computer or a user
PsInfo     List information about a system
PsKill     Kill processes by name or process ID
PsList     List detailed information about processes
PsLoggedOn Who's logged on (locally or via resource sharing)
PsLogList  Event log records
PsPasswd   Change account password
PsService  View and control services
PsShutdown Shutdown or reboot a computer
PsSuspend  Suspend processes
PUSHD    Save and then change the current directory

QGREP    Search file(s) for lines that match a given pattern.

RASDIAL  Manage RAS connections
RASPHONE Manage RAS connections
RECOVER  Recover a damaged file from a defective disk.
REG      Registry: Read, Set, Export, Delete keys and values
REGEDIT  Import or export registry settings
REGSVR32 Register or unregister a DLL
REGINI   Change Registry Permissions
REM      Record comments (remarks) in a batch file
REN      Rename a file or files.
REPLACE  Replace or update one file with another
RD       Delete folder(s)
RDISK    Create a Recovery Disk
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
ROUTE    Manipulate network routing tables
RUNAS    Execute a program under a different user account
RUNDLL32 Run a DLL command (add/remove print connections)

SC       Service Control
SCHTASKS Create or Edit Scheduled Tasks
SCLIST   Display NT Services
ScriptIt Control GUI applications
SET      Display, set, or remove environment variables
SETLOCAL Control the visibility of environment variables
SETX     Set environment variables permanently
SHARE    List or edit a file share or print share
SHIFT    Shift the position of replaceable parameters in a batch file
SHORTCUT Create a windows shortcut (.LNK file)
SHOWGRPS List the NT Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SHUTDOWN Shutdown the computer
SLEEP    Wait for x seconds
SOON     Schedule a command to run in the near future
SORT     Sort input
START    Start a separate window to run a specified program or command
SU       Switch User
SUBINACL Edit file and folder Permissions, Ownership and Domain
SUBST    Associate a path with a drive letter
SYSTEMINFO List system configuration

TASKLIST List running applications and services
TIME     Display or set the system time
TIMEOUT  Delay processing of a batch file
TITLE    Set the window title for a CMD.EXE session
TOUCH    Change file timestamps   
TRACERT  Trace route to a remote host
TREE     Graphical display of folder structure
TYPE     Display the contents of a text file

USRSTAT  List domain usernames and last login

VER      Display version information
VERIFY   Verify that files have been saved
VOL      Display a disk label

WHERE    Locate and display files in a directory tree
WHOAMI   Output the current UserName and domain
WINDIFF  Compare the contents of two files or sets of files
WINMSD   Windows system diagnostics
WINMSDP  Windows system diagnostics II
WMIC     WMI Commands

XCACLS   Change file permissions
XCOPY    Copy files and folders

Big Valve Update.

2008-06-10T19:55:00.000-05:00

Updates for Portal, Half-Life 2: Episode 2, Team Fortress 2 and the Steam Client have all been released by Valve. The updates include:

Portal and Half-Life 2: Episode 2

Added a new advanced video option that allows the user to easily change the field of view to any value they wish between 75 degrees and 90 degrees
Updated the particle rendering code and particle data files to make them compatible with the particle editor included in the Source SDK

Team Fortress 2

Changed video options initialization to fix some HUD resolution problems in mods
Fixed crash issuing the last disguise command when not connected to a server
Fixed rare crash on exit
Fixed a couple of issues with gamestats reporting incorrect values
Fixed an exploit that allowed clients to crash servers

Steam Client

Fixed input coordinates being off for the overlay in full screen OpenGL games on the secondary monitor
Fixed possible game overlay crash
Fixed incorrect reporting of app metadata

Restart your Steam Client to grab this set of updates.

My hard disk is broken! WHAT DO I DO?

2008-06-10T19:29:00.005-05:00

Hey.

Ever had a broken hard disk? Bet you did.

Well if you ever happen to have one, just... NEVER go to those hard disk repairing laboratories unless your data is extremely important and your life depends on that data. Those labs are so expensive, your whole computer's value will not even match up to the price they charge you for data recovery.

Ok. Let's start off with the symptoms:

Frequent freezes
Stuck on Windows loading bar forever
Corrupt files
Blue screens (NOTE: the blue screen can be caused by many things, not only by the HDD)
Appear to be repartitioned and unformatted

Don't format your computer just yet. Even if you think all hope is lost for your data, there is still little hope. Try out steps first.

BEFORE YOU DO ANYTHING, take out your hard disk and shake it lightly. If you hear any metal clinging, then it's a good idea to just leave it alone, because it's probably broken and not fixable unless you give it to the hard disk repair laboratories.
Try using a different cable for the hard disk.
Run CHKDSK (short for microsoft checkdisk). It is a very useful tool and can fix your hard disk without having to do anything! Just know that running CHKDSK from the broken hard disk is a bad idea since your computer will probably hang during CHKDSK. The smartest way is either to run CHKDSK from the Windows Install Disk (recovery console) or move your hard disk to a different computer and run CHKDSK there.
Try using a different third-party tool to recover your data. If it doesn't work... then I'm afraid there's not many choices left.
Freeze the hard disk. Make SURE you put the hard disk in a waterproof bag and stick it in your normal freezer. Leave it for an hour and take it out. Let it warm to room temperature. Then put it in the computer and if it works, you just did a miracle. Quickly back up your data.
Nothing's working... now. Try replacing the hard disk controller. This is a really extremely hard task. I'm not sure how to do this because I've never done it, but purchase a hard disk that is exactly the same to the hard disk. Remove the external PCB (the disk controller) on the broken hard disk and replace it with the new hard disk. Go easy with it- there's a high probability of breaking it.

If these steps aren't working, then I suggest you just give up on it unless those files are extremely high priority. It's really hard to recover data from a severely damaged hard disk... also costly as well.

If you happen to have any questions or if you happen to find something fascinating, then send me an email at gamei56@msn.com. I'd love to hear your stories.

Hello, my name is Monkey!

2008-06-10T19:10:00.002-05:00

Hello!

My internet alias is Monkey, and I have been with the computer since I was 3. I have been interested with technology ever since I used Windows 3.1. I had a few Garry's Mod servers before, and Camwi happened to join. We became friends online and we played online with each other. He invited me to contribute on Hacks&tweaks By Camwi. So I accepted the invitation and, well, here I am.

I am part of a few development teams and a few communities. I am a part of the M&W RP development team and the C&C RP development team. M&W RP is a community that I made with a friend named Wolly. You probably figured out already that M&W RP stands for Monkey and Wolly's RP now. C&C RP stands for Command and Conquer Roleplay, and I haven't made this one. C&C RP seems to have interesting ideas before it formed, and I am good friends with the development team before C&CRP was thought of.

I am part of the FPBU community's management team- standing for Facepunch Builder's Union. It is a Garry's Mod Build community that was formed on August 2007. I hosted and did my best to keep a server alive for the community, but unfortunately I gave up on it since I could not afford a proper server for it anymore. Consisting of 253 members, it is probably the biggest build group in Garry's Mod. This is where I met Camwi.

School hasn't ended yet for me- I live in Canada. Cold, dry place. Long winters, long summers, we just skipped Spring. We have no natural disasters here. The worst I've seen when I got here after immigration is a tornado watch. Never hit.

'immigration'

Yes. I was an immigrant in Canada. I am actually from South Korea. Not a very well known country, but I guess you could know it since they almost won the last World Cup, and the current U.N. head is a Korean. But I am now holding a Canadian citizenship and resigned Korean citizenship. This is old news now though.

So! I look forward to post more. But right now, I won't be as active since my computer broke, and I am leaving to Korea very soon.

Thanks for reading, and best regards,

Monkey

New Disturbed Album - Indestructible

2008-06-10T18:45:00.008-05:00

Yes, its out, And its a little more heavy than the Ten Thousand Fists Album, but is Quite good, Includes the Current hit song "Inside The Fire."

You can find the album by PMing me on Myspace.

http://en.wikipedia.org/wiki/Indestructible_(Disturbed_album)

How to save a wet cell phone.

2008-06-06T17:01:00.004-05:00

Ever dropped your cell phone in the sink, or even worse, the toilet? Did you ever leave it in your pocket and run it through the washer? It usually means you have to replace your phone, but sometimes if you're fast, you can save the phone.

Here's How.

Get it out of the water as soon as possible. The plastic covers on cell phones are fairly tight, but water can enter the phone over time. But this time may be quite short - 20 seconds or less. So grab your phone quickly! If you can't get to it in time, your best bet is to remove the battery while it is still under water. Water helps dissipate heat from shorts that can damage the phone, so most damage occurs when the inside of the phone is merely wet and there is a power source.
Remove the battery. This is one of the most important steps. Don't take time to think about it; electricity and water do not mix. Cutting power to your phone is a crucial first step in saving it. Many circuits inside the phone will survive immersion in water provided they are not attached to a power source when wet.
If you have a GSM carrier, remove your SIM card. Some or all of your valuable contacts (along with other data) could be stored on your SIM. To some people this could be more worth saving than the phone itself. SIM cards survive water damage well, but some of the following steps are unnecessary i.e. don't heat it. Just pat it dry and leave it aside until you need to connect your phone to your cellular network. (This step does not apply to CDMA carriers such as Verizon, Alltel, US Cellular,Sprint, etc.)
Dry your phone. Obviously you need to remove as much of the water as soon as possible, so you can save it from getting into the phone. Shake it out without dropping it, then use a towel or paper towel to gently remove as much of the remaining water as possible. Dry the excess moisture by hand.
Remove any covers and external connectors to open up as many gaps, slots, and crevices as possible.
Use a vacuum if possible. Do not use a hair dryer (even on a "cool" mode) to dry out the phone, as this may force moisture further into the small components, deep inside the phone. If moisture is driven deeper inside, corrosion and oxidation may result when minerals from liquids are deposited on the circuitry. Using a hairdryer might be a temporary fix, but this will eventually cause component failure inside the phone. Instead, remove all residual moisture by drawing it away with a vacuum cleaner held over the affected areas for up to 20 minutes in each accessible area. This is the fastest method and can completely dry out your phone and get it working in thirty minutes. Be careful not to hold the vacuum too close to the phone, as a vacuum can create static electricity, which is even worse.
Use a substance with a high affinity for water to help draw out moisture. Leave the phone in a bowl or bag of uncooked rice over night. The rice would absorb any remaining moisture. If available, it is preferable to use desiccant instead. Desiccant will absorb moisture better than rice. It may be found under a brand name such as "Damp Rid" or "Dry Right".
Let the phone sit on absorbent towels, napkin, or other paper. Remember that the goal is to evacuate all the moisture and humidity, not to trap it or add even more. Check every hour for 4 to 6 hours. If moisture is evident, repeat the vacuuming step and desiccant steps.
Test your phone. After you have waited a day or so, make sure everything is clean and dry looking and re-attach the battery to the phone and see if it works. If your phone does not work, try plugging it into its charger without the battery, if this works, you need a new battery. If not, try taking your cell phone to an authorized dealer. Sometimes they can fix it. Don't try to hide the fact that it has been wet. There are internal indicators that prove moisture.

General Tips.

In most cases, if you pulled the battery out in time, cleaning the inside of your phone with cleaning alcohol (alcohol will displace the water) or contact spray will fix your problem. If there is even one drop of water left inside, it can ruin your phone by corroding it and making the wrong contact. If your phone is powering up but still acting strange after you have cleaned it, then you've missed some liquid or the corrosion has already occurred and disassembly and cleaning with a toothbrush and appropriate solvent may fully fix it. For the fainthearted, a skilled technician or engineer can often fix such an issue easily and quickly.
Excessive heat can damage your phone even more! Most phones have warnings about leaving them in your car or exposing them to heat. The main point is to completely dry the phone before applying power.
Use the LOWEST heat setting! or better still don't use heat at all, use a vacuum cleaner to rapidly draw all the residual moisture out, this usually takes about 20 minutes of care and patience turning the phone every few minutes to ensure all holes and outlets get accessed.
If your phone falls in the ocean or other salt water, rinse with fresh water before crystals can form after removing battery.
If your phone has been subjected to salt water crystallizing, gently tap the board and the chips with a plastic object (back of a small screw driver for example). The vibration of the taps will set some of the foreign objects free and they will fall out. Be careful and don't smash the board or the chips. A sharp enough blow will break the chips. Tapping very gently multiple times in multiple locations, especially around the chips, is a preferred method. And follow up with appropriate solvent cleaning afterwards to clean away any oxidation residue.
Try opening your phone if you can. You'll probably need a TORX screwdriver for that, but it's worth it. This may void your warranty, but it is likely the water damage already has.
If you know someone at your local high school's physics department, try putting your wet cell phone in the vacuum chamber at 2 psi for 1 hour. That will dry out parts you can't access as will the tip above regarding a vacuum cleaner if you have no vacuum chamber available.
Try holding a compressed air can STRAIGHT (upside down, sideways, or at an angle will shoot out a freezing liquid) and shoot into the crevices, speaker, mic, and keypad. Any excess water stuck should come out. If the can gets cold and you're not done, let the can sit a while before continuing, as cold air could make excess moisture condense onto parts deeper inside. This process should be followed by the other methods that use a vacuum chamber or vacuum cleaner to more thoroughly remove any deeper residual moisture and humidity as the phone must be totally dry inside to ensure no further failure later on. The contents of many "canned air" products can be poisonous. Follow all recommendations on the can label.
Since your warranty is void anyway, if you have further problems with your phone functions after trying the best methods to dry it out inside as soon as it got wet, then buy (RAZR needs Torx #4, #5, and #6) screwdrivers to open your case, since these are almost always specialized. Pick up a can of Contact Spray (electric contact cleaner)and douse the inside. It dries rapidly. Scrub any residue with a soft-bristle toothbrush. Spray with compressed air, and/or vacuum it out for several minutes to suck out further moisture and then carefully put it back together. Do not leave your phone wet for an extended period of time. Dry it out as soon as possible.
Place the phone in a vacuum chamber and active the chamber. Typically universities and specific industries will have a vacuum chamber available if you happen to know the right person. Water "boils" at room temperature, given enough time, meaning that it evaporates through bubbles even though it isn't heated. This method should be successful when the vacuum is maintained at room temperature for about 30 minutes.

Do not power on the phone. This is important as it will prevent a charge from running from the battery to the phone which may subsequently cause the phone to short.
Don't heat the battery or it could leak or explode. Lithium-ion batteries are sensitive. If you use an oven or hairdryer, make sure to remove the battery first.
If you use alcohol make sure to do so outside, and do not apply heat in any form, not even the gentle heat of a monitor. Do not hook up the battery until the alcohol smell dissipates.
Do not apply too much heat to your phone, as mentioned above. You don't want to melt or burn your phone.
Most modern phones have more than one liquid damage indicator (stickers that change color when wet) on them, only one visible to you (and sales/technician agents), and chances are, if the sticker under the battery is triggered, then the odds are that the internal stickers you can't access are tripped as well. This will still result in you paying a voided-warranty fee in the long run. Warranties don't cover water damage, insurance does. And not all insurance companies or plans will honor water damaged phones.
Even if all these steps are followed, minerals dissolved in the water can precipitate on solder and component pins, causing corrosion or shorting. Components pins are packed so closely together in a modern cell phone that even a small encrustation can create a short, rendering the phone inoperable.
Be warned that manufacturers place stickers that will display "void" once peeled and some will change colors in the presence of a liquid (usually turns blue or red). This helps techs know that you have dropped it in the water, as most cell phone insurance coverage policies don't cover water damage. Also note that these stickers have been known to change colors in extreme humidity as well.
Do not put the phone (or any electronic or metal-containing object) into the microwave. You will destroy electronic components and potentially the microwave.
For the semi-mechanically inclined remove screws and as a minimum crack the case open to allow moisture to escape. Cell phones are normally somewhat water proof so they can be used in the light rain and humid environments. This means that once moisture has entered the phone it is very hard for it to dry out. Getting the phone out of the water and IMMEDIATELY REMOVING THE BATTERY gives you the best chance of success.

Good Luck, and try to not be so clumsy.

Notepad++, Everyone Needs this.

2008-06-04T20:44:00.002-05:00

Notepad++ is a free (free as in "free speech", but also as in "free beer") source code editor and Notepad replacement, which supports several programming languages, running under the MS Windows environment.

Get it here.

The supported languages by Notepad++ are: C, C++, Java, C#, XML, HTML, PHP, Javascript, RC file, makefile, nfo, doxygen, ini file, batch file, ASP, VB/VBS, SQL, Objective-C, CSS, Pascal, Perl, Python, Lua, Unix Shell Script, Fortran, NSIS and Flash action script. Notepad++ main features are: Syntax Highlighting and Syntax Folding, User Language Define System, Regular Expression Search, WYSIWYG (If you have a color printer, print your source code in color), Unicode support, Full drag-and-drop supported, Brace and Indent guideline Highlighting, 2 edits and synchronized view of the same document, User Language Define System.

Lets Talk Passwords, Predator By Request only.

2008-06-04T20:36:00.002-05:00

Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice, because you can actually make usable, easy to remember and highly secure passwords. In fact, usable passwords are often far better than complex ones.

So let's dive into the world of passwords, and look at what makes a password secure in practical terms.

How to hack a password

The work involved in hacking passwords is very simple. There are 5 proven ways to do so:

Asking: Amazingly the most common way to gain access to someone's password is simply to ask for it (often in relation with something else). People often tell their passwords to colleagues, friends and family. Having a complex password policy isn't going to change this.
Guessing: This is the second most common method to access a person's account. It turns out that most people choose a password that is easy to remember, and the easiest ones are those that are related to you as a person. Passwords like: your last name, your wife's name, the name of your cat, the date of birth, your favorite flower etc. are all pretty common. This problem can only be solved by choosing a password with no relation to you as a person.
Brute force attack: Very simple to do. A hacker simply attempts to sign-in using different passwords one at the time. If you password is "sun", he will attempt to sign-in using "aaa, aab, aac, aad ... sul, sum, sun (MATCH)". The only thing that stops a brute force attack is higher complexity and longer passwords (which is why IT people want you to use just that).
Common word attacks: A simple form of brute-force attacks, where the hacker attempt to sign-in using a list of common words. Instead of trying different combination of letters, the hacker tries different words e.g. "sum, summer, summit, sump, sun (MATCH)".
Dictionary attacks: Same concept as common word attacks - the only difference is that the hacker now uses the full dictionary of words (there are about 500,000 words in the English language).
No, I WILL NOT HELP YOU. This is strictly Informational.

When is a password secure?

You cannot protect against "asking" and "guessing", but you can protect yourself from the other forms of attacks. A hacker will usually create an automated script or a program that does the work for him. He isn't going to sit around manually trying 500,000 different words to see if one of them is your password.

The measure of security must then be "how many password requests can the automated program make - e.g. per second". The actual number varies, but most web applications would not be capable of handling more than 100 sign-in requests per second.

This means it takes the following time to hack a simple password like "sun":

Brute-force: 3 minutes
Common Word: 3 minutes
Dictionary: 1 hour 20 minutes

Note: "sun" has 17,576 possible character combinations. 3 letters using the lowercase alphabet = 26³

This is of course a highly insecure password, but how much time is enough for a password to be secure?

a password that can be hacked in 1 minute is far too riksy
10 minutes - still far too risky
1 hour - still not good enough
1 day - now we are getting somewhere. The probability that a person will have a program running just to hack your account for an entire day is very little. Still, it is plausible.
1 month - this is something that only a dedicated attacker would do.
1 year - now we are moving from practical risk to theoretical risk. If you are NASA or CIA then it is unacceptable. For the rest of us, well - you do not have that kind of enemies, nor is your company data that interesting.
10 years - Now we are talking purely theoretical.
A lifetime: 100 years - this is really the limit for most people. Who cares about their password being hacked after they have died? Still it is nice to know that you use a password that is "secure for life"

But let's take a full swing at this. Let's look at "100 year - secure for life". It has good ring to it and it makes us feel safe. There is still the chance that the hacker gets lucky. That he accidently finds the right password after only 15 years instead of 100. It happens.

Let's step that up too and go for the full high-end security level. I want a password that takes 1,000 years to crack- let's call this "secure forever". That ought to be good enough, right?

Making usable and secure passwords

Now that we have covered the basics, let's look at some real examples, and see just how usable we can make a password, while still being "secure forever".

Note: The examples below are based on 100 password request per second. The result is the approach that is the most effective way to hack that specific password - either being by the use of brute-force, common words or dictionary attacks.

First let's look at the common 6 character password - using different methods:

In this example complexity clearly wins. Using a password with mixed case characters, numbers and symbols is far more secure than anything else. Using a simple word as your password is clearly useless.

Does that mean that the IT-departments and security companies is right? Nope, it just means that a 6 character password isn't going to work. None can remember a password like "J4fS<2",>

To make usable passwords we need to look at them differently. First of all what you need is to use words you can remember, something simple and something you can type fast.

Like these:

Using more than one simple word as your password increases you security substantially (from 3 minutes to 2 months). But, by simply using 3 words instead of two, you suddenly got an extremely secure password.

It takes:

1,163,859 years using a brute-force method
2,537 years using a common word attack
39,637,240 years using a dictionary attack

It is 10 times more secure to use "this is fun" as your password, than "J4fS<2".

If you want to be insanely secure; simply choose uncommon words as your password - like:

A usable and secure password is then not a complex one. It is one that you can remember - a simple password using 3+ words.

It is not just about passwords

One thing is to choose a secure and usable password. Another thing is to prevent the hacker from hacking password in the first place. This is a very simple thing to do.

All you need to do is to prevent automatic hacking scripts from working effectively. What you need to do is this:

Add a time-delay between sign-in attempts. Instead of allowing people to sign-in again and again and again. Add a 5 second delay between each attempt.

It is short enough to not be noticeable (it takes longer than 5 seconds to realize that you have tried a wrong password, and to type in a new one). And, it forces the hacker to only be able make sign-in requests 1 every 5 seconds (instead of 100 times per second).
Add a penalty period if a person has typed a wrong password more than - say - 10 times - of something like 1 hour. Again, this seriously disrupts the hacking script from working effectively.

A hacker can hack the password "alpine fun" in only 2 months if he is able to attack your server 100 times per second. But, with the penalty period and the 5 second delay, the same password can suddenly sustain an attack for 1,889 years.

Remember this the next time you are making web applications or discussing password policies. Passwords can be made both highly secure and user-friendly.

"The Predator" - Wireless Beast.

2008-04-24T13:25:00.003-05:00

Picture this: You find yourself sitting in a hotel room that does not offer internet... As you look out the window, you spot that the three hotels & a Starbucks across the street advertising "Free Wireless Internet" -- if only you had known this when you booked! You fire up your wireless card, but the signal just is to weak to keep a consistent connection. What are you going to do?

Enter “The Predator”.

The predator is a modified wireless router connected to a high-powered antenna and running custom firmware to actively seek out open wireless connections. Once they are found, it will test them for internet connectivity and then join and repeat the one with the strongest signal to secured wireless connection that YOU control.

*Note: It is illegal to use a wireless access point that you are not authorized to use.

Materials Needed:

(1) Buffalo WHR-HP-G54
(or other DD-WRT compatible Router with upgradeable SMA Male Reverse antenna)
(1) HyperLink 2.4GHz 14.5 Yagi Antenna with N-Female Connection.
*Note: If you plan on using this antenna ONLY for a “predator” order it with an Reverse Polarity SMA Plug.
(1) Reverse Polarity SMA Male to Male N-type adapter.
*Note: The use of adapters lowers the effective range of the antenna, however I preferred to order my antenna with a standard connector for re-use in the future.
(1) Sears’s Ultra-Cheap camera tripod
Misc screws & Velcro mounting strips

Step 1 : Preparation

Create an “Working Directory” on your Workstation where you can store all required files. Windows users, I would suggest you make c:\predator and OSX/Linux users I would suggest ~/predator.

Windows users in a DOS prompt type:
cd\
mkdir predator

OSX/Linux users in a command terminal type:
cd ~
mkdir predator

Then download the “AutoAP” firmware into this directory. I-Hacked members can download this firmware directly from this link, others will need to download from Sourceforge. Once downloaded you should now have a file:

dd-wrt.V24_AAP-0130-generic.bin

Next, plug in your WHR-HP-G54 and connect your PC to it via a Cat5 network cable. It is important that you are directly connected and do not ever attempt to flash your router via a wireless connection.

If your WHR-HP-G54 is brand-new (or unmodified) its ip address will be 192.168.1.11. Verify that you can ping (or hit the web interface @ http://192.168.11.1) this address before moving to step two.

If your router has been modified it might have a different IP address, and I would suggest restoring it to its factory default settings before moving forward. To reset press the red INIT button on the bottom of the router for 15 seconds. Do not let go of the INIT button until the red DIAG lights up or flashes. The restore process can take up to two minutes.

Step 2 : TFTP Flash upgrading the firmware

On the computer that is directly connected to the router, open two command windows.

In the first command window, ping the router permanently
ping –t 192.168.11.1
(OSX/Linux hosts do not need the -t parameter)

and you should see if it responding, e.g. like this (notice the ttl=64)

64 bytes from 192.168.11.1: icmp_seq=1 ttl=64 time=2.90 ms
64 bytes from 192.168.11.1: icmp_seq=2 ttl=64 time=0.264 ms
64 bytes from 192.168.11.1: icmp_seq=3 ttl=64 time=1.44 ms

Now in the second command window, change directories to where you saved the AutoAP firmware. (cd\predator or cd ~/predator) Type out the following command, but DO NOT HIT ENTER:

tftp -i 192.168.11.1 put dd-wrt.V24_AAP-0130-generic.bin

Now, we need to put the router into tftp update ready mode by rebooting the router. When power is first applied to the router, it enters a debug mode where it will accept tftp upgrades. Pull and re-insert the power, and watch for it to enter the debug mode. In the ping window, you will see the ping response will stop momentarily, and then finally restart like this: (notice the ttl=128)

From 192.168.11.1 icmp_seq=1 Destination Host Unreachable
From 192.168.11.1 icmp_seq=2 Destination Host Unreachable
64 bytes from 192.168.11.1: icmp_seq=3 ttl=128 time=2.90 ms
64 bytes from 192.168.1.11: icmp_seq=4 ttl=128 time=3.50 ms
64 bytes from 192.168.11.1: icmp_seq=5 ttl=128 time=0.90 ms

Once it comes back, check to insure the TTL has changed to 128. If it is responding to your pings with 128 TTLs, the router is ready for the TFTP upgrade. Finally press enter on the command you typed out in the TFTP window. You may have to try it a couple times to get the timing down correctly. If the router does not come back with ttl=128 you may have to reset the device using the reset button.

When the upload is successful WAIT AT LEAST THREE MINUTES. (BE PATIENT! DON’T RESET THE ROUTER!) Seriously, go grab a beer or something -- let it set for awhile, the device needs to install the new custom firmware.

After the three minutes have passed, unplug and replug-in your router. The router will now be running a custom version of DD-WRT with AutoAP installed and responding at the IP address 192.168.1.1 (you may have to renew your ip address first to be in the 192.168.1.x subnet)

Step 3 : Configure the predator

Connect to the web-interface by opening your browser and going to http://192.168.1.1 and login with:

username: root
password: admin

First we need to do a factory reset after the successful flash. Go to Administration / Factory Defaults / Check "Yes" to Restore Factory Defaults and click SAVE. This will reboot the router. (If it doesn't, manually reboot it)

Once the router returns, log in. We now need to enable "Universal Wireless Repeater Mode"

Go to tab "Setup", sub-tab "Basic Setup":

Change Router Name to WPRED (or whatever you want to call it)
Change Host Name to WPRED (or whatever you want to call it)
Change "local IP address" to a unique subnet (different than device you wish to repeat), such as 192.168.69.1.
Click SAVE. This should reboot the router. (if not, reboot it)

Point your browser to the new IP address (http://192.168.69.1) you chose in the previous step. (you may need to change/renew ip address) Login and go to tab "Security", sub-tab "Firewall": Uncheck all check boxes and THEN set Firewall to "disable". Save settings.

Then go to the Wireless Tab and change the Wireless Mode to Repeater. Clear SSID field and hit save.

Next add a Virtual Interface, this will be the Wireless SSID that YOU will connect to. (bridged to the open access points)

Set SSID to: IHPred (your choice)
*Note: The SSID with "predator" in its name seems to make neighbors with kids understandably uncomfortable, I would not suggest doing that.
Check SSID Broadcast (your choice)
AP Isolation - Disabled
Network Configuration (Bridged)

Then click SAVE.

Go to tab "Wireless", subtab "Advanced Settings". Set "Preamble" to "Short" and "Xmit Power" to higher than default (I use 200). Click "Save Settings".

Finally configure and enable the "Predatory" features of your device. Go to tab "Wireless", subtab "AutoAP".

Check "Enable AutoAP"
Log type to your preference (html output) *See note below
Scan Frequency to 60
Max APs to Track to 10
DHCP Renew Timeout to 15
Find Open APs to Enable
Internet Checking to Enable
URL to check to www.google.com
Enable WEP Checking to Enable (if you have WEP encrypted APs you want it to join)

Add any WEP keys you have

Add any BSSID or MAC addresses you do NOT want the AP to associate with
Click SAVE.

Note: When set to 'syslog', AutoAP will send all logdata to syslog. Depending on your log level settings, you will see more or less data. AutoAP has quite a bit of log data it sends, however if your log level is set to high, the router should only send out important autoap notices, like new connections, disconnections, or errors. If set to low, it will show you debug data. When set to 'html', the log data is written to a file available via the web interface at http://RouterIP/user/autoap.htm. This log is kept trimmed to autoap_logsize lines.

Reboot your router. Wait for about 1 minute. At this point the router should be fully configured to be running in "Predator" mode. However before you start assembling it, take a few minutes to verify everything.

In one of your command windows, type:

telnet 192.168.69.1
(or whatever you set the IP address to)

ps | grep autoap

and make sure that you see something similar to the one below (look for /bin/autoap)

f you do not see this, reboot your router and check again. If you still do not see it:

(This step should not be needed)

First make sure that you are typing the command right, copy and paste it. If you STILL do not see it, Log back into the web interface, go the the "Administration" Tab, "Commands" sub-tab. Paste the following command box:

/bin/autoap &

Make sure you hit the "Save Startup" button. (and not the "Save" button) Reboot the router, wait 1 minute and repeat the telnet "verification" step. Once you can verify that autoap is running on startup, you can unplug the router and move to the final step.

The Final Step is quite a big one and I will post it later.

Blog started

2008-04-24T12:50:00.000-05:00

So, after talking to Augs for a while, I have decided to make a blog for hacks, tips and tweaks.

I will try to work on this as much as I can but currently I am waiting for my phone to come from UPS, It should be here Today.

The First hack/mod I will post will probably be the Altoids USB Mod, its easy, but requires a Dremel tool for the slot, a Altoids Tin (I used the tiny one), and a USB Drive. For the Tutorial I will be using a 64 MB One I got free for reserving Command and Conquer 3, But anything is fine, You can get the one in the link for $20 From Walmart in Saginaw.