[Hacking Windows: the completely ethical, legal and cool way : Section 2] -
Hacking Windows: the completely ethical, legal and cool way : Section 2
Discuss Hacking Windows: the completely ethical, legal and cool way : Section 2
Posted by: Starfruit
Hacking Windows: the completely ethical, legal and cool way
Section 2:
Registry Hacking
Well, after the previous article/tutorial you should be rather familiar with the different methods of getting past the rather inexplicably easy to crack password system of the Windows Login function, and be capable of customizing the way programs boot up at the start of logging in.
We have established quite a bit already. Now, you should be pleased to know we will continue to customize (and cause damage probably!) a computer you have permission to do so ;-)
P.S If you are new to this serial of hacking publications, I suggest strongly you read my disclaimer, which can be found in the previous article (section 1). If you fail to comply, you may find that your rights to claim insurance completely voided.
In fact the point of the disclaimer is to inform what it takes to be a REAL hacker. So go away if you wanna learn to damage, destroy and destructively ruin systems. I will not teach you how to do so.
By this stage, if you have been following the articles in order, you should realise what it takes and what it means to be a real hacker.
Sorry, there is a large time gap between this article and the previous. I was caught up in my job, Please feel free to re-read again and again the articles if you need to do so. I don’t expect one reading will allow full absorbing of material here. After all, hacking is an art. And all arts need practice.
Unfortunately, this art also needs research.
Lots of it.
Ok. Moving on…How to hack the registry, continued by the member of the forums , going by name of Starfruit.
Please feel free to contact me if you need help by the way. I will give you details of my public key etc later…
Also, I must stress it is essential to back up all your files, and your registry NOW if you haven’t already.
How do you do that? Erm…really, you ought to know before you can consider yourself even a newbie hacker!
Check out the Control Panel, and use Explorer, plus a CD-RW drive to get round this problem. Basically, work on it yourself. This article is on exploration. Here is your chance buddy… ;-)
I told you we are elusive ppl… :D
Right. How does one get into the registry?
Hmmm…First one must know what the registry is before they can change it.
So, I shall begin with an explanation of the registry:
The registry is a place of indecipherable, supposedly incoherent ‘coding’ as such, based purely on the usage of hexadecimal, binary and decimal number systems to act as ‘instructions’ (like genes) for the specific sets of different ‘layers’ that lie within the registry. Each ‘layer’ as I call it, or properly known as ‘KEYS’, are the different sections that the OS can be divided into (according to Microsoft). The point of this is to provide security by being elusive. It is in fact, not very clever, but simple and completely stupid as because one may not know where to look for important information (passwords, coding, etc), but one can very easily with the right knowledge find the place where these things are hidden.
Access of this strange place begins with a program called ‘REGEDIT.EXE’ sometimes the name varies with each version of Microsoft Windows.
Work on it yourself…you’ll find it if you are developing your hacker skills.
Ok. So how do I open this program?
Simple. Must I say?? :p
Ok…access Run, then type ‘REGEDIT’. Don’t have the quotes on either side please (you’re not that thick are you? ;-) And, by the way, you can actually type any program in here (as long as it falls into the local directory) and access them from here.)
Now, a new window should pop up.
It is the strange world of the registry.
Hmm…here we can what exactly? Well, remember I told you: it is the place where all the coding, instructions are hidden for Windows.
Every conceivable setting, every possible instruction, for colours of text, toolbar; for shape of icons, for passwords –everything, and I mean everything, (well almost), is here.
Notice the right hand side, there is a divider that splits the window. I call it the pane.
The pane is the bridge. It is a bridge between the KEYS and the DWORD Values.
Yup, they are really crap names.
I don’t make this up, trust me :-)
This means that everything a key holds has a corresponding DWORD Value and a DWORD. That is, a set of specific instructions for that one area of the Key.
You see, each key holds several different ‘folders’.
Anyway, opening a folder presents on the left hand side of the panel the different sub-levels of that type of program/setting, and shows up the DWORD on the right. That is, a setting for example of a particular area of a program.
The program that you are playing with depends on the DWORD and KEY open.
Yes it is weird…but logical. Please allow me to show you in detail how to play with these settings.
For example, the KEY ‘HKEY Local Machine’ is a good place to work on your skills.
Click on the cross to being with –next to the yello folder icon. This should expand the directory.
Now, you can see that there are a lot of different folder things to click on.
Look for the ‘Software’ folder. Click it.
Now, choose the Microsoft FOLDER AND THEN THE Windows folder. Now, click the Current Version folder. Notice the right hand side showing the DWORDs available. These are the different settings you can play with…
Now, on the left, open up the Run folder…or anything else that has the nae Run in it or is called by a similar name…
Look on the right side –notice the DWRODS? These are the different programs that are running when you boot up the computer. Whoooo! You can just delete the DWORDS to your liking.
However, some programs you should leave alone. Just get rid of those that are obviously unnecessary –like Babysitter 2.3 , etc…;-) And, notice all the virus and spyware may hide itself in here. Delete these nasty programs from the list. Just right click and select delete. Then press REFRESH button on keyboard. If you don’t know which key on keyboard represents this –um…I don’t understand what you are thinking with being a pro…:-) I’m sure you’ll find out which button it is if you don’t already know…(Hint –TRY F5 button?)
Anyway, delete the program, then hit refresh or restart computer (sometimes this does nothing).
Note: this doesn’t delete the actual program however.
If you can delete them, you can also make them! Therefore, if one wants another program (for some reason…) to boot up when windows does…choose a RUN folder on the left, then on the right, add a new DWORD and as the DWORD C(name it anything you like…oreferably something logical) and type in the directory of the program as the Value of this.
Now, refresh…rememerber that you need to refresh in order for anything to happen and reboot to see this new program boot up. It is a lovely thing –as you can hide programs in the boot up section without them coming up in the start up group…thusy being a little more secretive. (Just a bit u need yto understand).
Now, sometimes you need to change particular setting for a paricular feature/program that lies in windows. Just search for this or browse your way through the different folders available on the right.
If it is a piece of software you want to customize, then look for it in the SOFTWARE section of each key. Ote, not all the strange keys have the software level.
Now, upon finding the software you wnt to edit…you can check out the DWRD values etc or DWORDS by playing around with them –eg click on them and ‘modify ‘ their alues and change the names of the DWORDS, or even, delete them.
But, remember to firstly, back up your great 20000 page essay, and your essential registry files please.
Don’t listen to me and you will find that the lovely dissertation on furry pigs out the window. ;-)
Ok. That’s the registry in a nutshell. Well, sorta. There’s much mpre to it than that.
I’ll give you thew advanced stuff on registry hacking now…with a frew brief really well known ‘tricks’ for hackin the registry.
Great trick number one:
Disabling the Drives of My Computer:
Right. We’ve all been on a computer in the café or school/college, university etc where the drives have all been disabled in some way so that uoi can’t read the drives…or see them.
9 out of 10 times the drives aren’t actu\lly disabled. They’re just ‘hidden’ gfrom you.
Tio hide these drives…it is merely a trick. You can therefore unhide them if you know how to hide them.
Often though the problem is getting to the fdiles that hold the great, mystery known as the registry.
So, disabling the drives?
Go to HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRE
NT VERSION\POLICIESZ\EXPLORER.
Create a new DWORD AND name it NoDrives. Modify the value now to 3FFFFFF (six Fs), but don’t type the stuff in ( ) as the value !
Now, refresh and no dives are sown.
Second really cool trick:
Welcome message everytime you boot up windows:
HKEY_LOCAL _MACHINE\SOFTWARE\MICROSOFT\CURRENT VERSION\WINLOGON
Crazy as it may seem, you can actually make a pop up window appear everytime you load up PC.
Create a STRING on the right hand side of the window.
and giving it the name:
LegalNoticeText. Click on modify and type the sessage you wnt displayed.
Now, create a string that is called LegalNotieCpation (grrr…spell it correctly, unlike me –soz too lazy to retype, to lazy to turn on spell check ;-) I’m doing this very quickly cos I have to…nobody wants me to get massacred by my boss do they?)
Cool trick number 3:
CLSID Folders.
Hmm…You know that sometimes you van get some very annoying icons that are just stuck on the desktop…and you can’t get rid of them?
You know, for example, the Rubbish/Recycle Bin? Threer is actually a way of getting rid of them!
Nope, you can’t just right click and select delete….cos its not there?!?
So, you need to use the registry to do this craxy trick…which will fool many ppl into believing you are an ultimate hacker ;-)
So, what are CLSID folders??
They are Class ID folders, or 16 byte values that identifies a specific point in the registry.
All the special folders, like Control Panel, Recycle Bin, My Computer…etc, have a special CLSID folder with a special code.
Now, there are two things you can do if you use this information.
OneL:
Sox about mistakes, ok? I need to type real fast now!!!
First thing you can do is delete the folders from your desktop. This doesn’t actually delete the folder from the PC though (but it isn’t exactly he most clewver way of doing this).
You delete the folders bu going to…
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURR
ENT VERSION\EXPLORER\DESKTOP\NAMESPACE{XXXXX-XXXXXXX-XXXXXXXX-XXX}
In plave of the xxxxxxxxxx (im not kissin you stupid!), you select the corresponding CLDID value.
Some commonly used icons..if I can type this fast enough are:
Control Pnael –{21ec2020-3aea-1069-a2dd-08002b30309D} it is all in caps tho, sorry. :p Bear with me please…I’m mputting my job on the line for you guys!
Threare some more commonly used files…erm, but one, I dnt know them off by heart, and two, I think you’ll be bale to find these files when you get better at hacking. Forexample, the internet is a good place to start for looking gor these CLSID things…
However, the better way of removing the icons from desktop is to dso it this way…
Go to:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE}SHELL FOLDER
Here, you will find that there is a DWORD value with name Attributes.
Modifyt it.
To dd the ability to rename, add :
50 01M 00 20 INSTRED of what the original value is and that M you see it isn’t actaullyu something you add in to the valu of the DWORD.
Right…lets start again. Ignore what you just read…I cant even delete stuff ive typed cos this is soooo dangerous :p
Ok…starting again…
Modify the DWORD with the value/name Attributes.
Now, change the value to either:
50 01 00 20 to add the RENAME feature to this icon…
or…
change the value to 60 01 00 20 to add the DELETE featrure to this icon…
or…
what do you think you need to change it to in oder to make iut surely both able to rename and delete?
Yup. You got it. Do that then.
Please remember to back up and to press refresh when you think its ready.
Right…that; im adfraid is ost of the registry stuff deon.
But, I must mention on leaving what you may have to do to view the registry proppoerly. Us, as hacklers don’t like to be confined to one method of changing stuff.
There is a better way of changing the registry, well sorta.
What you do is ‘export’ the registry fiel you need to play with by using the EXPORT feature of regedit.
Now, save the file as anythi you like …remember you have a .REG extenson at the end though.
Now, open the file (but in Notepad), don’t double click it or the file will automatically die and hide itself into the registry. And if that file is a dangerous, incriminating registry file…you’re in trouble!
So, open it in notepad.
Now, you see wombles wander across the scresen …not really.
What you do actually see is a strange test file (well reg d file actually) displaying the key and the version of registry ad the dwrods etc…in full view.
Edit them hre to your desire. Now save. Then double click the file. Sorted. That’s the registry in a very brief nutshell…
I will elaborate ore ways of editing software in the next installmeant –using DOS to hack Explorer…so cool that its better than the registry (I think).
Cya later peeps. And soz for all the typos. Plesae freely change the typing errors youself lol.
I will retype this, properly sometime,.
Yeah I better do that.
Now, my boss is gonna chase me outta this place…so goodbye, and happy hacking.
Posted by: winblowz
hmm... learned some interesting things about the registry. thanks
Posted by: winblowz
great article. nice to see someone thats knows what they are doing in windows :) lol
Posted by: bla!!
Rgr that, there's quite a bit more you can do in the registery. I'm one of those evil University system admins that gets to turn off the drives for everyone.
We do a double regedit to remove the drives. First we do the one above to hide the drives, then we also add another key which disables the mount process so you can't add another drive to the system (like a Flash stick or network drive).
Muahaha. I don't have the actual regedit at the moment, but it acts the same way. Using a hexadecimal value to identify the specific drives letters you want to be mountable.
Posted by: VICone
Nice article.
Posted by: sippin codeine
[url]http://www.winguides.com/registry/[/url]
Posted by: gamerunknown
Wow what I wanted was to know is if people traced hackers for fun like me but this is gold do you live in the isle of man or white?
Posted by: gamerunknown
Sorry Im half doing this to get my rating up but my tracer window has 35 files and my pc is running normally.
Posted by: gamerunknown
My pc just pulled off a 2 way triangle track if I can do it why cant the U.S government ? I dont live there and I legally swear to pledge allegiance to George Bush and his weapon sorry oil selling program Sorry Bush but see the world is not enough the beginning.
Posted by: DJ-CHRIS
Pff i wish i had another monitor for doing this registery stuff
But my laptop does support dual monitors, but i dont have one in my room :/
Posted by: Demalii
"The registry is a place of indecipherable, supposedly incoherent ‘coding’ as such, "
The registry is quite decipherable... and very easy to work with once you know what you're doing.
Posted by: Sevoma
Nice guide. Thanks for the info. Winguides is a very good site. With the way they set it up, you don't need their software, its all there in categories too.
Posted by: Justin11
How do i find your first tutorial i cant seem to find it starfruit
Posted by: big_B
Excellent article, but I have a little problem with second trick. The path in my registry doesn't exsist (HKEY_LOCAL _MACHINE\SOFTWARE\MICROSOFT\CURRENT VERSION\WINLOGON ). I have Curent Version in Windows folder ( not in Microsoft ). Still I can't find Winlogon folder……. Where is it ?
I have XP pro if it helps, but I don't think it is about windows……
Posted by: Blitze105
i dont think he has been on in a loooong time for all you askin him stuff.... and if u read his other articles he mentions how a post of his was deleted so... i believe.. it was the first post......
hope that helps..
(come back to us lol)
Posted by: Greg
Dang, I wanted to read that first post.
Posted by: amit jain
cant there be some more