All post

Sunday, July 26, 2009

Change/Add Restrictions And Features [a further info about registry tweak & hack]

6:00 AM No Comments

If you want to make restrictions to what users can do, you can edit the Registry. You can add and delete Windows features in this key shown below.

Certain things you must know about registry editor:

  1. It's very sensitive. Make sure you change anything inside it if you didn't know about it
  2. Boolean is where elements or "bits" each contain only two possible values, called various names [eg : yes@no, true@false , 1@2]
  3. The Boolean number "0" is for ON
  4. The Boolean number "1" is for OFF
  5. [eg : To make a printer undeleteable set "NoDeletePrinter" boolean to 1. That The value "NoDeletePrinter" will be activated]
Open RegEdit [start > run > "regedit"] and navigate to :

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\

Under "Explorer" subkey, this "DWORD" value can be created :
  1. NoDeletePrinter : Disables Deletion of Printers
  2. NoAddPrinter : Disables Addition of Printers
  3. NoRun : Disables Run Command
  4. NoSetFolders : Removes Folders from Settings on Start Menu
  5. NoSetTaskbar : Removes Taskbar from Settings on Start Menu
  6. NoFind : Removes the Find Command
  7. NoDrives : Hides Drives in My Computers
  8. NoNetHood : Hides the Network Neighborhood
  9. NoDesktop : Hides all icons on the Desktop
  10. NoLogoff : Hides the Log Off in the Start Menu
  11. NoRecentDocsMenu : Hides the Documents shortcut at the Start button
  12. DisableRegistryTools : Disable Registry Editing Tools
  13. NoChangeStartMenu : Disables changes to the Start Menu
  14. NoFileMenu : Hides the Files Menu in Explorer
  15. NoActiveDesktop : No Active Desktop
  16. NoFolderOptions : Hides the Folder Options in the Explorer
  17. ClearRecentDocsOnExit : Empty the recent Docs folder on reboot
  18. NoActiveDesktopChanges : No changes allowed
  19. NoInternetIcon : No Internet Explorer Icon on the Desktop
  20. NoFavoritesMenu : Hides the Favorites menu
  21. NoClose : Disables Shutdown
  22. NoRecentDocsHistory: Clears history of Documents
  23. NoSaveSettings : Don't save settings on exit
  24. NoControlPanel :Hide the control panel visibility
  25. NoCDBurning : Disable Cd burning
Under " System" subkey, this "DWORD" value can be created :
  1. NoDispCPL : Disable Display Control Panel
  2. NoPwdPage : Hide Password Change Page
  3. NoDispScrSavPage : Hide Screen Saver Page
  4. NoDispBackgroundPage : Hide Background Page
  5. NoSecCPL : Disable Password Control Panel
  6. NoDispAppearancePage : Hide Appearance Page
  7. NoDispSettingsPage : Hide Settings Page
  8. NoDevMgrPage : Hide Device Manager Page
  9. NoConfigPage : Hide Hardware Profiles Page
  10. NoVirtMemPage : Hide Virtual Memory Button
  11. NoAdminPage : Hide Remote Administration Page
  12. NoProfilePage : Hide User Profiles Page
  13. NoFileSysPage : Hide File System Button

Alternatively, if you want to create a string or edit it without opening Registry Editor, you can just fire up these string in the "run box" :
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\
Policies\Explorer /v DisableRegistryTools /t REG_DWORD /d 0 /f
This can be more easier for you to add or change the value in the Registry Editor. In a long explanation :
  • REG ADD : adding a registry value
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer : It will navigate through this value
  • /v DisableRegistryTools : It will create a value named "DisableRegistryTool". This can be change to your desired value that you want to create.
  • /t REG_DWORD : And the value created is a "DWORD" value type
  • 0 : The boolean is set to "0" [off]. "1" = [on]
  • /f : The data will be force overwritten without any

Create Your Own Password Protected Folder

5:56 AM 11 Comments

Ever had a situation where you want to keep your file secretly. Avoid others from accessing your private data by your own application! Write the codes by yourself. In today how2.0 tutorial, i'll teach you a simple batch [*.bat] file programming, using only your notepad. This program runs under command prompt "CMD". Maybe it's too advance to learn this before you know about the basic of batch [*.bat] file itself. But nevermind, i'll explain the codes for your understanding. Yeah, lets rock the codes!! Here it is :

Step 1
Firstly, i'll explain about the method used in this batch [*.bat] program.

1st method :
Here, we'll use an unique method to create a folder that seen as "control panel". Magic? Yeah. This unique string : Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D} ,represent as "control panel" folder. So, if you rename any folder using this string, it will become a "control panel" but actually that is your folder. The is many more unique string such as:

  • Internet Explorer.{FBF23B42-E3F0-101B-8488-00AA003E56F8}
  • Recycle Bin.{645FF040-5081-101B-9F08-00AA002F954E}
  • My Computer.{20D04FE0-3AEA-1069-A2D8-08002B30309D}
  • My Documents.{ECF03A32-103D-11d2-854D-006008059367}
  • Fonts.{BD84B380-8CA2-1069-AB1D-08000948F534}
You can change the middle string such as, "MyOwnFolder.{21EC2020-3AEA-1069-A2DD-08002B30309D}". The folder will appear as "control panel" icon, named "MyOwnFolder", but you will also redirected to control panel folder. Thats means, your folder cannot be accessed as usual. The data inside the folder will remain safety.

2nd method :
We'll change the folder attributes to "system files attribute" and "hidden files attribute" by using "attrib" method that i've explain in my last post. [attrib x:/filename +s +h]

Step 2
Copy & Paste these codes into your notepad [start > run > "notepad"]. These codes combine the two method i've mention above to secure your folder.

cls
@ECHO OFF
title Folder Passworder [Beta Test] by zXara
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%== password goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

[explanation]
  1. @ECHO OFF <<- the programs header
  2. title Folder Passworder [Beta Test] by zXara <<- your program title
  3. if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK <<- tell CMD to go to :UNLOCK path it the folder "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" is exist
  4. if NOT EXIST Locker goto MDLOCKER <<- tell the CMD to go to :MDLOCKER path if the folder "Locker" does'nt exist
  5. :CONFIRM <<- Command path
  6. echo Are you sure u want to Lock the folder(Y/N) <<- tell CMD to print out text "Are you sure u want to Lock the folder(Y/N)" on the screen
  7. set/p "cho=>" <<- Choice selection
  8. if %cho%==Y goto LOCK <<- tell CMD to go to :LOCK path if key Y was pressed
  9. if %cho%==y goto LOCK <<- tell CMD to go to :LOCK path if key y was pressed
  10. if %cho%==n goto END <<- tell CMD to go to :LOCK path if key n was pressed
  11. if %cho%==N goto END <<- tell CMD to go to :LOCK path if key N was pressed
  12. echo Invalid choice. <<- tell CMD to print out text "Invalid choice" on the screen
  13. goto CONFIRM <<- tell CMD to go to :CONFIRM path
  14. :LOCK <<- Command path
  15. ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" <<-CMD will rename the "locker" folder to "control panel"
  16. attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" <<- CMD will add "system" & "hidden" file attribute to the folder
  17. echo Folder locked <<- tell CMD to print out text "Folder locked" on the screen
  18. goto End <<- tell the CMD to go to :UNLOCK path
  19. :UNLOCK <<-Command path
  20. echo Enter password to Unlock folder <<- tell CMD to print out text "Enter password to Unlock folder" on the screen
  21. set/p "pass=>" <<- Choice selection
  22. if NOT %pass%== password goto FAIL <<-here it is, if the password is not "password", CMD will move to :FAIL path
  23. attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" <<- CMD will remove "system" & "hidden" file attribute to the folder
  24. ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker <<-CMD will rename the "control panel" folder to "locker"
  25. echo Folder Unlocked successfully <<- tell CMD to print out text "Folder Unlocked successfully " on the screen
  26. goto End< <- tell CMD to go to :END path
  27. :FAIL <<- Command path
  28. echo Invalid password <<- tell CMD to print out text "Invalid password" on the screen
  29. goto END <<- tell the CMD to go to :ENDpath
  30. :MDLOCKER <<- Command path
  31. md Locker <<- CDM will create "locker" folder
  32. echo Locker created successfully <<- tell CMD to print out text "Locker created successfully" on the screen
  33. goto END <<- tell the CMD to go to :END path
  34. :END <<- Command path
What a long explanation is'nt it.. huh.. I also burn my finger typing these post.. Hehe.. but it's my pleasure to share my knowledge with you all. :)
Ok, By simple explanation, you must change the "password" in line 22 to your own password. You can also change the title name in the 2nd line to your own. Hope you can find this tutorial useful, and, good luck coders :)

Step 3
Now you can save your file as anyfileneme.bat . You can put any name that you want as long as you keep the extension as *.bat. Now you can put your secret data inside the "locker" folder.
note that AVG will detect these commands as a HackTool. So, Make sure u make an exception list for this file to AVG. This why I hate AVG so much ~ daa

Monday, July 20, 2009

Attrib command ( Change attributes of a file or folder)

5:10 PM No Comments

Displays, sets, or removes attributes assigned to files or directories. If used without parameters, attrib displays attributes of all files in the current directory.


Syntax

attrib [{+|-}r] [{+|-}a] [{+|-}s] [{+|-}h] [{+|-}i] [:][][] [/s [/d] [/l]]

Parameters

Parameter Description

{+|-}r

Sets (+) or clears (-) the Read-only file attribute.

{+|-}a

Sets (+) or clears (-) the Archive file attribute.

{+|-}s

Sets (+) or clears (-) the System file attribute.

{+|-}h

Sets (+) or clears (-) the Hidden file attribute.

{+|-}i

Sets (+) or clears (-) the Not Content Indexed file attribute.

[:][][]

Specifies the location and name of the directory, file, or group of files for which you want to display or change attributes. You can use the ? and * wildcard characters in the FileName parameter to display or change the attributes for a group of files.

/s

Applies attrib and any command-line options to matching files in the current directory and all of its subdirectories.

/d

Applies attrib and any command-line options to directories.

/l

Applies attrib and any command-line options to the Symbolic Link, rather than the target of the Symbolic Link.

/?

Displays help at the command prompt.

Remarks

  • You can use wildcard characters (? and *) with the FileName parameter to display or change the attributes for a group of files.
  • If a file has the System (s) or Hidden (h) attribute set, you must clear the attribute before you can change any other attributes for that file.
  • The Archive attribute (a) marks files that have changed since the last time they were backed up. Note that the xcopycommand uses archive attributes.

Examples

To display the attributes of a file named News86 that is located in the current directory, type: 

attrib news86

To assign the Read-only attribute to the file named Report.txt, type: 

attrib +r report.txt

To remove the Read-only attribute from files in the Public directory and its subdirectories on a disk in drive B, type: 

attrib -r b:\public\*.* /s

To set the Archive attribute for all files on drive A, and then clear the Archive attribute for files with the .bak extension, type: 

attrib +a a:*.* & attrib -a a:*.bak
3:32 PM No Comments

With (native) Windows NT 4+ commands:

    NET LOCALGROUP Administrators

Or, to remove header and footer lines:


   FOR /F "delims=[]" %%A IN ('NET LOCALGROUP Administrators ˆ| FIND /N "----"') DO SET HeaderLines=%%A
   FOR /F "tokens=*"  %%A IN ('NET LOCALGROUP Administrators') DO SET FooterLine=%%A
   NET LOCALGROUP Administrators | MORE /E +%HeaderLines% | FIND /V "%FooterLine%"

"I need an up-to-date list of disk space usage for all servers, on my desk in 5 minutes"

3:30 PM No Comments

Sounds familiar?

With (native) Windows XP Professional or Windows Server 2003 commands:

    FOR /F %%A IN (servers.txt) DO (
       WMIC /Node:%%A LogicalDisk Where DriveType="3" Get DeviceID,FileSystem,FreeSpace,Size /Format:csv | MORE /E +2 >> SRVSPACE.CSV
   )

The only prerequisites are:

  1. SRVSPACE.CSV should not exist or be empty,
  2. a list of server names in a file named SERVERS.TXT, one server name on each line,
  3. and WMIC.EXE, which is native in Windows XP Professional, Windows Server 2003 and Vista.

The CSV file format is ServerName,DeviceID,FileSystem,FreeSpace,Size (one line for each harddisk partition on each server).

If you have a strict server naming convention, SERVERS.TXT itself can be generated with the NET command:

    FOR /F "delims=\  " %%A IN ('NET VIEW ^| FINDSTR /R /B /C:"\\\\SRV\-"') DO (>>SERVERS.TXT ECHO.%%A)
Notes: (1) assuming server names start with "SRV-"; modify to match your own naming convention.
(2) delims is a backslash, followed by a tab and a space.

Delete a computer account

3:30 PM No Comments

With native Windows 2000 commands:

    NETDOM /DOMAIN:MyDomain MEMBER \\computer2Bdeleted /DELETE

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

List all workstations

3:30 PM 5 Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain WORKSTATION

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

Find the primary domain controller

3:29 PM No Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain PDC

or, to find the FSMO with (native) Windows Server 2003 commands (Active Directory only):

    NETDOM QUERY /D:mydomain.com FSMO

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

List all domain controllers

3:28 PM No Comments

With native Windows 2000 commands:

    NETDOM QUERY /D:MyDomain DC

NETDOM is part of the support tools found in the \SUPPORT directory of the Windows 2000 installation CDROM.

With (native) Windows Server 2003 commands (Active Directory only):

    DSQUERY Server

or, if you prefer host names only (tip by Jim Christian Flatin):

    DSQUERY Server -o rdn

How do I reset someone's password?

3:25 PM No Comments

With the native NET command:

    NET USER loginname newpassword /DOMAIN

With (native) Windows Server 2003 commands:

    DSQUERY USER -samid loginname | DSMOD USER -pwd newpassword
Note: To prevent the new password from being displayed on screen replace it with an asterisk (*); you will then be prompted (twice) to type the new password "blindly".

What groups is this user a member of?

3:23 PM No Comments

In Windows NT 4 and later, users usually are members of global groups. These global groups in turn are members of (domain) local groups. Access permissions are given to (domain) local groups.
To check if a user has access to a resource, we need to check group membership recursively.
With (native) Windows Server 2003 commands:

    DSQUERY USER -samid loginname | DSGET USER -memberof -expand

What is the full name for this login name?

3:23 PM No Comments

With the native NET command:

    NET USER loginname /DOMAIN | FIND /I " name "

With (native) Windows Server 2003 commands:

    DSQUERY USER -samid *loginname* | DSGET USER -samid -display
Note: The NET command may seem more universal, because it requires neither Active Directory nor Windows Server 2003 commands, but it is language dependent!
For non-English Windows you may need to modify FIND's search string.

What is this collegue's login name?

3:22 PM No Comments

My collegues often forget to mention their logon account name when calling the helpdesk, and the helpdesk doesn't always ask either. I suppose they expect me to know all 1500+ accounts by heart.
With (native) Windows Server 2003 commands only:

    DSQUERY USER -name *lastname* | DSGET USER -samid -display
Note: Windows Server 2003's "DSTools" will work fine in Windows 2000 and XP too, when copied.
Keep in mind, however, that some Windows Server 2003 Active Directory functionality is not available in Windows 2000 Active Directories.

Who is logged on to a computer?

3:20 PM No Comments

We often need to know who is currently logged on to a remote computer.
With native Windows commands only:

    NBTSTAT -a remotecomputer | FIND "<03>" | FIND /I /V "remotecomputer"

The first name in the list usually is the logged on user (try playing with the NET NAME command to learn more about the names displayed by NBTSTAT).
This is the fastest way to find the logged on user name, and the results that you do get are correct, but NBTSTAT won't always return a user name, even when a user is logged on.

Using WMIC (Windows XP Professional and later):

    WMIC /Node:remotecomputer ComputerSystem Get UserName

This is arguably the most reliable (native) command to find out who is logged on.

With the help of SysInternals' PSTools:

    PSLOGGEDON -L \\remotecomputer

or:

    PSEXEC \\remotecomputer NET CONFIG WORKSTATION | FIND /I " name "

or:

    PSEXEC \\remotecomputer NET NAME

or:

    PSEXEC \\remotecomputer NETSH DIAG SHOW COMPUTER /V | FIND /i "username"

or:

    FOR /F %%A IN ('REG Query \\remotecomputer\HKU ˆ| FINDSTR /R /B /C:"HKEY_USERS\\S-1-5-[0-9][0-9]-[0-9-]*$"') DO (
       FOR /F "tokens=3 delims=\" %%B IN ('REG Query "\\remotecomputer\%%A\Volatile Environment"') DO (
           SET LoggedinUser=%%B
       )
   )

NETSH and WMIC are for XP or later, and are the most reliable of all commands shown here.
WMIC requires WMI enabled remote computers and Windows XP on the administrator's computer; NETSH requires Windows XP on the remote computers.

PSLOGGEDON is a more accurate solution than NBTSTAT, but it will return the last logged on user if no one is currently logged on.

The NET and NBTSTAT commands show more or less identical results, but the NBTSTAT command is much faster.

The REG command is accurate, but may need to be modified depending on the version used. As displayed here, the code is written for REG.EXE 3.0 (XP).

If you want to search lots of computers for logged on users, I recommend you try NBTSTAT first (fast, but it won't always return the user name!), and only switch to NETSH, REG or WMIC (accurate) if NBTSTAT doesn't return a user name.

Credits: Jiří Janyška (WMIC command) and Matthew W. Helton (NETSH command).

Subscribe to: Posts (Atom)