Coming Soon........

PLease wait a few time to relese this appliaction


Ryuk v3

This i wantshare to you application for flood



CCP mig33

this i will share again to you application for change password and cek IDR for 40 ID




Fast Crack Pass v1.0.5

Hallo all

this i will share my software to crack password in mig33

pv andra_craid to get serial number



AK-77 Auto Death v1.5 FINAL UPDATE

this i want share to you my own application for kicker in mig33

please try it

pv andra_craid for get password



Bit Torrent Tutorials

The first things you need to know about using Bit Torrent:

-- Bit Torrent is aimed at broadband users (or any connection better than dialup).

-- Sharing is highly appreciated, and sharing is what keeps bit torrent alive.

-- A bit torrent file (*.torrent) contains information about the piece structure of the download (more on this later)

-- The method of downloading is not your conventional type of download. Since downloads do not come in as one

big chunk, you are able to download from many people at once, increasing your download speeds. There may be

100 "pieces" to a file, or 20,000+ pieces, all depending on what you're downloading. Pieces are usually small (under 200kb)

-- The speeds are based upon people sharing as they download, and seeders. Seeders are people who constantly

share in order to keep torrents alive. Usually seeders are on fast connections (10mb or higher).

In this tutorial, I will be describing it all using a bit torrent client called Azureus. This client is used to decode the .torrent files into a useable format to download from other peers. From here on out, I will refer to Bit Torrent as BT.

Which BT client you use, is purely up to you. I have tried them all, and my personal favorite is Azureus for many reasons. A big problem with most BT clients out there, is that they are extremely CPU intensive, usually using 100% of your cpu power during the whole process. This is the number one reason I use Azureus. Another, is a recently released plug-in that enables you to browse all current files listed on suprnova.org (the #1 source for torrent downloads).

Before you use the plug-in, take a look at /http://www.suprnova.org, and browse the files. Hold your mouse over the links, and you'll notice every file ends in .torrent. This is the BT file extension. Usually, .torrent files are very small, under 200kb. They contain a wealth of information about the file you want to download. A .torrent file can contain just 1 single file, or a a directory full of files and more directories. But regardless, every download is split up into hundreds or thousands of pieces. The pieces make it much easier to download at higher speeds. Back to suprnova.org. Look at the columns:

Added | Name | Filesize | Seeds | DLs (and a few more which aren't very useful.)

I'll break this down.

Added: Self explanitory, its the date the torrent was added.

Name: Also self explanitory.

Filesize: Duh

Seeds: This is how many people are strictly UPLOADING, or sharing. These people are the ones that keep .torrent files alive. By "alive", I mean, if there's no one sharing the .torrent file, no one can download.

DLs: This is how many people currently downloading that particular torrent. They also help keep the torrent alive as they share while they download.

It's always best to download using a torrent that has a decent amount of seeders and downloaders, this way you can be assured there's a good chance your download will finish. The more the better.

Now that you should understand how torrent files work, and how to use them, on to Azureus!

First, get JAVA! You need this to run Azureus, as java is what powers it. Get Java here: /http://java.sun.com/j2se/1.4.2/download.html

Next, get Azureus at: /http://azureus.sourceforge.net

Next, get the Suprnovalister plugin from /http://s93732957.onlinehome.us/storage/suprnovalister.jar

Install Java JRE before you do ANYTHING.

Install Azureus, and then in the installation folder, create 2 more folders. ./Plugins/suprnovalister (For example, if you installed Azureus to C:\PROGRAM FILES\AZUREUS, create C:\PROGRAM FILES\AZUREUS\PLUGINS\SUPRNOVALISTER). Next, put the suprnovalister.jar file that you downloaded, in that folder.

Load up Azureus, and if you want, go through the settings and personalize it.

The tab labeled "My Torrents" is the section of Azureus you need the most often. That lists all your transfers, uploads and downloads. It shows every bit of information you could possibly want to know about torrents you download.

In the menu bar, go to View > Plugins > Suprnova Lister. This will open up a new tab in Azureus. Click on "Update Mirror". This will get a mirror site of suprnova.org containing all current torrent files available. Once a mirror is grabbed, choose a category from the drop-down box to the left and click "Update". Wah-lah, all the available downloads appear in the main chart above. Just double click a download you want, and bang its starting to download. Open the "My Torrents" tab again to view and make sure your download started.

After your download has finished, be nice, and leave the torrent transferring. So people can get pieces of the file from you, just as you got pieces from other people.

Alternatively, if you don't want to use the plugin... you can just head to suprnova.org and download files to any folder. Then go to File > Open > .torrent File in Azureus.

This should about wrap it up for the Bit Torrent Tutorial. If you guys think of anything I should add, or whatnot, just let me know and I'll check into it.


Translating Binary To Text

A Tutorial for those willing to Learn


1. Introduction

2. The Binary System

3. Converting Binary to ASCII (Text)


We’ve all seen binary code. We’ve come to think of them as a bunch of ones and zeroes in long strings…


But these ones and zeroes can also represent decimal numbers. First off, I will show you how to read these numbers as the decimal numbers we’re used to in our daily life. Then, I will show you how to use those numbers and your keypad to translate them into text. Note that your computer doesn’t use the decimal system, so technically, when it converts binary to text, it doesn’t go through the process I will show you. This is just a divertive way of explaining you how the binary system works.

The Binary System:

Here’s a simple example of binary:


Let’s think of the example above as empty slots:

_ _ _ _ _

First off, you read binary from right-to-left. It’s just the way it’s designed. The first slot from the right represents a value of one, the second from the right a value of two, the third from the right a value of four, the fourth from the right a value of eight, the fifth from the right a value of sixteen, and the cycle continues by multiples of 2. This will never change.

By putting a 1 or a 0 in those slots you are either saying you want to corresponding value that’s attached to that slot or you don’t. A 1 means yes, and a 0 means no. For example, putting a zero in the first slot from the right, but a 1 in the second slot from the right means you want a two, but not a one:

_ _ _ 1 0

As such, the number above equals to a decimal value of two.

As an example, let’s say you want to represent eight in binary form. Well, thinking about the slots, you want the first slot to be 0 because you don’t want a one, you want the second slot to also be 0 because you don’t want a two, you want the third slot to also to be 0 because you don’t want a four, but you want the fifth slot to be 1 because you want a value of eight. As such, eight in binary form is:

1 0 0 0 (or simply 1000 without those underlines)

Now it is important to note that the amount of zeroes that precede the first value of one from the left is unimportant. So for example:

1 0 0 0 is the same as 0 0 0 1 0 0 0 (1000 = 000100)

To get it cleared up, here’s another example:

0 1 is the same as 1

Exercises: What do the following equal in decimal terms?

a) 100

b] 000100

c) 100000

d) 0010


a) 4

b] 4

c) 32

d) 2

If you got the answers above right, then you pretty much understand the basics of binary.

Let’s now understand how to get the corresponding decimal values to the numbers which are not multiples of 2.

To get the total value of a binary number, add the values corresponding to each slot. So, for example, three in binary would be:


The above corresponds to three because if you add the total values of all the slots, that is to say a one from the slot to the right, and a two from the second slot to the right, then it equals three.

As another example, let’s say you want to represent 5 in binary terms. Then you would need a value of one to be added to a value of four, and you would not want a value of two:

101 [Reading from the right: 1(one) + 0(two) + 1(four) = five]

Here’s an additional example:

001011 [Reading from the right: 1(one) + 1(two) + 0(four) + 1(eight) + 0(sixteen) + 0(thirty-two) = eleven)

Exercises: What do the following equal in decimal terms?

a) 11011

b] 110

c) 010101

d) 10110


a) 27

b] 6

c) 21

d) 22

If you got the above questions correct [without cheating], then you essentially understand the binary system. Understanding the binary system was the hard part. What follows is pretty easy.

3. Converting Binary to ASCII (Text)

ASCII is essentially the letters, numbers and symbols that are stored in our computers through the use of fonts. When the keyboard relays the buttons you pressed, it sends in a code which is then converted to the ASCII equivalent of “k” or “5” or whatever key you pressed.

Here’s an example of a message “hidden” in binary text:


Now there are only so many letters, numbers and symbols stored for ASCII. Having sets of 8 digits for their binary equivalent is more than enough to represent all of these letters and the like. As such, all strings that represent text like in the above are separated into bits of 8 for simplicity:

01001000 01100101 01101100 01101100 01101111

Okay, so our example message was separated into 8 digit strings. The decimal value for each of these strings in the example was calculated for you.

01001000 = 72

01100101 = 101

01101100 = 108

01101100 = 108

01101111 = 111

The result was 72,101,108,108,111. Now, there is something called the ASCII table. It essentially corresponds to the binary numbers from yore to the equivalent letters/symbols/numbers. But since we found the decimal values of these binary strings, we can use a major shortcut.

By pressing ALT + [The Number], you will get the ASCII equivalent of that number. For example, by pressing the ALT key and at then (while keeping it down) the numbers 72 in any text editor, you will get the corresponding “H” to show up.

Let’s do so for the entire example message:

72 = H

101 = e

108 = l

108 = l

111 = o

So the entire “hidden” message translates to “Hello”.

Exercise: Decode the following message


101001011011110110111001110011 00100001

Hint: The first step on your way to decoding the message (separated into bytes for you)

01000011 01101111 01101110 01100111 01110010 01100001 01110100 01110101 01101100 01100001 01110100 01101001 01101111 01101110 01110011 00100001

PS. Please note that this is the information as I've come to understand it. As such, it's somewhat easier to understand, but it may not necessarily be accurate. In other words, if another source contradicts what has been indicated here, that source is probably right. This text was completely written up by me, with no other sources for aid. If you wish to distribute this text, feel free to do so, but I would appreciate it if you contacted me first.


Trojan Port

this i want share trojan port :

TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250

TCP 28 Amanda.200

TCP 31 MastersParadise.920

TCP 68 Subseven.100

TCP 142 NetTaxi.180

TCP 146 Infector.141, Intruder.100, Intruder.100

TCP 171 ATrojan.200

TCP 285 WCTrojan.100

TCP 286 WCTrojan.100

TCP 334 Backage.310

TCP 370 NeuroticKat.120, NeuroticKat.130

TCP 413 Coma.109

TCP 420 Breach.450

TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100

TCP 623 Rtb666.160

TCP 660 Zaratustra.100

TCP 661 Noknok.800, Noknok.820

TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110

TCP 667 SniperNet.210, Snipernet.220

TCP 668 Unicorn.101, Unicorn.110

TCP 680 Rtb666.160

TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332

TCP 785 NetworkTerrorist.100

TCP 800 NeuroticKitten.010

TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130

TCP 901 NetDevil.130, NetDevil.140

TCP 1000 DerSpaeher.200

TCP 1001 Silencer.100

TCP 1008 AutoSpy.100

TCP 1010 DerSpaeher.200

TCP 1015 Doly.150

TCP 1111 TPort.100

TCP 1130 Noknok.800, Noknok.820

TCP 1207 SoftWAR.100

TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200

TCP 1245 VoodooDoll.006

TCP 1269 Matrix.130

TCP 1480 RemoteHack.130

TCP 1568 RemoteHack.100, RemoteHack.110

TCP 1600 DirectConnection.100

TCP 1601 DirectConnection.100

TCP 1602 DirectConnection.100

TCP 1634 NetCrack.100

TCP 1784 Snid.120, Snid.212

TCP 1999 TransmissionScout.100, TransmissionScout.110

TCP 2000 ATrojan.200, InsaneNetwork.400

TCP 2001 DIRT.220, TrojanCow.100

TCP 2003 TransmissionScout.100, TransmissionScout.110

TCP 2023 RipperPro.100

TCP 2040 InfernoUploader.100

TCP 2115 Bugs.100

TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310

TCP 2332 SilentSpy.202

TCP 2589 Dagger.140

TCP 2600 DigitalRootbeer.100

TCP 2989 Rat.200

TCP 3128 MastersParadise.970

TCP 3129 MastersParadise.920, MastersParadise.970

TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110

TCP 3215 BlackStar.100, Ghost.230

TCP 3333 Daodan.123

TCP 3410 OptixPro.100, OptixPro.110

TCP 3456 Force.155, TerrorTrojan.100

TCP 3505 AutoSpy.130, AutoSpy.140

TCP 3586 Snid.120, Snid.212

TCP 3700 PortalOfDoom.100

TCP 3723 Mantis.100

TCP 3800 Eclypse.100

TCP 3996 RemoteAnything.364

TCP 4000 SkyDance.220, SkyDance.229

TCP 4201 Wartrojan.160, Wartrojan.200

TCP 4225 SilentSpy.202

TCP 4321 Bobo.100

TCP 4444 AlexTrojan.200, Crackdown.100

TCP 4488 EventHorizon.100

TCP 4523 Celine.100

TCP 4545 InternalRevise.100, RemoteRevise.150

TCP 4567 FileNail.100

TCP 4666 Mneah.100

TCP 4950 ICQTrojan.100

TCP 5005 Aladino.060

TCP 5025 Keylogger.WMRemote.100

TCP 5031 NetMetro.104

TCP 5032 NetMetro.104

TCP 5033 NetMetro.104

TCP 5050 RoxRat.100

TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040

TCP 5190 MBomber.100

TCP 5277 WinShell.400

TCP 5343 WCRat.100

TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300

TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100

TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100

TCP 5534 TheFlu.100

TCP 5550 XTCP.200, XTCP.201

TCP 5555 Noxcape.100, Noxcape.200

TCP 5695 Assassin.100

TCP 5714 WinCrash.100

TCP 5741 WinCrash.100

TCP 5742 WinCrash.103

TCP 5802 Y3KRat.160

TCP 5810 Y3KRat.160

TCP 5838 Y3KRat.170

TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5880 Y3KRat.140

TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5883 Y3KRat.110, Y3KRat.140

TCP 5884 Y3KRat.140, Y3KRat.150

TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5886 Y3KRat.120, Y3KRat.140

TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5890 Y3KRat.140

TCP 6400 Thething.100, Thething.150

TCP 6556 AutoSpy.120, AutoSpy.122

TCP 6655 Aqua.020

TCP 6660 LameSpy.095

TCP 6666 LameRemote.100, ProjectMayhem.100

TCP 6669 Vampire.100

TCP 6670 DeepThroat.200, DeepThroat.210

TCP 6671 DeepThroat.310

TCP 6699 HostControl.101

TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190

TCP 6712 Subseven.100

TCP 6713 Subseven.100

TCP 6767 NTRC.120

TCP 6776 SubSeven.180, SubSeven.190, Subseven.200

TCP 6789 Doly.200

TCP 6796 SubSeven.214

TCP 6912 ShitHeep.100

TCP 6939 Indoctrination.100

TCP 6953 Lithium.100

TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120

TCP 6970 Danton.330

TCP 7001 Freak88.100

TCP 7119 Massaker.100

TCP 7200 Massaker.110

TCP 7300 Coced.221

TCP 7301 Coced.221

TCP 7306 NetSpy.200, NetSpy.200

TCP 7410 Phoenix.190, Phoenix.200

TCP 7511 Genue.100

TCP 7609 Snid.120, Snid.212

TCP 7614 Wollf.130

TCP 7648 BlackStar.100, Ghost.230

TCP 7788 Last.2000, Matrix.200

TCP 7826 MiniOblivion.010, Oblivion.010

TCP 7887 SmallFun.110

TCP 7891 Revenger.100

TCP 7979 VagrNocker.200

TCP 7997 VagrNocker.200

TCP 8000 XConsole.100

TCP 8011 Way.240

TCP 8012 Ptakks.215, Ptakks.217

TCP 8110 LoseLove.100

TCP 8111 LoseLove.100

TCP 8301 LoseLove.100

TCP 8302 LoseLove.100

TCP 8372 NetBoy.100

TCP 8720 Connection.130

TCP 8734 AutoSpy.110

TCP 8811 Force.155

TCP 8899 Last.2000

TCP 9000 Aristotles.100

TCP 9301 LoseLove.100

TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170

TCP 9401 InCommand.100, InCommand.110, InCommand.170

TCP 9402 InCommand.100, InCommand.110

TCP 9561 CRatPro.110

TCP 9563 CRatPro.110

TCP 9580 TheefLE.100

TCP 9696 Danton.210, Ghost.230

TCP 9697 Danton.320, Danton.330, Ghost.230

TCP 9870 R3C.100

TCP 9872 PortalOfDoom.100

TCP 9873 PortalOfDoom.100

TCP 9874 PortalOfDoom.100

TCP 9875 PortalOfDoom.100

TCP 9876 Rux.100, SheepGoat.100

TCP 9877 SmallBigBrother.020

TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120

TCP 9879 SmallBigBrother.020

TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300

TCP 10001 DTr.130, DTr.140

TCP 10013 Amanda.200

TCP 10067 PortalOfDoom.100

TCP 10100 Gift.240

TCP 10101 NewSilencer.100

TCP 10167 PortalOfDoom.100

TCP 10528 HostControl.100, HostControl.260

TCP 10607 Coma.109

TCP 10666 Ambush.100

TCP 11011 Amanda.200

TCP 11050 HostControl.101

TCP 11051 HostControl.100, HostControl.260

TCP 11223 AntiNuke.100, Progenic.100, Progenic.110

TCP 11225 Cyn.100, Cyn.103, Cyn.120

TCP 11306 Noknok.800, Noknok.820

TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400

TCP 11991 PitfallSurprise.100

TCP 12043 Frenzy.2000

TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400

TCP 12346 Netbus.160, Netbus.170

TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317

TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402

TCP 12389 KheSanh.210

TCP 12478 Bionet.210

TCP 12623 Buttman.090, Buttman.100

TCP 12624 Buttman.090, Buttman.100

TCP 12625 Buttman.100

TCP 12904 Akropolis.100, Rocks.100

TCP 13473 Chupacabra.100

TCP 13753 AFTP.010

TCP 14100 Eurosol.100

TCP 14194 CyberSpy.840

TCP 14286 HellDriver.100

TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14501 PCInvader.060, PCInvader.070

TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14504 PCInvader.050, PCInvader.060

TCP 15092 HostControl.100, HostControl.260

TCP 15382 SubZero.100

TCP 15432 Cyn.210

TCP 15555 ICMIBC.100

TCP 16322 LastDoor.100

TCP 16484 MoSucker.110

TCP 16661 Dfch.010

TCP 16969 Progenic.100

TCP 16982 AcidShiver.100

TCP 17300 Kuang.200

TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521

TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521

TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100

TCP 17593 AudioDoor.120

TCP 19191 BlueFire.035, BlueFire.041

TCP 19604 Metal.270

TCP 19605 Metal.270

TCP 19991 Dfch.010

TCP 20000 Millenium.100

TCP 20001 Millenium.100, PshychoFiles.180

TCP 20002 AcidKor.100, PshychoFiles.180

TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220

TCP 21212 Schwindler.182

TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135

TCP 21579 Breach.2001

TCP 21584 Breach.2001

TCP 21684 Intruse.134

TCP 22068 AcidShiver.110

TCP 22115 Cyn.120

TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600

TCP 22223 Rux.400, Rux.500, Rux.600

TCP 22456 Bla.200, Bla.503

TCP 22457 AcidShiver.120, Bla.200, Bla.503

TCP 22784 Intruzzo.110

TCP 22845 Breach.450

TCP 22847 Breach.450

TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100

TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100

TCP 23032 Amanda.200

TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110

TCP 23456 EvilFTP.100, VagrNocker.400

TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155

TCP 23477 DonaldDick.153

TCP 24000 Infector.170

TCP 24307 Wildek.020

TCP 25386 MoonPie.220

TCP 25486 MoonPie.220

TCP 25555 FreddyK.100, FreddyK.200

TCP 25556 FreddyK.100

TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400

TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400

TCP 25982 MoonPie.135, MoonPie.200

TCP 26274 Delta.050

TCP 27160 MoonPie.135, MoonPie.200

TCP 27184 Alvgus.100, Alvgus.800

TCP 27374 Muerte.110, Subseven.210, SubSeven.213

TCP 28429 Hack'a'Tack.2000

TCP 28430 Hack'a'Tack.2000

TCP 28431 Hack'a'Tack.2000

TCP 28432 Hack'a'Tack.2000

TCP 28433 Hack'a'Tack.2000

TCP 28434 Hack'a'Tack.2000

TCP 28435 Hack'a'Tack.2000

TCP 28436 Hack'a'Tack.2000

TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400

TCP 29891 Unexplained.100

TCP 30000 Infector.170

TCP 30001 Error32.100

TCP 30003 LamersDeath.100

TCP 30029 AOLTrojan.110

TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30103 NetSphere.131

TCP 30947 Intruse.134

TCP 31320 LittleWitch.400, LittleWitch.420

TCP 31337 BackOrifice.120, Khaled.100, OPC.200

TCP 31415 Lithium.101

TCP 31416 Lithium.100, Lithium.101

TCP 31557 Xanadu.110

TCP 31631 CleptoManicos.100

TCP 31745 Buschtrommel.100, Buschtrommel.122

TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31887 BDDT.100

TCP 31889 BDDT.100

TCP 32100 ProjectNext.053

TCP 32418 AcidBattery.100

TCP 32791 Akropolis.100, Rocks.100

TCP 33291 RemoteHak.001

TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214

TCP 33577 SonOfPsychward.020

TCP 34324 TelnetServer.100

TCP 34763 Infector.180, Infector.190, Infector.200

TCP 35000 Infector.190, Infector.200

TCP 35600 Subsari.140

TCP 36794 BugBear.100

TCP 37237 Mantis.020

TCP 37651 YAT.210

TCP 37653 YAT.310

TCP 40308 Subsari.140

TCP 40412 TheSpy.100

TCP 40421 MastersParadise.970

TCP 40422 MastersParadise.970

TCP 40999 DiemsMutter.110, DiemsMutter.140

TCP 41626 Shah.100

TCP 44444 Prosiak.070

TCP 45673 Akropolis.100, Rocks.100

TCP 47262 Delta.050

TCP 48006 Fragglerock.200

TCP 49683 HolzPferd.210

TCP 50000 Infector.180

TCP 50130 Enterprise.100

TCP 50766 Fore.100

TCP 51234 Cyn.210

TCP 51966 Cafeini.080, Cafeini.110

TCP 54321 PCInvader.010

TCP 57341 NetRaider.100

TCP 57922 Bionet.084

TCP 58008 Tron.100

TCP 58009 Tron.100

TCP 59090 AcidReign.200

TCP 59211 DuckToy.100, DuckToy.101

TCP 59345 NewFuture.100

TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101

TCP 60411 Connection.100, Connection.130

TCP 60412 Connection.130

TCP 60552 RoxRat.100

TCP 63536 InsaneNetwork.500

TCP 63878 AphexFTP.100

TCP 63879 AphexFTP.100

TCP 64969 Lithium.100

TCP 65000 Socket.100

UDP 1 SocketsDeTroie.250

UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820

UDP 1130 Noknok.800, Noknok.820

UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310

UDP 2989 Rat.200

UDP 3128 MastersParadise.970

UDP 3129 MastersParadise.920, MastersParadise.970

UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110

UDP 3333 Daodan.123

UDP 3800 Eclypse.100

UDP 3996 RemoteAnything.364

UDP 4000 RemoteAnything.364

UDP 5555 Daodan.123

UDP 5881 Y3KRat.110, Y3KRat.140

UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

UDP 5883 Y3KRat.110, Y3KRat.140

UDP 5884 Y3KRat.140, Y3KRat.150

UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140

UDP 5886 Y3KRat.120, Y3KRat.140

UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140

UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150

UDP 6953 Lithium.100

UDP 8012 Ptakks.217

UDP 10067 PortalOfDoom.100

UDP 10167 PortalOfDoom.100

UDP 10666 Ambush.100

UDP 11225 Cyn.100, Cyn.103, Cyn.120

UDP 11306 Noknok.800, Noknok.820

UDP 12389 KheSanh.210

UDP 12623 Buttman.090, Buttman.100

UDP 12625 Buttman.100

UDP 14100 Eurosol.100

UDP 23476 DonaldDick.155

UDP 26274 Delta.050

UDP 27184 Alvgus.100

UDP 28431 Hack'a'Tack.2000

UDP 28432 Hack'a'Tack.2000

UDP 28433 Hack'a'Tack.2000

UDP 28434 Hack'a'Tack.2000

UDP 28435 Hack'a'Tack.2000

UDP 28436 Hack'a'Tack.2000

UDP 29891 Unexplained.100

UDP 30103 NetSphere.131

UDP 31320 LittleWitch.400, LittleWitch.420

UDP 31337 BackOrifice.120, OPC.200

UDP 31416 Lithium.100, Lithium.101

UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112

UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112

UDP 33333 Blackharaz.100

UDP 47262 Delta.050

UDP 49683 HolzPferd.210

UDP 60000 MiniBacklash.100


To run any of these apps go to Start > Run and type the executable name (ie charmap).



1) Character Map = charmap.exe (very useful for finding unusual characters)

2) Disk Cleanup = cleanmgr.exe

3) Clipboard Viewer = clipbrd.exe (views contents of Windows clipboard)

4) Dr Watson = drwtsn32.exe (Troubleshooting tool)

5) DirectX diagnosis = dxdiag.exe (Diagnose & test DirectX, video & sound cards)

6) Private character editor = eudcedit.exe (allows creation or modification of characters)

7) IExpress Wizard = iexpress.exe (Create self-extracting / self-installing package)

8) Microsoft Synchronization Manager = mobsync.exe (appears to allow synchronization of files on the network for when working offline. Apparently undocumented).

9) Windows Media Player 5.1 = mplay32.exe (Retro version of Media Player, very basic).

10) ODBC Data Source Administrator = odbcad32.exe (something to do with databases)

11) Object Packager = packager.exe (to do with packaging objects for insertion in files, appears to have comprehensive help files).

12) System Monitor = perfmon.exe (very useful, highly configurable tool, tells you everything you ever wanted to know about any aspect of PC performance, for uber-geeks only )

13) Program Manager = progman.exe (Legacy Windows 3.x desktop shell).

14) Remote Access phone book = rasphone.exe (documentation is virtually non-existant).

15) Registry Editor = regedt32.exe [also regedit.exe] (for hacking the Windows Registry).

16) Network shared folder wizard = shrpubw.exe (creates shared folders on network).

17) File siganture verification tool = sigverif.exe

18) Volume Contro = sndvol32.exe (I've included this for those people that lose it from the System Notification area).

19) System Configuration Editor = sysedit.exe (modify System.ini & Win.ini just like in Win98! ).

20) Syskey = syskey.exe (Secures XP Account database - use with care, it's virtually undocumented but it appears to encrypt all passwords, I'm not sure of the full implications).

21) Microsoft Telnet Client = telnet.exe

22) Driver Verifier Manager = verifier.exe (seems to be a utility for monitoring the actions of drivers, might be useful for people having driver problems. Undocumented).

23) Windows for Workgroups Chat = winchat.exe (appears to be an old NT utility to allow chat sessions over a LAN, help files available).

24) System configuration = msconfig.exe (can use to control starup programs)

25) gpedit.msc used to manage group policies, and permissions


Getting A 1gb Yahoo China Account

1. Sign for a yahoo ID... you can do this in my.yahoo.com. DO NOT check the automatically create an Email address
2. Clear ALL cookies
3. Activate mail account at cn.mail.yahoo.com
(you get 100Mb storage first *don't worry*), then sign-out
NOTE: FYI, the two boxes in the activation page is lastname and firstname

Upgrading to 1Gb Yahoo China Account
1. Sign-in to Yahoo Messenger, add a contact, sign-out
2. Go back to cn.mail.yahoo.com (all pages would be in Chinese)
3. Click the 1G orange label (graphic) *look at the lower right of the page*
4. Type-in your Yahoo ID and Password *look at the bottom of the page*
5. You'll go to two more Chinese pages (Just click the bottom centered label in the page)
6. Tadah!! Your upgraded to 1Gig and your default is English with Free POP3

There's no pesky graphic or flash ads at the moment... but your email add would be username[at]yahoo.com.cn

I think that's good enough for people without Gmail



Overclocking takes on 3 forms:
First, is the casual overclocking, easy, and anyone can do it.
Second, is the right way to overclock, taking into account, everything.
Third, if you want serious power, your gonna need to be savy to what does what.

The casual overclocker gains about 5% increase, and really doesn't see any benefit from this, whilst it makes you feel good, no serious damage can be made, by upping the FSB a little, or changing your multiplier, only thing is, you want more.

The correct way to overclock, is to start looking at your system, check the motherboard specs, PSU, amount of harddrives, CD ROMS etc. (high end systems, including the lastest graphic cards will need serious power).

Lets take a base system like my old system setup:

AMD XP1700+ ( Thoroughbred JIUHB DLT3C )
Core Voltage = 1.50v
Maximum Die Temp = 90c
FSB = 266Mhz
(factory unlocked)

Jetway K266B KT266 chipset
DDR + SDR RAM (not together)
No onboard RAID

DDR RAM = Dane Elec PC2700 DDR (333Mhz)
Not registered

2 Hard drvies
1 CD Writer & 1 DVD ROM drive

2 LAN cards

1 PCI soundcard
(onboard sound turned off).

Now, lets look at what they can do:
The Thoroughbred is still the top processor for overclocking, Thunderbirds are just not upto it, even though they are capable of some really decent speeds, same as the Palamino, not to mention the Barton's (these are not what they have been made up to be).
(for the purpose of space, I'll not go into unlocking your CPU)

As you can see, my Thoroughbred has a core voltage of 1.5v, and as my motherboard is capable of giving my processor anything upto 1.85v, there is score for more there.
The FSB on my motherboard is capable of a max of 200Mhz (this is the magic number).
Die temps to a max of 90c is good (never been near it, yet!).

Now, to work out your Mhz on your system, or to check your multiplier or FSB, there is a little calculation you'll need to remember, and it's easy:

Your Mhz is worked out by your multiplier timed your FSB.

133x10 = 1.33Ghz

Of course you can devide your Mhz with your known FSB to give you your multiplier etc.

Now for easy, I have the results of my previous unlocking tests handy, so I'll use them, and not the current speeds etc.

Standard Multiplier = 11.0
Overclocked Multiplier = 12.0

Standard Voltage = 1.50v
Overclocked Voltage = 1.52v

Standard FSB = 133Mhz
Overclocked FSB = 136Mhz

Standard Speed = 1467Mhz
Overclocked Speed = 1630Mhz

Standard Temps = CPU = 37c SYSTEM = 32c (idle) CPU = 44c SYSTEM = 36c (under load)
Overclocked Temps = CPU = 34c SYSTEM = 29c (idle) CPU 40c SYSTEM 34c (under load)

As you can see, the system is cooler when overclocked, this is due to having the correct cooling setup, and temps for it when it was standard, was standard cooling setup.

Basically, all I have done, is raised the FSB by 3mhz, the voltage by 0.02v and the multiplier by 1.0, this has given me a 163Mhz increase without over strssing my system, but, here is where it gets teadious:

To achieve this, it took me about a week, and this is how I did it:
I started by lowering the multiplier to 5.0, from there I raised the FSB to its max (at the time, have latest BIOS update for mobo, allowing 200Mhz FSB), 166Mhz, this is the correct way of overclocking.
From there, I started to raise the multiplier one by one, getting it back upto the standard multiplier or higher, checking the stability of the system each time.
(currently I am way passed the 136Mhz FSB, as I am running PC2700 DDR).

One thing to look at though, overclocking using the FSB WILL (unless your system allows you to specify it) mess with your PCI & RAM speeds.
Even raising it by 3Mhz can make your PCI cards to not work, and your RAM to get confused and crash your system.

Now your thinking to yourself 'I can do that' and yes you can, anyone can, but.......
It takes TIME, I can't stress that enough, if your going to try this, then you'll need to run your system for at least 6 hours between changing your multiplier, and as you can imagine, this can take a long time to do.

For your information, I used Hot CPU Tester, SETI & played Vietcong for testing purposes.

Now, for the hard part:

As most experienced overclockers will tell you, heat is your enemy, killing heat is your number 1 aim, don't worry about your speed at first, a 50Mhz increasde isn't gonna make your 3D Mark scream through the roof, actually, you'll probably not even get any better than what you did before.

There are several ways of dispersing heat, and they are:

Pro's: Cheap, effective at lower speeds.
Con's: Noisey, dust collectors, need maintanance.

Pro's: Can lower your CPU by about 10c easily.
Con's: It has water in it, expensive, hard for some to understand.

Pro's: With watercooling, it's the daddy
Con's: ONLY EXPERIENCED PEOPLE NEED TO APPLY, very complicated, power hungry, NOT for the faint hearted. Stupidly expensive.

Upgrading your CPU fan is the first step, there are several companies that offer aftermarket fans, which are better than the OEM fans are 2 a penny in todays world, but it's NOT just about your CPU fan, your system needs to breath, you need to get rid of 'hot spots' within your system.

Its easier than most make out, its a good thing, kit prices can be got from about �120 ($200 US), just make sure they are upgradable, as you might want to add, a Northbridge water block & a GPU water block.
Modern day kits & parts are idiot proof, and will not leak, unless you act like Noah.

Pelter cooling is DANGEROUS, minly for your system, fitting it incorrectly, and you could end up with not only a baked CPU but a system that will end up as a very expensive paperweight.
Ask your local overclocking expert for more info.

Basically, if you can get hold of a decent Thoroughbred cored XP, your in luck (just like me), if its unlocked, then your in business, obviously, its not just down to your CPU, your motherboard and RAM will denote whether you can overclock big style or not.
I'd advise ANYONE thinking of overclocking, to research into it more, weigh up the odds on what they want or need, if your on a buget, DON'T attempt it, things can and do go wrong.
Most of the time, its not about 'mines faster than yours' or massive speed increases, its done by most, cause it can be. 90% of the time, you'd be better off buying a new CPU (as prices are so low), but if you get the urge, then a new world awaits you

great tutorial. this should help the OC noobs. If I can add something like you said know your specs of the mobo....and if you are serious about OC'ing dont go and get some generic NO-NAME ram and some ghetto mobo. to get the best stability go with ASUS and ABIT for the mobo and Crucial, Kingston, mushkin for the ram. A great forum for OC'ing is amdmb.com.

Indeed, if you are serious about your overclocking, its advised you only use serious brand names.
Generic parts are always a lower spec, and can easily destroy themselves with even a little stress aimed towards them.

Memory advice, use the folloing:

Kingston (added because of reviews, personally, I'm not sure about them).
Crucial (for Dual Channel DDR ONLY)
PNY (for EEC rated)
Geil (my choice, when I can afford it)

Motherbord advice, use the following:

Asus A7N8X Deluxe nForce2
Asus A7N8X-VM nForce2
Asus A7N8X-X nForce2
Abit KD7-S KT400
Abit KV7 KT600
Abit NF7 v2.0 nForce2
Abit NF7-S v2.0 nForce2
MSI K7N2 Delta-L Nforce2
MSI KT6 Delta-LSR KT600
Epox 8RDA+ nForce2
Epox 8RGA+ nForce2

Any nForce2 motherboard would be best, they allow more score for overclocking your system.

How to make key generators?

I take no responsibility of the usage of this information.
This tutorial, is for educational knowledge ONLY.
Hi there, in this tutorial, I intend to teach you how to make a pretty

simple keygen, of a program called W3Filer 32 V1.1.3.
W3Filer is a pretty good web downloader...
I guess some of you might know the program.
I`ll assume you know:
A.How to use debugger (in this case, SoftIce).
B.How to crack, generally (finding protection routines,patching them,etc...).
C.How to use Disassembler (This knowledge can help).
E.How to code in Turbo Pascal �.
Tools you`ll need:
A.SoftIce 3.00/01 or newer.
C.The program W3Filer V1.13 (if not provided in this package), can be found in
www.windows95.com I believe.
D.Turbo Pascal (ANY version).
Well, enough blah blah, let's go cracking...
Run W3Filer 32.
A nag screen pops, and , demands registration (Hmm, this sux ;-)) Now,
We notice this program has some kind of serial number (Mine is 873977046),
Let's keep the serial in mind, I bet we`ll meet it again while we're on
the debugger.
Well, now, let's put your name and a dummy reg code...
set a BP on GetDlgItemTextA, and, press OK.
We pop inside GetDlgItemTextA, Lets find the registration routine...
I`ll save you the work, the registration routine is this:
:00404DB2 8D95A8FAFFFF lea edx, dword ptr [ebp+FFFFFAA8]
:00404DB8 52 push edx ---> Your user name here.
:00404DB9 E80B550000 call 0040A2C9 ---> Registration routine.
:00404DBE 83C408 add esp, 00000008 ---> Dunno exactly what is it.
:00404DC1 85C0 test eax, eax ---> Boolean identifier, 0 if
:00404DC3 7D17 jge 00404DDC ---> registration failed, 1 if
Well, Let's enter the CALL 40A2C9, and see what's inside it:
(Please read my comments in the code).
* Referenced by a CALL at Addresses:
|:00404DB9 , :00407F76
:0040A2C9 55 push ebp
:0040A2CA 8BEC mov ebp, esp
:0040A2CC 81C4B0FEFFFF add esp, FFFFFEB0
:0040A2D2 53 push ebx
:0040A2D3 56 push esi
:0040A2D4 57 push edi
:0040A2D5 8B5508 mov edx, dword ptr [ebp+08]
:0040A2D8 8DB500FFFFFF lea esi, dword ptr [ebp+FFFFFF00]
:0040A2DE 33C0 xor eax, eax
:0040A2E0 EB16 jmp 0040A2F8
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A2E2 0FBE0A movsx ecx, byte ptr [edx] ----> Here Starts the
interesting part.
:0040A2E5 83F920 cmp ecx, 00000020 ----> ECX is the the current
char in the user name, Hmm, 20h=' '...
:0040A2E8 740D je 0040A2F7 ----> Let's see,
:0040A2EA 8A0A mov cl, byte ptr [edx] ----> Generally, all this loop
does, is copying
the user name from
[EDX], to [ESI], WITHOUT the spaces!
(Keep this in mind! ).
:0040A2EC 880C06 mov byte ptr [esi+eax], cl
:0040A2EF 42 inc edx
:0040A2F0 40 inc eax
:0040A2F1 C6040600 mov byte ptr [esi+eax], 00
:0040A2F5 EB01 jmp 0040A2F8
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A2F7 42 inc edx
* Referenced by a (U)nconditional or �onditional Jump at Addresses:
|:0040A2E0(U), :0040A2F5(U)
:0040A2F8 803A00 cmp byte ptr [edx], 00
:0040A2FB 75E5 jne 0040A2E2 ----------------> This is the loop , we got
what it does,
Let's continue tracing
the code...
:0040A2FD 56 push esi --------> The user name is pushed, in order
Upcase it's chars.
* Reference To: USER32.CharUpperA, Ord:0000h
:0040A2FE E80F330000 Call User!CharUpper ---> After this, our name is in
upper case.
:0040A303 56 push esi -----> Our name in upper case here.
* Reference To: cw3220mt._strlen, Ord:0000h
:0040A304 E86F300000 Call 0040D378 ---> This is the length of our name.
:0040A309 59 pop ecx
:0040A30A 8BC8 mov ecx, eax ---> ECX=Length.
:0040A30C 83F904 cmp ecx, 00000004 ---> Length>=4 (MUST).
:0040A30F 7D05 jge 0040A316 ---> Let's go to this address...
:0040A311 83C8FF or eax, FFFFFFFF
:0040A314 EB67 jmp 0040A37D
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A316 33D2 xor edx, edx
:0040A318 33C0 xor eax, eax
:0040A31A 3BC8 cmp ecx, eax
:0040A31C 7E17 jle 0040A335 ---> (Not important, just another useless
============ FROM HERE AND ON, THE IMPORTANT CODE, PAY ATTENTION ==================
One thing before we continue, EDX = 00000000h as we enter to the next instructions.
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A31E 0FBE1C06 movsx ebx, byte ptr [esi+eax] ---> EBX <--- char in user
name, offset EAX.
:0040A322 C1E303 shl ebx, 03 -----> Hmm, it shl's the char by 03h...
(Remember that).
:0040A325 0FBE3C06 movsx edi, byte ptr [esi+eax] ---> Now EDI <--- Char in
user name , offset EAX.
:0040A329 0FAFF8 imul edi, eax -----> It multiplies the char by the
offset in user name! (Remember that).
:0040A32C 03DF add ebx, edi -----> Adds the result to EBX (That was
Shelled (Ding Dong =)).
:0040A32E 03D3 add edx, ebx -----> EDX=EDX+EBX!!! - This is the CORE
of this registration routine!!!
:0040A330 40 inc eax -----> Increase EAX by one (next char).
:0040A331 3BC8 cmp ecx, eax
:0040A333 7FE9 jg 0040A31E ----> If ECXloop.
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A335 A120674100 mov eax, dword ptr [00416720] ---> HMMMMMM, What's in
:0040A33A C1F803 sar eax, 03 ---------> WAIT! Please type in SIce '?
Does this number in EAX look
familiar to us? ;-)
If you still don`t understand,
than, It's
your time, and check by
yourself - don`t trust me!). OK,
so now we know,
That it SHR's EAX by 03 (SAR is
almost identical to SHR).
:0040A33D 03D0 add edx, eax ---------> Hmm, it adds the result from the
loop, the serial number shr'd by 03h
:0040A33F 52 push edx -------> Let's continue. (At this point, I
can tell you , the reg number, is
in EDX - only that the reg number
is in HEX --> That's how you enter it).
* Possible StringData Ref from Data Obj ->"%lx"
:0040A340 685EF54000 push 0040F55E
:0040A345 8D95B0FEFFFF lea edx, dword ptr [ebp+FFFFFEB0]
:0040A34B 52 push edx
* Reference To: USER32.wsprintfA, Ord:0000h
:0040A34C E8E5320000 Call 0040D636 -------> This one, does HEX2STR (Takes
the value from EDX, and turns it to an hex string).
:0040A351 83C40C add esp, 0000000C
:0040A354 8D8DB0FEFFFF lea ecx, dword ptr [ebp+FFFFFEB0] -----> type 'd ecx' -
THIS is the reg number! That's enough for us, the rest of
the code, is
just for comparing the correct reg code with ours.
:0040A35A 51 push ecx
* Reference To: USER32.CharLowerA, Ord:0000h
:0040A35B E8B8320000 Call 0040D618
:0040A360 8D85B0FEFFFF lea eax, dword ptr [ebp+FFFFFEB0]
:0040A366 50 push eax
:0040A367 FF750C push [ebp+0C]
* Reference To: cw3220mt._strcmp, Ord:0000h
:0040A36A E875300000 Call 0040D3E4
:0040A36F 83C408 add esp, 00000008
:0040A372 85C0 test eax, eax
:0040A374 7405 je 0040A37B
:0040A376 83C8FF or eax, FFFFFFFF
:0040A379 EB02 jmp 0040A37D
* Referenced by a (U)nconditional or �onditional Jump at Address:
:0040A37B 33C0 xor eax, eax
* Referenced by a (U)nconditional or �onditional Jump at Addresses:
|:0040A314(U), :0040A379(U)
:0040A37D 5F pop edi
:0040A37E 5E pop esi
:0040A37F 5B pop ebx
:0040A380 8BE5 mov esp, ebp
:0040A382 5D pop ebp
:0040A383 C3 ret
Making the actual Keygen
Now, after I've explained how does the program calculate the registration
code, you can either write your own keymaker, without looking at my code, or
look at my code (in Turbo Pascal - sorry for all you C lovers ;-) Next time).
That's it, here's the source of my keygen:
------------------- Cut here ---------------------------------------------
Program W3FilerKeygen;
Writeln(' W3Filer32 V1.1.3 Keymaker');
writeln('Cracked by ^pain^ ''97 / Rebels!');
Write('Your Name:'); { Read the name }
Write('Serial Number:');
readln(SerialNum); {Yes, we need the serial number for the calculation!}
For I:=1 to length(Name) do
If Name[I]<>' ' then begin
eb:=ord(Name[I]) shl 3; {EB = Name[I] Shl 03h}
Ed:=ord(Name[I]); {ED = Name[I]}
ed:=ed*(x); {ED=ED*Offset}
eb:=eb+ed; {Add ED to EB}
Key:=Key+EB; {Add EB to KEY}
Key:=Key+(SerialNum shr 3); { Add SerialNum shr 03h to Key}
{ From here, this is just HEX2STRING --> I`m quite sure it's
Self explaintory, else - go and learn number bases again! ;-)}
digit:=Key mod 16;
key:=key div 16;
If digit<10 then KeyHex:=Chr(Digit+ord('0'))+KeyHex;
If digit>10 then KeyHex:=Chr(Digit-10+ord('a'))+KeyHex;
until key=0;
writeln('Your Key:',KeyHex);
writeln(' Enjoy!');


Welcome to my Reverse Coding tutorial! In this paper, you will
learn how to crack and modify your own software. I'll try to get
into as much detail as possible, yet also dumb it down a bit. =)


All information is purely for educational purposes only! The author
cannot be held responsible for any (ab)use of this information.

To begin, I'm going to teach you about hexadecimal, so if you already
know it, then move on. Even if you do already know it, I suggest
sticking around for a refreshment of your memory.=)

Hexadecimal, or hex as it's more commonly known, is a base 16
numbering system. Base 16 meaning that it consists of 16 numbers:
0-9 and A-F. Each of these numbers (A-F=10-16) have a value of 4 bits
and are also called nibbles. In representing a hexadecimal number, one
would write an "0x" before the actual bit set. 0x is simply a tag put
before a hex number to let programmers know that it is in fact, hex.
When writing hex, you will not need to use this prefix.

If you haven't already noticed, the 0x prefix looks similar to that of exponential
notation. Actually this is where 0x has been derived, seeing as how
hex is simply a number that has been raised to a power of 16.
This means 10 in hexadecimal represents the value 16+0, or 16. So check
out this example:

0xB3 (hex)= 2*16(squared)+11*16(to the 1st power)+3*16(to the power of 0 )
=2*256+11*16+3=691 (decimal)

Yeah, you could do all of that, or you could be lazy and use an automated
program that does it all for you. Why do you need to know hex? Because
it's used by every piece of software and hardware. How? Memory based address
allocation. Here's an example:

When you clicked on your browsers icon to launch it, the click triggered a "call"
(an asm function that will be discussed more in depth in later chapters.) which
went back to the programs memory with the "click in it's hand." It finds the
address where the code is that makes the program launch and executes it. The
address is written in, you guessed it, hex. An example of an address would be
something like this:


5108 would be the actual specific address and 101c would be the sector
of RAM were the address is located. Those are the basics of Hexadecimal
You should probley read this chapter againbecause getting a firm grasp on hex
is essential to cracking and moding programs.
---RAM and ROM--------

In this section we are gonna learn about RAM and ROM. Many people kno about
the hardware part of RAM and ROM and that's gonna be very useful to you......
just not in this tutorial. =) We are about to learn about the "software" side. I use the
term software loosly in that software tends to have a GUI (Graphical User Interface)
and this does not. BUT, there are ways to access and modify the behavior of it that
I will talk about in this chapter, as well as in the next. To start off, I'll answer some
common questions:

What is RAM?

RAM (Random Access Memory) is basically memory and the process of accessing it.
The term "Random Access Memory" was approprietly given to this memory unit because
when executing a command, the CPU doesn't have to scroll through all the memory on
your PC until it finds the right address. It "randomly" whips out the addy from it's back
pocket and serves it up.This process is both quick and efficient. Learning this process
will help you understand the ASM functions in the next chapter.

How does RAM work?

When a command is issued and the memory is pulled from file, it must first go through
what is called a "vector". A vector is a "gateway" or a "sector" of RAM where the address
of the function is stored with others of it's own kind. An example of a vector would be
something like this:


This means that all "addressii" (hehe) that are between those values are stored in that
sector of RAM. A vector acts as a gateway in that, first, pass through a vector to get to
address. Your average program probley has about 30 to 40 main vectors, sectioning
off from boot until exit. Knowing the vector of an addy or a function will greatly reduce
your headache when you start searching for it.

ROM. ROM is a part of memory that doesn't change. (Although we can change it.=) )
Boot ROM for instance, follows the same plan of action it is called upon. ROM also has
vectors, just like RAM. ROM is not that important when it comes to cracking to we will
leave it alone for now.

Back to RAM. Believe it or not, but addressii (there I go again, I'm such a g33k.)
actually follow certain formats or syntax's for certain functions. Take hot keys for
example: In the under ground, we call them "Joker commands". By pressing a certain
combonation of keys, a program will run, close, be stupid, whatever. The syntax for a
Joker command is as follows:


Let's examine this format a little closer.

0d= The proclemation of a specifyed format

aaaaa= The address of the function

f= The float or remainder; "Floating point number" ; decimal

000= "NOP" No operation

z= The "Booleon" as we the C++ programmers call it. A booleon is an "IF, THEN" statement.
"IF this is true, THEN do this." Value 0= equal; 1= different; 2=less than; 3=greater than.

vvvv= The combonation of hex values (The values of the keys pressed) used to execute the "CALL"

Say the "A" key had a vlaue of fffb and the "B" key has a vlaue of fffd. You would then add both
values using a hex calculator and get fff9 as the sum. The output on you calculator would
show 1fff8. Add the first value and the last value to find the fourth byte segment. So say
we've found the address of the Joker function (usually in the boot ROM sector) commonly
called the "Maple address" and we are ready to program in some hex code. Our code may
look like this:


This means that IF the value of fff9 (A and B) is equal (0) to the address (aaaaf) of the function,
THEN execute it. See? Easy isn't it? You'll need to know things like this when modding programs
as a use of executing of your arbitrary code in certain parts of your program at a certain time.
Joker commands are also reversable in that if you enter the same code except with a 1,2, or 3,
in the z slot and by changing the button combonations. Reversable meaning terminating the
function or other functions that were started. A good use for this is for firewalls and babysitting
programs. Are you on a college machine and can't download stuff because of that pesky firewall?
Crack it open and program in some Joker commands so you can turn it on and off at will
WITHOUT the administrator's password!

To start off with our small and to the point ASM section, I'll warn you in advance, after reading this,
you'll need to go take a shower cause this is disgusting! Here we go!

To begin, I'm gonna define for you some functions that you'll be seeing alot of, and be using. Here they are:

.:Hex:. .:ASM:. .:MEANING:.

75,0f85 jne jump if not equal
74,0f84 je jump is equal
eb jmp jump directly to
90 nop no operation
77,0f87 ja jump if above
0f86 jna jump if not above
0f83 jae jump if above or equal to
0f82 jnae jump if not above or equal
0f82 jb jump if below
0f83 jnb jump is not below
of86 jbe jump if below or equal
0f87 jnbe jump if not below or equal
0f8f jg jump if greater
0f8e jng jump if not greater
0f8d jge jump if greater or equal
0f8c jnge jump if not greater or equal
0f8c jl jump if less
0f8d jnl jump if not less
0f8e jle jump if less or equal
0f8f jnle jump if not less or equal

The easy thing about most of the functions in ASM are that they sound like what they mean.
Jump, means of coarse, to Jump from one thing to another. Example:

"jmp 00401744" would mean to jump directly to the address 00401744 once the code
hits the function.

Let's look at "CALL". Call is a function that is used to "call" a certain task, string, address, whatever.
Take a look at this example:

"Call 0040ccc2" this would of coarse call the address 0040ccc2 and use it. Those are the functions
you'll be using.

The reason why I'm not going into loads of detail in this chapter is because when
cracking software, not an extensive amount of knowledge of ASM is needed. If you want
to know more or need help with something, e-mail me at the address provided at the end of
this tutorial. This chapter wasn't so nasty was it? Nah, it was easy =)
---Needed Programs----------------

The programs you will need are as follows:

WDasm 8.9 or Higher
Hiew 6.1
Softice for win9x v3.24
SubmitWolf(demo)v4.01 (http://www.trellian.com/swolf)
Programming Language (C,C++,Pascal,ASM whatever you would like) Prefably C for this tutorial!
And a brain (no seriously)

Ok, here we go! The first thing you need to do is to open up SoftIce and then swolf32.exe which is the name given to our
target program. Go to the help menu and select register. Here's where your brain will come in, start to look
for how the protection is running by entering some random crap into the blank space. Don't press the OK button yet though.
Instead, press CTRL-D to bring up SoftIce. What we are gonna try to do is define a breakpoint, using BPX hmemcpy.
Hit CTRL-D again and it will bring you back to the program. Click OK on the box and SoftIce will again pop up. Now press F12
and it will bring you to the target program code. Scroll down a few lines and find:

:004167D9 8D4C2410 lea ecx, dword ptr {esp+10}--;ecx=the random crap you typed in.
:004167DD 8D94290000000 lea edx, dword ptr {esp+00000090}-;edx=name
:004167E4 51 push ecx
:004167E5 52 push edx
:004167E6 E8B5450100 call 0042ADA0----;this is the call which calculates the serial
:004167EB 83C410 add esp, 00000010--;
:004167EE 85C0 test eax, eax----;and return eax=1 if true (booleon =) )
:004167F0 0F8596000000 jne 0041688C----;jump to registered
:004167F6 8D442408 lea eax, dword ptr {esp+08}
:004167FA 8D8C2488000000 lea ecx, dword ptr {esp+00000088}
:00416801 50 push eax
:00416802 51 push ecx
:00416803 E868470100 call 0042AF70----;this call tests our serial
:00416808 83C408 add esp, 00000008---;
:0041680B 85C0 test eax, eax----;for v3.XX one.
:0041680D 7433 je 00416842;jump is equal

The call that we want to focas on is at 004167E6. This call tests wether our serial is for the correct version or not.
Let's trace the call 004ADA0:

*Referenced by a CALL at address:
:0042ADA 83EC30 sub esp, 00000030
:0042ADA3 55 push ebp
:0042ASA4 56 push esi
:004ADA5 57 push edi
:0042ADA6 8B7C24444 mov edi, dword ptr {esp+44}--;edi=our fake serial
:004ADAA 85FF test edi, edi
:004ADAC 0F4A7010000 je 0042AF59----;die if empty
:004ADB2 8B6C2440 mov ebp, dword ptr {esp+40}--ebp=our name
:0042ADB6 85ED test ebp, ebp
:004ADB8 0F849B010000 je 0042AF59---;die if empty
:004ADBE 8A07 mov al, byte ptr {edi}--;compare 1st byte of serial with 'p', die
:0042ADC0 3C50 cmp al, 50----;
:0042ADC2 0F8587010000 jne 0042AF4F----;if not equal
:0042ADC8 807F0134 cmp byte ptr {edi+01}, 34--:compare byte of serial with '4'
:004ADCC 750C jne 0042ADDA----;
:0042ADCE C70500C8430000000000 mov dword ptr {0043C800}, 00000000
:0042ADD8 EB1C jmp 0042ADF6

As we can see by the above, the code tells us that the first value of our serial will
be 'p' and a cycle of a four byte algorythm. I could go on and on about all of the internals
of all this stuff but that would be going beyond the scope of this tutorial. The idea was to show
how to crack this pro, and thats what I'm going to do. Based on the information I've given you, and the
information that you can deduce from reading the code, I've written a small key generator in C.
If you know C, then you'll be able to tell where i got the algorythms to write it. So here it is:


int main(void)
long code=555583,count1,count2;
char name[25],cod[5],type='0';
printf("This is a simple key-generator written by k33t of CYBNET Security Group");
text color(10);
printf("SubmitWolf(demo)ver4.1 cracked by k33t");
prinf("-November 2002");
prinf("'\n\nSelect Edition PRO(0) or Enterprise(1) (0/1)=");
prinf("Enter Registration Name=");
for(;code<10000;) code=code*10;
for(;code>999999;) code=code/10;
printf(Your Serial Number=P%c4-%ld",(type=='1')? 'E':'4'code);
return ;

Ok! So! An overall conclusion of this code is:

1.First two characters of the serial must be either 'PE' or 'P4'.
2.Multiply every first four characters or our name with every byte of our serial before '-'
3.XOR every four byte with every byte of our name.
4.Convert to positive number if<0.
5.Convert to number between 10000 and 1000000.

Forgive me if this code is buggy as I wrote it very quickly in the little spare time I had.


WinXP Tips & Trix - Winsock 2 Repair

Repairing Damaged Winsock2

The symptoms when Winsock2 is damaged show when you try to release and renew the IP address using IPCONFIG...

And you get the following error message:

An error occurred while renewing interface 'Internet': An operation was attempted on something that is not a socket.

Also Internet Explorer may give the following error message:
The page cannot be displayed Additionally, you may have no IP address or no Automatic Private IP Addressing (APIPA) address, and you may be receiving IP packets but not sending them.

There are two easy ways to determine if Winsock2 is damaged:

From the XP source files, go to the Support / Tools directory

Winsock Test Method 1
Run netdiag /test:winsock

The end should say Winsock test ..... passed

Winsock Test Method 2

Run Msinfo32
Click on the + by Components
Click on the by Network
Click on Protocol
There should be 10 sections if the Winsock2 key is ok
RSVP UDP Service Provider
RSVP TCP Service Provider
MSAFD NetBIOS [\Device\NetBT_Tcpip...
MSAFD NetBIOS [\Device\NetBT_Tcpip...
MSAFD NetBIOS [\Device\NetBT_Tcpip...
MSAFD NetBIOS [\Device\NetBT_Tcpip...
MSAFD NetBIOS [\Device\NetBT_Tcpip...
MSAFD NetBIOS [\Device\NetBT_Tcpip...

If the names are anything different from those in this list, then likely Winsock2 is corrupted and needs to be repaired.
If you have any 3rd party software installed, the name MSAFD may be changed.
There should be no fewer than 10 sections.

To repair Winsock2

Run Regedit
Delete the following two registry keys:

Restart the computer
Go to Network Connections
Right click and select Properties
Click on the Install button
Select Protocol
Click on the Add button
Click on the Have Disk button
Browse to the \Windows\inf directory
Click on the Open button
Click on the OK button
Highlight Internet Protocol (TCP/IP)
Click on the OK button