Islamic Studies

[wpdm_file id=4 title=”true” desc=”true” template=”bluebox ” ]

How to Remove or Change Administrator Password In Windows XP

winxp-admin-logoSometimes you need to access your administrator account without password because you have already forgotten it. If there is a guest account created earlier, then there is no issue here. Otherwise you will need to format your computer. Here we are going to discuss a technique which you can change or remove your administrator account password without logging into your administrator account. You will need a fresh copy of Windows XP installer CD.

The administrator account provides you the full right to access your computer. Any guest account is a limited account and you could not access administrator right from this account like changing or removing administrator password, registry editing, group policy editing, etc. So it is not possible to retrieve administrator account password from here. That’s why you have to do it from boot option.

Remove or Change Administrator Account Password by Windows XP CD:

1. Insert a Windows XP disc into CD/DVD drive and reboot your computer.

2. Wait for the message “Press any key to Boot from CD or DVD”. Now press any key.

3. It will start to load the windows files from CD or DVD to your computer and after a short time there will appear  three options. Press enter to select the first option.

remove-administrator-account

4. Now the Windows XP Licensing Agreement screen will be appeared. Press F8 to accept the agreement.

windows-xp-agreement

5. Again you will be asked whether you want to repair Windows XP or not. Press R to repair. Now your hard disk will be checked and then setup will start to copy the windows files. It can take several minutes. Just after the copying  your computer will reboot automatically. Don’t press any key after rebooting. It will automatically continue the process.

repair-windows-xp

6. Watch at the left side of the screen. When the “Installing Windows” is highlighted, press Shift + F10 to open DOS prompt.

Type NUSRMGR.CPL and press Enter. It allows you to access your user account.

winxp-admin-commandprompt

7. Enter into your administrator account and change or remove admin password within a second. It’s not required to put the previous password. From here you can create a new user account also.

winxp-admin-password

Now after the repair is done, log on into your system with the newly created password. This procedure will work with all the versions of Windows XP.

If your CD/DVD drive does not work properly, you can also create a bootable Windows XP USB drive and do a boot from USB drive. Note that you have to change the startup setting in the BIOS to boot from USB drive. Once the Windows installer boots up, you can then follow the steps 3-7 to remove/change your administrator password.

Business Communication Chapter

Business Communication Chapter for Salaam Higher Education Institute Kunduz Branch.

[wpdm_file id=2 title=”true” desc=”true” template=”bluebox ” ]

Microsoft makes Windows 8 name official, three editions only

Windows 8 is the official name of the next version of Windows client. Here are details on the three SKUs that are in the pipeline.

Those hoping for fewer Windows editions than in previous versions, your prayers have been answered.

It’s official as of today, April 16: Windows 8 is the name for the next version of x86/64 edition of Windows. And there will be three SKUs only.

According to a blog post on the Windows Team Blog, there will be two editions of Windows 8 for x86/64 processors: Windows 8 and Windows 8 Pro.

Windows 8 is the consumer SKU. It will include the updated Windows Explorer, Task Manager, better multi-monitor support, and the ability to “switch languages on the fly,” which previously was only available to those purchasing the Enterprise and Ultimate Editions of Windows .

Windows 8 Pro is for tech enthusiasts and business/technical professionals, and adds features for encryption, virtualization, PC management, and domain connectivity. The Windows Media Center functionality will be available as an add-on to Windows 8 Pro, known as the “Media Pack.”

Here’s the complete feature chart from Microsoft as to which features will be included in which SKU. The WindowsUnleaked.tk site revealed previously the details of these new Windows 8 SKUs.

Microsoft is naming the Windows on ARM (WOA) version Windows RT. Yes, another WinRT — which is the Windows Runtime (WinRT), the new Windows Runtime which is at the heart of the Metro-Style side of Windows 8. The WinRT version is for WOA tablets and PCs only. I guess that means Windows 8 on Intel and AMD processors fall under the two SKU rule: it will be either Windows 8 or Windows 8 Pro if you are gravitating toward one of those devices due out later this year.

This story was first published as “Microsoft: Here are the three editions of Windows 8” on ZDNet’s All About Microsoft blog.

Will Lulzsec Arrests Stop High-profile Hacks? Don’t Bet On It

The group of hackers known as “LulzSec” frequently taunted government pursuers over the last year as they published sensitive data snatched from myriad public and corporate Web sites.

Tuesday, we may have learned what happens when you mock the feds for too long. Authorities announced that five men in the U.K., Ireland, New York, and Chicago had been charged with hacking-related offenses. They also said the alleged LulzSec leader, known as Sabu, had entered a guilty plea on August 15 to 12 counts of computer hacking conspiracies and other crimes. According to the U.S. Attorney’s Office in New York, Hector Xavier Monsegur, 28, was arrested and released in June on $50,000 bond. One of the men charged, Jake Davis, also known as Topiary, was arrested in the United Kingdom last July.

The alleged members of LulzSec are accused in computer attacks against Fox Broadcasting, PBS, and global intelligence firm Stratfor. The group is accused of stealing confidential information–including passwords–and releasing it publicly, hijacking e-mail accounts and even secretly listening in on a conference call in which the FBI and Scotland Yard talked about trying to catch them.

But for all the media excitement generated by the arrests, their impact is likely to be minimal. LulzSec may be silenced–at least for now- but network security experts believe the LulzSec crackdown is unlikely to spell the end of the spate of high-profile, politically motivated hacks carried out by LulzSec’s brethren in the online activist collective Anonymous.

Even law enforcement officials who had been taunted for so long by their suspects were reluctant to call their news a major blow to Anonymous. Indeed, speaking with CNET on condition of anonymity, a member of Anonymous downplayed the impact of the arrests.

“People get arrested from Anonymous all the time, including 25 last week,” by Interpol, he said. “It’s not like these arrests will bring the entire group down. They were involved but they weren’t kingpins like the FBI says.”

In search of Sabu

Officials have declined to comment on a Fox report that Monsegur served as an informant after he was arrested, but there had been rumors that he was snitching. A hacker using the moniker “Virus” posted a chat log to Pastebin on August 16 between Sabu and others that Virus claims is proof that Sabu had snitched after he was tricked. “Be careful who you are friends with because they will sell you out very quickly,” Virus warns.

Sabu dismissed those claims in a subsequent post in October, saying “Am I snitch/informant? Let’s be real–I don’t know any identities of anyone in my crew… And the last thing I’d ever do is take down my own people. I am a grown ass man I can handle my own issues,” he wrote. “I’ve been to jail before–I don’t fear it. In fact there is very little I am afraid of especially these days.”

Monsegur, an unemployed father of two, would have had plenty of time to spend boasting of activities and dissing the feds via his Twitter account, “The Real Sabu.” “The federal government is run by a bunch of [expletive] cowards. Don’t give in to these people. Fight back. Stay strong,” the account tweeted yesterday.

Sabu was so high profile and antagonistic that other hackers tried to uncover his identity last summer. In fact, a Pastebin post from last June named Monsegur as Sabu, so it could be that rival hackers did the leg work for the feds. Other chat logs that have been posted publicly revealed that Sabu was the leader. “He was the Pablo Escobar of the LulzSec team,” famed hacker Kevin Mitnick said.

Monsegur is accused of being the “rooter,” the hacker who identifies vulnerabilities in computer networks that can then be exploited. And despite officials referring to the group’s “sophisticated hacking” skills, the group relied mostly on run-of-the-mill SQL injection and distributed denial-of-service (DDoS) attacks.

“They were pretty stupid about a lot of things,” said Scot Terban, a security analyst and consultant. This included using a stolen credit card number to order car engines and having them delivered to his home address, logging into Internet Relay Chat with his real IP address instead of going through a proxy like TOR, and using aliases that could be linked to him on the Web from other activities, Terban said, referencing court documents.

Josh Corman, director of security intelligence for Akamai who has been studying the hackers, said it was too soon to tell if this is going to hurt the Anonymous movement long term or help it.

“It may improve their operational security” to keep identities more hidden in case of infiltrators, he said.

Mitnick knows from first-hand experience just what hacker groups like Lulz and Anonymous are up against. One of the most celebrated early hackers, Mitnick got busted on hacking charges after leading the FBI on a goose chase about 25 years ago.

“If you poke the tiger, eventually the tiger is going to bite you,” Mitnick said. “When you screw with law enforcement, they take it personal–and these guys were doing that, compromising police Web sites and publishing home addresses and phone numbers.”

Recounting his personal chronology of being on the lam, Mitnick recalled that he kept his circle of acquaintances to one or two hacking partners at most, and he still wound up getting informed upon.

“The larger your circle the greater your risk…If I was a member of Anonymous, which I’m not, I would be really concerned about the same thing happening to me. How many people know my real world identity?”

Below is a timeline of major LulzSec events. Dates may be approximate as it is often difficult to determine exactly when a network was compromised:

  • February 2, 2011 – Anonymous hacks HBGary Federal site
  • May 15 – LulzSec claims credit for hacking UK ATMs and Fox Network’s X Factor site
  • May 23 – LulzSec leaks data from Sony Music Japan
  • May 30 – LulzSec defaces PBS.org
  • June 2 – Group leaks customer data from Sony Pictures
  • June 3 – Hacks on Nintendo and InfraGard Atlanta
  • June 6 – Sony Entertainment source code and Sony BMG hacks
  • June 7 – Monsegur, aka Sabu, arrested on identity fraud charges
  • June 9 – LulzSec compromises U.K. National Health Services site
  • June 13 – Data stolen from videogame maker Bethesda Software
  • June 14 – Senate site compromised
  • June 15 – DDoS on CIA site
  • June 16 – Thousands of passwords dumped
  • June 20 – DDoS on U.K.’s Serious Organized Crime Agency
  • June 21 – British police arrest 19-year-old Ryan Cleary
  • June 23 – Arizona law enforcement sites compromised
  • June 25 – LulzSec announces that they are quitting after 50 days
  • June 28 – Zimbabwe, Brazil, UMG, Viacom hacked
  • June 29 – Arizona Dept. of Public Safety data dump
  • June 29 – FBI searches home of Ohio man
  • June 30 – another Arizona law officer data dump
  • July 4 – Apple server targeted
  • July 8 – Chilean government site, IRC Federal hacked
  • July 11 – hackers claim Booz Allen Hamilton hack
  • July 18 – LulzSec deface Murdoch’s The Sun
  • July 19 – 16 arrested in U.S.
  • July 22 – U.S., Italian cyber crime site hacked
  • July 27 – Topiary arrested (Identified this week as Jake Davis)
  • August 6 – Italian police sites attacked
  • August 15 – Monsegur pleads guilty to computer hacking charges
  • August 18 – Hackers claim data stolen from Vanguard Defense Industries
  • September 22 – Arrest of Cody Andrew Kretsinger, 23, of Phoenix
  • December 25 – Stratfor data stolen

Microsoft Moves To Disable Zeus Botnet

Cyber-criminals suffered a serious setback on Friday, when command-and-control servers running some of the most notorious Zeus botnets were seized by authorities. Accompanied by U.S. Marshals and working in collaboration with partner organizations in the financial services industry, Microsoft raided hosting locations in Scranton, Pa., and Lombard, Ill., seizing servers and IP addresses associated with at least 800 domains. The raid was codenamed Operation b71.

Zeus is one of the most prolific forms of malware on the Internet today. Available on the black market as a cybercrime toolkit, Zeus is used by hackers to infect Windows PCs with keylogger software that is designed to capture users’ confidential financial information. Each network (or “botnet”) of infected computers transmits the stolen data back to the hackers via a command-and-control server.

“With this action, we’ve disrupted a critical source of money-making for digital fraudsters and cyberthieves, while gaining important information to help identify those responsible and better protect victims,” Richard Boscovich, senior attorney for the Microsoft Digital Crimes Unit, said in a statement.

According to Microsoft, the company has detected over 13 million suspected Zeus infections worldwide since 2007. While there are multiple variants of Zeus in existence today, the Microsoft-led raid focused on the core Zeus, SpyEye, and Ice-IX variants that the company says may already have caused $500 million in damages.

The concern over Zeus is widespread in the security industry. VeriSign’s iDefense security business unit recently identified the Zeus botnet as one of the top cyber security trends of 2011. A major reason: Over the course of the last year, Zeus has evolved into an open source crimeware kit.

“We’ve always seen a steady evolution of new techniques and tactics by malware authors,” said Rick Howard, General Manager of Verisign iDefense. “But the fact that the owner of Zeus released it to the wild, means that now it’s out there and every malware author on the planet can learn from it.”

Howard noted that any malware author can now put Zeus-like functionality into their own code. He expects that a large amount of malware this year will converge on the same capabilities that are included in Zeus.

In terms of Zeus malware itself, Howard noted the difference between Zeus variants and Zeus augmentations.

“There are people that just take a copy of Zeus and maybe tweak it a little bit for their own purpose and that stuff will be picked up by antivirus engines, so that’s the good news,” Howard said. “The bad news are the augmentations, where malware authors research Zeus and then just take the functionality and put it in their own malware.”

Howard warned that Zeus augmentations are more difficult for antivirus software vendors to detect and prevent.

“There is no silver bullet here,” Howard said. “Antivirus catches up eventually for the new augmentations, but they won’t be good out of the box. Zeus is a unique event, only because it is one of the most efficient and effective pieces of malware out there and it’s available to anybody.”