Hacking Windows: the completely ethical, legal and cool way
Section 2:
Registry Hacking
Well, after the previous article/tutorial you should be rather familiar with the different methods of getting past the rather inexplicably easy to crack password system of the Windows Login function, and be capable of customizing the way programs boot up at the start of logging in.
We have established quite a bit already. Now, you should be pleased to know we will continue to customize (and cause damage probably!) a computer you have permission to do so ;-)
P.S If you are new to this serial of hacking publications, I suggest strongly you read my disclaimer, which can be found in the previous article (section 1). If you fail to comply, you may find that your rights to claim insurance completely voided.
In fact the point of the disclaimer is to inform what it takes to be a REAL hacker. So go away if you wanna learn to damage, destroy and destructively ruin systems. I will not teach you how to do so.
By this stage, if you have been following the articles in order, you should realise what it takes and what it means to be a real hacker.
Sorry, there is a large time gap between this article and the previous. I was caught up in my job, Please feel free to re-read again and again the articles if you need to do so. I donÂ’t expect one reading will allow full absorbing of material here. After all, hacking is an art. And all arts need practice.
Unfortunately, this art also needs research.
Lots of it.
Ok. Moving onÂ…How to hack the registry, continued by the member of the forums , going by name of Starfruit.
Please feel free to contact me if you need help by the way. I will give you details of my public key etc laterÂ…
Also, I must stress it is essential to back up all your files, and your registry NOW if you havenÂ’t already.
How do you do that? ErmÂ…really, you ought to know before you can consider yourself even a newbie hacker!
Check out the Control Panel, and use Explorer, plus a CD-RW drive to get round this problem. Basically, work on it yourself. This article is on exploration. Here is your chance buddyÂ… ;-)
I told you we are elusive pplÂ…
Right. How does one get into the registry?
HmmmÂ…First one must know what the registry is before they can change it.
So, I shall begin with an explanation of the registry:
The registry is a place of indecipherable, supposedly incoherent ‘coding’ as such, based purely on the usage of hexadecimal, binary and decimal number systems to act as ‘instructions’ (like genes) for the specific sets of different ‘layers’ that lie within the registry. Each ‘layer’ as I call it, or properly known as ‘KEYS’, are the different sections that the OS can be divided into (according to Microsoft). The point of this is to provide security by being elusive. It is in fact, not very clever, but simple and completely stupid as because one may not know where to look for important information (passwords, coding, etc), but one can very easily with the right knowledge find the place where these things are hidden.
Access of this strange place begins with a program called ‘REGEDIT.EXE’ sometimes the name varies with each version of Microsoft Windows.
Work on it yourselfÂ…youÂ’ll find it if you are developing your hacker skills.
Ok. So how do I open this program?
Simple. Must I say??
Ok…access Run, then type ‘REGEDIT’. Don’t have the quotes on either side please (you’re not that thick are you? ;-) And, by the way, you can actually type any program in here (as long as it falls into the local directory) and access them from here.)
Now, a new window should pop up.
It is the strange world of the registry.
HmmÂ…here we can what exactly? Well, remember I told you: it is the place where all the coding, instructions are hidden for Windows.
Every conceivable setting, every possible instruction, for colours of text, toolbar; for shape of icons, for passwords –everything, and I mean everything, (well almost), is here.
Notice the right hand side, there is a divider that splits the window. I call it the pane.
The pane is the bridge. It is a bridge between the KEYS and the DWORD Values.
Yup, they are really crap names.
I donÂ’t make this up, trust me
This means that everything a key holds has a corresponding DWORD Value and a DWORD. That is, a set of specific instructions for that one area of the Key.
You see, each key holds several different ‘folders’.
Anyway, opening a folder presents on the left hand side of the panel the different sub-levels of that type of program/setting, and shows up the DWORD on the right. That is, a setting for example of a particular area of a program.
The program that you are playing with depends on the DWORD and KEY open.
Yes it is weirdÂ…but logical. Please allow me to show you in detail how to play with these settings.
For example, the KEY ‘HKEY Local Machine’ is a good place to work on your skills.
Click on the cross to being with –next to the yello folder icon. This should expand the directory.
Now, you can see that there are a lot of different folder things to click on.
Look for the ‘Software’ folder. Click it.
Now, choose the Microsoft FOLDER AND THEN THE Windows folder. Now, click the Current Version folder. Notice the right hand side showing the DWORDs available. These are the different settings you can play withÂ…
Now, on the left, open up the Run folderÂ…or anything else that has the nae Run in it or is called by a similar nameÂ…
Look on the right side –notice the DWRODS? These are the different programs that are running when you boot up the computer. Whoooo! You can just delete the DWORDS to your liking.
However, some programs you should leave alone. Just get rid of those that are obviously unnecessary –like Babysitter 2.3 , etc…;-) And, notice all the virus and spyware may hide itself in here. Delete these nasty programs from the list. Just right click and select delete. Then press REFRESH button on keyboard. If you don’t know which key on keyboard represents this –um…I don’t understand what you are thinking with being a pro… I’m sure you’ll find out which button it is if you don’t already know…(Hint –TRY F5 button?)
Anyway, delete the program, then hit refresh or restart computer (sometimes this does nothing).
Note: this doesnÂ’t delete the actual program however.
If you can delete them, you can also make them! Therefore, if one wants another program (for some reasonÂ…) to boot up when windows doesÂ…choose a RUN folder on the left, then on the right, add a new DWORD and as the DWORD C(name it anything you likeÂ…oreferably something logical) and type in the directory of the program as the Value of this.
Now, refresh…rememerber that you need to refresh in order for anything to happen and reboot to see this new program boot up. It is a lovely thing –as you can hide programs in the boot up section without them coming up in the start up group…thusy being a little more secretive. (Just a bit u need yto understand).
Now, sometimes you need to change particular setting for a paricular feature/program that lies in windows. Just search for this or browse your way through the different folders available on the right.
If it is a piece of software you want to customize, then look for it in the SOFTWARE section of each key. Ote, not all the strange keys have the software level.
Now, upon finding the software you wnt to edit…you can check out the DWRD values etc or DWORDS by playing around with them –eg click on them and ‘modify ‘ their alues and change the names of the DWORDS, or even, delete them.
But, remember to firstly, back up your great 20000 page essay, and your essential registry files please.
DonÂ’t listen to me and you will find that the lovely dissertation on furry pigs out the window. ;-)
Ok. ThatÂ’s the registry in a nutshell. Well, sorta. ThereÂ’s much mpre to it than that.
I’ll give you thew advanced stuff on registry hacking now…with a frew brief really well known ‘tricks’ for hackin the registry.
Great trick number one:
Disabling the Drives of My Computer:
Right. We’ve all been on a computer in the café or school/college, university etc where the drives have all been disabled in some way so that uoi can’t read the drives…or see them.
9 out of 10 times the drives aren’t actu\lly disabled. They’re just ‘hidden’ gfrom you.
Tio hide these drivesÂ…it is merely a trick. You can therefore unhide them if you know how to hide them.
Often though the problem is getting to the fdiles that hold the great, mystery known as the registry.
So, disabling the drives?
Go to HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIESZ\EXPLORER.
Create a new DWORD AND name it NoDrives. Modify the value now to 3FFFFFF (six Fs), but donÂ’t type the stuff in ( ) as the value !
Now, refresh and no dives are sown.
Second really cool trick:
Welcome message everytime you boot up windows:
HKEY_LOCAL _MACHINE\SOFTWARE\MICROSOFT\CURRENT VERSION\WINLOGON
Crazy as it may seem, you can actually make a pop up window appear everytime you load up PC.
Create a STRING on the right hand side of the window.
and giving it the name:
LegalNoticeText. Click on modify and type the sessage you wnt displayed.
Now, create a string that is called LegalNotieCpation (grrr…spell it correctly, unlike me –soz too lazy to retype, to lazy to turn on spell check ;-) I’m doing this very quickly cos I have to…nobody wants me to get massacred by my boss do they?)
Cool trick number 3:
CLSID Folders.
HmmÂ…You know that sometimes you van get some very annoying icons that are just stuck on the desktopÂ…and you canÂ’t get rid of them?
You know, for example, the Rubbish/Recycle Bin? Threer is actually a way of getting rid of them!
Nope, you canÂ’t just right click and select deleteÂ….cos its not there?!?
So, you need to use the registry to do this craxy trickÂ…which will fool many ppl into believing you are an ultimate hacker ;-)
So, what are CLSID folders??
They are Class ID folders, or 16 byte values that identifies a specific point in the registry.
All the special folders, like Control Panel, Recycle Bin, My ComputerÂ…etc, have a special CLSID folder with a special code.
Now, there are two things you can do if you use this information.
OneL:
Sox about mistakes, ok? I need to type real fast now!!!
First thing you can do is delete the folders from your desktop. This doesnÂ’t actually delete the folder from the PC though (but it isnÂ’t exactly he most clewver way of doing this).
You delete the folders bu going toÂ…
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\EXPLORER\DESKTOP\NAMESPACE{XXXXX-XXXXXXX-XXXXXXXX-XXX}
In plave of the xxxxxxxxxx (im not kissin you stupid!), you select the corresponding CLDID value.
Some commonly used icons..if I can type this fast enough are:
Control Pnael –{21ec2020-3aea-1069-a2dd-08002b30309D} it is all in caps tho, sorry. Bear with me please…I’m mputting my job on the line for you guys!
Threare some more commonly used filesÂ…erm, but one, I dnt know them off by heart, and two, I think youÂ’ll be bale to find these files when you get better at hacking. Forexample, the internet is a good place to start for looking gor these CLSID thingsÂ…
However, the better way of removing the icons from desktop is to dso it this wayÂ…
Go to:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE}SHELL FOLDER
Here, you will find that there is a DWORD value with name Attributes.
Modifyt it.
To dd the ability to rename, add :
50 01M 00 20 INSTRED of what the original value is and that M you see it isnÂ’t actaullyu something you add in to the valu of the DWORD.
RightÂ…lets start again. Ignore what you just readÂ…I cant even delete stuff ive typed cos this is soooo dangerous
OkÂ…starting againÂ…
Modify the DWORD with the value/name Attributes.
Now, change the value to either:
50 01 00 20 to add the RENAME feature to this iconÂ…
orÂ…
change the value to 60 01 00 20 to add the DELETE featrure to this iconÂ…
orÂ…
what do you think you need to change it to in oder to make iut surely both able to rename and delete?
Yup. You got it. Do that then.
Please remember to back up and to press refresh when you think its ready.
RightÂ…that; im adfraid is ost of the registry stuff deon.
But, I must mention on leaving what you may have to do to view the registry proppoerly. Us, as hacklers donÂ’t like to be confined to one method of changing stuff.
There is a better way of changing the registry, well sorta.
What you do is ‘export’ the registry fiel you need to play with by using the EXPORT feature of regedit.
Now, save the file as anythi you like Â…remember you have a .REG extenson at the end though.
Now, open the file (but in Notepad), donÂ’t double click it or the file will automatically die and hide itself into the registry. And if that file is a dangerous, incriminating registry fileÂ…youÂ’re in trouble!
So, open it in notepad.
Now, you see wombles wander across the scresen Â…not really.
What you do actually see is a strange test file (well reg d file actually) displaying the key and the version of registry ad the dwrods etcÂ…in full view.
Edit them hre to your desire. Now save. Then double click the file. Sorted. ThatÂ’s the registry in a very brief nutshellÂ…
I will elaborate ore ways of editing software in the next installmeant –using DOS to hack Explorer…so cool that its better than the registry (I think).
Cya later peeps. And soz for all the typos. Plesae freely change the typing errors youself lol.
I will retype this, properly sometime,.
Yeah I better do that.
Now, my boss is gonna chase me outta this placeÂ…so goodbye, and happy hacking.
Section 2:
Registry Hacking
Well, after the previous article/tutorial you should be rather familiar with the different methods of getting past the rather inexplicably easy to crack password system of the Windows Login function, and be capable of customizing the way programs boot up at the start of logging in.
We have established quite a bit already. Now, you should be pleased to know we will continue to customize (and cause damage probably!) a computer you have permission to do so ;-)
P.S If you are new to this serial of hacking publications, I suggest strongly you read my disclaimer, which can be found in the previous article (section 1). If you fail to comply, you may find that your rights to claim insurance completely voided.
In fact the point of the disclaimer is to inform what it takes to be a REAL hacker. So go away if you wanna learn to damage, destroy and destructively ruin systems. I will not teach you how to do so.
By this stage, if you have been following the articles in order, you should realise what it takes and what it means to be a real hacker.
Sorry, there is a large time gap between this article and the previous. I was caught up in my job, Please feel free to re-read again and again the articles if you need to do so. I donÂ’t expect one reading will allow full absorbing of material here. After all, hacking is an art. And all arts need practice.
Unfortunately, this art also needs research.
Lots of it.
Ok. Moving onÂ…How to hack the registry, continued by the member of the forums , going by name of Starfruit.
Please feel free to contact me if you need help by the way. I will give you details of my public key etc laterÂ…
Also, I must stress it is essential to back up all your files, and your registry NOW if you havenÂ’t already.
How do you do that? ErmÂ…really, you ought to know before you can consider yourself even a newbie hacker!
Check out the Control Panel, and use Explorer, plus a CD-RW drive to get round this problem. Basically, work on it yourself. This article is on exploration. Here is your chance buddyÂ… ;-)
I told you we are elusive pplÂ…
Right. How does one get into the registry?
HmmmÂ…First one must know what the registry is before they can change it.
So, I shall begin with an explanation of the registry:
The registry is a place of indecipherable, supposedly incoherent ‘coding’ as such, based purely on the usage of hexadecimal, binary and decimal number systems to act as ‘instructions’ (like genes) for the specific sets of different ‘layers’ that lie within the registry. Each ‘layer’ as I call it, or properly known as ‘KEYS’, are the different sections that the OS can be divided into (according to Microsoft). The point of this is to provide security by being elusive. It is in fact, not very clever, but simple and completely stupid as because one may not know where to look for important information (passwords, coding, etc), but one can very easily with the right knowledge find the place where these things are hidden.
Access of this strange place begins with a program called ‘REGEDIT.EXE’ sometimes the name varies with each version of Microsoft Windows.
Work on it yourselfÂ…youÂ’ll find it if you are developing your hacker skills.
Ok. So how do I open this program?
Simple. Must I say??
Ok…access Run, then type ‘REGEDIT’. Don’t have the quotes on either side please (you’re not that thick are you? ;-) And, by the way, you can actually type any program in here (as long as it falls into the local directory) and access them from here.)
Now, a new window should pop up.
It is the strange world of the registry.
HmmÂ…here we can what exactly? Well, remember I told you: it is the place where all the coding, instructions are hidden for Windows.
Every conceivable setting, every possible instruction, for colours of text, toolbar; for shape of icons, for passwords –everything, and I mean everything, (well almost), is here.
Notice the right hand side, there is a divider that splits the window. I call it the pane.
The pane is the bridge. It is a bridge between the KEYS and the DWORD Values.
Yup, they are really crap names.
I donÂ’t make this up, trust me
This means that everything a key holds has a corresponding DWORD Value and a DWORD. That is, a set of specific instructions for that one area of the Key.
You see, each key holds several different ‘folders’.
Anyway, opening a folder presents on the left hand side of the panel the different sub-levels of that type of program/setting, and shows up the DWORD on the right. That is, a setting for example of a particular area of a program.
The program that you are playing with depends on the DWORD and KEY open.
Yes it is weirdÂ…but logical. Please allow me to show you in detail how to play with these settings.
For example, the KEY ‘HKEY Local Machine’ is a good place to work on your skills.
Click on the cross to being with –next to the yello folder icon. This should expand the directory.
Now, you can see that there are a lot of different folder things to click on.
Look for the ‘Software’ folder. Click it.
Now, choose the Microsoft FOLDER AND THEN THE Windows folder. Now, click the Current Version folder. Notice the right hand side showing the DWORDs available. These are the different settings you can play withÂ…
Now, on the left, open up the Run folderÂ…or anything else that has the nae Run in it or is called by a similar nameÂ…
Look on the right side –notice the DWRODS? These are the different programs that are running when you boot up the computer. Whoooo! You can just delete the DWORDS to your liking.
However, some programs you should leave alone. Just get rid of those that are obviously unnecessary –like Babysitter 2.3 , etc…;-) And, notice all the virus and spyware may hide itself in here. Delete these nasty programs from the list. Just right click and select delete. Then press REFRESH button on keyboard. If you don’t know which key on keyboard represents this –um…I don’t understand what you are thinking with being a pro…
I’m sure you’ll find out which button it is if you don’t already know…(Hint –TRY F5 button?) Anyway, delete the program, then hit refresh or restart computer (sometimes this does nothing).
Note: this doesnÂ’t delete the actual program however.
If you can delete them, you can also make them! Therefore, if one wants another program (for some reasonÂ…) to boot up when windows doesÂ…choose a RUN folder on the left, then on the right, add a new DWORD and as the DWORD C(name it anything you likeÂ…oreferably something logical) and type in the directory of the program as the Value of this.
Now, refresh…rememerber that you need to refresh in order for anything to happen and reboot to see this new program boot up. It is a lovely thing –as you can hide programs in the boot up section without them coming up in the start up group…thusy being a little more secretive. (Just a bit u need yto understand).
Now, sometimes you need to change particular setting for a paricular feature/program that lies in windows. Just search for this or browse your way through the different folders available on the right.
If it is a piece of software you want to customize, then look for it in the SOFTWARE section of each key. Ote, not all the strange keys have the software level.
Now, upon finding the software you wnt to edit…you can check out the DWRD values etc or DWORDS by playing around with them –eg click on them and ‘modify ‘ their alues and change the names of the DWORDS, or even, delete them.
But, remember to firstly, back up your great 20000 page essay, and your essential registry files please.
DonÂ’t listen to me and you will find that the lovely dissertation on furry pigs out the window. ;-)
Ok. ThatÂ’s the registry in a nutshell. Well, sorta. ThereÂ’s much mpre to it than that.
I’ll give you thew advanced stuff on registry hacking now…with a frew brief really well known ‘tricks’ for hackin the registry.
Great trick number one:
Disabling the Drives of My Computer:
Right. We’ve all been on a computer in the café or school/college, university etc where the drives have all been disabled in some way so that uoi can’t read the drives…or see them.
9 out of 10 times the drives aren’t actu\lly disabled. They’re just ‘hidden’ gfrom you.
Tio hide these drivesÂ…it is merely a trick. You can therefore unhide them if you know how to hide them.
Often though the problem is getting to the fdiles that hold the great, mystery known as the registry.
So, disabling the drives?
Go to HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\POLICIESZ\EXPLORER.
Create a new DWORD AND name it NoDrives. Modify the value now to 3FFFFFF (six Fs), but donÂ’t type the stuff in ( ) as the value !
Now, refresh and no dives are sown.
Second really cool trick:
Welcome message everytime you boot up windows:
HKEY_LOCAL _MACHINE\SOFTWARE\MICROSOFT\CURRENT VERSION\WINLOGON
Crazy as it may seem, you can actually make a pop up window appear everytime you load up PC.
Create a STRING on the right hand side of the window.
and giving it the name:
LegalNoticeText. Click on modify and type the sessage you wnt displayed.
Now, create a string that is called LegalNotieCpation (grrr…spell it correctly, unlike me –soz too lazy to retype, to lazy to turn on spell check ;-) I’m doing this very quickly cos I have to…nobody wants me to get massacred by my boss do they?)
Cool trick number 3:
CLSID Folders.
HmmÂ…You know that sometimes you van get some very annoying icons that are just stuck on the desktopÂ…and you canÂ’t get rid of them?
You know, for example, the Rubbish/Recycle Bin? Threer is actually a way of getting rid of them!
Nope, you canÂ’t just right click and select deleteÂ….cos its not there?!?
So, you need to use the registry to do this craxy trickÂ…which will fool many ppl into believing you are an ultimate hacker ;-)
So, what are CLSID folders??
They are Class ID folders, or 16 byte values that identifies a specific point in the registry.
All the special folders, like Control Panel, Recycle Bin, My ComputerÂ…etc, have a special CLSID folder with a special code.
Now, there are two things you can do if you use this information.
OneL:
Sox about mistakes, ok? I need to type real fast now!!!
First thing you can do is delete the folders from your desktop. This doesnÂ’t actually delete the folder from the PC though (but it isnÂ’t exactly he most clewver way of doing this).
You delete the folders bu going toÂ…
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENT VERSION\EXPLORER\DESKTOP\NAMESPACE{XXXXX-XXXXXXX-XXXXXXXX-XXX}
In plave of the xxxxxxxxxx (im not kissin you stupid!), you select the corresponding CLDID value.
Some commonly used icons..if I can type this fast enough are:
Control Pnael –{21ec2020-3aea-1069-a2dd-08002b30309D} it is all in caps tho, sorry.
Bear with me pleaseÂ…IÂ’m mputting my job on the line for you guys!Threare some more commonly used filesÂ…erm, but one, I dnt know them off by heart, and two, I think youÂ’ll be bale to find these files when you get better at hacking. Forexample, the internet is a good place to start for looking gor these CLSID thingsÂ…
However, the better way of removing the icons from desktop is to dso it this wayÂ…
Go to:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE}SHELL FOLDER
Here, you will find that there is a DWORD value with name Attributes.
Modifyt it.
To dd the ability to rename, add :
50 01M 00 20 INSTRED of what the original value is and that M you see it isnÂ’t actaullyu something you add in to the valu of the DWORD.
RightÂ…lets start again. Ignore what you just readÂ…I cant even delete stuff ive typed cos this is soooo dangerous
OkÂ…starting againÂ…
Modify the DWORD with the value/name Attributes.
Now, change the value to either:
50 01 00 20 to add the RENAME feature to this iconÂ…
orÂ…
change the value to 60 01 00 20 to add the DELETE featrure to this iconÂ…
orÂ…
what do you think you need to change it to in oder to make iut surely both able to rename and delete?
Yup. You got it. Do that then.
Please remember to back up and to press refresh when you think its ready.
RightÂ…that; im adfraid is ost of the registry stuff deon.
But, I must mention on leaving what you may have to do to view the registry proppoerly. Us, as hacklers donÂ’t like to be confined to one method of changing stuff.
There is a better way of changing the registry, well sorta.
What you do is ‘export’ the registry fiel you need to play with by using the EXPORT feature of regedit.
Now, save the file as anythi you like Â…remember you have a .REG extenson at the end though.
Now, open the file (but in Notepad), donÂ’t double click it or the file will automatically die and hide itself into the registry. And if that file is a dangerous, incriminating registry fileÂ…youÂ’re in trouble!
So, open it in notepad.
Now, you see wombles wander across the scresen Â…not really.
What you do actually see is a strange test file (well reg d file actually) displaying the key and the version of registry ad the dwrods etcÂ…in full view.
Edit them hre to your desire. Now save. Then double click the file. Sorted. ThatÂ’s the registry in a very brief nutshellÂ…
I will elaborate ore ways of editing software in the next installmeant –using DOS to hack Explorer…so cool that its better than the registry (I think).
Cya later peeps. And soz for all the typos. Plesae freely change the typing errors youself lol.
I will retype this, properly sometime,.
Yeah I better do that.
Now, my boss is gonna chase me outta this placeÂ…so goodbye, and happy hacking.
