3Dec/080

How secure is your Password?

Cyber Monday has come and gone and those of us that got all our goodies online are now awaiting for those special packages to arrive soon to be placed underneath the Christmas tree. How sweet it is.

However did you ever think identity theft and phishing sites are also on the prowl.

I know what your thinking this is another one of those ads for some service that will hold your ID safe like oh the craptastic ID vault commercials I hear all the time.

You ask what is wrong with ID Vault? Well I can’t say much is wrong. They have the right idea. However they pray on all those whom don’t understand how to keep themselves safe online.

Let just start with your online Password. I am sure where you work they have a password policy and even some biometrics set up so that the company as well as you are protected mostly the prior.

Truth is most people go home and start shopping online and surf over to walmart.com or my favorite Buylifetime.com for some goodies and the sites tend to ask you for a special thing called a user account. Given this you only really wanted to be on the web site for at most 30 seconds. However you are cool with setting up an account because it make you feel o’ so safe and your ready to buy. Here is where the majority of people run into the least secure part of their transaction. While every shopping site has a “https” or “Secure Certificate” the only thing that makes these sites “Secure” is they paid a lot of money to have a company like VeriSign to do research them and give them a “Certificate” saying yes this is the company and site they say they are. There is no secret tunnel that you are in. For mere argument yes you do change IP ports from 80 to 443 however those ports are still just ports for transport of information along the same internet we all use.

So now that I have you paranoid. Well you should and should not be. Whaaa? are you smoking something mike?

First No. Paranoia should be a good friend when you are on the internet. Millions of bits and not to mention the crap in those bits intermingling.

The reason not to be paranoid is most sites that offer the “SSL” or “Https” are typically safe and do a ton of work to make sure you transactions are safe.

So going back to the reason for this article is make sure your passwords are STRONG! Can’t say that more. Having a Strong password will save your account from being hacked into like well Sarah Pallin’s Email.

The following little spreadsheet will ask you questions about your password not for your password and tell you how strong it is as well as how long it will take to crack your password.

Download from Drop.io(http://drop.io/BFTCalc)

Please be safe on the internet have strong passwords and remember the internet while it feels safe and your accounts are protected that doesn’t mean they are.

Rule of thumb: If your data is on the internet. It is accessible to anyone anytime no matter how locked down or safe a website says it is.

Anything is hack-able given time.

Technorati Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

LiveJournal Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

Flickr Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

del.icio.us Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

IceRocket Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

43 Things Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

BuzzNet Tags: How Secure is your Password, Password Thoughts, Strong Passwords, mikedopp whaa, Anything is hack-able given time

Tagged as: Hacking, Secure Password, Web Security No Comments

2Dec/080

Change the look of your windows XP-2003 Run Box

Yes put this one into the records as why do it? Because you can!

runbox

Get these tools if you don't have them yet:

We'll begin by copying shell32.dll to a safe place.
Copy it two times, one which we'll be editing, and one which is a backup.
Open it in ResHacker and you'll see a list on the left side showing all available resources.

reshack1

Now select the 'Dialog' resource, and look at 1003. You'll notice it's the Run box.

We'll start by adding a bitmap to place on our Run box. Go to 'Bitmap' and select 'Action', 'Add a new Resource'.

reshack2

Here you select a bmp file and give it the name RUNGFX. You can get the bmp I used here: Runbox.bmp.

untitled

Press 'Add Resource' and now you can see it's added.

reshack5

Now we'll go back to the 'Dialog' 1003, 1033 and replace the existing script with this one:
1003 DIALOGEX 0, 0, 188, 83
STYLE DS_FIXEDSYS | DS_MODALFRAME | DS_NOIDLEMSG | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION ":: run ::"
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
FONT 8, "MS SHELL DLG"
{
CONTROL "", 12298, COMBOBOX, CBS_DROPDOWN | CBS_AUTOHSCROLL | CBS_DISABLENOSCROLL | WS_CHILD | WS_VISIBLE | WS_VSCROLL | WS_TABSTOP, 3, 53, 181, 198
CONTROL "R", 12306, BUTTON, BS_AUTOCHECKBOX | WS_CHILD | WS_VISIBLE | WS_DISABLED | WS_TABSTOP, 21, 90, 1, 1
CONTROL "Run", 1, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 3, 67, 59, 14 , 0x00020000
CONTROL "Cancel", 2, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 63, 67, 59, 14 , 0x00020000
CONTROL "Find", 12288, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 124, 67, 59, 14 , 0x00020000
CONTROL "RUNGFX", 0, STATIC, SS_BITMAP | WS_CHILD | WS_VISIBLE | WS_GROUP, 3, 3, 181, 48
}
To make your life easier, and to be sure you don't make a mistake due to your browser word wrapping the script, copy paste it from this text file: runscript.txt.
When you have replaced it you press 'Compile Script'.

untitled

And now you'll see the preview has changed to our new runbox!

reshack7

Press CTRL+S to save the modified dll.
The last thing we need to do is to use Replacer to replace our existing shell32.dll in SYSTEM32 with our new file. You can't just copy it in there because Windows File Protection would replace it with a backup. Therefore we use Replacer, just follow the instructions Replacer shows and you'll be fine. Replacer also prompts you to make a backup, make sure you make one, you never know what can go wrong.
When the file is replaced (Replacer replaces the file itself along with the one in dllcache) you have to reboot and when everything went fine, you now have a new Run box! A really good looking one, different from everyone else.
Some notes:
If you move the controls around, make sure to not place any above or behind the bitmap, it could give problems. Also don't include a bitmap bigger then your box. Make sure you leave a bit of spaces from the edges, when you put the bitmap against the border, it won't show up.

Technorati Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

LiveJournal Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

Flickr Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

del.icio.us Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

IceRocket Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

43 Things Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

BuzzNet Tags: Hack your Run Box, Windows XP-2003 Run Box Hack, Fun with Resource Hacker, Resource hacker, Watch me hack something else soon.

Tagged as: Edit the Run Box, Hacking, Windows No Comments