Exploring Windows

By Pradeep Kishanani

Windows the most widely used Operating System has many holes. With some operations you can easily  customize (hack) your Windows Operating System. Now let?s see some usable and funny tips and tricks..

Change the Windows start-up and shutdown screens:

Using this trick you can easily change the boring startup and shutdown screens. In Windows the screens  are stored in the disk as logo.sys, logow.sys, logos.sys. Find them on the disk and open them with  ?Mspaint?. Now you can do any thing with these files.

You can even add your pics as the startup screen. But remember that the width should be 320 pixels and  height should be 400 pixels and save it the Windows directory as the logo.sys/logow.sys/logos.sys.

Get out of Windows without warning:

Using this trick you can shutdown or restart your Windows without any warning. For using this right-click  on desktop and create a short-cut and enter the command line as follows:

Shutting down: ?rundll.exe user.exe,exitwindows? (without quotes)

Restarting: ?rundll.exe user.exe,exitwindowsexec? (without quotes)

Note: you can even shutdown Windows by running this command in Windows directory.

Catch your desktop:

To get the contents of your screen as an image file, press the ?print screen? key on your desktop and  open Microsoft Paint and click paste in the edit menu (or press Ctrl+V). You can it as an image file.

Note: This trick doesn?t work for saving video screenshots. There are many other freeware programs for  taking the screenshots of a video file.

Hack the Windows login passwords:

During Windows startup press F8 key (i.e., before the startup splash screen) and select ?command  prompt only?. Go to c:\windows directory and delete the password file(*.pwl ? where * is the username)  and restart the system. When the password dialog box pops up, type the username and enter any  password. Windows should accept any password.

Internet Explorer- Some tips to clean your tracks on your system:

If you are using Internet Explorer for surfing the net, it is the program which spies on your browsing  habits and stores the files you viewed in the hard disk. Any hacker by introducing a small Trojan program  to your system can easily know your surfing habits.

Clear History:

The sites you visited over the internet with the Internet Explorer engine are stored in the history folder in  your Windows directory. You can delete the entries in the history folder by clicking the ?Clear History?  button in the Internet options dialog box. To delete only a specific entry go the history folder in  c:\windows and delete the entry.

Remove the temporary internet files:

Internet Explorer stores the images and pages viewed through it in the ?Temporary Internet Files? folder  in c:\windows directory. Delete the files in it by clicking the ?Delete Files? in the Internet Options dialog  box in Internet Explorer. You can even delete the files by browsing through the ?Temporary Internet Files? folder in Windows directory.

Remove Cookies:

Cookies are the files used by the websites to know information about your last login to that site, your  username in the site etc. The information in these files is not user readable language. But, the cookie  name tells the name of the site you visited. Delete the cookies by browsing through the ?Cookies? folder  in Windows directory.

The above mentioned are some basic tricks you can play on Windows. But, to really hack your Windows,  there is no other better tool than REGEDIT.

Working with registry:

Registry as its name indicates it is the central core registrar of windows system. It contains all information  about the programs installed on the system and how to respond to inputs of the user. Customizing  windows is very easy by working with the registry. In windows 95/98 the entire registry is stored in  USER.DAT and SYSTEM.DAT; in windows Me there is another file called CLASSES.DAT. In windows  NT/2000 the registry is stored in %system root%\system32\config directory. But, you cannot edit these  files directly to change the values in registry. To change the registry settings there is an utility in windows  known as ?REGEDIT?. Using this utility you can comfortably edit the registry to hack your windoze.

The registry has a tree structure and it looks similar to windows explorer. The entire registry is divided to  six hives with further have sub-keys and values. The six main hives in the windows registry are

HKEY_USERS ? This hive contains all information about the settings for each user on the system. If there  is only one user then only ?.default? key will be present.

HKEY_CURRENT_USER ? This is the link to HKEY_USERS. It loads the appropriate settings like desktop  settings, start menu settings etc. for the current logged on user.

HKEY_LOCAL_MACHINE - This hive contains all information about the system starting from the hardware  settings, software etc. to information about the users on that system.

HKEY_CLASSES_ROOT ? This hive contains all information about windows shortcuts, file associations.

HKEY_CURRENT_CONFIG ? This is an alias to HKEY_LOCAL_MACHINE and stores information about the  current hardware configuration.

HKEY_DYN_DATA ? In this hive, changes in the values of registry take place dynamically. So, this key is  known a ?Dynamic Data Key?.

The values to the sub-keys in the registry are defined by three types.

String: This type is used to represent human readable values

Binary: In this type the information is stored in hexadecimal

format. It mainly stores information regarding hardware configuration.

Dword: This is a Boolean format. To disable a Key change its value to ?0? and ?1? to enable the key.

When you right click on any key in the left pane of registry, the following options popup:

Expand: To expand the tree.

New: Creates a new key

Find: To find a sub-key in that key

Delete: Deletes the key

Rename: Renames the key

Copy Key Name: Copies the entire key

When you click on a key in the right pane the following options popup:

Modify: Modifies the value of the key

Delete: Deletes the selected key

Rename: Renames the key

Registry Editor is included with the windows operating system. To launch Registry Editor, click start and  select run. In the Run dialog box, type ?regedit? (without quotes) and click OK. You will now see the  Registry Editor launched to the screen. In the windows registry you can neither add nor delete the main  hives. You can add or delete keys to these hives and even modify the values to the keys.

With this concept you can easily hack your windows system. But, be careful while working with registry.  Editing the registry could crash programs and even the entire Operating System. Now we shall see some  tricks you can play on windows registry to customize (hack) your Windows using registry.

Run a program every time Windows starts:

You can run a program every time when the Windows startup. To do this go

?HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Run?

And create a new string Value and modify its value to the path of the program (Example: C:\program  files\winamp\winamp.exe) you want to start every time when Windows starts and restart the Windows.  Your program should automatically start on Windows startup. Note: You can stop a program from loading  at Windows startup by removing the appropriate value from the ?Run? directory in registry.

Display a notice every time Windows starts:

You can use this trick if you want a message to be displayed every time Windows starts. Go to

?HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Winlogon?.

Create a new string values as follows.

Name: LegalNoticeCaption and Value: Caption of the dialog box here

Name: LegalNoticeText and Value: Your message here

After adding the values, restart your Windows, a dialog box should appear before the Windows startup.

Remove the ?shortcut to?? on shortcuts:

To do this go to the following key:

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\explorer

Create a new Binary value with name ?Link? (without quotes) and change its value to ?00 00 00 00?.  

Restart your system for applying your new settings.

Automatically logon to Windows:

Using this operation you can logon to your personal settings without every time typing your passwords.  Go to the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon

And create a new string value with name ?Default Password?

(Without quotes) and modify its value to your exact password.

Note: The default username can be found at

HKEY_LOCAL_MACHINE\Network\Logon\username.

Remove the internet icon form Desktop:

Go to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\EXplorer and Create a new  DWORD value named ?NoInternetIcon? and set its value to ?1?.

Disable the Shutdown command:

To disable the Shutdown command go to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\EXplorer and create a new DWORD value ?NoClose?(Without quotes) and set it?s value to ?1? (Without  quotes). Restart the system for the new settings to apply. To enable the Shutdown command change the  value of ?NoClose? to ?0? (Without quotes).

Hide icons on desktop:

To hide all the items on the desktop go to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\EXplorer and create a new DWORD value ?NoDesktop? (Without quotes) and set its value to ?1?. Restart  the computer for the new settings to take place.

Hide the Network Neighbourhood icon from desktop:

To do this operation go to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\EXplorer and create a new DWORD value ?NoNetHood? (Without quotes) and set it?s value to ?1? (Without  quotes).

Automatically close Non-Responding programs:

In Windows often users encounter Non-responding programs due to several reasons like low ram  availability, low processing power etc. This helps to close automatically the Non-responding programs in  Windows. To do this operation go to HKEY_USERS\.Default\Control Panel\Desktop and a new string value  to this folder. Ad name the string value to ?AutoEndtasks? (Without quotes) and set it?s value to ?1?  (Without quotes).

Get the Windows update without registering with Microsoft:

Microsoft often releases updates to the Windows Operating System. To receive these updates, Windows  must be registered with Microsoft. This tweak helps you to receive updates without registering with  Microsoft.

Go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version and create anew string value named ?RegDone? (Without quotes) and set its value to ?1?  (Without quotes).

Take control over the auto complete mode:

In Windows Operating System there is an option called auto complete mode. This helps to avoid the  repeated typing of the same text in text boxes.

Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AUtocomplete and create a new string value named ?Append Completion? (Without quotes) and set it value  to ?yes? (Without quotes) to enable the auto completion and ?No? (Without quotes) to show only a list of relevant text.

Model your explorer toolbars:

This helps you add an image to the background of your explorer toolbar. To do this go to

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\toolbar and add a new string value named  ?BackBitmapShell? (Without quotes) to it and set its value to the path of the image file.

Clear the recent documents on windows exit:

This tweak helps you to remove the recent documents upon exiting the Windows.

Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\EXplorer and add a new DWORD valus named ?Clearrecentdocsonexit? (Without quotes) and set its value  to ?1?.

Customize your start menu:

In Windows the start menu acts as a barrier between the user and the programs installed on the  computer. But, the main Start menu cannot be edited easily. To do this one should edit the registry. All  these operations are required to be done to the same key i.e.,

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.

Remove Favorites from start menu:

Create a Dword value named ?Nofavoritesmenu? and set its value to ?1?

Remove folders from settings on the start menu:

Create a new DWORD value named ?NoSetFolders? (Without quotes) and set its value to ?1?

Remove Documents folder from start menu:

Create a new DWORD value named ?NoRecentDocsMenu? and set its value to ?1?.

Remove the help option from start menu:

Create a new DWORD value named ?NoSMHelp? and set its value to ?1?.

Remove My documents from documents in start menu:

Create a new DWORD value named ?NoSMMyDocs? and set its value to ?1?.

Remove the find command from start menu:

Create a new DWORD value named ?NoFind? and set its value to ?1?.

Remove Run command from start menu:

Create a new DWORD value named ?NoRun? and set its value to ?1?.

Remove the control panel from start menu:

Create a new DWORD value named ?NoControlPanel? and set its value to ?1?.

Remove the taskbar from the settings option on start menu:

Create a new DWORD value named ?NoSetTaskbar? and set its value to ?1?.

Disable shutdown:

Create a new DWORD value named ?NoClose? and set its value to ?1?.

Note: To disable any registry value mentioned above change its value form ?1? to ?0?.

Hack Internet Explorer:

Hiding the Internet Explorer icon from desktop:

To do this go to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

and create a new DWORD value named ?NoInternetIcon? and set its value to ?1?.

Disable the Go Button in Internet Explorer:

Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main and create a new string value named ?ShowGoButton? and set its value to ?no?.

Change the Internet Explorer Search Engine:

Go to ?HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Search url? and create a new string value named ?Default? (Without quotes) and set its value to the address of the search Engine. (Example:  For Altavista the value should be ?http://www.altavista.com/cgi-bin/query?q=%s?)

Changing the Internet Explorer window title:

Just go to HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main and create a string value  named ?Window Title? With the new caption as its value.

Hidden features in Internet Explorer 5 and above versions:

Internet Explorer 5 comes with many hidden features. These features make Internet Explorer 5 more  customizable than its previous versions.

Add a background bitmap to the Internet Explorer toolbar:

One can easily add a bitmap to the Internet Explorer toolbar.

Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar and create a new string value named ?BackBitmapIE5?(for Internet Explorer 5) and set the path of the bitmap as it value.

Customize Internet Explorer 5:

The following all values are to be added to

HKEY_CURRENT_USER\Software\Policies\Microsoft\InternetExplorer\Restrictions for playing the trick. Set  the values of the below give DWORD values to ?1? to enable it and ?0? to disable it.

Disable closing Internet Explorer: NoBrowserClose Hide the Internet Options dialog box:  

NoBrowserOptions

Disable Save As..: NoBrowserSaveAs

Disable New command in File menu: NoFileMenu

Disable Full screen option: NoTheaterMode

Disable the right-click context menu: NoBrowserContextMenu

CLSID folders- What they really are?

In Windows Operating System, the system folders are protected from accidental deletion. Each system  folder is represented by a 16-bit value known as CLSID value in the Windows registry. These values point  to the specific system folders. These values are stored in the registry in ?HKCR\CLSID?. Below given are  some of the CLSID values of some folders

Recycle Bin- {645FF040-5081-101B-9F08-00AA002F9554E}

Network Neighbourhood- {208D2C60-3AEA-1069-A2D7-O8002B30309D}

My Computer- {20D04FE0-3AEA-1069-A2D8-08002B30309D}

Control Panel- {21EC2020-3AEA-1069-A2DD-08002B30309D}

My Briefcase- {85BBD920-42AO-1069-A2E4-08002B30309D}

History- {FF393560-C2A7-11CF-BFF4-444553540000}

Printers- {2227A280-3AEA-1069-A2DE-O8002B0309D}

Dial-up Networking- {992CFFA0-F557-101A-88EC-00DD01CCC48}

Fonts- {BD84B380-8CA2-1069-AB1D-08000948534}

To delete a folder simply delete the corresponding value to the folder in the above key mentioned.

Note: To delete a key from the desktop go to

?HKLM|Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace?

and delete the corresponding key.

Customize the right-click menu of the CLSID folders:

The above explained process is not an efficient one to delete the system folders. There is another method  by which you can customize the right-click menu of the folder after which you can delete the folder or  even rename the folder. Let?s look at this process.

This operation deals with editing the DWORD value of ?attributes? in the shellfolder of the corresponding  CLSID folder. To do this go to ?HKCR\CLSID\{CLSID VALUE}\Shellfolder? and find the DWORD value named ?Attributes? in it and  change its value to the following values according to your requirement.

70 01 00 20 ?Adds both rename and delete to the menu

50 01 00 20 ? Adds only rename option to the menu

60 01 00 20 ? Adds only delete to the menu

47 01 00 20 ? Adds cut, copy, paste to the menu

40 01 00 20 ? Changes the menu to its default condition

Now you can do anything to the folders. But, remember editing these values could eve crash your system.  So, be careful while editing them.

Playing with Explorer.exe:

Explorer is like the heart to Windows Operating System. It is mainly responsible for the originating  windows in Windows OS.

So, the life of Windows lies in Explorer.exe. Now we shall see editing this file. Remember, editing  explorer.exe is a complicate issue to take a backup of all the important data you have and also have a  copy of explorer.exe.

You can use DOS for hex-editing your explorer.exe or even any .exe file.

Change the ?Start? text on Start button:

To do this restart your computer in MS-Dos and go to C:\Windows> and type the following command. ?edit /70 explorer.exe? (without quotes). The /70 option helps you to see only 70 columns on the screen.  It is in the line 2390 of the editor window, there is a text ?S t a r t?. Now you can replace the text on start  button with any word of 5 characters. Simply replace the letters in ?S t a r t? with any the required letters  with null characters (remember not spaces) in between them. Example: Replace the ?S t a r t? with ?S n  e h a?.

If by mistake you typed a space between the letters, copy a null character from the remaining document  and paste it over the typed space.

Change the text over Clear button in Taskbar properties:

Follow the same procedure to open the Dos editor and to the line 1354 in the editor. You can find the  word ?& C l e a r?. Now just replace the word with any other word with exactly 5 characters. The ?&?  signifies the shortcut key for the operation i.e., the command gets executed when you press ?Alt + C?. Example: I changed the ?& C l e a r? to ?& S n e h a?.

Restart your computer for the settings to take place. Like wise there are many operations that you can do  to change the taskbar properties and start menu items. All these can be found in between the lines 1336  to 2348. But be careful while editing it.

Note: The lines mentioned here are with reference to explorer.exe in a Win98 system. These lines may  vary with explorer.exe in other OSs.

That?s it for now. In my next article I will be dealing with hacking rediffmail passwords by tricking fake  login screen.

So, stay tuned to astalavista.com regards pradeep kishnani rockystone@rediffmail.com

Disclaimer: Editing the registry and explorer.exe is a complicate issue. Operations above mentioned could  even crash your system. So, always maintain a back-up copy while editing the registry or explorer.exe.  Perform the operations at your own risk. I am not responsible for any kind of damage.

Credits

pradeep kishnani

rockystone@rediffmail.com