whenever you open up a New Message, hold down ctrl-shift and tap the z key to

scroll to change the background color. Repeat the keystroke to cycle through the

colors.</P><B>

<P>Internet Explorer 5 Hidden Features</P></B>

<P><BR>Microsoft Internet Explorer 5 has several hidden features which can be

controlled using the Windows Registry. Open your registry and scroll down to the

following key:</P>

<P>HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet

Explorer\Restrictions</P>

<P>Create a new DWORD value named x(See complete list of values of x below) and

modify it's value to 1 to enable it and to 0 to disable it.</P>

<P>NoBrowserClose : Disable the option of closing Internet Explorer. </P>

<P>NoBrowserContextMenu : Disable right-click context menu. </P>

<P>NoBrowserOptions : Disable the Tools / Internet Options menu. </P>

<P>NoBrowserSaveAs : Disable the ability to Save As. </P>

<P>NoFavorites : Disable the Favorites. </P>

<P>NoFileNew : Disable the File / New command. </P>

<P>NoFileOpen : Disable the File / Open command. </P>

<P>NoFindFiles : Disable the Find Files command. </P>

<P>NoSelectDownloadDir : Disable the option of selecting a download directory.

</P>

<P>NoTheaterMode : Disable the Full Screen view option. </P><B>

<P>Hacking Secrets</P></B>

<P>Almost all system administrators make certain changes and make the system

restricted. System Administrators can hide the RUN option, the FIND command, the

entire Control Panel, drives in My Computer like D: A: etc. They can even

restrict activities of a hacker my disabling or hiding, even the tiniest options

or tools. </P>

<P>Most commonly these restrictions are imposed locally and are controlled by

the Windows Registry. But sometimes the smart system administrators control the

activities of the hacker by imposing restrictions remotely through the main

server.</P>

<P>Poledit or Policy Editor is a small kewl tool which is being commonly used by

system administrators to alter the settings of a system. This utility is not

installed by default by Windows. You need to install in manually from the

Windows 98 Installation Kit from the Resource Kit folder. user.dat file that we

saw earlier. </P>

<P>The Policy Editor tool imposes restrictions on the user's system by editing

the user.dat file which in turn means that it edits the Windows Registry to

change the settings. It can be used to control or restrict access to each and

every folder and option you could ever think of. It has the power to even

restrict access to individual folders, files, the Control Panel, MS DOS, the

drives available etc. Sometimes this software does make life really hard for a

Hacker. So how can we remove the restrictions imposed by the Policy Editor? Well

read ahead to learn more.</P>

<P>You see the Policy Editor is not the only way to restrict a user's

activities. As we already know that the Policy Editor edits the Windows

Registry(user.dat) file to impose such restrictions. So this in turn would mean

that we can directly make changes to the Windows Registry using a .reg file or

directly to remove or add restrictions.</P>

<P>Launch Regedit and go to the following Registry Key:</P>

<P>HKEY_CURRENT_USER/Software/Microsoft/CurrentVersion/Policies</P>

<P>Under this key, there will definitely be a key named explorer. Now under this

explorer key we can create new DWORD values and modify it's value to 1 in order

to impose the restriction. If you want to remove the Restriction, then you can

simply delete the respective DWORD values or instead change their values to 0.

The following is a list of DWORD values that can be created under the Explorer

Key-:</P>

<P>NoDeletePrinter: Disables Deletion of already installed Printers</P>

<P>NoAddPrinter: Disables Addition of new Printers</P>

<P>NoRun : Disables or hides the Run Command</P>

<P>NoSetFolders: Removes Folders from the Settings option on Start Menu (Control

Panel, Printers, Taskbar)</P>

<P>NoSetTaskbar: Removes Taskbar system folder from the Settings option on Start

Menu</P>

<P>NoFind: Removes the Find Tool (Start &gt;Find)</P>

<P>NoDrives: Hides and does not display any Drives in My Computer</P>

<P>NoNetHood: Hides or removes the Network Neighborhood icon from the

desktop</P>

<P>NoDesktop: Hides all items including, file, folders and system folders from

the Desktop</P>

<P>NoClose: Disables Shutdown and prevents the user from normally shutting down

Windows.</P>

<P>NoSaveSettings: Means to say, 'Don't save settings on exit'</P>

<P>DisableRegistryTools: Disable Registry Editing Tools (If you disable this

option, the Windows Registry Editor(regedit.exe) too </P>

<P>will not work.)</P>

<P>NoRecentDocsHistory: Removes Recent Document system folder from the Start

Menu (IE 4 and above)</P>

<P>ClearRecentDocsOnExit: Clears the Recent Documents system folder on Exit.</P>

<P>Nolnternetlcon: Removes the Internet (system folder) icon from the

Desktop</P>

<P>Under the same key:

HKEY_CURRENT_USER/Software/Microsoft/CurrentVersion/Policies you can create new

subkeys other than the already existing Explorer key. Now create a new key and

name it System. Under this new key, system we can create the following new DWORD

values(1 for enabling the particular option and 0 for disabling the particular

option):</P>

<P>NODispCPL: Hides Control Panel</P>

<P>NoDispBackgroundPage: Hides Background page.</P>

<P>NoDispScrsavPage: Hides Screen Saver Page</P>

<P>NoDispAppearancePage: Hides Appearance Page</P>

<P>NoDispSettingsPage: Hides Settings Page</P>

<P>NoSecCPL: Disables Password Control Panel</P>

<P>NoPwdPage: Hides Password Change Page</P>

<P>NoAdminPaqe: Hides Remote Administration Page</P>

<P>NoProfilePage: Hides User Profiles Page</P>

<P>NoDevMgrPage: Hides Device Manager Page</P>

<P>NoConfigPage: Hides Hardware Profiles Page</P>

<P>NoFileSysPage: Hides File System Button</P>

<P>NoVirtMemPage: Hides Virtual Memory Button</P>

<P>Similarly, if we create a new subkey named Network, we can add the following

DWORD values under it(1 for enabling the particular option and 0 for disabling

the particular option):</P>

<P>NoNetSetupSecurityPage: Hides Network Security Page</P>

<P>NoNelSetup: Hides or disables the Network option in the Control Panel</P>

<P>NoNetSetupIDPage: Hides the Identification Page</P>

<P>NoNetSetupSecurityPage: Hides the Access Control Page</P>

<P>NoFileSharingControl: Disables File Sharing Controls</P>

<P>NoPrintSharing: Disables Print Sharing Controls</P>

<P>Similarly, if we create a new subkey named WinOldApp, we can add the

following DWORD values under it(1 for enabling the particular option and 0 for

disabling the particular option):</P>

<P>Disabled: Disable MS-DOS Prompt</P>

<P>NoRealMode: Disable Single-Mode MS-DOS.</P>

<P>So you see if you have access to the Windows Registry, then you can easily

create new DWORD values and set heir value to 1 for enabling the particular

option and 0 for disabling the particular option. But Sometimes, access to the

Windows Registry is blocked. So what do you do? Go to the Windows Directory and

delete either user.dat or system.dat (These 2 files constitute the Windows

Registry.) and reboot. As soon as Windows logs in, it will display a Warning

Message informing you about an error in the Windows Registry. Simply ignore this

Warning Message and Press CTRL+DEL+ALT to get out of this warning message.(Do

not press OK) You will find that all restrictions have been removed.</P>

<P>The most kind of restriction found quite commonly is the Specific Folder

Restriction, in which users are not allowed access to specific folders, the most

common being the Windows folder, or sometimes even access to My Computer is

blocked. In effect, you simply cannot seem to access the important kewl files

which are needed by you to do remove restrictions. What do you? Well use the RUN

command. (START &gt;RUN). But unfortunately a system administrator who is

intelligent enough to block access to specific folder, would definitely have

blocked access to the RUN command. Again we are stuck.</P>

<P>Windows is supposed to be the most User Friendly Operating System on earth.

(At least Microsoft Says so.)</P>

<P>It gives the User an option to do the same thing in various ways. You see the

RUN command is only the most convenient option of launching applications, but

not the only way. In Windows you can create shortcuts to almost anything from a

file, folder to a Web URL. So say your system administrator has blocked access

to the c:\windows\system folder and you need to access it. What do you do?

Simply create a Shortcut to it. To do this right click anywhere on the desktop

and select New &gt; Shortcut. A new window titled Create Shortcut pops up. Type

in the path of the restricted folder you wish to access, in this case

c:\windows\system. Click Next, Enter the friendly name of the Shortcut and then

click Finish. Now you can access the restricted folder by simply double clicking

on the shortcut icon. Well that shows how protected and secure *ahem Windows

*ahem is.</P>

<P>****************</P>

<P>HACKING TRUTH: Sometimes when you try to delete a file or a folder, Windows

displays an error message saying that the file is protected. This simply means

that the file is write protected, or in other words the R option is +. Get it?

Anyway, you can stop Windows from displaying this error message and straightaway

delete this file by changing its attributes to Non Read Only. This can be done

by Right Clicking on the file, selecting Properties and then </P>

<P>unselecting the Read Only Option.</P>

<P>***************</P>

<P>There is yet another way of accessing restricted folders. Use see, DOS has a

lovely command known as START. Its general syntax is:</P>

<P>START application_path</P>

<P>It does do what it seems to do, start applications. So in you have access to

DOS then you can type in the START command to get access to the restricted

folder. Now mostly access to DOS too would be blocked. So again you can use the

shortcut trick to launch, c:\command.com or c:\windows\command.com. (Command.com

is the file which launches MS DOS).</P>

<P>Accessing Restricted Drives.</P>

<P>The problem with most system administrators is that they think that the users

or Hackers too are stupid. Almost all system administrators use the Registry

Trick (Explained Earlier) to hide all drives in My Computer. So in order to

unhide or display all drives, simply delete that particular key.(Refer to

beginning of Untold Secrets Section.)</P>

<P>Some systems have the floppy disk disabled through the BIOS. On those systems

if the BIOS is protected, you may need to crack the BIOS password. (For that

Refer to the Windows Hacking Chapter). Sometimes making drives readable

(Removing R +) and then creating Shortcuts to them also helps us to get access

to them.</P>

<P>Further Changing your Operating System's Looks by editing .htt files</P>

<P>If you have installed Windows Desktop Update and have the view as Web Page

option enabled, you can customise the way the folder looks by selecting View

&gt; Customise this folder. Here you can change the background and other things

about that particular folder. Well that is pretty lame, right? We hackers

already know things as lame as that. Read on for some kewl stuff.</P>

<P>Well, you could also change the default that is stored in a Hidden HTML

Template file (I think so..) which is nothing but a HTML document with a .htt

extension. This .htt file is found at: %systemroot%\web\folder.htt.</P>

<P>The %systemroot% stands for the drive in which Windows is Installed, which is

normally C:</P>

<P>You can edit these .htt files almost just like you edit normal .HTM or .HTML

files. Simply open them in an ASCII editor like Notepad. The following is a list

of .htt files on your system which control various folders and which can be

edited to customise the way various folders look.</P>

<P>controlp.htt Control Panel</P>

<P>printers.htt Printers</P>

<P>mycomp.htt My Computer</P>

<P>safemode.htt Safe Mode</P>

<P>All these files are found in the web folder in %systemfolder%. The folder.htt

file has a line:</P>

<P>'Here's a good place to add a few lines of your own"</P>

<P>which is the place where you can add your own A HREF links. These links would

then appear in the folder whose folder.htt file you edited. All this might sound

really easy and simple, but you see these .htt files do not contain normal HTML

code, instead they contain a mixture of HTML and web bots. Hence they can be

difficult for newbies to understand.</P>

<P>Well that's it for now, more tricks later, till then goodbye.</P>

<P>Ankit Fadia</P><P><A href="mailto:Ankit@bol.net.in">ankit@bol.net.in</A></P>

<P>Get the Archive of Manuals [EVERYTHING YOU DREAMT OFF] written by Ankit Fadia

</P>

<P>At his mailing list.</P>

<P>To get the manuals in your Inbox join his mailing list by sending an email

to:</P>

<P><a href="mailto:programmingforhackers-subscribe@egroups.com">programmingforhackers-subscribe@egroups.com</a></P>



</body>

</html>