How Linux boots

As it turns out, there isn't much to the boot process:

   1. A boot loader finds the kernel image on the disk, loads it into memory, and starts it.
   2. The kernel initializes the devices and its drivers.
   3. The kernel mounts the root filesystem.
   4. The kernel starts a program called init.
   5. init sets the rest of the processes in motion.
   6. The last processes that init starts as part of the boot sequence allow you to log in.

Identifying each stage of the boot process is invaluable in fixing boot problems and understanding the system as a whole. To start, zero in on the boot loader, which is the initial screen or prompt you get after the computer does its power-on self-test, asking which operating system to run. After you make a choice, the boot loader runs the Linux kernel, handing control of the system to the kernel.

There is a detailed discussion of the kernel elsewhere in this book from which this article is excerpted. This article covers the kernel initialization stage, the stage when the kernel prints a bunch of messages about the hardware present on the system. The kernel starts init just after it displays a message proclaiming that the kernel has mounted the root filesystem:

VFS: Mounted root (ext2 filesystem) readonly.

Soon after, you will see a message about init starting, followed by system service startup messages, and finally you get a login prompt of some sort.

NOTE On Red Hat Linux, the init note is especially obvious, because it "welcomes" you to "Red Hat Linux." All messages thereafter show success or failure in brackets at the right-hand side of the screen.

Most of this chapter deals with init, because it is the part of the boot sequence where you have the most control.
init

There is nothing special about init. It is a program just like any other on the Linux system, and you'll find it in /sbin along with other system binaries. The main purpose of init is to start and stop other programs in a particular sequence. All you have to know is how this sequence works.

There are a few different variations, but most Linux distributions use the System V style discussed here. Some distributions use a simpler version that resembles the BSD init, but you are unlikely to encounter this.

Runlevels

At any given time on a Linux system, a certain base set of processes is running. This state of the machine is called its runlevel, and it is denoted with a number from 0 through 6. The system spends most of its time in a single runlevel. However, when you shut the machine down, init switches to a different runlevel in order to terminate the system services in an orderly fashion and to tell the kernel to stop. Yet another runlevel is for single-user mode, discussed later.

The easiest way to get a handle on runlevels is to examine the init configuration file, /etc/inittab. Look for a line like the following:

id:5:initdefault:

This line means that the default runlevel on the system is 5. All lines in the inittab file take this form, with four fields separated by colons occurring in the following order:
# A unique identifier (a short string, such as id in the preceding example)
# The applicable runlevel number(s)
# The action that init should take (in the preceding example, the action is to set the default runlevel to 5)
# A command to execute (optional)

There is no command to execute in the preceding initdefault example because a command doesn't make sense in the context of setting the default runlevel. Look a little further down in inittab, until you see a line like this:

l5:5:wait:/etc/rc.d/rc 5

This line triggers most of the system configuration and services through the rc*.d and init.d directories. You can see that init is set to execute a command called /etc/rc.d/rc 5 when in runlevel 5. The wait action tells when and how init runs the command: run rc 5 once when entering runlevel 5, and then wait for this command to finish before doing anything else.

There are several different actions in addition to initdefault and wait, especially pertaining to power management, and the inittab(5) manual page tells you all about them. The ones that you're most likely to encounter are explained in the following sections.

respawn

The respawn action causes init to run the command that follows, and if the command finishes executing, to run it again. You're likely to see something similar to this line in your inittab file:

1:2345:respawn:/sbin/mingetty tty1

The getty programs provide login prompts. The preceding line is for the first virtual console (/dev/tty1), the one you see when you press ALT-F1 or CONTROL-ALT-F1. The respawn action brings the login prompt back after you log out.

ctrlaltdel

The ctrlaltdel action controls what the system does when you press CONTROL-ALT-DELETE on a virtual console. On most systems, this is some sort of reboot command using the shutdown command.

sysinit

The sysinit action is the very first thing that init should run when it starts up, before entering any runlevels.

How processes in runlevels start

You are now ready to learn how init starts the system services, just before it lets you log in. Recall this inittab line from earlier:

l5:5:wait:/etc/rc.d/rc 5

This small line triggers many other programs. rc stands for run commands, and you will hear people refer to the commands as scripts, programs, or services. So, where are these commands, anyway?

For runlevel 5, in this example, the commands are probably either in /etc/rc.d/rc5.d or /etc/rc5.d. Runlevel 1 uses rc1.d, runlevel 2 uses rc2.d, and so on. You might find the following items in the rc5.d directory:

S10sysklogd       S20ppp          S99gpm
S12kerneld        S25netstd_nfs   S99httpd
S15netstd_init    S30netstd_misc  S99rmnologin
S18netbase        S45pcmcia       S99sshd
S20acct           S89atd
S20logoutd        S89cron

The rc 5 command starts programs in this runlevel directory by running the following commands:

S10sysklogd start
S12kerneld start
S15netstd_init start
S18netbase start
...
S99sshd start

Notice the start argument in each command. The S in a command name means that the command should run in start mode, and the number (00 through 99) determines where in the sequence rc starts the command.

The rc*.d commands are usually shell scripts that start programs in /sbin or /usr/sbin. Normally, you can figure out what one of the commands actually does by looking at the script with less or another pager program.

You can start one of these services by hand. For example, if you want to start the httpd Web server program manually, run S99httpd start. Similarly, if you ever need to kill one of the services when the machine is on, you can run the command in the rc*.d directory with the stop argument (S99httpd stop, for instance).

Some rc*.d directories contain commands that start with K (for "kill," or stop mode). In this case, rc runs the command with the stop argument instead of start. You are most likely to encounter K commands in runlevels that shut the system down.

Adding and removing services

If you want to add, delete, or modify services in the rc*.d directories, you need to take a closer look at the files inside. A long listing reveals a structure like this:

lrwxrwxrwx . . . S10sysklogd -> ../init.d/sysklogd
lrwxrwxrwx . . . S12kerneld -> ../init.d/kerneld
lrwxrwxrwx . . . S15netstd_init -> ../init.d/netstd_init
lrwxrwxrwx . . . S18netbase -> ../init.d/netbase
...

The commands in an rc*.d directory are actually symbolic links to files in an init.d directory, usually in /etc or /etc/rc.d. Linux distributions contain these links so that they can use the same startup scripts for all runlevels. This convention is by no means a requirement, but it often makes organization a little easier.

To prevent one of the commands in the init.d directory from running in a particular runlevel, you might think of removing the symbolic link in the appropriate rc*.d directory. This does work, but if you make a mistake and ever need to put the link back in place, you might have trouble remembering the exact name of the link. Therefore, you shouldn't remove links in the rc*.d directories, but rather, add an underscore (_) to the beginning of the link name like this:

mv S99httpd _S99httpd

At boot time, rc ignores _S99httpd because it doesn't start with S or K. Furthermore, the original name is still obvious, and you have quick access to the command if you're in a pinch and need to start it by hand.

To add a service, you must create a script like the others in the init.d directory and then make a symbolic link in the correct rc*.d directory. The easiest way to write a script is to examine the scripts already in init.d, make a copy of one that you understand, and modify the copy.

When adding a service, make sure that you choose an appropriate place in the boot sequence to start the service. If the service starts too soon, it may not work, due to a dependency on some other service. For non-essential services, most systems administrators prefer numbers in the 90s, after most of the services that came with the system.

Linux distributions usually come with a command to enable and disable services in the rc*.d directories. For example, in Debian, the command is update-rc.d, and in Red Hat Linux, the command is chkconfig. Graphical user interfaces are also available. Using these programs helps keep the startup directories consistent and helps with upgrades.

HINT: One of the most common Linux installation problems is an improperly configured XFree86 server that flicks on and off, making the system unusable on console. To stop this behavior, boot into single-user mode and alter your runlevel or runlevel services. Look for something containing xdm, gdm, or kdm in your rc*.d directories, or your /etc/inittab.

Controlling init

Occasionally, you need to give init a little kick to tell it to switch runlevels, to re-read the inittab file, or just to shut down the system. Because init is always the first process on a system, its process ID is always 1.

You can control init with telinit. For example, if you want to switch to runlevel 3, use this command:

telinit 3

When switching runlevels, init tries to kill off any processes that aren't in the inittab file for the new runlevel. Therefore, you should be careful about changing runlevels.

When you need to add or remove respawning jobs or make any other change to the inittab file, you must tell init about the change and cause it to re-read the file. Some people use kill -HUP 1 to tell init to do this. This traditional method works on most versions of Unix, as long as you type it correctly. However, you can also run this telinit command:

telinit q

You can also use telinit s to switch to single-user mode.

Shutting down

init also controls how the system shuts down and reboots. The proper way to shut down a Linux machine is to use the shutdown command.

There are two basic ways to use shutdown. If you halt the system, it shuts the machine down and keeps it down. To make the machine halt immediately, use this command:

shutdown -h now

On most modern machines with reasonably recent versions of Linux, a halt cuts the power to the machine. You can also reboot the machine. For a reboot, use -r instead of -h.

The shutdown process takes several seconds. You should never reset or power off a machine during this stage.

In the preceding example, now is the time to shut down. This argument is mandatory, but there are many ways of specifying it. If you want the machine to go down sometime in the future, one way is to use +n, where n is the number of minutes shutdown should wait before doing its work. For other options, look at the shutdown(8) manual page.

To make the system reboot in 10 minutes, run this command:

shutdown -r +10

On Linux, shutdown notifies anyone logged on that the machine is going down, but it does little real work. If you specify a time other than now, shutdown creates a file called /etc/nologin. When this file is present, the system prohibits logins by anyone except the superuser.

When system shutdown time finally arrives, shutdown tells init to switch to runlevel 0 for a halt and runlevel 6 for a reboot. When init enters runlevel 0 or 6, all of the following takes place, which you can verify by looking at the scripts inside rc0.d and rc6.d:

   1. init kills every process that it can (as it would when switching to any other runlevel).

# The initial rc0.d/rc6.d commands run, locking system files into place and making other preparations for shutdown.
# The next rc0.d/rc6.d commands unmount all filesystems other than the root.
# Further rc0.d/rc6.d commands remount the root filesystem read-only.
# Still more rc0.d/rc6.d commands write all buffered data out to the filesystem with the sync program.
# The final rc0.d/rc6.d commands tell the kernel to reboot or stop with the reboot, halt, or poweroff program.

The reboot and halt programs behave differently for each runlevel, potentially causing confusion. By default, these programs call shutdown with the -r or -h options, but if the system is already at the halt or reboot runlevel, the programs tell the kernel to shut itself off immediately. If you really want to shut your machine down in a hurry (disregarding any possible damage from a disorderly shutdown), use the -f option.

A TERM - "HACKER"

WHAT IS HACKING?
Hacking is an art. An art of finding – how things work, why they work and how you can manipulate it, so that it works on your commands. Hacking is not based on the so-called “code of ethics”. It is all based on pure imagination, creativity, inquisitiveness and thinking out of the “box”.

• Who are Hackers?
  Hacker is a computer-enthusiast, a skilled programmer, a good social engineer, who knows his way around computer systems. Hacker is a problem-solver. For a Hacker, computer is nothing but a reward and Internet is an unexplored treasure house.
• Who are Script Kiddies?
  Script Kiddies alias skiddies are low-profiled ignorant cunts, who break into computers with malicious intent, propagate cyber-terrorism, use already available toolset, rip exploit codes and remain nescient all through.
• What is 1337/l33t speak?
  1337 or l33t speak is a typeset and widely used Internet language. It is the graphical denotation of numbers that resemble an English alphabet. In this lingo, several English words are misspelled to give an indifferent touch. It was extensively used by the “old-sk00l h4x0rs” during the BBS days. Nowadays. It is used commonly in online gaming sessions. Example: j00 907 pwn3d!
• What programming languages are important for hacking?
  Start with C to acquire the basic methodologies of programming. After gaining certain efficiency in C, move on to ASM to get deep into more advanced stuff. You could also try your hands with Perl, Python, or Ruby for quick scripting, exploit development and easy-to-use tools.
• Which is the best hacking site?
  Duh! One the most clichéd question. Ever. Well, there is no “best hacking site”. Hackers do not rely on hacking sites, other than a personal memory dump on an unused shell. Nevertheless, hackers love sites that are informative. And, just for the notes, Google (http://www.google.com) is your information hub.
• What is the difference between *nix and Linux?
  *nix is a family of operating systems that constitutes of different operating systems that are based on UNIX. It was developed at AT&T Bell laboratories in the 70’s. It houses popular operating systems such as GNU/Linux, as well as BSD and BeOS.
  Linux is a UNIX-based monolithic kernel, developed by a Finnish student, named Linux Torvalds in 1991. The source code has been developed in C and it is freely available. Linux is not immensely popular. However, as a web server, Linux is the best choice.
• What is the difference between Linux and GNU/Linux?
  Well, Linux is the barebone kernel with minimal tools repository, originally developed by Torvalds. Whereas GNU/Linux is, Linux accompanied with tools and scripts that are a part of the GNU project. GNU/Linux is often called as ‘Windows NT’s worst enemy’. As an operating system.
• Open Source? What is it?
  Open Source in plain simple words means that the software’s source code can be legally viewed, modified and redistributed. Most *nix operating systems are open source.
• Is Linux is better than Windows?
  Yes, it certainly is.
• What is a distro?
  Distro alias Distribution can be well defined as a modified kernel that is targeted towards the average user.
• What is a Live CD?
  A Live CD distro is type of distribution in which the entire Linux operating system can be booted off with a CD. You need not have to install it. Although, most of the Live CD distros that have fancy GUI’s require excessive amount of RAM. Example: Ubuntu, CentOS.
• Which distro are you using, now, SB?
  A minimal barebone distro called CRUX. My base install is 150MB with X, gcc, perl and stuff. It boots within 10.22 seconds on a standard 400 MHz box in X. Why? Because I am not a lazy bum, who uses restraining distros that hogs up +1GB of unneeded startup scripts, useless services, an overflowing /etc directory, 200MB of /usr/doc that you never even look at and yes, not to forget, an overfilled glibc and KDE/Gnome with bazillion dependencies.
• How do I tune my O/S?
  Minimize your kernel, keep your LiLo/Grub secure, make a cooler boot prompt, and free your disk from unused services that are rarely played. Partition your box in a much more effective way, rather than a large reiserfs. Use hdparm to extract out the maximum potential of your disks. Get rid of memory-hog window managers such as KDE or Gnome and choose lighter ones such as Openbox, Fluxbox.
• Which is your favourite Window Manager?
  Openbox.
  Shagbox, the one I developed myself, with random tid-bit help from Blackbox.
• UNIX Shell? What is it?
  In simple words, the black screen through which you executed commands and then they popped out messages. That is a shell, for the lame. The most commonly used shell is bash, though, very less majority of people still prefer traditional ones, such as ksh, tcsh, csh, sh, ash etc.
  Online shells are effective and useful. This is because, you could try your hands with various flavours of *nix without the paranoia of messing up. It is not yours, after all!
• Where do I get a free shell?
  Your own servers, free shell servers, ask your ISP for one. I would recommend the shell that you operate from your own server, because you are in charge of the logs and such.
• What is root?
  Ever played rootwars? If no, then, root is the highest-privileged user in a UNIX-based box. It is the system administrator account.
• What are exploits?
  An exploit is piece of code that is used to gain unauthorized access, take advantage of existing vulnerability, supersede verification, and acquire root. Exploits are coded in various programming languages like C, Perl, Python, PHP, Bash, and Ruby.
• Where do I find exploits?
  Generally, hackers do not popularize their exploit code. However, a few ‘White Hats’ exhibit their exploit code for the vendor’s benefit. Therefore, to obtain exploit codes, you could visit:
  
  

  
  

  www.milw0rm.com
www.securityfocus.com
www.packetstormsecurity.org
www.nvd.nist.giv

  
  Although, I would say, do not use the exploits to “hack” or to “break into systems”, unless and until, you like the Script Kiddie tag.
• How do I compile exploits?
  Using the language’s compiler, “Genius”.
• Whenever I compile exploits, I get some sort of errors. What is the problem?
  Usually, hackers who code exploits deliberately put errors so that script kiddies cannot compile the code. Therefore, you must know the language before compiling a random exploit.
• What are 0dayz?
  0dayz are exploit codes that have not experienced a legitimate release.
• What are buffer overflows?
  Buffer Overflow proves to be extremely hazardous, especially, in an environment where user input plays an important role. Buffer Overflow is a fault or I can say an error arising in the programmer’s end. In other words, the source of an application embraces such errors. Moreover, such errors can be exploited easily by studying the coding nature and scripting behaviour of the application. Example of a vulnerable code:
  
  

  Code:

  #include
void main(void)
{
char pwn[255] = { 0 };
std::cin >> pwn;
getchar();
}
• Then, what are stack overflows?
  In plain and simple words, Stack is a region allocated to store variables of a particular function. It also stores specified arguments that are supposed to be passed on to other function type. Each of the function has a pre-defined stack frame, which is accountable for saving/restoring the caller’s stack frame.
  Now, in a stack overflow, the saved instruction pointer is overwritten with the address where the shellcode has been affixed. This means you can have total control over the program and can spawn a shell. Example of a vulnerable code:
  
  

  Code:

  void func(char *pwn)
{
printf("%sn",pwn);
}
int main()
{
char pwn[256];
func(pwn);
}
• What are backdoors?
  Backdoor is a malicious technique to bypass the normal authentication process, keeping a remote access in the form of either reverse connection or bind connection or connect back connection and remaining undetected. You can remain undetected by either installing a hexed malicious application or you could modify any existing application or device driver or O/S service.
• What is a Trojan?
  Trojan is a malicious program bound inside a desirable program. Trojan gives you unauthorized entry into a system. Trojans are considered lame and gimpy because it is an automated way to gain unauthorized access. Some famous Trojans:
  - SubSeven
  - Back Orifice
  - Bifrost
  - Poison Ivy
  - Nuclear RAT
• How do I infect someone with a Trojan?
  Okay, firstly, it is lame and it propagates script kiddieness. Anyway, if you insist… Trojans comprises of two distinct tools, namely, Server and Server Builder. The Server Builder lets you affix your friends IP address, add features such as Fake Error-Generation, Key-logging etc. After creating the server, you would make a Server. The Server has all your desired options. Now, you could either bind it with another desirable application or make it undetectable by using your hex editing skills. Once you are done, execute the file in the victim’s computer and enjoy skiddie-like status.
• I have executed the Trojan in my friends’ computer, but it isn’t working. Could you tell me why?
  It is because your friend is smart enough to keep a well-configured firewall or IDS, or a port blocker.
• What are Viruses?
  Viruses are malevolent programs that are able to replicate themselves and corrupting or I may say, crashing the entire system. They are usually used to create computer-related havoc.
• What are virii-coders?
  Virii-Coders are programmers who code viruses.
• In what language are good and effective viruses written?
  ASM/Assembly, that is.
• What are spywares?
  Spyware is a piece of software that exists in several websites. They are installed in your system without your knowledge. They track down your web surfing habits, so that the vendors are able to demonstrate desirable advertisements.
• What is Denial of Service?
  In a Denial of Service or DoS attack, the attacker launches an attack where crafted packets are sent to the victim’s system. It is uncommon and unsuccessful because packet crafting can be easily filtered.
• What is Distributed Denial of Service?
  In this type of attack, the attacker launches attack from multiple systems to make the attack more intricate and potent. Usage of distributed computing methods is often deployed to trigger DDoS attacks. Example: Botnets
• How can I stay anonymous on the Internet?
  Using a proxy server. There is nothing much fruitful other than a proxy server, you own or build yourself. It is because you have access to the logs.
• Could you elaborate proxy servers?
  Proxy server is a system allows a network to invoke indirect network connection to other networks. The proxy server either establishes an indirect connection via another network in its hub or by utilizing the available cache data.
• What are the most common types of proxy servers?
  The traditional HTTP proxy server and the over-rated CGI proxy. The former either utilizes the cache or hooks up the request to another network through redirection. The latter is nothing but a CGI script that allows the server to forward the requests to the browser. It proves to be useful during proxy tunneling.
• Now, what is Proxy tunneling?
  It is a method by which one can tunnel his/her own network to another network by means of a terminal emulator and a remote port.
• What is a port?
  A port receives and regulates data sent over the network in the form of network traffic.
• What is port scanning?
  Port scanning is a reconnaissance technique. It is used to probe all the available ports in a network.
• Which is the best port scanner?
  Nmap is by far the best port scanner. It is available for both POSIX and Windows.
• What is a daemon?
  Daemon is a system service or a process that runs in the background.
• What is Banner Grabbing?
  Banner grabbing is a method to request information from a system. The information can be of a daemon of a specified port.
• What is TCP?
  It is the acronym for Transmission Control Protocol. It’s a standard protocol used to transmit data from one network to another. It is a part of the TCP/IP suite and the OSI model. TCP helps in propelling bug-free data through the network.
• What is IP? 
  Internet Protocol is an address comprising of a sequence of a numbers, used to identify a particular system or a domain in a network.
• What is IRC?
  IRC alias Internet Relay Chat is a type of real-time instant messaging in the form of conferencing. A conference can be initiated via channels. Private messaging can do one-to-one messaging and file transfer can be done via DCC (Direct Client-to-Client). You need to be equipped with a IRC client, in order to unveil the pleasure of IRC.
• Which IRC client do you recommend?
  For GUI, Xchat would be enough. Moreover, for CUI buffs, there is nothing better than irssi.
• How do I stay anonymous on IRC?
  You could use Vhost alias Virtual Host to remain anonymous. Vhost’s allow you to switch to a different hostname, instead of the real one. This ensures privacy for those who hate getting WHOIS’d. You could subscribe to BNC AKA IRC Bouncers to go to IRC. In addition, you could use SOCKS proxy server to connect to IRC. Every client has the option of implementing SOCKS settings.
• How do I spoof my IP address?
  Spoofing IP address is a cumbersome process because it mostly deals with blind-trust relationship with the network you are dealing with. However, with the knowledge of RAW socket and C/Perl, one could spoof his/her IP.
• What is encryption?
  Encryption can be defined as the process of converting data into non-readable code.
• How do I encrypt my Email?
  Using PGP, GPG, SSL Tunnel or any other OpenPGP application.
• How do I get my friend’s IP?
  Well, there are innumerable ways to get your friend’s IP. If you are on any common Instant Messenger, you could first establish a direct connection with your friend, then, Reverse Engineer your Instant Messenger, make an IM debugger. With your debugger, you could get the socket ID’s, that is, the IP address, whenever you have a direct connection. (Hint: Yahoo Instant Messenger’s debugger is freely available on the net)
  If you are an IRC buff, you could use “/whois” command to get your friend’s IP. If you are having faith on Emails, then, you could use Email Headers to acquire the IP. If you own a website, you could always create an IP grabber in 3 lines via PHP.
• What is RFI?
  RFI alias-Remote File Inclusion is web application vulnerability that helps the attacker to upload a Web Shell remotely by executing a malicious URL string through the browser. Example:
  
  

  Code:

  www.anysite.com/index.php?page=www.anysite.com/webshell.php?cmd=ls
• What is LFI?
  LFI alias-Local File Inclusion is also a web application vulnerability that allows the attacker to view local files by executing a malicious URL string that triggers unsanitized variables.
  
  

  Code:

  www.anysite.com/index.php?page=../../etc/passwd
• What is XSS?
  XSS also called as Cross Site Scripting attack is a web application exploit method by which the attacker can steal information from the web server by inserting malicious scripts in the URL via the web browser. Example:
  
  

  Code:

  www.anysite.com/cgi-bin/tools.cgi?page=

  [url=http://www.anysite.com/cgi-bin/tools.cgi?page=<script>alert(‘XSS’)</script>]
• What is SQL Injection
  SQL Injection is a web application exploitation method by which the attacker can infuse malicious link in the URL to generate sensitive database information. One can also insert Injection strings in forms to bypass restrictions. Privilege Escalation Error-Generation through SQL Injection also proves to be dangerous, as sometimes, the database generates errors containing significant information.
  Power of SQL injection can be experienced by the usage of stored procedures and database tools such as osql.
• What are Botnets?
  Botnet is a network of systems that has been compromised by an attacker. These systems can be used by the attacker to launch various kinds of malicious activities such as DDoS, by the help of distributed computing. Botnets are usually automated through IRC channels, P2P networks or Torrent lines.
• How do I get the registration code of software?
  By using a debugger, a hex editor and some good ASM skills.
• How do I hack my friend’s email account?
  Hacking or Cracking an email account is definitely not an easy job to do because nowadays well-known email providers have armoured their servers with strong IDS systems and hardcore scripts. However, vulnerabilities still exist. I will suggest you to try out the following things:
  - Bugs: You could exploit existing bugs or you could find your own bugs. You can try out web-application exploit methods such as SQL Injection, XSS, Cookie Stealing, RFI, LFI, CSRF etc. (Hint: Yahoo’s got a PG source variable bug that allows the attacker to get Yahoo passwords in seconds)
  - Phishing: You can create a fake login page that redirects the login information into your mailbox.
  - Social Engineering: You can use Social engineering techniques to acquire passwords. This method has been very effective.
  - Using a Keylogger: You can use a keylogger to log all the keystrokes that have been processed in a system. This is an effective way to acquire passwords, but remote infusion of keyloggers is difficult unless you compromise the victim’s system. You should try out Aradamax Keylogger or S-C Keylogger or code one in C.
  - Password Guessing: The least effective technique.

Unlock Pattern in Android phone

Unlock Pattern in Android phone

Unlock Pattern in Android phone
just follow some steps:

Note: Your mobile will be reset so it is advised to take backup of it!

1. Turn off the Android phone

2.  Long press the upper volume key, menu key and the power key simultaneously

3. relieve for a fraction as soon as you see the screen display
   in "Samsung Galaxy S5( your model)"  again press the 3 keys simultaneously

4. Now you will see a screen displaying "Android system Recovery"

5. select the 3rd option("Wipe data/factory reset") using the volume keys and press the centre
   menu key.

6. select the "Yes" option again using the same keys.

7. after some time, it will say, the reset is done.

8. just select the reboot option and your phone is UNLOCKED.

Get Your Friend's IP

How To Get Your Friend's IP Address

Step 1:- First open your  FACEBOOK   account.

Step 2:- Now invite your friend in facebook chat box and close or other's tab.

step 3:- Now click start and open run.

Step 4:- Now simply type here `netstat -a` and open..

Step 5:- Now after getting address CLICK HERE .

Step 6:- Now paste your friend's ip and get fully information .

ENJOY!!!!!!!