| 
Windows Vista comes in 32-bit and 64-bit editions depending on which CPU type you have. The 64-bit version will only work on 64-bit processors, however the 32-bit version can run on all types.
Some users will have a processor capable of running the 64-bit version of Vista but have the 32-bit version installed by default. This won't cause any problems, but it does mean you may miss out on some advantages (such as being able to utilise large amounts of memory). If you are in this situation, you can check to see if your computer can handle the 64-bit version of Windows Vista using the following steps.
First, open the Control Panel by clicking on the Start Menu > Control Panel.
Then click System and Maintenance.
Then select Performance Information and Tools.
This will display your computers performance index rating, allowing you to View and Print details.
Thursday, November 27, 2008
Check Whether Your System Is Capable Of Runing Windows Vista 64-bit
Posted by Phanse at 6:54 PM 1 comments
Labels: 32-bit, 64-bit, hidden, tips, Windows Vista
Thursday, October 9, 2008
All About SAM Files
What is SAM?
SAM is short for Security Accounts Manager, which is located on the PDC and has information on all user accounts and passwords. Most of the time while the PDC is running, it is being accessed or used.What do I do with a copy of SAM?
You get passwords. First use a copy of SAMDUMP.EXE to extract the user info out of it. You do not need to import this data into the Registry of your home machine to play with it. You can simply load it up into one of the many applications for cracking passwords, such as L0phtCrack, which is available from: http://www.L0phtCrack.com
Of interest to hackers is the fact that all access control and assorted parameters are located in the Registry. The Registry contains thousands of individual items of data, and is grouped together into "keys" or some type of optional value. These keys are grouped together into subtrees -- placing like keys together and making copies of others into separate trees for more convenient system access.
The Registry is divided into four separate subtrees. These subtrees are called
- HKEY_CLASSES_ROOT
- HKEY_CURRENT_USER
- HKEY_LOCAL_MACHINE
- HKEY_USERS
First and foremost is the HKEY_LOCAL_MACHINE subtree. It contains five different keys. These keys are as follows:
- SAM and SECURITY - These keys contain the info such as user rights, user and group info for the domain (or workgroup if there is no domain), and passwords. In the NT hacker game of capture the flag, this is the flag. Bag this and all bets are off.
- HARDWARE - this is a storage database of throw-away data that describes the hardware components of the computer. Device drivers and applications build this database during boot and update it during runtime (although most of the database is updated during the boot process). When the computer is rebooted, the data is built again from scratch. It is not recommended to directly edit this particular database unless you can read hex easily.
There are three subkeys under HARDWARE, these are the Description key, the DeviceMap key, and the ResourceMap key. The Description key has describes each hardware resource, the DeviceMap key has data in it specific to individual groups of drivers, and the ResourceMap key tells which driver goes with which resource.
- SYSTEM - This key contains basic operating stuff like what happens at startup, what device drivers are loaded, what services are in use, etc. These are split into ControlSets which have unique system configurations (some bootable, some not), with each ControlSet containing service data and OS components for that ControlSet. Ever had to boot from the "Last Known Good" configuration because something got hosed? That is a ControlSet stored here.
- SOFTWARE - This key has info on software loaded locally. File associations, OLE info, and some miscellaneous configuration data is located here.
The second most important main key is HKEY_USERS. It contains a subkey for each local user who accesses the system, either locally or remotely. If the server is a part of a domain and logs in across the network, their subkey is not stored here, but on a Domain Controller. Things such as Desktop settings and user profiles are stored here.
The third and fourth main keys, HKEY_CURRENT_USER and HKEY_CLASSES_ROOT, contain copies of portions of HKEY_USERS and HKEY_LOCAL_MACHINE respectively. HKEY_CURRENT_USER contains exactly would you would expect a copy of the subkey from HKEY_USERS of the currently logged in user. HKEY_CLASSES_ROOT contains a part of HKEY_LOCAL_MACHINE, specifically from the SOFTWARE subkey. File associations, OLE configuration and dependency information.
Posted by Phanse at 5:36 PM 0 comments
Labels: Files, sam, Tutorial, Windows, Windows Vista, windows xp, Windows2000
What are hives?
Hives are the major subdivisions of all of these subtrees, keys, subkeys, and values that make up the Registry. They contain "related" data.
All hives are stored in %systemroot%\SYSTEM32\CONFIG. The major hives and their files are as follows:
| Hive | File | Backup File |
| HKEY_LOCAL_MACHINE\SOFTWARE | SOFTWARE | SOFTWARE.LOG |
| HKEY_LOCAL_MACHINE\SECURITY | SECURITY | SECURITY.LOG |
| HKEY_LOCAL_MACHINE\SYSTEM | SYSTEM | SYSTEM.LOG |
| HKEY_LOCAL_MACHINE\SAM | SAM | SAM.LOG |
| HKEY_CURRENT_USER | USERxxx
| USERxxx.LOG
|
| HKEY_USERS\.DEFAULT | DEFAULT | DEFAULT.LOG |
Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.
| Hive | File | Backup File |
| HKEY_LOCAL_MACHINE\SOFTWARE | SOFTWARE | SOFTWARE.LOG |
| HKEY_LOCAL_MACHINE\SECURITY | SECURITY | SECURITY.LOG |
| HKEY_LOCAL_MACHINE\SYSTEM | SYSTEM | SYSTEM.LOG |
| HKEY_LOCAL_MACHINE\SAM | SAM | SAM.LOG |
| HKEY_CURRENT_USER | USERxxx
| USERxxx.LOG
|
| HKEY_USERS\.DEFAULT | DEFAULT | DEFAULT.LOG |
Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.
For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:
HKEY_CURRENT_USER
This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.
HKEY_USERS
In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.
This change in storage location has been brought about to parallel the way in which Windows95 handles its user profiles. In earlier releases of NT, the user profile was stored as a single file - either locally in the \config directory or centrally on a server. In windowsNT 4, the single user profile has been broken up into a number of subdirectories located below the \profiles directory. The reason for this is mainly due to the way in which the Win95 and WinNT4 operating systems use the underlying directory structure to form part of their new user interface.
HKEY_LOCAL_MACHINE
This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.
The information gleaned from this configuration data is used by applications, device drivers, and the WindowsNT 4 operating system. The latter usage determines what system configuration data to use, without respect to the user currently logged on. For this reason the HKEY_LOCAL_MACHINE regsitry key is of specific importance to administrators who want to support and troubleshoot NT 4.
HKEY_LOCAL_MACHINE is probably the most important key in the registry and it contains five subkeys:
- Hardware: Database that describes the physical hardware in the computer, the way device drivers use that hardware, and mappings and related data that link kernel-mode drivers with various user-mode code. All data in this sub-tree is re-created everytime the system is started.
- SAM: The security accounts manager. Security information for user and group accounts and for the domains in NT 4 server.
- Security: Database that contains the local security policy, such as specific user rights. This key is used only by the NT 4 security subsystem.
- Software: Pre-computer software database. This key contains data about software installed on the local computer, as well as configuration information.
- System: Database that controls system start-up, device driver loading, NT 4 services and OS behavior.
Information about the HKEY_LOCAL_MACHINE\SAM Key
This subtree contains the user and group accounts in the SAM database for the local computer. For a computer that is running NT 4, this subtree also contains security information for the domain. The information contained within the SAM registry key is what appears in the user interface of the User Manager utility, as well as in the lists of users and groups that appear when you make use of the Security menu commands in NT4 explorer.
Information about the HKEY_LOCAL_MACHINE\Security key
This subtree contains security information for the local computer. This includes aspects such as assigning user rights, establishing password policies, and the membership of local groups, which are configurable in User Manager.
HKEY_CLASSES_ROOT
The information stored here is used to open the correct application when a file is opened by using Explorer and for Object Linking and Embedding. It is actually a window that reflects information from the HKEY_LOCAL_MACHINE\Software subkey.
HKEY_CURRENT_CONFIG
The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.
Understanding Hives
The registry is divided into parts called hives. These hives are mapped to a single file and a .LOG file. These files are in the systemroot\system32\config directory.
| Registry Hive | File Name |
| HKEY_LOCAL_MACHINE\SAM | SAM and SAM.LOG |
| HKEY_LOCAL_MACHINE\SECURITY | Security and Security.LOG |
| HKEY_LOCAL_MACHINE\SOFTWARE | Software and Software.LOG |
| HKEY_LOCAL_MACHINE\SYSTEM | System and System.ALT |
Monday, September 29, 2008
Change Logon Wallpaper In Windows XP
Logon wallpaper is the wallpaper or image that windows xp shows on screen when windows logs on (before it asks for username & password) . It’s usually set to the image-logo of the brand(manufacturer) of our computer (e.g. in compaq laptops). Now we can set it to our own image or any other image(any bmp file) by following trick.
Open Startmenu->Run type regedit and press ok to open registry editor.(shows a tree like structure of directories at left)
In that hierarchical structure in left, navigate to registry entry
HKEY_USERS\.DEFAULT\Control Panel\Desktop
In right side pane see a number of values placed in a table format. choose the value named Wallpaper from there and double click it. Now you see a box with value name as Wallpaper and value data as Path to the image file .There give the full path of the image(bmp file) which you want to set as logon wallpaper by deleting previous path and writing path to your bmp file e.g. C:\WINDOWS\lon.BMP (to set image lon.BMP file as log on wall paper).
Also double click on WallpaperStyle and change it’s value to 2 to get a stretched wallpaper at logon.
Put that bmp file in windows directory for better results.
If that is a jpeg file, convert to bmp file by opening in Windows Image Viewer and save as bmp.
Posted by Phanse at 9:51 PM 0 comments
Labels: Logon Access, Wallpaper, windows xp
Wednesday, September 3, 2008
Google Chrome Keyboard Shortcuts
Get all the keyboard shortcuts for new Google Chrome Beta. You may download it from http://www.google.com/chrome/
Window and tab shortcuts
| Ctrl+N | Open a new window |
| Ctrl+Shift+N | Open a new window in incognito mode |
| Press Ctrl, and click a link | Open link in a new tab |
| Press Shift, and click a link | Open link in a new window |
| Alt+F4 | Close current window |
| Ctrl+T | Open a new tab |
| Ctrl+Shift+T | Reopen the last tab you've closed. Google Chrome remembers the last 10 tabs you've closed. |
| Drag link to tab | Open link in specified tab |
| Drag link to space between tabs | Open link in a new tab in the specified position on the tab strip |
| Ctrl+1 through Ctrl+8 | Switch to the tab at the specified position number. The number you press represents a position on the tab strip. |
| Ctrl+9 | Switch to the last tab |
| Ctrl+Tab or Ctrl+PgDown | Switch to the next tab |
| Ctrl+Shift+Tab or Ctrl+PgUp | Switch to the previous tab |
| Ctrl+W or Ctrl+F4 | Close current tab or pop-up |
| Alt+Home | Open your homepage |
| Ctrl+O, then select file | Open a file from your computer in Google Chrome |
Address bar shortcuts
Do one of the following actions in the address bar:| Type a search term | Perform a search using your default search engine |
| Type the part of the web address that's between 'www.' and '.com', then press Ctrl+Enter | Add www.and .com to your input in the address bar and open the web address |
| Type a search engine keyword or URL, press Tab, then type a search term | Perform a search using the search engine associated with the keyword or the URL. Google Chrome prompts you to press Tab if it recognizes the search engine you're trying to use. |
| F6 or Ctrl+L or Alt+D | Highlight content in the web address area |
| Type a web address, then press Alt+Enter | Open your web address in a new tab |
Shortcuts to open Google Chrome features
| Ctrl+B | Toggle bookmarks bar on and off |
| Ctrl+H | View the History page |
| Ctrl+J | View the Downloads page |
| Shift+Escape | View the Task manager |
Webpage shortcuts
| Ctrl+P | Print your current page |
| F5 | Reload current page |
| Esc | Stop page loading |
| Ctrl+F5 or Shift+F5 | Reload current page, ignoring cached content |
| Press Alt, and click a link | Download link |
| Ctrl+F | Open find-in-page box |
| Ctrl+G or F3 | Find next match for your input in the find-in-page box |
| Ctrl+Shift+G or Shift+F3 | Find previous match for your input in the find-in-page box |
| Ctrl+U | View source |
| Drag link to bookmarks bar | Bookmark the link |
| Ctrl+D | Bookmark your current webpage |
| Ctrl++ | Make text larger |
| Ctrl+- | Make text smaller |
| Ctrl+0 | Return to normal text size |
Text shortcuts
| Highlight content, then press Ctrl+C | Copy content to the clipboard |
| Place your cursor in a text field, then press Ctrl+V or Shift+Insert | Paste current content from the clipboard |
| Place your cursor in a text field, then press Ctrl+Shift+V | Paste current content from the clipboard without formatting |
| Highlight content in a text field, then press Ctrl+X or Shift+Delete | Delete the content and copy it to the clipboard |
More Shortcuts:
| Backspace, or press Alt and the left arrow together | Go to the previous page in your browsing history for the tab |
| Shift+Backspace, or press Alt and the right arrow together | Go to the next page in your browsing history for the tab |
| Ctrl+K or Ctrl+E | Places a '?' in the address bar. Type a search term after the '?' to perform a search using your default search engine. |
| Place your cursor in the address bar, then press Ctrl and the left arrow together | Jump to the previous word in the address bar |
| Place your cursor in the address bar, then press Ctrl and the right arrow together | Jump to the next word in the address bar |
| Place your cursor in the address bar, then press Ctrl+Backspace | Delete the previous word in the address bar |
| Space bar | Scroll down the web page |
| Home | Go to the top of the page |
| End | Go to the bottom of the page |
