How To Create MultiOS bootable Pendrive

In this Post I'm gonna tell you how to Create MultiBootable Pendrive

This can be handy if the computer’s own operating system is corrupted through misuse, poor maintenance, or worse, malware.

There are a few nice programs that will help you create your multiboot USB stick. Today, we’ll take a brief look at three of them: XBoot, MultiBootUSB, and YUMI. Prior to using each of the different multiboot creation programs, I formatted my Kingston DataTraveler 101 16GB USB 2.0 flash drive, to ensure there would be no issues from the flash drive itself.

MultiBootUSB

MultiBootUSB is available on SourceForge and appears to be a pretty popular program for just this kind of task. The MultiBootUSB software is also a portable application, meaning you simply put the MultiBootUSB-6.4.1.exe file onto your USB drive and run it all from the USB drive. No need to mess around installing it on your computer. This gives you a great deal of flexibility, should you want to change things up but you aren’t at your home or office computer.

While using it on my USB drive in a Windows 7 computer, I did get error messages every time I went to use it. It would tell me that MultiBootUSB was not installed on the F: drive. I checked my USB stick and it was labelled as the F: drive and, of course, the program IS on the USB stick.

It is limited to allowing installations of Linux-based Live distributions, however, most of the best Live CDs are Linux-based anyway. I decided to push on and just try adding the Kaspersky Rescue CD 10 ISO. The total size of the Kaspersky Rescue CD is 299 MB, so there is plenty of room for it on my 16GB drive.

The total time to install it was about 25 minutes. It may feel like forever, but it is a process that you only have to do once.

The second ISO I added was the Ultimate Boot CD 5.11 ISO. At 359 MB, it took about 30 minutes to install. But if you have StumbleUpon or Facebook, the time flies by. Now, I have two different bootable operating systems on one USB flash drive.

At this point, you’re supposed to be able to click on the QEMU tab and test the installations without having to reboot the system. QEMU is  a machine emulator and virtualizer, meaning it’s an operating system that will run in the Windows environment, but completely independent of Windows. I couldn’t seem to get this feature working with MultiBootUSB, even though I could use QEMU to boot the ISOs of the Live CDs I was using.

In the end, this wasn’t too important since I was able to boot my computer from the USB stick into both Kaspersky and Ultimate Boot CD. So, overall, the mission was accomplished.

XBoot

One thing that I immediately noticed is that XBoot has a lot more documentation than MultiBootUSB, which is to say that it has some documentation. Both programs don’t really need a lot of instruction to use, but it’s nice to have in case something happens.

Installation of XBoot is really easy; double-click the executable file and it opens in seconds. From there it’s quite simple to add your ISOs – just drag and drop them into the main box.

From there, just click on the Create USB button. The program will prompt you to select the USB drive that you wish to install the ISOs on, and to select the kind of bootloader that you want to use. If your USB stick is formatted to FAT32, XBoot recommends Syslinux. If the USB stick is formatted to NTFS, Grub4DOS is recommended. You could also select Do not install any Bootloader, but since we want the USB stick to be bootable, I don’t see why we’d choose that. Click OK and we’re on the way!

The speed with which XBoot added the ISO files was also blindingly fast – mere seconds per ISO – versus the hour it took me to load the same ISOs into MultiBootUSB.  I couldn’t get a screenshot of it loading the ISO fast enough.

Yep, that’s all I could screen capture. Xboot also has the same QEMU features, where you can boot a Live CD ISO or boot the USB that you just made. Once again, I couldn’t boot the USB in QEMU, but I could boot the Live ISOs. I’m thinking my computer is the issue here, so I’m not going to include this feature in my final analysis.

However, the USB stick did work, and I was able to boot my computer into both Kaspersky and the Ultimate Boot CD. So once again, mission accomplished, and much faster!

YUMI – Your Universal Multiboot Installer

There seemed to be a lot of recommendations for YUMI around the web, so I added it to the crop to be tested. When I went to the hosting website, PenDriveLinux.com, YUMI and I got off to a bad start. Anytime I go to download software and the download page is full of advertisements, I feel like this is a shifty proposition. Throwing caution aside, I downloaded and installed YUMI. I didn’t feel much better as I did this. Check out the License Agreement.

All of a sudden I felt dirty. I continued though.

Once you get to the part where you are adding distributions to your USB stick, YUMI lays out exactly which ones are known to work, as well as where to download the distributions from. I thought this was pretty professional. You wouldn’t be wasting time trying to make something work that simply would never work! There are dozens of Linux distributions and other Linux-based Live CDs listed. At least one of them is likely to meet your needs.

I started with loading the Kaspersky Live CD. It took a bit less time than MultiBootUSB to load, about 20 minutes, but still a far more significant amount of time than XBoot.

Fortunately, Ultimate Boot CD 5.11 was on the list. So I added that as well. For whatever reason, adding the UBCD ISO only took a minute or two.

YUMI doesn’t have the additional QEMU tools like MultiBootUSB or XBoot, but then again, those tools don’t seem terribly necessary. Using the YUMI-created bootable USB drive, I was able to boot into both images without any issues. So, yes, YUMI does work.

The Take Away

Any of the three tools will help you create a USB stick that you can boot one of several operating systems with. All things being equal, and most things were, I would recommend XBoot over MultiBootUSB and YUMI, just for the sheer speed with which I was able to create a multi-OS bootable thumb drive. This program will be staying on my computer, the other two need to go.

Have you had any experience with these multiboot USB creation tools? Have you used another one? Any idea why the QEMU feature won’t work on my Windows 7 Pro system? Let’s talk about this in the comments.  Sharing the knowledge is how we all grow and we are all on the same team here.

Microsoft Claimed that Windows XP Will always remain Vulnerable for Hacker

Microsoft official has also published a graph included in the Microsoft Security Intelligence Report volume 14, stating that Windows XP is currently the operating system with the highest malware infection rate. Windows 7 and Windows 8 are obviously the most secure platforms right now.

It’s no secret that Microsoft is trying to convince everyone still running Windows XP to move to either Windows 7 or Windows 8, so the company keeps doing this with the help of a brand new post.

This time, Tim Rains, director of Trustworthy Computing, points to the security risks caused by sticking to Windows XP beyond the April 8, 2014 retirement date, explaining that the 11-year-old OS will soon become vulnerable “forever.”

“What is the risk of continuing to run Windows XP after its end of support date? One risk is that attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders,” Rains explains.

What’s more, Rains reveals that Windows has been targeted by 45 Microsoft security bulletins between July 2012 and July 2013, while Windows 7 and Windows 8 received only 30 such patches.

Once the Windows XP’s support comes to an end, the operating system will be vulnerable forever, the company official explains.

“The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP,” he states.

“Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a ‘zero day’ vulnerability forever.”

Users, on the other hand, don’t really seem to care about Microsoft’s warnings. At this point, Windows XP is still powering more than 37 percent of computers worldwide, and only a few of them are actually planning to move to a newer platform.

10 Most Notorious Hacker Groups Ever

10 Most Notorious Hacker Groups Ever

Image Source

The word “hack” began as a term for an “ingenious solution to a problem.” Then, with the onset of computer programming, it evolved to mean “a feat of programming prowess.” Teenage boys, attracted to the elite power they could wield, immersed themselves in a world of Internet bulletin boards and telephone systems. The lure of the next big challenge, hacker-group rivalries, political activism and personal gain all come into play in this fascinating underground world – in which everything is painted in shades of gray.

10. Chaos Computer Club

Image Source

The Chaos Computer Club was formed on September 12, 1981 in Berlin. The group gained worldwide notoriety by hacking into the German Bildschirmtext computer network and debiting 134,000 Deutsch Marks from a Hamburg bank. They returned the money the next day, having proven their point: the system’s security was flawed.

Some members of the club were also involved in a cyberespionage case in 1989. They hacked into corporate and government computers in the US and sold the source code to the KGB. The Chaos Computer Club also used hacking to protest French nuclear testing, to publish the fingerprints of Germany’s Minister of the Interior, Wolfgang Schäuble, and to expose a government Trojan horse spyware device.

9. Global KOS

Image Source

The goal of Global kOS (pronounced “chaos”) was exactly that: to create as much online disorder as possible on a global scale. Consisting of members with handles like AcidAngel, The Assassin and Shadow Hunter, the group was responsible for providing a slew of automated hacker tools to the online community. This meant that so-called “script-kiddies,” who don’t necessarily have any true computer programming abilities, could wreak havoc without much technical knowhow.

Created in 1996 by AcidAngel, “Up Yours!” was a denial of service tool used to bring down the websites of 40 politicians, including that of Rush Limbaugh, as well as those of MTV and the Ku Klux Klan. Other tools developed by Global kOS include the kOS Crack, for cracking passwords, and BattlePong, an IRC flooding utility.

8. The Level Seven Crew

Image Source

The Level Seven Crew is believed to have taken its name from the seventh level of hell (“the violent”) in Dante’s famous poetic allegory, “The Inferno.”

In 1999 alone, Level Seven illegally infiltrated over 60 computer systems, including those of NASA, The First American National Bank, and Sheraton Hotels. They also broke into the website of the US Embassy in China and defaced it with racist slogans to protest the United States’ accidental bombing of the Chinese Embassy in Belgrade. And they were apparently the first group to hack into a .ma (Moroccan) domain. Most of their exploits tended towards “hacktivism,” a form of online activism, rather than being motivated by personal gain. The group disbanded in 2000.

7. globalHell

Image Source

The hacker group globalHell has been compared to a gang of thugs; but instead of battling it out on the streets, they took their fight into cyberspace. The group is said to have attacked and destroyed data on 115 websites, caused millions of dollars in damages, and trafficked stolen information.

Ironically, globalHell was co-founded by a known Houston street gang member named Patrick Gregory, who turned to computers as a “way out” of gang life. However, he ended up transferring his gang-related activity to the web, where he helped coordinate a 60-member syndicate.

Global Hell not only carried out an online version of extortion; they also went as far as attacking and defacing the United States Army’s website, vandalizing it with the message, “globalHell will not die.” Twenty-year-old Wisconsin-based co-founder Chad Davis was arrested in 1999, sentenced to six months in prison, and ordered to pay $8,054. In an amusing twist, he has since gone on to become an independent security consultant.

6. TeaMp0isoN

Image Source

A 16-year-old hacker who goes by the online name TriCk started TeaMp0isoN in 2010. The group was responsible for hacking into Facebook, NATO, and the English Defense League. They also hacked into an email account and retrieved personal data about former British Prime Minister Tony Blair. And when Research In Motion, the company responsible for developing the BlackBerry smartphone, planned to help police during the 2011 England riots, TeaMp0isoN defaced the official BlackBerry blog, writing, “We are all for the rioters that are engaging in attacks on the police and government.”

The group also hacked the British Anti-terrorism Hotline to protest the extradition of suspects to the US. The group claims to be politically motivated, aiming to expose international governments hiding their wrongdoings.

5. Network Crack Program Hacker Group

Image Source

The Network Crack Program Hacker Group (NCPH) was formed in 1994, in Zigong, China. In 2006, the group was thought to consist of around 10 members, with four key players at the helm. It’s actually said that the group’s leader, Wicked Rose (real name Tan Dailin), works for the Chinese Army. The current size of the group is unknown.

Initially, NCPH got their kicks hacking into a large proportion of Chinese hacker association websites. Yet their attacks soon evolved. In 2006, Wicked Rose’s GinWui rootkit was employed in attacks on the US Department of Defense. And later that year, Internet security consultancy iDefense linked the group with a number of notable online attacks.

The group is also well known for the remote-network-control and network-infiltration programs they have available for download. What’s more, according Wicked Rose, NCPH is paid for their work by a mysterious sponsor. It is believed that the group’s benefactor is the People’s Liberation Army.

4. LulzSec

Image Source

One of LulzSec’s mottos is “Laughing at your security since 2011.” The group enjoys exposing security weaknesses and flaws, and their targets have included Fox.com, an X-Factor database (they released the contact information for 73,000 contestants), Sony, the CIA, and the FBI. They are said to have caused billions of dollars in damages.

In March 2012, top members of LulzSec were arrested, after their leader, code-named Sabu, turned them over to the FBI to face charges of conspiracy. A mere three months later, the group reemerged, hacking into a dating website for singles in the military. They dumped 170,937 email accounts, claiming that Lulzsec had been “reborn.”

3. Masters of Deception

Image Source

New York hacker group Masters of Deception was formed in 1989, as a bitter rival to Texas-based hackers Legion of Doom. The groups’ one-upmanship soon evolved into all out war, with racial and class overtones adding extra tension.

To prove their hacking prowess, Masters of Deception members allegedly carried out what has been dubbed “one of the most extensive thefts of computer information ever reported.” According to reports, they broke into tough-to-crack servers and stole confidential information, which they later sold. Secret Service members carried out major raids and succeeded in indicting five top hackers in the group. They were charged with “computer tampering, computer and wire fraud, illegal wiretapping, and conspiracy.” All five pleaded guilty.

2. Milw0rm

Image Source

On June 3, 1998, a group of hacktivists known as Milw0rm targeted the computers of India’s primary nuclear facility, the Bhabha Atomic Research Center. The group operated from the UK, the US, Russia and New Zealand, and they broke through the center’s firewalls. They lifted five megabytes of classified files about India’s last five nuclear tests, erased data from two servers, and posted anti-nuclear messages on the center’s website. The implications of the hack were huge and caused major upheaval as other institutions heightened their security.

One month later, Milw0rm hacked into a web hosting company named EasySpace, and within an hour they had posted their anti-nuclear message on 300 websites, including those of the FIFA World Cup, Drew Barrymore, Wimbledon, and the Saudi Royal Family.

1. Anonymous

Image Source

Anonymous is a huge, amorphous group of hackers that has gained considerable momentum over the past couple of years. On January 19, 2012, more than 5,635 people (some unknowingly) joined a distributed denial-of-service attack against supporters of the Stop Online Piracy Act. The sites they disabled included the FBI website, as well as those of the Justice Department, the Motion Picture Association of America, and Universal Music Group.

Other Anonymous activities include protesting UK extradition policies, tracking down cyber-criminals (such as “Internet predator” Chris Forcand), and taking down child porn sites hidden in the depths of the worldwide web. Anonymous has threatened Mexican drug cartel group “Los Zetas,” attacked the Pentagon, threatened to take down Facebook, and waged war on Scientology. The group’s motto is “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”

Bonus entry: 414s

Image Source

The notorious 414s group was really nothing more than six youths, aged 16-22, from Milwaukee, WI, whose curiosity lured them into the online world of hacking in the early ‘80s. Seemingly, they didn’t have any malicious intent, claiming that their main motivations were simply the challenge of doing things they weren’t supposed to do, curiosity, and having fun. However, their idea of fun turned out to be hacking into the Los Alamos National Library, Security Pacific Bank, and the Sloan-Kettering Cancer Center, where they caused $1,500 worth of damages by deleting billing records to cover their tracks.

In the end, the only penalty most of the members of 414s faced was being told to pay for the damage they had caused and having to promise to stop hacking. Substantial computer crime bills were passed in the US House of Representatives following the case.

How to get Wallpapers from a windows .themepack File without installing it.

Ever wanted to get Wallpaper from any of the windows .themepack file without installing it??

Well, Here is how to do That..

Before starting you need to have a file extracting software

I recommend FreeArc

Now uncheck 'Hide extensions for known file Types' from the Folder options like below :

Now goto the folder where you have your themepack and rename it from ' filename.themepack ' to ' filename.rar '

then simply click on the file and extract it using freeArc as shown in the picture below:

Here '3dcubes' is the file name..

now navigate to the folder named '3dcubes' and get your Wallpapers without installing the Themepack.. :) :)

Do share this blog with friends if you like this.

Like me on Facebook : www.fb.com/h4ck4fun

Twitter : https://twitter.com/Ultimat3_Hack3r

Youtube : http://www.youtube.com/Vishal9005

Microsoft flaw allows USB loaded with payload to bypass security controls

During March Patch Tuesday of 2013, Microsoft released seven new security bulletins, with four rated as critical, and others as Important. Most interesting one was MS13-027, which is rated as "important" because the attack requires physical access to the vulnerable machine.

This flaw allows anyone with a USB thumb drive loaded with the payload to bypass security controls and access a vulnerable system even if AutoRun is disabled, and the screen is locked. Flaw exposes your Windows PCs to major risk. If you remember Stuxnet, worm was injected to Iran's nuclear program system using USB thumb drive.

Windows typically discovers USB devices when they are inserted or when they change power sources (if they switch from plugged-in power to being powered off of the USB connection itself).

To exploit the vulnerability an attacker could add a maliciously formatted USB device to the system. When the Windows USB device drivers enumerate the device, parsing a specially crafted descriptor, the attacker could cause the system to execute malicious code in the context of the Windows kernel.

Because the vulnerability is triggered during device enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an un-authenticated elevation of privilege for an attacker with casual physical access to the machine.

Microsoft admits the flaw could "open additional avenues of exploitation that do not require direct physical access to the system," once the USB-based exploit is successful.

The vulnerabilities addressed by Microsoft do not include those exploited by security researchers at the recent Pwn2Own hacking competition  at the CanSecWest Conference in Vancouver.