Wednesday, March 28, 2012

US Driver's License Numbers


Florida, Illinois, Wisconsin, perhaps others


You might want to look at my disclaimer before using this information for anything important. You might want to seewarning about fake ids before using this information to make a fake id.
This particular page focuses on the algorithm shared by Florida, Illinois, and Wisconsin. For information on other states driver's license numbers see this page.
I've written programs so you can can calculate your license number based on your personal information, or you can determine your personal information from your driver's license number:
StateInfo to NumberNumber to Info
FloridaCalculate FloridaAnalyze Florida
IllinoisCalculate IllinoisAnalyze Illinois
WisconsinCalculate WisconsinAnalyze Wisconsin
A number of states encode your name, gender, and date of birth in your license number. These include Florida, Wisconsin, and Illinois. These states use the same system of encoding, or very similar ones. Given someone's driver's license number from one of these states, you can take good guesses at someone's name and exactly determine their gender and date of birth. With someone's name, date of birth, and gender, you can guess some or all of their driver's license number. (I expect this same system applies to State IDs, but I don't know.)
I'm not really sure why these numbers are designed so. A likely guess is that it allows a skilled bouncer to quickly identify sloppy fake ids.
When you remove the hyphens, these license numbers look like the following:
SSSSFFFYYDDD
F25592150094
The specific licenenses look like the following.
Florida:
SSSS-FFF-YY-DDD-N
F255-921-50-094-0
I'm told Florida uses a different system for state identifications. I don't know anything else about it.
Illinois Driver's License:
SSSS-FFFY-YDDD
F255-9215-0094

Illinois State ID:
SSSF-FFYY-DDDS
2559-2150-094F
Illinois State ID's simply move the initial letter to the end, but are otherwise calculated the same.
Wisconsin:
SSSS-FFFY-YDDD-NN
F255-9215-0121-03
The segments are:
SegmentExampleDescription
SSSSF255Soundex code
FFF921First name, middle initial
YY50Year of birth
DDD094Day and month of birth
NN03Overflow (not all states use this)

SSSS - Soundex code of your last name

Soundex is a hashing system for english words. You might want to look at further information on how soundex works.
The example soundex is F255, so the example name starts with F, so the name starts with an F, followed by a gutteral or sibilant, followed by a nasal, followed by another nasal. This is correct, as the example person's last name is "Fakename"
For my license generator, I simply implement this. For my license reverser, I simply take likely guesses. I also generated the Soundex code for the top 10,000 (ish) last names in the US, and I suggest the top 10 for any given code.

FFF - Encoded first name and middle initial

Look up your first name on this table:
NameCodeNameCodeNameCode
Albert20Frank260Marvin580
Alice20George300Mary580
Ann40Grace300Melvin600
Anna40Harold340Mildred600
Anne40Harriet340Patricia680
Annie40Harry360Paul680
Arthur40Hazel360Richard740
Bernard80Helen380Robert760
Bette80Henry380Ruby740
Bettie80James440Ruth760
Betty80Jane440Thelma820
Carl120Jayne440Thomas820
Catherine120Jean460Walter900
Charles140Joan480Wanda900
Dorthy180John460William920
Edward220Joseph480Wilma920
Elizabeth220Margaret560
Florence260Martin560
Donald180
Clara140
If you fail to find your name, look up your first initial on this table:
InitialCodeInitialCodeInitialCodeInitialCode
A0H320O640V860
B60I400P660W880
C100J420Q700X940
D160K500R720Y960
E200L520S780Z980
F240M540T800
G280N620U840
Now look up your middle initial on this table:
InitialCodeInitialCodeInitialCodeInitialCode
A1H8O14V18
B2I9P15W19
C3J10Q15X19
D4K11R16Y19
E5L12S17Z19
F6M13T18
G7N14U18
Now, if add together the code for either your first name (if possible) or your first initial to the code for your middle inital.
So, the example FFF code is 921. Looking it up, it's William or Wilma A. If it had been 001, we would simply know at the their initials are A. A. Since the example was generated for "William Andrew Fakename" this is correct.

Y-Y - Your birth year

The two numbers together represent the year of your birth. If you are born in 1968, it should read '68'. This is the easiest information to pick out of a WDL, and is often used to spot fakes.
The example Y-Y code is 50. Mr. or Ms Fakename was born in 1950.

DDD - Month and day of birth and gender

This portion encodes the month and day you were born on. The general equation is:
General: (birth_month - 1) * month_multiplier + birth_day + gender_mod
Florida: (birth_month - 1) * 40 + birth_day + (male:0, female: 500)
Illinois: (birth_month - 1) * 31 + birth_day + (male:0, female: 600)
Wisconsin: (birth_month - 1) * 40 + birth_day + (male:0, female: 500)
birth_month is the number of months into the year, January is 1, December is 12.
month_multiplier varies by state. Illinois uses 31. Wisconsin and Florida both use 40.
gender_mod varies by state. In Illinois men use 0, women use 600. In Wisconsin and Florida men use 0, women use 500.
If the result is less than 100, add zeroes to the left side to make it 3 digits. (So, January 1st is encoded as "001" for men in Illinois.)
Mr. or Ms Fakename's code is 094. Assuming we're looking at an Illinois license number, because that's less than 600, we know Mr. Fakename is male. His name is probably William and not Wilma. We can subtract 93 from that, which is 31 three times. So three months into the year, April. That leaves 1 left, which is the day. Mr. Fakename was born on April 1, 1950.

Overflow

Looking at this, may become clear that it is possible for two people with similar names to get the exact same driver's license number. For example, if "Joshua William Smith" and "Jack Wayne Snoddy" were born on the same day, they'll get the same Illinois drive's license number. This is solved with "overflow" numbers, a simple sequential number can be appended to each duplicate number to resolve the confusion.
Wisconsin prints a two digit overflow number on your license. As a result, the last two digits of your Wisconsin license number represent the number of people who had the same license number as you (ignoring the last two digits), when you got your license.
Florida prints a single digit overflow number on your license. As a result, the last digit of your Florida license number represent the number of people who had the same license number as you (ignoring the last two digits), when you got your license.
There are number of urban legends about Florida driver's license overflow numbers. The legends claim that the number represents the number of times you've been arrested for drunk driving (DUI, DWI, etc), or convicted for drunk driving, or convicted of a felony. I don't believe it. First, why bother? Who needs to know this information? Not a cop arresting you? They'll arrest a drunk driver no matter what. Prior convictions only matter when you're in front of a judge, and the judge has access to the database. Second, as noted above: if you don't have overflow digits, you'll occasionally two people with the exact same driver's license number. Can you imagine what a mess that would be. (Indeed, this is occasionally a problem in Illinois, which doesn't have overflow digits.) Now, it's entirely possible that I'm wrong. If you're sure that I am, and can point me to a reliable source to support an alternate theory, please let me know! Much of the information on this page comes from people who contacted me with corrections.
Illinois may have overflow digits, but if they do the information is not on your driver's license. This means that if Joshua William Smith is wanted by police and his driver's license number is flagged as such, Jack Wayne Snoddy may be briefly detained while the police check their records to sort out the shared number. I have been told that Illinois state databases actually include a two or three digit number to distinguish between different people with the same license. One correspondent told me that their friend was pulled over for a minor traffic violation and was arrested as someone else. He sat in the police car for a while while they sorted it out. He and the other person had the exact same number; the other guy was a wanted man, but my correspondent's friend did not.

Wednesday, March 14, 2012

Newest way to send Virus using Old school techniques


FedEx Customer Service service.team@fedex.com via arcsolar.com 
2:04 PM (17 hours ago)
to me
This is a post notification,

Your package has been returned to the FedEx office.
The reason of the return is - Incorrect delivery address of the package.
Please print out the invoice copy attached and collect the package at our office.

FedEx Logistics Services.
FedEx_Invoice_Copy_N712-41.zipFedEx_Invoice_Copy_N712-41.zip
3 things to look out for:
1.service.team@fedex.com via arcsolar.com >> 
Simple Google will tell you that arcsolar is in no way affiliated to FedEx , rather it is a compromised domain trying to send me virus
2. FedEx_Invoice_Copy_N712-41.zip >>
Why would anyone send invoice in form of .zip file instead of .doc or .pdf formats, which are industry standards.
If you open this file - your email or your computer will be corrupted as zip file contains malicious exe file.
3. Do you really think that some has your right email id but wrong shipping address with FedEx? What are likelihood of that. Don't get greedy or curious, just delete the email

Saturday, December 17, 2011




Even the computer knows there is no manual for woman :)

Ever wanted to poke your sh3ll??? then try the second command...

Have a great weekend!!!!!!!!!

Thursday, December 15, 2011

WORK How To Break Into A Windows PC (And Prevent It From Happening To You)


Whether you’ve forgotten your password or you have a more malicious intent, it’s actually extremely easy to break into a Windows computer without knowing the password. Here’s how to do it, and how to prevent others from doing the same to you.
There are a few methods to breaking into a computer, each with their own strengths and weaknesses. We’ll go through three of the best methods, and nail down their shortcomings so you know which one to use—and how to exploit their weaknesses to keep your own computer secure.

The Lazy Method: Use a Linux Live CD to Get at the Files

If you don’t need access to the OS itself, just a few files, you don’t need to go through much trouble at all. You can grab any Linux live CD and just drag-and drop files onto a USB hard drive, as you would in any other OS.
How it Works
Just download the live .iso file for any Linux distribution (like theever-popular Ubuntu) and burn it to CD. Stick it in the computer you want to access and boot up from that CD. Pick “Try Ubuntu” when it comes up with the first menu, and it should take you right into a desktop environment. From here, you can access most of the hard drive just by going to the Places menu in the menu bar and choosing the Windows drive. It should see any NTFS drives just fine.
Note that depending on the permissions of some files, you might need root access. If you’re having trouble viewing or copying some files, open up a terminal window (by going to Applications > Accessories > Terminal) and type in gksudo nautilus, leaving the password blank when prompted. You should now have access to everything.
How to Beat it
The main problem with this method (apart from only giving you access to the file system) is that you won’t be able to access any encrypted files, even when using gksudo. So, if the owner of the computer has encrypted any of their files (orencrypted the entire OS), you won’t get very far.

Sneaky Command-Line Fu: Reset the Password with the System Rescue CD

If you need access to the operating system itself, the Linux-based System Rescue CD is a good option for breaking in. You’ll need to do a bit of command line work, but as long as you follow the instructions closely you should be fine.
How it Works
Just download the .iso file for the System Rescue Live CD and burn it to disc. Boot from the disc and hit the default option when the blue screen comes up. After everything loads and you’re presented with a command-line interface, type fdisk -l to see the drives and partitions on your computer. Pick the Windows partition (usually the largest NTFS partition) and note the name, e.g. /dev/sda3.
Then, run the following command:
ntfs-3g /dev/sda3 /mnt/windows –o force
Make sure to replace /dev/sda3 with the partition you noted earlier. Next, cd to your Windows/System32/config directory with this command:
cd /mnt/windows/Windows/System32/config
We want to edit the SAM file in this folder, so type the following command to get a list of users:
chntpw –l SAM
Note the username you want to access, and then type the following command, replacing Whitson Gordon with the username in question.
chntpw –u “Whitson Gordon” SAM
At the next screen, choose the first option by typing the number 1 and hitting Enter. This will clear the user password, making it blank. When it asks you to write hive files, hit y and press Enter. It should say OK, and then you can type reboot to reboot the computer. When you boot into Windows, you’ll be able to log in to that user’s account without a password.
How to Beat it
Once again, the downside to this method is that it’s vulnerable to encryption. Since clearing the password requires editing Windows system files, you won’t be able to do so if the user has encrypted their entire OS. If they’ve only encrypted a few files, though, you’ll still be able to access all the unencrypted stuff without problem.

Brute Force: Crack the Password with Ophcrack

Where the other two methods are vulnerable to encryption, this method will give you full access to everything the user can access, including encrypted files, since this method relies on finding out the user’s password instead of bypassing it.
How it Works
We’ve actually gone through this method before, but it doesn’t hurt to have a refresher. All you need to do is download and burn the Ophcrack Live CD (use the Vista version if you’re cracking a Windows 7 PC) and boot from it on your computer. It’ll take a little bit of time to boot, but eventually it will bring you to a desktop environment and start attempting to crack passwords. This may take a while. You’ll see the passwords pop up in the top pane of the window, though, when it finds them (or, if it doesn’t find them, it’ll notify you). You can then reboot and log in to Windows using those passwords.
How to Beat it
While this method works on encrypted OSes, it can’t crack every password out there. To increase your chance of having an uncrackable password, use something complicated and greater than 14 characters. The stronger your password, the less likely Ophcrack will be able to figure it out.
There are a lot of methods to break into a Windows computer (in fact, we’ve featured some of them before), but these are a few of the best and most widely useful. Apart from encryption, very little can stop the first two methods, and on those occasions you have Ophcrack to possibly fall back on. Got your own favourite method for getting into your computer without a password?

Thursday, December 8, 2011

Hide data in files with easy steganography tools


Remember those invisible ink kits from when you were a kid? You'd write a secret message that no one could see unless they had a black light or the decoder marker. The digital equivalent of invisible ink issteganography software, apps that embed files and data inside other files, hidden from everyone who doesn't know any better.
You don't have to be a trained spy plotting international espionage to put steganography to good use. With some free tools for both the Mac and PC, you can embed secret information in image, PDF, HTML and MP3 files for fun or profit.

Why stego?

Unlike encryption, which obscures data in such a way that it's obvious someone's keeping something from listeners-in (and therefore heightens interest in that info), stego techniques offer no hint to the outsider that there's any private data contained within the visible file. Like hiding your valuables from burglars in an empty cereal box in your kitchen cabinet, steganography keeps the existence of the secret item from everyone but those in the know.
In fact, right here in this Lifehacker logo image, there's a message hidden for you:

Here's how to go about decoding it.

Hide in Picture (Windows)

The free Hide in Picture (Windows only) embeds files into GIF or BMP images, and lets you set a password to retrieve the hidden file. The Hide in Picture interface is barebones, as you can see:

Use Hide in Picture to decode the message hidden in the image above. (Hint: the password is lhacker.)
Other free Windows tools offer more filetype support. wbStego can encode and decode files in PDF's, HTML files or bitmaps. mp3stegoembeds text inside MP3 files (command lineand GUI interface available.) Here are more Windows stego software options [viaWebby's World]. Be warned: while all of these tools work, none of them will win awards for being good-looking.

Pict Encrypt (Mac)

Similarly, the free Pict Encrypt (Mac only, thanks, Mirko!) adds text to GIF, JPEG, TIFF, PNG and MacPICT images, locks it with a password, and saves the file with hidden data as a PICT file. Its interface is a simple, barebones wizard that leads you through the encrypt and decrypt process. One difference between Pict Encrypt and Hide in Picture is that you don't embed another file; you actually enter your secret text into the Pict Encrypt wizard, as shown.

Pict Encrypt's text editor is pretty low level; some text navigation keys like Cmd-right arrow don't work, so be prepared.

Command line - cat your gif and zip

Finally, for those of you comfortable on the command line, reader Jason H. writes in with a nifty stego trick using built-in tools. The premise of this technique is to append a .zip file to the end of a .gif file, resulting in a file which is readable by both .gif programs and .zip programs.
Jason explains why this works (with the help, he says, from a long-lost thread at Something Awful):
It works because .gif files keep all of their information in the headers, while .zip files keep them in the footer. Since that's the case, .gif viewers read from the front of the file, while .zip readers read from the end.
Here's how to combine your .gif and .zip. At the Windows prompt use this command:
copy /B source.gif+source.zip target.gif
Or in Linux/Mac:
cat somefile.zip >> somefile.gif
The problem with this method is that not all zip programs can extract the resulting file. When I tried, both 7-Zip and Windows built-in extraction failed, but WinRAR handled it just fine. Still, that's something the intended recipient should know.
For double super-duper security, password the zip file that you hide inside the image. WinRAR and 7-Zip both let you add passwords to a zip archive.

Uses for stego

So now that you know how to hide files in files, why would you do it? Here are a few uses for stego:
  • You suspect someone's illegally distributing your copyrighted PDF's or images, so you add hidden copyright information in them using stego tools to double-check.
  • You want to exchange information like passwords or sensitive images over an insecure transmission protocol, like email.
  • You want to embed secret files available only to a select few in a public forum.
  • You want to impress your friends and co-workers with your sneaky ways.
Source : Lifehacker