Intro : PortableApps.com is the world's most popular portable software solution allowing you to take your favorite software with you. A fully open source and free platform, it works on any portable storage device (USB flash drive, memory card, portable hard drive, etc), cloud drive (DropBox, Google Drive, etc), or installed locally. With millions of users all over the world and a full collection of open source software as well as compatible freeware and commercial software and partners in the software and hardware industry, PortableApps.com is the most complete solution for life on the go. PortableApps.com was founded by John T. Haller, the developer behind numerous portable applications including "Portable Firefox" which started the portable software trend. We've been making software portable since March 2004. Today, our team stands at nearly 100 developers, translators, application packagers, designers and release testers. Our goal is to centralize the knowledge and development of portable software efforts and build a single, open platform which any software or hardware developer can use.
We used to write code for websites or web apps on daily basis but the code we develop need to be backed up or uploaded to some backup server. Which wastes a lot of time. We can save this time by using dropbox.
No doubt PHP is the best tool a web developer can have and if you develop applications on Windows you must have heard of Wamp Server. (Those who don't know Wamp let me tell you it can setup your local environment in minutes to start developing your applications). There are many tasks we used to repeat daily or many times a day.
The Outernet is a global networking project currently under development by the Media Development Investment Fund (MDIF), a United States-based non-profit organization. The Outernet’s goal is to provide free access to internet data through wifi, made available effectively to all parts of the world.
A new facebook exploit allows anyone to access any photo album of non-friends as long as you have the link.
By following the simple steps shown in above image, you can bypass the security of Facebook and view photos of others online.
All email communications on the internet are possible by two protocols:
1) Simple Mail Transfer Protocol (SMTP port-25)
2) Post Office Protocol (POP port-110)
E-Mail hacking consists of various techniques as discussed below.
1) EMail Tracing :- Generally, the path taken by an email while traveling from sender to receiver can be explained by following diagram.
Sender's Outbox----->Source Mail Server----->Interim Mail Server----->Destination Mail Server------>Destination Inbox.
The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this:
From Barr Thu Jan 3 05:33:26 2008
X-Apparently-To: email@example.com via 18.104.22.168; Thu, 03 Jan 2008 05:25:38 +0530
Authentication-Results: mta113.mail.in.yahoo.com from=destatis.de; domainkeys=neutral (no sig)
Received: from 22.214.171.124 (HELO dsl-189-160-34-89.prod-infinitum.com.mx) (126.96.36.199) by mta113.mail.in.yahoo.com with SMTP; Thu, 03 Jan 2008 05:25:38 +0530
Received: from dvapa ([188.8.131.52]) by dsl-189-160-34-89.prod-infinitum.com.mx with Microsoft SMTPSVC(6.0.3790.0); Wed, 2 Jan 2008 18:03:26 -0600
Date: Wed, 2 Jan 2008 18:03:26 -0600
From: "Barr" <firstname.lastname@example.org> Add to Address Book
User-Agent: Thunderbird 184.108.40.206 (Windows/20070728)
Subject: angel rubberneck
Content-Type: multipart/related; boundary="------------030604060204000701040304"
The above email header gives us the following information about it's origin and path:
a) Sender's email address :- email@example.com
b) Source IP address :- 220.127.116.11
c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx
d) Email client :- Thunderbird 18.104.22.168
There are lots of ready-made tools available on the internet which performs email tracing very effectively and shows exact geographical location for email sender on the world map.
Recommended Tools :
Download from the above link & enjoy!!!
Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-
1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.
To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.
Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80
This sends a string of 500 “a” characters for the user value to the login.php file.
Buffer overflow can be tested by sending repeated requests to the application and recording the server's response.
2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-
We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
That is, place the script tags on the URL.
4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.
The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports' or 1=1--
First of all u have to get an static IP-Address.
Need a a static ip-address for ur FTP Server.Necessity for getting this static ip-address is ur not suppose to use ur own IP-Address.The main reason is u dont want to show ur IP-Address to everyone , there are many other reasons too but leave them aside.. 1) Goto no-ip & create urself a free account.
2) Now ur account been created & ll receive ur account password via mail to ur email address.
3) After getting ur password login to ur account of no-ip.com
4.After getting logged in, click upon add a HOST its on the left menu.
5) Type any hostname u want (eg:-abc) & select any domain from da given list (eg:-ftpserve.com) Click on Submit.
6) Now u have owned ur own static address (example: abc.serveftp.com)
7) Now click downloads button which is present above on the page & click on which operating system ur using & den download DNS update client or u can download it from here directly, this is for microsoft window users..
8) After getting downloaded, u have to install this software & login here with ur email addresss & p/w wen asked for it.
9) At last tick on da check box present at the static address.
10) U have ur own static web address.
Installation & setting of the FTP-Server
1) You have to install Serv-U 4.1.03 , download this software from here
2) Run Serv-U & use da wizard to setup ur FTP.
3) Click on next until u have been asked for IP-Address, leave it as it is & click upon next.
4) Enter ur domain name u have registered (example: abc.serveftp.com) it above in da domain field & click upon next.
5) U ll be asked for anonymous access, select No & click upon next.
6) Next u ll be asked for creating a named account, select yes & click upon next.
7) Choose any user name u wish (eg:-xyz) & clcik upon next.
8) Enter password for dis account (eg:-adc341) for security purpose choose difficult password.
9) U ll be asked for da home directory for the account which u have created above.Select directory & click upon next.
10) Click on yes for locking dis account to da home directory, doing dis da user cannot further move up into home directory, click upon next.
11) At last ur account has been created click finish.
Configuring the user accounts which u have been created.
1) On the left tree-menu, select da account which u have been created above & den click upon General Tab.
2) Goto Hide 'Hidden' Files.
3) Check Allow only and enter the number one in the box.
4) Set da maximum downloading speed upto wat extent u want.As this is an account so many ll be using so set it low(eg:-10-20) to save ur bandwidth.Don't leave it blank as uers can download with full bandwidth.
5) choose how many users u want to login at on time.It depends on ur connection speed try these (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.)
6) Click upon Dir Access Tab.
7) Now u can c home folder here.Highlight it & make ur permission.
8) If u want only users to download check only these Read,List & Inherit.
9) If u want ur users to upload into ur server & bu tto only 1 particular folder but not to downlaod, click upon dat add button & then select dat folder, Now u have to highlight dat folder & set these permissions on dat folder.Check,Write,Appened,List,Create & Inherit after setting these permissions click on the arrow which is present at the bottom right-hand corner.U want dis upload folder 2 be list first, before da home folder.
10) If der is any folder which u dont want anyone to access it, & it is present in the home folder, den click da add button & den select da folder.Now u have to highlight dat folder & see dat no all da checkboxes are left.After doing this click upon upper arrow which is present at bottom right hand corner.
11) There are many things u can do, These are only the basics....
12) Your server is now ready to be connected..
13) Login with your username & password...
Have fun buddy!
Windows Genuine Hack :-
1) Download “Windows.Genuine.Advantage.Validation..rar”
2) Extract It.
3) Run “installer.bat” file.
5) Enjoy Your Validated Windows
_This is a exploit of the compression algorithms to make a small zip that will extract into extream amounts their are more ways and better ones than this one but i will only show how to make a simple 1k = 1m ratio.
1) Make a.txt file
2) Open and type the null character (alt + 255)
3) Press ctrl + a then ctrl + v a couple times to make some null bytes
4) If u have a hexeditor make the hex 00 for about 50 kilobytes.
5) Now make several copies of a.txt and name accordinly
6) Open cmd.exe
7) Type copy /b *.txt b.txt
8) Now every copy is made into a super copy and repeat
9) Once you have a nice empty big text file like 1gb. Put it in a zip archive.
Because of the simple construction of the file, 1gb of null bytes.....!
The zip is only 1 mb in size and can really annoy freinds.
For added fun hex edit the zip and you will see a bunch of hex 5555
Just add some more and the file will expand amazingly
Make sure to not open this after
You can always create your zip of death from the command line in linux
dd if=/dev/zero bs=1000 count=1000000 | gzip > test.gz
_This trick will allow you to create files and folders without any name
Just follow the steps as given below :-
1) Select any file or folder.
2) Right click on it, select 'Rename' or simply press 'F2'.
3) Press and hold the 'Alt' key. While holding the Alt key, type numbers '0160' from the numpad.
Note :- Type the numbers '0160' from the numpad, that is, the numbers present on the right side of the keyboard.
Don’t type the numbers which are present on top of the character keys.
4) Press Enter and the nameless file or folder will be created.
Reason :- The file or folder that seems nameless is actually named with a single space.
But what if you want to create another nameless file or folder in the same directory ?
For this you will have to rename the file with 2 spaces.
Just follow the steps given below :-
1) Select file, Press 'F2'.
2) Hold 'Alt' key and type '0160' from the numpad.
3) Release the 'Alt' key. Now without doing anything else, again hold 'Alt' key and type '0160'.
4) Press 'Enter' and you will have second nameless file in the same directory.
5) Repeat step 3 to create as many nameless files or folders in the same directory.
NOTE : if you faced any problem with deletion of these folders,just restart your computer in 'Safe Mode' and delete it from there.
B.Tech. (Software Engineer),
Help Us To Grow