Thursday 29 September 2011

Simple Guide To Recording Counter Strike Game Using HLTV

Half-Life TV offers the ability to have an unlimited number of spectators watching online games. They can follow the game just like they would as a spectator on the game server. Also, it can be used to record the game you are playing. I am going to show how simply you can use HLTV to record your games.

HLTV.exe file is located at the root folder of your CounterStrike installation (eg: c:/Valve/Condition Zero). To record your game, run the hltv.exe file and then you need to connect to the Counter Strike server by issuing the connect IP:PORT. Check the screenshot below:

After the connection is successful, type record filename.dem and the recording will be initialized and in few seconds the actual recording will start as well.

After finishing recording of screenshot, you can type stop in the hltv console to stop and then just type exit to exit HLTV. To watch the demo later, run CounterStrike game and then in console(type ~ to reach console), type viewdemo filename.dem.

I hope this helps. :)


Wednesday 28 September 2011

Tools For Customizing Ubuntu Into Your Custom Distro

Hello everybody, I'm listing some of the tools that can be used to customize the ubuntu distro and create your own flavour of ubuntu. I'm saying ubuntu specifically because I've tested them on ubuntu but some work for all debian based distro and maybe some work for all linux distro.

If you want to customize the ubuntu distro, you need an ISO file of the ubuntu of your preferred version. For the terminal lovers, the following two links are very helpful:

Ubuntu Live CD Customization
Ubuntu Install CD Customization

Now for those people who hate terminal and would like to the same thing using GUI, I'm listing here few of the tools that you can use.

1) Ubuntu Customization Kit: UCK is a tool that helps you customizing official Ubuntu Live CDs (including Kubuntu/Xubuntu and Edubuntu) to your needs. You can add any package to the live system like, for example, language packs, applications, etc.

2) RemasterSys: This script creates a livecd of the installed system. You can either make a distributable livecd or backup of your system. The resulting iso file can be used on any other PC that still meets the original minimum requirements of Ubuntu or Debian. Things like the graphics card and other hardware will be configured and setup automatically and you do not have to use identical hardware. Ubuntu's live boot tool, casper, currently blacklists Nvidia and AMD proprietary drivers so they will not be available on the live system and will need to be reinstalled after installation of your custom system.

3) Reconstructor Engine: Reconstructor is a GNU/Linux distribution customization and creation toolkit. It allows for the customization of the Ubuntu GNU/Linux distribution. Customizations include boot logo image and text color, wallpaper, themes, icons, applications, and more. Personally, I didn't like this one very much. Check this site.

4) Live Magic: Live-helper is a collection of programs that can be used to build Debian Live system images. The philosophy behind live-helper is to provide a collection of small, simple, and easily understood tools that can be used in your own program to automate building of a Live system.

5) Live Scripts: Linux Live is a set of shell scripts which allows you to create your own Live Linux from an already installed Linux distribution. The Live system you create will be bootable from CD-ROM or a disk device, for example USB Flash Drive, USB Pen Drive, Camera connected to USB port, and so on. People use Linux Live scripts to boot Linux from iPod as well.

6) Revisor For Fedora: Revisor enables you to customize and compose your own Fedora based installation and live media. It does so by presenting you a GUI with all options you can click your way through, a command-line interface and extended configuration files for more advanced users. Features that Revisor has vary from customizing the packages available during the installation and/or installed on the live media, to fully customizing the desktop environment for the live media.

I hope these helps. :)


Happy Dashain 2011

We, the team of would like to wish all Hindus and Nepali people happy vijaya dashami 2066/2011 and we hope this Dashain brings peace, prosperity and love in each and every house of Nepal and we also hope that the country finds some right direction to attain political stability.


Shutter : Advanced Screenshot Tool For Linux

The default screenshot tool in linux(I'm using ubuntu 10.10) does not have much features as some of you might have desired but there exists yet another tool known as Shutter that has lots of functionalities as a screenshot tool. Shutter is a feature rich screenshot tool available for many flavours of linux distribution.

With shutter, you can take a screenshot of a specific area, window, your whole screen, or even of a website – apply different effects to it, draw on it to highlight points, and then upload to an image hosting site, all within one window. There are numerous plugins written in Perl and bash included within the shutter as plugins and you can give different sexy looks to your screenshot. So for a blogger, writer and screen-sharer, this tool is a must if you are using linux.

To install shutter, either open the software centre according to your distro, search for shutter and install from there. For ubuntu, you can alternatively type the following from your terminal to install shutter:

sudo apt-get install shutter

To open shutter, click on Applications -> Accessories -> Shutter. Then you can use various features of shutter to take screenshots of window, selection, websites and full screen and then edit your screenshot, hide the sensitive areas and apply effects of your choice to the screenshots.

Some sample screenshots of the tool itself:

GUI of shutter:

Screenshot of website:

Screenshot of selection:


Tuesday 27 September 2011

Qt4 Development Using Monkey Studio

Monkey Studio is a free and open-source crossplatform Qt 4 IDE. It is developed using the Qt library itself, meaning it will run on any platform supported by Qt 4. This allows you to work on the same project on multiple platforms using the same IDE. Monkey Studio uses the Qt Project file (.pro) to manage the project, and there are no extra files created.

With a active forum and wiki, Monkey Studio IDE offers pretty cool features for developing Qt4 Apps. Its noticeable features are:

- Monkey Studio also features * Advanced, customizable code editor, based on QScintilla.
- Syntax highlighting for more than 22 programming languages
- Templates wizard - create files or projects from templates
- Code restyling - quickly fix/update style of your code using AStyle
- Qt Designer integration
- Qt Assistant integration

To install MonkeyStudio in ubuntu, open the terminal and type:

sudo apt-get install monkeystudio

For downloads for other platforms and more information, visit official website.


Monday 26 September 2011

RSS and Related Security Issues For Business People

While RSS is a very simple way to expand your business and nothing complex is involved in RSS feed systems, you should never underestimate the security issues in any digitized systems, not even in really simple technology like RSS. A business company should always be aware of possible security risks in any system they are employing to help them in their tasks.

Most of you might believe there would not be much security issues in RSS feeds and feel that you need not worry about any cases of exploiting of your system but that's just a myth. Malicious attackers can inject scripts inside the feeds and affect thousands of feed readers with even a single vulnerability discovered in the popular RSS reader or aggregators.

Bad HTML or javascript can be injected as malware inside the feeds and if your business is gathering content from other sources and adding them to feeds, your feeds are likely to be affected by such malwares. Such scripts are generally injected in the feed titles, descriptions, links and other components of the RSS feeds. The scripts injected can exploit the possible vulnerabilities in the RSS readers of your subscribers leading to possible control of your subscriber's PC by the attacker. This can open possible backdoors by the installation of trojans or keyloggers using the proper exploits such as browser exploits, activex exploits, etc. and let the attacker steal the data by using possible local zone security attacks which can be the worst thing you can imagine happening to your business as customers are the life blood of every business and you engage customers everywhere. And if your customers are affected, then ultimately your business will be affected. Hence extreme care should be taken while importing content from other sources to develop your RSS contents.

Many times business owners like to include the comments from subscribers in the RSS contents and mostly they hardly watch the actual content in those comments. There is always a possibility of injection of malicious scripts in those comments as well. So proper filtering and stripping mechanism has to be employed before storing new contents to your RSS feeds rather than just storing those comments in the feed contents. The HTML tags such as script, embed, object, etc. are the ones that must be stripped out in most cases to avoid possible security issues. Also, using safe and secure RSS reader or aggregator is a good approach to RSS security. So you should choose the most secure RSS reader or aggregator from the available ones and suggest those to your subscribers. Also, make sure that your customers and employees use the latest and patched version of the reader so that maximum level of security is ensured.

In many cases, the RSS generators and other services in the RSS servers are also prone to security attacks and the attackers might be able to gain certain level of privilege in the system. In such case, the attackers can replace the original RSS feeds with their own affected version of RSS feeds which will then be delivered to your customers affecting your customers and your business as well. This can be devastating as this might lead not only to the script injections in the feeds but also stealing of many sensitive information from the server. For example, if your RSS server is used to host your business website or maybe for file sharing, the critical data related to them might be compromised as well. So proper security assessment of the server and network from the security professionals is necessary before taking your system live for production usage.

As a business owner, you must understand that security is a necessity in any system, be it a physical system or be it a digitized and online system and RSS is not an exception to this. If you want to succeed as a business owner, you should never underestimate the need of security and privacy and you should employ proper level of security as discussed above in the RSS system. Security in RSS system will ensure gaining of customers and expansion and promotion of your business so do not miss security practices in your RSS feed contents.


Monday 12 September 2011

Facebook Pwn - Facebook Profile Dumper Tool

FBPwn is a cross-platform Java based Facebook profile dumper, sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information,photos and friend list to a local folder.


A typical scenario is to gather the information from a user profile. The plugins are just a series of normal operations on FB, automated to increase the chance of you getting the info.

Typically, first you create a new blank account for the purpose of the test. Then, the friending plugin works first, by adding all the friends of the victim (to have some common friends). Then the clonning plugin asks you to choose one of the victims friends. The cloning plugin clones only the display picture and the display name of the chosen friend of victim and set it to the authenticated account. Afterwards, a friend request is sent to the victim's account. The dumper polls waiting for the friend to accept. As soon as the victim accepts the friend request, the dumper starts to save all accessable HTML pages (info, images, tags, ...etc) for offline examining.

After a a few minutes, probably the victim will unfriend the fake account after he/she figures out it's a fake, but probably it's too late!

Check FBPwn Google Code Page


Simple Movie Searching Trick with Google

While this post is not anything other than just another simple google dork for advanced google users, it still will help a lot of net beginners to search movies using google.

The trick for searching movies is just another usage of directory browsing feature in many webservers. So our text would be something like below:

"index of /" "parent directory" "movie name"

Just replace the movie name with the name of your movie and you are good to go. Moreover, you can customize this dork to include extensions(such as .avi, .mkv). Just be creative and you'll find most of the movies to download just by using google. And for download, I use axel or sometimes FatRat under linux.

For example, check the first result in the following dork for sniper movie. Yeah it is simple and really works.

"index of /" "parent directory" inurl:movies "sniper" ".avi"


Nixory - A Light Antispyware Tool

Nixory is a light and handy open source antispyware tool aimed at removing malicious tracking cookies. It currently supports Mozilla Firefox, Google Chrome and Internet Explorer and it runs on all major OS including Windows, Linux and MacOSx.

For more information and download, visit nixory sourceforge page.

Read more..., and their subdomains hacked, and their subdomains have been compromised by the hackers and the linux foundation has taken all the related servers down for clean-up.

The index page of and both state:

Linux Foundation infrastructure including,, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on

We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.

We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.

Please contact us at with questions about this matter.

The Linux Foundation


Monday 5 September 2011

Solving MySQL Connection Error In Non-standard Bundles

For a standard MySQL installation from software repository, there won't be much problem in using MySQL for different connections however if you install some other bundles such as LAMPP, you are most likely to see an error Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' however the solution to this is as easy as making a symbolic link of MySQL socket.

In my case, I had LAMPP installed and the MySQL socket was in the folder /opt/lampp/var/mysql/mysql.sock and your might be different so first figure out the location of this MySQL socket and then just enter the following commands and you're done.

samar@Techgaun:~$ sudo mkdir /var/run/mysqld/
samar@Techgaun:~$ sudo ln -s /opt/lampp/var/mysql/mysql.sock /var/run/mysqld/mysqld.sock

That should work as a charm. I hope this helps :)


Saturday 3 September 2011

Javascript Linux Emulator

JS/Linux is a javascript linux emulator developed by Fabrice Bellard and I believe its a very creative concept. Anyway, check the javascript linux here. Isn't it fun to have linux in the browser :D