Wednesday 29 September 2010
Running firefox inside firefox
This is not a useful thing but still is a fun trick to show to your friends.
Just paste the following code in your mozilla firefox address bar and hit ENTER to see the new firefox inside the firefox.
View the screenshot below to see how it looks like:
Read more...
Just paste the following code in your mozilla firefox address bar and hit ENTER to see the new firefox inside the firefox.
chrome://browser/content/browser.xul
View the screenshot below to see how it looks like:
Read more...
Bookmark this post: | 
|
Batch to C Converter
This small snippet of C source code converts the commands of batch (i.e. the commands you type in command prompt) into the C source code. It was compiled in Dev-CPP and is pretty basic. I hope some of you might find it useful. It just uses the system() command of stdlib.h header file.
Source code:
Have fun :)
Read more...
Source code:
/*********************************************
* Batch DOS To C Source Code Converter v.1.1 *
* Coded by Samar Dhwoj Acharya aka $yph3r$am *
* Website => http://techgaun.blogspot.com *
* E-mail meh at samar_acharya[at]hotmail.com *
* I know to code: PHP, PERL, C, JAVA, PYTHON *
*********************************************/
//include header files...
#include <stdio.h>
#include <conio.h>
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
int main()
{
FILE *fp;
char filename[30]; //filename for source code
// starting header of outputted file
char header[300] = "/*\nBatch DOS command To C Source Converter\nBy sam207 (samar_acharya[at]hotmail.com)\nhttp://www.sampctricks.blogspot.com\nhttp://nepali.netau.net\n*/\n";
//all the includes in output file
char incs[200] = "#include <stdio.h>\n#include <conio.h>\n#include <stdlib.h>\nint main()\n{\n";
//end part of output file
char end[50] = "\tgetch();\n}";
//for command
char cmd[150];
printf("\t+----------------------------+\n");
printf("\t|BATCH TO C SOURCE CONVERTER |\n");
printf("\t|CODED BY SAMARDHWOJ ACHARYA |\n");
printf("\t+----------------------------+\n");
printf("\nEnter the filename(with .c extension): ");
scanf("%s",filename);
fp = fopen(filename,"w");
if (fp==NULL)
{
printf("Some error occurred while opening file");
getch();
exit(1);
}
else
{
fprintf(fp,"%s%s",header,incs);
printf("\nNow start entering DOS commands: \n");
printf("When finished, type 'end' for the end of commands\n");
printf("\nStart:\n\n");
gets(cmd);
while (1)
{
gets(cmd);
if (!strcmp(cmd,"end"))
{
break; //if end is typed, get out of loop
}
fprintf(fp,"\tsystem(\"%s\");\n",cmd);
}
fprintf(fp,"\tprintf(\"\\n\");");
fprintf(fp,"\n%s",end);
printf("\n\nFile successfully created");
printf("\nNow compile it with any C compiler");
printf("\nThanks for using this little app");
fclose(fp);
}
getch();
}
Read more...
Bookmark this post: |
|
Tuesday 28 September 2010
Full path disclosure tutorial
Full path disclosure(FPD) is the revelation of the full operating path of a vulnerable script. Full Path Disclosure vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/samar/public_html/. FPD bugs are executed by providing unexpected characters to the vulnerable functions that will in return output the full path of the vulnerable script.
FPD bugs are often overlooked and are not considered as the security threat by many webmasters but that's not true. FPD might be useful for the hackers to determine the structure of the server and they can utilize it to perform other attacks such as file inclusion attacks or load_file() attacks via sql injection.
How to execute FPD
a) Nulled session cookie
Nulled session injection or illegal session injection is done by changing the value of session cookie to an invalid or illegal character.
Illegal Session Injection is made possible via changing the value of the session cookie to an invalid, or illegal character. The most common method is by injecting the NULL character to the PHPSESSID cookie. To inject a PHPSESSID cookie, use JavaScript injection via the URL bar:
On setting the PHPSESSID cookie value to NULL, we can see the result like:
b) Array parameter injection(Empty array)
This is another common method of executing the full path disclosure vulnerabilities and usually works for me in many sites. There are different PHP functions which will output warning message along with the full path of the script such as htmlentities(), mysql_num_rows(), opendir(), etc.
We can exploit the $_GET variables... Lets take a simple example:
Now, lets exploit the $_GET['page'] variable which will look as below:
The full path disclosure can be prevented by turning off the display of errors either in php.ini configuration file or in the script itself:
php.ini
in php scripts
Read more...
FPD bugs are often overlooked and are not considered as the security threat by many webmasters but that's not true. FPD might be useful for the hackers to determine the structure of the server and they can utilize it to perform other attacks such as file inclusion attacks or load_file() attacks via sql injection.
How to execute FPD
a) Nulled session cookie
Nulled session injection or illegal session injection is done by changing the value of session cookie to an invalid or illegal character.
Illegal Session Injection is made possible via changing the value of the session cookie to an invalid, or illegal character. The most common method is by injecting the NULL character to the PHPSESSID cookie. To inject a PHPSESSID cookie, use JavaScript injection via the URL bar:
javascript:void(document.cookie="PHPSESSID=");
On setting the PHPSESSID cookie value to NULL, we can see the result like:
Warning: session_start() [function.session-start]: The session id contains illegal characters,
valid characters are a-z, A-Z, 0-9 and '-,' in /home/samar/public_html/includes/functions.php on line 3
valid characters are a-z, A-Z, 0-9 and '-,' in /home/samar/public_html/includes/functions.php on line 3
b) Array parameter injection(Empty array)
This is another common method of executing the full path disclosure vulnerabilities and usually works for me in many sites. There are different PHP functions which will output warning message along with the full path of the script such as htmlentities(), mysql_num_rows(), opendir(), etc.
We can exploit the $_GET variables... Lets take a simple example:
http://localhost/index.php?page=main
Now, lets exploit the $_GET['page'] variable which will look as below:
http://localhost/index.php?page[]=main
The full path disclosure can be prevented by turning off the display of errors either in php.ini configuration file or in the script itself:
php.ini
display_errors = 'off'
in php scripts
error_reporting(0);
//or
ini_set('display_errors', false);
//or
ini_set('display_errors', false);
Read more...
Bookmark this post: |
|
Nepali MP3 Songs Downloads [My Playlist]
Some of the nepali songs from my playlist, they are great songs to listen. If you need any other songs, request in this post and I shall try to find them for you.
Download different MP3 songs from the following folder:
Nepali MP3 collection
The songs available for the downloads are:
1) Amar rahos timro maya - phursang lama
2) Antim maya
3) bhoolmaa bhulyo - Robin
4) Bihana pahile ghaama udaune[patriotic song] - Sindhu Jalesa
5) Birsana - Aastha
6) Birshu Bhanchhu - Impulse 21 (confused :p)
7) Harpal tyo timro - Aastha
8) Malai bholi kei bhaye - Karna Das
9) Nabhana mero - Adrian Pradhan [1974 A.D.]
10) Pagal nabhana malai - The Edge
11) Prayas - The Edge
12) Sadhai sadhai
13) Samikshya - Vedh (confused again)
14) timi binaako jeevan
15) timilai odaidiyeko ghumto - sayas
16) Timro sparsa - Basan Shrestha
I'm confused with the name of singers of some songs(I usually don't try to know the artists)...
Enjoy my playlist. :)
Read more...
Download different MP3 songs from the following folder:
Nepali MP3 collection
The songs available for the downloads are:
1) Amar rahos timro maya - phursang lama
2) Antim maya
3) bhoolmaa bhulyo - Robin
4) Bihana pahile ghaama udaune[patriotic song] - Sindhu Jalesa
5) Birsana - Aastha
6) Birshu Bhanchhu - Impulse 21 (confused :p)
7) Harpal tyo timro - Aastha
8) Malai bholi kei bhaye - Karna Das
9) Nabhana mero - Adrian Pradhan [1974 A.D.]
10) Pagal nabhana malai - The Edge
11) Prayas - The Edge
12) Sadhai sadhai
13) Samikshya - Vedh (confused again)
14) timi binaako jeevan
15) timilai odaidiyeko ghumto - sayas
16) Timro sparsa - Basan Shrestha
I'm confused with the name of singers of some songs(I usually don't try to know the artists)...
Enjoy my playlist. :)
Read more...
Bookmark this post: |
|
Monday 27 September 2010
Edjpgcom - add comments inside a jpg image
We can sometimes exploit the image upload features and then use file inclusion vulnerabilities to get shell in a server. If the image upload form only allows the .jpg and other valid image files and you locate a local file inclusion vulnerability, you can upload the malicious jpg file containing the PHP code as the commment in it.
In order to add the comment easily inside the jpg images, we can use a small tool called edjpgcom, a jpg commenter. You can drag a jpg image to the edjpgcom icon which will open a window to add comment to the jpg image.
Download EDJPGCOM
Read more...
In order to add the comment easily inside the jpg images, we can use a small tool called edjpgcom, a jpg commenter. You can drag a jpg image to the edjpgcom icon which will open a window to add comment to the jpg image.
Download EDJPGCOM
Read more...
Bookmark this post: |
|
Friday 24 September 2010
Making a autorun in Pen[USB] drive [autorun.inf]
In this post, I shall be writing about creating autorun file in order to run or execute any program from your pendrive. Autorun.inf is a special file that can contain the information regarding the icon for drive, autorun programs, etc.
Using autorun.inf can also be useful for running the virii and worms automatically from the USB drive.
How to:
1) Open notepad
2) Type the following:
This autorun.inf file now should be saved in the root directory of your USB drive and you'll have your autorun file... :)
Now let me say the way of changing icon of the drive. In order to change the icon of your USB drive, type the following in autorun.inf file.
That's all. :)
Read more...
Using autorun.inf can also be useful for running the virii and worms automatically from the USB drive.
How to:
1) Open notepad
2) Type the following:
[autorun]
Icon=default
label=[YourLabelHere]
open=targetprogramname.exe
Icon=default
label=[YourLabelHere]
open=targetprogramname.exe
This autorun.inf file now should be saved in the root directory of your USB drive and you'll have your autorun file... :)
Now let me say the way of changing icon of the drive. In order to change the icon of your USB drive, type the following in autorun.inf file.
[autorun]
icon=[youricon.ico]
label=[YourLabelHere]
icon=[youricon.ico]
label=[YourLabelHere]
That's all. :)
Read more...
Bookmark this post: |
|
Wednesday 22 September 2010
Funny Google Tricks
In this post, I'm listing few funny google tricks I have learnt in the recent days. Though not so useful, they are something cool to know...
1) Hidden game from google:
- Go to http://www.google.com/Easter/feature_easter.html
You'll be able to play the hidden game offered by google. :)
2) Google reversed
- Go to Google homepage
On the search box, type google reverse or elgoog and press on I am feeling lucky button.
You'll see reversed google. :)
3) Find Chuck Noris
- Go to Google homepage
On the search box, type find Chuck Noris and press on I am feeling lucky button. See the result.. :p
4) Answer to life the universe and everything
- On the google homepage search box, type answer to life the universe and everything. You'll see the google's calculation of the answer to life the universe and everything.
5) Who's the cutest
- Go to google homepage
On the search box, type who's the cutest and press on I am feeling lucky button. You'll be so happy with the result... :P
6) Google epic
- Go to google homepage
On the search box, type google epic and press on I am feeling lucky button. Wait for a while and you'll see everything expanding in the page.
7) Google rainbow
- Go to google homepage
On the search box, type google rainbow and press on I am feeling lucky button. You'll reach the page with colourful texts.
Read more...
1) Hidden game from google:
- Go to http://www.google.com/Easter/feature_easter.html
You'll be able to play the hidden game offered by google. :)
2) Google reversed
- Go to Google homepage
On the search box, type google reverse or elgoog and press on I am feeling lucky button.
You'll see reversed google. :)
3) Find Chuck Noris
- Go to Google homepage
On the search box, type find Chuck Noris and press on I am feeling lucky button. See the result.. :p
4) Answer to life the universe and everything
- On the google homepage search box, type answer to life the universe and everything. You'll see the google's calculation of the answer to life the universe and everything.
5) Who's the cutest
- Go to google homepage
On the search box, type who's the cutest and press on I am feeling lucky button. You'll be so happy with the result... :P
6) Google epic
- Go to google homepage
On the search box, type google epic and press on I am feeling lucky button. Wait for a while and you'll see everything expanding in the page.
7) Google rainbow
- Go to google homepage
On the search box, type google rainbow and press on I am feeling lucky button. You'll reach the page with colourful texts.
Read more...
Bookmark this post: |
|
Replacing All Instances of a Word in string [PHP]
PHP offers a useful function called str_replace() that can be used to replace every instance of a word in a string. This function takes three compulsory arguments and one optional argument.
The first argument represents the string to be replaced, the second the replacement value and the third the target string. The function returns the modified string.
Example:
Now, what if you want to work with arrays of words to replace with, for instance, in the censoring tasks. You can write some PHP stuff as below to perform the task.
Also, refer to the str_ireplace(), the case insensitive version of this function.
Hope this helps. :)
Edit: Thanks to cr4ck3r for the comments. Updated the post... :)
Read more...
The first argument represents the string to be replaced, the second the replacement value and the third the target string. The function returns the modified string.
Example:
<?php
function replace($string)
{
return str_replace("dog", "samar", $string);
}
$str = "I am dog so you call me dog";
echo $str;
echo "
".replace($str); //call replace function
?>
Output:
I am dog so you call me dog
I am samar so you call me samar
function replace($string)
{
return str_replace("dog", "samar", $string);
}
$str = "I am dog so you call me dog";
echo $str;
echo "
".replace($str); //call replace function
?>
Output:
I am dog so you call me dog
I am samar so you call me samar
Now, what if you want to work with arrays of words to replace with, for instance, in the censoring tasks. You can write some PHP stuff as below to perform the task.
<?php
function badword_censor($string)
{
$string = strtolower($string);
$badwords = array("fuck","bitch","cunt","faggot","penis","vagina","dick","pussy");
// add as per your requirement
$string = str_replace($badwords,"*censored*",$string);
return $string;
}
$str = "Fuck you bitch.";
//echo $str;
echo "
".badword_censor($str);
?>
Output:
*censored* you *censored*.
function badword_censor($string)
{
$string = strtolower($string);
$badwords = array("fuck","bitch","cunt","faggot","penis","vagina","dick","pussy");
// add as per your requirement
$string = str_replace($badwords,"*censored*",$string);
return $string;
}
$str = "Fuck you bitch.";
//echo $str;
echo "
".badword_censor($str);
?>
Output:
*censored* you *censored*.
Also, refer to the str_ireplace(), the case insensitive version of this function.
Hope this helps. :)
Edit: Thanks to cr4ck3r for the comments. Updated the post... :)
Read more...
Bookmark this post: |
|
Subscribe to:
Posts (Atom)