- Damn Vulnerable Web App – Learn & Practice Web Hacking.
- Vicnum – Lightweight Vulnerable Web Application.
- Web Security Dojo – Training Environment For Web Application Security.
- WackoPicko - Why Johnny Can’t Pentest: An Analysis of Black-box Web Vulnerability Scanners? [PDF]
Oct 29, 2010
Vulnerable Web Application for Learning
There are various vulnerable web applications out there to hone your skills. Some such packages would include the following:
Oct 25, 2010
Oct 20, 2010
Why Do So Many Geeks Hate Internet Explorer?
It is a great article explaining why geeks hate IE. It will surprise you when you know that:
>>>> http://www.howtogeek.com/howto/32372/htg-explains-why-do-so-many-geeks-hate-internet-explorer/
- IE3 ('96) introduces CSS, Java applets and ActiveX.
- IE4 ('94) introduces Dynamic HTML, Active desktop Integration, and support cross platform.
- IE5 ('99) introduces AJAX.
>>>> http://www.howtogeek.com/howto/32372/htg-explains-why-do-so-many-geeks-hate-internet-explorer/
Oct 17, 2010
NTFS Alternate Data Stream
Today, I decide to refresh my memory on NTFS ADS (Alternate Data Stream).
Ever since Windows 2000, the NTFS file system in Windows has supported Alternate Data Streams, which allow you to store data “behind” a filename with the use of a stream name. It is only available at NTFS file system and it isn't detectable while browsing the file system.
First you create an innocent file, for instance, called "default.txt" with Notepad. You can put any text into the file.
Secondly, to create a new stream that attach to the first file created. You can:
Next, you can also add text into the stream using command line:
Advanced Usage of ADS
We can make a new stream to not only file, but also folder. For example:
See practical guide to ADS for more information.
Ever since Windows 2000, the NTFS file system in Windows has supported Alternate Data Streams, which allow you to store data “behind” a filename with the use of a stream name. It is only available at NTFS file system and it isn't detectable while browsing the file system.
First you create an innocent file, for instance, called "default.txt" with Notepad. You can put any text into the file.
Secondly, to create a new stream that attach to the first file created. You can:
notepad default.txt:secret1.txtAnd you can put any text into this new stream file, default.txt:secret1.txt. If you browse the folder that contains the file, you won't see it. You only see default.txt.
Next, you can also add text into the stream using command line:
echo "The quick brown fox jumps over the lazy dog." >> default.txt:secret1.txtYou also can read the text from the stream using command line:
more < default.txt:secret1.txtOf course, you can always add second stream and view them in command line:
echo "The quick brown fox jumps over the lazy dog." >> default.txt:secret2.txtNote that the file size for default.txt is not changed even you put a MB file into the stream. Then, to detect ADS, you may use a tool (cmdline) called "streams.exe" from Microsoft. The tool allows you to view if there is any stream attaching the file or not. It also allows you to strip all the streams (if any) from the file:
more < default.txt:secret2.txt
stream -d default.txt
Advanced Usage of ADS
We can make a new stream to not only file, but also folder. For example:
md folder1Now, we will begin to store an EXE file as ADS and run it.
cd folder1
echo "Hidden text in ADS" > :hidden.txt
more < :hidden.txt
type c:\windows\notepad.exe > default.txt:note.exeHowever, I notice that running it under Windows 7 seems doesn't work any more. Lastly, if you wish to retrieve back the executable file from the stream, you may:
start .\default.txt:note.exe
cat default.txt:note.exe > note.exe
See practical guide to ADS for more information.
Oct 3, 2010
Replacing JPEG
Tags:
WebP
WebP is pronounced "weppy". /(wĕpˈē)/
WebP is a method of lossy compression that can be used on photographic images. The degree of compression is adjustable so a user can choose the trade-off between file size and image quality.
A WebP file consists of VP8 image data, and a container based on RIFF. Webmasters, web developers and browser developers can use the WebP format to create smaller, better looking images that can help make the web faster.
By using WebP, you can:
WebP is a method of lossy compression that can be used on photographic images. The degree of compression is adjustable so a user can choose the trade-off between file size and image quality.
A WebP file consists of VP8 image data, and a container based on RIFF. Webmasters, web developers and browser developers can use the WebP format to create smaller, better looking images that can help make the web faster.
By using WebP, you can:
- Provide a faster user experience on your site.
- Reduce your bandwidth and hosting costs.
- Improve the web!
Wanna compare the results? See in the gallery.
Let's go for WebP now!
Resize Columns in Explorer
You may already know how to resize a single column in Explorer (or Excel).
Do you know how to resize all columns the quick way?
Ctrl and Numpad +
Oct 2, 2010
Put a USB Dongle Inside Your Mouse for Hidden Storage [DIY]
Tags:
USB
Put a USB Dongle Inside Your Mouse for Hidden Storage [DIY]: "
We've featured a few ways to hide your data in plain sight, but DIYer Thice took a different approach: he actually hid a USB thumb drive inside his mouse.
Whether you're looking to hide a flash drive's worth of data or just free up a USB port on your computer, you can hide a USB dongle (whether it's a flash drive, a bluetooth module, or a Wi-Fi receiver) inside your mouse with a USB hub and a little ingenuity. You'll need to know how to solder, as well as (carefully) cut up the circuit board inside a USB hub, but it's a pretty neat hack if you have the room to fit all the parts in your mouse (or keyboard, or whatever else you might want to use). Hit the link to see how he did it.
We've featured a few ways to hide your data in plain sight, but DIYer Thice took a different approach: he actually hid a USB thumb drive inside his mouse.Whether you're looking to hide a flash drive's worth of data or just free up a USB port on your computer, you can hide a USB dongle (whether it's a flash drive, a bluetooth module, or a Wi-Fi receiver) inside your mouse with a USB hub and a little ingenuity. You'll need to know how to solder, as well as (carefully) cut up the circuit board inside a USB hub, but it's a pretty neat hack if you have the room to fit all the parts in your mouse (or keyboard, or whatever else you might want to use). Hit the link to see how he did it.
Hiding Your Data in Plain Sight - USB Hardware Hiding [Thice.nl via Hack a Day]
Subscribe to:
Posts (Atom)