Friday, October 29, 2010

Vulnerable Web Application for Learning

There are various vulnerable web applications out there to hone your skills. Some such packages would include the following:

Monday, October 25, 2010

Wednesday, October 20, 2010

Why Do So Many Geeks Hate Internet Explorer?

It is a great article explaining why geeks hate IE. It will surprise you when you know that:

  • IE3 ('96) introduces CSS, Java applets and ActiveX.
  • IE4 ('94) introduces Dynamic HTML, Active desktop Integration, and support cross platform.
  • IE5 ('99) introduces AJAX.


Sunday, October 17, 2010

NTFS Alternate Data Stream

Today, I decide to refresh my memory on NTFS ADS (Alternate Data Stream).

Ever since Windows 2000, the NTFS file system in Windows has supported Alternate Data Streams, which allow you to store data “behind” a filename with the use of a stream name. It is only available at NTFS file system and it isn't detectable while browsing the file system.

First you create an innocent file, for instance, called "default.txt" with Notepad. You can put any text into the file.

Secondly, to create a new stream that attach to the first file created. You can:
notepad default.txt:secret1.txt
And you can put any text into this new stream file, default.txt:secret1.txt. If you browse the folder that contains the file, you won't see it. You only see default.txt.

Next, you can also add text into the stream using command line:
echo "The quick brown fox jumps over the lazy dog." >> default.txt:secret1.txt
You also can read the text from the stream using command line:
more < default.txt:secret1.txt
Of course, you can always add second stream and view them in command line:
echo "The quick brown fox jumps over the lazy dog." >> default.txt:secret2.txt
more < default.txt:secret2.txt
Note that the file size for default.txt is not changed even you put a MB file into the stream. Then, to detect ADS, you may use a tool (cmdline) called "streams.exe" from Microsoft. The tool allows you to view if there is any stream attaching the file or not. It also allows you to strip all the streams (if any) from the file:
stream -d default.txt

Advanced Usage of ADS
We can make a new stream to not only file, but also folder. For example:
md folder1
cd folder1
echo "Hidden text in ADS" > :hidden.txt
more < :hidden.txt
Now, we will begin to store an EXE file as ADS and run it.
type c:\windows\notepad.exe >  default.txt:note.exe
start .\default.txt:note.exe
However, I notice that running it under Windows 7 seems doesn't work any more. Lastly, if you wish to retrieve back the executable file from the stream, you may:
cat default.txt:note.exe > note.exe

See practical guide to ADS for more information.

Sunday, October 03, 2010

Replacing JPEG

WebP is pronounced "weppy". /(wĕpˈē)/

WebP is a method of lossy compression that can be used on photographic images. The degree of compression is adjustable so a user can choose the trade-off between file size and image quality.

A WebP file consists of VP8 image data, and a container based on RIFF. Webmasters, web developers and browser developers can use the WebP format to create smaller, better looking images that can help make the web faster.

By using WebP, you can:

  • Provide a faster user experience on your site.
  • Reduce your bandwidth and hosting costs.
  • Improve the web!
Wanna compare the results? See in the gallery.

Let's go for WebP now!

Resize Columns in Explorer

You may already know how to resize a single column in Explorer (or Excel). 

Do you know how to resize all columns the quick way? 
Ctrl and Numpad +

Saturday, October 02, 2010

Put a USB Dongle Inside Your Mouse for Hidden Storage [DIY]

Put a USB Dongle Inside Your Mouse for Hidden Storage [DIY]: "
Put a USB Dongle Inside Your Mouse for Hidden StorageWe've featured a few ways to hide your data in plain sight, but DIYer Thice took a different approach: he actually hid a USB thumb drive inside his mouse.
Whether you're looking to hide a flash drive's worth of data or just free up a USB port on your computer, you can hide a USB dongle (whether it's a flash drive, a bluetooth module, or a Wi-Fi receiver) inside your mouse with a USB hub and a little ingenuity. You'll need to know how to solder, as well as (carefully) cut up the circuit board inside a USB hub, but it's a pretty neat hack if you have the room to fit all the parts in your mouse (or keyboard, or whatever else you might want to use). Hit the link to see how he did it.