Ajit Gaddam: TechNews and Security

Matt Cutts reported on this earlier today and as pointed out by him, Google Image Search got a makeover. The new Google Image Search emphasises the picture and not its domain name. When you move your mouse over an image, you are shown additional info like the size of the image, the image dimensions, the format of the image and also the link to the source of the image.

Additionally, if the source has more pictures with the same tag, Google Image Search allows you to select and choose “more results from” feature as shown in the picture below.

Another subtle addition is that of the definition for the search keyword. The defintions are provided by answers.com. Now, I am not sure if this feature is a new addition or I never noticed it before.

I personally am not a big fan of the change as earlier, while I still had the option of distilling image sizes by large images, medium images or small images, I could with a quick glance select the image with the dimensions I am looking for. Now, I need to do a mouse over to check their dimensions. Also, most people prefer going to reputed sites over unknown ones when selecting an image. With the domain name now hidden, this is a tedious chore.

The Show Desktop Icon is not a standard program shortcut but a Windows explorer command file written in plain text.If you have accidently deleted the Show Desktop Icons, here are the steps involved to recreate it:Step 1: Open a new notepad file and type the following text:

[Shell]
Command=2
IconFile=explorer.exe,3
[Taskbar]
Command=ToggleDesktop

Step 2: Save this file as “Show Desktop.scf” and remember that when you save the notepad file, keep the filetype under “all files” and not “.txt” type.

Step 3: Use the mouse to drag the Show Desktop.scf icon to the Quick Launch toolbar or another location where you want the shortcut to appear.

Alternatively, you can press the Win+D shortcut key for Show Desktop. It’s much the same as Win+M which will minimize all the open windows to the task bar.

Windows that don’t have a minimize button are minimized using Win+D but not with Win+M. That’s the only difference.

In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

The first recorded mention of phishing is on the alt.online-service.america-online Usenet newsgroup on January 2, 1996, although the term may have appeared even earlier in the print edition of the hacker magazine 2600. The term phishing is a variant of fishing, probably influenced by phreaking,  and alludes to the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords. The word may also be linked to leetspeak, in which ph is a common substitution for f.

Shown below is a sample email message I received from PayPal

If you dissect this email digging into its header and the content code, you will see two things jump out

Read the rest of this entry »

Every IT professional worth his/her salt has their own webpage/blog these days. While you may have people from all over the globe dropping a line at your site, Email harvesters are the most unwanted visitors on any website. These email spambots crawl the web via search engines to find and extract email addresses from webpages. E-mail addresses in your blog or webpage are no secret to spam robots. Here’s a guide that should help you protect your email addresses from these spam spiders. Techniques mentioned use text manipulation, Masking, HTML, Flash, CSS, and JS to hide email addresses.
How email spammers operate? Email addresses always contain an @ symbol. Most spambots do a pattern-search for likely combinations of letters (abc@xyz.com) like billgates@microsoft.com or larrypage@google.org in the HTML source of webpages. Often they just search for the @ character and grab all the letters on each side on the assumption that it’s a valid email address.
How to keep your email address available to humans but invisible to email spiders? There are tons of Email Address Protector software that claim to protect your email address in web pages and get rid of junk mail - Don’t waste your money, they only encode your email or generate a javascript snippet. We will discuss manual email encoding techniques here. If a visitor clicks an encryped email link on your website, it will work as normal, but spam robots will not be able to extract the address from the link. Read the rest of this entry »

A root kit is a collection of programs that intruders often install after they have compromised the root account of a system.
These programs will help the intruders clean up their tracks, as well as provide access back into the system.
Root kits will sometimes leave processes running so that the intruder can come back easily and without the system administrator’s knowledge.Solution

chkrootkit V. 0.46a

Nelson Murilo [nelson@pangeia.com.br] (main author)
Klaus Steding-Jessen [jessen@cert.br] (co-author)

This program locally checks for signs of a rootkit.
chkrootkit is available at: http://www.chkrootkit.org/

This tool includes software developed by the DFN-CERT, Univ. of Hamburg (chklastlog and chkwtmp), and small portions of ifconfig developed by Fred N. van Kempen, [waltje@uwalt.nl.mugnet.org].

What’s chkrootkit?

Read the rest of this entry »

It’s not an easy task to find a vulnerable service and find an exploit for it. It’s also not easy to defend against users who might want to exploit your system, if you are a system administrator. However, writing an exploit by yourself, to convert a news line from bug tracker into a working lockpick, is much more difficult. This article is not a guide on writing exploits, nor an overview of popular vulnerabilities. This is a step-by-step guide on developing a shellcode, a crucial point of any exploit software. Hopefully, learning how they work will help conscientious and respectable developers and system administrators to understand how malefactors think and to defend their systems against them.
How an Exploit WorksTake any exploit downloaded from the internet that promises you an easy root shell on a remote machine, and examine its source code. Find the most unintelligible piece of the code; it will be there, for sure. Most probably, you will find a several lines of strange and unrelated symbols; something like this:

Read the rest of this entry »

A lot of us who use Linux at work/school or have always grown up using unix commands for years and more often than not, there might have been instances where a ls command comes more naturally than the dir command at the command prompt in Windows. For the most part, a lot of us work around this drawback using the excellent tool: Cygwin. Cygwin is available for windows users here.The Cygwin tools are ports of the popular GNU development tools for Microsoft Windows. They run thanks to the Cygwin library which provides the UNIX system calls and environment these programs expect.

With these tools installed, it is possible to write Win32 console or GUI applications that make use of the standard Microsoft Win32 API and/or the Cygwin API. As a result, it is possible to easily port many significant Unix programs without the need for extensive changes to the source code. This includes configuring and building most of the available GNU software . Even if the development tools are of little to no use to you, you may have interest in the many standard Unix utilities provided with the package. They can be used both from the bash shell (provided) or from the standard Windows command shell.

While Cygwin would be an obvious choice for many Unix/Linux power users, there is an excellent and a much simpler alternative to using Cygwin. In this article, we will show you how to run your Unix commands right in the windows command prompt.

Read the rest of this entry »

In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

The first recorded mention of phishing is on the alt.online-service.america-online Usenet newsgroup on January 2, 1996, although the term may have appeared even earlier in the print edition of the hacker magazine 2600. The term phishing is a variant of fishing, probably influenced by phreaking,  and alludes to the use of increasingly sophisticated lures to “fish” for users’ financial information and passwords. The word may also be linked to leetspeak, in which ph is a common substitution for f.

Shown below is a sample email message I received from PayPal

If you dissect this email digging into its header and the content code, you will see two things jump out

Read the rest of this entry »

For all the geeks out there, do you know someone who tried to teach themselves how to read Barcode? Here is a list of Geek quotes, sayings and phrases. Some of them are from Boardofwisdom who put together a nice compilation themselves.

#1. Roses are #FF0000, Violets are #0000FF. All my base Are belong to you  — someone on SlashDot

#2. There is no place like 127.0.0.1

#3. Girls are like Internet Domain names, the ones I like are already taken

#4. Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning

#5. Computers are incredibly fast, accurate, and stupid; humans are incredibly slow, inaccurate and brilliant; together they are powerful beyond imagination. — Albert Einstein

#6. There are 10 types of people in the world: Those who understand binary and those who don’t.

#7. If at first you don’t succeed, call it version 1.0

#8. 1f u c4n r34d th1s u r34lly n33d t0 g37 l41d 

Read the rest of this entry »

This article is not a hacking tutorial. This is only to be used for educational purposes and should not be exploited.

Using simple command line tools on a machine running Windows XP, we will obtain system level priviledges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. This system account allows for several other things that aren’t normally possible (like resetting the administrator password).
The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager process list, as seen in the following screen shot:
Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message.

The following quote from Wikipedia explains this in a easy to understand way:

: In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.   Procedure to get system level access and previlege escalation in windows I will now walk you through the process of obtaining SYSTEM privileges and a demonstration of this Windows XP admin exploit / super user hack 

Read the rest of this entry »