Searching Google for RapidShare Links

In Google search form, key in the following:

site:rapidshare.com filetype:zip OR rar

This searches the site rapidshare.com for any file that is in zip or rar format. To do some advanced searching, do the following:

hacking site:rapidshare.com filetype:zip OR rar datarange:2454606-2454614

Above is the similar search but it specifically searches for “hacking” with the same search criteria, and with the date range added.

Keep these 3 criteria in mind:

1. site: your site of choice to search

2. filetype: filetypes you wanna search

3. daterange: (startdate-enddate) The date the file has been indexed. From the above example, it is from 20th May 08 to 28th May 08.

* This uses the “julian calendar”, converter can be found here:
http://aa.usno.navy.mil/data/docs/JulianDate.html

Get Back the Command I Typed A While Ago

Always we need to keep on repeating the same commands again and again. In Linux, there is a program that records each command that we type into a terminal called history. However it is understood that by typing ‘history’ over and over again each time we would like to search for the previous commands are time consuming. To get around with this, the terminal allow us to use UP arrow to get back those commands. But again, it would be taking a long time to keep searching until we are able to locate the command IF it is being typed long while ago. There are always better way, which is using CTRL+R at and empty command prompt. It should looks like this:

(reverse-i-search)`’:

By providing just partially of a previous command that we are looking for, we will find the most recent command that matches the characters AS we type them.

The other cool way is using grep command. It is relatively simple and should look something like this:

host@machine [504]$ history | grep jetty
471 jetty-dump-servlet-xss 192.168.1.10
472 less /opt/scripts/jetty-dump-servlet-xss/1/0.t
504 history | grep jetty

ASP.NET Version Leakage

There is a simple way of finding out what version of ASP.NET applications a web server is currently using. By observing the response from the target server after submitting the request to the /trace.axd or /approot/trace.axd, noted that the version is leaked in the response header:

user@machine [501]$ telnet {target} {port/normally 80 for web server}
Trying x.x.x.x…
Connected to x.x.x.x.
Escape character is ‘^]’.
HEAD /trace.axd HTTP/1.0

HTTP/1.1 403 Forbidden
Connection: close
Date: Sun, 06 Apr 2008 04:08:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2062

Connection closed by foreign host.

ps: ASP.NET provides trace functionality which aids debugging process and allows diagnostic information about a single request for an ASP.NET page to be viewed. Debug statements can be directly written in the code without having to remove them from the application when it is deployed to production servers.

‘Need For Speed’ – Shutting Down Windows Faster

At times, Windows can be reacting slow when handling hung applications and shutting down. Here are some of the tweaks, in which by modifying the value of some of the Registry Keys, it would speed up force-closing the applications and shutdown:

1. To speed up shutting down your Windows –

HKEY_CURRENT_USER/Control Panel/Desktop
double click WaitToKillAppTimeout
modify the value to something like 1000 or 2000 (measured in milliseconds)

2. To enable end running tasks automatically at shutdown –

HKEY_CURRENT_USER/Control Panel/Desktop
double click AutoEndTasks
modify the value from 0 to 1

3. To reduce the time of waiting before forcing hung applications to close -

HKEY_CURRENT_USER/Control Panel/Desktop
double click HungAppTimeout
modify the value to something like 2000

4. To speed up closing slow-ending services –

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control
double click WaitToKillServiceTimeout
modify the value to 1000

* Getting to the Registry Editor
In Windows XP – Start > Run, type ‘regedit’, press Enter
In Windows Vista – Press the Windows key, type ‘regedit’, press Enter

** Go to HKEY_USERS/.DEFAULT/Control Panel/Desktop to change the value data of WaitToKillAppTimeout and HungAppTimeout should you would like to apply the changes to all users on the machine.

What Is lsass.exe

My firewall is always asking my permission to allow a program named as ‘lsass.exe’ to access the internet. So it has come to my concern what exactly this program is.

After some kind of research, I’ve found out that is a system process of the Windows security mechanisms called Local Security Authority Service. This program specifically handle the local security policy on the system. It is a Windows critical process that verifies users logging on to a Windows computer or server, deals with password changes, and creates access tokens. It also writes to the Windows Security Log.

An significant note about this program is it shouldn’t be terminated due to it importance for the stable and secure running of the computer.

The other issue is viral infection issue. There are some other malicious program out there named exactly or similarly to the name of lsass.exe. Under normal circumstances, the lsass.exe program should reside in the folder C:\Windows\System32. However in the other events that lsass.exe appears to be a virus, spyware, trojan or worm, most probably it will rest in the other location of your system. Take note that some viruses tend to fool people eyes by called something like ‘Isass.exe’. Lsass.exe (lsass) and Isass.exe (isass) is not the same but looks like same. They can be mixed up and confuse people. Well, the conclusion is: lsass is good, isass is bad.

As mentioned above, a completely innocent system process and a dangerous virus might come with exactly the same name. Fear not but keep your eyes open. Virus removal information can help determining whether you’re dealing with fake lsass.exe or not.

Another method of determining whether the program is a kind one, simply use Windows Explorer to check the date of the file against other files in C:\Windows\System32. If you find lots of files with the same date it usually means it’s a required Windows file.

Powered by ScribeFire.

Convert Files To PDF Online

If you don’t have access to the right desktop software, a few webapps will convert files to PDF and email you the result. Web site PDF Online lets you convert a bevy of document types to PDF online, sending the resulting PDF to your email address as an attachment.

Somewhat disappointingly, PDF Online doesn’t convert web pages by URL, but if you’re looking for something along those lines, check out previously-posted RSS 2 PDF. It is a free online service that lets you turn an RSS or OPML newsfeed into a PDF. It’s lightning fast and creates a very readable and nicely formated PDF for your offline reading pleasure.

Powered by ScribeFire.

SQSH – MsSQL CLI Query Tool

SQSH (pronounced skwish) is short for SQshelL, a wonderful shell prompt for MsSQL due to the fact that it is Open Source, useful debugging tool and its interactive shell allows you to pipe the output of the SQL queries directly to other Unix commands for further processing. Essentially, it is a command-line interface tools for you to issue Transact-SQL commands to a ASE (Adaptive Server Enterprise) server and receiving and displaying results.

To get started, let’s go through some fundamental process which is installing SQSH. It is available at http://www.sqsh.org or SourceForge. We’re going to build it from source, although there are some binary packages available on the site. We are building version 2.1. Untar the package, cd sqsh-2.1. Then:

host@machine [501]$ export SYBASE=/usr/local/freetds
host@machine [502]$ ./configure
–snip–
host@machine [503]$ make
–snip–
host@machine [504]$ su
Password:
root@machine [505]# make install
–snip–
root@machine [506]# ls -l /usr/local/bin/sqsh
-rwxr-xr-x 1 root root 287 May 22 13:25 /usr/local/bin/sqsh
root@machine [507]# ls -l /usr/local/bin/sqsh.bin
-rwxr-xr-x 1 root root 651472 May 22 13:25 /usr/local/bin/sqsh.bin

Next, we are gonna to start using the tool by issuing some simple commands. For example, login to the SQL server by using this tool.

host@machine [501]$ sqsh -S {system name/IP}:{port num} -U {username} -P {password}

For eg,

host@machine [501]$ sqsh -S 10.0.0.10:1433 -U sa -P sa

This should allow you to login into the SQL server with your privilege. However it is recommended not to include the password in the command line because this grants any other user freedom to be able to discover your password using ps(1). We can supply the password in the other way:

host@machine [501]$ sqsh -S 10.0.0.10:1433 -U sa
sqsh-2.1 Copyright (C) 1995-2001 Scott C. Gray
This is free software with ABSOLUTELY NO WARRANTY
For more information type ‘\warranty’
Password:

–snip–

(7 rows affected)

1> xp_cmdshell ‘date’
2> go

        output
       ————————————————————————
———————————————————————————
———————————————————————————
———————
        The current date is: Fri 21/12/2007

        Enter the new date: (dd-mm-yy)

(2 rows affected)

(2 rows affected)

(2 rows affected)

Powered by ScribeFire.

Configuring TCP/IP Statically in Linux

It has never been too painful for me to setup my IP address and default gateway blah blah blah in my Windows world, however it is not the same case when comes to Linux. Nevertheless, it is relatively easy as well.

Each Linux distro stores their network configuration file in a different location. For instance, Debian keeps the config file that contains the IP information in /etc/network/interfaces. By making changes to the file, we can actually statically changing the TCP/IP information for the workstation. The changes is permanent, that carries the meaning that the changes stay even you reboot your system.

The next method which just give a temporary effect is Command-line Configuration. There are just 2 commands needed in order to make things work:

host:~# ifconfig eth0 {ip add} netmask {subnet mask}
host:~# route add default gw {gateway add}

The first command tells the system to configure Ethernet adapter 0 on your NIC to have {ip add} as the IP address with {subnet mask} as the netmask. The second command configures the gateway of the system. However, it should be noted that the configuration will lose once the device is turned off or reboot.

Lastly, to check whether or not the TCP/IP changes have been made on the NIC, there are 2 commands could be used, depending on your choice:

route

or

netstat -nr

By issuing one of the commands, you can verify whether the changes have take effect with looking at the routing table.

ps: Note that you will need super user privilege in order to perform the configuration. “sudo bash” could be used in some case.

Powered by ScribeFire.

15 Reasons Why Facebook May Be Worth USD$15bn

Microsoft has invested $240m (£117m) in social networking site Facebook in exchange for a 1.6% share of the company. That puts a value of $15bn (£7.3bn) on a firm that has only been in existence three and a half years.

So why does Microsoft think Facebook is worth $15bn? Here are 15 possible reasons….

1. The network has gone viral in the last 12 months, with more than 50 million users worldwide and a user base that is growing faster than great rival MySpace. According to Facebook, it adds 200,000 new users each day.

2. The average user spends 3.5 hours a month on Facebook – more than the average user on rival MySpace – which is increasingly attractive to advertisers.

3. Facebook is the current Web 2.0 darling – popular with ordinary users and “tech heads” alike.

4. US research reveals that Facebook users come from wealthier homes and are more likely to attend college than MySpace users – increasing that attraction for advertisers.

5. Microsoft’s investment makes them a serious player in the growing market of “social advertising”. Social network profiles are full of personal data that users voluntarily hand over, which is very useful for targeting adverts.

6. Sixty percent of Facebook users are outside of the US – so Microsoft’s investment buys access to a global audience quickly and simply.

7. Facebook is the new web: The decision to open up the network to outside developers turned Facebook into a destination for many uses, like messaging, photos and video. Of course, as Facebook is on the web it could never really be the new web.

8. Every major content firm with an online presence is either working on a Facebook application or has already launched one – from Google to the BBC.

9. According to a report, 233 million hours of work are lost each month in the UK due to staff looking at social networks. Advertisers can now target people when at their desks.

10. The openness of Facebook is attracting a wealth of talented developers who can launch their applications to millions of users quickly.

11. Facebook messaging is the new e-mail. Everyone feels stressed from a deluge of e-mail from unwanted people and companies. But Facebook messages are always from friends.

12. Facebook’s “status updates” have become the easiest way to let friends know what you are doing and how you are feeling at any given moment.

13. Facebook thrives on playful applications such as Pirates, Zombies, Super Wall and Top Friends, which have made the network a place to play as well as communicate.

14. Facebook is the acceptable face of blogging – you can reflect your life and personality online without being seen as a “blogger”, which often carries a geeky stigma.

15. Facebook is worth $15bn only because Microsoft says so. The value of Facebook is based on a 1.6% share of the firm being worth the $240m Microsoft paid for it. Microsoft and Google were in a bidding war for a slice of the firm and both companies have large pockets. This was not just business, this was personal, according to some analysts.

Powered by ScribeFire.

STOP Your Negative Thoughts

“What we focus on, we empower and enlarge. Good multiplies when focused upon. Negativity multiplies when focused upon. The choice is ours: Which do we want more of?”
- Julia Cameron

Negative thinking can make all sorts of things incredibly difficult. It is like a leak in your confidence bucket – constantly drip-drip-dripping away your confidence and self esteem. At the same time, it will sabotage your self belief and your achievements too. And we need to know that negative thoughts are not reserved for just a few people or situations. Everyone is plagued by negative thoughts at one time or another.

Research shows that people who receive positive distractions for just eight minutes show a remarkable change in their moods and in breaking the cycle of repetitive thought. So, next time you catch yourself repeating the same negative thoughts over and over in your mind, use the STOP acronym:

1. S – Say the word STOP!
Interrupt your internal destructive thoughts. Tell yourself firmly to “STOP” over thinking. Be strict, and don’t let them intrude on your thoughts. It also might be helpful to visualize a box to place all your negative thoughts in, which you may open at a later date or time.

2. T – TAKE a break!
Take a deep breath. Then, take a break. Go for a walk or a hike, read a great book, listen to your favorite music. Do something to take your attention away from over thinking, and if possible, change the environment.

3. O – Focus on the OUTCOME!
Focus on the OUTCOME of your goals. Affirm why you are committed to your goals. The way we feel and what we experience in our body comes from what we focus our attention upon during a given moment. And at any moment, we are “deleting” most of what is going on around us. That is, to feel bad, we have to delete (not focus on, not think about) everything that’s great in our life. And vice versa. For us to feel good, we have to delete the things we could feel bad about.

4. P – PRAISE yourself!
PRAISE and acknowledge yourself for the progress you are making. Remember, you’re looking for progress, not perfection! Give yourself a reward every time you’re successful with overcoming negative thoughts.

Remember, you are what you think!

Powered by ScribeFire.