9lessons Programming Blog - Tutorials about Angular, ReactJS, PHP, MySQL and Web Development
Tuesday, December 16, 2008

10 Free Hacking Tools



Great Free Hacking Softwares? take a look at this list with some of my favourite hacking tools which you can download and use it carefully.




1. Nmap Security Scanner
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts areRead more...



2. Tor:anonymity online
Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Read more...


3. Net
Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.Read more...


4. sol Editer
A flash hacking alternative to variable editing and cheat engine, you can change values saved by the game in a “.sol” file. You will find the .SOL files in x:\Documents and Settings\[account-name]\Application Data\Macromedia\Flash Player\#SharedObjects\ followed by the name of the website. If the game was running from your computer, the .SOL will be in the “localhost” folder. Replace ‘x’ with your main drive, the one with your OS, and the account-name with the currently logged in user.Download...


5. Cain & Abel
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any softwareRead more...


6. Wireshark
Network protocol analyzer for Windows and Unix that allows examination of data from a live network, or from a capture file on diskRead more...




7. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).Read more...


8. DollarDNS Whois
DollarDNS Whois Direct allows users to make advanced WHOIS queries against a domain, including raw queries Read more...


9. Firebug
Firebug integrates with Firefox to put a wealth of web development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, JavaScript, and network activity live in any web page.Download...

10. Tamper Data
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters... Download...


11. Add N Edit Cookies
Cookie Editor that allows you add and edit "session" and saved... Download..

Note : Most of the Anti-virus detect as a Trojans or Malwares.
Previous Topic :Hack your Own Web Project ? SQL Injection


Related Post
'Onion Routing' Anonymous Network
Make Windows Genuine
Hacking Algorithm
Monday, December 15, 2008

Hack your Own Web Project ? SQL Injection

Are you looking for some useful tips to improve your web projects security? In this post I suggest you some interesting points about this topic.

Hacking is very interesting topic you can improve programming skill.

SQL Injection

SQL Injection like this

Login Java Code

String userid = request.getParameter("userid");
String password = request.getParameter("password");
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
connection = DriverManager.getConnection("jdbc:odbc:projectDB");

query = "SELECT * FROM Users WHERE user_id ='" + userid + "' AND password ='" + password +"'";

PreparedStatement ps = connection.prepareStatement(query);
ResultSet users = ps.executeQuery();

if(users.next()){

//some thing here
}
else{

}
Injection Works like this
query = "SELECT * FROM Users WHERE user_id ='' OR 1=1; /* AND password ='*/--'";

Login PHP Code;
Username = ' OR 1=1;//
Password = ....
$myusername=$_POST['usr'];
$mypassword=$_POST['pwd'];

$sql="SELECT * FROM users WHERE user='$myusername' and password='$mypassword'";

$result=mysql_query($sql);
$count=mysql_num_rows($result);

if($count==1){

//some code
}
else {

}
Injection Works like this
$sql="SELECT * FROM users WHERE user=''OR 1 = 1;//' and password='....'";

How to avoid these mistakes Use addSlashes() function adding slashes(/) to the string in java and php

//Java Code
addSlashes(String userid);

// PHP Code
$myusername=addslashes($_POST['usr'];);
Hacker is intelligent than programmer. So always hide the file extension (eg: *.jsp,*.php,*.asp).

http://xyz.com/login.php to http://xyz.com/login
http://xyz.com/login to http://xyz.com/signin.do
In Java redirect this URL links using Web.xml file and inn php write .htaccess file in root directory.

My Best Hacking Training Site Hackthissite.org

Hacker's Game full control with Unix based commands. Play and learn many more hacking things
Tuesday, November 18, 2008

Delicious Database Design: create tables and relationships with SQL

In the previous lesson we have seen how to design the relationship-entities model for a database to be used in a del.icio.us-like web site project. Our R-E model is:



Now we implement the database using SQL and phpMyAdmin. We crate a new database on phpMyAdmin and select the "SQL" tab. Copy and paste this SQL code into the form and click on execute button:


CREATE TABLE USER (
user_id_pk INT NOT NULL AUTO_INCREMENT,
user_name VARCHAR(40),
email VARCHAR(40),
password VARCHAR(20),
user_date DATE,
PRIMARY KEY (user_id_pk)
) TYPE=INNODB;

CREATE TABLE SITE (
site_id_pk INT NOT NULL AUTO_INCREMENT,
url VARCHAR(250),
description LONGTEXT,
share_data DATA,
PRIMARY KEY
) TYPE=INNODB;

CREATE TABLE SHARE (
share_id_pk INT NOT NULL AUTO_INCREMENT,
user_id INT NOT NULL,
site_id INT NOT NULL,
submitted_by INT NOT NULL DEFAULT 0,
PRIMARY KEY (share_id_pk),
FOREIGN KEY (user_id) REFERENCES USER(user_id_pk) ON UPDATE CASCADE ON DELETE CASCADE,
FOREIGN KEY (site_id) REFERENCES SITE(site_id_pk) ON UPDATE CASCADE ON DELETE CASCADE
) TYPE=INNODB;


Create Relationships
To create relationships between database's table (for example between SHARE table and the other tables) you have to use the SQL code below:

FOREIGN KEY (attribute_name_1) REFERENCES tableOfReference(attribute_name_2)


where attribute_name_1 is the foreign key (generally, a field of type INTEGER)a and attribute_name_2 the primary key of the table of destination.

To force the referencial integrity between the data of database, you have to add this code:

ON UPDATE CASCADE ON DELETE CASCADE


Our database is now ready and we can implement it using JSP, PHP and MySQL
Tuesday, November 18, 2008

Delicious Database Design: relationships

This lesson explains how to project a typical relationships-entities model for a database to be used in our web projects. My approach is:

1. Define database entities (tables)
2. Identify attributes for tables
3. Define relationships and cardinality between the instances (records) of tables.

Step 1: define database entities
The first step when you project a database is to identify all entities (tables). For example if we want to project a simplified del.icio.us-like web site, our database will have these entities:

1. - USER (to store data about users, email, password, nickname,...)
2. - SITE (to store data about the sites added by the users)


These are only the main entities required from our project but, take a mind, that we will add other tables to store data about relationships between istances (records) of these tables in case of cardinality (M:M), many to many (see Step 3).

Step 2: define attributes
The next step is to define attributes for the tables USER and SITE. In this semplified example we will have something like this:

USER
-----------
user_id_pk (Primary Key)
user_name
email
password
user_data (user signup date)


SITE
-----------
site_id_pk (Primary Key)
url
description
share_user (total number of users that share a site)


Step 3: define database relationships
Our simple application del.icio.us-like works in this way: an user add a site that can be shared by other users. The relationship's cardinality between USER table and SITE table is:


USER > SITE (M:M) - Many to Many (an user can add many sites).
SITE > USER (M:M) - Many to Many (a site can be shared by many users).


In this case ( cardinality M:M) we have to add a new table (SHARE) that contains all possible combination between all instances of USER table and SITE table . In this new table, SHARE, to identify an user that share a site added by another user or by itself, we will add two Foreign Key:


SHARE
-----------
share_id_pk (Primary Key)
user_id (Foreign Key > USER)
site_id (Foreign Key >SITE)
submitted_by (boolean: flag only if the current user has submitted the site)




Implement your database using SQL
Now, our database is ready to be implement with a DBMS (for example using MySQL). The next lesson will explains how to implement this database using SQL language.
Next Lessons:Create Tables and Relationships with SQL
Tuesday, November 11, 2008

What is an Object? - Easy Lesson

Before the development of Object Oriented programming, the variables were considered as isolated entities. For example, suppose a program needs to handle data in car manufacturing company, here testing the cars having number, Color, Speed. Three separated variables will be declared for this.

int number,speed;
String color;



These two statements do two things:
1)It says that the variable number and speed are integers and color is a string variable.
2)It also allocates storage for these variables.

This approach has two disadvantages:
If the program needs to keep track of various cars records. There will be more declarations that would be needed for each car, for example.

int number1,speed1;
String color1;

int number2,speed2;
String color2;

This approach can become very cumbersome.
The other drawback is that this approach completely ignores the fact that the three variables number,speed and color, are related and are a data associated with a single car.
In order to address these to drawbacks java use a class to create new types. For example to define a type that represents a car, we need storage space for two integers and a string. this is defined as follows:

class Car
{
int number;
int speed;
String color;
}

A variable can be declared as of type car as follows:

Car c,c1;

The car variables of this class(number,speed and color) can be accessed using the dot(.) operator.

Creating an Object
The allocaton of memory of the reference type does not happen when the reference types are declared, as was the case of the primitive types, Simple diclaration of Non-primitive types does not allocate meomory space for the object.


In fact, a variable that is declared with a class type is not the data itself, but it is a

reference to the data, The actual storage is allocated to the object as follows.

Car c;
c=new Car();

The first statement just allocates enough space for the reference. The second statement allocates the space, called an Object, for the two integers and a string. After these two statements are executed, the contents of the Car can be accessed through c.

Example using Object.

Let us now write a example that creates an object of the class Car and display the

number,speed, etc....

class Car
{
    int number;
    int speed;
    String color;

    void print_Number()
   {
    System.out.println("Car Number = " + number);
    }

    void print_Speed()
   {
    System.out.println("Car Speed = " + speed);
    }

    void Stop()
    {
    System.out.println("Car Stopped");
    }

    void Horn()
    {
    System.out.println("Hooooooo.......rn");
    }

    void Go()
    {
    System.out.println("Car Going");
    }
}


public class Object_Car
{
    public static void main(String args[])
   {
    Car c;
    c=new Car();
    c.number=401;
    c.speed=90;
    c.print_number();
    c.print_speed();
    c.Horn();
    c.Stop();

    Car c1;
    c1=new Car();
    c1.number=402;
    c1.speed=80;
    c1.print_number();
    c1.print_speed();
    c1.Go();
    c1.Horn();

    }
}

Output:
>javac Object_Car.java
>java Object_Car

Car Number = 401
Car Speed = 90
Car Stopped
Hooooooo.......rn

Car Number = 402
Car Speed = 80
Hooooooo.......rn
Car Going

Do you have an Information? Add a comment with you link!
Sunday, November 09, 2008

Creative way to Explain Technology in Videos.

Are you looking for a easy way to understand technology? This videos is an usefull inspiration.


Yesterday I was looking for something interseting and original to make a short video clips to explain RSS technology. So i find on Youtube stunning videos of Common Craft.



RSS : Really Simple Syndication

Twitter.com : Free social networking and micro-blogging service.
del.icio.us : Social Bookmarking


Do you have an video presentations? Add a comment with you link!
Thursday, November 06, 2008

The President Obama's First Speech

“We the people, in order to form a more perfect union."

Two hundred and twenty one years ago, in a hall that still stands across the street, a group of men gathered and, with these simple words, launched America’s improbable experiment in democracy. Farmers and scholars; statesmen and patriots who had traveled across an ocean to escape tyranny and persecution finally made real their declaration of independence at a Philadelphia convention that lasted through the spring of 1787.




The document they produced was eventually signed but ultimately unfinished. It was stained by this nation’s original sin of slavery, a question that divided the colonies and brought the convention to a stalemate until the founders chose to allow the slave trade to continue for at least twenty more years, and to leave any final resolution to future generations.

Of course, the answer to the slavery question was already embedded within our Constitution — a Constitution that had at is very core the ideal of equal citizenship under the law; a Constitution that promised its people liberty, and justice, and a union that could be and should be perfected over time.

And yet words on a parchment would not be enough to deliver slaves from bondage, or provide men and women of every color and creed their full rights and obligations as citizens of the United States. What would be needed were Americans in successive generations who were willing to do their part — through protests and struggle, on the streets and in the courts, through a civil war and civil disobedience and always at great risk — to narrow that gap between the promise of our ideals and the reality of their time.

This was one of the tasks we set forth at the beginning of this campaign — to continue the long march of those who came before us, a march for a more just, more equal, more free, more caring and more prosperous America. I chose to run for the presidency at this moment in history because I believe deeply that we cannot solve the challenges of our time unless we solve them together — unless we perfect our union by understanding that we may have different stories, but we hold common hopes; that we may not look the same and we may not have come from the same place, but we all want to move in the same direction — towards a better future for of children and our grandchildren.

This belief comes from my unyielding faith in the decency and generosity of the American people. But it also comes from my own American story.

I am the son of a black man from Kenya and a white woman from Kansas. I was raised with the help of a white grandfather who survived a Depression to serve in Patton’s Army during World War II and a white grandmother who worked on a bomber assembly line at Fort Leavenworth while he was overseas. I’ve gone to some of the best schools in America and lived in one of the world’s poorest nations. I am married to a black American who carries within her the blood of slaves and slaveowners — an inheritance we pass on to our two precious daughters. I have brothers, sisters, nieces, nephews, uncles and cousins, of every race and every hue, scattered across three continents, and for as long as I live, I will never forget that in no other country on Earth is my story even possible.

It’s a story that hasn’t made me the most conventional candidate. But it is a story that has seared into my genetic makeup the idea that this nation is more than the sum of its parts — that out of many, we are truly one.

Throughout the first year of this campaign, against all predictions to the contrary, we saw how hungry the American people were for this message of unity. Despite the temptation to view my candidacy through a purely racial lens, we won commanding victories in states with some of the whitest populations in the country. In South Carolina, where the Confederate Flag still flies, we built a powerful coalition of African Americans and white Americans.

This is not to say that race has not been an issue in the campaign. At various stages in the campaign, some commentators have deemed me either “too black” or “not black enough.” We saw racial tensions bubble to the surface during the week before the South Carolina primary. The press has scoured every exit poll for the latest evidence of racial polarization, not just in terms of white and black, but black and brown as well.

And yet, it has only been in the last couple of weeks that the discussion of race in this campaign has taken a particularly divisive turn.

On one end of the spectrum, we’ve heard the implication that my candidacy is somehow an exercise in affirmative action; that it’s based solely on the desire of wide-eyed liberals to purchase racial reconciliation on the cheap. On the other end, we’ve heard my former pastor, Reverend Jeremiah Wright, use incendiary language to express views that have the potential not only to widen the racial divide, but views that denigrate both the greatness and the goodness of our nation; that rightly offend white and black alike.

I have already condemned, in unequivocal terms, the statements of Reverend Wright that have caused such controversy. For some, nagging questions remain. Did I know him to be an occasionally fierce critic of American domestic and foreign policy? Of course. Did I ever hear him make remarks that could be considered controversial while I sat in church? Yes. Did I strongly disagree with many of his political views? Absolutely — just as I’m sure many of you have heard remarks from your pastors, priests, or rabbis with which you strongly disagreed.

But the remarks that have caused this recent firestorm weren’t simply controversial. They weren’t simply a religious leader’s effort to speak out against perceived injustice. Instead, they expressed a profoundly distorted view of this country — a view that sees white racism as endemic, and that elevates what is wrong with America above all that we know is right with America; a view that sees the conflicts in the Middle East as rooted primarily in the actions of stalwart allies like Israel, instead of emanating from the perverse and hateful ideologies of radical Islam.

As such, Reverend Wright’s comments were not only wrong but divisive, divisive at a time when we need unity; racially charged at a time when we need to come together to solve a set of monumental problems — two wars, a terrorist threat, a falling economy, a chronic health care crisis and potentially devastating climate change; problems that are neither black or white or Latino or Asian, but rather problems that confront us all.
Tuesday, November 04, 2008

The Stock Market Story

There were 3 citizens living on this island country. "A" owned the land. "B" and "C" each owned 1 dollar.

"B" decided to purchase the land from "A" for 1 dollar. So, "A" and "C" now each own 1 dollar while "B" owned a piece of land that is worth 1 dollar.

The net asset of the country = 3 dollars.

"C" thought that since there is only one piece of land in the country and land is non producible asset, its value must definitely go up. So, he borrowed 1 dollar from "A" and together with his own 1 dollar, he bought the land from "B" for 2 dollars.

"A" has a loan to "C" of 1 dollar, so his net asset is dollar.
"B" sold his land and got 2 dollars, so his net asset is 2 dollars.
"C" owned the piece of land worth 2 dollars but with his 1 dollar.
debt to "A", his net asset is 1 dollar.
he net asset of the country = 4 dollars.

"A" saw that the land he once owned has risen in value. He regretted selling it. Luckily, he has a 1 dollar loan to "C". He then borrowed 2dollars from "B" and acquired the land back from "C" for 3dollars. The payment is by 2 dollars cash (which he borrowed) and cancellation of the 1 dollar loan to"C".
As a result, "A" now owned a piece of land that is worth 3 dollars.
But since he owed "B" 2 dollars, his net asset is 1 dollar.
"B" loaned 2 dollars to "A". So his net asset is 2 dollars.
"C" now has the 2 dollars. His net asset is also 2 dollars.

The net asset of the country = 5 dollars. A bubble is building up.

"B" saw that the value of land kept rising. He also wanted to own the land. So he bought the land from "A" for 4 dollars. The payment is by borrowing 2 dollars from "C" and cancellation of his 2 dollars loan to "A".
As a result, "A" has got his debt cleared and he got the 2 coins. His net asset is 2 dollars. "B" owned a piece of land that is worth 4 dollars but since he has a debt of 2 dollars with "C", his net asset is 2 dollars.

"C" loaned 2 dollars to "B", so his net asset is 2 dollars.
The net asset of the country = 6 dollars. Even though, the country has only one piece of land and 2 dollars in circulation.

Everybody has made money and everybody felt happy and prosperous.
One day an evil wind blowed. An evil thought came to "C"'s mind.'Hey, what if the land price stop going up, how could "B" repay my loan. There are only 2 dollars in circulation, I think after all the land that "B" owns is worth at most 1 dollar only.
"A" also thought the same.
Nobody wanted to buy land anymore. In the end, "A" owns the 2 dollar coins, his net asset is 2 dollars. "B" owed "C" 2 dollars and the land he owned which he thought worth 4 dollars is now 1 dollar. His net asset become -1 dollar.

"C" has a loan of 2 dollars to "B". But it is a bad debt. Although his net asset is still 2 dollar, his heart is palpitating.

The net asset of the country = 3 dollars again.

Who has stolen the 3 dollars from the country? Of course, before the bubble burst "B" thought his land worth 4dollars.
Actually, right before the collapse, the net asset of the country was 6 dollars on papers. His net asset is still 2 dollar, his heart is palpitating.
The net asset of the country = 3 dollars again.

"B" had no choice but to declare bankruptcy. "C" has to relinquish his 2 dollars bad debt to "B" but in return he acquired the land which is worth 1 dollar now.

"A" owns the 2 coins, his net asset is 2 dollars. "B" is bankrupt, his net asset is 0 dollar. ("B" lost everything) "C" got no choice but end up with a land worth only 1 dollar ("C" lost one dollar) The net asset of the country = 3 dollars. There is however a redistribution of wealth.

END OF THE ANECDOTE

"A" is the winner, "B" is the loser, "C" is lucky that he is spared.

ANALYSIS TIME Few points worth noting:

When a bubble is building up, the debt of individual in a country to one another is also building up. This story of the island is a close system whereby there is no other country
and hence no foreign debt. The worth of the asset can only be calculated using the island's own currency. Hence, there is no net loss.

An over damped system is assumed when the bubble burst, meaning the land's value did not go down to below 1 dollar.

When the bubble burst, the fellow with cash is the winner. The fellows having the land or extending loan to others are the loser.. The asset could shrink or in worst case, they go bankrupt.

If there is another citizen "D" either holding a dollar or another piece of land but he refrained to take part in the game, he will, at the end of the day, neither win nor lose. But he will see the value of his money or land go up and down like a see-saw.

When the bubble was in the growing phase, everybody made money. If you are smart and know that you are living in a growing bubble, it is worthwhile to borrow money (like "A") and take part in the game. But you must know when you should change everything back to cash.
Instead of land, the above applies to stocks as well.


The actual worth of land or stocks depend largely on psychology.
Friday, October 31, 2008

What Web Server Do?

A Web Server takes a Client request and gives something back to the Client.
A web browser lets a user request a resource. The web server gets the request,
finds the resource, and returns something to the Client Sometimes that resouce is an HTML page. Sometimes it's a picture. Or a PDF file(Data). Doesn't matter- the client asks for the resouce and server sends it back.

When we say "server", we mean either the physical machine (hardware) or the web server application (software). Real time example.



Above picture some transaction between Client House and Server House for transportation using Truck(Web Server). Client House need package (Truck Driver taking Request- URL) and pass the information to Server House. In the Server House Workers( Helper - JSP Files, Server side files) load the package into the Truck. It taking back to the Client House.

For Transportation people are using different vehicles(Airbus, Ship, Truck). Same way Web Servers(software) also diffrent products like Tomcate(Open source), Bea Web Logic, IBM Websphere,etc...

When we talk about clients, througn, we usally mean both(or either) the human user and the browse application.

The browser is the piece of software(Firefox or Opera) that knows how to communicate with the server. The browser's other big job is iterpreting the HTML code and rendeing the web page for the user.

HTTP is the protocal Client and Servers use on the web to communicate. The server uses HTTP to send HTML to the client.

The HTTP protocol has serveral methods, but the onew we'll use most often are GET and POST.

GET is te simples HTTP method, and its main job in life is to ask the server to get a resource and send it back. That resource might be an HTML page ,a PDF etc. Doesn't matter. The poing of GET is to Get someting back from the server.

POST is a more powerful request, IT' like a GET plus plus. With POST, we can request something and at the same time send form data to the server.

Web Server softwares having different tree stuctures and defalut port numbers. Weblogic running at http://localhost:7001, Tomcat at http://localhost:8080, IBM Websphere at http://localhost:9080

If you know any information about this topic please comment..

Most Popular Posts

mailxengine Youtueb channel
Facebook and Google Login
Make in India
X