Input Validation Attacks

Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-

1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.
To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.
Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80
This sends a string of 500 “a” characters for the user value to the login.php file.
Buffer overflow can be tested by sending repeated requests to the application and recording the server's response.

2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-
/menu.asp?dimlDisplayer=menu.asp
/webacc?User.asp=login.htt
/SWEditServlet?station_path=Z&publication_id=2043&template=login.tem
/Getfile.asp?/scripts/Client/login.js
/includes/printable.asp?Link=customers/overview.htm

3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc.
We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
http://website/inc/errors.asp?Error=Invalid%20password
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
http://website/inc/errors.asp?Error= That is, place the script tags on the URL.

4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.
The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports' or 1=1--

Troubleshoot – Computer Restarts at Windows XP Loading Screen

One of my friend’s laptop recently got this strange problem of restarting at the windows loading screen. Now this was a unique problem since I couldn’t tweak any of the windows settings without first getting into it, and in this case, this was impossible. After a few hours of research I concluded that the trouble is caused by damaged kernel32.dll file, so I simply extracted a new copy of kernel32.dll from the windows xp cd to my friend’s laptop and it started working fine again. Here’s a step by step procedure to do the same-

1. Start the recovery ronsole from the windows boot options menu. If you don’t have the recovery console installed, then start the recovery console from windows xp cd, like this,

a. Insert the windows xp cd into the cd drive and restart the computer to boot from this cd.

b. Follow all the prompts during the text based part of the windows xp setup. Choose recover or repair option by pressing R.

c. Type the administrator’s password when prompted.

2. Now you will be at command prompt. Type cd system32 and press enter

3. Then type ren kernel32.dll kernel32.old and press enter

4. Now type map and then press enter.

5. Now note the drive letter that is assigned to assigned to the cd drive that contains the windows xp cd. It will be displayed in a format similar to this,

D:\Device\CdRom0

6. Type

Expand D:\i386\kernel32.dl_

where D is the drive letter of the cd drive that contains the windows xp cd. This may be different for your computer. See the output of step 5 to find out what is the drive letter for your computer. (Also, note the underscore character after the “l” in kernel32.dl_)

The following message will be displayed after the above command,

Kernel32.dll, 1 file(s) expanded.

7. Type exit to restart the computer.

Hopefully this will solve the problem of computer restarting at the loading screen. If not, then use comments below to post your special case.

Increase Life Span of Your Laptop’s Battery With Proper Calibration

The life of the laptop’s battery depends upon multiple factors. One of the most important factor is the system you follow to charge the battery and how it gets discharged. Its like memory in the battery. The battery retains your habits of charging/discharging and after some time, it is never fully charged or discharged.

For instance, you will notice that when you purchased the laptop the battery lasted for around 2 hours, but now it lasts only for around 45 minutes. This is because, you probably keep the laptop connected to power cable for long intervals of time and the battery has forgotten its ability.

To restore its capability a complete charge and discharge cycle is required. This is called battery calibration. You should calibrate your laptop’s battery at least once in a month to prolong its life and mileage.

How to Calibrate Laptop’s Battery

1. First charge the laptop’s battery to 100%.

2. Assuming that you are on windows, Go to Control Panel > Power Options. Now change the hibernation settings such that the laptop auto hibernates when the battery level reaches 4%.

3. Now use the laptop normally until it auto hibernates.

4. Now leave the laptop alone for at least 5-6 hours.

5. After this, charge the battery again to 100%.

That’s it. Calibrate your laptop’s battery once every month to increase its life span.

Important Note - This method of calibration works only if your laptop uses Ni-MH cells in the battery. If your laptop uses Li-Ion battery, then DON’T USE this method as it will decrease the life span of your Li-Ion battery. Check your laptop’s manual to find out the battery type.

How To Turn Off Laptop’s Monitor Without Affecting Any Running Programs

Its almost impossible to turn off laptop’s monitor without putting it into hibernate/standby mode. But the problem with this is that you can’t run any programs while in hibernate or standby mode. So, how to turn off laptop’s monitor without affecting any running programs?

Use MonPwr Utilty

MonPwr is a freeware utility that lets you turn off your Laptop’s monitor. You just need to click a button and the monitor will turn off. To turn it on again, press space or enter key. When you turn off the monitor using MonPwr, the processes running in the background are not affected. The current version of MonPwr is compatible with all versions of Windows.

Download MonPwr

Use Dark – A Light System Tray App

Dark is a small and lightweight application that lets you turn off your laptop’s monitor by double clicking its icon in the system try (or notification area).

Its an open source application which is written using .NET platform. Its compatible with Windows XP and Windows Vista.

Download Dark

Conclusion

You can use any of the above tools to turn off your laptop’s monitor. Unfortunately both these application work only if your laptop is running Windows OS. If you know about any similar app that works on Linux or Mac, then do let me know using the comment form below.

Enjoy!

Two Ways to View All the Passwords Stored in Firefox

Whenever you type a password in a web form, for instance, while logging into Gmail, firefox prompts to ask you if you’d like to store this password,

If you click on the Remember button, firefox remembers your password and auto fills it the next time you open the same web page. But do you know that it is very easy to view all these passwords in plain text format. So, anybody with physical access to your computer can easily crack (read?) all your passwords. Following are two ways to do this-

1. This method doesn’t require any third party software. Simply open the firefox and go to Tools -> Options , and click on the security tab. Under this tab click on the Saved Passwords button.

Now, in the saved passwords window, click on Show Passwords button. You’ll instantly see all the password saved by you in the firefox.

This method displays passwords stored only by the current profile of firefox. If you want to see the passwords by another profile, then start firefox with that profile, or use the second method.

2. This method is even more scary. You will be able to view all the passwords stored by all the profiles of firefox, from the same window.

This method involves use of PasswordFox. This is a small program which doesn’t even needs installation. Simply download it from here, and run the executable PasswordFox.exe. The main window of the program will instantly display all the usernames and passwords stored by firefox.

To view the passwords stored by other profiles, click on the folder icon on the program window, then click on the browse profile folders button and choose appropriate profile.

So, next time, think twice before clicking on the Remember button.

Find all the passwords stored in Google chrome

Nirsoft has released a great tool using which you can view all the usernames and passwords stored in Google chrome for your website logins. Just download chromepass, and simply run the executable file. No installation is required. On running chromepass, it displays origin URL, action URL, username field, password field, username, password, and the time at which this information was stored in chrome.

Get all passwords stored in chrome!

To export any one or more items from this output, simply select them and save them as plaintext, html or xml file or you can simply copy them to clipboard. Currently only windows version of chromepass is available.

Running chromepass on command line

You can also use chromepass on command line. Following is the complete list of commands supported.

/stext Save the list of passwords into a regular text file.

/stab Save the list of passwords into a tab-delimited text file.

/scomma Save the list of passwords into a comma-delimited text file.

/stabular Save the list of passwords into a tabular text file.

/shtml Save the list of passwords into HTML file (Horizontal).

/sverhtml Save the list of passwords into HTML file (Vertical).

/sxml Save the list of passwords to XML file.

Translating ChromePass to other languages

You can also translate chromePass to languages other than English using the following process,

Step 1. Run chromePass on commandline with /savelangfile parameter like this,

ChromePass.exe /savelangfile

doing this will create ChromePass_lng.ini folder where chromepass.exe is located.

Step 2. Open ChromePass_lng.ini in notepad or in any other text editor.

Step 3. Now translate all the strings in this file to desired language using any online translation tool.

Step 4. After the translation, simply run chromepass again, all the translated strings will be automatically loaded into it.

If for some reason, you don’t wan’t this translation again, simply delete or move ChromePass_lng.ini.

You can download chromepass here.

That’s it. Enjoy!

Enable Select, Copy and Printing on Restricted PDF Documents

You must have come across pdf files that are distributed with restrictions such as the following,

• You cannot select text from the pdf file.
• You can’t copy text from the file even though you can select it.
• You can’t print the pdf document.

These restrictions are implemented by the pdf creators to protect their work from content thieves. However, these restrictions are really annoying sometimes. You can easily remove all these restrictions using this free web based tool, pdfpirate.

How to Remove Restrictions From PDF Documents Using PDFPirate

1. Go to pdfpirate and upload the pdf document that is restricted.

2. Now pdfpirate will scan the document and all the restrictions from the pdf file will be removed instantly. You can then download the pdf document.

That’s it. Note that pdfpirate won’t work on password protected pdf files.

Enjoy!

Folder Lock Without Any Software

Here is a cool hack by which you can lock and unlock any files and folders on windows without installing any software.

Copy the code provided below exactly (including ** line) and paste it into notepad (start-> run-> Notepad.exe). Save as protect.bat (file->save as) and exit notepad. Double click on protect.bat and you will see a new folder on your desktop called “Locker”. Copy all the files you need to be hidden there. Double click on protect.bat again, and it will ask you if you want to hide the folders, type in y and press Enter. To unhide, double click protect.bat, type in your password and press enter…

That’s it!

Following is the code you’ll need to this stuff,

cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho:"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass:"
if NOT %pass%== type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

Important Note- In the above code, edit the line-

if NOT %pass%== type your password here goto FAIL

as

if NOT %pass%== thisIsMyPassword goto FAIL

Update - Check out the following video tutorial that illustrates this trick,

Important Security Note – This is not a good method to secure sensitive data. If you want to keep the data away from the reach of your kid sister, then this can be a good method but it does not provide any security against people with good knowledge of programming. So if you actually want to be sure that no one can ever access the data that you lock, then please use some good software for the purpose. See the softwares section for reviews of some good folder lock softwares.

2 Methods to Password Protect Image Files

If you need to share a private image online and you are concerned that it may get leaked, then you can password protect the file before sharing it with anyone. Then even if it gets leaked, unauthorized people will be unable to see the image until they know the password. Following are two methods to password protect image files-

Create a Password Protected Archive File With the Image in it

This is an obvious solution. Just compress the image file and password protect the archive file. You can easily do this with Winrar. Assuming that you have already installed Winrar, you can follow the steps below to create a password protected image file.

1. First right click on the image file and click on Add to archive.

2. Click on the Advanced tab in the Winrar window. Then click on the Set Password button. Enter the password and click ok.

Then press ok again to create the archive file. That’s it. The resulting archive file will be protected with the password you provided in the second step above.

Use Lock Image to Create Password Protected Exe File From Image

Lock Image is an open source tool that converts and image into exe file. The exe file contains the image file which can be seen by entering the correct password. This tool is portable which means that you don’t have to install it and you can carry it in your pen drive with you. Here’s the procedure to create password protected image files using Lock Image,

1. Download Lock Image (the LockImage-0.1-bin.zip file) from this page. Extract the zip file and simply double click on it to launch Lock Image.

2. To password protect any image, just drag it into the application’s window. Then go to File > Save, enter the file name and click on the Save button. At this point the password window will appear,

Enter the appropriate password and press ok. That’s it. The program will generate an executable file which will ask for password to show the embedded image.

Which Method is Better?

Which of the above methods is better to protect images? Well, it depends upon your requirements. For instance, if you need to share the protected image over email then it will not work because most email programs block exe files. Another disadvantage of second method is that you can’t open an exe file on Linux and Mac operating systems. So, in my opinion creating a password protected compressed file is better option. What do you think?

OPEN YOUR CD DRIVE EASILY

Hi friends this freeware will be very useful to all of you.

If your tray button is not working then you use a pin to open the drive but it is not very convenient to use the pin every time.

So you can use OCTray to open your drive easily.

OCTray is a Freeware using which you can easily open/close your CD/DVD drive.

Double click on the exe file . Doing this will open a window after which you can open your drive by pressing O and close it using C on the keyboard. so easy to use!!!!

OCTray1

Or you can simply double click on the icon in the taskbar and select Open or Close from the context menu.

Download OCTray

Note:
If there is a problem with your hardware then you can’t eject your tray even by using this utility.

Now Check PNR Status With SMS

A few years ago, you had to go to the railway counter to find out the status of your reserved ticket or to find out about the schedule of trains. Then the whole railway system got computerized and you could check all the information related to any train or reservation, directly from your computer. Now Southern Railway has taken it to one step further. It recently introduced a new SMS service for railway ticket related enquirers. You can easily check the PNR status of a reserved ticket simply by sending as SMS. A release from southern railways said,

As part of the efforts by Southern Railway to assist passengers in obtaining train-related information, specifically reservation status of tickets, provision has been made to disseminate information through SMS.

To check the PNR status of a ticket, type PNR followed by your 10 digit PNR number, like this,

PNR1234567890

and send the SMS to 139.

This service is available for all mobile service providers except BSNL and Reliance.

Other than checking the PNR status of a ticket, you can also call to this number to get all the information related to a specific train. Also, the call made to this number (139) is treated as a local call throughout the country.

Enjoy!

Send Free SMS Without Any Ads Using Yahoo Mail

It is very easy to send free sms without any advertisements using yahoo mail’s inbuilt chat system. Following is the detailed tutorial on sending ad free sms using yahoo mail -

1. Log into yahoo mail. Then sign into the yahoo mail in built chat feature. To do this, click on the status message (It is next to your welcome message, say, Hi Chris) on the top left part of the yahoo mail interface and choose Available.


2. Click on New -> Text Message(SMS) or simply press t, to open the conversation tab.

3. Type the mobile number of your friend in the the text box. Yahoo will automatically start suggesting the number if it is already added in your contacts, like this,

If it doesn’t suggests anything then it means that the number is not in your contacts. But it doesn’t matter if the receiver is in your contacts or not. Just type the phone number and message, and click on send. Your sms will be sent immediately.

Note 1 - Don’t forget to include the area code while typing the phone number.

Note 2 - The maximum length for a sms is 158 characters which includes spaces as well. It is actually a short messaging service.

Note 3 - This feature is free but you can send maximum five messages to a person until he replies. The quota for the five messages starts again once the contact replies you. The replies will be available in the conversation area, like this,

Note 4 - The pricing of replying to a message depends on your mobile service provider.

Note 5 - At the time of writing, this service is available only in India, Philippines, Canada, India, Indonesia, Vietnam, U.S. and Malaysia.

Note 6 - In India, the following operators are supported,

• Airtel
• Hutch
• Reliance CDMA
• Reliance GSM
• Tata
• Spice
• Idea
• MTNL
• Aircel
• BPL

That’s it. Enjoy!