If you would like to avoid being "blue jacked", keep bluetooth turned off, or set your phone's visibility to hidden
Don't want to carry a watch and a phone? Set the screen saver to show date and time, then you can ditch the watch.
]
Save memory when installing apps, by installing over bluetooth. This can be done using the nokia phone suite and a bluetooth serial connection. Only works with .SIS files, so java still has to be sent to the phone, but will save space when using .SIS files.
Operator logos
Use a filemanager like FExplorer or SeleQ to add the folders: "c:/system/Apps/phone/oplogo". Add a .bmp picture to folder "oplogo" and restart your phone! The .bmp picture size needs to be: 97 x 25 pixels
Check if the recepients phone is on
Delivery reports
or
Type *0# your message in the message composer window space then write your message, the recipient will not see the star zero hash bit - just the message When they read it it will relay a message back to your fone showing the time they recieved it.
Friday, February 26, 2010
battery saving
Set the screen saver to a short time out period to prolong battery life.
Tip 4b: Avoid restarting the phone, or repeatedly turning it on and off. This helps increase battery life.
Tip 4b: Avoid restarting the phone, or repeatedly turning it on and off. This helps increase battery life.
check imei number
Type *#06# to display your IMEI serial number, very valuable for the unlocking your phone to other sim cards
battery saving
Save on battery and system memory being used by regulary checking the task manager which can be accessed by holding down the menu button!!
6600 trick
for 6600 users, to format the fone, theres an alternative way. Press and hold <3>, <*> and Call (Send) buttons, then power on fone, keep holding on the 3 buttons, till u come to a format screen. this method ONLY works on 6600, and need not enter the sec code. BUT sec code would be reset to default 12345.
smrtfone trick
Tip 2 : Shit happens, on a smartphone, its inevitable u do something wrong, and tis calls for a format of fone. to format the fone, press *#7370#, then enter the lock code, which is the sec code of the fone. NOTE: batt must b full, else if format is disrupted by low batt, consequences will b disatrous
I heard the code *#7780# works too, pretty much the same i tink
I heard the code *#7780# works too, pretty much the same i tink
mob trick
Tip 1 : Do u know how to use the edit button (abc or pencil button)?
Heres how... in the inbox for example; u wanna delete multiple sms, simply hold the edit button, scroll down, and then, press c to delete the marked sms. The edit button can also b used to copy and past text in sms, simply hold it and scroll across, choose copy. pretty good for placing song names in ngages
Heres how... in the inbox for example; u wanna delete multiple sms, simply hold the edit button, scroll down, and then, press c to delete the marked sms. The edit button can also b used to copy and past text in sms, simply hold it and scroll across, choose copy. pretty good for placing song names in ngages
Thursday, February 11, 2010
defend your computer
New Internet worm on loose. US Attorney General John Ashcroft held a press conference 9/18/01 to announce the most dangerous Internet worm yet, dubbed variously Code Blue and Nimda. It attacks through an email attachment (the attachment is "readme.exe"), by infecting Explorer browsers, propagating through netbios shares, and by directly attacking web servers. More on this story --->>
From:
Colleagues,
We and many other Internet sites are presently experiencing two types of attacks:
1. Infected email The subject line on email sent to you is variable. The attachment is "readme.exe" and has a MIME type of "Content-Type: audio/x-wav;". This virus is "network aware", which means it spread through open, unpassworded NetBIOS shares. This is called the W32/Nimda.a@mm
2. A browser based attack that seeks to infect the targets web server. This attack is now termed Code Blue.
From: Davis, Matt [mailto:matt.davis@countryfinancial.com]
Sent: Tuesday, September 18, 2001 11:44 AM
To: Davis, Matt
Cc: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM; incidents@securityfocus.com; unisog@sans.org
Subject: Some more details on the worm
When pages are served up by an infected server, it looks as though readme.eml is 'attached' to them. The server attempts to get the client to open them through the following bit of code (from the .dll file):
According to Slashdot, this causes the file to be automatically opened and executed by the client. I haven't been able to confirm or deny that (but if someone can, please do).
Regards,
Matt
--
Matt Davis, MCP
Intermediate Client Server Business Support Analyst
COUNTRY(SM) Insurance & Financial Services
309-821-6288
mailto:matt.davis@countryfinancial.com
How your web browser can get infected by Nimda.From: Russ
Subject: Alert: Check your IIS boxes now!
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
-----BEGIN PGP SIGNED MESSAGE-----
Numerous people have reported that on IIS servers infected with
w32.nimda.amm, when visitors browse to their website the visitor is
offered up README.EML, which in turn downloads README.EXE to the
visitor.
Please, check your IIS boxes now to see if you are infected. I've had
reports of IIS servers with more than 10,000 .eml files present
(mostly as a result of nimda).
While we don't have any conclusive disinfecting procedures yet, any
IIS box that has been infected definitely shouldn't be available to
clients until we do.
Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
Is hacktivism the answer? In the aftermath of the terrorist attacks of Sept. 11, some hackers are trying to organize strikesagainst Middle Eastern nations. This is a very bad idea. Almost all Middle Eastern nations hate terrorist leader Osama bin Laden and are our allies in bringing him to justice. The only government on the side of the terrorists is Afghanistan. Most of the people of Afghanistan also hate bin Laden and their Taliban oppressors. We need to leave Afghanistan's Internet access up so US cyberwarfare experts can use them for their own rather, ahem, interesting uses.
NIPC (US National Infrastructure Protection Center) has "already received reports of individuals encouraging vigilante hacking activity. Those individuals who believe they are doing a service to this nation by engaging in acts of vigilantism should know that they are actually doing a disservice to the country," their advisory stated. See "It sucks to be me" for details on how these hacktivists are actually harming the war against terrorism.
Us folks at Happy hacker wish to thank those hackers who have helped quiet down over-eager volunteers. Responding to the attacks on America is an extremely delicate operation. If you want to play a role in defending us in time of cyberwar, here are some concrete steps you can take.
First, President Bush will let you know if he needs hacker vigilantes to help. Right now he does NOT WANT VIGILANTE HELP. He probably NEVER will want vigilante help. The kind of baloney that went on with the US/China hacker war of April-May 2001 was an unfortunate holdover from Clinton Administration policies. The Oct. issue of Scientific American carries Carolyn Meinel's analysis of this unfortunate fubar of foreign policy.
Personal Security Demystified: How to Best Protect Yourself Online
Personal Security Demystified: How to Best Protect Yourself Online
By Tanvir ()
Many a times I hear people asking about their personal computer security; what tools to use, what to do and what not to do. You have to understand that security is more about people and less about tools and machines. 80% of security flaws, penetration and breaches occur not because cheap machines are involved but because there are people who are green in handling these machines.
By Tanvir ()
Many a times I hear people asking about their personal computer security; what tools to use, what to do and what not to do. You have to understand that security is more about people and less about tools and machines. 80% of security flaws, penetration and breaches occur not because cheap machines are involved but because there are people who are green in handling these machines.
This article will guide you through some of the basic steps that will help you better secure your system:
Do not open any email attachment that you receive from anyone without checking first - not even from your closest friends. If you really have to open an attachment even from any trusted source then query that source about if he/ she was supposed to send you this attachment. If you get positive response from the source/ sender then and only then open an attachment. Otherwise don't.
It is a best practice not to open any attachment with extensions like: exe, vbs, scr, bat, com etc. even if you receive them from your trusted source.
If someone has to send you a doc file tell them to convert it into *.rtf or *.txt format and then send. In MS Word you can do this by going to File Save As and choosing RTF from the drop down box named Save As Type. But the downside of changing format is that you can lose a lot of formatting and embedded object data, so documents from power users will sometimes suffer missing data.
If you must open any doc extension files, you can first use one of those doc file readers available free on the net. You can download a MS Word Viewer free from Microsoft’s sitehttp://www.microsoft.com/office/word/downloads/default.htm. Alternatively, you could convert the extension of the file (doc) to text (txt) and then open it with your text editor and see what the file is all about.
If you do decide to open it as a doc file in MS Word, first go to Tools > Macro > Security and make sure you have set the the security level to HIGH. This disables macros, which may carry viruses and Trojans.
Through news groups many times you will get links to different sites. DO NOT click on those URLs unless you are totally sure about what they are all about. Those sites are often ruled by warez kiddies and they will inject trojans in your pc or take total control over your pc as soon as you log on to those sites.
In your email client turn off the 'receiving HTML mails' option. Avoid receiving HTML mails as if at all possible. In Eudora (free from http://www.eudora.com) click Tools --> Options --> Viewing mail, and make sure you do *not* have a check mark next to "Allow executables in HTML content.") And avoid using MS Outlook Express as it has a long history of automatically installing viruses and Trojans on your computer even if you don't open infected emails. Also avoid Outlook (not express) prior to Windows 2000. Outlook XP seems to have okay security overall, but still fails because of its reliance on Internet Explorer - which has a lot of flaws. Outlook and Outlook Express are the prime targets of virus writers becasue of their massive use. These programs will also cause you extra headaches becasue you have to often update them with security patches and whatnot. All the virii that we have seen lately attack MS Outlook Express. There are better substitutes for it such as Eudora.
For 24/7 security you can use an antivirus program that will scan emails for malware, scan sites before you connect to them and provide real time scanning. I know of at least one that does all these - Trend Micro PcCillin. You can also use AVG AntiVirus; it’s free for home users and seems to work pretty well.
Do not give out your information on the net. While surfing the web you will see that there are sites that will ask for your personal information. The first question you should ask is - "Can I lie to them and still get the thing I want?" If yes, please lie, fake your personal information. Do not give information about yourself and hide out information about yourself as long as you can.
Avoid using Internet Explorer (IE) if possible. You can use one of the best browsers around: Mozilla for Windows.
Disable JAVA and Active X. To do this under MS IE, move your default-browsing zone to High security in Tools-Internet Options. This switches off 90% of MSIE exploits. You don't have to enter the sites that don't let you enter without Java and Active X enabled. Know how to read cookies and take a close look at them. Use software like cookie crusher and every time you log online crush all your previously received cookies. If you have to use IE then make sure that you run Windows Update at least once a week.
Use at least one personal firewall software. Zone Alarm (ZA) is a good one but others are available and new ones are coming up everyday. Use at least one Intrusion Detection System; Visual Zoneis a good one that is compatible with ZA.
Now, lets see what ports are open in your system. Type netstat -an from your command prompt to see which ports are open in your system both on and off - line. Try to get information on every port about what they do by searching the net. If you get ports like 31337 open and listening then you are in real danger. So try to control ports that are open and make sure that you know their functions. Also, in Windows close all ports from 137 to 139; that is, disable anything regarding NetBIOS file sharing.
Beware when using chat programs like IRC, ICQ, Yahoo!, etc etc. What happens is that when you use these to chat with your friends there is a peer-to-peer connection occurs between you and your friend. That is, your IP address is exposed leaving room for the other person to scan your computer looking for ways to break in. For this, if you must use those chat tools then go through a proxy. This will at least help you to hide your real IP.
One choice is to use MSN Messenger. In messenger you are connecting through the MSN Server. So, your real IP is not shown. But if you transfer files then it established a peer-to-peer connection and your IP is exposed to your friend.
MSN Messenger:
You <------------> MSN Messenger Server <-------------> Your Friend
Others:
You <----------> Your Friend.
But whoever gives you this 'server-in-the-middle' technology like MSN, you should finger (port 79) their server to see if finger option is enabled and whether it gives away your personal information. Butnever accept any files through MSN Messenger from anyone unless you are absolutely certian who they are. There is at least one MSN Messenger worm on the loose. For better safety you can use the MSN Messenger PGP-Plugin. The URL is:http://www.commandcode.com/index_flash.html
Use PGP encryption whenever you odn't wnat anyone snooping on your message. For more information regarding PGP and cryptography go to: www.pgpi.org. They have got some of the finest papers written on PGP that comes along with the software PGP itself.
Upgrade your Antinvirus protection regularly. Six-month-old signature files won’t guarantee you a virus free pc. You always have to upgrade your AVP. For best results upgrade your signature every week for new variants are coming out everyday. Also avoid booting from floppies. Go to your computer's BIOS (hit the delete key while booting up , before your operating system starts loading) to disable booting from floppy. This will prevent boot-sector viruses from attacking your pc.
Set Explorer to show file extensions. For this go to Windows Explorer/ My Computers > Tools > Folder Options > View (tab) > and uncheck the ‘Hide File Extension For Known File Type’ box. This will help you to avoid clicking on hoaxes. For example, a file viewed with the hide known extensions option may look like "harmlessfile.doc". But with this option disabled, it will show the extension, which may reveal that this file is actually "harmlessfile.doc.exe".
In the above text I have tried to cover some generic information regarding how-to secure your system. There are some other areas I have not covered like: physical network security, operating system specific security, mainly Linux and W2K. To best secure your system you should know the operating system you are using like the back of your hand. But I hope this tutorial will help you starting up from ground zero.
-dj
jani_don2001@yahoo.com
www.djworld.co.nr
My mInD iS fa$t ThAn Your cOmpUtErS.-dj
defend your computer know about viruses and anti viruses!
How to Get Rid of Adware and Spyware
What is adware? Some forms of adware make your browser open up web pages against your will. They often reset your home page. Other adware programs are more sneaky. They feed popup ads to your browser, making it look as if the web site you are browsing is sending them.
What is spyware? It is any sort of program that snoops on your computer and sends information out to mysterious people or companies. Spyware is far more sneaky than adware. Even if you have a firewall, a program that you have permitted to access the Internet may be also sending out information it has stolen from you. Most spyware programs just snoop on your web browsing activities. Some are far more dangerous, stealing passwords, credit card and banking information.
How does your computer get infected? One way is to visit a malicious web site while using a vulnerable browser (almost always Internet Explorer). The other way is by installing free software that hides adware or spyware.
Why won't antivirus programs eradicate all adware or spyware? The trick that forces antivirus companies to ignore most adware and spyware is that EULA (end user license agreement) that you sign when you install free software from the Internet. For example, many porn sites require that you click on a box that says it will install something to enhance your viewing pleasure, maybe a video program.Once you click on that EULA, you have given permission for the provider of the software to also install adware or spyware.
How to get rid of adware and spyware. For instant free help, try Ad-aware,
http://lavasoft.element5.com/software/adaware, and Spybot,http://www.safer-networking.org. You can use one or both together, as they are compatible. In addition, if you are more of a power user, you can install BHODemon. It is free from http://www.definitivesolutions.com/bhodemon.htm. It enables you to control the "browser helper objects" of Internet Explorer (IE). Adware and spyware and some viruses and worms exploit IE. Watch out for fake products! Some actually install adware or spyware instead of removing it!
To prevent future infections, use a browser that isn't so vulnerable to attack. Don't use Internet Explorer! For free, safe browsers, check outhttp://www.mozilla.org and http://www.opera.com.
A rootkit is a trojan that hides on your computer and allows other people to senak into it and snoop on you and turn your computer into a "zombie. Rootkits might hide all sorts of terrible things insiode your computer.. See this news story for details on the threat of zombie computers.
You can check to see if there is a rootkit installed on your computer with F-Secure BlackLight, RootkitRevealer by SysInternals, or RootKit Hook Analyzer.
If you discover your computer is infected with a rootkit, if you already had an antivirus program running, obviously the antivirus program wasn't able to defend your computer. Usually what will work is to uninstall your old antivirus program, install a new one and give it a chance to attack the rootkit.
AVG Free, AntiVir PersonalEdition Classic, Avast! 4 Home Edition, BitDefender 8 Free Edition
Warning! No antivirus program is good enough to find everything that might have been sneaked into your computer if it was compromised with a rootkit. The only thing you accomplish by finding out which antivirus program can eradicate your rootkit is that this tells you which of them is a better antivirus program. If you want to be safe, after discovering a rootkit, you need to save your data, reformat your hard drive and reinstall every thing. Be sure to install your firewall and antivirus program -- the one that was good enough to eradicate the rootkit -- immediately after you reinstall your operating system or use the system restore disks that came with your computer. Don't install anything else, including your data, until after you get your antivirus program running.
-dj
how to run linux and xp in same computer -trick by dj
How to Run Linux and Windows on the Same Computer
by Tanvir
Dual booting Linux and Windows is always a painstaking task for most people especially if you have Win2000 (NTFS) and using LILO in Linux. In this paper I will discuss how to dual boot Red Hat Linux (RHL) with Windows2000 (NT5).
(Carolyn's note: This also works for Windows XP using the NTFS file system. If you are running Windows 95/98/ME, click here for help.)
I assume you have a Windows 2000 Professional in full NTFS mode, Red Hat Linux 7.0 with Kernel 2.2 both in one HDD. Well, it's true there are some tools available out there that will do the job for you but we are hackers and we love doing things with whatever minimum we have available at hand.
In scenario 1 let's assume you already have Linux and Windows installed and you use a boot disk to start-up Linux. To get rid of the floppy you have to do the following:
Boot to your Linux partition and cat /etc/lilo.conf. At the beginning (global section) of the lilo.conf file you'll see something like boot=/dev/hda8. Take a note of this line.
Now, you have to copy the boot sector file. For this as root do the following:
dd if=/dev/hda8 bs=512 count=1 of=mylinux.lnx
Here, I assume that your linux partition is in /dev/hda8. After executing this command you'll see something like this:
1+0 records in
1+0 records out
Now, a file named mylinux.lnx has been created in your home directory. To make sure, type 'ls'. And you will see the file. Now, you need a FAT formatted floppy disk to copy this file. Put the floppy in and type this command:
mcopy mylinux.lnx a:
This will copy the file in the floppy. In case, if you don't have the command mcopy, you have to install an rpm named mtools. Easy!! Just go to your Linux CD (/mnt/cdrom/RedHat/RPMS) and find out the file mtools-some_version.rpm and install it.
Ok now as you have mcopy the mylinux.lnx file in the floppy, remove the floppy and restart to Windows2000. Now, in Windows C: drive you have to do 2 things. First, copy the file (mylinux.lnx) from the floppy to C drive. And then edit your boot.ini file (which is located in your C drive). If unfortunately you can't see boot.ini then check the hidden files and folder in Windows >> View options. After copying the file, notepad to your boot.ini file and add the following lines at the end of the section
c:\ mylinux.lnx ="Linux"
Save it and restart again. Now, you'll see two options to boot from.
If unfortunately you see that the process is not working you have to do some troubleshooting. Please note that whatever troubleshooting you do, after that you have to go through the whole process again.
Ok. if the process doesn't work at first place go to your Linux box and type LILO. This will update LILO. But if you see something unusual like "can't write to LILO because the cylinder of the partition is 1024" then Vi to /etc/lilo.conf and you'll see a line named Linear. Replace Linear with lba32 quit and update LILO. This will solve the problem.
Also sometimes adding the following lines to lilo might help:
other=/dev/hda1
label=windows2000
You can also install W2k first in FAT32 mode. Install Linux with LILO on MBR and put the upper line on the /etc/lilo.conf file. This will do the job fine for you. Now, you can freely convert your W2k partition in NTFS mode keeping the current installation intact. To convert to NTFS type the following at your DOS prompt:
Convert C: /FS:NTFS (Change the drive letter as you deem fit)
In this paper I have described ways to make it possible to make NTFS and Ext2 to live together. I hope this was of help to you.
www.djworld.co.nr for more -dj My mInd I$ fa$s than YouR coMpUteR.
how to fake out web servers when you visit
GUIDE to (mostly) Harmless Hacking
How to Fake out Web Servers When You Visit
Did you know that most web browsers dutifully identify themselves to every web site you visit? There's often a good reason for this. Some web sites will send you pages customized to give you better viewing with the type of browser you use. Some sites use your header information to choose what language to display. Some intrusion detection techniques even look at headers to get an idea whether a connection to a website is being made by a legitimate browser or by a clumsily programmed attack
If it bugs you to tell web sites everything your browser wants to tell them, here's how to fake them out.
Telnet! Yes, my favorite all purpose mostly harmless hacking technique is telnet. If you use Windows and have never used telnet, type Start --> Run --> type telnet in the window and hit enter. This will give you a black window with something like this in it:
Welcome to Microsoft Telnet Client.
Escape character is 'CTRL+]'
Microsoft Telnet>
Now here's a fun thing to do. At the telnet prompt, type "open happyhacker.org 80" . Now wait a few seconds and then hold down the Ctrl key and the c key with one hand and hit enter with the other.
This will give you something like:
HTTP/1.0 408 Request Timeout
Server: thttpd/2.20c 21nov01 on a Brickserver 2
Content-type: text/html
Date: Wed, 31 Jan 2007 13:23:03 GMT
Last-modified: Wed, 31 Jan 2007 13:23:03 GMT
Accept-Ranges: bytes
Connection: close
No request appeared within a reasonable time period.
thttpd/2.20c 21nov01 on a Brickserver 2
Connection to host lost.
Now to get something better, instead you can type Start --> Run and type in "cmd". This gives an MSDOS windows and it looks something like this:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Carolyn Meinel>
From here we can do something much more fun to unsuspecting webservers. Open Notepad and type this in two lines:
telnet happyhacker.org 80
GET /gtmhh/index.shtml
It won't work unless you have this in two lines! Next copy these two lines and at the MSDOS window prompt right click, choose paste, and then hit enter. This will display all the code that the webserver would normally send your browser.
OK, so why is this a big deal? You can get the same code just by using the "page source" command on your browser. However, you got this code without having to send the browser any extra headers. All you sent was the most basic web browser command, the "GET" command.
Even more important...!!!
You can go to jail warning: If you send a webserver a command that is designed to break into or crash it, you just might wind up being cellmate Spike's girlfriend. Yes, those nasty script kiddie websites offer exploits to send to webservers, and if you try them on about a thousand different websites you may eventually get unlucky and actually break in.
If you want to try out all sorts of weird commands against a webserver without breaking the law, you have permission to do it against this website, happyhacker.org and you can't get into any trouble because I own it and I set the rules, which are, basically, you can do anything you want, see if you can crash happyhacker.org or break in, it's OK with me, muhahaha!
Next, you can set up your web browser to send headers of your own design. This article by Eric Giguere is still useful for learning how to modify your browser's headers. He also has a link that displays a portion (not the entire thing) of your browser's headers. Using this link, I learn that my browser sent out this:
connection keep-alive
accept-language en-us,en;q=0.5
content-length 0
host www.ericgiguere.com
accept text/xml,application/xml,application/xhtml+xml,
text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
accept-charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
keep-alive 300
cookie JSESSIONID=5CF0B8F73EB94ECA1D6AA324F2AA1ADC; __utma=13
5980773.912983502.1170270059.1170270059.1170270059.1;
__utmc=135980773;
__utmz=135980773.1170270059.1.1.utmccn=(organic)|
utmcsr=google|utmctr=
change+browser+headers+Firefox|utmcmd=organic
user-agent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
You can tell this doesn't show everything because it doesn't include the "GET" command.
Now let's say you would like to see absolutely everything your browser sends. You can do this by setting up a network sniffer on your own computer and use it to see everything that goes back and forth between your browser and a website. This can be especially interesting if you visit malicious websites, meaning those that try to break into your computer through your browser to install spyware and even worse Trojans that enable criminals to hide their nasty activities inside your computer. Check out http://www.winpcap.org/to learn about sniffers and for free downloads of sniffer tools.
Last but not least, you can see what your headers look like by installing the free Apache webserver on your home computer. You can direct your browser to it by typing "localhost" or "127.0.0.1" into your browser or your telnet connection.
In order to ensure that your Apache webserver saves the headers of your browser, you have to find the file named http.conf. Open it in notepad and look for the line:
CustomLog logs/agent.log agent
If there is a "#" in front of it this means Apache ignores it. If you delete the "#" then Apache will record the headers of visiting browsers, but only after you restart Apache. Then after visiting it with your browser, you will find your headers in the agent.log file in the logs directory.
Of course after reading all this, you may wonder what the big deal is about forging headers. Or maybe you think this is super fun, in which case you must be a real hacker.
OK, so now lets go do fun stuff with the free Firefox browser. In the browser window type:
about:config
Scroll down the screen this displays to general.useragent.extra.firefox. and then double click on this line. You can change it to whatever you want. I change it from Firefox/2.0.0.1 to Lynx. Yes, most of you are too young to remember Lynx, but I'm a really, really ancient hacker and back when the Web was young we didn't have pictures and all that newfangled fancy stuff. The web was just words and links, and Lynx, which we ran from a Unix shell account (this was before Linux even!) was how we crawled the web.
Next I double click on general.useragent.locale and change en-US (meaning I want to see websites in English if they offer that option) to en-Lower Slobovia
Oh, pooh, it turns out all this does is change one of my headers to:
user-agent Mozilla/5.0 (Windows; U; Windows NT 5.1; Lower Slobovia; rv:1.8.1.1) Gecko/20061204 Lynx
This failure to totally fubar the headers tells me we can have much more fun if we use telnet or even netcat to directly connect to webservers. Then we finally can really, really fake out anyone who actually reads the logs.
You can get punched in the nose warning: Many intrusion detection and prevention systems look for really screwy browser headers. Make yours weird enough and you will make someone hopping mad -- and he or she might tell your online provider that you, yes you, sent evil headers. Yes, you can be tracked back to your home computer. If your online provider is terrified of hackers (could you actually be an evil, evil, criminal?) they might cancel your Internet service.
But lets get back to that Firefox about:config screen. Have you ever tried to enter a really weird URL you found on a hacker website into your browser and it didn't do what you expected? Your browser might be the culprit. Check out:
network.IDN.blacklist_chars
It lists all the characters your browser ignores. Many of these aren't even on your keyboard, although you can create them with a hex editor. Some of them you can't send through telnet, either. The ultimate solution to all that is netcat, a telnet-like program that is also good for lots of amazing, things. If you try really hard, netcat can enable you to do truly amazing "you can get punched in the nose" or "you can go to jail" stuff to webservers. Your choice.
Happy hacking!
Where are those back issues of GTMHHs?
We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. But we hate computer crime. So don't email us about any crimes you may have committed or may want to commit!
Why do we give out information that even the total beginner may use as a two-edged sword of cyberspace power? We do this "to turn over to [hu]mankind at large the greatest possible power to control the world and deal with it according to its lights and values." -- Robert J.
How to Fake out Web Servers When You Visit
Did you know that most web browsers dutifully identify themselves to every web site you visit? There's often a good reason for this. Some web sites will send you pages customized to give you better viewing with the type of browser you use. Some sites use your header information to choose what language to display. Some intrusion detection techniques even look at headers to get an idea whether a connection to a website is being made by a legitimate browser or by a clumsily programmed attack
If it bugs you to tell web sites everything your browser wants to tell them, here's how to fake them out.
Telnet! Yes, my favorite all purpose mostly harmless hacking technique is telnet. If you use Windows and have never used telnet, type Start --> Run --> type telnet in the window and hit enter. This will give you a black window with something like this in it:
Welcome to Microsoft Telnet Client.
Escape character is 'CTRL+]'
Microsoft Telnet>
Now here's a fun thing to do. At the telnet prompt, type "open happyhacker.org 80" . Now wait a few seconds and then hold down the Ctrl key and the c key with one hand and hit enter with the other.
This will give you something like:
HTTP/1.0 408 Request Timeout
Server: thttpd/2.20c 21nov01 on a Brickserver 2
Content-type: text/html
Date: Wed, 31 Jan 2007 13:23:03 GMT
Last-modified: Wed, 31 Jan 2007 13:23:03 GMT
Accept-Ranges: bytes
Connection: close
408 Request Timeout
No request appeared within a reasonable time period.
thttpd/2.20c 21nov01 on a Brickserver 2
Connection to host lost.
Now to get something better, instead you can type Start --> Run and type in "cmd". This gives an MSDOS windows and it looks something like this:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Carolyn Meinel>
From here we can do something much more fun to unsuspecting webservers. Open Notepad and type this in two lines:
telnet happyhacker.org 80
GET /gtmhh/index.shtml
It won't work unless you have this in two lines! Next copy these two lines and at the MSDOS window prompt right click, choose paste, and then hit enter. This will display all the code that the webserver would normally send your browser.
OK, so why is this a big deal? You can get the same code just by using the "page source" command on your browser. However, you got this code without having to send the browser any extra headers. All you sent was the most basic web browser command, the "GET" command.
Even more important...!!!
You can go to jail warning: If you send a webserver a command that is designed to break into or crash it, you just might wind up being cellmate Spike's girlfriend. Yes, those nasty script kiddie websites offer exploits to send to webservers, and if you try them on about a thousand different websites you may eventually get unlucky and actually break in.
If you want to try out all sorts of weird commands against a webserver without breaking the law, you have permission to do it against this website, happyhacker.org and you can't get into any trouble because I own it and I set the rules, which are, basically, you can do anything you want, see if you can crash happyhacker.org or break in, it's OK with me, muhahaha!
Next, you can set up your web browser to send headers of your own design. This article by Eric Giguere is still useful for learning how to modify your browser's headers. He also has a link that displays a portion (not the entire thing) of your browser's headers. Using this link, I learn that my browser sent out this:
connection keep-alive
accept-language en-us,en;q=0.5
content-length 0
host www.ericgiguere.com
accept text/xml,application/xml,application/xhtml+xml,
text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
accept-charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
keep-alive 300
cookie JSESSIONID=5CF0B8F73EB94ECA1D6AA324F2AA1ADC; __utma=13
5980773.912983502.1170270059.1170270059.1170270059.1;
__utmc=135980773;
__utmz=135980773.1170270059.1.1.utmccn=(organic)|
utmcsr=google|utmctr=
change+browser+headers+Firefox|utmcmd=organic
user-agent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
You can tell this doesn't show everything because it doesn't include the "GET" command.
Now let's say you would like to see absolutely everything your browser sends. You can do this by setting up a network sniffer on your own computer and use it to see everything that goes back and forth between your browser and a website. This can be especially interesting if you visit malicious websites, meaning those that try to break into your computer through your browser to install spyware and even worse Trojans that enable criminals to hide their nasty activities inside your computer. Check out http://www.winpcap.org/to learn about sniffers and for free downloads of sniffer tools.
Last but not least, you can see what your headers look like by installing the free Apache webserver on your home computer. You can direct your browser to it by typing "localhost" or "127.0.0.1" into your browser or your telnet connection.
In order to ensure that your Apache webserver saves the headers of your browser, you have to find the file named http.conf. Open it in notepad and look for the line:
CustomLog logs/agent.log agent
If there is a "#" in front of it this means Apache ignores it. If you delete the "#" then Apache will record the headers of visiting browsers, but only after you restart Apache. Then after visiting it with your browser, you will find your headers in the agent.log file in the logs directory.
Of course after reading all this, you may wonder what the big deal is about forging headers. Or maybe you think this is super fun, in which case you must be a real hacker.
OK, so now lets go do fun stuff with the free Firefox browser. In the browser window type:
about:config
Scroll down the screen this displays to general.useragent.extra.firefox. and then double click on this line. You can change it to whatever you want. I change it from Firefox/2.0.0.1 to Lynx. Yes, most of you are too young to remember Lynx, but I'm a really, really ancient hacker and back when the Web was young we didn't have pictures and all that newfangled fancy stuff. The web was just words and links, and Lynx, which we ran from a Unix shell account (this was before Linux even!) was how we crawled the web.
Next I double click on general.useragent.locale and change en-US (meaning I want to see websites in English if they offer that option) to en-Lower Slobovia
Oh, pooh, it turns out all this does is change one of my headers to:
user-agent Mozilla/5.0 (Windows; U; Windows NT 5.1; Lower Slobovia; rv:1.8.1.1) Gecko/20061204 Lynx
This failure to totally fubar the headers tells me we can have much more fun if we use telnet or even netcat to directly connect to webservers. Then we finally can really, really fake out anyone who actually reads the logs.
You can get punched in the nose warning: Many intrusion detection and prevention systems look for really screwy browser headers. Make yours weird enough and you will make someone hopping mad -- and he or she might tell your online provider that you, yes you, sent evil headers. Yes, you can be tracked back to your home computer. If your online provider is terrified of hackers (could you actually be an evil, evil, criminal?) they might cancel your Internet service.
But lets get back to that Firefox about:config screen. Have you ever tried to enter a really weird URL you found on a hacker website into your browser and it didn't do what you expected? Your browser might be the culprit. Check out:
network.IDN.blacklist_chars
It lists all the characters your browser ignores. Many of these aren't even on your keyboard, although you can create them with a hex editor. Some of them you can't send through telnet, either. The ultimate solution to all that is netcat, a telnet-like program that is also good for lots of amazing, things. If you try really hard, netcat can enable you to do truly amazing "you can get punched in the nose" or "you can go to jail" stuff to webservers. Your choice.
Happy hacking!
Where are those back issues of GTMHHs?
We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. But we hate computer crime. So don't email us about any crimes you may have committed or may want to commit!
Why do we give out information that even the total beginner may use as a two-edged sword of cyberspace power? We do this "to turn over to [hu]mankind at large the greatest possible power to control the world and deal with it according to its lights and values." -- Robert J.
Oppenheimer, head of the Manhattan Project, which created the world's first nuclear weapons.
-dj
Subscribe to:
Comments (Atom)
