Tech In Motion

Monday, October 29, 2012

GOOGLE HACKS

We all use google on a daily basis, but how many times we have come across limitations in our ability to use google more effectively? The aim of this article is to help you to use google more efficiently.

Accessing sites without registration

Many of the websites requires the user to register in order to browse or download contents from it. But most of them allow the google bot to search on these pages. Google bot is a program used by google to map the contents of a site. Each time our browser sends a request for a page it sends an HTTP header which contain a field user agent, what we are going to do is modify this user agent field and make our request looks like the one made by the google bot. Instead of modifying it each time we use a firefox add-on called user-agent switcher. You can install it from tools>add-ons. After installing you need to add a new user agent. Go to tools>default use agent>edit user agent>new> new user agent
give the following values
Description:crawl-66-249-66-1.googlebot.com
User Agent:Googlebot/2.1 (+http://www.googlebot.com/bot.html)
click ok. Whenever you wants to browse free go to default user agents and set this as the user agent.

Search google efficiently

Google Operators

These operators help us to give search queries to google more effectively, using these operators we can query google more efficienly. eg: if we want to search for all pdf files on the subject 'google hacks', we can use the following query (without quotes) and search "filetype:pdf google hacks".

The following are some very useful operators.
The syntax is operator:string1 string2...

intitle - searches the title of web pages with string1
eg: intitle:tech hacks
the above will search for tech in the title of pages and hacks as the content

allintitle - searches all string1,string2... in the title of web pages.

inurl - similar to intitle but searches in the url of pages instead of title

allinurl - similar to allintitle but searches in the url instead of title

filetype - searches for specified filetype
eg: filetype:doc programming
the above will search for microsoft word documents containing "programming"

allintext - searches all strings in the text of a page, ie it wont search in the url,title,link etc of the page

Google proxy

A proxy is a server which acts as an intermediate between our browser and server. Each request the browser sending is received by the proxy it then forwards this request to the actual sever and returns the reply back. Using this technique it is possible to access blocked by using a proxy which is not blocked. Google provides a great solution by providing a service called google proxy, it is actually made for translating languages but can be used as a proxy, as google is not usually blocked.

To do this goto http://translate.google.com/ and type the url of the site you want to visit.

Here type the url of site you want to translate, select the suitable language to translate, click translate....

tags:- google, hacks, proxy, operators, browse web freely, user agent, switcher

Monday, October 22, 2012

BRUTE FORCING A .ZIP FILE

Intro to Brute-Forcing

With this article i will demonstrate importance of setting large passwords.Brute-forcing is the process by which a cracker tries to gain access to passwordly protected areas by repeatedly trying all the possible combinations one by one. It is applied in varied fields like logging in a web application to cracking the a passwordl protected file. It is usually done by using automated programs. Small passwords (eventhough random) are extremely vulnerable to this type of attack, but as the length of passwords increase the time taken to crack it increases exponentialy. Hence it is very important to have a long password, which should not be common. But with the cracker having enough number of processors, it is possible to crack larger paswords.I developed a c program, using which i will demonstrate how easily a 3 letter alphanumeric case sensitive password of a zip file is cracked.With some changes in it, it is possible to brute force web
applications.

Program

This program is written to brute force a passwordly protected zip file.
It has to compiled using the gcc compiler of linux.

#include<stdio.h>
#include<stdlib.h> //For exit() & system()
#include<string.h>
#define SIZE 3 // For trying passwords of length "size" bytes
void trythis(char[]);
void main()
{
int p,i,k;
char a[SIZE+1];
for(p=0;p<SIZE;++p)
a[p]=48;
a[SIZE]='\0';
while(1)
{
for(i=48;i<123;++i,a[SIZE-1]=i)
{
if((i>57&&i<65)||(i>90&&i<97)) //for skipping non-alphanum
continue;
trythis(a);
}
for(k=SIZE-1;k>0;--k)
{
if(a[k]==123)
{ a[k]=48; ++a[k-1];
if(a[k-1]==58) //for skipping non-alphanum
a[k-1]=65;
else if(a[k-1]==91)
a[k-1]=97;
}
}
if(a[0]==123)
exit(0);
}
}

void trythis(char a[])
{
char cmnd[35]="unzip -o -P \'";
int status=1;
strcat(cmnd,a);
strcat(cmnd,"\' q.zip");
status=system(cmnd);
if(!status)
{
printf("The pswrd is:");
puts(a);
exit(0);
}
}

Compilation & Execution

The line #define SIZE 3 can be varied according to the size of the password.
copy and paste the code in a file anyname.c. open terminal go to the
folder containing anyname.c and type
gcc -o zipcracker anyname.c
It will compile the code and save the output to a binary file named
zipcracker. Copy the the zip file to be cracked (having 3 letter
password) and paste it in the current folder rename it as q.zip.
Invoke the program by typing the following comand at the terminal.
./zipcracker
Now wait for some time, the terminal is busy, within some 10-20
minutes (time may vary depending on processor) you will see the
cracked password of the file. And the extraced file/folder on the same
folder

Explaining Program

Detailed explanation of the c program
we have defined size as 3, for trying 3 letter passwords.
The main() function
The variables p,i,k are defined for looping purpose.
charecter a will be used to store the varying 3 letter combination.
The first for loop is used to set 48 (the ascii value of '0') to all
charecters except the last which is set as '\0'(null terminated
string).
The while loop is used to pass each different combination to the
trythis() function, the program terminates either when passwords is
cracked or when all the combinations are tried.
The first for loop inside the while loop is used to loop the last
charecter(not considering the null) and passing the alphanumeric
values to trythis(). It skips the nonalphanumeric of ascii range
(57-65)&(90-97)
The second for loop inside while (iterating for all charecters in the
array) is used to incriment the value of the previous charecter in the
array once the value has reached 123 (charecter 'z', last
alphanumeric) and value of itself is set as '0'. This loop also skips
non alphanumerics.

The code
if(a[0]==123)
exit(0);
makes the program terminate when all combinations are tried without success.

Fuction trythis()
It recieves the char passed by and appends it properly to the string to unzip.
The statement
status=system(cmnd);
calls the system() func and saves the return value to integer variable
the system() function takes a charecter array and execute it as bash
command, the return value is the status of the by command. The unzip
command returns 0 on success and non-zero on other occations.
On success the password is printed and the program terminates.

I hope with this program you all understand the importance of setting
large passwords, as the same algorithm can be used to hack even your
email account.
Comments are most welcome...

Tags:-brute forcing, .zip, zip, cracking, hacking, .zip password, c program

Microsoft Surface Tablet Specifications, details and price

Windows Surface RT

Microsoft will be releasing its first ever tablet named Microsoft Surface on 26th October. The tablet series was designed by Microsoft and was announced on June 18, 2012. The Surface is available in two versions one is with Windows RT and another is Windows 8 Pro. The basic difference between the two is that Windows RT uses ARM CPU (Advanced RISC Machine and Acorn RISC Machine) and Windows 8 the Intel CPU. Windows Surface RT will be released on 26th and the other will be available in the near future. The price is Rs 49,990(499 $). Mean while we are going deep into Windows surface RT specifications.

SPECIFICATIONS

Operating System: Windows RT

Power: 31.5 W-h

On Chip: Nvidia Tegra 3

CPU: Quad Core ARM Cortex-A9

Storage: 32 GB or 64 GB

Memory: 2GB

Display: 1366 x 768 pixels

Graphics: GeForce ULP (Ultra Low Power)

Ports: Full-size USB 2.0, microSDX card slot, Headset jack, HD video out port, Cover port

Camera: 720p HD front and rear-facing

Connectivity: Wi-Fi

Dimensions: 27.5 x 17.2 x 9.4 [cm(w),cm(h),mm(d)]

Weight: 680g

Tags:-Microsoft, surface, microsoft surface rt, windows tablet, microsoft tablet, arm cpu, windows 8 pro,

Thursday, October 18, 2012

Sony Xperia Tipo Specifications, details, price and pictures

Xperia Tipo

Sony has released its new Xperia Series phone named Tipo , the most cheapest of the Xperia series. The phone targets medium ranged customers taking into account the cost.
The phone supports 2g and 3g networks with 7.2 Mbps HSDPA and 5.76 Mbps HSUPA speed. The dimensions are 103 x 57 x 13 mm (4.06 x 2.24 x 0.51 in) and weights about 99.4 g .The display characteristics are TFT capacitive touchscreen, 256K colors, 320 x 480 pixels and 3.2 inches scratch resistant glass.

Xperia Tipo

The memory details include microSD expandable up to 32 GB with a 2.9 GB internal storage and 512 MB RAM. The phone runs on Android Ice cream sandwich operating system with Qualcomm MSM7225AA and 800 MHz Cortex-A5 CPU. Other features include Java MIDP emulator, gps support and radio.
The battery Li-Ion with 1500 mAh has a stand-by up to 470 h (2G) and up to 545 h (3G). The talktime stand-by time up to 5 h (2G) / up to 4 h 30 min (3G) and Music play Up to 30 h.

Xperia Tipo

The camera 3.15 MP one with 2048x1536 pixels and you can't expect much from it.One of the main disadvantage is that the phone lacks front camera and with this price it is a great drawback.The phone uses a mini sim.
Tags:-sony xperia tipo, tipo, tipo review, xperia, sony tipo, details of tipo

Resetting (clearing) Windows admin passwords

Intro to hashing

To login we type our password windows allow us to log-in for a correct password. But how does windows determine whether it correct or not? The OS have to do some comparison to find whether it is correct, don't they? To compare, it should be saved somewhere in the hard disk. Actually what happens is windows stores the database of all users along with their hashed passwords in a particular file called SAM (security accounts manager). But the file is invisible once the OS is in use, it is not accessible What we do is, use a live cd or bootable usb and access the file. The password inside SAM is hashed using algorithms like LM and NTLM which are complex and is not so easy to crack algorithms.
In windows all the passwords are stored in a file called SAM. The default location C:\WINDOWS\system32\config\SAM. As it is not so easy to crack what we can do is to modify the hash with the hash of the password we want. To do all this we use the linux package called chntpw.
chntpw can be installed on various linux distros, (i am using Ubuntu). Once we boot from linux it can access SAM file. And edit it.

Installing chntpw
After booting from the live disc.
It is available as binary packages for various linux distros
http://pkgs.org/search/?keyword=chntpw
or
You can manually install it from terminal using the command
sudo apt-get install chntpw

Resetting password
To automatically mount mount the harddisk open home folder in the devices open the device by clicking. Now the hard disk is mounted.

Go to terminal type cd /media
Using dir command find the weird name of the hard disk, mine is "6424A36924A33D44". For the default path (else just search foe SAM file) type cd 6424A36924A33D44/WINDOWS/system32/config
type dir and find the list of files

Type chntpw -l SAM to view the list of all users along with their privilages.
For me this is what i get.

To change password type chntpw -u "username".
To change password of buser i can type
chntpw -u buser SAM

Thats it, enter the new password and reboot!!!!!!!!

Tags:- Windows password cracker, windows, password, sam file, chntpw, resetting password, live cd, linux, admin password