Tag: browsers

Proxmate- Browser plugins for Proxy Surfing to sites closed to certain countries

A neat technical innovation Proxmate is a browser plugin with a Chrome and Firefox version. It allows non US internet citizens to go to US sites , including Google’s Play Store, Spotify, Turntable and others

It is very professionally designed and now being used quite a lot.

Great Work by Dave Mohl at http://proxmate.dave.cx/

I wish the same principle could be applied to create a fork of Chromium /Firefox to mash up with the Tor do not track privacy software. Or if a fork is too much work- even a plugin 🙂

proxmate

Continue reading “Proxmate- Browser plugins for Proxy Surfing to sites closed to certain countries”

How to learn Hacking Part 2

Now that you have read the basics here at http://www.decisionstats.com/how-to-learn-to-be-a-hacker-easily/ (please do read this before reading the below)

 

Here is a list of tutorials that you should study (in order of ease)

1) LEARN BASICS – enough to get you a job maybe if that’s all you wanted.

http://www.offensive-security.com/metasploit-unleashed/Main_Page

2) READ SOME MORE-

Lena’s Reverse Engineering Tutorial-“Use Google.com  for finding the Tutorial

Lena’s Reverse Engineering tutorial. It includes 36 parts of individual cracking techniques and will teach you the basics of protection bypassing

01. Olly + assembler + patching a basic reverseme
02. Keyfiling the reverseme + assembler
03. Basic nag removal + header problems
04. Basic + aesthetic patching
05. Comparing on changes in cond jumps, animate over/in, breakpoints
06. “The plain stupid patching method”, searching for textstrings
07. Intermediate level patching, Kanal in PEiD
08. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor
09. Explaining the Visual Basic concept, introduction to SmartCheck and configuration
10. Continued reversing techniques in VB, use of decompilers and a basic anti-anti-trick
11. Intermediate patching using Olly’s “pane window”
12. Guiding a program by multiple patching.
13. The use of API’s in software, avoiding doublechecking tricks
14. More difficult schemes and an introduction to inline patching
15. How to study behaviour in the code, continued inlining using a pointer
16. Reversing using resources
17. Insights and practice in basic (self)keygenning
18. Diversion code, encryption/decryption, selfmodifying code and polymorphism
19. Debugger detected and anti-anti-techniques
20. Packers and protectors : an introduction
21. Imports rebuilding
22. API Redirection
23. Stolen bytes
24. Patching at runtime using loaders from lena151 original
25. Continued patching at runtime & unpacking armadillo standard protection
26. Machine specific loaders, unpacking & debugging armadillo
27. tElock + advanced patching
28. Bypassing & killing server checks
29. Killing & inlining a more difficult server check
30. SFX, Run Trace & more advanced string searching
31. Delphi in Olly & DeDe
32. Author tricks, HIEW & approaches in inline patching
33. The FPU, integrity checks & loader versus patcher
34. Reversing techniques in packed software & a S&R loader for ASProtect
35. Inlining inside polymorphic code
36. Keygenning

If you want more free training – hang around this website

http://www.owasp.org/index.php/Cheat_Sheets

OWASP Cheat Sheet Series

Draft OWASP Cheat Sheets

3) SPEND SOME MONEY on TRAINING

http://www.corelan-training.com/index.php/training/corelan-live/

Course overview

Module 1 – The x86 environment

  • System Architecture
  • Windows Memory Management
  • Registers
  • Introduction to Assembly
  • The stack

Module 2 – The exploit developer environment

  • Setting up the exploit developer lab
  • Using debuggers and debugger plugins to gather primitives

Module 3 – Saved Return Pointer Overwrite

  • Functions
  • Saved return pointer overwrites
  • Stack cookies

Module 4 – Abusing Structured Exception Handlers

  • Abusing exception handler overwrites
  • Bypassing Safeseh

Module 5 – Pointer smashing

  • Function pointers
  • Data/object pointers
  • vtable/virtual functions

Module 6 – Off-by-one and integer overflows

  • Off-by-one
  • Integer overflows

Module 7 – Limited buffers

  • Limited buffers, shellcode splitting

Module 8 – Reliability++ & reusability++

  • Finding and avoiding bad characters
  • Creative ways to deal with character set limitations

Module 9 – Fun with Unicode

  • Exploiting Unicode based overflows
  • Writing venetian alignment code
  • Creating and Using venetian shellcode

Module 10 – Heap Spraying Fundamentals

  • Heap Management and behaviour
  • Heap Spraying for Internet Explorer 6 and 7

Module 11 – Egg Hunters

  • Using and tweaking Egg hunters
  • Custom egghunters
  • Using Omelet egghunters
  • Egghunters in a WoW64 environment

Module 12 – Shellcoding

  • Building custom shellcode from scratch
  • Understanding existing shellcode
  • Writing portable shellcode
  • Bypassing Antivirus

Module 13 – Metasploit Exploit Modules

  • Writing exploits for the Metasploit Framework
  • Porting exploits to the Metasploit Framework

Module 14 – ASLR

  • Bypassing ASLR

Module 15 – W^X

  • Bypassing NX/DEP
  • Return Oriented Programming / Code Reuse (ROP) )

Module 16 – Advanced Heap Spraying

  • Heap Feng Shui & heaplib
  • Precise heap spraying in modern browsers (IE8 & IE9, Firefox 13)

Module 17 – Use After Free

  • Exploiting Use-After-Free conditions

Module 18 – Windows 8

  • Windows 8 Memory Protections and Bypass
TRAINING SCHEDULES AT

ALSO GET CERTIFIED http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ ($950 cost)

the syllabus is here at

http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf

4) HANG AROUND OTHER HACKERS

At http://attrition.org/attrition/

or The Noir  Hat Conferences-

http://blackhat.com/html/bh-us-12/training/bh-us-12-training_complete.html

or read this website

http://software-security.sans.org/developer-how-to/

5) GET A DEGREE

Yes it is possible

 

See http://web.jhu.edu/jhuisi/

The Johns Hopkins University Information Security Institute (JHUISI) is the University’s focal point for research and education in information security, assurance and privacy.

Scholarship Information

 

The Information Security Institute is now accepting applications for the Department of Defense’s Information Assurance Scholarship Program (IASP).  This scholarship includes full tuition, a living stipend, books and health insurance. In return each student recipient must work for a DoD agency at a competitive salary for six months for every semester funded. The scholarship is open to American citizens only.

http://web.jhu.edu/jhuisi/mssi/index.html

MASTER OF SCIENCE IN SECURITY INFORMATICS PROGRAM

The flagship educational experience offered by Johns Hopkins University in the area of information security and assurance is represented by the Master of Science in Security Informatics degree.  Over thirty courses are available in support of this unique and innovative graduate program.

———————————————————–

Disclaimer- I havent done any of these things- This is just a curated list from Quora  so I am open to feedback.

You use this at your own risk of conscience ,local legal jurisdictions and your own legal liability.

 

 

 

 

 

 

Cloud Computing – can be evil

Cloud Computing can be evil because-

1) Most browsers are owned by for profit corporations . Corporations can be evil, sometimes

And corporations can go bankrupt. You can back up data locally, but try backing up a corporation.

2) The content on your web page can be changed using translator extensions . This has interesting ramifications as in George Orwell. You may not be even aware of subtle changes introduced in your browser in the way it renders the html or some words using keywords from a browser extension app.

Imagine a new form of language called Politically Correct Truthspeak, and that can be in English but using machine learning learn to substitute politically sensitive words with Govt sanctioned words.

3) Your DNS and IP settings can be redirected using extensions. This means if a Govt passes a law- you can be denied the websites using just the browser not even the ISP.

Thats an extreme scenario for a authoritative govt creating its own version of Mafiaafire Redirector.

So how to keep the cloud computer honest?Move some stuff to the desktop

How to keep desktop computing efficient?Use some more cloud computing

It is not an OR but an AND function in which some computing can be local, some shared and some in the cloud.

Si?

Chrome Extension- MafiaaFire

The chrome extension MafiaaWire basically gives you an updated list of redirected websites. So the next time , your evil highness shuts down your favorite website- the list promises to give you an update.  While obviously entertainment intellectual property is a very obvious site category for such redirects, in some cases these extensions can be used for simple things like hosting dissents or protesters against govt corruption in non US countries .

Basically under the new SOPA act (an oline version of pepper spray http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act) even browsers like Firefox and Chrome would be liable for any such extension that can be used to download American Intellectual property illegally.

In the meantime – this is an interesting and creative use case of technology and sociology merging in the brave new world.

You can read about it here-

http://en.wikipedia.org/wiki/MAFIAAFire_Redirector

MAFIAAFire works by downloading a list which contains the names of the “blocked” sites as well as the sites to redirect to. This list is downloaded every time Firefox starts up or every two days on the Chrome version (although the user has the choice to force an update on the Chrome version instead of waiting for two days).

When a user types in a domain name from the list of blocked domains, the add-on recognizes this and automatically redirects the user to the secondary site. Since this happens before the browser connects to the DNS server, this renders any DNS blocks useless.

Although the add-on checks for which sites are entered into the address bar every time (as it needs to check if that site is on its block list), it does not log these requests nor send these requests to any central server. In other words: it does not track the user.

or

Download it from

https://chrome.google.com/webstore/detail/hnifiobpjihmmjgiokkaalgomddebhng

Interesting times indeed!

Related-

Encryption

http://poemsforkush.wordpress.com/2011/12/17/encryption/

 

Google Chrome introduces in-browser ads

Just saw a text ad on my chrome browser. Not a website just the browser.

Text ads courtesy Google Chrome.

No matter what website you go- well who has the browser can show you ads. I am glad the decade long stint of browsers as a sink hole for free stuff is going to go away soon.

Hmm.

Now if Microsoft comes up with in-Desktop Ads and slices the prices it would be fun.

Holiday season starts early!

 

 

Chrome

If you are new to using Chrome, there are many delightful features just beneath the surface.

If you are an Internet Explorer or Firefox or Safari or Arora or Opera or Sea Monkey browser user- this is one more reason to test, just test Chrome.

Ok so who Made chrome- (note the link i.e about:credits is what you type in chrome to see features)

about:credits

Credits

David M. Gay’s floating point routines
dynamic annotations
Netscape Portable Runtime (NSPR)
Network Security Services (NSS)
purify headers
google-glog’s symbolization library
valgrind
xdg-mime
xdg-user-dirs
google-jstemplateshow licensehomepage
Launchpad Translationsshow licensehomepage
Mozilla Personal Security Managershow licensehomepage
Google Toolbox for Macshow licensehomepage
ActiveX Scripting SDKshow licensehomepage
Almost Native Graphics Layer Engineshow licensehomepage
Apple sample codeshow licensehomepage
Google Cache Invalidation APIshow licensehomepage
Compact Language Detectionshow licensehomepage
OpenGL ES 2.0 Programming Guideshow licensehomepage
OpenGL ES 2.0 Conformance Testsshow licensehomepage
hunspell dictionariesshow licensehomepage
IAccessible2 COM interfaces for accessibilityshow licensehomepage
Chinese and Japanese Word Listshow licensehomepage
ISimpleDOM COM interfaces for accessibilityshow licensehomepage
modp base64 decodershow licensehomepage
NSBezierPath additions from Sean Patrick O’Brienshow licensehomepage
Cocoa extension code from Caminoshow licensehomepage
OTS (OpenType Sanitizer)show licensehomepage
Google Safe Browsingshow licensehomepage
XUL Runner SDKshow licensehomepage
and of course
so thats who made chrome.
  • Will Google be able to monetize Chrome the way it has monetized Android (Atleast by locking in both search,computing and browsing platforms)? I like the Adblock extension- and I would be happy to see more paid extensions. or even two versions one free and other freer (in choice) browsers for ads /security etc. maybe even a premium paid browser which has tor embedded in it , adblock enabled in it, and encrypted chat (like Waste Again) as an extension…. Hmm Hmm Hmm There is a SOCIAL version of Chromium called Rockmelt used ironically by Google Social Nemesis -Facebook (see http://blogs.ft.com/fttechhub/2011/06/facebook-partners-with-rockmelt-on-building-a-social-web-browser/)
  • Will Google share more revenue with open source contributors and thus create a new path in open source revenue generation just like it did with online advertising as an industry? Hmm Hmm Hmm. or Will Facebook continue to lead the way with extensions and applications (which did predate the mobile app place- so thats one innovation u gotta give to Zuk’s boys 😉
Back to Chrome-
To change settings- chrome://settings/browser
but to check what Autofill Data is stored within chrome (thats your credit card and your web form information)
chrome://settings/autofill and chrome://settings/content has all your content settings
Well Chrome is very very secure, or as secure as a browser can be in 2011.
You can set up Google Sync to keep all your data in the cloud, and it has an application specific password as well.
So hopefully you will have much more fun enjoying hacking Chromium 😉
See these

Google Experimental search

Image representing Google as depicted in Crunc...
Image via CrunchBase

Google just rolled out three new experiements. You can join only one of these at http://www.google.com/experimental/index.html

———————————————————————————————————————————–

Google is always experimenting with new features aimed at improving the search experience. Take one for a spin and let us know what you think.

Your selected experiment: You have joined the +1 button experiment. Note that you can only join ONE experiment at a time.

+1 button This is your selected experiment.
Use +1 to give something your public stamp of approval, so friends, contacts, and others can find the best stuff when they search. Get recommendations for the things that interest you, right when you want them, in your search results. 

To participate in this experiment:

  1. Make sure you’re signed into your Google Account (required)
  2. Click ‘Join this experiment’
  3. Search for something you love on Google.com
  4. Click the new +1 button, and make your mark on the web

Your +1’s are public. They can appear in Google search results, on ads, and sites across the web. You’ll always be able to see your own +1’s in a new tab on your Google Profile, and if you want, you can share this tab with the world.

Please note, it may take a while before you see the button in search results, and it may occasionally disappear as we make improvements. Your feedback will help us make it better!

Learn more about +1

Keyboard shortcuts
Navigate search results quickly and easily, minimizing use of your mouse. Current keyboard shortcuts include: 

Key Action
J Selects the next result.
K Selects the previous result.
O Opens the selected result.
<Enter> Opens the selected result.
/ Puts the cursor in the search box.
<Esc> Removes the cursor from the search box.
Try out this queryrattlesnake

Accessible View
Navigate search results quickly and easily, with just your keyboard. As you navigate, items are magnified for easier viewing. If you use a screen reader or talking browser, the relevant information is spoken automatically as you navigate. 

Current keyboard shortcuts include:

Key Action
j or DOWN Selects the next item.
k or UP Selects the previous item.
l or RIGHT Moves to the next category (results, sponsored links, refinements).
h or LEFT Moves to the previous category (results, sponsored links, refinements).
<Enter> Opens the selected result.
/ Puts the cursor in the search box.
n Moves to the next result, and fetches more results if necessary.
p Moves to the previous result, reloading earlier results if necessary.
= Magnifies current item
Shrinks current item
A Switches to Accessible Search Results
W Switches to regular Web Search Results

For now, you need to use the Firefox 3 web browser with this experiment. This note will be updated as other browsers are added. Magnification already works with Google Chrome andApple’s Safari.

Try out this queryenhancing web 2.0 accessibility
Related Articles