DrK3055A
Members-
Content Count
44 -
Joined
-
Last visited
Everything posted by DrK3055A
-
The Hacker's Google A template for the SE - can you read it?
DrK3055A replied to cyborgxxi's topic in Search Engines
Because in fact, they are both the same thing. This "hackerized" Google is just the result of selecting "hacker" language from the Preferences section of google. This is just another useless Google feature for fun, just like selecting the "Klingon" language (forgive me, Start Trek fellows), or the "Bork,Bork,Bork" one. -
Two methods. First one is to include a reference into the Resource script file "*.RC". Here is a link that explains how to do this: http://forums.xisto.com/no_longer_exists/ Second one is by using a resource editor (like "Resource Hacker") then edit the compiled resource file (*.RES) that goes to be included to the linker, so you add your image resource. Then at your source code, you need to load the resource via LoadResource function...
-
This sometimes happens to me when i handwrite the number 8. Sometimes i write it the normal way, but very often i write it by drawing the reverse path. Actually, i think some of those mispronounced words are that because they are spoken, then written down (books, magazines, etc), and after read by teachers at random places in the world, so they assume the pronunciation varying up on the context. For instance, i believe that here is very common the SCASSI (not like SCASEY, but like the latin A), because someone read "scuzzy" from a computing book written in english, and figured out a pronunciation like Muzzy, some others read literally "scuzzy" like "scoosi" (thats the way the "u" letter is pronunced at some latin derived languages), and so on. Yes, when i was a child, i enjoyed a lot the "David the Gnome" cartoon, and it's been pronunciated always like "nome". In english it's clear that a "G" preceeding an "N" is sillent, but this isn't obvious for other languages. I'm not french speaker, but i guess that the pair "GN" in that language sounds different than the G and N each alone. I didn't know that there is an alaskan city named gnome, pretty curious though, is there any other city named "ELF" or so? (heh, i don't intend to laught at elfian or gnomian people, because i live in a village which name literally means "goat") I pronounce Linux with the short 'I', so I can be more coherent when pronouncing Lindows. I just wrote the "emule" example, (nowadays, i think "emule" became famous like "email", you might guess why, lol) because at some places in the world people tend to separate the pronunciations of neologisms that are made up from composite words, shortcuts and prefixed. Some people would put the enphasis at the "mule" part, but others pronounce the "e" prefix clearly separated from the whole word.
-
Besides that, if the problem were at CMOS battery, i think BIOS will halt for checksum failure (not pretty sure, but i recall that both CMOS and Real Time Clock reside into the same chip, so if there is a decay at the battery voltage, the RTC chip would reset all CMOS values.
-
Yeah, you're right. Here i hear SCASI a lot, and some noobs trying to spell it each time they want to refer to such, so the rest of people usually laught at them (i'm ashamed of this because of some years ago...)
-
This sometimes happens a curious fact, when i pronounce some acronysms or abbreviations, i tend to mix the pronunciation of both english and my native language. Then i pronounce "char" as "car" because the pronunciation of "character" in both languages is similar, but in mine it's written as "caracter" hence i assume "car".So what for "int"? it seems there is no doubt, because i know many words that begin with "int" and are pronounced the same fashion, for instance: integer, interrupt, internal..., but none that sounds like "pint".What are your pronunciations for:Linux vs Lie-nuxSCSII vs SCASI/SEESIGNOME vs Gee-NOMEemule vs e-mulemore?
-
I think that those restrict measures from microsoft are nothing but vapour. Windows is the most used OS because it's easy to pirate, and Microsoft knows that. The time to come that windows implement true antipiracy checks, harsh DRMs (those that delete unlicensed files and destroy disks), and piracy reports (think of the aborted trial for implementing TCPA & Palladium), will be the next chance for Linux to jump to the massive public (I would get into a mad mood if the new wonderful windows version deleted my mp3 compilations and projects without asking)
-
Are you sure that 256 MB are enough to keep up an OS like Windows XP??? Even my PIII 500 has 512 MB and many times the virtual memory swap file gets around 1Gig (and i'm talking about Windows 98, that in normal condition demands far less memory than XP)
-
I use some of my old P2/3 (that i got free because they were to be dumped) to recreate a local network in order tu simulate an attack and see the response of each different system to this attack (for example, a MAC poisoning, Man in the Middle, etc.)Of course there are some other imaginative uses for such computers, I plan to use one specifically for domotics, another PC as a studio for feeding an FM emitter i assembled some years ago..., and well, standard ATX power supplies with some modifications can be used as 12V car battery chargers. Just be imaginative...
-
You should check this web: http://forums.xisto.com/no_longer_exists/ It has tones of Creative Commons material of electronic and computer generated music genere. For more pages that offer CC songs, go to the creative commons webpage for audio: https://creativecommons.org/2013/10/30/audio-remix-competition-from-the-smithsonian-and-soundcloud/ I'm sure there you'll find CC tracks with a license that let you use them at your webpage.
-
I've got 3 AMD desktop Athlons XP that range from 1800 to 2600+, one Duron 1300+ (the one conected to internet 24/7), and about 20 old PCs (DELL) where they are some Celerons 266-333, PII 300-450 and 2 PIII 500. Besides i've got 2 old 486DX2 ready to be assembled and work, among other assembly motherboards, cards, and cases. So why i've stored such amount of old pieces?, well, i'm electronic, and i like to play with those (and an old PC can be really useful for some tasks). Of course i'd love to sell some PC sets with a very low price.
-
I think this is because of our concept of reality being perceived in 3 dimensions by us. But some other theories would explain the expansion of universe as a deformation/diplexion of dimensions to other stages, as it were a primigenial stage that we can't empirically determine, but it fits the theory when it's modelled by formulae. What of String Theory? ok there isn't any mean to empirical prove such theory, but it's been shown as a strong physic theory to come into play. This theory of multidimensional stages of reality as we zoom-in/out our universe, appeals to my reasoning.
-
It seems quite a paradox, at current times, that most countries give support to globalization (basically for free flow of money among corporations), but when it concerns to free flow of information, this becomes a fight that involves the ones willing to get the informational monopoly, that is, the main corporations for media content. This has been proven successfulness for ideas that state that free doesn't necessary mean "cost-free", but big corporations have in mind the idea that if there are 2 services, one is tax-free, and the other is of some cost, then user's choice will be the first one. If the non-free alternative can't compete to the free one, then the corp behind that service will try to eliminate competence. They won't accept that the business is over. One such example come from Record Label Companies, that don't accept that a physical format for music (CD-AUDIO) is dead, and the future for music is online transfers to players, cell phones, etc. Instead of developing tools for that new and revolutionary point of view, they try to restrict, or avoid the use of such technology, by implementing DRMs, and propietary formats that need to hold somehow license taxes for being traded with. But i think that technology develops faster than those restrictions (it recalls to my mind the case of DeCSS, and every electronics company sell DVD burners) but it's been always the same thing, it happened with the coming of video-tape technology at 70's (that movie factories tried to forbid without any success, neither with macrovision limitation)If corporations want to set a fee for internet content, there it will always come up an alternative that will be free and much better (i don't intend to mean costless).This is a battle that companies have lost from the begining.
-
I think your computer is slow because is a bit low at RAM amount. I bet my left hand that if you add some DDR PC2100 modules up to 1 GB, your system will run like hell. Besides that, follow the advice saint-michael told you, as long as windows likes to mess up with harddisk sectors as time goes by.
-
Let's translate it to pseudocode: counter=0While (result = query to database) is true then if counter not equal to 4 then if P display location of P, else display location of M counter=counter+1; else display separator for html table. counter=0 end ifend while what i see from this pseudocode is that the last of each five queries won't display, else the code for the 5th lap of the while loop will set the counter to 0. For displaying the whole content of the database i'd do: While (result = query to database) is true then if P display location of P, else display location of M if remainder(counter/4) is 3 display separators. counter=counter+1;end while I'll program in another manner: For counter=0 while (result=query to database) is true step 1 each time if P display location of P, else display location of M if remainder(counter/4) is 3 display separators. end for And this last one, translated to your script: for($counter=0;$row = mysql_fetch_array($result));$counter++) { if ($row["Type"] == P) echo "<td><a href='" . $row["Location"] . "'><img src='http://fjor.homeip.net" . $row['Location'] . "' width='175px' border='0'></a></td>"; else echo "<td><a href='dispMOV.php?file=" . $row["Location"] . "'><img src='media/movie.jpg' width='175px' border='0'></a></td>"; if($counter%4==3) echo "</tr><tr>"; }
-
OK, let's focus the problem under windows XP. If at the control panel->multimedia devices there is "no audio device" present, and you go to the device manager to see that soundcard drivers are working ok, then 99% chances are that the proxy for the sound service is missing. For installing that proxy there is a way that involves reinstalling the "plug and play sofware devices enumerator". The following link explains how to proceed on Windows XP. http://forums.xisto.com/no_longer_exists/ In my case, what I did is to locate inside my HD the files swenum.inf and swenum.sys, then rightclick the .inf file, and choose install. Maybe windows will request the installation CD for copying some files. You may use the CD or try to locate the requested files that i'm pretty sure they are still inside the HD (but missconfigured from the windows registry, hence the sound failure). If the problem comes under Windows 9x/ME, (for the last one you might try the solution mentioned above, as ME implements both VXD and WDM driver systems), i'm quite sure that the failure is because of backward compatibility with Windows 3.1. The file SYSTEM.INI got corrupted or/and the following line under "Boot" label is missing: sound.drv=mmsound.drv
-
For old HDs it happens that they get to loose the magnetic properties of the disk surfaces. Then they need to be remagnetized. There's a program named "hdd regenerator" that does such task pretty good, it saved some of my HDs. In fact, some of my hard disks that i thought they became trash, they got faultless once passed by the hdd regenerator.
-
Sound devices are present? that is, everything is normal excepts that you get no sound out? or sometimes an error message window pops up saying that your system has not sound devices installed?Also, whats your windows version?
-
There's another flaw at the new IE7. From secunia again, there is a critical bug in IE 6 & 7 that breaks the "same origin policy" when redirecting a page that is using the mhtml protocol, as IE bypass this check so any content from an arbitrary website can be retrieved from another. Proof of concept (and a test for your browser): http://secunia.com/Internet_Explorer_Arbiterability_Test/
-
Not quite much related to this topic, but last night one of my computers has burned in fire. Ironically while sparks were poping out of the case, Windows was running pretty stable. Despite that disaster, the only piece that got damaged was the source of fire, the SoundBlaster card. The reason for the fire was a track on the printed circuit board that somehow shorted to a neighbor, then overheated and lightened up.This can happen to any electronic device in your home, so think twice before leaving alone the TV or PC while switched on.
-
Bypassing Filtered Sites Getting around your admin
DrK3055A replied to noddy's topic in Security issues & Exploits
For you those that want to bypass filters, maybe you might check JAP (Java Anonym Proxy) proxy, as it encrypts the transmision to make it unreadable to any software analysis. And it uses a distributed network of nodes (mixes) to connect to internet anonymally. http://anon.inf.tu-dresden.de/index_en.html -
What Is A Dynamically Loaded Library?
DrK3055A replied to sparkx's topic in Graphics, Design & Animation
As long as you know about C++ programming, i'll tell you that, for Windows, a Dinamic DLL is just a compiled executable PE program, but it is compiled with a special entry point. You know, the entry point of a regular C program is the main() function. At windows programs, the entry point is WinMain(). At DLLs, the entry point is (not in every case) DllMain, and contains a startup routine to initialize some variables and allocate some memory for other functions. When a C program loads a DLL into memory, then it can use the functions that are stored in that dll. When some functions are no longer needed, the program might unload the DLL so can free some memory.As a DLL is like a normal PE executable, it's usually used as container for executable resources, such as character strings, bitmaps, icons, dialog and window templates, menus.... In fact, many of those DLLs don't have any code at all, just resources that are used by the main program once the DLL is loaded into memory.A common practice is to put all string tables inside a DLL, then editing that DLL for translating into various languages (and then creating modified DLLs with one language set each), and then the main program will load the required DLL based up on the user settings (language configuration). -
I tried to keep alive the topic about "BrainF*ck" (Programming General->Other Languages), but i think it didn't become quite popular, not many BF programmers around this place, LOL.
-
Did you ever try TOR (https://tor.eff.org/)? Tor is a tool supported by Electronic Frontier Foundation (then i think this is further more than legal) that let anybody access internet through many internet nodes. It's a project similar to "Freenet" but it has become very popular, used by thousands. Also there is an openBSD bootable LiveCD distro with all the tools needed to access internet anonymously, by changin IPs, MAC, HTTP headers, ... this is https://sourceforge.net/projects/anonym-os/
-
Hacker's view for easy-spoofing an IP address. The way for protecting our sites against this fake. It has been told very much about IP spoofing, as this is a desirable feature wanted in order to obtain priviledges or get a credential for accessing a site. I am not going to talk about TCP, packet sniffing, or such other hacker techniques involving networking stuff, as competence for solving those troubles is of network administrator and not of webmasters. What i am going to talk about, is the fact of faking a source IP for a connection to a webhost by the use of the HTTP protocol. This way we as web programmers can see the dangers of giving some confidence to IPs when the user authenticates into a restricted or priviledged area. For instance, consider the case of phpBB forums. You can get logged as an administrator if you get to fake the administrator's session ID and IP. Getting session IDs is a topic that we won't talk about in this text. Maybe i'll explain in further texts aimed to prevent XSS and SQL injection attacks, but what i want to state here is that once we get the session ID, it's really easy to fake the source IP (because of the way phpBB is programmed) so we can get rid of those security checks. The background: Many ISPs use what is named as "transparent proxies" for web browsing connections (port 80), these are cache servers that act as gateways between users and webservers. The ISP choses to impose those transparents to users, because such proxies can save previous webpage requests and send a local copy (cached) when the same pages are requested again. This way the ISP doesn't have to establish a full internet connection, but an intranet, that costs much less. The process is in most cases transparent, that is, the user has no clue that is using a proxy. The downside is that webservers can't see a direct connection from the user. The only connection they see is the one coming from the proxy. An often used workaround for this, is to set up some HTTP variables at the proxy, indicating the real IP of the user (then it can be used for checking that a certain user is loggin into an area of the website). For those who don't know about HTTP variables, these are parameters that the browser and server exchange in order to set up the transmission of a webpage or a file (these are transmited in the part of HTTP protocol that is reserved to the header of the HTTP request), or data in general. For instance, one well-known HTTP variable are the cookies that the browser send to the server. There are some HTTP request header variables related to proxy identification. One of them is the "X-Forwarded-For" variable. This variable is automatically added when the request goes through the proxy, and holds a list of the IPs that the conection has crossed through. The last IP is the originatin IP, that is, the IP of the user. Let's see an example: If i do a request for https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl,'>https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl, the browser will connect to https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl and will send something like this: GET / HTTP/1.1Host: google.comPragma; no-cacheReferer: http://forums.xisto.com/index.phpCookie&; Blablabla=blalbalbla;User-Agent: NetscapeConnection: CloseContent-Length: 0This is easy to explain. The first line is the request for the index page at https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl,'>https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl, the Host variable says that efectivelly, we want to contact to the google.com that is located at the server we have connected to. Referer says where we were visiting before we went to google.com, Cookies no need of an explanation. User-Agent identifies what is the browser that the user use to navigate with. Connection variable in this case says that there is a non persistent connection, that is, one connection per request. Content-Length in this case is 0 because we won't transmit more data once finished the header field. If i do a request for https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl,'>https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl, and my ISP establish a proxy beween my internet connection and the target server, then the browser will connect to the proxy (without realizing that in effect it is connected to the proxy instead to the webserver) and will send the request mentioned above. Once the request is relayed by the proxy, it modifies it by sending to https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl something like this: GET / HTTP/1.1Host: google.comX-Forwarded-For; 11.22.33.44Pragma: no-cacheReferer: http://forums.xisto.com/index.phpCookie&; Blablabla=blalbalbla;User-Agent: NetscapeConnection: CloseContent-Length: 0Where 11.22.33.44 is the IP of the user. In this case, when the server script read the REMOTE_ADDR variable, it will find the Proxy IP. If exists the X-Forwarder-For header, then the server sets its value to the HTTP_X_FORWARDED_FOR variable. Then the script, once it sees that the HTTP_X_FORWARDED_FOR exist, it takes this value (the IP at the end of the chain) as the originating IP and discards the REMOTE_ADDR value, because it usually means that it hold the value of the proxy's IP. So what if we include manually this header to our requests? For example, in the first case, we connect directly to the https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl server, but we add the X-Forwarded-For field of the header, and we set any IP we want, for example: 44.55.66.77. GET / HTTP/1.1Host: google.comX-Forwarded-For; 44.55.66.77Pragma: no-cacheReferer: http://forums.xisto.com/index.phpCookie&; Blablabla=blalbalbla;User-Agent: NetscapeConnection: CloseContent-Length: 0Then https://www.google.de/?gfe_rd=cr&ei=BwkjVKfAD8uH8QfckIGgCQ&gws_rd=ssl will assume that we are a proxy server, and the real IP comes from the variable X-Forwarded-For. And you see that we invented that IP, then we can fake any IP address by the use of this header variable. For this, we use Proxomitron. There are many tutorials out there at the internet so i won't cover how to insert this header with proxomitron. Other choice may be achilles. Both programs are local proxies that modify requests the way they are set up by the user. This is not a thing that works for all scripts. Only for those that asume that X-Forwarded-For, if present, comes from a true proxy. phpBB is one such example among many others. Wait, so why should we use the value of X-Forwarded-For?, because a proxy is used at the same time by many users, and those users will show the same IP address when connecting to the webserver through the IP. So, how we should program our scripts in order to avoid faked IPs and thus preventing account intrusion? The short answer is: Not to rely on IPs when giving credentials to a request. You might focus the access security over other authentication mechanisms, such as, certificates, encryption, SSL, etc. The no so short answer is: Not in every case is possible to get rid of the use of IP authentication. In those cases, you would like to know how to detect a fake proxy request. This is simple. Transparent proxies aren't intermitent. These are 24/7 machines. Although there is a chance that (because of balance load) a connection from a certain user goes through a proxy and the next connection from the same user crosses by a different proxy. But there are little chance that one ip is comming direct from a first connection, and proxyied from a second connection. This means that the second connection may be originated from a hacker that is faking a proxy request in order to simulate the legitimate original IP (that connected directly at a first place). Then the script should sort those cases and then choose the appropiate action depending up on where the request came from and where the request seemed to come from.