Sakizen
Members-
Content Count
10 -
Joined
-
Last visited
Everything posted by Sakizen
-
didn't even realize this was posted in 2005... rofl
-
Converting Html 4.01 Sites To Xhtml 1.0
Sakizen replied to FirefoxRocks's topic in Websites and Web Designing
FireFox users can download an addon for FireFox called "HTML Tidy"This will check if your website is validated according the the W3C standards.If your website is validated, this will help getting your website into the search engines such as google. Awesome tool for web developers. It can help you pick up simple mistakes or typos. -
Bypassing Filtered Sites Getting around your admin
Sakizen replied to noddy's topic in Security issues & Exploits
Google fixed this glitch a long time ago. My school was pretty smart. So it was sort of hard to get around. The most popular methods is proxies. You can find web based proxies or you can configure your web browser to use a proxy server. Keep in mind though that these proxy servers are usually insecure and information being sent to the server could be unencrypted leaving login information completely readable. Friend of mine found a really good website with a list of updated proxy servers and they are decent speed. http://tools.rosinstrument.com/proxy/ On Firefox you will have to zoom in to actually read, but select and copy an IP (xxx.xxx.xxx.xxx:xxxx) and in FireFox go to Tools > Options > Advance > Settings. In that window, select Manual Proxy Configuration. Put in the IP address for HTTP, and the port number is the number after the colon(. Check "Use this proxy server for all protocols." Click Ok, then OK again. To test if it works, try going to whatismyip.com. If it says your IP is the same as the IP you picked. Then it is working. -
Windows Problems "new Series"- Xp Home Edition Activation Issue
Sakizen replied to XIII's topic in Websites and Web Designing
You can A) "borrow" a friends code assuming that his computer licensed to the same type of OS. for home edition, just about any computer is licensed. For XP pro, you will have to "borrow" from a workplace or an organization such as schools. If you don't have access to either. You can find cracked/illegal codes that will work but Microsoft DOES fight against non-genuine product keys. If you do you computer updates, make sure you don't update the genuine authenticator. If you do, it may lock up your OS until you purchase or find a legit product key. I had this problem before with XP Pro. Kate, your computer hardware has nothing to do with the product keys for your software. If you have a product key for Windows XP Home, and you still have a version of Windows XP Home installed. That product key will work. However, most product keys are licensed to be used on one system only, but there is nothing stopping you from using it on multiple systems. Allison, just to make sure you didn't know, Windows XP has sort of 2 "activation" systems and on most systems, both of them are required. During the install of Windows XP, it will ask you for the product key. If your system is installed, most systems will request an activation. The icon is usually a keyring with a couple of keys. If you have access to the internet, clicking 'Activate over the internet' should work and do it automatically. If you do not have access to the internet, you can activate Windows over the phone. -
Hacker Wannabe If youre a hacker please come in
Sakizen replied to rantsh's topic in Security issues & Exploits
Programming languages are a great help.If you want to mess around with some web sites. Learn web design. A lot of successful hacks start with the knowledge of programming.http://www.w3schools.com/ is a great reference and tutorial site for anything related to web programming. This includes from the basic HTML to more server side programming of ASP and PHP and SQL.Also, http://www.hackthissite.org/ is a great website for hacking tutorials.Remember that hacking could be considered a criminal offense, so be careful on what you get in to. Don't try to mess up something that isn't yours.And for a security note, there is A LOT of *programs* that will claim to be a hackers tool that will do the work for you. Often these type of programs are designed to hurt the user more than anything. It is much safer(and much more of an accomplishment) if you learn how to make these type of tools for yourself. -
I didn't bother reading the forum and someone probably have already said it but....I get a 404 error for the challenge...Unless that was a part of the challenge... Shows you how quickly I looked at it if it was.
-
ok well, based on what links i seen.I'm assuming you are using the free service form invisionfree.com.Your hacker was probably a social engineerer. Which means he used an admin's trust to get in, or someone else's stupidity.Why this suggestion and not any other suggestions such as exploits, XSS, SQL Injects, etc?the host is patched and quite secure. unless they have access to the admin CP, they can only use basic HTML at the very most.Anything more dangerous is filtered and disabled.This includes script tags or popular XSS attempts such as <img src="someScriptFile.js"For SQL Injection, this is nearly impossible unless you can return an SQL Server Error. InvisionFree uses the PHP service, which probably uses MySQL. Unless you can add some naughty characters in the login fields or in the URL itself and return a SQL error displaying some table and column names. SQL Injection probably isn't possible. InvisionFree is a professional and updated reguarly site. They filter these type of inputs. They have thousands and thousands of boards registered and being used every day. If someone can SQL Inject, they can clear all that in seconds. And I haven't seen that many 404 errors.Going back to my point of Social Engineering. Make sure your computer is cleaned.Hackers best tool is trust.Honestly, as of today, the only potential danger that InvisionFree has that I can see is their cookie setup.It has 2 dangerous pieces of information that people can take advantage of. These include the Member_ID, and the password hash code.I won't release what type of hash code it uses, but it isn't hard to figure it out.Basically, if someone can get a hold of your cookie value, then they can find your username easily be going to:invisionfreeboard.com/index.php?viewmember=[member_id]and if the user has a very common/weak password, the hash code can be broken.That being said, someone can easily find your username and password just by the cookie file..not to mention the session ID.Just for kicks, I know someone is going to say that hash is one-way and can't be decoded, but this is how it is done.lLet's say "hello" encrypted is equal to "asfgh"Very easily to make programs encrypt a word from a dictionary file to test if the english word "hello" encrypted using a specific encryption method to see if it equals to "asdfg"I know this post is very confusing to read and unorganized.