Popular Site Hacks: Google

I have decided to start a small series where I will show you some exposed hacks to the most popular sites on the web. The list of websites we will be using is available here and we will be looking through the top 10. This series will not be consecutive as I will post of other ideas, but we will get through each site on  the top 10. When asked where to start, the question is of course is a no-brainer to start with Google.

Google is a query based search engine for finding websites throughout the web by keywords or file types. What most people don't realize is that there are some gaping holes in their system  that can be used to do some pretty neat (and dangerous) things. Before we start I want you to know that  I do not approve or condemn any actions used with this knowledge and I am sharing it for educational purposes only. Lets begin!

1. Watch and Manipulate Security Cameras

Many security cameras now a days are network based. Being URL supported makes these cameras viewable from any computer with Internet access. This also however, makes them search-able in a web query. In order to view live security cameras, and even move them around, search the following in google:

 inurl:”viewerframe?mode=motion”

2. View/Download Personal Information and Confidential Documents

Many companies use online database networks and MySQL to keep personal information and even confidential documents. When applying for jobs, employee's information Address, Phone, DOB, Education, Work experience etc.) is entered into this database and can be hacked and viewed by searching:

intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

To find Excel documents containing email addresses of hundreds of workers, simply search:


filetype:xls inurl:”email.xls”

Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query:

intitle:index.of finances.xls

3. Find Free Downloads

If you are looing for free music, videos, or software you can use the following search:

?intitle:index.of? mp3

All you need to do is add the company or artist after words to use as a keyword. An example would be "?intitle:ndex.of?mp3 eminem". Also if you are looking for software or videos and not music, replace "mp3" with the file type extension.

4. A Few More...

“# -FrontPage-” inurl:service.pwd
Frontpage passwords listings

allinurl: admin mdb
Pages containing administrator’s access databases containing usernames, passwords and other sensitive information

allinurl:authuserfile.txt
DCForum’s password file. This file gives a list of  passwords, usernames and email addresses for DCForum and for DCShop

intitle:”Index of” config.php
This search brings up sites with “config.php” files.This configuration file contains both a username and a password for an SQL database.
 
filetype:bak inurl:”htaccess|passwd|shadow|htusers” 
This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extension of a file on a web server can have ugly consequences.

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want, you can receive blog updates via twitter by becoming a member through your twitter account. 

Triple Boot and Hackintosh Virtual Machine

Hey there every one and Merry Christmas! Last night for christmas I recieved a Mac OS X Snow Leopard 10.6 Installation disk so today I thought I would work on 2 projects that have interested me for quite some time.

The first project was to open up Mac OS X in Virtual Machine. This turned out to be much more complicated then I had expected. I have not finished a fool proof solution to this but once I do I will be sure to post a tutorial and video to help you if you're interested

The second project I have been working on today is completing my triple boot laptop project. I have had a dual boot system for almost a year and I decided it was time to upgrade once again. I am adding Mac OS X Snow Leopard to my already lethal boot armada of Microsoft Windows 7 Home Premium and Linux Ubuntu 11.10 Oneiric Ocelot. I have been busy and am in the middle of this project right now but I will also post a tutorial when this is done.

I would love to hear from you guys with any comments or suggestions on these projects. Until then, Happy Holidays!

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want, you can receive blog updates via twitter by becoming a member through your twitter account.

The FizzBuzz Test

I read an interesting article on Coding Horrors about how 199 out of 200 applicants to become a programmer can't pass a simple test called the FizzBuzz Test. If you want to read the full article it is available here.

The FizzBuzz Test is a screening test that they put programmers through to test their potential. They are asked to write a simple program to meet the standards in as little of line of code as possible. The program must output the numbers 1 to 100 in order. However, any number that is a multiple of 3 must output the word "Fizz" instead of the number. Any number that is a multiple of 5 must output the word "Buzz" instead of the number. Likewise, any number that is a multiple of both 3 and 5, must output the word "FizzBuzz".

Any good programmer could do this in a variety of languages in under a couple minutes. However, the author of this article explains that "The majority of comp sci graduates can't. I've also seen self-proclaimed senior programmers take more than 10-15 minutes to write a solution."

Out of curiosity I tried this test and I finished it in under 5 minutes each in 2 different programming languages. I did it in VBScript and VB.Net because these are the 2 which are freshest in my mind.

My VBScript code matched the authors appearing like so:

Dim i
For i = 1 to 100
If (i Mod 3 = 0) And (i Mod 5 = 0) Then
WScript.Echo "FizzBuzz"
ElseIf (i Mod 3 = 0) Then
WScript.Echo "Fizz"
ElseIf (i Mod 5 = 0) Then
WScript.Echo "Buzz"
Else
Wscript.Echo i
End If
Next

My VB.Net Project contained nothing but a rich text box named "rtbOutput" and a Form_Load Event. The code was the following:

Private Sub Form1_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
        Dim i As Byte

        i = 0
        Do Until i = 100
            i = i + 1
            If (i Mod 3 = 0) And (i Mod 5 = 0) Then
                rtbOutput.AppendText("FizzBuzz" & vbNewLine)
            Else
                If i Mod 3 = 0 Then
                    rtbOutput.AppendText("Fizz" & vbNewLine)
                Else
                    If i Mod 5 = 0 Then
                        rtbOutput.AppendText("Buzz" & vbNewLine)
                    Else
                        rtbOutput.AppendText(i & vbNewLine)
                    End If
                End If
            End If
        Loop
    End Sub

Even though this test was ridiculously simple, I would still agree with the author that it is a very effect screening. I will probably continue to test myself with this as I move forward and learn more programming languages. I would love to hear your thoughts on this so be sure to comment. Also be sure to have a Merry Christmas!

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want, you can receive blog updates via twitter by becoming a member through your twitter account.

Meme Cursor Pack

Can't get enough of the Internet Meme faces!? Love the troll face, rage face, poker face, cereal guy, or challenge accepted guy!? Well then you're in luck! Due to my extremely boring past 30 minutes of nothing to do I have created several custom cursors using a program called IconArt. One of these cursor packs just happens to be a meme cursor pack which I have put up for download here.

IconArt is a free program by ConWare for download on this site. It can be used to make anything from desktop icons to animated cursors. For those of you who don't know how to change windows cursors, I have also provided a video below.

This is not my video but I do find it to be pretty straight forward so I hope it helps. The cursors are labeled according to their purpose. I hope you have fun and enjoy the cursor pack! If you have any suggestions I will make you a custom cursor pack.

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want, you can receive blog updates via twitter by becoming a member through your twitter account.

Astronaut Gangster Man!

As I have talked about in my previous posts, I am now finished with my VB.Net programming class and my final project is something that especially excites me. You can download the executable of my project here.

All the graphics in this game were designed and edited by me. All the coding was also done solely by me. There is background music that you can listen to which was posted on YouTube by GlebStar.
In the game you play 3 different characters (Mario, Jerome, and Vladimir). In order to win you must navigate your character (which is controlled by your cursor) through the maze of boom cubes. In the instructions you can see how to change character and collect different amounts of money. Your current character is displayed in the toolbar along with your health. Once you run out of health, it is game over. In order to advance levels you must collect all the money and bring it to your dealer. Once you reach Level 3 (The Boss Level) the space police will start bouncing around your screen. You must navigate the maze AND avoid the boss while changing characters and flipping switches. Once all 3 switches are flipped, a wall will disappear showing a thing of TNT which will help you defeat the Boss and win the game. Enjoy!
***Note: Your computer must have .Net Framework installed to run this program***

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want, you can receive blog updates via twitter by becoming a member through your twitter account.

You Just Lost The Game!

This post is for those of you who are fans of internet memes. So... pretty much everyone. This is another program I made for my VB.Net Programming class. It does reference "The Game" and Trolls. For those of you who don't know what the game is Click Here. For those of you who don't know what a troll is Click Here. The download link is Here. It does help to have your sound on for this and the only way to close it is to use task manager processes. This is great for office and school pranks and just annoying people in general.  I hope you enjoy this program as much as my class did.
***Note: Your computer must have .Net Framework Installed to run this program***

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want you can receive blog updates via twitter by becoming a member through your twitter account.

Hello!

To the Readers of this Blog,

With the Christmas Season rolling around, I just finish my finals in my VB.Net programming class. I will be sharing a download link for that as well as some other of my favorite programs. I will also be starting a few new project that are undecided so far. I am thinking of learning some Assembly in order to program a few simple OS's and some games. One thing I would really like to try is to make games for a TI-84 Plus Silver Edition.

In a couple weeks I will also be starting a class to learn C++ even though I find I can teach myself much more advanced concepts faster without a teacher. However, I am very excited for this and have a half a dozen ideas going through my head for it already.

If you have any ideas or suggestions you can comment below. Also don't forget to follow this blog by becoming a subscribed member in the sidebar. Lastly, if you want you can receive blog updates via twitter by becoming a member through your twitter account.