Features

• Ability to upload 2 versions of the files to be compared
• Code can even be pasted to the text boxes for comparison
• Automatic Wordwrap

Checkout Diffchecker

DiffChecker Info
App Name	DiffChecker
License	free
Type	online
App URL
More Info	link

Steps

1. Just paste the code you want to share in the textarea
2. Select language with which its written and also choose the privacy settings.
3. Click ‘Submit paste’ and get the unique URL
4. Share this URL with your peers.

Revisions are archived for a particular code whenever someone modifies it. These revisions can be compared to understand the changes made to the code. This helps in collaboration of ones work with their remote peers.

FriendPaste also includes some privacy settings in it. We can set password so as to restrict the permissions to to who can view or edit the paste code.

Features

• Clean an intuitive UI
• Support large set of languages
• Choice of colorschemes for sourcecode highlighting
• Option to choose our preferred languages
• Possibility to edit pastes [Fork]
• Persistent pastes
• Compare Revisions

Go to :

Similar Apps : Paste2, Pastie, CodePaste, PasteBin

P.S : I compared the above mentioned apps with Friendpaste and came to a conclusion that FriendPaste is best among the others.

Operations

• Inserts a linebreak.
• Inserts a tab.
• Move the mouse with the arrow keys.
• Googles selected text, if its a URL then its opened in browser
• Change case of selected text
• Dsiplay AutoHotkey help file.
• Terminate active application
• Disables the Windows keys. For use with fullscreen games.
• Toggle active window “Always On Top”.
• Eject/Retract the CD tray
• Turn Monitor off
• Hide/Unhide the active window.
• Unhide all windows that were hidden this way.
• Toggle Window Transparency
• Pastes clipboard contents as plain text OR path of file/folder
• Toggle text wrapping to a specific width
• Quick shutdown menu
• RegEx replace on selected text.
• Appends BBCode tags for selected text
• Appends HTML tags for selected text
• Comments/Uncomments a block of AutoHotkey code.

Gallery

Have mentioned few features below.

1. Window Transparency

Toogle Window Transparency

2. Always On Top

AlwaysOnTop

3. Custom Shutdown Menu

Custom Shutdown Menu

5. HTML Tag Completion

HTML Tag Completion

6. Paste File Path

Paste File Path

7. Terminate Application

Terminate Application

AppKeys CheatSheet

Appkeys Cheatsheet (Click to Enlarge)

Download Appkeys : (Rename the file to appkeys.ahk)

Note: Check the authors post for the latest ahk file.

Enter any test string to get the error message.

Search for the referenced text strings and locate the message displayed in the error box. After analyzing the text references we find that there are no hardcoded keys or presence of any fragments of keys.

We have Double click to open the CPU window and set breakpoint by pressing ‘F2′

Check whether there are any new strings generated at the CPU window (and trust me you wont find any ). Now check the memory stack and scroll to the instruction where the userid we have entered is displayed. If you scroll a bit down you can find a ‘Key Like’ string below the userid string. Try to enter that in the key field, it should work.

There is no point in finding out the key without understanding the logic behind the generation of the key. Once if we find the logic, we can reverse engineer and create a distributable keygens.

We can segregate the userid and corresponding key values as follows

t – D8
e – C9
s – D7
t – D8
e – None
r – None

Now open ‘calc’ in scientific mode – Select Hex mode – Type D8

Select Dec mode to convert HEX value to Decimal.

Note down the corresponding Decimal value for each HEX equivalent.

Now open any asciichart and note down the ascii value for the userid chars.

We can notice a difference of 100 between the converted HEX value and ascii value of the userid.

So we can derive the logic to create our own Keygen

Logic Sequence

1. Take the 4 four characters of the username
2. Convert chars to corresponding decimal value
3. Add 100 to the decimal value obtained in step 2
4. Covert this to HEX and the Key is obtained!

CrackMe App Download : Alt:

Video

Conclusion: Always use a multilevel, complex logic to derive your own key. Always advised to use any standard encryption algorithm to generate the key used for comparison.

Note: The apps used in the tutorials are downloaded from the DeathSpawn Website (Not working anymore ) and detailed ‘How-to’ is can be read from the text file which is present along with the app package.

References

• OllyDbg Homepage – http://www.ollydbg.de/
• Death Spawn OllyDdg Tutorials – http://www.geocities.com/imdeathspawn/ (Doesn’t seem to work now)
• ASCII Chart – http://www.asciichart.com/
• UPX packing utility – http://upx.sourceforge.net/

Enter any test data and observe the error message displayed.

Search for referenced text strings as mentioned in Tutorial-1. Scroll to the location shown below.

Notice the 2 ‘Key like’ strings in the text strings referenced. If you think that one of them is valid, then you are wrong, but then why and where is it used? And what is the correct key? We can find that out soon.
Double click the message ‘The serial you entered is not correct’ to reach the instruction location in the CPU window. When we analyze the code we come across a few concatenations operations. But unfortunately the keys are concatenated with blanks and finally compared with the user input.

The blank values you see in the comments are not really blank ones. They values are assigned on runtime. We have to set a breakpoint to obtain the dynamic assigned value.

To set a breakpoint, select the instruction and press ‘F2′. Breakpoints highlighted in red over the memory location.

Press the ‘Play’ button to run the crackme application. Enter any random data and click the ‘Check’ button. The application pauses at the breakpoint set in the previous step. Go to the same location where you saw the 2 suspicious ‘Key Like’ strings in the previous step.

Just before where the breakpoint was set we can find a new long string value displayed instead of blank strings which was displayed earlier. If you reverse engineer now, you can understand that the 2 Keys ‘L2C-5781‘ and ‘4562-ABEX‘ are static ones and are prefixed and suffixed, respectively, with a dynamically generated string. This is what we were looking for; the correct key to this app.

CrackMe App Download : Alt :

Video

Conclusion : Never hardcode even fragments of static keys which can be helpful to deduce the complete key. Use some kind of logic to generate a dynamic key value.

Introduction

Ollydbg mainly has 4 windows in the default layout. CPU Window, Registers, Memory Stack and HEX Dump window. We will be working on CPU window most of the time.

OllyDbg Download :

A set of 3 tutorials illustrated here explains on how effectively can OllyDbg be used to identify the security holes and to ensure that the code written is healthy.

Tutorial 1 – Unpack the compressed exe & Find the hardcoded password

First step is to get a picture of how application works by submitting some random data, understanding the sequence of dialog boxes displayed and analyzing it. This might serve useful at later point of time. Enter some random test string in the CrackMe application and click ‘Check the Serial’. Note down the message displayed in the alert box.

Drag and Drop the CrackMe app to OllyDbg to disassemble the binary. As a thumb rule, always do Right click – Search for – All referenced text strings, first, to obtain any text string being used in the application so that we can directly jump into the required memory location. The ‘messages’ displayed in the alert box while a wrong key is entered, or any other info displayed while navigating the application are nothing but plain strings stored and being referred by a particular instruction which can be called as required.

Once the search is complete, results are displayed; and unfortunately displays no useful info after disassembling the app. Ideally it should have the message displayed, while that wrong value was entered, referred somewhere in the application. You must have noticed that an alert was displayed when the app was opened in OllyDbg which gives some hint that the application is compressed. This is the reason why Ollydbg is not disassembling the code properly.

So inorder to proceed further, we must uncompress/unpack the application. Here, UPX is used for packaging the app so we must use an option in UPX to decompress the app. (Download the UPX from here)

Unpacking with UPX

Copy the app exe into the same folder where UPX exe is present.

Open cmd and use the ‘decompress’ option

upx -d CrackMe2.exe

Try ‘Search for’ – ‘All referenced text strings’ again.

Now we can see the comments and referenced string values in the results window. Scroll down to location where you can see these strings in the below screenshot. Double click to get to the location in the CPU main window. If you reverse engineer the logic we can find that ‘12011982‘ is the string which is compared before ‘Trial CrackMe Cracked‘ is displayed or called. (Check the tutorial found in the app zip for detailed info). Even otherwise, on the first shot itself we can do a ‘Trail and Error’ method and guess that ’12011982′ is the key.

Conclusion : Never hardcode the static key in the code to compare the user input key.

CrackMe app download : Alt:

Video

A script is added to our outlook client which automatically pops up the alert as shown below.

The following script can be embedded in Outlook so that we get an alert whenever we miss the subject or the attachments

Code

Private Sub Application_ItemSend(ByVal Item As Object, cancel As Boolean)
 
Dim strSubject As String
strSubject = Item.Subject
If Len(Trim(strSubject)) = 0 Then
    Prompt$ = "Subject is Empty. Are you sure you want to send the Mail?"
    If MsgBox(Prompt$, vbYesNo + vbQuestion + vbMsgBoxSetForeground, "Subject is Empty") = vbNo Then
            cancel = True
    End If
End If
 
Dim lngres As Long
If (InStr(1, UCase(Item.Body), "ATTACH") <> 0 Or InStr(1, UCase(Item.Body), "PFA") <> 0) Then
    If Item.Attachments.Count = 0 Then
        lngres = MsgBox("Attachment reference detected, but no files attached. Send anyway?", _
        vbYesNo + vbDefaultButton2 + vbQuestion, "No files Attached")
 
        If lngres = vbNo Then cancel = True
    End If
End If
 
End Sub

Installation

1. Open Outlook and Alt-F11 to open Visual Basic Editor
2. Copy this code to ThisOutlookSession

Two demo PHP websites are used to demonstrate this attack. Here, the user is authenticated with VulnBank and the malicious embedded scripts in IMG tag, found in Vulnerable to XSRF site, transfers victims fund to the attacker account.

XSRF In Action

How this works

The attacker understands that a particular site trusted by the victim, here, VulnBank. He finds out that fund transfer operation can be invoked by activating a single url (once victim user is authenticated). He now finds out another victim trusted site which accepts user input and reflects the same if any error found in the input. So the attacker trys to inject an IMG tag which points to fund transfer link, appended with attacker crafted parameters. This is reflected back by the VulnSite, executes the IMG tag and activates the link along with it. The attacker copies the VulnSite’s URL which has the reflected Img tag and sends to the victim. Since the victim trusts the VulnSite he clicks it without any hesitation. During the page load, money gets transferred to the attacker account from the victim and victim isn’t even aware of it.

PHP and SQL Codes

bankbal.sql

(Download file)

VulnBank.php

(Download file)

XSRFVulnSite.php

(Download file)

Note: Rename the .txt files to the appropriate extensions preceded by .txt, and remove the ‘xsrf-’ prefix from the filename

More Info

cgisecurity

XSRF Animated Movie

The script will enable the security permissions which will help us to modify certain registry keys, then modifies the required keys and reverts back the permissions.

First create four files as mentioned below.

0.reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesUSBSTOR]
"Start"=dword:00000004

1.reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesUSBSTOR]
"Start"=dword:00000003

SubInACL

Before proceeding further you need to download SubInACL (Incase if the link doesn’t work, google for ‘SubInACL’ to get the MS download link). This tool helps you to set ACL permissions for the registry keys through command line parameters.

@echo off
cls
regedit /s 0.reg
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /deny=system
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /deny=users
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /deny=administrators
echo.
echo **Disabled**
echo.
//pause

@echo off
cls
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /grant=system
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /grant=users
subinacl.exe /keyreg systemcurrentcontrolsetservicesusbstor /grant=administrators
regedit /s 1.reg
echo.
echo **Enabled**
echo.
//pause

After creating all the above mentioned files, put those in a directory. Make sure you have all the five files in the same directory (i.e 0.reg, 1.reg, enable.bat*, disable.bat* and subinacl.exe).

Now double click the batch file* to see it in action.

Note*:

Uncomment pause command to see the execution status in the command prompt.

Sending tasks in a particular format to your RTMId will do this job, but the bottleneck here is to remember the format of the mail. I’ve written an AHK script which displays a GUI interface to accepts the task details, formats the mail as required by RTM and invoke your default email client. (You need AutoHotKey to run the source code)

Note*: Put your RTMid where it is mentioned at the comment of the source code before running QuickRTM.

QuickRTM Code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

;
; QuickRTM v 1.0
; AutoHotkey Version: 1.x
; Language:       English
; Platform:       Win9x/NT
; Author:         Rajiv Vishwa
;
; Script Function:
;	QuickRTM is used to create tasks in RTM with the help of GUI controls.
; 	This is done by invoking email client with and use RTM formats
;
 
#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
SetWorkingDir %A_ScriptDir%  ; Ensures a consistent starting directory.
#SingleInstance,Force
#NoTrayIcon
SetBatchLines,-1
AutoTrim, on
 
;--------Your RTMid here-------
RTMid = rajivvishwa+0b81be@rmilk.com
;------------------------------
 
Gui, Add, Text, section w60, RTMid:
Gui, Add, Text, w60, Task:
Gui, Add, Text, ys w200, %RTMid%
Gui, Add, Edit, w200 vTask, Task Name...
Gui, Add, Text, xm section w60, DueDate:
Gui, Add, DateTime, ys w175 vDate, dd-MMM-yyyy, dddd
FormatTime, DueDate1,, dd-MMM-yyyy
Gui, Add, ComboBox, w175 vDueDate2, Today|Tomorrow|Next Week
Gui, Add, Radio, ys+5 vDueRadio checked
Gui, Add, Radio, y+13
Gui, Add, Text, xm section w60, List:
Gui, Add, DropDownList,ys w105 vList, Inbox||Work|Personal
Gui, Add, Text, ys w30, Priority:
Gui, Add, DropDownList, ys w40 vPriority, 1|2||3|4
Gui, Add, Text, xm section w60, Tags:
Gui, Add, Edit, ys w200 vTags, tag1 tag2
Gui, Add, Edit, xm w270 h60 vNotes, Notes...
Gui, Add, Button, xm section w100, &Submit
Gui, Add, Pic, ys w60, %A_WorkingDir%\QuickRTM.jpg
Gui, Add, Button, ys w100, &Cancel
 
START:
Gui, Show, w300, QuickRTM
WinActivate QuickRTM
Return
 
ButtonSubmit:
Gui, submit
 
if (Notes = "Notes..." or Notes="")
{
	Notes=Sent from QuickRTM
}
if (Task = "Task Name..." or Task="")
{
	Msgbox, 64,, Have you really entered the Task?
	goto START
}
if (tags = "tag1 tag2")
{
	tags=
}else{
	tags = Tags: %tags%`%0A`%0A
}
if (DueRadio = 1 and duedate2!="")
{
	Msgbox, 64,, Error!!! `r`n`r`n Custom duedate field not empty!... `r`n For custom duedate please select radio2...
	goto START
}
 
if DueRadio = 1
{
Body = Due: %duedate1%`%0A`%0APriority: %priority%`%0A`%0AList: %list%`%0A`%0A%tags%---`%0A`%0A%notes% `%0A`%0A-end-`%0A`%0A
}else{
Body = Due: %duedate2%`%0A`%0APriority: %priority%`%0A`%0AList: %list%`%0A`%0A%tags%---`%0A`%0A%notes% `%0A`%0A-end-`%0A`%0A
}
 
Run mailto:%RTMid%?subject=%task%&body=%body%
ExitApp
 
ButtonCancel:
GuiClose:
ExitApp

Download this file :