a4apphack

Backtrack is the most popularly used security distro used while during pentests. While we can partition our harddisk, install this OS and dual boot with our default OS; things can be made simpler by running BackTrack VM within our default OS. Using a security distro in a VM gives us few advantages like, portability & ability to quickly restore/duplicate the instances as required.

Running Backtrack

BackTrack4 VM can be downloaded from the backtrack site (link at the end of the post) and to run the VM, we need the free VMWare Player.

Install the VMWare Player and open the BT VM with it. We are good to go with the default configuration unless we have more RAM to spare (Its recommended to provide 512MB of RAM if you have around 2GB).

Adjust Backtrack VM RAM

Default Credentials

Backtrack VM comes with the default login credentials (which can be changed later, ofcourse)

bt login:  root
Password:  toor
. . .
root@bt:~#  startx

Read the rest of this entry »

In this part of the Secfox series, we will be discussing about the addons that can help us during the app security assessments which involves cookie analysis and manipulation.

These addons can be of huge help when we perform the type of tests mentioned below.

• Cookie Prediction
• Session Fixation
• Cookie Persistence/Expiration
• Broken Session Management

Traditional Method

We use a proxy interceptor like Paros/Burp/WebScarab to trap the HTTP requests and modify the values during its transit. For this to happen, we need to setup a proxy and ensure that it listens to the browser traffic. An additional step is required if the application uses an SSL connection, i.e. to store the Proxy’s forged certificate in the browser. The intercepted request enables us to add new cookies or modify the existing ones. We can also check when exactly are the cookie values issued and whether it is getting flushed upon session expiration.

Usage of Addons

We have various addons for firefox which makes the tasks mentioned above easier. Certain addons allow to view the cookies stored in the browser and others allows us to edit it. The advantage – we don’t need any proxy to do this job, we can view/edit from the browser itself.

1. View Cookies

This addon adds a tab in the ‘Page Info’ box available on the Firefox context menu.

View Cookies Addon

Download Link:

2. Add N Edit Cookies

This addon integrates a Cookie Editor to firefox. This also allows us to edit the attributes of the cookie.

Add n Edit Cookies Addon

Download Link:

Read the rest of this entry »

Abbott and Costello’s “Who’s on First?” routine using typography only.

A typography experiment animated and designed by graphic artist Sebastian Jaramillo based on the movie Fight Club on the scene “Chemical Burn”.

Author website : http://www.sebastianjt.com

This text animation was created by French designer Oliver Beaudoin.
http://www.kalomnie.ca

Dont miss this amazing shadow dance

Seam carving is an image resizing algorithm developed by Shai Avidan and Ariel Shamir. This algorithm alters the dimensions of an image not by scaling or cropping, but rather by intelligently removing pixels from (or adding pixels to) the image that carry little importance.

The importance of a pixel is generally measured by its contrast when compared with its neighbor pixels, but other measures may be used. Additionally, it’s possible to define (or autodetect) areas of high importance (faces, buildings, etc.) in which pixels may not be deleted, and conversely, areas of zero importance which should be removed first. From this information, the algorithm detects seams (continuous lines of pixels joining opposite edges of the image) which have the lowest importance, and deletes those. This shrinks the image by one horizontal or vertical line, depending on which direction the seam ran.

Seam carving can also be run in reverse by adding interpolated pixels along the lowest energy seam.

With this technique, it’s now possible to reduce or enlarge pictures by a wide range, while still retaining details. In normal image scaling, it’s often not possible to scale about factor greater than 2 or less than 0.5, without losing much of the images quality.

More Info : SeamCarving

Check out SeamCarving plugin for GIMP (Examples here)

Unlike a normal desktop organizer, BumpTop helps us to arrange our files and icons in a realistic 3d space.We can arrange, pile up, sort and organize our files as if we do it in our real desk. BumpTop includes hell lots of features including uploading pics to facebook/twitter, pile similar files in desktop, enlarge frequently used files and custumizable with themes.

BumpTop released its Beta tag recently and is up and running in full- fledge.

Video Demo

Read the rest of this entry »

Ideally, for creating 3d animated videos one would need an expensive 3d modelling tool and of course knowledge on writing scripts. This might be a laborius process which requires skill and practice which stops from a normal man to create one. But times change, and we have an online 3d animation creator which can be used to create and publish our movies in matter of seconds.

Xtranormal is an online application which turns your imagination to life. Creating animations with Xtranormal is very easy and can be accompolished in four simple steps.

1. Pick your scene (Backgrounds, Music, Actor Skin etc)
2. Type the script (Not the ‘scripts’ in programming terms, here we mean dialogues)
3. Add actions and sounds (Just drag-n-drop)
4. Publish & Share ( In video sharing sites like YouTube or in Xtranormal catalog)

Xtranormal Editor

Sample Video

[Alternate Link : High Quality Version]

Check out more videos at Xtranormal YouTube Channel & Video Catlog

Publishing Video to Youtube

Once you create your animations, it can be easily published in YouTube easily.

Check these videos to understand more…

Xtranormal Version

Video Version

Go to:

“Tell Me Why” – Truely inspiring song from Declan Galbraith