Steve8x

Yeah I agree with SmoothCriminal, Walking around with a lamp just seems odd! how many people do you know that carry lamps around with them? As if your computer actually needed light(it already gives off light) and most coffee shops already have lighting, so then it would really seem awkward with you holding a lamp when there's already enough light! People would know somethings up for sure! With a pineapple it definitely just looks like you bought some fruit and can't wait to eat it ;) I love pineapples the best way to go is probably just a rechargeable battery and you just always keep it charged.

hmm.. are you logging into that site, from a web browser? Its just a login form which has that hidden value right? Well You could easily change it if so... here's what I would do... First use a program like WPE pro(Winsock Packet Editor) Not to edit any packets, but just to read them and see what the packet looks like when you post the form... So attach WPE(or other packet logging app) to your web browser that you use(do so when your at the login page already so you don't capture unnecessary packets). Then if using WPE make sure to press the > (play) button to start logging packets. Then login to your website... since your posting a form it will be a POST request. it will look a little something like this: POST /login.php HTTP/1.1 Host: yourwebsite.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate..Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 connection: keep-alive Referer: http://www.yourwebsite.com/homepage.php Content-Type: application/x-www-form-urlencoded Content-Length: [lengthofstringbelow] username=DingleBerries&password=LamePassword&os=WINDOWS_VISTA_ALL The idea is to inject some code into your web browser which will do like how WPE does, hook winsock, and when that POST packet which has the hiddenfield 'os' is about to be sent... you modify the packet and change os= to say "os=MAC_OSX" then you can modify what gets posted for os without changing the content of the web page ;) I'm thinking that might be what your looking for, although I don't fully understand. Who is going to be looking at what "os" you have?

OK. I see where your coming from now and totally understand why you don't like to show your code. I know its happened to me a couple times where I posted some code and someone just took my copyright out, and replaced it with their name... It was such obviously my code because nothing was changed it was a pure copy and paste job. Everyone knew it though and flamed the person! ;) So I guess you just can't let it bother you as in the end, people will know its really your code. At least if they change stuff around and actually put some effort into modifying it and making it better than its okay, as long as they leave your copyright... In the app I posted I actually used someone else's code which does the base64 encoding and decoding and out of respect for the author I retained their copyright in the file... and actually read it too.

EDIT: on a side note, has anyone even tried using the app to download a song? Let me know if you have as that's feedback I'm also looking for, besides code suggestions... well thanks TomB and CrashandDie for your feedback! That's another reason I post my code, so people can tell me what they feel is wrong with it... I'm not set in my ways so I'm open to changing my coding style... I advertise it as C++, because I never started with C... I went str8 to C++. Even thought they are similar, they are different still... Object Oriented Programming? I don't think you've looked at the code enough... Well my Winsock CLASSES are in there in EasySockets.h and in my code I create xClient objects... I can create a client object or a server object and use them... In this app I only need to use the client object... Maybe you missed the parts which contained this line? xClient* cli = new xClient; that creates a new xClient object, and also a pointer to it... then it can be used like so: cli->ConnectToServer("hak5.org", 80); sendx(cli->serversock, buffertosend, sendbuffersize); recvx(cli->serversock, recvbuffer, numberofbytestorecieve); //if done close connection or do more sending and receiving first cli->Close(); //clean up delete cli; I created the xClient + xServer classes as I started using winsock in a lot of my apps, and I disliked repeatedly having the same code everywhere. I mean that's why we create functions right? Make functions which do all the dirty work, then you can just call them. Which in turn makes your code look more neat. So I created a simple class for client and server communication which works very well ;) Well your not always going to be allocating memory for an 'object'. I always use new for creating class objects, but for raw memory, where a buffer will be, or some other kind of data which is just data and does not include functions, Allocating memory is allocating memory. How you do it shouldn't matter, as long as the memory is allocated I don't see a problem with it... That being said as long as your not allocating the memory on the STACK, your fine... As stack memory is limited and shouldn't be used for large buffers... However I will try to start using new, and stop using malloc()! However I still don't see a problem with using VirtualAlloc and I'll continue to use that! as for the char* yes char* is a pointer to a single character, but there isn't a way to make something point to many characters at once... and it wouldn't make sense either... What I mean is, even though its a pointer to 1 character, what comes after it? usually another character, and another and another, until a NULL terminating character is reached. null terminator is binary 0 I guess since I'm so used to assembly I don't think of things in terms of syntax. I think of what needs to be done on machine level. Like okay I need to allocate some memory to store my buffer, while simultaneously creating a pointer to it. Then I can use that pointer to write to it, or read from it, add to the pointer to move up in it, or subtract from it to move backward. Find strings in it if necessary by comparing bytes in the buffer to bytes in the string, etc... Think of it this way... even though in C++ you know a "char*" is a pointer to a char... what does it really come down to on machine level? Your "char*" is simply is a 32bit(DWORD) value which holds the address of the character it points to! So you see what I'm getting at? C++ is very strict with syntax while assembly is not... So type casting must be used frequently, And I'm fine with that. But I like being able to relax with ASM and just deal with DWORDS! :) I guess it just depends on if you like manually handling memory allocation for your strings yourself... I am starting to see the goodness of using std::string though, and I will definitely start using that instead of char* the header files to put classes and functions in, I will (for the most part) stop putting functions and classes in header files, only because of the "inline" issue which you mentioned, that's something I wasn't aware of thanks for letting me know that... Also I won't ever put a ton of shit in a few files... But I also wont put a little code in a million files! I'll find somewhere in the middle and stay there ;) As for picking up C++? Try to remake the project as a straight C project, naming the files .c instead of .cpp I really doubt it will compile without modifications. That's how I know its C++! std::string I'm starting to like it!

Well I meant I don't feel comfortable running exe's from a source that hasn't proved them self trustworthy! Even though I really doubt m0zzie would post malicious code. Still I don't really know him, so until he proves himself trustworthy, he's going to be VMware'd ;) Microshaft on the other hand are very trustworthy! Even though they don't provide the source code, that is simply for commercial reasons! So they can keep selling their software. If they provided the source, no body would buy it and just compile windows themselves from source... So for commercial software you can't really give out source, but the people buying your software have to trust you. So you have to build up that trust if you want your software to sell... Software that is provided FREE on the other hand I believe should be open source! Since your providing it for free anyway and have no plans to go commercial with it, whats the harm in giving out the source?

Whats wrong with malloc as opposed to new? new allocates memory on the heap, and malloc allocates it ? im not sure, but works fine! I also like to use VirtualAlloc as well since it initializes the memory to zero for you. Also you can choose the page protection when allocating... I guess it just depends on which one you like to write? VA: char* mystring = (char*)VirtualAlloc(0, 1000, MEM_COMMIT, PAGE_READWRITE); VirtualFree(mystring, 0, MEM_DECOMMIT); malloc: char* mystring = (char*)malloc(1000); ZeroMemory(mystring, 1000); free(mystring); new: char* mystring = new char[1000]; delete[] mystring; Does new initialize memory to zero? i'm not sure! as for the retval question... well in c++ double pipe || means 'and', and single pipe | means 'or' at least im pretty sure, as thats how ive used them without any problems heres the code snippet from the recvx function if(retval == -1 | retval == 0) break; so its saying if retval equals negative 1 or retval equals 0 then break It was just if(retval == -1) before... but I changed it so it breaks if it equals -1 or 0 since with recv, -1 indicates an error. While 0 indicates that the connection was closed without errors. So that way it doesn't get stuck in the loop if the connection gets closed or has an error... now that I think about it it wouldn't make sense to say retval == -1 AND retval == 0, lol a variable can't be two numbers at the same time! about the header files, I like putting classes into header files, instead of splitting it up into two separate files... To me it seems messy to spread it out like that. And I see no reason to do so since it does in fact work the same in a header file! you can put anything in a .h file that you could in a .cpp, its just a different file extension! But that doesn't mean you can code entirely in .h files lol! I use header files for functions, or classes, or to embed data in my apps. there are many uses for header files, than simply putting function prototypes or definitions... I'm the type of person that doesn't like putting every little code snippet in a separate file! I've run into source codes I was looking over many times where there were what seemed like millions of .cpp and .h files! each with not much code in them, which makes it difficult to browse through since you have to open up a bunch of files and switch between them. Whats wrong with using your scroll bar? When the scroll bar becomes tiny enough that scrolling becomes a pain, then its time to split your code into separate files ;)

Darren, I just finished off v2.0 of my Myspace music ripper app! and best of all it is in fact open source! http://hak5.org/forums/index.php?showtopic=9693 feel free to look over the source and check it out! Good ol' C++ and Assembly combined make it work Im not sure if it can be considered a "Sweet" app but its definitely pretty cool! :) What do you have against open source? Most of the apps I created are all OPEN SOURCE! I like open sourcing my apps, because then people can see what my code is doing! and understand whats going on with it. And it just may even help them out, if my code contains a solution to a problem they've had ;)

Well m0zzie! I was going to talk to you that one day on MSN at 7, but I wasn't at home like I thought I would be! So anyways even without your help I still managed to pull it off! Version 2.0 of my app is released! and it can download multiple songs at once! so even if you app did work, it still can only download 1 song at a time ;)

BUMP! Version 2.0 is released! :)

I was coding un-managed native c++ code! take a look at this link: http://hak5.org/forums/index.php?showtopic=9249 thats something I coded in VC++ 2008! a while back tell me if that looks like managed code to you! I'm working on version 2.0 of that program but this time im gonna compile it in DevCPP, so it wont have the dependency... Also I figured out nicatronTG's problem and how to solve it! so that fix will be included in the new version... I believe the reason why its dependent on the 2008 package is because it links to MSVCRT90.dll a dll which most computers don't have unless they have VC++ 2008 installed, or the 2008 package... while DevCPP links to MSVCRT.dll which every windows computer has!! so there probably is a way to get the 2008 compiler to link to the older dll, but I couldn't find any info online about it, to change it... But if you know how to do it that'd be nice to use that compiler again! If app's created with it can run on any windows machine. here's what you get if you try to run an app coded in VC++2008 without having it installed or the package I currently don't have either installed on my PC and that happens! Now if I recompile it in Dev, it will happily load up :)

you mean Microshaft right? lol well thats not why I don't like it! I have nothing against microshaft! infact I actually like microshaft alot because they made my favorite operating system which I'm on right now! WINDOWS XP PRO! Although they seriously messed up and lost some points with me for making Vista... Its ok though I can just rebel and run XP forever! :) anyway the reason why I don't like C# is because of the dependency on .NET frameworks! I'm not a big fan of dependencies!!!! In fact I switched to Dev C++ instead of using MSVC++ 2008 because the 2008 VC++ is dependent on the "Microsoft Visual C++ 2008 Redistributable Package" techno babble!!! I really liked the 2008 compiler with its nice inline assembly syntax which in Dev is not anything like it! And the different builds release and debug which Dev doesn't have! + other things that I liked but I can't remember since I haven't used it in a while... Well maybe I was a little harsh toward C# But at least I got my Anti-C# rant out of the way lol! So now when anyone talks about C# I'll just ignore it altogether and not even make a post! ;)

Yes its good advice! Also good advice: assembly language is the key to becoming "comfortable" with coding! I didn't start advancing, until I started learning it! As thats what everything comes down to! it all comes down to assembly code executed directly by your processor! if your down with the lower level, moving bits and bytes around memory locations, and understanding what the computer is actually doing, what has become of your code, then higher up level languages will become easier! take any program, attach a disassembler to it! what do you see? assembly opcodes and the bytes that make them up. So if everything comes down to assembly in the end, If you start with assembly and end with assembly, you can really optimize how a program runs because your writing your code minimally... When you compile a program with a language like C++, or Delphi, etc, the compiler coverts your source code into code that your computer can understand! Your computer does not understand C++ code it understands machine code, its pretty much the same thing as assembly! because the the syntax that you use which once you know it well makes things a bit faster to write, alot more assembly codes are generated than if you hand crafted the assembly codes yourself! So you can see what I'm getting at, hand written ASM provides smaller executable sizes, faster execution times, and overall just better performance than a compiled into assembly code app... It isn't always necessary though! Some things will run fast even without assembly if they aren't too processor intensive! So its good to find that balance, assembly when you need it most in critical parts of your app that must be fast! and your source code for your language that you compile, to make development a bit quicker. I would code everything in ASM but I like being able to develop app's faster because of the C++ syntax. So bottom line Assembly Rules Them All :) Its just a matter how you want to get there, through handwriting it or compiling your source!

Yeah since this is the "Assembly Language" thread, I thought I'd share something about it... I'm remember now how I got started in C++! back in the day, I didn't know any coding languages! But I somehow felt like I wanted to code as it could bring me joy of creating something! As much as I hate to admit it, I started with VB like back when I was really young! My uncle told me I should learn C++, but back then It was too difficult for me to even write a simple program besides hello world! So I put it aside, and I somehow heard about VB, and started with that. I wasn't creating much just simple GUI's which practically did nothing but It got me motivated to move up to better more powerful languages! I started game hacking/reverse engineering games with "Cheat Engine" as that was fun for me!(still is) Its always fun when you can look at the code of a game or program and take it apart break it down, figure out what's going on! Then you can modify it to make it how you want it! I remember hacking online games where people would get mad saying oh your ruining the game! But hell I wouldn't even of played the game if it wasn't hackable, I was hacking it to learn assembly and advance my skillz! I mostly didnt even play the game much really just tested out my hax and made them better! And I would sometimes even share them with other hackers who played the game as well! In CE theres something called AutoAssemble! Its scripted assembly language, where you write your own scripts and it modifies the games code on the fly while its running! It seemed difficult at first but the more and more I studied other peoples scripts, and worked on my own, the easier and easier it became! I got pretty good with assembly from that! understand what goes on, on the LOWEST level is very rewarding! Since you know whats going on under the hood, building the "car" is easier! At some point I realized that hey since I'm good with assembly I could probably code in C++ now! and I was right! C++ started to make sense to me, and I was understanding it like never before! Then eventually I expanded beyond AutoAssemble, and started coding with MASM32, to create full apps not just little scripts to modify an already made app! So those are my two coding languages of choice at this point in time! C++ and MASM32 :) Assembly code is easier to write in general because you don't have to know a programming languages syntax, thats what it is, its just assembly! C++ you have to know the C++ syntax or your going to run into errors and problems that seem hard to solve! Which I had problems with at first, where my app would have errors that I didn't know how to get it to compile! But now I'm pretty good about them, sometimes you have to type cast and what not in c++! where as in assembly you just pass an address or pointer as a DWORD it doesn't care about syntax much So if your thinking about coding whatever language that may be! LEARN ASSEMBLY FIRST! I'm not saying you have to become a pro assembly coder overnight! But just learn the basics at least! It will help you out no matter what your coding language of choice is!! trust me! :)

Well whats to keep your program running? anyone could just go task manager and end your process, then what? You would need some way of preventing terminating of the program ;) I know just the thing but it only works on an administrator account and only on Windows NT 4.0, Windows 2000, Windows XP SP1+SP2, and Windows Server 2003, maybe more, but definitely not Vista! as they have changed things around so much particularly kernel mode ;) kernel mode driver anyone? basically the idea is to have your program load a driver, and pass it the processID of your program, along with the correct offsets for your windows version, and it will hide that process from task manager and anything else! see every process has an EPROCESS structure, and every EPROCESS structure has an ActiveProcessLinks entry. Thats how programs like task manager know what processes are running, by all the processes that are linked together in ActiveProcessLinks! here's a little drawing I made to make this easier to understand: say your Anti-USB hacks program is in the middle here's how the processes are linked together normally FLINK means Forward Link I'm pretty sure, and BLINK is Backward Link ;) FLINK points to the next process, and that process's FLINK points to the next process after that, and so on and so forth BLINK points to the previous process, and that previous process points to you guessed it, the process before that... Ok so now what do you think will happen if we make process 1's FLINK skip your process, and point directly to process 3, then make process 3's BLINK point to process 1? Then you've successfully hidden your process from task managers! :) Your making it appear as though your app does not even exist, by removing its link! then so you don't blue screen when you terminate your program you make your apps FLINK and BLINK point to itself So then its like this: That is the best way I know so far of preventing my apps from being terminated! by removing them from task managers so they appear as if they aren't running when they actually are! there is no "end task" button for my apps ;) However if they know your app is running even though its hidden you cannot allow them to obtain your processID, with your processID they could inject some code into the app to make it crash, etc... So creating a window for your app is a no-no as anyone could use GetWindowThreadProcessID, passing your window handle and get your processID! If you must have a window, make it a separate program, so like with your Anti-USB app, you could have the separate program manage the malicious files list + exceptions list + any other options but require an password or something... This way it doesn't matter if they terminate the settings app, as your functional app is still running... I've tested this out with my brother, Made an annoying app that would start with windows and he wasn't able to find a way to terminate the process! although he did eventually figure out how to remove the entry from the registry, so that once he restarted the computer the app would no longer run! So that being said, a better way to make it start with windows is needed, one that somebody can't just remove easily... maybe modify a system process to make it run your app? that way an average user looking in the registry and the startup folder will draw a blank as to whats making the process run and probably just give up :)

Anyone who is getting mad about this should just realize something! People were already doing this, The thing is its just been underground! If no one knows about it then people who were doing it got away scotch free because no one even realized that anything had been done! If anyone is to get mad its probably the underground people lol, because now Hak5 is making people more aware of this hack! If people are more aware then they can take measures to protect themselves from these types of attacks! That's what I feel the show is trying to do! Make people aware of these "black hat" if you will attacks, so that people will understand what can be done, and what they can do about it so it doesn't happen to them! There's always going to be that black hat crowd, so its good we have the Hak5 crew to keep us updated on what they are doing! Then we can make our networks and internet safer to use!! So thanks to Darren and everyone at the Hak5 crew! Keep up the show! I'm liking the new season so far! ;) by static connection you mean manually setting your computers internal IP and DNS + gateway right? I've been doing that, in fact I discovered with my router, the only way that ports can be opened to my computers is if the computer is manually configured! Is it just my router? or do all routers have that functionality? to not allow ports to be forwarded if DHCP is used for that particular computer... As the image shows I just set the IP between the range that the router has set. Then leave the subnet mask default, and set the gateway and the DNS at the routers IP. The actual DNS servers are gotten from the router...

Well I think we can all agree upon 1 thing... If your at a coffee shop and you see some guy with a pineapple, find a new coffee shop ;)

hey check this out, here is the dumped output of all the received packets and all the sent packets from my app! made using something I created... http://popeax.com/download/apps/recvdpackets.txt http://popeax.com/download/apps/sentpackets.txt see if you can spot out whats going wrong by the way: what version of winsock do you use? 2.2? EDIT: I'm getting there! I'm starting to figure things out! check this out: "http://cache10-music01.myspacecdn.com/79/std_a97a91f2dfdad074f5ba669957c18653.mp3?bandid=4809789&songid=117144631&token=1221034478_afae2e606f122e1edb45bee680bd5403&p=aHR0cDovL2NhY2hlMTAtbXVzaWMwMS5teXNwYWNlY2RuLmNvbS83OS9zdGRfYTk3YTkxZjJkZm RhZDA3NGY1YmE2Njk5NTdjMTg2NTMubXAz&a=0" you know how the final url you need looks like that right? Well I figured out where you get what you put for "p=" from see what looks like chicken scratch in that url for "p" well take that string out of there so you have "aHR0cDovL2NhY2hlMTAtbXVzaWMwMS5teXNwYWNlY2RuLmNvbS83OS9zdGRfYTk3YTkxZjJkZmR hZDA3NGY1YmE2Njk5NTdjMTg2NTMubXAz" well it actually means something and the reason why it doesn't look like it is because its encoded with base64 decode it and it looks like this "http://cache10-music01.myspacecdn.com/79/std_a97a91f2dfdad074f5ba669957c18653.mp3" :) Now why would myspace put that in the url? its the same as the url... lol it seems uneccessary to me! heres the site that I used once I started getting the feeling that things are encoded: http://www.motobit.com/util/base64-decoder...1&acharset= it'll encode or decode, I'll have to add that functionality base64 encoding into my app (maybe decoding too if its needed for the token) However I still haven't figured out the most important thing, where you get the "token" from... the tokens look something like this: 1216843224_6262e2bab7497608a7da4db07d056a0f they always look very similar to that with the "_" in it and everything... but where does that come from? I don't see anywhere in any output I receive from myspace include that? if you encode that you get "MTIxNjg0MzIyNF82MjYyZTJiYWI3NDk3NjA4YTdkYTRkYjA3ZDA1NmEwZg==" but I still don't see that anywhere neither! At first I thought this url gives you the token "http://mediaservices.myspace.com/services/media/token.ashx?b=4809789&s=117144631&f=0" but now I'm not so sure... it seems to give a so called "token" which does not look anything like a real token <?xml version="1.0" encoding="iso-8859-1"?><token>YKNNJ+HN07ujRbbbAVR/sL+lckFGZ88tqrDqW0hUKOITLj3fHX4wbMeb0MbvB8o+n4hh5I7R9EzqZcBRU7rjB9qZi3n0F1wvHS9m wjfzdLY=</token> I at first thought it is just the token in an encoded form, but base64 decoding it results in garbage `£M'áÍÓ»£E¶ÛT°¿¥rAFgÏ-ª°ê[HT(â.=ß~0lÇ›ÐÆïÊ>ŸˆaäŽÑôLêeÀQSºãÚ™‹yô\//fÂ7ót¶ So either they use a different encoding for the token, or thats not a token at all and its just fake token to make it harder to figure out! by then again why would the myspace flash player get that token.ashx page every single time it plays an mp3? Anyway for anyone that wants to help figure this out here's a little rundown of what happens when you load a myspace page with music on it... The page loads, then the SWF myspace music player loads because of this sent request: GET /music/musicplayer.swf?n=aHR0cDovL211c2ljLm15c3BhY2UuY29t&t=07/DWABcDfpwn3wkYUdi1QMJGUgwHPU/rxqjTsUiDB1MnIUFzW+tMMWWax09CTG4MJWH/YPOVGXLq6IxuyQETg==&u=LTE=&a=0&d=NDgwOTc4OV4xMjIxMDA5NDc2 HTTP/1.1 how is this url put together? I'm not entirely sure, as I don't know where the "t=" part is gotten from but the "n=" to my knowledge always stays the same: decoded encoded "http://music.myspace.com" = "aHR0cDovL211c2ljLm15c3BhY2UuY29t" the "u=" decoded encoded "_" = "=LTE=" for "d=" encoded "NDgwOTc4OV4xMjIxMDA5NDc2" = "4809789^1221009476" 1221009476 is a number im not sure about where that came from either ... but the 4809789 is obviously the friendid but as I said im not sure what to put for "t=" and it does seem to change, so thats something that has to be figured out... but anyway "t=" maybe "t" for token? just a thought ;) ok so after the flash player is loaded, in order to display what songs the user has on their page it has to get that info from somewhere right? it downloads the XML file containing this data with a url like this http://mediaservices.myspace.com/services/....ashx?b=4809789 now the flash player reads it, and displays the songs and the images + other info I wasn't able to decode anything from the xml file except whats after "p=" fields "OTgvNzkvNDgwOTc4OS80ODA5Nzg5Xzk4MzA4OGM5" = "98/79/4809789/4809789_983088c9" not sure what that's for, the 4809789's in there are just the friendid, but the other numbers im not sure where they go... next the flash player calls does this: GET /services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAOnoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECArxL39qOY 1eBBB2R6ObLL8eRidugDvDnXx9BFDUdpyGvsaN8Ery7gc8KQkrU6XTxmt%2f4FCgl5CNiIC%2fN2aYubNzuWtvv8olNbXP%2bS88RUpnTEBa8vywxDM3ZL5%2bfzNAATv7GIvAoLHp4Y%2blAA%3d%3d HTTP/1.1 Accept: */* Accept-Language: en-US Referer: http://lads.myspace.com/music/musicplayer.swf?n=aHR0cDovL211c2ljLm15c3BhY2UuY29t&t=n0lg7yFgG+AVdbF3EjtGnsGE+2zgnWOo6z3frBb+sGPs+GZrKlB5ZjjH5 x-flash-version: 9,0,124,0 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: mediaservices.myspace.com Connection: Keep-Alive again im not sure where the value for "i" came from... am I missing something here? is more data being sent and recieved than is showing in my packet logs? Im not sure why this url is called, or if its even neccessary... but I'm assuming all it does is just add 1 to the number of plays for that song ;) then it does a call to token.ashx (which i'm not sure what I'm supposed to do with the xml it gives, as the token it gives isn't correct, or at least not in its proper form) GET /services/media/token.ashx?b=4809789&s=120463335&f=0 HTTP/1.1 then last but not least it gets the mp3 file and starts playing it in the flash player :) note the referer! I think its needed along with the token else it wont work! GET /87/std_26ce5e4cadd68083e78edff4a5f1eb0b.mp3?bandid=4809789&songid=120463335&token=1221034142_900cb4ad8c0b9e6c9894fd247d158470&p=aHR0cDovL2NhY2hlMTEtbXVzaWMwMS5teXNwYWNlY2RuLmNvbS84Ny9zdGRfMjZjZTVlNGNhZG Q2ODA4M2U3OGVkZmY0YTVmMWViMGIubXAz&a=0 HTTP/1.1 Accept: */* Accept-Language: en-US Referer: http://lads.myspace.com/music/musicplayer.swf?n=aHR0cDovL211c2ljLm15c3BhY2UuY29t&t=n0lg7yFgG+AVdbF3EjtGnsGE+2zgnWOo6z3frBb+sGPs+GZrKlB5ZjjH5 x-flash-version: 9,0,124,0 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: cache11-music01.myspacecdn.com Connection: Keep-Alive I also noticed when the music starts playing it sends this too: start_beacon.txt? even another thing to be confused about! "c=ihavenoidea" GET /music/start_beacon.txt?c=28261405 HTTP/1.1 Accept: */* Accept-Language: en-US Referer: http://lads.myspace.com/music/musicplayer.swf?n=aHR0cDovL211c2ljLm15c3BhY2UuY29t&t=n0lg7yFgG+AVdbF3EjtGnsGE+2zgnWOo6z3frBb+sGPs+GZrKlB5ZjjH5 x-flash-version: 9,0,124,0 Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Host: lads.myspace.com Connection: Keep-Alive So now my main problem is figuring out where the token is located at, I'm thinking they used different encoding for the token then other things... If someone figures it out! Let me know! I need the token :)

Well m0zzie! we have something in common then, Im not a fan of MFC or .NET either and I code all my C++ in pure win32 API!! I use CreateWindow to create all the controls on my apps... You could easily convert it to win32 api c++ code if it does in fact work! I've went back to my original design, as I would rather have the program do all the communication with myspace itself! that way no need for injecting code into web browsers!! letting the browser deal with the communication and just copying the recieved mp3 to a file works but doing all the communication and downloading within the app itself is much preferred.. whatever you type in the "FriendID" box is made like yours into a url like so "http://myspace.com/[friendid]" It connects to "myspace.com" on port 80 then sends a packet like this: (in place of [friendid] is whatever was typed in the box IT DOESNT have to be a friendid it can be the URL as well) GET /[friendid] HTTP/1.1 Host: www.myspace.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html, */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: identity Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Now what that does is download the html code for the myspace page! then we close the connection to myspace.com now its searches that html code for this string 'DisplayFriendId":' on every myspace page that string is contined in the code, after that string, there is the friendid! that is why what you type does not have to be a friendID because we get the friend ID from here! Now that we have the friend ID we can get the XML file which contains the information about the music contained on that myspace page next we connect to "mediaservices.myspace.com" now and send a packet like this: (in place of [actualfriendid] is where the friendID we took from the page code goes) GET /services/media/musicplayerxml.ashx?b=[actualfriendid] HTTP/1.1 Accept: */* Connection: close Host: mediaservices.myspace.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) now that gives me the XML file! here's what I recieve from mediaservices.myspace.com HTTP/1.1 200 OK Date: Tue, 09 Sep 2008 04:27:09 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-Server: 7ad285b8625584e58754c7c1ad04648e879a3f5575ffdf37 Set-Cookie: SessionDDF2=3dd7ae63ee3b8bd504f4e78e9bdd88fa858963d53533bcc9; domain=.myspace.com; path=/; expires=Thursday, 09-Sep-38 04:27:09 GMT X-AspNet-Version: 2.0.50727 Set-Cookie: MSCulture=IP=76.16.46.164&amp;IPCulture=en-US&amp;PreferredCulture=en-US&amp;PreferredCulturePending=&amp;Country=VVM=&amp;ForcedExpiration=633565060292939496&amp;timeZone=0&amp;USRLOC=QXJlYUNvZGU9ODQ3JkNpdHk9VmVybm9uIEhpbGxzJkNvdW50cnlDb2RlPVVTJkNvdW50c nlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MDImTGF0aXR1ZGU9NDIuMjMyNSZMb25naXR1ZGU9L T g3Ljk2MzUmUG9zdGFsQ29kZT02MDA2MSZSZWdpb25OYW1lPUlM; domain=.myspace.com; expires=Tue, 16-Sep-2008 04:27:09 GMT; path=/ Cache-Control: private Content-Type: text/xml; charset=utf-8 Content-Length: 6593 &lt;?xml version="1.0" encoding="iso-8859-1"?&gt; &lt;profile&gt; &lt;timestamp&gt;&lt;![CDATA[1220934429]]&gt;&lt;/timestamp&gt; &lt;name&gt;&lt;![CDATA[Joel (deadmau5)]]&gt;&lt;/name&gt; &lt;playstoday&gt;&lt;![CDATA[7155]]&gt;&lt;/playstoday&gt; &lt;downloadedtoday&gt;&lt;![CDATA[0]]&gt;&lt;/downloadedtoday&gt; &lt;totalplays&gt;&lt;![CDATA[1912510]]&gt;&lt;/totalplays&gt; &lt;autoplay&gt;&lt;![CDATA[0]]&gt;&lt;/autoplay&gt; &lt;allowadd&gt;&lt;![CDATA[1]]&gt;&lt;/allowadd&gt; &lt;playlist&gt;&lt;song bsid="120463335" title="slip" songid="0" plays="113086" comments="" rate="" downloadable="" imagename="http://b0.ac-images.myspacecdn.com/02125/04/27/2125237240_m.jpg" imagedesc="n/a&lt;br&gt;2008 mau5trap" filename="zqy9eyoxDqcMoPhCMGeGQcsclKB4EibE2KIUMnu2lMvl/A7eBFJOyb0a+r3XUD2TngQdxteTwPoXO95NlZWo2LLQE2Lz/XCJ7JL5M6Fx+1c=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECO%2fALxNOXOq5BBAjHMlV0zNlRbBdrFefkdXSBFCEJ6ybsTSBeMcDqLInjGmeyP94wpZzueGjLucbgyK5D r1ao0jSUb1LeCcBM7iEvMCtH0RELk%2b%2b9pPeR6YnNZwdq6cDD29VG6Q%2fggO91qd%2fUQ%3d%3d" lyrics="" purl="" durl="http://cache11-music01.myspacecdn.com/87/std_26ce5e4cadd68083e78edff4a5f1eb0b.mp3" token="/VRi+9ysUkuwSyHoZkWJJJtCIEWUPpXesvhUZL4Yf1VoM9onqIfrDa7ZCzGV6MX1O+ucS/sfgaG2Wl76MTzHDk/0XnegCO7WbQrc56FWacQ=" curl="http://cache11-music01.myspacecdn.com/87/std_26ce5e4cadd68083e78edff4a5f1eb0b.mp3?bandid=4809789&amp;songid=120463335&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5Xzk4MzA4OGM5"/&gt;&lt;song bsid="117144631" title="Sometimes things get yeah" songid="0" plays="117322" comments="" rate="" downloadable="" imagename="http://b7.ac-images.myspacecdn.com/02120/74/84/2120424847_m.jpg" imagedesc="n/a&lt;br&gt;2008 mau5trap" filename="grQ4a1eVJviZNO+4nIUImLbwg2BvVDWCsTInCs2zvGI4O8hupqxC+Ge94edVrK+6oirJAT42URGb Ca5r28Tdu5BkRiJGZlqD+YAJxUVZxjU=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECFQE0CjD8Q%2bKBBB5%2bucsEjFXaF0wkeMsKwZUBFCd03YGg%2bETspo0ow9HXm9BFrXcb%2fAFv3YrVSqvvbapF3HX202vVZyLOCV9xtDY%2bQN6UEWndnG%2bLF4Ycp12hZY9A1L%2bs2y3FKWM4OYabSg9Vw%3d%3d" lyrics="" purl="" durl="http://cache10-music01.myspacecdn.com/79/std_a97a91f2dfdad074f5ba669957c18653.mp3" token="ZKuOb59Q7d8DL723Bjqwy9VuqtAK4qM5c9jzfSxg8Fw5ov/hYqawGYC3tJbKRRLwV/U0ce6EAea6+GyhFcx2oxsquOUM/scF/Z3s74HckFU=" curl="http://content.music.myspace.com/music.ashx?bandid=4809789&amp;songid=117144631&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5X2Y0NjIwYmM0"/&gt;&lt;song bsid="116159413" title="Brazil" songid="0" plays="82880" comments="" rate="" downloadable="" imagename="http://b1.ac-images.myspacecdn.com/02118/11/13/2118753111_m.jpg" imagedesc="to be announced&lt;br&gt;2008 mau5trap" filename="6IF76dBOmq3V7ZoEmTgl//eJFoRULshyhXld6IiEs6aGhp9SWf+ruxsQ4KuB71SpXPZxZvEj+5Nrwx47UbsPkrSWt5GgfikRvWE70+ zQsZo=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECBj8tOqfge nsBBDzoJGzZkWURfOw8cyvHe97BFBGYf5%2f2Fu%2bLKgkMvYZNo6gFwjSVMVKPaPNzDlQ4pgzoV5L66y62Ted3Gyvd2Q87FShmmPXVD9ncecNr2AZaSdIWk Z7WsNnhtsufCQL%2bTwHcQ%3d%3d" lyrics="" purl="" durl="http://cache11-music01.myspacecdn.com/85/std_db01cccca4cf9bbd6007a051d00acd0a.mp3" token="rTEujgA9zcqBY+ixXDya/0e1oirfNsig0ykIGmmCe9ZjrpmaZYIaga7M8XqTn7QGlbEg4nDPvZVJkCsnuZW93fp3Vkg4bPMeI2DQ0 yqpFAQ=" curl="http://cache11-music01.myspacecdn.com/85/std_db01cccca4cf9bbd6007a051d00acd0a.mp3?bandid=4809789&amp;songid=116159413&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5X2RiN2FkYWUx"/&gt;&lt;song bsid="116222010" title="BRAZIL second edit" songid="0" plays="75172" comments="" rate="" downloadable="" imagename="http://b4.ac-images.myspacecdn.com/02118/46/10/2118850164_m.jpg" imagedesc="to be announced&lt;br&gt;2008 mau5trap" filename="E2yGKyp3w5RMVEN28dvV6AU4FD1grdlj7RGYv5udt0atsR7sFJBi+frvNQY7G5DclIj6SkjPEcAD K63m4RAB4SKwbbAYZXupuVJnMiTTzEs=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECE2UHZfSAi F%2fBBA4woR8fEmTQKgvlySxt2g6BFCxYo%2flzXhzn1Gj%2faY%2bp0K8MP8F8GHPXdkzSetVjj7X8g0u%2fxtkj7UQCRfIU90nJMZsBp6KzxdxF8CIdxD1HJUbN9m697PrXBoG%2b67yYWRmnQ%3d%3d" lyrics="" purl="" durl="http://cache10-music01.myspacecdn.com/76/std_49aef9c8edacd96e75d6f4fc7fa55ab1.mp3" token="raaT1DxRFJeofj0KsGVreoG4iWYpfQ3RDQ0ltctF+vigjWvceouyinuVbysa3hfzB0uXL/gNYdYTgQllZuI8b33VlxjUJwjhLlqSR2opm4Y=" curl="http://content.music.myspace.com/music.ashx?bandid=4809789&amp;songid=116222010&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5XzlkMzU4MmYw"/&gt;&lt;song bsid="100340823" title="Give it up for me" songid="0" plays="345830" comments="" rate="" downloadable="" imagename="http://b3.ac-images.myspacecdn.com/02092/35/95/2092945953_m.jpg" imagedesc="n/a&lt;br&gt;2008 mau5trap recordings" filename="iYNbNofRq60OMswP1sYPiw4C6qZX2YWFRtnwHxzQFs45eVWF33QR/dVtVdG+2GhwtLv8tufaInwpSsM9orlS8+Vdakz58p8PeGfQs8rAJhM=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECEk6dXzg%2butxBBC5%2bscQhBZo89zossaBcP3fBFAhKIXe17%2f5B8q07RY1SCt7vcC9HrZJ%2bjBndoZEbtxyUpYyhzObQJkQixrb5oZdZQONzdirRnBB6HxLwqkqaIJSJPEoUllYTOlwiCp63%2f8nmQ%3d%3d" lyrics="" purl="" durl="http://cache03-music02.myspacecdn.com/23/std_ec6d4f4289fe4bad5209ceb17a592b52.mp3" token="fD1L7Svr3WFgeaRQkFE5w8GgmRfGWVFtyLOK9Z1dAJEefWJTgdc4QeY9t3byFHRkDvG2dM0CLkEI 0/9XIaX5Zzc7RGAvqVpIIdmIgq3dAZ8=" curl="http://cache03-music02.myspacecdn.com/23/std_ec6d4f4289fe4bad5209ceb17a592b52.mp3?bandid=4809789&amp;songid=100340823&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5X2ExOWMyNTUy"/&gt;&lt;song bsid="93197148" title="Creep" songid="0" plays="228545" comments="" rate="" downloadable="" imagename="http://b5.ac-images.myspacecdn.com/02081/51/12/2081362115_m.jpg" imagedesc="to be announced&lt;br&gt;2008 mau5trap" filename="q+HTawHxL8ORZdLfnTQxgtKriCaSrwyt00kC9ojhhi8MurNY2yMvD5Bq4R1N9P5Ax7gAId9ctua2 XpxtqyNBp1iAuv7cGXBFjRPJZZ+Sshc=" url="http://media.myspace.com/services/media/mediahitcounter.ashx?i=MIGdBgorBgEEAYI3WAPpoIGOMIGLBgorBgEEAYI3WAMBoH0wewIDAgABAgJmAwICAMAECMW9AgxvJm ZXBBCIBv9Y8xo51uU0wz5PggIcBFB%2fFJqZ0u1Tt6Xx0AStMExfRgeOkFOrwJZVMLzvRN1B8uovk9fLFsKKyHfkb02jWMFrlGtIB0XQ626Q5H thlycSjfx%2b9ocpuMWZXYbPh500Cw%3d%3d" lyrics="" purl="" durl="http://cache02-music01.myspacecdn.com/11/std_a91c08fa32a7a62a5701419525045913.mp3" token="2UnOUpArfTaSa26RIf6NN940PvVaPetkzF8cqAIlJER2aWcKXkL52eO5E6jo++uoE4XZcXiroPub DhU/rFzrgRiXPgBeLcBzRSxWRqXukH8=" curl="http://cache02-music01.myspacecdn.com/11/std_a91c08fa32a7a62a5701419525045913.mp3?bandid=4809789&amp;songid=93197148&amp;p=OTgvNzkvNDgwOTc4OS80ODA5Nzg5XzcyOTQzM2U0"/&gt; &lt;/playlist&gt; &lt;/profile&gt; are the cookies required? that could be one of my problems lol, but it wont be too hard to copy those cookies to memory and store them so they can be sent out with the final packet to download the mp3... There is lots of data contained in that XML file... The problem is im not sure what is EVERYTHING I need to take from the XML data in order to communicate with myspace properly enough for the download to go through? could you clear that up for me m0zzie? I extract the artist name after '<name><![CDATA[' until ']' is reached then I copy all the song names into a memory buffer and display them in the list box, display the artist after "Artist: " the number of songs is also displayed (not on the gui yet but in a debug print ;)) Now heres where the hard part is, downloading the mp3... When download is clicked I tried a series of things to get to the final URL of the mp3 to download... which currently do not work and result in a 404: not found error... thats myspace's way of telling you nope your program doesn't work yet, your not doing something right! Have a look at my source code: http://popeax.com/download/apps/MyspaceStreamRip.zip You can see my attempt at getting it to work under "DownloadThread" Its a DevCPP project so you'll need that to compile it! My winsock classes, make things a bit easier for me... m0zzie what timezone are you in? let me know so I can be online when you are online ;) oh and yes it did not work on ANY myspace music page I tried! all 404 error! I tested with "http://myspace.com/deadmau5", "http://myspace.com/djinphinity", "http://myspace.com/hollywoodundead" and other one I can't think of right now... none worked! but It does list the songs and other info 100% correctly! mine lists the songs correctly too! but I can't get either one your program or mine to actually download the mp3 Could it have anything to do with the VMware being Windows Server 2008? Are there any dependencies your program requires that my VMware might not have? EDIT: once I get my app to actually work I plan on having the download button create a download window, where all the bytes recieved (which make up the mp3 file) are stored into a buffer, and there's a progressbar in the window showing what percent of the download is complete! and once its complete the mp3 file is saved into a folder somewhere with the song title .mp3... this way you can download multiple songs at once, with each download creating a new window heres a pic of me using your app in a VMware. It does work to an extent because it DOES infact list the songs properly! it just doesn't download properly!

that's awsome that you and your friend are that good at soldering that your confident enough that your not going to mess up your PC. I once tried to mod my PS2 with a modchip, and the soldering points were so freaking tiny, and the directions that came with it were hard to follow! lol I ended up going for it and turning my PS2 into a giant brick! glad to see your PC is still in working order so you did the job successfully! good job! ;)

Well thanks IOsys for clearing that up! I haven't formatted my flash drive and I think I'll just keep it at FAT32 to let it live its life to the fullest... @vanguard: Its true files bigger than 4GB cannot be stored on FAT32 formatted drive... I know this because I was unable to copy a file larger than 4GB to my 500GB external HD. I had plenty of space on it, so I knew lack of space was not the problem... I researched online and discovered that FAT32 cannot store INDIVIDUAL files larger than 4GB. So what I did was converted(not formatted) the drive to NTFS, and then the file was able to be copied onto it no problem... You can convert at FAT32 drive to NTFS but not vise versa. To go back to FAT32 it has to be formatted... So keep that in mind... But a solution to the problem for flash drives(if you really want to keep them at FAT32) you can simply split the file thats larger than 4GIG into parts... Then on the computer you copy the files parts to, the parts can be put back together to restore the original file :)

Why would you format it as FAT32??? That is the reason why they cannot hold files larger than 4GB, because its a limitation with FAT32! If your going to format it, I would suggest formatting it as NTFS, that way you CAN store files larger than 4GB and both windows and linux can read the files on it ;) (maybe mac too im not sure) P.S. the only reason it comes formatted as FAT32 from the factory is for compatibility reasons, Some people are still using older operating systems I guess(Win9x) So they have all drives formatted FAT32 for that reason.

Yeah and if you don't understand those tubes can be filled with your encrypted data, and if they are filled and 'posted' to a web page anywhere on the net, then you can process that data on the web page with php for example. What you do with the data from there is up to you. I choose to store it in a database, as I like that way the best. Since there are free web hosts which offer php + mysql this makes it an ideal method to use... Enormous amounts of material, enormous amounts of material!! lol ;)

Thats cool, although I haven't tried it... I was kinda hoping the source would be included in the zip... What was it coded in? C++? Nothing personal I just don't feel comfortable running exe's that don't include the source code, I prefer to compile executable from source myself before running them... If I see the source code and compile it myself I know there's nothing harmful in it... You could have at least left it UNPACKED so I could at least check it out in OllyDbg! well anyway its good to see someone else is working on this besides me. ;) EDIT: i just tried it in a VMware and it doesn't seem to work... I hooked your winsock so I could see what packets your program sends... this seems to be your problem: GET /15/std_523fbe6796040d4316b0c3cf9f0e61b9.mp3 HTTP/1.1..User-Agent: musicSpace v1.0..Host: cache02-music01.myspacecdn.com..Cache-Control: no-cache.... your not sending the token in the url? that was my problem at first too! anyway because its wrong after that your receive a 404: not found error! HTTP/1.1 404 Not Found..Accept-Ranges: bytes..Connection: keep-alive..Content-Length: 23..Content-Type: text/html..Date: Fri, 05 Sep 2008 06:00:45 GMT..Server: sledgehammer/1.4.0....&lt;h1&gt;404: Not Found&lt;/h1 So it doesn't even work for me! m0zzie how recently have you tested your creation? Anyways we will figure it out eventually! We just have to have perfect communication with myspace, exactly like a browser does....

assembly is the easiest i think. Its made up of many simple instructions. So like a big complicated function is really just made up of many small simple instructions... assembly and C are similar if you think about it... notice the similarity in calling functions asm: invoke Sleep, 1000 c: Sleep(1000); but actually both lines of code convert into... push 3E8 call Sleep

1. DOWNLOAD ALL THE SONGS YOU WANT! 2. This one is made specifically for myspace! but I think I'll make one for pandora too! ;)