PileOfMush

j/k

So many apps check for updates every time you start them now... I wonder if anyone has ever compiled a list of the most popular of these apps to target for MITM redirection attacks. Like if Firefox were redirected to an exploit site and said "oh look, new version available"... and the exe offered wasn't called "haxploit-1337.exe" a lot of ppl would run it.

Wouldn't vibrations mess with the signal? Like even just the vibration from HVAC or other equipment in a large building?

U3 FireFox can import them to a flash drive and you can tote it around wherever you go.

I see you figured out it was using index.html, but change your redirect to happen immediately. Waiting for a redirect is so 1997.

Sounds to me like he installed Ubuntu with server setup and it's running DHCP and his PC is closer to it than to the router... so it responds faster to the request for IP. Disable DHCPd on ubuntu.

I'm gonna stray from the topic further here cuz I feel like venting. My boss is what I call "technologically optimistic", meaning he thinks anything he can imagine should be possible in minutes with the right series of mouse clicks and maybe a little typing. He has an insurance quoting software installed on his computer (it's the epitome of 1995 style and grace) and he really thinks he should be able to copy it to the "internet" for everyone to use. He doesn't understand why I can't just install it on our server and let the world go to http://seriesoftubes.example.com and have it work. The list of examples is long, but I'll stop the rant here before it gets annoying.

Not to sound like an ad or anything, but SpinRite is some magic shit with problems like this.

Don't hurt yourself, but nice quick fix to your problem. :D

The pretty vector graphics and connected entities mean jack to a computer without several layers of languages converting it all into binary. Every layer has it's purpose. Graphical interfaces to data are the top level macro end of the spectrum.

I fixed two missing spaces. I was trying to format the code to look pretty and probably broke it. (FILE *fp=NULL; LPVOID pBuf=NULL;) haha To sc0rpi0: I'm not sure if I made it clear enough before... when you run this, you don't have to push print screen... it does it automatically and saves out a bitmap file. In fact, if you wanted an all-in-one tool to save the contents of clipboard to a file, THEN grab a screenshot, you can insert some code to grab from the clipboard right before it does the key-down/key-up events on the Printscreen button. I just wish I had a compiler available so I could fix it up and build it.

Give gPartEd a try. I think in short everyone is saying "use anything but Windows to repartition & format it". http://gparted.sourceforge.net/

#include <iostream.h> #include <windows.h> #include <stdio.h> int main() { TakeScreenShot("c:\\Screenshot.bmp"); return 0; } void TakeScreenShot(char* filename) { keybd_event(VK_SNAPSHOT, 0x45, KEYEVENTF_EXTENDEDKEY, 0); keybd_event(VK_SNAPSHOT, 0x45, KEYEVENTF_EXTENDEDKEY | KEYEVENTF_KEYUP, 0); HBITMAP h; OpenClipboard(NULL); h = (HBITMAP)GetClipboardData(CF_BITMAP); CloseClipboard(); HDC hdc=NULL; FILE *fp=NULL; LPVOID pBuf=NULL; BITMAPINFO bmpInfo; BITMAPFILEHEADER bmpFileHeader; do { hdc=GetDC(NULL); ZeroMemory(&bmpInfo,sizeof(BITMAPINFO)); bmpInfo.bmiHeader.biSize=sizeof(BITMAPINFOHEADER); GetDIBits(hdc,h,0,0,NULL,&bmpInfo,DIB_RGB_COLORS); if(bmpInfo.bmiHeader.biSizeImage<=0) bmpInfo.bmiHeader.biSizeImage=bmpInfo.bmiHeader.biWidth*abs(bmpInfo.bmiHeader.bi Height)*(bmpInfo.bmiHeader.biBitCount+7)/8; if((pBuf = malloc(bmpInfo.bmiHeader.biSizeImage))==NULL) { MessageBox( NULL, "Unable to Allocate Bitmap Memory", "Error", MB_OK|MB_ICONERROR); break; } bmpInfo.bmiHeader.biCompression=BI_RGB; GetDIBits(hdc,h,0,bmpInfo.bmiHeader.biHeight,pBuf, &bmpInfo, DIB_RGB_COLORS); if((fp = fopen(filename,"wb"))==NULL) { MessageBox( NULL, "Unable to Create Bitmap File", "Error", MB_OK|MB_ICONERROR); break; } bmpFileHeader.bfReserved1=0; bmpFileHeader.bfReserved2=0; bmpFileHeader.bfSize=sizeof(BITMAPFILEHEADER)+sizeof(BITMAPINFOHEADER)+bmpInfo.b miHeader.biSizeImage; bmpFileHeader.bfType='MB'; bmpFileHeader.bfOffBits=sizeof(BITMAPFILEHEADER)+sizeof(BITMAPINFOHEADER); fwrite(&bmpFileHeader,sizeof(BITMAPFILEHEADER),1,fp); fwrite(&bmpInfo.bmiHeader,sizeof(BITMAPINFOHEADER),1,fp); fwrite(pBuf,bmpInfo.bmiHeader.biSizeImage,1,fp); } while(false); if(hdc) ReleaseDC(NULL,hdc); if(pBuf) free(pBuf); if(fp) fclose(fp); } This is ripped from somewhere. Things that need fixing: remove MessageBox error output and change the filename so it's more of a datetime thing than hardcoded. Since you asked about it earlier, I'll point out that this contains an example of copying data from the clipboard. Actually, if it's not obvious how this thing works, it presses the printscreen key and then snags the clipboard data to a bitmap. I don't have VC++ or I'd try to fix it and compile it. Good luck.

I understand why he got confused... after installing XP, he was booting to Vista still when he should have been booting to XP. He got kinda derailed, but it's OK... he's done the repair to Vista anyway (tho apparently it wasn't needed in his case)... now he just needs to run the last step... Easy BCD. http://neosmart.net/dl.php?id=1

gee... wonder what he's up to

Two suggestions for you: Firebug addon for Firefox https://addons.mozilla.org/en-US/firefox/addon/1843 and YUI http://developer.yahoo.com/yui/connection/ Yahoo's YUI is nice because they solve the problems for you, then give you a platform to use. They work out all of the cross-browser crap and deal with a lot of the javascript bugs and give you something a lot more sane. Even if you aren't interested in YUI, check out some of the javascript, DOM and Ajax videos, especially the ones by Douglas Crockford. http://developer.yahoo.com/yui/theater/

Ah, now it's clear what you're saying... and I'm definitely not having that problem. I found another forum where someone had the same problem you're having and they changed their PATH to get rid of C:\Perl\Site\Bin; and just leave in C:\Perl\Bin; and their problem went away. To do that in XP, right-click on My Computer, go to Properties, Click the Advanced Tab, then Environment Variables, in the System Variables section, select PATH, hit Edit and then good luck finding it with the TINY dialog box M$ provides... but it's usually near the beginning.

Is this useful to anyone? CONST int C0 = 16; CONST int Cs0 = 17; CONST int Df0 = 17; CONST int D0 = 18; CONST int Ds0 = 19; CONST int Ef0 = 19; CONST int E0 = 20; CONST int F0 = 21; CONST int Fs0 = 23; CONST int Gf0 = 23; CONST int G0 = 24; CONST int Af0 = 25; CONST int Gs0 = 25; CONST int A0 = 27; CONST int As0 = 29; CONST int Ff0 = 29; CONST int F0 = 30; CONST int C1 = 32; CONST int Cs1 = 34; CONST int Df1 = 34; CONST int D1 = 36; CONST int Ds1 = 38; CONST int Ef1 = 38; CONST int E1 = 41; CONST int F1 = 43; CONST int Fs1 = 46; CONST int Gf1 = 46; CONST int G1 = 49; CONST int Af1 = 51; CONST int Gs1 = 51; CONST int A1 = 55; CONST int As1 = 58; CONST int Ff1 = 58; CONST int F1 = 61; CONST int C2 = 65; CONST int Cs2 = 69; CONST int Df2 = 69; CONST int D2 = 73; CONST int Ds2 = 77; CONST int Ef2 = 77; CONST int E2 = 82; CONST int F2 = 87; CONST int Fs2 = 92; CONST int Gf2 = 92; CONST int G2 = 98; CONST int Af2 = 103; CONST int Gs2 = 103; CONST int A2 = 110; CONST int As2 = 116; CONST int Ff2 = 116; CONST int F2 = 123; CONST int C3 = 130; CONST int Cs3 = 138; CONST int Df3 = 138; CONST int D3 = 146; CONST int Ds3 = 155; CONST int Ef3 = 155; CONST int E3 = 164; CONST int F3 = 174; CONST int Fs3 = 185; CONST int Gf3 = 185; CONST int G3 = 196; CONST int Af3 = 207; CONST int Gs3 = 207; CONST int A3 = 220; CONST int As3 = 233; CONST int Ff3 = 233; CONST int F3 = 246; CONST int C4 = 261; CONST int Cs4 = 277; CONST int Df4 = 277; CONST int D4 = 293; CONST int Ds4 = 311; CONST int Ef4 = 311; CONST int E4 = 329; CONST int F4 = 349; CONST int Fs4 = 369; CONST int Gf4 = 369; CONST int G4 = 392; CONST int Af4 = 415; CONST int Gs4 = 415; CONST int A4 = 440; CONST int As4 = 466; CONST int Ff4 = 466; CONST int F4 = 493; CONST int C5 = 523; CONST int Cs5 = 554; CONST int Df5 = 554; CONST int D5 = 587; CONST int Ds5 = 622; CONST int Ef5 = 622; CONST int E5 = 659; CONST int F5 = 698; CONST int Fs5 = 739; CONST int Gf5 = 739; CONST int G5 = 783; CONST int Af5 = 830; CONST int Gs5 = 830; CONST int A5 = 880; CONST int As5 = 932; CONST int Ff5 = 932; CONST int F5 = 987; CONST int C6 = 1046; CONST int Cs6 = 1108; CONST int Df6 = 1108; CONST int D6 = 1174; CONST int Ds6 = 1244; CONST int Ef6 = 1244; CONST int E6 = 1318; CONST int F6 = 1396; CONST int Fs6 = 1479; CONST int Gf6 = 1479; CONST int G6 = 1567; CONST int Af6 = 1661; CONST int Gs6 = 1661; CONST int A6 = 1760; CONST int As6 = 1864; CONST int Ff6 = 1864; CONST int F6 = 1975; CONST int C7 = 2093; CONST int Cs7 = 2217; CONST int Df7 = 2217; CONST int D7 = 2349; CONST int Ds7 = 2489; CONST int Ef7 = 2489; CONST int E7 = 2637; CONST int F7 = 2793; CONST int Fs7 = 2959; CONST int Gf7 = 2959; CONST int G7 = 3135; CONST int Af7 = 3322; CONST int Gs7 = 3322; CONST int A7 = 3520; CONST int As7 = 3729; CONST int Ff7 = 3729; CONST int F7 = 3951; CONST int C8 = 4186; CONST int Cs8 = 4434; CONST int Df8 = 4434; CONST int D8 = 4698; CONST int Ds8 = 4978; CONST int Ef8 = 4978;

Oh... and after you get this up and running, consider validating the input into those sql queries.

function stateChanged() { if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete") { //Do Some Shit Here with xmlHttp.responseText } }

I tested both of these and mine run by just calling "test1.pl" or "test2.pl" straight from the command line (I'm using 5.10.0). Do you get an error running the ARGV test, or does it just quit back to the prompt? If it's not actually able to find perl.exe in your path, it should say: 'test.pl' is not recognized as an internal or external command, operable program or batch file. If you just type test and not test.pl it will say much the same thing. If there is no error and test.pl simply runs and exits back to the cmd prompt, then it probably IS really running. Add in a print statement like print ' --- This is how I know it's working --- '; to the end of the .pl file. Good luck and have fun with PERL.

In Windows, you really should be calling it with "perl test.pl" anyway instead of letting Windows decide for you... in my opinion... why it works one way and fails the other, I have no idea. If you need help understanding the code... <STDIN> (abbreviated as: <> ) and $ARGV[] are used two completely different ways. In example 2, you use <STDIN> to request input from outside the program (as in from the user). When the user hits enter the value is assigned to $input. With example 1, you're using $ARGV[0] to assign $woo the value of the first argument value passed into the program from the command line. Starting the program like this: perl test.pl zomg wtf bbq will automagically assign this: $ARGV[0] = zomg, $ARGV[1] = wtf, $ARGV[2] = bbq Starting the program like this: perl test.pl means that there's nothing after "test.pl" to assign to the $ARGV[] array... so $woo ends up empty as well.

Do you want an all in one "removal" program or something that prevents getting infected to begin with? If your purpose is to have a toolkit for fixing machines that are already infected, my advice is dump the "all in one" requirement. Most of the removal tools are specific to the particular infection, but they're also pretty small and don't need to be installed... you just download them and run them when you need them. http://www.symantec.com/business/security_...emovaltools.jsp If you're looking for something to keep from getting infected to begin with, remember that user awareness is always the first line of defense and antimalware/virus applications are always the very last line of defense. Keep plenty of layers of security in place. NAT routers, firewalls, FireFox with NoScript and AdBlock Plus, and keep your OS and apps all patched (check out Secunia's PSI). None of this stuff replaces awareness and constant education.

If you enable xp_cmdshell you can use it to call dtexec on the server. You can have a command like: EXEC xp_cmdshell 'dtexec /dts "\File System\Folder\PackageName" /server ServerName;' or if you want to fire off that command from batch file on a client machine that has client tools installed: sqlcmd -S ServerName -E -d DatabaseName -Q "EXEC xp_cmdshell 'dtexec /dts ""\File System\Folder\PackageName"" /server ServerName;'" Read the docs for dtexec and sqlcmd before using these. Hope this helps or gets you pointed in the right direction. Good luck.

Web servers? Is Yahoo crawling them to death?