A Sport Called "Google Hacking" :)  

Posted by J Thosuly in

Google Hacking

Yes, I am a criminal. My crime is that of curiosity.
– Mentor, The Hacker Manifesto

There’s a sport called “Google Hacking” which is all about searching for seemingly private websites using Google. In fact, you can only find public websites using Google, because private (password-protected) pages can’t be found by Google – so it’s no real hacking (let alone “cracking,” which would consist of deleting, changing or abusing the found data). But it’s fun nevertheless, and often enables people to discover pages someone was hoping for to stay private. This happens when the site is misconfigured, i.e. when the webmaster doesn’t know enough about how to set up a website.
Here are some of the most popular and powerful “Google hack” search queries. Enter them at your own risk, and know that every once in a while you step onto a so-called honeypot (a fake website set up to lure hackers into it, with the goal of finding out more about them and their tactics).

Finding Error Messages
Search for: “A syntax error has occurred” filetype:ihtml
You’ll find: Pages which caused errors the last time Google checked them. This may hint at vulnerabilities or other unwanted side-effects.
How this works: The first phrase simply looks for an error the target server itself did once output. The “filetype” operator on the other hand restricts the result pages to only those which have the “ihtml” extension (which are sites using Informix). A related search is “Warning: mysql_query()”.

Finding Seemingly Private Files
Search for: (password | passcode) (username | userid | user) filetype:csv
You’ll find: Files containing user names and similar.
How this works: The “filetype” operator makes sure only “Comma Separated Values” files will be returned. Those are not typical web pages, but data files. “(password | passcode)” tells Google the file must contain either the text “password” or “passcode,” or both (the “|” character means “or”). Also, result pages are restricted to those containing either of the words “username,” “userid” or “user.”

Finding File Listings
Search for: intitle:index-of last-modified private
You’ll find: Pages which list files found on the server.
How this works: The “intitle” operator used above will ensure that the target page contains the words “Index of” in the title. This is typical for those open directories which list files (they will have a title like “Index of /private/foo/bar”). “Last modified” on the other hand is a column
header often used on those pages. And the word “private” makes sure we’ll find something of interest. A related search query which finds FTP (File Transfer Protocol) information is intitle:index.of ws_ftp.ini.

Finding Webcams
Search for: “powered by webcamXP” “Pro|Broadcast”
You’ll find: Public webcams set up by people to film a location, or themselves.
How this works: “Powered by WebcamXP” is a text found on specific kinds of webcam pages. A related search query to find cameras is inurl:“ViewerFrame?Mode=”.

Finding Weak Servers
Search for: intitle:“the page cannot be found” inetmgr
You’ll find: Potentially weak (IIS4) servers.
How this works: An old Microsoft Internet Information server may hint at security issues. This is one of many approaches that can be used to find such a weak server.

Finding Chat Logs
Search for: something “has quit” “has joined” filetype:txt
You’ll find: Chat log files showing what people talked about in a chat room.
How this works: Though the files found are all public, not everyone chatting on IRC (the Internet Relay Chat) is aware of potential logging mechanisms. The “filetype” operator makes sure only text files are found, and “has quit”/ “has joined” are automated messages appearing in chat rooms. This search is your chance to tune into people’s chatter.
Note you should replace “something” with the thing you are looking for.


source : Click here

CHDK : Canon Hacker Development Kit  

Posted by J Thosuly in

Quick answers to 7 key questions about CHDK:

1. What is CHDK?

CHDK is not just one thing! The term CHDK refers to free software – currently available for many (but not all) Canon PowerShot compact digital cameras – that you can load onto your camera's memory card to give your camera greatly enhanced capabilities.

2. Am I likely to be interested in CHDK?

The enhanced capabilities that CHDK provides are most likely to be of interest to experienced photographers - if you believe that your Canon PowerShot camera already has more features than you will ever need, you probably won't be interested in CHDK.

3. Is CHDK safe to use?

Probably. See the following FAQ entries for more information

4. How does CHDK work?

CHDK makes use of the microprocessor that controls the camera (every digital camera contains a microprocessor) to act as a programmable computer that provides the extra capabilities.

5. What extra capabilities does CHDK provide?

The current set of extra capabilities fall into six categories:
a. Enhanced ways of recording images - you can capture still pictures in RAW format (as well as JPEG), and for video images you can have increased recording time and length (1 hour or 2 GB), and a greatly increased range of compression options.
b. Additional data displays on the LCD screen - histogram, battery life indicator, depth of field, and many more.
c. Additional photographic settings that are not available on the camera by itself - longer exposure times (up to 65 seconds), faster shutter speeds (1/25,000 sec, and faster in some cases), automatic bracketing of exposure, etc.
d. The ability for the camera to run programs ('scripts', written in a micro-version of the BASIC language) stored on the memory card - these programs allow you to set the camera to perform a sequence of operations under the control of the program. For example, a camera can be programmed to take multiple pictures for focus bracketing, or take a picture when it detects that something in the field of view moves or changes brightness.
e. The ability to take a picture, or start a program on the memory card, by sending a signal into the USB port - you can use the USB cable to take a picture remotely.
f. The ability to do a number of other more useful (and fun) things, such as act as a mini file browser for the memory card, let you play games on the LCD screen, etc.

6. What else should I know?

Developers around the world are continuing to add new features to CHDK. Because the idea of using the camera's microprocessor is so flexible, various developers have made different versions of CHDK, and new features continue to be developed - for example, one version of CHDK has features assist in taking stereo photographs, and even allows two cameras to be synchronized to take pictures at the same time (with an accuracy of better than 0.1 milliseconds, providing they are the same camera model).

7. How do I get started with CHDK?

See below, and read the FAQ, CHDK for Dummies and the Firmware Usage page !!!
(http://chdk.wikia.com/wiki/FAQ , http://chdk.wikia.com/wiki/CHDK_for_Dummies and http://chdk.wikia.com/wiki/CHDK_firmware_usage)

source : Click here

VoiceTronix : Open Source in Computer Telephony  

Posted by J Thosuly in

It is only natural to extend the benefits of open source to computer telephony, especially when the computer is running an open source operating system such as Linux and telephony while being a crucial business and social enabler is typically closed and still under the control of the supplier. Combining open source application software running on Linux based commodity PC/servers gives you total control at a very low cost base.

Open Source effectively increases user adoption by:

  1. Reducing the cost of ownership and making it affordable.
  2. Promoting community development & support.
  3. Eliminating vendor lock-in thus providing control back to the you.
  4. Inherently facilitating customisation and localisation activities, transcending geographical and cultural barriers.

Open source eliminates the barriers to knowledge, thus increasing competition amongst vendors and service providers, promoting innovation and eliminating the opportunity for monopolization. For developers, it enables them to avoid the duplication of effort, allowing them to concentrate on adding value by building on the foundation of others.

Please note: It does expect you to provide some sweat equity and a level of competence.

Like most things: The MORE you put in the GREATER the reward!

Voicetronix is one of the few computer telephony hardware vendors that not only provides open source hardware drivers that run on Linux but also offers solutions. It develops and makes available freely its own open source application software that is fully compatible and optimised for its hardware products. Developers wishing to use Voicetronix's hardware and software building blocks as their solutions are not shunted off to a forum but get to communicate with the actual engineers that have developed these product offerings.

Voicetronix Open Source Application Software and Development Tools

Voicetronix over the years has developed a number of open source telephony applications and development tools that fully support range of telephony hardware. These include:
1. Logger - a free voice logging application that can help you build commercial grade voice recorders for under US$60/channel!
2. CT server - an easy to use library for building powerful telephony applications using Perl. You don't have to be a C/C++ programmer to develop feature rich telephony solutions using voicetronix's software and hardware building blocks.
3. OpenPBX - a free web driven software application written using CT server that when combined with Voicetronix's hardware can turn commodity PC/servers into feature rich office phone systems.
4. VPB Driver - Voicetronix current stable driver for the Voicetronix computer telephony cards. Voicetronix VPB driver contains their implementation of their telephony application programmers interface (API) that is made up of a library of C/C++ callable functions.

source : Click here

Translator

source