My Definitions….

OPTIMIST: A person who while falling from EIFFEL TOWER says in midway “SEE I AM NOT INJURED YET!” PESSIMIST: A person who says that O is the last letter in ZERO, Instead of the first letter in OPPORTUNITY MISER: A person who lives poor so that he can die RICH! FATHER: A banker provided by nature CRIMINAL: A guy no different from the other, unless he gets caught BOSS: Someone who is early when you are late and late when you are early POLITICIAN: One who shakes your hand before elections and your Confidence Later DOCTOR: A person who kills your ills by pills, and kills you by his bills!!!

CIGARETTE: A pinch of tobacco rolled in paper with fire at one end and a fool at the other! MARRIAGE: It’s an agreement wherein a man loses his bachelor degree and a woman gains her master LECTURE: An art of transmitting Information from the notes of the lecturer to the notes of students without passing through the minds of either CONFERENCE: The confusion of one man multiplied by the number present COMPROMISE: The art of dividing a cake in such a way that everybody believes he got the biggest piece TEARS: The hydraulic force by which masculine will power is defeated by feminine water-power! DICTIONARY: A place where divorce comes before marriage CONFERENCE ROOM: A place where everybody talks, nobody listens and everybody disagrees later on ECSTASY: A feeling when you feel you are going to feel a feeling you have never felt before CLASSIC: A book which people praise, but never read SMILE: A curve that can set a lot of things straight! OFFICE: A place where you can relax after your strenuous home life YAWN: The only time when some married men ever get to open their mouth ETC: A sign to make others believe that y ou know more than you actually do COMMITTEE: Individuals who can do nothing individually and sit to decide that nothing can be done together EXPERIENCE: The name men give to their Mistakes ATOM BOMB: An invention to bring an end to all inventions PHILOSOPHER: A fool who torments himself during life, to be spoken of when dead DIPLOMAT: A person who tells you to go to hell in such a way that you actually look forward to the trip OPPORTUNIST: A person who starts taking bath if he accidentally falls into a river

Facebook engaging in shady behaviour – Yahoo

Facebook engaging in shady behaviour – Yahoo
Author: Michael Liedtke
Published: 2012/04/28 12:02:02 PM
Source: SAPA

San Francisco – Yahoo is bringing out more artillery in its patent battle with Facebook.

It is adding new allegations of intellectual property theft to its lawsuit against Facebook. In court papers filed on Friday, Yahoo now says Facebook’s online social network infringes on 12 of its internet patents, up from 10.

Yahoo also denied allegation that it has been infringing on 10 of Facebook’s patents and accused its rival of engaging in shady behaviour.

Among other things, Yahoo says Facebook violated an agreement between the two companies to notify each other of possible patent infringements before filing a court claim.

“We remain perplexed by Yahoo’s erratic actions,” Facebook said in a statement. “We disagree with these latest claims and we will continue to defend ourselves vigorously.”

Yahoo questioned Facebook’s integrity in the new filing in San Francisco federal court.

It said Facebook recently bought several patents for the sole purpose of counter-suing Yahoo and then guessed which Yahoo services might rely on the technologies covered by the intellectual property rights.

“Unless Facebook has unlawfully acquired Yahoo confidential business information, Facebook could not have developed a good-faith basis for many of the infringement allegations in its counterclaims,” Yahoo’s lawyers wrote in the papers.

Shortly after Yahoo filed its lawsuit on March 12, Facebook bought 750 patents from IBM. And on Monday, Facebook agreed to pay $550m for 650 patents that Microsoft had just bought from AOL.

The acrimony between Yahoo and Facebook is spilling out as Facebook is preparing to raise $5bn in an initial public offering of stock that is expected to be the richest in Silicon Valley history.

Yahoo’s decision to sue Facebook has been widely perceived in Silicon Valley as a desperate grab for a piece of the IPO action.

Once an internet powerhouse, Yahoo first was eclipsed by online search leader Google and in recent years has been losing more traffic and advertising to Facebook.

The shift has siphoned revenue away from Yahoo, with impacts including 2 000 layoff notices earlier this month, and it has depressed the company’s stock price.

Yahoo hired a new CEO, Scott Thompson, at the start of 2012 in its latest attempt to engineer a turnaround.

Thompson, Yahoo’s fourth CEO in less than five years, is hoping he can boost the company’s stock by getting Facebook to pay patent royalties through a settlement or court ruling.

But if there’s no truce, the legal skirmish could last years.

Clickjacking – The spam which hit facebook !

This is my new post about Clickjacking ! About a month back there was something like a virus on facebook. It was actually a post which spammed like crazy.

The post was as follows:

This video comes in many forms . One of the other types was that of a video link titled “OMG this is what happened to his daughter“ or some such “catchy” caption. All these spam posts are essentially links which look like videos.The play button is actually an image to imitate the youtube play button. If you view the source code, you can see that it’s just a tag and not a video.

When you click on the play button on the video, it takes you to another website. This website has either of the two following options : In older SPAM posts, a javascript code was displayed, and it persuaded the user to paste the code in the URL to view the video. In newer SPAM posts, There would be a button which read “Click here to verify you are above 18 “.Whenever, the user does any of the above , the code would indirectly “share” the post to all friends. The code essentially imitates the ‘share’ option in facebook.The user is tricked into doing this.

Analyzing this code I can conclude the following. Firstly, the video link shown in the post is actually an image with a hyperlink, not a video Secondly, on clicking the “verify age “ button or pasting the javascript, the user shares the post to all his friends. The technical term given to this type of attack is “ClickJacking”.

This is what Wikipedia has to say about clickjacking . Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. On a clickjacked page, the attackers show a set of dummy buttons, then load another page over it in a transparent layer. The users think that they are clicking the visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, and therefore the attackers can trick users into performing actions which the users never intended. There is no way of tracing such actions later, as the user was genuinely authenticated on the other page.

This can be easily found out if one reads through the code of the “verify age” button in the facebook spam. These type of attacks can be put to more deadly uses in bank websites. When a user who has logged in to his bank account visits a website and clicks on a seemingly harmless link, he may actually be transferring money to some other account without his knowledge.

So what are the Ways to prevent clickjacking? As the user of a website, it’s very tough to stay away from clickjacking.You should always keep your eyes open for anything malicious. As a website developer, precautions must be taken to prevent this type of attack. The most common way to prevent this attack is to put a framebuster code in the main page like the following: if(top.location!=self.locaton) { parent.location = self.location; }

If you are interested in developing your own clickjacking page , you can use this tool called the clickjacking tool  It’s really cool! It very easily lets you make a site which has a hidden iframe .

Although many attempts are being made to prevent clickjacking on websites, hackers have been developing newer ways to bypass javascript filters put in place. It finally comes down to the developer/security testing team of the website to be vigilant and constantly update themselves with new types of attacks, thus securing the website.  Feel free to comment .

Comment

Hacking Facebook accounts on LAN – Part 2

Filed under: Hacking — 60 Comments

August 15, 2011

Hey!

Im back with the second part of the post. At the end of the last post, we successfully re-routed all the traffic from the victim’s computer to the router through our computer.Next, we have to capture their facebook cookies through wireshark. So How do you go about doing that? It’s very simple actually.

• Open up wireshark
• Goto capture – > Interfaces in the top menu and select your interface. It’s usually the one which has an IP address and  a certain number of packets flowing through it.
• Next goto capture and click on start.. It should look something like this

This window has all the packets sent from the victim’s/victims’ computer to the router and all the packets sent from the router to the victim.

Next in the filter type  “http.cookie contains datr”.  You ask why? Because, when a user logs in to facebook, he is given some cookies which is unique to him. If we replace our cookies with the victim’s cookies, we can login to his account as then facebook wont know the difference.

You now have the cookies. To get the information stored in the cookies,  right-click on any one of the cookie and click on Follow TCP stream.

In the TCP stream look for the line  Cookie: ( and all cookie names). If it doesn’t come, select some other packet in wireshark and click on follow tcp stream for that. You can see the source IP and destination IP in wireshark. So if you have more than one source IP , then you know you have the cookies of more than one account on your LAN. This is what I got when I did it.

So now you have it . The datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie. These are the main cookies you need.

Now open firefox and goto http://www.facebook.com. Once there, click on cookies in the web developer add on which you had installed in the last post. Then do the following

• ·         Clear session cookies

• ·         Delete domain cookies

• ·         Delete path cookies.

IMPORTANT: Once you do this, again type http://www.facebook.com in the URL and click enter. Basically you are reloading facebook after deleting all cookies.

Now login to your account with your username and password. After logging in , click on cookies in web developer add-on and click on “view cookie information”.

And there you have all your cookies :p. Now what to do?! I guess you know it by now. !

Click on “edit cookie” for each cookie there and replace the cookie value with the value you got through wireshark.

If you did not get all the  cookies in wireshark its OK! But mainly, you should look to replace the datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie.

After replacing all the  cookie values with the ones you got in wireshark, just refresh the facebook page. And thats it! You are in to the victim’s account! You have HACKED a facebook account on LAN.:D

<o.w.n.e.d>  + <p.w.n.e.d>

So until my next post Sayonara and happy hacking!

Comment

Hacking Facebook accounts on LAN – Part 1

Filed under: Hacking — 15 Comments

August 8, 2011

My blog has 10k hits right now. Glad to see so many people visiting the blog.

Ok so in this post I am going to show you a way you can hack the facebook accounts of all the people who are on your network (LAN or wifi ) . I have tried this and believe me it works..This is really the best way to hack facebook accounts. Its much easier than installing RATs, Keyloggers or making phishing sites. Ok so off we go!

You will need 3 programs for this

Cain and abel : http://www.oxid.it/cain.html

Wireshark : http://www.wireshark.org/download.html

Web developer add-on for firefox : https://addons.mozilla.org/en-US/firefox/addon/web-developer/

So what exactly happens when you type in http://www.facebook.com and login with your username and password. First download the web developer addon for firefox and then login to facebook. After you log in view the cookies in the web developer toolbar.

Ok now if you click on view cookie information, you will be able to see all the cookies which facebook has transmitted to your browser.

The main cookies are the c_user cookie (which identifies a person uniquely) and datr cookie..

So your aim must be to get the cookies of your victim through wireshark and then replace your cookies with the victim’s. So then, facebook will think you are the victim as you have his cookies and you will be logged in as the victim. Simple isn’t it?

So how do you do this..

First off install cain and abel.It will ask you whether you want to install the packet driver – WinPCap. Go ahead and install that also.Open up cain.

• Click on configure on top and select your Network card. Mostly its the one with an IP address :p
• Next click on the start/stop sniffer on top as shown below in green square.
• Once you start the sniffer, goto the sniffer tab in cain, right-click and click scan mac address as shown below!

Ok now you should have a list of everyone on the network. It may take some time though. You can right-click on any one computer and find out its name.

Now what we are going to do is the actual shit!We are going to do an ARP poison ! What this means is that you fool the router in thinking that you are the victim, and you fool the victim in thinking that you are the router.

So initially victim -> router -> facebook. Now after ARP poison,  victim->hacker->router. This is called an MITM(Man in the middle) attack.You can google it for more info :p

Doing the ARP POISON

• First Click the APR tab below in cain.
• Click the white screen in the top frame
• Click the blue plus on top.

Now you should get a list of all the devices on the left and a blank screen on the right..

In the left screen you should select the router IP. And in the right box, select the computers you want to target. To be safe its better to target one computer. But if you want some real fun then select all the computers on the right frame . Press ok.

WARNING: If there is a person at the router, he can know if you have just done an ARP poison. But where is the fun without the risk.:P

You can try googling on other methods to do arp poison safely.

In the top frame all the computer list should have got filled. now select the whole list and click on the nuclear button (top left of cain).

Thats it you are done with the arp poison. Just be careful, if you select too many computers, your computer cant handle the traffic and the network may just crash. I am reminding you, this should be done for ethical reasons !

Now all the data is passing through your computer. All you have to do is sniff the data in wireshark, get the cookie and replace your cookie with victim’s cookie.

Thats what ill be covering in part 2 of this post . Hopefully in a day or two. Till then Cheers!

Facebook Cheat Sheet: Sizes and Dimensions

Download Facebook cheat sheet PDF

What is the size of the profile picture in Facebook? How wide is page of your brand? Here are all the numbers you need and you can even download a handy PDF Facebook cheat sheet.

Profile picture

Width: 180px
Height: 540px

Thumbnail

The image that is displayed next to the link when you click like or share somenthing.
Width: 90px
Height: 90px

Facebook page

The usable area of your brands Facebook page
Width: 520px
Height: Unlimited

Uploading pictures

JPG file of sizes in 1:1 scale

This is the maximum size of the image you can upload.
Width: 2048px
Height: 2048px

Pictures displayed in Facebook

This is the maximum size of the image as shown in slide show or album.
Width: 720px
Height: 720px

Facebook ads

Picture in the ad
Width: 110px
Height: 80px
Size: 5MB

Text in ad
Header: 25 characters
Body copy: 135 characters

Facebook status update

Status update length: 420 characters
Comment length: unlimited

Video

The maximum size of vide you can upload
Size: 1024MB
Length: 20 minutes

Did i miss something? Let me know in the comments.

Facebook Subscribe Button: What It Means for Each Type of User

When Facebook launched its Subscribe button on Wednesday, many were quick to note its implications for journalists, celebrities and other thought leaders. The new feature allows for users to follow public updates, and these are the people most often broadcasting their ideas.

Yet there’s more the average user can get on board with than meets the eye. The release came with a slew of additional features — including a more customizable News Feed and increased privacy — that users have been wanting for years. The trouble is, there are so many moving parts in this product launch. Users are now presented with a number of options, and they’ll need to dig deep to understand which pieces to take and which to leave.

We hope to make that process a little easier for you. Here are some key points you should know based on what type of user you are:

(more…)

another revolutionary change in the facebook Introducing New Profile

Fill this wide, open space with a unique image that represents you best. It’s the first thing people see when they visit your timeline.

Try it out

Click a photo above to see how it looks as the cover.

Share and highlight your most memorable posts, photos and life events on your timeline. This is where you can tell your story from beginning, to middle, to now.

Star or remove

Star your favorite moments to make them widescreen, or remove the ones you want to hide.

Feature on Timeline

The movies you quote. The songs you have on repeat. The activities you love. Now there’s a new class of social apps that let you express who you are through all the things you do.

Play music

The music you listen to is on your timeline, so friends can listen along.

Watch the Apps video

Natural Resources of Pakistan

 

Pakistan, officially the Islamic Republic of Pakistan, located in South Asia has 650 miles of coastline on the Arabian Sea and Gulf of Oman. The west is bordered by Afghanistan and Iran. India is to the east and China in the far northeast. The country is strategically located between South Asia, Central Asia, and the Middle East. Land is a valuable natural resource.

Other natural resources include an extensive natural gas supply, some oil, hydro power potential, coal (although not high quality), iron ore, copper, salt, and limestone. Agricultural products are wheat, cotton, rice, sugarcane, eggs, fruit, vegetables, milk, beef, and mutton. Primary industry includes textiles, food processing, pharmaceuticals, construction materials, shrimp, fertilizer, and paper products. Major exports are textiles, rice, leather goods, sports goods, carpets, rugs, and chemicals. Pakistan imports petroleum, machinery, plastic, edible oil, iron, steel, tea, and paper. 

Coal

Pakistan recently discovered one low and four low-to-medium quality coal seams in the Punjab. Low sulfur coal was recently reported at the Baluchistan and near Islamabad. Bituminous, sub-bituminous, and lignite coal have been found in Pakistan.

Coal reserves are estimated at 175 billion tons. This would equate to 618 billion barrels of crude oil. When compared to oil reserves his is more than twice the amount of the top four countries. If At KSA’s current usage, the reserves would last more than 200 years.

Oil and Gas

Natural gas production is at a high level in Pakistan. Estimated reserves are 885.3 billion cubic meters (as of January 2009). Gas fields are expected to last for another 20 years. The Sui gas field is the largest, accounting for 26% of Pakistan’s gas production. Daily production is 19 million cubic meters a day. Under the barren mountains of Balochistan and the sands of Sindh, there are untouched oil and gas reserves.

Forestry

Forests are limited to 4% of Pakistan’s land; nonetheless the forests are a main source of food, lumber, paper, fuel wood, latex, and medicine. The forests are also used for wildlife conversation and ecotourism.

Mining

Pakistan has large gold/copper ore deposits at Saindak. There are large deposits of rock salt in the Pothohar Plateau. Pakistan’s mineral resources include reserves of gypsum, limestone, chromites, iron ore, rock salt, silver, precious stones, gems, marbles, tiles, sulfur, fire clay, and silica sand.

Land

About 28% of Pakistan’s total land area is under cultivation. Pakistan boasts one of the largest irrigation systems in the world. According to Wikipedia, “the most important crops are cotton, wheat, rice, sugarcane, maize, sorghum, millets, pulses, oil seeds, barley, fruits and vegetables, which together account for more than 75% of the value of total crop output.” The fertile lands of Punjab are ready to feed a population twice that of current Pakistan.

Uranium

Pakistan has a long history of exporting small amounts of uranium. In 2006 Pakistan produced about 45 tons of uranium.

Water

Fresh Fish by Asim Bijarani via Flickr

The fishing industry plays a role in the national economy of Pakistan. The coastline is 814km and fishery resources still have room to grow. Fishing in Pakistan is a major source of export earnings. 

Pakistan is rich in diverse natural resources. Pakistan’s human resources include a population of intelligent young people and a burgeoning urban middle class. The culture, knowledge, wealth, and infrastructure are sure to grow and improve in the near future. This combined with its prime location will lead to long-term success for the nation.

How To Approach Different Cultures With Social Media Marketing | Social Media Explorer

In the seven short years since Facebook was launched, social media sites have become a ubiquitous and all-pervading phenomenon. The social aspects of such sites are clearly important, but they’re also increasingly being used for marketing and other business purposes.

The global nature of the internet means social media sites give you the potential to reach out and make connections worldwide. Whether you’re pushing a business, a blog or anything else, new networks and markets are theoretically just a mouse-click away. In reality, there’s a little more to think about when it comes to approaching different cultures via social media.

(more…)

6 Reasons NOT to Create a Facebook Fan Page | Social Media Explorer

Many companies are rushing to try and jump into social media because they feel tremendous pressure to prevent being left behind. Most of us have moved past the need to make a business case for social media and into the era of “needing” social media as part of our overall marketing mix.  The statistics on social media adoption are astounding. A recent study found that over 90% of marketers indicate that social media is important for their business. This is a drastic shift from where we were even just a short 2 years ago. In the same study, more than half of the respondents had less than 1 year of experience in social media.

It’s not surprising then that when faced with building a corporate social media presence, most are turning to Facebook as the answer. Facebook has become the strategy you “won’t get fired for.” I mean how could you? There are over 600 million users on Facebook so there is a good chance that your customers are there just waiting for you to engage them, right? I mean aren’t we all just walking and talking Facebook fans, right? Not necessarily. Here are 6 reasons a company should NOT create a Facebook Fan Page.

(more…)

5 Tips for Driving Facebook Fans to Your Website | Social Media Examiner

5 Tips for Driving Facebook Fans to Your Website

Are your Facebook fans frequenting your website? Do you want them to?

Keep reading for five ways to drive traffic from Facebook to your company website.

Thoughts on Facebook

While Facebook has become an increasingly significant communication medium, for many businesses and organizations, their website remains the primary consumer touch point.

So what do you do if you want to get your Facebook audience to engage more on your brand site?

 You could of course have everything on your Facebook page point back to your brand site, but you run the risk of alienating those people who want to consume content on Facebook.

Savvy marketers are using traditional and social channels to support one another.

So here are five suggestions for ways to drive traffic back to your brand website without undermining your presence on Facebook.

(more…)