Search Results

Search found 119 results on 5 pages for 'cracking'.

Page 1/5 | 1 2 3 4 5  | Next Page >

  • Cracking Websites with Cross Site Scripting

    - by Akemi Iwaya
    You may have heard the term ‘cross site scripting’ before, but what exactly is ‘it’ and why is it dangerous for a website? YouTube channel Computerphile presents a nice primer on the ‘how and why’ of cross site scripting and the dangers it presents in their latest video. Cracking Websites with Cross Site Scripting – Computerphile [YouTube]     

    Read the article

  • Cracking open five of the best open source easter eggs

    <b>ars Technica:</b> "A number of humorous yet undocumented features are hiding beneath the surface of some of the most popular open source software applications. Although easter eggs are generally easy to spot when you can look at an application's source code, there are a few that aren't widely known."

    Read the article

  • Trying to develop a game with android for cracking glasses in different dimensions

    - by user46514
    I am trying to develop a game in android where I will have to punch a hole to get through the glass but not shatter the glass completely. The glass will show up in different forms of polygons and when a hole is created by a projectile, the rest of the polygon will still remain intact.Only a polygonal opening will get created at the point of impact with the projectile. I am new at game design in android but I was thinking that I would create a random polygon shape to show in the path and then at the point where the projectile hits it, I could create a glass polygon to create a splinter effect. The rest of the part of the glass that is randomly created at the point of impact, I could further splinter it into polygons flying at different angle. since I also need to capture the bits of glasses flying off and falling down with gravity. Is my solution the best efficient one at performance of threads or is there a better solution for this glass breaking effect. Thanks Dhiren

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Cracking WEP with Aircrack and Kismet

    - by Jenny
    Just a minor question, but I notice with aircrack when it lists networks, it does not list the encryption type of each network. Which seems fair enough, as you can use Kismet, however on my machine when I end kismet and the server, the monitor interface is not removed and I cannot remove it manually, which screws with aircrack. SO, is kismet needed to view encryption types of networks, and if so how do you use it peacefully in unison with aircrack?

    Read the article

  • What is an efficient way to write password cracking algorithm (python)

    - by Luminance
    This problem might be relatively simple, but I'm given two text files. One text file contains all encrypted passwords encrypted via crypt.crypt in python. The other list contains over 400k+ normal dictionary words. The assignment is that given 3 different functions which transform strings from their normal case to all different permutations of capitalizations, transforms a letter to a number (if it looks alike, e.g. G - 6, B - 8), and reverses a string. The thing is that given the 10 - 20 encrypted passwords in the password file, what is the most efficient way to get the fastest running solution in python to run those functions on dictionary word in the words file? It is given that all those words, when transformed in whatever way, will encrypt to a password in the password file. Here is the function which checks if a given string, when encrypted, is the same as the encrypted password passed in: def check_pass(plaintext,encrypted): crypted_pass = crypt.crypt(plaintext,encrypted) if crypted_pass == encrypted: return True else: return False Thanks in advance.

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Cracking the Playfair cipher

    - by wwrob
    I have the ciphertext and an encrypting program (with the key hardcoded in). How would I go about finding the key? Surely the availability of the encryptor must open up possibilities beyond brute-forcing it.

    Read the article

  • Cracking WEP wireless networks [closed]

    - by John
    I have a problem.I am new to linux and would like to know how to crack a WEP and WAP wireless encrypted network.I have been typing the command "airmon-ng" i have even initialized the wlan0 with the following command on Backtrack 4 but it has failed,When I use airmon-ng command, it does not display my wireless driver.SomeOne please xplain to me from scratch.Would really appreciate it.

    Read the article

  • Password Cracking in 2010 and Beyond

    - by mttr
    I have looked a bit into cryptography and related matters during the last couple of days and am pretty confused by now. I have a question about password strength and am hoping that someone can clear up my confusion by sharing how they think through the following questions. I am becoming obsessed about these things, but need to spend my time otherwise :-) Let's assume we have an eight-digit password that consists of upper and lower-case alphabetic characters, numbers and common symbols. This means we have 8^96 ~= 7.2 quadrillion different possible passwords. As I understand there are at least two approaches to breaking this password. One is to try a brute-force attack where we try to guess each possible combination of characters. How many passwords can modern processors (in 2010, Core i7 Extreme for eg) guess per second (how many instructions does a single password guess take and why)? My guess would be that it takes a modern processor in the order of years to break such a password. Another approach would consist of obtaining a hash of my password as stored by operating systems and then search for collisions. Depending on the type of hash used, we might get the password a lot quicker than by the bruteforce attack. A number of questions about this: Is the assertion in the above sentence correct? How do I think about the time it takes to find collisions for MD4, MD5, etc. hashes? Where does my Snow Leopard store my password hash and what hashing algorithm does it use? And finally, regardless of the strength of file encryption using AES-128/256, the weak link is still my en/decryption password used. Even if breaking the ciphered text would take longer than the lifetime of the universe, a brute-force attack on my de/encryption password (guess password, then try to decrypt file, try next password...), might succeed a lot earlier than the end of the universe. Is that correct? I would be very grateful, if people could have mercy on me and help me think through these probably simple questions, so that I can get back to work.

    Read the article

  • Quantum Computing and Encryption Breaking

    - by Earlz
    Ok, I read a while back that Quantum Computers can break most types of hashing and encryption in use today in a very short amount of time(I believe it was mere minutes). How is it possible? I've tried reading articles about it but I get lost at the a quantum bit can be 1, 0, or something else. Can someone explain how this relates to cracking such algorithms in plain English without all the fancy maths?

    Read the article

  • Crackers - How do they do it, how do we fight back?

    - by zedo
    As someone who is interested in learning more about the security side of technology, I ask you all the following questions: How is it that crackers crack software? What techniques are used to do so? I would imagine that the cracking methods depend upon the language the software is written in, right? Aside from using something like cloud-based security for SaaS ((software as a service) which isn't always an option), what choices does one have to prevent their software from being compromised?

    Read the article

  • is that possible to crack Private key with Decrypted message and public key?

    - by matt clarck
    for example company B send an encrypted email with company A's public key (RSA/PGP/SSH/openSSL/...) the employer receive the encrypted email and send it to his boss who have the private key to decrypt message. the boss give decrypted email back to employer to work on it. question is can employer compare encrypted email with decrypted version and find out what is private key ? if it is possible then is there anyway to protect cracking private key from decrypted messages and comparing with encrypted messages/public key ?

    Read the article

  • Software tools to automatically decrypt a file, whose encryption algorithm (and/or encryption keys)

    - by Andrew
    I have an idea for encryption that I could program fairly easily to encrypt some local text file. Given that my approach is novel, and does not use any of the industry standard encryption techniques, would I be able to test the strength of my encryption using 'cracker' apps or suchlike? Or do all those tools rely on advanced knowledge of the encryption process (or intercepted 'keys'), meaning I'd have to build my own cracker for testing?

    Read the article

  • Get special numbers from a random number generator

    - by Wikeno
    I have a random number generator: int32_t ksp_random_table[GENERATOR_DEG] = { -1726662223, 379960547, 1735697613, 1040273694, 1313901226, 1627687941, -179304937, -2073333483, 1780058412, -1989503057, -615974602, 344556628, 939512070, -1249116260, 1507946756, -812545463, 154635395, 1388815473, -1926676823, 525320961, -1009028674, 968117788, -123449607, 1284210865, 435012392, -2017506339, -911064859, -370259173, 1132637927, 1398500161, -205601318, }; int front_pointer=3, rear_pointer=0; int32_t ksp_rand() { int32_t result; ksp_random_table[ front_pointer ] += ksp_random_table[ rear_pointer ]; result = ( ksp_random_table[ front_pointer ] >> 1 ) & 0x7fffffff; front_pointer++, rear_pointer++; if (front_pointer >= GENERATOR_DEG) front_pointer = 0; if (rear_pointer >= GENERATOR_DEG) rear_pointer = 0; return result; } void ksp_srand(unsigned int seed) { int32_t i, dst=0, kc=GENERATOR_DEG, word, hi, lo; word = ksp_random_table[0] = (seed==0) ? 1 : seed; for (i = 1; i < kc; ++i) { hi = word / 127773, lo = word % 127773; word = 16807 * lo - 2836 * hi; if (word < 0) word += 2147483647; ksp_random_table[++dst] = word; } front_pointer=3, rear_pointer=0; kc *= 10; while (--kc >= 0) ksp_rand(); } I'd like know what type of pseudo random number generation algorithm this is. My guess is a multiple linear congruential generator. And is there a way of seeding this algorithm so that after 987721(1043*947) numbers it would return 15 either even-only, odd-only or alternating odd and even numbers? It is a part of an assignment for a long term competition and i've got no idea how to solve it. I don't want the final solution, I'd like to learn how to do it myself.

    Read the article

  • Hacking your own application

    - by instigator
    I am a web developer that is very conscious of security and try and make my web applications as secure as possible. How ever I have started writing my own windows applications in C# and when it comes testing the security of my C# application, I am really only a novice. Just wondering if anyone has any good tutorials/readme's on how to hack your own windows application and writing secure code.

    Read the article

  • How To Extract .flv Stream from JW Player 5.1?

    - by Catfish
    The problem is I've a slow internet connection, and the video doesn't buffer like in YouTube. Therefore I was wondering weather I can extract the url of the .flv file which is being streamed in JW Player and directly download it. Doing some preliminary research, I've found the following info: Main Video URL: http://ijf10.ilcannocchiale.tv/video/2263 Link Only To Video: http://ijf10.ilcannocchiale.tv/js/mediaplayer.swf?... XML File: http://ijf10.ilcannocchiale.tv/xml/video/2263 Actual File Name: 20100425_mother.flv

    Read the article

  • If I write an algorithm to encrypt a file, are their tools available to break the encryption?

    - by Andrew
    I have an idea for encryption that I could program fairly easily to encrypt some local text file. Given that my approach is novel, and does not use any of the industry standard encryption techniques, would I be able to test the strength of my encryption using 'cracker' apps or suchlike? Or do all those tools rely on advanced knowledge of the encryption process (or intercepted 'keys'), meaning I'd have to build my own cracker for testing?

    Read the article

  • Where is the method call in the EXE file?

    - by Victor Hurdugaci
    Introduction After watching this video from LIDNUG, about .NET code protection http://secureteam.net/lidnug_recording/Untitled.swf (especially from 46:30 to 57:30), I would to locate the call to a MessageBox.Show in an EXE I created. The only logic in my "TrialApp.exe" is: public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void Form1_Load(object sender, EventArgs e) { MessageBox.Show("This is trial app"); } } Compiled on the Release configuration: http://rapidshare.com/files/392503054/TrialApp.exe.html What I do to locate the call Run the application in WinDBG and break after the message box appears. Get the CLR stack with !clrstack: 0040e840 5e21350b [InlinedCallFrame: 0040e840] System.Windows.Forms.SafeNativeMethods.MessageBox(System.Runtime.InteropServices.HandleRef, System.String, System.String, Int32) 0040e894 5e21350b System.Windows.Forms.MessageBox.ShowCore(System.Windows.Forms.IWin32Window, System.String, System.String, System.Windows.Forms.MessageBoxButtons, System.Windows.Forms.MessageBoxIcon, System.Windows.Forms.MessageBoxDefaultButton, System.Windows.Forms.MessageBoxOptions, Boolean) 0040e898 002701f0 [InlinedCallFrame: 0040e898] 0040e934 002701f0 TrialApp.Form1.Form1_Load(System.Object, System.EventArgs) Get the MethodDesc structure (using the address of Form1_Load) !ip2md 002701f0 MethodDesc: 001762f8 Method Name: TrialApp.Form1.Form1_Load(System.Object, System.EventArgs) Class: 00171678 MethodTable: 00176354 mdToken: 06000005 Module: 00172e9c IsJitted: yes CodeAddr: 002701d0 Transparency: Critical Source file: D:\temp\TrialApp\TrialApp\Form1.cs @ 22 Dump the IL of this method (by MethodDesc) !dumpil 001762f8 IL_0000: ldstr "This is trial app" IL_0005: call System.Windows.Forms.MessageBox::Show IL_000a: pop IL_000b: ret So, as the video mentioned, the call to to Show is 5 bytes from the beginning of the method implementation. Now I open CFFExplorer (just like in the video) and get the RVA of the Form1_Load method: 00002083. After this, I go to Address Converter (again in CFF Explorer) and navigate to offset 00002083. There we have: 32 72 01 00 00 70 28 16 00 00 0A 26 2A 7A 03 2C 13 02 7B 02 00 00 04 2C 0B 02 7B 02 00 00 04 6F 17 00 00 0A 02 03 28 18 00 00 0A 2A 00 03 30 04 00 67 00 00 00 00 00 00 00 02 28 19 00 00 0A 02 In the video is mentioned that the first 12 bytes are for the method header so I skip them 2A 7A 03 2C 13 02 7B 02 00 00 04 2C 0B 02 7B 02 00 00 04 6F 17 00 00 0A 02 03 28 18 00 00 0A 2A 00 03 30 04 00 67 00 00 00 00 00 00 00 02 28 19 00 00 0A 02 5 bytes from the beginning of the implementation should be the opcode for method call (28). Unfortunately, is not there. 02 7B 02 00 00 04 2C 0B 02 7B 02 00 00 04 6F 17 00 00 0A 02 03 28 18 00 00 0A 2A 00 03 30 04 00 67 00 00 00 00 00 00 00 02 28 19 00 00 0A 02 Questions: What am I doing wrong? Why there is no method call at that position in the file? Or maybe the video is missing some information... Why the guy in that video replaces the call with 9 zeros?

    Read the article

  • What is the best anti-crack scheme for your trial or subscription software?

    - by gmatt
    Writing code takes time and effort and just like any other human being we need to live by making an income (save for the few that are actually self sustainable.) Here are 3 general schemes to make a living: Independent developers can offer a trial then purchase scheme. An alternative is an open source base application with pay extensions. A last (probably least popular with customers) scheme is to enforce some kind of subscription. Then the price of the software pales in comparison to the long term subscription fees. So, my question would be a hypothetical one. Suppose that you invest thousands of hours into developing an application. Now suppose you can choose any one of the three options to make a living off this application--or any other option you want--and suppose you have a very real fear of loosing 80% of your revenue to a cracked version if one can be made. To be clear this application does not require the internet to perform all its useful functions, that is, your application is a prime candidate to be a cracked release on some website. Which option would you feel most comfortable with defending yourself against this possible situation and briefly describe why this option would be the best.

    Read the article

  • How secure is a PostgreSQL database if my server is stolen?

    - by orokusaki
    If I have a server with a database if top secret data in PostgreSQL and my password is practically impossible to crack (128 character string of all sorts of weird chars, generated by hand). The server password is also uncrackable in theory (basically, ignore the possibility of a password crack on the DB). Aside from a password crack, how easy is it to get the data out of this database? Assumptions: Only the DB exists on the server. There is no password in a PHP script or anything like that The person who has the server is a computer / DB / hard-drive recovery expert I'm not using any hard-drive encryption or anything out of the norm for protection I'm trying to understand the risks involved with somebody gaining physical access to my server's hard-drives.

    Read the article

1 2 3 4 5  | Next Page >