Search Results

Search found 398 results on 16 pages for 'jungle hacker'.

Page 12/16 | < Previous Page | 8 9 10 11 12 13 14 15 16 | Next Page >

Are there cloud network drives that let users lock files or mark them as "in use"?

- by Brandon Craig Rhodes

Having spent several hours reading about the features and limitations of services like DropBox and Jungle Disk and the hundreds of competitors they seem to have (as though everyone with an AWS account these days goes ahead and writes a file sharing application just for fun), I have yet to find one that would let a team of people at a small business collaborate without stepping all over each other's toes. At a small business there are often many small documents per project — estimates, contracts, project plans, budgets — and team members frequently have to open and edit them, with all sorts of problems happening if two people edit a file at once. Even if a sharing service is smart enough to keep both versions of the file created, most small-business software (like word processors, spreadsheets, estimating software, or billing systems) has no way to compare — much less to merge! — the changes in two rival versions of a file that two people edited at the same time without each other's knowledge. So, my question: are their cloud-based file sharing solutions that not only provide a virtual network drive that people can access, but that also let users lock files — even if it's not a real lock but just a flag or indicator — that could possibly prevent remote workers from both editing the same file at once? Having one person wait for another person to finish editing is a very, very small inconvenience compared to the hour or more than it can take to compare two estimates by hand until you find and resolve the rival changes. Given this fact, I am surprised that almost none of the popular file sharing solutions seem to recognize this problem and provide some solution! Does anyone know of a service that does?

Read the article
Cable management techniques

- by cornjuliox

How do you manage the giant jungle of cables behind your PC? When you have 2 or more PCs next to each other, you wind up with this giant mess cables that's a pain in the neck to clean especially when both computers are running 24/7 and any fidgeting with the cables is likely to cause data loss and/or angry users. So far I've tried masking tape, cable ties and plain old string but none have been very effective. The masking tape kept the cables in place, but over time they ended up leaving this awful sticky residue on the sides of the cables that just won't come off gets all over your fingers and is horrible horrible horrible. I have nightmares about that stuff. We used cable ties and 'folded' up some of the longer cables so that they weren't any longer than they needed to be, but this meant that the position of some of our devices like the keyboard and the mouse were essentially 'fixed' until we removed the ties. The string didn't work much differently and required that we tie them properly or risk it coming loose. I would switch to a wireless keyboard and mouse, but I don't want to have to deal with the added expense of batteries, even the rechargable ones. Plus I don't want them to die on me at a crucial moment (happened to me once while playing Firearms _<). How do large offices and data centers manage their masses of cable?

Read the article
Cable management techniques

- by cornjuliox

How do you manage the giant jungle of cables behind your PC? When you have 2 or more PCs next to each other, you wind up with this giant mess cables that's a pain in the neck to clean especially when both computers are running 24/7 and any fidgeting with the cables is likely to cause data loss and/or angry users. So far I've tried masking tape, cable ties and plain old string but none have been very effective. The masking tape kept the cables in place, but over time they ended up leaving this awful sticky residue on the sides of the cables that just won't come off gets all over your fingers and is horrible horrible horrible. I have nightmares about that stuff. We used cable ties and 'folded' up some of the longer cables so that they weren't any longer than they needed to be, but this meant that the position of some of our devices like the keyboard and the mouse were essentially 'fixed' until we removed the ties. The string didn't work much differently and required that we tie them properly or risk it coming loose. I would switch to a wireless keyboard and mouse, but I don't want to have to deal with the added expense of batteries, even the rechargable ones. Plus I don't want them to die on me at a crucial moment (happened to me once while playing Firearms _<). I know that there are people out there with home/office networks a thousand times more convoluted than mine, so

Read the article
iptables : how to allow incoming ftp traffic?

- by logansama

Hi, Still fighting my way through the jungle that is called iptables. I have managed to allow FTP access outside of our LAN: both these would work. NOTE: eth0 is the LAN interface and eth1 is the WAN interface. iptables -t filter -A FORWARD -i eth0 -p tcp --dport 20:21 -j ACCEPT or iptables -A FORWARD -i eth0 -o eth1 -p tcp --sport 20:21 --dport 1024:65535 -j ACCEPT But when i connect to a external FTP server i manage to log in and all is fine until it wishes to List the directory content. Then nothing happens as the data is blocked, due to the fact that i do not have a rule set up to allow it! (my last rule on the FORWARD chain is to block all traffic) I have tried a gazillion rules (many of which i did not understand) to try and allow the FTP traffic back through my server. One such rule for example was: iptables -A FORWARD -i eth1 -o eth0 -p tcp --sport 20:21 --dport 1024:65535 -j ACCEPT But i cannot get the List to work. It just times out after a while. Would anyone perhaps know how to build a rule which would allow FTP to List / allow such traffic back? Or have a link to sources i could work through? Thank you,

Read the article
What are some interesting fringe programming topics that might have hands-on training?

- by hal10001

Whenever training topic questions are asked, the answers are fairly typical, and involve a pretty limited subset of topics like OO, design patterns, algorithms, web services, SQL, etc., but I wonder if there are some fringe topics that are still applicable to the programming field and would give me a more rounded approach to development. When I think of "fringe", I think of 2600: The Hacker Quarterly articles that discuss how to use real world (sometimes obscure) exploits, or something like Maker Faire that demonstrates embedded systems programming using Arduino. I have around $1500-2000 to spend, and my job entails Java technologies, but that does not limit my options.

Read the article
Is it viable and necessary to encrypt bytes?

- by Shervin

We have a requirement from customer that if someone gets access to the database, all data that includes personal information should be encrypted, so that when they do select calls, they shouldn't be able to see anything in clear text. Now this isn't any problem for Strings, but what about bytearrays? (that can potentially be quite huge (several 100mb)) When you do a select call, you get gibberish anyways. Is it possible for a hacker to somehow read the bytes and get the sensitive information without knowing how the structure of the object it is mapped against is? Because if that is the case, then I guess we should encrypt those bytes, even if they can potentially be quite huge. (I am guessing adding encryption will make them even bigger)

Read the article
How do you embed a resource so that it can be accessed for icons?

- by fneep

I have a C# project using VS2005. Basically I have two icons, one for the application, and one for files that are associated with the application. I have associated these files with the application, and I know how to set their icons in the Registry, but I can only set them to the application icon because it seems to be the only external resource. To show what I mean, I've built the app and opened it with Resource Hacker, and you'll notice only one of the two icons is there, using one icon and one icon group.

Read the article
Control Windows VM from Linux Host

- by vy32

I am looking for a tool that will allow me to monitor and control programs running inside a Windows VM from the Linux host machine. I realize that this is similar to what a rootkit would do, and I am completely happy to use some hacker software if it provides the necessary functionality (and if I can get it in source-code form). If I can't find something, I'll have to write it using C. Probably an embedded HTTP server running on an odd port and doing some kind of XMLRPC thing. Here is the basic functionality I need: Get list of running processes Kill a process. Start a process Read/write/create/delete files I would like to: - Read contents of screen - Read all controls on screen. - Send arbitrary click to a Windows control. Does anything like this exist?

Read the article
What's a reliable and practical way to protect software with a user license ?

- by Frank

I know software companies use licenses to protect their softwares, but I also know there are keygen programs to bypass them. I'm a Java developer, if I put my program online for sale, what's a reliable and practical way to protect it ? How about something like this, would it work ? <1> I use ProGuard to protect the source code. <2> Sign the executable Jar file. <3> Since my Java program only need to work on PC [I need to use JDIC in it], I wrap the final executable Jar into an .exe file which makes it harder to decompile. <4> When a user first downloads and runs my app, it checks for a Pass file on his PC. <5> If the Pass file doesn't exist, run the app in demo mode, exits in 5 minutes. <6> When demo exits a panel opens with a "Buy Now" button. This demo mode repeats forever unless step <7> happens. <7> If user clicks the "Buy Now" button, he fills out a detailed form [name, phone, email ...], presses a "Verify Info" button to save the form to a Pass file, leaving license Key # field empty in this newly generated Pass file. <8> Pressing "Verify Info" button will take him to a html form pre-filled with his info to verify what he is buying, also hidden in the form's input filed is a license Key number. He can now press a "Pay Now" button to goto Paypal to finish the process. <9> The hidden license Key # will be passed to Paypal as product Id info and emailed to me. <10> After I got the payment and Paypal email, I'll add the license Key # to a valid license Key list, and put it on my site, only I know the url. The list is updated hourly. <11> Few hours later when the user runs the app again, it can find the Pass file on his PC, but the license Key # value is empty, so it goes to the valid list url to see if its license Key # is on the list, if so, write the license Key # into the Pass file, and the next time it starts again, it will find the valid license Key # and start in purchased mode without exiting in 5 minutes. <12> If it can't find its license Key # on the list from my url, run in demo mode. <13> In order to prevent a user from copying and using another paid user's valid Pass file, the license Key # is unique to each PC [I'm trying to find how], so a valid Pass file only works on one PC. Only after a user has paid will Paypal email me the valid license Key # with his payment. <14> The Id checking goes like this : Use the CPU ID : "CPU_01-02-ABC" for example, encrypt it to the result ID : "XeR5TY67rgf", and compare it to the list on my url, if "XeR5TY67rgf" is not on my valid user list, run in demo mode. If it exists write "XeR5TY67rgf" into the Pass File license field. In order to get a unique license Key, can I use his PC's CPU Id ? Or something unique and useful [ relatively less likely to change ]. If so let's say this CPU ID is "CPU_01-02-ABC", I can encrypt it to something like "XeR5TY67rgf", and pass it to Paypal as product Id in the hidden html form field, then I'll get it from Paypal's email notification, and add it to the valid license Key # list on the url. So, even if a hacker knows it uses CPU Id, he can't write it into the Pass file field, because only encrypted Ids are valid Ids. And only my program knows how to generate the encrypted Ids. And even if another hacker knows the encrypted Id is hidden in the html form input field, as long as it's not on my url list, it's still invalid. Can anyone find any flaw in the above system ? Is it practical ? And most importantly how do I get hold of this unique ID that can represent a user's PC ? Frank

Read the article
Browser for cross-site-script testing (for testing Mozilla Add-On)

- by Anthony

I am working on a Firefox extension that will involve ajax calls to domains that would normally fail due to the same-origin policy set by Firefox (and most modern browsers). I was wondering if there is a way to either turn off the same-origin restriction (in about:config, perhaps) or if there was a standard lite-browser that developers turn to for this. I really would like to avoid using any blackhat tools, if possible. Not because I'm against them, I just don't want to add another learning curve to the process. I can use curl in PHP to confirm that the requests work, but I want to get started on writing the js that the addon will actually use, so I need a client that will execute js. I also tried spidermonkey, but since I'm doing the ajax with jquery, it threw a fit at all of the browser-based default variables. So, short version: is there a reliable browser/client for cross site scripting that isn't primarily a hacker app? Or can I just turn off same-domain policy in Firefox?

Read the article
What's the funniest user request you've ever had?

- by Shaul

Users sometimes come up with the most amusing, weird and wonderful requirements for programmers to design and implement. Today I read a memo from my boss that we need the "ability to import any excel or access data, irrespective of size, easily and quickly." From the same memo, we have a requirement to "know if anyone unauthorized accessed the system" - as if a hacker is going to leave his calling card wedged between an index and a foreign key somewhere. I think my boss has been watching too much "Star Trek"... :) What's the funniest user request you've ever had?

Read the article
Telling between a "natural" HTTP 404 and a PHP Generated one

- by JCOC611

So I have a file that should never be accessed by a user directly, but included in another PHP file. If the file is called directly, it generates a HTTP Status 404 Not Found to trick a possible attacker that such file doesn't exist. However, if the hacker could tell that the 404 was generated by PHP or is not "natural" then the whole point of the header would be lost. So is it possible to tell whether the 404 was generated by the server naturally (because the file really doesn't exist) or by a PHP code? PS: I know this question might seem pretty weird lol

Read the article
Resources for TDD aimed at Python Web Development

- by Null Route

I am a hacker not and not a full-time programmer but am looking to start my own full application development experiment. I apologize if I am missing something easy here. I am looking for recommendations for books, articles, sites, etc for learning more about test driven development specifically compatible with or aimed at Python web application programming. I understand that Python has built-in tools to assist. What would be the best way to learn about these outside of RTFM? I have searched on StackOverflow and found the Kent Beck's and David Astels book on the subject. I have also bookmarked the Wikipedia article as it has many of these types of resources. Are there any particular ones you would recommend for this language/application?

Read the article
Prevent strings stored in memory from being read by other programs

- by Roy

Some programs like ProcessExplorer are able to read strings in memory (for example, my error message written in the code could be displayed easily, even though it is compiled already). Imagine if I have a password string "123456" allocated sequentially in memory. What if hackers are able to get hold of the password typed by the user? Is there anyway to prevent strings from being seen so clearly? Oh yes, also, if I hash the password and sent it from client to server to compare the stored database hash value, won't the hacker be able to store the same hash and replay it to gain access to the user account? Is there anyway to prevent replaying? Thank You!

Read the article
Good book(s) for MMORPG design & implementation?

- by mawg

I am a long time professional C/C++ programmer (mostly embedded systems) and a hobbyist windows & php hacker. Can anyone recommend a book(s) specifically aimed at designing and (hopefully) implementing an MMORPG? I don't need general how to design or how to code books. Maybe a really good generic games book, but I am not interested in 1st person shooters, I want to know what it takes to implement an MMORPG. Good books, maybe also good URLs. Thanks just searching eBay and Amazon threw up a whole slew of books. Amazon's customer reviews give me an idea of how good they are, and the overview tells me what areas they cover

Read the article
can I prohibit users from loading swf files by AS3 / Flash Loader.load() and only allow loading imag

- by EndangeringSpecies

I want to have an AS3 app load images from url supplied by the user. But I don't want a malicious user to be able to load an SWF file in place of the image, such as with an altered extension "maliciousSwf.png". Well, not sure how big a security threat that is above and beyond the ability of the hacker to decompile swf, but I think that ideally such behavior should not be allowed. So, is there any way to prevent this? When people allow users to load images in their Flash apps, do they somehow guard against loading of SWF? Or is this really absolutely no big deal?

Read the article
Is it possible for a XSS attack to obtain HttpOnly cookies?

- by Dan Herbert

Reading this blog post about HttpOnly cookies made me start thinking, is it possible for an HttpOnly cookie to be obtained through any form of XSS? Jeff mentions that it "raises the bar considerably" but makes it sound like it doesn't completely protect against XSS. Aside from the fact that not all browser support this feature properly, how could a hacker obtain a user's cookies if they are HttpOnly? I can't think of any way to make an HttpOnly cookie send itself to another site or be read by script, so it seems like this is a safe security feature, but I'm always amazed at how easily some people can work around many security layers. In the environment I work in, we use IE exclusively so other browsers aren't a concern. I'm looking specifically for other ways that this could become an issue that don't rely on browser specific flaws.

Read the article
How necessary is using PHP filters?

- by Jamie

I'm a relatively newbie to PHP and just making my way through the W3Schools tut. The tut makes a big point of saying you must always filter external data (i.e. cookies, form data etc). I'm writing a fairly simple system that talks with a third party Joomla extension. It's at a prototype stage where I'm just wanting to demonstrate the functionality in a minimum viable product. Basically, I'd like to know... what's the worst that could happen in I don't filter content. Are we talking 'I might get a bunch of spam', or 'a good hacker could get root server access'? Have hunted around online, but would love any of your experience / insight on the matter!

Read the article
Connect to a MySQL database and count the number of rows.

- by Hugo

Hi there! I need to connect to a MySQL database and then show the number of rows. This is what I've got so far; <?php include "connect.php"; db_connect(); $result = mysql_query("SELECT * FROM hacker"); $num_rows = mysql_num_rows($result); echo $num_rows; ?> When I use that code I end up with this error; Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Documents and Settings\username\Desktop\xammp\htdocs\news2\results.php on line 10 Thanks in advance :D

Read the article
Do I have to use Stored Procedures to get query level security or can I still do this with Dynamic S

- by Peter Smith

I'm developing an application where I'm concerned about locking down access to the database. I know I can develop stored procedures (and with proper parameter checking) limit a database user to an exact set of queries to execute. It's imperative that no other queries other then the ones I created in the stored procedures be allowed to execute under that user. Ideally even if a hacker gained access to the database connection (which only accepts connections from certain computers) they would only be able to execute the predefined stored procedures. Must I choose stored procedures for this or can I use Dynamic Sql with these fine grain permissions?

Read the article
php: security question

- by Syom

in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['error']: $_SESSION['error'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['error'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

Read the article
Do similar passwords have similar hashes?

- by SLC

Our computer system at work requires users to change their password every few weeks, and you cannot have the same password as you had previously. It remembers something like 20 of your last passwords. I discovered most people simply increment a digit at the end of their password, so "thisismypassword1" becomes "thisismypassword2" then 3, 4, 5 etc. Since all of these passwords are stored somewhere, I wondered if there was any weakness in the hashes themselves, for standard hashing algorithms used to store passwords like MD5. Could a hacker increase their chances of brute-forcing the password if they have a list of hashes of similar passwords?

Read the article
Security question

- by Syom

in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['success']: $_SESSION['success'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['success'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

Read the article
What tool can I use to extract resources from a VB6 application?

- by RichieACC

One of my clients has an application that was written for them using VB6. They no longer have the original resources that were given to the developer. The developer has disappeared off the face of the earth. My challenge is to extract the resources from the executable and rebuild the application, adding new material to it. I've tried using Resource Hacker, but that only finds the icon. The exe is over 26MB, I can't see that the only resource embedded is the icon. Is there a way to extract this resource?

Read the article
How do I remove specific numbers from a string?

- by user1666900

I have this string in PHP Hopelessly Incredible |SPG:M| 766 STEAM_0:1:20130600 " banned "A Blatantly Obvious Hacker 740 STEAM_0:1:55386073 " (minutes "0") (reason "Multi-Hack") The Format of the string is: Name1 Number(0-3 digits) Steam_0:x:xxxx offense (banned/kicked/mute etc) Name2 Number(0-3 digits) Steam_0:x:xxxx time reason My goal is to remove the values 766 and 740 because it is just garbage. Those values can have single, double, and triple digits. The next step would be to strip STEAM_0:1:20130600 and STEAM_0:1:55386073 out of the string and capture it in a new variable. The only constant is STEAM_0: the rest can change. I am still learning regex but I fear this is a bit complicated for me to do. Some guidance would be most appreciative.

Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 | Next Page >