background preloader

Maptor – a Map and a Projector 2 in 1 « Gadget Reviews, Gift Ideas, Latest Cool Gadgets

The hacker's guide to website security 3. Gaining access The next step is gaining access to the web application, database or the server itself, using a selection of the following attacks: cross-site scripting XSS, SQL injections, command injections, cookie/session poisoning, parameter/form tampering, buffer overflow, authentication hijacking, obfuscation attack, platform exploits, application exploits, brute force attacks and web services exploits. Step 1: Software exploits Ethical hacker: "As I'm focusing on information leaks and unauthorised access, I'll concentrate on application exploits, SQL injections, form manipulation and XSS. ● Vbulletin 3.8.6 exploit – lots of them, XSS, remote execution and SQL injections. ● phpmyadmin 3.2.5 exploit – nothing there but I could try a brute force if all else fails. ● Joomla 1.5 – lots of different exploits available. Let's have a look at the websites on the server. "Nothing special on the first two, just static pages. Step 2: Form manipulation There's also a hidden field called promo.

Flexbook – Laptop Concept by Hao-Chun Huang Flexible Notebook Has Sexy Features I call myself a concept technology glutton because I can devour the most bizarre and hypothetical features, in the hope that someday we will make those advances and sexy, psycho gadgets will rule! My hope is kept alive with concepts like the Flexbook that sports key features like a flexible joint that allows you to fold and configure the laptop to become tablet or a notebook in a jiffy. Specs include a waterproof keypad, swappable rubber skins, 21:9 – 180-degree swivel touch screen that make it an eBook, tablet and notebook in one go. I’m so happy! Designer: Hao-Chun Huang This Fujitsu concept is a part of the Fujitsu Design Award that was organized by Designboom.

NoteSlate - Devices and Cases -- Better Living Through Design Written by Katie on February 8, 2011. Permalink No, it’s not an iPad wannabe, nor is it a new eReader. It’s got no apps or games or books stored on its memory card. This simple tablet device takes the place of pen and paper, that’s all. See NoteSlate’s website for specifications and details. Looks like the basic model along with the white and black version will be available June 2011, while the red, green, and blue ones will be available in December 2011. NoteSlate COLOR (price and availability will be announced at a later date) Thanks Stephon!

Writing Buffer Overflow Exploits - a Tutorial for Beginners 1. Memory Note: The way we describe it here, memory for a process is organized on most computers, however it depends on the type of processor architecture. This example is for x86 and roughly applies to Sparc. The principle of exploiting a buffer overflow is to overwrite parts of memory that are not supposed to be overwritten by arbitrary input and making the process execute this code. To see how and where an overflow takes place, let us look at how memory is organized. - Code segment, data in this segment are assembler instructions that the processor executes. - Data segment, space for variables and dynamic buffers - Stack segment, which is used to pass data (arguments) to functions and as a space for variables of functions. 2. memory address code 0x8054321 <main+x> pushl $0x0 0x8054322 call $0x80543a0 <function> 0x8054327 ret 0x8054328 leave ... 0x80543a0 <function> popl %eax 0x80543a1 addl $0x1337,%eax 0x80543a4 ret What happens here? In this case, our return address is 0x8054327. 3.

Facebook sienta las bases para ser el nuevo Google Mientras el presidente de Google, Eric Schmidt, defendía el pasado miércoles ante el senado de EE UU la imparcialidad del algoritmo de su buscador, Mark Zuckerberg ultimaba el anuncio del mayor giro estratégico de Facebook desde que se lanzara en 2006. La red social, con 800 millones de usuarios en el mundo, ha dejado de ser un sitio que solo conecta a personas para pasar a ser, además, una plataforma que conecta a la gente con las cosas que recogen su actividad diaria (servicios de música, cine, periódicos...). Un cambio que, aunque pueda parecer nimio sobre el papel, deberá preocupar a Google y a Apple, porque como el famoso caballo de Troya, el anuncio de Facebook esconde armas para dar la batalla a ambos rivales. Y a cada uno donde más le duele: al buscador, en la publicidad, y a Apple, en los contenidos. Igualmente, ahora, además de "me gustas" en otro sitios que luego aparecen en Facebook, se puede hacer cosas y que aparezcan "verbos" y "objetos directos". Información muy útil

Modular PC Concept Modbook, You can make it !You can break it Designed by a Mechanical Engineer Juan Esteban this modular PC concept is really an awe-inspiring piece of technology as it provides the functionality of two tablets, the mobility of a laptop and the power of a Desktop.The screen of the PC is the outcome of two tablets joined together side by side while the base can be swapped into a handy entertainment device perfect for any dwelling.When all the three devices are joined with one another,they give birth to a multimedia machine that is capable of 3D rendering, video, music edition and many other tasks.The modbook is one of the entries in Fujitu awards 2011 and will definitely compete multimedia devices in the race of portability and technological trends,as it is powered with all the key features that a desktop or a laptop exhibit. Source: coroflot

SQL Injection Walkthrough 1.0 Introduction When a machine has only port 80 opened, your most trusted vulnerability scanner cannot return anything useful, and you know that the admin always patch his server, we have to turn to web hacking. SQL injection is one of type of web hacking that require nothing but port 80 and it might just work even if the admin is patch-happy. It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS. This article does not introduce anything new, SQL injection has been widely written and used in the wild. 1.1 What is SQL Injection? 1.2 What do you need? 2.0 What you should look for? Everything between the <FORM> and </FORM> have potential parameters that might be useful (exploit wise). 2.1 What if you can't find any page that takes input? 3.0 How do you test if it is vulnerable? hi' or 1=1-- Into login, or password, or even in the URL. 3.1 But why ' or 1=1--? ' or 'a'='a

Hydrogen produced by earth friendly WINDHUNTER Maritime Hydrogen Generation... - StumbleUpon Bento Laptop Tablet Hybrid by René Woo-Ram Lee &amp; Yanko Design - StumbleUpon Bento is quite an exceptional and forward thinking concept by René Woo-Ram Lee. It’s quite a plausible scenario that most of use/own a tablet, a PC, external hard drives and a smartphone. Now combine the power of these to have fully customizable Bento Laptop! Laptop with 15″ OLED screen11″ tablet and 4″ phone sit in shallow depressionsSolar powered lithium-ion battery1TB SSD drive Designer: René Woo-Ram Lee The Fujitsu branding is evident and rightly so, the concept is a part of the Fujitsu Design Award that is organized by Designboom. Top 15 Security/Hacking Tools & Utilities 1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. Can be used by beginners (-sT) or by pros alike (–packet_trace). Get Nmap Here 2. Recently went closed source, but is still essentially free. Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Get Nessus Here 3. Yes, JTR 1.7 was recently released! John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. You can get JTR Here 4. Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Get Nikto Here 5. Get SuperScan Here 6. p0f 7. 8.

‘Artificial leaf’ makes fuel from sunlight Researchers led by MIT professor Daniel Nocera have produced something they’re calling an “artificial leaf”: Like living leaves, the device can turn the energy of sunlight directly into a chemical fuel that can be stored and used later as an energy source. The artificial leaf — a silicon solar cell with different catalytic materials bonded onto its two sides — needs no external wires or control circuits to operate. Simply placed in a container of water and exposed to sunlight, it quickly begins to generate streams of bubbles: oxygen bubbles from one side and hydrogen bubbles from the other. If placed in a container that has a barrier to separate the two sides, the two streams of bubbles can be collected and stored, and used later to deliver power: for example, by feeding them into a fuel cell that combines them once again into water while delivering an electric current. The creation of the device is described in a paper published Sept. 30 in the journal Science.

Jetlev Flyer - Jetlev Flyer

Related: