Friday, May 23, 2008

Petroff Defense Trap

1. e4 e5
2. Nf3 Nf6
3. Nxe5 Nxe4
4. Qe2 Nf6
5. Nc6

Now the black Queen is DEAD. Black king is in check by White Queen and his queen is in attack by knight.To save check and his queen he can 5. .. Qe7 but then white can take the queen with knight at d6

PHP Hacking 1 = 1

'1 =1 ' is classic example of SQL injection attack. For the authentication some PHP GUI saves the user id and password in database. Generally a query something like this is used to validate the user given information:

SELECT * FROM users
WHERE user=''
AND passwd=''

A simple hacker like me ;-) can use SQL injection attack by specifying
User: Any
Password: OR 1 =1

This will allow me to give access to the site. Depending on the query you may need to try other variations like

Password: ') OR ('1=1')

The idea is to inject 1 =1 (which is true) in SQL statement such that the WHERE clause returns TRUE.

Happy Hacking...

Thursday, May 08, 2008

Putty passwordless ssh

putty accepts login and password as command line. So it can be easily used in batch to access machines without giving login and password.

putty host1 -l root -pw

I use it to the server which are build frequently. The problem with the server built frequently is that you cannot exchange keys as the keys will be deleted when the server is built again.

If you are using a linux box then sshpass can also be used for auto SSH.

Here is the batch script for windows lover

@echo off
if %1 == myserver goto myserver
goto default

:myserver
start C:\putty -ssh mercury -l -pw
exit

:default
start C:\putty -ssh %1 -l root -pw
exit

Vim Ctrl-r Ctrl-w

Vim Ctrl-r Ctrl-w can be used to read the word under the cursor. It is useful if you want to edit files under the cursor.

:e \C-v \C-r \C-v\C-w \C-v

I know you can use gf to go the file. But just wanted to do it using one key.:-)

Bind command

bind command can be used to bind your key strokes with the commands. I use it frequently to access my cleartool commands.

after editing a file using vi. You can check the difference with the predecessor or the version tree for the file using key-strokes Alt-d or Alt-t

bind -x '"\M-d"':'cleartool diff -pred -g -options "-b" $_ &'
bind -x '"\M-t"':'cleartool lsvtree -g $_ &'