Wednesday, December 25, 2013

Options Vs Choices

Options...hmmm...They have been the drive for Choices. Choices then lead us to prioritize. They form an integral part of our life. The way we chose is boundary line of desirables and undesirables in our life. One may chose Manmohan Singh over so many other eligible political leaders (options) to 'throw' one's opinion Here, the great or not so great 'Muffed Leader' can be seen as choice of vote among other options.
Consider a Cartesian quadrant of X & y axis where X is the option and Y is choice. Cumulatively they define the Priorities which is nothing but the intercept of Options and Choices.
On Quadrant I (+X), we might have infinite options. While on Quadrant III, we might be sort of options infinitely Y axis may be defined similarly with the choices.

Our life is actually governed by the interactive plays among these options and choices- priorities as resultant. Option when chosen presents us with Priority which eventually decides the way we are going to skim or get skimmed out of life. Choices are always subjective, and variable on the interactive forces of both internal and external environment. Further, a Subject may negate the worthiness or sanctity of a Choice later.

Options have the privilege to offer us Choices. On the other, Choices have the essential potential to demarcate our destiny. They can make and mar. Tread meticulously while exercising one!! Make one for Peace

Sacchaiyan badalti hain
Jo maayne badalte hain inke
jaane ye kaisi paribhasha hai
addhora hai jisse ek ek shabd aaj bhi

Saturday, January 5, 2013

A ChitChat with Within

Dear Me,

The way you know me is me being not so emotional at most of the times. You know the underlying reason for this as often repeated by me. My experiences over past 10-12 years coupled with theoretical learning
have positioned my mind at a plane where I wish to be absolute in my rationale. Yet I talk about 'rationale'. You see how formidable this position is! Even though I can not attain, the feeling of this absoluteness is too tempting and alluring. The joy of my life is learning. Even realizing a widely-known-learning infuses happiness of no small magnitude. I don't claim to know the universe, nor do I wish so. What I claim is my due share of mind-detachment sprouting from the seed of a vast knowledge tree. Life for me has all capacities of dawning heaven or hell on this earth. There are determining factors which are driving this process. Some are tangible, some intangible. Some controlled, some uncontrolled.

I would suggest lets drive our life towards this plane where every piece, every variety of life is the realization of learning. A life which has challenges to drive us for solutions. Solutions that fill our life with happiness: a goal, a purpose, a god in itself! Once we realize this unbiasedness, factors of disturbance would reduce while those of happiness would increase proportionately.

At this plane, I would say I have enjoyed your attachment. However there have been times where we have been so exhausted in our problems that we have denied to move towards the solution. Compromises have
been unnecessarily delayed. I would say these experiences have enlightened the life-approach and consequently enlightened the horizon of happiness.

Your thought has always enchanted me and so bewitching has been your writing! This time I see your process upgraded from Pentium to Core-i! I am delighted to see the elevation. Yet remorseful when I realize
this is the outcome of your shattered-emotions. Nonetheless, Iwould appreciate this duelling approach of yours as it leads us to the realization of the Enlightenment!

 You have always been a pride in me (which I have ever successfully hidden)!. You are the one I have never encountered anybody like. Having you so close to me is where this pride comes from, to move the life & let the life move on!!

Wednesday, January 18, 2012

Electronic 'Khat'

This piece of writing is not a typical writing but is a part of mail! The mail which I sent to one of my favorite juniors during my heavenly college days. I sent it for the purpose as mentioned in the mail below. Please read through to enjoy :)

Date: 5th November, 2009

Time: 4.30 am

Before going through the main body, please read the legal warning!

Dear Vineet,

Once again I am writing at this juncture of day and night when you would be floating far in your dream even beyond your own conscious imaginary horizon. As glad I am as you would be to know that this piece of writing is just 4 u, just as you have been craving for more of my articles!!

As there have been unexpected and unsolicited (and sometimes unwelcome too from my side!! :) spectral appearances of yours which have often frightened and paradoxically lured me with that genuinely contagious smile of yours, probing me: "have I disturbed you sir?" (Even when you knew that I indeed had been!). "No, not at all, come in dear!" is my usual reply you must agree. How else would you expect me to act? I know even if I said yes, you would have broken into. Doing so, I am merely saving the assets of both IIIT and Mine!! Don’t worry, not less is your contribution towards this saving J
I am not intending to write any fictional or scholarly article here. I am writing all which is flowing into my indented mind through the keyboard. You see people are not just subject to others mind (perception), but sometimes they r subject to the whims of keyboard, as is your case right now. Your entity is currently subject to a keyboard. The keyboard in consideration is outrunning the pace of my mind. And so u cannot be safe while you get victim of the maize of alphabets which may combine to form most beautiful and sweet words and the most abhorring and erratic at the same time. Doesn’t it sound terrific to be subdued by something which we know is the progeny of ourselves? But this is the fact. Eventually you can look around to validate the worth of my previous sentence. Everywhere today we are subject to things which we have ourselves created. Yet there is no trace of a perfect controlled system, even though we make the (fake) control systems. Do rationalize the pros n cons of this hypothesis. I believe, my control system is getting uncontrolled now, and contrary to my wish to write further, I m forced to stand by this system of mine for the time being. Till then bye.....
Hope you enjoy reading through :)

Regards,

Praveer...:)...:)

Legal Warning: The purpose of this piece of writing is completely humorous and purely subjective. any cut to the quick, even exceptional, may be deemed as serious blasphemy to the author, thereby leading to the liability of a Treat at Malik or Chandi, whichever the defaulter wishes to prefer; the timing of which may be fixed by mutual consent of the defaulter and defaulted. Any confusion, indigestion and/or ambiguity shall completely lie within the jurisdiction of Room No: 119, IIIT Allahabad till 19th May 2010.

Monday, June 13, 2011

Google Hacking


Google is a pretty powerful search tool. You knew that. You can use it to find information, but you can also use it to find downloadable MP3s, books, videos, and other items. We're going to assume you're just looking for legally available downloads, but the truth of the matter is if someone's posted an MP3 (copyrighted or not) to their web page, Google can find it.

METHOD I

Try a few of these searches ( type words bellow on google search):

* intitle:"Index of" passwords modified
* allinurl:auth_user_file.txt
* allinurl: admin mdb
* inurl:passlist.txt
* "Index of /backup"
* Amex Numbers: 300000000000000..399999999999999
* MC Numbers: 5178000000000000..5178999999999999
* visa 4356000000000000..4356999999999999

or,

* "parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
* "parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Change the word after the "parent directory" to whatever you want and you will get a lot of stuff.


METHOD 2

put this string in google search:

?intitle:index.of? mp3


You only need add the name of the song/artist/singer.

example: ?intitle:index.of? mp3 jackson


METHOD 3

put this string in google search:

inurl:microsoft filetype:iso

You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…

"# -FrontPage-" inurl:service.pwd

Frontpage passwords.. very nice clean search results listing !!

"AutoCreate=TRUE password=*"

This searches the password for "Website Access Analyzer", a Japanese software that creates webstatistics. For those who can read Japanese, check out the author's site at: http://www.coara.or.jp/~passy/

"http://*:*@www" domainname

This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

"http://*:*@www" brazzer

Another way is by just typing

"http://bob:bob@www"

"sets mode: +k"

This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

allinurl: admin mdb

Not all of these pages are administrator's access databases containing usernames, passwords and other sensitive information, but many are!


allinurl:auth_user_file.txt

DCForum's password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)


intitle:"Index of" config.php

This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.

eggdrop filetype:user user

These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.

intitle:index.of.etc

This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!

filetype:bak inurl:"htaccess|passwd|shadow|htusers"

This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let's pretend you need a serial number for windows xp pro.
In the google search bar type in just like this - "Windows XP Professional" 94FBR
the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of 'fake' porn sites that trick you.
or if you want to find the serial for winzip 8.1 - "Winzip 8.1" 94FBR

List of few more Searches:

* inurl:/db/main.mdb |ASP-Nuke passwords
* filetype:cfm "cfapplication |ColdFusion source with potential passwords name" password
* filetype:pass |dbman credentials pass intext:userid
* allinurl:auth_user_file.txt |DCForum user passwords
* eggdrop filetype:user user |Eggdrop IRC user credentials
* filetype:ini inurl:flashFXP.ini |FlashFXP FTP credentials
* filetype:url +inurl:"ftp://" |FTP bookmarks cleartext passwords
+inurl:"@"
* inurl:zebra.conf intext: |GNU Zebra passwords
password -sample -test
-tutorial –download
* filetype:htpasswd htpasswd |HTTP htpasswd Web user credentials
* intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
"htgroup" -intitle:"dist"
-apache -htpasswd.c
* intitle:"Index of" ".htpasswd" |HTTP htpasswd Web user credentials
htpasswd.bak
* "http://*:*@www" bob:bob |HTTP passwords (bob is a sample username)
* "sets mode: +k" |IRC channel keys (passwords)
* "Your password is * |Remember IRC NickServ registration passwords
this for later use"
* signin filetype:url |JavaScript authentication credentials
* LeapFTP intitle:"index.of./" |LeapFTP client login credentials
sites.ini modified
* inurl:lilo.conf filetype:conf |LILO passwords
password -tatercounter2000
-bootpwd –man
* filetype:config config intext: |Mcft .NET application credentials
appSettings "User ID"
* filetype:pwd service |Mcft FrontPage Service Web passwords
* intitle:index.of |Mcft FrontPage Web credentials
administrators.pwd
* "# -FrontPage-" |Mcft FrontPage Web passwords
inurl:service.pwd
ext:pwd inurl:_vti_pvt inurl: |Mcft FrontPage Web passwords
(Service | authors | administrators)
* inurl:perform filetype:ini |mIRC nickserv credentials
* intitle:"index of" intext: |mySQL database credentials
connect.inc
* intitle:"index of" intext: |mySQL database credentials
globals.inc
* filetype:conf oekakibbs |Oekakibss user passwords
* filetype:dat wand.dat |Opera‚ ÄúMagic Wand‚Äù Web credentials
* inurl:ospfd.conf intext: |OSPF Daemon Passwords
password -sample -test
-tutorial –download
* index.of passlist |Passlist user credentials
* inurl:passlist.txt |passlist.txt file user credentials
* filetype:dat "password.dat" |password.dat files
* inurl:password.log filetype:log |password.log file reveals usernames,
|passwords,and hostnames
* filetype:log inurl:"password.log" |password.log files cleartext
|passwords
* inurl:people.lst filetype:lst |People.lst generic password file
* intitle:index.of config.php |PHP Configuration File database
|credentials
* inurl:config.php dbuname dbpass |PHP Configuration File database
|credentials
* inurl:nuke filetype:sql |PHP-Nuke credentials
* filetype:conf inurl:psybnc.conf |psyBNC IRC user credentials
"USER.PASS="
* filetype:ini ServUDaemon |servU FTP Daemon credentials
* filetype:conf slapd.conf |slapd configuration files root password
* inurl:"slapd.conf" intext: |slapd LDAP credentials
"credentials" -manpage
-"Manual Page" -man: -sample
* inurl:"slapd.conf" intext: |slapd LDAP root password
"rootpw" -manpage
-"Manual Page" -man: -sample
* filetype:sql "IDENTIFIED BY" –cvs |SQL passwords
* filetype:sql password |SQL passwords
* filetype:ini wcx_ftp |Total Commander FTP passwords
* filetype:netrc password |UNIX .netrc user credentials
* index.of.etc |UNIX /etc directories contain
|various credential files
* intitle:"Index of..etc" passwd |UNIX /etc/passwd user credentials
* intitle:index.of passwd |UNIX /etc/passwd user credentials
passwd.bak
* intitle:"Index of" pwd.db |UNIX /etc/pwd.db credentials
* intitle:Index.of etc shadow |UNIX /etc/shadow user credentials
* intitle:index.of master.passwd |UNIX master.passwd user credentials
* intitle:"Index of" spwd.db |UNIX spwd.db credentials
passwd -pam.conf
* filetype:bak inurl:"htaccess| |UNIX various password file backups
passwd|shadow|htusers
* filetype:inc dbconn |Various database credentials
* filetype:inc intext:mysql_ |Various database credentials, server names
connect
* filetype:properties inurl:db |Various database credentials, server names
intext:password
* inurl:vtund.conf intext:pass –cvs |Virtual Tunnel Daemon passwords
* inurl:"wvdial.conf" intext: |wdial dialup user credentials
"password"
* filetype:mdb wwforum |Web Wiz Forums Web credentials
* "AutoCreate=TRUE password=*" |Website Access Analyzer user passwords
* filetype:pwl pwl |Windows Password List user credentials
* filetype:reg reg +intext: |Windows Registry Keys containing user
"defaultusername" intext: |credentials
"defaultpassword"
* filetype:reg reg +intext: |Windows Registry Keys containing user
"internet account manager" |credentials
* "index of/" "ws_ftp.ini" |WS_FTP FTP credentials
"parent directory"
* filetype:ini ws_ftp pwd |WS_FTP FTP user credentials
* inurl:admin filetype: |asp Generic userlist files
inurl:userlist |
* inurl:php inurl: |Half-life statistics file, lists username and
hlstats intext: |other information
Server Username |
* filetype:ctl |
inurl:haccess. |Mcft FrontPage equivalent of htaccess
ctl Basic |shows Web user credentials
* filetype:reg |
reg intext: |Mcft Internet Account Manager can
* "internet account manager" |reveal usernames and more
filetype:wab wab |Mcft Outlook Express Mail address
|books
* filetype:mdb inurl:profiles |Mcft Access databases containing
|profiles.
* index.of perform.ini |mIRC IRC ini file can list IRC usernames and
|other information
* inurl:root.asp?acs=anon |Outlook Mail Web Access directory can be
|used to discover usernames
* filetype:conf inurl:proftpd. |PROFTP FTP server configuration file
conf –sample |reveals
|username and server information
* filetype:log username putty |PUTTY SSH client logs can reveal
|usernames
|and server information
* filetype:rdp rdp |Remote Desktop Connection files reveal user
|credentials
* intitle:index.of |UNIX bash shell history reveals commands
.bash_history |typed at a bash command prompt; usernames
|are often typed as argument strings
* intitle:index.of |UNIX shell history reveals commands typed at
.sh_history |a shell command prompt; usernames are
|often typed as argument strings
* "index of " lck |Various lock files list the user currently using
|a file
* +intext:webalizer +intext: |Webalizer Web statistics page lists Web user-
Total Usernames +intext: |names and statistical information
"Usage Statistics for"
* filetype:reg reg HKEY_ |Windows Registry exports can reveal
CURRENT_USER |username usernames and other information

For More download the PDF:
http://www.mediafire.com/file/dxob0oyxp9d0y17/Google-Hacking.pdf

Hope you have enjoyed reading !