For now, you can have a look at my presentation on the same topic. I had presented it at Barcamp Bangalore 7, and PHPCamp Pune. It was recommended by Dan Peterson, Google, on the Shindig developer’s mailing list.

For those who don’t have an idea what I am talking about; I have been (officially) working on OpenSocial for quite sometime. OpenSocial is a specification developed by giants like Google, MySpace, Ning, etc. to provide a common platform (API) for social app developers. Shindig, an Apache incubator project, is what can help your site become OpenSocial compliant.

By the way, I am referring to the Six degrees of Separation in the initial slides.

• Apache-MySQLPHP Installation & Configuration Tutorial for Beginners :)
• The Web is Broken
• An insight into Sun’s *crazy* strategy.
• Google Lost Me!
• Apache Headache: “no listening sockets available”

Orkut (Google’s MySpace and Facebook for Indian, Pakistan and Brazil) has been hit by an XSS worm. It’s useless to say but I am not able to resist, so I’ll say it anyways. It’s not the first time that a Social networking site has been attacked by an XSS worm. In fact these sites are the primary target due to a number of reasons -easier gullibility level, exponential reach, huge amount of data waiting to be harvested, web 2.0 etc. etc. etc. There’s good compilation of XSS worms going on at Slackers (Social n/w worm, or no).
Anyhoo. This incident has already been reported by a number of bloggers, so I won’t dive into the technical details. However, this worm seems to be harmless and fixed for now.

If you viewed a message 2008 vem ai… que ele comece mto bem para vc in your scrapbook, there is a big probability that you’re infected. You were added to a community named Infectados pelo Vírus do Orkut at http://www.orkut.com/CommunityJoin.aspx?cmm=44001818. The worm then forwards itself to the scrapbook of all your contacts (on your behalf). Any doubts on it being exponential?

IT Act 2000 is India’s legal answer to the miscreants on the technological front. (I realize it’s a pathetic definition, so no flame on it please ). The trouble with IT Act 2000 is that the majority of law enforcers aren’t really aware of the real life scenarios. I’ll give a real case to support the point, in a while. Although I am no law expert (just a little bit of interest), I guess I can safely say that the Act needs a few amendments to include/modify a number of issues (e.g., SPAM, etc.)

So what happens when the implementation is in nascent stage, and the enforcers are not completely eductaed?
Things get blown out of proportion. Things get painted in a completely new color. Things get… uh! fill them up yourself.

Chapter 11 of the Act defines the Offences – section 65 to section 78. For now, let’s have a look at Sections 65, and 67.
Section 65: Tampering with computer source documents.

Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.
Explanation: For the purposes of this section, “computer source code” means the listing of programmes, computer commands, design and layout and programme analysis of computer resource in any form.

Section 67:Publishing of information which is obscene in electronic form.

Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees.

I have mostly been interested in section 67 (which according to some in the law indsutry) also extends to sms service

Anyhoo. If you are interested in punishmentsm, here’s the link. Have a look. You might be serving one someday

There have been quite a few cases revolving around Orkut, but the one that I’ll be talking about (and is the most relevant) is the one where wrong man ( named Lakshmana Kailash K) was put behind bars for 50 freakin’ days. He’s “reportedly” involved in the defamation of Chhatrapati Shivaji, a highly revered historical figure.
In case you aren’t aware, Orkut (Google) has signed a pact with Indian Law Enforcement. They pledge to “block any ‘defamatory or inflammatory content’, or hand over IP address information to police if asked”.

So what happened in the above case?
Law enforcers are reported about the defamation of Shivaji, they contact Orkut, Orkut gives IP, law enforcers run to the ISP (Airtel in this case), Airtel provides address, Guy put in jail.
Simple. Isn’t it?

The only trouble being that Airtel provided the wrong address.
Whoops! And bang! The dude spends 50 days straight, for something he didn’t do.
Neha Viswanathan, a blogger based in UK, has a very nice write-up on the incident. Further, there’s a very nice compilation of some Cyber Crime cases in India at the IndiaCyberLab portal.

Let’s first collect all the pieces together:
1. Orkut has a pact with Indian law Enforcement.
2. Law enforcers are incompetent *cough*.
3. Orkut (or any other similar site) still has XSS and CSRF flaws in them. Period.
4. XSS and CSRF let you (among other thousand things) manipulate source code (section 65) and/or insert obscene/derogatory (section 67).
5. XSS and CSRF let you post/manipulate data on some other person’s behalf. (Orkut/Samy etc. worms did not require you to click anywhere. Just load the page and the payload in inserted in your friend’s scrapbook on your behalf).

Now combine them all, and you’ll realize that there might be a day when you just sent a “long time no scraps” scrap in your friends scrapbook and went to bed. The next day, a bunch of Cyber officers wake you up, and arrest you for defaming Bala Saheb Thakrey.

…and yes! Don’t talk about Democracy. You’ve already seen that the politicians can get away with a wrestling in parliament arena that will put WWE stars to shame. On the contrary, a chap is detained for 50 days just because the cops thought that they had enough evidence.

7. Conclusion

What!
Stay away from social networking sites. Trust me, they are not worth the price.

• IFrames – To be or not to be?
• AdSense exploited by malware (Trojan.Qhost.WU)
• Samy: A hero or a villian!
• Yahoo! gone Insane!
• Vista!!! (3 Exclamations.) is here? (Why :-/)

Update 2: I see a fairly good traffic coming here searching for the same problem. So, in case you are in a hurry, this is mostly a summary to inform you that in all probability, YOU HAVE SOME SERVICE RUNNING ON PORT 80. Check out using TCPView (if you are on windows). Hope that helps.

I am currently working on an official XSS (Cross Site Scripting) presentation. I needed some screenshots of alert boxes and defaced site. So I installed Apache, configured it to work with PHP. (If you need help in installing and configuring MySQL, Apache and PHP, look here).

But this was day before yesterday. Yesterday, I needed to make a quick manipulation to the script, but… Apache won’t start. The error I was getting (using eventvwr) was:

>>> (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted. : make_sock: could not bind to address 0.0.0.0:80 .

It’s pretty apparent that some other jerk was sitting and listening at port 80. Yesterday, however, was too hectic to discover the rat. Today, I ran TCPView (thanks to Shruthi for suggesting) to discover that inetinfo.exe was the ra**al. TCPView is one of the nicest tools created by the guys at SysInternals, which was later acquired by Microsoft. Rats!

Anyways, the fun part was stopping the service. I couldn’t kill it. Neither using TCPView, nor Task Manager. It would again span back to life

So, finally I opened services.msc to stop the IIS server and change the automatic start mode to manual mode. Heck! I should have disabled… or even better, deleted the scoundrel.

So, if you have the same problem, you are in all probability in office right now and hence may not be aware what services are running. Use TCPView to discover all those unnecessary network services. It’s a great tool. Further, you might also want to switch some stupid services from automatic start mode to manual (or disable ). Use Services.msc.

• Apache-MySQLPHP Installation & Configuration Tutorial for Beginners :)
• M$ WindowsXP just got a newer version of Update with new Components!
• AdSense exploited by malware (Trojan.Qhost.WU)
• Yahoo! gone Insane!
• Download PHP tidy extension for Mac OS X

What happened was due merely due to fast glance and my mouse cursor covering a part of the word; the hardware appeared to me as malware, making it Is it time to upgrade your malware?

Now that’s wrong on my part to ridicule someone because of my own mistake… but honestly. Is there any difference?

UPDATE:
Very very honestly. I had read only the first two pages the security focus review before writing the above lines. However, the third page contains the following para:

So, one craplet pops up demanding to be enabled; you exit that, and a different one pops up telling you that you really ought not to have done that. Now, my definition of malware is pretty straightforward: malware is any code that causes my computer to behave in a way I don’t intend, or any code that prevents my computer from behaving in a way that I do intend. Thus the Vista Security Centre is, quite simply, malware.

Wohoooo!
I am a genius.

• Orkut Latest XSS Worm; and what it means for Indian Orkuteers
• TPM Boys withdraw paper from BlackHat USA
• Is Google Bomb REALLY Diffused?
• Java vulnerable to remote compromise
• Apache-MySQLPHP Installation & Configuration Tutorial for Beginners :)

Update: This hack doesn’t work any more. I’ll post the latest pretty soon. Hopefully.

I loved this performance by Tina & Hussain. It left me breathless, and wet-ted my eyes .

I wanted it s badly. Did a l’ill research, found a hack, and here I am, sharing [& open sourcing it ].
You can find various sites and ‘n’ number of tools to grab your favorite video from Youtube.
There are definitely simpler ways, including a javascript. However, I liked this manual way of doing the job. It let’s me see where’s what…

1. Goto the page containing the video.
2. View page source. [Ctrl+U in firefox]
3. Search [Ctrl+F] for “player2.swf?“. It’d be something like “/player2.swf?video_id=jksdjs….“.
4. Copy the part after “?“, i.e., “video_id=jksdjs….“.
5. Append it after “www.youtube.com/get_video.php?“. It’d look something like “www.youtube.com/get_video.php?video_id=jksdjs….“.
6. Paste your string in the address bar of your browser and hit enter.
7. Please note that the video that we download is an flv file [and needs ".flv" to be manually added.]
8. If you don’t have an flv player, get it from HERE.

I hope it helps you get what you want I am not sure as to how long it’d work as the YouTube guys do not like people to download the videos and keep changing the settings. [ I am still wondering why!!!]
If the above mentioned steps do not help, please leave comments.

Psst.: I am planning to write a script to do it automatically. However, I am not sure if I want to do it in Perl or Java. [Perhaps, I'll code in perl and ask my students to do it in Java ]

• Yahoo!’s javascript based media player!
• Drive-by Download: Where Network Security Meets WebAppSec
• Apache-MySQLPHP Installation & Configuration Tutorial for Beginners :)
• Apache Headache: “no listening sockets available”
• Download PHP tidy extension for Mac OS X

1. Select the most appropriate mirror for you from the following: http://www.apache.org/dyn/closer.cgi/httpd/binaries/win32/ (for Apache), and http://www.php.net/downloads.php for PHP.
2. Download apache_1.3.x-win32-x86-no_src.exe and PHP 5.1.2 zip package (names PHP-5.x-win32).
   • DO NOT use Apache 2.x with PHP.
   • If you use PHP 4.x, make proper changes in the some of the steps given below.

Note:

3. Install Apache by simply clicking on the exe file. The default path is C:\Program Files\Apache Group\Apache.
4. Unzip the PHP file to C:\PHP.
5. Add C:\PHP to system path.
6. Backup and rename php.ini.dist to php.ini.
7. Copy php5ts.dll and php.ini to %systemroot%.
8. Copy php5apache.dll to C:\Program Files\Apache Group\Apache.
9. Open cmd (command prompt) and run net stop apache (to obviously stop the server).
10. Backup httpd.conf, located in C:\Program Files\Apache Group\Apache\conf, and then open it in an editor to add the following lines:
    • LoadModule php5_module php5apache.dll
    • AddType application/x-httpd-php .php
    • AddModule mod_php5.c [If you face any problems, remove this line and check again]
      
11. Net start Apache.
12. To check if all everything is in place, write the following code in a notepad and save it as “phpinfo.php” (with inverted quotes).

<?php
phpinfo();
?>

1. Place the file in your DocumentRoot directory. The default path is C:/Program Files/Apache Group/Apache/htdocs.
2. Start your Mozilla Firefox browser (it’s not mandatory, just a recommendation ), and type http://localhost/phpinfo.php.
3. If everything’s fine, we’ll see something like this:

Installing MySQL:

1. We can find it in three shapes and sizes , The Complete Package, The Essentials Package and The Noinstall Archive. We’d go for the complete package named mysql-[version]-win32.
2. The installation part is click next type.
3. At the end of the installation, click to configure and choose the options as per your choice or as given below:
   • Detailed Configuration>Next
   • Developer Machine>Next
   • Multifunctional Database>Next
   • >Next
   • Manual Settings (choose 5)>Next
   • Enable TCP/IP (leave default port as 3306)>Next
   • Add to both, windows services and ssytem path>Next
   • Choose root password>Next
   • Execute.

Configuring MySQL & PHP:

1. Open php.ini, located in %systemroot%, in and editor and uncomment the following line by removing the semicolon at the beginning of the line:

   • extension=php_mysql.dll

2. Copy php_mysql.dll and libmysql.dll from C:\PHP\ext to C:\PHP.
3. To verify the configuration and administer MySQL, one may use phpmyadmin, found at http://www.phpmyadmin.net/home_page/index.php. However, do make sure not to publish it along with the site .
4. That’s it. Happy Coding (. For anymore queries, either leave your comments or refer to the manuals.

• Apache Headache: “no listening sockets available”
• AdSense exploited by malware (Trojan.Qhost.WU)
• Download PHP tidy extension for Mac OS X
• An insight into Sun’s *crazy* strategy.
• Grabbing Video from Youtube.

This blog of mine is in response to the hundreds and thousands of mails that are forwarded so that somewhere, somebody’s LIFE COULD BE SAVED BY FORWARDING THE BLOODY MAIL.
AOL, Yahoo, Red Cross, MSN etc. etc .etc. donated certain amount of money FOR EACH TIME THE MAIL IS FORWARDED (generally 1 cent).
Isn’t that interesting???? I mean what these sites could do generously (if they wished to), do it when some BIG HEARTED person forwards the mail.
And guess what??? They do it without attaching any kind of tracker in the mail… Not to mention that doing any thing even near to attaching a tracker would be a threat to an individuals privacy…

I cannot stop myself from sharing one other similar interesting mail. The mail said that an INDIAN BOY HAS CHALLENGED BILL GATES BY DEVELOPING AN O/S CALLED “O! YES”, which very Robust, Secure, blah blah blah… And HP has proposed to purchase it.
Now, the first thing… making such an O/S is no joke. This has nothing to do with the crappy nature of WINDOWS (hehehhe), it’s just means that it’s very difficult for a young child to do so.
Secondly, if someone succeeds in doing so, this news would be the hottest one around…. not one which has to be informed via email. And the most interesting part….. This mail has been doing rounds since 5 years (at least) )

These mails are generally used for two reasons:

1. For fun…. or to make mockery of someone.
2. For stealing your mail id for spamming……. I know this is strange, but it’s true. If you have any such mail in your mail box, just try to count the number of email ids in it…. and then imagine what would you do with them if you were a spammer. These mails are infact sent by spammers so that they can have a reasonably beautiful number of such mail ids.

JUNTA, please don’t feel bad if you have been forwarding such mails.
Obviously, nobody knows everything… but you can be a little careful when you recieve such mails.

1. Ignore such mails.
2. If you really feel that the mail is genuine and need to be forwarded, GOOGLE some keywords contained in the mail,
3. or forward it after removing all the previous email addresses.
4. ALTERNATELY, YOU MAY ALSO DISTRIBUTE THE LINK OF THIS ARTICLE FOR SPREADING AWARENESS

• Yahoo! gone Insane!
• A Phish floating in Google Survey!
• Google Bomb! [Update: Diffused]
• Idle Nights: Devil’s Mind
• OWASP AppSec Conf Delhi – Day 2; and more