PoiNtEr->: January 2012

                             Difference between a dream and an aim. A dream requires soundless sleep, whereas an aim requires sleepless efforts.

Search This Blog

Tuesday, January 24, 2012

How To Create A Web Beacon ?

Hi guys! Yesterday I came to known about  "web beacons" from one of my classmate and then i started my research on it.So first thing is what is web Beacon?? According to me its a technique of tracking web users,it answers many questions like whether somebody opened your email,webpage etc.Big Company also make money by selling this information about their users and facebook is one of them . You can get more info about web beacon here.So now lets go to implementation part .
So here is my Small beacon which will give me info about users visiting my websites.

Web Beacon

I hope you have apache2 up and working.I am using my ubuntu 11.04 apache web server for this test.
We will add following code to our main html page...suppose its name is index.html

<img src="" alt=" " > 

In place of use your own domain name or where you have saved trackme.php file 

Now make another file trackme.php and add following code in it:

$QUERY_STRING = preg_replace("%[^/a-zA-Z0-9@,_]%", '', $_SERVER['QUERY_STRING']);
//saves ip address and timestamp
$str=date("D dS M,Y h:i a") . ",". $_SERVER['REMOTE_ADDR'] .",".$QUERY_STRING.",".$hostname.",".$_SERVER['HTTP_USER_AGENT'].",".$_SERVER['HTTP_REFERER']."\n";

file_put_contents("tracker.txt", $str, FILE_APPEND);

header("content-type: image/gif");
//43byte 1x1 transparent pixel gif

Now above php script is going to save information about user in a file named tracker.txt

So create a file named tracker.txt and change its permission to  777

Now everytime if somebody comes to your webpage(Index.html) he will leave information about himself in your tracker.txt.

I have created all these files in my /var/www/

For making transparent beacon image you can also use the following pattern too in trackme.php file

# The transparent, beacon image
echo chr(71).chr(73).chr(70).chr(56).chr(57).chr(97).

 So GO n HacK Some Information guys !!


Sunday, January 22, 2012

Hello World To CGI in Linux(Ubuntu) using C program

Configure Your Apache2 For CGI
First question that comes to Our mind is "what is CGI??"
Ans:The Common Gateway Interface (CGI) is a standard  method for web server software to delegate the generation of web pages to executable files. Such files are known as CGI scripts; they are programs, often stand-alone applications, usually written in a scripting language.
A web server that supports CGI can be configured to interpret a URL that it serves as a reference to CGI scripts. A common convention is to have a cgi-bin/ directory at the base of the directory tree and treat all executable files within it as CGI scripts. Another popular convention is to use filename extensions; for instance, if CGI scripts are consistently given the extension .cgi, the web server can be configured to interpret all such files as CGI scripts

I think thats enough of definition now come to implementation part.

So First we need to configure apache to make CGI works...So here it goes

Create a /var/www/cgi-bin/:

mkdir -p /var/www/cgi-bin/
Open httpd.conf

vi httpd.conf
Append following code:

<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/

<Directory /var/www/cgi-bin/>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all

Restart apache.

Now we make a simple C hello world program and put the compiled binary of that program in our cgi-bin folder.

printf("<h2>Hello World!!</h2>");

compile above program {let program name is cgi.c}

gcc -o cgi cgi.c

Now copy the cgi(output binary of above program) file to /var/www/cgi-bin folder 

Now Open Up your Browser and put url in address bar and thats it ...

Thursday, January 19, 2012

MAC Filtering And Bridging Firewalls in Linux(ubuntu)

The ebtables program is a filtering tool for a Linux-based bridging firewall. It enables transparent filtering of network traffic passing through a Linux bridge. The filtering possibilities are limited to link layer filtering and some basic filtering on higher network layers. Advanced logging, MAC DNAT/SNAT and brouter facilities are also included.
The ebtables tool can be combined with the other Linux filtering tools (iptables, ip6tables and arptables) to make a bridging firewall that is also capable of filtering these higher network layers. This is enabled through the bridge-netfilter architecture which is a part of the standard Linux kernel.

Basic filtering configuration:

ebtables -P FORWARD DROP
ebtables -A FORWARD -p IPv4 -j ACCEPT
ebtables -A FORWARD -p ARP -j ACCEPT
ebtables -A FORWARD --log-level info --log-ip --log-prefix EBFW
ebtables -P INPUT DROP
ebtables -A INPUT -p IPv4 -j ACCEPT
ebtables -A INPUT -p ARP -j ACCEPT
ebtables -A INPUT -p LENGTH -j ACCEPT
ebtables -A INPUT --log-level info --log-ip --log-prefix EBFW
ebtables -P OUTPUT DROP
ebtables -A OUTPUT -p IPv4 -j ACCEPT
ebtables -A OUTPUT -p ARP -j ACCEPT
ebtables -A OUTPUT -p LENGTH -j ACCEPT
ebtables -A OUTPUT --log-level info --log-ip --log-arp --log-prefix EBFW -j DROP
This is a basic filter configuration which will only let frames made by the protocols IP version 4 and ARP through. Also, the network has some old machines that use the protocol field of the Ethernet frame as a length field (they use the Ethernet 802.2 or 802.3 protocol). There was no reason not to let those machines through, more precisely: there was a reason to let them through ;-). So, those frames, with protocol LENGTH denoting that it's really a length field, are accepted. Of course one could filter on the MAC addresses of those old machines so no other machine can use the old Ethernet 802.2 or 802.3 protocol. All other frames get logged and dropped. This logging consists of the protocol number, the MAC addresses, the ip/arp info (if it's an IP/ARP packet of course) and the in and out interfaces.
Important note:
If you don't absolutely need to let those old machines (using the 802.2 or 803.2 Ethernet protocol) through the bridge, don't let them. Opening it up with the ebtables -A FORWARD -p LENGTH -j ACCEPT actually breaches security if you're filtering IP bridge traffic with iptables: IP traffic passing the bridge using the 802.2 or 802.3 Ethernet protocol won't get filtered by iptables (it's on the todo list).

Associate IP addresses to MAC addresse:

ebtables -A FORWARD -p IPv4 --ip-src -s ! 00:11:22:33:44:55 -j DROP
This is an anti-spoofing filter rule. It says that the computer using IP address has to be the one that uses ethernet card 00:11:22:33:44:55 to send this traffic.
Note: this can also be done using iptables. In iptables it would look like this:
iptables -A FORWARD -s -m mac --mac-source ! 00:11:22:33:44:55 -j DROP
The difference is that the frame will be dropped earlier if the ebtables rule is used, because ebtables inspects the frame before iptables does. Also note the subtle difference in what is considered the default type for a source address: an IP address in iptables, a MAC address in ebtables.
If you have many such rules, you can also use the among match to speed up the filtering.
ebtables -A FORWARD -p IPv4 --among-dst 00:11:22:33:44:55=,00:11:33:44:22:55= \
We first make a new user-defined chain MATCHING-MAC-IP-PAIR and we send all traffic with matching MAC-IP source address pair to that chain, using the among match. The filtering in the MATCHING-MAC-IP-PAIR chain can then assume that the MAC-IP source address pairs are correct.

Making a brouter:

Here is an example setup for a brouter with the following situation: br0 with ports eth0 and eth1.
ifconfig br0
ifconfig eth0 netmask
ifconfig eth1 netmask
ebtables -t broute -A BROUTING -p ipv4 -i eth0 --ip-dst -j DROP
ebtables -t broute -A BROUTING -p ipv4 -i eth1 --ip-dst -j DROP
ebtables -t broute -A BROUTING -p arp -i eth0 -d $MAC_OF_ETH0 -j DROP
ebtables -t broute -A BROUTING -p arp -i eth1 -d $MAC_OF_ETH1 -j DROP
ebtables -t broute -A BROUTING -p arp -i eth0 --arp-ip-dst -j DROP
ebtables -t broute -A BROUTING -p arp -i eth1 --arp-ip-dst -j DROP
As mentioned in the man pages, the DROP target in the BROUTING chain actually broutes the frame. This means the bridge code won't touch the frame and it is sent up to the higher network layers. This results in the frame entering the box as if it didn't arrive on a bridge port but on the device itself.

Only forward IPv4 for a specific MAC address:

ebtables -A FORWARD -s 00:11:22:33:44:55 -p IPV4 -j ACCEPT
ebtables -A FORWARD -s 00:11:22:33:44:55 -j DROP


Wednesday, January 11, 2012

Turn your laptop screen off with a keyboard shortcut in Ubuntu

you could turn your laptop screen off by issuing this simple command:

1: xset dpms force off

However, a regression causes this command to turn your screen off only for a brief moment. After a few seconds, your screen will turn back on, on its own. I think this is because kernel is dynamic and load it self automatically after a fix interval of time or in case of any event which bothers it.

To get around this problem we can use this script:

if [ -f $screenOffLockFile ];
rm $screenOffLockFile
notify-send "Screen on." -i /usr/share/icons/gnome/48×48/devices/display.png
touch $screenOffLockFile
sleep .5
while [ -f $screenOffLockFile ]
xset dpms force off
sleep 2
xset dpms force on

Save this script and set it as a shortcut.

have fun...and Save Electricity!!


Sunday, January 1, 2012

HaPpY NeW YeAr

May the new year give you
Independence of Java
Power of Unix
Popularity of Windows
Extensibility of J2EE
Luxury of .Net
Efficiency of C
Ease of VB
Robustness of Oracle
Vision of UML
Simplicity of HTML
Style of Mac
Dexterity of Photoshop
Enormity of 3D Max
Vastness of Internet
Compactness of JPG
Richness of BMP
Coverage as Yahoo
Reach of Google
Prudence of Froogle
Security of Norton & McAfee
Intelligence of Unreal
Realism of Max Payne
Speed of NFS
Fun of RoadRash
Intelligence of Chessmaster
Impression of Quake3
And the Goodness of all Software that comes for free... ;-)