Friday, 27 May 2011
Reliance free 3G, GPRS with Opera Mini MAY-JUNE
Many of the Reliance free net GPRS 3G users know that reliance RIM has banned all of its free GPRS tricks.But still some tricks are working,going to post it here.
Reliance free 3G, GPRS with Opera MiniFirst make the GPRS or 3G as like listed below:
Access point of the settings is rcomnet (very important)
Proxy or IP address is : 80.239.242.253
Port address should be :80
You can use this trick in Opera Mini Labs 4.2 Handler or Opera Mini 6 Modded version.
Now open the anyone above application and select proxy server type HTTP and enter the proxy server address as wap.mauj.com .
If you down all the above steps correctly you will get wap.mauj.com homepage.From the homepage enter the URL which you want to browse and download free.
You must turn your Network mode to UMTS if you want 3G speed.The 3G enabled mobile is required for getting 3G access.
You can also use this trick for Airtel Network for accessing free GPRS or 3G by changing the settings to Mobile Office.
Microsoft Windows Shortcut Keys
This is a listing of some common shortcut keys in different versions Microsoft Windows.
Some shortcut keys below are not supported in all versions of Windows.
The shortcut keys on this page are only applicable for Windows in general, if you are looking for shortcut keys for a specific application (i.e. Excel, Word, etc..) please see the links at the bottom of this page.
Use at your own risk.
Shortcut Key | Supported Window Versions | Short Key Description |
Alt + (double-click) | 95, 98, ME, NT, 2000, XP, Vista | Open Properties dialog of selected item. |
Alt + Enter | 95, 98, ME, NT, 2000, XP, Vista | Opens properties window of selected item. |
Alt + Esc | 95, 98, ME, NT, 2000, XP, Vista | Switch Between open tasks available on the taskbar. |
Alt + F4 | 95, 98, ME, NT, 2000, XP, Vista | Close the top (focused) window. |
Alt + Tab | 95, 98, ME, NT, 2000, XP, Vista | Switch between open windows. |
Alt + Tab + Shift | 95, 98, ME, NT, 2000, XP, Vista | Switch between open windows, backward. |
Ctrl + Alt + Delete (or Del) | 95, 98, ME, NT, 2000, XP, Vista | Bring up the Windows Task Manager, or reboot computer. |
Ctrl + Esc | 95, 98, ME, NT, 2000, XP, Vista | Bring up the Windows Start menu. |
Ctrl + '+' ('+' key on the keypad) | 98, ME, NT, 2000, XP, Vista | Autofit the widths of all columns (if available) in current window. |
Ctrl + F4 | 95, 98, ME, NT, 2000, XP, Vista | Close sub window/tab. |
Ctrl + Tab | 95, 98, ME, NT, 2000, XP, Vista | Switch between existing tabs (within a window). |
Ctrl + Tab + Shift | 95, 98, ME, NT, 2000, XP, Vista | Switch between existing tabs (within a window), backward |
F1 | 95, 98, ME, NT, 2000, XP, Vista | Open Help for Windows or focused application. |
F2 | 95, 98, ME, NT, 2000, XP, Vista | Rename. |
F3 | 95, 98, ME, NT, 2000, XP, Vista | Find/Search. |
F4 | 95, 98, ME, NT, 2000, XP, Vista | Select drives or display the list of drives |
F5 | 95, 98, ME, NT, 2000, XP, Vista | Refresh. |
F6 | 95, 98, ME, NT, 2000, XP, Vista | Switch focus to the address bar (if exists). |
F10 | 95, 98, ME, NT, 2000, XP, Vista | Switch focus to the top menu bar. |
Shift + F10 | 95, 98, ME, NT, 2000, XP, Vista | Same as mouse right-click on the select item. |
Print Screen | 95, 98, ME, NT, 2000, XP, Vista | Capture a screenshot of the entire desktop to clipboard. |
Print Screen + Alt | 95, 98, ME, NT, 2000, XP, Vista | Capture a screenshot of just the top(focused) window to clipboard. |
Shift + Delete (or Del) | 95, 98, ME, NT, 2000, XP, Vista | Permanently delete selected file(s)/folder(s) (bypass recycle bin) |
Shift (hold while inserting an audio CD to drive) | 95, 98, ME, NT, 2000, XP, Vista | Prevent autoplay. |
* (keypad) on Windows Explorer. | 95, 98, ME, NT, 2000, XP, Vista | Expand all sub-directories from the selected item. |
+ (keypad) on Windows Explorer. | 95, 98, ME, NT, 2000, XP, Vista | Expand only the first level of selected item. |
- (keypad) on Windows Explorer. | 95, 98, ME, NT, 2000, XP, Vista | Collapse |
Most keyboards have a Windows Key (key with a Windows icon). This key provides additional shortcuts for Microsoft Windows. Below is a list of the shortcut keys by combining the Windows key and other keys.
Shortcut Keys | Description |
WINDOWS-KEY | Bring up the Windows Start menu. |
WINDOWS-KEY + F1 | Bring up the Windows Help. |
WINDOWS-KEY + e | Open Microsoft Explorer. |
WINDOWS-KEY + f | Windows Search. |
WINDOWS-KEY + Ctrl + f | Search for computers |
WINDOWS-KEY + d | Minimizes all and bring up desktop, or restore all |
WINDOWS-KEY + l | Lock the computer (Windows XP & newer). |
WINDOWS-KEY + m | Minimizes all windows. |
WINDOWS-KEY + Shift + M | Restore all. Opposite with WINDOWS-KEY + M and WINDOWS-KEY + D. |
WINDOWS-KEY + r | Open the run window. |
WINDOWS-KEY + u | Utility Manager. |
WINDOWS-KEY + Tab | Cycle through the programs on task bar. |
WINDOWS-KEY + Pause/Break | Open the System Properties window. |
EXTEND YOUR BATTERY LIFE
The battery life is depends on how the battery is handling.It is very important to keep your mobile battery safe.Without battery we cant say it is mobile!.The mobile operators are telling about their long life battery life.But we are not reaching to the near value that what they say!Why its happening?It is the careless of you and or you are not aware about the battery life.Here In this post I am listing some tips,which will help you to improve your battery life.
I think the above tips will help to increase your battery life.
- Most battery having energy or power saving options.use it.
- Don’t keep your blue tooth or infrared are switched on.
- Turn off all the sounds on your phone,which is not important for phone.
- Reduce your screen brightness and reduce light time out time.
- Avoid the use of animated wall papers.It will suck your battery power.
- Don’t use vibrating alert.It will also eat your battery.
- Charge your battery,when its becomes low and make full charge and don’t charge until it is fully discharged.Also dont overcharge your battery,Overcharge makes heat and will harm your battery.
- Don’t make your application to be run on background.Close it if you don’t have use it with.
I think the above tips will help to increase your battery life.
0 vbSEO – From XSS to Reverse PHP Shell
XSS is not a big deal, or is it? On many occasions, I’ve seen this vulnerability being classified as useless, not serious, and being a low threat. What I’ve always had in mind is that it’s only the capabilities of the browser, and the hackers mind which sets the limit for a XSS attack.
It may seem impossible to do anything else other than stealing sessions, cookies and performing phishing, client side defacements etc. But take a look at the picture above, that is a reverse php shell automatically injected into the site, when a vBulletin administrator viewed a malicious linkback.
The vulnerability itself I’m referring to, is a 0day within vBSEO which exists within the administrator and moderator panel only. However, the attacker is able to inject persistent scripts via this linkback feature directly into the part of these panels handling these linkbacks.In short, the attacker crafts a malicious HTML page as shown in the advisory. Then, the attacker clicks a link to the target forum with vBSEO installed, and when the target is reached, vBSEO performs a GET-request to the attacker’s malicious HTML page (if it’s served online and if RefBacks are enabled).
The title of this page is then loaded directly into the database, and an administrator can see it sanitized in the actual thread, but also in the admin and mod panel where the title is not sanitized at all, allowing the script to run.What is actually possible?
After discovering and researching this vulnerability, I realised it was a fine case to do further studies on and then develop a XSS worm. Fortunately I got away from that idea due to the fact it could’ve been abused globally on forums with vBSEO installed. However, the idea itself was not bad so I began developing the payload aka the javascript, which would eventually inject a PHP payload via the nice plugin feature in vBulletin.
Initially, the XSS trojan I wrote should be able to do all of this silently without the user knowing, so instead of document.write being used, appendChild which uses DOM objects, was used instead. This took a bit more work in order to function better, but the result was that the visible window would not change to the affected user getting infected with this trojan.
When the user browses to, in this case “Moderate Linkbacks”, the script is executing as soon as the user hits that page. When this happens, the trojan checks whether infection has already happened once and if not, continues. Then an iframe is created outside the visible frames, where the adminhash and securitytoken (CSRF-token) is read and saved in a local variable in the browser.
Then a new form is injected into this iframe, which contains the adminhash and the securitytoken. The form itself contains the values needed to create a new and completely valid plugin which in this case, is PHP code. At this point, the script checks again if the user has already been infected and if not, the form is submitted, the plugin is created, and a cookie is set to prevent the script from going in loops.Most administrators, would notice the broken lock icon in case they use HTTPS / SSL, and then they would view the source. The great thing about using javascript to create HTML objects, especially with “appendChild” etc. is that it is not visible. A debugger, such as Firebug shown in the picture above is needed, unless the admin finds the malicious javascript payload and reads what it does, but then it might be too late.
During the execution of the XSS trojan, a time-out is set. When time runs out, the XSS trojan will try to delete itself leaving almost no traces, besides the possible injected plugin, and the remains of the hidden iframe outside the frames which cannot be viewed due to the way HTML works in FireFox.If the attacker was successful, and patient as well, he would eventually see that the target website had already connected back to retrieve the title, but also that another user had triggered the XSS Trojan which hopefully injected the PHP plugin specified by the attacker.
So what’s this tool I’ve been using during my presentation of this vulnerability? It’s a recently developed tool written in Python, where the payload is written in Javascript, freely available to anyone in the bottom of this blog. I recommend however, that a user of this tool looks inside the source code.
Is XSS a serious threat then?
Yes, it definitely is.For a demonstration of the tool and this vulnerability, check either the YouTube or RapidShare link below.
References:
Advisory: vBSEO 3.5.2 & 3.2.2 – Persistent XSS via LinkBacks
Advisory #2: vbSEO Multiple Vulnerabilities
EvilWebTool: EvilWebTool
YT Video: http://www.youtube.com/watch?v=B6QAjB3kYec
HQ Video: http://rapidshare.com/files/445021103/vbseo_0day.mp4
login (security through obscurity) – weird PHP script
This was the idea with which I have won the regional web apps contest… well actually I did a CMS but the security part of it was the most appreciated. Maybe because it was weird, you’ll see…
Classical Login scripts
What exactly do classical login scripts do… they get the password from the database by querying it with the username (SQL Injection possibility) and after that they compare the retrieved password with the one submitted by the user. If they match either the website sets a cookie, or a variable in the current session…
Weird/Reverse Login script
The main thing that I wanted to achieve was to get rid of any SQL Injection vulnerability. How did I do this? I didn’t use the classical query username in database and get the respective password; instead I searched all the usernames that had the password sent by the current user and then scanned through the list for the username, if not found no such username exists…
Weird/Obscure Cookie
The login process isn’t complete, not until we do not set a normal cookie with “strange” information in it, or should we say obscure information for everybody except the webmaster =).
Cookie verifier
This is used to check the authenticity of the cookie, I bet you already have an idea on how it looks:
It’s not a great thing, could have used sessions or the classical login method with many filters (addslashes(), mysql_real_escape_string())… but I didn’t, it was perfect for me because I am a fan of the principle: “security through obscurity” and also got more points because they wanted creativity… in everything design/development. And because I’m not a designer I had to use my creativity on development. Some of you maybe will like it, others will see it as plain stupidity, and the rest of you won’t even care… but still, it helped me won the contest…
Classical Login scripts
What exactly do classical login scripts do… they get the password from the database by querying it with the username (SQL Injection possibility) and after that they compare the retrieved password with the one submitted by the user. If they match either the website sets a cookie, or a variable in the current session…
Weird/Reverse Login script
The main thing that I wanted to achieve was to get rid of any SQL Injection vulnerability. How did I do this? I didn’t use the classical query username in database and get the respective password; instead I searched all the usernames that had the password sent by the current user and then scanned through the list for the username, if not found no such username exists…
$passwd = $_REQUEST["passwd"];
$uname = $_REQUEST["username"];
$ok = 0;
$handle = mysql_connect("", "", "");
$build = "SELECT uname FROM usr WHERE passwd='" .md5($passwd). "';
$query = mysql_query($build, $handle);
while($fetch=mysql_fetch_array($query)) {
if($fetch[0]!=$uname) {
if($ok==1) {
//do nothing
}
else {
$ok=0;
}
}
else {
$ok=1;
}
}
if($ok==0) {
header("Location: somewhere");
}
else {
//set a weird cookie
}
As far as I see through this method there is no SQL Injection possibility, no need of mysql_real_escape_string() or to worry about hex encoded strings, etc.Weird/Obscure Cookie
The login process isn’t complete, not until we do not set a normal cookie with “strange” information in it, or should we say obscure information for everybody except the webmaster =).
$build = $REMOTE_ADDR. "secretK3y"; setCookie("cookIT", md5($build), 0);As for the secret key…. it has to be secret because if it is not, a person on the same network as yours could forge a cookie to gain access.
Cookie verifier
This is used to check the authenticity of the cookie, I bet you already have an idea on how it looks:
if(!isset($_COOKIE["cookIT"])) { header("Location: somewhere"); } else { $value = $_COOKIE["cookIT"]; $build = $REMOTE_ADDR. "secretK3y"; if($value!=md5($build)) { //or a fake cookie or changed proxy } else { ...do stuff for users... } }Epilogue
It’s not a great thing, could have used sessions or the classical login method with many filters (addslashes(), mysql_real_escape_string())… but I didn’t, it was perfect for me because I am a fan of the principle: “security through obscurity” and also got more points because they wanted creativity… in everything design/development. And because I’m not a designer I had to use my creativity on development. Some of you maybe will like it, others will see it as plain stupidity, and the rest of you won’t even care… but still, it helped me won the contest…
MTN Mobile Internet
Got a GPRS, EDGE or 3G+ (HSDPA) compatible device, you’ve got the World Wide Web at your finger tips! With MTN Mobile Internet you’ve got a portable internet access service.
You’ve got Google when you need it and you’ve got sports news on the BBC Sport mobile site. You’ve got access to your email 24/7, and you can catch all the breaking news action everywhere you go! You’ve got all this through MTN Mobile internet.
Available to all MTN mobile customers, enjoy having the world's information in your palm or lap. This service is available in all areas with MTN network coverage for GPRS and EDGE; for 3G+ only Kampala and Entebbe, soon rolling out to other areas nationwide. Get to experience portable internet access at speeds of up to 7.2 Mbps.
Choose how you use the service:
On your phone
Using your internet compatible Handset get the required data settings by either:
- Sending an SMS request: yellolive to 188
or
- Using the MTN Menu dial on *160# or in your phone menu; select the MTN Services and then select Data Settings
or
- Manually as follows:
Profile Name : | MTN |
Homepage : | mtn.co.ug/mobile |
Proxy : | Enable |
Proxy address : | 10.120.0.138 |
Proxy port : | 8080 |
APN (Access Point Name) : | yellopix.mtn.co.ug |
Session mode: | Permanent |
Username : | |
Password : |
Free Mtnl Delhi and Mumbai Free 3g hsdpa working 110% 2011
MTNL MobileTV
Please use mobiletv APN to access MTNL 3G TV.
Please use below configuration detail to create the APN.
APN Name: mobiletv
Proxy Address : 172.16.39.10
Port : 9401
Note: Proxy Address : 172.16.39.10
Port : 9401
Please Select mobiletv apn in Streaming Settings and Internet Settings.
How to select a new Apn menu → tools → settings → connectivity → internet settings → select mobiletv menu → tools → settings → connectivity → streaming settings → select mobiletv
OPERA 4 moded wITH above FrontQuery Settings Given Below at END OF THIS pOST...Juz download & Open...Dont change Any seTTings..jUZ RUN & Let it Initialise...U MAY hAV dC Prob...But smthing Is better DAn Nothing
OPERA 4 moded wITH above FrontQuery Settings Given Below at END OF THIS pOST...Juz download & Open...Dont change Any seTTings..jUZ RUN & Let it Initialise...U MAY hAV dC Prob...But smthing Is better DAn Nothing
PLEASE CAST YOUR VOTE ABOVE...It Will Help us Serve u better
After Huge Pms and ReQuest..I hav MAde Diz Thread FoR AIRtel also
PLS PLS ATLEAST REPLY
UPDATE - HERE ARE THE AIRTEL MODDED APPS...USE IT WITH DEFAULT MO SETTINGS <30 Ps
AIRTEL DEFAULT SETTINGS
1)MO (Mobile office)
Apn:airtelgprs.com
Homepage:http://google.com
Proxy:off
2)NOP (net on phone)
Apn:airtelwap.com
Homepage:http://live.airtelworld.com
Proxy:on
Ip:100.1.200.99
Port:8080
3)AirTel Live!
Apn:airtelfun.com
Homepage:http://live.airtelworld.com
Proxy:on
Ip:100.1.200.99
Port:8080
MODDED AIRTEL APPS
Firstly make the Personilised MO Settings in ur MObile....and then try below apps
HANDLER SETTINGS for only Handler apps - for modded apps use NEW .prov file attached below
apn .. airtelgprs.com
proxy .. mini5.opera-mini.net
port .. 80
handler settings
proxy type .. HTTP
proxy server .. 0.facebook.com
1) GMAP - Discover Maps of vaRious Places.....
GMAP [nofollow]
2) Cricket Companion - Use Default MO Setting Bal<30 paisa - Juz remove .zip from file name.
CRICKET COMPANION [nofollow]
3) CricketZenga-Juz remove .zip from file name
CRICKETZENGA [nofollow]
4) Gmaps - For Touchscreen Phones-Juz remove .zip from file name....
gmap touch [nofollow]
5) fullonsms - Juz remove .zip from file name..
fullonsms [nofollow]
6) Ucweb 7.6 airtel mod...USE WITH MO SETTINGS...AT LOW BALANCE
UCWEB7.6AIRTEL [nofollow]
7) Way2sms - Juz remove .zip from file name..
WAY2SMS [nofollow]
EBUDDY - Juz remove .zip from file name..
EBUDDY [nofollow]
more will be added soooon plz try below 30 Ps..and dont forget to reply.....
NEW UPLOADS
SOME MORE ADDED
9) PENNYTEL
PENNYTEL [nofollow]
AED DOWNLOAD MANAGER & FRENZO CHAT APP FOR AIRTEL MOD ATTACHED BELOW
Settings for AED: -
FrOnt quEry:202.46.201.113.scarewar.com/cgi-bin/nph-get.cgi/000001A/http/
Note:
> dnt use 'http://' at first for frnt qury.
>Then click on option and click "on trick" - and u can use this download manager
NEW UPDATES
10) NEW OPera 4.3 handler (use above handler settings given)
OPERA4.3 [nofollow]
UPDATE-23-4-11
SPECIAL THANX TO ANGEK FOR HIS SITE
USE BELOW 30 PAISE WITH DEFAULT MO SETTINGS
FULLONSMSAIRTEL
fullonsms [nofollow]
way2sms airtel-rim
WAY2SMSAIRTELRIM [nofollow]
SMSZE AIRTEL
SMSZEAIRTEL [nofollow]
LATEST Free Docomo 3g Trick MAY-JUNE 2011 [100% Working]
After the long time i found very fast 3g trick for mobile users.its working in gujarat and checked by me (Admin).
1) first download this Files (s60v3 and s60v5 users)
Download Opera MIni 6 Click Here
Download Opera Mini 5 beta2 Click Here
2) Use Tata Docomo Dive In settings
3) For Java Mobile user
Download Opera Docomo handler App Fro.. Click Here
And Use This Setting
> In proxy use http and
> under it 203.101.45.215 and enjoy
4) MOre Apps r Comming Soon ..
U can Also Request by commenting..
5)Here is ScreenShot
1) first download this Files (s60v3 and s60v5 users)
Download Opera MIni 6 Click Here
Download Opera Mini 5 beta2 Click Here
2) Use Tata Docomo Dive In settings
3) For Java Mobile user
Download Opera Docomo handler App Fro.. Click Here
And Use This Setting
> In proxy use http and
> under it 203.101.45.215 and enjoy
4) MOre Apps r Comming Soon ..
U can Also Request by commenting..
5)Here is ScreenShot
Subscribe to:
Posts (Atom)