Jump to content

Search the Community

Showing results for tags 'tutorial'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. Un mod usor de a face skinuri pentru CS GO ! Trebuie sa faceti un cond aici . Dupa ori jucati sa primiti puncte ori trimiteti invite la prieteni si pentru fiecare cont facut primiti 50 puncte. Si un tutorial video pentru cei care nu se descurca ! NU ESTE FACUT DE MINE !
  2. Cel mai bun tutorial pe care l-am citit so far. Give it a try: Spolier: So Everything Has A Class? class Customer(object): """A customer of ABC Bank with a checking account. Customers have the following properties: Attributes: name: A string representing the customer's name. balance: A float tracking the current balance of the customer's account. """ def __init__(self, name, balance=0.0): """Return a Customer object whose name is *name* and starting balance is *balance*.""" self.name = name self.balance = balance def withdraw(self, amount): """Return the balance remaining after withdrawing *amount* dollars.""" if amount > self.balance: raise RuntimeError('Amount greater than available balance.') self.balance -= amount return self.balance def deposit(self, amount): """Return the balance remaining after depositing *amount* dollars.""" self.balance += amount return self.balance
  3. Salut ! Va prezint un cunoscut mod pentru cei care vor un calculator foarte bun la pret mai mic ..Acest mod este pentru placile cu socket Intel 775.In tutorialul urmator va voi prezenta cum sa punem un procesor intel xeon quad core (socket 771) deoarece acestea sunt mai ieftine decat un procesor intel quad core (socket 775) In primul rand avem nevoie de o folie speciala care se aplica peste procesor pentru a inversa cei 2 pini Aceasta este folia care inverseaza cei 2 pini : Dupa lipirea foliei , procesorul va arata asa : Pentru a se potrivii procesorul socket 771 pe socketul 771 trebuie sa taiem cele 2 bucati de plastic din socketul placii de baza : Cele 2 bucati de plastic trebuie sa le taiati cu caterul ca in imaginea de mai jos : Dupa taierea celor 2 procesorul trebuie sa intre in socket astfel : Aici aveti o poza cu diferenta dintre procesoarele pe 771 si cele pe 775 Va rog sa imi scuzati greselile gramaticale .. Dar am scris Tutorialul in graba . P.S. : Daca aveti intrebari nu ezitati sa ma intrebati !
  4. http://www47.zippyshare.com/v/TMYITk1F/file.html https://hostr.co/rEUH6ITBnbhc http://data.hu/get/8751233/FREE_VPN_SUPERHIT.rar http://www.solidfiles.com/d/2d934c91b6/FREE_VPN_SUPERHIT!.rar http://uloz.to/xKHaF1Ub/free-vpn-superhit-rar PASS: LOGMAXER no need to install only run and you're perfectly camouflaged COMPLETE VIDEO TUTORIAL!
  5. Simple HTML Tutorial ? HTML Tutorial PHP/MySQL Tutorial ? PHP / My SQL Tutorial IP Subnet Calculations Tutorial ? IP subnet calculations P.S ? ?tiu c? tutorialele sunt mai de newbies + Nu ?tiu sigur dac? Postu ?sta aici trebuia s? fie ori la partea de Tutoriale , dar totu?i mai bine s? nu ies in eviden??. Source: IT Certification Forum on Sadikhov.com, Certification Exams, MCITP, MCTS, CCNA, CCNP, CCIE
  6. Salut RST , Am facut un mic tutorial cum sa trimeti email cu un program si un Nologin Link Soft : https://www.sendspace.com/file/0m3yhu Video : Nu cu toate SSH merge sa trimeti ... Insa sunt cateva care merg foarte bine ! Toata treaba o face provider-u Nu este cel mai reusit tutorial dar sper sa fie de folos .... Revin cu edit pentru mai multe informati .. \\ Edit Liste List of Outgoing SMTP E-Mail Servers | We Rock Your Web What is my SMTP | smtp mail server SMTP server of your ISP Free SMTP Servers - A List Of Free SMTP Servers For Your ISP Cauta doar dupa domeniu fara subdomeniu (SMTP , MAIL ...etc)
  7. Daca fac un tutorial de genu 'Cum se face un permis fals' ar putea cauza geva? Adica eu doar fac un tutorial nu si incurajez faptul, priveste google altcumva aceste subiecte?
  8. In prezent atat piata cat si ansamblul domeniului dezvoltarii software a atins un punct de saturatie. Cu ce ne avantajeaza acest lucru? In primul rand la orice ne-am gandi sa dezvoltam, cineva, mai mult ca sigur s-a gandit inaintea noastra si are deja o varianta functionala(chiar si in stadiile alfa sau beta). Exista numeroase bibilioteci care ne permit dezvoltarea rapida si facila a noi module software. Cateva dintre acestea sunt C++ boost, C++ poco si opencv de asemenea pentru C++. Etapele urmatoare au fost realizate pe o platforma Win 7 x64 impreuna cu Visual Studio 2010. Boost poate fi gasita aici: Boost C++ Libraries Pentru compilare trebuie sa efectuam urmatorii pasi: Dezarhivam boost intr-un nou director. Lansam in executie un command promp(x64) dupa care navigam in directorul unde am extras arhiva Rulam bootstrap.bat Rulam b2 toolset=msvc-12.0 --build-type=complete --libdir=C:\Boost\lib\x64 architecture=x86 address-model=64 install Pentru Visual Studio 2012, folosim toolset=msvc-11.0 Pentru Visual Studio 2012, folosim toolset=msvc-10.0 Adaugam C:\Boost\include\boost-(versiune_boost) in include path in visual studio Adaugam C:\Boost\lib\x64 in libs path. Visual Studio are unele dificultati in ceea ce priveste incarcarea bibliotecilor, atat celor statice(.lib) cat si ale celor dinamice(.dll): fiecare versiune Visual Studio(2005, 2008, 2009, 2010, 2012) poate incarca biblioteci compilate cu aceiasi versiune(nu putem folosi o biblioteca compilata cu VS2005 intr-un proiect VS2010 un executabil x86(32-bit) nu poate incarca biblioteci x64 un executabil x64 nu poate incarca biblioteci x86 un executabil compilat ca si Release nu poate incarca biblioteci compilate ca si Debug un executabil compilat ca si Debug nu poate incarca biblioteci compilate ca si Release alte combinari ale regulilor de mai sus Poco se gaseste aici: Download | POCO C++ Libraries Pentru a compila biblioteca urmam pasii de mai jos: Dezarhivam arhiva(de exemplu in C:\poco) Deschidem o consola(cmd prompt) si navigam in directorul respectiv Rulam "build_vs100.cmd" Este util sa observam si optiunile pe care le avem la compilare(destinatia fisierelor binare si tipul acestora: debug sau release. Noua, de regula, ne trebuiesc ambele). opencv se gaseste aici: DOWNLOADS | OpenCV Aplicatie vine cu un installer care nu necesita o instalare/configurare detaliata(este de tipul Next->Next->...->Done) Exemple de tutoriale boost(din perspectiva transmiterea datelor prin retele) pot fi gasite aici: Tutorial - 1.40.0 Cateva exemple de tutoriale Poco se gasesc aici: Learning Poco: Getting started with threads - CodeProject Index of /slides Pentru a dezvolta aplicatii intr-un mod rapid putem recicla secvente de cod din cadrul altor module. O lista de site-uri care sunt dedicate stocarii de cod sursa se gaseste mai jos: http://freshmeat.net/ http://sourceforge.net/ http://www.codeproject.com http://osliving.com/ http://www.opensourcewindows.org/ http://www.fsf.org/
  9. This tutorial is to show you how to install a proxy on Debian 7 using SQUID3 In order for this to work correctly you will need to follow these instructions. First you need to download the script, this can be done by running: wget http://rmlh.me/dw/squid.sh Login as root to the server that you will install SQUID on and with our favourite text editor and some copy/paste technique we will create the executable script. nano squid.sh Paste the text in the code section above and save the file. Make it executable with this command chmod +x ./squid-install.sh Execute the script and follow the instructions. You will actually only need to enter a username and password that will protect the proxy from anonymous use. The username and password is shown in clear-text when entering them, this is the only time they will be shown in clear-text so make sure no one is watching over your shoulder. ./squid.sh When everything is installed you will see the IP and username needed to connect to your proxy. To add another user you can run this command on the server running your Squid proxy server. htpasswd -b /etc/squid3/squid_passwd username password Change username to the username you would like to add and password to the password you would like to use. Source
  10. In this small tutorial I'm showing the webmasters how to increase your server security by 50% in just 5 minutes. How is this possible? Most servers are getting hacked by unsecured SSH services, most of the time servers get brute forced to gain root access. Brute forcing is a hacking method by guessing the server root password, done by a script. How are we preventing this? We are going to disable root login, we are going to create a new user account. By disabling the root account, the brute forcer can't proceed because the username is unknown! How do I connect after applying this tutorial? Simply connect using the new username and password, after logged in you only have to execute 'su root' to switch to root. It will ask for the root password, once entered you are root in your server. Part 1 - Creating a new user. 1. Login into your server by SSH, using PuTTY. 2. Execute the following commands: useradd USERNAMEHERE passwd USERNAMEHERE USERNAMEHERE = Your desired login name for SSH. After executing the passwd command the console will ask you for a password. Be sure you use a secure password. (one capital, small letters, special chars and numbers. Example: RSTcenter881^359$) Now we have your new account. Part 2 - Changing the SSH settings. 3. Be sure you have nano install, if not execute the following: yum install -y nano 4.Now execute this: nano /etc/ssh/sshd_config Scroll down and find '#Port 22' and uncomment it. Change 22 to your desired SSH port. Pick a port number between 49152 and 65535, this is recommended. Then find the line '#PermitRootLogin yes' and uncomment it. Change yes to no. Close nano by Ctrl + X, then type Y and hit enter. Part 3 - Adjusting Firewall rules. 5. We need to open the port in iptables, this is done through these commands: iptables -t filter -A OUTPUT -p tcp --dport PORTNUMBERHERE -j ACCEPT iptables -t filter -A INPUT -p tcp --dport PORTNUMBERHERE -j ACCEPT service iptables save service iptables restart PORTNUMBERHERE = Your port number used in the SSH config. 6. Reload SSH config by executing: service sshd reload IMPORTANT: Before you close the current Putty console, please open up a new console and try to connect using the new settings. If it works then you can close the "old" console, but it you fail to login you can always revert the settings.
  11. You can grab the hash_extender tool on Github! (Administrative note: I’m no longer at Tenable! I left on good terms, and now I’m a consultant at Leviathan Security Group. Feel free to contact me if you need more information!) Awhile back, my friend @mogigoma and I were doing a capture-the-flag contest at https://stripe-ctf.com. One of the levels of the contest required us to perform a hash length extension attack. I had never even heard of the attack at the time, and after some reading I realized that not only is it a super cool (and conceptually easy!) attack to perform, there is also a total lack of good tools for performing said attack! After hours of adding the wrong number of null bytes or incorrectly adding length values, I vowed to write a tool to make this easy for myself and anybody else who’s trying to do it. So, after a couple weeks of work, here it is! Now I’m gonna release the tool, and hope I didn’t totally miss a good tool that does the same thing! It’s called hash_extender, and implements a length extension attack against every algorithm I could think of: MD4 MD5 RIPEMD-160 SHA-0 SHA-1 SHA-256 SHA-512 WHIRLPOOL I’m more than happy to extend this to cover other hashing algorithms as well, provided they are “vulnerable” to this attack — MD2, SHA-224, and SHA-384 are not. Please contact me if you have other candidates and I’ll add them ASAP! The attack An application is susceptible to a hash length extension attack if it prepends a secret value to a string, hashes it with a vulnerable algorithm, and entrusts the attacker with both the string and the hash, but not the secret. Then, the server relies on the secret to decide whether or not the data returned later is the same as the original data. It turns out, even though the attacker doesn’t know the value of the prepended secret, he can still generate a valid hash for {secret || data || attacker_controlled_data}! This is done by simply picking up where the hashing algorithm left off; it turns out, 100% of the state needed to continue a hash is in the output of most hashing algorithms! We simply load that state into the appropriate hash structure and continue hashing. TL;DR: given a hash that is composed of a string with an unknown prefix, an attacker can append to the string and produce a new hash that still has the unknown prefix. Example Let’s look at a step-by-step example. For this example: let secret = “secret” let data = “data” let H = md5() let signature = hash(secret || data) = 6036708eba0d11f6ef52ad44e8b74d5b let append = “append” The server sends data and signature to the attacker. The attacker guesses that H is MD5 simply by its length (it’s the most common 128-bit hashing algorithm), based on the source, or the application’s specs, or any way they are able to. Knowing only data, H, and signature, the attacker’s goal is to append append to data and generate a valid signature for the new data. And that’s easy to do! Let’s see how. Padding Before we look at the actual attack, we have to talk a little about padding. When calculating H(secret + data), the string (secret + data) is padded with a ’1? bit and some number of ’0? bits, followed by the length of the string. That is, in hex, the padding is a 0×80 byte followed by some number of 0×00 bytes and then the length. The number of 0×00 bytes, the number of bytes reserved for the length, and the way the length is encoded, depends on the particular algorithm and blocksize. With most algorithms (including MD4, MD5, RIPEMD-160, SHA-0, SHA-1, and SHA-256), the string is padded until its length is congruent to 56 bytes (mod 64). Or, to put it another way, it’s padded until the length is 8 bytes less than a full (64-byte) block (the 8 bytes being size of the encoded length field). There are two hashes implemented in hash_extender that don’t use these values: SHA-512 uses a 128-byte blocksize and reserves 16 bytes for the length field, and WHIRLPOOL uses a 64-byte blocksize and reserves 32 bytes for the length field. The endianness of the length field is also important. MD4, MD5, and RIPEMD-160 are little-endian, whereas the SHA family and WHIRLPOOL are big-endian. Trust me, that distinction cost me days of work! In our example, length(secret || data) = length(“secretdata”) is 10 (0x0a) bytes, or 80 (0×50) bits. So, we have 10 bytes of data (“secretdata”), 46 bytes of padding (80 00 00 …), and an 8-byte little-endian length field (50 00 00 00 00 00 00 00), for a total of 64 bytes (or one block). Put together, it looks like this: 0000 73 65 63 72 65 74 64 61 74 61 80 00 00 00 00 00 secretdata...... 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 ........P....... Breaking down the string, we have: “secret” = secret “data” = data 80 00 00 … — The 46 bytes of padding, starting with 0×80 50 00 00 00 00 00 00 00 — The bit length in little endian This is the exact data that H hashed in the original example. The attack Now that we have the data that H hashes, let’s look at how to perform the actual attack. First, let’s just append append to the string. Easy enough! Here’s what it looks like: 0000 73 65 63 72 65 74 64 61 74 61 80 00 00 00 00 00 secretdata...... 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 ........P....... 0040 61 70 70 65 6e 64 append The hash of that block is what we ultimately want to a) calculate, and get the server to calculate. The value of that block of data can be calculated in two ways: By sticking it in a buffer and performing H(buffer) By starting at the end of the first block, using the state we already know from signature, and hashing append starting from that state The first method is what the server will do, and the second is what the attacker will do. Let’s look at the server, first, since it’s the easier example. Server’s calculation We know the server will prepend secret to the string, so we send it the string minus the secret value: 0000 64 61 74 61 80 00 00 00 00 00 00 00 00 00 00 00 data............ 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 50 00 00 00 00 00 00 00 61 70 70 65 6e 64 ..P.......append Don’t be fooled by this being exactly 64 bytes (the blocksize) — that’s only happening because secret and append are the same length. Perhaps I shouldn’t have chosen that as an example, but I’m not gonna start over! The server will prepend secret to that string, creating: 0000 73 65 63 72 65 74 64 61 74 61 80 00 00 00 00 00 secretdata...... 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 ........P....... 0040 61 70 70 65 6e 64 append And hashes it to the following value: 6ee582a1669ce442f3719c47430dadee For those of you playing along at home, you can prove this works by copying and pasting this into a terminal: echo ' #include <stdio.h> #include <openssl/md5.h> int main(int argc, const char *argv[]) { MD5_CTX c; unsigned char buffer[MD5_DIGEST_LENGTH]; int i; MD5_Init(&c); MD5_Update(&c, "secret", 6); MD5_Update(&c, "data" "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00" "\x50\x00\x00\x00\x00\x00\x00\x00" "append", 64); MD5_Final(buffer, &c); for (i = 0; i < 16; i++) { printf("%02x", buffer); } printf("\n"); return 0; }' > hash_extension_1.c gcc -o hash_extension_1 hash_extension_1.c -lssl -lcrypto ./hash_extension_1 All right, so the server is going to be checking the data we send against the signature 6ee582a1669ce442f3719c47430dadee. Now, as the attacker, we need to figure out how to generate that signature! Client’s calculation So, how do we calculate the hash of the data shown above without actually having access to secret? Well, first, we need to look at what we have to work with: data, append, H, and H(secret || data). We need to define a new function, H?, which uses the same hashing algorithm as H, but whose starting state is the final state of H(secret || data), i.e., signature. Once we have that, we simply calculate H?(append) and the output of that function is our hash. It sounds easy (and is!); have a look at this code: echo ' #include <stdio.h> #include <openssl/md5.h> int main(int argc, const char *argv[]) { int i; unsigned char buffer[MD5_DIGEST_LENGTH]; MD5_CTX c; MD5_Init(&c); MD5_Update(&c, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", 64); c.A = htonl(0x6036708e); /* <-- This is the hash we already had */ c.B = htonl(0xba0d11f6); c.C = htonl(0xef52ad44); c.D = htonl(0xe8b74d5b); MD5_Update(&c, "append", 6); /* This is the appended data. */ MD5_Final(buffer, &c); for (i = 0; i < 16; i++) { printf("%02x", buffer); } printf("\n"); return 0; }' > hash_extension_2.c gcc -o hash_extension_2 hash_extension_2.c -lssl -lcrypto ./hash_extension_2 The the output is, just like before: 6ee582a1669ce442f3719c47430dadee So we know the signature is right. The difference is, we didn’t use secret at all! What’s happening!? Well, we create a MD5_CTX structure from scratch, just like normal. Then we take the MD5 of 64 ‘A’s. We take the MD5 of a full (64-byte) block of ‘A’s to ensure that any internal values — other than the state of the hash itself — are set to what we expect. Then, after that is done, we replace c.A, c.B, c.C, and c.D with the values that were found in signature: 6036708eba0d11f6ef52ad44e8b74d5b. This puts the MD5_CTX structure in the same state as it finished in originally, and means that anything else we hash — in this case append — will produce the same output as it would have had we hashed it the usual way. We use htonl() on the values before setting the state variables because MD5 — being little-endian — outputs its values in little-endian as well. Result So, now we have this string: 0000 64 61 74 61 80 00 00 00 00 00 00 00 00 00 00 00 data............ 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 50 00 00 00 00 00 00 00 61 70 70 65 6e 64 ..P.......append And this signature for H(secret || data || append): 6ee582a1669ce442f3719c47430dadee And we can generate the signature without ever knowing what the secret was! So, we send the string to the server along with our new signature. The server will prepend the signature, hash it, and come up with the exact same hash we did (victory!). The tool You can grab the hash_extender tool on Github! This example took me hours to write. Why? Because I made about a thousand mistakes writing the code. Too many NUL bytes, not enough NUL bytes, wrong endianness, wrong algorithm, used bytes instead of bits for the length, and all sorts of other stupid problems. The first time I worked on this type of attack, I spent from 2300h till 0700h trying to get it working, and didn’t figure it out till after sleeping (and with Mak’s help). And don’t even get me started on how long it took to port this attack to MD5. Endianness can die in a fire. Why is it so difficult? Because this is crypto, and crypto is immensely complicated and notoriously difficult to troubleshoot. There are lots of moving parts, lots of side cases to remember, and it’s never clear why something is wrong, just that the result isn’t right. What a pain! So, I wrote hash_extender. hash_extender is (I hope) the first free tool that implements this type of attack. It’s easy to use and implements this attack for every algorithm I could think of. Here’s an example of its use: $ ./hash_extender --data data --secret 6 --append append --signature 6036708eba0d11f6ef52ad44e8b74d5b --format md5 Type: md5 Secret length: 6 New signature: 6ee582a1669ce442f3719c47430dadee New string: 64617461800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000617070656e64 If you’re unsure about the hash type, you can let it try different types by leaving off the –format argument. I recommend using the –table argument as well if you’re trying multiple algorithms: $ ./hash_extender --data data --secret 6 --append append --signature 6036708eba0d11f6ef52ad44e8b74d5b --out-data-format html --table md4 89df68618821cd4c50dfccd57c79815b data80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000P00000000000000append md5 6ee582a1669ce442f3719c47430dadee data80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000P00000000000000append There are plenty of options for how you format inputs and outputs, including HTML (where you use %NN notation), CString (where you use \xNN notation, as well as \r, \n, \t, etc.), hex (such as how the hashes were specified above), etc. By default I tried to choose what I felt were the most reasonable options: Input data: raw Input hash: hex Output data: hex Output hash: hex Here’s the help page for reference: -------------------------------------------------------------------------------- HASH EXTENDER -------------------------------------------------------------------------------- By Ron Bowes See LICENSE.txt for license information. Usage: ./hash_extender <--data=|--file=> --signature= --format= [options] INPUT OPTIONS -d --data= The original string that we're going to extend. --data-format= The format the string is being passed in as. Default: raw. Valid formats: raw, hex, html, cstr --file= As an alternative to specifying a string, this reads the original string as a file. -s --signature= The original signature. --signature-format= The format the signature is being passed in as. Default: hex. Valid formats: raw, hex, html, cstr -a --append= The data to append to the string. Default: raw. --append-format= Valid formats: raw, hex, html, cstr -f --format= [REQUIRED] The hash_type of the signature. This can be given multiple times if you want to try multiple signatures. 'all' will base the chosen types off the size of the signature and use the hash(es) that make sense. Valid types: md4, md5, ripemd160, sha, sha1, sha256, sha512, whirlpool -l --secret= The length of the secret, if known. Default: 8. --secret-min= --secret-max= Try different secret lengths (both options are required) OUTPUT OPTIONS --table Output the string in a table format. --out-data-format= Output data format. Valid formats: none, raw, hex, html, html-pure, cstr, cstr-pure, fancy --out-signature-format= Output signature format. Valid formats: none, raw, hex, html, html-pure, cstr, cstr-pure, fancy OTHER OPTIONS -h --help Display the usage (this). --test Run the test suite. -q --quiet Only output what's absolutely necessary (the output string and the signature) Defense So, as a programmer, how do you solve this? It’s actually pretty simple. There are two ways: Don’t trust a user with encrypted data or signatures, if you can avoid it. If you can’t avoid it, then use HMAC instead of trying to do it yourself. HMAC is designed for this. HMAC is the real solution. HMAC is designed for securely hashing data with a secret key. As usual, use constructs designed for what you’re doing rather than doing it yourself. The key to all crypto! [pun intended] And finally, you can grab the hash_extender tool on Github! Source: blog.skullsecurity.org
  12. Stie careva un tutorial bun de SQL injection ca am gasit pana acum numai chestii marunte ? Mentionez k sunt familiarizat cu limbajul , trebuie sa lucrez la skill .
  13. An Intro to CSS: Finding CSS Selectors by Zandy Ring on July 25, 2013 Last month, we introduced a series on CSS (Cascading Stylesheets) and talked a bit about how you can use CSS to make your site look just the way you want. Today, let’s dive back in! WHAT’S A SELECTOR, AND WHY DO I NEED IT? After reading the last Intro to CSS post, you may have been left wondering how to find CSS selectors to target on your site. A selector is the code a site uses to make changes to how things display. In this post, we’ll look at how to find these selectors in any theme. To quickly recap the last post, we looked at hiding post meta data (the timestamp and author) and found that in the Twenty Twelve theme, the post meta data is targeted with the selector “footer.entry-meta” — but this changes with different themes. When you know what selector to use, you can target it with CSS to change how it displays, so knowing the right selector is important. USING THE DEVELOPER TOOLS TO FIND WHAT YOU NEED All the major browsers come with a developer tool (dev tool) that will let you view the code for the page. You can use a tool like Firebug (a download that is made for Firefox), or Chrome’s built-in Developer Tools. In this post, I’ll run through an example using Chrome. Here’s a really quick guide to finding the dev tools in a few browsers: Chrome: Access the browser tool via the browser menu: go to View > Developer > Developer Tools. Want a shortcut? The quickest way to access the dev tools in Chrome is to press alt+ctrl+i on a PC or alt+command+i on a Mac. Firefox: Download Firebug. Then, open the dev tools by hitting your F12 key on a PC, or by going to Tools > Web Developer > Firebug > Open Firebug on a Mac — on both you can just click on the Firebug icon in the top right of your browser window. Internet Explorer: Download the dev toolbar and install it. Then, access the tools using your F12 key. Each view will be a little different than the one below, but the key things we’ll look at will be the same. The webpage with the dev tools opened up in Chrome. There’s a lot to see here — and a lot you can look up! To keep this simple, let’s look at the Element tab (the default tab). Most dev tools include some kind of magnifying glass icon: Enable the magnifying glass by clicking on it. Then, mouse over the page — the CSS selectors in use will appear in a few different places: Notice that the element itself highlights (the blue is the actual size of the element, the orange is the padding around the element). You can see the element width and height in pixels (1). The next place you can see the selector name is in the Element Inspector itself (2). If you’re not familiar with HTML and CSS, this is a great place to start and poke around! This shows the selector as it appears in the code of the page itself. The third place you can see the selector is in the Matched CSS Rules pane (3). We’ll talk about the Matched CSS Rules pane again in the next article. Finally, you can see the chain of all the active selectors above that element (4). Note: “Element” is another way to describe an item on your page you want to change or style. The “selector” is the code the website uses to describe that element to the code. If we imagined that your website is your apartment, then an element could be your couch. The selector for your couch would be the serial number — it’s a specific way to identify the element. Finding the right element to test in your CSS tab is easy — when you know where to look! Let’s search for one more selector together. Perhaps you’d like to change the alignment of your post titles from left to right, but you’re not sure what to target. Once again, I’ll use Chrome and the Twenty Twelve theme, but give this a try on your theme! Note that the declaration we’ll use is text-align: right. You’ll be able to see that in action below. Here are some steps to run through: 1. First, go to one of your posts so you can see the post title. 2. Pop open your dev tools (in Chrome on a Mac, I hit command+option+i). 3. Click on your magnifier icon. 4. Run your cursor over the post title (tip: move your mouse until you see an area larger than the letters themselves highlight — you don’t want to target the “a” tag in this example). 5. When you see the post title area highlight, click your mouse once to “freeze” the magnifying action so you can use the mouse without losing the selector. 6. Identified! Now to plug it in! And here is what I found in Twenty Twelve: The selector is displayed as h1.entry-title in this theme. EDITING THE CSS Now that you have the selector in hand, you can use it in your CSS Customizer tab. First, navigate to your Customizer, then choose the CSS option: When the Customizer is open, you’ll see the post title (“Solace of a lonely highway”) and the CSS entry area: When we add some CSS we can see the post title re-align accordingly: Using text-align: right; we can shift the title to align on the right instead of the left. We know that the selector displayed as h1.entry-title, but it works as just .entry-title. A quick way to discover how much of the selector you should use is to plug it into the Customizer and see if it works the way you want it to! We used the text-align declaration here with right so the text aligns on the right, but it also accepts left and center — why not try both of these, too, and see what happens? If you want to copy and paste the code I used into your CSS tab, here it is: .entry-title {text-align: right;} As soon as you enter valid CSS into the Customizer, you’ll see your change take effect! Testing CSS right in the Customizer is a no-risk method — you can erase it if you don’t like what you see, and no one else can see it before you save it. If you’d like some additional resources on editing CSS, browse our support page on Custom CSS, and don’t forget to check out the recommended resources at the bottom. In the next post, we’ll explore the Matched CSS Rule pane, and see how you can use it with the Customizer to get these selectors working for you! Sursa: An Intro to CSS: Finding CSS Selectors | The Daily Post E de mare folos acest Intro. Sper sa fie de ajutor
  14. Today we are going to show you how to mask images with shapes plus some nifty zoom animation effects with just HTML & CSS. I have seen this kind of styling and effect in many portfolio websites and let me show you how it's made. Personally, I don't think we should withhold ourself from using new technology or technique such as CSS3 on web projects because of old browsers don't support them. I believe we should "reward" users with modern browser by giving them a better user experiences. Therefore, I enjoy using CSS3 in my projects, but of course, we have to make sure it can degrades gracefully or at least display well in old browsers. This tutorial will be using CSS3 transform which means, old browsers will not show the zooming effect. Good news is, I have coded it, even if it's old browsers, it will still look pretty good and usable. If you want something hardcore, you can check out my previous tutorial - Create Beautiful Hexagon Shape With Pure CSS3. Here are some of the websites that are using the similar way in theirs portfolio page: IMAGES We want this example to be usable in most browsers, therefore, we're not going to draw the shape using CSS3 or whatever fancy techniques. We stick to the ancient way - transparent PNG. This is how each of the shape looks like: HTML To make it easy to understand, I have made an image to illustrate what each layer does. <div class="shape"> <a href="{URL}" class="overlay {round|hexagon|pentagon}"></a> <div class="details"> <span class="heading">{TITLE}</span> <hr /> <p>{DESCRIPTION}</p> <a href="{URL}" class="button">VIEW</a> </div> <div class="bg"></div> <div class="base"> <img src="{IMAGE URL}" alt="" /> </div> </div> In case you need the fonts I used in this tutorial, here is it: <link href='http://fonts.googleapis.com/css?family=Abel' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Roboto+Slab' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Roboto+Condensed:400,700' rel='stylesheet' type='text/css'> CSS We don't have Javascript in this tutorial. We use :hover pseudo code and also CSS animation to do simple mouseover and zooming effects. Here is the portion of code that does all these animation effects: ...... .shape .overlay { display:block; width: 310px; height: 310px; position: absolute; top:-5px; left:-5px; -webkit-transform: scale(1,1); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.6s; -moz-transform: scale(1,1); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.6s; transform: scale(1,1); transition-timing-function: ease-out; transition-duration: 0.6s; z-index:500; /* allow user to actually perform actions underneath this layer */ pointer-events:none; background-repeat: no-repeat; } ...... /* hover effect */ .shape:hover .overlay { -webkit-transform: scale(1.07,1.07); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.3s; -moz-transform: scale(1.07,1.07); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.3s; } .shape:hover .bg { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=80)"; filter: alpha(opacity=80); -moz-opacity: 0.8; -khtml-opacity: 0.8; opacity: 0.8; display:block; } .shape:hover .details { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)"; filter: alpha(opacity=100); -moz-opacity: 1; -khtml-opacity: 1; opacity: 1; z-index:450; display:block; } ...... Here is the full CSS: .shape { width: 300px; height: 300px; position: relative; } .shape .overlay { display:block; width: 310px; height: 310px; position: absolute; top:-5px; left:-5px; -webkit-transform: scale(1,1); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.6s; -moz-transform: scale(1,1); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.6s; transform: scale(1,1); transition-timing-function: ease-out; transition-duration: 0.6s; z-index:500; /* allow user to actually perform actions underneath this layer */ pointer-events:none; background-repeat: no-repeat; } /* different shapes */ .shape .overlay.round { background: url(round.png); } .shape .overlay.hexagon { background: url(hexagon.png); } .shape .overlay.pentagon { background: url(pentagon.png); } /* hover effect */ .shape:hover .overlay { -webkit-transform: scale(1.07,1.07); -webkit-transition-timing-function: ease-out; -webkit-transition-duration: 0.3s; -moz-transform: scale(1.07,1.07); -moz-transition-timing-function: ease-out; -moz-transition-duration: 0.3s; } .shape:hover .bg { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=80)"; filter: alpha(opacity=80); -moz-opacity: 0.8; -khtml-opacity: 0.8; opacity: 0.8; display:block; } .shape:hover .details { -ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)"; filter: alpha(opacity=100); -moz-opacity: 1; -khtml-opacity: 1; opacity: 1; z-index:450; display:block; } /* content styles */ .shape .bg, .shape .details { position: absolute; width: 300px; height:300px; display:table-cell; vertical-align:middle; text-align:center; top:0; left:0; opacity:0; -webkit-transition: all 0.3s ease; -moz-transition: all 0.3s ease; -o-transition: all 0.3s ease; transition: all 0.3s ease; display:none; } .shape .bg { background: #4b5a78; } .shape .details span.heading { font-family: 'Roboto Condensed', serif; font-size:30px; display:block; margin-top:70px; color:#fff; text-decoration:none; } .shape .details p { font-family: 'Abel', sans-serif; color:#fff; width: 70%; font-size:14px; margin:0 auto; } .shape a.button { padding:5px 15px; font-family: 'Abel', sans-serif; font-size:12px; -webkit-border-radius: 20px; -moz-border-radius: 20px; -ms-border-radius: 20px; -o-border-radius: 20px; border-radius: 20px; background: #2f3644; text-decoration:none; color:#fff; display:block; width:50px; margin:0 auto; text-align:center; margin-top:15px; } .shape a.button:hover { background: #fff; color: #2f3644; } Conclusion That's it, pretty simple to make and look elegant too. You can change the shape to whatever you want. This tutorial is tested on IE8 and should work in most modern browsers. If you have any questions, drop a comment. Demo | Download Source Author: Kevin Liew
  15. 1. Exploit Development - Part 1 (Concepts) **This video and Part 2 Segment 1 are more lecture based videos** I recommend watching in full-screen due to quality issues. This is part 1 of 5. More to come over the next few weeks. Also, sorry about how I was talking in the video, I'm not a strong 2. Exploit Development - Part 2a (Shellcode) Exploit Development - Part 2b (Shellcode) 3. Exploit Development - Part 3 (Fuzzing) 4. Exploit Development - Part 4 (Disassembly/Reversing) Reverse Engineering is a very broad category, and in its own right deserves its own video series. The steps I go through in this video are more for mapping out a program, rather than editing asm code to change execution flow. 5. Exploit Development - Part 5a (Putting It All Together) Exploit Development - 5b (Putting It All Together)
  16. .htaccess is one file that every web admin should know and understand. At its basic level it controls access to your sites directories. But there is much more that you can do, as the snippets in this post will show you. If you you would like to learn the basics of .htaccess, you should check our our Introduction to .htaccess article, which explains pretty well everything you will need to get you up and running. So, here are some useful tricks you can do with .htaccess: 1. Controlling Access to Files and Directories Password protection is one thing, but sometimes you may need to completely block users from having the option of accessing a particular file or directory. This usually happens with system folders, such as the includes folder for which applications will need access but no users will ever need the privilege. To do this, paste this code onto an .htaccess file and and drop it in the directory: deny from all However, this will block access to everyone, including you. To grant yourself access you need to specify your IP address. Here is the code: order deny,allow deny from all allow from xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx is your IP. If you replace the last three digits with 0/12 for example, this will specify a range of IPs within the same network, thus saving you the trouble to list all allowed IPs separately. If you want to block access to a particular file, including .htaccess itself, use the following snippet instead: <Files .htaccess> order allow,deny deny from all </Files> Similarly, if you want to allow given IPs, list them with allow from. If you want to block access to particular file types, use this instead: <FilesMatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$"> Order Allow,Deny Deny from all </FilesMatch> 2. Disabling Directory Browsing To prevent directory browsing, add this: Options All -Indexes However, if for some reason you want to enable directory browsing, change it to the following: Options All +Indexes 3. Speeding-Up Load Times by Compressing Files You can compress any type of file, not only images. For instance, to compress HTML files, use this: AddOutputFilterByType DEFLATE text/html To compress TEXT files, use this: AddOutputFilterByType DEFLATE text/plain You can also compress JavaScript, or add compression to multiple file types with one command: AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml Alternatively, if you want to compress all of your JavaScript, HTML, and CSS files with GZIP, you can use this: <IfModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text\.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image\.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* </IfModule> 4. Protect Your Site against Hotlinking If you don’t want your images hotlinked, add this to your .htaccess file: RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC] RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L] Just replace yourdomain.com with your own and you are good to go. 5. Blocking Visitors Referred from a Particular Domain If you have users from a particular domain you don’t welcome, you can ban them from your site. For instance, if your site gets listed in a place you don’t want traffic from (i.e. adult sites, blackhat sites, etc.), you can serve them with a 403 Forbidden page. You need to have mod_rewrite enabled but since it is usually on, you should be fine. Add this snippet: <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_REFERER} bannedurl1.com [NC,OR] RewriteCond %{HTTP_REFERER} bannedurl2.com [NC,OR] RewriteRule .* - [F] </ifModule> You need to replace bannedurl1.com and bannedurl2.com etc. with the domain names you want to blacklist. You may want to use the [NC] flag because it specifies that the domain name you’ve entered isn’t case sensitive. The [F] flag specifies the action to take – in this case to show the 403 Forbidden error. If you want to ban multiple sites, use the [NC,OR] flag for every domain but the last and if you want to ban a single domain use only the [NC] flag. 6. Blocking Requests from Particular User Agents If your log files show particular user agents (bots or spiders) you can add a few lines to .htaccess and deny them access to your site: RewriteEngine On RewriteBase / SetEnvIfNoCase Referer "^$" bad_user SetEnvIfNoCase User-Agent "^badbot1" bad_user SetEnvIfNoCase User-Agent "^badbot2" bad_user SetEnvIfNoCase User-Agent "^badbot3" bad_user Deny from env=bad_user Replace badbot1, badbot1, etc. with the names of bots from your log files. This should keep such programs away from your site. 7. Caching Files Another way to speed your site’s load times is via file caching. Here is what you need to add in order to cache files: <FilesMatch ".(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$"> Header set Cache-Control "max-age=2592000" </FilesMatch> You can add more file types (or remove some of them) to the sequence of files listed in this example – do what suits you. You can also use max-age to specify the amount of time in seconds that your files will live in the cache. 8. Disabling Caching for Particular File Types If you don’t want to cache particular file types, it is easier not to include them in the cache sequence. However, sometimes files might get cached even if you you don’t explicitly list them there and in this case you may want to disable caching only for them. Most often you will want to disable caching for dynamic files, such as scripts. Here is how to do it: <FilesMatch ".(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch> Just pipe the files you want caching disabled for and this is it. 9. Bypassing the Download Dialogue By default, when you try to download a file from a Web server, you get a dialogue that asks you if you want to save the file or open it. This dialogue is especially irritating with large media files or PDFs. If the files you have uploaded to your server are for downloads, you can save users the trouble and proceed straight to download. Here is what you need to set in .htaccess: AddType application/octet-stream .pdf AddType application/octet-stream .zip AddType application/octet-stream .mp3 10. Renaming an .htaccess File If for some reason, mostly security-related, you want to rename your .htaccess file, it is very easy to do it. In theory, renaming an .htaccess file shouldn’t cause problems with the applications running on your server but if by chance you notice such issues after you rename the file, just rename it back to its original name. AccessFileName htac.cess You also need to update any entries in the file itself or everywhere .htaccess is mentioned, otherwise you will be getting lots of errors. 11. Changing a Default Index Page If you want your index page to be something different from the default index.html, index.php, index.htm, etc. this is very easy to do. Here is what you need to add to .htaccess: DirectoryIndex mypage.html Replace mypage.html with the actual URL of the page you want to use as index and you are done. 12. Redirecting to a Secure https Connection If you are using https and you want to redirect users to the secure pages of your site, use this: RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} 13. Restricting File Upload Limits in PHP, Maximum Size of Post Data, Max Script Execution Time, etc. .htaccess allows you to set some values that directly affect your PHP applications. For instance, if you want to impose upload limits in PHP, so that you don’t run out of hosting space because of large files, use this: php_value upload_max_filesize 15M Of course, you can set the value to anything you deem appropriate – 15M (MB) in this example isn’t fixed in stone. You can also restrict the maximum post size for uploading in PHP, To do it, add this: php_value post_max_size 10M Similarly, you can change 10M to any value that suits you. If you don’t want scripts to execute forever, you can limit their execution time with the help of the following: php_value max_execution_time 240 240 is the number of seconds before the script will be terminated and as you guess, it could be any value. Finally, if you want to limit the time a script can parse input data, use this: php_value max_input_time 180 And set any value in seconds that suits you. 14. Disguising File Types Sometimes you wouldn’t like users, to know the file types of the files on your site. One way to hide this information is if you disguise them. For instance, you can make all your files look as if they are HTML or PHP files: ForceType application/x-httpd-php ForceType application/x-httpd-php There is much more that can be done with .htaccess. For instance, you can set automatic translation of your site’s pages, or set the server timezone, or remove the www from URLs, or use fancy directory listings, etc. In any case, before you start experiments with .htaccess, always backup the original .htaccess, so if things don’t go as planned, you have a working copy to revert to. Source
  17. Salut! As dori si eu ceva vulnerabilitati la site-ul Scoala cu clasele I-VIII Mihai Eminescu Rosiorii de Vede . Este fosta mea scoala,si as vrea sa le transmit un "salut" .Daca se poate,cine ma poate ajuta,sa-i faca un deface (cu o poza funny sau orice) sau o stricaciune mai grava.Daca nu s-ar putea cele de mai sus,as dori un tutorial despre deface sau vulnerabilitati si cum sa le exploatez . Toate cele bune.
  18. Today, we introduce a new unit to Code Year: HTML and CSS. You'll learn how to build and customize webpages, and eventually combine this with your JavaScript knowledge to add interactivity and animation to websites. Code Year » Week 13: Build a Webpage Code Year: Week 13: Build a Webpage | Codecademy via mail
  19. La adresa Ghid de referinta Nmap (Pagina Man) gasiti ghidul de referinta Nmap tradus in intregime in limba romana.
  20. Acest tutorial tinde sa arate prin video rezolvarea la challenge-ul (keygenme) lui flux. Este in engleza ca sa fie accesibil pentru toata lumea. Este intentionat pentru incepatori. https://rapidshare.com/files/3837680734/Reversing_flux_keygenme.zip |roe
  21. Tutorialul nu e realizat de mine este loat de aici :Instalare Joomla 1.5 - site Joomla bun.. Acest tutorial se refera la instalarea Joomla! 1.5.x, local, pe un server XAMPP.(adica tre sa aveti instalat xampp in pc il puteti loua de aici apache friends - xampp si joomla o luati de aici + e in romana link: Joomla! Romania Dupa cum stim primul pas este sa descarcam de pe joomla.org, ultima versiune de Joomla, la ora aceasta versiunea e 1.5.9, adica am descarcat pachetul numit Joomla_1.5.9-Stable-Full_Package.zip Odata descarcata pe calculator, se dezarhiveaza si mutam fiserele sub un folder creat in htdocs,(htdocs il gasiti in foldarul in care e instalat wampp) eu l-am numit joomla159. Pasul urmator este sa cream o baza de date pentru noul site. Asa ca tastam in browser localhost/phpmyadmin si cream baza de date eu am numit-o joomla159, ca sa nu incurc cu altele create. Kesepian a mai adaugat: la pasul crearii bazei de date, e foarte important ca setarea pentru Collation cat si a campului de deasupra sa se faca UTF8 general_ci sau UTF8 romanian_ci. - de ce? pentru ca daca ramane latin_sweedish sau orice altceva, site-ul nu va afisa diacriticile romanesti. - mai mult, precizarea mea, este importanta pentru cei care instaleaza Joomla via Fantastico Deluxe (functia din Cpanel), care seteaza Collation-ul bazei de date pe latin_sweedish. Imediat dupa ce am dat Create, o sa ne intrebe daca adaugam tabele, NU adaugam nimic pentru ca Joomla va insera tabelele necesare. Acum nu avem decat sa tastam in browser: localhost/joomla159 (sau cum ai dat numele la folder), si instalarea Joomla incepe cu pasul 1: Choose Language. Vezi ca in lista mai jos este si limba Romana, dai click pe ea si click pe Pasul Urmator sus in dreapta. Pasul urmator al instalarii Joomla, (Verificare inaintea instalariiJoomla! 1.5.9 Production/Stable [Vatani] 9-January-2009 23:00 GMT), face diverse verificari ale sistemului. Primul grup de verificari, sunt cerintele minime necesare rularii site-ului, daca unul din ele este cu rosu nu vei putea trece mai departe. Al doilea grup de verificari sunt recomandate pentru limbajul PHP, dupa cum vedeti una este cu rosu, asta nu inseamna insa ca Joomla nu va functiona. Daca dezarhivam direct pe server, se poate ca sa nu avem drepturi de scriere, asa ca de cele mai multe ori, fisierul configuration.php nu se poate crea. O sa primim un mesaj de avertizare: Nu puteti continua instalarea, deoarece continutul fisierului de configurare va fi atasat la final. Va trebui sa faceti inca un pas in plus pentru a incarca codul manual. Selectati zona de text pentru e evidentia codul afisatsi apoi, copiati acest continut intr-un fisier nou denumit configuration.php pe care mai apoi il incarcati pe site in directorul radacina. Pasul urmator, Licenta, ne sunt explicate conditiile sub care Joomla este distribuita. Dam click pe Pasul Urmator sus in dreapta. Urmatorul este foarte important (Configurarea bazei de date), aici trebuie sa fim foarte atenti, daca introducem o data gresit, nu se va putea face conexiunea la baza de date. Tipul bazei de date: lasam mysql Numele serverului: localhost; atentie, pe unele servere, numele serverului nu este obligatoriu localhost, aveti aceste date de la provider-ul hostingului. Numele de utilizator: root; local este implicit root, pe un server online este foarte posibil ca numele de utilizator sa fie altul, aveti aceste date cand ati activat contul de hosting, sau va puteti face singur un user daca aveti drepturi. Parola: lasam gol aici, pentru ca la instalare XAMPP nu am setat nicio parola; pe un server online SIGUR avem o parola. ATENTIE un pic la Setari auxiliare, prefixul tabelelor, default Joomla pune jos_ insa va recomand sa schimbati cu altceva din motive de SECURITATE - exista injectii pe MySQL care folosesc faptul ca tabelele voastre incep cu jos_ , daca ai schimbat insa extensia nu mai ai de ce sa iti faci griji. Pur si simplu inlocuiti "jos" cu altceva, nu e obligatoriu sa tineti minte literele introduse acolo. ATENTIE sa nu uitati _ dupa cuvantul adaugat. Urmatorul pas, Configurare FTP, putem lasa foarte simplu pe Nu. Daca instalam pe un server online, este bine sa configuram si aceste optiuni; un motiv ar fi ca odata instalate extensiile, nu o sa avem probleme de drepturi de scriere pe acele foldere, un alt motiv este ca cineva care nu stie contul de FTP nu va putea instala extensii din partea de administrare. Sa ai grija insa daca le completezi si nu mai stii contul de FTP, nu o sa poti instala nici tu extensii - totusi poti dezactiva acesta optiune din fisierul configuration.php [var $ftp_enable = '0';] Si iata ca ajungem la pasul "Configurare de baza". Aici adaugam un nume la site, acest nume va apare in titlul site-ului asa ca il alegi si tu in functie de nisa pe care ai site-ul. Adaugam si adresa de email (local nu are mare importanta), pe un server online are pentru ca este adresa la care vei primi instiintari de la Joomla cand un nou user se adauga in site. Parola administrator; local poti pune "admin", deoarece default userul este deasemenea "admin" si iti va fi mai usor. E bine ca sa schimbi parola cand instalezi sau muti site-ul online, schimba si userul de administrator din admin in altceva, vei sta putin mai linistit pe probleme de securitate. Instalare date monstra, restaurare sau migrare continut backup; apasa pe butonul de instalare date mnstra astfel Joomla! va adauga continut in site si iti va fi mai usor sa te ghidezi. Suntem aproape de final, si vedem in ferestra un text mare scris cu rosu, NU UITATI SA STERGETI DIRECTORUL "INSTALLATION" - mergi in htdocs unde am pus fisierele Joomla si sterge acel director. Daca fisierul configuration.php nu a fost creat, ATENTIE, in acesta fereastra avem codul necesar sa il facem noi. Mesajul spune: Fisierul de configurare sau directorul unde se gaseste acesta nu are permisii de scriere, sau aa parut o problema la crearea fisierului. Va trebui sa incarcati urmatorul cod manual. Navigati in zona de text, selectati codul si apoi copiati-l intr-un fisier denumit configuration.php, pe care il incarcati in directorul radacina al site-ului dumneavoastra. Mai pe scurt, am deschis notepad, am copiat codul in el, l-am salvat configuration.php si l-m urcat pe server in root. Poti opta apoi sa mergi in partea de administrator, unde trebuie sa introduci userul si parola aleasa. userul va fi admin, parola cea aleasa de tine mai devreme. partea de administrare site Joomla partea de front end site Joomla Cam asta a fost tot, avem un site Joomla functional. Daca apar probleme la final, un prim pas este sa verificati daca fisierele aflate pe server sunt la fel ca cele locale. Am facut astazi un instal, totul a mers bine dar cand sa intru pe site aparea o pagina goala. Problema: la dezarhivarea pachetului Joomla pe server, unele foldere nu s-au creat, le-am incarcat manual pe FTP si totul a fost ok. Aveti si un tutorial video pt cei care vor joomla direct pe site . sper ca v-am fost de ajutor(m-am gandit ca o sa fie nobi care nu stiu sa instaleze xampp asa ca inca un tutorial video pt instalare xamp dar aici aveti link :AdF.ly - shrink your URLs and get paid!
  22. ***Ghid cu 3 pasi*** Acest ghid aduce noi lucruri, cum ar fi suport pentru subtitrari SRT, SUB si SSA, SON sau SST. Si mult mai usor de folosit de incepatori in domeniul DVD Authoring. Software used: 1. DVD Decrypter - (pentru a demuxa video, audio si capitole din DVD) 2. DVD-lab PRO 1.0 - (pentru a multiplexa video, audio si subtitrari) 3. Ifo Update - (pentru a face update la fisierele IFO originale, sa aiba cunostiinta de noile informatii din fisierele VOB) Creeaza 3 foldere pe o partitie cu aproximativ 20 Gb spatiu liber. O partitie NTFS este necesara pentru filme ce depasesc 4 Gb. PASUL 1 - DVD Decrypter a). Introdu in DVD-ROM discul cu filmul pe care vrei sa pui subtitrare. Daca ai o imagine DVD pe harddisk, monteaza imaginea cu Daemon Tools. Deschide DVD Decrypter, Mergi la meniul Tools si apasa pe ?Settings? si dupa aceea apasa pe tabul ?IFO Mode? si seteaza parametrii ca in imaginea de mai jos.. Dupa ce ai setat totul ca in imaginea de mai sus, apasa OK si mergi la meniul ?Mode? si selecteaza ?IFO I?. In aces moment programul va selecta automat filmul principal pentru a-l demuxa. . In partea dreapta apasa tabul ?Stream Processing ? si pe urma bifeaza optiunea ?Enable Stream Processing? si mai jos selecteaza ?Demux? ca in imaginea de mai jos. Acum selecteaza toate randurile din fereastra Stream Processing, unul cate unul, (NUMAI CELE CARE ITI TREBUIESC SAU LE VREI) si selecteaza pentru fiecare in parte optiunea Demux. c). Selecteaza destinatia fisierelor, in cazul nostru folderul ?Demuxed DVD? . Apasa butonul si programul va incepe sa lucreze. Dupa ce termina, inchide DVD Decrypter. PASUL 2 - Multiplexarea fisierelor video, audio si subtititrari cu DVD-lab PRO. a). Deschide DVD-lab PRO si in fereastra care iti apare selecteaza ca in imaginea de mai jos, optiunea ?Simple (Movie Only)?. Nu uita sa alegi optiunea NTSC sau PAL asa cum este DVD-ul original, dupa care apasa OK. . In partea de jos stanga a ecranului, in sectiunea mare alba, click dreapta si apasa ?Import?? si importa unul cate unul, fisierele VIDEO si AUDIO. c.) Click dreapta pe fiecare linie in sectiunea alba unde ai importat fisierele video si audio, si alege ?Insert to Project?? Fisierele video si audio vor fi automat introduse in fereastra MOVIE 1 (partea dreapta sus a ecranului). d). Click dreapta in sectiunea Chapters (chiar deasupra sectiunii Video) in fereastra MOVIE 1 si mergi la Chapters->Import Chapters? O fereastra va apare, doar trebuie sa apasi butonul ?Proceed? si capitolele vor fi automat introduse in film. (Apasa OK la toate ferestrele care apar). e). Dublu click pe sectiunea Sub 1 si o fereastra noua va apare. Mai intai va trebui sa alegi limba subtitrarii? Pe urma apasa pe butonul Import si introdu subtitrarea (ai 5 formate sa alegi: SUB, SRT, SSA, SON, SST). Optional: 1. Poti alege culoarea subtitrarii (White or Yellow/Alb sau Galben). 2. Poti alege fontul. (Sugerez a se folosi un font Arial Narrow/Bold). 3. Poti alege marimea fontului. (Sugerez marimea fontului 18). 4. Poti alege un stil pentru font. (Sugerez folosirea stilului Thick Outline). Daca ai un disc NTSC sugerez a se selecta optiunea ?From DF source? pentru o sincronizare perfecta. (Poti face niste teste pentru a vedea daca ai sincronizare perfecta). Poti vedea schimbarile in fereastra Preview ! Dupa ce ai terminat apasa butonul ?Generate Subtitle Stream? si asteapta sa se termine procesul?dupa ce termina se va intoarce automat la fereastra principala. Acum poti vedea subtitrarea adaugata automat in fereastra MOVIE 1. Daca vrei ca o subtitrare sa apara automat cand dai play la film, bifeaza optiunea ?Set this Subtitle always ON by default? In fereastra care apare selecteaza calea in folderul Final DVD si apasa butonul Start. Asteapta pana se termina tot procesul. Dureaza aproximativ 15-20 minute; depinde de viteza HDD-ului. PASUL 3 - Updatarea fisierelor IFO originale. a). Copiaza din DVD-ROM pe harddisk in folderul ?Original DVD? toate fisierele discului cu DVD Shrink. ??????????????? ATENTIE ! - Inainte de a muta fisierele *.VOB peste cele originale redenumeste-le (ex.: sa presupunem ca pe discul original filmul este situat in fisierele VTS_03_1.VOB, VTS_03_2.VOB, VTS_03_3.VOB etc?va trebui sa redenumesti fisierele VOB din folderul ?Final DVD? la denumirea lor originala). ??????????????? . Din folderul ?Final DVD? selecteaza fisierele *.VOB ce contin filmul (ex.: VTS_01_1.VOB, VTS_01_2.VOB, VTS_01_3.VOB, VTS_01_4.VOB etc), !NUMAI DUPA CE LE-AI REDENUMIT CORECT!, si muta-le (Cut and Paste) in folderul ?Original DVD?, peste cele originale (overwrite). c). Deschide programul IfoUpdate si mergi la meniul ?Options? si selecteaza optiunile exact ca in imaginea de mai jos. d). Acum va trebui sa introduci fisierele IFO. - La ?Original IFO Path? alege din folderul ?Original DVD? fisierul IFO corespunzator filmului. (ex.: daca filmul este situat in fisierele VTS_03_1.VOB, VTS_03_2.VOB, VTS_03_3.VOB etc, va trebui sa deschizi in IfoUpdate fisierul VTS_03_0.IFO). - La ?Authored IFO Path? alege din folderul ?Final DVD? fisierul VTS_01_0.IFO. - La ?Backup IFO Path? alege unde vrei sa iti salveze un backup al fisierului IFO original in caz ca gresesti ceva. Acum apasa butonul ?Update IFO? si iti vor aparea 2 ferestre la care le dai OK. Acum noul DVD cu subtitrarea in limba preferata este gata de pus pe un DVD
  23. Salutari lume, de cateva saptamani tot citesc articole si experimentez cu diferite unelte pe tema SEO, am zis sa fac un tutorial, si asa nu am mai postat de mult. Scriu tutorialul asta in ideea in care sa veniti cu feedback, sa comparam metode, sa vedem ce e mai ok. Aici ma refer direct la voi astia grei, Neme si company, iar cu intrebari ceilalti. So, let's begin: SCOP Aducerea unui domeniu in prima pagina pe Google, daca nu chiar in primele 3 rezultate si/sau vanzarea unui produs sau a mai multe, gen CPA, clickbank si pana mea. METODE Dupa cat am citit, muult, enorm de muuuult, am facut un feng shuei cu mai multe metode care zic eu ca ar trebui facute de la bun inceput impreuna pentru o rata de succes mai mare, acum ma refer la tone de articole de pe BlackHat forum, si scriu aici sa aud niste pareri concrete de la altfel de oameni ... adica si cei de pe BlackHat sunt foarte tari, dar scopurile pentru care scriu ei articolele respective, de cele mai multe ori, nu sunt din dragul de a imparti informatie, ci pentru un venit, nu zic ca nu e OK, dar ma astept la alta atmosfera aici. SOFTURI, PLATFORME si MODULE folosite Platforma - una bucata Creier(nefumat, cat mai sanatos, creativ), poate doua daca ai preteni buni si destepti, cum se gaseste, sau poate constiinta colectiva. - Wordpress - best choice. Module - Autoblogged pt Wordpress, e ca si un cur ... gras, varianta moca[a se citi pe naspa] e de rahat, nu face tot ce trebuie sa faca si isi arunca odata la 3 refreshuri jos in footer link spre ei sa vada tot prostul ... - WPRobot pentru Wordpress - WebTraffic Genius Pro (RSS magic) tot pentru Wordpress - Wordpress SEO by Yoast - GDStar Rating (in cazul meu ) pt Wordpress Soft - ScrapeBox - Article Marketing Robot - SENuke - Xgen (nu am reusit sa il fac sa mearga inca) - XRUMER (nu am pus mana pe el inca) PLAN DE BATAIE 1. studiu de caz cuvinte cheie dorite 2. cumparare domeniu dupa cuvintele cheie gasite/dorite 3. instalare configurare wordpress 4. furat/cumparat si instalat modulele pt Wordpress 5. configurarea clara a modulelor si a site-ului pe cuvintele cheie de pe nisa/micronisa aleasa 6. partea de chinez batran, content pentru inceput, sa aiba ce vedea robotii din prima 7. mentenanta 8. conturi sociale 9. conturi adsense CPA, clickbank etc etc pt monetizare 10. UZABILITATE 11. Scrapebox 12. Article Marketing Robot 13. SENuke 14. XGEN 15. XRUMER 16. Chef/betie/scandal cand vin primii bani. O sa acopar extensiv fiecare parte, precis nu o sa termin eu astazi postul, dar o sa fie mai mult un ..... work in progress, revin putin mai tarziu cu primele capitole. ... Stay tuned.
  24. The last article on this blog described our planned MySQL to MongoDB replication hackathon at the recent Open DB Camp in Sardinia. Well, it worked, and the code is now checked into the Tungsten Replicator project. This article describes exactly what we did to write the code and set up replication. You can view it as a kind of cookbook both for implementing new database types in Tungsten as well as setting up replication to MongoDB. The Team MySQL to MongoDB replication was a group effort with three people: Flavio Percoco, Stephane Giron, and me. Flavio has worked on MongoDB for a couple of years and is extremely well-informed both on database setup as well as application design. Stephane Giron is a replication engineer at Continuent and has done a substantial amount of the work on data extraction from MySQL, especially row replication. I work on the core execution framework as well as performance. Getting Started with MongoDB There were a couple of talks on MongoDB during the first morning of Open DB camp (Saturday May 7th), which Stephane and I dutifully attended to raise our consciousness. We got cracking on implementation around 2pm that afternoon. The first step was to bring up MongoDB 1.8.1 and study its habits with help from Flavio. MongoDB is definitely easy to set up. You get binary builds from the MongoDB download page. Here is a minimal set of commands to unpack MongoDB 1.8.1 and start the mongod using directory data to hold tables. $ tar -xvzf mongodb-osx-x86_64-1.8.1.tgz $ cd mongodb-osx-x86_64-1.8.1 $ mkdir data $ bin/mongo --dbpath data (... messages ...) You connect to mongod using the mongo client. Here's an example of connecting and creating a table with a single row. This is schema-less programming in action. You just insert BSON documents (BSON = Binary JSON) into collections, which is Mongolese for tables. MongoDB creates the collection for you as soon as you put something in it. The automatic materialization is quite addictive once you get used to it, which takes about 5 minutes. The MongoDB client language is really handy. It is based on JavaScript. There are what seem to be some non-Javascript commands like "show dbs" to show databases or "show collections" to list the tables. Everything else is object-oriented and easy to understand. For example, to find all the records in collection test, as we saw above, you just connect to the database and issue a command on the local db object. Collections appear as properties of db, and operations on the collection are methods. It helps that the MongoDB folks provide very accessible documentation, for example a SQL to MongoDB translation chart. I put together a little practice program using the MongoDB Java driver to insert, referring to the Javadoc for the class library when in doubt about API calls. There are also a couple of very helpful examples, like this one, included with the driver. All told, setup and orientation took us about 45 minutes. It helped enormously that Flavio is a MongoDB expert, which minimized flail considerably. Implementing Basic Replication from MySQL to MongoDB After setup we proceeded to implement replication. Here is an overview of the replicator pipeline to move data from MySQL to MongoDB. Pipelines are message processing flows within the replicator. Direct pipelines move data from DBMS to another within a single replicator. They are already a standard part of Tungsten Replicator and most of the code shown above already exists, except for the parts shown in red. Before we started, we therefore needed to set up a replicator with a direct pipeline. We first built the code according to the instructions on the Tungsten project wiki, uploaded the binary to our test host, and configured the replicator. First, we ran the Tungsten configure script to set defaults for the MySQL server (user name, extract method, etc.). Next we ran the configure-service command to set up the direct pipeline configuration file. Both commands together look like the following: ./configure ./configure-service -C --role=direct mongodb The second command created a file called tungsten-replicator/conf/static-mongodb.properties with all the information about the direct pipeline implementation but of course nothing yet about MongoDB. Now we could start the implementation. To move data to MongoDB, we needed two new components: A Tungsten RawApplier to apply row updates to MongoDB. RawApplier is the basic interface you implement to create an applier to a database. A Tungsten Filter to stick column names on row updates after extracting from MySQL. MySQL row replication does not do this automatically, which makes it difficult to construct JSON at the other end because you do not have the right property names. To get started on the applier I implemented a very simple class named MongoApplier that could take an insert from MySQL, turn it into a BSON document, and add it to an equivalently named database and collection in MongoDB. I added this to the replicator code tree, then built and uploaded tungsten-replicator.jar. (Use 'ant dist' in the replicator directory to build the JAR.) To start using the new MongoDB applier, we needed to edit the service properties file to use this component instead of the standard MySQL applier that configuration adds by default. To do this, you can open up static-mongodb.properties with your favorite editor. Add the following properties at the bottom of the APPLIERS section. Next, you need to fix up the direct pipeline so that the last stage uses the new applier. We located the direct pipeline definition (around line 208 in the properties file) and set the applier to mongodb as shown in the following example. We then started the replicator using 'replicator start.' At that point we could do the following on MySQL: mysql> create table foo(id int primary key, msg varchar(35)); Query OK, 0 rows affected (0.05 sec) mysql> insert into foo values(1, 'hello from MySQL!'); Query OK, 1 row affected (0.00 sec) ...And within a second we could see the following over in MongoDB: This kind of progress was very encouraging. It took roughly 2 hours to get to move the first inserts across. Compared to replicating to a new SQL database like Oracle that's lightning fast. However, there were still no property names because we were not adding column names to row updates. Meanwhile, Stephane had finished the column name filter (ColumnNameFilter) and checked it in. I rebuilt and refreshed the replicator code, then edited static-mongodb.properties as follows to add the filter. First put in the filter definition in the FILTERS section: Next, make the first stage of the direct pipeline use the filter: We then restarted the replicator. Thereupon, we started to see inserts like the following, complete with property names: That was better, much better! To this point we had put in exactly 2 hours and 45 minutes wall clock time. It was enough to prove the point and more than enough for a demo the next day. The hackathon was a rousing success. Further Development Over the next couple of days I rounded out the MongoApplier to add support for UPDATE and DELETE operations, as well as to implement restart. The full implementation is now checked in on code.google.com, so you can repeat our experiences by downloading code and building yourself or by grabbing one of the Tungsten nightly builds. Restart is an interesting topic. Tungsten uses a table to store the sequence number of the last transaction it applied. We do this by creating an equivalent collection in MongoDB, which is updated after each commit. There is a problem in that MongoDB does not have transactions. Each update is effectively auto-commit, much like MyISAM table type on MySQL. This means that while Tungsten can restart properly after a clean shutdown, slave replication is not crash safe. Lack of atomic transactions is a bigger issue with MongoDB and other NoSQL databases that goes far beyond replication. For now, this is just how Tungsten's MongoDB support works. Speaking of things that don't work, the current implementation is a prototype only. We have not tested it with more than a few data types. It only works with a single MongoDB daemon. It does not set keys properly or specify indexes on tables. There are no guarantees about performance, except to say that if you had more than a small amount of data it would be quite slow. (OK, that's a guarantee after all.) Epilog Overall all the hackathon was a great success, not to mention lots of fun. It went especially well because we had a relatively small problem and three people (Stephane, Flavio, and Robert) with complementary skills that we could combine easily for a quick solution. That seems to be a recipe for succeeding on future hackathons. From a technical point of view, it helped that MongoDB is schema-less. Unlike SQL databases, just adding a document materializes the table in MongoDB. This made our applier implementation almost trivially easy, because processing row updates takes only a few dozen lines of Java code in total. It also explains why a lot of people are quite attached to the NoSQL programming model. I am looking forward to learning a lot more about MongoDB and other NoSQL databases. It would take two or three weeks of work to get our prototype to work with real applications. Also, it looks as if we can implement replication going from MongoDB to MySQL. According to Flavio there is a way to search the transaction log of MongoDB as a regular collection. By appropriately transforming BSON objects back to SQL tuples, we can offer replication back to MySQL. There are many other lessons about MongoDB and NoSQL in general but it seems best to leave them for a future article when I have more experience and actually know what I'm talking about. Meanwhile, you are welcome to try out our newest Tungsten replication feature. Source: scale-out-blog.blogspot.com
×
×
  • Create New...