Make the Shortest Redirection URLs on Earth!

Recently I posted on how to Make Valid Huge URLs, now this post is exactly the opposite of it!

I had came across a URL-Shortening site which lets you to make the shortest redirection URLs, when compared to any other URL-Shortening service. Tinyarro.ws is what I’m talking about!

TinyArrows
TinyArrows

URLs shortened by Tinyarro.ws are the shortest of all other similar services as it also allows special characters in the URL, which gives more number of combination than that of just the numbers and letters of other services!

And it also gives a special URL for use on Twitter!

Try it yourselves…

Make Your Own Social Networking Site for Free!

Yes! You’ve heard it right! Your OWN Social Networking Site! It is made possible with Ning!

Ning Logo
Ning Logo

I had came across this site some days ago and found that this site allows you to create your own Social Networking Site!

Ning lets you to create your own Social Networking Site for Free or you can also join sites created by others using the same…

Getting started with Ning is really simple, just go to the site and enter your Social Networking Site’s name and you’ll get it as a subdomain of Ning (i.e, yoursite.ning.com). Then you can edit your site according to your needs and then invite your friends and relatives to join it.

The Social Networking Sites made with Ning have the following functionalities:

  • Blogs
  • Images
  • Videos
  • Groups
  • Forums
  • Chat
  • etc.

So what are you waiting for? Go forward & make your own Social Networking Site with Ning !

Make valid HUGE URLs!

URL shortening services are getting popular nowadays, especially because of the mini-blogging craze introduced by Twitter. But after all these URL shortening sites, there’s a site which does exactly the opposite of it!

HugeURL.com is a URL lengthening service which expands any URL upto 3500+ characters! Amazing isn’t? And to your surprise, it would be a valid URL!

Give this site a try and send the huge URLs to your friends, they will be surprised. After all, Bigger is always Better, right? :P

Tip: Use this site to win the bet of the longest URL in the world :D

Recovering from BlueScreen (BSoD) Without Re-installing Windows

The stuff given below won’t work for all (there’s no gurantee :D)!!!

It most have happened atleast once to all of you, that your Windows got corrupted and a BlueScreen appeared whenever you tried to boot Windows.
If you have got a Windows Installation CD but you don’t want to re-install it again, then you can give a try to repairing it using the “Windows Recovery Console” present in the Windows Installation CD…
Boot your Windows Installation CD (check the BIOS settings if the CD dosen’t boots). Then:

  1. At the first installation prompt, press “R”, this should load the recovery console.
  2. Then type “chkdsk“(or “chkdsk C:“) in the recovery console…this would check your harddisk for errors and automatically fix it if any.
  3. Then type “fixboot“, this command will try to repair any boot damages done by viruses.
  4. Re-boot your PC and let the Windows load. If you’re lucky, Windows would load up or else you’ll again get a BSoD!!!
  5. Then there is still a way to recover your documents from the Windows Directory…Use a Linux LiveCD or something like that to backup your data that was present in the Windows Installation Directory (C:) & then re-install Windows :P
  6. If that fails too, or if you don’t know how to work on linux, then you can try the “Windows Automated System Recovery Console“.
  7. While at the first installation prompt, press enter and follow the processes till you reach the screen that shows you the installed Windows, then press R to try to repair it…things will go on automatic…

Note: Please report if any of the above steps are wrong ‘coz I had forgetten the procedures while writing this post :|

XSS (cross site scripting)

XSS is an abbreviation of cross-site scripting.

About

XSS is a security breach that takes advantage of dynamically generated Web pages.
In an XSS attack, a Web application is sent with a script that activates when it is read by an unsuspecting user?s browser or by an application that has not protected itself against cross-site scripting. Because dynamic Web sites rely on user input, a malicious user can input malicious script into the page by hiding it within legitimate requests.
It won’t give u a ‘root‘ or SYSTEM access on a web server.As it lives purely on application level,so it will get u some information about the web application.Its mere an ability of injecting HTML tags in the input of a web application.It is generally believed to be one of the most common application layer hacking techniques.It refers to that hacking technique that leverages vulnerabilities in the code of a web application which allow an attacker to send malicious content from an end-user .Its attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.Flaws that allow these attacks to succeed are wide spreaded and occur anywhere were a web application uses input from a user in the output it generates without validating or encoding it.
It is also referred to as malicious tagging because its a type of computer security vulnerability typically found in web applications which allow code injection by malicious
web users into the web pages viewed by other users.
Examples of such code include HTML code and client-side scripts.
Common exploitations include search engine boxes, online forums and public-accessed blogs,etc.
Once XSS has been launched, the attacker can change user settings, hijack accounts, poison cookies with malicious code, expose SSL connections, access restricted sites and even launch false advertisements.
The simplest way to avoid XSS is to add code to a Web application that causes the dynamic input to ignore certain command tags.
Scripting tags that take advantage of XSS include <SCRIPT>, <OBJECT>, <APPLET>,
<EMBED> ,<FORM> & many more.
Common languages used for XSS include JavaScript, VBScript, HTML, Perl, C++, ActiveX
and Flash.
In short, its a common flaw found in today’s web applications & can cause serious
damage to a web application. Detecting these vulnerabilities early in the development process will help protect a web application from unnecessary flaws.
These are executed on the client-side (ie in the user?s web browser) rather than on the server-side. In itself its a threat which is brought about by the internet security weaknesses of client-side scripting languages. Its concept is to manipulate client-side scripts of a web application to execute in the manner desired by the malicious user.
Such a manipulation can embed a script in a page which can be executed every time the page is loaded, or whenever an associated event is performed. Its a trick which often is used to make malicious URLs less obvious is to have the XSS part of the URL encoded in HEX (or other encoding methods). This will look harmless to the user who recognizes the URL he is familiar with, and simply disregards and following tricked? code which would be encoded and therefore inconspicuous.It can be used to steal sensitive data from a back-end database Exploited XSS is commonly used to achieve the malicious results such as Identity theft , Accessing sensitive or restricted information,Gaining free access to otherwise paid for content, Spying on user?s web browsing habits , Altering browser functionality, Public defamation of an individual or corporation, Web application defacement, Denial of Service attacks & many more !

Types

Three distinct types of XSS vulnerabilities exist: non-persistent, persistent and DOM-based (which can be either persistent or non-persistent).

Remedy (in short)

To check for Cross site scripting vulnerabilities, use a Web Vulnerability Scanner.A Web Vulnerability Scanner crawls your entire website and automatically checks for Cross Site Scripting vulnerabilities. It will indicate which URLs/scripts are vulnerable to these attacks so that you can fix the vulnerability easily. Besides Cross site scripting vulnerabilities a web application scanner will also check for SQL injection & other web vulnerabilities.To prevent these attacks, dangerous characters must be filtered out from the web application inputs. These should be filtered out both in their
ASCII and HEX values.A quick fix we can do being an end user is turning off javascript,
but having an Internet so polluted by active menu’s & javascript enabled forms,
a part of the internet might not function properly.The real fixing should be done on the application developer side. Filter & check all user input.SQL injection would be a problem that should be dealt with,but XSS isn’t always !
Many web application security do filter on certain characters such as single quote but many don’t filter on HTML code.Many automated security scanners give false positives while acessing a web server’s security.Some input fields might not be filterd but other
users can’t edit them.The danger of XSS lies in passing the data on to other ,
malicious , parties.

XAMPP: The Ultimate Web Development Tool

XAMPPSetting up a Apache Server is not an easy job…and it can take up a lot of brain if you have to use languages such as PHP or Perl on your Apache Server. XAMPP is the solution for Web Developers who want a Local Web Server, which they can use even without access to Internet…

My Story

I came to know about XAMPP through a friend of mine, who is a Web Developer. He insisted me to use XAMPP for testing PHP scripts and trying out new things on Hacker’s Lane, on the Local Web Server. At first I thought it would be a mess and I won’t be able to install a Local Web Server for developing things. Later I realized that it was a very easy job to install a Web Server using XAMPP & now, I am using XAMPP and I’ve to say, its Awesome!

What is XAMPP?

XAMPP is a free, open source , cross-platform web server package develped by Apache Friends. It mainly consists of Apache Web (HTTP) Server & MySQL Database. XAMPP also supports PHP and Perl, it has interpreters for scripts written in those languages.

What does XAMPP mean?

XAMPP is an acronym for: X=cross-platform, A=Apache HTTP server, M=MySQL, P=PHP, P=Perl.

What are its uses?

It’s used to serve Dynamic Pages. XAMPP is mainly used for Web Development Projects. Amazingly, XAMPP is sometimes also used to serve Dynamic Pages on the WWW.

XAMPP can also be used for creating and manipulating MySQL Databases.

Thats it for now, in my further posts, I would be posting on how to install, configure and use XAMPP as a Local Web Server on your PC. (Subscribe to RSS to be informed about the upcoming posts…)