A Virus Program to Disable USB Ports

In this post I will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). As usual I use my favorite C programming language to create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.

Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.

1. Download the USB_Block.rar file on to your computer.

2. It contains the following 2 files.

  • block_usb.c (source code)
  • unblock_usb.c (source code)

3. You need to compile them before you can run it.

3. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).

4. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe  (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected.

5. You can also change the icon of this file to make it look like a legitimate program.

What is CAPTCHA and How it Works?

CAPTCHA or Captcha (pronounced as cap-ch-uh) which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” is a type of challenge-response test to ensure that the response is only generated by humans and not by a computer. In simple words, CAPTCHA is the word verification test that you will come across the end of a sign-up form while signing up for Gmail or Yahoo account. The following image shows the typical samples of CAPTCHA.Almost every Internet user will have an experience of CAPTCHA in their daily Internet usage, but only a few are aware of what it is and why they are used. So in this post you will find a detailed information on how CAPTCHA works and why they are used.

What Purpose does CAPTCHA Exactly Serve?

CAPTCPA is mainly used to prevent automated software (bots) from performing actions on behalf of actual humans. For example while signing up for a new email account, you will come across a CAPTCHA at the end of the sign-up form so as to ensure that the form is filled out only by a legitimate human and not by any of the automated software or a computer bot. The main goal of CAPTCHA is to put forth a test which is simple and straight forward for any human to answer but for a computer, it is almost impossible to solve.

What is the Need to Create a Test that Can Tell Computers and Humans Apart?

For many the CAPTCHA may seem to be silly and annoying, but in fact it has the ability to protect systems from malicious attacks where people try to game the system. Attackers can make use of automated softwares to generate a huge quantity of requests thereby causing a high load on the target server which would degrade the quality of service of a given system, whether due to abuse or resource expenditure. This can affect millions of legitimate users and their requests. CAPTCHAs can be deployed to protect systems that are vulnerable to email spam, such as the services from Gmail, Yahoo and Hotmail.

Who Uses CAPTCHA?

CAPTCHAs are mainly used by websites that offer services like online polls and registration forms. For example, Web-based email services like Gmail, Yahoo and Hotmail offer free email accounts for their users. However upon each sign-up process, CAPTCHAs are used to prevent spammers from using a bot to generate hundreds of spam mail accounts.

Designing a CAPTCHA System

CAPTCHAs are designed on the fact that computers lack the ability that human beings have when it comes to processing visual data. It is more easily possible for humans to look at an image and pick out the patterns than a computer. This is because computers lack the real intelligence that humans have by default. CAPTCHAs are implemented by presenting users with an image which contains distorted or randomly stretched characters which only humans should be able to identify. Sometimes characters are striked out or presented with a noisy background to make it even more harder for computers to figure out the patterns.

Most, but not all, CAPTCHAs rely on a visual test. Some Websites implement a totally different CAPTCHA system to tell humans and computers apart. For example, a user is presented with 4 images in which 3 contains picture of animals and one contain a flower. The user is asked to select only those images which contain animals in them. This Turing test can easily be solved by any human, but almost impossible for a computer.

Breaking the CAPTCHA

The challenge in breaking the CAPTCHA lies in real hard task of teaching a computer how to process information in a way similar to how humans think. Algorithms with artificial intelligence (AI) will have to be designed in order to make the computer think like humans when it comes to recognizing the patterns in images. However there is no universal algorithm that could pass through and break any CAPTCHA system and hence each CAPTCHA algorithm must have to be tackled individually. It might not work 100 percent of the time, but it can work often enough to be worthwhile to spammers.

Hack Web Applications by Intercepting HTTP request/response using WebScarab

Hello Friends,

Today we will understand how we can intercept the HTTP request we send to a website and how we can analyse the response header.For this purpose we will use WebScarab which you can download by searching it on google.

After you have installed the setup you will first have to set your browser so that WebScarab can intercept the request and response.
I am taking the example of Firefox here. Go to options > Advanced > Network > Settings > Then select the Manual Proxy configuration and enter the following values.
HTTP proxy – 127.0.0.1 and port – 8008
This sets the webscarab to intercept the request by acting as a localhost proxy .

Now you start your webScarab by clicking on the icon.
The screen will appear wired and somthing like as shown in the figure. Click on the figure to enlarge it .
In the intercept tab , select “Intercept request” and in the left hand side menu select “Get” and “Post” options .
This makes your webScarab completely ready to intercept the HTTP Get and post requests .Now in your browser type any url , for e.g , google.com and you will get a window that will show the intercepted HTTP Get request. Now if you click on the “Intercept Response” button then it will also intercept the response that is coming back to the browser from the google server.

You can use this technique to analyse the the various request and response headers and let me tell you this can be very very deadly . If you are able to make the right moves and changes in the Headers then you can easily modify the headers to send invalid valuse to the servers .
In the main window of the webScarab , the “Summary” tab shows you the details of all the intercepted requests and response.This is a short tutorial on webScarab that will give you a basic understanding of how to use webscarab to intercept the HTTP values and analyse them > Rest is upto you how far you can take it .

Some Linux Commands

Date and time

  • date (show system date)
  • cal 9 1751( show calendar)
  • date mmddhhmmssyy ( set date & time)
  • date 12051145302008

Find

  • find / -name sam.txt (find a file)
  • find / -iname sam.txt (search with capital & small)
  • find / -size 1 mb (find files with 1 mb size)
  • find / -size +1mb (find files > then 1 mb)
  • find / -size -1 mb (find files <then 1 mb)
  • find / -usr marc (find  user marc,s files )
  • find / home –user marc (find user march in home )
  • stat /data/sam.txt (displays file properties)
  • touch /data/sam.txt (update the time)
  • touch logitech
  • find / -atime +10
  • find / – atime -10
  • find / -mtime +10
  • find / -mtime -10
  • find / -name india.txt –not –user mann
  • find / -name kashmir.txt –not user root
  • find / -name india.txt –not –size -10mb
  • find / -name india.txt –and –user mann –not –size +10mb

The Biggest problem with Google+

Its about Google+.

Its been around 2 weeks since google+ has been launched and the battle between who is better,who is secure blah blah has started. Well its a never ending debate on weather google is better of Facebook or Microsoft or any other company. Recently my friend Harneet singh posted a status on his facebook wall that google+ better and now time to shifting . I jumped into commenting against him and favouring facebook. I was quickly analysing his comments and building up mine. During this discussion I found an intresting thing that can b a negative point about the google+ Circles which lies at the core of this new social app.
Lets start with wat google defines its Circles with- “You share different things with different people. But sharing the right things with the right people shouldn’t be a hassle. Circles makes it easy to put your friends from Saturday night in one circle, your parents in another and your boss in a circle all on his own – just like in real life.”Impressive and cool defination . In simple words they are trying to build up the concept of groups through circles. Just like there are groups in Facebook similarly G+ has circles. But the issue is that the circles are “one way” . You dont know in which circle I have added you and I dont know in which circle you have added me. But the actual meaning of group is that every person of the group is aware of every other person within it . They can see what other members have shared . So i feel here lies a drawback . Though this issue can be resolved easily if you have played well with G+ .
I dont know weather google has any plans to launch any other group feature in the coming time or not but I feel they are failing in the task of presenting a symmetric grouping through circles.

How to Find the IP Address of a Remote Computer

Many of us may be curious to know how to find the IP address of your friend’s computer or to find the IP address of the person with whom you are chatting in Yahoo messenger or Gtalk. In this post I’ll show you how to find the IP address of a remote computer in simple steps.

I have created a PHP script to make it easier for you to find the IP address of the remote computer of your choice. Here is a step-by-step process to find out the IP address.

1. Download the IP Finder script (IP_Finder.ZIP) that I have created.

2. Open a new account in X10Hosting (or any free host that supports PHP).

3. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.

4. You can rename the ip.php to any name of your choice.

5. Set the permission to 777 on ip_log.txt.

Now you are all set to find the IP address of your friend or any remote computer of your choice. All you have to do is send the link of ip.php to your friend or the person with whom you’re chatting. Once the person click’s on the link, his/her IP address is recorded in the file ip_log.txt.

For your better understanding let’s take up the following example.

Suppose you open a new account in X10hosting.com with the subdomain as abc, then your IP Finder link would be

You have to send the above link to you friend via email or while chatting and ask him to visit that link. Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

To find the recorded IP address check the logs using the following link.

The sample log will be in the following format

79.92.144.237 Thursday 07th of May 2009 05:31:27 PM
59.45.144.237 Thursday 07th of May 2009 05:31:28 PM
123.92.144.237 Thursday 07th of May 2009 05:31:31 PM

NOTE: You have to replace abc with your subdomain name.

Linux – File And directories

  • rm abc  (can remove a file)
  • mkdir abc (create a directory)
  • rmdir abc (remove an empty directory)
  • rm –r abc (delete directory recursively)
  • mkdir /data (create a directory)
  • mkdir /data/abc (create sub directory)
  • pwd (print working directory)
  • cd /data ( change the directory)
  • cd (change to home directory)
  • cd / (change to / directory)
  • cd .. (come back one directory)
  • cd – ( back to previous directory)
  • tree /root ( to display directory structure)
  • rm –rf  abc ( to delete a directory forcefully & recursively)
  • ls (list of files and folders in current directory)
  • ls –l (long listing of files & folders)
  • ls –a (list all with hidden files & folders)
  • ls /  (list files & folders )
  • ls /abc/xyz (will list subdirectories)
  • cp –rvf /abc/xyz  (copy recursively)
  • ls *.txt (list .txt files)
  • history (displays last inserted commands)
  • !10 (run number 10th command)
  • !cal (run last command started with cal)
  • history –c (Clear all history)
  • man/info date (manual files)
  • makewhatis (creates what is database)
  • whatis cal (displays use of cal command)
  • cal > abc ( send output of cal  to file abc)
  • date >> abc (append to abc file)
  • more sales.txt (displays page contents page wise)
  • history | more (displays history page wise)
  • history | less (———— can up and down)
  • history | tail -20 ( displays last 20 inserted lines)
  • History > history.txt (send history to a file)
  • tr ‘a-d ‘ ‘A-D’ < sam.txt ( display small to capital)
  • tr ‘A-D ‘a-d’ < sam.txt (displays capital to small)