Remember the post about Wii Remote hacks?
Given the lack of a bluetooth adapter in my laptop (and my sis's old Mac which had Java 1.5,and couldn't be updated to 1.6 - which meant WiiRemoteJ wouldn't work) - I had the brain blast of writing a WiiRemote app in my handphone using WiiRemoteJ.
Unfortunately it appears that the PSM value (the tcp/ip equivalent would be ports,from what I've read) was limited in JSR-82(java implementation of bluetooth), which meant that the wiimote can't connect to J2ME apps.
And, while trying to compile the WiiRemoteJ jar in the project, it turns out that J2ME only implements a small subset of java.util - without iterators and a few other stuff I forgot, which meant that I couldn't compile.
So there goes wiimote for handphone ):
Monday, December 8, 2008
Monday, November 17, 2008
Sunday, November 16, 2008
Friday, November 7, 2008
FlightGear is a open-source flightsimulator. Free as in speech.
Awesome thing is, it utilizes a property tree,which allows you to access/edit ANYTHING(well almost. I think) within the simulator (MSFS however, afaik, needs to go through simconnect/fsuipc).
Best part about FlightGear? Not only does it have a totally awesome property tree, it exposes that property tree through a HTTP interface and a Telnet interface. Which means that you can edit almost anything within the server through the internet/LAN. And it being telnet and all, all you gotta do is write a wrapper class for your development language and you're all set to do magic.
Grabbed the connection class off the CVS website (yeah yeah, get a CVS client I know), started messing bout with it. Awesome stuff.
Given enough time, I'm pretty sure that one can fly from point A to point B on a totally different computer using a client connected through the telnet interface. I've already written code to remotely control the throttle (which was as easy as fsgs.set("controls/engine/engine/throttle",input);)
I'm pretty sure that one can send joystick/keyboard commands. Either that or map a aileron/elevator position to given joystick input (ailerons are "/controls/aileron/aileron-position" I think). Or have an instructors panel to remotely set failures, control the plane etc. Possibilities are endless!
In other words - FlightGear : Awesomely fun toy for the computer geek flightsimmer.
Hell,it's plenty good for flightsimmers who cant afford MSFS.
EDIT : Messing about with this painfully reminds me of how horrible I am at Java GUI programming. ):
Awesome thing is, it utilizes a property tree,which allows you to access/edit ANYTHING(well almost. I think) within the simulator (MSFS however, afaik, needs to go through simconnect/fsuipc).
Best part about FlightGear? Not only does it have a totally awesome property tree, it exposes that property tree through a HTTP interface and a Telnet interface. Which means that you can edit almost anything within the server through the internet/LAN. And it being telnet and all, all you gotta do is write a wrapper class for your development language and you're all set to do magic.
Grabbed the connection class off the CVS website (yeah yeah, get a CVS client I know), started messing bout with it. Awesome stuff.
Given enough time, I'm pretty sure that one can fly from point A to point B on a totally different computer using a client connected through the telnet interface. I've already written code to remotely control the throttle (which was as easy as fsgs.set("controls/engine/engine/throttle",input);)
I'm pretty sure that one can send joystick/keyboard commands. Either that or map a aileron/elevator position to given joystick input (ailerons are "/controls/aileron/aileron-position" I think). Or have an instructors panel to remotely set failures, control the plane etc. Possibilities are endless!
In other words - FlightGear : Awesomely fun toy for the computer geek flightsimmer.
Hell,it's plenty good for flightsimmers who cant afford MSFS.
EDIT : Messing about with this painfully reminds me of how horrible I am at Java GUI programming. ):
Sunday, November 2, 2008
Saturday, October 25, 2008
Been toying with ubuntu the last few days (wubi is teh secks).
Second or third time I've tried it already.
Unfortunately, I have horrible apt usage habits, and I simply ctrl-z halfway through downloads. Naturally, apt/dpkg doesn't release the lock (/var/lib/dpkg/lock). So, I usually delete the lock (rm /var/lib/dpkg/lock), and aptitude works again.
Unfortunately, me being the linux newbie cum careless one, I type sudo rm /var/lib/dpkg. Try installing, gives me shit load of errors. Scroll up, see the last comment, and I go "oh shit."
So, I'm locked out of aptitude right now,with no idea how to fix it. I'm considering simply deleting ubuntu or reinstalling again. Damn.
Second or third time I've tried it already.
Unfortunately, I have horrible apt usage habits, and I simply ctrl-z halfway through downloads. Naturally, apt/dpkg doesn't release the lock (/var/lib/dpkg/lock). So, I usually delete the lock (rm /var/lib/dpkg/lock), and aptitude works again.
Unfortunately, me being the linux newbie cum careless one, I type sudo rm /var/lib/dpkg. Try installing, gives me shit load of errors. Scroll up, see the last comment, and I go "oh shit."
So, I'm locked out of aptitude right now,with no idea how to fix it. I'm considering simply deleting ubuntu or reinstalling again. Damn.
Tuesday, October 14, 2008
Developing Web Applications today - learnt about ASP.NET - code-behind of VB.NET. Was really interesting.
Classmate asked a question about how ASP.NET stores session state. Piqued my interest as I've successfully performed session hijacking proof-of-concept on a ASP classic page. ASP classic simply stores a session cookie, and simple javascript will be able to access it. (type javascript:alert(document.cookie) as a url)
Didn't work for a asp.net app I knocked up,however (*insert sad face here*). A bit of searching revealed that asp.net uses HttpOnly cookies, which means that the cookie cannot be read clientside (ie. via javascript - no wonder javascript:alert(document.cookie) turned out blank).
Apparently, HttpOnly cookies are sent with the headers with a XMLHttpRequest request though. Interesting vector :D
And cookieless sessions via url is one of the stupidest idea I've heard in a long time. For chrissakes just use a hidden form?
Classmate asked a question about how ASP.NET stores session state. Piqued my interest as I've successfully performed session hijacking proof-of-concept on a ASP classic page. ASP classic simply stores a session cookie, and simple javascript will be able to access it. (type javascript:alert(document.cookie) as a url)
Didn't work for a asp.net app I knocked up,however (*insert sad face here*). A bit of searching revealed that asp.net uses HttpOnly cookies, which means that the cookie cannot be read clientside (ie. via javascript - no wonder javascript:alert(document.cookie) turned out blank).
Apparently, HttpOnly cookies are sent with the headers with a XMLHttpRequest request though. Interesting vector :D
And cookieless sessions via url is one of the stupidest idea I've heard in a long time. For chrissakes just use a hidden form?
Sunday, October 12, 2008
Blogspot's gadget-based layout is really useful and cool at the same time.
And dammit.
I gotta improve on a blackjack program I wrote for Windows Application Design. And I practically did everything in one day. Without any comments/documentation of any sort. And the whole protocol is. Urgh. Trust me you have no idea how bad it is.
*headdesk*
And dammit.
I gotta improve on a blackjack program I wrote for Windows Application Design. And I practically did everything in one day. Without any comments/documentation of any sort. And the whole protocol is. Urgh. Trust me you have no idea how bad it is.
*headdesk*
Sunday, September 21, 2008
Monday, September 15, 2008
MSN Bot -> Twitter -> Facebook status integration is kinda cool.
But wiimote hacks kicks ass.
Lightsabre, drums, mouse - some of the many things you can do when you hook up your wiimote to your computer :D
Although, my laptop is one of the rarities which does not have bluetooth,so I'm stuck with my sis's old Mac for now. *Shudders*
Java library for wiimotes is out though, makes life much easier ;D
But wiimote hacks kicks ass.
Lightsabre, drums, mouse - some of the many things you can do when you hook up your wiimote to your computer :D
Although, my laptop is one of the rarities which does not have bluetooth,so I'm stuck with my sis's old Mac for now. *Shudders*
Java library for wiimotes is out though, makes life much easier ;D
Saturday, September 6, 2008
Woah. Appearently unknown people are accessing my personal laptop :O (Something tells me I shouldn't be surprised, but still - first time seeing something like this.)
So, I was messing about one day and decided to install IIS on my laptop. Installed it, played a lil about with it, and thought of hosting something somewhat useful. First thing that came to mind was BlackNova Traders (google it).
BNT ran on PHP, which naturally, didn't come with the IIS prepackged with Vista, so installed the fastCGI PHP on IIS.
BNT didn't run too well on windows/IIS (only supported on *nix/apache. go figure) so deleted it, and started playing about with php.
Wrote a script that displayed my external ip address (sounds stupid, but if external clients even access that page, they already know my external ip address, so the point's moot. And, it makes it easier for me to find my external ip address. Localhost is much faster to type than whatismyip.com. So there.) and the client's ip address that IIS is seeing. And, log the IP too.
Checked the log after a couple days, saw a few IPs that definitely weren't mine. And, I hadn't told anyone about the site. Hell,even if I had, I have a dynamic IP address, (which was the whole point of the script). Had a dyndns domain pointing here for a grand total of 5 minutes (+dns entry timeout).
Cleared the log for now, see what happens then.
So, I was messing about one day and decided to install IIS on my laptop. Installed it, played a lil about with it, and thought of hosting something somewhat useful. First thing that came to mind was BlackNova Traders (google it).
BNT ran on PHP, which naturally, didn't come with the IIS prepackged with Vista, so installed the fastCGI PHP on IIS.
BNT didn't run too well on windows/IIS (only supported on *nix/apache. go figure) so deleted it, and started playing about with php.
Wrote a script that displayed my external ip address (sounds stupid, but if external clients even access that page, they already know my external ip address, so the point's moot. And, it makes it easier for me to find my external ip address. Localhost is much faster to type than whatismyip.com. So there.) and the client's ip address that IIS is seeing. And, log the IP too.
Checked the log after a couple days, saw a few IPs that definitely weren't mine. And, I hadn't told anyone about the site. Hell,even if I had, I have a dynamic IP address, (which was the whole point of the script). Had a dyndns domain pointing here for a grand total of 5 minutes (+dns entry timeout).
Cleared the log for now, see what happens then.
Monday, September 1, 2008
So.
Found a SQL Injection vulnerability in my ex-secondary (That's high school for you Americans out there) school's website.
Crafted a query to get one column name,table name and schema from the entire database using information_schema.columns
Came across a mdl_user table (school was using Joomla,with a Moodle module). Chock full of users - the entire school uses the moodle module for e-learning, so every single student was in there.
Simple guessing came out with the username and password columns. (NB:No prefixes ;)
Checked that out - remember,SQL injection hole - and the username were IC numbers. (The American counterpart would be the Social Security Numbers).
So, there were storing sensitive data, IN CLEARTEXT, as usernames. If I were a identity stealer I would have been in Nirvana. Well,close, in any case, though I can't imagine why would you need to impersonate a high schooler.
Anyway, password was MD5 hashed (moodle module remember.If it was developed inhouse it probably would have been in cleartext as well, going by what I've seen so far),but found that many users had the same password.
So, digged in further the website. Went to the moodle main page. And lo and behold, on the login page, "All student accounts have been reset on January 15th with the password \"password\""
Do they seriously expect 15-year olds to bother about changing their default passwords in a school e-learning portal? At least generate random passwords or something.
So, fired an email to the school's sysadmin, and about five days later, no reply. Hole's still there.
Oh well.
Found a SQL Injection vulnerability in my ex-secondary (That's high school for you Americans out there) school's website.
Crafted a query to get one column name,table name and schema from the entire database using information_schema.columns
Came across a mdl_user table (school was using Joomla,with a Moodle module). Chock full of users - the entire school uses the moodle module for e-learning, so every single student was in there.
Simple guessing came out with the username and password columns. (NB:No prefixes ;)
Checked that out - remember,SQL injection hole - and the username were IC numbers. (The American counterpart would be the Social Security Numbers).
So, there were storing sensitive data, IN CLEARTEXT, as usernames. If I were a identity stealer I would have been in Nirvana. Well,close, in any case, though I can't imagine why would you need to impersonate a high schooler.
Anyway, password was MD5 hashed (moodle module remember.If it was developed inhouse it probably would have been in cleartext as well, going by what I've seen so far),but found that many users had the same password.
So, digged in further the website. Went to the moodle main page. And lo and behold, on the login page, "All student accounts have been reset on January 15th with the password \"password\""
Do they seriously expect 15-year olds to bother about changing their default passwords in a school e-learning portal? At least generate random passwords or something.
So, fired an email to the school's sysadmin, and about five days later, no reply. Hole's still there.
Oh well.
Subscribe to:
Posts (Atom)