Small Hack around: Bypassing content-filtering on proxy for seeing image content

4 Feb

Hi friends,

Most of you were studying in a college which wifi have different type of content filtering software (i.e. The university administrator decides what you can access using university wifi internet connection). Unfortunately, most of these content filtering are keywords or syntax based mean they just filter the keyword of contents or the url etc. And many time blocks the useful content.

Today, I also faced the same problem while trying to see a political cartoon there is nothing offensive or adult content, but still the university proxy is blocking the image of the poster(picture 1).

http://my.fakingnews.firstpost.com/2015/02/03/comic-how-subramanian-swamy-saved-narendra-modi-from-media/?fb_action_ids=10203453736254510&fb_action_types=og.likes

Screenshot from 2015-02-04 16:23:49

Picture 1: Content block by proxy

This was a Modi related cartoon, so I can’t stop myself from watching this. Now, here comes my favorite hacking tool “Google” :). Yes! Of course.  Now a little analysis of content I find out that the post have three images embedded in the body. So

1. I just copy the link location of all three.JPG. (Right click and select the copy Image location)

#http://i58.tinypic.com/2wd3ptf.jpg
#http://i58.tinypic.com/2hyf7cz.jpg
#http://i57.tinypic.com/16bip01.jpg

2. I opened google docs with a new presentation.

3. I select the Insert option from the menu, selected Image options and put the above url. Google docs import that image to slide 🙂

Google Docs>Insert> Image… > By url > and click insert

4. Repeated the step 3 for the other two images with new slide

And Vallah!!! Now I can see images properly with a presentation view with good zoom and adjustment.

Screenshot from 2015-02-04 16:33:56

Enjoy the unrestricted access or Internet….:)

I Guess it should work for video and other content also. But will try that later…

How to contribute in an open source project: A step by step guide

4 Sep

Opensource Software is gaining popularity and is the best way of creating software. Opensource projects also give opportunity to learn coding in a real time environment. Being a beneficiary and supporter of opensource software I always want to contribute to it.  But due to lack of technical expertise in “How to contribute?”, I was not able to contribute till now, but today I came across the site “www.openhatch.org” and first time experience the baby steps of contributing towards an opensource project.  Here, I am sharing my learning to help others. 

You can contribute to an opensource project in many ways like documentation, promotion, testing, bug fixing and feature enhancement. Here, I have focused on feature enhancement, but very similar approach is applicable to other task also. Before going any further it is advisable to please go through below link, it will help you to understand the material in greater details.

  1. http://openhatch.org/missions/
  2. http://openhatch.org/missions/diffpatch
  3. http://openhatch.org/missions/git

Opensource Project

Most of opensource project is hosted on google code, github or Bitbucket. From these sites you can get the code for modification.

Tutorial Setup

For this tutorial, I have done special setup to make learning easy.

Project scenario:

1. Suppose there is one developer who is developing a project for finding Even and odd for a given number. He created and hosted project on github.

2. There is another developer who wants to contribute to the finding Even/Odd project.

3. The creator of the project only has right to make final commit /changes to the code.

4. Other developer works and send changes as a patch to the core developer and he makes changes.

Project setup:

1. To mimic the above scenario we develop two github account by logging to the web interface of github.

2. The owner of the project have user name <urwithajit> and he created code repository as oddEven.git

3. The other contributor created a git hub account as <urwithajit9>

How to create a project on the local system and push them to the online github repository?

( As the project core member)

1. Go to your terminal. (I used Ubuntu and we all ready have installed git client, please check web for how to install git?)

2. Create a folder to create your project  $ mkdir myproject

3. Go inside the directory $ cd myproject

4. Create your program $ gedit oddeven.py

5. Initiate your git project

5.1 git init

5.2 git add .

5.3 git commit -m “First commit ,uploading the project to github repo

Note: before pushing your code you must need to sync your online repo for this use 5.4

5.4 git pull https://github.com/<username>/&lt;repo.git> master

In my case <username> is urwithajit and repo.git is oddEven.git ( change accordingly)

Now you can repeat the 5.1 and 5.2 to just avoid any error

5.5 git push

How to fork and opensource project and make necessary changes? ( As as project contributor)

1. Search a project on github on which you want to contribute. For this example, we have chosen the urwithajit/oddEven project.

2. For the selected project on github (have a very good interface on the web)

3. Copy the repository address ( https://github.com/urwithajit/oddEven.git)

4. Now, back to your terminal and come out from the previous folder myproject. ( cd ..)

5. Create a new folder to copy the code locally to work on the fork project. $ mkdir mycontribuation

6. Go inside the folder $ cd mycontribuation

7. Clone the project code locally

git clone https://github.com/urwithajit/oddEven.git

It will automatically download all the files in your local machine. and will create a folder with repo name such as oddEven

8. Go inside the newly created folder $ cd oddEven

9. Make necessary changes to the code like adding function removing function etc.

10. Once you have tested your newly changes to the code you are ready to submit the code to your fork repository which later can be used for making a final pull request to the original code repo.

How to push the changes to the your online fork repository ( urwithajit9/oddEven)?

1. Add the directory to your online repo ( use same link that you use for cloning)

git remote add upstream https://github.com/urwithajit9/oddEven.git

2. Create a difference in code  ( Know as patch, you can also use git format-patch origin/master after adding file for the commit)

git diff

3. Add file/files for commit

git add oddEven.py

4. Commit the changes to your local git client

Git commit -m ” First commit, make changes in the function”

5. Push the code to your fork repo

git push origin master

How to submit patch or changes to the original developer to merge with core repository?

Once you have made changes to any project and have created patches for the same. You can use online web interface of github to a pull request to the core repository. For doing same you just click on the pull request and create a pull request.

Please give a meaning full description of your pull request.

 

How the final merge of the patch will be done in the core code report?

Being the owner of a project you will notify for every pull request via email and on the web interface. For making merge just click on the pull request link and github will show the patch details.

Verify the patch and take action accordingly. To merge the submitted patch just click on merge.

 

Finally, you have contributed to an open source project.  Same flow can be used to fix a reported bug. Reported but have enough detail to get started  and also have a bug ID for making commit and changes more traceable.

This article is based on below tutorial.

http://pyvideo.org/video/1722/contribute-with-me-getting-started-with-open-sou

 

Hope it will be helpful to get started with any open source project. Keep learning and contributing towards open source projects.

Note: This is a one time written post so may have mistakes or ambiguities, please write me for any changes or help.

Happy learning. 🙂

 

 

 

Virtual Machine: A way to cross computation

30 Aug

Computer need operating system to interact with underlying hardware. Different OS has a different interface and internal component to interact with the hardware. Some of the most popular OS are: Window, Linux, Mac, Solarix, Unix etc. With different OS, applications are associated. Some computer application have multi-platform version and some don’t have.

With the aforementioned details, It can be understood clearly that sometimes a situation arises when we need to access two or more applications and all they need different OS. Such type of problem can be solved with the help of virtual machine.

The virtual machine is a software, which use virtualization techniques and give the power to create different instances of the OS and different type of OS (Windows, Linux etc.) can be installed in one physical system. So with virutal machine, users can work with more than one OS without installing multiple OS parallel.

There are different type of virtual machine, some of popular area:

1. VM Ware

2. Virtual box

The virtual machine is also used to do dynamic malware analysis, sandboxing for an untrusted application etc. The virtual machine is capable to run different image format on OS. Some of Image format use to have lots of pre-installed application with required settings, which makes using application easy. For example Cloudera offer version of Linux with pre-installed Hadoop and mapreduce, users just have run those instances in virtual machine and they are ready to do map reduce programming.

 

 

 

Taking screen shot using python script

29 Aug

Today, my writing time went on reading the python script to take system screenshot. It’s quite interesting and useful. Automated screenshot capturing can be used in many ways: computer vision, automating click based task etc. Python has many libraries for doing the same. For windows system ImageGrab is the module who does the task while for Linux pyscreenshot is the module (unfortunately i was not able to install). Other GUI based python module  can also be used for doing the same.

Below I have some import link for doing the same.

http://stackoverflow.com/questions/69645/take-a-screenshot-via-a-python-script-linux

https://github.com/ponty/pyscreenshot

Anti-Virus as service: A Multiple Parallel AV engine approach

28 Aug

Antivirus or Anti-malware software are computer programs, which use to detect and prevent host, network or computing infrastructure from different malware attack.

Antivirus programs work basically on two underlining technologies: Signature Based and Non-Signature based. Signature based technology uses groups of bytes as signature to identify the malware and Non-signature based technology use heuristic, anomaly and machine learning techniques for addressing malware. Signature based solution have good accuracy for known malware detection, but almost fail in detecting zero day and unknown new malware due to limited by its signature database. On the other hand, non-signature based solution works well in detecting unknown and new zero day malware but resulted in low accuracy and high false positive and false negative.

Most of the users use anyone of anti-virus product to protect their computing devices from malware attack. If these antivirus has an update signature database, then it will work well, but new malware surfacing with a very high speed and hence most of AV developers are not able to cope with this speed and give a time window in updating the signature.  Practically, it is also not possible to be up to date with malware signature because signature generation is a time consuming and complex job and these limitations is increasing due to use of more advance malware writing techniques.

In such critical scenario, AV as a service is very good option. It has many benefits over standalone host based anti-virus products, such as:

1. More update signature DB, due to single maintance

2. Multiple parallel AV-engine can be used to scan each file and hence the accuracy will improve

3. Pay-per-use type of services is also cost effective

4. Get benefit from others detection

5. Global detection of malware makes targeted attack difficult

 

Few are the best and free online or AV as a service are:

1. VirusTotal

Virus Total have an online interface and also have a thin client from starting on demand file scan. It will scan one file at a time. It is maintained by Google and is a free service. It also offers API services.

Link:  https://www.virustotal.com/

2. Metascan

Metascan also offers very similar services as VirusTotal and it’s OWSAT maintained. It’s also free and have lots of AV engine. It also provides API services.

Link: http://metascan-online.com/

3.  Panda Security

Panda security also have in-cloud type of AV scanning services. It runs single AV but users don’t have to install a full fledge AV product. It provides a thin client to host and detection and the other thing is done in the cloud.

Link:http://www.pandasecurity.com/india/

By using such services, users can be more secure.

Wish you happy and safe computing.

🙂

 

 

Contextual Computing: Compute based on Surrondings

27 Aug

Contextual Computing or Context aware computing is the use of software and hardware to automatically collect and analyze data about device’s surroundings and use these data to make a more personalized computing and reflect result to the end user.

Today, smartphone, tablets and wearable devices offering a sense of contextual computing. Google glass and (Facebook auto status update based on background music) are an example of contextual computing, which offer location based augmented reality and contextual marketing.

Contextual computing relies on stored data about the user’s preferences and previous actions as well as data gathered in real time, such as the time of day or the device’s location. Web browsers, cameras, microphones and Global Positioning Satellite (GPS) receivers and sensors are all potential sources of data for context-aware computing.

The challenge of contextual computing is user privacy and integrating data from multiple sources.

Source: http://searchconsumerization.techtarget.com/definition/contextual-computing

Further Reading:

1.http://www.forbes.com/sites/reuvencohen/2013/08/20/the-next-frontier-in-computing-your-brain/

2.http://www.nytimes.com/2014/05/08/technology/personaltech/the-app-that-knows-you.html?_r=0

3.http://www.fastcodesign.com/1672531/the-future-of-technology-isnt-mobile-its-contextual

4.https://research.cc.gatech.edu/ccg/

5.http://www.wired.com/2010/09/context-aware-computing/

Happy reading and be context aware…………:)

Python Tools and Modules for Malware research

26 Aug

Malware can be defined as “any program with malicious intention”. Today, we live in a world surrounded by digital device and hence these malware can be a major threat for this digital/cyber world security. Malware research contains set of activities: Malware analysis, malware detection and malware prevention.

Python is a free, open source programming language and very popular among scientific and research community. Python also has many user contributed modules, script and tools for malware research. In this post, I have listed some of the most popular and useful programs.

1. Pefile:

The pefile is a python module for analysis and extraction of Portable Executable header values, sections values and data. It is very easy to use and very powerful and efficient. Pefile is a multi-platform which makes this module very handy.

Some of the tasks that pefile makes possible are:

  • Modifying and writing back to the PE image
  • Header Inspection
  • Sections analysis
  • Retrieving data
  • Warnings for suspicious and malformed values
  • Packer detection with PEiD’s signatures
  • PEiD signature generation

Example to use: (For more please check https://code.google.com/p/pefile/wiki/UsageExamples)

% importing pefile module and loading a PE file.

import pefile
pe
=  pefile.PE(‘/path/to/pefile.exe’)

% printing and reading values

pe.OPTIONAL_HEADER.AddressOfEntryPoint
pe
.OPTIONAL_HEADER.ImageBase
pe
.FILE_HEADER.NumberOfSections