latest articles

Dropbox Bussiness Free to use { Limited }





Hello,

Dropbox allow only one trial per account but they didnt verify the credit or debit card used during signup that it was used before to take a trial or not.
last month i tried Dropbox business for general purposes and before the end of trial i cancelled the account so nothing got charged from my debit card.

I created a new account and signed up for Dropbox business with the same debit card used before and it was successful and now i can again use Dropbox business for 30 days.

suppose i created an account with an email address let consider it account A.
i invited 5 users and after trial expired account A has a folder with the team name.
Create another trial account with new account B and after that Share the team name folder which exists in A account.

By this a user can also have the access of his last data and now he can save more data on a trial account by repeating the process i can easily spoof Dropbox and can use Dropbox for business without paying.

I reported this to Dropbox but they told me that this is a known issue.

However I tried this but if someone have more info on this please let me know.

Stay Tuned

Jitendra  

Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

Understanding DMARC record:- Why it is use and Its basic understanding

Some of mail servers discard and block emails based on SPF and DKIM record and some marks them as spam.
During this The mail sender is out of this sometimes important mails are marked as spam and Junk mails came to inbox.
So here DMARC policy works.


Understanding DMARC policy

DMARC stands for Domain-based Message Authentication, Reporting and Conformance.
Its very important features is the ability to generate a dynamic feed back loop that informs the senders about messages that are being rejected.

Currently DMARC currently exists as Internet Draft.
DMARC policy works by publishing of special DNS record that encodes a policy related toprotecting the flow of emails.
DMARC specially concerned with the "FROM" header in the email because this is main part of email which is targeted by the phishers 
An email sender can publish a policy stating that if the mail fails the SPF or DKIM record then mark it as spam or reject the mail.

In this image you can easily understand how DMARC works 




DMARC record look like this 
"v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@example.com"
Here 
v: Represents the protocol version 
p: policy of Organizational Domain
sp: Policy of Subdomain for Organizational Domain.
rua: Reporting of URI of aggregate report.
ruf: Reporting URI of forensic report.
pct: Percentage of Message subject to filtering.
adkim: Alignment mode for DKIM
aspf: Alignment mode for SPF  

Here p set for reject means if email failed in either SPF or DKIM record then the mail will be rejected and if it was set to be on quarantine then the mail will be marked as spam and will be delivered to spam folder.

Suggestions welcome. Feel free to comment

Special Thanks: Subir Sutradhar, Gurpreet Singh and Whole I-HOS team 



Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

Yahoo Spoof mail Vulnerbility

However This was an old Bug But I thought that i should have to Share this So here is the Bug

Yahoo mail enables to send email from any of the email address exists like from *@microsoft.com and many other email address who doesn't have a strict DMARC policy.

How to Reproduce:-

1. Login to your yahoo mail account and compose any email and start capturing the request.
2. Now Go to Captured Request and send it to repeater.
3. Now modify request.
2. Click on send and the email will be sent.

I don't have the sample request so i am sharing the proof of concept video.




Yahoo is not verifying who is sending this email.
So it can be easy to spoof email from Yahoo mail servers.

I am showing you a proof of concept of it.


Stay tuned
Computer Korner will be Back in Action Soon


Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

XSS on Twitter ads


# Get the details here
# https://hackerone.com/reports/27846


Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

FLOW CONTROL : UNLESS STATEMENT


In the last post we learnt about the basic PERL FLOW, and we also learnt that we can alter the flow of code depending on our needs. We also learnt about conditional statements viz IF statement. When we want to make some decisions we can use IF statement, based on which a block of code is executed.

Here in this post we will learn about another CONDITIONAL STATEMENT, the UNLESS statement. This is exactly the opposite of IF statement. We know in IF statement if the condition is True, only then some BLOCK of code is executed, but with UNLESS statement, BLOCK of code will be executed if the condition is FALSE

UNLESS works just like IF, but its just the opposite, in IF the statements in blocks are executed if the LOGIC is true or condition is true, but in UNLESS the block is executed only when the condition is false.

unless(LOGIC) {BLOCK}

This means, unless ( LOGIC IS FALSE ) { Execute this part of the code }

So we can say that:

unless(LOGIC) {BLOCK} is equal to if(!LOGIC) {BLOCK}

With that said, lets try this small Perl script to testify:


[gray@ckserver Perl Programming]$ cat un.pl
#!/usr/bin/perl

use strict;
use warnings;

my $a = 10;

unless($a == 9)
{
    print "\nI am executing coz the condition is false..\n";
}

[gray@ckserver Perl Programming]$
[gray@ckserver Perl Programming]$ perl un.pl

I am executing coz the condition is false..


So its very clear from the example script that, if we use unless, the condition has to be false .

Thats all for this post, have fun.


Feel Free To Leave A Comment
If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

PERL FLOW CONTROL


In this post, we are diving one level deep into perl and we will explore and learn about the flow controls of perl, which includes the native top down approach, conditional jumps, iterations, etc.

By default, in perl, the approach is top down, ie when we run a perl script, the perl interpreter parses the code from top to bottom, but many a times we feel the need to change this default behaviour, we might want to do certain things based on some conditions. Thanks to perl, we can do it like other programming language with the help of "IF" and "UNLESS" statement.

In our real life, we often make a decision, based on certain logic, like if it is raining, we take umbrella, else we do not take it. Similarly, the same concept applies to perl too, it makes decision with "IF" AND/OR "UNLESS" Statements.

The "IF" Statement:


Lets look at the syntax of IF statement:

IF ( CONDITION ) { BLOCK }

This means if the condition is True, the Block of statements has to be executed.

Example:


#!/usr/bin/perl

use strict;
use warnings;

my $var1 = "perl";
my $var2 = "perl";

if ($var1 eq $var2)
{
    print "Both the values of variables are same";
}

More General syntax:

if(LOGICAL) {BLOCK}

if(LOGICAL) {BLOCK1} else {BLOCK2}

In condition is True, BLOCK1 is executed, if the condition is False, BLOCK2 is executed.

if(LOGICAL) {BLOCK1} elsif(LOGICAL2) {BLOCK2} else {BLOCK3}

This is a check for multiple conditions, this says, if first condition is True, BLOCK1 is executed, if second condition is true, BLOCK2 is executed, if all the conditions are not true, the else BLOCK is executed.

if(LOGICAL) {BLOCK1}
    elsif(LOGICAL2) {BLOCK2}
    elsif(LOGICAL3) {BLOCK3}
    elsif(LOGICAL4) {BLOCK4}
else {BLOCK5}

With that said, lets look at a very simple perl script:


[gray@ckserver Perl Programming]$ cat conditions.pl
#!/usr/bin/perl
#

my $super_password = "superpassword";
my $gen_password = "password";

my $user_input;
print "\n\n[#] Welcome Admin!! Log in with your password.\n\n";
print "[#] Enter Password : ";
$user_input = <STDIN>;
chomp($user_input);

if ($user_input eq $super_password)
{
    print "\n[+] Welcome Super Admin!!\n";
}
elsif ($user_input eq $gen_password)
{
    print "\n[+] Welcome User!!\n";
}
else
{
    print "\n[+] Wrong Password!!\n";
}



[gray@ckserver Perl Programming]$ perl conditions.pl


[#] Welcome Admin!! Log in with your password.

[#] Enter Password : superpassword

[+] Welcome Super Admin!!
[gray@ckserver Perl Programming]$ perl conditions.pl


[#] Welcome Admin!! Log in with your password.

[#] Enter Password : password

[+] Welcome User!!
[gray@ckserver Perl Programming]$ perl conditions.pl


[#] Welcome Admin!! Log in with your password.

[#] Enter Password : test

[+] Wrong Password!!
[gray@ckserver Perl Programming]$


Thats all for this, hope this was fun and interesting...

Feel Free To Leave A Comment
If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

More About Operators


Hello readers, hope you are having fun with perl. In the last post we learnt about the operators used in perl with Numbers and Strings. In this post we will see few more usage of operators..

The Auto Increment and Decrement:

Like most other Programming language, Perl also gives leverage of using Pre and Post Increment/Decrement of numbers.

Pre Increment: The value is incremented first, and then the expression is evaluated.
Pre Decrement: The value is decrement first, and then the expression is evaluated. 
Post Increment : The expression is evaluated first, then the value is incremented.
Post Decremented : The expression is evaluated first, then the value is decremented.

Example:

#!/usr/bin/perl
#

use strict;
use warnings;

# Pre Increment block

my $var1 = 5;
print ++$var1 + 10;
print "\n";

# Pre Decrement block

my $var2 = 5;
print --$var2 + 10;
print "\n";

# Post Increment block;

my $var3 = 5;
print $var3++ + 10;
print "\nValue of \$var3 : ",$var3;
print "\n";

# Post Decrement block;

my $var4 = 5;
print $var4-- + 10;
print "\nValue of \$var4 : ",$var4;
print "\n";


[gray@ckserver Perl Programming]$ perl operators.pl
16
14
15
Value of $var3 : 6
15
Value of $var4 : 4
[gray@ckserver Perl Programming]$


Concatenation Operators:
'.' with strings, helps in concatenation, i.e joining strings

#!/usr/bin/perl
#

use strict;

my $g = "Yo Yo ";
my $h = "Honey Singh!";
print $g.$h."\n";

[gray@ckserver Perl Programming]$ perl operators_1.pl
Yo Yo Honey Singh!
[gray@ckserver Perl Programming]$



Note For Offline helps, at the shell type:

[gray@ckserver Perl Programming]$ perldoc
Usage: perldoc [-h] [-V] [-r] [-i] [-v] [-t] [-u] [-m] [-n nroffer_program] [-l] [-T] [-d output_filename] [-o output_format] [-M FormatterModuleNameToUse] [-w formatter_option:option_value] [-L translation_code] [-F] [-X] PageName|ModuleName|ProgramName
       perldoc -f PerlFunc
       perldoc -q FAQKeywords

The -h option prints more help.  Also try "perldoc perldoc" to get
acquainted with the system.                        [Perldoc v3.14_04]
[gray@ckserver Perl Programming]$
[gray@ckserver Perl Programming]$ perldoc perldoc

Thats all for this post, have fun..

Feel Free To Leave A Comment
If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more

Perl Operators


Operators play a very crucial role in any programming language. As other programming language, the basic operators for perl remains the same, Addition, Subtraction, Multiplication and Division.

Seems simple, but things gets little complicated when there are several operators in a single statement. Here comes "precedence" and "associativity" to the rescue.

Operators in precedence with associativity:

1. **        Associativity: right
2. *,/,%    Associativity: left
3. +,-        Associativity: left

Let us try to understand precedence first with an example statement below:
    2**2+4/2-2+3%5
    => 4+4/2-2+3%5
    => 4+2-2+3%5
    => 4+2-2+3
    => 6-2+3
    => 7

Associativity, means the operation direction to be followed when operators of same precedence are in a statement. From the above example, when we reached line "4+2-2+3", perl found that operators of same precedence was in the line, hence it followed the associativity rule, which was from left to right to evaluate the expression.


So far, we dealt with the Numerical Operators with which we perform/calculate mathematical expressions. Now let us focus on COMPARISON operators where we would compare numbers and/or strings.


Operation                          Num version         String version
less than                                                      <                                    lt
less than or equal                                     <=                                 le
greater than                                                >                                    gt
greater than or equal                               >=                                 ge
equal to                                                        ==                                  eq
not equal to                                                  !=                                  ne
compare                                                       <=>                             cmp

These COMPARISON operators evaluates to either a True or False, but here is the catch...
Everything in perl is true, except:
a. The empty string "" and "0" or any expression that evaluates to these values
b. Any numeric expression that evaluates to numeric 0
c. Any value that is not defined.

String Operator comparison:
While comparing strings, we use
- eq and ne operators


Three-value compare statements:
    - If $a set to 4, 3 <=> $a return -1
    - if $a set to 4, 4 <=> $a return 0
    - if $a set to 5, 5 <=> $a return 1

    - if $b set to Perl, 'Basicperl' cmp $b return -1 , Because, in ASCII value of first letter(B) in Basicperl is less than first letter(P) in Perl.
    - if $b set to Perl, 'Perl' cmp $b return 0, as Both the ASCII vales matches
    - if $b set to Perl, 'Pert' cmp $b return 1, because, ASCII values till the 3rd letter was same, but on the 4th letter, ASCII of t is greater than l

With that said, lets summarize the whole post with this small perl script:

#!/usr/bin/perl
#


use strict;
use warnings;


# Example to show precedence and associativity
print 2**2+4/2-1+3%5;
print "\n";

# Example to show that a null string is false
my $test = "";
if($test)
{
print "baam\n";
}
else
{
print "Ouch\n";
}


# string comparisons
#

print "ad" lt "ab";
my $b = "Perl";
print 'Basicperl' cmp  $b;
print "\n";
print "Pert" cmp $b;
print "\n";


Thats all for this post, hope it was helpful..


Feel Free To Leave A Comment
If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Read more