I've had my fair share of similar experiences. Through all of it though I think you'll come to understand that this community in particular isn't actually that bad. In the end everyone here seems to share the same common interests and the other staff here are very reasonable when it comes time to take any action.

 

There are definitely some people out there that just like the idea of hitting a button or two that other regular users don't have the permission to use, but that kind of mentality exists even outside of the online world. 

 

Just try to deal with it and don't let it ruin your week.

I had seen a video about this on Channel9 a while back. Personally I'm not too excited about some things because there have been many Windows ports for certain utilities being that Windows users wanted alternatives. It's just nice that it'll finally be *native*.

 

I have SSH from Git for Windows already though, in addition to an alternative to grep for Windows (Sift) https://sift-tool.org/. Maybe bash scripts will be more helpful however in contrast to powershell? I'm also hoping that the terminal has full unicode and color support like on Linux, which would be nice to run VI on instead of having to use gVim all the time.At that point I can finally use ConEmu for practically all of my needs.

 

edit: Apparently this *native* bash will not run Windows binaries though? What's the point? So you need to use *native* bash to run some kind of reverse Wine-like emulator to run a Windows program?

I wrote quite a few of my own helper functions. They provide you a StrLen.exe which you don't really need. You can still determine the length of a string in batch alone, I've done it before with my own callable section of a batch script using batch substrings.

 

Looks like a nice solution was created throughout this thread though

I tried the utility to hide autoit exe script. It hides it inside and whe I check with av - it shows zero detection ! Thats pretty good! Thank you for your utility! Something what I can't understand- How can my Exe be  executed then?  Thanx in advance !

 

Your exe cannot be executed from that file unless, assuming the file you've embedded your exe within, is an exe itself, and you were to inject some code to manually do something with your program I would assume. Otherwise, your embedded file is just another resource.

Haha, that was really good

I wonder what kind of encryption they are using? Does each padlock come with a pre-generated public and private key guaranteed to be unique per padlock? Or ?... Blutooth doesn't exactly seem like the most secure communication to me.

Out of all the combinations.... Wow, that is actually very lucky.

Gave it a few tries, I just died by a purple ship.

"BOOTMGR is missing, Press Ctrl+Alt+Del to restart"
 
There is pro article on the topic, hope it helps more users:
http://www.windowspa...is-missing.html

I last posted about this more than a year ago, this has already been long solved.

 

This is just spam.

VERY interesting Mikorist, seems everybody wants to invade privacy these days. The thing is, even if it's the government doing things like this, it doesn't mean it's being used in any more of a responsible way, than the average hacker would with such control; the scary truth.

I'm tempted to find that bridge and disable it. I don't have anything to hide, so why should others have the right to access my Windows 8 machine, and especially without such warning to the public that they have this kind of access? That is not right at all.

Hmm, odd. Perhaps another relevant link: http://corelabs.core...ate_the_Rootkit

Some important bit of text:

show that the software mechanisms to protect the agent embedded in BIOS from tampering and re-flashing are insufficient to prevent malicious attacks if digitally signed BIOS updates are not enforced by the manufacturers as is the case in computers deployed globally as of 2009.

Regarding ARM, I really have not much knowledge..

 

Maybe the return values should have been changed. It just was not part of the core logic, so could have removed it altogether by changing the function from int to void.

 

Regarding the first byte in the shellcode, where it in comments says "int 3". There currently is 0x90 (NOP), but can be changed to 0xCC (INT 3) to make your JIT debugger break at shellcode. Though I am rather sure you figured out that.

 

int to void is definitely not recommended however, it's considered a red X in programming. To be honest though, if you are just wanting to remove all returns you don't need them at all anyways by the C99 standard. C89 requires it. It will call to exit anyways in the end with some return code, which is why it's not necessary, and will return the value of whatever is in the eax register at that point. I wanted to try to see what I could do with my Surface RT, but I may not have time until next weekend. It should be interesting, assuming I don't run into any other issues other than the minimum signing level issue which is hardcoded into the kernel on my RT...

I looked into this a while back, and for x64, it's as trivial as raising the protection level for that page, because most kernels now mark DATA as not executable. (A byproduct policy of the DEP - Data Execution Prevention implementation as far as I'm aware.) The same principle is responsible for how programs like Google Chrome compile (and execute) Javascript to native code (WebKit nitro engine).By default for Windows I think DEP is only turned on for essential Windows programs and services.

I would be curious about ARM though... Because it specifies several instruction execution modes such as Thumb16, Thumb32, and ARM...

 

edit: Your return 0, and return 1 in that code should be reversed however I think.

 

Nice work though I never changed the protection so I was able to run it directly for x86 and because DEP was off presumably.

I wasn't aware this was posted here. I solved both of these socket based challenges though, the sudoku one was a bit more challenging.

SHA-256: 22a629bbf5ff5d6ef9ea5e2ea697520363b63bf4fd490d7415e6cf945fade154

I figured out format a, I just didn't get what the significance of the 81 was for format b. I'm thinking my solver is always going to use format b though? :S

I solved your challenge @IceCube That was a fun one, regardless of its simplicity. The only thing I require for this one is to create a Sudoku solver and parser to submit to my sudoku solver. I only created one in C# a long time ago. I'm attempting this one in C++.

I don't quite understand this though:

Format:
a) "[1-9] [1-9] [1-9]" - coords and input digit
b) "solution [1-9]{81}" - full solution

How does "solution _____" get submitted? (Maybe I should rephrase this)

How is "[1-9]{81}" a full solution for a particular sudoku puzzle? I know solution is the string command, and the argument after it is to be the solution, but I don't get how the solution is to be formatted.

I was looking at Sudoku today, and I can't get what this means: "[1-9]{81}"

"To figure this out, or to stay confused, that's the question"

edit: Hmmm, {81} an index on the 9x9 grid (the very last square? Being a number indicated by the [?]? (ie. a value from 1-9)?

If that's correct, is that how all squares need to be filled in?



Hmm...

edit: I figured it out for inputting data finally... Shouldn't have taken that long. At first I thought the coordinates meant grid, then position within the grid, then I tried with the brackets around each 3 numbers, which might have been my biggest mistake. ({X} {Y} {Number})

Still don't understand format b however.

Ahh, forgot to mention I improved the ASM for the Beep shellcode I was using:

__asm
{
	mov ecx, dword ptr 0x764531AF
	xor eax, eax
	mov ax, 0x320
	push eax
	mov ax, 0x450
	push eax
	call ecx
}

Which gave me this:

\xB9\xAF\x31\x45\x76\x33\xC0\x66\xB8\x20\x03\x50\x66\xB8\x50\x04\x50\xFF\xD1\xC3​​

Removes all of the 0x0's... No need for a 32 bit storage if you only need probably 16 bits, so I split up the register in half. Thought this might help someone else reading this thread, so I'll post it.

~Ace

File Name: PascalsTriangleDisplay
File Submitter: AceInfinity
File Submitted: 17 Apr 2013
File Updated: 19 Apr 2013
File Category: Miscellaneous

Here is a project I created as a dynamic visualizer to Pascal's Triangle. You can increase or decrease the base for the colors to be set within the triangle, as well as the size of the inner shapes that make up the overall triangle within the image itself. There are 3 options for shapes currently, including Squares, Circles, and Triangles.

You can also set a color to use for the transparency color on the alpha channel if you want to save the image with transparency (other than the triangle's background, which is transparent by default.

This was just a miscellaneous impulse drive project due to boredom, but I had lots of fun making this and seeing what kind of images I could make from it. My more serious motivation was to get into fractals, which are a bit more complex than this.

Click here to download this file

I don't have time to look further into it right now. Here's a good x64 tutorial; http://mcdermottcybe...s-x64-shellcode

Appreciate it joakim Thanks anyways. I will take a look at the link for now and do some reading. I'm assuming your test with XP SP3 was on a the x86 edition of XP and not the x64 (as the highest SP for x64 is SP2), so I guess I've got some learning of my own to do for a different archicecture.

But what does the source code of the tool look like?

 
Using the method as posted above, for reading from the bin file I have this:

FILE * filePtr;
filePtr = fopen(argv[1],"r");
if (filePtr!=NULL)
{
	printf("File open succeeded, attempting to execute shellcode...\n");
	char arr[256];
	int n = 0, c = 0;
	do {
		arr[n++] = (char)(c = getc(filePtr));
	} while (c != EOF);
	fclose (filePtr);
	((void(*)())arr)();
}
else
{
	printf("Error: Could not open file...\n");
	return 1;
}
return 0;

 

Note: I increased the size of the array just to test your notepad shellcode, but it still didn't seem to work. I forgot I had a small value in there for the buffer size.

edit: Debugging my program when attempting to run the notepad.bin from your shellcode points to 0x0028D71A as the problem:

0028D716  xor         edx,edx  
0028D718  dec         eax  
0028D71A  mov         edx,dword ptr [edx+60h]

0xC0000005: Access violation reading location 0x00000060.

So after EAX gets set to 0x00000000, the dec instruction subtracts one from the destination operand being the EAX register... Reading about the dec instruction, it treats all integers as unsigned datatypes too, which makes sense, being that the instruction is to subtract from the value.

It seems like an issue with my program in this case, but what I don't get is why the beep code would run in my program, and not your AutoIt GUI?

More looking-into required I suppose...

Sure, I'll send along with the binary, the bin file for the kernel32 Beep too. All you'll have to change is the bytes for the address...

 

Right now, it's just being interpretted directly, I plan on creating/spawning a child process to run the shellcode dynamically in the future. I have HyperV on my Win8 machine, with VM's for XP all the way up to Windows 8 itself. Including a couple Linux distro's. So fortunately for me I have the capability to test across various operating systems which comes in handy.

 

http://www.mediafire...l450cl43eu4210l

But the shellcode worked directly in my compiled C binary for the one I showed you. Now what is more strange is that the code above works using your AutoIt GUI, but does not work in my C program... I'm going to have to attach the debugger to this to see why I'm getting such odd results... So far, code that has worked in my program has not worked in your GUI, and vice versa.

 

I'm assuming the shellcode did not work for you that I had though?

I understand you attempting a beep. Can you post the code you are trying and also specify the arch and OS of the traget machine? I can take a quick look.

The code that I was trying is this string of bytes:

\xB8\xAF\x31\x45\x76\x68\xE8\x03\x00\x00\x68\xEE\x02\x00\x00\xFF\xD0

The process would crash, so after going through a whole bunch of tests, I verified that the address was correct, and the ASM looked fine... I finally created my own program directly in C however to take care of handling all forms of input without any extra binaries for shellcode execution, and which can run the shellcode from a bin file, and as an argument, and that same shellcode works from my program, the only thing it was missing was a ret (to avoid segemtation fault throwing an exception), so I added \xC3 to the end, and no problems at all after that (*from my program anyways*):
 

\xB8\xAF\x31\x45\x76\x68\xE8\x03\x00\x00\x68\xEE\x02\x00\x00\xFF\xD0\xC3

The address at the time of testing: \xB8\xAF\x31\x45\x76\x68\xE8\x03\x00\x00\x68\xEE\x02\x00\x00\xFF\xD0 (0x764531AF for the Beep function in kernel32.dll)

Architecture: Intel x86-64 (64 Bit)
OS: Windows 8 Pro (with Media Center)
 
Note: I can run this same set of instructions from inline ASM in a C++ test program I created in Visual Studio:

__asm
{
	mov eax,dword ptr 0x764531AF // Kernel32.dll!764531AF()
	push 0x3E8                   // Duration argument
	push 0x2EE                   // Frequency argument
	call eax                     // Call function
}

It just doesn't work through the AutoIt program. I tried both 32 bit and 64 bit versions of the GUI.
 
Not a big deal though, I still learned quite a bit from fooling around trying to figure out why it would not work. The included calc file from your download works with my program too, but causes the program itself to crash after the calculator is thrown, even when adding a ret to clean things up at the end, so right now I am in the process of viewing the ASM from the shellcode provided in the bin file to see what might be going on there...
 

It would/may seem there is an issue with the program... The shellcode I had worked perfectly when I hardcoded and compiled to run it myself. This was tested with v4. I got a Beep

I had to add a ret though to avoid a segmentation fault. Any shellcode I tried here though just caused the process to crash.

Even tried adding \x33\xC0 to the beginning (instruction XOR EDX,EDX) to set EDX to 0, but it did not work. I'm currently trying to set up XP in Hyper-V to do some testing there...

Beep(700, 1000);

000007D0  68E803            push word 0x3e8
000007D3  0000              add [bx+si],al
000007D5  68BC02            push word 0x2bc
000007D8  0000              add [bx+si],al
000007DA  FF15              call word [di]

So here's what part of the relevent disassembly looked like from ndisasm... You can see the value for the second param of the Beep function from kernel32.dll being pushed onto the stack (0x3E8 = 1000, for a 1 second duration or 1000ms), as well as the frequency (0x2BC = 700).

I wrote my own C++ program that got the address of the Beep function from kernel32.dll which returned 0x764531AF, which I suspected was \xAF\x31\x45\x76 in shellcode.
 

GetProcAddress(
	GetModuleHandle(L"kernel32.dll"), 
	"Beep"
);

After doing some tests I could not get a beep, so I wondered if this was all accurate information, and it seemed to be confirmed after I ran your AutoIt program to get the address for this function.

I'm using Windows 8 x64 Pro with Media Center. Tested through VS to try some inline asm:
 
 

01258365 A1 B4 12 26 01       mov         eax,dword ptr ds:[012612B4h]
0125836A 68 E8 03 00 00       push        3E8h
0125836F 68 EE 02 00 00       push        2EEh
01258374 FF D0                call        eax

This worked when ran directly in the debugger... Although this is not what I wanted, as that is not a usable address, if I was to convert this to shellcode:
 

dword ptr ds:[012612B4h]

So I tried substituting the actual function address from the kernel32.dll module as 0x764531AF (\xAF\x31\x45\x76) just to see, and no luck still even with putting that address in manually:

009163DA B8 AF 31 45 76       mov         eax,764531AFh  
009163DF 68 E8 03 00 00       push        3E8h  
009163E4 68 EE 02 00 00       push        2EEh  
009163E9 FF D0                call        eax

*Which became this in shellcode:

\xB8\xAF\x31\x45\x76\x68\xE8\x03\x00\x00\x68\xEE\x02\x00\x00\xFF\xD0

edit: NOTE: The inline asm worked for that address. But the shellcode derived from the disassembly did not... Just to clarify.

I tried anyways, because obviously the shellcode above designed for XP SP3, wouldn't work with my Win8 OS. Just thought I would share my experience in this thread, even though it was from an unsuccessful attempt.

This thread seemingly existed since late 2011 too. And only a few others came along to confirm the existence of such a thing

I can see how this may be useful in some cases with a specific hotkey, so long as, someone that you don't want to have access to this, doesn't know the hotkey, and isn't capable of figuring it out on their own.

Great stuff joakim I thouroughly enjoy reading your content.

~Ace

"We're humans and humans are not driven by logic" - Well, that depends on perspective I guess too. Even mistakes could be a result of some concept of logic; not enough experience to not make that mistake, etc...

needs are a form of logic to me, but here i'm thinking this way because of my programming background. If we need to do something, it's logic that convinces us to do it or that we require it.

Keeping in mind, that needs do change over time for humans (like any other living thing that needs to adapt to it's environment and surroundings)... Evolution, and not just in it's physical form by definition. So here: "Needs that were installed into us, aeons before anyone even thought about, that one day, there would be a thing called money." - This implies that we're talking past tense, in which money was not a requirement because it was not needed back then. Now/Today, it's a social status that represents 'power' to some people, and behind that ideology, I believe it's mostly greed. People that are poor would like more of it to 'just get by' but people that have the amount in which some people can only dream of, also would like more. (I haven't heard anyone desiring to have less money, it's always been a quantity of 'more', unless that person has enough to live comfortably, but my point against this is: If we gave those people more money, would they deny to claim it? If they did, it's probably dealing with some psychological phenomena, to which i'd have less knowledge about (depression about somehing, etc...))

However, I guess it could be BOTH fear and greed. Because depending on which side you're on.... Have's or Have Not's... If you've got enough money that you don't have the fear of going bankrupt, then you may be driven by greed to have more power; money. Otherwise if you're on the poor side, you may just be wanting enough money to get by, which would be motivation by fear; becoming homeless.

It's beomce quite a debate lol. But i'm willing to settle with what I've posted in this thread here. Motivation is based on perception, thus it's unique from person to person.

I do not disagree with you though, I can see your points and I never would've thought about it that way, being a taxpayer myself lol. Although I now think it's lots more complex than words can describe, being a result of a multitude of things in a complicated formula probably not worth trying to solve... Therefore, as I originally thought, "greed" could be part of it, but not the only aspect of it.

Cheers,

Try it yourself. Buy your girlfriend/wife something nice, something she really likes as a gift and tell her that you spend ages to find just the right thing.

Next time, give her an equal amount of money and say you couldn't get bothered going shopping, you were busy with important things.

That would be the most flawed test ever conducted: You tell you're girlfriend that you had 'more important' things to do... *nods head*... What do you think she'll think about that comment on a personal note? Even without spoken.

Try this with somebody on the street now: Give them $1 000 000, or give them something of equal value. (Now depending on whether or not they are interested in the equal valued gift... They may like it, but not as much as being able to choose what this money does for them instead. Ironically though, who will do this? lol. Few and far between...

BTW, once said that Nicholas Tesla was most probably one of the real geniuses of all history of human kind , I have the feeling that AceInfinity tends to watch (and worst than that believe to ) a lot of "pseudo-scientific" TV/Internet - or at least he spends on it more time than on Physics studies.

You guys are wrong for those assumptions. One of my close friends actually has a Physics PHD, and I did take physics courses for more than a few years in and after high school in University because it was my main interest of study at that time. If you understand charges & static electricity, magnetism, and electromagnets. It's possible to retrieve electricity from the 'air'. What do you think our North and South poles generate?


(We're actually overdue to have that magnetic polarity reversed btw... In which case could cause very catastrophic events on Earth.)

What MedEvil said is correct though, to some extent. You could bill a device of such, by just measuring how much you've generated and how much you've put to the load away from the machine itself as the source...

Why we don't do this though? He is correct again: People who make money from our current power plants would be out of a job, it's not because it is not possible. So why we don't have this or why it's not as well known? They don't want people to start making this a publicly used thing. You try to start a business that would potentially change the way's of a larger company, perhaps putting the oil industries out of business or anything with our electrical power plants that we wouldn't need to use anymore, because of some invention you created. They will stop you.

I've even had personal experiences with this that i've heard about from close friends. Mostly with a guy that I knew who had mentioned he recorded falsified data about oil and gas reports, coincidentally to find out that his house had been burned down fairly soon after.

I'll leave you guys to believe whatever you want though, that's not my concern. Although it's best to keep an open mind.

I'd not agree with procrastination or fear. Governments don't do anything about the environment becuase it'd mean getting rid of oil factories basically. Oil and gas = <($¿$)>. It's the reason why the Electric car and the idea of it, even after a few were manufactured, was destroyed. Tesla had a way of gathering electricity from air, unknown to many, but his idea/invension is destroyed and lost as well. Who want's that? We've got expensive electricity power plants that we have to pay for instead to keep those employees working in those fields with work and income to support their own lives. How is any of this fear or a derivative of it?

We've got oil and gas which keeps those working in those fields... In their lamborghini's and mansions. We've got taxpayers buying smokes to support bad government decisions. What else? When you know where your money is going (a large portion of your income), money truly is the main core of evil. Anybody can do something about something, but what do we need for encouragement? Money.

(Just to mention we've also already gone off topic from "Life on Mars" )

No, we are not safe , daylight savings (or stupidity) will kill us soon :



Wonko

I'd say stupidity and greed for the most part. Our stupidity is reflected by the root of all evil anyways; money.

Not like that.

Let me tell you a few incidents from last few days.

Due to timezone difference, when I am done with my dinner, Icecube generally leaves office at that time. The day this HackYou CTF started, Florin mailed us asking to participate and expressing his inability to join with us for the first few days. Immediately after, I found Icecube online in Gtalk, pinged him while he was about to leave his office. As soon as he returned (took some 15-20 mins. or so), he came online and we played together for 4:30 hours or so. 700 points were earned that day. When I left, it was around 2:40 at night (my local time). I think Icecube got little time to take rest after he returned from office that day. That's "committment". Even, he used TeamViewer to access my machine (Belgium to India, quite a few thousands of miles apart) to solve one problem. With my poor net connection, it's a pain enough for him.

Coming to joakim. He's damn busy because of some urgency in office work. Yet, I found hime online yestearday even after hectic schedule. Also, even while in office, he asked me whether team neeeds any specific challenge to be looked by him. That's "responsibility".

MichaelZ, was busy even in weekends during CSAW. In spite of that, I found him to find out some time slot to solve challenges.

Florin, the youngest and silent-most member, apart from contributing significatly during CTFs, keeps an eye on forthcoming CTFs and informs us time to time.

Bottom line is, all these people make us a "team", Team Reboot is what we call it.

I wouldn't quite call that "responsibility" as he should be working instead, but I would say "dedication" instead

I envy your motivation and commitment to these things Holmes.Sherlock Keep up the good work friend. I seen a few emails from the Google group, so I check into that every once in a while.

Thanks Acefinity!

After I googled a bit about bookmarklets and how to make, now I use your snippet with 100% success.

Peter

Bookmarklets are amazingly useful, what I do, is I have my localhost with Apache/MySQL/PHP all set up, then for a bookmarklet i'll put the .js file into my localhost folder (XAMPP or whatever you have) and reference it by a bookmarklet, for the more complicated scripts.

By unanimous consensus you have just been awarded the "2012 most OT post" prize.


Wonko

Back on topic, even though just a temp fix, my script seemed to work perfectly for going directly to the newest post from clicking the last post link from my content area. Confirms that it doesn't just navigate to the page as pscEx tried to hint at me I believe....

Ahh!.. After a few tests, it seems that my script doesn't, and it's actually looking like it's a result of the added '/' at the end, so removing that my script works flawlessly now

javascript:var x=window.location.href;(function(){ window.open(x.replace('#', '/#').substr(0, x.length), '_self'); })();

Does this script really show the first "unread" post or the first one in the topic?

Peter

That depends on if the input link is just the thread link or a specific post permalink.

If we have:

http://reboot.pro/15298#entry136150

Where entry136150 is a permalink, and we're missing a '/' before the '#' then it will load the page:

http://reboot.pro/15298/#entry136150

And when done with loading the page, it will 'scroll' to that link on page as expected.

Interesting thing is... A link like this on Reboot:

http://reboot.pro/15298///////#entry136150

Still get's parsed to:

http://reboot.pro/15298/#entry136150

Regardless of how many slashes we have, so my js bookmarklet ALSO acts as a refresh button

I have this error too where the parser doesn't add a slash. So I created a simple js bookmarklet to help me with that:

javascript:(function(){ window.open(window.location.href.replace('#', '/#'), '_self'); })();

Those 2 names don't surprise me haha. I wish I had more experience with what they know about.

I didn't see what this was about entirely, it's hard to follow without reference, but this is among many things that i've seen on forums. It's unavoidable, it happens. Biggest result of an over-exaggerated drama that happens as a result is driven by human nature to assume more than the known. Since when do we ever assume the best in something over the worst? And that's when things really start to break apart, because you can't analyze much, just by based on what you read over the internet. There's no tone, body language, nothing

Because I understand this though, I can see through that fog, and realize that this is a good community, including the people within it

~Ace

Good work guys, sorry I was unable to participate in this event, I had a busy weekend. Hope to see you guys at the next one. The only problem I have is Linux challenges... I'd like to be able to get another laptop so I can run Linux on that. So i'm not having to dual boot, run in a virtual environment, or anything like that. I can run both at the same time without sharing computer resources.

Ahh, so I know at least one of my other sites must have been down as well. This is interesting information.

Nice application, reviewed it on my blog here: Aero WinShark Review

Do you have any updates about its compatibility with Windows 8 classic desktop?

I actually never tried it with Windows 8 yet But there were a few unhandled exceptions in this program I noticed after some use, easy easy fixes, but I never got around to fixing them because I scrapped this project. I could actually easily rebuild it, but until someone really complains about this app then i'll just keep it as is, no longer in development. I've moved onto a couple new programs new and projects, related to UDF Image file formats and device drive mounting for media. A bit more difficult and I haven't completed it yet. Kind of stuck with how a device drive is recognized in comparison to just a regular filesystem (data) drive..

Thanks for the review though

I know the driverquery cmd retrieves a list of drivers on your system, you basically just copy all the drivers in the drivers folder to a separate location though?

I just seen this thread, but I know I posted something similar to this a while back: http://tech.reboot.p...ad.php?tid=2419

http://www.chron.com...uly-3497916.php

This undated handout image provided by The DNS Changer Working Group (DCWG) shows the webpage. It will only take a few clicks of the mouse. But for hundreds of thousands of computer users, those clicks could mean the difference between staying online and losing their connections this July

http://www.dcwg.org/detect/

I've been using Windows ever since I was 4 years old, and when the first preview came out with no start menu, all I was doing was using the Windows key to get to the 'Start' area because I didn't even know what was going on for the first 5 minutes. Plus that animation takes up time for the hovering... Looks nice, but i'd rather it just be right there.

I don't like the Metro apps to be honest, they stay open and pinned in that oddly oriented tileview, not to mention by default being fullscreen (how do you multitask like that without minimizing and opening the other app?). Personally if I had a Windows Phone, Windows 8 would be perfect, but being a desktop computer enthusiast, uh-uh... That's what i've always been saying too. I've tried to accustom myself to the feel of Windows 8 but it's not working for me.

Maybe if I was in a situation where I had to present business powerpoints and slideshows, then Windows 8 would be good as well. But it's definitely not suited for me when I have a mouse and keyboard.

With SO many previews though, and not even an official 'beta' out though, i'm starting to wonder what they are doing here? Some kind of marketing technique, or are they wanting the most out of user feedback because they really don't know the outcome of something so new and diverse from previous Windows NT family versions? After some time, i'm hearing that an upgrade from Windows 7 should only cost $15?

Something is not right, i'm thinking they are starting to realize the value and possible ideal purposes for this Operating System, and it's not too special on it's own, outside of the cool new features within Windows 8 that they are providing... (Those i'm interested in, but when the actual OS doesn't cut it, then it kind of ruins the rest of the features for me, and I have to start thinking, "How do I now try to cheat these features into my Windows 7?" lol)



For what it's worth now though, i'm kind of hoping they completely disregard Metro and go back to Aero by Windows 9, making Windows 8 the ideal Windows Phone OS... Metro had it's chance, but now I personally think it's just a disgrace (as it now holds a representation of what they've done to Windows as of Windows 8...)

Before they keep digging this hole deeper too, I think they should climb up out of it and try not to change their image too much here. Change is good sometimes, but when it's not working you have to know when to pull the plug.

I've heard with Windows 8 Release Preview there's a new DX11 Desktop. Windows 8 development seems to be getting simpler per release preview though... There's a whole package now for Windows Driver Development available for the VS IDE from what i'm seeing. Which makes things a lot easier for what i've been trying to do in Windows 7 before the new IDE's came out with Device Driver development...

I tried this on MSE with it's FileAlignment of 200 bytes... This is fairly interesting.

This is a nice tutorial for the feature here, I haven't seen anything like this before so this is definitely new and unique for me

theHive and sbaeder are correct, I have about zero knowledge in comparison to these guys on WindowsPE, i'm familiar with the BIOS and all that, but nothing like what these guys do, however as a programmer I know there's lots of tools that are built to simply automate a process and make things easier on the end user. You can do practically anything almost, manually, just that automated processes, through some programs make it faster, and easier, especially on the less knowledgeable computer users.

That's the whole aim of programming in some ways... Making things easier, faster, more efficient, more accurate, etc...

Thanks, I appreciate this, I guess it's time to get to my research.

I'll look into this here, and joakim I also ready about USN through StCroixSkipper's blogs
If was also fairly interesting for me

Would you happen to know how it would be possible to enumerate through the Master File Table ($MFT) for directory/file searching purposes? I believe based on what i've read that it's about ~10 times faster than that of most other methods, but my knowledge about $MFT is slim. Lots of people are having issues with scanning based on the MFT records though, and based on certain issues in the code, forced to use less efficient code which would slow down the process to justify using $MFT for searching.

http://www.donationc...php?topic=22695

"StCroixSkipper" seems to be a guy interested in this as well.

I admit to being a little confused though, as a previous post mentioned that the Windows folder was missing when you mounted the drive in Linux. I'm not sure what you have done to make it reappear.

With this, I believe I may have been interpreting the wrong drive as the system drive as previously I took out all the external drives that I could find to narrow down the results with reviewing my options for a list of disks available, YET, further I found out that the system drive wasn't even reading half the time, on and off during reboot to reboot. So I never even seen it before previously. It existed, but I was looking at the wrong drive.

Having no access to the tower because of how secured it is inside of this box filled with many other computer towers, I decided to stray away from that while I took the time to use other troubleshooting methods.

I was seeing DEVICE_NOT_FOUND errors from time to time (Not physically but it was the equivilant of what was returned in HDD diagnostic reports from the bootable utility I was using), and even the install disk wasn't reading the OS sometimes, which leads me to believe that this was just a result of not being able to read the drive, when in the BIOS as well, sometimes it was not getting seen...

It's an IDE drive from what I know. Others are SATA.

Please try and provide as much information as possible. What would really help for example is - how many physical disks/drives are present; number of partitions on each drive; whether files are present and accessible (e.g. can you see/access them from PE or Linux).

I did all this to the best of my knowledge, I had no way to access the drives in the tower without spending time disassembling the whole tower box he has which would have taken quite a while, so I went by what I seen. Although the external drives and any other drive but the main one with the corrupted boot sector are irrelevant in my opinion.

Carrying out commands (e.g. bootrec, using diskpart to change the active partition, etc) on the drive could make it harder to recover files in the long run. Ideally I would try to carry out read only checks/tasks initially.

Lots of these verification/scans/read only checks didn't do me much good as even chkdsk was having a hard time completing with verifying only. The only scan that i've successfully completed by now would be sfc with the verifiy flag set as the others won't complete for some reason (my suspicious which is due to having a corrupted sector; boot sector)

I selected the IDE drive which was confirmed to me as the system drive by word of mouth based on the partition and disk sizes using DISKPART, and selected partition 1 on that drive as active which I believed helped, as somehow this active drive must have been changed to the wrong drive, based on not being able to read the system drive from time to time on certain boot sessions... Probably why this error of not being able to find the boot manager, which was bugging me lol.

I would recommend (if possible) making a sector by sector copy of the disk before carrying out any actions on it - this will ensure that everything is copied - not just accessible files.

Wouldn't it be better to start fresh than to copy a possible corrupted sector of the disk now that I have the main important files recovered?

Just because you can't see it, doesn't mean it's not there. If the disk is mechanically sound then the files will remain on it until overwritten. This is why file recovery programs should always recover files to another physical drive/partition.

I'm already familiar with this as with background programming knowledge I have with the NTFS filesystem. Slowly becoming more independently knowledgeable about the boot routine as well through this experience I never lost any files though, just the corrupted boot sector which is preventing the smooth process of booting the PC up. Winload.exe seems to have trouble loading some programs initially during startup in normal mode last time I seen.

I have known about the information left on the system even with "permanently deleted" files though. It's almost like cached data in some ways which doesn't get overwritten until it needs to be occupied by newer data on the drive.

That's the Windows boot manager - not DOS. The error didn't surprise me as winload.exe wouldn't be there if the Windows folder was missing.

I didn't mention DOS, but referred it as a DOS screen, just what I call the black screens on boot. Command screen, console screens, not a big deal... The Windows folder wasn't missing though, it was always there, but perhaps the entire drive wasn't being seen at some points when this had occurred. Which is essentially the same as having no Windows folder lol.

Great news on the back up. Provided all personal data is backed up I'd personally go for clean (re)installation. That's just my preference though.

This would be my preference too but not too sure about the actual computer user yet. I'd do it, and have it done in ~1 day with it all set up with programs and such, updates and security. Depends on what his perspective is though. And i'll have to double check that all those files are backed up, but he didn't have much other than what was in the %UserProfile% directories... Everything else was on external drives seeing as that the IDE drive he had was ~450GB in size

Still having issues booting in Normal Mode for some reason however... At least i've backed up the files, however i'm still sure he doesn't want to do a system recovery, so i've been avoiding that wherever possible up until now.

I got in using safe mode after repairing the boot sector manually... I figured that I should recover all the files that need recovering over to G: where there's 1TB of space available for me to back things up, and then see what I can do from there so i've now backed up all the possible files that were there. It appears no data loss ocurred.

AVG on uninstall freezes the system up (of course..) so that WILL go one way or another. It seems to be the culprit here as this never happened until I tried uninstalling it in the first place.

Pure evidence as to why you should never install AVG, and to why BSOD analysts including myself suggest to remove it. Only now I have personal experience to confirm what i've been trying to tell others. I wanted MSE on this computer.

Edit: Analyzed the winload.exe file using System File Checker and found no integrity violations with that file, it seems to be fine, just need to see how this computer boots in normal mode now after I do a couple more things. Updated the graphics driver based on a few BSOD's I found in the dumps folder which I scanned (months previous from now, but probably still a bit relevant to this current issue) and found that some were related to the graphics driver. I used driverquery and found that the driver was dated from 2009 and realized that there was a newer version released from Nvidia from 2012.

Uninstalled AVG in safe mode with a removal tool, and now i'm running chkdsk and system file checker to see if there's any other files that might need fixing based on the originals from the hash comparison used in that tool.

Temps seem fine, but ran a HDD test (Drive Fitness) and came out with dispositional code of 0x70 which means that there's a "corrupted sector" on the drive, probably the boot sector...

Alright, something new finally, after a few attempts, I selected the proper partition and marked as active from what I know. Booted up OEM repair/install disk and ran the automatic repairs.

I thought I HAD it, I got to the loading bar with the on startup, then a BSOD hit me, it automatically restarted and upon restart I get a dos screen with the title: "Windows Boot Manager"

-File: winload.exe
-Status: 0xc000000e

And something about winload.exe being missing or corrupt.

I got in on another computer. It's what i've been using the whole time to communicate back and forth on this thread, but still never fixed the issue on the troublesome machine.

Additional: @Misty - I tried the BCDBOOT command as well too, and it wasn't recognized in Vista for me when I tried it, I don't think it's available for Vista. But that just means i'm the unlucky one here, haha.

Perhaps the ATTRIB -h -s command will work if I open the repair command line then? I'll see what is available. This is frustrating though, i'd expected to solve this for my dad in ~1 hour, and the complete unexpected happened. I can't give up now.

I need to confirm with him which is the OS drive partition... Just to make sure that it's even being recognized, as I see a "Data" and "Music" partition right now, and based on what I seen in Linux, even with as little knowledge I have about Linux, it didn't appear to look like the root structure of a system drive partition. I couldn't find a "Windows" directory, and based on my past experience with having to view drives in Linux, I can't remember if this is normal or not. I would take a guess as to no though. So maybe the actual drive already failed and these are other drives he has which are internal drives? I hadn't even opened the tower yet as it's embedded in a larger tower with many other computers, so my workspace is frustrating too to deal with. I'll do that later, possibly tomorrow to see what we have, as you say I also would need in there to check the core temp of the drives for a physical touch test.

I tried DISKPART to select and place the active partition as the only partition on the "Data" drive, but no avail, still "Missing BootMgr" error.

Next:
- Check temps
- Check existence of bootmgr

This is really really frustrating however, as for me, it's disappointment put on myself whether it's my fault or not, it's just who I am. If it is just a disk failure then it just had to happen at the point in time when I was trying to "fix" a computer lol. I've never seen a BSOD while running System File Checker, in my life!

I think he must have had the auto-restart method enabled in the system options and the default full kernel dump selected, but as I couldn't find any memory.dmp in the filesystem layout (which is what I was hoping to find) I can't analyze the crash dump on my own computer here.

Really left in the dark with this one, I have no idea.

Again, RoyM, and Misty, you have no idea how much I appreciate your time here. It does mean a lot. I'll come back with any updates.

(Edit: This was my reply that I didn't send yesterday but i'll get to working on what there is in the last post by you Misty and see if it works)

Cheers

@RoyM - I was wondering though, why didn't any of the commands above work when I booted up the vista install disk for it's repair options? And for the bootrec /rebuildbcd option it couldn't even find the Vista OS, as it returned "Total Windows installations found: 0" after running this command?

How do I get this command to recognize the Vista OS present on the disk?

I took a look at the file's using a live cd of Linux Mint 11, and I don't know what they had on the hard drive, but I know that hardly any or none of those files that I know where on the desktop when I was able to access this Vista OS, are visible on the disk when I view it in Linux, which is scary. Perhaps i'm just looking in the wrong location, but I sure hope I am.


@Misty - Firstly thank you guys for your replies... I really, need to get this back and working again, no exceptions, as I don't want any of the blame regardless of a hard disk failure for loosing those files that I know are very important.

"Also check to see which partition is active, and check for the existance of the (hidden, system) file bootmgr." Would you suggest DISKPART command for this? If I can recall correctly... But I haven't used these commands in some time. Where would you look for the existance of the bootmgr file? I'm kind of running up and down stairs as the computer downstairs doesn't have internet access and my own desktop does. Just trying to get as much info as I can.

I have no idea what happened though, I was just in the process of uninstalling AVG, and running SFC, and out of no where things got slow, and then a BSOD hit me, and when on reboot I got this error.

I have hardly much knowledge with hardware or Windows booting though, so this is where I fall short sadly. I don't have any experience with PE or how to boot/make a PE disk.

I'll look into bootmgr though and see how I can get a copy of one that will work for Vista (x64).

Edit: Alright, all I see in the "System Volume Information" folder while browsing the drive with Linux is the "tracking.log" file... This is really disappointing. I'm having so many problems lately, and just can't keep up with them all. Hopefully something works for me if I just keep at it. I don't see how I could have lost everything just from doing nothing else but running SFC and uninstalling AVG. These files should be somewhere. I'm not a Linux expert though.

Hopefully someone has an idea to help me with this

I figured if anyone could solve this issue, it would have to be a member from Reboot as this is the community's main focus; Windows Booting So i'll post this here.


I'm fixing my parent's computer as they told me it was starting to run a bit slow, so when I got it I noticed he had AVG on there (Free version).

Here's what I was going to do:
[ ]- Replace AVG with MSE
[ ]- Check defrag percentage and do a full defrag if needed
[x]- Clear out temp files
[x]- Reduce startup programs
[ ]- Download and Run CCleaner
[ ]- Run SFC /ScanNow
[x]- Disable a few of the Visual Effects


But After I cleared out the temp files, and turned off some visual effects, and disabled some startup programs, I went ahead to uninstall AVG and started running SFC (System File Checker)

SFC got to about 85% verification when all of a sudden boom! BSOD for a split second, and crash which caused the computer to reboot. But while it was starting up I got a friendly message:

BootMgr is missing Press Ctrl + Alt + Del to restart

So I did that, again same message. Then through reading online, i've went through various BIOS options, set CD-Rom device to first boot priority so that I could boot up the Vista Installation disk to do a repair from the options given (This is a Vista x64 Home Premium machine).

I've tried:

bootrec /fixmbr

bootrec /fixboot

And for some reason:

bootrec /rebuildbcd

Always returns to me "0 Windows installations found, Completed successfully" but that's only because it didn't find anything to fix i'm assuming. It doesn't make sense. I've booted up the repair disk about 3 times, and finally Vista shows up on the Windows installation listview btw (that was how many times it took for me to get in). But I pressed the Next option with no OS selected all 3 times until the OS finally decided to show up before I ran through these commands.

It seems the first time I tried, it worked, startup repair found NO PROBLEMS. Then upon booting up that time I thought I had it, but BSOD for ~1 second, then automatic reboot. Now i've gone through that process again, and after those commands, startup repair now says issues exist that it can't fix, and I haven't seen a BSOD since because I can't get past this "BootMgr is missing" screen. After those commands it's gone back to saying that Boot Manager is missing, and they don't seem to have an effect anymore.

Any help on this one? I need to get this fixed, and preferably as soon as possible.

Haha very suiting title!

Does This Even Make Sense?

In my honest opinion, this looks like an OS for a Windows Phone; something like the iPod or iPhone?

For practicality and use of a desktop itself, I don't see this being very favorable by people that use their desktop for anything productive. Developers, Webmasters, etc...

There's just hardly any sense in all the visuals, and drag and drop maneuverability that you have to accustom to if you're a mouse and keyboard desktop user if you're trying to do something fast on your PC while maintaining some level of decent productivity at the same time.

Maybe it's something that takes time to get used to, but for me, it looks like something that isn't suitable for a Desktop OS period (and that's what ~85% of the Windows users are expecting). I can't see myself getting much work done on a computer like this even if apparently I was to figure out how to get past the no Desktop Start Menu "feature". Too many drag and drops in my way of achieving a fast paced level of productivity with my programming.

I think Microsoft tried to make things easier for the end user by reducing it to a minimal OS, with more visual effects, and completely forgotten about practicality here.

There's a few things I like about it, but that start menu being absent, i'm definitely not going to enjoy.

Windows 8 Consumer Preview came out a while ago, and I personally don't like it that much. I thought even the Developer's Preview was a bit better. Now they seem to have taken out the start button as well as the fancy Task manager view even with MetroUI enabled through the registry!

You can also call it anything devil.{ED7BA470-8E54-465E-825C-99712043E01C}
Which makes you wonder.!!!!!
Ever the conspiracy theorist.
The truth is out there.

That just tries to find the location via default web browser, you can type "http://website.com" in the explorer addressbar and get the same effect.

Some people like to keep shortcuts to these GodMode shell locations as well, I knwo some of them in particular that I find a bit useful. I had not known about GodMode until someone had posted it on a forum too, but it was an interesting find for me from what I remember

Good thread

I've never used OpenMeetings or heard of it before, but whatever you guys decide i'm interested in participating. It's something new for sure, and I'm always in for things like this

Yeah, I live in Canada, so if you take peoples preferences which are most likely similar to Wonko's then I doubt that i'll be able to stay here while this conference is going on and be at the conference or anywhere near it at the same time lol!

Perhaps there could be some kind of an online integration as well though for the people that can't participate? They can see the event going on, and contribute to a distant participation in this event from their computer?

I'm looking forward to this Conferences are something new to me until this year where I have quite a few. I think you could reach to more of the community if this was through an online session. You'd need a good platform that allows for the best way of the most personal communication though to feel like you're in a real conference where people can collaborate in a session of learning, sharing, and providing support to contributions and ideas.

I haven't used it yet, but there's Office Live Meeting, and that's about the most professional one I know of after IRC and things like MSN, which aren't really great and professional ways of communication.

PM'ed you my email ID on Tech.Reboot

I'll do some testing tonight for you Joakim, and report back with all the tests i've done. I'll set up a specific environment to do so, and i'll do tests with various filetypes, filesizes, folders with different sub items (contributing to the overall foder content filesize), etc...

I'm experienced with debugging, I spend hours debugging and testing my own applications, and sometimes it helps me come out with new knowledge and new inventions

I may be able to get involved in this, We'll see, i'm getting a new job possibly so hopefully he doesn't phone and ask me in for the interview tomorrow. But otherwise i'm available, nothing else planned as far as I know.

Sounds like a good update joakim

I can do some testing on a USB key, but I also run Windows 7 x64 as mentioned in your testing.

KoBE's getting into Powershell? Pretty awesome

Also, that KillExplorer script is extended lol, there's a one liner variation of doing all of that, but I guess I just wanted to get carried away with it !

No idea, I'm not sure about MCP's only MVP's roles. They must have had different guidelines though, as MVP, even though it was not always this way since a few years back, you are required to be at least the age of 18. Still pretty gifted child to achieve such a thing at the age of 9.

Okay, I tried using the "Like This" button on your post now that i'm using IE, but still no avail haha. I've had the message "You have reached your quota of positive votes for the day" for the last month or so, and not voted someone up yet once because I have had this message pop up for a long time. Can't like posts, but oh well, not a big deal I can thank people in text

I've made a note of this for next time though!

Alright, I will remember that for next time, my apologies Holmes.Sherlock...

I'm still taking an attempt to figure this out, I haven't looked at the challenge though for some time, congratulations pscEx!

I know Holmes.Sherlock I found this thread thanks to you as well!

This is terrible news, but I respect you sharing this with me holmes.sherlock!

Poor girl, I acknoledge her for being able to achieve what she did. On the good news I am officially now a Microsoft MVP, but i'm not going to turn this into an appraisal thread for myself here.

R.I.P Afra Karim Randhawa...

As far as i've heard it's been a success overall as well, SOPA had currently 3 representatives step down from their support on the bill I believe? PIPA is the only one left to take down

I'll accept someone who can reverse engineer the program to produce the output which is shown when the correct key is inserted or someone who finds the actual key.

NUTCracker Challenge #25

I was told to share this challenge here so i'm not sure how I would set it up, but maybe holmes.sherlock will edit this for me or someone.

I will repost what has been posted on TLF:

(I hope Peter won't mind me quoting him. He mentioned this on Tech.Reboot.Pro)

Maybe the solution template can be enhanced to not only check for the final result, but also for correct steps on the way to the result.

Today I tried to solve one challenge.

After a while I found a result and wrote it into the template. I got the friendly "Try again".

But this result was correct on the way to the final result. It was needed in the second step.
The second step also brought a result "try again".
Currently I'm trying to solve the third step.

IMHO the standard user does not continue with a "Try again" as input for the next step.

Maybe here the portal tells him "You are on the way, but you do not have the final solution yet"

Peter

Hmm, I think that would be interesting to have, but the one problem I see with that, is that there may be more than one road to solving a problem, and any non-tracked methods that show up as "wrong" may discourage that user from following that path, even if they are on the road to solving it. So that's one issue I can see with that.

HOWEVER, this did give me another thought:

To have each challenge display the method on HOW to solve the challenge for users that have successfully completed he challenge. That way they can follow along and see if they did it the way that the uploader has provided as a method of solving the challenge, and it may give them further knowledge in any event on how the challenge works. It's a learning process for me. I take these challenges not as challenges, but as something new to learn. I never ever took them as a competition. Just something to improve my personal knowledge as I think that is my greatest hobby in my continuation to learn about computers and always has been ever since I was 8 or 9 years old. 20 years later now, and still trying to learn more.

Maybe these revealed "methods" or "how to solve the challenge step by step" place, which is revealed for every user that solves the challenge can hold more than one method? And can be modified by someone to add more methods on how to solve the challenge even after the challenge is submitted?

(Note: Piling more work on top of this invention for him to work on lol. Sorry KoBE.)

I've been useless for this project so I don't expect anything new to be added, he's only one person, but if I can help, I will. Just need to learn how he has it set up still. Only thing preventing me from doing that though is because of how far he's gotten without my help lol

I also seen the 24 bit - 9x9 pixel bitmap. All of the pixels are #ff7f27, except for one pixel which is #ffaa55 indicated at offset 0x4E. "solve_this.txt" seems to be encrypted AES. I'm reading (LZMA:16 7zAES:19) but what's also interesting is these bytes here:

0x58 0x5C 0x3A

X: is familiar for me. When I had to repair my MBR the location from boot cmd prompt is indicated by X: but i'm not familiar with any windows booting that most of you are familiar with around here.

I see in there a jump to an invalid address I believe from first few minutes of looking at it... Seems to be missing a few parts though.

The file structure of this image is definitely different. Try saving it and see what you can find. It eventually leads you to a website with a domain consisting of just a number for the main part.

More info here: http://tech.reboot.p...ad.php?tid=1532

Edit; Wow... Strange, I think the resulting site is down now. Very odd.

Here's a cached version screenshot of the final destination website:


However, when I viewed the source of that page, for the image, I got this html:

img src="/cicada.jpg" title="Patience is a virtue."

True

It's all configured now though, Nuno Brito is set to his group, and with the display of Team Reboot, and i've set florin's display to the Team Reboot group for him

Nuno Brito was added by the AdminCP to his own special group at first which may be why. I would have to change his settings from the AdminCP but I never edited florin. I think florin just has to set his to the default display for Team Reboot.

I set florin's username to display as Team Reboot. I'll set Nunobrito up as well

Yeah, that must be why KoBE and Holmes.Sherlock appreciate that one a bit more. That's what I was going for is the power or reset button to be more specific.

One thing to note: If either me or KoBE add a user, and that user is added through AdminCP, that user can no longer be demoted from the group by the leader, he/she has to be demoted through the AdminCP the way the user was added. Holmes you should have ability to add anyone you wish though Feel free to add whoever is in the group over there.

Thought this would be an appropriate enough place.





Which one do you think would be better to identify members of the group that would be able to edit/add/submit challenges on Tech.Reboot? Nothing better than asking all of the Reboot members themselves

I already tested, logged in as a test dummy username created through admin cp, Submit Challenges is available to Admin usergroup (includes myself and KoBE on TLF), and the Team Reboot usergroup ID.

That's just my check for input params, so as long as it's not there, it just shows the errors, that's just my simplistic way of dealing with the errors for users that don't understand batch lol, but true it could be reduced down to just the script with the functional loop.

Edit: Basically just this lol...

for %%a in (%*) do (

	if not %%a==%1 (

		fc /b %1 %%a >> "results.txt"

	)

)

careless about @echo off or exit, becuase there's nothing that can interfere once the script has looped through. It'll end regardless.

• Removed "bin_output" dir though so it doesn't have to be created in the case that it doesn't exist.

Ignore the last entry for this test. I was testing to see how it would submit a challenge, but I noticed there's no way to remove a challenge or edit one.

I was watching the development conversations as you two went along in that thread as well. I'm excited to see the progress soon, and hopefully we can share it as an achievement available to all of Reboot

Welcome KoBE lol

@Ace: Maybe the forum has anti-xss measures, or it's based too much on javascript. And, I think it's a good ideea if you use NoScript for firefox.

@Holmes.Sherlock: That is a scanning script for finding vulnerabilities, I gues. It will depend on your bandwidth, as well as free hosting site bandwidth. And it requires to install tor to use a proxy for hiding your real ip. IMHO, I am not capturing your ip's.
From my part, you can try it to see if it discovers another vulnerabilities, but I doubt because the script is old and these are the only ones I found on the Internet.
But in real challenges, I do not think it is good to use automating scripts not knowing what they do, they (should) have automate banning systems, and do not think 0-days flaws where discovered automatically. Advisable would be to see what that script is doing before using it, and making that job manually would be almost impossible in some cases ( I remember the challenge with that space craft ) - space invaders like - enjoyed it very much)

Now, assuming you all know the source, what I need to modify to make it safer? The short answer would be "upgrade to the last version", but I am starting to learn php and would be interesting to see what code produces that output or what code is missing to not produce the desired output.

I always use Firefox lol One of my favorite web browsers.

I created my own fully fledged theme for 3.5 which was compatible with 4, but being that they went into such rapid development I quickly let it become obsolete as now it doesn't work on the newer versions of Firefox they came out with. Also plugins that i've developed for Firefox, but things have changed.

To answer your question though I personally think that some vulnerabilities reside on the server side, which in that case there isn't much you can do. Otherwise I only have gained much knowledge in SQL injection protection from a PHP standpoint. Which doesn't really help in this case because there's no database.

I didn't want to post them earlier because in case anyone else would want to learn it. Here's what I found out though:



haha it really was a bit tricky