Thursday, May 20, 2010

Exclusive PingFu exploit/crack to run it for virtually forever!

The last post was about PingFu and the great speed and flexibility it provides. In fact you can run any sort of software from the humble firefox browser to utorrent with utmost ease. The only problem is that it is not a freeware and provides a trial version for only 3 days. This quick hack will tell you how you can hack PingFu and make it run virtually forever.

Generally commercial softwares keep a tab on the number of days you can use their trial version by putting an entry in the Window's registry which keeps track of installation time etc. But when you uninstall, it does not delete that specific registry entry and during reinstallation it checks and using that registry decides whether the software has been installed in the past or not. Exploiting applications which use this method is pretty easy since that particular registry entry needs to be tracked and then manually modified or deleted.

Unfortunately PingFu uses an advanced mechanism in which it sends the Hard Disk Serial number to its server. This technique is also used by online game servers such as Halo and Counter Strike to ban players.

Actually hard disk serial number is a serial number assigned to the drive whenever a fresh copy of Windows OS is installed. So if PingFu has expired and you want to use it again just format your drive. Obviously formatting is tedious and time consuming, you will also have to backup all your data each time Pingfu expires which is currently 3 days! Therefore I recommend running PingFu on a virtual Windows OS (virtualbox or VMWare are good options) and installing a nifty tool called "Hard Disk Number Changer" (download link is at bottom).

Run it with admin privileges, change the number of the drive in which PingFu is installed , reboot and enter the new (bogus) registration details. Basically PingFu will think that it has been installed on a fresh copy and will allow you to use it for another trial period. It's that simple!


Download Hard Disk Number Changer
Know more about PingFu

Share

Monday, May 17, 2010

Bypass firewalls,proxy servers and unblock sites using PingFu

The earlier article about visiting blocked websites or viewing them anonymously had a few key disadvantages. First of all they can be used to websites only! So applications requiring other protocols such as torrent cannot be run using them. Secondly, dynamic webpages and elements such scripts eg javascripts are stripped off while displaying the webpages. This renders site such as rapidshare useless.php/cgi based proxy servers are helpful but most of them are blocked and the ones which are not are usually extremely slow.

Much more robust methods include use of software which completely encrypt connections of all type of protocols increasing flexibility as now even torrent based software can work. An example of such software is PingFu UDP , links are at the bottom. It is a commercial software and comes with a 3 day trial. After that you will either need to format your computer or use the hack described in the next article. Therefore I would seriously recommend using PingFu only on a virtual OS (use virtual box or VMware). Just install it and register yourself.
On the app screen you should see green light and "connected" as "client status".

To run an application simply click on Application Launcher on the sidebar and click on "Add an Application". It should now appear in "Installed Applications" column. Double clicking on the icon will  launch the application.

Upon running Opera with PingFu here is what whatismyipaddtess had to say :)



The reason for choosing PingFu is that the speed is pretty good and the software is really easy to use and very flexible. The next article will examine how PingFu manages its users and how we can play around with the software and fool it to provide us virtually unlimited number of trial days.

Note that this establishes a vpn to their server allowing you to unblock sites and letting you bypass any school or corporate firewall.

HOMEPAGE PINGFU
DOWNLOAD PINGFU
ALTERNATE DOWNLOAD LINK

Friday, May 14, 2010

Unblock banned or blocked sites using proxy servers

Our institute has installed a hardware and software based packet analyzer provided by Cyberoam which ruthlessly blocks p2p based sites, or sites containing games, spyware, hacking or adult content. There are also times when it blocks harmless,normal sites which is very frustrating.Also it has blocked the famous and even lesser known cgi proxy servers. Usually all institutes and offices install some sort of network analyzer and or blocker to disallow certain websites to prevent misuse. Here I present two ways to view blocked websites or if you want anonymity while browsing.

(Please remember that both allow only basic text and image; scripts are filtered off)

Webinmail is a service by Rediff in which it sends you requested webpages via email! On testing I found it very efficient and fast. Here is what you need to do.

Compose a mail to browse@webinmail.com with the subject as the webpage you need to view. Leave the body of the message empty and send the mail.


Within a few minutes you will receive a stripped down version of the requested page





Go to Rediff Webinmail

Aptivate an NGO working towards international IT development is working on a project called Loband which aims to reduce bandwidth consumption by displaying a "text and image only" version of the site. But it also serves our purpose of surfing web without any restriction.

Free web proxy servers are usually extremely slow and take a lot of time to load the requested webpages but here are two alternatives which almost replicate the functioning of a proxy server but are much faster. The only disadvantage is that dynamic webpages cannot be accessed.

Go to Aptivate's Homepage
Visit Project Loband
Share

Wednesday, May 12, 2010

Analyze network packets using monitoring tool ie Wireshark

Anyone fascinated with computer network and how it has enabled connectivity between remote places throughout the globe must have wondered how it has been made possible. Small bytes of data continually flow through small wires, perhaps even without any wires and soon you have, Wikipedia displaying all the information known to mankind.








When you type www.google.com in your favourite browser, I assume it is Firefox :) , what sort of data is sent? How is it sent? If you want to watch the "data packets" in action what you need is a network analyzer or a network monitor aka sniffer. Network sniffing or packet sniffing is the same so don't be confused if there are other tools to do packet sniffing, because Wireshark does it all.

For a developer this software is pretty handy since it captures live data and shows what kind of data is being sent.

Although sniffers have more useful/evil purposes,(some future article) this article will cover how we can use a software called "Wireshark" to analyze the network data being sent.

The software is available for both windows and unix. The great thing is that it is an open source software, yet is updated regularly. The download links are at the bottom.

If you will be using Windows simply download the setup and install it. Wireshark comes bundled with WinPcap a set of libraries which allows Wireshark to capture packet in real time. During installation their will a prompt suggesting you

"Start WinPcap service "NPF" at startup -"

Allowing npf at startup would enable users without admin privileges to run it.If this bugs you then simply 'untick' the option and install it. The latter option however requires the user to start the NPF service manually by typing the following command in command prompt having admin priviliges each time before running Wireshark

net start npf

The following command stops the service

net stop npf



Ubuntu users need to type in wireshark in the synaptic software manager and let it do the rest. Other linux/unix users need to refer to the official documentation provided on their website. Linux users need to run wireshark as root privileges.


To capture live packets either click on the network interface that you want Wireshark to hook on to or if you're unsure which interface is being used go to options and click on interface. It will open a small windows displaying the number of packets received on each interface. The one having highest number of packets is most probably going to be connected to your local Lan or directly to the internet.


After you have selected the correct interface Wireshark will start displaying all the packets that are being sent or received by your computer.




This was a very basic lowdown on Wireshark perhaps one of the best networking tool.The next article of this series will cover some of its features.

Access many sites without account 

Although this deserves a mere mention I thought I should dedicate a page to it since it serves a very useful purpose and has saved a lot of precious time and inbox with spam. There are two ways to enter a site either you hack through it or you have a legitimate account. Sometimes we come across a site or a newsgroup which has an interesting software or document but we cant download it unless we have an account.



Bugmenot is an initiative whose main aim is to create a dedicated database of usernames and passwords of sites which "force" you to login.

You can also go there and submit username and password of any site which you feel is having unnecessary authentication. As users of the site try out your username and password they will rank it based on whether it was a success or a failure.

the link is www.bugmenot.com

Sunday, May 9, 2010

Mirror a site

Mirroring a site is the act of taking the exact copy of a site, copying them in such a way that even the hieracrchy of the files on the remote server is maintained. Mirroring can be used if you want to have a backup of the directories on your remote server. Sites such as sourceforge.net which experience heavy traffic have "mirrored" links so that users can download from the mirrored links if they are unable to do so from the original website.

Anyone can mirror a site but it has do be done after taking permission from the owner, and is illegal if done without prior permission as it would be a violation copyright

Some servers implement a feature in which if too much of data is being downloaded very quickly, it can block those users.

Also mirroring a site sometimes causes a problem if it contains dynamic elements such as php ,javascripts and other dnamic elements.

The most famous software used is Wget, it was initially made for unix systems but was ported to windows, links are provided:-

For Windows:-

1.Wget command line

2.WinWGet gui

3.VisualWin (gui)

For Linux:-
1.GNU wget


Basic commands to use the wget command line (Windows)

wget -m [site name] Would mirror the site and save it on the local hard drive with the directory name as the site name

wget -r [site name] Would save all the pages and all the links

wget -h show all the options available


I was not able to change the default directory therefore I used the WinWGet gui version, its pretty simple.

Important links:-

1.Wiki on mirroring

ARP packets are not forwarded by Routers

While using a MAC address scanner in my campus, I realized that it was able to show the correct MAC addresses corresponding to the hosts on my local subnet ONLY. For the rest of the hosts outside my subnet, the same MAC address was shown and surprisingly it corresponded to the router connected to our subnet. Why was this happening?

Well I have found the answer to that when I read Richard Stevens' TCP/IP Illustrated Vol-1 a month back. It is an amazing book and explains the concepts very well.

The reason for the anomaly I described above was that MAC addresses are hardware addresses which work at the LINK LAYER of the OSI Model, the MAC scanner simply sends out ARP REQUEST packets for the different ip addresses. Now these ARP REQUESTS are broadcast WITHIN the subnet and the hosts respond to the requests if the destination ipaddress of the request packet matches with theirs. Then that host sends an ARP REPLY packet with the correct MAC ADDRESS. But you may still be wondering why does the local router responds to request packets having the ipaddress not meant for it?

Actually, when the router, through its ROUTING TABLE is always aware which hosts belong to its subnet and which are not(Its more complicated than that). When a host tries to send packet outside its own subnet ,the router realises this and sends its own mac address. A router works at the IP layer, which means that it needs an IP datagram, for forwarding any packet, and since ARP packets work at the link layer, do not have any IP header therefore are never forwarded to the outside networks.

This was written in an ultra-condensed form and reading a book on the TCP/IP suite is a must if you feel this article did not do justice to the topic.

I would recommend

1. TCP/IP Illustrated by Richard Stevens
2.Computer Networks by Tenebaum (I have not read it but i have heard it is very good as well)

Some important links:

1.Wiki on OSI Model

2.Wiki on LINK LAYER

3.Wiki on ARP

4.Richard Stevens' Home Page

5.Computer Network by Tanebaum book review

Saturday, May 8, 2010

Port Forwarding to allow faster torrent downloads

If you are getting absymally low sppeds while dowloading using torrent links then this article may help you out greatly.

The torrent network is based on P2P (peer to peer) technology which means that while you are happily downloading some stuf ,someone else is simultaneously downloading from your already downloaded data. This ensures that maximum speed is achieved. But nowadays users having personal broadband connection have a router which connects them to their ISP. These router come with a prebuilt firewall which filter out incoming packets and only allow packets bound to certain ports.

Usually torrent clients such as utorrent require ports in the range of 5000 and onwards to be "opened" for peers to connect to you but the router does not allow it. While downloading a file in utorrent check whether there is a tick or a cross at the bottom bar of utorrent. If there is no signal present your internet connection is probably not working . A green coloured tick means that utorrent is working perfectly fine otherwise if there is a red cross then you will have to instruct your router to forward all the packets that it is blocking to your computer.


Port forwarding allows you to forward all the packets bound to a certain port or ip address without any hindrance from the router. Obviously to do this you would need full access to your router.

Usuallly all routers have a web server and telnet server running TO access the webserver , open your web browser and enter

192.168.1.1 , (if you get an error you have either entered a worng address or the web server is not running)

Now youll probably be asked for username and password to access the webpage:
The default usernames and passwords are generally in the form of:

admin;password
administrator;password
admin;admin
Once you have access to the web page search for the links such as Port forwarding , Virtual Severs or DMZ HOST or port triggering.

I have a beetel 440bx wireless router at home and port forwarding can be done by using the virtual servers settings.

Select the protocols as TCP&UDP and enter the port that is specified in utorrent settings for both the "Internal port end" and "External port End".

In the "Server IP address " settings enter the IP of the host computer.

Save the settings and reboot the router.


Port triggering is a newer feature in which "outbound" and "inbound" ports are specified. Now as soon as a packet leaves the router from the "outbound" port, it will instantly allow all packets in through the specified "inbound" port to that host which caused the traffic. It is not a very user-friendly technique and causes problems if your application uses a different port each time.


DMZ host basically allows the router to forward all the packets from outside to the specified IP address.

Also remember to assign your computer a static IP address so that you dont have to change settings in the router.

If the settings are entered correctly you will get a nice green tick at the bottom of u torrent

Difference between Webmail and SMTP 

Our college has a Webmail service and an imap server and was wondering the differences between pop3, webmail and smtp. On googling I found that SMTP (Simple Mail Transfer Protocol)is the protocol responsible was sending mails from one domain to the other . eg if I send a mail from a@domain.com to b@domain2.com then smtp is responsible. POP and IMAP are the applications work on the application layer on the OSI layers and have a key difference.

POP(Post Office Protocol) retrieves mails from the server and deletes it off the server and stores the copy in the hard drive whereas IMAP(Internet Message Access Protocol) does not store the mail in the hard drive but displays the mail from the server. So if POP is used the mail be on the users hard drive and thus can be accessed anywhere, whereas IMAP requires a web connection.

Web based email on the other hand is a simple way to access your mails using a web browser. Many of the web based email service providers provide POP and IMAP support including gmail and hotmail.

One can use email clients such as thunderbird or windows mail to access gmail using either pop or imap. I tried on a very nifty software called JBMail which is a lightweight email client. To access your gmail account open JBMail go to the 'Send Settings' tab and enter your email address in the 'Your address' field , in protocol click on the SSL via STARTTLS option(gmail accepts only this option) and in 'Smtp host' field enter 'smtp.gmail.com' , then click on 'SMTPAUTH' (SMTP authentication) and enter your exact gmail account information ie username and password , now go to compose mail from the FILE drop down menu. You can use the POP protocol to access your complete profile but I would recommend using Mozilla Thinderbird. For gmail configuration settings you can go the link provided.

Some important links:

1.Wiki on SMTP

2.Wiki on IMAP

3.Wiki on Web based email services

4.Wiki on POP

5.JBMail Home Page

6.Mozilla Thunderbird Home Page

7.Configure Mozilla Thinderbird to access gmail account using IMAP

8.Differences between IMAP,SMTP,POP

Ultra Compress your Files 

I recently came to know that there are many users on the net who compress files to such an extent that GBS worth of files can be compressed to a few hundred MBS, and this is how they share soft wares and games which demand a lot of space. In fact one of my friend told me that he found GTA IV, requiring more than 10 GB, compressed to around 400 MB!!!!

I tried using WinZip and 7 zip and compressed a 1 GB file at the maximum compression level, unfortunately the results were not quite as expected. I was only able to save around 100 MBs when ultra compression with 7z format.

So I googled around with keywords such as "best compression tool", and "maximum compression" but only found references to Winrar, WinZip and & 7 zip. Finally I found a software worthy of being called an "Ultra compressor". It is called KGB Archiver and links to its homepage are given below.

One thing I found out was that compressing videos and music formats will not be that efficient as compared to normal text files and maybe exe's.

Unique features of KGB archiver:

1.Its free!! :)

2.High compression rates in different formats including zip,7zip, bz2, its own format which is the most efficient, and many more.

3.Easy to use, includes option to vary the level of compression.

4.It is available for both Windows and Linux( Newer versions are not available for Linux though)

But there is a problem which might put you off from using this software. The KGB Archiver requires a very high amount of hardware and the process of compressing and decompressing is extremely slow if high compression levels are used. Decompressing 10-20 MBS of data can easily take a few hours. It is a big resource consumer!

Nevertheless, if you want to store your important data on some remote server, or if the storage is limited, it is worth giving a try.

I discovered another important aspect of compression. You cannot compress an already compressed file. I tried compressing the same archive multiple times but instead of shrinking in size the archive got bigger! On looking up on the net I found that there is a limit till which you can compress a file. It is called the "Shannon limit".

Some important links:
1.KGB Archiver Home-Page

2.Compression Comparison

3.Data Compression theory

4.Practical Application of the Shannon limit

5.Reviews of other compression tools

Reduce IPMSG traffic

In our college a LAN chatting/Messenger application called IPMESSENGER is pretty famous. It not only provides chatting and instant messaging facility but also supports file transfer.
It uses the UDP protocol for the the messaging and TCP for the file transfers.

Some of its unique features include:
1.It is very compact(a few KBs)
2.Does not require a server, unlike some other software.
3.Includes file transfers
4.Even though UDP(and therefore unreliable) is used, the application layer implements the TCP like features and if the message sent is not acknowledged, the software will give an error!

But there is a small problem, especially in our college where the administrator cap the bandwidth due to which the browsing does become very slow, and therefore it becomes important that we use as little bandwidth as possible and do not cause heavy traffic.

The IPmsg seems to use the Blowfish and RSA encryption which can cause the data size of simple udp datagram to increase ten-fold. On running it at my home computer a 39-bytes of data(without encryption), which contained a simple message "hi" converted to 339 bytes after encryption. On our campus the average number of students using the ipmessenger application is 250, that would mean a lot of useless traffic.

The application does not directly provide an option to turn off encryption, so you would have to do some work yourself by manually editing the registry.

a)Open regedit.
b)Go to HKEY_CURRENT_USER\Software\HSTools\IPMsgEng
c)Click on IPMsgEng on the left pane and on the right pane search for the key "EncryptNum", the default value should be 14, change that to 0.
d)Close the application and restart the computer to make sure that the registry changes have take effect.


Some important links:

1.IPmessenger home website
2.Wiki on encryption