Wednesday, August 21, 2013

Facebook founder Zuckerberg hacked to highlight bug

Facebook founder Zuckerberg hacked to highlight bug

By Joe Miller BBC News
A screenshot of the message left on Mark Zuckerberg's wall
A Palestinian programmer has highlighted a flaw in Facebook's security system by posting a message on Mark Zuckerberg's private page.
Khalil Shreateh used a vulnerability he discovered to hack the account of the Facebook founder and raise the alarm.
Mr Shreateh said he had tried to use Facebook's White Hat scheme, which offers a monetary reward for reporting vulnerabilities, but had been ignored.
Facebook said it had fixed the fault but would not be paying Mr Shreateh.
Mr Shreateh found a security breach that allowed Facebook users to post messages on the private "walls" of people who had not approved them as "friends", overriding the site's privacy features.
'Not a bug'
He wrote to Facebook's White Hat team to warn them of the glitch, providing basic details of his discovery.
After a short exchange with the team, Mr Shreateh received an email saying: "I am sorry this is not a bug".
Following this rebuttal, Mr Shreateh exploited the bug to post a message on Mr Zuckerberg's page.
In the post, Mr Shreateh, whose first language is Arabic, said he was "sorry for breaking your privacy and post to your wall" but that he had "no other choice" after being ignored by Facebook's security team.
An engineer on Facebook's security team, Matt Jones, posted a public explanation saying that although Mr Shreateh's original email should have been followed up, the way he had reported the bug had violated the site's "responsible disclosure policy".
He added that as Mr Shreateh had highlighted the bug "using the accounts of real people without their permission", he would not qualify for a payout.

Thursday, August 8, 2013

PHP display images in a directory

    if (!isset($_POST["id"])) {
        $id = 0;       
    } else {
        $id = $_POST["id"];

    $lines = file("img.txt", FILE_IGNORE_NEW_LINES);
    echo "<br /><br /><center><img src='$lines[$id]'/><br /></center>";

echo '<form action="get_image.php" method="post">';
echo '<center>';
echo "id: <input type=\"text\" name=\"id\" value=\"$id\"><br />";
echo '<input type="submit">';
echo '</center>';
echo '</form>';

File img.txt:

Tuesday, August 6, 2013

BASH Shell Color



BASH Shell: Change The Color of My Shell Prompt Under Linux or UNIX

by  on OCTOBER 6, 2006 · 50 COMMENTS· LAST UPDATED MARCH 6, 2013
How do I change the color of my shell prompt under Linux or Unix operating systems?

You can change the color of your shell prompt to impress your friend or to make your own life quite easy while working at the command prompt. BASH shell is the default under Linux and Apple OS X. Your current prompt setting is stored in a shell variable called PS1. There are other variables too, like PS2, PS3 and PS4.
Tutorial details
DifficultyEasy (rss)
Root privilegesNo
Estimated completion timeN/A

Bash displays the primary prompt PS1 when it is ready to read a command, and the secondary prompt PS2 when it needs more input to complete a command. Bash allows these prompt strings to be customized by inserting a number of backslash-escaped special characters.

Task: Display current BASH prompt (PS1)

Use the echo command to display current BASH prompt:
$ echo $PS1
Sample outputs:
[\\u@\h \\W]\\$
Here is another output from my Debian based system:
$ echo $PS1
Sample outputs:
\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\u@\h:\w\$
By default the command prompt is set to [\u@\h \W]\$. The backslash-escaped special characters are decoded as follows:
  • \u: Display the current username .
  • \h: Display the hostname
  • \W: Print the base of current working directory.
  • \$: Display # (indicates root user) if the effective UID is 0, otherwise display a $.

Task: Modify current BASH prompt

Use the export command to setup a new shell prompt:
$ export PS1="[\\u@\\H \\W \\@]\\$"
Sample outputs:
Fig.01: New prompt in action
Fig.01: New prompt in action

  • \H: Display FQDN hostname.
  • \@: Display current time in 12-hour am/pm format

Task: Add colors to the prompt

To add colors to the shell prompt use the following export command syntax:
'\e[x;ym $PS1 \e[m'
  • \e[ : Start color scheme.
  • x;y : Color pair to use (x;y)
  • $PS1 : Your shell prompt variable.
  • \e[m : Stop color scheme.
To set a red color prompt, type the following command:
$ export PS1="\e[0;31m[\u@\h \W]\$ \e[m "
Sample outputs:
Fig.02: Adding the colors to the prompt
Fig.02: Adding the colors to the prompt

A list of color codes

Note: You need to replace digit 0 with 1 to get light color version.

Task: How do I make the prompt setting permanent?

Your new shell prompt setting set by $PS1 is temporary i.e. when you logout setting will be lost. To have it set every time you login to your workstation add above export command to your $HOME/.bash_profile file or $HOME/.bashrc file.
$ cd
$ vi .bash_profile

$ vi $HOME/.bashrc
Append the following line:
export PS1="\e[0;31m[\u@\h \W]\$ \e[m"
Save and close the file.

Say hello to tput command

You can also use tput command to set terminal and modify the prompt settings. For example, to display RED color prompt using a tput:
export PS1="\[$(tput setaf 1)\]\u@\h:\w $ \[$(tput sgr0)\]"

A list of handy tput command line options

  • tput bold - Bold effect
  • tput rev - Display inverse colors
  • tput sgr0 - Reset everything
  • tput setaf {CODE}- Set foreground color, see color {CODE} table below for more information.
  • tput setab {CODE}- Set background color, see color {CODE} table below for more information.

Various color codes for the tput command

Color {code}Color