Monday, 3 December 2012

Please Encrypt My Password: A request

So its a story,
Once upon a time or lets say A Few Months back this interesting thing happened.
I was studying Computers at this college whose name is not that important.
The college has a policy of maintaining student records using a Web-Based management System. The system maintains records for students. Students need to register for courses through this system. Near the end of semester, students have to take printouts of admit cards through this system to write exams. So this S#!T happened just around exam time of that semester. People were busy issuing print command for admit cards. The semester has not been that good or lets say I'd been so busy that semester that I just forgot the password I set for my account on that Student Record Management System.
I as a Good and a bit paranoid Internet User keeps changing the passwords on different websites and uses Different unrelated Passwords on different Websites. So frequently changed the password of that System too. It does not happen occasionally but it happened that day. I simply had no clue about the password I set for the system. After my brain denied any relevant information, I had no other way than to reset my password. The system doesn't have any instruction as to how to get the password reset. There was this friend of mine sitting next to me ordering printout  for his hall-ticket. I called him(lets say his name was John), "Hey John, How to get password for this S#!77Y system reset?" He replied, "Dude, the system is run by college administration. Beginning of the semester, while registering for the courses, Ron too forgot the password. He had to go to the admin building of college to get his password."
I said, "Ohk! But there could have been easier ways to resolve these kind of issues. Those bunch of admins could have used the trivial techniques of resetting the password like those ques-ans based or emailing it to college email or some other similar method." Cursing the admin, I left the computer room,  took my bike and moved from computer center to Admin building.Yeah, the college I was attending is a bit huge. The distance was around 400 metres. So I used my bike.

A bit about the Member information System, the college used:
The MIS (member information system) used by college is a product using Microsoft's Technology. The system was implemented using dot-net and ASP pages. Dedicated servers are present for hosting the system within the college.

So I reached the admin building, parked my bike and went upstairs to the computer support room. There was this guy, whom I didn't like a lot at first. I asked him, " Sir, I lost my MIS password. What is the procedure to get the password reset?"  He was busy trying to align a page right for printing on the Microsoft word. Looking at me, He asked for my College Student Card. I handed my I-card to him. He looked at the card, then towards me.
He went back to the screen he was working on, Minimized the screen, On his Microsoft XP Desktop, he clicked on this application. A window appeared.
Just looking at the crappiness of the app-window,  I figured out, The application was a trivial visual basic app written by a n00b  who just started learning VB. Ok that VB app window had a text field and a big submit button to fill the space and at the top corner, an empty place.
I knew that he was going to reset my password using that not to great application. I stood there looking what he did.
He looked at my I-card, I handed him earlier and entered the Unique Roll Number from that card in the text Field.The page started loading.
(It didn't take that much time but I am moving in slow motion here because an interesting thing is about to happen.)
Ok so the page started loading, the empty top corner started getting filled with the image which I already knew will display my picture, the college took in the freshman year. But there was this "line of Text"  which had already loaded on the screen and I din't notice because I was not anticipating it to appear. As soon as the page loaded completely, I was astonished to see what the "line of Text" said:

"Password for your account is admin12345"

Dammit, They created an application for showing me my Old Password. What the heck is it!!!  (Obviously I din't set my password to be trivial admin12345 or god or similar). I now knew what password I set previously,
But Hey Douchebag,
1) You are not supposed to keep my password or of any other user in Plain Text.
2) Are you proud of the thing you did there! You created the crappy application for showing me that you don't save passwords in encrypted form.

I mean, reputed websites suffering from "Not Saving passwords in Encrypted form Syndrome", atleast don't claim to have saved my password in plain text. Bad People only do this good Deed of defacing them by throwing my Information on the Internet. #IronyAndPunIntended.

Trying to Recover from the horror I just saw, I took my bike and headed back to computer center, Obviously, I didn't enlighten him by telling above things on face. I really don't like getting into any argument with foolish people.

Getting back to the computer center, I moved to the same place I was working earlier. John was sitting there with printout of his exam admit card. He asked me, "Didya' get the password." I told, "Yeah, I just got back the Old Password I had set for MIS". He said, "Good For You, get the fsckin printout, and lets leave the place." I reiterated what I said, " The Bastard stored my password in plain text form and just told me that password."
John says, " What did you think when I told you that Ron had to go to the admin building of college to get his password.? They gave him His Password back.. Got it!  I know its big deal for you to have bad decisions for storing user data... but its college issue dude. Don't try to change things.. Let it pass.." I replied, " Yeah, but Atleast they should tell us that don't give us your precious information, We are not going to take care of it."  Babbling,  I just got into the system using my OldPassword and ordered printout I had to take, Changed my password from that secure to a bit less secure one because I didn't want bunch of losers @admin to know the level of security I maintain for my data. We moved back to lets say, Juice Center and had drink and that's it. Done for the day..


Another day after that bad day.

College wifi was not working this day. So I went to the computer center for collecting some data I kept on the Intranet. There was this girl. Yeah, there is a girl in this story too. :)
So I met this girl from my class named Tina (Lets say her name is Tina).. She asked what I was here for. I told her, " to get some stuff done"... And  moved to the computer seat next to her.
One more thing, Tina is sort of head of some group which I don't care about... She is one of the people from students who have to meet Admin people every month for Student-Admin meeting supposedly for benefit of students, for keeping problems and other stuff which could help students, you know those meetings which are just a formality to be followed every month..
So she asked me if I had something to put in the admin meeting next month. I said, Yeah the password should be stored in the encrypted form, md5 or sha or something which computer support people could handle...
She said, "Nah! its not something which we should put in these meetings. You know Its trivial matter. You can ask me for Internet connectivity in my room or similar issues to get resolved." I said, "It does not seem that you care about my problem. So, how about allowing git protocol for pulling changes from Open source repositories on Collge wifi. I have been using git over https but it would good if I could do it using git port.." She suggested me to discuss it with the Computer Support people and the people who are regulating Internet connectivity in the college campus.

I am not going to discuss the issue with the people who have a vb app to display my password. Or wait, I could use the dumb people for... Nah, that would make me a bad hacker....
Then Tina told me, "Its not a big deal to secure the password on MIS... I din't even change the default password.
College give us the password of the form #username#YearofJoining eg. for john the default password could be john2011..
Lets say for Tina, it was "tina2011"

She left the computer center after that. I just logged into her MIS account using username: tina and password: tina2011 successfully. There it was, all information at your expense. My tiny brain could not think of any valid reason to not change the default password..
Tina is a great girl. I didn't want her to harm in any way. But there I was.. I had to do it anyway.
Thoughts running in my mind: There is a account which don't belong to me but I can access it. What would happen if I changed the password and this girl had to get it the way I got it back. Bang! I am evil... Hahaha.. (Ok Haha was not any part of that thought :) )

So I did the exact thing my tiny brain told me to do. I changed the password to lets say one of "FsckYouAdmin" or "AdminSucks". That's it. This is all I did. I am not happy for what I did. But I did it.

Next Semester starts:

We had to register for the course which we wanted to take that semester.  I did it using the MIS and the not-so-secure password I set after knowing that Admin don't care about my data.
The next day after the Advanced-Algorithms class, Tina came to me and said, "You know, We have got the passwords to be stored as md5checksum and now as the passwords are not known to anyone we have to reset it via college mail and college mail password reset is via some office in admin building but the guy will not show you your old password. He will reset it to something trivial and tell you that word. You can change it later when you log in. But you know I am really upset with you. You are happy now, aren't You!.
You moron, You know how embarrassed I was when the guy at computersuport office showed me the password "FsckYouAdmin" (or "AdminSucks") and asked me not to use the words like these.. I am a post bearer from students and he knew about that. So no actions were taken but who knows, there is a possibility that action could have been taken against me or any other with those kind of passwords. After all, when the power is with people with not so many perspectives or ideas, anything is possible."

I totally understood what she meant when she said, "Anything is possible with the current college admin".
I don't feel that guilty about what I did with Tina. Hey, I just changed the password. She should have changed it anyways. The MIS store details about home address, Parents' information and other things too. Its not a bad idea to change the default password anyway.


Moral of the story:
1) Take care of Users' data. Users are the most important assets anywhere.
2) Passwords are the words which nobody should know except user who generated it. Its duty of the admin to protect it for the users.
3) I don't attend a great college. The college has just a big name. and reputation but I am not satisfied by whats happening here. My friends says, You r gonna' see worse things once you leave the college, I don't agree.

Note: I don't claim all the information is correct  in this essay (or story or whatever). But I guarantee that its is inspired by what is happening around. Bad guys are throwing the secret passwords stored by websites maintained by Worse people in plaintext form on the Internet with what-so-ever intentions.
The companies which don't respect Users' data and privacy are not good things on this earth.
I would love to kick the Job at a company of this kind for the one which does understand users' value better.

Saturday, 14 July 2012

Fiddle with Binary Files

I know I promised myself to blog regularly... But the thing is: The solution to the problems I could imagine are already available on the vast Internet (Dude, If Internet wasn't here, I can't even imagine the scenario).. So Moral of the story is: I don't like to write about something which is available on the first page search results of any search engine available out there.
Moving on the topic I was thinking to write about someday.. Today is the Day.. :) Lets start.

NOTE: While reading the following, avoid the text in parenthesis.. It makes grasping the text difficult for some people, it seems.
The average programmer around you is a worker who would write code for the artificial problems available on the websites or asked by the employers to write... And The day ends for them. They use the compilers and interpreters to  Solve the problem. Created binaries and run.. If its working.. Story over. Lets go to bed.
For me too, the day goes like this now-a-days. But you see I work at Night too. So I started some experiments.. As you already know I would love to be able to understand binary files and hack them as I see fit.. This post is the funny(supposed to be) introduction where I try to look into binary files.. Here no theories is being provided for static binaries, dynamic binaries etc. (Static binaries are complete in themselves binary which do not depend on the library provided by the operating system to execute. whereas dynamic binaries use the other libraries to be able to execute). The binary file used in linux machines have elf format. i.e. Executable and linkable format...  The file is composed for various headers, sections and lot of other things, which in general is not supposed to be known for an average programmer. We don't need the details here either...

As its a well known truth that: In Linux, Everything is A File.  (Exceptions are there, which I don't care about, but if you don't believe in this fact. -> You don't care to learn un*x machines..  I don't care about you moron then.)
Now that you'll always keep this fact in your conscience, read on further...

So in linux (we are not bothering about other un*x systems here), You can modify the file and try to make it work a bit differently. You can't mess with the functionality of the binary files (Its what I believe but it can be b*llsh*t too) but you can most probably always tweak the appearance a bit...  Which is essentially what I am gonna' demonstrate here....

Moving a bit in different direction, I also like the games which I can play in terminal emulators.. The games you wanna' try are ninvaders, moon-buggy, packman for console..  These are few of my favorites.  `fortune | cowsay` is  a nice fun command if you have those two installed on your machine.  I would like you to love these games too (atleast pretend that you love them for the sake of this post).. Ok, atleast install ninvaders and play a bit with it. It'd be fun I promise..

Supposing that you have the ninvaders installed on your linux system, start the game. . Its a game where you are at the bottom of the game window represented by /-^-\  and you have to shoot the aliens coming down with the bullets which are represented by '!'. That's right, /-^-\  is the player's sprite and the character ! is used as bullets in the game..  You shoot with the spacebar ( or k if you're a vim guy). Move with arrow keys (or with h and l, if you're a vim guy).. 

Sorry for this incomplete post. Will complete it as soon as possible.

To be continued....  :)

Thursday, 10 May 2012

Regular blogging Resolution

Ok, Idea is very simple.. Everyday I learn things which I feel, can be relevant for me someday or for someone else doing a web search about that thing. So I have decided to blog on a daily basis.
Algorithm: Start:
1) Do what you want for the whole day till evening;
2) At night, when you start feeling sleepy, wash your face;
3) Throw water at your face: till you come up with *something* to post about; //Sounds funny, once you start you'd know ;)
4) Sit in front of mighty machine. Type for sometime about *The Thing* you came up about;
5) Keep typing: until you're satisfied with it;
6) END

Implement this algorithm starting tomorrow.. You have 30 hours to think about optimizations and other stuff for the above crude algo. Lets see What can I do about it..

Monday, 23 April 2012

And I lost it

After so much enthusiasm and effort, I lost it.. Unhappy and Frustrated but you see it happens... Life just goes... Fsck you B****h! Lets leave it short as I have to write a three hour exam in less than 6 hours... Good Bye People...

Sunday, 22 April 2012

Melange Bug -A reaction

Here comes the Bug in Gsoc 2012 Melange Website: 
The students are waiting for the results anxiously and what hits their email clients, A mail from google melange saying:


Thank you for applying to Google Summer of Code 2012
no-reply@google-melange.appspotmail.com via m3kw2wvrgufz5godrsrytgd7.apphosting.bounces.google.com 
11:27 PM (23 hours ago)

to me
None
 What does a  student conclude from a mail like the above one.
For me it goes like this:
1) The mail has subject: Thank you for applying to Google Summer of Code 2012. 
It translates for me: You lost it dude this time. Try again next time.
Some will say, Seriously, you are so negative.. How far would you go in life, dear. My reply: Yeah, yeah easy for you to say.. We are talking about The Google here... Huh! The company which is believed to have a bug-free product launches, in general. Small glitches such as font and Css settings are considered as small bugs in this reference.. Other hint for me, The message body contains just "None". What's that!! Some hint about the database being used by google for storing data about it.. Yes, its part of social engineering.. There are a number of Dbms which has the default value None for the text fields... This information, if nothing else, it does tell me the mail is because of a bug and may or may not be legitimate.. But the subject is what makes me feel suspicious about.. It still says the annoying thing, Thanks for applying *blah*blah* stuff.. 
I hear that the students are getting mails telling them they've been selected for 1, 2 or three proposals submitted by them.. 
So there you are.. Let me predict what went wrong there.... 


This is what happened, according to me: The people for whom none of the proposals got selected this year before deduplication process got the same mail which I got. Bad news, but I don't control everything in this world, yet.. :||  The people with one or more proposals selected before deduplication process, got the positive mail quoting the projects which got selected for gsoc 2012. Good news for them :) You guys are in.. That's it.. Its just what I think.. Just had to spill it out somewhere.. Not based on any official news or anything. 
I hope I am wrong in speculating it, But I am rarely..
Anyways, lets close this writeup with the mails sent by the coordinators of gsoc who claim that the bug wasn't related in any way to what I wrote about here.. But... Rephrasing one of the great quotes, 
"Its all about code and no magic.." 
Signing off :)





************Gsoc Mailing list snap**************

Send Gsoc mailing list submissions to
       gsoc@public.honeynet.org

To subscribe or unsubscribe via the World Wide Web, visit
       https://public.honeynet.org/mailman/listinfo/gsoc
or, via email, send a message with subject or body 'help' to
       gsoc-request@public.honeynet.org

You can reach the person managing the list at
       gsoc-owner@public.honeynet.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Gsoc digest..."


Today's Topics:

  1. Melange bug = student acceptance confusion (PLEASE READ)
     (David Watson)
  2. Fwd: Erroneous Emails to Students Followup from Google
     (David Watson)


----------------------------------------------------------------------

Message: 1
Date: Thu, 19 Apr 2012 20:08:50 +0100
From: David Watson <david@honeynet.org.uk>
Subject: [Gsoc] Melange bug = student acceptance confusion (PLEASE
       READ)
To: gsoc@public.honeynet.org
Message-ID: <4F9062C2.5040706@honeynet.org.uk>
Content-Type: text/plain; charset=ISO-8859-1

Hi All,

It appears that a bug in the Melange system used in GSoC has caused an
unexpectedly early and incorrect sending acceptance and rejection of
students. This means you may have received a number of emails wrongly
announcing that you have been accepted or rejected for multiple project
proposals (in some cases more than you submitted), and the messages have
blank bodies or confusing content.

PLEASE IGNORE THESE MESSAGES - THEY ARE INCORRECT AND A MISTAKE. DO NOT
BELIEVE THEM OR FOLLOW ANY INSTRUCTIONS/URLS IN THEM

Google are working on a fix and will make a statement soon. In the mean
time, please don't bother emailing Google, Melange, our org admins, each
other, your friends/family/the media/etc as we know there is a problem
;-) Normal service will hopefully be resumed soon, but don't be
surprised if this delays deadlines slightly.

Obviously this is frustrating for everyone, but bugs happen, so please
try not to spam #gsoc about it! ;-)

More info when we have it.

Thanks,

David

--
David Watson
UK Honeynet Project
www.ukhoneynet.org
david@honeynet.org.uk



------------------------------

Message: 2
Date: Thu, 19 Apr 2012 20:45:13 +0100
From: David Watson <david@honeynet.org.uk>
Subject: [Gsoc] Fwd: Erroneous Emails to Students Followup from Google
To: gsoc@public.honeynet.org
Message-ID: <4F906B49.8030004@honeynet.org.uk>
Content-Type: text/plain; charset="iso-8859-1"

Hi All,

More information from Google. In summary, don't panic and try to get
some sleep over the weekend before the excitement on Monday ;-)

Thanks,

David

-------- Original Message --------
Subject:        Erroneous Emails to Students Followup
Date:   Thu, 19 Apr 2012 12:42:39 -0700
From:   Carol Smith <carols@google.com>
Reply-To:       google-summer-of-code-announce+owners@googlegroups.com
To:     Google Summer of Code Announce
<google-summer-of-code-announce@googlegroups.com>



Hi all,

At 10:26am PT today we started receiving reports that students were
getting emails about acceptance or rejection for Google Summer of Code.
Upon further investigation, it appears user error was the root of the
problem. We have reverted all changes in Melange and feel confident that
the status of proposals is correct now. Unfortunately these things
sometimes happen in the software world, and we are very sorry for all
the confusion this morning. We're looking into changes for the future
that will prevent this from happening again.

***Please note that NONE of the emails sent out today have ANY bearing
on final decisions for GSoC this year. Students will be announced at
19:00 UTC on Monday, 23 April.***

I want to call out a special thanks to Lennard, Sverre, and Madhusudan
from the Melange team for responding quickly and effectively to this
situation. They found the root of the problem and reverted all changes
in less than two hours.

Please let me know directly if you have any questions or concerns or
still see any discrepancies on your dashboard.

Thanks,
Carol
--
You received this message because you are subscribed to the Google
Groups "Google Summer of Code Announce" group.
To post to this group, send email to
google-summer-of-code-announce@googlegroups.com.
To unsubscribe from this group, send email to
google-summer-of-code-announce+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-summer-of-code-announce?hl=en.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://public.honeynet.org/mailman/private/gsoc/attachments/20120419/1cf7a42c/attachment-0001.html

------------------------------

_______________________________________________
Gsoc mailing list
Gsoc@public.honeynet.org
https://public.honeynet.org/mailman/listinfo/gsoc


End of Gsoc Digest, Vol 11, Issue 15
************************************
****************Gsoc snap over******************

Friday, 23 March 2012

My Best Nmap experience

My  best experience with Network Mapper.

Its actually based on a real incident that happened during winters, some three and half months ago.
First of all about Nmap: Its one of my favorite open source software. I use open source and free software only because I can't afford to pay for software. n If you think that blah blah non-free software is awesome, I request you to please buy one for me and send it. Then also, I would use it on a test machine (a machine which does not contain anything important to me) because I am not that good with Binary data not created on my machine from source files that I could feel it safe to use on my working machine. You see I don't want Boom! to happen. Enough Good Information. Lets come back to the story of my best experience with Nmap, the Network Mapper.
Nmap, well known as Network Mapper is a tool created initially by the Hacker (A good hacker, obviously Hackers are good) well known as Fyodor (I don't remember real name, I hope Fyodor too doesn't bother about that) in 1997 if I am not wrong. Now its developed across Internet by Fyodor himself and a bunch of  Good people, Hackers. Search Wikipedia or Nmap website for more information. Thats enough History. Lets come back to story.

So by that time, I've been using Nmap for a year or so and became fairly good with its usage, its scripting engine and other good things it comes bundled up with.
That day one of my friends and I argued over something (he still is my friend :) ). The argument was about a silly thing, lets say it was about developing a few pages of text (program code is also text, right!). Lets not go into what that was actually.
So his argument was, 'I can produce those pages of text faster and efficiently than any of our friends including you.' Now that is something I don't like. I mean `Dude, you might be better at doing that. I mean why brag about it and more importantly why are you kinda' insulting me.` I didn't say that but told him that it was no great thing to reproduce an already present efficient version of  that text. I mean 'Life is too short to waste reproducing something that already existed in a remarkable form.' But that A***ole was not ready to come down from that fscking level. So to pull him down, I challenged him that he couldn''t even beat me at this thing, leave our other friends. Its not that I find myself inferior than our friends, Just said that to throw him more down than I could have, if I too bragged about that [Not a good grammatical statement, but I don't care right now].
So I agreed to replicate that few page thing. After saying that, I realized that I would not be able to do that. Its like, You can't win at everything. Some losers are better at something which you don't even care. This was one of those cases.


But as I am really a proud person, Once said, I had to try my best. In this case, I was desperate to beat that dumb-ass. It was a Thursday when that argument happened. The challenge time was fixed. It was during following weekend. I had Thursday and Friday to prepare, if I really wanted. But I was almost sure that whatever I do, he would be able to beat me. He was fscking good at that particular thing. I don't appreciate him for that.


I came back to my place. I was looking into it whether I could do something about this. I knew I could not go for preparing hard for it as it was so worthless that I had not mentioned it clearly here too what it really was. But in a part of my brain, I was really willing to beat him at any cost this one time. Anyways, I started doing some other stuff.

I am responsible for managing a web server with a group of friends. The friend whom I was gonna' beat soon had a webserver of his own to take care about, It is not visible on Internet but its available on the LAN we are connected to. Lets call his webserver "blahblahxyz.com". I started nmap with a few scripts on and started mapping the machine blahblahxyz.com. What flags I used is not much important, but I could find that the guy was not a good network administrator.
Nmap showed a lot of details.
It identified all open ports and stufff. Few open ports were 80, 443, 3306 and few more.

The nmap with NSE located something interesting for me.

It said something like this: There are some interesting locations that you might like. The locations were /images, /mysql, /downloads, /wordpress, /uploads and some others which I don't remember. Who keeps mysql accessible and that too with the name mysql. Dumbass! I read the results and backed it up in a file for perusal. Started doing something else keeping in mind the contents of that file. And then Zen! Why does he has a wordpress web framework installed. There are no links to it on his website. Then, I figured out that he was gonna' integrate the wordpress to support blogging feature on his fscking website.

A million Dollar idea striked me! You need a few pages of text to produce, right!! Why reproduce it when you could use already existing one!
The idea was very simple:
What is Wordpress good for?- Blogging, right! What is a blog? - a webpage with text. How do you access a blog? - using http i.e. our favorite port 80. Where does wordpress store blogs? Is it files uploaded in some upload directory?- Nah, Its not.. Its in a cell of a table of some database. Right! There you got it. Its simple.

Access the web based mysql (phpmyadmin), store the text to be replicated on The challenge day in cell of some already existing blog entry. (Don't create your own entry for obvious reasons).
Simple enough, Right? Nah, Comeon, you are such a loser. How would You access the phpmyadmin. You have to authenticate yourself. You don't have passwords and stuff right? Yeah you are right.... I didn't have, Yet!!
Another hurdle, How to cross it!! Is it worth the effort... Am I going on right path (Not morally right path, It was not about morals, it was about winning). By right, I meant Feasible.
I was not gonna' use Hydra or Nmap itself or any other not suitable tools for this. That'd be illegal, perhaps. So I neither used Hydra nor Nmap nor anything else for doing anything of cracking and stuff.
The day ended. Next Day, the Friday, I went to that Guy with another common friend of ours, just like that. He was doing some php coding n stuff for some part of his website. I am sure, I was not dreaming. He was doing that only and we really visited him. And believe it or not, after some time he closed his scite session and started talking with us. It was friendly. He and the third guy went to the balcony of the floor leaving me just like that or for some reason, may be enquiring the third guy why he brought me along with him or something. He had left the Nautilus opened with the codebase directory, just like that. In a moment, as I knew he was a dumbass administrator, I looked for some file named config or some similar one, n there you go, I found one... What was there, both the username and password of database in a php file in plain text. I mean what the Fsck! Do you really own this server, still, dude? ( I hope this was not illegal or we could have some other description also, if it was)
In a moment I closed the file echoing the name and password in my mind!!! Bam! Done..
I went outside to them and that's it...... My evil job done!
I came back after some time. By evening I was sure about what I would do!!!
I started my machine, got connected to wireless spot. Started browsing website. N there I was, opening blahblahxyz.com/mysql with the name and password which I still felt in cache of my brain. JackPot, If you would say so! Right! The helloworld blog was accessible at blahblahxyz.com/wordpress/hello.html?page=1 (I am not sure about it, but lets say it was)
Opened the file which I was gonna' produce during the challenge. Wordpress stores the blogs in tables, as I mentioned. Wordpress provides a helloworld blog too when you setup the framework, it seems. One more blog with some content was there. Copied the contents, and stored in the first blog as html comment in it because it contained only helloworld text and nothing more.
The Day:
The Saturday morning, we happened to be at computer lab with friends. It was the time. Lets do it now. Although I type quite fast, but I knew I won't be able to beat the Dumbass at his thing. Chose the machines. Machines were already connected to Lan. We opened Editors in our machines. Here is what I did. Started Vim. In insert mode, started typing damn fast, some arbitrary text... with meaningful words unrelated to the text like dumb-ass too. In the meantime after sometime, when nobody was taking care about me, I typed this: <Esc> :!wget blahblahxyz.com/wordpress/hello.html.?page=1 and opened the html file and Bam, Html page returned with the comment ( the huge comment) I inserted. Removed the text outside the comments I injected. A few keys on Vim, Right!! Saved it and Done! The challenge was complete. I took care of time. It should be feasible by an average human.. Done!!


Moral: Don't Be Dumb-ass.. and Don't believe everything I write!
Disclaimer: I am not responsible for any gains or losses incurred to people using this description. Don't use it, its not what you think it is...

Thursday, 22 March 2012

How to reach me through Ubuntuforums.

A Geeky story:

When I started exploring *nix world, I created a profile on ubuntuforums with username: ~!geek!~
It too has a story of its own like my online identity drake01.
It was before I created my identity as drake01. I started my life in this fascinating world of un*x by an accident, which is not so important and just stuck with it. The other morning I started liking this new world. It was really good since day 2 of this new life. Before I tell you the story, I want to share a trivia with You, When I was learning calculus, I learnt about a great equation : e^(i*π)+1=0. This is a remarkable equation. It unifies five important constants in single equation. In one of the great text books on calculus, it's been mentioned that if World ends sometime, and mathematicians have to leave the world (obviously with all other people) with only a single fact left for new life which will start after they are gone, they should leave this equation. It is an equation which unifies so called five most important constants and only them with operators. It conveys that there exists five important constants while describing nature in the language of mathematics related by a single equation. Sooner or later, new world should be able to come to find 5 constants satisfying this equation. Thus making their job easier. Ok Enough Trivia...
About my name on ubuntu forums: ~!geek!~
It too sort of is inspired by the above trivia. I see it this way.
1) For Someone who is new to the world of this remarkable machine with newly installed *nix, the name says: the person you are interacting with is a geek and the symbols at the beginning and end of the name are just there for decoration purpose, or if she believe in symmetry the symbols are just for making word geek look packed with symbols on both sides symmetrically. As she assume me to be geek, she finds me helpful. Because geeks and nerds are helpful. :)
2) For peers and people surrounding me, people who are studying with me, or are of my age probably knows C and C++, would see it as not of Geek (you see, !geek and the the last ~ as implying command prompt on *nix. How smart they are!) They may interpret remaining symbols to be there for making name look symmetric. You see, I almost have same level of understanding about *nix world (I thought, those days). Even today I explain, my name this way to my peers. They do not need help from me, since I won't be of much help for them. Nor Do I since they would be knowing almost same about *nix as me. So no reason for wasting my time with them.
3) The third category of people are those who would interpret this name as I want them to, The name shows philosophy of  unifying the world of programming languages (atleast I want, crazy idea :) who cares!). The first ! and ~ are from C ( or C++) and prolog respectively for negation, both negating each other. The second ! is for exclamation about using both symbols in a single statement and the last ~ symbol implies the command prompt of *nix.  Thus implying the person behind it, that's me,  intends to be a geek or is a geek, whatever... This third category of people are great resources and worth befriending. Sharing knowledge with them is like multiplying your understanding with positive natural numbers. You won't feel your time wasted. Instead you would learn great things from them.

Again, I don't like to be indexed in search results without me knowing it. It seems the SearchEngines don't work well with the symbols like ~ and !. They ignore them or something, which means they see the name as geek and nothing more, which I like.
and searching the word geek, an english word with a meaning in dictionary, using a search engine has so much room for other words to come up before the one related to me, which is great.

I know the description sounds crazy, But this is what I am.


Good Bye Lurker. Have a nice Day :)