Monthly Archives: January 2010

Facebook Phishing Scam

Facebook Phishing Scam-

Phishing as wikipedia defines it:

“Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.”

Great now that you know phishing, There are virulent applications on Facebook that pick up your facebook information such as photos,friends etc and other sensitive information you might have. Basically your photos. They can manipulate them, sell them do all sorts of crap with it.

Many of you might have noticed that you get shit notifications like -” X has just commented on a photo of you.” when they really have not. It looks genuine with the photo icon too. When you click it though,  it redirects you to an application permission page. Like the one below

Here you can see the page has a wierd suspicious application name – PhotAs or Phatos, or Photo comments whatever might even say photos.

Please Please do not allow it access. You are allowing the hacker access. Click on leave application. There is actually no comment. If you allow it they will steal all your photos and send wierd notifications to your friends.

If you have not clicked on one but you still get notifications dont panic. Ignore them.

If you have added the application by mistake – On the bottom of your facebook page click on the blue “applications” tab. -> Edit applications – >  Select show – Authorised / Granted special permissions. Check the names of those apps. If you find a funny name , delete it.

Also one more thing.

” PLEASE DO NOT DISPLAY YOUR BIRTHDATE ON YOUR PROFILE”

Many credit card companies / email accounts require you to enter your birthdate for verification for lost password. Use privacy settings. Food for thought.

Advertisements

Sony Ericsson Phone Modding and Flashing Tutorial

  1. Sony Ericsson Phone Modding and Flashing

What is phone modding and why would I do it?

Phone Modding  is a process where you modify your phone software or tweak it to do various things. Some of them are listed below-

  • If you think your Sony Ericsson (SE)stock default  phone volume is too low.
  • If you think your software is messed up and dont have the time to give the phone away and pay a lot of money
  • If you want to turn your normal phone into an Ipod with Loud Mega Bass settings, change the walkman interface, skins which you usually cannot do normally
  • If you want cool moving flash themes or like a dice wallpaper which rolls the dice when you shake it or changes wallpaper (some phones only)
  • If you want to change the appearance of the boring default menu
  • If you want to change the drivers of the camera for better performance
  • If you want to change the boring old font to a sexy new font
  • If you want to change the layout of the standby page
  • Change the battery icon / startup shutdown screens

Step 1: Identify your phone and its screen resolution

There are two types of phones normal phones

Normal phones include k530 k550 k610 k770 k790 k800 k810 and w580 w610 w660 w710 w830 w850 w880 etc.

A2 phones: C510, C702, C901, C902, C903, C905, G905, G705, K630, K660, K850, K858, T700, TM506, V640, W595, W705, W715, W760, W890, W902, W908, W910, W980, Z750, Z770, Z780

You need to find out the CID version also. You can find this on normal phones by the secret service menu. Go to your Standby (Normal) screen.

  1. Use the directional/joystick keys press the RIGHT key. Dont worry about what appears just keep pressing those buttons.
  2. Press  * key
  3. Press left, again left
  4. Press * key one last time
  5. You will see a  menu with the first option Service info. Read everything and check the software version CID (49,51,52,53 etc) and the branding – RED etc, ASIA , AMERICA etc. If you cant find those extra options no need to worry continue.
  6. TIP: The menu above will help you determine if everything on your phone is working well or not.

If the above method does not work: (A2 phones) Follow the procedure to install A2 Uploader in case of A2 phone or XS++ in case of other phone) you should see something like

Here the Flash CID (here 52) and RED DB 31XX(3150) are to be noted. Please skip ahead if you dont understand and come back

2.I know my phone. Now the software

Basically the best tools or the ones ill be using here will be A2Uploader for my G502 A2 phone. alternatively you can use XS++ 3.1. The interface differs a little bit but the principle is the same

Download Links:

1. XS++ 3.1 for non A2 phones:  http://www.4shared.com/file/31320268/de535436/XS_version_31.html

2. A2 Uploader for A2 phones:  http://www.4shared.com/file/78355548/7d06473a/A2_Uploader_V3.html

3.FAR Manager + JD Flasher:  http://www.4shared.com/file/57668515/2faa8be8/Far_Manager__JDFlasher_T6__CID.html

Choose 1. If you only wish to flash or modify your file system. Pathching can also be done. This might not be able to READ (Backup the data on the phone out to your computer)

Choose 2. If you have an A2 Phone. (You can try 3 also)

Choose 3. If you are advanced. FAR Manager is by far the best but has a crappy interface.You need to know what you are doing.

3. The Risks

  1. If you flash the wrong firmware files, the phone may give an error starting up but it CAN BE FIXED
  2. If you screw with the GDFS part of the phone. You die.Nothing can be done
  3. If you do not backup the files and you want them back its your responsibility.
  4. Flashing causes all contacts ,data,apps on the phone to be erased. So be careful
  5. Wrong driver files like the wrong camera drivers might give an error while starting or the wrong acoustics might cause high volume distortition , no volume from the headset etc.
  6. I think you lose the warranty once you mess with the file system

4. ” I AGREE” Lets start

After downloading one of the files above, Unzip everything somewhere. Install the two files in case of A2 phones.

In case you get errors or your phone is not detected see  http://cshared.com/sony-ericsson-usb-flash-driver-installation/ If that fails too http://www.x-drivers.com/catalog/flash/mobile_phones/companies/sony_ericsson/models/seus/7572.html. Download and run the SEUS (Sony Ericsson Update tool). Remember it HAS to be detected.

5. Browsing the file system

Now get your USB DATA CABLE. Lets start.

  1. Turn off your phone. Remove the battery and put it back in
  2. Plug the USB end of the USB data cable into the computer
  3. Now here pay attention. Hold the “C” button on normal phones OR (2 or 5 key on A2) and connect the other end of the cable to the mobile. Dont Let go of ‘C’  till the driver is installed.
  4.  You should see a “New Hardware detected ” Message. On Vista and Seven this should be installed automatically through windows update. It takes time. Else on Windows Xp if it gives the “Found new hardware” wizard. Say No Windows Update this time, Install from specified location and point it to the downloaded and unzipped version of (http://www.akshayy.com/sonyericsson/wp-content/uploads/usbimages.zip)
  5. After It gives an installed successfully confirmation start up A2 Uploader or XS++. Im using A2 here. Click the File System button on the right and press enter.

Before connecting

 Here 1.Option in the figure above is used for Flashing new firmware files. 2. For browsing and editing the filesystem installed. 3. Is used for patching or scripts (advanced) & Identify the device 4. Is used to stop when you are finished with everything. Remember to press that before you disconnect.

You should see this after you connect

After connecting

 In the above diagram: 1. Shows you the filesystem. 2.Is showing you that the flash memory driver is installed (Win 7)

3. Tells you the processes taking place and device info.

Congratulations you know how to browse the filesystem now.

6. Backing Up Files.

  1. Please remember to do this as you are eventually going to mess up something later.
  2. On the five folders – the /tpa , /sys, /boot, /ifs  etc. Right click each one and select the READ option. It takes a lot of time but please do this. It will backup all the contents to your hard drive where the A2 uploader program resides so you can restore the files without having to flash the whole thing again.
  3. If you do mess up and you cant get out of it flashing with new firmware is the only option

7. Installing New Files

The procedure varies depending on the file you wish to transfer

For Flash wallpapers:

A) Download the right size. Check your cellphone screen resoultion in the specs and download those resolution wallpapers. For sample Ive downloaded the Blue Evolution theme (G502 ModPack) from  http://i-sony-ericsson.blogspot.com/. A Mod Pack is one where everything Fonts – Layouts – Wallpapers – Acoustics are already customized for your phone into one ZIP file

B) To install Remember you should have two files for a flash menu. The .SWF (flash file) and the .THM file

On the right File System Browser Panel Navigate to tpa/Preset/System/Desktop/Flash manually. This is where all the flash swf files go. Not the .thm files. Open the other file you want to copy in my computer elsewhere. Then DRAG the file into the window. It will get copied or replaced. Then do the same for the corresponding .thm file. You have a new flash wallpaper!

Similarly for 

Flash Menu:
thm > tpa/user/themes
swf > tpa/preset/system/desktop/flash

Acoustic:
ifs/settings/acoustic

Camdriver:
ifs/settings/camera

Displaydriver:
ifs/settings/display

Startup:
tpa/preset/system/settings

Softkey:
tpa/preset/custom

Fonts:
tpa/preset/system/fonts

Slang:
tpa/preset/system/language

Customization:
tpa/preset/custom

LightEffect:
tpa/system/lighteffect/systemeffect

Layout:
tpa/system/layout

Sidebar:
Dispose of an entire folder to the memory card as storage. Then, to set the sidebar, find the file on the phone. Swf, press Options> Set As> Wallpaper. I have SideBar

Frames:
tpa/preset/system/multimedia/pe/frames

Clipart:
tpa/preset/system/multimedia/pe/clipart

Funlayer:
tpa/preset/system/multimedia/pe/funlayer

Motyw:
tpa/user/themes

Menu:
tpa/preset/system/menu

jjpatcher:
tpa/user/other

Patches:
tpa/user/other/patches

There. You know how to add new files.  

This is what the final result is

A few Links are here.Check them according to your phone.

==============================================================================

Iphone theme – http://rapidshare.com/files/141706256/Iphone_y_Fast_Food_Flash_2.0_By_Lagunalor.rar

Man U theme – http://rapidshare.com/files/135217807/Smiley_Funny-V2___Manchester_United_By_Lagunalor.rar

Walkman Dance – http://rapidshare.com/files/153124842/Walkman_Dance_Duo.Flash_2.0_By_Lagunalor.rar

Purple Sky – http://rapidshare.com/files/153773700/Bronzy_y_Purple_Sky.rar

Ubuntu pack/Linkin park  – http://walkmans.wordpress.com/category/240×320/

Acoustics Packs – http://www.4shared.com/dir/5108371/7acde666/Acoustics.html

CamDriver – http://www.4shared.com/dir/2812893/b660e3b7/Camera.html

Any other stuff – http://www.4shared.com/dir/2730556/43f8e259/sharing.html

=============================


A few Facebook privacy tips

Facebook: Its all about privacy now!

A lot of people are not aware of the new privacy settings available on facebook and do not know how to operate them. They keep asking me How do I get my Ex to not see my posts to her friends or my status updates about my new girlfriend? How can I make only my close friends recieve my relationship updates?  My dads on facebook I cant delete him. Or maybe some pictures you want only a group of people to see them. Ill try and answer all these by creating scenarios

1. I need to block a certain person. How do I go about it?

Ans: –

1. Click on the SETTINGS tab on the top blue strip somewhere near the right side of the page.

2. From the menu select PRIVACY SETTINGS

3. Select BLOCK LIST at the bottom of the privacy settings page.

4. At the bottom you can see two text boxes with ‘Person’ and ‘Email’

5. If you know the persons name. Type say the first five letters in the person text box. It’ll give you the nearest match and block him.

NOTE:  a) Blocking a person means he CANNOT see your profile,posts,wall,comments on other peoples statuses,photos, nothing with your name next to it. However he may see your name and profile pic in third party applications like Mafia Wars etc.This is a flaw and if the person decides he may be able to view your profile pic on the application but he cannot gain access to it. So the person you are blocking CAN sometimes see your profile pic.

Or as quoted by Facebook – “Note that blocking someone may not prevent all communications and interactions in applications, and does not extend to elsewhere on the Internet.”

b) You can UNBLOCK a person by clicking the “remove” link in the BLOCK LIST next to his name. You will have to send him/her a friend request again and wait for confirmation. You can do this (blocking and unblocking) as many times as you like

Scenarios when you would do this – If someone was stalking you, Someone you really really hate, Someone who you think might hack into your account and gain access etc

2. I want to add a person as a friend but I dont want him to see any of my personal info, profile information,photos, wall posts, status updates etc.

Ans:

1. Go to Settings->Privacy Settings->Profile Information

2. On the left column you will see  About Me,Birthday,Personal Info etc. And on the right you see the corresponding privacy settings for each of them. Now for Each of them (recommended highly by me) , click on the Drop Down Box and select the last ” Custom” option.

After clicking on that you get this

Here I recommend that you keep your profile open to “Only Friends” (Specific People of you dont have many) and tick yourself off the networks which are ticked by default. This is for two main reasons:

1. People in the network (like fergusson college 2009,  University of Pune etc.)  are allowed to see a lot of your stuff like photos , status updates. You dont know what kind of people exist in the network. Anyone who has a friend in the network can get in and gain access to thousands of profiles.A “stalkers delight”

2. You can set it to specific people but then if you have 400 friends and you want 390 of them to see it, it does not make sense to use that option. Instead use the “Hide this from” and enter the names of the people you think are snoopy. Maybe you dont want your mum and dad to see your changed relationship status. then set the proper settings for “Family and relationship” and include them in the “Hide this from”

3.Be extra careful with the photo album. Thats usually what people want to see. Click on the Edit Settings Button next to Photo Albums.

 

Here you can set the Privacy settings for each album. Say theres an album you want only your girlfriend to see. Then use the Some Friends option. You can figure out the rest of the settings there itself.

After you’ve finished and you want to check if youve done everything right go to

Privacy settings>Profile information. on the top right click on “PREVIEW PROFILE”

Enter the name of the person youve just blocked, or your mum and dad and hit enter.

You should now see what you want them to see.

3. Chat Invisibility

Say there is someone pestering you and you want to chat with some other people but not go offline at the same time. Unfortunately facebook does not allow “special visibility settings” directly in chat for each person

Just click on the Friends lists button. Create a new list.

A new part of the chat box pops up. Drag the person you want to get rid of into the box. Click the green hatch on the top that makes you go offline. The list will disappear. You are free to chat with your friends.

But if you intend to chat with the person later you will have to enable the list and go online again.Or change his list from the “Friends” page.

4. My Facebook Chat App

Ive been tinkering around with VB.NET and I found it rather annoying that facebook does not have its own messenger like yahoo which you can minimize. So I made one myslef with the facebook lite interface. Its a very basic version so dont expect it to be a hit.

Please note it needs .NET 3.5 +SP1 setup and Windows Installer 3.1

Screenshot as is working on Windows 7
http://www.mediafire.com/?2nitzlziwmz

Download it from Above. (Unzip all the files and run the setup.exe)

Cheerio

Harsh


How BSNL internet networks are terribly dangerous

All BSNL users beware!

I’m aware many of you must be using BSNL Dataone as your Internet Service provider. BSNL networks are unprotected and can be a great security threat if you do not take care and change your passwords and use firewalls. I will illustrate this by hacking into my own PC.

Some things you should know-

Every computer ( or device to be precise) that accesses the internet is alotted an IP address by your internet service provider. This IP address is unique to your computer and is used to track your internet activity -the websites that you visit online record your IP addresses and store them and make them available to local authorities in case you break the law. An IP address can often be used to identify the region or country from which a computer is connecting to the Internet

Ip addresses are of two types – 1) Shared IP addresses (Local).

 If you are connected to a router or even a modem you have an internal IP address which looks something like 192.168.1.2 , 192.168.1.X etc which represents your laptops/pc’s location internally.These are by default assigned automatically by something called DHCP (Dynamic Host Configuration Protocol). So they are “leased” for some time and then you get a new ip each time you connect to the network. You can also make it static by setting it manually

The router communicates with BSNL(your ISP) and is your “gateway” to the internet. BSNL assigns your ROUTER a new IP address each time you establish the connection to the internet. However this single address is shared by all the computers on your local network. You can see as in the first diagram.

However that is not the full story

There are many such networks just like yours which are connected to switches and then sent for final routing towards your ISP as shown. These networks should technically be hidden from each other.

However BSNL has not made them hidden.i.e anyone can access your Modem/Router if he knows the username and password.

See for yourself

  • 1. Find out your external IP address by going to www.whatismyipaddress.com . Note it down
  • 2.  Download Advanced IP scanner from www.radmin.com/products/utilities/ipscanner.php
  • 3. Install it and run it
  • 4. In the IP range box type in your IP as given for the start. and for the end just change the last three digits group to 255. for example My ip was 117.195.38.19
  • So I put my range as 117.195.38.0 to 117.195.38.255
  • 5. Hit scan. You should see something like this

How do you make sense of this?

The IP’s you see marked as “alive” are the routers that are connected to your network. The ping – is the time required for a small packet (like 32bits of data)  to go and come back to that router in milliseconds. Any ping <100 indicates the computers are nearby (or the network is amazingly fast!) 😀

If you select one of the IP’s and right click them and select HTTP , Your browser opens and asks you for your username and password. This is essentially the login box of the other persons router.

At the login box , enter admin , admin as username and password. This is the default setting which is alotted to most routers which people do not bother to change. This is ONE BIG MISTAKE. If you are lucky enough you can get in

Here  you are logged into the other persons router. You can do anything like find out their  password, switch it etc. If by chance you know where the network is located nearby you can just join it normally after changing the password.

Lessons to be learnt

1. If you have a router – change the password to some alphanumeric sequence which is hard to guess. Select the type of encryption as WPA / WPA2-PSK and enter your shared key. Do NOT , in ANY CASE set the encryption as WEP or Shared. These keys can be hacked wirelessly under 8 minutes using a linux distro called “Backtrack 3”

2. Use a Firewall like Black ICE / Zone Alarm Pro etc. Do not use the windows firewall. It is bullshit. I believe Microsoft can even find out what sort of illegal software you use even if you enable the firewall.

3. Never give out your IP address. If it is static (does not change) then be extra careful. Change passwords every week.

Note: Please do not use this to hack into other peoples computers. What I have shown is for Demo purposes only