Tuesday, 19 March 2013

How To View Your Gmail Access History Details

I do this thing on a regular basis to know if my account got compromised or not. Well I understand the risks imposed by logging in to my gmail account but still due to several circumstances, I have to login from public PCs. Though I employ some other techniques to trick possible keyloggers/RATs, etc. I do keep running from the dangers of account hijack and hence keep on regularly checking the account history details in gmail.

In order to access the gmail history log details, you need to scroll down to the right bottom of your gmail inbox where you will notice the option to view the detail of your account which looks like below:



Moreover, it seems like that the details now include the user agents and/or access type information along with the IP address and time of access to the gmail account.

If you're concerned about unauthorized access to your mail, you'll be able to use the data in the 'Access type' column to find out if and when someone accessed your mail. For instance, if the column shows any POP access, but you don't use POP to collect your mail, it may be a sign that your account has been compromised.

For more information, refer to this page.



Moreover, this feature lets you log out all of your sessions other than the current session. This can come quite handy whenever you have forgotten to sign out or someone else is having an unauthorized access to your account.


Read more...

Friday, 15 March 2013

Uploaded.net 48 Hours Premium Membership Coupon To Redeem

Hi all, I just bought a Ul.to account and got an extra coupon that lets free users to have 48 hours premium membership. I decided to provided the coupon to one of my readers. I will provide the coupon to one of the people who share URL of my website in the twitter with mention to me (@techgaun). I'll decide the winner on 16th March. So start tweeting :P (You understand I need something in return for this coupon :) )

Coupon code: UBTIZYMM


Read more...

Saturday, 9 March 2013

Check Battery Status From Terminal [How To]

Since I had no graphical interface for some reason, I needed some alternative way to check the battery status. If your system includes acpi command, you can just use this command but I had no luxury of such command and here's how you can do the same thing I did. The /proc/ virtual file system has information of different states among which the ACPI information is one. The ACPI information provides us the details of device configurations and power status of the system. Below is one flavor of the command to check the battery status:

samar@Techgaun:~$ cat /proc/acpi/battery/BAT0/state
present: yes
capacity state: ok
charging state: charged
present rate: unknown
remaining capacity: unknown
present voltage: 12276 mV

samar@Techgaun:~$ cat /proc/acpi/battery/BAT0/info
present: yes
design capacity: 4400 mAh
last full capacity: unknown
battery technology: rechargeable
design voltage: 10800 mV
design capacity warning: 250 mAh
design capacity low: 150 mAh
cycle count: 0
capacity granularity 1: 10 mAh
capacity granularity 2: 25 mAh
model number: Primary
serial number:
battery type: LION
OEM info: Hewlett-Packard


The first command provides the general status of the battery and the second command provides the detailed information about battery. The other way is to use the upower command that talks with the upowerd daemon. Upowerd daemon is a default daemon in ubuntu and few others for power statistics. Below is the command to see battery details:

samar@Techgaun:~$ upower -i /org/freedesktop/UPower/devices/battery_BAT0
native-path: /sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0A:00/power_supply/BAT0
vendor: Hewlett-Packard
model: Primary
power supply: yes
updated: Sat Mar 9 10:12:17 2013 (5 seconds ago)
has history: yes
has statistics: yes
battery
present: yes
rechargeable: yes
state: empty
energy: 0 Wh
energy-empty: 0 Wh
energy-full: 47.52 Wh
energy-full-design: 47.52 Wh
energy-rate: 0 W
voltage: 12.28 V
percentage: 0%
capacity: 100%
technology: lithium-ion


If you wish to install acpi for future uses, you can do so by typing the command below:

samar@Techgaun:~$ sudo apt-get install acpi


Play around with different switches by looking over the help and man pages. You will find this tool quite useful :)


Read more...

Friday, 8 March 2013

Encrypt/Decrypt Confidential Data Using OpenSSL

If you wish to perform encrypted file transfers, openssl provides a robust implementation of SSL v2/3 and TLS v1 as well as full strength generic cryptographic functionalities. Available for almost every commonly used operating system, openssl can be used as a general purpose tool instead of looking for other specialized tools.

If you wish to have full strength cryptographic functions, openssl is a perfect choice. Forget about all other tools that promise to provide high end encryption for your confidential data. Openssl is more than enough for most of your cryptographic needs. Personally, I can't just rely on some random software that promises to provide full strength cryptography but lacks documentations and detailed reviews. Openssl, however, has a well structured documentation and is an open source implementation.

Openssl supports several ciphers such as AES, Blowfish, RC5, etc., several cryptographic hash functions such as MD5, SHA512, etc., and public key cryptographies such as RSA, DSA, etc. Openssl has been widely used in several softwares most notably the OpenSSH.

Now that we know some basics about what OpenSSL is, lets move on encrypting/decrypting files/data using openssl. OpenSSL can take any file and then apply one of the cryptographic functions to encrypt the file. As an example, we encrypt a confidential file 'priv8' with a password "hello" below:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8 -out priv8.enc -pass pass:hello


In order to decrypt the encrypted file, we can run the following command:

samar@Techgaun:~$ openssl aes-256-cbc -e -in priv8.enc -out priv8 -pass pass:hello


Now that you know the basic syntax, you can choose among several available cryptographic functions. There are several other symmetric ciphers available for use. The full list of these ciphers is provided by the command:

samar@Techgaun:~$ openssl list-cipher-algorithms


I hope this helps for your file encryption needs :)


Read more...

Thursday, 7 March 2013

Make An Encrypted Call On Android Using RedPhone

If you are quite worried about your privacy while making voice calls on your phone, RedPhone is a perfect tool to install in your android phone. RedPhone ensures that the eavesdropping attackers can not sniff your call by providing end-to-end encryption.

RedPhone is an open source communication encryption android software that well-integrates with the system dialer and lets you use the default system dialer and contacts apps to make calls as you normally would. The tool is written by Maxie Morlinspike, the same guy who wrote a famous tool called SSLStrip for performing HTTPS stripping attacks.

Install RedPhone





It is an open source tool licensed under GPL v3; the github README says, RedPhone is an application that enables encrypted voice communication between RedPhone users. RedPhone integrates with the system dialer to provide a frictionless call experience, but uses ZRTP to setup an encrypted VoIP channel for the actual call. RedPhone was designed specifically for mobile devices, using audio codecs and buffer algorithms tuned to the characteristics of mobile networks, and using push notifications to maximally preserve your device's battery life while still remaining responsive.

If you wish to understand more on Encryption protocol, you should refer to the WIKI.

Install RedPhone




Read more...

E-Paath - A Perfect Computer-based Learning Tool For Your Children

If you are looking for good computer based learning materials for your small children, e-paaath (E-/Online Lesson) is a perfect choice esp. for the Nepali education scenario. I don't know how much has been done to take this software to the reach of the students/children but I think this software can be a very useful interactive learning material for children.

Developed by OLE Nepal in collaboration with the Department of Education (Nepal), this web-based software provides several modules of online lessons for classes 2-6. The software consists of 18-30 lessons organized in a weekly fashion for four subjects: Nepali, English, Mathematics, and Science. The contents for science are available in both English and Nepali languages. However, mathematics is available only in Nepali language.



E-paath is a flash based content and hence requires flash player and can be run through any of the major web browsers such as Mozilla Firefox, Google Chrome, etc. Since e-paath is a web based content, you can run it in any platform without any problem (I had to change a little bit of code in karma.html file to run the tool smoothly in Linux but its still fine; having a web server to serve the pages solves all errors though).

You can download e-paath from HERE. For installation help, you can refer to this page. You can also access the software online from HERE. Btw, there is no specifically linux version of tool available in the website (except for Sugar desktop environment) and don't try to mirror the online version of e-paath as flash contents seem to be internally referencing the configuration files. Your best bet is to download either of the two available versions and then delete all the unnecessary stuffs in there. It just runs fine.


Read more...

Tuesday, 12 February 2013

Chaining The Proxies With ProxyChains

In this tutorial, we will learn to redirect our TCP traffics through the chain of proxies using a well known tool named ProxyChains.

ProxyChains is a tool for tunneling TCP and DNS traffics through chain of several proxy servers which supports HTTP, SOCKS4, and SOCKS5 proxy servers. Hence, this tool leverages several usages such as anonymity, bypassing filters, running any program through proxy servers, etc.

You can DOWNLOAD proxychains from SourceForge. In ubuntu, you can directly install it from repos:

samar@samar-Techgaun:~$ sudo apt-get install proxychains


Once you have installed the proxychains, you need to configure this tool. The global configuration file is located at /etc/proxychains.conf so if you wish to have your own configuration file, you could either create the proxychains.conf file in the current working directory or at $HOME/.proxychains/proxychains.conf.

In my example, I'll edit the global configuration file by issuing the command:

samar@samar-Techgaun:~$ sudo nano /etc/proxychains.conf


First, we will have to select the kind of chaining option we want to use. We can use one of the dynamic_chain, strict_chain, and random_chain chaining options. In most cases, it is good to just use the dynamic_chain so we uncomment the line containing dynamic_chain and comment all other chaining options.



Then we need to grab some proxies and then insert at the end of our configuration file which would look like:

socks4 127.0.0.1 9050
socks5 192.168.2.90 3128
socks5 1**.1**.*.* 8080


You could add as much as proxy servers in the list. Btw, the asterisks in the above example do not mean wildcards, they are just there to symbolize some proxy server. There are free sites on the Internet which provide big database of different kinds of proxies. Even several proxy scrapers are available all over the internet and you could even write one on your own. So getting list of good proxies is not the difficult job. Once you finish the configuration, you can run any command through proxychains. The syntax is as simple as below:

samar@samar-Techgaun:~$ proxychains <any_command>


For example, below is the example nmap scan run through the proxychains:

samar@samar-Techgaun:~$ proxychains nmap -p 1-1000 -O victim.tld


P.S. If you are interested in some GUI for using proxychains, you can use ProxyChainsGUI. Lastly, the default package from Ubuntu repository seems to be missing the proxyresolv command so I would recommend to compile the source code locally.

Read more...

Thursday, 7 February 2013

NCell Paisa Double For Prepaid and Pro Classic customers

Ncell has introduced yet another offer, the Paisa Double for all the prepaid and pro classic customers which will be available for next eight weeks.

With the Ncell's Paisa Double offer, you will be able to double the said amount. Ncell says that it is a new offer that acknowledges the loyalty of Ncell customers by providing them various amounts to double.

Once you have enough main balance, you can activate the offer by dialing 1212. In order to utilize the scheme, you have to follow the steps as below:

  • Dial 1212 and listen to find out what amount you can double. Then press 1 to get the double of the said amount. Alternatively, you can also dial *1212# and press 1.
  • After you press 1, the said amount will be deducted from your main balance and the double of it will be added as your Paisa Double balance.


While the offer sounds great, it is only applicable within Ncell network. You can use the Paisa Double balance to make calls, send SMS and MMS within Ncell network and even to access internet. You can subscribe Ncell Paisa Double offer only once and it will be auto-renewed every week until you deactivate or till the offer ends.

Dial *101# to know your remaining Paisa Double balance. If you wish to deactivate the service, type R and send it to 1212 through SMS. However, you can again activate if you wish within the offer period.


Read more...