krish – 起死回生 [Wake up from death & return to life.]

December 8, 2012

Right Now: What am I up to?

Dec 08, 2012. 02:03 am IST – A new logo coming up for Toonheart.

 

Finalising the logo for my gaming startup - Toonheart  :)Dealing with hand sprain but it can't be helped.... Work is Work.

Finalising the logo for my gaming startup – Toonheart 🙂
Dealing with sprained wrist, but it can’t be helped…. Work is Work.

Nov 18, 2012. 01:41 am IST – Still working on my prototype game.

Fighting 13C weather off with my biking balaclava,

Indie Game Dev’s Life.

and listening to this in loop mode.

To read my past time entries click on (more…)

Advertisements

April 5, 2012

base64 decode without terminal

Filed under: H@ck1n` — krish @ 6:52 pm
Tags: , , , , , ,

So  I got a base64 text which I’m supposed to decode and I thought “Ok! Let me use `base64` binary on terminal and write a small script which I will run when I need to decode it”..  Wait, I need to drop this script in binary path so that I can use it as a command without absolute/relative path traverse when in middle of work.

So far so good.. but it struck me that my browsers are always open and get this text from a url. Why don’t I skip all this and do this on the browser… is it possible?

Let’s say my base64 code is ZmFjZWJvb2suY29tL2Rhcy5zcmlrcmlzaG5hDQp0d2l0dGVyLmNvbS9zcmlrcmlzaG5hZGFz

Open a tab and on url type

data:text/plain;base64,ZmFjZWJvb2suY29tL2Rhcy5zcmlrcmlzaG5hDQp0d2l0dGVyLmNvbS9zcmlrcmlzaG5hZGFz

Wolah! Done. 😀

Think Different! 😉

Read more on MIME types here – http://en.wikipedia.org/wiki/Internet_media_type

February 14, 2012

Microsoft Store India hack

Just about 48 hours ago, news went viral about the latest assault on Microsoft’s India store website.

As the ‘EvilShadow Team’ probably flex their legs and people, blogs, news guys boo-haa MS for being so naive on storing passwords in plain text,  I was thinking ‘wait-a-sec, MS has been through plain text mistake earlier too.. where they really so careless?’

I try to visit microsoftstore.co.in and get greeted by a message like this:

microsoftstore.co.in

 

Notice how it says ‘Microsoft is working on it’ rather than saying ‘We are..’
And bingo, that reminds me that the store and website is not operated by Microsoft but ‘Quasar Media’!

How do I know?
I remember applying ‘social engineering’ on their customer support while reasoning why prices of Xbox accessories were different on ‘http://www.xbox.com/en-IN’ vs ‘microsoftstore.co.in’ .. I got more insider details too but it isn’t relevant in this post.

Clearly, it was an outsourced operation and ‘Quasar Media’ has been loose about their security. I’m sure the top brass is getting a scream from MS.

What should you be doing?
If you do have a microsoftstore.co.in login (or should I say ‘if you did’ – past-tense), and if it is important to you (not the id, but the other creamy information you’ve given along with signup), then please go now and change your password ( obviously, when the site is up ).

I do not remember having a store id, although first thing I did when I heard this news was to change my XBL password, just in case it was an SSO.
Anyone remembers if store login was an SSO? If it was, you better get on with changing any of your MS/related service passwords…. live.com, msn, XBL, azure? to name a few.

I did too, but /me thinks it was not an SSO. If it was, then it would be a more serious shit and Microsoft would have been calling up their media friends by now.

And finally, word of advice: Do not allow browser to save password of any site that you’ll use your creditcard/banking information.. includes netbanking login, movie ticket sites, online stores such as microsoftstore.co.in :), XBL. p’uh’lease do not use same passwords for your email id and other websites.
I’m sure most of these guys have: (thanks to engadget.com for this image)

Aiyeeeee!

Create a free website or blog at WordPress.com.

The Male Factor

On behalf of the ignored gender

Rough Draft

by Atteris Amarth and Darrek Ringo

The Kochi Post.

Read by all + Influenced by none

JumboMake

A signature of Kiran

SAAYAM CHEDDAM FOUNDATION

This blog is just for additional and extension share of it's main frames. No activity is planned from here

krish - 起死回生 [Wake up from death & return to life.]

Get a sneak peek into krish's life, work and passion.

WordPress.com

WordPress.com is the best place for your personal blog or business site.

A Tale of Two and a Half

Monika Amita Bakshi

%d bloggers like this: