xml Archives - Page 2 of 2 - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘xml’

Tiny PHP script to dump your browser set HTTP headers (useful in debugging)

Friday, March 30th, 2012

While browsing I stumbled upon a nice blog article

The arcitle, points at few ways to DUMP the HTTP headers obtained from user browser.
As I'm not proficient with Ruby, Java and AOL Server what catched my attention is a tiny php for loop, which loops through all the HTTP_* browser set variables and prints them out. Here is the PHP script code:

<?php 
foreach($_SERVER as $h=>$v) 
if(ereg('HTTP_(.+)',$h,$hp)) 
echo "<li>$h = $v</li>\n"; 
header('Content-type: text/html'); 
?>

The script is pretty easy to use, just place it in a directory on a WebServer capable of executing php and save it under a name like:
show_HTTP_headers.php

If you don't want to bother copy pasting above code, you can also download the dump_HTTP_headers.php script here , rename the dump_HTTP_headers.php.txt to dump_HTTP_headers.php and you're ready to go.

Follow to the respective url to exec the script. I've installed the script on my webserver, so if you are curious of the output the script will be returning check your own browser HTTP set values by clicking here.
PHP will produce output like the one in the screenshot you see below, the shot is taken from my Opera browser:

Screenshot show HTTP headers.php script Opera Debian Linux

Another sample of the text output the script produce whilst invoked in my Epiphany GNOME browser is:

HTTP_HOST = www.pc-freak.net
HTTP_USER_AGENT = Mozilla/5.0 (X11; U; Linux x86_64; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Version/5.0 Safari/531.2+ Debian/squeeze (2.30.6-1) Epiphany/2.30.6
HTTP_ACCEPT = application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
HTTP_ACCEPT_ENCODING = gzip
HTTP_ACCEPT_LANGUAGE = en-us, en;q=0.90
HTTP_COOKIE = __qca=P0-2141911651-1294433424320;
__utma_a2a=8614995036.1305562814.1274005888.1319809825.1320152237.2021;wooMeta=MzMxJjMyOCY1NTcmODU1MDMmMTMwODQyNDA1MDUyNCYxMzI4MjcwNjk0ODc0JiYxMDAmJjImJiYm; 3ec0a0ded7adebfeauth=22770a75911b9fb92360ec8b9cf586c9;
__unam=56cea60-12ed86f16c4-3ee02a99-3019;
__utma=238407297.1677217909.1260789806.1333014220.1333023753.1606;
__utmb=238407297.1.10.1333023754; __utmc=238407297;
__utmz=238407297.1332444980.1586.413.utmcsr=www.pc-freak.net|utmccn=(referral)|utmcmd=referral|utmcct=/blog/

You see the script returns, plenty of useful information for debugging purposes:
HTTP_HOST – Virtual Host Webserver name
HTTP_USER_AGENT – The browser exact type useragent returnedHTTP_ACCEPT – the type of MIME applications accepted by the WebServerHTTP_ACCEPT_LANGUAGE – The language types the browser has support for
HTTP_ACCEPT_ENCODING – This PHP variable is usually set to gzip or deflate by the browser if the browser has support for webserver returned content gzipping.
If HTTP_ACCEPT_ENCODING is there, then this means remote webserver is configured to return its HTML and static files in gzipped form.
HTTP_COOKIE – Information about browser cookies, this info can be used for XSS attacks etc. 🙂
HTTP_COOKIE also contains the referrar which in the above case is:
__utmz=238407297.1332444980.1586.413.utmcsr=www.pc-freak.net|utmccn=(referral)
The Cookie information HTTP var also contains information of the exact link referrar:
|utmcmd=referral|utmcct=/blog/

For the sake of comparison show_HTTP_headers.php script output from elinks text browser is like so:

* HTTP_HOST = www.pc-freak.net * HTTP_USER_AGENT = Links (2.3pre1; Linux 2.6.32-5-amd64 x86_64; 143x42) * HTTP_ACCEPT = */* * HTTP_ACCEPT_ENCODING = gzip,deflate * HTTP_ACCEPT_CHARSET = us-ascii, ISO-8859-1, ISO-8859-2, ISO-8859-3, ISO-8859-4, ISO-8859-5, ISO-8859-6, ISO-8859-7, ISO-8859-8, ISO-8859-9, ISO-8859-10, ISO-8859-13, ISO-8859-14, ISO-8859-15, ISO-8859-16, windows-1250, windows-1251, windows-1252, windows-1256, windows-1257, cp437, cp737, cp850, cp852, cp866, x-cp866-u, x-mac, x-mac-ce, x-kam-cs, koi8-r, koi8-u, koi8-ru, TCVN-5712, VISCII,utf-8 * HTTP_ACCEPT_LANGUAGE = en,*;q=0.1 * HTTP_CONNECTION = keep-alive One good reason, why it is good to give this script a run is cause it can help you reveal problems with HTTP headers impoperly set cookies, language encoding problems, security holes etc. Also the script is a good example, for starters in learning PHP programming.

Tags: AOL, arcitle, article, attention, Auto, blog, browser, code, code lt, content type, copy, debugging, download, Draft, dump, Dumping, ENCODING, ereg, freak, gecko, Gnome, gzip, host, host www, HTTP, image png, information, Java, khtml, linux x86, loop, nbsp, opera browser, php, php script, php txt, place, prints, quot, ruby, Safari, screenshot, script, script code, server, set variables, shot, show, squeeze, support, text, Tiny, type, unam, User, utmb, utmcsr, xml
Posted in Programming, System Administration | No Comments »

How to build website sitemap (sitemap.xml) in Joomla

Monday, December 20th, 2010

A joomla installation I’m managing needed to have created a sitemap.xml

From a SEO perspective sitemap.xml and sitemap.xml.gz are absolutely necessary for a website to bewell indexed in google.

After some investigation I’ve found out a perfect program that makes generation of sitemap.xml in joomla a piece of cake.

All necessary to be done for the sitemap.xml to be created comes to download and install of JCrawler

What makes JCrawler even better is that it’s open source program.

To install Jcrawler go in the joomla administrator panel:

Extensiosn -> Install/Uninstall

You will see the Install from URL on the bottom, there place the link to the com_jcrawler.zip installation archive, for instance you can place the link of the downloaded copy of com_jcrawler.zip I’ve mirrored on www.pc-freak.net ,by placing it on https://www.pc-freak.net/files/com_jcrawler.zip

The installation will be done in a few seconds and you will hopefully be greated with a Installation Success message.

Last thing to do in order to have the sitemap.xml in your joomla based website generated is to navigate to:

Components -> JCrawler

There a screen will appear where you can customize certain things related to the sitemap.xml generation, I myself used the default options and continued straight to the Start button.

Further on a screen will appear asking you to Submit the newly generated sitemap to; Google, MSN, Ask.com, Moreover and Yahoo , so press the Submit button.
That’s all now your joomla website will be equipped with sitemap.xml, enjoy!

Tags: bewell, Button, com, customize, default options, download, downloaded copy, Extensiosn, freak, google, gz, How to build website sitemap (sitemap.xml) in Joomla, Install, installation, installation archive, installation success, investigation, JCrawler, link, MSN, open source program, order, panel, perspective, piece of cake, Press, Start, start button, success message, Uninstall, xml, Yahoo, zip installation
Posted in Joomla, Linux, SEO, Various | 7 Comments »

How to crack password protected rar and 7z files on GNU / Linux

Friday, October 7th, 2011

break / crack password protected rar, zip archives on Linux and FreeBSD rarcrcack

RarCrack is able to crack rar and 7z archive files protected by password on Linux.
The program is currently at release version 0.2, so its far from perfection, but at least it can break rars.

RarCrack is currently installable on most Linux distributions only from source, to install on a random Linux distro, download and make && make install . RarCrack’s official site is here, I’ve mirrored the current version of RarCrack for download here . To install rarcrack from source using the mirrored version:

linux:~# wget https://www.pc-freak.net/files/rarcrack-0.2.tar.bz2 ... linux:~# tar -jxvvf rarcrack-0.2.tar.bz2 linux:~# cd rarcrack-0.2 linux:~/rarcrack-0.2# make ... linux:~/rarcrack-0.2# make install ...

On FreeBSD, rarcrack is available and installable via the ports tree, to install on FreeBSD:

freebsd# cd /usr/ports/security/rarcrack freebsd# make && make install ...

To use RarCrack to crack rar, zip or 7z archive file:

freebsd% rarcrack rar_file_protected_with_password.rar --type rar

The argument –type rar is optional, in most archives RarCrack should detect the archive automatically. The –type option could also take the arguments of rar and 7z .

I’ve created a sample rar file protected with password linux_then_and_now.png.rar . The archive linux_then_and_now.png contains a graphic file illustrating the linux growth in use in computers, mobiles and servers. linux_then_and_now.png.rar is protected with the sample password parola

RarCrack also supports threads (a simultaneous instance spawned copies of the program). Using threads speeds up the process of cracking and thus using the –threads is generally a good idea. Hence a good way to use rarcrack with the –threads option is:

freebsd% rarcrack linux_then_and_now.png.rar --threads 8 --type rar RarCrack! 0.2 by David Zoltan Kedves (kedazo@gmail.com) INFO: the specified archive type: rar INFO: cracking linux_then_and_now.png.rar, status file: linux_then_and_now.png.rar.xml Probing: '0i' [24 pwds/sec] Probing: '1v' [25 pwds/sec]

RarCrack‘s source archive also comes with three sample archive files (rar, 7z and zip) protected with passwords for the sake of testing the tool.
One downside of RarCrack is its extremely slow in breaking the passwords on my Lenovo notebook – dual core 1.8ghz with 2g ram it was able to brute force only 20-25 passwords per second.
This means cracking a normal password of 6 symbols will take at least 5 hours.
RarCrack is also said to support cracking zip passwords, but my tests to crack password protected zip file did not bring good results and even one of the tests ended with a segmentation fault.

To test how rarcrack performs with password protected zip files and hence compare if it is superior or inferior to fcrackzip, I used the fcrackzip’s sample pass protected zip noradi.zip

hipo@noah:~$ rarcrack --threads 8 noradi.zip --type zip 2 by David Zoltan Kedves (kedazo@gmail.com) INFO: the specified archive type: zip INFO: cracking noradi.zip, status file: noradi.zip.xml Probing: 'hP' [386 pwds/sec] Probing: 'At' [385 pwds/sec] Probing: 'ST' [380 pwds/sec]

As you can see in above’s command output, the zip password cracking rate of approximately 380 passwords per second is a bit quicker, but still slower than fcrackzip.

RarCrack seg faults if cracking a pass protected zip is passed on without specifying the –type zip command arguments:

linux:~$ rarcrack --threads 8 noradi.zip RarCrack! 0.2 by David Zoltan Kedves (kedazo@gmail.com) Segmentation fault

While talking about cracking protected rar and zip archives with password, its worthy to mention creating a password protected archive with Gnome Desktop on Linux and FreeBSD is very easy.

To create the password protected archive in Gnome graphic environment:

a. Point the cursor to the file you want to archive with password

Gnome pointing file properties drop down menu

b. Press on Other Options and fill in the password in the pwd dialog

Linux protect rar with password on Gnome Desktop

I think as of time of writting, no GUI frontend interface for neither RarCrack or FcrackZip is available. Lets hope some good guy from the community will take the time to write extension for Gnome to allow us to crack rar and zip from a nice GUI interface.

Tags: amp, archive type, argument, argument type, bz2 linux, com, current version, download, fcrackzip, file, freak, Gmail, Gnome, gnu linux, instance, Linux, linux cd, linux growth, linux tar, most linux distributions, option, password, png, ports, random linux, rar, rarcrackfreebsd, rarINFO, second, segmentation, status, tar bz2, time, tool, tree, type, type option, usr, version linux, wget, xml, zoltan
Posted in Computer Security, System Administration, Various | 3 Comments »

☩ Walking in Light with Christ – Faith, Computing, Diary

Posts Tagged ‘xml’

Tiny PHP script to dump your browser set HTTP headers (useful in debugging)

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Top Post Views

blogtopsites