Hackers search engine!!!

what is shodan? (Hackers search engine)

“The Scariest Search Engine” OR you can say it ''World Most Dangerous Search engine''

Shodan is a search engine that lets you find specific types of computers (routers, servers, etc.) in the internet using a variety of filters. Some have also described it as a search engine of service banners, which are meta-data the server sends back to the client.[1] This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.

Shodan collects data mostly on web servers at the moment (HTTP port 80), but there is also some data from FTP (21), SSH (22) Telnet (23), SNMP (161) and SIP (5060) services.[2]

It was launched in 2009 by computer programmer John Matherly, who, in 2003,[3] conceived the idea of searching devices linked to the Internet.[4] The name Shodan is a reference to SHODAN, a character from the System Shock video game series.[3]

"OTher Search Engine un'like Shodan" But we like it very much

What Can Shodan Show Us?

The Terrifying Search Engine That Finds Internet-Connected Cameras, Traffic Lights, Medical Devices, Baby Monitors And Power Plants
Since almost every new device now has a web interface (maybe even your refrigerator) to ease remote management, we can access innumerable web-enabled servers, network devices, home security systems, etc.

Shodan can find us webcams, traffic signals, video projectors, routers, home heating systems, and SCADA systems that, for instance, control nuclear power plants and electrical grids. If it has a web interface, Shodan can find it!

Although many of these systems communicate over port 80 using HTTP, many use telnet or other protocols over other ports. Keep that in mind when trying to connect to them.
users you can use google for every information of "shodan"

link to shodan search engine

http://www.shodanhq.com/

you can find every route password from here:

http://www.phenoelit.org/dpl/dpl.html
it can help you to login in unprotected webcam or route settings Etc 

22 Social Media Facts and Statistics You Should Know in 2014

Social web demographics

Social media is a blur of tweets, shares and content. No longer is it just used by the young and the restless. It is global and embedded in every corner of the web.
So some questions. Which age groups are using social media, what countries are big Facebook users and what percentage are using mobile to access social media?
This is the who and the where of social media users.
72% of all internet users are now active on social media
18-29 year olds have an 89% usage
The 30-49 bracket sits at 72%
60 percent of 50 to 60 year olds are active on social media
In the 65 plus bracket, 43% are using social media
Time spent on Facebook per hour spent online by country. Here are the top three. USA citizens get the top gong at 16% followed by the Aussies at 14 minutes and the Brits at 13 minutes.
71% of users access social media from a mobile device.
The paradigm of social media only being used by the younger generation should be put to rest now.

Facebook"

Facebook is still the biggest kid on the block, but there are some pundits predicting that by 2016 Google+ will surpass Facebook on “social sharing”.
Here are some of the latest figures to mull over.
There are now over 1.15 billion Facebook users
One million web pages are accessed using the “Login with Facebook” feature
23 percent of Facebook users login at least 5 times per day
47% of Americans say Facebook is their #1 influencer of purchases
70% of marketers used Facebook to gain new customers

Google+

Prying the numbers out of Google for Google+ has always been a challenge. A bit like getting a date with the prettiest girl in the class. Not impossible but it doesn’t happen very often.
So what are the latest numbers?
There are now over 1 billion with Google+ enabled accounts
It has reached 359 million monthly active users
Google+ is growing at 33% per annum.
The 45 to 54 year old bracket increased its usage on Google+ by 56% since 2012
When you consider that Google+ has only been around for less than three years, then it is a success on many levels. So Google must be happy with with its investment, which is north of $500 million that it initially invested in Google+

Twitter

Twitter has to be taken seriously. Last year it took off its short pants and become a public company. So what is happening in the Twittersphere?
There are now over 550 million registered users
34% of marketers use Twitter to successfully generate leads
Twitter was the fastest growing network with a 44% growth from 2012-2013
215 million monthly active users
Twitter has also made some changes in the last few months that has made it more visual and engaging. Business should no longer be ignoring the 140 character pip squeak.

The others

We haven’t mentioned some important social media channels. These include. Pinterest, Instagram, LinkedIn, YouTube, Tumblr, Vine, Slideshare and many others.
This year expect the visual social media networks to hit more home runs.
Keep an eye on these two:
Pinterest with 20 million active monthly users
Instagram with 150 million active monthly users.

How to use keyboard as a Mouse!!

1.Open Ease of Access Center by clicking the Start button Picture of the Start button, clicking Control Panel, clicking Ease of Access, and then clicking Ease of Access Center.

Click Make the mouse easier to use.

Under Control the mouse with the keyboard, select the Turn on Mouse Keys check box.

Up and to the left
7
Up
8
Up and to the right
9
Left
4
Right
6
Down and to the left
1
Down
2
Down and to the right
3

Select the left mouse button
The forward slash (/)
Select both buttons
The asterisk (*)
Select the right mouse button
The minus sign (-)

Click an item
With the left button selected as your active button, point to the item, and then press 5
Right-click an item
With the right button selected as your active button, point to the item, and then press 5
Double-click an item
With the left button selected as your active button, point to the item, and press the plus sign (+)

Drag an item
Point to the item, and then press zero (0)
Drop the item
Point to the location where you want to move the item, and then press the decimal point (.)

PHISHING ATTACKS ON TELECOMMUNICATION CUSTOMERS RESULTING IN ACCOUNT TAKEOVERS CONTINUE

PHISHING ATTACKS ON TELECOMMUNICATION CUSTOMERS RESULTING IN ACCOUNT TAKEOVERS CONTINUE

Phishing attacks targeting various telecommunication companies’ customers continue. Individuals receive automated telephone calls that claim to be from the victim’s telecommunication carrier. The IC3 released an advisory about this scam in May 2013. Since then, the attacks have increased and recently, victims have reported receiving SMS texts with a similar phishing message encouraging them to go to web sites to claim their reward. Victims are directed to a phishing site to receive a credit, discount or prize ranging from $100 to $2,500. The monetary amounts being offered are increasing to make the scam more enticing. A fraudulent web site example would be www.My(insertphone company name)900.com. Other fraudulent web sites may contain words such as, MyBonus, ILove, ILike, Reward, Promo, or similar words, along with a telephone company’s name.

The phishing site is a replica of one of the telecommunication carrier’s sites and requests the victim’s log-in credentials and the last four digits of their Social Security number. Once access is gained, the subject makes changes to the customer’s account and may place orders for mobile phones.

The IC3 urges the public to be cautious of unsolicited telephone calls, e-mails and text messages, especially those promising some type of compensation for supplying account information. If you receive such an offer, verify it with the business associated with your account before supplying any information. Use the phone numbers that appear on your account statement to contact the business.

If you have fallen victim to this scam, immediately notify your telecommunication carrier and file a complaint with the IC3, http://www.ic3.gov.

How to Read a Cookie

Cookies provide a means in Web applications to store user-specific information, such as history or user preferences. A cookie is a small bit of text that accompanies requests and responses as they go between the Web server and client. The cookie contains information that the Web application can read whenever the user visits the site.

The browser is responsible for managing cookies on a user system. Cookies are sent to the server with a page request and are accessible as part of the HttpRequest object, which exposes a Cookies collection. You can read only cookies that have been created by pages in the current domain or path.

Procedure
To read a cookie

Read a string from the Cookies collection using the cookie's name as the key.

The following example reads a cookie named UserSettings and then reads the value of the subkey named Font.
Visual Basic

If (Request.Cookies("UserSettings") IsNot Nothing) Then
Dim userSettings As String
If (Request.Cookies("UserSettings")("Font") IsNot Nothing) Then
userSettings = Request.Cookies("UserSettings")("Font")
End If
End If

Code in C#:

if (Request.Cookies["UserSettings"] != null)
{
string userSettings;
if (Request.Cookies["UserSettings"]["Font"] != null)
{ userSettings = Request.Cookies["UserSettings"]["Font"]; }
}

Compiling the Code

This example requires:

An ASP.NET Web page.
A cookie written previously named UserSettings

Heartbleed: Pointer-arithmetic considered harmful

Heartbleed has encouraged people to look at the OpenSSL source code. Many have called it "spaghetti code" -- tangled, fragile, and hard to maintain. While this characterization is accurate, it's unfair. OpenSSL is written according to standard programming practices. It's those practices which are at fault. If you get new engineers to rewrite the code, they'll follow the same practices, and end up with equally tangled code.

Coding practices are out of date, laughably so. If you learn how to program in C in a university today, your textbook and your professor will teach you how to write code as if it were 1984 and not 2014. They will teach you to use "strcpy()", a function prone to buffer-overflows that is widely banned in modern projects. There are fifty other issues with C that are just as important.

In this post, I'm going to focus on one of those out-of-date practices called "pointer-arithmetic". It's a feature unique to C. No other language allows it -- for good reason. Pointer-arithmetic leads to unstable, hard-to-maintain code.

In normal languages, if you want to enumerate all the elements in an array, you'd do so with with an expression like the following:

     p[i++]

The above code works in a wide variety of programming languages. It works in C, too, and indeed, most languages got it by copying C syntax. However, in C, you may optionally use a different expression:

    *p++

This is pointer-arithmetic. Instead of a fixed pointer and a variable index, the pointer is variable, moving through the array.

To demonstrate how this gets you into trouble, I present the following bit of code from "openssl/ssl/s3_srvr.c":

   {
s2n(strlen(s->ctx->psk_identity_hint), p);
strncpy((char *)p, s->ctx->psk_identity_hint, strlen(s->ctx->psk_identity_hint));
p+=strlen(s->ctx->psk_identity_hint);
}

The first thing to notice is the line I've highlighted. This line contains the old programming joke:

    strncpy(dst,src,strlen(src));

The purpose of strncpy() is to guard against buffer-overflows by double-checking the size of the destination. The joke version double-checks the size of the source -- defeating the purpose, causing the same buffer-overflow as if the programmer had just used the original strcpy() in the first place.

This is a funny bit of code, but it turns out it's not stupid. In C, text strings are nul terminated, meaning that a byte with the value of 0 is added to the end of every string. The intent of the code above is to prevent the nul termination, not to prevent buffer-overflows. In other words, the true intent of the programmer can be expressed changing the above function from "strncpy()" to "memcpy()".

The reason the programmer wants to avoid nul termination is because they are building a protocol buffer where the string will be prefixed by a length. That's the effect of the macro "s2n()" in the first line of code, which inserts a 2 byte length field and invisibly moves the pointer 'p' forward two bytes. (By the way, macros that invisible alter variables are likewise bad programming practice).

The correct fix for the above code is to change from a pointer-arithmetic paradigm to an integer-indexed paradigm. The code would look like the following:

append_short(p, &offset, max, strlen(s->ctx->psk_identity_hint));
append_string(p, &offset, max, s->ctx->psk_identity_hint);

The value 'p' remains fixed, we increment the "offset" as we append fields, and we track the maximum size of the buffer with the variable "max". This both untangles the code and also makes it inherently safe, preventing buffer-overflows.

Last year, college professor John Regehr had a little contest to write a simple function to parse integers. Most solutions to the contest used the pointer-arithmetic approach, only a few (like my solution) used the integer-index paradigm. I urge you to click on those links and compare other solutions to mine.

My solution, using integer indexes

Typical other solution, using pointer-arithmetic

Many justify pointer-arithmetic claiming it's faster. This isn't really true. In the above contest, my solution was one of the fastest solutions. Indeed, I'm famous for the fact that my code is usually an order of magnitude faster than other people's code. Sure, you can show with some micro-benchmarks that pointer-arithmetic is faster in some cases, but that difference rarely matters. The simplest rule is to never use it -- and if you ever do, write a big comment block explaining why you are doing something so ugly, and include the benchmarks proving it's faster.

Others justify pointer-arithmetic out of language bigotry. We are taught to look down at people who try to program in one language as if it were another language. If you program in C the way you'd program in Java, then (according to this theory) you should just stick with Java. That my snippet of code above works equally well in Java and C is considered a bad thing.

This bigotry is wrong. Yes, when a language gives you desirable constructs, you should use them. But pointer-arithmetic isn't desirable. We use C not because it's a good language, but because it's low-level and the lingua franca of libraries. We can write a library in C for use with Java, but not the reverse. We use C because we have to. We shouldn't be programming in the C paradigm -- we should be adopting the paradigms of other languages. For example, C should be "object oriented", where complex structures have clear constructors, destructors, and accessor member functions. C is hostile to that paradigm of programming -- but it's still the right way to program.


Pointer-arithmetic is just one of many issues effecting the OpenSSL source-base. I point it out here because of the lulz of the strncpy() function. Perhaps in later posts I'll describe some of it's other flaws.

---

Update: Another good style is "functional" programming, where functions avoid "side effects". Again, C is hostile to the idea, but when coder's can avoid side-effects, they should.

Chrome Beta for Android Update

Chrome Beta for Android has been updated to 35.0.1916.69 and will be available in Google Play over the next few hours. This release contains stability and bug fixes. A partial list of changes in this build is available in the SVN revision log. If you find a new issue, please let us know by filing a bug. More information about Chrome for Android is available on the Chrome site.

Jason Kersey
Google Chrome