Sunday, September 11, 2011


act. if you:

1. Load Notepad in Windows (in my case XP Pro)

2. Type "bush hid the facts" (all in lowercase, no quotes)

3. Save this file under a name of your choice

4. Re-open the file

you will not see the text that you typed, but instead you will see a bunch of squares (or, as I later found out, some Chinese characters - that is, if you have the Chinese fonts installed, which is not my case).

Most people think it's a Windows Notepad easter egg (I thought so myself, to be honest), but in fact, it isn't. It's just a lousy Notepad bug. Let me explain...

I was myself curious about the cause of this phenomenon, and I found out that this text is not the only one to cause problems. There are other strings that cause Notepad to screw up, including "this app can break", which was another version of the bug that generated a lot of buzz. I've personally tested a series of strings that have the same effect, including "this api can break", "this cat can split", "jane can not dance", "text wit hou tcaps" and even "abcd efg hij klmno" and "xxxx xxx xxx xxxxx". What do these phrases have in common? They are made up by four words made up by four, three, three and five letters, all lowercase. So, by induction, all "4-3-3-5" strings should work.
Now, let's get to why this thing happens. First of all, it seems that Notepad writes the files just fine, it just can't read them again correctly. As a proof, try opening your saved file, the one that Notepad screws up, with another text editor. I used EditPlus and it turned out to be OK. So why the Notepad thing then? Well, it's a Windows thing. Notepad uses a Windows function that allows it to figure out whether a text file is Unicode or not. And that function, my friends, is the one that screws it up. Because the way it checks can easily be described as "guessing". And it guesses that the file is actually Unicode, and not Ascii, as it is supposed to be.


Now, two different but similar explanations can be given.

The first is that, after the ASCII-to-hex conversion of the string, Notepad rearranges the hex codes not according to ASCII standards, but to Unicode, and that messes it up. Here's the example:

Take "bush hid the facts". The hex codes (they can be seen with any hex editor you want to download) for the string are:

62 75 73 68 20 68 69 64 20 74 68 65 20 66 61 63 74 73

Arrange the codes to make up Unicode characters and you get:

7562 6873 6820 6964 7420 6568 6620 6163 7473

You'll notice that every code is hyperlinked. If you click on each one of them, you'll see that each one represents a Chinese (I think) "letter".

So this whole thing's cause is the coincidence that the 18 ASCII characters happen to represent 9 Unicode characters. And, of course, Windows' inability to determine the right encoding of the file.

The second explanation is slightly different, but the basics are the same: the difference between ASCII and Unicode. It's just a matter of Notepad defaults. You see, when you save the file, in the "Encoding" field, the default drop-down is set to ANSI. So, by default, Notepad saves as ANSI. But if you do a File -> Open, the default Encoding is set to Unicode. That's exactly what happens when you double click a saved file. Notepad knows the path, but not the Encoding. So it uses the default Unicode encoding, which spits the Chinese characters as explained above.

And that's about it. No easter eggs, no conspiracies, no Bush interventions. Just plain old Microsoft.

Saturday, September 10, 2011

Free Megaupload Premium Link Generator Service (100 % Legit and Working)

During the Past month i got many emails from my blog readers especially from A.Hossain asking me to post an article on some kind of hack which will enable us to download  megaupload files Like a premium user  , Most of us know that there are lots of  free premium link generators which claim to generate Premium links for your downloads but about 90 % of those generators are fake , That's why i always advice my blog readers to use torrents , But yesterday when i was surfing the net i came across Megakey service which claims to generate premium links for Megaupload. So i decided to test it, and i found out that it was a 100 % legit and working service , So today i wanted to share this hack with you. Follow the steps given below to download Megaupload files like a premium User   It is a free service provided by magakey it removes limitations on megaupload files and megaupload videos ,Its a 100 % legit  and working service ,Its free from malware and viruses 1. To use this service you have to first install megakey software ,You can Download megakey software From Here & to get the password click Here 2. Extract the file using Winrar or Winzip and Install the megakey software 3. After installing you will see a Small  Megakey icon on the task bar  as shown , Right click and  select megakey benefits
4. Now check all the boxes and enter your information as shown
5. Now open your browser, paste your megaupload link that you want to download,  Now You will see a premium download button as shown
Note :- This service only works two hours a day (9.00 AM to 11.00 AM GMT ). Use the GMT Time converter to know your corresponding local time ,You can also check it by going to megaupload .com, If your with in the particular time you will see a small smiley icon on the top right corner near login saying its happy hour

Hope you like the Post , If you have any doubts regarding the Article please fell free to post a comment  

Arachni v0.3 Released – Web Application Security Scanner Framework

It’s been a while since we last mentioned Arachni, it was back in February – Arachni v0.2.2.1 – Web Application Security Scanner Framework.

For those who are not aware, Arachni is a fully automated system which tries to enforce the fire and forget principle. As soon as a scan is started it will not bother you for anything nor require further user interaction. Upon completion, the scan results will be saved in a file which you can later convert to several different formats (HTML, Plain Text, XML, etc.)

The project was initially started as an educational exercise though it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible security/vulnerability assessments..

More than that, Arachni is highly extend-able allowing for anyone to improve upon it by adding custom components and tailoring most aspects to meet most needs.

The author notified us of a major new release (v0.3) which has some great new features, a few of those being:

A new custom-written, lightweight SpiderAdd-on support for the WebUI Scan schedulerAutoDeploy — Convert any SSH enabled Linux box into a DispatcherImproved accuracy of differential analysis auditsImproved accuracy of timing attack auditsHighly optimized timing attacks

If you are interested in the WebUI aspect you can check out some screenshots here, the more comprehensive ChangeLog is also available here.

For those of you into benchmarking and testing you might be interested to know that during a recent test Arachni was the only (from a long list of commercial and F/OSS systems) that hit 100% on both XSS and SQLi tests in the WAVSEP benchmark:

Commercial Web Application Scanner Benchmark

The author is doing a great job with this tool and rapidly closing the gap between free security scanners and the very expensive commercial options. If you do have any feedback on Arachni v0.3 drop a comment here or hit up the Arachni Google Group.

You can download Arachni v0.3 here:


Or read more here.

winAUTOPWN v2.7 Released – Windows Autohacking Tool

I’ve always been skeptical about this tool, especially seen as though the first version was released on April Fools day in 2009, anyway it’s 2 years later now and it still seems to be around so I think it’s worth publishing an update.

If any of you have actually tested this tool out, do drop a comment below.

winAUTOPWN and bsdAUTOPWN are minimal Interactive Frameworks which act as a frontend for quick systems vulnerability exploitation. It takes inputs like IP address, Hostname, CMS Path, etc. and does a smart multi-threaded portscan for TCP ports 1 to 65535. Exploits capable of giving Remote Shells, which are released publicly over the Internet by active contributors and exploit writers are constantly added to winAUTOPWN/bsdAUTOPWN. A lot of these exploits are written in scripting languages like python, perl and php. Presence of these language interpreters is essential for successful exploitations using winAUTOPWN/bsdAUTOPWN.

Exploits written in languages like C, Delphi, ASM which can be compiled are pre-compiled and added along-with others. On successful exploitation winAUTOPWN/bsdAUTOPWN gives a remote shell and waits for the attacker to use the shell before trying other exploits. This way the attacker can count and check the number of exploits which actually worked on a Target System.

New in v2.7

This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well. This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), – mailFROM (smtpsender) and -mailTO (smtpreceiver). These are the commandline arguments required for a few exploits which require remote connect-back using a perl shell and email server exploits requiring authentication respectively. This version also tackles various internal bugs and fixes them.

A complete list of all Exploits in winAUTOPWN is available in CHANGELOG.TXT
A complete list of User Interface changes is available in UI_CHANGES.txt

Also, in this version :

BSDAUTOPWN has been upgraded to version 1.5.In this release you will also find pre-compiled binaries for :FreeBSD x86FreeBSD x64DragonFly BSD x86

You can download winAUTOPWN v2.7 here:


Or read more here.

Agnitio v2.0 Released – Code Security Review Tool

It’s been a while since we’ve mentioned Agnitio, it was earlier this year in March: Agnitio v1.2 – Manual Security Code Review Tool.

The author notified me of a new version that was recently released with quite a few additions. For those not familiar with it, Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.

Changes in V2.0

The major changes in v2.0 is the addition of a code analysis module which comes with Android and iOS rules, an editor for the checklist questions and the ability to create/edit/remove code analysis rules.

Fixed verify report button bug. It used to make the app crash if the report path field was empty because it didn’t check if it was empty before trying to use the field value.Delete profile functionality added on the “view profiles” tab. Some users requested this functionality.Removed hard coded filesystem paths and database names/locations from the code and make them configuration items.Data editor for both principles and checklist guidance sections. This allows users to customise the guidance using their own languages, guidance text etc.Increase the max size value of the text boxes on the principles guidance tab to allow more information to be entered by users.More accurate error on the profile creation tab – specify exactly what fields have been missed rather than listing all.Added “About” form with info, license, credits etcRegular expressions expanded to include a wider range of characters including non English characters.Turn the “other” language box red if the user clicks save with the other check box ticked but not language entered on the create and view profile tabs.Metrics tab now “returns” if only one app is available rather than trying to load all graphs and throwing a separate error for each one.

The author is always interested in feedback and has integrated a lot of it into v2.0 of Agnitio, if you want to give some suggestions/bug reports or whatever after using the tool you can do so via the Security Ninja blog here, or on Twitter @securityninja.

You can download Agnitio v2.0 here:


Or read more here.