Lifecode

The WordPress log in page, is an elegant, unsecured page, that can easily be brute-forced. Since most of the default installs are using admin as the main administrator username, it is very easy for an intruder to go inside an administrator account. Being in an administrator account brings a lot of privileges for the intruder to perform numerous attacks on the server, gather sensitive information, or even access the database.

Brute-forcing

A lot of password brute-forcing tools are available everywhere on the internet. I myself can write one in PERL. The brute-forcing process can be very long, depending on the user’s password, and the attacker’s connection speed. If the script/program will be hosted on a fast server, provided with multi-threading support, the speed will be instantaneous. The chance of a brute-force attack to succeed will depend on the attacker’s password dictionary.

A Solution for WordPress

Luckily, it’s very easy to prevent this kind of attack. I found a plugin named Limit Login Attempts.

Limit the number of login attempts possible both through normal login as well as (WordPress 2.7+) using auth cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

Features

• Limit the number of retry attempts when logging in (for each IP). Fully customizable

• (WordPress 2.7+) Limit the number of attempts to log in using auth cookies in same way

• Informs user about remaining retries or lockout time on login page

• Optional logging, optional email notification

• Handles server behind reverse proxy

Translations: Bulgarian, Catalan, Chinese (Traditional), Czech, Dutch, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

Plugin uses standard actions and filters only.

You can download the plugin HERE.

Sometimes, we want our desktop to be clean. No icons, no shortcuts, no documents, nothing but the taskbar and the wallpaper. But wait, there’s this Recycle Bin icon, and I cannot remove it. Well, I got good news for you, I’ll show you how to remove that unwanted (that depends) icon from your clean desktop.

First, press Window Key + R, to bring up the Run Dialog Box. Then type in gpedit.msc. Group Policy Editor will pop up, and just head to User Configuration \ Administrative Templates \ Desktop. On the right panel box, look for Remove Recycle Bin icon from desktop, just like in the picture below.

Remove Recycle Bin icon from desktop

Simply Double Click it, and choose Enabled. Click on Ok/Apply, and you’re good to go. This might require a reboot, and patiently restart your computer. After that, the icon will be gone from your desktop.

It’s always been a pain in the neck just to hide the main form in a Windows Form application in C#. There are several ways to do it. By setting the Visible property to false, and using this.Hide(). Bad news is, the two ways I mentioned doesn’t work. Good news is, I got two solutions for this.

The Problem: Why it won’t work?

It’s very hard to brainstorm, explore, and get into trial just to hide the main form. It takes a lot of time and effort. But why does these two, supposed to be working solutions, don’t work? The answer is pretty much complicated, as I am not sure about my answer as well. If you look at your code, there’s definitely nothing wrong with it. The reason why it keeps on showing up, even if we put the right values into these properties, is because the form we are trying to hide is the main form, and it won’t allow us to hide Application.Run(new Form1()) overrides those properties.

The Solutions

I have two solutions for this, one is not so good and the other one seems to be the best. The first solution, is to change the Opacity value of the form from 100 to 0.

this.Opacity = 0;

Or you can just set it at the Properties window in your form designer. Actually, the above solution only works on Windows Operating Systems with Aero enabled (Please correct me if I am wrong here). So if you are using XP or editions of Vista and 7, this won’t work.

The second one, is by modifying Program.cs, the main source file of your C# project. In this solution, the form application will be defined, but it won’t be loaded. And of course, the program stays up and running.

//Program.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Windows.Forms;

namespace FileIndex
{
    static class Program
    {
        /// <summary>
        /// The main entry point for the application.
        /// </summary>
        [STAThread]
        static void Main()
        {
            Application.EnableVisualStyles();
            Application.SetCompatibleTextRenderingDefault(false);
            Form1 mForm = new Form1();
            //Your On Load code here..
            Application.Run();
        }
    }
}

Originally, the Application.Run(); function calls the main form. But in this solution, it doesn’t have to. This will load your application, but will not load the form. The only thing you can’t do here is, place your code at the OnLoad event of the form, since the form will not load. Alternatively, you can place your code between the Form definition, and Application.Run();.

But why declare and define Form1 if we won’t load it? It won’t load, but it doesn’t mean its not functional. You can still use components on that form, like Timer, NotifyIcon, etc. You can also put your stealthy functions in your Form code if you wish.

Dealing with these kind of problems isn’t hard. You just need to think critically, and trace where the problem is coming from.

At last, after years of waiting, Adobe launched a preview of the new Adobe Flash Player Square. The preview release enables native 64-bit support on Linux, Mac OS, and Windows operating systems, as well as enhanced support for Microsoft Internet Explorer 9 beta (as mentioned on the official release page).

USB devices are very common nowadays, it comes in many forms; Flash Drives, Thumb Drives, Card Readers, etc. Along with them, are these pesky worms. They replicate through various ways, and one way is by removable devices. They make a copy of themselves in the device’s root directory, with hidden and system attributes. Most variants uses autorun.inf in infecting host computers.

On my last post about sorting algorithm, I made a pretty bad coding mistake on the merge function. The thing is, it doesn’t really demonstrate that algorithm. Also, it never worked on Visual Studio, for some weird reasons.

I spent few hours, and now I am finished reconstructing the whole program and making the merge algorithm really work. I built a class for it, and I’m pretty sure this will work on any situation. Here are the source codes.

//MergeClass.h

#pragma once
#include "stdafx.h"
class MergeClass {
public:
    double xarr[ASIZE], brr[ASIZE];
    void msort(double a[], int x) {
        for(int i = 0; i < ASIZE; i++) {
            xarr[i] = a[i];
        }
        mergesort(0, x - 1);
        for(int i = 0; i < ASIZE; i++) {
            a[i] = xarr[i];
        }
    }
    void mergesort(int a, int b) {
        int c;
        if(a < b) {
            c = (a + b) / 2;
            mergesort(a, c);
            mergesort(c + 1, b);
            domerge(a, b, c);
        }
    }
    void domerge(int a, int b, int c) {
        int i, j, k;
        for(i = a; i <= b; i++) {
            brr[i] = xarr[i];
        }
        i = a;
        j = a;
        k = c + 1;
        while((i <= c) && (k <= b)) {
            if(brr[i] <= brr[k]) {
                xarr[j++] = brr[i++];
            } else {
                xarr[j++] = brr[k++];
            }
        }
        while(i <= c) {
            xarr[j++] = brr[i++];    
        }
    }
};

// stdafx.h

#pragma once
#include "targetver.h"
#include <iostream>
#define ASIZE 6            //Size of the array you are to sort. This is very much used in this program.

using namespace::std;

// SortingAlgorithm.cpp

#include "stdafx.h"
#include "MergeClass.h"


void pH();                                            //function for my header
void pVal(double arr[], char *sor, int len);        //Outputs the inputted array
void bubbleS(double arr[], int len, bool out);        //Bubble Sort
void insertS(double arr[], int len, bool out);        //Insertion Sort
void selectS(double arr[], int len, bool out);        //Selection Sort
void mergeS(double arr[], int len, bool out);        //Merge Sort (initializer)

int main() {
    bool lp = true;
    int ch;
    double sArray[ASIZE] = {86.49, 201.35, 55.67, 1942.46, 291.64, 193.14};
    pH();
    pVal(sArray, "None", ASIZE);
    cout << "Please enter the sorting algorithm you want to use:" << endl << endl;
    cout << "\t[1] Bubble Sort" << endl;
    cout << "\t[2] Insertion Sort" << endl;
    cout << "\t[3] Selection Sort" << endl;
    cout << "\t[4] Merge Sort" << endl;
    cout << "\t[5] None (Exit)" << endl;
    while (lp) {
        cout << endl << "Choice: ";
        cin >> ch;
        cin.ignore();
        switch(ch) {
            case 1:
                bubbleS(sArray, ASIZE, true);
                lp = false;
                break;
            case 2:
                insertS(sArray, ASIZE, true);
                lp = false;
                break;
            case 3:
                selectS(sArray, ASIZE, true);
                lp = false;
                break;
            case 4:
                mergeS(sArray, ASIZE, true);
                lp = false;
                break;
            case 5:
                lp = false;
                break;
            default:
                cout << "(Invalid Choice)" << endl;
        }
    }
    cin.get();
    return 0;
}

void pH() {
    cout << "(c) Ruel Pagayon 2010 - http://ruel.me" << endl;
}

void pVal(double arr[], char *sor, int len) {
    cout << endl << "Sorting Algorithm:\t" << sor << endl << endl;
    for(int i = 0; i < len; i++) {
        cout << "\t[" << i << "]\t=>\t" << arr[i] << endl;
    }
    cout << endl;
}

void bubbleS(double arr[], int len, bool out) {
    double h;
    for (int p = 0; p < len - 1; p++) {
        for(int i = 0; i < len - 1; i++) {
            if(arr[i] > arr[i + 1]) {
                h = arr[i];
                arr[i] = arr[i + 1];
                arr[i + 1] = h;
            }
        }
    }
    if(out) {
        pVal(arr, "Bubble Sort", len);
    }
}

void insertS(double arr[], int len, bool out) {
    double tb;
    for(int j, i = 0; i < len; i++) {
        tb = arr[i];
        j = i - 1;
        while ((tb < arr[j]) && (j >= 0)) {
            arr[j + 1] = arr[j];
            j--;
        }
        arr[j + 1] = tb;
    }
    if(out) {
        pVal(arr, "Insert Sort", len);
    }
}

void selectS(double arr[], int len, bool out) {
    double mV;
    for (int mI, i = 0; i < len - 1; i++) {
        mV = arr[i];
        mI = i;
        for(int j = i + 1; j < len; j++) {
            if(arr[j] < mV) {
                mV = arr[j];
                mI = j;
            }
        }
        arr[mI] = arr[i];
        arr[i] = mV;
    }
    if(out) {
        pVal(arr, "Selection Sort", len);
    }
}

void mergeS(double arr[], int len, bool out) {
    MergeClass mx;
    mx.msort(arr, len);
    if(out) {
        pVal(arr, "Merge Sort", len);
    }
}

There we go. If you face problems regarding the code, please feel free to comment. By the way, the code was coded, compiled, and built on Visual C++.