Zapak Beta Hacks

SQL injection ....Hacking Websites !!! ~ Zapak

2009-01-08T12:41:00.000-08:00

SQL Injection : "The act of entering malformed or unexpected data (perhaps into a front-end web form or front-end application for example) so that the back-end SQL database running behind the website or application executes SQL commands that the programmer never intended to permit, possibly allowing an intruder to break into or damage the database."

The MSRC released an advisory recently that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the purpose of each, and the way each complements the others. The goal of this blog post is to help you identify the best tool to use depending on your role (i.e. Web Developers vs. IT administrators).

Web Developers Recommendations

* The Microsoft Source Code Analyzer for SQL Injection (MSCASI) is a static code analysis tool that identifies SQL Injection vulnerabilities in ASP code (ASP pages are the ones that have been under attack). In order to run MSCASI you will need source code access and MSCASI will output areas vulnerable to SQL injection (i.e. the root cause and vulnerable path is identified). In our view, fixing the root cause of the bug is the best way to eradicate vulnerabilities. MSCASI scans ASP source code and generates warnings for first order and second order SQL Injection vulnerabilities. Please refer to the SQL team’s blog and KB 954476 for more details.

IT/Database Administrators Recommendations (as well as Web developers)

We are recommending two of the new tools announced today. One can help identify SQL injection vulnerabilities by crawling the website. The other one aims to block potential SQL injection attacks by filtering malicious requests. The website crawler will be useful if you don't have access to the source code.

* Microsoft worked with the HP Web Security Research group to release the Scrawlr tool. The tool will crawl a website, simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. Scrawlr uses some of the same technology found in HP WebInspect but has been built to focus only on SQL Injection vulnerabilities. This will allow an IT/DB admin to easily find vulnerabilities similar to the ones that have been used to compromise sites in recent attacks. No source code is required to run this tool. From a starting URL, the tool recursively crawls that URL in order to build up a site tree that will be then analyzed for SQL injection vulnerabilities. For more information check out the HP Web Security Research blog.

* In order to block and mitigate SQL injection attacks (while the root cause is being fixed), you can also deploy SQL filters using a new release of URLScan 3.0. This tool restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from being executed on the server. It uses a set of keywords to block certain requests. If a bad request is detected, the filter will drop the request and it will not be processed by SQL. That said, if a SQL injection flaw has been identified, we highly encourage you to fix the root cause of the problem instead of attempting to produce the perfect filter (since in our view this is error prone). Please refer to one of the two IIS blog posts (1, 2) and the technical documentation for more details.

Tool Name: MSCASI
Usuage:Identifies SQL Injection vulnerabilities in ASP code through static source code analysis.
Pros:Identify the root cause of the bug at the source code level.
Cons:This version currently only works on ASP pages.
For: WEB Developers

Tool Name 2: Scrawlr
Usuage:Detect SQL vulnerability using runtime analysis by crawling a website.
Pros:No source code is required.
Cons:Cannot identify the line of code responsible
For: IT/DB Administrator,Web developers

Tool Name 3: UrlScan v3.0 Beta
Usuage: Runtime filtering that blocks the types of HTTP requests that Internet Information Services (IIS) will process.
Pros: URLScan filter can be easily deployed to mitigate SQL injection attack while the root cause is being fixed.
Cons: Not fixing the root cause, thus the risk has not been eliminated completely.
For:IT Administrators.

Article by Dhanush Koutilya

How to Hack Yahoo ID ?

2008-10-20T12:25:00.000-07:00

Hi Guys,

I was shocked when i heard one of my colleague yahoo id is hacked and its true we were receiving junk mails from that yahoo id and from day i was spending most of my free time to find out how they might have hacked her yahoo id. Then finally i got it how they might have hacked,The four most common ways of Hacking Yahoo ids are ..

1.) Social Engineering
2.) Password Crackers
3.) Using Password Stealing Trojans/Keyloggers
4.) Fake Login Pages

1. Social Enginnering is actually nothing but trying to know your personal and confidential details and then using it to change your password ..BUT HOW? ok there's a forgot password option with Yahoo which asks for your B'day,Country & Zip Code & later your security question..Now generally lamers who try this mode of Hacking have lots of time to waste ..They will put you into some kinda friendship/emotional trap and try to get all the above mentioned information .It may take 1-2 days or even 1-2 month ...(Really I pitty on such lamers !! ).

2.The second kinda Hacking attempt is done with the Help of Yahoo Password Crackers...I doubt bout their efficiency bt still some of them r lucky (other way round u r stupid lol)..Password Crackers & Password Changers use Brute Force Technique with their updated wordlists...WHAT IS BRUTE FORCE ?I'll make it simple ..it's like using all possible combinations and permutations on the available data and using it as a password ..Bt again it takes a hell lot of time to crack a password ....

3.The third and one of the most frequently used way of hacking or stealing Yahoo password is using trojans and keyloggers ..WHAT ARE TROJANS? hmmm.. I already have one ...bt still TROJANS are simple programs with a server part and the client part ..you infect the victims computer with the server part and the server then connects to the client running on your system and sends passwords and vital informations..and KEYLOGGERS are programs which record your keystrokes in a log.txt file and sends that log file to the Hacker...

I have this trojan programm beleive me it worked guys i tried it on my yahoo id. Dont want to say more about it secret ... lol.. ;) So please be carefull when you are accepting any files send by some one.

Once Infected by these trojans the infected server sends your password to the Hackers Yahoo Messenger id as PM 's ...

4. The last form of Yahoo Password stealing is done by using FAKE LOGIN PAGES ..Now wht the **** :-) is Fake login Page ?These are cloned pages of the real Yahoo Mail Sign in pages .They look very similar to the real conterparts and really very difficult to distinguish..Once you put inyour real id and password and press the submit button you will be either redirected to some other pasge /invalid login page but the trick had already been played by this time ..your id and password would have been mailed to the Hackers mail id by using a 3rd party SMTP server and you don't even realize that you are HACKED...

So be carefull Always view the address bar ..If the address bar shows something like http://mail.yahoo.com or http://edit.login.yahoo.com then its the authentic page but if its something different then DONOT login.

Zapak’s game for global play

2008-10-15T03:54:00.000-07:00

Zapak.com, part of the Anil Dhirubhai Ambani Group (ADAG), is planning to launch gaming portals in Europe and China.

Rohit Sharma, the chief operating officer of Zapak Digital Entertainment, told DNA Money the company is also looking at investing in content developers for gaming, from countries like US and Korea, and has a kitty of $5 million to $10 million for the same.

The ADAG-promoted venture is expected to invest $100 million in Zapak’s three verticals — gaming portals, gaming cafes and content creation — over the next 3-5 years.

“We are launching a European site and a Chinese site and are looking to be a global brand very soon. We may also invest in some studios because software creation and ownership are key in gaming,” Sharma added.

Currently, Zapak has a mix of Indian and international developers with 60% of the content sourced from abroad. The Indian gaming developers that supply to the company include Saffronrage Solutions and Jump Games.

Zapak generates revenue mainly through advertising through banners and advergaming. It has brands like Cadburys, Maruti, Parle-G, Thums Up and Adidas already on board.

He declined to disclose the revenues for the company but said that the situation is “fairly decent”. The company recently forayed into gaming cafés in Chennai, Hyderabad, Pune and Bangalore.

The next three weeks would see them launching in eight more cities, including in Mumbai. It has set a target of 200 gaming cafés by March 2008.

The online gaming market in India is powered by the rise in internet usage especially through broadband, growth in internet cafes, and the burgeoning middle-class with rising disposable income.

An analyst report had earlier forecast that the online gaming market in India will exceed $200 million by 2010. Sharma said the biggest driver of growth in the gaming space was online gaming with China and Korea having revolutionised the market. He expects the Indian gaming story to follow a similar path.

Major Hackers Personalities ~ About Hackers

2008-10-08T02:56:00.000-07:00

Major Hackers Personalities

This section contains brief information on some of the most famous hackers, both black and white hats. The individuals below are well known for a variety of reasons: their actions, whether good or bad, their contributions to software and technology development, or their innovative approach, skills and ability to think out of the box.

Richard Stallman is known as the father of free software. When Stallman started working at MIT's Artificial Intelligence Lab in 1971 he was confronted with 'non disclosure agreements' and closed program sources while he was hacking and improving system drivers the 'traditional way'. After an interesting battle to obtain the source code of a faulty printer utility, Stallman gave up his job and became the loudest advocate for free computer software, creating GNU and the Free Software Foundation in the process.

Dennis Ritchie and Ken Thompson are famous for two major software developments of the 20th century: the UNIX operating system and the C programming language. These two began their carriers at Bell Labs in 1960's, revolutionising the computer world forever with their ideas. While Ken Thompson has retired from the computer world, Dennis Ritchie is still employed at Lucent Technology, working on a new operating system derived from Unix, called 'Plan9'.

John Draper, aka 'Cap'n Crunch' is famous for his ability to hack phone systems using nothing but a whistle from the 'Cap'n Crunch' cereal boxes (hence the nickname). Besides being the father of 'phone phreaking', John Draper is also famous for writing what was perhaps the first IBM PC word processor. He now heads his own security venture, developing antispam solutions, thwarting hacker attacks and securing PCs.

Robert Morris is famous for creating the first Internet worm in 1988. It infected thousand of systems, and practically brought the Internet to a halt for nearly a day. The 'Morris Worm' was perhaps the first fully automated hacking tool, exploiting a couple of unpatched vulnerabilities on Vax and Sun computers.

Kevin Mitnick, possibly the best known case of a 'black hat', was caught by the computer expert Tsutomu Shimomura back in 1995.

Kevin Poulsen remains famous for his 1990 hack of the phone system in Los Angeles. This enabled him to become the 102nd caller in a radio-phone and win a Porsche 944. Kevin Poulsen was eventually caught and imprisoned for three years. He now works as a columnist for the online security magazine 'SecurityFocus'.

Vladimir Levin, a Russian computer expert, hacked into Citibank and extracted USD $10 million. He was arrested by Interpol in UK, back in 1995 and sentenced to three years in prison, as well as being required to pay USD $240,015 in restitution.

Tsutomu Shimomura is a good example of a 'white hat'. He was working for the San Diego Supercomputing Center when Kevin Mitnick broke into his network and stole information on cellular technology and other classified data. Tsutomu started the pursuit for Mitnick which eventually led to his arrest.

Linus Torvalds is known as the father of Linux, the most popular Unix-based operating system in use nowadays. Linus started his work on a new operating system in 1991, adopting several controversial technologies for his project, namely the concept of Free Software and GNU's Public License system. He is also known for his early disputes with Andrew Tannenbaum, the author of Minix, which was the inspirational source for Linus' OS project.

Zapaky means Zapak Hacking

How to Detect a Hacker Attack

2008-10-08T02:27:00.000-07:00

Most computer vulnerabilities can be exploited in a variety of ways. Hacker attacks may use a single specific exploit, several exploits at the same time, a misconfiguration in one of the system components or even a backdoor from an earlier attack.

Due to this, detecting hacker attacks is not an easy task, especially for an inexperienced user. This article gives a few basic guidelines to help you figure out either if your machine is under attack or if the security of your system has been compromised. Keep in mind just like with viruses, there is no 100% guarantee you will detect a hacker attack this way. However, there's a good chance that if your system has been hacked, it will display one or more of the following behaviours.

Windows machines:

Suspiciously high outgoing network traffic. If you are on a dial-up account or using ADSL and notice an unusually high volume of outgoing network (traffic especially when you computer is idle or not necessarily uploading data), then it is possible that your computer has been compromised. Your computer may be being used either to send spam or by a network worm which is replicating and sending copies of itself. For cable connections, this is less relevant - it is quite common to have the same amount of outgoing traffic as incoming traffic even if you are doing nothing more than browsing sites or downloading data from the Internet.
Increased disk activity or suspicious looking files in the root directories of any drives. After hacking into a system, many hackers run a massive scan for any interesting documents or files containing passwords or logins for bank or epayment accounts such as PayPal. Similarly, some worms search the disk for files containing email addresses to use for propagation. If you notice major disk activity even when the system is idle in conjunction with suspiciously named files in common folders, this may be an indication of a system hack or malware infection.
Large number of packets which come from a single address being stopped by a personal firewall. After locating a target (eg. a company's IP range or a pool of home cable users) hackers usually run automated probing tools which try to use various exploits to break into the system. If you run a personal firewall (a fundamental element in protecting against hacker attacks) and notice an unusually high number of stopped packets coming from the same address then this is a good indication that your machine is under attack. The good news is that if your personal firewall is reporting these attacks, you are probably safe. However, depending on how many services you expose to the Internet, the personal firewall may fail to protect you against an attack directed at a specific FTP service running on your system which has been made accessible to all. In this case, the solution is to block the offending IP temporarily until the connection attempts stop. Many personal firewalls and IDSs have such a feature built in.
Your resident antivirus suddenly starts reporting that backdoors or trojans have been detected, even if you have not done anything out of the ordinary. Although hacker attacks can be complex and innovative, many rely on known trojans or backdoors to gain full access to a compromised system. If the resident component of your antivirus is detecting and reporting such malware, this may be an indication that your system can be accessed from outside.

Unix machines:

Suspiciously named files in the /tmp folder. Many exploits in the Unix world rely on creating temporary files in the /tmp standard folder which are not always deleted after the system hack. The same is true for some worms known to infect Unix systems; they recompile themselves in the /tmp folder and use it as 'home'.
Modified system binaries such as 'login', 'telnet', 'ftp', 'finger' or more complex daemons, 'sshd', 'ftpd' and the like. After breaking into a system, a hacker usually attempts to secure access by planting a backdoor in one of the daemons with direct access from the Internet, or by modifying standard system utilities which are used to connect to other systems. The modified binaries are usually part of a rootkit and generally, are 'stealthed' against direct simple inspection. In all cases, it is a good idea to maintain a database of checksums for every system utility and periodically verify them with the system offline, in single user mode.
Modified /etc/passwd, /etc/shadow, or other system files in the /etc folder. Sometimes hacker attacks may add a new user in /etc/passwd which can be remotely logged in a later date. Look for any suspicious usernames in the password file and monitor all additions, especially on a multi-user system.
Suspicious services added to /etc/services. Opening a backdoor in a Unix system is sometimes a matter of adding two text lines. This is accomplished by modifying /etc/services as well as /etc/ined.conf. Closely monitor these two files for any additions which may indicate a backdoor bound to an unused or suspicious port..

source: http://www.viruslist.com/en/hackers/info?chapter=153349899

An Analysis of Hacker Mentality

Why people hack is a subject which is often discussed. Some say the explanation is the same as the one given by people who climb mountains: 'because they [computers] are out there'. Others claim that by highlighting vulnerabilities, hacking helps increase computer security. And finally, there is the explanation most often put forward: criminal intent.

Whatever the reason, as long as computers exists there will be hackers - white hats, black hats and grey hats. And because there is no way of predicting which kind of attack ('curiosity' versus 'malicious') will hit your computer first, it is always best to be prepared for the worst.

The truth is that in hours of a machine being connected to the Internet, somebody will scan it with an automated vulnerability probing tool, looking for ways to get in. It may be somebody who is just curious to see what is on the machine, or a white hat from the other side of the world checking to see if the computer is secure. Of course, in real life you wouldn't want passing strangers stopping to check if your house or car were locked, and, if not, to go inside, look around, go through your possessions and leave a note saying 'Hi, I was here, your door was open, but don't mind me and BTW, fix your lock'. If you wouldn't want someone to do this to your house, you wouldn't want someone doing it to your computer. And there is no excuse for doing it to someone else's computer either.

Premeditated, criminal, hacking is obviously even worse. In the real world, somebody walks by, breaks your lock, gets inside, disables your alarm system, steals something or plants listening devices in your phone or surveillance equipment in your living room. If this happens you call the police, they look around, write a report, and you wait for the thieves to be caught. Unfortunately, this is a rare luxury in the computer world; the culprit may be far, far way, downloading your confidential files while sitting in his personal villa or sunbathing by his huge pool, nicely built with stolen money. Or, in a business environment, many large corporations prefer not to report hacking incidents at all, in order to protect their company image. This means that the criminals remain unpunished.

Another hacker motivation may be hooliganism, or digital graffiti, which can be summed up as hacking into systems to cause damage. Web site defacement is a very popular form of digital graffiti and there are some hacking groups which focus on this task alone. Just as in the physical, non-cyber world, catching the hooligans is a tedious task which usually doesn't repay the effort or resources expended.

Whatever the reasoning, be it 'to help others', 'security heads-up!', 'hooliganism' or 'criminal intent', hacking is a phenomenon which is deeply rooted in the world of computing and will probably never die. There will always be people immature enough to abuse public resources, self-proclaimed 'Robin Hoods' and criminals hiding in the dark alleys of cyberspace.

source: http://www.viruslist.com/en/hackers/info?chapter=153350028

Zapaky means Zapak Hacking

Hacking an EMail Account

2008-09-29T02:39:00.000-07:00

The most frequent questions asked by many people especially in a chat room is How To Hack Yahoo Password or any other email account.So you as the reader are most likely reading this because you want to break into somebody's email account.Here are some of the tricks that can be used to track an email password.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

There is no program that will crack the password of victim's account.There exist many password hacking programs which claims to do this,but unfortunately people using these kind of programs will only end up in frustration.None of these programs work since services like Hotmail, Yahoo!, etc. have it set so that it will lock you from that account after a certain number of login attempts.Another thing you must know if you ask this question in any "hacker" chat room/channel, you hear that you have to email some address and in any way you give up your password in the process, in attempt to crack others password.So DO NOT BELEIVE THIS.

TWO WAYS OF HACKING METHODS THAT YOU CAN TRY

IF YOU HAVE ACCESS TO VICTIM'S COMPUTER

If you have physical access to victim's computer then it's definitely possible to crack his password.This can easily be done by just installing a keylogger.

What is a keylogger? A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard.

A keylogger program can be installed just in a few seconds and once installed you are only a step away from getting the victim's password.OK we can crack passwords using a keylogger but these are the questions that arise in our mind now!

1.Where is the keylogger program available?

A keylogger program is widely available on the internet.some of them are listed below

Powered Keylogger
Advanced keylogger
Elite Keylogger
Handy Keylogger
Quick Keylogger

Oops i think the above list is enough.There exists hundreds of such keyloggers available on the net.These are software keyloggers.There are also hardware Keyloggers available which can be directly attached to computer and can be used to sniff valuable data.These programs are none other than spyware! So use it @ your own risk.

2.How to install it?

You can install these keyloggers just as any other program but these things you must keep in mind.While installing,it asks you for a secret password and a hot key to enable it.This is because after installing the keylogger program is completely hidden and the victim can no way identify it.Keylogger is hidden from control panel,Program files,Start menu,Task manager so that it becomes completely invisible but runs in background monitoring the user activities.

3.Once installed how to get password from it?

The hacker can open the keylogger program by just pressing the hot keys(which is set during installation) and enter the password.Now it shows the logs containing every keystroke of the user,where it was pressed,at what time,including screenshots of the activities.

Some keyloggers also has a built in SMTP server.So once you install the keylogger on victim's computer you can just sit back in our place and receive the logs via email

4.Which keylogger program is the best?

According to me Elite Keylogger and Powered keylogger are the best.You can also read the features and side by side comparisions of them and select the best that suites your needs.

IF YOU DO NOT HAVE ACCESS TO VICTIM'S COMPUTER

Ofcourse the above method can only be employed if you can access victims computer.But what to do if we do not have access.In this case there exists many Remote Administration Tools commonly known as RATs available on net.Just try googling and you can get one. Here's my new post on Keyloggers with remote installation support.DON'T MISS A MUST READ!!

In case you deliberately need to retrieve a password then you can hire some real hackers to hack the account.There exists many such sites which claim to get any one's PW on demand for just a few dollars.I have no trust on these site.But any way you can give a try.

OTHER WAYS OF HACKING PASSWORD

The other most commonly used trick to sniff password is using Fake Login Pages.
This is where many people get cheated.A Fake Login page is a page that appears exactly as a Login page but once we enter our password there ,we end up loosing it.

Fake login pages are created by many hackers on their sites which appear exactly as Gmail or Yahoo login pages but the entered details(username & pw) are redirected to remote server and we get an error "Page cannot be displayed".Many times we ignore this but finally we loose our valuable data.

NOTE: I request you, not to actively respond to the comments below which offer you to crack someone's password for money.I declare myself that i am no way responsible for the comments left by anonymous people.

WARNING:ALL THE ABOVE INFORMATION IS FOR EDUCATIONAL PURPOSES ONLY.THE SITE HOLDS NO RESPONSIBLITY ON WHAT WAY YOU USE THESE INFORMATIONS

Also see:

How to hack Orkut ?

Top Reasons Why You Shouldn't Buy An iphone

2008-09-29T02:36:00.000-07:00

Are you planning to buy an iphone ? If so then this post is a must read for you.The much hyped iPhone 3G was launched in India a few weeks back and we have seen many issues and open security flaws in the new iPhone.Here I have some of the top reasons for which you shouldn't buy an iphone.

The worst thing is that you cannot forward a SMS message!! Don't think that I am foolish, but really your iPhone 3G can't forward a simple SMS. You'll have to retype the SMS and forward it.

There is NO copy / paste functionality. So you need to remember the texts and type again as you go.

Bluetooth functionality is only limited to headset use. You can't do any file transfer over Bluetooth.So if you are planning to share your songs or photos with your friends then forget about it!

Absolutely no camera settings - it's just like some ancient digital camera which does only point and shoot functionality.No Flash,No Zoom functionality.

Photos taken in a VGA camera is better than that of iphone!

The iPhone 3G is simply overpriced in India (Costs almost twice the price as in US)

It's in built Safari web browser does not support Flash as well as Java.

There is No office document editor. Most Nokia's come with inbuilt editor's for Word / Excel.

The iPhone doesn't has AD2P on the Bluetooth - which means you can't get stereo sound via Blue Tooth headphones, that's a big disappointment for the music fans.

The iPhone doesn't has a Removable battery. Yes - you cannot change the battery yourself. Apple expects you to send the phone to an Apple Outlet to replace the battery. Now if you travel too much - what are you gonna do? Look for an Apple Store to interchange the travel battery?

iPhone doesn't has an option to send MMS. Forget about MMS.

Though you can't sent MMS - You can't receive MMS messages too!

You can't set your personal songs as ring tones!

The iPhone's screen is not Finger Print Resistant. Since the iPhone is a touch screen phone so it is bound to get your finger print's each time you touch so it gets dirty very easily.

THE BIGGEST ONE - ONCE YOU ARE ON 3G NETWORK(Which I suppose will happen in a year in India), YOU CANNOT MAKE CALLS TO A PHONE ON 2G NETWORK. SO IF YOU WANT TO CALL A PERSON WHO IS NOT HAVING A 3G PHONE. SORRY, YOU'LL HAVE TO FIND A PCO and a 1RUPEE!!!

These are some of the top reasons that shows iphone's incapability.But there are many more such reasons for you to stop buying an iphone.If you still want to buy the iphone then definitely you must be crazy?!

also see:

Is your Nokia cell phone Original ?

Is Your Nokia Cell Phone Original?

2008-09-29T02:33:00.000-07:00

Nokia is one of the largest selling phones across the globe.Most of us own a Nokia phone but are unaware of it's originality.Are you keen to know whether your Nokia mobile phone is original or not? Then you are in the right place and this information is specially meant for you. Your phones IMEI (International Mobile Equipment Identity) number confirms your phone's originality.

Press the following on your mobile *#06# to see your Phone's IMEI number(serial number).

Then check the 7th and 8th numbers

Phone serial no. x x x x x x ? ? x x x x x x x

IF the Seventh & Eighth digits of your cell phone are 02 or 20 this means your cell phone was assembled in Emirates which is very Bad quality

IF the Seventh & Eighth digits of your cell phone are 08 or 80 this means your cell phone was manufactured in Germany which is fair quality

IF the Seventh & Eighth digits of your cell phone are 01 or 10 this means your cell phone was manufactured in Finland which is very Good

IF the Seventh & Eighth digits of your cell phone are 00 this means your cell phone was manufactured in original factory which is the best Mobile Quality

IF the Seventh & Eighth digits of your cell phone are 13 this means your cell phone was assembled in Azerbaijan which is very Bad quality and also dangerous for your health.

How To Hack Orkut ???

2008-09-29T02:29:00.000-07:00

Google uses a 4 Level Orkut login which makes it difficult to hack using brute force attack.

First Level Security-SSL or 128 bit secured connection

Second Level Google account checks for cookie in the sytem of user

Third Level Google provides a redirection to the entered User information

Fourth Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!!

It is not an easy task to break this security! But still some people manages to get access to other accounts. The question concerned is How they do it? Many of them just use simple tricks that befool users and then they themself leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!

Phishing Attack is the most popular way of stealing other's password.By using fake login pages. The users land on a page where they are asked for their login information and they enter their username and password thinking it to be a real page but actually it is other way round. It submits all the details entered to the programmer or the coder.

Orkut New Features: I have come across a page that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When user submit the page, there goes his ID and password mailed to the coder.

Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.

Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.

Primary mail address: If by some means a hacker came to know password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on 'forget password'.This way Google will send link to the already hacked primary email id to change the password of the Orkut account. Hence the email hacker will change your Orkut account's password. Hence your Orkut account hacked too.

So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on 'Forgot password' the password changing link goes to an unknown email id i.e. not known to the hacker.Hence your Orkut account saved.

If you would like to share something, comment here and I will add up here with a credit to your name.

Also see:

How to Play Chess?

Zapak to represent Indian online gaming inds

2008-09-25T10:14:00.000-07:00

Zapak Digital Entertainment Ltd. has been invited to represent Indian online gaming industry at Casual Connect which is a component of the Casual Games Association, the international trade association for casual games professionals. Zapak will be the first ever Indian representative for the casual gaming industry at the Conference.

The event will take place from October 22-24, 2008 in Kyiv, Ukraine. This conference is a platform for everyone to explore and understand the areas in the casual gaming space with high growth potential for those looking to expand or create a new enterprise in the casual gaming space.

Casual Games Association Events are the premiere events for the casual games industry with over 3,000 professionals attending Casual Connect Events each year. Casual Connect Kyiv brings together the most talented and knowledgeable experts in the casual gaming field to further the casual games industry with the best of networking and learning. Leaders in the casual games space reflect upon the industry with lectures, discussions and naturally it is also an important venue for business relationships.

The other global gaming companies who will be a part of this conference are Big Fish games, Real Games, Alawar entertainment, Absolutist and more.

Rohit Sharma, COO, Zapak Digital Entertainment said, “I am honoured that Zapak has got an opportunity to represent India on the casual gaming front. I am proud to announce our partnership with Casual Connect. Zapak’s association with world class conference at the highest level underlines Zapak’s growth as one of the world’s largest Online Casual games Publisher in the world– Casual Connect will help India get more exposure and recognition on the world map of Casual Gaming.”

Luke Burtis, Production Director, Casual Connect Association said, “The Casual Games Association is thrilled to have Zapak, one of the leading Casual Game companies in India, participate at Casual Connect Kyiv 2008! We hope that Zapak’s drive and success into other markets will encourage other Indian companies to do the same and further grow the casual games industry”

Zapak will be announcing the launch of “ZapakWorld.com” at this event. ZapakWorld is Zapak’s offering to the International Online Casual Games Market – At launch “ZapakWorld.com” will be one of the world’s largest gaming portals with over 12,000 casual games is targeted at gamers and developers globally. ZapakWorld is also the Platinum sponsor for Casual Connect. This is the first time that an Indian Company has sponsored the Casual Connect as a Platinum Sponsor.

Sourced From: Zapak Digital Entertainment Ltd

Zapak closes beta for Crazy Kart ~ZaPak BeTa

2008-09-25T10:13:00.000-07:00

Zapak Digital Entertainment has closed the beta for its Racing MMOG called Crazy Kart, an popular racing title. Zapak is bringing Crazy Kart in India in association with Shanda Interactive Entertainment.

In the closed beta stage which was running from August to date, Crazy Kart has already over 50,000 registered users and is attracting around 1500 new users everyday.

The key factor for the success of any MMOG in India would be to create the maximum number of access points for the game across the country. Crazy Kart is the first MMOG to have the largest distribution network of over 5000 cafes across 106 cities in the country. This would include Zapak Gameplex, Reliance Worlds and few independent cafés.

Rohit Sharma, COO, Zapak Digital Entertainment, said, "Zapak plans to bring to India some of the world's best MMOG titles by internationally renowned developers. We plan to introduce atleast 5-6 MMOG's with 2 titles to be launched this year. The first title in the series being Crazy Kart. "

"As racing is one of the most popular genres on Zapak.com, we believe Crazy Kart is a strategic fit at this stage for the Indian market and will see early adoption from Casual Gamers. The success we have seen with the closed beta is a reiteration of our beliefs." Sharma says.

How to Play Chess ?

2008-09-25T10:12:00.000-07:00

Chess rules are relatively easy to learn, I would say that they are somewhere around a medium level of difficulty. What makes the game so complex and beautiful at the same time is the huge number of possible moves at any point during the game.

What you need

Chess is an abstract battle board game played between two opponents.
The ingredients required to play the game are:

a square shaped board divided into 64 squares alternatively colored in black and white;
32 pieces: 16 white pieces for one player and 16 black pieces for the other player.

The chess board is placed in between the two opponents in such a manner that each of them has a black square on the left corner of the board. Both players start off with an identical set of 16 pieces: 8 pawns , 2 rooks , 2 knights , 2 bishops , a queen and a king .

In the table below are shown the 6 types of pieces along with their names and symbols. I should point out that the name and thus the symbol of the pieces is different from one language to another.

Chessman	Name	Symbol
	The king	K
	The queen	Q
	The rook	R
	The bishop	B
	The knight	N
	The pawn	P

Chess board setup

Chess rules

Each player must move one piece at a time. So, in fact, the game is played in a succession of moves. Each piece moves after a certain rule form one square to another and the game always starts with the player having the white pieces, making the first move. A piece can also capture an enemy piece according to certain rules. Some pieces are more important than others depending on their range of action and their value; for example: the queen is the strongest piece on the board because it has the greatest range of action while the king is the most important piece because it is the main piece targeted by the enemy attack. There are times when a move implies the movement of two pieces: when capturing, castling or promoting a pawn; for example when a player captures a piece he takes that piece outside the board and move his own piece in its place.

The purpose of the game

The game revolves around attacking the other side's king. When a king is under the threat of being captured it is said that the king is in check (usually the side attacking the king announce this by saying 'check' but this is not imposed by the rules). When a king is in check it must be moved otherwise it risks being captured (many people don't know this but the king can be captured).

The objective of each player is to checkmate his opponent. That means bringing the enemy king in such a position that when attacked it has no available square on which to move. When a player checkmates his opponent king he wins the game.

While the game evolves both players develop their positions by making various moves and capturing various pieces. This means that the number of pieces will diminish along the game. As you will see in the following articles, because of this, the game's priorities will change along its duration. The rules will remain the same but the objectives will be slightly different. This is why the game can be divided into three different parts depending on the number and the position of the pieces: the opening, the middle game , the end game .

There are times when neither of both sides can win the game. In this case the game ends at equality and it is said to be a draw(a tie). This situations are quite frequent especially when both players are around the same level of expertise. The game doesn't need to be balanced in order for the game to end a draw. This is thoroughly discussed at draw and stalemate .

If the game reaches to a point where the advantage of on side is obvious or a draw is inevitable, the game could be ended if both players agree on the result of the game.

Chess notation

If you want to better understand the chess rules you will have to study various games. In order to do that you will have to know how the games are recorded. There are more than one official ways of writing down a game. We will use in this site only one type of notation, the most common one : algebraic chess notation. The notation is quite simple. In order to realize what went where, each square has its own coordinate. Each row (called a rank) of the board has a number from 1 to 8 and each column (called a file) a letter from a to h, each of those directions starting from the left corner on the side of the white pieces. This way each square, sometimes called a field, has its own unique coordinate (made of the intersection of a line with a column) as shown in the board below. This subject is covered at notation .

In the above paragraph I talked about directions (the rows 1 - 8 and the columns a to h). I should point out that beside those type of directions we also have another type : the diagonals. The diagonals are made of squares of the same color. Look at the following example: through the b3 passes two diagonals d1-a4 and a2-g8 (marked in red), the rank 3 and the file b (marked in green).The diagonal a1-h8 is called the main black diagonal and h1-a8 is called the main white diagonal.

Some other chess rules

There are also some conduct rules you should know about:

Don't pressure your opponent in moving to fast. Remember: this is a game of patience!
If you moved a piece you can't take back your move.
If you touched a piece than you must move that piece. If you want to arrange a piece that might be a little bit outside a square than you must announce your opponent.
If you moved a piece on a square and you didn't take your hand off it, you can move it on another square.

If your opponent lets you, you can take back your move or move a piece different that the one you touched.

This are all the chess rules you need to know for now. There are other rules concerning how the game is played in official competitions that you can find on the world chess federation site, but I suggest you learn them after you know how to play chess. And in order to know how to do that you need to know the chess rules concerning how each piece moves and captures. You can read about that by going to the next article.ZAPAK

Trick To Make Chips ~ Zapak Hacks

2008-09-22T03:09:00.000-07:00

Hi everyone ! ever wondered , why everyone one on zapak roaming about with xxx chips ! Here is cool technique through which anybody can make loads of chips ! Just bit hard work!!!

First of all, u need to make at least two accounts on Facebook (note : by making two accounts u will get 2000 chips, more accounts means more chips )

After making accounts , log in through any of your account and send friend's requests to your other accounts , after accepting the invitations all your other accounts will be shown in your friend's list.

Now , add an application called come2play in an any one of the ID(zapak is an part of come2play , by adding it u will be able to enter the rooms of zapak's multiplayer games through facebook).

Now enter come2paly application and under REWARDS tab u will get an option for getting 1000 chips for inviting your friends in come2play (as shown in pic).

After clicking on it , u will get get list of all your friends (ie your other accounts) , select everyone and send invitation to them (acoounts shown in frien's list are my own accounts )

Now, sign in through your other accounts and accept the invitation of come2play , by accepting the invitation u will get 1000 chips in the account through which invitations were sent.

Now , one ques must be coming in your account , how to transfer chips from your facebook's account to your zapak's one . well, for this simply enter the same room through both of your accounts (facebook and zapak) and then transfer your chips by loosing deliberately while playing with your zapak's Id.

And Tadaaannn !! u can make as many chips as u want , now it depends upon u how many
accounts u can make in facebook , i myself have more then 50 accounts ...