Boxshots And Ecover Graphic Software

Boxshots And Ecover Graphic Software

Turn Up Your Speakers for This Short 6 Minute Video

Create Stunning Graphics In Under 2 Minutes - Without Photoshop

• 44 designs to choose from
• NO software to download
• Works for both Mac and PC
• Extra graphics included
• Background textures included
• Upload your own designs
• NO outsourcing headaches.

Get Started Now

Create Professional 3D Graphics Like These
In Just 2 Minutes – Without Photoshop

Adding professional graphics to your website has never been easier:

• Works with both Mac and PC
• NO creativity required
• NO “tech” skills required
• NO graphic design skills required
• NO additional software required
• Cranks out 44 different designs

Get Started Now

 

Hacking With Kali Linux

Hacking With Kali Linux 

Kali Linux

The problem with beginners

Now, I've been dealing with beginners since a long time. What they want is magic. A tool which is easy to use, works on Windows, can be download by searching on Google and clicking on the first link we see, and will do all the hacking itself on the push of a button. Sadly, no such tool exists. Hacking is an art, and it takes years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn't mean someone who needs a 1 page guide on how to download a tool. If you want to be a hacker, you have to work hard. So how to get started?

Getting Started 

Now, I am not boring you with theory (even if it affects my Search Engine ranking Update:Ironically, this is my top ranking page on google). My aim is to get you to the point where you can start hacking with Kali Linux as soon as possible. What I'm gonna do is tell you what to do.

• Go to kali.org and get an idea what Kali is.
• Go to their download page and download Kali linux.
• Start using it

The cli is popularly know as terminal (bash).

Now since this is a beginners tutorial, I won't assume that you can do the third step yourself. Now, you have 2 options. First, Read the Kali documentation and get an idea about what is a virtual machine, how OS can be run from USB, and how to create a partition and run 2 OS simultaneously.  Second, wait for me while I write a noob friendly tutorial on how to do that. A third alternate is to read these sparingly modified versions of the official Kali Linux docs. Update: You'll have to do with these sparingly modified docs only. I know, as a beginner, installing Kali Linux might be the hardest part at times. Instead of writing a whole tutorial about it, I've written many small specific ones which you can see in the top navigation bars. If you face any problems, do comment, I reply to each one of them.

 Installing Kali On Hard Disk using usb 

 Installing Kali - Dual Booting Kali With Windows

 VMWare Tools

Note: The default username and password is 'root' and 'toor'. You might need this information for logging in. Type 'poweroff' in the terminal to shutdown.

Considering you started using the OS, what you have to do next is getting used to the command line interface, as that is what all the tools are going to use.

Command Line Interface (cli)

Some bash commands

Now, if you are really sure about becoming a hacker, you have to get used to linux, and specifically the command line interface. It is often compared to (and rightly so) to command prompt of Windows, but Linux' cli is much efficient and better than command prompt. What you have to do is do all the usual tasks you do in Windows in cli of Linux. You cd to navigate, poweroff to shutdown, etc.

A pretty awesome site for that is - http://linuxcommand.org/

That's enough exercise to keep you occupied for a month, but you can proceed gradually. The first few tutorials will keep in mind that you don't have much info about cli. Update: Something most beginners take a long time to learn. Tapping <tab> while typing makes Kali complete the word for you . Double tapping <tab> makes it display all possible words starting with the incomplete word. Ctrl+c stops the functioning of any tool that is running.

What Now? Some real hacking with Kali Linux

Assuming you've gone through the above steps and are comfortable with your new hacking environment, its time to do some real hacking with Kali Linux. If you read this article and haven't ever used Linux in your life, then you should just bookmarks this site and come back later. If you already know about Linux, and can find your way around stuff, then my recommendation would be to start by hacking a wifi. Starting with a WEP kind must be pretty easy and straightforward. Here's a quick tutorial for that, which will be the easiest one you'll ever need.

Wifi Hacking - WEP

If you are feeling too adventurous, here is an altogether different path you can tread into. Hacking computers on a network. Here is the best tutorial on this website when it comes to penetration testing. It will be slightly more advanced than the wifi one, but since it is the first one on Metasploit, it'll be still easy to follow.

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite 

Firstly, create a wireless network to crack. Don't use this method on others. It is illegal. Then proceed with the steps below.

1. Find out the name of your wireless adapter.

Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-

• lo - loopback. Not important currently.
• eth - ethernet
• wlan - This is what we want. Note the suffix associated.

Now, to see all the adapters, type ifconfig on a terminal. See the result. Note down the wlan(0/1/2) adapter.

2. Enable Monitor mode

Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type 

airmon-ng start wlan0

 Your mon0 interface will be created.

3. Start capturing packets

Now, we'll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You'll see the name of the wifi you want to hack.

airodump-ng mon0

4. Store the captured packets in a file 

This can be achieved by giving some more parameters with the airodump command

airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap
You have to wait till you have enough data (10000 minimum)

5. Crack the wifi

If all goes well ,then you'll be sitting in front of your pc, grinning, finally you've got 10000 packets (don't stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)

aircrack-ng name_of_file-01.cap 

The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It'll do its job. If the password is weak enough, then you'll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

Note : This will not work with WPA-2. Here is a tutorial on hacking wpa/wpa-2 wps with reaver on kali linux

Troubleshooting : Check this link if you failed to hack the network. 
The missing ingredient
Here is a comparatively advanced tutorial which will require you to have gone through this tutorial as well as the missing ingredient one. After you have got the big picture, you can move on to complicated things like speeding up wifi hacking.
Speeding Up WEP Hacking

 

Top 10 CMD Games - Inbuilt in the system

Top 10 Command Line Games

On a more light-hearted subject, what are my Top 10 Favourite Command line games for Linux? I bet you’re asking yourself why command line games? Well I’m often using Linux boxes via command line, and sometimes I get mantel blocks, tired or just bord and I want to play a game. There are more Command Line games then you think and most of them can provide a welcome break from your busy day and often a great source of inspiration.

10 – Cowsay & fortune

Not really a game but it is fun to do when your need something to take your mind off work for a few seconds. Cowsay will simply echo what you tell it in a speech bubble coming from an ASCII cow. I know it sounds childish but try it, it will make your laugh. Fortune is a tool that echoes “words of wisdom”, this is great when you need some inspiration, and combining it with Cowsay can have some great results.
run:

fortune | cowsaw

Install (Ubuntu):

 sudo apt-get install cowsay fortune

---

9 – Arithmetic

This is a simple quiz game that asks you nice simple maths question, not the most fun game on the list but it does keep your mind working while you’re taking a break.
Run:

arithmetic

Install (Ubuntu):

Sudo apt-get install bsdgames

---

8 – Backgammon

This is a nice command line, multi-player, Backgammon game. Its got nice simple instructions for people that have never played backgammon and for people that have never used the command line version before. You can play agenised the computer or agenised a friend.
Run:

 backgammon

Install (Ubuntu):

Sudo apt-get install bsdgames

---

7 – Worm

This is a growing worm game, much like the one you probably played on your old mobile. It’s a good game and it will keep you entertained for 10 minutes while you’re fixing your “writers block”
Comands:
Arrow keys to move
Ctrl-c to exit
Run:

Worm

Install (Ubuntu):

Sudo apt-get install bsdgames

---

6 – Tetris

Yes it’s even found its way to the command line, this great little game has kept me entertained on many a Friday afternoon.
Commands:
J: left
L: Right
K: Rotate
Space: Drop
Run:

tetris-bsd

Install(Ubuntu):

Sudo apt-get install bsdgames

---

5 – Monopoly

Yup it can even be found in a command line version, sadly there is no board just text. It’s not bad though most people know how a monopoly board looks so you should be ok. The other downside is that you can’t play agenised a computer, but still good for lunch breaks.
Commands:
Roll: to roll
M: mortgage property
?: for more commands
Run:

monop

Install(Ubuntu):

Sudo apt-get install bsdgames

---

4 – ATC

This is a great little game where you have to direct aeroplanes to their destination. It takes a while to get used to the controls and they are a little cryptic, so I recommend reading the man page, but it’s worth it as it’s a real fun way of passing 5 minutes.
Commands:

man atc

Run:

atc

Install(Ubuntu):

Sudo apt-get install bsdgames

---

3 – Greed

This is probably the most addicting game on this list, the object is to eat as many of the numbers as you can. If you land on a 5 then you will move 5 places in that direction.
Commands:
Arrow Keys: Move
?: Help
Run:

greed

Install(Ubuntu):

sudo apt-get install greed

---

2 – Ninvaders
Yup you guessed it, its space invaders for comand line, enough said! Commands
Arrow Keys: Move
Space: Shoot
Run:

 ninvaders

Install(Ubuntu):

sudo apt-get install ninvaders

---

1 – MUD

MUD or Multi-User Dungeon are probably my favourite command line games. They are basically a mix of the old text based adventure games and modern MMO. I Have listed that category of MUD as my favourite Command Line Game as there are so many great MUD’s, if your interested in playing on of these go to mudconnect.com to find one that appeals to you.  Also the great thing about MUD’s is you dont need to install any softwere becuase they use telent and nearly all operating system have a telnet client built in.
run:

telnet www.ateraan.com 4002

Top 10 Important command prompt's commands

Top 10 Important command prompt's commands 

In this tutorial i will guide you to top 10 important and famous command prompt commands with their usage.  

1. ipconfig :

                  This is the top most command for seeing the ip address,subnet mask and default gateway also includes display and flush DNS cache, re-register the system name in DNS..  This will most useful tool for viewing and troubleshooting TCP/IP problem.

• To view ip ,subnet mask address : ipconfig
• To view all TCP/IP information, use: ipconfig /all
• To view the local DNS cache, use: ipconfig /displaydns
• To delete the contents in the local DNS cache, use: ipconfig /flushdns 
 

2.systeminfo

Have a need to display operating system configuration information for a local or remote machine, including service pack levels? Then systeminfo is the tool to use. When I need to connect to a system that I am not familiar with, this is the first tool I run. The output of this command gives me all the info I need including: host name, OS type, version, product ID, install date, boot time and hardware info (processor and memory). Also knowing what hot fixes are installed can be a big help when troubleshooting problems. This tool can be used to connect to a machine remotely using the following syntax: SYSTEMINFO /S system /U user

3. tasklist and taskkill 

If you work with Task Manager (ctrl+alt+del) ,you can easily understand this.  Task list is list of task which are running on windows currently.  If you open any application,it will be added to task.

To List the Tasks type in cmd as :

          tasklist

 This will show the list of task which are running as shown in the picture

To stop the Process or task ,there is two methods :
Using Image Name:
   We can kill the task using its Image Name as follows:

                       tasklist /im notepad.exe

Using Process Id:
  we can stop the process using its process id as follows :

                tasklist /pid 1852

4. type
 type is used to read the text document in command prompt .  You can read multiple text in continuously

type filename.txt

5.netstat
Need to know who (or what) is making a connection to your computer? Then netstat is the tool you want to run. The output provides valuable information of all connections and listening ports, including the executable used in the connections. In additon to the above info, you can view Ethernet statistics, and resolve connecting host IP Addresses to a fully qualified domain name. I usually run the netstat command using the -a (displays all connection info), -n (sorts in numerical form) and -b (displays executable name) switches.

6.net command
Although this tool is more known as a command, the net command is really like a power drill with different bits and is used to update, fix, or view the network or network settings.
It is mostly used for viewing (only services that are started), stopping and starting services:

• net stop server
• net start server
• net start (display running services)

and for connecting (mapping) and disconnecting with shared network drives:

• net use m: \\myserver\sharename
• net use m: \\myserver\sharename /delete

Other commands used with net command are, accounts (manage user accounts), net print (manage print jobs), and net share (manage shares).
Below are all the options that can be used with the net command.

[ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |HELPMSG | LOCALGROUP | PAUSE | PRINT | SESSION | SHARE | START |STATISTICS | STOP | TIME | USE | USER | VIEW ]

7 - nslookup - With the Internet, DNS (Domain Name Service) is the key for allowing us to use friendly names when surfing the web instead of needing to remember IP Addresses. But when there are problems, nslookup can be a valuable tool for testing and troubleshooting DNS servers.
Nslookup can be run in two modes: interactive and noninteractive. Noninteractive mode is useful when only a single piece of data needs to be returned. For example, to resolve google.com:

To use the interactive mode, just type nslookup at the prompt. To see all available options, type help while in interactive mode.

Don't let the help results intimidate you. Nslookup is easy to use. Some of the options I use when troubleshooting are:
set ds (displays detailed debugging information of behind the scenes communication when resolving an host or IP Address).
set domain (sets the default domain to use when resolving, so you don't need to type the fully qualified name each time).
set type (sets the query record type that will be returned, such as A, MX, NS)
server NAME (allows you to point nslookup to use other DNS servers than what is configured on your computer)
To exit out of interactive mode, type exit .

8 - ping and tracert - These tools can be helpful with connectivity to other systems. Ping will test whether a particular host is reachable across an IP network, while tracert (traceroute) is used to determine the route taken by packets across an IP network.
To ping a system just type at the prompt: ping www.google.com. By default, ping will send three ICMP request to the host and listen for ICMP “echo response” replies. Ping also includes switches to control the number of echo requests to send (-n ), and to resolve IP addresses to hostname (-a ).
To use tracert, type at the prompt: tracert www.google.com. You can force tracert to not resolve address to hostnames by using the -d switch, or set the desired timeout (milliseconds) for each reply using -w switch.
9 - gpresult - Used mostly in environments that implement group poicies, gpresults (Group Policy Results) verifies all policy settings in effect for a specific user or computer. The command is simple to use, just enter gpresults at the prompt. It can also be used to connect to computers remotely using the /S and /U switches.
10 - netsh - Without a doubt the most powerful command line tool available in Windows. Netsh is like the swiss army knife for configuring and monitoring Windows computers from the command prompt. It capabilities include:

• Configure interfaces
• Configure routing protocols
• Configure filters
• Configure routes
• Configure remote access behavior for Windows-based remote access routers that are running the Routing and Remote Access Server (RRAS) Service
• Display the configuration of a currently running router on any computer

Some examples of what you can do with netsh:

• Enable or disable Windows firewall:

netsh firewall set opmode disable netsh firewall set opmode disable

• Enable or disable ICMP Echo Request (for pinging) in Windows firewall:

netsh firewall set icmpsetting 8 enable netsh firewall set icmpsetting 8 disable

• Configure your NIC to automatically obtain an IP address from a DHCP server:

netsh interface ip set address "Local Area Connection" dhcp

(For the above command, if your NIC is named something else, use netsh interface ip show config and replace the name at Local Area Connection).
As you can see netsh can do alot. Instead of re-inventing the wheel, check out the following Microsoft article for more info on netsh.

 

Top 25 OS X Terminal commands - HACKS

Top 25 OS X Terminal commands - HACKS

Change settings and access hidden features on your Mac 

 

Terminal (in Applications/ Utilities) gives you direct access to the UNIX system that underpins OS X. By typing specific commands into your Terminal window, you can make changes, open settings or access features that aren't available by any other means.
After typing one of the commands offered in this tutorial, press Return to activate it, and anything offered in quotes is typed without the quote marks themselves.
Commands split over two or more lines here should be typed in their entirety – you don't press Return halfway through. And bear in mind that some commands are case-sensitive, so be true to what's here.
One final word of warning: all the tips in this article have been thoroughly tested, but experimenting with the Terminal is not a task to be undertaken lightly. Do not try to modify or adapt these hacks unless you really know what you're doing.
01. i… Robot
Your Mac can talk to you. Using a robotic voice reminiscent of a 50s sci-fi flick, it can ask after your health, tell you a joke or say anything else you care to type. It's a simple trick.
Just open the Terminal application (found in Applications > Utilities), enter: 

say MacFormat
…And the Terminal robot utters the name of MacFormat magazine. Obviously it doesn't have to be MacFormat – type anything you like. Give it a go, it's fun.
02. Back up at will
By default, Time Machine backups take place every hour, but you can change this through Terminal. To make it back up every half an hour instead, simply type:
sudo defaults write /System/Library/Launch Daemons/com.apple.backupd-auto StartInterval -int 1800
The '1800' at the end of this command is half an hour, expressed in seconds. You can change this figure to suit: for example, to back up once an hour again, replace it with '3600', for two-hour backups, '7200'.
Always remember to be especially careful with commands that begin 'sudo'. These are system-level commands that can cause huge problems if misused, which is why you're asked for your administrator's password the first time you try one.
03. Logon greetings
Another sudo – and therefore dangerous – command that enables you to add a message to the login screen. In Terminal, type:
sudo defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "Your Message"

Replace 'Your Message' with whatever it is you want to display, of course, but be careful with your punctuation. Some characters (exclamation marks, for instance) stop the command from working.
To remove the message, type:
sudo defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText ""
04. Play games in the Terminal
As you may know, OS X is UNIX based. Emacs, a text editor, forms part of the UNIX system, and it contains some Easter egg games, including the ever-popular Tetris, Pong and Snake.
First you must find your Emacs version number. In the Terminal, type cd /usr/share/emacs/ And press Return. Now type 'ls' and press Return again. You're given your Emacs version number (1.21, for instance). Now, write it down.
Then enter the following:
ls /usr/share/emacs/[VERSION]/lisp/ play
Replace [VERSION] with the number obtained earlier. You get a directory of all the available games. Make a note, or take a screenshot.

Now switch to Emacs through Terminal by simply typing 'emacs'. To access the games, press Esc then x and type the name of the game you wish to play, before pressing Return.
You can switch to the next game by pressing Esc then x and the name of the next game you wish to try. Have fun!
05. Fix window sizes in FFView
01. Resize problem

FFView is a great sequential image viewer, but its Page width Mode resizes its window every time you turn to the next image. This is very annoying if you want to set – and stick to – your own window size. What to do?
02. Resize resolution

Terminal solves the problem. Type:
defaults write com.feedface.ffview udn_dont_resize_img_ win 1
The window now remains a constant size. To reverse this, enter the code again, replacing the '1' at the end with '0'. Now restart the app.
03. Want comics?

There's a wealth of downloadable free comics available on the web. For example, mobile comic publisher Robot Comics offers a list of high-quality, free-to-download material suitable for reading on your Mac with FFView. Check it out here.
06. Get a massive Dock
If you want giant-sized magnified Dock icons, enable Magnification in System Preferences > Dock, and in Terminal type:
defaults write com.apple.dock largesize -int 512; killall Dock

This increases their maximum size to 512x512 pixels. You can substitute another figure if you wish, but don't go any higher than 512. To switch this effect off, just return to the Dock's preferences and move the Magnification slider back.
07. Hybrid Dock folders
For a different version of a Dock folder or Stack's List option, type:
defaults write com.apple.dock use-new-liststack -boolean YES; killall Dock
This gives you an interesting hybrid of the List and Grid viewing options. Your List view icons are bigger, and if there are more items than fits the window, you can scroll through them in the same way as you would in Grid view.
Also like Grid view, clicking on a folder now opens it within the Stack. If you find you don't like these changes, type the command again, replacing 'YES' with 'NO'.
08. Inspect the web
Safari's Web Inspector offers a great deal of detail about web pages, and it's invaluable for serious web developers. You can activate it using Safari's Debug Menu outlined elsewhere in this tutorial, but if you only want the Web Inspector, type:
defaults write com.apple.Safari WebKit DeveloperExtras -bool true
After restarting Safari, you can now access the Web Inspector by right-clicking on a web page and selecting it from the contextual menu.
As you might guess, you can deactivate this feature by repeating the command, but replacing 'true' with 'false' at the end and restarting Safari once more.
09. Debug iCal
Like many OS X applications, iCal has a Debug Mode that can be activated through Terminal. Type:
defaults write com.apple.iCal IncludeDebugMenu YES
A new menu bar pull-down titled Debug appears. You can hide it again by repeating the code but replacing 'YES' with 'NO'; note that iCal must be restarted for changes to take effect.
10. Debug Address Book
Address Book also has a hidden debug menu. To enable it, type:
defaults write com.apple.addressbook ABShow DebugMenu -bool YES
The Debug pull-down appears in the menu bar. To disable it again, repeat the command and replace 'YES' with 'NO' at the end. The application must be closed and restarted for these commands to take effect.
11. Enable Safari debug menu
To enable a debug menu in Safari 4, type; defaults write com.apple. safari IncludeInternalDebug Menu 1 Quit Safari and restart it for the hack to take effect, giving you an extra menu bar pulldown labelled Debug.

To get rid of it again, repeat the command, replacing the '1' at the end with '0'. A restart is again required.
12. Enable x-ray folders in Quick Look
01. Folders can look dreary
If you highlight a file in Finder and press [Space] or click on the eye-like icon in the toolbar, you activate Quick Look, giving you information about the item in question and possibly a preview of the file. Folders look pretty dull in Quick Look, as you can see here.
02. See through the veil
Fortunately, there is a way to spice up your folder viewing experience, and Terminal is the source: to make Quick Look give you an x-ray image of a folder, simply type:
defaults write com.apple.finder QLEnableXRayFolders -boolean YES
03. X-ray vision is yours
Quick Look now offers an x-ray view of a folder, with an icon that shows you what's inside it. To disable this feature once more, type the code offered in step two again, replacing 'YES' with 'NO'. Quick Look folders are returned to their former state, with no x-ray view.
13. Translucent icons
To turn the Dock icons translucent for applications that are open but hidden, type;
defaults write com.apple. Dock showhidden -bool YES; killall Dock

Repeat the command, replacing 'YES' with 'NO' to disable this feature once more. Icons for applications that are already hidden when you activate this feature will not appear translucent unless you Show and then Hide them again.
14. Recently used
This somewhat intimidating code introduces a new Stack into your Dock, showing a list of your recently used applications:
defaults write com.apple.dock persistent-others -array-add '{ "tile-data" = { "list-type" = 1; }; "tile-type" = "recents-tile"; }'; killall Dock

Type it carefully. It's a really useful feature. When the new Stack is in your Dock, you can right-click on it and change it from showing Recent Applications to Recent Documents, Recent Servers, Favourite Volumes or Favourite Items.
It can be displayed in Fan, Grid or List View, just like a regular stack. If you want to get rid of it again, just drag it out of the Dock.
15. Expose your Dock
By default, clicking and holding on the Dock icon for an active application in Snow Leopard activates Dashboard Exposé, showing all of that application's currently-open windows. In Leopard, of course, this gave you a contextual menu; that's something you can access in both operating systems by right-clicking on the icon in question.
If you're running Snow Leopard but prefer Leopard's way of doing things, type the following Terminal command:
defaults write com.apple.dock show-exposemenus -boolean no; killall Dock
Repeating the command with 'YES' instead of 'NO' returns your Dock's Exposé functions to normal.
16. Grid view highlights
If you open a Stack in Grid view, you can navigate through its enclosures using your keyboard's arrow keys, with the currently selected icon highlighted by a grey gradient box. However, if you drag your mouse pointer over the Grid, no such highlighting appears – unless you use this Terminal command:
defaults write com.apple.dock mouse-over-hilitestack -boolean YES; killall Dock
You now get the same grey background box during mouse-overs as you do when navigating through the Grid using the keyboard. Replace 'YES' with 'NO' to switch this off again, though we doubt you'll want to.
17. Dock the gloss
If you're not too keen on the 3D Dock, with its shiny glass finish showing reflections of the application icons, use this tip to switch to something a little simpler:
defaults write com.apple.dock no-glass -boolean YES; killall Dock
Your Dock background is now a much plainer translucent black design with a thin white outline. Icons are no longer reflected in the Dock, and open applications are indicated by a white dot instead of a blue floodlight.
If you decide you prefer the 3D look after all you can repeat the command substituting 'NO' for 'YES', so you've nothing to lose by giving it a go.
18. Search your music
When you highlight a track in your iTunes library, you get a right-facing arrow in a circle. Clicking on this searches the iTunes Store for similar material. However, using this Terminal input, you can get it to search your library instead:
defaults write com.apple.iTunes invertStore Links -bool YES
Restart iTunes to activate it, and repeat the command with 'NO' replacing 'YES' to switch things back to their default behaviour.
19. Drag Dashboard widgets onto your Desktop
One of the most interesting Terminal tips enables you to drag your widgets out of the Dashboard and onto the Desktop, where they float above open applications and Finder windows akin to the 'Gadgets' in Windows Vista's Sidebar. To activate it, type:
defaults write com.apple.dashboard devmode YES

You must then log out and back in again, or restart your machine. You can now capture a widget by clicking and holding it, and pressing F12 to dismiss the Dashboard and drop it on your desktop.
By capturing a widget that's on your desktop and pressing F12, you can return it to your Dashboard too. Widgets placed on the Desktop function just like they do on the Dashboard.
To disable this feature, repeat the code simply replacing 'YES' with 'NO'. Again, you must log out and in again or restart your machine for the change to take effect, after which widgets that are already on the desktop can be returned to the Dashboard, but there they must remain.
20. Expanded Save view
The Save command brings up a dialog window, enabling you to choose a title, where your document will save to and possibly the format in which it will be saved, depending on the application in question.
Next to the title, there's a blue button with a triangle pointing down. Pressing this expands the dialog window, giving it a similar format to a Finder window. If you want this window to appear in its expanded form by default, type:
defaults write -g NSNavPanelExpandedState ForSaveMode -bool TRUE
If needed, just replace 'TRUE' with 'FALSE' to revert to how things were.
21. Faster Screen Sharing
MobileMe's Screen Sharing facility is an excellent feature, but depending on your internet connection, it can be very sluggish. Thankfully, there's an easy way of speeding it up by using a Terminal command to reduce the image quality of the shared screen:
defaults write com.apple.ScreenSharing controlObserveQuality 1
This reduces the screen to its lowest possible quality setting, giving you a black and white image. You can replace the '1' at the end of the command with the numbers '2' to '5', offering progressively higher quality screens. '2' gives a greyscale image, '3' offers eight-bit colour, '4' is 16-bit colour and '5' takes you back to full colour, the default setting.
22. Screenshot names
If you capture a screenshot in Snow Leopard, it's automatically titled 'Screen shot', followed by a date and time. You can change this using a Terminal command:
defaults write com.apple.screencapture name "Anything you like"; killall SystemUIServer
Simply change 'Anything you like' to whatever it is you wish to call the screens you capture – the date and time remain unchanged. To go back to the default, simply use this command with 'Anything you like' replaced by 'Screen shot'.
23. Reveal hidden files
There are several applications that let you look at OS X's hidden files, such as resource forks, but there's also a very simple command you can employ from the Terminal:
defaults write com.apple.finder AppleShowAll Files TRUE; killall Finder
Be careful with this one. Those files are hidden for a reason, and while it's interesting to see what's there, don't fiddle with them unless you know what you're doing. To turn off this feature, repeat the command replacing 'TRUE' with 'FALSE'.
24. Copy, Gold Leader!
This must be the strangest Terminal command ever. Go on, type:
telnet towel.blinkenlights.nl

You're treated to the Star Wars movie, retold in ASCII art. Wait for the prefilm credits to end, and make sure you don't resize the Terminal window, or the graphics won't format properly.
25. Quit Finder like any other app
With this handy command, you can quit out of Finder in the same way you would any other app:
defaults write com.apple.finder QuitMenuItem -bool YES; killall Finder

A Quit option now appears at the foot of the Finder menu. To remove it, enter the code again, replacing 'YES' with 'NO'.

 

How to be a hacker

When our reporter turned up for a masterclass in hacking, he was astonished how easy entry-level hacking could be..


I had no idea what to expect, or how difficult it might be. But it turned out that the hardest part about taking control of somebody else's computer was just getting my own laptop connected to the internet - which indicates the scale of the security problem that we all face.
Our masterclass was trying to accurately simulate hacking into a decrepit Windows XP computer in the office of a multinational corporation, and Michael Belton, head of the penetration testing team at cybersecurity firm Rapid7, soon had me fully connected. And then the fun began.
“Penetration testing” is a euphemistic term for hacking. The crucial difference is that penetration testing is done with the permission of the network owner, so it is the digital equivalent of stores paying someone to shoplift from them to ensure their security staff are awake.
But if the motivations of the two are different, the methods – and end results – are the same. Which means that a penetration tester showing me the tools of his trade is a pretty good insight into how a script kiddie working with hacker collective like Anonymous goes about their business.
It also neatly answers the question of a Guardian editor who found out I was attending a “hacking masterclass”: yes, it was legal, because we were only accessing systems with the permission of their owners. It’s when you start accessing everyone else’s that the problems begin.

1 We started with Linux

Once I arrived at our hacking venue, where Belton was going to demonstrate how to “own” a computer in just a couple of minutes, I was handed a USB stick with an installation of Kali Linux on it.
Linux is an open source operating system, a collectively-created free alternative to Mac OS or Windows, and Kali is a version of it designed specifically for penetration testers. It comes pre-installed with all the software necessary to take control of unsecured computers (and a good few secured ones as well), as well as all the standard productivity tools a team of testers would need to work together. Most importantly, it can be shrunk down small enough to fit on one thumbdrive – and can be booted straight from it.
That’s crucial for hackers, because although the temptation is to focus on their tools, the job is as much art as science. If you can get physical access to a network, there’s no need to bother trying to bypass firewalls from the outside.

Faking your way into a system 

So penetration testers have been known to dress up as outside contractors, tail employees from smoking breaks, and even picking locks to get in the building. The Ethical Hackers Handbook, a guide for penetration testers, recommends practicing ahead of time the answers to common questions like “I don’t think we’ve met; are you new?” and “Who are you working for?”
The same short-cuts apply elsewhere. If you’re trying to get hold of someone’s password, it’s far simpler to just get them to tell you than it is to crack their computer and read it from the memory.
Again, that comes in many forms. Kevin Mitnick, formerly America’s most-wanted computer criminal before his arrest in 1995, broke into his first major network at the age of 16 by phoning up the company’s system manager. “I claimed I couldn't log into one of ‘my’ accounts, and was convincing enough to talk the guy into giving me access and allowing me to select a password of my choice,” he said in 2003.
These days, people tend to be more suspicious about unexpected phone calls asking for passwords. But there are other ways to achieve the same ends. Belton showed me software Rapid7 has produced which can easily fire off an email to every employee in a company, asking them to log in to a fake version of their own website. The programme automatically strips all the assets from the real site, sets up a temporary server, and waits for people to input their passwords.
The whole thing is so convincing that when the company demonstrated it to a US senator who was visiting their offices, he immediately accused his head of press of being involved, despite having seen the entire process first hand.

2 Finding way in, with Metasploit

But sometimes you just want to remotely take-over a computer. What then?
The first thing to do is look for ways in. There are a number of such discovery tools, from SQLmap, which automatically looks for weaknesses in large databases, to Burpsuite, which is designed to take advantage of web application, but the one we were using was nMap, a type of programme known as a port scanner.
Such applications are often likened to walking down the street, trying every door just to check if one is unlocked, but that slightly underestimates the scale of the thing. Services like nMap are more akin to walking through a city trying every door, window, and loose-looking brick while simultaneously making a note of how many locks they have, what type of key they take, and when it looks like they were built.
After just 45 seconds, the scan was done. It had identified our target: a computer running Windows XP Service Pack 2, released in 2004 and superseded by Service Pack 3 in 2008. (It was technically superseded by Windows Vista in 2007, but we don’t talk about Vista anymore.) Such a setup may seem like our poor sap – in reality a virtual machine running on Belton’s laptop – was being stitched up, but decade-old installations are depressingly common in the business world.
A few more keystrokes, and I launched the program which would get me inside: Metasploit.
The jewel in Rapid7’s arsenal, Metasploit is a one-stop-shop for cracking into computers. The programme itself is over a decade old, but has been steadily updated with new vulnerabilities as time has gone on. It’s never at the cutting-edge, where security researchers are finding new holes, but what it lacks in currency it makes up for in ease-of-use. Even the text-only version which I used (for the real hacker experience, naturally) lets you take over computers with just a few keystrokes; the full paid-for software adds a graphical user interface which can let you seize someone’s laptop with the click of a button.
Like all software for penetration testers, Metasploit has a strong contingent of users who are more interested in just seeing what they can break into. “Let’s be honest, that’s what everyone uses it for,” says a Rapid7 PR sitting in on the masterclass.
With the help of Belton, I picked the particular faulty door which I would make my way through. According to nMap, our target was running a Microsoft program which comes installed on all XP computers and lets them share files back and forth. But version three of the software, which the target had, has a known vulnerability (“a parsing flaw in the path canonicalization code of NetAPI32.dll,” according to Rapid7). Using Metasploit, a single-line command exploits that flaw to load the third and final part of our assault, Meterpreter.

3 Taking control with Meterpreter

Running on the target computer, Meterpreter provides a backdoor through which I can take control of pretty much anything. The program never installs itself, running only in the memory, and only a particularly paranoid target will notice that their task monitor now shows an unexpected, randomly named process. If even that’s too much risk, one further command can “inject” meterpreter inside another programme, so that it stays completely invisible.
While I’m connected to Meterpreter, Metasploit presents me with a list of options. Some, like the ability to dump the contents of the memory or disable the mouse, are designed to let an attacker get further into the target network. The latter is a particularly cunning mix of electronic and human methods: disabling the mouse makes the user call IT support, who may then log in to the computer remotely or in person. Where you originally only had a user account, suddenly you have taken control of an administrator.
Others let you make the most of the access you already have. I can take a screenshot, record audio with a webcam, or livestream video. I can also set up a keylogger, and record everything the target types. If I want to, I don’t have to stop at Meterpreter; I can install further software, to sniff for credit card numbers, or permanently slave the computer to my own – perfect if I need to gather a few thousand together to bring down another site with a distributed denial of service attack, where a server is overwhelmed by the sheer weight of connections and breaks.

How to protect yourself

The scariest thing about it all isn’t what I can do. It’s that it’s me doing it. The software really is that simple.
But a certain extent, that can be reassuring. The vast majority of the hackers we’re all so afraid of are actually doing little more than running a programme which does the heavy lifting for them.
Protecting yourself against them is easy enough:
• keep your computer up to date
• try not to fall prey to phishing attempts
• and don’t run programmes from untrusted sources
When it comes to drive-by hacks like the one I pulled off, you don’t have to be perfectly secure; just more secure than the poor sap who does fall prey. “I don’t have to outrun the bear. I only have to outrun you.”