The power of ALGORITHMS : Writing Articles/Reports/News!!!

1.  We all are pretty aware that whatever works on the net ,cyberspace web,applications is all backed by many codes and algos running in the background..,,it is these algorithms and codes that actually decide how things happen at the front end ie the user interface.Designed by coders and programmers these algorithms perform herculean tasks in all our routine IT activities...now for all those of us who work in offices and corporate ....we generally keep coming across compiling and analysing reports on various aspects ,be it the views...the summary...the monthly/quarterly feedback... the main article for some journal....or some regular feed etc.So now making these reports and feedbacks etc actually requires manual intervention...and the quality of these reports are proportional to the amount of quality work man hours that have gone into making it....but what if these manual intervention is replaced by intelligent algorithms...ie the reports being compiled are made out of algorithms???

2.   This is what has happened at Narrative Science,a company that trains computers to write news stories...yes you heard it write!!! "Trains computers to write News Stories".The first story that I read about this is available here.The brief points from this story goes like these :

     -  Every 30 seconds or so, the algorithmic bull pen of Narrative Science, a 30-person company occupying a large room on the fringes of the Chicago Loop, extrudes a story whose very byline is a question of philosophical inquiry.

  - Kristian Hammond is the CTO and co-founder of Narrative Science.According to Hammond, these stories are only the first step toward what will eventually become a news universe dominated by computer-generated stories....(amazing amazing future!!!!:-)

   - If one wishes to know the percentage of news that would be written by computers in 15 years.......according to Hammond is going to be more then 90%

3.   So guys the above example is for the news world...where else we can think? Can it compile Intelligence reports for the FBI and our CID based on inputs from so many sources....Off course this is being handled manually as on date....but imagining a intel report compiled by a algorithm is a serious contender for making a permanent place in such agencies.Well...this is one imagination...how about demographic repots...election reports...infact the list is endless.....

4.    Thanks http://www.wired.com

ESSPEE : eth0 issue in Installation

1.   First thing first ...what's ESSPEE.So friends who are aware of whats Backtrack R3....ESSPEE is a derivative of BackTrack 5, based on Ubuntu 12.04. Designed for users who wish to use only free software. It is packed with featured security tools with stable configurations....and now for those of you who wish to know the expanded form of ESSPEE ...its EXTREME SECURITY SCANNING PENETRATION TESTING & EXPLOITATION ENVIRONMENT.....:-)

2.   So after downloading this from  here...and after installing I came across a small issue of eth0 NIC not being detected unlike regularly where it gets detected automatically vide a DHCP config.So the answer is a small tweak that is required while selecting the Mac address of the eth0 as shown in the screen shot below :

(Click on the image to ENLARGE)

3.    That's it....and now ur internet will be on with network adapter configured to NAT....

Detecting a MALICIOUS PDF:PDFid @ BACKTRACK 5 R3

Here is the Screen cast of the past link on "Detecting a MALICIOUS PDF:PDFid @ BACKTRACK 5 R3"

Detecting a MALICIOUS PDF:PDFid @ BACKTRACK 5 R3

1.    Adobe, who gave us the the ever comfortable PDF..thats the "Portable Document Format" in the early 1990's never thought like how this can become a security threat by the simple action of opening it only....yess!!!this post will give a small insight of how things really work behind the scene in execution of a malicious PDF....

2.  So first of all...how a PDF becomes a malicious document?The answer to this question is simple embedding of a JAVA SCRIPT, that is not seen but only executed once a PDF is opened....no antivirus will be able to identify of what malicious thing lies behind a normal PDF that u and me use daily...so if u scan a malicious PDF with your Antivirus,it is veri unlikely to be caught....how do we know then whether a PDF is malicious or not?...thats what this post shows here....I came across a tool known as PDFid in the BACKTRACK R3 that I was running in Virtual Box.

3.   Few lines about the tool....this was developed by Didier Stevens who blogs at http://blog.didierstevens.com/.So this helps us to differentiate between PDF Documents that could be malicious and those that are unlikely to be....The tool is based on the fact that that a  typical PDF File comprises of header, objects, cross-reference table (to locate objects), and trailer.So , if there is a tool that can find out if any one of them is available in this PDF...things can become easier...so like for example...if a PDF that has no purpose of embedding or holding a JS inside it,then a eye brow raise is certain as to why should it be there....so PDFid tool comes to rescue us out of this question...First the typical structure of a PDF with its one line explanation is given below :

“/OpenAction” and “/AA” (Additional Action) specifies the script or action to run automatically.

 “/Names”, “/AcroForm”, “/Action” can also specify and launch scripts or actions.

“/JavaScript” specifies JavaScript to run.

 “/GoTo*” changes the view to a specified destination within the PDF or in another PDF file.

 “/Launch” launches a program or opens a document.

“/URI” accesses a resource by its URL.

“/SubmitForm” and “/GoToR” can send data to URL.

“/RichMedia” can be used to embed Flash in PDF.

“/ObjStm” can hide objects inside an Object Stream.

4. So now I have set up a VB machine running BTR3 that would run this tool and find out if the PDF that I have analyzed is malicious or not? These are the screen shots showing a step by step scene of how u do it....

(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

5.   So the last screen shows the final result...for those of you who find this little complicated I will upload a video cast of this soon....

6.   Thanks http://blog.didierstevens.com and http://zeltser.com

Upgrading Backtrack R2 to R3 : Distribution Upgrade

Single line terminal command from the BT Terminal to upgrade your Backtrack Dist is

apt-get update && apt-get dist-upgrade