Oct 21, 2019

How To Hack A Local Windows Password Offline With CHNTPW Live CD/USB


Many moons ago I used to make my own custom version of Ubuntu called Bauer-Puntu that had lots of useful tools already built in. One of the tools I would always install was an offline Windows password rest tool called chntpw.

I once made an awful how to video about using Bauer-Puntu and chntpw. You can watch it below:


The other day I was helping this really gorgeous cop I started dating reset the password on her laptop. Her ex-husband is kind of petty and changed her password just to piss her off. I went to use my trusty Bauer-Puntu USB drive, but the video drivers for it were out of date so it didn't work. Kind of a bummer...

Anyway, looking around I found out that someone made a dedicated live version of chntpw and it works like a charm! I tried it on a Windows 10 VM and it worked flawlessly!

From their page:
Chntpw (also known as Offline NT Password & Registry Editor) is a small Windows password removal utility that can run from a CD or USB drive. The latest version is 140201. Please download the Bootable CD image or the USB version for your own purpose:
  • cd140201.zip (~18MB) – Bootable CD image. (md5sum: f274127bf8be9a7ed48b563fd951ae9e)
  • usb140201.zip (~18MB) – Files for USB install (md5sum: a60dbb91016d93ec5f11e64650394afb)
You can also download chntpw for ALT Linux, Arch Linux, CentOS / RHEL, Debian, Fedora, Mageia, ROSA, Slackware, Ubuntu distributions from this link
If you need to download the old version, please visit Offline NT Password & Registry Editor’s official website
After you’ve downloaded it, you then need to burn chntpw to CD/USB drive in order to get it to work.
If you've been looking for a way to easily hack errr... reset a local Windows password, this is it!

What do you like to use to do offline password resets for Windows? Let us know in the comments!

Sep 30, 2019

Facilitating Your Crypto Trading with Automated Platforms: Superorder Case


Automated trading platforms are growing more popular as investors recognize the benefits that come with their adoption. The process of automated crypto trading is simple yet effective. It allows traders and investors to establish specific rules for trade entries and exits that relate to their trading strategies. The moment they confirm these rules, the algorithms do all the work on the traders’ behalf, meaning they buy and sell assets when the time is right.

For investors that want to reduce their trading efforts and minimize the manual labor in the trading process, automated trading platforms are the best ways to do it.

Automation in trading might sound overly complex for some traders, especially when coding is in the picture. However, what many don't know is that learning how to program your strategies is not necessary for some automated platforms.

Superorder Concept

Superorder is a crypto platform for professional traders that want to explore the benefits of automated trading. What this means is that crypto traders can use this feature to build and run their trading strategies, and avoid manual tracing of the market’s price fluctuations.

The Ukraine-born and USA-grown automated trading terminal was launched in 2018. Perhaps, the best thing about the platform is that traders don’t need to possess coding abilities, nor any programming languages to make their trading strategies. Instead, Superorder provides users with a convenient strategy editor based on blocks – various order types. They’re used to build specific trading chains that are executed automatically later.

That has to be one of the most positive aspects of automated trading, particularly for day traders. Knowing how difficult following a 24/7 market is, this feature comes as a refreshing advantage and a way to control professional trading and keep a balanced personal life.

How Does It Work? 

Automated trading revolves around specific strategies and money management rules that allow the systems to monitor trades with precision, and execute them when the time is right.

All automated platforms are not the same, although the main principles that they apply orbit around the idea of establishing rules for the system to automatically execute. Crypto traders and investors decide on the rules, and let the system know when they want to buy coins, and when it would be ideal to sell them to make a profit and minimize losses. The computer remembers these orders and follows the market changes 24/7. When the selling or buying price reaches the parameter that was entered on the system, it executes it.

There can be many different strategies according to the needs of the investors. What’s positive is that Superorder allows users to make a selection of rules and run simulations to test their strategy before applying it on the market.

After registering an account on Superorder, the trader needs to finish connecting his/her profile from the exchange platform that is being used (in this case it’s either Binance, Bittrex, BitMEX or CEX.IO), and start trading by setting up a strategy. Inside their terminal is where they will be doing this, and the interface makes it easy for traders to get around and start their automated trading.

Main Features 

Superorder offers several features, and we are going to go over some of the most important ones that make this platform stand out in front of its competitors. Although the company is rather new on the market, they still have a lot to offer.

  • Strategy Elements/Building Blocks 


One of the problems with most automated trading platforms is that they are somewhat limited to the elements that professional traders can use in their strategies.

Superorder offers nine elements or strategy building blocks, which can be easily located on their interface. They include: limit buy, limit sell, market buy, market sell, stop loss, sell trailing stop, buy trailing stop, and more. There are also conditional elements like tech indicators and forks.

The trailing stops are an advantage because they can be used even if the exchange does not support them. Additionally, there are also conditions called AND Fork, and OR Forks, which allow traders to split their strategy into two paths to make a more complex chain.

  • Cross-Exchange Orders

Traders can cross their order on multiple crypto exchanges to get the best experience. The process is as simple as using two blocks in the strategy builder. Moreover, the platform can handle more strategies running simultaneously on the same exchange and across different exchanges and coin pairings.

  • User-Friendly Interface 

Professional and even new traders shouldn’t encounter any issues with the platform’s interface, considering that it is manageable and easy to use. Even if they do find something that bothers them, users can easily adjust the terminal according to their unique preferences.

  • Platform Support


Superoder’s platform support is a bit limited. They do, however, introduce four big names in the industry. Currently, the platform supports Binance, Bittrex, BitMEX, and CEX.IO but the developers are planning on adding Bitfinex, Poloniex, and other exchanges soon.

Traders can synchronize to their chosen exchange, a process that will only take a few seconds and is nicely explained on the platform, step by step.

  • Free Trial 

For traders that are switching to automated trading, a trial period is a necessity. It’s also an essential feature to determine scams from real trading platforms that help users achieve growth, instead of tricking them to lose their money.

It’s an advantage that Superorder implemented a 3-day trial period, which should be enough to see whether the terminal is the right fit for you or not.

Final Thoughts

Superorder is a fitting platform for professional traders who want to take the shortcut leading to profits. It’s an advantage not to be dealing with programming languages as it takes a lot of time for traders to master it if they already haven’t. It's also useful that the platform is customizable and user-friendly.

The fact that this automated trading terminal allows easy and simple automated trading, with the opportunity to try it out without paying for two weeks, is certainly a positive aspect and a good sign for traders who want to switch to this type of crypto trading.

Overall, the process of automated trading can be remarkably helpful nowadays, and Superorder is one of the platforms that can successfully provide you with profits, all that while minimizing the manual effort traders would usually put into the process. In other words, professional traders can now enjoy earning profits with less effort.

Sep 16, 2019

How To Implement TLS 1.3 for iRedmail Roundcube in Ubuntu

As many of you know, I use iRedmail for my personal email server and I run it on an Ubuntu 18.04 VM on Linode. No big deal right?

Well, periodically I like to check to make sure my SSL settings are using the most up to date security by running servers tests against SSL Labs. I decided I needed to implement TLS 1.3. It turns out, it's really easy if you are using Nginx like iRedmail uses!

For the iRedmail Nginx configuration, all you have to do is edit the /etc/nginx/templates/ssl.tmpl file and add TLSv1.3 after TLSv1.2 in the ssl_protocols section! Should look like this:

ssl_protocols TLSv1.2 TLSv1.3;

That's it! Do that, save the file and restart the Nginx daemon by running sudo service nginx restart!

Now I'm running TLS 1.3!

Sep 11, 2019

What Makes Bitcoin the Internet of Money

When cryptocurrency is mentioned, people think about Bitcoin more than any other type of digital currency. It was among the first in this sector and it has been successful throughout its history. Although many people interact with Bitcoin, they may not understand the underlying technology.

According to experts, there are international laws involved in creating Bitcoin technology. It functions under blockchain technology which, as we are going to see, is the genesis of better financial operations around the world.

The Pillars of Bitcoin Technology

  • Decentralized verification - Before a transaction is termed complete, it is verified by numerous servers across the world. This reduces theft and fraud, making blockchain technology one of the most trusted today. It also eliminates the possibility of sending money twice.
  • Decentralized ledger - This is where Bitcoin has made its reputation. The transaction information is not stored in one location like with many other financial operations. It is distributed across different servers, which means that anyone can verify it. This increases the level of transparency.
  • Peer-to-peer network - Bitcoin is a global digital currency that mainly operates through a P2P network. This allows peers to collaborate in giving loans, mining, and every verifying transactions. This network is very hard to kill as it is now.
  • Use of digital signature - It sounds easy to forge, right? Wrong! Digital signatures that are used in Bitcoin technology are verified by several parties and they are the center of its success in minimizing digital money theft.

Bitcoin - The Internet of Money

According to experts at Nakitcoins, a website that helps people buy and sell Bitcoins, this digital currency is revolutionizing the world of money at a rapid rate just like the internet is changing the world. Many financial operations are copying these pillars of technology in various ways to improve their operations.

Banks have started applying the use of digital signatures to promote online banking. As of now, those who have successfully implemented this has started enjoying the fruits of reduced hacking and fraud cases.

Apart from financial institutions using Bitcoin technology, people have also accepted the use of Bitcoins to transact. It is a better option that has brought convenience to online buyers and sellers. Many businesses and suppliers across the world now use Bitcoin. Although other digital currencies are used, none have been as globally accepted as Bitcoin.

The other reason why Bitcoin has become very popular is that it is now a thriving business. Through various exchange platforms, people can buy and sell with the intention of making a profit. The digital coin has been making progress in its stability, which improves its reputation among everyone around in the world.

Banks have started applying the use of digital signatures to promote online banking. As of now, those who have successfully implemented this has started enjoying the fruits of reduced hacking and fraud cases.

Apart from financial institutions using Bitcoin technology, people have also accepted the use of Bitcoins to transact. It is a better option that has brought convenience to online buyers and sellers. Many businesses and suppliers across the world now use Bitcoin. Although other digital currencies are used, none have been as globally accepted as Bitcoin.

The other reason why Bitcoin has become very popular is that it is now a thriving business. Through various exchange platforms, people can buy and sell with the intention of making a profit. The digital coin has been making progress in its stability, which improves its reputation among everyone around in the world.

Conclusion

From these insights, it is evident that Bitcoin has indeed become the center of the world. It is penetrating every corner with many benefits. Anyone who gets an opportunity to work with Bitcoin hardly ever turns back.

Most importantly, Bitcoin technology and blockchain can be applied in many financial sectors so that they can also enjoy the benefits that come with it. Now that you know why Bitcoin is the internet of money, it is time to start interacting with the digital coins.




Sep 2, 2019

Highest Paid Blockchain Jobs [Infographic]

If you thought that blockchain only had to deal with cryptocurrencies, you are mistaken. Blockchain is being used in commercial applications now too. That means lots of careers await!

With that, here is an infographic I found that shows you the highest paid blockchain jobs out there! Check it out:


[Via MrDesigner]

Aug 26, 2019

Top 5 Tips on Logging in Java

Source - Pexels
One of the first decisions you have to make when building a website is which programming language you want to use. With all of the different options on the market, selecting the right programming language can be difficult. For years, developers have relied on the power of Java to build and power their websites. This language is both easy to use and very effective.

Did you realize the websites for LinkedIn, Indeed and Ali Express were all built using Java? If you are considering using this programming language, you need to consider a few important factors. If you are using Java to create a web-based or mobile application, monitoring runtime data is crucial. While some people rely on logging as a service, others prefer to do this manually.

Regardless of what method you use to monitor this data, you need to focus on logging as much information as you can. The following are some of the things you need to focus on when logging in Java.

1. Be Careful When Logging Sensitive Information

One of the biggest misconceptions most people have about logging is that they need to get as much information as possible. While having usable data is important, there are certain things you don’t need to store or log on your application. Logging things like a user’s login credentials or financial information is a horrible idea.

Most developers fail to realize that their plain text log files will be processed by a number of unsecured systems. This means that this sensitive information will be at risk. Not only is the practice of logging sensitive information negligent, it is also heavily regulated. This means that if you do not take the proper precautions to protect this data, you may be at risk of being fined.

2. Excessive Logging Creates Problems

Are you looking for a way to keep your website or application fast and responsive? If so, then you need to avoid excessive logging. Taking the time to figure out what data you want to monitor is crucial. The more files you are logging, the slower your site or application will ultimately get.

Not only will excessive logging lead to slower computing speeds, it can make it hard for you to actually read what a log file says. If there are too many log messages, you will be unable to pick out the ones that actually matter. You should really only be logging information that affects either the functionality of your app or the user’s experience.

By being selective with the data you are using, you can make finding and fixing problems much easier. Also, a faster app or website will be far more popular with consumers. The time you invest in cutting down on excessive logging will be worth it in the long run.

3. Making Sense of Cryptic Log Messages

When you start to parse the log files created by your application or website, you will need to view the details to make sense of them. One of the biggest mistakes beginner programmers make is failing to include enough information in these files. If these log messages are vague or cryptic, you will have a hard time making sense of them.

This is why you need to focus on putting things like timestamps, thread name, class name and log level is crucial. This information will act as clues when trying to figure out what is wrong with your app. The last thing you want is for your app to give you log messages you can’t understand.

One of the best ways to ensure you have no problem understanding what a log means is by using workflow rules. These if/then statements can create a predictable outcome and minimize problems during the development and deployment process. If you are curious about how to use this tool, you can find more information on workflow rules on DaniWeb crm's help pages here.

4. Incorrect Log Levels Can Create Confusion

Failing to create adequate log levels will lead to either a flood of unimportant data or the missing of significant events within your app or website’s infrastructure. You need to view choosing the right log level for your system as a priority.

For most logging frameworks, you can use terms like fatal, warn, debug or trace to label various log files. Ideally, you want to name these levels in a way that gives you information about how severe they are. Trace is generally the lowest log level, while fatal is the most serious. With these labels, you should be able to find out how severe the issues you are dealing with really are.

Source - Pexels


5. Ignoring Your Logs is a Bad Idea

The worst thing a developer can do is to work hard to create an adequate and detailed logging system  only to ignore the information it provides. You need to make a habit of looking at these files on a daily basis to ensure everything is working efficiently. Staying on top of the error logs can help you keep your app more dependable and functional.

Keeping Your Program Running

All of the time and effort you invest in logging will be worth it. By keeping track of how well an app is performing, you can detect issues before any real damage is done.

Aug 1, 2019

PR_CONNECT_RESET_ERROR connecting to Windows IIS web servers in Firefox only

I had a strange issue today at my day job that shall not be named. We have a test environment that our clients connect to that is running Windows IIS. Out of the blue, one of our clients said that in Firefox they couldn't connect to the test environment website, but all other browsers worked fine.

When you would connect to the site in Firefox, you would get the below error:


Secure Connection Failed

An error occurred during a connection to <website name> PR_CONNECT_RESET_ERROR



  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem.

None of the other servers in our other environments had this issue.

Well, after checking TLS settings on servers that didn't have the issue and comparing them to the servers that did have the issue, I figured it out.

Using IIS Crypto, I found that these servers had SHA disabled. Once I checked the box to enable it, and rebooted the servers the issue went away.


Apparently Firefox doesn't support SHA 256 and above yet... Seems like they would though right?

Anyway, that fixed the issue for us. If you know of another way to fix this, let us know in the comment!



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam