Saturday, 30 May 2009

Finding Hotmail Passwords using JavaScript

I was messing around with JavaScript, and it seems that there is a way to find a Hotmail password if it has been typed into the password textbox. For this to work, the form must not yet have been submitted.

Apparently, typing the code

javascript:alert(document.getElementById('$').value);

where $ = name of the password textbox
as the URL may cause the password to be displayed in an alert box. The code is case-sensitive.

In the case of Hotmail, the textbox name is i0118:

Finding Hotmail Passwords using JavaScript - Ashvin Sawmynaden's Blog

I have tested this on a couple of other websites, as demonstrated below:

Finding Hotmail Passwords using JavaScript - Ashvin Sawmynaden's Blog
Finding Hotmail Passwords using JavaScript - Ashvin Sawmynaden's BlogI have only tried this in Firefox, but I am assuming it would also work in Internet Explorer and other browsers. Obviously, given the steep requirements for this to work, the likelyhood of successfully obtaining access to an account using this method is minimal at best and would probably not work in a real-life situation. I however think that tons of pranks can be made by exploiting this bug and using it on non-savvy PC users.

Saturday, 23 May 2009

goosh.org - the unofficial google shell

goosh.org proudly proclaims itself as "the unofficial google shell" (apparently, uppercase letters are overrated, so I will just tag along). Written by Stefan Grothkopp, goosh essentially acts as an AJAX front-end for Google. Its advantages are that it is extremely fast since it is merely a shell and that it gets rid of the long-winded descriptions that usually come with Google searches and sponsored listing. goosh is not just extremely fast, it is ridiculously fast.

Goosh

The thing to note about goosh is that it will by default return the first four results for your search, which is actually a good idea, since it is no secret that nobody gives a damn about links other than the top three (unless you used a non-top three link to reach this blog, which makes it okay). However, rest assured that these settings can be changed as goosh already offers several commands, which are more than enough to make it worth bookmarking.

Of course, one could come up with the argument that most Internet providers now offer fast speeds at extremely affordable costs and that people still using dial-up should just stop using computers altogether and go back to using Sir Alan Sugar's Amstrad. However, mobile Internet is on the rise, and when browsing the Internet using devices such as an iTouch (hell yeah!) or a Blackberry (hell no!), goosh can be extremely useful.

goosh also works exactly as a shell and the commands are intuitive (and can always be displayed simply by typing h), thereby giving it a learning curve of at most 2 seconds. If all this doesn't convince you to give it a try and to add it to your Firefox search engines (command addengine), I honestly don't know what will.

Monday, 18 May 2009

GoDaddy sucks

There, I said it. Much has been said about GoDaddy and its reputation, but more and more people have voiced their frustrations about GoDaddy, and I am now officially one of them. Some will recall that I blogged about 1&1 and its atrocious technical support in January. However, I have recently discovered that GoDaddy is even worse, and in this case, I'm not only referring to the technical support but to everything about GoDaddy. However, rest assured that it does come with the inevitable useless and incompetent technical support that seems to come with most hosting services these days (except GoDaddy's technical support is much worse than 1&1's, which, by itself, is quite a feat).

GoDaddy's problems start no sonner than the home page:

GoDaddy sucks
Too much content, too little space, making the home page a real mess, and don't even get me started about the advertising.

Actually, screw that - I am going to rant about GoDaddy's annoying advertising schemes.

GoDaddy shoves advertising down your throat at every opportunity, and never ceases to tout all its special offers and shamelessly spends all its time and poorly-designed pages convincing you to buy packages and options you will absolutely never need. I went through the domain purchase process (not that I actually needed to buy one, but just to verify how bad it was), and the amount of times GoDaddy tried to get me to buy tons of useless features is truly flabbergasting.

GoDaddy sucksHoly crap, I sure need all these packages, domains, and features! For some reason, GoDaddy would not let me do a domain search for f***godaddy.com or even godaddysucks.com and ihategodaddy.com. What the hell just happened to my freedom of free speech? Thankfully, I was able to make dubious domain searches such as thiswebsitesucks.com and aborttheinternet.com. Due to my inability to make any domain search with "godaddy" in it, I reckon it would be pointless to use it should I ever want to register gogodaddy.com although the latter may have absolutely nothing to do with GoDaddy.

This down-your-throat advertising is made even worse by the fact that it NEVER STOPS. Indeed, some advertising at the stage of the domain search would come across as normal. Most hosting providers do it albeit not as obtrusively as GoDaddy. However, GoDaddy goes way further by relentlessly throwing its "special offers" at every step of the registration process.

GoDaddy sucks

Wow! SFAMILY.ME is available? It has absolutely nothing to do with my purchase of aborttheinternet.com, but I might as well forget the recession and buy a domain name that bears no relevancy to my original purchase. Think that's enough?

At the checkout option, GoDaddy automatically selects the 2 year registration length instead of the more logical 1 year option. This is of course accompanied by several Economy, Deluxe, and Unlimited package offers, which basically equal throwing your hard-earned money down the gutter.

GoDaddy sucks
Thankfully, the shopping process is something one completes fairly quickly unless you like buying domain names and hosting space by the dozen. Unfortunately, this is where the real problem starts. GoDaddy's control panel is an ill-conceived piece of trash whose sole purpose is to annoy users.. However, this deserves its own post, so stay tuned for this post for my foul-mouthed rant on GoDaddy's atrocious control panel.