Wednesday, July 16, 2014

How to install Foreman properly on Windows (Heroku Toolbelts)

7:53 PM Posted by Peter Nguyen No comments

Today i'm learning Node.JS and my most favorite service to deploy my test app is always heroku. Unfortunately, i gave up on Ubuntu couple months ago and currently using windows so i actually need to install Heroku Toolbels on windows. Problem is, it's way more buggy than linux system ...

The only problem that took me around half an hour to fix is the Foreman, pretty much no matter how I try to fix it, i always get the error of "Bad File Descriptor". I googled around and there are couple way to fix it but somehow it lead to another minor bug. So here is the complete way to get rid of that problem: (i'm currently using heroku Toolbelts 3.9.1 as of today)

1. Remove your heroku toolbelts (also the ruby package) from Control Panel\Remove and Uninstall
2. Install toolbelt at c:\Heroku, problem with this tool is that it cannot read the "white space" so when you try to install it to "Program Files" it somehow misreads the directory.
3.  Right click on My computer -> Properties -> Advanced System Settings -> Advance -> Environment Variables. In the bottom box "System Variable" find PATH, click on "Edit" and add these to the end: C:\Program Files (x86)\git\bin;C:\Heroku\ruby-1.9.3\bin     (Note that the ruby folder may change depends on the version you are running)
4. Your foreman can run now but not properly because of its version. Let remove the current version (0.63) by typing in the console: gem uninstall foreman
5. Then reinstall the previous version: gem install foreman -v 0.61

It should works properly now. Good luck with that :D

Friday, July 11, 2014

Mass Account Checker

11:36 PM Posted by Peter Nguyen , 4 comments

The idea comes from all of the unchecked mail/pass combinations that I have found in my temp mailboxes couple days ago. Well, I was a little out of the road at that time so I did harassed a lot of websites with SQLi and exploited their databases for couple good things.

So I pasted them into my Email Checker (written in Python but i have an improvised version which is not published - Link: ) and surprisingly most of them are still live (LIVE means it's valid, yay)

With that being said, i tried to expand the tool a little bit with an good understanding that most of people usually use the same password for most of their online accounts. The result turns out so shocking that most of the combination can be used for at least another online account (Facebook, Twitter, Instagram, Viddy, Vine, and even their messenger)

I make this tool with a purpose of testing how many percentages that somebody uses the same password again.

Mass Account Checker

- I used the same idea for checking email, got a little problem with Hotmail since some functions need to be enabled by the owners to make the checker works, yahoo and gmail work fine.
- Facebook has the highest security measure since it checks for a lot of thing before one can claim the ownership of the account.
- Steam needs a lot of verification steps but since one has control of the mailbox, he can do everything.
- Instagram and mostly others are easy to bypass.
* I used mostly HttpUrlConnection and Selenium, HttpUnit to test.

The download version below is limited, also need an account from me to actually get it work (Well I was a little into real tool at the moment so i try to make real :) )

Download v.1.0

Feel free to PM me whenever you need :)