kevscode :: online src-code repository... examples and scripts    
 
:: Innovation by Design ::


(¯`·._.-» KeV§CoDe «-._.·´¯)

View my -» Online Resume «-

2006.11.12 - POC Exploit - Amazon.com's Search Inside feature

 

 

While browsing for books on Amazon, I was intrigued with their method of generating a PDF-like interface to browsing the pages of their books. This is coined as 'Search Inside' feature of certain books at Amazon.

Below is a very basic Proof of Concept of how one might utilize the AJAX framework to brute-force attack the 'Random Page' feature of Amazon, to eventually be able to effectively 'rip' the entire book into their own PDF version. This is simply a POC and is not intended to be used by anyone to break any copyright laws. If you like the book, buy it.

 

POC Javascript to request random pages from Amazon books.

--> Amazon_Ajax.html

--> View as Source

Requirements: MUST be run from Internet Explorer, and possibly from you local machine [ie: save the html link and run it locally].

NOTE: Amazon does have some threshold timeouts on their books, I'm not sure if it's based on Amt of requests, or based on the frequency of the requests. Experiment as you please.

 

NOTE: You will need to edit the code to use the ASIN and 'ISBN' of the book you are testing against. [do this by mousing over the 'Search Inside' book image and you can glean this info from the link.



.:: Daily Content ::.

 
Article of the Day
  
In the News
 
Word of the Day


06.10.03 - WinXP logoff.exe (pseudo exploit)

 

 

A would be web-hoodlum could cause an un-cautious visitor of his website to be logged out of his computer. There is no harm in this, unless the user has unsaved documents and XP has to kill the programs (causing unsaved changes to be lost)... For more info about this, and an example.. click below:

WinXP built-in logoff.exe file: see the example

{ the file can be found at <system root>/system32/logoff.exe }



05.10.03 - Microsoft Acces, Payroll Database System

 

 

I've had the Payroll Database System for over 3 months now... so i figured i might as well put some screenshots out... Perhaps someone might want it. It's about 90% completed... but won't be 100% complete until my "client" decides he want's to put down the moeny...
     If you think your organization/company could benefit from such a payroll system, let me know and i can give you the demo version. If you like it, we can negotiate a deal for the full version.

* Here are the screenshots for the DB System: Hemant Payroll System v.0.1.d
* The system was originally designed for currency, taxes, etc. in India... though it can easily be modified for U.S and other locales.



03.13.03 - Geocities/Yahoo Ad Remover (hack)

 

 

Try something like the following: {it worked for me}
<script>
     document.all.yl1.style.visibility="hidden"
     document.all.yl0.style.visibility="hidden"
    //setTimeout(1000, "geocitiesadhack")
</script>

* After time geocities may change their variables, then u'd need to update it.





09.04.02 - Graphic Design!

 I finally began posted my Graphic Design portfolio... So far it only consists of  the mass e-mail campaings i've done for WatchZone.com

08.23.02 - AIM Stuff!
I'm listed in the infamous ASTALAVISTA infosec website for my *aimMessageHider* program (ASTALAVISTA News Feed - 08.15.02)
    • Created an Online JavaScript aimMessageHider - HTML/JS version of the original (VB) aimMessageHider (also w/ a php demo script)
    • My latest project (near completion) is the snTrackerBot - an AIM Bot! I have him running almost 24/7 ... feel free to IM him at snTrackerBot, he's pretty funny sometimes.... of course he has no idea.
    • snTrackerBot also lets me perform routine administrative taks via AIM!! if you're interested in testing it out... email me for full access
    • Future - i'm connecting the bot to an SQL database that will keep track of my buddy list and allow users to add/remove themselfs, keep track of messages, etc.

08.17.02
Just a brief list of small projects i want to start (before i forget)
    • kevSpace - A little storage box i want to make where i can store bits of information (notes) and files associated with them... all organized in a hierchial folder structure... [more] (kinda like the noteposter, but not javascript based)
    • kevMail - expand upon my current form-mailer to allow users to 'log' in and keep and address book or mailing list. Also the capability to track the delivery of messages, and perhaps a mini "inbox/outbox" for the user.... and of course file attachments. Of course there would be no security restrictions, currently the user can only send mail to k e v s m a i l @ k e v s co d e . c o m
      [more]

06.14.02
- Began a new (small) web-app called NotePoster Basically it is a JavaScript database of 'Notes' or 'Bookmarks' organized in a hierarchical structure (mimicing the Internet Explorer Bookmarks feature). It will be in the PHP collection since i will use PHP as the method of updating the JS data files.

06.01.02
- Added the 'getip.php' script to show your IP on the headers. Also begain my 'nettools.php' script which will soon become an online security auditing suite

05.19.02
- Uploaded the Java TicTacToe, began work on the graphics portfolio
- Posted the initial project documentation for Yehaa!

05.10.02

- Now that finals are over with, i finally finished the prototype design Using Photoshop 6.0 and DreamWeaver 4.

-Tried to break away from the soft purple, but just couldn't for the life of me. :( So i'm stuck w/ this one for some time....

 

 


 

 


free hit counter

 

          
Ask an Expert - Visit my Virtual Office at Kasamba


Last Modified: