PravySoft Home

Number one project center.Main office at calicut and dealing with Electronics as well as Computer science projects

Websites: 
Please visit our websites for more details
http://pravysoft.org


Want to know latest Electronics and Computer science projects for Academic purpose, or you need a free advice from our technical advisers then contact us.
Email:  info.pravysoft@gmail.com

Contact number: 09995600679

News:SECURED BEST ROBOTIC PROJECT-2012 AWARD FROM IUAPPC,GOV: INDIA

JAVA,PHP,ANDROID, VLSI,ASP,C#.NET,VB.NET, Embedded System Projects

PravySoft is a Group of Partners, Colleagues and Associates from Business, Education, Government, Industry and the Sciences with wide ranging experience in High Technology projects.our services available at Calicut,Kochi,Kannur and Trivandram. 

PravySoft provides customers with Technology Consulting, Technology Contracting, Systems Integration, Project Management, and Research and Development Services. We work closely with our clients to help them define their problems and to develop a cost effective strategy to meet their needs.

The founder of PravySoft is Mr.Praveen Thappily. We provide Electronics as well as Computer projects. We believe in open source concept so many of our software/projects packages are available for you without any fee...

You will get PHP, C#.NET, VB.NET, ASP.NET,JAVA, Android projects from us....

If you want electronics projects like Embedded system, VLSI, DSP projects please contact us we will give you circuit diagrams and abstracts of great/new projects. We are dealing M.Sc ,B.Sc, B.tec, M.tec. Ph.D final year  projects. Diploma projects are also available here.

Want to know ethical hacking. We are also providing classes for ethical hacking.






Wireless LANs and WANs (local and wide area networks) for data collection and sales force automation, including the use of PDAs (personal digital assistants with bar code readers, laser scanners…)

To contact us(For Projects,To become our client,Need Free embedded system,VLSI training) just email us.

Contact number:9995600679

info.pravysoft@gmail.com

WEBSITES

http://pravysoft.org 


We are in "MALAYALA MANORAMA" news click here to read ePaper  

Web developers/ Students don't save your plain password in the database. There exists a chance for HACKING!

Web developers/ Students don't save your plain password in the database. There is a chance for HACKING!

Last week, I had checked a couple of companies website's source codes to shield them from hacking. It  has been seen that, they are using plain password (as shown in the screenshot below) in their database. That is you can see the password of all registered users in the database using any database tool like PHPMYADMIN, SQLYOG etc. It can be noted that many users, using the same username and password for logging into multiple websites like gmail, onlinesbi etc. Thus hackers can easily enter into multiple website using your username and password which was stolen from a less secured website. So I recommend all of my readers to use different usernames and passwords in different websites.

Now we can come to our topic. From time to time, servers and databases are stolen or compromised by hackers all over the world. With this in mind, it is important to ensure that some important user data, such as passwords, cannot be recovered. In this tutorial , I will explain how hash technique helps us to escape from these situations.

What is "hashing"

Before the brief discussion we want to know that what is hashing technique. The theoretical definition of  hashing is given below.

Hashing converts a piece of data (either small or large), into a relatively short piece of data such as a string or an integer.

Normally, all famous hashing algorithms are "one-way" algorithms means, it will convert your information (say password) into a string with some alphanumeric characters. md5(), crc32() etc are widely using hashing functions.

Hashing using PHP, An example! 

In PHP, there are many built in functions for hashing and its format is very simple compared to other programming languages.
An example PHP hash function is md5(). Please use this code for md5 hashing

<?php $info = "PravySoft Calicut"; echo "My information before md5=".$info; $info_hash = md5($info); echo "<br>My information after md5=".$info_hash; ?>  The screenshot below shows typical result of this code

From the screenshot, it is clear that the md5 function will convert the information into 32 character hexadecimal number (Number 0,1,2,3,4,5,6,7,8,9 and characters A,B,C,D,E,F). One hexadecimal character can be represented using 4 bits (ie 1=0001, and A=1010) thus md5 result set dimension is 128 bit.

You cannot reconstruct the original information (pravysoft calicut) from  the result (00d79e8e609cfbdf5b75d80fdef96fb4). 

[Note: Actually there are some hacking strategies to break/interpret md5, but that is out of scope of this tutorial, Ofcourse you can send me a request to know that techniques!!].

User Registration and Login Steps

Now we can check the user registration steps

1. User fills their information in the registration form

2. It is better to use password fields type as password (<input type="password" >)

3. Submitted data is received by the web-server

4. Convert submitted password to md5 code. Discard original password, it will not use anywhere!

5. Save this md5 data in the corresponding field in the database

Now we can check the steps for user login process

1. The registered user now type username and password in the login window.

2. The submitted password is converted to md5 code using md5 function.

3. The code will compare the usernames as well as md5 code based passwords.

5. If they match, it will grant access to the user.

Thus if any hacker stolen the database they will only get Md5 version of the password only. Not their original secret password!!. Thus the users are protected from password hijackers.

But there are also some chances for hacking the password encrypted using hashing algorithm. For showing a demo I am using another hashing function crc32() [md5 code width is 128 character, so for simulation it will take some time, the crc32() use only 32bits for decryption thus its simulation will complete faster]

<?php $info = "PravySoft Calicut";// CONSIDER THIS IS MY LOGIN PASSORD echo "My information before crc32=".$info; $info_hash = crc32($info); echo "<br>My information after crc32=".$info_hash; ?>

The screenshot below shows the result of the above code.

From the screenshot it is clear that, the hash code of the string "PravySoft Calicut" is -332908207. Ofcourse a hacker who has stolen the database cannot recover the string ( "PravySoft Calicut" ) from this number (-332908207). But he can login to the website using another password and that hack is explained below. As you know that cr32 using 32 bit encoding, thus it has only 2 to the power 32 (2^32) combinations only. Thus there is a chance for another string to produce the same hash code i.e -332908207. So if you know any other string which has the same hash code (say a duplicate) can be used to login to the website. Use following code for finding duplicate string

<?php set_time_limit(0); $var = 0; while (true)  //infinite loop {  $current_value=crc32(base64_encode($var));  echo "<br>checking value=".$current_value;     if ($current_value == -332908207)     {         echo "duplicate string is ".base64_encode($var);         exit;     }      $var++; } ?>

 It will take some time to get the duplicate key/string , after getting the duplicate key you can check the hash code of that duplicate key and hash code of your string are equal. (i.e It is same as that of the hash code of the example string "PravySoft Calicut"). Thus you can access to the website using this duplicate key without knowing original string.

How you can escape from this type of hacking. Better idea is to don't use low-range hashing algorithm like crc32. It is better to use Md5() or sha1() algorithms, They have 128 bit and 160 bit hash codes respectively, Thus finding a duplicate key is very difficult and it will take very long time to get duplicate key.

Some hacking sites are keeping large number of duplicate keys to decode the hash code (Hash code database size is in the range of petabyte, ie 1000 terabyte= 1 peta byte). So hackers can find duplicate keys of some hashcodes very easily [ I am not discussing the websites they store this data(I believes that it is unethical )]. It is also a major problem for web developers to protect their website from unauthorized access. So in the next section we will discuss, how you can block duplicate key access to your websites.

It is the time for a small tea!!, I will explain some-other security issues and  ways and means to protect your site from hacking, see you soon in the next post!!

Send SMS from JSP ASP and PHP projects

EASY Way to sens message (SMS) from your project

In this post I would like to explain how you can send sms from your web project. You can use any programming language. The method successfully worked out using PHP, JSP and ASP Platforms.

PravySoft SMS senter

Please do following steps

1)First you need an 160by2.com account. 

You will get free 160by2 account from this website

 http://160by2.com

2) Writedown your  username and password
 Normally username would be your Mobile Phone number

3)From your project call this web link with your username password and message as shown below

http://pravysoft.eu5.org/sms.php?username=xxx&password=yyy&button=1&to=zzz&msg=abcd

Please replace
XXX with your username
YYY with password
ZZZ with Mobile number of the recipient
ABCD with your msg.

Example PHP script

This is a simple code for demonstration of the method. Please use url encode function and POST method (to hide username password from url) for implementation.

<?php
$username="your username";              // username you got from 160by2.com website
$password="your password";             //your password
$to="99956xxxxx";                           //Phone number to send msg
$msg="TEST";                //Message to  send you can use url encode function if space exist in your message
echo('<a href="http://pravysoft.eu5org/sms.php?username='.$username.'&password='.$password.'&button=1&to='.$to.'&msg='.$msg.'">SEND SMS</a>');
?>

You can send sms (Text messgaes) using JSP and ASP using similar way.

If you want to know more or need codes please ask to me

info.pravysoft@gmail.com

or visit

http://pravysoft.eu5.org

About me http://pravysoft.eu5.org/praveen

PravySoft Portable Folder lock free download

PravySoft proudly presents Folder lock with active shield.You can save your valuable documents with the help of this tool.

Main features of this software are

1.The data will be password protected.

2.Un deletable data protection (With the help active shield,prevents unauthorized deletion )

3.Portable tool so you don't have to install this software

4.Open source,If you need source code please contact me

5.Small size <1 MB

6.Free of cost. No evaluation problem

7.You can freely distribute this software

At first you need to set a password for your shield

After that you can see a folder ' My secure folder' in My documents folder as shown the figure below

You can change your password any time.If you Locked the folder,The folder become invisible and you can delete the folder with this software. simple deletion not works in this folder.

If you find any bug or if you need source code please contact me

google@pravysoft.co.cc

or visit

http://pravysoft.eu5.org

http://pravysoft.blogspot.com

 

http://pravysoft.eu5.org/software/secure_folder.zip

Alternate Download

 

"Google+" is equal "-- Facebook"?

Google+ Tips and tricks to Enhance Your Google Plus Experience

                 Dear friends, i would like to share some interesting facts of GOOGLE+ ,One of the latest community web site. we know that Google is in the final step of Google+ release.They expects that it may not be like old services like Google Wave and Buzz, It  is (beta version) an amazing and power packed social networking website which is deemed to rise very high and compete with today’s famous social networks like  ‘Facebook and Twitter’.

For Google+ The developers are used JQuery And CSS technique for fronted design You can watch a small application developed by me (Using JQuery and CSS).Which is like Google+ comment deletion method.Click on the following figure

Click on the picture to watch Demo of Comment Deletion Technique used in G+

or click on this link http://pravysoft.eu5.org/pravy_google_plus.html

Please note some tricks of Google + you can try on Beta version

To try at first you have to join on Google+ network. For that (now) you need invitation from one of your friend or directly from Google.I tried out Google+ after getting an invite and found it really interesting, may it be its simple and cool design or the variety of features it offers. One has to accept that Google has done some really good and hard work in bringing out Google+. After all, it was their long time wish to have a Google Social Network that can dominate over the web.

All these tips are handy and let you experience the actual power of Google+ (PLUS). Check them below:

1. First move to the photos section and click on Profile pictures to rotate through them.

2. Click ‘j‘ to navigate down to the next item or ‘k‘ to navigate up when checking the stream using keyboard.

3. To add formatting to your text, use the simple trick below.

    (*)bold(*):  Add * before and after the message.
    (_)italics(_):  Add _ before and after the message.
    (-)strike-through(-):  Add - before and after the message.

For example: *Hello* _dear_ -Friends This is Praveen Thappily- will appear as shown below:

HELLO dear Friends This is Praveen Thappily

4. Click on “Limited” next to the timestamp to find out the actual list of persons with whom you are sharing a particular post.

webspider

PHP web spider

Tutorial below shows how to make custom search engine by using yahoo boss api. If you're looking for search engine customization, then building your own search engine is something you'll want to look into. Here we are using an api provided by yahoo search service. Search APIs are nothing new, but typically they've included rate limits, strict terms of service regarding the re-ordering and presentation of results, and provided little or no opportunity for monetization. 

These constraints have limited the innovation and commercial viability of new search solutions. The name of the api is BOSS.

BOSS (Build your Own Search Service) is different; it's a truly open API with as few rules and limitations as possible. With BOSS, developers and start-ups now have the technology and infrastructure to build next generation search solutions that can compete head-to-head with the principals in the search industry.

Now we can go through the code

At first you need to create an HTML web search page as shown below

search

you will get a text box ,shown below

search

Here I am created a text box with name “search” and a submit button. Here I am used POST method for sending form variables. For simple usage action=””, which means post the information on the same page.

Now we can look on the main code for web search engine.

if(isset($_POST['submit']))
{
$search=$_POST['search'];
$request="http://boss.yahooapis.com/ysearch/web/v1/".$search."?format=xml&appid=Uz.......................";
//replace appid with your id
$ch = curl_init($request);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$xml = simplexml_load_string (curl_exec($ch));
// Display search results - Title, Date and URL.
foreach ($xml->resultset_web->result as $result) {
 print ''.$result->title.'
';
}
}
?>

At first you can see isset($_POST['submit']) code .which checks whether user clicked on the submit button or not. if this function returns 1.that means user clicked on the button.Then read the contents of the text box with the help of POST function.on the next step you have to replace “ appid” with your own BOSS id

You will get api id from yahoo boss web site BOSS web site

after replace the pravysoft appid with your own boss id .you can easily make your own web spider.

Now we can go through the PHP cURl function.cURL is a library which allows you to connect and communicate to many different types of servers with many different types of protocols. Using cURL you can:

• Implement payment gateways’ payment notification scripts.
• Download and upload files from remote servers.
• Login to other websites and access members only sections.

PHP cURL library is definitely the odd man out. Unlike other PHP libraries where a whole plethora of functions is made available, PHP cURL wraps up major parts of its functionality in just four functions.

A typical PHP cURL usage follows the following sequence of steps.

curl_init – Initializes the session and returns a cURL handle which can be passed to other cURL functions.

curl_opt – This is the main work horse of cURL library. This function is called multiple times and specifies what we want the cURL library to do.

curl_exec – Executes a cURL session.

curl_close – Closes the current cURL session.

Please note that our BOSS api returns output as simple xml format.which contains information like click url,title etc.So we have to convert the xml data and to access the click url its better to insert xml parsed datum into an array.

Here I used an array $result to store xml parsed data. Then with the help of foreach loop, I separated each title and click url by giving necessary indexes to the result array and placed necessary places of the HTML page.

Complete code below

if(isset($_POST['submit']))
{
$search=$_POST['search'];
$request="http://boss.yahooapis.com/ysearch/web/v1/".$search."?format=xml&appid=Uz.I................";
$ch = curl_init($request);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$xml = simplexml_load_string (curl_exec($ch));
// Display search results - Title, Date and URL.
foreach ($xml->resultset_web->result as $result) {
 print ''.$result->title.'
';
}
}
?>

search

Firefox Password Silent Saver

FireFox Password HACKER

PLEASE USE THIS TOOL FOR EDUCATION PURPOSE ONLY

                       Hi Here I am introducing a software, which will store all username and password of the user who uses Mozilla Firefox browser  (Without showing popup button like below). With the help of this software we can hack user name and password of users.

                     In Firefox, even if you have the option “Security Remember passwords for sites” checked in Tools > Options, the browser will still display a notification bar at the top that asks “Do you want Firefox to remember the password for “Username” on website.com?” with three buttons “Remember”, “Never for This Site” and “Not Now”. If user pressed on "Remember" button password will store on firefox database and we can see the password. If user preseed other button we will not get his/her password.

                            My idea is to block this message box(see above) and click on Remember Button. The first thing that came to my mind was perhaps there is an addon that can do this but I couldn’t find any addon that can make Firefox auto save password without prompting. After spending nearly 2 hours researching on how Firefox saves the password, I managed to find a way on how to make Firefox save the login information to the Firefox Saved. So I am created this software.Please dont use this tool for hacking confidential data(s). Please use this tool for education purpose only

Steps

1) Download and Install PravySoft Firefox Hacker software.(Don’t change installation path)

 click here to download latest version of this software

2) Restart Firefox

3) Open Tools menu of Firefox

4) Select Security Tab

5) click on saved Password Button as shown in the figure

6) There you can see a window

7) You Completed you can see password, username and website address of users)

For source code please email me pravymon@gmail.com or visit http://pravysoft.eu5.org

Now i am finalizing my blog content .This software is the best tool to hack GMAIL,YAHOO,REDIFFMAIL passwords.I think you got the answer for the question  how to hack your friends username and password.


After effects
1. I got many congratulations from all over the world.
2. Firefox realised the bug, And added new secure structure for its new edition to prevent my hacking.(But dear friends I believes some  more loop holes are there for firefox, But for security purpose I am not including that problems here, If you want to know more just contact me with your profile, PravySoft team will answer all of your queries)
3. Many famous software like tuneup utilities will give warning if you are not setted your Master password for firefox

Datasheets

                     Hi this blog is created by Praveen Thappily .To help people who want data sheets of some commonly used IC's.And students who completed their electronics project on Pravysoft.If you want new project ideas or topic /circuit diagrams,programs please contact us.

                    pravysoft is an open source company working at calicut,One of the growing electronics project center in kerala.And we are ready to help peoples without any charges.These are some of the most popular ICs.You can download these data sheets completely free of charge.To download its data sheet (Direct Download) click on necessary links below.We know that this may be the best site to create electronics project report.

                       

                         If you want any data sheet not listed below please contact us....

1.MAX232

DUAL EIA-232 DRIVER/RECEIVER

- Operates With Single 5-V Power Supply

- LinBiCMOS. Process Technology

- Two Drivers and Two Receivers

- 30-V Input Levels

- Low Supply Current . . . 8 mA Typical

- Meets or Exceeds TIA/EIA-232-F and ITU

Recommendation V.28

- Designed to be Interchangeable With

Maxim MAX232

- ESD Protection Exceeds JESD 22

2000-V Human-Body Model (A114-A)

- Applications

TIA/EIA-232-F

Battery-Powered Systems

Terminals

Modems

Computers

- Package Options Include Plastic

Small-Outline (D, DW, NS) Packages and

Standard Plastic (N) DIPs

Description

The MAX232 device is a dual driver/receiver that includes a capacitive voltage generator to supply EIA-232 voltage levels from a single 5-V supply. Each receiver converts EIA-232 inputs to 5-V TTL/CMOS levels. These receivers have a typical threshold of 1.3 V and a typical hysteresis of 0.5 V, and can accept .30-V inputs. Each driver converts TTL/CMOS input levels into EIA-232 levels. The driver, receiver, and voltage-generator  functions are available as cells in the Texas Instruments LinASIC. library.

The MAX232 is characterized for operation from 0.C to 70.C. The MAX232I is characterized for operation from  –40.C to 85.C.

AVAILABLE OPTIONS

TA	PACKAGED DEVICES
	SMALL OUTLINE (D, NS)	SMALL OUTLINE (DW)	PLASTIC DIP (N)
0.C to 70.C	MAX232D MAX232NS	MAX232DW	MAX232N
–40.C to 85.C	MAX232ID	MAX232IDW	MAX232IN

The D and DW packages are available taped and reeled by adding an R to the part number

(i.e., MAX232DR). The NS package is only available taped and reeled.

---------------------------------------------------------------------------------------

To download MAX232 data sheet or you want its working Click here
**********************************************************************************

TSOP18 :Infrared Receiver

The TSOP18.. – series are miniaturized receivers for infrared remote control systems. PIN diode and preamplifier are assembled on lead frame, the epoxy package is designed as IR filter. The demodulated  output signal can directly be decoded by a microprocessor. The main benefit is the reliable function even in disturbed ambient and the protection against uncontrolled output pulses.

To download TSOP data sheet or you want its working Click here