Home » Archives for September 2013

Contact

ဆက္သြယ္ရန္။
ဖုန္း ၀၉-၄၂၁၀၃၄၀၇၈
Read more…

About

ကၽြန္ေတာ္..
Read more…

XML Viewers

While you can view XML documents with a simple text editor, there are free XML viewers that present the contents in a more readable form. XML viewers interpret the document so it will display the XML document using any styles that have been applied using XSLT or CSS. It will also warn you if something doesn't look right, or if it doesn't validate correctly.

Most modern browsers include XML support, so it's quite possible that your own browser is able to display the contents of XML files.

You open an XML file in your browser the same way you open any other file in your browser. If it's a local file you can type the full path into the address bar. Otherwise, if it's available over the web, you can type the URL into the address bar.
Notepad

You can use a text editor such as Notepad to create or view a simple XML file. Here's what this XML file looks like in Notepad:


Firefox
Here's how the above XML file appears in Firefox 2.0. Notice the difference between Notepad and Firefox. Firefox actually attempts to interpret the document. It even warns us if it thinks something could be out of place (such as a missing stylesheet).


Internet Explorer
Here's how the same XML file appears in Internet Explorer 6.0


Displaying Errors
If your XML document contains an error, your XML viewer should display a message indicating the error. In this file, I have purposely included an error.


Below is how the error is reported in Internet Explorer.

Adding Styles
Once you start adding styles to your XML, you'll see a huge difference in how your XML documents appear with an XML viewer. We'll cover styles later.
Read more…

About XML

XML stands for eXtensible Markup Language. As the name suggests, XML is a markup language. The XML specification was created by the World Wide Web Consortium (W3C), the body that sets standards for the web.

Features/Benefits of XML
XML has been widely adopted since its creation and with good reason. Some of the key features and benefits of XML include:
Easy data exchange - One of the great things about XML is that it can allow easy sharing of data between different applications - even if these applications are written in different languages and reside on different platforms.
Self-describing data - When you look at an XML document, it is very easy to figure out what's going on.
Create your own languages - XML allows you to specify your own markup language for your own specific purpose. Some existing XML based languages include Banking Industry Technology Secretariat (BITS), Bank Internet Payment System (BIPS), Financial Exchange (IFX) and many more.

What Does XML Look Like?
The following example demonstrates what the contents of a typical XML document could look like.
Read more…

CSS Advantages

HTML has its limitations when it comes to layout. Sure, you have 6 different levels of headings and 6 different sizes of fonts. You also have tables, and you have control over alignment etc. These are good enough to get a reasonable looking document that shows the true structure of information. However, it's a far cry from some of the excellent layout & design that we see in magazines and printed brochures etc.

CSS helps us achieve such layouts.

With CSS, you have much better control over the layout of your web pages. You can specify exactly how big a font will be, exactly where an element will be on a page, what the page will look like when printed, and much more.

CSS can also save you a lot of time, particularly when maintaining a large site. Also, the World Wide Web Consortium (W3C) recommends that web developers use CSS tags instead of HTML tags wherever possible. The W3C are gradually phasing out quite a few of these HTML tags.
Advantages of CSS

    CSS saves time
    When most of us first learn HTML, we get taught to set the font face, size, colour, style etc every time it occurs on a page. This means we find ourselves typing (or copying & pasting) the same thing over and over again. With CSS, you only have to specify these details once for any element. CSS will automatically apply the specified styles whenever that element occurs.
    Pages load faster
    Less code means faster download times.
    Easy maintenance
    To change the style of an element, you only have to make an edit in one place.
    Superior styles to HTML
    CSS has a much wider array of attributes than HTML.

Disadvantages of CSS

    Browser compatibility
    Browsers have varying levels of compliance with Style Sheets. This means that some Style Sheet features are supported and some aren't. To confuse things more, some browser manufacturers decide to come up with their own proprietary tags.

    Fortunately, browser compatibility is becoming less of an issue as the latest browser versions are much more standards-compliant than their earlier counterparts.
Read more…

JavaScript Syntax

What does JavaScript syntax mean? JavaScript syntax refers to a set of rules that determine how the language will be written (by the programmer) and interpreted (by the browser). The JavaScript syntax is loosely based on the Java syntax. Java is a full blown programming environment and JavaScript could be seen as a sub-set of the Java syntax. Having said this, that is where the similarities end - Java and JavaScript are two totally different things.

In learning JavaScript you will become familiar with terms such as variables, functions, statements, operators, data types, objects etc. It will take most of this tutorial to show you the complete JavaScript syntax. For now, I'll give you a quick intro by showing you an example and explanation.
Read more…

How to enable JavaScript

To view webpages with JavaScript, you need to ensure your browser has JavaScript enabled. Generally speaking, you can still view the webpage without JavaScript, but you will not be able to take advantage of the JavaScript functionality.
How do I check if my browser has JavaScript enabled?

You normally do this by checking your browser's options. This will depend on the browser you're using. Instructions for some of the more common browsers are below:
Internet Explorer:

    Go to Tools from the top menu
    Select Internet Options
    Click on the Security tab
    Click Custom Level
    Scroll down until you see the Scripting section
    Ensure that the Active Scripting option is set at Enable
    When the Warning! window asks Are you sure you want to change the settings for this zone? click Yes

Mozilla Firefox

    Go to the Firefox menu
    Select Options
    Select the Content tab
    Check the Enable JavaScript checkbox
    Click OK to close the Options window

Google Chrome:

    Go to Chrome from the top menu
    Select Preferences...
    Click on Show advanced settings...
    Click on Content Settings...
    Ensure that the Allow all sites to run JavaScript (recommended) option is selected
    Click OK

Apple Safari:

    Go to Safari from the top menu
    Select Preferences
    Select Security
    Ensure that the Enable JavaScript option is checked
    Click OK

Opera:

    Go to Menu from the top menu
    Select Settings
    Select Quick Preferences
    Ensure that the Enable JavaScript option is checked

Netscape Navigator:

    Go to Edit from the top menu
    Select Preferences
    Select Advanced
    Select Scripts & Plugins
    Check the Enable JavaScript checkbox
    Click OK

Depending on your browser, the exact steps may differ slightly from above. Having said that, the above steps should point you in the right direction.

Note that you may need to refresh the page after enabling JavaScript before you see the effect.
How do I disable JavaScript?

You simply go through the steps above but ensure the JavaScript options are not checked/selected.

If you're developing web pages with JavaScript, it's good practice to view your website with JavaScript disabled. This will show you what your website will look like to users who choose to disable JavaScript.
Other browsers?

Most (if not all browsers) give you the option to enable/disable JavaScript. If your browser is not listed above, the steps above will give you some idea of how to find it. Just look for something called tools, options, preferences or something similar.
Warning

Java and JavaScript are two different things - make sure you're enabling/disabling the right option!
Read more…

JavaScript Introduction

What is JavaScript?

JavaScript is a scripting language that enables web developers/designers to build more functional and interactive websites.

Common uses of JavaScript include:

    Alert messages
    Popup windows
    Dynamic dropdown menus
    Form validation
    Displaying date/time

JavaScript usually runs on the client-side (the browser's side), as opposed to server-side (on the web server). One benefit of doing this is performance. On the client side, JavaScript is loaded into the browser and can run as soon as it is called. Without running on the client side, the page would need to refresh each time you needed a script to run.
What do I need to create JavaScript?

You can create JavaScript using the same equipment you use when creating HTML. That is:

    Computer
    Text editor. For example, Notepad (for Windows), Pico (for Linux), or Simpletext (Mac). You could use a HTML editor if you like but it's not needed.
    Web Browser. For example, Internet Explorer or Firefox. You will need to ensure JavaScript is enabled within your browser's settings (this is normally enabled by default).

The next lesson will show you how to enable/disable JavaScript in your browser.
Read more…

How to Secure Joomla 3 and Protect it Against Hacker Attacks

1. Keep Joomla and its extensions up-to-date

Probably the most important part of securing your Joomla website is to keep it updated to the latest version. In almost all version releases there are fixes for security issues. For more information on how to update Joomla to the latest version check out our Joomla Update Tutorial.

Keeping your Joomla extensions up-to-date is equally important for the security of your website. Actually, there are more attacks that utilize security issues in extensions than in the actual Joomla 3 core files. For more information on how to keep your Joomla components, modules and plugins up-to-date, please refer to our tutorial on How to Update Joomla Extensions.
2. Use Strong Login Details
First, you should avoid using default user names like "admin" or "administrator". Those will be first in the list of words a potential attacker would try. Next, it is important to have a strong password for your website. Many attackers try to brute-force your login details. This means that they use a list of commonly used passwords to guess yours. There are several tips that will help protect you against such attacks:    Don't use common words for passwords like love, god, pass, admin, admin123, etc.
  1.     Avoid personal information in passwords like your personal or family name.
  2.     Avoid password generators. Password generators use algorithms to generate the passwords which can be compromised by an attacker.
  3.     Use as many special characters ( *!@#)$ ), numbers and capital letters in your password as possible.
3. Use Proper File Permissions & Ownership
Another important part of having a secured Joomla 3 website is to set the right permissions for your Joomla files and folders. We recommend that you follow these suggestions for your permissions:
Read more…

7 tips to optimize Joomla! security

1. Change the default database prefix (jos_)

Most SQL injections that are written to hack a Joomla! website, try to retrieve data from the jos_users table. This way, they can retrieve the username and password from the super administrator of the website. Changing the default prefix into something random, will prevent (most / all) SQL injections. You can set the database prefix when installing your Joomla! website. If you've already installed Joomla! and want to change your prefix, do the following:    Log on to your Joomla! back-end.

  1.     Go to your global configuration and search for the database
  2.     Change your database prefix (Example: fdasqw_) and press Save.
  3.     Go to phpMyAdmin to access your database.
  4.     Go to export, leave all default values and press Start. Exporting the database can take a while.
  5.     When done, select all code and copy it to notepad (or any other text editor)
  6.     In phpMyAdmin, select all tables and delete them
  7.     In notepad, do a Search & replace (Ctrl + H). Set the searchterm to jos_ and change it into your new prefix (Example: fdasqw_). Press "Replace all".
  8.     Select everything in your notepad file and copy it. In phpMyAdmin, go to SQL, paste the queries and press Start.
2. Remove version number / name of extensions

Most vulnerabilities only occur in a specific release of a specific extension. Showing MyExtension version 2.14 is a really bad thing. You can modify this message to only the name of the extension by doing the following:    Retrieve all files of the extension from your server.
  1.     Open up Dreamweaver.
  2.     Load any file from the extension that you just downloaded to your local machine.
  3.     Use the Search function and set the search to Search through specified folder. Navigate to the folder where you downloaded the exploit to.
  4.     Set the search term to "MyExtension version 2.14" and press OK.
  5.     When found the correct file, remove the version number.
  6.     Upload the changed file to your server and check if the changes are made.
3. Use a SEF component

Most hackers use the Google inurl: command to search for a vulnerable exploit. Use Artio, SH404SEF or another SEF component to re-write your URL's and prevent hackers from finding the exploits. Additionally, you'll get a higher rank in Google when using search engine friendly URL's.
4. Keep Joomla! and extensions up to date
This one is pretty obvious. Always check for the latest versions of Joomla! and the extensions you're using. Many vulnerabilities are resolved most of the times in later versions.
5. Use the correct CHMOD for each folder and file

Setting files or folders to a CHMOD of 777 or 707 is only necessary when a script needs to write to that file or directory. All other files should have the following configuration:

    PHP files: 644
    Config files: 666
    Other folders: 755
6. Delete leftover files

When you installed an extension that you didn't like, don't set the extension to unbublished. If you do, the vulnerable files will still be on your website. So simply use the un-install function to totally get rid of the extension.
7. Change your .htaccess file

Add the following lines to your .htaccess file to block out some common exploits.
########## Begin - Rewrite rules to block out some common exploits
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a < script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script that tries to set CONFIG_EXT (com_extcal2 issue)
RewriteCond %{QUERY_STRING} CONFIG_EXT([|%20|%5B).*= [NC,OR]
# Block out any script that tries to set sbp or sb_authorname via URL (simpleboard)
RewriteCond %{QUERY_STRING} sbp(=|%20|%3D) [OR]
RewriteCond %{QUERY_STRING} sb_authorname(=|%20|%3D)
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

Read more…

HTML Formatting

You may be familiar with some of the formatting options that are available in word processing applications such as Microsoft Office, and desktop publishing software such as QuarkXpress. Well, many of these formatting features are available in HTML too! This lesson contains some of the more common formatting options.
Read more…

HTML Elements

HTML elements are the fundamentals of HTML. HTML documents are simply a text file made up of HTML elements. These elements are defined using HTML tags. HTML tags tell your browser which elements to present and how to present them. Where the element appears is determined by the order in which the tags appear.

HTML consists of almost 100 tags. Don't let that put you off though - you will probably find that most of the time, you only use a handful of tags on your web pages. Having said that, I highly recommend learning all HTML tags eventually - but we'll get to that later. 
OK, lets look more closely at the example that we created in the previous lesson.
********************
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>HTML Tutorial Example</title>
</head>
<body>
<p>Less than 5 minutes into this HTML tutorial and
I've already created my first homepage!</p>
</body>
</html>
*****************
Explanation of the above code: 
  • The <!DOCTYPE... > element tells the browser which version of HTML the document is using.
  • The <html> element can be thought of as a container that all other tags sit inside (except for the !DOCTYPE tag).
  • The <head> tag contains information that is not normally viewable within your browser (such as meta tags, JavaScript and CSS), although the <title> tag is an exception to this. The content of the <title> tag is displayed in the browser's title bar (right at the very top of the browser).
  • The <body> tag is the main area for your content. This is where most of your code (and viewable elements) will go.
  • The <p> tag declares a paragraph. This contains the body text.

Read more…

What is HTML?

HTML is a language for describing web pages.
  •     HTML stands for Hyper Text Markup Language
  •     HTML is a markup language
  •     A markup language is a set of markup tags
  •     The tags describe document content
  •     HTML documents contain HTML tags and plain text
  •     HTML documents are also called web pages

Read more…

CSS Introduction ေလးပါ

Cascading Style Sheets (CSS) have been seriously underated. Maybe it's because web designers think it's harder than what it is. The truth is, CSS is incredibly easy! With CSS, you can define all your common styles in an external Style Sheet. This way, if you want to change every occurence of a style throughout your site, you only need to update one place.

This tutorial will show you how to implement CSS into your website. This tutorial will also show you how to create an external style sheet and link to it from your HTML page.

What does CSS stand for?
CSS stands for Cascading Style Sheets.

What is CSS?

CSS is a language that you can use to define styles against any HTML element. These styles are set using CSS properties.For example, you can set font properties (size, colors, style etc), background images, border styles, and much more.

Cascading Style Sheets, level 1 (CSS1) became a W3C Recommendation in December 1996. It describes the CSS language as well as a simple visual formatting model. CSS2, which became a W3C recommendation in May 1998, builds on CSS1 and adds support for media-specific style sheets (e.g. printers and aural devices), downloadable fonts, element positioning and tables.

As of this writing, CSS3 is currently under development.
Read more…

Drop Down List

Drop Down List အတြက္ျဖစ္ပါတယ္။

<form><select onchange="window.open(this.options[this.selectedIndex].value,'_blank')" style="width: 170px;">
<option>နည္းပညာဆိုင္ရာလင့္မ်ား<!-- change the links with your own --></option>
<option value="http://mmcmsteam.blogspot.com/search/label/Tutorials"> Tutorials </option>
<option value="http://mmcmsteam.blogspot.com/search/label/Joomla30"> Joomla30 </option>
<option value="http://mmcmsteam.blogspot.com/search/label/Joomla%20Security"> Joomla Security </option>
</select></form>
Read more…

How to find admin page of a site[tut]

Website တစ္ခုရဲ႔ admin user / pass ရျပီဆိုပါစို႔...admin page ကိုဘယ္လိုရွာမလဲ...ဒီေအာက္က နည္းေလးေတြသံုးျပီးရွာမယ္ေနာ္...80% ေတာ႔ အာမခံပါတယ္။
နံပါတ္တစ္ - url add ပါမယ္... www.site.com ဆိုပါစို႔...တစ္ခ်ိဳ႔ဆိုဒ္ေတြက သူ႔ index page မွာတင္ login ၀င္ဖို႔ပါတတ္တာကို မေတြ႔ဘဲ စြတ္စပ္ရွာတတ္ၾကပါတယ္....ဒါေၾကာင္႔မို႔ ပထမဆံုး index ကို ေသခ်ာျပန္စစ္ပါ...ေနာက္ .com ေနာက္မွာ ေအာက္ကပံုစံအတိုင္းလိုက္စစ္ပါ။
www.site.com/admin
www.site.com/administrator
www.site.com/login
www.site.com/admin.php
www.site.com/admin.asp
www.site.com/wp-login.php
ဒါနဲ႔ပထမဆံုးစစ္ပါ...မေတြ႔ဘူးဆိုပါစို႔...ေနာက္တစ္မ်ိဳးနဲ႔ထပ္စစ္ပါမယ္...

နံပါတ္ႏွစ္ - Online Scanner သံုးပါမယ္...လြယ္လြယ္ကူကူ tool ေတြ ဘာေတြသြင္းေနရတာ ရႈပ္ေသးတယ္...ရလို ရျငား online acp finder နဲ႔အရင္စမ္းပါမယ္...ဒီမွာ ကၽြန္ေတာ္ဘာသံုးေလ႔ရွိတုန္းဆို  ကၽြန္ေတာ္ကေတာ႔ တုတ္ေကာက္ကို သံုး   အဲေလ.....
www.dongoth.com/acp.php ကိုသံုးပါတယ္ဗ်ာ....လိုင္းအထိုက္အေလ်ာက္ရွိရင္ ဒီေကာင္ စစ္တာ ေတာ္ေတာ္ျမန္ပါတယ္... လိုင္းမရွိရင္ေတာ႔ ဘာမွကို မတက္တာ.... ဟီး...
ဒါလည္း မဟန္ဘူးဆိုပါစို႔...ေနာက္တစ္ဆင္႔ဗ်ာ....

နံပါတ္သံုး - Tool အေသးစားေလးေတြ  လြယ္လြယ္ကူကူ Admin Page Finder ေတြသံုးပါမယ္... Havij ေပါ႔ဗ်ာ... Havij ကို
http://mmhackforums.noonhost.com/havji--register-vt95.html
မွာ download ဆြဲသံုးႏိူင္ပါတယ္...သူ႔ Havij Admin Page List မွာက 410 ပဲပါတယ္ဗ်...ဒီေတာ႔ Havij ကို extract လုပ္ျပီးရင္  admin.txt ထဲကို
http://mmhackforums.noonhost.com/vt489.html
က admin page hottest list ျဖည္႔ျပီး save ျပီးသံုးပါ...ဒါဆို list 900 ေက်ာ္ရပါမယ္....Havij ကို မၾကိဳက္ဘူးဆိုျပန္ရင္းလည္း တျခား admin finder ေတြကို ကိုယ္႔ဘာသာကိုယ္ googling ျပီးလိုက္ရွာ ေဒါင္း သံုးၾကေပေရာဗ်ာ.....ကဲ...ဒီတစ္ဆင္႔လည္း မဟန္ေသးဘူး ဆိုၾကပါစုိ႔...   :gamer:  :gamer:

နံပါတ္ေလး - dorking ေလးနဲ႔စမ္းၾကည္႔မယ္ဗ်ာ...
ဒါေလးနဲ႔ထည္႔ရွာဗ်ာ...
Dork:
site:webpage.com "admin"
site:webpage.com "login"

နံပါတ္ငါး - robots.txt ကိုစစ္မယ္ဗ်ာ...
www.site.com/robots.txt ကိုတစ္ခ်က္ရိႈးၾကည္႔ပါ...

နံပါတ္ေျခာက္ - Web Scanner နဲ႔သာ crawl လုပ္ျပီးသာ url တစ္ခုခ်င္းစီသာ စစ္ခ်ပါေတာ႔... ကၽြန္ေတာ္သံုးရင္ေတာ႔  albaloo 1.3 ကိုသံုးပါတယ္... 2MB ေက်ာ္ေက်ာ္ပဲရွိေတာ႔ ေပါ႔ေပါ႔ပါးပါးေလးနဲ႔မို႔ပါ.. .ဒီမွာဆြဲႏိူင္ပါတယ္...
http://mmhackforums.noonhost.com/albaloo-web-vulnerability-scanner-1-3-vt31.html
Read more…