Oracle and Java

Ok people I have not forgot about you. I am just in super study mode. My short term goal is to get Oracle certified. That is a tall order. I need to get it done in my month to get my company to pay for it. Although I do know some Oracle, passing the certification tests is taking it to a whole new level.

I am also engaged in a community college class on Java. Hopefully this will give the knowledge to write evil applets that do all kinds of fun things in your browser. As always I will share what I learn and know.

Did you know you can get all kinds of free tools to do Java programming? You should start by taking a look at the Sun Microsystems web page. They are the inventors of the language. And they provide a free development kit to compile and run Java programs. You can also download a free copy of the NetBeans integrated development environment.

I am an old school hacker. So I like writing my code in a text editor. Or better yet I use an IDE from Microsoft which does not do Java. That way I don't rely on the tool. I rely on my own knowledge to write the code from scratch. That is, I do this until I truly learn the language. After that I will get down with a free Java IDE like Eclipse. More on that later.

Guessing a Password

If you were to try a brute force attack on cracking an e-mail password, you might spend an eternity going through all possible values. However that might not be a smart way to go about the task of guessing a user's password. A little knowledge about password characteristics can increase your chances and speed up your results considerably.

Let's start with password length. Here are the most common lengths of password, with the most common lengths presented first:
  • 8 characters
  • 7 characters
  • 9 characters
  • 6 characters
  • 10 characters

If you choose only passwords that are between 6 and 10 characters, you will have tried the lengths of 93% of all passwords out there. Nine out of ten sounds like good odds to me. For a super fast shortcut to guessing passwords manually, I would try out the most common passwords that are out there. Here are some really common ones:

  • password1
  • abc123
  • password
  • blink182
  • qwerty1
  • 123abc
  • 123456
  • soccer
  • princess1
  • monkey

Finally I leave you with some advice. Don't choose any of these common passwords as your own. Try not to choose a password length that is common. And above all, do not choose a password that can be found in a dictionary.

Password Recovery

If you wanted to get into somebody else's e-mail, you would think there would be some software that could do it for you. Right? I did a little searching and found a program called the "Password Recovery Toolkit". That sounded real promising. It is distributed by AccessData. The marketing hype on their web site did not help me understand what exactly this software did.

I dug a little deeper into this program offering. In fact, I read a lot of the user manual which is available online. The installation requires a runtime called CodeMeter to be installed on your computer. However the AccessData site gives you instructions on how to bypass this restriction. They get you to hack your Windows registry. Sounds like my kind of company.

The buzzwords for this program sound right. Its job is to "recover passwords quickly and easily". Sign me up. However reading further I found that this product is targeted for law enforcement professionals, or maybe security professionals. That doesn't sound like me. I am just looking for how I can crack some arbitrary email account password. The more I read, the more I got the feeling that this product is for somebody who used a password when encrypting a file on their machine, and then forgot that password.

I am trying to download an evaluation copy of the Password Recovery Toolkit. However it is taking forever. It is still only 55% complete. And I fear that the software might require the use of a dongle. You know. That is some hardware key you have to plug into your computer so that you do not illegally copy and use the software. Bummer. I wanted to try an evaluation copy. I will give you an update if I ever get this software to download and run.

Hacking Gmail

It was getting late. I was supposed to be studying for a college test we are taking tomorrow. But I just could not get in the mood. So I decided to waste my time reading Reddit. I like checking the links in the programming section. That is where I came across an interesting link to a post about scripting Gmail.

The author of an article showed some tricks on how to script Gmail. For example, he wrote a small script to create a page with links to all your unread Gmail mail. This guy seems to have some handy skills with Gmail. But here is the kicker. Almost all the comments on his page were requests for help on hacking e-mail accounts.

This poor guy just has some scripting skills in the Gmail environment. He can't hack anybody's account to get their password. But the response to his article has been a multitude of requests for assistance hacking some accounts. I am going to invite each of these posters to come read my blog. If you are one of the people I have personally invited, then welcome.

Crackulous for Sale

Different mass media sources alerted me to the fact that a program named Crackulous for ten bucks. This application cracks iPhone applications and lets you download and run them for free. The media was surprised that a guy who developed cracking software would be concerned about people cracking his own software and not paying for it. I agreed that it seemed a bit hypocritical.

I decided to try to Google the product to find more information about it. This is where I was surprised upon learning that this software was actually developed by another team of developers at Hackulous. Apparently the guy selling the software had stolen the application himself, and was turning around and trying to sell software that he himself had not developed.

Now I find all of this amusing. Yes it is a shame that somebody took someone else’s software and started selling it as his own. But come on. We are talking about software to crack iPhone applications. No there does not seem to be any honor among thieves.

It is hilarious to see the outrage by readers of the Hackulous site. What do you expect? You are on a site that has posted a free application to steal iPhone software. Don’t be surprised if somebody robs you too. Of course I am making a judgment call here. I am saying that you lose some respect and/or rights when you write software that is itself performing illegal activities.

I guess everybody needs to be worried about piracy. That includes developers who write software to pirate other software. Does anybody else see the humor in this? At least the mainstream media guys found it odd that the guy who stole the software was complaining about people stealing his stolen software. LOL.