Category Archives: misc


Browa10: Brute force script for OWA 2010 servers

To quickly test the strength of passwords used by users on a domain, through an OWA (Outlook Web Access) 2010 interface.
Here’s the ruby code, and its README.

Please use this script responsibly and only against servers you’re authorized to audit.


Why this kolaveri 3? Living up to the hype.

A few days ago, I read a post where the founder of the video and photo sharing application Color gives feedback on the much talked about 1 Billion dollar Instagram buyout.

Color came little over a year ago, creating great promises towards sharing pictures with your fellow nearby smartphone users; rather than facebook’s lame and weird single perspective on life.

Fast forward a year, and unlike color, Instagram became a hot entrepreneurial topic; how can a iOS-only photo sharing application be acquired for 10 digits. It seems the latter remained humble and focused on the product, refrained from passing to many negative comments and so on, and it created a nice product, rather than creating a hype.

Another hype phenomenon can be seen in the indian tamilian movie 3, the movie of the internet meme “Kolaveri D”. Although the tamil song created a large hype, the movie seemed to be less successful. Much different to color, there was no arrogance or anything; the movie simply didn’t live up to the hype.

The iPhone 4S was a bit of a let down, not because it is a bad device, yet the world was expecting an iPhone 5. It (the world) created a hype.

Although I’m not really in any position to say how to run your business, but ease down on the hype. Create a kick-ass product, the hype will just be substituted by word of mouth. And that’s what you want.

fun misc

The Android Ipad

A fake, android powered iPad in Dragon Mart.


7days meta refresh hack

The 7 days newspaper was subject to a “meta refresh” hack earlier today, yet it seems to be fixed already. When going to any link, it would point to the following page:

It seems to be hacked by a particular W0LF Gh4m3d, a person who does several defacements without any political agenda. One of his/her hcks was “ “, which actually translates into wine subscription, not a good thing putting a Saudi Arabian flag on there, is it?


Bye Blackberry, hello Android

After three years of series of using BlackBerries (work and personal), I went to the dark side and got myself an Android phone.

It was a bit getting used to (and necesarry nagging from my end), but here are some of the reasons why I love it, and some reasons why I miss my Blackberry:
read more »


Old random scribbles

Copied from the old archives.. 🙂

Differences between 1987 and 2007:


read more »

code misc rails

FacebookError: OAuthException – Invalid OAuth access token

On, we got notified of some issues with Facebook signups and logins. All of the sudden, when the Facebook OAuth service pushed us back to our redirect-page, the HyperGraph Gem threw the following error:

FacebookError: OAuthException – Invalid OAuth access token

This is often thrown because the Access Token could contain a | (pipe) character, which gets encoded to %7C, and this makes HyperGraph choke a bit. So a simple gsub(‘%7C’,’|’) will solve it, such as the code below:

at = HyperGraph.get_access_token(FB_ID, FB_SECRET, FB_RET, code)
at = at.gsub(‘%7C’,’|’)
g =
me = g.get(‘me’)


misc sysadmin

Error mongoDB under Ubuntu – can’t find

When installing MongoDB under Ubuntu, one could stumble upon the following problem:

mongo: error while loading shared libraries: cannot open shared object file: No such file or directory

This is caused because MongoDB uses XulRunner for it’s operations. (This is also why you see a bunch of X11 programs that are to be installed when using apt-get). XulRunner, however, contains this file, but is not loaded.

Solving the problem:
Make sure you have xulrunner installed (sudo apt-get install xulrunner-1.9.2) and add its path to ldconfig’s configuration files, which are in/etc/ You could create a file, say, /etc/, containing the following line:


After this, you chould run ldconfig (as root) and that should do the trick. Let me know if you have any problems with this.


Who’s there to trust? Etisalat’s CA Certificate to be revoked?

Recently, the UAE appeared in the news with some security/privacy related issue; the fact that using encrypted services on the Internet could be a danger to the nation’s security. “The UAE threatened to discontinue some BlackBerry services because of RIM’s refusal to offer a surveillance back door to its customers’ encrypted communications.” [1]

Now, 2 days ago, the Electronic Frontier Foundation, the group defending
your rights in the digital world, requested Verizon in an open letter to revoke the CA (certificate authority) certificate from Etisalat, the nation’s CA. How does all of this work?
read more »


No more UAE blackberry services from October 11

Gulfnews reported that the TRA, the UAE’s authority that regulates all telecommunication things, will be shutting down Blackberry services.

Reason being, It can’t be wiretapped is not in line with UAE telecommunications regulations. Which was figured out after it was active for 3.5 years. Maybe providers will come out with a “patch” again to enable these services?

I guess they’ll come to a agreement whereby BBM Messenger will be blocked, emails will be enabled again (since all HTTPS enabled webmail solutions are encrypted anyway) and web traffic will be forced through the country’s proxy servers.