Multiplayer Board Game

Ludo is a popular game in Nepal. This is a two player multiplayer game i created using Ruby on Rails.

Here are the steps to play the game.

1) First open the game link below.
2) Select a color and enter name.
3) Click on Join.
4) Now open the same link in another browser or another computer.
5) Enter name and select a color.
6) Click on Join.
7) Click "Enter Room" in both screens.
8) Follow the instructions and play the game.

Note: Currently the game only supports two players. Also, since this was just a hobby starter project in rails, security is not implemented. Please click on Reset if for some reason the game isn't working. The game lets you reset if there has not been any activity for 30 minutes.


Play Game

Languages and Frameworks used

Server : Ruby on Rails
Client : JQuery & HTML
IDE : C9

Safe

An app to protect all your important information with a password.

Download App


Source

Java Docs

Source Code

Automatic Bike Matcher

This is a small program, i created to aid my cousin with his motorcycle business. It has been a while since he has used it so i am sharing it to the web for anyone who might find the idea or source useful.

Context

There is a website that works like craigslist where people can post ads and people interested in the products will contact the seller. People who want to sell bikes go to this site and post their bikes with all the relevant information.

http://hamrobazaar.com/c62-automobiles-motorcycle


Goal

The goal was to create a software that would match the bikes in the website against the conditions set by the user. A condition is a set of features a user is looking in a bike. The software upon successful match of conditions against the bikes in the site would notify the user  promptly with all the pertinent information regarding the match that would expedite the deal process. For that an SMS could be sent to the user using an external SMS service such as https://www.clickatell.com/ .


Structure of the Program


The program has 4 main parts. A server written in python.  Clients in html.


1) Client - Conditions Entry Page

The most important UI for the user is the data entry page or the conditions entry page. In the entry page, i can set the conditions i am looking for. For example: "I am in search of a Pulsar bike whose price ranges from 100000 to 250000.".  I will set the conditions as shown below.

There is a submit button at the bottom of the page. After submitting the form, the user is redirected to a  conditions listing page.

2) Client - Conditions listings

This is a page that will list all the conditions that have been set by the user. I may be looking for multiple bikes each one with a set of conditions. In the example below, we have three conditions set.

3) Client - Matches listings

This is the results page that lists all the matches in chronological order starting with the latest matches which will be shown at the top and the old matches moving down the list. Another important feature of this page is that the most recent matches that the user has not seen yet will be highlighted in green.

4) Server - Bike Matcher

The core logic of comparing and notifying the user of any matches against the user's conditions is handler by a server written in python.

The server runs 24 hours a day and sleeps every 1 minute or so. The sleep or wakeup rate can be adjusted to suit one's needs. The server scraps data from the hamrobazaar site and it maintains a queue of the most recent bikes that have been added to the site. It will then proceed to the matching phase. It will match all new bikes to the conditions set by the user.

The server picked the best match among all the recent matches. This was done deliberately to prevent flooding the user with SMSs which would not be efficient. So in order to pick the best match, the matches are sorted according to priorities. The properties of the matches are normalized and then the best value match is selected to be sent to the user. The best match is sent to the user via an SMS. The SMS contains crucial information such as name and contact number of the seller so that as soon as the SMS is received the seller can be contacted via a cell phone to make the deal.



Server running...

External Services Used

https://www.clickatell.com/




Download Package

My First Android App

Created a simple hangman game for my first android app. Below is the play store link for install.

Download App

Facebook Homepage Vulnerable To Hack

Here I will show how easy it is to hack Facebook with the current Facebook homepage UI.

Files

First we need the files above. Inside the pack folder is a html file. Open faceb.html using firefox. (Currently the altered file doesn't render properly in chrome, explorer. So, you need to open it using firefox.)

Now, we hide the url with the official address. Below, the official Facebook address is seen in the url bar.

The attacker can leave the system with this page open. Unsuspecting victims see that facebook is on. So, they enter username and password. The victim clicks on Log In but the facebook login page reloads. The victim thinks he/she made a mistake and tries to login again. This time login succeeds.

The work of attacker is done.

The attacker comes back to the system and modifies the faceb.html file by uncommenting these two lines

//alert(localStorage.getItem("email"));
//alert(localStorage.getItem("password"));

The attacker opens the page with firefox. The user name and password are alerted to the attacker. 

First pops the username. 

Then pops the password. 

The interesting thing is that localStorage seems to store the data in the system forever even after the system is shutdown. The attacker can return whenever he/she pleases to recover the compromised credentials. In this example the attacker needs to get hold of the victim's computer for few minutes but this attack can also be performed remotely if the files are uploaded to a remote machine.

I have already emailed the issue to facebook and it seems they dont care enough to alter their UI. With just a slight modification to the UI this type of attack can be made harder. Gmail and Yahoo have two step authentication. First it accepts username and only then it accepts password. It seems this type of attack is harder on such types of authentication pages. Facebook why not switch?

Responsive Site Project

A site for Lyceum Paradise Academy made using bootstrap and php. Also, created a simple content management system for the Admins to update the different sections of the website. The goal I had in mind was to create a website that would look good across devices with various screen sizes and also be fast enough to be hosted in a free hosting provider. The goal was fulfilled somewhat.

Puzzle 15 Solver

A puzzle 15 solver programmed in JavaScript.

Play