Wednesday, December 14, 2016
Multiplayer Board Game
Ludo is a popular game in Nepal. This is a two player multiplayer game i created using Ruby on Rails.
Here are the steps to play the game.
1) First open the game link below.
2) Select a color and enter name.
3) Click on Join.
4) Now open the same link in another browser or another computer.
5) Enter name and select a color.
6) Click on Join.
7) Click "Enter Room" in both screens.
8) Follow the instructions and play the game.
Note: Currently the game only supports two players. Also, since this was just a hobby starter project in rails, security is not implemented. Please click on Reset if for some reason the game isn't working. The game lets you reset if there has not been any activity for 30 minutes.
Play Game
Languages and Frameworks used
Server : Ruby on Rails
Client : JQuery & HTML
IDE : C9
Saturday, October 1, 2016
Safe
Friday, September 16, 2016
Automatic Bike Matcher
This is a small program, i created to aid my cousin with his motorcycle business. It has been a while since he has used it so i am sharing it to the web for anyone who might find the idea or source useful.
Context
There is a website that works like craigslist where people can post ads and people interested in the products will contact the seller. People who want to sell bikes go to this site and post their bikes with all the relevant information.
http://hamrobazaar.com/c62-automobiles-motorcycle
Goal
The goal was to create a software that would match the bikes in the website against the conditions set by the user. A condition is a set of features a user is looking in a bike. The software upon successful match of conditions against the bikes in the site would notify the user promptly with all the pertinent information regarding the match that would expedite the deal process. For that an SMS could be sent to the user using an external SMS service such as https://www.clickatell.com/ .
Structure of the Program
The program has 4 main parts. A server written in python. Clients in html.
1) Client - Conditions Entry Page
The most important UI for the user is the data entry page or the conditions entry page. In the entry page, i can set the conditions i am looking for. For example: "I am in search of a Pulsar bike whose price ranges from 100000 to 250000.". I will set the conditions as shown below.
There is a submit button at the bottom of the page. After submitting the form, the user is redirected to a conditions listing page.
2) Client - Conditions listings
This is a page that will list all the conditions that have been set by the user. I may be looking for multiple bikes each one with a set of conditions. In the example below, we have three conditions set.
3) Client - Matches listings
This is the results page that lists all the matches in chronological order starting with the latest matches which will be shown at the top and the old matches moving down the list. Another important feature of this page is that the most recent matches that the user has not seen yet will be highlighted in green.
4) Server - Bike Matcher
The core logic of comparing and notifying the user of any matches against the user's conditions is handler by a server written in python.
The server runs 24 hours a day and sleeps every 1 minute or so. The sleep or wakeup rate can be adjusted to suit one's needs. The server scraps data from the hamrobazaar site and it maintains a queue of the most recent bikes that have been added to the site. It will then proceed to the matching phase. It will match all new bikes to the conditions set by the user.
The server picked the best match among all the recent matches. This was done deliberately to prevent flooding the user with SMSs which would not be efficient. So in order to pick the best match, the matches are sorted according to priorities. The properties of the matches are normalized and then the best value match is selected to be sent to the user. The best match is sent to the user via an SMS. The SMS contains crucial information such as name and contact number of the seller so that as soon as the SMS is received the seller can be contacted via a cell phone to make the deal.
Server running...
External Services Used
https://www.clickatell.com/
Download Package
Friday, September 9, 2016
My First Android App
Created a simple hangman game for my first android app. Below is the play store link for install.
Download App
Thursday, August 25, 2016
Facebook Homepage Vulnerable To Hack
Here I will show how easy it is to hack Facebook with the current Facebook homepage UI.
Files
First we need the files above. Inside the pack folder is a html file. Open faceb.html using firefox. (Currently the altered file doesn't render properly in chrome, explorer. So, you need to open it using firefox.)
Now, we hide the url with the official address. Below, the official Facebook address is seen in the url bar.
The attacker can leave the system with this page open. Unsuspecting victims see that facebook is on. So, they enter username and password. The victim clicks on Log In but the facebook login page reloads. The victim thinks he/she made a mistake and tries to login again. This time login succeeds.
The work of attacker is done.
The attacker comes back to the system and modifies the faceb.html file by uncommenting these two lines
//alert(localStorage.getItem("email"));
//alert(localStorage.getItem("password"));
The attacker opens the page with firefox. The user name and password are alerted to the attacker.
First pops the username.
Then pops the password.
The interesting thing is that localStorage seems to store the data in the system forever even after the system is shutdown. The attacker can return whenever he/she pleases to recover the compromised credentials. In this example the attacker needs to get hold of the victim's computer for few minutes but this attack can also be performed remotely if the files are uploaded to a remote machine.
I have already emailed the issue to facebook and it seems they dont care enough to alter their UI. With just a slight modification to the UI this type of attack can be made harder. Gmail and Yahoo have two step authentication. First it accepts username and only then it accepts password. It seems this type of attack is harder on such types of authentication pages. Facebook why not switch?
Responsive Site Project
A site for Lyceum Paradise Academy made using bootstrap and php. Also, created a simple content management system for the Admins to update the different sections of the website. The goal I had in mind was to create a website that would look good across devices with various screen sizes and also be fast enough to be hosted in a free hosting provider. The goal was fulfilled somewhat.
Tuesday, January 12, 2016
Subscribe to:
Posts (Atom)