VIM is an awesome editor, but comes with a big big learning curve. These are the the top 3 Vim tutorials from where I learnt to use Vim.
1. http://www.vi-improved.org/tutorial.php
2. http://vim.runpaint.org/toc/
3. http://www.swaroopch.com/notes/Vim_en:Table_of_Contents
If you want to learn more, checkout http://thomer.com/vi/vi.html#manuals
Git reflog saves you from all screw-ups you do while using git.
Here is a sample output of git reflog.
hari@hari-desktop:/var/www/recruit$ git reflog
e458f54 HEAD@{0}: checkout: moving from test1 to e458f54fe99202c82c2690be4fa2fe2d7aa7be32^0
a3281d1 HEAD@{1}: checkout: moving from master to test1
f265802 HEAD@{2}: checkout: moving from test1 to master
ef08492 HEAD@{3}: ORIG_HEAD: updating HEAD
e458f54 HEAD@{4}: commit: Implement phpunit testcase.
1ecf2c3 HEAD@{5}: commit: Bug#1 : MCQ Choices displayed in questions.
f265802 HEAD@{6}: checkout: moving from test1 to f265802d1d65a9ac92bf9f6414d8f468444cce66^0
ec280c6 HEAD@{7}: checkout: moving from release to test1
f265802 HEAD@{8}: merge master: Fast-forward
ccec6c4 HEAD@{9}: checkout: moving from master to release
All your commits, checkouts, pull, merges are logged in here. To, reset the git to any point in there, we use the following command.
git reset --hard <commit-id>
But if you push this to the git, you will find that the commit is rejected now. To forcefully push your new HEAD to server, we use the following command.
git push origin +<branch_name>
+ before the branch name forcefully pushes the branch (even if your current branch is behind the origin).
NOTE: Please be careful when you use the command above. You might lose all the changes made by others (temporarily) if you use it. Of course, using reflog + reset, you can get back the changes.
Want to check if all changes in your new branch is merged to main branch before you delete the new branch.
git log feature1 ^master
The above command displays all commits which are present in feature1 and not present in master.
Note 1: You can also try “git branch -d feature1″. If the new branch is not totally merged, git won’t delete the new branch.
Note 2: You can also try “git branch –contains feature1″, but I’m not sure how that works. I guess I’m happy with git log for now.
To read more about this, checkout http://stackoverflow.com/questions/1710894/using-git-show-all-commits-that-are-in-one-branch-but-not-the-others
HTML5 seems to be the buzz word now. People around me are excited about HTML5 or already working on something with HTML5.
Curious to know what the hell is this HTML5, I started reading something from https://developer.mozilla.org/en/HTML/HTML5. Well, truth be told, I finished the overview in say 15 minutes and didn’t know what exactly to do after that. I was in no mood to implement any of the HTML5 features in interviewstreet now (Btw, if you don’t know, interviewstreet.com is my company where we simplify the hiring process by assessing the candidates using automated tests.)
Then for the next 15 minutes, I started playing around with some of the demos at http://html5demos.com/. They are cool, but nothing new or mind blowing. We’ve already seen these stuff in flash and javascript using libraries like jquery, prototype etc. So, now the browser gives native support to these features. What’s the big deal?
I guess unless I create something using HTML5, I’m never gonna realize it’s true potential. I started with the canvas tag.
So, after loads of google search, copy pasted code and a few cups of coffee, here is my first HTML5 game. :) This is the screenshot of the game.
You can play the game at http://sp2hari.com/html5/burst_the_balloon.html.
TODO:
1. Some sort of levels in the game, where you are taken to the next level once you shoot all the balloons.
2. Display score, time taken and other details.
3. Two player game, where two players can shoot arrows from both the directions and one who gets the highest score wins.
4. A special balloon which gives you more score if you shoot it.
5. Better animation for arrow and balloon. Right now, the balloon looks like an egg.
Anyone interested in playing/learning with HTML5 can take up this code and implement something from the above TODO list. Do mail be back at sp2hari AT gmail DOT com if you implement anything or even if you have anything to say about this game :)
Hi all,
I’m very happy to present you Online Programming Contest Calendar (http://www.opccalendar.com/). This is something I wanted to do for Spider in college. All I could finish in college was a simple fetcher from algorithmist.com and topcoder.com. Now, I have everything I wanted to have in this new site. And yes, I hated the algorithmist.com calendar. There was so much I wanted to do for that calendar and the result is http://www.opccalendar.com/.
Some of the cool features I like in this site are.
Things I would like to have in this soon. (Of course, depends on how much time I have to spend on this project)
Any volunteers out there?
There are so many people who helped me in build this site. I guess this is right place to thank them.
Yazhini for helping me with the first prototype of the parser code to fetch from algorithmist.com. Written in C++ and still works cool :)
Vivek for helping me with the text context for this website.
Sindhu and her friends Sathyajith and Gautam for helping me with the ads.
Taggy for giving me webspace in his mediatemple account. Seriously, I should thank this guy for his continuous support with his mediatemple account.
Arvind, Vinod and Prasanna for their feedback during each iteration of this site.
Hope this becomes the one and only place which has all the details about programming contest.
How can you help me promote this site?
1. Keep this site url as GTalk status message. That will really help many many people know about this site.
2. Tell your geek friends about this site.
This is a tutorial about how to perform a dummy dictionary attack and how web-masters can prevent a dictionary attack.
Wikipedia defines Dictionary attack as,
In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.
A dictionary attack uses a brute-force technique of successively trying all the words in an exhaustive list (from a pre-arranged list of values). In contrast with a normal brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words in a dictionary. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily-predicted variations on words, such as appending a digit.
In this post, I’m going to write a simple code which will send POST requests to the web server and process the response of each request. Before I start, let me tell you that there are many softwares which already do this. Some of them are,
1. Burp Suite
2. John the Ripper
But what’s the fun in using a software and cracking something. :) The fun part is when YOUR code does something. After all, Code is Poetry (Check wordpress.org footer) ;)
For the demo here, I have this login page, which is very similar to my college mail server (or any horde server). The user-name and password for a successful login is “cs10528″ and “remember” respectively. If you provide a valid user-name/password combination, the page will display “Login Successful”. For any other user-name/password combination, the page will display “Login Failed”. So, now all we need is a code which can send POST request to the login page and a dictionary from which we can pick up the probable passwords.
This is the PHP code I’ve written to automate the login process. It reads from the “dict.txt” file and uses that to send the HTTP request. The code is well commented and main login process is done by curl functions. And finally, here is the dict.txt I’ve used for this demo. It has only around 25 words, so that the processing ends sooner. In case you are not comfortable with curl in php, you can see this post, which explains about curl basics.
You can see the whole login process in action here.
So, how can a web-master prevent these automatic logins?
1. Captcha
Adding a captcha prevents almost all the automatic login attempts. But be careful about what kind of captcha you choose. There are quite a few captchas which confuse people and scare them away.
2. Math Puzzles
Instead of images, you can ask the user to enter some simple arithmetic calculations (like what is 10+15). This loads much faster and prevents any confusion.
3. Maintaining the state in server
Store the login access time for each user, and if the time difference is less than 5 seconds, then block the user for next 10 minutes. This needs some more modification in the server side code, with new tables needed to store the login access time data.
Note :
1. The code posted here won’t work for horde. There are cookies and other stuff to be handled in many cases.