Feb 23, 2023

Bard AI vs ChatGPT

Bard AI and ChatGPT are two of the most advanced artificial intelligence language models available today. While both models are designed to generate human-like text, they differ in their approach and capabilities.

Bard AI is a language model created by OpenAI that specializes in generating high-quality poetry. It was trained on a massive corpus of poetry, which includes works from the likes of Shakespeare and Emily Dickinson. Bard AI's main focus is on creating lyrical and evocative language that captures the essence of human emotion.

ChatGPT, on the other hand, is a much more general-purpose language model. It was trained on a much broader corpus of text, including books, articles, and online conversations. ChatGPT is designed to be able to converse with humans in a natural and engaging way, and it can generate responses to a wide range of prompts and questions.

When it comes to comparing these two models, it's important to note that they are designed for very different purposes. Bard AI is focused on generating poetry, while ChatGPT is designed to be a conversational partner. As a result, the two models have different strengths and weaknesses.

For example, Bard AI is particularly good at generating poetic language that evokes strong emotions. It can create powerful metaphors and similes, and its poetry often has a strong sense of rhythm and musicality. However, Bard AI is not particularly good at generating prose or conversational language, so it's not well-suited to tasks like writing articles or answering questions.

ChatGPT, on the other hand, is much more versatile. It can generate responses to a wide range of prompts, and it's particularly good at conversational tasks like answering questions or providing recommendations. However, ChatGPT is not as skilled at generating poetic language as Bard AI, and its responses can sometimes be overly literal or lack the emotional depth of poetry.

In conclusion, Bard AI and ChatGPT are both powerful language models, but they have different strengths and weaknesses. Bard AI is particularly good at generating poetic language, while ChatGPT is more versatile and well-suited to conversational tasks. Depending on your needs, you may find that one model is a better fit for your particular application than the other.

Feb 16, 2023

AI Technology in Daily Life

Artificial intelligence (AI) technology has been making waves in recent years as its potential for transforming industries and improving our daily lives becomes increasingly apparent. AI is a form of technology that uses algorithms and machine learning to process and analyze large amounts of data, recognize patterns, and make decisions without human intervention. In this article, we will explore some examples of AI technology and how they can be used in our daily lives.


Personalized Healthcare

AI technology has the potential to revolutionize the healthcare industry by providing personalized and efficient care to patients. By analyzing patient data, AI can identify patterns and predict potential health risks, allowing doctors to proactively treat patients before a serious illness occurs. For example, wearables such as Fitbits and Apple Watches use AI to track and analyze a patient's health data, providing insights into their activity level, heart rate, and sleep patterns. This data can be used to detect and prevent health issues like heart disease and diabetes.


Virtual Personal Assistants

Virtual personal assistants like Siri, Alexa, and Google Assistant are already a part of our daily lives. These AI-powered assistants can do everything from setting reminders to playing music to ordering groceries, all with a simple voice command. As AI technology advances, virtual assistants will become even more integrated into our daily routines, making tasks more efficient and convenient.


Fraud Detection

AI technology can be used to identify fraudulent activity in real-time. By analyzing data patterns and identifying anomalies, AI can detect fraud attempts and alert financial institutions or individuals to take action. For example, credit card companies use AI to identify potential fraud attempts, saving their customers from potential financial loss.


Smart Homes

Smart home technology uses AI to automate and control various aspects of a home, including lighting, temperature, and security. By analyzing data from sensors and devices, AI can learn a homeowner's preferences and adjust settings accordingly, creating a more comfortable and efficient living environment. For example, smart thermostats use AI to learn a homeowner's temperature preferences and automatically adjust the temperature to optimize energy usage and reduce costs.


Predictive Maintenance

AI technology can be used to predict equipment failures before they occur, allowing companies to perform maintenance and avoid costly downtime. By analyzing sensor data and identifying patterns, AI can predict when equipment is likely to fail, allowing companies to schedule maintenance at the most opportune time. For example, airlines use AI to predict maintenance needs for their aircraft, reducing the risk of unexpected breakdowns and flight cancellations.


In conclusion, AI technology is becoming increasingly prevalent in our daily lives, and its potential for transforming industries and improving our daily routines is enormous. From personalized healthcare to smart homes to fraud detection, AI technology is changing the way we live and work. As this technology continues to advance, we can expect to see even more innovative applications that will make our lives easier and more efficient.





Jan 14, 2023

Drunk Elephant Skin Care

Drunk Elephant is a skincare brand that focuses on using clean, non-toxic ingredients in their products. They believe that "less is more" when it comes to skincare, and aim to create products that are both effective and safe for the skin. Some of their popular products include serums, moisturizers, and exfoliants.

Drunk Elephant was founded in 2012 by Tiffany Masterson, who was inspired by her own struggles with sensitive skin. The brand is known for its commitment to using clean, non-toxic ingredients in its products, and for excluding certain ingredients that are commonly found in skincare products but can be irritating to the skin. These "suspicious 6" ingredients are: essential oils, drying alcohols, silicones, chemical sunscreens, fragrances/dyes, SLS.

Drunk Elephant offers a wide range of skincare products, including cleansers, serums, moisturizers, exfoliants, masks, and eye creams. Some of their popular products include the T.L.C. Framboos Glycolic Night Serum, the Virgin Marula Luxury Facial Oil, and the C-Firma Day Serum.

The brand has been widely popular and praised by many beauty influencers and experts for its effectiveness and innovation in using clean ingredients. It has also won many awards in the beauty industry.

Drunk Elephant is available for purchase at Sephora, Ulta, and on the brand's website. 

There is some controversy surrounding the skincare brand Drunk Elephant. Some critics have raised questions about the effectiveness of their products and the scientific basis of their claims. Additionally, the brand has been criticized for using certain ingredients that may be harmful or irritating to some people's skin. The company has also been criticized for its high prices. On the other hand, many people have had positive experiences with Drunk Elephant products and the brand has a loyal customer base.

Apr 3, 2011

'The Hacker News' Magazine Download ~ THN : The Hackers News

'The Hacker News' Magazine Download ~ THN : The Hackers News:
The first edition of ‘The Hacker NewsMagazine release for April-2011 ! The Hacker News official website was launched on 1st Nov-2010, and within 4 months with the support of all our Hackers Friends and Readers we are successfully able to create a platform for Hacking News Media. Our website with over a 15 lacs Visitors in last 4 Months is an online Hacker News Organisation. We propagate news specifically related to information security threats, Hacking threads and issues from all over the world. Our research teams search and compile news from tens of thousands of sites and 1000’s of Hackers are connected to us as news source to bring you the most latest Hacking and Security News at one location. In addition to news, we host blogs and discussions, education videos, as well as Hacker News Organisation provide cyber services like Penetration Testing , Educational Seminars , Workshops , Webinars Services and Web Development Services.

Source :
"'The Hacker News' Magazine Download : The Hacker News ~ http://www.thehackernews.com/p/magazine.html"

Nov 14, 2010

Remote Network Penetration via NetBios Hack/Hacking

These are basic techniques but very useful when penetration testing any Windows based network, the techniques were discovered on WinNT but are still very valid on Windows2000 and in some cases Windows2003 due to backwards compatibility.

This article is being written in a procedural manner. I have approached it much like an intruder would actually approach a network penetration. Most of the techniques discussed in this text are rather easy to accomplish once one understands how and why something is being done.

When targetting a given network, the first thing an intruder would do, would be to portscan the remote machine or network. A lot of information can be gathered by a simple port scan but what the intruder is looking for is an open port 139 – the Default NetBios port. It’s surprising how methodical an attack can become based on the open ports of a target machine. You should understand that it is the norm for an NT machine to display different open ports than a Unix machine.

Intruders learn to view a portscan and tell wether it is an NT or Unix machine with fairly accurate results. Obviously there are some exceptions to this, but generally it can be done.

Recently, several tools have been released to fingerprint a machine remotely, but this functionality has not been made available for NT.

Information gathering with NetBIOS can be a fairly easy thing to accomplish, albeit a bit time consuming. NetBIOS is generally considered a bulky protocol with high overhead and tends to be slow, which is where the consumption of time comes in.

If the portscan reports that port 139 is open on the target machine, a natural process follows. The first step is to issue an NBTSTAT command.

The NBTSTAT command can be used to query network machines concerning NetBIOS information. It can also be useful for purging the NetBIOS cache and preloading the LMHOSTS file. This one command can be extremely useful when performing security audits.

Interpretation the information can reveal more than one might think.

Usage: nbtstat [-a RemoteName] [-A IP_address] [-c] [-n] [-R] [-r] [-S] [-s] [interval]

Switches
-a Lists the remote computer's name table given its host name.
-A Lists the remote computer's name table given its IP address.
-c Lists the remote name cache including the IP addresses.
-n Lists local NetBIOS names.
-r Lists names resolved by broadcast and via WINS.
-R Purges and reloads the remote cache name table.
-S Lists sessions table with the destination IP addresses.
-s Lists sessions table conversions.
The column headings generated by NBTSTAT have the following meanings:

Input
Number of bytes received.
Output
Number of bytes sent.
In/Out
Whether the connection is from the computer (outbound)
or from another system to the local computer (inbound).
Life
The remaining time that a name table cache entry will "live"
before your computer purges it.
Local Name
The local NetBIOS name given to the connection.
Remote Host
The name or IP address of the remote host.
Type
A name can have one of two types: unique or group.
The last byte of the 16 character NetBIOS name often
means something because the same name can be present
multiple times on the same computer. This shows the last
byte of the name converted into hex.
State
Your NetBIOS connections will be shown in one of the
following "states":

State Meaning

Accepting An incoming connection is in process.

Associated The endpoint for a connection has been created
and your computer has associated it with an IP
address.

Connected This is a good state! It means you're connected
to the remote resource.

Connecting Your session is trying to resolve the name-to-IP
address mapping of the destination resource.

Disconnected Your computer requested a disconnect, and it is
waiting for the remote computer to do so.

Disconnecting Your connection is ending.

Idle The remote computer has been opened in the current
session, but is currently not accepting connections.

Inbound An inbound session is trying to connect.

Listening The remote computer is available.

Outbound Your session is creating the TCP connection.

Reconnecting If your connection failed on the first attempt,
it will display this state as it tries to reconnect.
Here is a sample NBTSTAT response of my NT Box:

C:\>nbtstat -A 195.171.236.139

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
MR_B10NDE <00> UNIQUE Registered
WINSEKURE LABS <00> GROUP Registered
MR_B10NDE <03> UNIQUE Registered
MR_B10NDE <20> UNIQUE Registered
WINSEKURE LABS <1e> GROUP Registered

MAC Address = 44-45-53-54-00-00

Using the table below, what can you learn about the machine?

Name Number Type Usage
=========================================================================
00 U Workstation Service
01 U Messenger Service
<\\_MSBROWSE_> 01 G Master Browser
03 U Messenger Service
06 U RAS Server Service
1F U NetDDE Service
20 U File Server Service
21 U RAS Client Service
22 U Exchange Interchange
23 U Exchange Store
24 U Exchange Directory
30 U Modem Sharing Server Service
31 U Modem Sharing Client Service
43 U SMS Client Remote Control
44 U SMS Admin Remote Control Tool
45 U SMS Client Remote Chat
46 U SMS Client Remote Transfer
4C U DEC Pathworks TCPIP Service
52 U DEC Pathworks TCPIP Service
87 U Exchange MTA
6A U Exchange IMC
BE U Network Monitor Agent
BF U Network Monitor Apps
03 U Messenger Service
00 G Domain Name
1B U Domain Master Browser
1C G Domain Controllers
1D U Master Browser
1E G Browser Service Elections
1C G Internet Information Server
00 U Internet Information Server
[2B] U Lotus Notes Server
IRISMULTICAST [2F] G Lotus Notes
IRISNAMESERVER [33] G Lotus Notes
Forte_$ND800ZA [20] U DCA Irmalan Gateway Service
Unique (U): The name may have only one IP address assigned to it. On a network device, multiple occurences of a single name may appear to be registered, but the suffix will be unique, making the entire name unique.

Group (G): A normal group; the single name may exist with many IP addresses.

Multihomed (M): The name is unique, but due to multiple network interfaces on the same computer, this configuration is necessary to permit the registration. Maximum number of addresses is 25.

Internet Group (I): This is a special configuration of the group name used to manage WinNT domain names.

Domain Name (D): New in NT 4.0.

An intruder could use the table above and the output from an nbtstat against your machines to begin gathering information about them. With this information an intruder can tell, to an extent, what services are running on the target machine and sometimes what software packages have been installed. Traditionally, every service or major software package comes with it’s share of vulnerabilities, so this type of information is certainly useful to an intruder.

The next step for an intruder would be to try and list the open shares on the given computer, using the net view command, Here is an example of the net view command used against my box with the open shares C:\ and C:\MP3S\

C:\>net view \\195.171.236.139
Shared resources at \\195.171.236.139

Sharename Type Comment
-----------------------------------------------------------------
C Disk Drive C:\
MP3S Disk My collection of MP3s
The command was completed successfully.
This information would give the intruder a list of shares which he would then use in conjunction with the net use command, a command used to enable a computer to map a share to it’s local drive, below is an example of how an intruder would map the C Share to a local G: drive which he could then browse:

C:\>net use G: \\195.171.236.139\C
The command was completed successfully.

C:\>G:

G:\>
However, If the intruder was targetting a large network rather than a single remote computer, the next logical step would be to glean possible usernames from the remote machine.

A network login consists of two parts, a username and a password. Once an intruder has what he knows to be a valid list of usernames, he has half of several valid logins.

Now, using the nbtstat command, the intruder can get the login name of anyone logged on locally at that machine. In the results from the nbtstat command, entries with the <03> identifier are usernames or computernames. Gleaning usernames can also be accomplished through a null IPC session and the SID tools

The IPC$ (Inter-Process Communication) share is a standard hidden share on an NT machine which is mainly used for server to server communication. NT machines were designed to connect to each other and obtain different types of necessary information through this share. As with many design features in any operating system, intruders have learned to use this feature for their own purposes. By connecting to this share an intruder has, for all technical purposes, a valid connection to your server. By connecting to this share as null, the intruder has been able to establish this connection without providing it with credentials.

To connect to the IPC$ share as null, an intruder would issue the following command from a command prompt:

c:\>net use \\[ip address of target machine]\ipc$ "" /user:""

If the connection is successful, the intruder could do a number of things other than gleaning a user list, but lets start with that first. As mentioned earlier, this technique requires a null IPC session and the SID tools. Written by Evgenii Rudnyi, the SID tools come in two different parts, User2sid and Sid2user. User2sid will take an account name or group and give you the corresponding SID. Sid2user will take a SID and give you the name of the corresponding user or group. As a stand alone tool, this process is manual and very time consuming. Userlist.pl is a perl script written by Mnemonix that will automate this process of SID grinding, which drastically cuts down on the time it would take an intruder to glean this information.

At this point, the intruder knows what services are running on the remote machine, which major software packages have been installed (within limits), and has a list of valid usernames and groups for that machine. Although this may seem like a ton of information for an outsider to have about your network, the null IPC session has opened other venues for information gathering. The Rhino9 team has been able to retrieve the entire native security policy for the remote machine.

Such things as account lockout, minimum password length, password age cycling, password uniqueness settings as well as every user, the groups they belong to and the individual domain restrictions for that user – all through a null IPC session. This information gathering ability will appear in Rhino9′s soon to be released Leviathan tool. Some of the tools available now that can be used to gather more information via the IPC null session will be discussed below.

With the null IPC session, an intruder could also obtain a list of network shares that may not otherwise be obtainable. For obvious reasons, an intruder would like to know what network shares you have available on your machines. For this information gathering, the standard net view command is used, as follows:

c:\>net view \\[ip address of remote machine]

Depending on the security policy of the target machine, this list may or may not be denied. Take the example below (ip address has been left out for obvious reasons):

C:\>net view \\0.0.0.0
System error 5 has occurred.

Access is denied.

C:\>net use \\0.0.0.0\ipc$ "" /user:""
The command completed successfully.

C:\>net view \\0.0.0.0
Shared resources at \\0.0.0.0

Share name Type Used as Comment

---------------------------------------------------------------------
Accelerator Disk Agent Accelerator share for Seagate backup
Inetpub Disk
mirc Disk
NETLOGON Disk Logon server share
www_pages Disk
The command completed successfully.
As you can see, the list of shares on that server was not available until after the IPC null session had been established. At this point you may begin to realize just how dangerous this IPC connection can be, but the IPC techniques that are known to us now are actually very basic. The possibilities that are presented with the IPC share are just beginning to be explored.

Once this list of shares had been given, the intruder could then proceed to issue the net use commands as described above..