How to disable copy paste and Ctrl+c options in blog or websites

Usually how do we copy a content from a docs ? We would select the content we need to copy down and use short cut keys or Right click and Select copy. How about disable selecting text itself , then readers couldn't use shortcuts and even though they couldn't copy down using right click options.

So i recommend this method to bloggers who wish to protect their contents from content thieves.

Actually this script is free and very popular among website masters.

Lets go :

1. Sign In to Blogger account and go to relevant blog.
2. Go to Page Elements from Design  and Click on Add a Gadget and choose HTML/JAVASCRIPT from the gadgets.
3. Now Copy down  both codes  and Paste it on the selected Gadget and Save it.

<!--Disable Copy And Paste-->
<script language='JavaScript1.2'>
function disableselect(e){
return false
}
function reEnable(){
return true
}
document.onselectstart=new Function ("return false")
if (window.sidebar){
document.onmousedown=disableselect
document.onclick=reEnable
}
</script>
Right Click Disable
<script language=javascript>
var message = "function disabled";
function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }
if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }
document.onmousedown = rtclickcheck;
</script> 


4. Now refresh your Blog and Right Click on it. Done!

Auto Captcha Software Free

Auto Captcha Solving:- Vena Captcha

VinaCaptcha - Free software for Captcha Entry

Hi Everybody,

The VinaCaptcha is good free software for Captcha Entry. Currently, VinaCaptcha is supporting many hot site below:

- Kolotibablo.com (KTB)
- *************** (MTP)
- Captcha2Cash.com (C2C)
- CaptchaTrader.com (CTD)
- Koloteam.com (KLT)
- ProTypers.com (PTP)
- CaptchaTypers.com (CTP)
- LookAndEarn.biz (LAE)

Working form


Theme choose

Why do you use the VinaCaptcha?
- This is free software for everybody.
- Make sure this software do not have virus, trojan, spyware,... Please check virustotal.com
- Speed up captcha loaded for you entry 24/7 hours.
- Supported many captcha site hot today.
- This software is small, layout friendly user.
- Supported multiple theme and you can write more theme for yourself.
- Supported resize able.
- Supported check upgrade version online.
- Supported multiple threading, multiple session, multiple ******. This mean you can work multiple account at the time.
- Supported compression, gzip. extract the captcha zip or gzip, to speed up loading captcha.
- Supported Auto Text: Auto input the captcha text again when this captcha before submitted.
- Supported Auto Skip: Auto skip a captcha follow rule of the captcha site.
- Display full information of account: status, total captcha, total earn, rate, timeout.
- Supported security account management with private your password, other people will can not read it.
- I always listen you about the changes of the captcha website to update it asap.

 

                                                                 Download Here :
                                                                 Vina Captcha free
                

This invisible spy application is designed for 2000, XP, 2003, Vista, 7 and Windows 8

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file. The log file can be viewed with the powerful Log Viewer. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for 2000, XP, 2003, Vista, 7 and Windows 8.

Keylogger Features:

-Email log delivery - keylogger can send you recorded logs through e-mail delivery at set times - perfect for remote monitoring!

-FTP delivery - Ardamax Keylogger can upload recorded logs through FTP delivery.

-Network delivery - sends recorded logs through via LAN.

-Clipboard logging - capture all text copied to the Windows Clipboard.

Invisible mode makes it absolutely invisible to anyone. Ardamax Keylogger is not visible in the task bar, system tray, Windows 2000/XP/2003/Vista/Windows 7 Task Manager, process viewers (Process Explorer, WinTasks etc.), Start Menu and Windows Startup list.

-Visual surveillance - periodically makes screenshots and stores the compressed images to log.

-Chat monitoring - Ardamax Keylogger is designed to record and monitor both sides of a conversation in following chats:

• AIM
• Windows Live Messenger 2011
• ICQ 7
• Skype 4
• Yahoo Messenger 10
• Google Talk
• Miranda
• QiP 2010

-Security - allows you to protect program settings, Hidden Mode and Log file.

-Application monitoring - keylogger will record the application that was in use that received the keystroke!

-Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

-Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

-Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

It records every keystroke. Captures passwords and all other invisible text.

Other Features:

• Windows 2000/2003/XP/Vista/Windows 7/Windows 8 support
• Monitors multi-user machines
• Automatic startup
• Friendly interface
• Easy to install

                                                 

Download Here

                                                    Ardamax Keylogger 4.0 Full Version
                                                                 

Facebook OAuth flaw allows gaining full control over any Facebook account

Source:THN

Facebook OAuth is used to communicate between Applications & Facebook users, to grant additional permissions to your favorite apps. To make this possible, users have to 'allow or accept' the application request so that app can access your account information with required permissions.

As a normal Facebook user we always think that it is better than entering your Facebook credentials, we can  just allow specific permissions to an app in order to make it work with your account.

Today whitehat Hacker 'Nir Goldshlager' reported 'The Hacker News' that he discovered a very critical vulnerability in Facebook's OAuth system, that allowed him to get full control over any Facebook account easily even without 'allow or accept' options.

For this purpose he hunt the flaw in a very mannered way i.e

Step 1) Understanding the OAuth URL

Step 2) Finding a way to use custom parameters in URL

Step 3) Bypassing OAuth 'Allow' button request at user end

Goldshlager explained everything on his blog via a post, so will also go step by step:

1.) Understanding the OAuth URL

The Facebook OAuth dialog URL is something like shown below:

https://www.facebook.com/dialog/oauth/?app_id=YOUR_APP_ID&next=YOUR_REDIRECT_URL&state=YOUR_STATE_VALUE&scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES 

Where app_id is the application ID and next parameter must contains the URL of the respective app domain only. For example app_id=2389801228 belongs to 'Texas Holdem Poker' app, So the 'next' parameter will allow only zynga.com domain (i.e next=http://zynga.com), otherwise Facebook will block that action.

2.) Finding a way to use custom parameters in URL

Goldshlager found that Facebook was allowing him to use facebook's sub domain in next parameter in the URL ie. https://beta.facebook.com/#xxx!/messages/. But '#xxx!' was not working for all browsers. After fuzzing the URL characters, he found that %23~! and %23%09! worked for all browsers.

This finding was enough to redirect user to any file or folder at Facebook domain.

Then he developed a simple Facebook application (i.e touch.facebook.com/apps/testestestte) ,which  was just to redirecting users to remote site (i.e. files.nirgoldshlager.com) with access token, where a log file was ready to store all access tokens.

3.) Bypassing OAuth 'Allow' button request at user end

Till now attacker was able to redirect user to a fake app, which was passing victim's access tokens to a 3rd party domain where attacker was logging access tokens. But the main issue was still there i.e without user interaction, app will not work. That means, one have to click 'allow' button as shown below.

So, to bypass this, he discovered that there are many built-in Facebook applications i.e 'Facebook Messenger app' that can access full permissions (read inbox, outbox, manage pages, manage ads,access to private photos, videos, etc.) from the victim's account without user interaction i.e no need to click 'allow' button.

i.e Sample Final URL : 

https://www.facebook.com/connect/uiserver.php?app_id=2389801228&next=http://zynga.com&display=page&fbconnect=1&method=permissions.request&response_type=token&perms=ads_management%20create_event%20create_note%20email%20export_stream%20manage_friendlists%20manage_groups%20manage_notifications%20manage_pages%20offline_access%20photo_upload%20publish_actions%20publish_checkins%20publish_stream%20read_friendlists%20read_insights%20read_mailbox%20read_page_mailboxes%20read_requests

This way attacker is now able to grab access tokens (with full permissions) of any Facebook account by just making his victims to visit a modified OAuth URL (without user interaction). This access_token will be never expired, It will expired only after the victim change his Facebook password