Monthly Archives: July 2007

Computer Star Awards 2007

This year over 5,600 students from about 130 schools across Delhi and the NCR participated in the Computer Star Contest. There were 2 categories, Group A & B, and 53 prizes were given to students excelling in both the groups respectively. Ananth Govind Rajan from our school received the top rank in Group B with 296 marks out of 300 and received a Toshiba laptop. There were a total of 22 students from our school who received consolation prizes from both groups. Our school had the maximum number of meritious students and the third largest number of participating students with 254 students. Hence, we have secured the Computer Ratna for best teachers (Mukesh Kumar & Anjana Virmani), maximum participation and the overall position as the best school.

DON BOSCO FIESTA

Event
PANORAMA – Power Point Presentation
Date
25 August 2007
Registration Time
08:00 am
Event Time
10:30 am – 01:00 pm
Eligibility
Student of class XI & XII
(One Team per school – 3 Members – Speaker, Presenter, Interjector)
Presentation Duration
2 1/2 Minutes
Topic
Censorship murdering Creative Liberty

Organisor School
DON BOSCO SCHOOL, Alaknanda, New Delhi
Contact Phone Numbers
26043099,32949703, 40533616

SQL Injection attacks

One of the most prominent loopholes, which almost every site has, is an SQL security loophole. Sites that use the SQL database system are the ones vulnerable to it.
An SQL Injection Attack is a form of attack that comes from user input that remains unchecked on the user end. The objective is to fool the database system into running malicious code that will reveal sensitive information or otherwise compromise the server.
There are two main types of attacks. First-order attacks are when the attacker receives the desired result immediately, either by direct response from the application he is interacting with or by some other response mechanism, such as e-mail. Second-order attacks are when the attacker injects some data that will reside in the database, but the payload is not immediately activated.

To be very precise, it gives you the source of the files where all the important data is stored.
Here is an example-

1) Open the following site: http://www.sanjeevkapoor.com/ : I have already informed the administrator about the loopholes through a letter also, but no action has been taken.
2) Click on sign in and type the username as: admin OR 1=1—and password as: ‘OR”=’
Now you see how powerful this Injection Attack is. For me to explain how this happened, you need to know some amount of SQL. So this is what actually happens when you supply a password and login to a logon form.
SQLQuery=”SELECT Username FROM Users WHERE Username=’” & StrUsername & “ ‘ AND Password=’ “ & Strpassword & “ ‘ “
StrAuthcheck= GetqueryResult(SQL query)
If strAuthenticated=” “ then
Boolauthenticated=False
Else
Boolauthenticated= True
The logon and password actually form an SQL query, which goes through the user’s table, and tries to find a match for the username and password you supplied. If a match is found then a string is stored in a variable (strauthcheck) but if this string remains empty then you are not authorized. So by using the SQL queries like 1=1—(which means one is equal to one) you are able to fool the SQL sever which is actually checking for authentication.

Article by : – Ankit Srivastava
                       Head, Network Security – Exunclan

CV Raman and Bhaskara Trophy

Bluebells School, Kailash Colony is organising a Science Symposium for the CV Raman and Bhaskara Trophy on July 31, 2007. One speaker and two presenters are required for the same.

A 5 minute presentation needs to be made on the topic “Technology of Mobile Connectivity” on either PowerPoint or Flash MX. If it is made on any other software, then the participants will have to bring the software with them for the event.

All those interested please give in your names before July 20, 2007.

Mata Jai Kaur Public School result

Senior Event

  • Quiz
    Kartikeya Asthana
    Ananth Govind Rajan
  • Programming (C++, VB)
    Aayush Kumar
    Shikhar
  • CEO Hunt
    Aayush Kumar

    Junior Events

  • Mobile Phone Website
    Tanay Padhi
    Dwarkesh
  • Treasure Hunt
    Aditya Jain
    Sakshi Gupta
  • Video Editing

    Sub Junior Events

  • Junior Quiz
    Shubham Goel
    Rishabh Marya
  • Futuristic Gizmo
    Shubham Goel
    Tanay Padhi

Tech-Edge 2007

Tech Edge 2007 is being organized at Birla Vidya Niketan on the 25th of July. The following students will be participating in the event:-

1.Collage Making

  • Aditya Jain
  • Saakshi

2.Web Designing

  • Shubham Goel
  • Rishabh Marya

(Topics (i)Life in space (ii)Latest technology (iii)Indian Heritage. The teams should submit a copy of their website in a CD by 21st July.)

3.Senior Programming

  • Anant Jain
  • Abhijit Das

4.Multimedia Presentation

  • Rishabh Marya
  • Shubham Goel

( The topic for the presentation is (i) XBOX 360 (ii)Robocop . Teams should submit a copy of their presentation in CD on any one of the above topic by 21st July.The softwares to be used are (i)Frontpage (ii)Flash )

Urgent: Exun Member Photos

The following members must report on Thursday (12 July) during BREAK for their photos to be taken for the exunclan website:

Radhika Malik
Ankit Srivastava
Kunal Singh
Akshay Talwar
Srajan Mani Rastogi
Ananth Govind Rajan
Nachiketa Dash
Kanika Singh
Mini Saxena
R. Dwarkesh
Shubham Goel
Rishabh Marya
Tanay Padhi
Adideva Sekhri
Utkarsh Ohm

All members are also requested to update their details (contact info, class, section, etc) in the Exun Members Google spreadsheet.

Meeting

An Exun meeting is scheduled on Thursday, the 12th of July during BREAK to finalize teams for the computer symposium which is being held at Mata Jai Kaur Public School. All Exun members must report.

See you there!