Day One: Introduction to Linked list

                                     Single Linked List

On first day we will learn basics of linked list, we will first create structure of node(node is basic component of linked list,hope you know what is link list....:P). Following is structure of node:

                  typedef struct node{

                         int data;
                         struct node *next;
                             }node;

Following is program for adding node from front and for traversing...

#include<stdio.h>

#include<malloc.h>

typedef struct node{

    int data;

    struct node *next;

}node;





void show(int *head)            //for traversing linked list

{
    node *temp1;

    temp1=head;

    while(temp1!=NULL)

    {

        printf("%d ",temp1->data);

        temp1=temp1->next;

    }

}



int Insert(int *head)

{

    int data;



    node *temp;

    temp=(node*)malloc(sizeof(node));

    printf("enter data");

    scanf("%d",&data);


    temp->data=data;

    temp->next=head;



    head=temp;

    return head;



}


int main()

{

    node *head=NULL;

    int start=Insert(head);

    start=Insert(start);

    show(start);

}

Sending Mail using Java

JavaMail is an API with which we can send and receive E-mail. JavaMail is an platform-independent framework.This whole work  can we done by using SMTP server of gmail over SSL.
This post it focus on only sending emails via gmail.

• SMTP: Full form is Simple Mail Transfer Protocol, it provide mechanism to send emai, is the protocol in widespread use today. It uses TCP port 25.SMTP connections secured by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in its own right.While electronic  mail server and other  mail transfer agents use SMTP to send and receive mail messages, user-level client mail applications typically use SMTP only for sending messages to a mail server for  relaying.
• Secure Sockets Layer (SSL), are cryptographic protocols that provide communication  security over the Internet.SSL encrypt the segments of  network connections at the  Application Layer for the  Transport Layer, using asymmetric cryptography  for key exchange, symmetric encryption for confidentiality, and message authentication codes for message integrity.

JAVA-MAIL API

For sending mail we need two jar files.

• mail.jar

• activation.jar

The basic java program contain following sub-sections.

1. Get the session object, that contain all information about host like username,password,etc.
2. compose the message.

• Create MimeBodyPart Object and set your message text.
• Create new MimeBodyPart Object and set DataHandler object to this object.
• Create multipart object and add  MimeBodayPart object to this.
• Set multipart object to message object.
• send message

•  MIME: Multiple internet mail extension tells the browser what is to be sent, example message format, attachments etc. it is not known as mail transfer protocol but used by mail program.

Explanation of sub-parts are as follows:

1. Get the session object: The javax.mail.Session class provides two methods to get the object of session, Session.getDefaultInstance() method and Session.getInstance() method. You can use anyone method to get the session object. 

Syntax for Session.getDefaultInstance():There are two methods to get the session object by using the getDefaultInstance() method. It returns the default session.

• Public static Session GetDeafultInstance(Properties pros)
•  Public static Session GetDeafultInstance(Properties pros,Authenticator auth)

  2. Compose the Message:javax.mail provide methods to compose the message. But it is abstract class so it's subclass javax.mail.internet.MimeMessage class is mostly used.
to create message you need to pass session to MimeMessage class constructor.
                    MimeMessage message=new MimeMessage(session);
  MimeMessage class further provide many methods, attachments are also handled in this subsection.
  3. Sending: The javax.mail.Transport class provides method to send the message.


To run Basic java programfor sending Email (without attachments), you need :

• Netbeans (any other IDE)
•  mail.jar
• activation.jar
• username and password of gmail account.

First make new project and add mail.jar and activation.jar in library.
     

Code:

import java.util.Properties;
import javax.mail.*;
import javax.mail.internet.*;

public class SendMailSSL {
 public static void main(String[] args) {

 String to="xxxx@gmail.com";//change accordingly

  //Get the session object
  Properties props = new Properties();
  props.put("mail.smtp.host", "smtp.gmail.com");
  props.put("mail.smtp.socketFactory.port", "465");
  props.put("mail.smtp.socketFactory.class",
         "javax.net.ssl.SSLSocketFactory");
  props.put("mail.smtp.auth", "true");
  props.put("mail.smtp.port", "465");
 
  Session session = Session.getDefaultInstance(props,
   new javax.mail.Authenticator() {
   protected PasswordAuthentication getPasswordAuthentication() {
   return new PasswordAuthentication("yourgmailid@gmail.com","password");//change accordingly
   }
  });
 
  //compose message
  try {
   MimeMessage message = new MimeMessage(session);
   message.setFrom(new InternetAddress("yourgmailid@gmail.com"));//change accordingly
   message.addRecipient(Message.RecipientType.TO,new InternetAddress(to));
   message.setSubject("Hello");
   message.setText("Testing.......");
   
   //send message
   Transport.send(message);

   System.out.println("message sent successfully");
 
  } catch (MessagingException e) {throw new RuntimeException(e);}
 
 }
}

     


I'am presently Working on designing GUI for this application, in next post complete code will be provided with GUI design.

Gmail client

 

Software Models- Spiral Model

Every one of us usually think that there is no need of developing model or make pre-plan before developing software but in reality making software life cycle model is the key ingredient for a successful software,as it encourages development of software in a systematic and disciplined manner, it also help other programmers to easily understand the exact working of software.

Spiral model is one of the software life cycle models. As it's name implies it consist of numbers of loops which basically shows phases of software process. Over every loop one or more features are elaborated and analyzed and the risks at that point are identified and removed by making prototype model. So the risk of failure is removed at every phase.

Phases of the Spiral Model
Each phase in model is divided into four quad..

•  In first quad, some features of product are identified and they became objective of this phase. the objectives are investigated,elaborated and analyzed so as to obtain risks associated with that phase. also alternative solution possible for the phase are proposed. 

• In second quad, the solutions are evaluated and best solution is selected by making appropriate prototype.

•  third quad, consist of  developing  and verifying next level of product.

• Last quad, concern with reviewing result with the required and planning next iteration around spiral.

The radius around spiral at any point would represent the cost incurred in the project so far,qnd angular dimension would represent the progress made so far in the current phase.
this model is also called as "meta model" as it subsumes all other models.

Java Voice recognition

My next project is about recognition system,so i check it out and found plenty of method out of which the one which uses Sphnix library is used, so first you have to configure the Netbeans(use can also use any other IDE). Following are the requirement of  a simple " Hello word" program.

• Sphnix-4
• Netbeans

you can download these software from net ,, they are free of cost...
First unpack sphnix zip pack, and install jsapi file in lib folder. now create new library in netbeans and add following jar files from lib folder.

1. tags
2. sphinx 4
3. js
4. jsapi

now create new project in netbeans and make package with name "edu.cmu.sphinx.demo.helloworld".
then add  code for helloworld.
For simplicity and flexibility(so that you can easily change grammar as per your choice) first extract helloworld.jar file from bin folder and open edu sub-folders and copy the hello.gram(grammar file) and helloworld.config  file to netbeans src folder.

now you can use this idea further and make some cool app's (by changing grammar file) like voice recognition app for windows for increasing volume,turning off,opening any website/browser and much more.

JAVA 0 day vulnerability explained..

One of the recent threat in java is founded , with which attacker can spread malware and various other infected files which effect  users system without users having to open any files. The hackers called this new exploit as a “New Year’s gift”. The exploit code looks like java code with no trace of any exotic bytecode.

 After searching  different website on this vulnerability,,,,,,i have obtained following output which is not covered in single website.

The exploit takes advantage of two security flaws:

1. The first flaw stems from the fact that it is possible to obtain references to restricted classes.
2. The second one allows it to invoke class constructors by using the reflection API included in Java 1.7.

Following is the exploit code..

private void SetField(Class paramClass, String paramString, Object paramObject1, Object paramObject2)
        throws Throwable
  {
      Object arrayOfObject[] = new Object[2];
      arrayOfObject[0] = paramClass;
      arrayOfObject[1] = paramString;
      Expression localExpression = new Expression(GetClass("sun.awt.SunToolkit"), "getField", arrayOfObject);
      localExpression.execute();
      ((Field)localExpression.getValue()).set(paramObject1, paramObject2);
  }

The sun.awt.SunToolkit class gives public (public) access to a method called getField()
 that provides access to the private attributes of other classes. 
Technically speaking, untrusted code such as the exploit that is being 
executed in the browser shouldn't be able to access this method at all. 
But Java 7 introduced a new method to the Expression class, .execute(),
 which allowed expressions created at runtime to be executed. Bugs in 
the implementation of the new method allows the code to gain access to 
the getField() method.
 
The exploit first creates a Statement object that would call the System.setSecurityManager(null)
 object and effectively disable the sandbox. However, if the exploit 
called that method directly it would be rejected because it was 
untrusted.

So the code first creates a custom AccessControlContext object that represents 

a class which was started from the local hard disk and has, therefore, a complete set of rights. 
 

Then the code uses its privilege breaking setField to 
swap this custom set of rights with the "acc" attribute of the 
setSecurityManager statement. This attribute would normally state that 
the object is part of a class that belongs to an applet such as http://attack.evil-page.tld/exploit.jar,
 and that it should therefore run in the sandbox with no system 
privileges. Once swapped in, the Statement object now claims to have 
come from the local hard disk and is trusted code. It can then be 
executed without complaint and disables the SecurityManager completely.

After that, the exploit can do as it pleases on a system. To demonstrate, the analysed exploit uses the same method that a legitimate Java application would use to start the calc.exe Windows calculator. In theory, an attacker could have built a statement that erases the hard disk or downloads and executes a native payload.