Saturday, November 19, 2011

Acunetix WVS Enterprise Version 7 CRACKED


New Security Check

>Added a security check for the latest OpenX OFC file upload vulnerability
>Added a ASP.NET security check for the ASP.NET padding Oracle vulnerability
Improvements:
>Reduced the number of false positives for Blind SQL injections security checks
>Improved Blind SQL injection tests by adding a number of new tests to detect blind SQL injections in UPDATE/INSERT/…

Which Vulnerabilities does Acunetix WVS Check for?
Acunetix WVS automatically checks for the following vulnerabilities among others:
Version Check
Vulnerable Web Servers
Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution.
Web Server Configuration Checks
Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
Verify Web Server Technologies
Parameter Manipulation

Cross-Site Scripting (XSS) – over 40 different XSS variations are tested.
Path Disclosure (Unix and Windows)
Cookie Manipulation
Arbitrary File creation (AcuSensor Technology)
Arbitrary File deletion (AcuSensor Technology)
Email Injection (AcuSensor Technology)
File Tampering (AcuSensor Technology)
MultiRequest Parameter Manipulation
Blind SQL/XPath Injection
File Checks
Cross Site Scripting in URI
Checks for Script Errors
File Uploads
Directory Checks
Looks for Common Files (such as logs, traces, CVS)
Discover Sensitive Files/Directories
Discovers Directories with Weak Permissions
Cross Site Scripting in Path and PHPSESSID Session Fixation.
Web Applications
HTTP Verb Tampering
Text Search
Directory Listings
Source Code Disclosure
Check for Common Files
Check for Email Addresses
Microsoft Office Possible Sensitive Information
Local Path Disclosure
Error Messages
Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc)
Weak Passwords
Over 1200 GHDB Search Entries in the Database
Port scans the web server and obtains a list of open ports with banners
Performs complex network level vulnerability checks on open ports such as:
DNS Server vulnerabilities (Open zone transfer, Open recursion, cache poisoning)
FTP server checks (list of writable FTP directories, weak FTP passwords, anonymous access allowed)
Security and configuration checks for badly configured proxy servers
Checks for weak SNMP community strings and weak SSL cyphers
and many other network level vulnerability checks!
Other web vulnerability checks
Cross-site request forgery (CSRF)
Other vulnerability tests may also be peformed using the advanced penertation testing tools provided, including:
Input Validation (also performed automatically)
Authentication attacks (also performed automatically)
Buffer overflows
Blind SQL injection (also performed automatically)
Sub domain scanning
 ENJOY vulnerablities scanning 

Download it from here http://www.mediafire.com/?6no8ss9951v6y78 direct link and resume support

Tuesday, November 15, 2011

Uniscan vulnerablity scanner download and installing

Installing uniscan web scanner and vulnerability system
Installing uniscan web scanner and vulnerability system
BACKGROUND
The uniscan tool is a web server vulnerability scanner tool that was developed using the Perl language. More information about the uniscan tool can be found at http://www.uniscan.com.br/index.html/ . The Administrator or pen tester can use this tool the test the following vulnerabilities:
- Remote File Include (RF)
- Local File Include (LFI)
- Remote Command Execution (RCE)
- Cross-Site Scripting (XSS)
- SQL Injections
- Blind SQL Injections
The tool require the installation of some Perl modules.
The tool was created by:
Name: Douglas Poerschke Rocha
Uniscan Dev.
E-mail: team@uniscan.com.br
Name: Roberlei Martins Vieira
Webmaster
E-mail: roberlei@uniscan.com.br
OPERATING SYSTEM
The tool was installed and tested in the following Operating System (OS):
Distributor ID: Ubuntu
Description: Ubuntu 11.04
Release: 11.04
Codename: natty
INSTRUCTIONS
Before downloading and installing uniscan, i have downloadedthe following Perl modules from you command line:
root@rjcrystal$ sudo perl -MCPAN -e 'install Moose'
root@rjcrystal$ sudo perl -MCPAN -e 'install threads'
root@rjcrystal$ sudo perl -MCPAN -e 'install threads::shared'
root@rjcrystal$ sudo perl -MCPAN -e 'install thread::Queue'
root@rjcrystal$ sudo perl -MCPAN -e 'install HTTP::Response'
root@rjcrystal$ sudo perl -MCPAN -e 'install HTTP::Request'
root@rjcrystal$ sudo perl -MCPAN -e 'install LWP::UserAgent'
root@rjcrystal$ sudo perl -MCPAN -e 'install Net::SSLeay'
root@rjcrystal$ sudo perl -MCPAN -e 'install Getopt::Std'
root@rjcrystal$ sudo perl -MCPAN -e 'install YAML'
Press ENTER
OR you can use the Perlmod to download these modules all at once by typing:
root@rjcrystal$ sudo perlmod –i Moosethreads threads::shared thread::Queue HTTP::Response HTTP::Request LWP::UserAgent Net::SSLeay Getopt::Std YAML
If some modules already installed by default, you can press [n] for not installing them.

You will also need the ssleay-perl libnet module installed in your Ubuntu. If you try to download the module from CPAN it will generate anerror. For that purpose download the library using the following command:
root@rjcrystal$ sudo apt-get install libnet-ssleay-perl
Download the current version of uniscan tool:
http://sourceforge.net/projects/uniscan/files/4.3/uniscan-code.tar.gz/download/

Then extract the downloaded file:
root@rjcrystal$ sudo tar -xvzf uniscan-code.tar.gz
root@rjcrystal$ cd uniscan-code/
root@rjcrystal$ sudo./uniscan.pl
###############################
# Uniscan project #
# http://www.uniscan.com.br/#
###############################
V. 4.3
OPTIONS:
-h help
-u example: https://www.example.com/
-f list of url's
-b Uniscan go to background
-q Disable Directory checks
-w Disable File checks
-e Disable Backup file checks
-r Disable RFI checks by Crawler
-t Disable LFI checks by Crawler
-y Disable RCE checks by Crawler
-i Disable SQL checks by Crawler
-o Disable XSS checks by Crawler
-p Disable static RFI checks
-a Disable static LFI checks
-s Disable static RCE checks
-d Disable /robots.txt check
-g Disable PUT method check
-j Not show e-mails found by Crawler
Option -u or -f is required, all others no.
usage:
[1] perl ./uniscan.pl -u http://www.example.com/
[2] perl ./uniscan.pl -f /home/user/file.txt -b
[3] perl ./uniscan.pl -u https://www.example.com

Monday, November 14, 2011

Post animated pictures on facebook

today many people are asking how to make this animated pic ans is simple lol goto notes www.facebook.com/notes  then write a new note with some head and body then we will insert an imge tag to it which has our image link. we cant upload gif images(this is not true you can if you are facebook app developer like facebook art) yes one can do it but its hard.so we will find a ready made facebook uploaded image go here  right click image and seclect view source or inspect element for chrome then post that image link like this here are some links use them to post and impress your friends actually thing is facebook art is an app that has ability to upload .jpg animations 
here are some more examples

<img src="http://photos-e.ak.fbcdn.net/photos-ak-snc1/v33382/1394/113/01AweCZo9oxVwA79IOAAD3T3Uf4UY:.mp3">






Saturday, November 12, 2011

Cookie-based SQL Injection


Did you say a “Cookie” ?

A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data.
Cookies are not software. They cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used by spyware to track user’s browsing activities – a major privacy concern that prompted European and US law makers to take action. Cookies could also be stolen by hackers to gain access to a victim’s web account.

Where can I find my cookies?

Here is one way to get your stored cookies using your browser. This method is applied for Mozilla FireFox:
From the Tools menu, select Options.
>If the menu bar is hidden, press Alt to make it visible.
At the top of the window that appears, click Privacy.
>To modify settings, from the drop-down menu under “History”, select Use custom settings for history. Then enable or disable the settings by checking or unchecking the boxes next to each setting:
>To allow sites to set cookies on your computer, select Accept cookies from sites. To specify which sites are always or never allowed to use cookies, click Exceptions.
>To accept third-party cookies, check Accept third-party cookies. In the drop-down menu next to “Keep until:”, select the time period you wish to keep cookies on your computer.
>To view the cookies stored on your computer, click Show Cookies… . In the window that appears, you can view the cookies on your computer, search for cookies, and remove any or all of the listed cookies.
>To specify how the browser should clear the private data it stores, check Clear history when Firefox closes. Then, click Settings… . You can specify the items to be cleared when you close Firefox.
Click OK until you return to the Firefox window.
To remove all cookies, from the Tools menu, select Clear recent history… . Check the items you want to clear, and then click Clear Now.

Are you talking about a Cookie Poisoning-like attack?

Cookie Poisoning attacks involve the modification of the contents of a cookie (personal information stored in a Web user’s computer) in order to bypass security mechanisms. Using cookie poisoning attacks, attackers can gain unauthorized information about another user and steal their identity.
Cookie poisoning is a known technique mainly for achieving impersonation and breach of privacy through manipulation of session cookies, which maintain the identity of the client. By forging these cookies, an attacker can impersonate a valid client, and thus gain information and perform actions on behalf of the victim. The ability to forge such session cookies (or more generally, session tokens) stems from the fact that the tokens are not generated in a secure way.
To sum up, cookie-based SQL Injection is far to be a kind of Cookie Poisoning.
Cookie variables as a vector of SQL Injections:
SQL injection overview
A SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.
All data sent by the browser to a Web application, if used in a SQL query, can be manipulated in order to inject SQL code: GET and POST parameters, cookies and other HTTP headers. Some of these values ​​can be found in the environment variables. The GET and POST parameters are typically entered into HTML forms, they can contain hidden fields, i.e. information that is in form but not shown. GET parameters are contained in the URL and POST parameters are passed as HTTP content. Nowadays, and with the growth of Web 2.0 technologies, the GET and POST requests can also be generated by JavaScript.
Injecting malicious code in cookie:
Unlike other parameters, cookies are not supposed to be handled by users. Outside of session cookies which are (usually) random, cookies may contain data in clear or encoded in hexadecimal, base64, hashes (MD5, SHA1), serialized information. If we can determine the encoding used, we will attempt to inject SQL commands.
function is_user($user) {
global $prefix, $db, $user_prefix;
if(!is_array($user)) {
        $user = base64_decode($user);
        $user = explode(“:”, $user);
$uid = “$user[0]“;
$pwd = “$user[2]“;
} else {
$uid = “$user[0]“;
$pwd = “$user[2]“;
}
if ($uid != “” AND $pwd != “”) {
    $sql = “SELECT user_password FROM “.$user_prefix.”_users WHERE user_id=’$uid’”;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row[user_password];
if($pass == $pwd && $pass != “”) {
return 1;
}
}
return 0;
}
The cookie contains base64 encoded form identifier, a field that is unknown and a password. If we use as a cookie 12345 ‘UNION SELECT’ mypass ‘:: mypass base64 encoded, the SQL query becomes:
 SELECT user_password FROM nk_users WHERE user_id=’12345 UNION SELECT ‘mypass’
This query returns the password mypass, the same password as we have to provide. So we are connected.

How to inject the code in Cookies?
There are many HTTP interceptors and HTTP editors that can intercept the HTTP request before it is sent to the server. Then the tester can introduce his malicious SQL statement in the cookie field.
It’s like a get/post based SQL Injection, except that certain characters can’t be used. For
example, ‘;‘ and ‘,‘ are typically treated as delimiters, so they end the injection if they aren’t URL-encoded.

Limitations of  Web Application Vulnerability Scanners:
Web application vulnerability scanners are not always capable of detecting all of the vulnerabilities and attack vectors that exist.  In consequence, they may assert numerous false-negatives and false-positives. These were some of the results of a study named: “Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners” hold during the OWASP APPSEC DC 2010. The tests were based on many professional scanners:  Burp suite professional, Acunetix, Wapiti, Grendel-Scan, W3af, N-Stalker, CENZIC, netsparker.

As far as cookie variable’s injection is concerned, only 6,3% of the web application Vulnerability scanners had detected the implemented SQL injection vulnerabilities.
This rate looks like emphasize that the cookie vector is neglected when testing against SQL injections. Also, it’s very low comparing to percentage of the detection of SQL injection in Form Inputs (59,7%).

Conclusion
Cookie variables sometimes are not properly sanitized before being used in SQL query. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code. For the web application audits, cookie variables should be added to the list of parameters to be checked.try it and hack the system 

Friday, November 11, 2011

transparent,flexible, Nokia concept phone

Newer technology innovations walk into the tech terrain at a rapid pace. Recently at the Nokia World, the Finnish firm had showcased its flexible OLED displays and the Kinect device. But little did we know that Nokia’s foldable phone technology could result in this interesting fish-like phone. Though a concept yet, Nokia has crafted the 'HumanForm', a transparent, flexible phone, which looks and feels like a jelly-fish, reveals the Nokia Conversations blog. This latest to come out of the Nokia Research Center is definitely something everyone would want to lay their hands on.
transparent, flexible phone concept
Transparent, flexible phone concept


The company’s commitment towards flexible phones has been seen in the past, but the HumanForm has more to it. The phone's design is flexible enough to change its shape to suit your ears and help deliver a better listening experience. It ensures natural interactions and also has the ability to convey human emotions. So, that's where it gets the name – ‘Human’Form.

What’s more human about it? This completely touch sensitive phone has the ability to recognize its user’s mood. Moreover, it’s not just about seeing an image on a video but also feeling it. The gesture interaction takes the phone concept to a new level altogether. Instead of tapping or swiping across the screen, the device follows your commands on shaking it. Twist the phone to browse and bend it to zoom, sounds as exciting as it would be to use it in person. 

The HumanForm is just a concept, yet. It is uncertain whether the phone will make its way to the markets. So, do you think it would replace the existing form of phones in future or are we ready to embrace this new innovation now? Do let us know. Check out the video below for a closer look.
The HumanForm phone concept demonstrates Nokia’s deep commitment to evolving the phone and taking it to the next level. All the stuff I’m seeing is new to me. But for the guys at Nokia Research Center, it’s already history.

Wednesday, November 9, 2011

Most advanced and dangerous malware for Apple products



Indian security researcher from MalCon has created an advanced and dangerous malware for Apple products which can not only compromize your privacy but also steal important data and let hackers control your device by simple text messages.

If you are using any Apple product such as iPhone, iPad or iPod, then you shuuld be concerned. Indian security researcher from MalCon, Atul Alex has created an advanced malware for the Apple products which can not only intercept calls of users, steal data, but also provide a reverse VNC to see remotely all the actions of the victim.

The malware can be deployed remotely over the web and is supposed to work on the latest iOS 5. Atul Alex, Technical director of MalCon said "Apple products are extremely secure by design. The malware works on jailbroken devices - something which over 90% of users have. If your device is not jailbroken, you have nothing to worry about!".

However, over 90% of users normally jailbreak their devices. iOS jailbreaking, or simply jailbreaking, is the process of removing the limitations imposed by Apple on devices running the iOS operating system through use of custom kernels. Such devices include the iPhone, iPod Touch, iPad, and 2nd Gen Apple TV. Jailbreaking allows users to gain root access to the operating system, allowing iOS users to download additional applications, extensions, and themes that are unavailable through the official Apple App Store. A jailbroken iPhone, iPod Touch, or iPad running iOS can still use the App Store, iTunes, and other normal functions, such as making telephone calls.

The malware malware boasts of the following features:
• Control devices by SMS
• Invisible Malware
• VNC Server to view remote screen
• Record and listen to all calls remotely
• Upload / Download user Data
• Access all mails and texts

The Malware will be demonstrated next month at the upcoming International Malware Conference, MalCon in Mumbai, India. The researcher Atul Alex has previously coded and demonstated a custom malicious firmware for Symbian last year.

Sunday, November 6, 2011

Google Offers Free Websites to All Indian SMBs under ‘India GetYour Business Online’

Google India has announcing ‘India Get Your Business Online’, a first-of-its kind program to offer free websites, domain & hosting services to any Indiansmall medium businesses. Anyone can get a free full functional domain and website withthis.
And same time you also can get a free coupon of worth Rs. 2500 INR advertising from Google AdWords to help promote your site. This mean its a full solution of question like how to get a free .in domain, hosting and full free website to any Indian user. And you really no need to have a business, you (anyone) can register to this and can get a free website in minutes.
This program is designed with local partners and provides Indian businessesthe tools and resources to establish a website, find new customers, and growtheir businesses. The initiative aims to break down the barriers that stop small businesses from getting online - by offering a quick, easy and free tool to set up and host a website.
Google India has goal to help 500,000 small medium businesses in India to getonline in next three years through this program and they partner with HostGator to provide hosting. Small business owners in India can logon to www.indiagetonline.in and use the toolto get a free, easy-to-build website and web hosting for one year powered by HostGator. Businesses will also get a customized domain .in name and free tools, training and resources to succeed online.
According to Rajan Anandan, MD & Vice President, Sales & Operations, Google India, "While India is home to an estimated 8 million small medium businesses, only about 5% have a website. This program is designed to bridge the information gap that exists online due to the lack of presence of local Indian businesses on the Internet. Businesses often believe that getting online is too complex, costly and time-consuming; this perception prevents many SMBs from taking the first step towards building an online presence. Google India and HostGator plan to change that through this initiative. In addition, HostGator will also offer free support in creating, hosting and managing the website for a period of one year without any cost through its toll free call centers 1800-266-3000".
The Main Features You'll Got with This Program:
~It’s free to set up your website. The domain is free for 1 year,and it’s free tomaintain your website for 12 months.
~The website tool takes 15 minutes from sitting down to being found online
~You don’t need to be a tech whiz to get started. All you need to start is your address, phone number, TAN/CINor PAN to verify you as a business
~The website is simple because customers are looking for simple information online
~Gives you your own .in domain
~Other features include photos/logos, integration with social media platforms
~You get a Google Apps account - free personalised email ids
~If you want to make your website work harder, you’ll have access to steady stream of free tips and tools fromthe GettingIndian Business Online teamand a free coupon of worth Rs. 2500 INR advertising trial from Google AdWords to help promote your site.
~After the first year, SMBs can choose to pay a monthly pay-as-you-go to maintain their website using hostgator.
~At the end of the first year, they’ll have to pay a nominal charge if they wish to renew their domain name. Theycan cancel their website at any time.
India get your business online program is also supported by Federation of Micro, Small and Medium Enterprises (MSMEs), popularly known as FISME.FISME, the non-profit organisation willwork with Google India to help SMBs get online through direct customer outreach and events.
Don't wait, just log on to www.indiagetonline.in and create your website in 15 minutes

Tuesday, November 1, 2011

all mobile operating systems review

hi guys today after my friends recommendation here is a brief introduction on all (almost)mobile operating systems 
SYMBIAN
 Symbian logo

Symbian is a mobile operating system (OS) and computing platform designed for smartphones and currently maintained by Accenture. The Symbian platform is the successor to Symbian OS and Nokia Series 60; unlike Symbian OS, which needed an additional user interface system, Symbian includes a user interface component based on S60 5th Edition. The latest version, Symbian^3, was officially released in Q4 2010, first used in the Nokia N8. In May 2011 an update, Symbian Anna, was officially announced, followed by Symbian Belle in August 2011.
Symbian OS was originally developed by Symbian Ltd. It is a descendant of Psion's EPOC and runs exclusively on ARM processors, although an unreleased x86 port existed.
Some estimates indicate that the cumulative number of mobile devices shipped with the Symbian OS up to the end of Q2 2010 is 385 million.
By April 5, 2011, Nokia released Symbian under a new license and converted to a proprietary shared-source model as opposed to an open source project.
On February 11, 2011, Nokia announced that it would migrate away from Symbian to Windows Phone 7.  In June 22, 2011 Nokia has made an agreement with Accenture as an outsourcing program. Accenture will provide Symbian based software development and support services to Nokia through 2016 and about 2,800 Nokia employees will be Accenture employees at early October 2011. The transfer was completed on September 30, 2011. 
so if you are a nokia lover and durability,battery power, affordability and connectivity are most critical (needed) ther you are free to go with Symbian. it has lots of bugs and vulnerabilities in series 40 and series 60. series 40 are best for indian and lower budgets but you will not get support updates from nokia after 2016 i myself use nokia 5130c
ANDROID

Android robot.svg
Android 4.0.pngAndroid is an operating system for mobile devices such as smartphones and tablet computers. It is developed by the Open Handset Alliance led by Google.
Google purchased the initial developer of the software, Android Inc., in 2005. The unveiling of the Android distribution on November 5, 2007 was announced with the founding of the Open Handset Alliance, a consortium of 84 hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.Google released most of the Android code under the Apache License, a free software license. The Android Open Source Project (AOSP) is tasked with the maintenance and further development of Android.
Android consists of a kernel based on the Linux kernel, with middleware, libraries and APIs written in C and application software running on an application framework which includes Java-compatible libraries based on Apache Harmony. Android uses the Dalvik virtual machine with just-in-time compilation to run Dalvik bytecode, which is usually translated from Java bytecode.  Android has a large community of developers writing applications ("apps") that extend the functionality of the devices. Developers write primarily in a customized version of Java. There are currently approximately 300,000 apps available for Android, from a total of 500,000 apps over the life of Android. Apps can be downloaded from third-party sites or through online stores such as Android Market, the app store run by Google.
Android was listed as the best-selling smartphone platform worldwide in Q4 2010 by Canalys with over 190 million Android devices in use by October 2011.
so all and all if you are young like touch screen and like games, apps,want some extra stuff dont want better battery then android is for you the best pro of android is the HUGE market and battery part is not good. the look of android is fresh and you can also make your own firmware and the best of all ITS OPEN SOURCE because of it even chinese phones are having android lol they are delicate 
i currently use galaxy Y of samsung 

iOS (iphone)

Apple iOS.svg


iOS (formerly known as iPhone OS) is Apple's mobile operating system. Originally developed for the iPhone, it has since been extended to support other Apple, Inc. devices such as the iPod touch, iPad and Apple TV. Apple, Inc. does not license iOS for installation on third-party hardware. As of October 4, 2011, Apple, Inc.'s App Store contains more than 500,000 iOS applications, which have collectively been downloaded more than 18 billion times. In the last quarter of 2010, it had a 26% share of the smartphone operating system market in terms of units sold, behind Google's Android and Nokia's Symbian. As of May 2010, it accounted for 59% of mobile web consumption—including both the iPod touch and the iPad—in North America.
The user interface of iOS is based on the concept of direct manipulation, using multi-touch gestures. Interface control elements consist of sliders, switches, and buttons. The response to user input is immediate and provides a fluid interface. Interaction with the OS includes gestures such as swipe, tap, pinch, and reverse pinch, all of which have specific definitions within the context of the iOS operating system and its multitouch interface. Internal accelerometers are used by some applications to respond to shaking the device (one common result is the undo command) or rotating it in three dimensions (one common result is switching from portrait to landscape mode).
iOS is derived from Mac OS X, with which it shares the Darwin foundation, and is therefore a Unix-like operating system by nature.
In iOS, there are four abstraction layers: the Core OS layer, the Core Services layer, the Media layer, and the Cocoa Touch layer. The current version of the operating system (iOS 5.0) uses roughly 774.4 megabytes of the device's storage, varying for each model.
personally i dont have experienced of iOS powerd devices so i dont have any comments on it. its appstore is also nice 
BADA (os)
File:Samsung Bada Logo.png

 File:Bada2.jpg

Bada (stylized as bada) is an operating system for mobile devices such as smart phones and tablet computers. It is developed by the Samsung Electronics. Its name is derived from "바다 (bada)", meaning "ocean" or "sea" in Korean. It ranges from low-end feature phones to high-end smart phones.
To help grow the Bada OS, Samsung may make it open-source in 2012 including using at smart TVs
Bada, as Samsung defines it, is not an operating system itself, but a platform with a kernel configurable architecture, which allows using either a proprietary real-time operating system (RTOS) kernel, or the Linux kernel. According to copyrights displayed by Samsung Wave S8500, it uses code from FreeBSD, NetBSD and OpenBSD, although other phones might use Linux instead.
On the kernel are layers for devices, services, and frameworks. The device layer provides core functions such as graphics, protocols, telephony and security. The service layer provides more service-centric features such as SMS, mapping and in-app-purchasing. To provide such features there is a so-called bada Server. The top layer, the framework layer provides an application programming interface (API) in C++ for application developers to use.
Bada provides various UI controls to developers: It provides assorted basic UI controls such as Listbox, Color Picker and Tab, has a web browser control based on the open-source WebKit, and features Adobe Flash, supporting Flash 9(or 10 in the 2.0). Both the WebKit and Flash can be embedded inside native Bada applications. Bada supports OpenGL ES 2.0 3D graphics API and offers interactive mapping with point of interest (POI) features, which can also be embedded inside native applications. It supports pinch-to-zoom, tabbed browsing and cut, copy, and paste features.
Bada supports many mechanisms to enhance interaction, which can be incorporated into applications. These include various sensors such as motion sensing, vibration control, face detection, accelerometer, magnetometer, tilt, Global Positioning System (GPS), and multi-touch.
Native applications are developed in C++ with the Bada SDK, and the Eclipse based integrated development environment (IDE). GNU-based tool chains are used for building and debugging applications. The IDE also contains UI Builder, with which developers can easily design the interface of their applications by dragging and dropping UI controls into forms. For testing and debugging, the IDE contains an emulator which can run apps.
not a great os but works nicely 
Maemo (mobile linux)
Maemo logo color.svg
Maemo5-screenshot.png
Maemo is a software platform developed by the Maemo community for smartphones and Internet tablets. It is "based" on the Debian Linux distribution,
The platform comprises the Maemo operating system and the Maemo SDK.
It is not open source, though it uses some open source code. To use or develop for the device, proprietary software from Nokia is mandatory.
Maemo is mostly based on open source code, and has been developed by Maemo Devices within Nokia in collaboration with many open source projects such as the Linux kernel, Debian, and GNOME. Maemo is based on Debian GNU/Linux and draws much of its GUI,frameworks, and libraries from the GNOME project. It uses the Matchbox window manager, and the GTK-based Hildon as its GUI and application framework.
The UI in Maemo 4 is similar to many handheld interfaces, and features a "home" screen, which acts as a central point from which all applications and settings are accessed. The home screen is divided into areas for launching applications, a menu bar, and a large customisable area that can display information such as an RSS reader, Internet radio player, and Google search box.
The Maemo 5 UI is slightly different: The menu bar and info area are consolidated to the top of the display, and the four desktops can be customized with shortcuts and widgets.
maemo is not for normal users its 
At the Mobile World Congress in February 2010, it was announced that the Maemo project would be merging with Moblin to create theMeeGo mobile software platform.
for application developers and tablet users though its not more popular but still nokia N9 is amazing phone 
The Nokia N9 is a smartphone made by Nokia based on the MeeGo "Harmattan" 

Blackberry
 Blackberry Logo.svg
OS7 Screenshot.jpg
BlackBerry OS is a proprietary mobile operating system, developed by Research In Motion for its BlackBerry line of smartphonehandheld devices. The operating system provides multitasking and supports specialized input devices that have been adopted by RIM for use in its handhelds, particularly the trackwheel, trackball, and most recently, the trackpad and touchscreen.
The BlackBerry platform is perhaps best known for its native support for corporate email, through MIDP 1.0 and, more recently, a subset of MIDP 2.0, which allows complete wireless activation and synchronization with Microsoft Exchange, Lotus Domino, or Novell Group Wise email, calendar, tasks, notes, and contacts, when used with BlackBerry Enterprise Server. The operating system also supports WAP 1.2.
Updates to the operating system may be automatically available from wireless carriers that support the BlackBerry over the air software loading (OTASL) service.
Third-party developers can write software using the available BlackBerry API classes, although applications that make use of certain functionality must be digitally signed.

Java (software cross platform)
The Java technology logo

Java ME has become popular in mobile devices, where it competes with Symbian, BREW, and the .NET Compact Framework.
The diversity of mobile phone manufacturers has led to a need for new unified standards so programs can run on phones from different suppliers - MIDP. The first standard was MIDP 1, which assumed a small screen size, no access to audio, and a 32kB program limit. The more recent MIDP 2 allows access to audio, and up to 64kB for the program size. With handset designs improving more rapidly than the standards, some manufacturers relax some limitations in the standards, for example, maximum program size.
Google's Android operating system uses the Java language, but not its class libraries, therefore the Android platform cannot be called Java. Android executes the code on the Dalvik VM instead of the Java VM.

Windows phone
 File:WindowsPhone7logo.svg

Windows Phone 7.5 Start Screen.png

Windows Phone is a mobile operating system developed by Microsoft, and is the successor to its Windows Mobile platform, although incompatible with it.\ Unlike its predecessor, it is primarily aimed at the consumer market rather than the enterprise market. It was launched in Europe, Singapore, Australia, New Zealand, the US, Canada, Mexico, and the EPAL region in the second half of 2010, and Asia in early 2011.With Windows Phone, Microsoft offers a new user interface with its design language named Metro, integrates the operating system with third party and other Microsoft services, and controls the hardware it runs on.

Partnership with Nokia
On 11 February 2011, at a press event in London, Microsoft CEO Steve Ballmer and Nokia CEO Stephen Elop announced a partnership between their companies in which Windows Phone would become the primary smartphone operating system for Nokia. The event was largely focused on creating “a new global mobile ecosystem”, suggesting competition with Android and iOS by saying "It is now a three horse race". Integration of Microsoft services with Nokia’s own services were announced; specifically that Bing would power search across Nokia devices, and an integration of Nokia Maps with Bing Maps, as well as Nokia’s Ovi store being integrated with the Windows Phone Marketplace. The partnership involves "funds changing hands for royalties, marketing and ad-revenue sharing", which Microsoft later announced was, "measured in billions of dollars." The first Nokia Windows phones, the Nokia Lumia 800 and Nokia Lumia 710, were announced in October 2011 at Nokia World 
 recent news has came that windows is going to launch its new win8 os named apollo its nice mobile OS new for all
2011 event.

 guys if you want some more information check this PDF http://www.4shared.com/document/ShWRx2Ly/MobileOperatingSystems.html?
THE FUTURE QT



Twitter Delicious Facebook Digg Stumbleupon Favorites More