How To Cyberstalk Potential Employers

Zaman pencarian kerja untuk para graduan telah bermula... rasanya inilah masanya untuk implement tutorial dari irongeek.com ni..

How To Cyberstalk Potential Employers

Add new Partitions to Virtualbox OSE Ubuntu

1. Create new Virtual Hard Disk

Open Virtualbox OSE, go to File > Virtual Media Manager(VMM) or just Ctrl + D. Click New button on the Hard Disk Tab. Follow the instructions, until finish. Make sure this time take care about the size of the partition. And finish the procedure (choose the right partition type, name and size. Now we have created a new Virtual Hard Disk (VHD).

2. Add the new VHD to the VCO

Exit the VMM by clicking OK button. On the Virtualbox OSE, Right Click the targeted VCO, go to setting.. (Make sure the VCO is Powered Off) Go to Hard Disks. Click the Add Attachment Button (Button with + ) and your newly created VHD will be inserted automatically and finish it with OK button.

3. Start targeted VCO

The VCO will detect and install the new VHD when startup and wait until it finish and the Right Click on My Computer, choose Manage. Computer Management will be opened and go to Storage > Disk Management. Your new VHD will be in the list but labeled as Unknown. At the time you click the Disk Management, there will be a popup for Disk Initialize and go through the procedure until finish. The new VHD will be detected as Unallocated.

4. Format the new VHD

Right click the Unallocated drive and choose New Volume. Go through the Procedure until finish depends on your requirement. And now you already have new disk partition on you VCO.

Vitualbox + maltrap == pure wonders..

DLLPath: C:\Documents and Settings\Administrator\Desktop\maltrap_v0.2a\maltrap.dll
Process injected! PID: 3660
PID: 3660, All hooks are now in place!
PID: 3660, 0x00406D6E: RegOpenKeyExA(key: HKEY_LOCAL_MACHINE, subkey: SYSTEM\CurrentControlSet\Services\ferst) -> FAIL
PID: 3660, 0x00406ECB: CopyFileA(existing: C:\Documents and Settings\Administrator\Desktop\G001.exe, new: C:\WINDOWS\system32\qokqe.exe, overwrite: 00000000)
PID: 3660, 0x00406F2F: OpenSCManagerA(machName: (null), dbName: (null), access: 000F003F) -> h:0025EB58
PID: 3660, 0x00406F64: CreateServiceA(ServiceName: ferst, DisplayName: ces, Type: 00000010, StartType: 00000002, StartName: (null), Path: C:\WINDOWS\system32\qokqe.exe, Password: (null)) -> h:0025E8A0
PID: 3660, --- Service runs in its own process
PID: 3660, --- Is started automatically by the SCM during system startup
PID: 3660, 0x00406FB0: StartServiceA(hService: 0025E8A0, serviceArgs: (null)) -> SUCCESS
PID: 3660, 0x00407027: RegOpenKeyA(key: HKEY_LOCAL_MACHINE, subkey: SYSTEM\CurrentControlSet\Services\ferst) -> SUCCESS
PID: 3660, --- handle: 00000754
PID: 3660, 0x00407049: RegSetValueExA(keyHandle: 00000754, valueName: Description, data: fsr) -> SUCCESS
PID: 3660, 0x7C81F2AE: GetFileAttributesW(C:\Documents and Settings\Administrator\Desktop\G001.exe)
PID: 3660, 0x7C910A16: CreateProcessA(appName: (null), cmdLine: C:\WINDOWS\system32\cmd.exe /c del C:\DOCUME~1\ADMINI~1\Desktop\G001.exe > nul)
PID: 3660, --- Creating the process in suspended state...
PID: 3660, --- Resulting PID: 3692
PID: 3660, --- Escalating privileges so the process can be opened...
PID: 3660, --- Opening the process...
PID: 3660, --- Allocating memory in the process...
PID: 3660, --- Writing the DLL into memory...
PID: 3660, --- Resuming the suspended process...
PID: 3660, 0x00407548: ExitProcess(exitcode: 0)
[Termination] PID 3660 has terminated!

MalTrap is a research utility that monitors malware behavior by intercepting API calls on Windows and logging results. Though still in it's Alpha release and sparse on features, its a very interesting and useful tool.

Features

* Over 200 API’s are intercepted. Better results and little noise.
* Only relevant API parameters are displayed (highly descriptive).
* Only relevant API return values are displayed (highly descriptive).
* Created processes are monitored
* PID separation – API calls are logged based on the process
* PC shutdown attempts are prevented
* Anti-Debugging attempts are logged (SoftICE, RegMon, FileMon, Generic)
* Key-logging attempts are logged
* Internet traffic is logged and highly detailed (Winsock, FTP, HTTP, IRC, …)

a very cool tools..

download here: http://www.maltrap.com/main/download/

Video Tutorial:

video

Olly SocketTrace 1.0 [OllyDbg Plugin]

Dah banyak review pasal plugin ni dalam bahasa inggeris, jadi ape salahnya kalau ade review versi melayu. Baru terpikir nak tulis pasal plugin ni..

About

OllySocketTrace ni adalah plugin yg digunakan dalam Ollydbg untuk memudahkan analyst atau reverse engineer untuk mengesan aktiviti berkaitan socket di dalam sesebuah process. Aktiviti socket akan dirakam dan kemudian di"highlight" dengan warna2 unik.

Boleh kesan "socket operation":

WSASocket, WSAAccept, WSAConnect, WSARecv, WSARecvFrom, WSASend, WSASendTo, WSAAsyncSelect, WSAEventSelect, WSACloseEvent, listen, ioctlsocket, connect, bind, accept, socket, closesocket, shutdown, recv, recvfrom, send and sendto.

Cara Install n Guna

Mudah sahaja, copy n paste dll file plugin ni ke dalam folder "plugin" di folder ollydbg, dan run ollydbg.. Ia akan ada di menu plugin. Plugin ni akan buatkan "breakpoint" di mana2 socket function call yg berkaitan dan akan record sgala data yg berkaitan.. Untuk melihat hasilnya, hanya klik di menu Plugin > SocketTrace > Log..

Download: http://www.tuts4you.com/download.php?view.2442

p/s: malas nak capture screenshot la.. try la, snang je nak guna..

Latest Artwork

Sambil wat java image processing, layan gambar lame dlm hd n main photoshop jap.. ni lah hasil yg ntah ape2 dariku..

jam kat dinding umah sewa lama

dan ini...

batu kat dataran seremban

dan penjara pudu pun jadi mangsa....

I'm Halal ~ Web browser for Muslims

http://www.imhalal.com/

Alhamdulillah,

Ade juga akhirnya usaha nak mengislamkan search engine.. Tapi still beta version lagi..
untuk lebih maklumat pergi ke : http://imhalal.com/blog/
yang best pasal web browser ni ialah:

1. wow.. leh filter search result ikut tahap keharaman tu.. jeng jeng jeng... (klik gambar utk gambar yg lebih clear)



dan



2. wow.. leh tukar2 background la...

aiyak.. rempah nasik briani..

Virus Giler Glamer

Dari blog McAfee, www.avertlabs.com aku terkesima membaca ade jugak virus maker yg giler glamer.. bese, low profile je.. tapi ade jugak yg tulis dalam code, “HELLO ANTIVIRUS MAKERS! This is XXX! Please call this sh*t YYY! Cheerz!".. macam2 la sekarang ni.. siap dah letak name glamer virus tu.. cayalah!!! aku tgh cari la ape virus tu.. nak tgk dengan mate sendiri..

Combine video.001, video.002 dengan command prompt

Biasenye uploader movie akan splitkan movie diorang kepada beberapa part untuk memudahkan untuk upload movie.. selain untuk cantumkan balik movie2 ni gune tools, kite leh gune command promt. Caranya begini:

copy /b "movie_name.wmv.*" "movie_name.wmv"

tu saja.. yang penting file tu kene letak dalam folder yg sama.. ".wmv" tu leh ganti ngan file type lain yg berkenaan..

[Java] Wake on LAN

On PC di rumah dari ofis adalah idaman aku sekian lama. Dan aku rase aku memang 'n00b' giler sebab baru tau pasal wake on LAN. Jadi tak salah rasenye aku post bende ni untuk panduan aku (kalau save dalam PC confirm tak jumpe cari).

Wake on Lan adalah cara 'on'kan PC remotely dengan menghantar simple UDP packet ke port 9 kat NIC yg support Wake on LAN. Nak tau support ke tak biasenye LED kat LAN socket tu masih menyala walaupun PC dah turn off. Untuk anta packet tu, leh pkai ape2 pun coding n ni aku nak share coding Java:

import java.io.*;
import java.net.*;

public class WakeOnLan {

public static final int PORT = 9;

public static void main(String[] args) {

if (args.length != 2) {
System.out.println("Usage: java WakeOnLan ");
System.out.println("Example: java WakeOnLan 192.168.0.255 00:0D:61:08:22:4A");
System.out.println("Example: java WakeOnLan 192.168.0.255 00-0D-61-08-22-4A");
System.exit(1);
}

String ipStr = args[0];
String macStr = args[1];

try {
byte[] macBytes = getMacBytes(macStr);
byte[] bytes = new byte[6 + 16 * macBytes.length];
for (int i = 0; i <>
bytes[i] = (byte) 0xff;
}
for (int i = 6; i <>
System.arraycopy(macBytes, 0, bytes, i, macBytes.length);
}

InetAddress address = InetAddress.getByName(ipStr);
DatagramPacket packet = new DatagramPacket(bytes, bytes.length, address, PORT);
DatagramSocket socket = new DatagramSocket();
socket.send(packet);
socket.close();

System.out.println("Wake-on-LAN packet sent.");
}
catch (Exception e) {
System.out.println("Failed to send Wake-on-LAN packet: + e");
System.exit(1);
}

}

private static byte[] getMacBytes(String macStr) throws IllegalArgumentException {
byte[] bytes = new byte[6];
String[] hex = macStr.split("(\\:|\\-)");
if (hex.length != 6) {
throw new IllegalArgumentException("Invalid MAC address.");
}
try {
for (int i = 0; i <>
bytes[i] = (byte) Integer.parseInt(hex[i], 16);
}
}
catch (NumberFormatException e) {
throw new IllegalArgumentException("Invalid hex digit in MAC address.");
}
return bytes;
}


}

lepas compile code ni, run code ni dengan due argument tambahan: ip adress n MAC address.
contoh:

java WakeOnLan 192.168.0.20 00:0D:61:08:22:4A

tu saja.. kalau tak success, antar 2, 3 kali sebab UDP ni maklum la.

p/s: kalau PC kat umah tu behind firewall, jgn lupe allow port 9 n jagn lupe port forwarding port 9 ke ip pc kite tu. maknenye, mase run java tu, letak ip luar (WAN IP) pastu kat firewall or adsl router tu foward port 9 ke LAN ip PC kite. (aku taktau la ape instilah sebenar ip luar tu..duhh)

The Right Brain vs Left Brain test

Korang nampak gambar penari tu pusing arah jam or lawan jam?

Kalau ke arah jam, maknenye korang manggunakan otak bahagian kanan lagi banyak dari otak belah kiri dan sebaliknya kalau pusing lawan jam.


p/s: kalau due2 belah gune same banyak, adakah gambar ni tak pusing? taktau la..

http://bit.ly/ pendeknyeeee

Bestnye menggunakan http://bit.ly ni.. tp apekah ia? bit.ly ni pemendek url yg panjang lebar..

contohnye:

url asal: http://example010.blogspot.com/2008/05/how-to-remove-flash10exe-and.html

lepas gune bit.ly: http://bit.ly/Cya6J

wah.. mantapnye..

Bing Vs Google

Nampaknya, google mungkin akan ada pesaing baru bernama Bing.. Bing adalah product baru dari microsoft yg akan dilancarkan 3 Jun ni.. Tak berani nak komen banyak2 psal product microsoft ni, kang bahaye.. tp ikut rekod lame, Blue Screen of Death (BSOD), Red Ring of Death (RROD), adakah akan wujud juga istilah baru dalam produk ni? kite tunggu dan lihat..hehe

Berbanding google yg menggunakan "advertising-based search model" yg mane menghasilkan item yg paling popular mengikut query, Bing ni menggunakan ‘decision engine’ yg katenye bukan maen ikut popular je, die akan serahkan kat user untuk buat keputusan.. camtulah bunyinye..

“We are introducing a new level of organisation to search results, and our differentiator will be the best results for query,” Satya Nadella, senior vice- president (R&D , online services division) Microsoft.

Menurut diorg, sebagai contoh.. kalau kite search British Airways, Bing akan kuarkan nombor talipon service centre, harga tiket dan maklumat2 lain (walaupun kite just nak cari wikipedia..)

die kate.. “Google is great, but I think you still have to run multiple search queries to get that right answer. If Bing can change that, I will surely shift my search engine,”

[Paper] Know Your Enemy: Containing Conficker

Download

By Felix Leder, Tillmann Werner

Paper ni mmg best utk memahami cara conficker infecting, tersebar dan cara mengesan n mengatasinya.

Gimmiv.A analysis~example010

Sorry for any mistake in this simple analysis.

Download

system call table

Windows: http://www.metasploit.com/users/opcode/syscalls.html
Linux : http://example010.googlepages.com/unistd_32.h