I dunno why on earth I have this blog.
If it was me…
http://www.dailystrength.org/people/110944/photos-videos/item/293887
As usual, Monday is a very bad day for me. Dun ask me why but perhaps I’m watching /reading too much Garfield and influenced by this fat lazy but adorable cat obsession on hating Mondays 
. So while doing my usual Monday activities (this of cause after reading my emails especially the ones in the inbox as I’ve filtered other emails to their respective mailing list folders, so the ones arrived in the Inbox are usually meant for me personally:)), one of my friends “buzzing” me via one of the Internet Messenger clients.
—–Snip—–
my_friend: awat hang tak mai s emalam
my_friend: hackaton
soulkipper: aku balik ktn ler
my_friend: cybercert sucks arr die nye demonstration hackin
my_friend: gile lame
my_friend: sep baik a ku duk kat *******
soulkipper: btw aku not 1337 enuff
soulkipper: hahaha
my_friend: tak bukan leet
my_friend: ade mamat tu(bukan adli maupun mahmud)
my_friend: nak tunjuk
my_friend: remote file inclusio n nue attcak
my_friend: tapi
my_friend: haha
my_friend: global variable dlm php.ini
my_friend: lupe
soulkipper: remote file inclusion
soulkipper: alaaa
my_friend: nak enable
soulkipper: tu lama punya
my_friend: so buatx2 tak jadi
my_friend: haha
——-snip———-
I do believe that my friend has really good intention on mentioning those. Perhaps in the future the presenter can show some latest trend and techniques or emphasis on the rise of client side attacks on the net. I also believe that the speakers or presenters had gone through their presentation materials and the live demo steps and methods. Maybe some unexpected condition arised during the presentation time hence the unsuccessful live demo.
If I’m not mistaken during the 2007 Technical forum at PWTC, one of the presenters who tried to show some demo on Bluetooth hacking also failed. SO this kind of thing may happened to anybody. It happens to me a lot during my training sessions especially when dealing with my VMWares..Sigh..
If it was me then;
soulkipper: kalu aku, aku tunjuk je structured threat analysis using open source tools
soulkipper: abih cite
soulkipper: takpung collecting Network based evidence using open source tools
Yeah, I will do some demo on performing structured threat analysis or collection network based evidence using open source tools like argus, tcpdump, snort, tcpflow etc..
Hmm maybe I can use this topic for my next knowledge sharing session or we called it here “kopitiam session”. Materials? I can collect the network traffics and do the demo on the virtual machine. Eh.. I forgot that currently I’m using the “borrowed” laptop. I dun think running virtual machines on this laptop is a good idea…
Ahh later
p/s: To protect the identity of my friend, I have to filter some of the communication content between us
| Print article | This entry was posted by ayoi on June 1, 2009 at 5:25 pm, and is filed under Analyst Journal. Follow any responses to this post through RSS 2.0. You can skip to the end and leave a response. Pinging is currently not allowed. |
Rules for Dating My Daughters (in the future)
about 1 year ago - 6 comments
I’ve read this from this websites and as I am a father of two wonderful daughters, I think I might apply this set of rules as well RULE ONE If you pull into my driveway and honk you’d better be delivering a package, because you’re sure not picking anything up. RULE TWO You do not
Chill out ;)
about 1 year ago - No comments
It seems that my previous posting did offend some people. I want to take this opportunity to say sorry to whoever offended either directly or indirectly by that post and there are no malicious intentions in it. As most of the people in this particular industry I can call them as my friends and professional
Perimeter defense is not enough
about 1 year ago - 1 comment
My friend’s gave a presentation on the mod_security usage last few weeks to a group of users from the government. In his presentation he gave a demo on how mod_security managed to prevent “blind sql injection” attacks on the application run on mod_security enabled web engine. He even received a thunderous applaud from the audience
In Between…
about 1 year ago - 1 comment
Well the time for me to spend on blogging is getting lesser (and lesser). To be honest, there are plenty of things that I want to blog about but either I’m consumed with the works or I do suffer some blogger’s block when sitting in front of my laptop. Anyway somehow I managed to drag
WebGoat: Exploit and Learn…
about 1 year ago - 1 comment
Dun know about you guys but during my time (not that long ago lah), the only avenues for me to test my newly acquired skills and tools (most of the time to test the tools and scripts -yeah I used to be a script kiddie ) are servers, websites, routers belong to other people. Ahh
Talk about Full Disclosure…
about 1 year ago - 4 comments
Ok, ok. This post is not a rebuttal, condemning or criticizing anyone. It is more on knowledge sharing for those who didn’t know or perhaps who didn’t get the clear picture on the topic Btw I hope this post will indicate where I do stand and the reason why on recently hotly debated matters with
After a While…
about 1 year ago - 2 comments
I am scheduled to conduct one knowledge sharing session within my department today but due to health reason, I decided to postpone it to next Friday. Yeah, recently I’ve encountered some problems with my health that also reminds me that I need to take it easy on myself. The burnout rate turnover is quite fast
It’s a Noble cause but still you need the consent…
about 1 year ago - 1 comment
It’s quite unusual for me to post anything on Monday nowadays. Perhaps because most of the time I’ve to attend meetings/discussions etc (update: Just finished one meeting ). Btw Monday also is the day when I spent most of my working time on reading news/articles/whitepapers and other stuff as well in order to get into
You are the Consultant..You should know…
about 1 year ago - 5 comments
To quote from Wikipedia ;P “A consultant (from the Latin consultare means “to discuss” from which we also derive words such as consul and counsel) is a professional who provides advice in a particular area of expertise such as accountancy, the environment, entertainment, technology, law (tax law, in particular), human resources, marketing, medicine, finance, economics,
Another Phising but the bait didn’t work that well
about 1 year ago - 3 comments
Well as Maybank has the largest (I assume) customer in Malaysia and most of them (including me) utilize the online services offered by this bank, of cause these customers will be the main target of phising attempt. Nowadays, the phisers not only want the identity and authentication to access the online portal account, but also
about 1 year ago
Yeah, sometime shit happen. But from there it showed lack of preparation. But once again give some credit to cybersecurity Malaysia for their effort in organizing the event. The guy from cybersecurity Malaysia are very busy with their works, so give them some slack.
about 1 year ago
let Em all complain all they like. Since complaining is the easiest thing that people can do..
about 1 year ago
Well, hats off to the presenters though. They have guts to do those presentations. But then yeah, perhaps nervous or some unforeseen mishaps disrupt the presentation..
about 1 year ago
Demoing an exploit on an application whose configurations allow insecure mode is just NOT the way to educate people. A better example would be exploiting coding errors such as lack of input filtering. Developers have control of their codes, but most likely not configuration of web application servers.
What we need is better education of developers, not to show off what attackers can do.
about 1 year ago
Dear spoonfork,
We showed/demoed how people can abuse RFI/SQL and command injection problem to get people realize the problems, later on we show them the real problem which is the insecure CODE practices. And we ask them to spot and fix the CODE(in handsout). and later on we ask them to study the apache log to find any pattern of those attacks.
*sighh*.we didn’t bother to get people excited which demoing demm plain and old method of attacking RFI/SQL/etc..etc. Hence the training is cal as “analyzing the intrusion” instead of web hacking.*sighh*.
Dear ‘my_friend’,
Again, the whole class is to do analysis of RFI attack. seriously, what the fuss is about attacking?. and we’re just try to show the impact of the bugs.*sighh*.That’s the reason why we showing the demo. and demmit, the ctf thingy is just to get people not so sleepy (who want to learn analyzing stuff compare to breaking stuff? : ) ) ..*sighh*.
And then again, we never ever claim ourself as demm rockstar in infosec world and as always, we have our own weaknesses and learning curve.
And yes, i told everybody that RFI/SQL is freaking old and everybody know about it (RFI/SQL). But does anyone bother do any free training for analyzing and fixing the bugs to public at large?. ‘sembang kosong’ is always what we do better, dude.:)
Do u really were there from the beginning i started our presentation. if u weren’t there and still complaining abt old attack on RFI,u’r absolutely talking out of context. We keep telling ppl that this is the “BASIC and OLD attacks. Please google for more advance RFI/SQL injection stuffs”.*sigh*
Dear ayoi,
since when collecting/analyzing pcap is new stuff..heheh.just kidding dude. We just want people to be able to analyze their own code and their own web server log and spot any pattern of attacks and react to it.:).yeah, that’s all i guess. we didn’t intend to talk about breaking/hacking stuff at all.
Regards,
y0muds
n00b.
p.s:i apologize in advance if i accidentally offended someone with my comments on ayois’ blog.:). sorry.
p.s.s:sorry ayoi for long comments.hahaha
about 1 year ago
http://www.8dou.net/html/article_show_30715.shtml
about 1 year ago
lee, any translation for that web? hehe i totally lost to understand any words in the website, hehehe.
yomuds,
chill bro chill! hehe
about 1 year ago
RFI is freeking old? how about weak password?
about 1 year ago
x1337
I think weak passwords are usually concern with human error/problem. And for this layer, I believe it should be governed by security policies.
But then there’s no patch for human stupidity rite?
about 1 year ago
With regards to weak passwords:
In the enterprise: domain controllers and PAM are capable of enforcing the usage of strong passwords enterprise-wide.
Application: it’s entirely up to the developer. When was the last time maybank2u ask it’s user to change password?
Users are hard to educate, but with the right enforcement, education and the correct usage and deployment of the right technology, a lot of problem can be solved.
about 1 year ago
cool everyone… nobody is perfect in this world. everybody made a mistake. The important thing is we learn from that. And please, keep supporting others too
akram, here is the translation of the website.. google is always ur best friends..
http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&u=http://www.8dou.net/html/article_show_30715.shtml&sl=zh-CN&tl=en&history_state0=