Friday, May 27, 2011

Error in Static HTML on Facebook

It reviews the directory path, table name and field names in the database.

Fighting Mail Spam Takes A Month

User: "Hi (mail) administrator, I keep receive some spam mails from a user. Can you advise me what should I be doing? And here are the samples of the spams I received."

(after 1 week)

Mail Admin: "We received your request. After an in-depth study, we found that we can't do much about it. Because the source of the spam is coming from our business partner. We'll pass this case to Security Forensic team for further investigation."

(after 3 days)

Forensic team lead: "Hi Mail Admin, we confirm that this is a real spam from our business partner. However,  we cannot simply block them at the mail gateway. Or else it may cause some legal issue with our business partner. We'll have a discussion with legal team for further action."

(after 1 week)

Legal team : "Hi, forensic team! Unfortunately the answer is No.  We can't block [ ALL ] their emails. This will cause the loss in business and if we can't receive email from the business partner, we may be having legal issues with them. No, please don't do anything stupid."

(after 3 days)

Forensic team: "Hi Mail Admin, there is nothing much I can do. The advice from the legal team is [ no ]. Please advise the user that we can't afford to loss the business. And make sure our mail gateway  never ever [ block ] any email from the business partner."

(after 1 week)

Mail Admin: "Hi user, after some discussions with forensic and legal teams, we would not will never block the spam mail (from the business partner) for you. It may involve complicated legal issue and the loss of business."

"However, we'll offer you another solution. You may configure a filter in your Outlook to filter all the emails for you. With this, you will not see any more spam mails. Please follow the instruction at our sharepoint site. There is a detail step-by-step instruction there."

User: "Thank you very much, Mail Admin. It really solve my problem now after I follow the instructions from the sharepoint site."

Saturday, May 21, 2011

Google Vs Facebook

We all know that Facebook is hot now. But how much more does it better than Google?

We can "google" the answer for this, using Google Trends. As always, a picture worth thousand of words.



Google Vs. Facebook

Wednesday, May 18, 2011

Angry Birds

Google Chrome team releases an online HTML5/Javascript game, Angry Birds. You can install it as an app via1 Web Store if you are using Chrome.

There are 2 quick hacks for this game. 1 for you to access to all levels, including the special Chrome level. Another 1 is for you to set all levels locked.

In the talk Rovio did at Google IO, they mentioned they were using HTML5′s LocalStorage. If you open up Web Inspector in chrome, you’ll see they are keeping track of your score and stars with localstorage. Lucky for us, that means we can use setItem() set all 70 levels to 3 and get access to them all.

To unlock all levels:
javascript: var i = 0; while (i<=69) { localStorage.setItem('level_star_'+i,'3'); i++; } window.location.reload();

To lock all the levels:
javascript: var i = 1; while (i<=69) { localStorage.setItem('level_star_'+i,'-1'); i++; } window.location.reload();

Tuesday, May 17, 2011

Social Networks Security

Social Networks are a security game changer. Don't you see everyone is playing games on the FB apps nowadays?

Monday, May 09, 2011

Robots and Humans

Other robots.txt, Google site does show some humor where they do have human beside having the robots. Here's the list of URL and the snippets:

Google Robots:


Youtube Robots:

# robots.txt file for YouTube# Created in the distant future (the year 2000) after# the robotic uprising of the mid 90's which wiped out all humans.

Google humans:

Google is built by a large team of engineers, designers, researchers, robots, and others in many different sites across the globe. It is updated continuously, and built with more tools and technologies than we can shake a stick at. If you'd like to help us out, see

Sunday, May 08, 2011

Monthly Report [ infosec ]

"This is the monthly incident report.", said Security Administrator.

"Put together with last month report, and I'll review it next month." said IT director.

Saturday, May 07, 2011

"The Worst Information Security Advice Ever"

Get inspired from Lenny's post on "The Worst Information Security Advice Ever", I put a few here:

  • "We can save the money on firewall, because we will have an excellent IPS deployed next week.", said CIO.
  • "We hire the consultants to create the policy for us, and we will pay them to audit our PCI compliance status later on. So I know we are safe.", said CISO.
  • Disable the "change password" capability. This helps users from forgetting their password and save us from having to reset for them.
  • Limit the event log size to 3MB in order to avoid the hard disk full.
  • We're just too big to FAIL.

p/s: All the "advice" above are what I collected (in real life) over many years of working experience. This is not the recommendations they themselves made.

Friday, May 06, 2011

Malware Analyser

A malware analysis tool, Malware Analyser, now has a new home at

It is written in Python, and it is a freeware tool to perform static and dynamic analysis on malware.

Here's a few of the features:

  • String based analysis: API, DLL, registry, etc.
  • Showing PE header, symbols.
  • Code analysis by disassembling
  • Check for packer.
  • etc.

It can be downloaded from:

Thursday, May 05, 2011

Windows Update Error 80240030

When you get the Windows Update error code 80240030, then you are most likely having issue with:

  • Can't update your windows. Windows Update fails.
  • Can't access your proxy setting in MSIE. IE crashes once you click the "LAN setting".
  • IE can't access Internet (thru proxy).
I'm having all these issues since I upgrade to IE9. And here I find the solution to fix/repair  the 80240030 error for me:
  1. Open command prompt (with Administrator mode).
  2. Type "netsh winhttp reset proxy"
  3. Type "net stop wuauserv"
  4. Type "net start wuauserv"
It does works in Windows 7 (32-bit & 64-bit) too. Enjoy!

Wednesday, May 04, 2011

MD5 in 64-Bit OS?

We all familiar with MD5 hashing. But let's see the screenshot below.

MD5 Hashing and File Size
You see, two files with different file sizes are having the same MD5 hash value (8ae6dd9a6d246004da047f704f0cc487). Is it MD5 hash coalition? No, once we use the right tool, md5deep64, we get the right result.

For an explanation of WOW64, see Microsoft documentation on Wow64 and some implementation details.

So, let's make sure you have the right tools for your new 64-bit OS today.


Tuesday, May 03, 2011


Everyone of us heard about ophrack - the awesome time/memory trade-off password cracker. If not, see Ophcrack and Rainbow Table.

Wophcrack is the web interface for Ophcrack password cracking tools.

Wophcrack - Web Interface for Ophcrack
Wophcrack Search Page

Wophcrack was designed to work on Backtrack 4 R2. It is a quick and dirty PHP based web frontend for Ophcrack.

Read more info here after download Wophcrack here:

Updating Malware Cookbook DVD Tools

If you haven't got yourself a copy of Malware Analyst's Cookbook, do it now, then you may download the DVD tools which available online. This is a must-have if you are serious in REM.

I just did it by:
$ cd ~/rem 
$ svn checkout malwarecookbook-read-only

Sunday, May 01, 2011

Unity Shortcuts Wallpaper

Everyone probably know that Unity-powered Ubuntu 11.04 is out. Of course, it comes with new interface, which includes a slew of new keyboard shortcuts.

The Unity interface is pretty big overhaul. So, here's a wallpaper that keeps a list of keyboard shortcuts for you from AskUbuntu.

English version