Search This Blog

Monday, February 28, 2011

Farewell Onee

Onee (04 Jan 2010-25 Feb 2011)
Onee came to my house the very night Hino passed away... I almost felt as if Hino held on until Onee came to me... But it as only been a short 1 year plus and now Onee had gone over the rainbow bridge as well. Onee had been a really fun loving hamster and had many signature moves (the twist, flip over etc) that made us laugh at many times. Onee was well and even the day before, he enjoyed his strawberry yogurt snack when my mum gave it to him. On the 25th Feb night, Onee just slept, peacefully as ever and did not wake up.

I just want to share this poem with you Onee, for one last time...

Just this side of heaven is a place called Rainbow Bridge.

When an animal dies that has been especially close to someone here, that pet goes to Rainbow Bridge.
There are meadows and hills for all of our special friends so they can run and play together.
There is plenty of food, water and sunshine, and our friends are warm and comfortable.

All the animals who had been ill and old are restored to health and vigor; those who were hurt or maimed are made whole and strong again, just as we remember them in our dreams of days and times gone by.
The animals are happy and content, except for one small thing; they each miss someone very special to them, who had to be left behind.

They all run and play together, but the day comes when one suddenly stops and looks into the distance. His bright eyes are intent; His eager body quivers. Suddenly he begins to run from the group, flying over the green grass, his legs carrying him faster and faster.

You have been spotted, and when you and your special friend finally meet, you cling together in joyous reunion, never to be parted again. The happy kisses rain upon your face; your hands again caress the beloved head, and you look once more into the trusting eyes of your pet, so long gone from your life but never absent from your heart.

Then you cross Rainbow Bridge together....

Wednesday, February 23, 2011

Flash Drive Wiping

From article

I just want to add some of my views here. I had tried to wipe a flash drive once before, but with any recovery tool, you can easily get the data back. It seems that for flash drive, when there is a write, it will automatically try to spread the write evenly so that the drive will wear out uniformly. As such, the wiping does not work.

Solution to the Web Hacking Game from OWASP EU

The original game:

Here is my solution:

In the first request, grab the Viewstate and decode it. Its basically Base64 with the linefeed 0d0a at the end.
Just submit. Do not change the userguess because there is a check that it must be 3 digits. You will get it right with 1 attempt.
Click continue and you can change the count to 0 and the viewstate to any number above 999.
This accomplish part 1 of the game. 

Next, there is a form input, which allow you to search player. This is vulnerable to SQLinjection. It as a MySQL server and you do not even need to use commenting. Just inject:

' or 2=2 or '

and it completes the whole sql statement nicely. I dun use 1=1 because its, well too common.
With the big list, its just a matter of finding the WORSE possible guess. At first, I would think its the HIGHEST number of guess, which I am wrong because the way the answer choose is based on the SIGNED long int, so the negative score is HIGHEST. Weird. Basically its user "appseceu"

Or really if you just want to cheat, view those who hacked the db and all their names has appseceu there! :P X_X

Just back and resubmit the first request to make that record with the user appseceu and with a POSITIVE score (because its a requirement).

Anyway, have fun.

Web Hacking Game

There is a small mini hacking game on the OWASP EU page at

Its too late for the ticket winning, but you can still play with it. I will give the answer in the next post.

Upgrading Windows 7 SP1 Beta to RTM / Final

Now that the final version of the Windows 7 / Windows 2008 Service Pack 1 is available to everyone, you may want to install that. However, for those who had installed the BETA, you may realized that when you ran hte update, it just said that the updated had already been installed (or something similar).

If you compare the beta file and the final file, there will be a few hundred MB of difference (depending on which version). That probably mean if you keep the BETA, you will be missing those hundreds of MB of patches. So my best advice is to uninstall the BETA. However, where will you get the information to uninstall? You will only get it when you manage to get to the first installation screen in the help link.

So here you are, I had copied the instruction out here:

To uninstall SP1:
  1. Click the Start button, click Control Panel, and then click Programs.
  2. Under Programs and Features, click View installed updates.
  3. On the Uninstall an update page, click Service Pack for Microsoft Windows (KB976932), and then click Uninstall.
  4. Follow the instructions on your screen.
So here you go. Go ahead to uninstall the BETA, then it will reboot and reboot again before you can cleanly install the new RTM or Final.

Thursday, February 17, 2011

Xmas Getaway Day 3

Day 3 started at the same time (due to breakfast) but I am sure I could have slept a bit longer. So we spend the morning packing and wasting some time watching TV etc. It is near lunch that we decide to set off to Times Square. Time Square is as last year, decorated with the snow houses for Christmas. Here are some of the photos I took:

There is a indoor theme park with a indoor rollercoaster which I had seen for many many times over the year, so it was not such a "wow" for me. There are lots of food there too. I remembered I had a Thai buffet the last time I came with my guys from EY, but I will definitely give it a skip because I think I prefer something lighter for my stomach on that day. There is Wendy too, which I had skipped last year and I skipped it again this year because I did not find something I really love there. We had Secret Recipe last year too and the service really sucks, so no way I am going back... While wondering around looking at fake bags, fake watches and stuff, we finally ended up in a unlikely place. Its a Hong Kong Restaurant called Uncle Duck (得哥火锅餐厅).

Now, normally you will order the most famous stuff, which Jane did, was the Duck Rice. I, instead, went for the Beef Western. Well, I did regret. Of the 2 pieces of beef I got, one of them was in fact over cooked and it was so hard I couldn't cut or swallow it. Damn, I thought I will never come back again. On the other hand, Jane's duck rice was suppose to be very good.

After a lousy lunch (for me), we went to check out what was on the theater and we ended up buying 2 tickets to Tron : The Legacy in 3D. Well, at least 3D is consider expensive to the local folks considering its RM15 where as normal is RM10, and pirated DVD is RM4. Do the maths. But the normal is filling up fast, so I thought: what the hell, I just went for the 3D. Tron is a good show. It does brings back the memory and feelings of the 80/90s. The soundtrack was really really good too. Well, I can't say the 3D is something very different, as it was just like any other 3D movie out there. But at least we had a great time.

And after some more looking around (without much buying though), we end up at dinner time. Its again time to decide what to eat. We had reserve a seat for the shuttle bus to Chinatown for tonight, but thats going to be at 9pm which is so late for dinner. So after some wondering, we end up at Uncle Duck again. This time I ordered the duck rice. And yes, it was really really good. In fact, after this meal, I did not had duck rice anywhere else for a long long time. Here are some photos of it, but I doubt I could express the taste with the photos:

After a good dinner, we return to the hotel. I did some shopping (for other people) at the shop selling pearls which was honestly pretty cheap. Before I know it, I am on my way to Chinatown again. This time, we did not need ot buy any more stuff from Watson or Guardien, we just walk around, enjoy looking at the cheapo imitations bags and stuff. Along the way, we sat down on a beef noodle store. I overheard a funny conversation from a lady (probably from Singapore) asking how many grams are the beefs for some cost and the store keeper can only answer, that she roughly just take. Pay more, take more. Its really funny because at Chinatown, things just doesnt't run the way it is as if in the city (Although Chinatown is right in the middle of the city). Anyway, we each had a good bowl of beef noodles there seated at the old wooden chair by the roadside. 

We hang around until the shops starts to close and we realized its also time for us to return to get our ride back. I notice this truck selling really big buns the last few times we came, but never tried it. So this time I decided to have it a go. The bun is huge and named after Amy Yip (叶子媚) and it is really huge as you can see here:

Thats how big it was as compared to a 50 cents and a HTC Snap Handphone. Took us a while to finish it. 

When we returned to the hotel, we found a nice candy man in our room with courtesy of the hotel. It was kinda cute.

After some washing up and we took our time to watch some TV, it's time to sleep and get ready for the last day of our trip...

(To Be Continued)

Wednesday, February 16, 2011

Nmap 5.51 Released

It took a while, but 5.51 is finally here. Here are the fixes from 5.50:

o [Ndiff] Added support for prerule and postrule scripts. [David]

o [NSE] Fixed a bug which caused some NSE scripts to fail due to the
  absence of the NSE SCRIPT_NAME environment variable when loaded.
  Michael Pattrick reported the problem. [Djalal]

o [Zenmap] Selecting one of the scan targets in the left pane is
  supposed to jump to that host in the Nmap Output in the right pane
  (but it wasn't).  Brian Krebs reported this bug. [David]

o Fixed an obscure bug in Windows interface matching. If the MAC
  address of an interface couldn't be retrieved, it might have been
  used instead of the correct interface. Alexander Khodyrev reported
  the problem.  [David]

o [NSE] Fixed portrules in dns-zone-transfer and ftp-proftpd-backdoor
  that used shortport functions incorrectly and always returned
  true. [Jost Krieger]

o [Ndiff] Fixed ndiff.dtd to include two elements that can be diffed:
  status and address. [Daniel Miller]

o [Ndiff] Fixed the ordering of hostscript-related elements in XML
  output. [Daniel Miller]

o [NSE] Fixed a bug in the nrpe-enum script that would make it run for
  every port (when it was selected--it isn't by default).  Daniel
  Miller reported the bug. [Patrick]

o [NSE] When an NSE script sets a negative socket timeout, it now
  causes a controlled Lua stack trace instead of a fatal error.
  Vlatko Kosturjak reported the bug. [David]

o [Zenmap] Worked around an error that caused the py2app bootstrap
  executable to be non-universal even when the rest of the application
  was universal. This prevented the binary .dmg from working on
  PowerPC. Yxynaxen reported the problem. [David]

o [Ndiff] Fixed an output line that wasn't being redirected to a file
  when all other output was. [Daniel Miller]

Download it from:

Metasploit Framework 3.5.2 Released!

Version 3.5.2 of the Metasploit Framework is live! This release fixes a security issue where unprivileged users on Windows were able to write files in the framework installation directory, allowing privilege escalation. For details, see the 3.5.2 release blog post. In addition to fixing this vulnerability, 3.5.2 includes a revamped WMAP courtesy of Efrain Torres, improvements to Meterpreter's railgun extension thanks to chao-mu, and a fledgling version of Post Exploitation modules (a more powerful replacement for Meterpreter scripts). The full release notes for the framework can be found online. 

It can be downloaded from:

Tuesday, February 15, 2011

DBS MasterCard SecureCode 3DS sucks!

Why do I say so? It is supposed to be safer and more secure. Yes, that is provided the information is correct in the first place!

What actually happened was I did my shopping happily keying in all the information and ready to pay. Then I was told that 3DS is required to completed the purchase for security reason. Sure, why not. Then I come to a page to enter my OTP (via handphone)... which I waited and waited... It NEVER came. Why?

I took a look at the phone (ends with XXXX) on the page... WTF? The phone number is WRONG! By 1 digit anyway. I thought it was my bad, I probably entered the wrong number into their banking webpage. I went to the internet banking immediately and guess what did I saw. The number was CORRECT on the banking site. And I do recall now that I actually was using the OTP on the banking site as well. WORKING.

So could someone tell me WTF was going on and how my number can be wrong on the 3DS site? One immediate idea stuck me. Keyboard Monkeys. They probably did not transfer the information digitally over to the 3DS system. Instead, they hired cheap labor in the form of Keyboard Monkeys to re-key in all the mobile numbers. That would explain how a typo like this can happen.

Man, and I thought we are going to conquer space someday. Well, not if bank still decides to do things the analogue way instead of going digital. But then again, at least they could have implemented checks to ensure correctness. Which they did not. So here we have it. The National Bank of Singapore. Would you trust your fortune with them. For all you know, they could miss one 1 zero in your savings someday. (Or they had already did...?)

Friday, February 11, 2011

Using xxd with DNS to do file transfer

This is a real sneaky trick and works in environment where you want it clean without additional tools. Its not rocket science, but it really works!

Wednesday, February 09, 2011

Xmas Getaway Day 2

So it was rise and shine the next day and what other best way to start the day then a early breakfast? The breakfast was also provided by Swiss Garden and luckily there were some variety instead whats being left over from last night's dinner. Basically we were too tired to go crazy on Silent Night and we seemed to had missed quite a bit of fun here. So after a nice and quiet breakfast, we headed out for KLCC.

We took the subway there and I notice Avira Antivrus is actually quite aggressive in their promotion in KL. Here is photo of one of the ads in the train where the whole train is basically Avira's ads:

Notice how the ads is targeted at multi racial community.

Another strange thing we realized was this sign:

Wow, it must be really bad that they had to setup a sign for it. I paid double attention to my belongings while I was taking this photo. The joke will be on me if I get mugged while taking this photo. :)

One of the place we always loved at KLCC is, well the Kinokuniya book store. In the last trip I actually bought too much magazine, so I controlled myself this time and only buy what I can carry comfortably. There were a lot of good Japanese stuff here too, but I seriously could not buy all of them back. J bought a Magazine which gives free Sanrio product inside. I think this is the trend in Japan. People usually do not buy the magazine, they just want the "free" gift inside. It was also too bad that my Digital Camera magazine did not realized the new issue in time and I already bought the current issue before I started the trip.

There were the Christmas tree display at the central area as usual. Here are a few of my shots:

I wish I could put up more, but that will make the blog load too slowly.

We also checked out the movie theater just before lunch. Since we did not ended up with a good time for any movies, we decided to pass and go straight for lunch at Sushi King. Sushi King is very much just a store inside the good court now, but its is still tasty. Now I am not saying it is good sushi because the sushi does fall apart etc. In terms of true to Japanese style, it fails miserably. But it is still cheap and tasty. The sushi is nice to eat. Come on, what the most important thing about food? The taste. And this, Sushi King still has it. There were a promotion which allow us to claim 2 more plates of sushi for free on the next trip, but obviously we will not eat Sushi King AGAIN in the next 2 days. I thought of passing the receipt to someone else so that they can enjoy it, but the receipt does contain something which I find sensitive, related to the credit cards, so I skipped it.

We tried to take a cab back to the hotel and as usual, it was hell. The cab outside did not want to run meter and the cab inside who wanted to run meter, but you have to pay RM2 to take those cab. Its a lose, lose situation. But at least the metered cab seems newer and you do not need to queue. So it was marginally cheaper and we managed to get back to the hotel to rest and put down our stuff. We did not waste too much time before we decided that we should go for Sungei Wang as well on the same day.

Sungei Wang was the place for shopping for IT stuff, but actually the Low Yat Plaza besides it was even more so. It was separated nicely into levels which sells cameras, notebooks etc. I wish I had more time to spend here, but I had to move on and I do not have something really in mind to buy. Sungei Wang was the place to stop for dinner and after walking for a long long time, we finally kinda narrowed down to the Malaysia (Ben Zheng) Wantan Noodle or the Toilet Theme Cafe next to it. Judging from price, I went for the Wantan Noodle and it was damn good. The even had FREE Wifi. BTW, I do not know its the the same vendor that setup the Wifi in the whole KL, but everyone uses a1b2c3d4e5f6 for their WEP password. Fantastic! The noodle was nice, but they kinda run out of Char Siew (roasted pig). I guess its ok.

We swing by Lot 10 and the other shopping malls on the way back and we spot Parkson was having a display for Sanrio characters in their windows. We took some shots of it.

I admit I was playing with the lightings in these shot. Only a few of them had the correct lighting actually :)

We took a short trip back to the hotel and took some shots along the way. One place we actualyl saw a 3D (As in a real cube) TV. It has 4 faces. The Christmas lighting was ok, nothing I had not seen before. Its still pretty crowded for Xmas day.

Notice on the last photo that law enforcement did not have a break even on Xmas day. Well, I guess thanks to them, we had a peaceful Xmas.

Although we had a heavy dinner, Jane ordered hotel room service at night anyway. But I was too dead tired and I missed all of it. Jane took some photo of it though.

Anyway, that concludes our Day 2...

(To Be Continued)
Previous Posts:

A visit to the Toilet Concept Restaurant in KL

I visited one of those "toilet" theme restaurant when I was in Kuala Lumpur Malaysia. I thought it was quite interesting, so here are some photos.

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008, All rights reserved.