Gadgets Security

Keep your mobile gadget secure

Secure Your Server

We must study how to harder our servers

Internet Security

Secure your computer, Secure your browser, and enjoy to browsing to internet

This is default featured post 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Monitor your System Network

Make your network in your hand and under control

Saturday, July 23, 2011

Howto Crack pdf File Password

If you want to crack pdf file passwords use pdfcrack.PDFCrack is a GNU/Linux (other POSIX-compatible systems should work too) tool for recovering passwords and content from PDF-files. It is small, command line driven without external dependencies. The application is Open Source (GPL).

pdfcrack Features
Supports the standard security handler (revision 2 and 3) on all known PDF-versions
Supports cracking both owner and userpasswords
Both wordlists and bruteforcing the password is supported
Simple permutations (currently only trying first character as Upper Case)
Save/Load a running job
Simple benchmarking
Optimised search for owner-password when user-password is known

Install pdfcrack in Ubuntu
sudo aptitude install pdfcrack
This will complete the installation.

pdfcrack Syntax
pdfcrack -f filename [options]

pdfcrack Options
-b, - -bench - Perform benchmark and exit.
-c, - -charset=STRING - Use the characters in STRING as charset.
-m, - -maxpw=INTEGER - Stop when reaching INTEGER as password length.
-n, - -minpw=INTEGER - Skip trying passwords shorter than INTEGER.
-l, - -loadState=FILE - Continue from the state saved in FILENAME.
-o, - -owner - Work with the ownerpassword.
-p, --password=STRING - Uses STRING as userpassword to speed up breaking ownerpassword (implies -o).
-q, - -quiet - Run quietly.
-s, - -permutate - Try permutating the passwords (currently only supports switching
first character to uppercase).
-u, - -user - Work with the userpassword (default).
-v, - -version - Print version and exit.
-w, - -wordlist=FILE - Use FILE as source of passwords to try.

pdfcrack Examples
pdfcrack test.pdf

pdfcrack options and examples 

Top 5 Tips for protecting your mobile from phone hacking

Phone hacking can happen to anyone. Here's how to secure your phone.

As you've no doubt heard by now, phone hacking is the new ‘in' thing with newspapers and scrupulous media types.
But it's not just celebrities having affairs who need to worry; you too could be the victim of phone hacking. So it's time to tighten up security on your mobile phone and start protecting it in the same way you would protect your PC.
Here is PC Advisor's Top 5 Tips for protecting your mobile from phone hacking.
1. Change your voicemail pin 
If you have got an old phone or phone contract, then there's a good chance that your service provider originally set your voicemail up with their standard pin – 1234, 0000, 4444 etc. Therefore if a hacker called you when your phone was engaged, they would simply have to enter your service provider's standard pin and they would have free reign over your inbox. It's been suggested that this is how the majority of the celebrities' phones were hacked.

2. Turn your Bluetooth Off 
Apart from needlessly wasting your phone's battery when you're not using it, Bluetooth also gives potential hackers the opportunity to access your phone and its precious information.
If however, you do want to leave your Bluetooth on throughout the day, make sure you set your phone as 'not discoverable' and don't accept connections from phones you do not know.

3. Stop downloading untrusted Apps
It's reported that roughly one third of Apps will automatically obtain and send your phone number, device ID and sim card serial number back to the developers (along with lots of other data). Whereas iTunes Apps are thoroughly policed, the Google Android Apps have experienced some Trojan Horse attacks which are being used to send location and user information back to the hackers.

4. Take your Battery Out 
 
If you're convinced that your phone has been hacked then you should do this immediately. Taking out the battery won't stop hackers having access to your voicemails, but it will stop them gaining access to your phone (and what's stored on it). Without power to your phone, there is nothing to hack.
 
5. Don't lend your phone to people you don't know!
It takes a matter of seconds for somebody to send a SMS from your phone. From that one simple SMS a hacker can do all of the following things:
• Remotely access the phones microphone and use it as a listening device wherever you are.
• Intercept a call and listen in to it in complete secrecy.
• Automatically add a BCC to all emails and SMS messages sent from your phone.
• Use your GPS to locate where you are at all times (particularly nasty when used for organised robberies on your house.)

Friday, July 22, 2011

exploitdbee.py – Easily Search For Exploits In BackTrack’s Exploitdb (files.csv).

This is a simple Python tool to help you search for exploits in the BackTrack Exploit Database.
Features
  • Search the exploitdb archive
  • Case sensitive & insensitive
  • Change output mode
  • Automatically copy your exploits
Requirements
  • python (tested with python 2.7.1 and 2.5.2)
  • local exploitdb (pre-installed on BackTrack Linux)
Usage
exploitdbee.py [-c] [-d path]
exploitdbee.py "windows 7" remote
exploitdbee.py -c Microsoft IIS -d /tmp
You can download exploitdbee.py v1.0 here:
exploitdbee.py

Wednesday, July 20, 2011

Mengaktifkan & Menonaktifkan Regedit

Kesal kan apabila regedit hilang karena perbuatan virus?
Atau mungkin juga teman-teman anda sering mengutak-atik registry anda?
Karena itu saya ada sebuah trik nih, yang berfungsi untuk menampilkan dan menyembunyikan regedit, yaitu dengan sebuah sedikit sihiran javascript, simple, bahkan orang awam pun bisa membuat program seperti ini.
Caranya?ketik script dibawah ini di notepad.


--------------------------------------------------------
// Program Sederhana Mengamankan Regedit
// Nama Program: regedit_java.js
var vbCancel = 2;
var vbYesNoCancel = 3;
var vbYes = 6;
var vbNo = 7;
var vbQuestion = 32;
var vbInformation = 64;
var natan = WScript.CreateObject("WScript.Shell");
var pesan1 = "Pilihan Pengaman Regedit:\n\n"+
"[Yes] untuk Nonaktifkan Regedit.\n"+
"[No] untuk Aktifkan Regedit.\n"+
"[Cancel] untuk Keluar.\n\n"+
"[shinigamirulez]\n"+
"Bangkitlah TI untuk masa depan\n\n"+
"-> Nonaktifkan Regedit sekarang?"
var tanya = natan.popup(pesan1,0,"Pengaman Regedit",vbYesNoCancel+
vbQuestion);
if (tanya == vbYes)
{
natan.RegWrite("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion"+
"\\Policies\\System\\DisableRegistryTools",1,"REG_DWORD");
pesan2 = "Regedit Dinonaktifkan!"
natan.popup(pesan2,0,"Pengaman Regedit",vbInformation);
}
else if (tanya == vbNo)
{
natan.RegWrite("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion"+
"\\Policies\\System\\DisableRegistryTools",0,"REG_DWORD");
pesan3 = "Regedit Diaktifkan!"
natan.popup(pesan3,0,"Pengaman Regedit",vbInformation);
}
else
{
natan.popup("Thanks Bro.",0,"Pengaman Regedit",vbInformation);
}
--------------------------------------------------------



Setelah selesai diketik, jangan lupa periksa setiap kata, jangan sampai ketinggalan 1 kata pun, bahkan tanda petik (“) nya juga, karena kalo tanda petik nya kurang atu aja gag bisa jalan tuh program.
Kalo sudah yakin benar, simpan notepad tersebutdengan ektensi *.js.
Setelah disimpan jalankan javascript tersebut, klik yes untuk nonaktifkan, dan klik no untuk mengaktifkan. Apabila program tersebut tidak bisa jalan, ya koreksi ulang deh ketikan anda sampai semuanya bear…heehe..moga bermanfaat ya……

HD Camcorders: Beginner's Guide to HD Camcorders

High definition (HD) camcorders are a natural fit for the growing number of HDTVs in living rooms across the country. Prices on HD camcorders continue to drop, while more and more camcorder manufacturers are expanding the number of HD models they carry.

What's the Difference Between Standard Definition and HD Camcorders?

Much like televisions, the difference between standard definition and HD camcorders is the video resolution. The video you see on your television or computer screen is made up of hundreds of different lines. Standard definition video will have 480 horizontal lines of resolution whereas high-definition video can have up to 1,080. The more lines of resolution you have, the sharper your video will look.
There are three main resolutions of HD video available: 1080p, 1080i, and 720p. Most HD camcorders on the market record in either 720p or 1080i resolution.

What's the Difference Between 1080i, 1080p, and 720p Video?

The main difference between the three is how way they record video. The “p” at the end of 1080p and 720p stands for "progressive scan." The “i” at the end of 1080i stands for interlaced.
Interlaced Video: Typical standard definition video is interlaced video, as is 1080i. In interlaced video, your camcorder will record every other line of resolution. It would start by showing lines one, three and five and then follow later with lines two, four, and six.
Progressive Scan Video: Progressive scan video records each line of video in order without skipping any lines. So it would start first with line one and work its way all the way to line 1080. Progressive scan video typically looks better than its interlaced counterpart with fast-motion video (like sports).

What is “Full HD”?

Full HD is a marketing term that refers to camcorders that record in 1920 x 1080 resolution. In general, you’ll get sharper video from camcorders that record at 1920 x 1080 than you would from a 720p model.

What is AVCHD?

AVCHD refers to high definition video format used by Sony, Panasonic and Canon, among others. It's a way to compress and save high definition video onto digital storage media like hard disk drives and flash memory cards. For more information on the AVCHD format, please see this Guide to the AVCHD Format.

What Kinds of HD Camcorders are Available?

HD camcorders come in all shapes, sizes and price points from all of the major camcorder manufacturers. You can find low cost, “pocket” models for under $200 and fully-featured, advanced camcorders for $1,500, and everything in between. Currently there are consumer high-definition camcorders available that record video onto MiniDV tapes, mini-DVDs, hard disk drives, flash memory and Blu-ray discs.

Any Downsides to HD Camcorders?

While the higher quality video is definitely a plus, it also presents a few challenges. The biggest is where to store it. HD video files are much larger than standard definition video files. That means your camcorder media – SDHC card, hard disk drive, tape, DVD, etc. – will fill up faster with an HD camcorder.
See this Guide to Camcorder Memory Formats for more details on the various camcorder memory types.
Because you’re dealing with larger video file sizes, HD video will also put greater demands on your computer. Some older computers with less processing power won’t be able to display HD video. Others will play it back, but slowly and with plenty of frustrating pauses.

7 free Windows tune-up tools and tips

You don't need to spend money to keep a Windows computer running in top form. Here's how to fix, clean and maintain Windows using programs you can download now for free. 

The following software and tips generally apply to Windows 7, Vista and XP, and are listed in the order you should use them for the first time on a computer you suspect may be infected with malware or running slower than it should.

1. Update Windows itself with Windows Update.
Though this should be a no-brainer, many Windows users don't install the latest updates for the OS provided by Microsoft (which are usually issued every Tuesday). Either they ignore the update notices that Windows sends them, or their Windows setup doesn't have automatic updating turned on. But ensuring that your installation of Windows has the latest updates and patches is one of the easiest ways to keep it functioning well.

That said, we're partial to not having Windows set to automatically download and install updates. After all, you could be using your computer online when unexpectedly both your Internet connection and computer slow because Windows is downloading and installing updates. Instead, we prefer leaving the automatic updating feature off, and visiting Windows Update once a week to manually check for updates.
2. Scan for malware with Malwarebytes Anti-Malware.
Chances are, if you cannot visit the official Malwarebytes site (either the domain is blocked, or you're forwarded to another domain), then your Windows system has already been infected by malicious code. That is a testament to how effective Malwarebytes Anti-Malware is -- many malware writers try to block you from using this specific tool.
If you're trying to clean out malware from an infected Windows computer that is obviously preventing you from visiting the Malwarebytes site: You'll have to download the tool from another, un-infected computer and copy its installation file onto a USB flash memory stick or USB external drive. We suggest renaming the Malwarebytes Anti-Malware installation file to whatever you like before you run it on the infected Windows computer -- there have been malware known to delete the installation file, recognizing that it's Malwarebytes' tool by its file name.
Furthermore, even if you can successfully install Malwarebytes Anti-Malware, the malware may immediately delete the executable (mbam.exe) before you have a chance to start it. If that's the case, you'll then have to copy over mbam.exe from another computer, renaming it first to another name of your choosing, and then clicking on it directly to run it on the infected computer.
Can't use the USB ports of the infected Windows computer because the malware has blocked access to them? Try copying the installation file to a writable CD or DVD. The malware has managed to prevent you from even accessing the infected computer's media disc drive? Then you'll have to physically take out the hard drive from the infected computer, connect it to another Windows computer as a slave or external drive, and have this second system run Malwarebytes Anti-Malware to scan and clean the drive.

3. Remove unneeded programs with Revo Uninstaller.
You should uninstall applications from Windows that you don't use, or you don't recognize and are certain that your Windows system doesn't need. We like using Revo Uninstaller for this job, because it can be set to thoroughly delete the miscellaneous files, folders and settings that often remain when programs are removed using the standard uninstall function within the Windows control panel.
The free version of Revo Uninstaller can remove 32-bit programs (installed on either a 32-bit or 64-bit version of Windows), but you'll have to pay for the pro version to remove 64-bit programs.
This tool can also be used to deactivate or entirely remove autorun files, so that your Windows computer's start-up won't be bogged down from having to automatically load programs that you don't need or want it to run whenever you boot up the computer.

4. Clean out temporary files and the Windows registry with CCleaner.
This popular tool washes Windows of Web browser cookies and miscellaneous, usually temporary files that it and other applications create. It can also quickly scan through the registry settings of Windows and remove entries that are no longer needed. Although deleting these items can free up quite a lot of space on your hard drive, it's debatable whether doing so really improves the overall performance of your computer.
Regardless, for those of us who like to keep a Windows computer clean and running "tight," CCleaner is an essential tool for clearing out temporary file clutter and freeing up some additional hard drive space.
Like Revo Uninstaller, CCleaner also includes a tool for removing unwanted autorun files to help you speed up the boot time of your Windows system.
5. Check for updates to installed programs with FileHippo.com's Update Checker.
As we said, we prefer turning off the automatic updating functionality of Windows, in order to prevent unexpected system and Internet speed slowdowns. We feel the same about individual applications that have the built-in capability to update themselves without user input. Switch this off! Many applications, like Adobe Reader, let you download updates manually from within their settings.
Rather than having to go through all your installed software one-by-one to check for updates to them, install FileHippo.com's Update Checker. This tool audits the programs installed on your Windows system, and then opens a page in your default Web browser listing links to download the latest versions of them (hosted on FileHippo.com).

6. Defrag the hard drive with Auslogics Disk Defrag.
After you've updated Windows, scanned for malware, and thoroughly removed programs and files you don't need, the last maintenance step you should do is defrag your Windows system's hard drive to optimize its speed and overall performance. There are a couple of decent defragging tools you can use over the one that comes with Windows. We've come to prefer Auslogics Disk Defrag for its ease-of-use, graphically informative representation of your hard drive, and speed at defragging.

7. Use Chrome, Firefox or Opera as your default browser -- then pick one of the remaining two as your back-up browser.
Basically, we're suggesting that you don't use Internet Explorer or, for that matter, Safari. We're sorry to knock on them, but neither is as secure as Chrome, Firefox or Opera. IE 10 is certainly safer to use than previous versions, but significant security flaws that could expose your Windows system to malicious code online tend to crop up with it.
If you have to use IE (because your office work requires it, for instance), go through the browser's list of add-ons and uninstall any you don't need or recognize.
Although we're recommending Firefox, it is not immune to being compromised. We've come across Firefox installations in which their default search engine settings have been hijacked to forward to another site, despite there being no add-on or other installed software that's obviously associated with this behavior. The fastest solution to this is to select the function within Firefox that lets you restart it with all of its add-ons disabled.

PCMAV 5.3 + Update Build 2, Clamav 0.97.1, Link Protector Update 7, PCMAV Juli 2011 - PCMAV Agustus 2011

PCMAV 5.3 kembali hadir bersama diterbitkannya majalah PC Media edisi 07/2011 bulan Juli 2011.

Datang dengan serangkain perbaikan dan penyempurnaan dari versi sebelumnya, serta dengan penambahan pengenalan 119 virus baru, PCMAV 5.3 kini mampu mengenali 4.350 virus beserta variantnya yang dilaporkan banyak menyebar di Indonesia.

Pengintegrasian removal engine khusus untuk pembersihan virus Ramnit yang sebelumnya telah digunakan pada PCMAV Express for Ramnit (Ramnit Killer) kini telah dilakukan, sehingga PCMAV 5.3 ini dapat membersihkan 11 variant virus Ramnit yang dikenali.

" ADDED! Removal engine khusus untuk membersihkan secara tuntas virus Ramnit.A sampai Ramnit.K (11 varian), dan FontPorn yang menyebar luas di Indonesia. " - Demikian ditulis dalam change log yang disampaikan pada pengumuman rilis.

Catatan: Dalam beberapa kasus, pengintegrasian PCMAV bersama Clamav 0.97.1 menyebabkan munculnya pesan "Crash"...


Jika hal ini terjadi pada Anda, kami menyarankan untuk tetap mengintegrasikan PCMAV terbaru ini bersama engine Clamav 0.97.0.

Informasi Update - PCMAV 5.3 update build 2 dengan total penambahan 68 pengenalan virus baru dan PCMAV Link Protector Update 7 untuk melindungi Anda dari link berbahya selama berinternet serta engine Clamav 0.97.1 terbaru telah tersedia.
Dengan penambahan fitur LinkProtector sejak PCMAV 5.0, database baru bernama url.bad kini telah diperkenalkan. Seperti halnya PCMAV update build, database url.bad juga akan diupdate saat definisi baru LinkProtector tersedia. Untuk PCMAV update build, database update bernama update.vdb sedangkan database update LinkProtector bernama urlupd.bad. Link download file update tersebut tersedia dibagian akhir artikel ini saat keduanya telah tersedia.

Hanya bagi Anda yang belum pernah dan atau baru pertama menggunakan PCMAV, silahkan membaca artikel "Cara menggunakan dan mengupdate PCMAV Terbaru" serta mengintegrasikannya bersama Clamav sebagai plugins.

Distribusi resmi PCMAV 5.3 dapat Anda temukan dalam DVD majalah PCMedia edisi 07/2011 Juli 2011.
Bagi Anda yang berada di wilayah tak terjangkau distribusi majalah PC Media atau karena suatu hal tidak dapat menggunakan paket PCMAV yang disertakan dalam DVD PC Media namun sangat membutuhkannya, silahkan download PCMAV Terbaru ini melalui halaman download yang telah kami sediakan.

Download PCMAV 5.3 dan Clamav Terbaru;
Untuk mendownload PCMAV terbaru dan plugins Clamav terbaru, silahkan menuju ke halaman download melalui link di bawah ini...


Download manual PCMAV 5.3 update build dan update LinkProtector;
Untuk mendownload PCMAV update build dan update LinkProtector terbaru, silahkan klik link Download di bawah ini. Link download untuk update build yang belum tersedia akan diupdate ketika update build telah dirilis. Kami juga menyediakan link untuk informasi lebih lanjut mengenai masing-masing update build jika halaman rilis telah tersedia di virusindonesia.com. Link download untuk update LinkProtector akan segera kami tambahkan jika urlupd.bad terbaru telah tersedia...

  • Download PCMAV 5.3 update build 1;
    (Status: Telah tersedia - Informasi selengkapnya, kunjungi http://virusindonesia.com/2011/07/13/fakeav-downloader-n-your-‘Security’-is-our-priority/)
  • Download PCMAV 5.3 update build 2;
    (Status: Telah tersedia)

PCMAV 5.3 + Update Build 2, Clamav 0.97.1, Link Protector Update 7, PCMAV Juli 2011 - PCMAV Agustus 2011

PCMAV 5.3 kembali hadir bersama diterbitkannya majalah PC Media edisi 07/2011 bulan Juli 2011.

Datang dengan serangkain perbaikan dan penyempurnaan dari versi sebelumnya, serta dengan penambahan pengenalan 119 virus baru, PCMAV 5.3 kini mampu mengenali 4.350 virus beserta variantnya yang dilaporkan banyak menyebar di Indonesia.

Pengintegrasian removal engine khusus untuk pembersihan virus Ramnit yang sebelumnya telah digunakan pada PCMAV Express for Ramnit (Ramnit Killer) kini telah dilakukan, sehingga PCMAV 5.3 ini dapat membersihkan 11 variant virus Ramnit yang dikenali.

" ADDED! Removal engine khusus untuk membersihkan secara tuntas virus Ramnit.A sampai Ramnit.K (11 varian), dan FontPorn yang menyebar luas di Indonesia. " - Demikian ditulis dalam change log yang disampaikan pada pengumuman rilis.

Catatan: Dalam beberapa kasus, pengintegrasian PCMAV bersama Clamav 0.97.1 menyebabkan munculnya pesan "Crash"...


Jika hal ini terjadi pada Anda, kami menyarankan untuk tetap mengintegrasikan PCMAV terbaru ini bersama engine Clamav 0.97.0.

Informasi Update - PCMAV 5.3 update build 2 dengan total penambahan 68 pengenalan virus baru dan PCMAV Link Protector Update 7 untuk melindungi Anda dari link berbahya selama berinternet serta engine Clamav 0.97.1 terbaru telah tersedia.
Dengan penambahan fitur LinkProtector sejak PCMAV 5.0, database baru bernama url.bad kini telah diperkenalkan. Seperti halnya PCMAV update build, database url.bad juga akan diupdate saat definisi baru LinkProtector tersedia. Untuk PCMAV update build, database update bernama update.vdb sedangkan database update LinkProtector bernama urlupd.bad. Link download file update tersebut tersedia dibagian akhir artikel ini saat keduanya telah tersedia.

Hanya bagi Anda yang belum pernah dan atau baru pertama menggunakan PCMAV, silahkan membaca artikel "Cara menggunakan dan mengupdate PCMAV Terbaru" serta mengintegrasikannya bersama Clamav sebagai plugins.

Distribusi resmi PCMAV 5.3 dapat Anda temukan dalam DVD majalah PCMedia edisi 07/2011 Juli 2011.
Bagi Anda yang berada di wilayah tak terjangkau distribusi majalah PC Media atau karena suatu hal tidak dapat menggunakan paket PCMAV yang disertakan dalam DVD PC Media namun sangat membutuhkannya, silahkan download PCMAV Terbaru ini melalui halaman download yang telah kami sediakan.

Download PCMAV 5.3 dan Clamav Terbaru;
Untuk mendownload PCMAV terbaru dan plugins Clamav terbaru, silahkan menuju ke halaman download melalui link di bawah ini...


Download manual PCMAV 5.3 update build dan update LinkProtector;
Untuk mendownload PCMAV update build dan update LinkProtector terbaru, silahkan klik link Download di bawah ini. Link download untuk update build yang belum tersedia akan diupdate ketika update build telah dirilis. Kami juga menyediakan link untuk informasi lebih lanjut mengenai masing-masing update build jika halaman rilis telah tersedia di virusindonesia.com. Link download untuk update LinkProtector akan segera kami tambahkan jika urlupd.bad terbaru telah tersedia...

  • Download PCMAV 5.3 update build 1;
    (Status: Telah tersedia - Informasi selengkapnya, kunjungi http://virusindonesia.com/2011/07/13/fakeav-downloader-n-your-‘Security’-is-our-priority/)
  • Download PCMAV 5.3 update build 2;
    (Status: Telah tersedia)

PCMAV 5.3 + Update Build 2, Clamav 0.97.1, Link Protector Update 7, PCMAV Juli 2011 - PCMAV Agustus 2011

PCMAV 5.3 kembali hadir bersama diterbitkannya majalah PC Media edisi 07/2011 bulan Juli 2011.

Datang dengan serangkain perbaikan dan penyempurnaan dari versi sebelumnya, serta dengan penambahan pengenalan 119 virus baru, PCMAV 5.3 kini mampu mengenali 4.350 virus beserta variantnya yang dilaporkan banyak menyebar di Indonesia.

Pengintegrasian removal engine khusus untuk pembersihan virus Ramnit yang sebelumnya telah digunakan pada PCMAV Express for Ramnit (Ramnit Killer) kini telah dilakukan, sehingga PCMAV 5.3 ini dapat membersihkan 11 variant virus Ramnit yang dikenali.

" ADDED! Removal engine khusus untuk membersihkan secara tuntas virus Ramnit.A sampai Ramnit.K (11 varian), dan FontPorn yang menyebar luas di Indonesia. " - Demikian ditulis dalam change log yang disampaikan pada pengumuman rilis.

Catatan: Dalam beberapa kasus, pengintegrasian PCMAV bersama Clamav 0.97.1 menyebabkan munculnya pesan "Crash"...


Jika hal ini terjadi pada Anda, kami menyarankan untuk tetap mengintegrasikan PCMAV terbaru ini bersama engine Clamav 0.97.0.

Informasi Update - PCMAV 5.3 update build 2 dengan total penambahan 68 pengenalan virus baru dan PCMAV Link Protector Update 7 untuk melindungi Anda dari link berbahya selama berinternet serta engine Clamav 0.97.1 terbaru telah tersedia.
Dengan penambahan fitur LinkProtector sejak PCMAV 5.0, database baru bernama url.bad kini telah diperkenalkan. Seperti halnya PCMAV update build, database url.bad juga akan diupdate saat definisi baru LinkProtector tersedia. Untuk PCMAV update build, database update bernama update.vdb sedangkan database update LinkProtector bernama urlupd.bad. Link download file update tersebut tersedia dibagian akhir artikel ini saat keduanya telah tersedia.

Hanya bagi Anda yang belum pernah dan atau baru pertama menggunakan PCMAV, silahkan membaca artikel "Cara menggunakan dan mengupdate PCMAV Terbaru" serta mengintegrasikannya bersama Clamav sebagai plugins.

Distribusi resmi PCMAV 5.3 dapat Anda temukan dalam DVD majalah PCMedia edisi 07/2011 Juli 2011.
Bagi Anda yang berada di wilayah tak terjangkau distribusi majalah PC Media atau karena suatu hal tidak dapat menggunakan paket PCMAV yang disertakan dalam DVD PC Media namun sangat membutuhkannya, silahkan download PCMAV Terbaru ini melalui halaman download yang telah kami sediakan.

Download PCMAV 5.3 dan Clamav Terbaru;
Untuk mendownload PCMAV terbaru dan plugins Clamav terbaru, silahkan menuju ke halaman download melalui link di bawah ini...


Download manual PCMAV 5.3 update build dan update LinkProtector;
Untuk mendownload PCMAV update build dan update LinkProtector terbaru, silahkan klik link Download di bawah ini. Link download untuk update build yang belum tersedia akan diupdate ketika update build telah dirilis. Kami juga menyediakan link untuk informasi lebih lanjut mengenai masing-masing update build jika halaman rilis telah tersedia di virusindonesia.com. Link download untuk update LinkProtector akan segera kami tambahkan jika urlupd.bad terbaru telah tersedia...

  • Download PCMAV 5.3 update build 1;
    (Status: Telah tersedia - Informasi selengkapnya, kunjungi http://virusindonesia.com/2011/07/13/fakeav-downloader-n-your-‘Security’-is-our-priority/)
  • Download PCMAV 5.3 update build 2;
    (Status: Telah tersedia)

Learn Python The Hard Way, 2nd Edition



Welcome to the 2nd Edition of Learn Python the hard way. You can visit the companion site to the book at http://learnpythonthehardway.org/ where you can purchase digital downloads and paper versions of the book. The free HTML version of the book is available at http://learnpythonthehardway.org/book/.

Tuesday, July 19, 2011

EC-Council Certified Ethical Hacker v7 - FILELIST | 15,51 Gb

EC-Council Certified Ethical Hacker v7 - FILELIST
EC-Council Certified Ethical Hacker v7 - FILELIST | 15,51 Gb


EC-Council releases the most advanced ethical hacking program in the world. This much anticipated version was designed by hackers and security researchers. CEH v7 is a revolutionary training program that combines class metrics, advance lab environment, cutting edge hacking techniques and excellent presentation materials. EC-Council has spent several years in developing this version.

The Certified Ethical Hacker courseware has undergone tremendous improvement from its predecessor. We have invested 4 times the regular investment in the research and development since the last release, and have given CEHv7 a complete makeover.

The new version is a breakaway from earlier releases with more emphasis on techniques and methodologies, which attackers may use to carry out possible attacks against system/networks.

Picture speaks thousand words and we at EC-Council have enforced the saying by practicing it. The instructor slides and student manuals in CEHv7 has it all. The new version empowers the instructor with flawless flow and outstanding diagrammatic representation of the hacking techniques, which makes it easier to teach and enables students to understand the concepts better.
CEHv7 provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals. Hundreds of SMEs and authors have contributed towards the content presented in the CEHv7 courseware. Latest tools and exploits uncovered from the underground community are featured in the new package. Our researchers have invested thousands of man hours researching the latest trends and uncovering the covert techniques used by the underground community.

In addition to the makeover, CEHv7 includes two additional bundles; a Monster Hacking Tool Repository, Codenamed Frankenstein and a subscription based Virtual Lab Environment codenamed iLabs.

Frankenstein

Frankenstein provides user with an ease for searching, downloading and installing the latest hacking and penetration testing tools. By using Frankenstein Version 1.0, users can check the release date of the tool, category under which it is published, probable size of the tool, name of the publisher/author, the website details and technical requirements for the tool to run. This will help all the Certified Members to keep themselves updated of tools released in the wild.

Key benefits:

. Repository of categorized latest tools
. User can download the tool in less time with comparison to manual search
. Helps the user to synchronize & manage the tools from the server
. Search specific tools from the available list of tools
. The system provides a means to generate a HTML report of all the tools downloaded by the user

iLabs

The iLabs is a subscription based service that allows students to logon to a virtualized remote machine running Windows 2003 Server to perform various exercises featured in the CEHv7Lab Guide. All you need is a web browser to connect and start experimenting. The virtual machine setup reduces the time and effort spent by instructors and partners prior to the classroom engagement. It is a hassle free service available 24x7 x number of days subscribed.

Benefits

. Enables students to practice various hacking techniques in a real time and simulated environment
. The course tools and programs are preloaded on the iLabs machine thereby saving productive time and effort

Key Features of CEH v7

. Well organized DVD-ROM content; a repository of approximately 20GB of latest hacking and security tools and more than 1000 minutes of videos demonstrating hacking techniques.
. Well organized content for a better understanding and learning experience
. Concepts are well-illustrated to create self-explanatory slides.
. Diagrammatic representation of concepts and attacks
. Industry standard key tools are featured in detail and other tools are presented as a list for students to try
. Exclusive section for countermeasures against different attacks with detailed explanation of how to implement these countermeasures in real time environment
. The new version has complete section dedicated for penetration testing. It illustrates how to implement learned concepts to test network system security
. A result oriented, descriptive and analytical lab manual; the labs showcased in the courseware are tested against latest Operating Systems with all the patches and hot fixes applied

Download:

Friday, July 15, 2011

DNS Attack Downs Internet in Parts of China

An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Internet access was affected in five northern and coastal provinces after the DNS (domain name system) attack, which targeted just one company but caused unanswered information requests to flood China's telecommunications networks, China's IT ministry said in a statement on its Web site. The DNS is what computers use to find each other on the Internet.
The incident revealed holes in China's DNS that are "very strange" for such a big country, said Konstantin Sapronov, head of Kaspersky's Virus Lab in China.
The problems started when registrar DNSPod's DNS servers were targeted with a DDOS (distributed denial of service) attack, described by the company in an online statement. In such an attack, the attacker orders a legion of compromised computers to try to communicate with a server all at once, which overwhelms the server and crushes its ability to return requests for information.
Telecom network operators blocked access to the IP (Internet Protocol) address of the registrar, concerned that its beleaguered servers were draining resources from the machine rooms they occupied, the registrar said.
Web sites served by the registrar's servers, including one that offers an extremely popular online video playing application, became inaccessible.
The story might have ended there. But as some massive number of users tried to boot up the video application, called Baofeng, their unanswered DNS requests were apparently passed on to higher-level servers that didn't know how to process them.
The requests piled up, and the resulting traffic jam slowed or halted Internet access across affected provincial networks. DNSPod was told that even Baidu, China's top search engine, became inaccessible in one province, it said in a message on Twitter.
Internet access returned to normal in the late night several hours later, according to the government statement.
China had almost 300 million Internet users at the end of last year, according to the country's domain registry agency, and streaming online video is as popular among young people as it is in Western countries.
The event, the first of its kind in China, suggests the country needs to improve its rules managing the DNS, said Zhao Wei, CEO of Knownsec, a Beijing security firm.
The original attack transformed into a regional DNS jam essentially because Baofeng is so popular, said Zhao.
Such programs may need smarter code, which could instruct them to withdraw DNS requests that go unanswered, he said. The way unanswered requests are redirected to higher-level servers could also be changed, Zhao said.
Guarding servers against DDOS attacks remains difficult. DNS service providers need reliable, secure servers and emergency plans in case they fail, said Zhao

European Banks Seeing New Wave Of ATM Skimming

ATM hacking and skimming were often in the news a few years back, but since the banks ramped up the security on ATM machines – including anti-skimming devices – ATM fraud activities seemed to drop off. Remember the Pro ATM Hacker ‘Chao’ Gives Out ATM Hacking Tips and a bunch of people getting busted not long after that.
Well it seems ATM skimming has resurfaced with the clever criminals finally gaining the ability to remove the anti-skimming devices and modify them to their own nefarious ends.

The advantage of ATM skimming rather than just plain old hacking the data online is that with the placement of a small camera you can also record the PIN number associated with each card – so after cloning it you can actually use it to withdraw money from the ATM.
It seems like the new skimming devices are much more high tech and also use off the shelf components, such as an MP3 player.

They haven’t really released any details such as which banks were effected or even which countries the skimming attacks took place in. There has actually been a record number of skimming attempts this year but the losses have dropped.
I’d guess that would be due to the new security-measures built into the EMV (Europay, Mastercard, Visa) ATM cards which have a chip built in that EMV compliant ATM machines can scan and verify.

The Social-Engineer Toolkit (SET) – Computer Based Social Engineering Tools

The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.
SET is a menu driven based attack system, which is fairly unique when it comes to hacker tools. The decision not to make it command line was made because of how social-engineer attacks occur; it requires multiple scenarios, options, and customizations. If the tool had been command line based it would have really limited the effectiveness of the attacks and the inability to fully customize it based on your target. Let’s dive into the menu and do a brief walkthrough of each attack vector.

This is an extremely complete and advanced toolkit, which also harnessed the power of Metasploit and Ettercap and it provides following attack vectors:
  • Spear-Phishing Attack Vector
  • Java Applet Attack Vector
  • Metasploit Browser Exploit Method
  • Credential Harvester Attack Method
  • Tabnabbing Attack Method
  • Man Left in the Middle Attack Method
  • Web Jacking Attack Method
  • Multi-Attack Web Vector
  • Infectious Media Generator
  • Teensy USB HID Attack Vector
You can find some tutorials and videos on how to get up and running and use SET here:
Social Engineering Resources
You can download SET using SVN.
svn co http://svn.secmaniac.com/social_engineering_toolkit set/

Malware Analyser v3.0 – A Static & Dynamic Malware Analysis Tool

Malware Analyser is freeware tool to perform static and dynamic analysis on malware executables, it can be used to identify potential traces of anti-debug, keyboard hooks, system hooks and DEP setting change calls in the malware.
This is a stepping release since for the first time the Dynamic Analysis has been included for file creations (will be improved for other network/registry indicators sooner) along with process dumping feature.
Features
  • String based analysis for registry, API calls, IRC Commands, DLL’s called and VM Aware.
  • Display detailed headers of PE with all its section details, import and export symbols etc.
  • On Distro, can perform an ascii dump of the PE along with other options (check –help argument).
  • For Windows, it can generate various section of a PE : DOS Header, DOS Stub, PE File Header, Image Optional Header, Section Table, Data Directories, Sections
  • ASCII dump on windows machine
  • Code Analysis (disassembling)
  • Online malware checking (http://www.virustotal.com)
  • Check for Packer from the Database.
  • Tracer functionality
  • Signature Creation: Allows to create signature of malware
  • CRC and Timestamp verification.
  • Entropy based scan to identify malicious sections.
  • Dump a process memory
  • Dynamic Analysis (Still in beginning stage) for file creations.
You can download Malware Analyser v3.0 here:
malware_analyser 3.0.zip

Ophcrack 3.3.1 & LiveCD – Free Rainbow Table Password Cracking Tool

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. It works based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
We mentioned it in our RainbowCrack and Rainbow Tables article, definitely one of the best free options for Rainbow Cracking.
Features
  • Runs on Windows, Linux/Unix, Mac OS X
  • Cracks LM and NTLM hashes.
  • Free tables available for Windows XP and Vista.
  • Brute-force module for simple passwords.
  • Audit mode and CSV export.
  • Real-time graphs to analyze the passwords.
  • LiveCD available to simplify the cracking.
  • Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
  • Free and open source software (GPL).
You can find the various tables they offer here (mostly free with some paid):
Ophcrack Rainbow Tables
And of course our own collection of Free Rainbow Tables and other software here.
You can download Ophcrack 3.3.1 here:
Windows – ophcrack-win32-installer-3.3.1.exe
Source – ophcrack-3.3.1.tar.bz2
Or download the LiveCD here:
To crack XP hashes – ophcrack-xp-livecd-2.3.1.iso
To crack Vista hashes – ophcrack-vista-livecd-2.3.1.iso

Wophcrack – Web Based Interface For Ophcrack Password Cracking Tool

I’m assuming everyone reading already knows about Ophcrack – the awesome time/memory trade-off password cracker.
Well here is a nifty web-based interface for it. Rainbow Tables are really useful when cracking password hashes, but one major disadvantage of these tables is their size which can be hundreds of gigs for complex tables. The author thought it would be extremely useful to have a personal web interface for your rainbow tables which you can access from anywhere on the web anywhere without having to carry the large tables with you everywhere you go. And well here we are, Wophcrack (Web)Ophcrack.
Wophcrack - Web Interface for Ophcrack
When cracking LM or NTLM hashes Ophcrack is a great tool as we discussed recently, it provides both a GUI and CLI options along with some free and paid tables. The author basically wrote a quick and dirty PHP based web frontend for Ophcrack.
Wophcrack was designed to work on Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can also easily edited to support Rainbow Crack.
You can download Wophcrack here:
wophcrack.zip

Mac security firm ships first-ever iPhone malware scanner

A French security company known for its Mac OS X antivirus software today released the first malware-scanning app for the iPhone and iPad and iPod Touch.
Intego's VirusBarrier for iOS has been approved by Apple, and debuted on the App Store Tuesday for $2.99.
Because iOS prevents the program from accessing the file system or conducting automatic or scheduled scans -- as do virtually all Mac and Windows antivirus software -- VirusBarrier must be manually engaged, and then scans only file attachments and files on remote servers, said Peter James, a spokesman for Intego.

"Because of the sandbox, you can't scan the file system," said James. "Since you don't see the iOS file system, the only things you can scan are attachments sent by email or files in, say, your Dropbox folder."
Unlike software written for Android -- such as Lookout, from the San Francisco-based company by the same name -- VirusBarrier cannot scan apps for possible infection .
When an email attachment is received by the iPhone, iPad or iPod Touch, the user can intercede by calling on VirusBarrier, which then scans the file for possible infection before the file is opened or forwarded to others.
"We've had enterprise customers say that although they know you can't do a full system scan of an iPhone, they don't like the fact that files go through these devices and end up on a Mac or Windows PC," said James. "They want their users to be able to check that an attachment is safe."
He characterized VirusBarrier for iOS as a way for iPhone and iPad users to prevent their hardware from spreading malware. "You don't want your iPhone becoming a 'Typhoid Mary,'" James said.
VirusBarrier for iOS can scan email attachments in a variety of formats, including Microsoft's Word, Excel and PowerPoint; PDF documents; JavaScript files; and Windows executables, those files tagged with the .exe extension. It can also scan files in a Dropbox folder, those stored on MobileMe's iDisk, or files downloaded via the iOS version of Safari.
The scanning engine and signatures -- the digital "fingerprints" used to detect malware -- in VirusBarrier for iOS are identical to those used by Intego's Mac OS X product line.
VirusBarrier for iOS lets iPhone and iPad users run on-demand scans of email attachments before those files are opened or forwarded. (Graphic: Intego.)
"It's important that people understand what [VirusBarrier] can and cannot do," said James, pointing to the malware scanner's limitations. "Although there is no malware written for iOS today, if attackers do try to exploit the [recent] PDF vulnerability, this is something we can scan for."
James was referring to the still-unpatched vulnerability in iOS that can be exploited through a malicious PDF document, one of two bugs used last week to "jailbreak" an iPhone , iPad or iPod Touch.
VirusBarrier for iOS can be downloaded to an iPhone, iPad or iPod Touch from Apple's App Store . It requires iOS 4.0 or later.

ksymhunter – Routines For Hunting Down Kernel Symbols

Routines for hunting down kernel symbols from from kallsyms, System.map, vmlinux, vmlinuz, and remote symbol servers.
Examples:
$ ./ksymhunter prepare_kernel_cred
[+] trying to resolve prepare_kernel_cred...
[+] resolved prepare_kernel_cred using /boot/System.map-2.6.38-gentoo
[+] resolved prepare_kernel_cred to 0xffffffff81061060
And..
$ ./ksymhunter commit_creds
[+] trying to resolve commit_creds...
[+] resolved commit_creds using /boot/System.map-2.6.38-gentoo
[+] resolved commit_creds to 0xffffffff81060dc0
You can download ksymhunter v1.0 here:
ksymhunter.tar.gz

Metasploitable – Test Your Metasploit Against A Vulnerable Host

Ok so you’ve got Metasploit loaded up, you’ve read the Metasploit Tutorials & Watched the Videos – but you’ve still got no idea what to do next and don’t have anything to test against.
It’s not exactly new, but I guess a lot of people still don’t know about it. Basically if you don’t know what to do next, this is where Metasploitable comes in! One of the questions that the Metasploit developers often hear is “What systems can I use to test against?” Based on this, they thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older MySQL.
You can use most VMware products to run it, and you’ll want to make sure it’s configured for Host-only networking unless it’s in your lab – no need to throw another vulnerable machine on the corporate network. It’s configured in non-persistent-disk mode, so you can simply reset it if you accidentally ‘rm -rf’ it.
There are various other similar setups you can test out your hacking kung-fu on like:
You can download Metasploitable here:
Torrent – Metasploitable.zip.torrent
(Be careful opening the readme.txt as there are spoilers in it).

RSA finally comes clean: SecurID is compromised



RSA Security will replace virtually every one of the 40 million SecurID tokens currently in use as a result of the hacking attack the company disclosed back in March. The EMC subsidiary issued a letter to customers acknowledging that SecurID failed to protect defense contractor Lockheed Martin, which last month reported a hack attempt.
SecurID tokens are used in two-factor authentication systems. Each user account is linked to a token, and each token generates a pseudo-random number that changes periodically, typically every 30 or 60 seconds. To log in, the user enters a username, password, and the number shown on their token. The authentication server knows what number a particular token should be showing, and so uses this number to prove that the user is in possession of their token.
The exact sequence of numbers that a token generates is determined by a secret RSA-developed algorithm, and a seed value used to initialize the token. Each token has a different seed, and it's this seed that is linked to each user account. If the algorithm and seed are disclosed, the token itself becomes worthless; the numbers can be calculated in just the same way that the authentication server calculates them.
This admission puts paid to RSA's initial claims that the hack would not allow any "direct attack" on SecurID tokens; wholesale replacement of the tokens can only mean that the tokens currently in the wild do not offer the security that they are supposed to. Sources close to RSA tell Ars that the March breach did indeed result in seeds being compromised. The algorithm is already public knowledge.
As a result, SecurID offered no defense against the hackers that broke into RSA in March. For those hackers, SecurID was rendered equivalent to basic password authentication, with all the vulnerability to keyloggers and password reuse that entails.
RSA Security Chairman Art Coviello said that the reason RSA had not disclosed the full extent of the vulnerability because doing so would have revealed to the hackers how to perform further attacks. RSA's customers might question this reasoning; the Lockheed Martin incident suggests that the RSA hackers knew what to do anyway—failing to properly disclose the true nature of the attack served only to mislead RSA's customers about the risks they faced.
RSA is working with other customers believed to have been attacked as a result of the SecurID compromise, though it has not named any. Defense contractors Northrop Grumman and L-3 Communications are both rumored to have faced similar attacks, with claims that Northrop suspended all remote access to its network last week.

Inguma Is Back – The Penetration Testing & Vulnerability Research Toolkit

Inguma is back and being actively developed again. It’s been quite a long time, far too long in fact. We first reported about Inguma way back in 2007 and our latest mention of it was in March 2008.
A new version has just been released almost 3 years later with some major changes and a big GUI revamp. Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits. While the current exploitation capabilities in Inguma may be limited, this program provides numerous tools for information gathering and target auditing.
There are some good docs to get you up and running too:
The announcement from the developers blog is here:
We are back
You can download Inguma 0.2 here:
inguma-0.2.tar.gz

sqlmap 0.9 Released – Automatic Blind SQL Injection Tool

It’s been a while since we’ve written about sqlmap, the last time was when 0.7 was released back in July 2009 – sqlmap 0.7 Released – Automatic SQL Injection Tool.
Well sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine.
For those that aren’t familiar with the tool, sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
New Features/Changes
  • Rewritten SQL injection detection engine (Bernardo and Miroslav).
  • Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
  • Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
  • Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
  • Implemented support for Firebird (Bernardo and Miroslav).
  • Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
  • Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
  • Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
  • Added support to fetch unicode data (Bernardo and Miroslav).
  • Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
  • Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
  • Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
  • Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.
The complete changelog is available for viewing here.
You can also download the user manual here [PDF] – sqlmap README
You can download sqlmap 0.9 here:
sqlmap-0.9.tar.gz