Angker Batu

Yesterday, im watching (like i always do in saturday :P) "Angker Batu" (horror movie; yet another ghost story :p) at the cinema. Releases in theater April 26th 2007, starring mieke amalia, yama carlos, and imelda therinne.

The story are about a place name "Angkerbatu" , all people around this place believe that "the place" was an empire of Nyai Roro Kidul. This story begin when two reporter from a company of Korean Television ( Manda and Rino) dissapear. Theyre made a story about the society demonstration opposing development of biggest modern golf course in Asia by a korean company in Angkerbatu. News team from Voice of Korea, Yudha (yama carlos), Kanaya (mieke wijaya) and Warno soon go to Angkerbatu to look for their friend that are missing and found many experiences and almost lost their life against the ghost from a haunted palace.

Like another Indonesians horror movie, this movie also have a teribble ending, i dont like the ending :P, (maybe its a trick to make a "sekuel" movie, gyahh), So i rate it 5 from 10 (Not Too good and Not to bad).

***ps: sorry buat temen temen id-ubuntuers yang kemaren pesta di bandung dan jogja, maaf neh gw ga bisa ikutan pesta feisty (lah kok sempet-sempetnya nonton, wong pada pesta feisty :P) **

Web Design Competition

In the last two days, ive been asked to be one of the judges for Web design competition at IT Competition for a Vocational Preparation High School (SMK), there are ten participant represent all part of jakarta. In the second day, the participant should build a site from zero, they have to determine the environtment, installing the application (such as web editor, images editor, animation editor, web server, database server, etc) and then they have to finish all the step (mission).

They need to make a dynamic web application (including guestbook, counter, login page [using session], also some online order page) that need to connect with database server, n then they have to manage it by uploading the web application to the server and run perfectly. Its suprising me much about their level in creating the script and images animation, just wondering how could they remember all the "syntax" :p gyaahh . And the result are so fantastic, ive seen many great sites made by a profesional web developer, but a site made by a student in 6 hour ? full with dynamic content also great animation. ... wow, theyre pro too... dude ..

here are the picture of "young talented web master" .. they are great




Its a great move for Our Next Generation; ups (almost forget), theres a lady who code and made a batch programming as well, so watch out guys. Thx to the_day for this opportunity .. im tired but its fun :)

Installing madwifi-ng (plus aircrack-ng patch)

Before you playin with aircrack-ng so you have to patched your driver (in this case madwifi for my Atheros, u can check patched for your driver here) for injection

y3dips@tarantula:~$ svn checkout http://svn.madwifi.org/trunk/ madwifi-ng
y3dips@tarantula:~$ wget http://patches.aircrack-ng.org/madwifi-ng-r2277.patch
y3dips@tarantula:~$ cd madwifi-ng/
y3dips@tarantula:~/madwifi-ng$ patch -Np1 -i ../madwifi-ng-r2277.patch
patching file ath/if_ath.c
y3dips@tarantula:~/madwifi-ng$ sudo make
Checking requirements... ok.
Checking kernel configuration... ok.
...{process truncated}
y3dips@tarantula:~/madwifi-ng$ sudo make install
sh scripts/find-madwifi-modules.sh 2.6.17-10-generic

WARNING:
It seems that there are modules left from previous MadWifi installations.
If you are unistalling the MadWifi modules please press "r" to remove them.
If you are installing new MadWifi modules, you should consider removing those
already installed, or else you may experience problems during operation.
Remove old modules?

[l]ist, [r]emove, [i]gnore or e[x]it (l,r,i,[x]) ?
r
... {process truncated}
y3dips@tarantula:~/madwifi-ng$ sudo depmod -ae
y3dips@tarantula:~/madwifi-ng$ sudo modprobe ath_pci
y3dips@tarantula:~/madwifi-ng$ iwconfig ath0
ath0 IEEE 802.11b ESSID:""
Mode:Managed Channel:0 Access Point: Not-Associated
Bit Rate:0 kb/s Tx-Power:0 dBm Sensitivity=0/3
Retry:off RTS thr:off Fragment thr:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

then u can start your wifi hack

y3dips@tarantula:~$ sudo airmon-ng stop ath0

Interface Chipset Driver

wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0) (VAP destroyed)

y3dips@tarantula:~$

Happy hacking :)

diff Refreshing

Ok, now is the time for tips n tricks, were goin to play with some basic reverse-engineering or source code auditing commands, diff "outputs differences between files by comparing files line by line"

y3dips@tarantula:~/belajar$ echo "1234567" > 1.txt
y3dips@tarantula:~/belajar$ echo "1234567" > 2.txt
y3dips@tarantula:~/belajar$ echo "alias" >> 2.txt
y3dips@tarantula:~/belajar$ diff 1.txt 2.txt
1a2
> alias

wonder if we had to find "manually" some different strings between two files within thousand lines, it helps right? (i posted it just to give a shock therapy to my memory, so nevermind if u`re already master it or more :P, LOL)

sp00fed

you've been officially sp00fed dude!


!please dont cry outloud, change all your credential A.S.A.P !

Arpwatch in action

Apr 17 14:11:32 tarantula kernel: [17203350.856000] eth0: Promiscuous mode enabled.
Apr 17 14:11:32 tarantula kernel: [17203350.856000] device eth0 entered promiscuous mode
Apr 17 14:11:32 tarantula kernel: [17203350.856000] audit(1176793892.194:2): dev=eth0 prom=256 old_prom=0 auid=4294967295
Apr 17 14:11:32 tarantula arpwatch: listening on eth0
Apr 17 14:13:52 tarantula arpwatch: changed ethernet address 192.168.4.80 0:40:b9:7a:63:0 (0:1:3:40:8e:8c) eth0
Apr 17 14:14:26 tarantula arpwatch: changed ethernet address 192.168.4.11 0:1:29:3f:58:ea (0:16:36:aa:aa:6a) eth0
Apr 17 14:15:10 tarantula arpwatch: new station 192.168.4.12 0:1:29:3f:58:ea eth0

always watch your back brotha ...

Installing Aircrack-ng

An easy way to install aircrack-ng (aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact, aircrack is a set of tools for auditing wireless networks.) and get the newest version.

y3dips@tarantula:~$ svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng
A aircrack-ng/airoscript
A aircrack-ng/airoscript/LICENSE
A aircrack-ng/airoscript/AUTHORS
A aircrack-ng/airoscript/CHANGELOG
A aircrack-ng/airoscript/airoscript.sh
A aircrack-ng/airoscript/README
A aircrack-ng/test
A aircrack-ng/test/makeivs.c
A aircrack-ng/test/password.lst
A aircrack-ng/test/wep.shared.key.authentication.cap
A aircrack-ng/test/wpa.cap
A aircrack-ng/test/wpa2.eapol.cap
A aircrack-ng/test/wep.open.system.authentication.cap
A aircrack-ng/LICENSE
A aircrack-ng/VERSION
A aircrack-ng/Makefile.osx
A aircrack-ng/AUTHORS
A aircrack-ng/airmon-ng
A aircrack-ng/ChangeLog
A aircrack-ng/patches
A aircrack-ng/patches/zd1211rw_inject_2.6.17.patch
A aircrack-ng/patches/madwifi-ng-r2277.patch
A aircrack-ng/patches/linux-wlan-0.2.5.packet.injection.patch
A aircrack-ng/patches/hostap-kernel-2.6.18.patch
A aircrack-ng/patches/rtl8187_2.6.20v2.patch
A aircrack-ng/patches/madwifi-old-r1417.patch
A aircrack-ng/patches/prism54-svn-20050724.patch
A aircrack-ng/patches/rtl8180-0.21v2.patch
A aircrack-ng/patches/hostap-driver-0.4.7.patch
A aircrack-ng/patches/ipw2200-1.1.4-inject.patch
A aircrack-ng/patches/zd1211rw_inject_2.6.20.patch
A aircrack-ng/patches/ieee80211_inject.patch
A aircrack-ng/patches/old
A aircrack-ng/patches/old/zd1211rw_malformed.patch
A aircrack-ng/patches/old/rtl8187_1010.0622.patch
A aircrack-ng/patches/old/madwifi-ng-r1475_disable_retry_raw.patch
A aircrack-ng/patches/old/linux-wlan-0.2.3.packet.injection.patch
A aircrack-ng/patches/old/rt2500-cvs-20051008-prismheader.patch
A aircrack-ng/patches/old/rt2500-cvs-2005112305.patch
A aircrack-ng/patches/old/rt2500-cvs-20050724.patch
A aircrack-ng/patches/old/madwifi-ng-r1520.patch
A aircrack-ng/patches/old/hostap-driver-0.4.5.patch
A aircrack-ng/patches/old/rt2570-cvs-20051008-prismheader.patch
A aircrack-ng/patches/old/rtl8187_1010.0622v2.patch
A aircrack-ng/patches/old/hostap-driver-0.3.9.patch
A aircrack-ng/patches/old/madwifi-ng-r1730.patch
A aircrack-ng/patches/old/rt2570-cvs-2005112305.patch
A aircrack-ng/patches/old/madwifi-ng-r1713.patch
A aircrack-ng/patches/old/rt2570-cvs-20050824.patch
A aircrack-ng/patches/old/rtl8187_2.6.20.patch
A aircrack-ng/patches/old/madwifi-ng-r1526.patch
A aircrack-ng/patches/old/madwifi-ng-r1545.patch
A aircrack-ng/patches/old/rtl8180-0.21.patch
A aircrack-ng/patches/old/madwifi-ng-r1486.patch
A aircrack-ng/patches/old/hostap-kernel-2.6.16.patch
A aircrack-ng/patches/old/madwifi-cvs-20051025.patch
A aircrack-ng/patches/old/madwifi-ng-r1983.patch
A aircrack-ng/patches/old/madwifi-ng-r1679.patch
A aircrack-ng/patches/old/madwifi-ng-r1886.patch
A aircrack-ng/patches/old/madwifi-cvs-20050814.patch
A aircrack-ng/patches/old/madwifi-cvs-20050707.patch
A aircrack-ng/patches/old/ipw2200-1.1.3-inject.patch
A aircrack-ng/patches/old/wlanng-0.2.1-pre26.patch
A aircrack-ng/patches/old/madwifi-ng-r1457-1473_disable_retry_raw.patch
A aircrack-ng/src
A aircrack-ng/src/airtun-ng.c
A aircrack-ng/src/uniqueiv.c
A aircrack-ng/src/crc.c
A aircrack-ng/src/aireplay-ng.c
A aircrack-ng/src/kstats.c
A aircrack-ng/src/airdecap-ng.c
A aircrack-ng/src/sha1-mmx.S
A aircrack-ng/src/crypto.c
A aircrack-ng/src/aircrack-ng.c
A aircrack-ng/src/ivstools.c
A aircrack-ng/src/airodump-ng.c
A aircrack-ng/src/crctable.h
A aircrack-ng/src/crypto.h
A aircrack-ng/src/pcap.h
A aircrack-ng/src/common.c
A aircrack-ng/src/version.h
A aircrack-ng/src/packetforge-ng.c
A aircrack-ng/manpages
A aircrack-ng/manpages/aircrack-ng.1
A aircrack-ng/manpages/airodump-ng.1
A aircrack-ng/manpages/ivstools.1
A aircrack-ng/manpages/airtun-ng.1
A aircrack-ng/manpages/airmon-ng.1
A aircrack-ng/manpages/aireplay-ng.1
A aircrack-ng/manpages/kstats.1
A aircrack-ng/manpages/airdecap-ng.1
A aircrack-ng/manpages/packetforge-ng.1
A aircrack-ng/manpages/makeivs.1
A aircrack-ng/Makefile.NetBSD
A aircrack-ng/README
A aircrack-ng/Makefile.other
A aircrack-ng/evalrev
A aircrack-ng/INSTALLING
A aircrack-ng/Makefile.OpenBSD
A aircrack-ng/Makefile.cygwin
A aircrack-ng/Makefile
A aircrack-ng/packages
A aircrack-ng/packages/PKGBUILD
A aircrack-ng/packages/slack-desc
A aircrack-ng/packages/aircrack-ng.spec
Checked out revision 297.

y3dips@tarantula:~/aircrack-ng$ make
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/aircrack-ng.c src/crypto.c src/sha1-mmx.S src/common.c -o aircrack-ng -lpthread
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/airdecap-ng.c src/crypto.c src/common.c src/crc.c -o airdecap-ng
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/packetforge-ng.c src/common.c src/crc.c -o packetforge-ng
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/ivstools.c src/common.c -o ivstools
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/kstats.c -o kstats
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` test/makeivs.c -o makeivs
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/aireplay-ng.c src/common.c src/crc.c -o aireplay-ng
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/airodump-ng.c src/common.c -o airodump-ng
gcc -g -W -Wall -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=`./evalrev` src/airtun-ng.c src/common.c src/crc.c src/crypto.c -o airtun-ng

y3dips@tarantula:~/aircrack-ng$ sudo make install
Password:
install -d /usr/local/bin
install -m 755 aircrack-ng airdecap-ng packetforge-ng ivstools kstats /usr/local/bin
install -m 755 makeivs /usr/local/bin
install -d /usr/local/man/man1
install -m 644 ./manpages/* /usr/local/man/man1
install -d /usr/local/sbin
install -m 755 aireplay-ng airodump-ng airtun-ng /usr/local/sbin
install -m 755 airmon-ng /usr/local/sbin

y3dips@tarantula:~/aircrack-ng$ aircrack-ng

Aircrack-ng 0.7 r297 - (C) 2006,2007 Thomas d'Otreppe
Original work: Christophe Devine
http://www.aircrack-ng.org

usage: aircrack-ng [options] <.cap / .ivs file(s)>

Common options:

-a : force attack mode (1/WEP, 2/WPA-PSK)
-e : target selection: network identifier
-b : target selection: access point's MAC
-q : enable quiet mode (no status output)

Static WEP cracking options:

-c : search alpha-numeric characters only
-t : search binary coded decimal chr only
-h : search the numeric key for Fritz!BOX
-d : debug - specify mask of the key (A1:XX:CF:YY)
-m : MAC address to filter usable packets
-n : WEP key length : 64/128/152/256/512
-i : WEP key index (1 to 4), default: any
-f : bruteforce fudge factor, default: 2
-k : disable one attack method (1 to 17)
-x or -x0 : disable last keybytes bruteforce
-x1 : enable last keybyte bruteforcing (default)
-x2 : enable last two keybytes bruteforcing
-y : experimental single bruteforce mode
-s : show ASCII version of the key

WEP and WPA-PSK cracking options:

-w : path to a dictionary file (multiple
dictionnaries can be specified.
See manpage for more information)

--help : Displays this usage screen

No file to crack specified.

Happy "wifi hacking" then ..

Ubuntu Troubleshoot

Ive found two error on my ubuntu box (Linux tarantula 2.6.17-11-generic #2 SMP i686 GNU/Linux), the first problems is in my alsa driver, found dmesg output full of this kind of strings;

hda_codec: invalid dep_range_val 0:7fff
hda_codec: invalid dep_range_val 0:7fff
hda_codec: invalid dep_range_val 0:7fff
hda_codec: invalid dep_range_val 0:7fff

to fix it just add this strings to this file /etc/modprobe.d/sound

options snd-hda-intel probe_mask=3 position_fix=3

The second error that pop out on dmesg is my ndiswraper wont work perfectly, so i try this link http://ndiswrapper.sourceforge.net/mediawiki/index.php/Uninstall

"Nagabonar jadi 2", what world would say

Yes, i know its a little late to tell a story about this movie. Releases in theater March 29th 2007, and i could watch it yesterday with dedek.

I think its an another great movie directed also starring by Deddy Mizwar as Nagabonar itself. I cant tell anything about this great movie, "Just Watch it for yourself (must)" and i'd love to rate it 9 from 1-10 scale.

make your metasploit 3.0 run

Some people ask me about how to run a new version of metasploit (The Metasploit Framework is a development platform for creating security tools and exploits) on their ubuntu, they failed to run it, not like in previous version . As we know, a new version (framework 3.0) is written in the Ruby programming language and includes components written in C and assembler. So, here are some direction, hope it helps.

Ok, i run the framework from Edgy Eft (Ubuntu 6.10, in a fresh install state)



yes, its failed because i need ruby programming language installed on my machine



end then, just install it. Ruby are installed n try to run it again,



still failed, because i need to install libopenssl extensions for ruby




just do some search, n install the package for ruby, then try to run your "metasploit" again



now, its run perfectly on your machine.., hope it helps

Gaim becomes Pidgin

After a long, and unfortunately secret debate (as we could not say why we were looking at a name change, we ended up just doing this ourselves), we settled on the name "Pidgin" for gaim itself, "libpurple" for libgaim (which, as of 2.0.0 beta6, exists), and "Finch" for gaim-text. Yes, the spelling of "Pidgin" is intentional, see http://en.wikipedia.org/wiki/Pidgin. (source : http://www.pidgin.im )

eragon

Eragon is a fantasy/adventure movie based on the novel of the same name by author Christopher Paolini. It was released on December 13, 2006 in Indonesia.

Eragon is about a teenage farm boy named Eragon. He lives in a village named Carvahall in the fictional and magical world of Alagaësia. While hunting, he finds a dragon egg. From the egg hatches a sapphire dragon named Saphira. Eragon decides to keep Saphira a secret, but a pair of magical creatures are sent by the King of Alagaesia, Galbatorix, to find Eragon and the dragon. He flees home to find his uncle dead and so sets out on a journey to avenge his Uncle. Accompanied by a wise storyteller named Brom, Eragon and Saphira take up the legacy of legendary Dragon Riders. He learns magic, swordfighting, and dragon-riding to fufill the legend of the dragon riders and his destiny. (source : http://en.wikipedia.org/wiki/Eragon_(movie))

Today, ive watch the movie (yes, its not "that" new movie, but hell care i wanna look over) , ive heard about this novel earlier as some of my friends mention it to me. During the watching time, i found that this is a boring movie in the first half of the movie(some of my friends told me before i watch the movie, they said that the movie was out of expectancy). Altough i agree that "saphira" was a great creation, I would rate it at 6 from 1-10 scale.

ezine issue 17 call for paper

echo|zine, Vol 5 Issue 17

* /CALL /FOR /PAPERS * /CALL /FOR /PAPERS * /CALL /FOR /PAPERS *
* /CALL /FOR /PAPERS * /CALL /FOR /PAPERS * /CALL /FOR /PAPERS *


Hail Hackerz !!!!

Kami, echo|staff, yang sedang mempersiapkan echo|zine, Vol 5 Issue 16
mengajak Anda semua untuk dapat berpartisipasi dengan mengirimkan
artikel seputar:

* hacking
* security
* phreaking
* forensics
* carding
* electronics
* cryptography
* local underground news

Panduan menulis artikel dapat dibaca kembali pada echo|zine, Vol 3
Issue 11

Para kontributor dihimbau untuk mengirimkan artikel sedini mungkin
untuk menghindari konflik pemilihan topik dan memudahkan editor
memandu dan mengoreksi artikel. Selain itu, artikel yang dikirimkan
diharapkan bukan merupakan artikel terjemahan/saduran dan belum pernah
dimuat di media lain.

Usulan artikel harus dikirimkan ke ezine@echo.or.id
================

Important dates:
* submission deadline ......................... 07 Juni 2007
* author release .............................. 25 Juni 2007
* public release .............................. 07 Juli 2007


Salam,

echo|zine editor-in-chief®