Malaysia HandPhone Number Reverse Wordlist Generator

// Save as MalaysiaWirelessWordlistGenerator.java
// The difference between this wordlist and the old version is generated wordlist will be
// in reverse order. 0179999999 - 0170000000.

**
* This wordlist generator brought to you by:
* KaibaTheLegacy "The Elite Blog For All"
* http://kaibathelegacy.blogspot.com
*
* This generator has been coded by me (KaibaTheLegacy) .
* This code is protected under
* GNU Public Licence by Free Software Foundation.
*
* This code is given by me for free by meaning of freedom
* and price. You are prohibited to sell my wordlist
* generator source code. If you modified this code,
* please credit me and please give your code free
* to others too.
*
* This code is absolutely NO WARRANTY. Use this code
* at your own risk. Neither the programmer or anybody
* else responsible
* for any damage regarding to this code.
*
* KaibaTheLegacy 2008. Copyleft and Free/Libre Open Source Software
* No Copyright in Islam. Feel Free to share.
* Sharing is not a crime
* because sharing is caring.
*/

/**
* @author KaibaTheLegacy
*
*/
import java.io.*;
import java.text.DecimalFormat;
public class MalaysiaWirelessWordlistGenerator {

/**
* @param args
*/
public static void main(String[] args) {
// TODO Auto-generated method stub
PrintWriter out=null;
try {
out
= new PrintWriter(new BufferedWriter
(new FileWriter
("WirelessReverseWordlist017.txt")));
//The output will be stored in WirelessWordlist017.txt
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

DecimalFormat df = (DecimalFormat) DecimalFormat.getNumberInstance();

df.setMaximumIntegerDigits(7);
df.setMinimumIntegerDigits(7);
df.setGroupingUsed(false);
String phoneNumber = "";

/*Change the value of i according
* to your country phone number
* system.
*/
for (int i=9999999;i>=0;i--) {
phoneNumber= df.format(i);
out.println("017" + phoneNumber);
/*019 is extension for a Malaysian
* mobile phone company
*/
out.flush();
/*Don't remove out.flush()
* or your computer may hang due to
* large memory consumption.*/
}
out.close();
System.out.println("Finished!!!");
/*Finished!!! will be appeared in console
* after your wordlist generation session
* complete. It will take a long time if
* you will generate a large wordlist.
*/
}



}

Songs by Junko Takeuchi

Junko Takeuchi (竹内 順子, Takeuchi Junko^?, born April 5, 1972 in Saitama) is a seiyū.

As of 2005, Takeuchi is employed by Love Live.

Taking a well-trod path by many female seiyū, she often voices young male characters with generally very quirky and goofy personalities. Her two most notable recent roles are in Naruto, where she plays the main character, Naruto Uzumaki, and in Hunter x Hunter as Gon Freecss.

Source: http://en.wikipedia.org/wiki/Junko_Takeuchi

I like her voice for

• Naruto Uzumaki and Akamaru in Naruto
• Gomamon in Digimon Adventure and Digimon Adventure 02
• Takuya Kanbara/Agnimon/Vritramon/KaiserGreymon in Digimon Frontier

Here, I share some of her song that I like to listen to:

uzumaki_naruto_-_touki_fighting_spirits.mp3

Gyu-ru-ru

Naruto ondo

Acer Aspire 4520 Wireless Driver Failed On Intrepid

I tried to compile wireless driver for my PC Acer Aspire 4520 and it doesn't went well. First I think it because of incomplete installation of build-essential package but the package is successfully installed on Ubuntu Intrepid Ibex.

MAybe, it's time for me to reinstall Ubuntu Hardy Heron.

Ubuntu Intrepid Ibex is Coming

Ubuntu Intrepid Ibex is coming. Let's download. I still downloading it and I will write more about Intrepid after I installed it on my PC.

The Pirate Bay Live at HITB SecConf 2008 Kuala Lumpur Video

You can download above video at this link

Mirror 1

Malaysian Mobile Phone Number Wordlist Generator

Save this code as MalaysiaWirelessWordlistGenerator.java

/** * This wordlist generator brought to you by: * KaibaTheLegacy "The Elite Blog For All" * http://kaibathelegacy.blogspot.com * * This generator has been coded by me (KaibaTheLegacy) . * This code is protected under * GNU Public Licence by Free Software Foundation. * * This code is given by me for free by meaning of freedom * and price. You are prohibited to sell my wordlist * generator source code. If you modified this code, * please credit me and please give your code free * to others too. * * This code is absolutely NO WARRANTY. Use this code * at your own risk. Neither the programmer or anybody * else responsible * for any damage regarding to this code. * * KaibaTheLegacy 2008. Copyleft and Free/Libre Open Source Software * No Copyright in Islam. Feel Free to share. * Sharing is not a crime * because sharing is caring. */   /** * @author KaibaTheLegacy * */ import java.io.*; import java.text.DecimalFormat; public class MalaysiaWirelessWordlistGenerator {       /**      * @param args      */     public static void main(String[] args) {         // TODO Auto-generated method stub         PrintWriter out=null;         try {              out              = new PrintWriter(new BufferedWriter                      (new FileWriter                     ("WirelessWordlist019.txt")));              //The output will be stored in WirelessWordlist019.txt         } catch (IOException e) {             // TODO Auto-generated catch block             e.printStackTrace();         }           DecimalFormat df = (DecimalFormat) DecimalFormat.getNumberInstance();                  df.setMaximumIntegerDigits(7);         df.setMinimumIntegerDigits(7);         df.setGroupingUsed(false);         String phoneNumber = "";                  /*Change the value of i according          * to your country phone number          * system.          */         for (int i=0;i<=9999999;i++) {          phoneNumber= df.format(i);         out.println("019" + phoneNumber);         /*019 is extension for a Malaysian          * mobile phone company          */         out.flush();         /*Don't remove out.flush()          * or your computer may hang due to          * large memory consumption.*/         }             out.close();         System.out.println("Finished!!!");         /*Finished!!! will be appeared in console          * after your wordlist generation session          * complete. It will take a long time if          * you will generate a large wordlist.          */          }                           }

SquareNumbers.java : Solution for Al-Khawarizmi 08,Question A (UPDATED)

Sorry for late submission of this article which I promised long ago to publish it.

Questions of Al-Khawarizmi 08 can be viewed here:

http://www.scribd.com/doc/6403834/alkhawarizmi08

Questions of Al-Khawarizmi 08 can be downloaded here:

http://www.usaupload.net/d/1f40e9jjzl7

/** * @author KaibaTheLegacy * My modified ICPC Al-Khawarizmi 08 Question A * solution in Java. Refer to Original question for * more details. * * My team (USIM Spyjak) solved only this question * during the competition. ;-) */ import java.util.*; public class SquareNumbers { /** * @param args */ public static void main(String[] args) { // TODO Auto-generated method stub int a,b,sum=0,c[] = new int [10000]; //Create an array contain of 10000 elements. for ( int i=0; i<c.length;i++) { c[i] = i*i; //Create array of square numbers from 1^2 to 10000^2 } /* Another interesting use of Scanner to read from file java SquareNumbers <> create text.txt with this format: 1 20 1 50 1 36 0 0 */ Scanner s = new Scanner (System.in); while (s.hasNext()==true) { sum=0; a=s.nextInt(); b=s.nextInt(); if (a==0 && b==0) {System.exit(0);} //if a and b are 0, the program will terminate for (int i =a;i<=b;i++) { /*Using binary search to find whether i is a square number or not. if true Arrays.binarySearch(c,i) >=0 if false, Arrays.binarySearch (c,i) < 0 */ if (Arrays.binarySearch(c, i) >=0) { sum++; } } System.out.println(sum);} } }

Hacker Quote of The Day 3

"Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months."

— Clifford Stoll (U.S. author)

The true computer hackers follow a certain set of ethics that forbids them to profit or cause harm from their activities. (Kevin Mitnick)

Who hack for profit and financial gains are criminals, not hackers! - Kaibathelegacy

The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards. (Gene Spafford)

Hack is knowledge , knowledge is free. - lubuntu HM

DigimonSpirit.net : A Vast Resource for DigiFans

Hi Readers!

I rarely promote other site in my blog. For Digimon die-hard fans, DigimonSpirit.net is truly amazing. From audio to digimon movie. I myself get some difficult-to-google digimon mp3s from this site.

Bye! Time to go back to real world!

Hacker Quote of The Day 2

"Hackers Are Not Smart, It is Admin who is too stupid not to patch." - Kaibathelegacy

"Some called me criminal, but I'm just a tester. Some called me vandal, But I'm just a hacker." - Kaibathelegacy

There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government. (Bruce Schneier)

Hoaxes use weaknesses in human behaviour to ensure they are replicated and distributed. In other words, hoaxes prey on the Human Operating System. (Stewart Kirkpatrick)

Hacker Quote of The Day 1

"Lamer ask people, Hacker ask Google" - Kaibathelegacy

"Don't Learn to Hack, Hack To Learn"- Darknet

"Knowledge without tool made you feel, Tools without knowledge made you in jail."

Short Biography of Muslim Cryptanalyst: Al-Kindi

Introduction

Al-Kindi was born in Kufa to an aristocratic Kindah family, which had migrated there from Yemen. His full name was Abu-Yusuf Ya`qoub ibn `Ishaq ibn al-Sabbah ibn `Omran ibn Isma`il al-Kindi

(Arabic: أبو يوسف يعقوب ابن اسحاق ابن الصّبّاح ابن عمران ابن اسماعيل الكندي‎ transliteration: Abū-Yūsuf Ya'qūb ibn Isḥāq ibn as-Ṣabbāḥ ibn 'Omrān ibn Isma'īl al-Kindī).

His father was the governor of Kufa, and al-Kindi received his first education there. He later completed his studies in Baghdad, where he was patronized by the Abbasid Caliphs al-Ma'mun and al-Mu'tasim. Because of his learning and aptitude for study, al-Ma'mun appointed him to House of Wisdom (بيت الحكمة) in Baghdad, a recently recognized centre for the translation of philosophical and scientific texts. He was well known for his magnificent calligraphy, and at one point was employed as a calligrapher by al-Mutawakkil.

Contribution to information security

Al-Kindi was a pioneer in cryptography, especially cryptanalysis. In modern times, cryptography is considered a branch of both mathematics and computer science, and is affiliated closely with information theory, computer security, and engineering.

Cryptography is used in applications today in technologically advanced societies; examples include the security of ATM cards, computer passwords, and electronic commerce, which all depend on cryptography.

He gave the first known recorded explanation of cryptanalysis in
رسالة في إستخراج المعمة" "(Manuscript on Deciphering Cryptographic Messages). In particular, he is credited with developing the frequency analysis method whereby variations in the frequency of the occurrence of letters could be analyzed and exploited to break ciphers (i.e. cryptanalysis by frequency analysis).

This was detailed in a text recently rediscovered in the Ottoman archives in Istanbul, A Manuscript on Deciphering Cryptographic Messages, which also covers methods of cryptanalysis, encipherments, cryptanalysis of certain encipherments, and statistical analysis of letters and letter combinations in Arabic. This manuscript is also first known recorded explanation of cryptanalysis was given by Al-Kindi.

"Encipherments of letters divided into two parts" is among technique of cryptography introduced by Al-Kindi. The other method was the most fundamental technique for a cryptanalyst, frequency analysis.

Frequency analysis is the basic tool for breaking most classical ciphers. In natural languages, certain letters of the alphabet appear more frequently than others; in English, "E" is likely to be the most common letter in any sample of plaintext which is 13% of all letters.

Similarly, the digraph "TH" is the most likely pair of letters in English, and so on. Frequency analysis relies on a cipher failing to hide these statistics. For example, in a simple substitution cipher (where each letter is simply replaced with another), the most frequent letter in the cipher text would be a likely candidate for "E".

No doubt that Al-Kindi is a role-model for Muslim computer scientist especially to those who are involving in information security. It is not impossible for Muslim security professionals and cryptanalysts to become 21st century Al-Kindi by decipher and discover flaws in most recent technology in cryptography like Public-Key Cryptography and Quantum Cryptography.

References

http://www.muslimheritage.com/topics/default.cfm?ArticleID=372 accessed 28 August 2008

http://www.muslimheritage.com/day_life/default.cfm?ArticleID=691&Oldpage=1 accessed 28 August, 2008

http://www.muslimphilosophy.com/hmp/XXI-TwentyOne.pdf accessed 28 August, 2008

http://en.wikipedia.org/wiki/Cryptanalysis accessed 28 August,2008

History of Cryptography, http://cam.qubit.org/articles/crypto/intro.php accessed 28 August,2008

Louis Kruh 2004. ARABIC ORIGINS OF CRYPTOLOGY. Cryptologia 28, no. 1 (January 1): 60-62. http://www.proquest.com/ (accessed August 28, 2008).

O WRIGHT 2006. Al-Kindi's braid. Bulletin of the School of Oriental and African Studies. University of London 69, no. 1 (February 1): 1-32. http://www.proquest.com/ (accessed August 28, 2008).

PETER ADAMSON 2006. VISION, LIGHT AND COLOR IN AL-KINDI, PTOLEMY AND THE ANCIENT COMMENTATORS. Arabic Sciences and Philosophy 16, no. 2 (September 1): 207-236. http://www.proquest.com/ (accessed August 28, 2008). KAIBATHELEGACY: I myself would like to be the next Al-Kindi in the future. Insha Allah (God Willing). This post is actually my second assignment for History and Philosophy of Science.

PATCH YOUR JOOMLA NOW!

Joomla "token" Password Change Vulnerability

Critical:
Moderately critical
Impact: Security Bypass
Manipulation of data
Where: From remote
Solution Status: Vendor Patch

Software: Joomla! 1.x

Description:
d3m0n has reported a vulnerability in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.

The vulnerability is caused due to improper access restriction in components/com_user/models/reset.php. This can be exploited to bypass the authentication mechanism and change the password of the user with the lowest ID (typically the administrator), without having valid user credentials.

The vulnerability is reported in all 1.5.x versions prior to 1.5.6.

Solution:
Update to version 1.5.6.

Provided and/or discovered by:
d3m0n

The vendor credits Marijke Stuivenberg.

Original Advisory:
Joomla!:
http://developer.joomla.org/security/...re-password-remind-functionality.html

d3m0n:
http://milw0rm.com/exploits/6234

Source Advisory:
http://secunia.com/advisories/31457/

[Cited From http://gcert.mampu.gov.my/index.php?option=com_content&task=view&id=209&Itemid=1]

[GCERT-042008] Kelemahan pada aplikasi Joomla! 1.5.x - Administrator Remote Password Reset

Written by Administrator

Thursday, 14 August 2008

GCERT telah menerima makluman bahawa terdapat kelemahan pada aplikasi Joomla! versi 1.5.x yang digunakan oleh beberapa laman web agensi kerajaan yang terdedah kepada ancaman password reset bagi akaun Administrator secara jarak jauh. Kelemahan tersebut akan membolehkan kata laluan bagi 'Administrator' diubah dan seterusnya membolehkan penceroboh menukar maklumat yang terdapat pada laman web berkenaan. Penceroboh juga berupaya untuk memasukkan backdoor ke server berkenaan dan seterusnya mendapat kawalan penuh terhadap server web tersebut. Nama kelemahan : Joomla "token" Password Change Vulnerability Versi Berisiko : Semua aplikasi Joomla! CMS versi 1.5.0 - 1.5.5 Tarikh Dikesan : 12 Ogos 2008 Tarikh Penyelesaian : 13 Ogos 2008 Kaedah Serangan Penceroboh boleh reset kata laluan bagi akaun pertama yang masih aktif (kebiasaannya adalah akaun Administrator) Kesan Serangan Penceroboh akan login sebagai Administrator dan berupaya membuat pelbagai perubahan termasuk mengubah kandungan laman web, mencipta akaun pengguna yang baru, memuatnaik backdoor, memasang perisian bot, dll. Penyelesaian 1. Menukar (rename) akaun (login ID) 'Administrator' ke nama yang lain. 2. Menukar (rename) folder 'administrator' ke nama yang lain. 3. Menaiktaraf Joomla! CMS ke versi 1.5.6 atau audit source code bagi fail 'reset.php' Maklumat Lanjut Untuk maklumat lanjut, sila layari: 1. http://developer.joomla.org/security/news/241-20080801-core-password- remind-functionality.html 2. http://secunia.com/advisories/31457/ 3. http://gcert.mampu.gov.my/index.php?option=com_content&task =view&id=209&Itemid=1

PROMED: My Opinion and Suggestions

Peace be upon all of you, Readers!

PROMED @ CS 08 tried to follow some of ACM-ICPC concept but I think there are lot of aspects that should be improved.

• They should explain clearly in the contest rule about the IDE that will be provided during the contest. Instead of Java (JDK 1.5), they should mention Java (Eclipse/NetBeans IDE) in the contest rules to clear misunderstanding of participants who used Java to think that they are only allowed to use Notepad while C++ participants can use MS Visual C++!
• They should provide Eclipse IDE too because most of Java developers preferred Eclipse more than NetBeans.
• I don't know whether the judges have their own solution and answers in Java because Java and C++ treat floating number differently. If I'm wrong please informed me.
• The lab condition: They should place the monitor at the centre of the table. They have two computers per table, why not using dual-monitor cloned view?

End of my views and opinion about this year PROMED and my first time joining PROMED. Feel free to give comments on my opinion and If you think I should listed more,fell free to tell me too.

KaibaTheLegacy Offline For A While

Peace be upon all of you, my blog readers! I will be at UITM Shah Alam for PROMED 08 Programming Contest this Sunday. So I will not be around this weekend.

For those who doesn't know what the hell PROMED is can visit PROMED Official site. Wish me for the Best.

P/S: I chose USIM AK47SUKI as my programming team name. What's your opinion?

Your DNS Server Might Be Vulnerable!!!

Copyright Computerworld, Inc. Jul 14, 2008

IF YOU'RE a hard-core IT security wonk, you already know about this. If not, go to Doxpara.com right now and click on the button that says "Check my DNS." That will run a simple test to tell you whether your name server appears to be vulnerable to DNS cache poisoning.

No, really - right away. Doxpara.com. Go. Now. We'll wait.

Did the test say that you're vulnerable? Then you've got work to do.

Did it say that you're not? You've still got work to do.

Here's why: Early this year, security researcher Dan Kaminsky discovered a design flaw in the Internet's Domain Name System, which translates names like Computerworld.com uito IP addresses such as 65.221.110.98.

Kaminsky didn't find a bug in one DNS implementation. He found a vulnerability that's designed into every DNS server. That's right - they're all broken. Microsoft's version. And Cisco's. And BIND, which is widely used on Unix and Linux servers.

The design flaw allows an attacker to hijack domain names. Put simply, a victim would never know where the Internet was taking him. E-mail could be redirected. Web sites could be spoofed. Everything on the Internet is at risk if an attacker takes over the DNS.

How do you fix a fundamental design flaw that affects the entire Internet? Answer: You can't. So you don't. Instead, you find a way to make the design Saw much, much harder to exploit.

Kaminsky contacted Paul Vixie, who has been responsible for the BIND DNS server since 1988. Vixie called together the top DNS experts. In March, they secretly started work on the job of patching every major DNS implementation. Not with a fix - that would be impossible - but with a work-around.

On July 8, they all rolled out their patches at the same time (see story, page 12). Microsoft. Cisco. AT&T. Sun. Red Hat. The BIND guys. Everybody.

This is not "a patch" to fix "a bug." This is a wake-up call for virtually the whole IT industry. The entire Internet needs fixing. Yes, right now. And that includes every corporate network and every ISP.

Here's the good news: Because the flaw Kaminsky discovered is so baked into DNS, because it literally can't be fixed, the only good way to block it is to make it really hard for attackers to do anything bad to a DNS server. That's what last week's patches do.

As a result, those patches protect you not only from the design flaw Kaminsky discovered, but also from lots of other bugs that have been found over the years - and from bugs that haven't yet been discovered. It's the biggest and most effective Internet security fix ever.

You want these patches on your DNS servers. You need them. If you're a CIO or an IT manager and you failed that test at Doxpara.com, you should start asking your networking guys when you'll no longer be vulnerable.

If you didn't fail the test, don't get cocky. Sure, the DNS server you're using is good. But are all of your network's DNS servers safe? What about the DNS servers of ISPs that your users connect to when they're on the road or working from home? What about business partners who connect to your systems across the Internet? They all need fixing.

And it won't all be as simple as testing and installing patches. Some older DNS servers haven't been patched. They'll need upgrades. Yahoo, for example, uses BIND Version 8. There's no patch for that, so Yahoo is upgrading its entire infrastructure.

See? There's work to do. Get to it. Now. Don't wait for the bad guys to figure out how to exploit this DNS flaw.

Because once they do, they won't wait for you.

Frank Hayes is Computerworld's senior news columnist. Contact him at/ranfc_hayes@ computerworid.com.

[Sidebar]

This is not 'a patch'to fix 'a bug.' This is a wake-up call for virtually the whole IT industry. Frank Hayes 2008. Fix DNS Now. Computerworld, July 14, 48. http://www.proquest.com/ (accessed August 7, 2008).

DarkTyrannomon Wallpaper

DarkTyrannomon : A Little Description

Type: Dinosaur

Attribute: Virus

Level: Champion

Attacks: Fire Blast, Iron Tail

Also called: DarkTyranomon

Digivolves from: BlackAgumon, ClearAgumon, DemiDevimon, Gazimon, Gizamon, Monodramon, Tapirmon, Terriermon

Digivolves to: MasterTyranomon, MetalGreymon, MetalTyranomon, Myotismon, SkullSatamon

Dark Tyrannomon was among the evil Digimon that Gatomon recruited to help Myotismon take over the real world in Episode 35 of Season 1.

In Season 2, the Digimon Emperor attempted to use several DarkTyrannomon to stop SkullGreymon's rampage, but they were all easily defeated by the mammoth beast.

Since it is so difficult to find DarkTyrannomon pictures with acceptable resolution, I uploaded DarkTyrannomon pictures here from snapshot of Digimon Adventures fansub (sorry for eyesore subtitle on these pictures).

ICPC Al-Khawarizmi 08 at IIUM

Assalamualaikum and Peace Be Upon all of you,

On 2nd-3rd July 2008, I went to International Collegiate Programming Contest (ICPC) Al-Khawarizmi 08 at International Islamic University of Malaysia (IIUM).

My university, Islamic Science University of Malaysia (USIM) for the first time, send 2 teams, Team A and Team B to this competition. Azuan (example010), Abrari, and Syazwan are Team A. Al-Hafiz,Aizat, and Aizuddin (me) are in Team B.

1st Day of ICPC

From right (standing): me, example010, Al-Hafiz, Abrari, Syazwan, spyjak

1st day,in the morning,registration time. We are the earliest participant who arrived at the venue. Then, every participant was introduced to all according to university in the Main Hall. At 2.00 pm, a mock test held to make us familiar with the ICPC OnlineJudge System and PC2.

2nd Day of ICPC - The Contest!

The contest day. My team only able to solve 1 question only (Square Numbers, the easiest question but a few team cannot solved it at all and accepted by the judges). I think it's OK for us, first timers. I will upload my solution and Al-Khawarizmi 08 questions later and also my comment and how to solve few questions that I discover the way after this competition.

Welcome To KaibaTheLegacy Blog

Assalamualaikum and peace be upon all of you,

I (Flaming Firestonez a.k.a. Kaibathelegacy) decided to start blogging about Information and Communication Technology (ICT) , regarding to security like computer security, ICT events like International Collegiate Programming Contest (ICPC), and Anime like Digimon Frontier, Naruto, and Fullmetal Alchemist; just to name a few.

I use kaibathelegacy as my nickname at many forum including Lowyat.Net, Veoh and others.

Comments are welcomed. Please made it short and clear. Comment moderation is enabled but I respect your rights to voice out. Any vulgar words must be censored or avoided. Out of topic and personal attacks comment will not be entertained at all.

“7H3 1337 8LO6 PH0R 4LL” means an elite guide that easy to understand by all. So, I try to write and made my blog simple and easy to understand by everybody. I may explain a little bit about ICPC and about my experience during ACM-ICPC Al-Khawarizmi 08 at Islamic International University of Malaysia recently.

See you soon, Readers!