http://www.krakowlabs.com/lof.html
Tuesday, April 07, 2009
Tuesday, March 10, 2009
Wednesday, February 04, 2009
ZeroWine sanbox
I was excited when I read this blog last week.
Yesterday, I downloaded the required files, but was very busy with other tasks.
Today, I was able to make it work, and here's the screenshot:
Sweet :)
Note:
Some minor edit:
In the blog, the author mentioned about:
"vi /etc/udev/rules.d/z25_persistent-net.rules"
I just followed what other reader did:
"delete the previous line of generated entry, i.e. eth0 and rename eth1 to eth0"
Today, I was able to make it work, and here's the screenshot:
Sweet :)
Note:
Some minor edit:
In the blog, the author mentioned about:
"vi /etc/udev/rules.d/z25_persistent-net.rules"
I just followed what other reader did:
"delete the previous line of generated entry, i.e. eth0 and rename eth1 to eth0"
Thursday, January 15, 2009
Dont mess with password stealer malware
When you're analyzing malware, make sure you're not connected online.
One time, I was analyzing a password-stealer malware, that (expectedly) collects cache passwords and other retrievable user accounts, before sending them to the presumably, hacker's server.
Gathered (read:hacked) credentials ranging from facebook, linkedin, banks, webmails, router and other accounts.
Take a look..you're user accounts might have been included:
One time, I was analyzing a password-stealer malware, that (expectedly) collects cache passwords and other retrievable user accounts, before sending them to the presumably, hacker's server.
Gathered (read:hacked) credentials ranging from facebook, linkedin, banks, webmails, router and other accounts.
Take a look..you're user accounts might have been included:
Tuesday, January 13, 2009
How To Disable USB autorun?
Some posted ways to disable usb autorun to avoid the pesky autorun malware.
Pick you choice:
http://support.microsoft.com/kb/823732
http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html
http://hack5.blogspot.com/2008/04/one-simple-solution-to-all-those-usb.html
http://blog.ashfame.com/2008/03/disable-usb-autorun-save-pc-usb-viruses/
http://www.sizlopedia.com/2008/03/18/disable-usb-autorun-to-save-pc-from-usb-viruses/
http://antivirus.about.com/od/securitytips/ht/autorun.htm
http://www.raymond.cc/blog/archives/2008/04/22/stop-windows-from-executing-instructions-found-in-autoruninf/
Pick you choice:
http://support.microsoft.com/kb/823732
http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html
http://hack5.blogspot.com/2008/04/one-simple-solution-to-all-those-usb.html
http://blog.ashfame.com/2008/03/disable-usb-autorun-save-pc-usb-viruses/
http://www.sizlopedia.com/2008/03/18/disable-usb-autorun-to-save-pc-from-usb-viruses/
http://antivirus.about.com/od/securitytips/ht/autorun.htm
http://www.raymond.cc/blog/archives/2008/04/22/stop-windows-from-executing-instructions-found-in-autoruninf/
Chromium comic
..its about google's crome browser's architecture, process isolation, yada yada!
Friday, January 02, 2009
How to clean virus infection?
Some "alternatives" on fighting malware infection:
> http://www.claymania.com/removal-trojan-adware.html
> http://www.malwarebytes.org/index.php
> http://www.pctipp.ch/index.cfm?pid=1411&pk=28470
> http://www.claymania.com/removal-trojan-adware.html
> http://www.malwarebytes.org/index.php
> http://www.pctipp.ch/index.cfm?pid=1411&pk=28470
VS2K8 toVS2K5
Not really into coding these days, so I dont know how to convert sln from VS2008 to VS2005, until I found this script from google code:
<----------------------
#! /bin/sh -e
# This script downgrades MSVC 2008 projects to MSVC 2005 projects, allowing
# people with MSVC 2005 to open them. Otherwise, MSVC 2005 simply refuses to
# open projects created with 2008. We run this as part of our release process.
# If you obtained the code direct from version control and you want to use
# MSVC 2005, you may have to run this manually. (Hint: Use Cygwin or MSYS.)
for file in *.sln; do
echo "downgrading $file..."
sed -i -re 's/Format Version 10.00/Format Version 9.00/g;
s/Visual Studio 2008/Visual Studio 2005/g;' $file
done
for file in *.vcproj; do
echo "downgrading $file..."
sed -i -re 's/Version="9.00"/Version="8.00"/g;' $file
done
# Yes, really, that's it.
<----------------------
Of course, there could be other ways, but, as simple as this?!? :)
<----------------------
#! /bin/sh -e
# This script downgrades MSVC 2008 projects to MSVC 2005 projects, allowing
# people with MSVC 2005 to open them. Otherwise, MSVC 2005 simply refuses to
# open projects created with 2008. We run this as part of our release process.
# If you obtained the code direct from version control and you want to use
# MSVC 2005, you may have to run this manually. (Hint: Use Cygwin or MSYS.)
for file in *.sln; do
echo "downgrading $file..."
sed -i -re 's/Format Version 10.00/Format Version 9.00/g;
s/Visual Studio 2008/Visual Studio 2005/g;' $file
done
for file in *.vcproj; do
echo "downgrading $file..."
sed -i -re 's/Version="9.00"/Version="8.00"/g;' $file
done
# Yes, really, that's it.
<----------------------
Of course, there could be other ways, but, as simple as this?!? :)
Tuesday, December 30, 2008
Koobface
I've traced and analyzed some variants of the infamous KoobFace worm, but I've seen this analysis from ThreatExpert pretty complete:
http://blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html
http://blog.threatexpert.com/2008/12/how-to-defeat-koobface.html
http://blog.threatexpert.com/2008/12/koobface-leaves-victims-black-spot.html
http://blog.threatexpert.com/2008/12/how-to-defeat-koobface.html
Subscribe to:
Posts (Atom)
Posts
