Posted: October 13th, 2009 | Author: xanda | Filed under: IT Related | Tags: convert, ow.ly bit.ly, ruby, shorten url, tinyurl | 4 Comments »
You might worry to visit directly to a shorten URL because who knows it may contain some malicious script/code
I’ve found a solution “Python: Convert those TinyURL (bit.ly, tinyurl, ow.ly) to full URLS” in stackoverflow.com but the code is in Python.
Here is how you can perform the conversion in Ruby
#!/usr/bin/ruby
require 'net/http'
def ConvertToFull(tinyurl)
url = URI.parse(tinyurl)
host, port = url.host, url.port if url.host && url.port
req = Net::HTTP::Get.new(url.path)
res = Net::HTTP.start(host, port) {|http| http.request(req) }
return res.header['location']
end
puts ConvertToFull('http://bit.ly/rgCbf') #here is how you can call the function. Thank you Captain Obvious! |
#!/usr/bin/ruby
require 'net/http'
def ConvertToFull(tinyurl)
url = URI.parse(tinyurl)
host, port = url.host, url.port if url.host && url.port
req = Net::HTTP::Get.new(url.path)
res = Net::HTTP.start(host, port) {|http| http.request(req) }
return res.header['location']
end
puts ConvertToFull('http://bit.ly/rgCbf') #here is how you can call the function. Thank you Captain Obvious!
**UPDATED on 19/10/2009**
I’ve work on a more complete version which can determine Shorten URL or Full URL and return the full URL for the shorten URL.. email for for the code 😉
Posted: October 9th, 2009 | Author: xanda | Filed under: IT Related | Tags: 2009, crayon, ctf, d3ck4, hitb, hitbsecconf | No Comments »
First of all, congrats to d3ck4, crayon and the team..
Hurm.. HITBSecConf 2009.. Personally, nothing much.. I was disappointed with Mark Dowd and Saumil’s presentation (yeah.. maybe i’m expecting too much) but somehow Wes Brown, METASM and Google’s guy fixed my day..
Enjoy spending some time outside of the office, meeting people (and old friends), (_NOT_ really) learn new stuff..
Anyway.. Itu lah apa yang berlaku..
Posted: October 9th, 2009 | Author: xanda | Filed under: IT Related | Tags: 0day, acrobat, adobe, clientside, CVE-2009-3459, javascript, pdf | No Comments »
Nothing much but YES to agree with Didier Stevens with his statement:
PDF + JS = OMG
Yerp.. there is another vulnerability (CVE-2009-3459) in Adobe Reader and Acrobat today (GMT +8) and so far it is still 0 day..
*panic panic* What to do?
- Disable JavaScript support in Adobe Reader and Acrobat
- Enable DEP (for Windows)
- Use NoScript
- Use alternative PDF reader like Foxit, Gnome Document Viewer, yada yada..
- Don’t be a lame by opening unknown PDF attachment
Posted: October 2nd, 2009 | Author: xanda | Filed under: IT Related | Tags: antivirus, browser attack, free, malware, microsoft, Microsoft Security Essentials, virus | No Comments »
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.
(Microsoft, 2009)
To me, it is a “better have than not” security product.. I thing that attract me is the browser (only IE) exploitation shield.
Download and install now
For more info, click HERE
*Update*
“MS Security Essentials test shows 98% detection rate for 545k malware samples” (ZDNet)