Xanda's Blog !~!

Weekly Summary : SCTV Cup and Blackhole Exploit Kit v2

Sep
14

2 of the events that will be highlighted in this “weekly summary” are SCTV Cup and Blackhole Exploit Kit v2.

Earlier this week, there was a football match between Malaysia (under 22) and Indonesia (under 22) for the SCTV Cup 2012. Malaysia won the match with 1-0, and I was expecting “yet another soccer related war” gonna happen. But again, just like my previous expectation on the Merdeka day, it didn’t happen. I hope, kiddies from both countries are now matured enough and could move to more serious matters. Congrats for the winner (Malaysia U22) and for the ‘armies’ of both countries.

Blackhole Exploit Kit v2 has been released this week. malware.dontneedcoffee.com did a writeup on the release announcement and not so long after that, a few samples ware found in the wild. The most noticeable changes (from my view) was the URL pattern. So a minor tweak need to be done to the signature pattern. I’ve performed deobfuscation to the obfuscated javascript of Blackhole v2.0 and manage to do it with no harm. Old school method still works 😉 If you need detail discussion on this Blackhole v2, you may refer to write by SpiderLabs and by malware.dontneedcoffee.com

I’ve decided NOT to share any Yara rules anymore (including for this Blackhole v2.0), since based on my previous rules posted, I don’t get enough response & feedback from the users. So I’ve change the game plan, where I will only release it to some of the private groups and SIG (special interest group) mailing list. If you need to get the feeds, kindly drop me an email at adnan.shukor @ G!

 

That’s all for this week.

Thanks

[img source]

Introducing MyEja – Bahasa Malaysia dictionary for spell-checking in Firefox and Thunderbird

Mar
04

After 3-4 hours struggling to make it public so here we go.. MyEja, the Bahasa Malaysia dictionary for spell-checking in Firefox and Thunderbird

The open-source Firefox Add-on MyEja for spell-checking supports Firefox and Thunderbird platform-independently. It is based on the OpenOffice Extension “Kamus Bahasa Malaysia (Malay Dictionary)”. The contents of the dictionaries are untouched and is in original state in the initial release of MyEja . The latest versions of Firefox and Thunderbird are also supported. MyEja was founded by me and it is the second initiative project from Mozilla Malaysia Community.

Looking forward for the approval from Mozilla Add-on Team.. The add-on is accessible at https://addons.mozilla.org/en-US/firefox/addon/myeja/

Protected: Favorite Speed Trap Locations in Malaysia

Nov
04

This content is password protected. To view it please enter your password below:

General Info , , , Enter your password to view comments.

DontPhishMe

Apr
21

DontPhishMe is an anti-phishing addon for Mozilla Firefox that utilizes pattern matching technique to provide the Malaysian Internet user with information and notification to protect them against online banking phishing website that is specifically targeting financial institutions in Malaysia.

[More info HERE]

0day on TM Billion ADSL Modem/Router

Feb
06

Quick update

Here is my short update. I was playing around with the ‘nice’ modem and I found 2 vulnerability

1) Remote code execution
2) DoS

Tested on Firmware Version : 2.10.5.0(UE0.C2C)3.7.6.1

I’m looking forward to play around with Riger Corporation’s modem that came with “Enhanced by TM R&D Malaysia” label on it 🙂