SQL Injection sounds outdated? No, SQL Injection is a very common vulnerability that existed long time ago, and also many people know how to do it. But not everyone out there knows where to find all SQL Injectable hole. I’ll point out some :
Every morning, I’d open ha.ckers.org to see if there’s anything new. But this morning I was a little bit shocked when I opened it. It displayed a WordPress Database Connection Error. What is happening? I don’t know. Hope RSnake will fix this soon 
Here is the screenshot :
This Might Be The Biggest Ever Zero Day Vulnerabilities Reported in Indonesia From the View of it’s Impact.
Register.net.id is a .id domain registrar of Indonesia. It provided Indonesia webmasters domains at affordable prices (But I got this domain for FREE – promotion period only!! 
). Since it’s a domain registrar site, so it can be considered as a very important site in Indonesia. It serves webmasters in Indonesia for their .id domains need with approximately more than 40.000 active domains, which is a huge number.
One of the term to apply a .id domain is that user must upload his/her personal information thingie like Personal Identity Card, NPWP, SIUP, SITU, etc. Depend on what kind of TLD he/she wanted. For example, to request a .web.id domain, an user must upload his/her Personal Identity Card (KTP). And so are other kinds of TLD.
Continue reading »
For Indonesian Visitor : Kenapa pakai Trick saya dari pada menggunakan Web Proxy seperti Anonymouse.Org? Karena Koneksi Melalu HTTP Tunneling memungkinkan kita untuk meng-Kompresi data yang akan ditransfer sehingga bisa browsing lebih cepat.
If you are one of the Indonesian ISP users, you might have problem accessing http://youtube.com. I am not sure what actually happened (as I know that YouTube.com have some videos that Indonesian Government ban).
From my small research, I found out that Indonesia ISP deletes youtube.com Name Server record from all DNS’. You can regain your access, of course by changing your secondary DNS into this : 12.127.17.83.
How to do it :
Open your Network Setting. Right click and select property. In Internet Protocol list menu, click configure. And type in the DNS I provided into the secondary DNS. Now you can access YouTube.com!
Note : Correct me if I am wrong 
Update 8th April 2008 :
The DNS trick seems to be not working anymore, but you can still access those block sites by using HTTP Tunneling. If you don’t know how to do it, here’s a simple one :
1. Download PuTTy.exe from here : http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
2. Open Command Prompt and change your directory to where you save the PuTTy.exe. And type this command :
putty -P 222 -N -D 9999 -C net@cepat.abangadek.com
3. A windows will pop up, and you are required to type in a password. Enter : cepat123 Continue reading »
4. Follow the instruction from the image below :
Do you know or have you ever used ZoneAlarm, a product from Check Point Software Technology?
ZoneAlarm is one of the most secure brands in End User Internet Security software. It’s developed by Check Point Software Technology Company. It protects over 60 million PCs from viruses, spy-wares, hackers and identity thefts. The award-winning Internet Security product line is installed in end users PCs and small businesses, protecting them from Internet threats.
Although Check Point Company provides Internet Security service, but their web system is not 100% secure at all. I have found some critical vulnerabilities even on their own official site!!
Continue reading »
Inspired by RSnake article titled : “Click a Link, Go To Jail”, I wonder if we will go to jail by simply opening a page? I am not sure whether that will gonna happened or not. But my conclusion says maybe Yes! CSRF will be the answer.
Continue reading »
Recent Comments