Accounts Security V
Concerning Internet use at public spots & Password by Sequence
A Password Security Related Article by Calvin Limuel a.k.a. r3ck0rd
It’s been a long time since I last posted in Zoiz’ blog. Still the same topic, and it’s already the fifth! Covering internet usage at public hotspots and sequenced passwords. Here are the tips for this time: Read the rest of this entry »
Maybe you like playing in Game Arenas such as Amazone or TimeZone. And I found this vulnerability in those game arenas.
Different from the article before, this vulnerability may only be found in some game centers of TImeZone / Amazone (Not all vulnerable to this).
When Lebaran Holiday came, my mother suggested my grandma to go to Bandung and Puncak then asked all of my relatives to join us. On the 3rd day of our trip, we arrived in Puncak and go to one factory outlet that is called Brasco or Kampoeng Brasco. I only went there with my aunties, uncle and cousins.
My aunties asked us (me and my cousin) to just wait in a game center called Space Zone. “It will only take a few minutes”, my aunties said. My uncle joined my aunties to buys T-shirts and other things. So, my cousin and I was there, alone.
Ok, so we go around without doing anything (because we had no coin at that time) and just have a chat together. We keep talking and walking until we found two basketball game machines.
When my cousins keep talking, I thought a brilliant idea (because I was fed up with that place). I asked my youngest cousin to push the ball that is inside the web or wall with his small finger and It works! The ball started to move from its place! Here’s the pic:
Okay so now it has been out from its place then, my cousin that really likes basketball take the ball and throw it. So, we have nothing to do (again). So, I asked my cousin to do the same thing that he had done before. So, it was my turn! I shoot it and yeah, we’ve nothing to do (again).
Then, a man with his child played that game. We just looked at them who played it happily 
They played that game for 2 times. After they had no coin anymore, without asking or did anything, my cousin pushed the wall that protects or keep the ball inside and they had one more chance to play it for free!
Wow! They just surprised then play together (without any thanks 
() and when I asked to push the wall again, it didn’t work anymore. I think it’s all because he didn’t push the wall on the right time .
Those vulnerabilities seem won’t work in all TimeZone (but it may work in other location of TimeZone). By the way, here’s the pic of my lovely cousin that helped a lot:
Thanks!
ymm0t
Accounts Security Part IV
A Password Security Related Article by Calvin Limuel a.k.a. r3ck0rd
Howdy ho! Has it been a loss since my previous post about Accounts Security? Did you enjoy my previous posts about your accounts’ security? Have you done those tips? You haven’t? OK I haven’t done those too (some, but not the same mistake hehe 
). Well then, finally the fourth part, eh? And I hope you enjoy this post. Containing, maybe not so fresh, because may be discussed outside somewhere, or taken from a portion of an article in my blog, but helping tips for you to workout. Happy securing!
First of all, this post is for Indonesian therefore will be written in Bahasa Indonesia. Sorry for English readers 
Para pengunjung blog yang terhormat, pernah merasa bingung tidak pada saat memilih mobil? Misalnya memilih merek, memilih model, dan tentunya memilih harga. Pada saat ini, terdapat banyak sekali merek mobil seperti Toyota, Honda, Mitsubishi, Hyundai, dan lain sebagainya. Tetapi pilihan saya tetap mobil Toyota, selain sparepart gampang didapatkan, juga keawetan mesin sudah teruji. Dan paling penting harga resell (harga seken) juga ga jelek sekali lah 
4 tahun lalu saya membeli mobil Toyota Corona, harganya sekitar Rp. 58.000.000 dan beberapa saat dulu saya jual, tau ga harga pasarannya berapa? Rp. 74.000.000,- Naik sekitar Rp. 16.000.000,-. Hehehe. Yup, karena pada saat saya membeli FTZ masih berlaku, sedangkan pada saat saya jual kemaren FTZ sementara dicabut, sehingga harga mobil Ex Singapore naik drastis. Lumayan kan?
Sekarang bingung juga nih karena ingin meng-kredit atau menyicil mobil baru tapi bingung mau pilih yang mana diantara 3. Ada 3 model mobil yang akan saya bahas disini, yaitu : Read the rest of this entry »
It’s been a while since I last post here about Account Security part III. Now, this is about Friendster. Friendster again? Am I not bored? Of course I do, it’s my fun! Hacking is for fun, don’t you think so? Of course you don’t if you have already made hacking as a job. It’s no fun anymore, isn’t it? It’s about work. Or if someone still say it’s fun whether it’s a job or not, glad to hear that! 
OK to the point. Monday when I have a trip to Tanah Lot in Bali, my friend ymm0t called me and send me his advisory. It’s about Friendster’s log out problem. Well, I found it earlier than him, but never thought of writing this.
Have you ever given a link by someone, that is, http://profile.friendster.com/logout.php? Or it’s after you view someone’s profile (http://profile.friendster.com/r3ck0rd for example). After you click it, you’ll see the logout page. But when you go to the home page of Friendster, you’ll see you haven’t logged out from Friendster. What’s going on?
This is my deduction, and ymm0t may not know this. You were logged out. But not from www.friendster.com. Only from profile.friendster.com. It’s a fatal fault for the user if they log out after they view someone’s profile by clicking the link above right. It reset the cookie of profile.friendster.com, but did not reset the cookie of www.friendster.com.
So what’s all the babbling about? Haven’t get it? Right here’s a scenario. If you were browsing on Friendster, and viewing someone’s profile, then you were forced by your friend to press the log out link at the top bottom, or you were told by your friend to go to profile.friendster.com/logout.php, because your friend wants to use it. Well after the “You have been logged out” text showed up, then you give your friend turn to use the computer. The fact is, if your friendster… I mean if your friend is naughty, as you haven’t been logged out from www.friendster.com, he can still access your account. And do something bad. Like putting a bad code to your profile maybe to steal your friends’ cookies, and your account may be banned for containing that code.
This short? Yeah this short. Short and easy to take over one’s account right? Lucky you if you access Friendster from your own PC or notebook at home. What if, in the internet café? Where the computers you use are shared computer. So, here are the problem solver:
- After you logout anywhere in Friendster, make sure you check out www.friendster.com too. Recheck always.
- It’s recommended to log out from the home page. friendster.com.
- If it’s not helping, just install a cookie editor plugin for your browser and just delete all the cookies from Friendster.
- Remember, “just click log out and good bye” may not enough.
It’s not reported yet, but I’ll be reporting it to the Friendster Team.
By the way, after Th0R read this, he mentioned about CSRF. I don’t know what he meant but I’m thinking about sending my friends this link or just put a CSRF in my FS Profile like this:
<img src=”http://profiles.friendster.com/logout.php” alt=”logout” />
It’ll be kinda annoying huh (may I implement it here?)
All credits to: ymm0t for reminding me this. And Th0R for the CSRF idea.
GreetZ to:
- All SATE, HackingForte, and Ha.ckwith.us members. You’re all my support in growing my hacking activity.
- IndoForum members. You may dislike me or not because I’m still one of them, but this forum is the place where I grow up too.
- BayPas staffs and members, thanks for entrusting me to be the technician.
- Most of all, Jesus for keep giving me my breath.
Original Link: http://reckord.info/friendster/friendster-bug/81.friendster-logout-problem.html
Update 05/07/2008:
Disclaimer: The copyright above is for the text, not the bug. We never claim this as my own bug found. I don’t know if someone has reported this anywhere, because it’s an easy thing to found.
Thu.2008.6.19
r3ck0rd
Hackers.web.id is a newly formed and independent computer security consultant which operates in Indonesia & Australia. They dedicated to Information Technology Security Industries and set their main goal to provide the ultimate security assessment discipline to improve the Web Application Security.
Hackers.web.id has a combining of 15 years of experience in IT Security Industries and their contribution to the security industries is acknowledgeable. Such as internal consulting to Yahoo7 Inc., the Biggest ever Zero-Day Vulnerability Report in Indonesia history, advisories to some of world’s biggest social community network such as Friendster, and also Web Application Security Assessment to several International IT Companies.
Hackers.web.id provided an one-stop Web Application Security consultations and services to fit your company needs. Please visit their home page for more information.
SQL Injection sounds outdated? No, SQL Injection is a very common vulnerability that existed long time ago, and also many people know how to do it. But not everyone out there knows where to find all SQL Injectable hole. I’ll point out some :
Accounts Security Part III
For Web Developers and Programmers Guide and Technological and Technical Security
A Password Security Related Article by Calvin Limuel a.k.a. r3ck0rd
2nd Revision, 20080422 – by r3ck0rd
Finally, third episode of this serial! Despite in the middle of home works, school projects, web design preparation for a competition, writing my own book “Behind the Scenes of XSS, RFI, and SQL Injection”, other Gastrote and hacking projects, Vocal Group Competition preparation, and any other things I have to do. But I still want to write more.
Yes in this third part, I changed the serial name and this is the final name: Accounts Security. And I’m extending this serial for web developers and programmers (marked with the 4 WDev&P™ or “For Web Developers and Programmers™” logo).
1. For Web Developers and Programmers™ Configuration File
Configuration file is where you put your sensitive data for a web application. Such as database login details. Don’t just save it in *.inc. Because .inc extension is just an extension and a standard, few people still doing this. .ini files too. So it can be downloaded directly, easily. I recommend give a protection like, adding an extra .php extension (like config.inc.php), forbid direct access through .htaccess and PHP, and encode the file. Read the rest of this entry »
For Indonesian Visitor : Kenapa pakai Trick saya dari pada menggunakan Web Proxy seperti Anonymouse.Org? Karena Koneksi Melalu HTTP Tunneling memungkinkan kita untuk meng-Kompresi data yang akan ditransfer sehingga bisa browsing lebih cepat.
If you are one of the Indonesian ISP users, you might have problem accessing http://youtube.com. I am not sure what actually happened (as I know that YouTube.com have some videos that Indonesian Government ban).
From my small research, I found out that Indonesia ISP deletes youtube.com Name Server record from all DNS’. You can regain your access, of course by changing your secondary DNS into this : 12.127.17.83.
How to do it :
Open your Network Setting. Right click and select property. In Internet Protocol list menu, click configure. And type in the DNS I provided into the secondary DNS. Now you can access YouTube.com!
Note : Correct me if I am wrong
Update 8th April 2008 :
The DNS trick seems to be not working anymore, but you can still access those block sites by using HTTP Tunneling. If you don’t know how to do it, here’s a simple one :
1. Download PuTTy.exe from here : http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
2. Open Command Prompt and change your directory to where you save the PuTTy.exe. And type this command :
putty -P 222 -N -D 9999 -C net@cepat.abangadek.com
3. A windows will pop up, and you are required to type in a password. Enter : cepat123
4. Follow the instruction from the image below : Read the rest of this entry »