All in one

world meet RockMelt

2010-11-18T01:53:00.000-08:00

courtesy (blog.rockmelt.com)

RockMelt blog: "World, Meet RockMelt
Hello Interwebs! The rumors are true… starting today, we’re offering access to an early version of RockMelt, a new browser designed around you and how you use the Web. "

Live wallpapers to give life to your Android homescreen

2010-11-18T01:46:00.000-08:00

Live wallpapers to give life to your Android homescreen: "Live wallpapers to give life to your Android homescreen
3172 viewsTaylor Martin - 8 hrs ago | More by this editor
Aside from hundreds of neat, useful widgets, one of the most unique features of Android is the ability to set live wallpapers on your homescreen. They keep your device fun, fresh, and most importantly, cool to show off. In the Market there are hundreds, if not thousands of neat live wallpapers. I've tried out a lot of them and found quite a few that I really like.
One quick side note: A lot of people are concerned that live wallpapers, being in constant motion, will have adverse effects on battery life. The truth is, the majority of them do not. That doesn't mean a poorly developed wallpaper won't suck the juice right out of your phone, but most of them will not cause any noticeable difference in the length of your battery life. If you're afraid your battery will drain, try one out while you're sitting around the house one day. If it does, revert back to a normal wallpaper or try another to see if it's just that specific wallpaper before you write them off entirely.
With that being said, here are a few of my favorite live wallpapers to use:"

Use internet through PPPOE

2009-10-01T10:14:00.000-07:00

hi
this is all bsnl broadband user's.those are having a user id and password provided by bsnl
finally i found the way to use internet in Bsnl ADSL connection in Backtrack3 and also in Bactrac4

here we go..................................................................................

1st for BT3 users

1.for vmuser's change their ethernet mode to bridged mode
2.type pppoe-setup then press enter
3.give your username
4.type DNS name:server
5.rest just press enter no need to configure
6.then finaly give your password
we are done about config part

then save it

1.type:pppoe-start
after conformation of connected
then type :ifconfig
you will find both eth0 and ppoe

it's done use internet and njoy

now for BT4 user's

1.type:apt-get install pppoe
2.after the installation
3.type:/etc/init.d/wicd start
4.then kmenu->inetrnet->wicd network manager
5.if it is connected to any eth0 card make it disconnect
6.type:pppoe-setup
7.same as BT3 follow the procedure
8.after configuration type:pppoe-start
njoy internet in BT4

tags:BT3 pppoe,BT3 pppoe bsnl,backtarck pppoe configuration,BT4 pppoe,BT4 pppoe bsnl,

Official Gmail Blog: Updates to attachments: multi-select and progress bars

2009-02-26T09:08:00.000-08:00

Official Gmail Blog: Updates to attachments: multi-select and progress bars

Is Anti-Virus is safe??????

2008-10-21T10:05:00.000-07:00

What we think after installation of an Anti-virus in a system............that we are safe now....are we think again..

Now i'm going to show you some back side truth of Anti-viruses.

• Why can AV be targeted
• Finding vulnerability of Antivirus
• Exploiting Antivirus
• Few words
• Future work

Why Can AV Be Targeted - Continue
• Antivirus is a common component
– Over 80% of people are using antivirus software [Reference-8]
• Cross-platform exploitation
– As great as the Java and Adobe vulnerabilities
• Antivirus is error-prone

Why AV is error prone?
• User input (files being scanned) is totally unpredictable
• Too many format to deal with
– How can AV process hundreds of formats correctly?
• Lots of the vulnerabilities exist in the following major
components of Antivirus engine:
�� Unpack
�� Decompression

!!!!!!!!!!!!!!!!!!!!!Finding vulnerabilities of Antivirus!!!!!!!!!!!!!
Audit Antivirus
• Local Privilege Escalation
• ActiveX
• Engine
– Source code audit
– Reversing
– Fuzzing
• Management

Audit – ActiveX Control
• Installed by Antivirus product; Free Online Scan
Service; Download Manager
Problems:
• Insecure Method: Design error
– CA – SigUpdatePathFTP()
– Kaspersky - StartUploading()
• Buffer Overflow
– Symantec, CA, Authentium, RAV, etc

Audit – ActiveX Control
Fuzzing and Manually audit
• AxMan Script fuzzer for memory corruption
• ComRaider GUI fuzzer for memory corruption
• OleView Manually audit ActiveX
• FileMon File Operation
• RegMon Registry Operation
• TCPview Port, Network connection
• Wireshark Sniff network traffic

Audit – Engine
Most of the Engine problem exists in the Format Parsing
• Memory Corruption
– Stack overflow, Heap overflow, Memory Access/Modification
• Denial of Service
– CPU (Most of the AV vulnerable to ZIP/CHM processing
problem in the past)
– DISK Space (NOD32 will eat 4GB disk when scanning a
malicious ARJ file, which is only 1kb, no patch yet)
• Detection Bypass

Audit – Engine: Source Code
• Must have access to the source code
• Time consuming
• Open Source ClamAV is the best one for practice
– 49 CVE matches
• Tools: FlawFinder, RATS ,ITS4, SPLINT, CodeScan,
Coverity

Audit – Engine: Reversing
• Reverse the file format plugin one by one!
– Kaspersky: Arj.ppl base64.ppl cab.ppl lha.ppl rar.ppl
– Bitdefender: arc.xmd arj.xmd bzip2.xmd cab.xmd
docfile.xmd
• Typical: Memory allocation, string copy, integer
wrapper
Advantage:
– Effective against all Closed Source AV
– Can uncover more subtle vulnerabilities
Disadvantage:
– Extremely time consuming
– Tools: IDA, Hex-rays

Audit – Engine: Fuzzing!
• Few people thought about fuzzing Antivirus
• Few Antivirus fuzzer published
– Vxfuzz – Taviso
– nrun’s private Fuzzer-Framework v1.0
– My in-house script, and yours
• Fuzzing Antivirus is easier than most of the other
fuzzing
• Even a dozen lines script could uncover many
exploitable vulnerabilities!
Audit – Engine: Fuzzing!
What we need?
• Good samples
– rar, zip, chm, arj, lha, lzh, tar, tgz, doc, xls, upx, fsg, more
– CreateARJ, MakeCAB, WACE, WinZIP, WinRAR, PowerISO,
various PE packers, Google (filetype:xxx)
• A big hard disk.
– For test case
• Debugger
– Windbg, Ollydbg, Immunitydebugger
• Fuzzer
– Original fuzzer is actually a File generator
– Script language: Python/Perl/C
– May need to deal with the CRC
Audit – Engine: Fuzzing!
How? 4 steps
• Create test case.
– By using the script you wrote, samples created
– 0xFFFFFFFF, 0xFFFF, 0x0000, 0x0001, etc,
• Download the trial version AV and install
• Scan! Do not forget to start the debugger
• Go to Sleep: Leave your computer fuzzing

Audit – Engine: Fuzzing!
Demo 2
Fuzzing Mcafee Antivirus for 0day ;)

Audit Result
By auditing the mainstream Antivirus Engine, we have
found and published:
• AhnLab AV Remote Kernel Memory Corruption
• TrendMicro AV UUE Decoding Format String
Vulnerability
• Avast! AV TGZ Parsing Heap Corruption
• Mcafee AV BZIP2 Parsinig Memory Corruption
(working with vendors)
• NOD32 Heap Overflow (unpublished,0day)
• More upcoming