Search This Blog

Sunday, August 24, 2008

Get your free 120 days Windows Home Server Trial now

Its available even for international order now! Grab it at :
http://www.microsoft.com/windows/products/winfamily/windowshomeserver/countries.mspx

Saturday, August 23, 2008

Enabling Hibernation in Windows Vista

For desktop, in some cases, Hibernation has been disabled. There are many reasons why this is so including BIOS settings etc... However, there is a way to set it on if you are sure you want it and it works.

First, you have to ensure its not already on. Look for the file Hiberfil.sys. If you use the Disk Cleanup function, sometimes this file is delete and Hibernation, as a result, is turned off.

If the file is missing, do this :

1. Click Start, and then type cmd in the Start Search box.
2. In the search results list, right-click Command Prompt, and then click Run as Administrator.
3. When you are prompted by User Account Control, click Continue.
4. At the command prompt, type powercfg.exe /hibernate off, and then press ENTER. Actually I found that powercfg /h on will work too.
5. Type dir c:\hiberfil.sys. You should see the file now.
5. Type exit, and then press ENTER.

Then, obviously, if you want to turn it off, replace the on with the off.

Now, the next step is that if you have not reboot, the hibernation function is not yet enabled on you shutdown menu in Vista. And if you are stuck with a damn long process which can be paused, but cannot be resumed if you restart.. then its time to force a hibernation immediately.

To do that :
1. Click Start, and then type cmd in the Start Search box.
2. In the search results list, right-click Command Prompt, and then click Run as Administrator. Note that it may or may not need administrator rights to hibernate the computer.
3. When you are prompted by User Account Control, click Continue.
4. At the command prompt, type shutdown.exe /h, and then press .

Oh, you have pressed. There it goes. If for any chance you want to abort the shutdown, just execute shutdown.exe /a. This is a damn good way to do debugging for the RPC worm if you remember.

Thursday, August 21, 2008

Gundam 00 Season 2

More information has been release on the official web site :
http://www.sunrise-anime.jp/news/gundam00/

I am quite anticipating the season and really looking forward to see how the story will unfold. But (SPOILER) one thing is for sure, all the C.B. pilots survived. Its just 1 plus month away.

Tuesday, August 19, 2008

Creative use of CVE-2008-2281 and Evilgrade Demo



Here is the demo I mentioned a while back but have not gotten the time to upload it. I had split the demo into 2 sections. Like how a magician does it. The first one here you will see what will happen, but not how it is done. In another post later, I will show you how it is done and why this is happening.

Sunday, August 17, 2008

任潔玲 ~ 我們有沒有愛過



I remember losing sleep in camp during the night waiting for this MTV to come on and its usually the last one cos its No 1 on the charts. Well, its still a classic.

大海 ~ 张雨生



This is the original by 张雨生. I am sure we miss his voice. This is one song I will not attempt so that I can keep a good memory of it. And, btw, I can't unless its down a few octave... :P

大海 ~ 楊培安



从那遥远海边慢慢消失的你
本来模糊的脸竟然渐渐清晰
想要说些什麽又不知从何说起
只有把它放在心底

茫然走在海边看那潮来潮去
徒劳无功想把每朵浪花记清
想要说声爱你却被吹散在风里
猛然回头你在那里

如果大海能够唤回曾经的爱
就让我用一生等待
如果深情往事你已不再留恋
就让它随风飘远
如果大海能够带走我的哀愁
就像带走每条河流
所有受过的伤
所有流过的泪
我的爱
请全部带走

This song was one of my favorite originally by the late 张雨生. I am happy to see that 楊培安 has sang it very well indeed. This song does bring back memory of a story at a certain seaside on a rainy night...

三国志全日本超级动画主题 《风姿花传》~ 谷村新司



風は叫ぶ人の世の哀しみを
星に抱かれた静寂の中で
胸を開けば燃ゆる 血潮の赫は
共に混ざりて大いなる流れに

人は夢見る ゆえにはかなく
人は夢見る ゆえに生きるもの
嗚呼 嗚呼 誰も知らない  
嗚呼 嗚呼 明日散る花さえも

固い契り爛漫の花の下
月を飲み千す宴の
君は歸らず殘されて伫めば
肩にあの子の誓いの花吹雪   

人は信じて そして破れて
人は信じて そして生きるもの
嗚呼 嗚呼 誰も知らない
嗚呼 嗚呼 明日散る花さえも

国は破れて 城も破れて
草き枯れても 風は鳴き渡る
嗚呼 嗚呼 誰も知らない
嗚呼 嗚呼 風のその姿を
嗚呼 嗚呼 花が傳える
嗚呼 嗚呼 風のその姿を

风呜咽,低诉人间愁怨;
夜寂静,怀揽繁星满天;
心胸开,热血有如烈焰;激流汇,化作洪流闪电。

梦中人,渐已入梦;梦中梦,人生如梦;
呜呼 呜呼 谁人知晓?呜呼 呜呼 明朝花落多少?

花烂漫,见证无悔誓言;共举杯,同饮月影一片;
望君还,孤独伫立此间;花已残,化雪轻洒我肩。

人有信,而言无信;有信人,为信而生;
呜呼 呜呼 谁人知晓?呜呼 呜呼 明朝花落多少?

国已破,城亦陷,枯草黄,风呜咽。
呜呼 呜呼 谁人知晓?呜呼 呜呼 风姿如此窈窕。
呜呼 呜呼且问飞花。呜呼 呜呼 风姿如此窈窕…

Tuesday, August 05, 2008

Disgaea - Afternoon of Darkness End Save

This great remake of the PS2 Disgaea for the PSP is really worth taking a look especially if you are a big fan of SLG like Jeanne D' Arc etc. Anyway, go check it out, but you will realized to get all the endings involves multi replay, killing over 200 levels of extras etc... I decide that someone out there will want this.

This package includes all 9 endings (Etna Story ending as well). Just unpack them and read the DOAD.txt in the main directory and put the rest into your PSP where saves are.

Hope this help you see all the ending without having to go through what I had done for you. Please leave me a comment here when you download ok?

Disgaea End save :
http://rapidshare.com/files/134899145/Disgaea.rar

Friday, August 01, 2008

Creative use of CVE-2008-2281 and Evilgrade

I was working my ass off to try and get CVE-2008-1447 up for demo. However, I am still quite unable to execute it within a reasonable time. I sure hope they have better luck than me at Blackhat 2008. But to talk about the ends of the means, I find out there was a much much easier way to execute DNS hijack without using CVE-2008-1447. Yes, the treasure is CVE-2008-2281. And yes, its still NOT fixed even today! Works for all your favorite IE6, IE7 and IE8. I would want to shoot down Firefox eventually, but for now. This will have to be it...

Well, what I am going to demo here is not state-of-the-arts and neither it is 0-day. Well, at least the vulnerability is not 0-day, but the way to make use of this sure is... :) CVE-2008-2281 is just a less critical or low vulnerability. But combine with the newly release Evilgrade (well, I could had done it with my own web server too, but why waste time on things that others had already done up for you?).

A bit of background on the 2 things I will use here. CVE-2008-2281 is referred to as the Print Table of Links vulnerability. I will put up some links about this at the end of this. But in short, this affect you when you print using IE6,7,8 (beta for now) and under options, select "Print Table of Links". By far, only librarian uses them as far as I know.

The second thing I use is call Evilgrade. In short Evil upgrade. It can emulate upgrade servers of popular software from Java, Winzip to many others. Windows Updates is not possible due to the signing of the package. (For Now). So I guess you already know what I am going to do...

Well, keep guessing. But I will release my video soon as soon as I get the recording working.

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008 nemesisv.blogspot.com, All rights reserved.