Clean Your Mac OS X from the Ads Injecting Malware

If you’re suffering from an ads injecting malware like this one:

Usually it is a black box showing at the button of any website you visit form any browser: Safari, Chrome, Firefox.
Don’t try to remove a plugin or extension. This malware is not a browser add-in.
I have wrote a tiny bash script to run in your mac and it will clean your system.
You can download it form here – just run it as sudo.

You can easily view the source of the script by opening it in your fav text editor.

credits: Thanks to this guy here who mentioned the process name and how to clean it.

Read More

Mixing different RAM Sizes in One Computer

Can you install different sizes of RAM into a single motherboard and it will still work? Yes you can!
There a tiny tricks you will need:

  1. Make sure you’re buying same speed/voltage/non-ECC sticks.
  2. When installing them install them in this way:   || Slot#1:[1GB+512Mb] || Slot#2:[1GB+512Mb] ||

I tried to install them in other order but all my tries have failed. The only thing that worked is installing them in the order I mentioned above.

~ Happy upgrading.

Read More

Attacking Attackers to Protect a WordPress Website

I have previously demonstrated how to protect wp-admin and wp-login files in word-press website.
I wanted to do more. Something like: Attacking those attackers.

What Crashes Browsers?
What crashes applications is what hackers call: Buffer Overflow Exploit. Hackers use them to take control of applications/browsers to gain full system access later on. More about buffer-overflows here.
We are not interested to take control of the attacker’s system; Although that will be very ‘cool’ – maybe the next stage? 😉
We are more interested to stop them i.e: Crash their browsers, fuzzing and brute-force tools.

Results.
Amazingly I was able to reduce attacks from 4000~ to around 70 only!

What is happening behind the scenes?

Read More

Redirecting domains / requests to external domain without changing URL

If you want to mask requests of an external domain using your domain. You can use this two lines into your Apache conf file (under virtual hosts)
Use [P] flag to create a proxy-tunnel from your main domain to the external domain.

Rewrite On
RewriteRule ^(.*) http://domainOrIP/$1 [P]

[P] is for Proxy – hence your proxy modules have to be enabled:
ln -s ../mods-available/proxy* /etc/apache2/mods-enabled/

Also enable slotmem
ln -s ../mods-available/slotmem_* /etc/apache2/mods-enabled/

Restart apache
service apache2 restart

Et Voila!

Read More

HashClipper – The Fastest Online NTLM Hash Cracker

Inspiration
I simply wanted to create my own -fast- NTLM hash cracker because the other ones online are ether dead, not maintained, obsolete, or the worst one: a rip off.
Of course the greatest inspiration was this:

Intro
NTLM is the hash mechanism used in Windows. It’s usually what a hacker want to retrieve as soon as he/she gets into the system.
Cracking NTLM hashes can also help normal users or administrators to retrieve a password without having to reset it.
Please refer to

Read More

[Fixed] error while loading shared libraries: libcrypto.so.0.9.8

quick fix: copy the libraries from your program folder (including libcrypto) into your /lib/ folder) => cp lib* /lib/

Read More

How Is Ubuntu Spying on You and What to do about it

Intro
I was lately surprised by my new ‘Ubuntu Server’ computer connecting back to a strange IP address: 91.189.92.11 on port 443! I immediately started investigating the case and did a whois lookup on the IP address to discover that the IP points to this domain productsearch.ubuntu.com – a page that will display a 403 Forbidden Error.

What is productsearch.ubuntu.com?
So apparently according to this website: If you’re an Ubuntu user and you’re using the default settings, each time you start typing in Dash (to open an application or search for a file on your computer), your search terms get sent to a variety of third parties, some of which advertise to you. Ubuntu should protect user privacy by default. Since it doesn’t, you can use the code to the left to disable the parts of Ubuntu which are invasive to your privacy.

You can also read more about Ubuntu 3rd parties: http://www.ubuntu.com/privacy-policy/third-parties

Read More

Linux on Dell Inspiron 6400 – WiFi Issues and How to Solve Them


I have this Dell Inspiron 6400 ^ since my freshman year and I recently decided to revive it and use it as an Ubuntu Server. Unfortunately I faced a major issues with my WiFi, and I decided to share how did I overcame them.

Read More

Single Instance C# Application

While I was developing Auto CCleaner I faced a problem with allowing only one instant of the application. I found many solutions (using mutex) and others, but it didn’t work or it was inefficient. What I needed is a simple, easy, and efficient method. Hence I used little help from .NET Process class as follow:

I added this block to initialize (load) function:

Tada! Only a single instance is allowed now.
_
note: You need to add: using System.Diagnostics; at the beginning of your cs file.

Read More

Blocking Tor Traffic to Your Server

You’ve seen before how I got targeted by thousands of brute force attempts and how I mitigated the attacks earlier in this post; however, I wanted to do something better and more efficient. A filter at the firewall to block all these attempts from even establishing a basic TCP connection with the HTTP server.

The Problem
One major problem is that these attempts were not coming from a single IP address. Attackers will use TOR to hide themselves and to have different IPs to over-come the first obstacles that is: blocking the attacker’s source IP address.

Read More