spoonfork

Maxis??? Hellooooooo?

So friends been SMS-ing me today - but I didn't received any. I thought it was phone problem. Rebooted the hand phone, still no new SMSes. I already paid all my bills. So WTF Maxis?

Sunburst International Music Festival 2008, Bukit Kiara, Kuala Lumpur

Last week I went to Sunburst Internation Music Festival in Bukit Kiara, Kuala Lumpur. Here's what happened:

1:45 pm - Found parking in front of the entrance to Bukit Kiara Equestrian Club

2:45 pm - Gates opened. Kanineh. They said gate will open at 2. Abuden, each place in KL has its own timezone. Kanineh.

3:15 pm - First show - Gerhana Ska Cinta. Sucks big time. And they only play for like, 45 minutes. WTF???

3:20 pm - Second show - Gigi. Memang best giler diarong punya show. Gempak siot. In my opinion, they're the best performer that day. Rock sial.

4 something - Third show - Pop Shuvit. Watched a few performances, then decided to go minum beer cause I was thirsty. Plus it started to rain

5 something - Hujan lebat sial. I decided to take photos of the tuborg girls. Semua tak choon, body pun flat, but....

Almost 6 - Eated burger. Eated some other food. Had two more beers.

6 something - Watched George Clinton. Memang rock sial. I mean, if there's someone that you should watch live, watch George Clinton. He's like, 70 years old and still can funk! Go watch him if you can before he like, yanno, kong.

8 something - Watched Joe Flizzow. Tak rock sangat

9 something - The Roots!!!! Best giler sial. Memang best. The Roots was the only motivation for me to spend RM200 for Sunburst. The Roots!!!!

9:30 something - received an SMS saying that UMNO will try to invoke non-Malays to incite riots. WTF.

10 something - drove home

11 something - had maggie goreng at Devi's corner in TTDI. Man U vs Derby game was on

12 something - reached home. At first, wanna go see Uncle St Patrick and drink Stout, but I was damn tired.

12 something - check if security.org.my got kena hack. phew nothing happened.

12 something - went to sleep

Photos here.

I, Lazy

I've been very lazy in updating this blog. This is because I spend most of my time at security.org.my, blogging about the Malaysia security scene.

Listening to: Portishead - Mysterons

Migrating from Wordpress to Serendipity

For years, this blog has been powered by Wordpress. Prior to this, it was running on a custom weblog engine written by myself. That particular engine lacks quite a number of features, especially spam protection. Everyone else was using wordpress, so i joined the bandwagon. Until now. For years, wordpress have been plagued with security vulnerabilities, and updating it has become such a chore. Besides, I live in the constant fear that this blog will defaced/hacked almost everyday due to the fact that it was running wordpress. So now, I've changed to Serendipity. One of the main reason for choosing Serendipity is that security.org.my has been running on it since July 2007. Since that time, there have been 3 critical vulnerabilities in Wordpress, and Serendipity has one XSS vulnerability in one of its plugin. That is more than enough motivation for me to migrate. Secondly, I like Serendipity's plugins. Installing, deinstalling and updating is damn easy via admin page.

Now for those of you who wants to migrate from Wordpress to Serendipity, Serendipity provides an export function in the admin page. It is very straighforward, everything is imported without any hitch.

bashing the shell

I've been writing quite a large amount of shell scripts for the past few days. Here's are some tips that might be of help.

1. debugging

The simplest way to step through the execution of your shell script is to provide it with the -x option. For example: sh -x myscript.sh

2. array

Yes, shell script can do them. To create an array:

foo=("apple" "orange" "lemon" "durian")

Another example of creating an array automatically:

NETDEVICES="$(cat /proc/net/dev | awk -F: '/[0-9]:/{print $1}')"

To iterate through the array, a for loop will do:

for DEV in $NETDEVICES; do
    echo -n "$DEV"
done

a=1
b=2
c=$(( $a + $b))

shell script however, does not support decimals. For this, I use awk with printf:

a=1.1
b=2.2
c=$(echo $a $b | awk '{printf("%s", ($1+$2))}')

5. string concatenation

a="takizo"
b="memang"
c="handsome"
d=$a" "$b" "$c

a="takizo"
b="memang"
c="handsome"
d=${a}" "${b}" "${c}

6. manipulating IFS
IFS stands for internal field separator (or something like that). Example:

a="paul|memang|handsome"
IFS="|"
echo $a

This will replace the IFS with spaces. Of course, for the above, you can use awk:

a="paul|memang|handsome"
echo $a | awk -F | '{ printf("%s %s %s", $1, $2, $3) }'

7. return codes
use $?. Example:

cat /etc/passwd
echo $?
cat /etc/password
echo $?

8. other shell special vars
These are also good for debugging. Try them out for yourself too see what they actually output. Example:

#!/bin/sh
echo "ARG: $1 $2 $3 $4"
echo "script name: $0"
echo "num args: $#"
echo "pid: $$"
echo "options: $-"
echo "args: $*"
echo "args: $@"
echo $?

Gimp.app: Fixing Random Crashes on OS X Leopard

In this post at the security.org.my blog, I outlined a fix for fixing random crashed of Wireshark on OS X Leopard.

Apparently, after replacing the Leopard-shipped Xquartz, Gimp.app 2.4-rc3 no longer crashes as well! Sweet!

To the driver of WMD 6468, you are a true Malaysian asshole

See how this car is blocking the exit. Repeated honkings later, I gave up. I had to reverse all the way back to use another exit.

Related: BGB 1009 is an asshole

Viagra 70% X-Mas special, courtesy of your friendly Anti Corruption Agency Website

You can read all about it here.

These other posts, should make a fun reading as well.

*.gov.my Porn Para-Sites

Using Google to Find Hacked/Defaced Malaysian Government Websites.

Enjoy!

robofest malaysia

it's on at PWTC from 27th - 30th November. information here. uh, they have a capture the flag game as well.

deepsec writeup, roboexotica

a short writeup here, deepsec photos here and roboexotica photos here.