How to Install Android on Virtual Machine

In this video i showed how to install Android on Virtual Machine . For this example i used VMware as my virtual machine.

F-Secure #Hackathon 2013

Last week F-secure Hackathon took place at F-Secure HQ located at Bangsar , Kuala Lumpur.

They ask us to design an application with use of their API's in 24 hours. During the brainstorming i decided to design a chrome extension that check the safety of URL's that user browse by using the URL Reputation API of F-secure. everything was good but unfortunately i was alone and didn't have any team member so i had to put more time on the project and the final outcome was not that much good that i expected But for F-secure innovation in using API's was really important.

My Google Chrome extension project abilities:

• Checking the safety of result of Google web search link (and showing the safety level by a green/orange/red) icon in front of each link.
• Showing the level of safety of current webpage by a small number between 1 to 5 on the icon of the extension.

Matlab Program to Watermark/ Extract/ Calc PSNR / Salt Attack (Steganography)

X. Write a Matlab program that received a host image (512x512). Embed an watermark image into host image by using;
i. Embed at 8th bit then check PSNR
ii. Embed at 7th bit then check PSNR
iii. Embed at 6th bit then check PSNR
iv. Embed at 5th bit then check PSNR

Test robustness by using salt and pepper with level 0.01 to 0.09.
Write another program to extract the watermark after the watermarked image has been attacked. Display the all the images produced.

For getting the best result PLEASE TRY ON GRAYSCALE BITMAP IMAGES !!!

Water Marking Program

clc;

bit=input('Please enter which bit you want to use for watermarking? (8 | 7 | 6 | 5)');

[filename1,pathname]=uigetfile('*.*','Please select the cover image');

'www.root25.com developed by Amir

img1=imread(num2str(filename1));

figure(1);

imshow(img1);  

[row,col]=size(img1)

area=row*col;

i=1;

SQL Injection To Traffic Camera System

ONLY SECURITY EXPERT KNOW WHAT IS GOING ON

Be Careful Download.Com Distribute Adware & Viruses Through Downloads

Be Careful Download.Com Distribute Adware & Viruses Through Downloads, I strongly recommend if you planned to download a software and the source of download is from download.com just stop it and look for another mirror of direct download of that software!

About one month ago i download a file from Download.com and few days ago i found out that my Facebook account start showing strange advertises on right top and left of Facebook page. that sounds suspicious so I double checked with my friend if Facebook add new advertise or not? after i understood these adds are not from Facebook , i got these advertises are injected to my browser pages. after Googling i found out it seems the files i downloaded 1 month ago was contain a virus.

DOWNLOAD.COM use its own downloader for downloading all files on your computer.The problem start from here that you can not download without Download.com downloader and the Downloader itself contain  a silent virus that later will install these Ad-wares to your computer. I believe they activate these after one month that user don't become suspicious to download.com .

These Ad-wares was in form of browser Add-ons that already was installed on my Google Chrome, Firefox , Internet Explorer. In my case the Ad-ware was installed with this name: "Deals Plugin Extension". and in some cases it was saw with this name : "Coupon Companion Plugin".

for cleaning this adware from Chrome:

1. Go to Extension section of Chrome and write the "extention ID" then navigate to following path and remove the directory with that specific ID.
   
   Windows XP:
   %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions
   
   Windows Vista/ Windows 7/ Windows 8:
    %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions
   
2. Remove "updater21804.exe" from following paths:
   C:/windows/system32/tasks
   C:/users/[username]/appdata/local/updater21804/updater21804.exe

for cleaning from the Firefox & Internet Explorer also you can goto the extension section and disable this extension.


Download.Com is part of CNET.

related posts:
http://forums.cnet.com/7723-7598_102-568380/coupon-companion-adware/
https://productforums.google.com/forum/?fromgroups=#!topic/chrome/0Ityy2YXKJY%5B1-25-true%5D

ModSecurity Log Auditing System in PHP (MSLA Project)

Light MSLA is a "Light Mod Security Log Auditing" tools that i wrote in PHP , it will import the log of Mod Security to a MySQL database and then using Google API's draw charts from the log file.
This project was part of Mod_Security Project that i did before.
The heart of this script is the "patterns.php" that include few regular expressions command , it will find parts that we need inside the log file and extract them.

You can download the Project from this link : DOWNLOAD (Inside the Google Drive Press Ctrl+S to download)


SETUP:

• Copy all the files inside the zip package into your server path.

• Create a database and import the "modsec_db.sql" file into your database.

• open config.php in a text editor and change the Database name,username,password,host and the Mod_security log path.

• run the Parser.php from your browser ( it might take some times it depends on how big is your log file)

• after the parser.php fully loaded and page become Done , open the index.php

• input the username and password as following for going into the dashboard.
  username:root25.com
  password:ssap25

• For drawing the graphs it need some times. 

""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
IMPORTANT: This script need internet access for drawing the charts because i use Google API's for the charts.
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
As i mentioned before this was a student project , so you can change any parts based on your own need.
the hardest part and heart of this script are the patterns inside the "patterns.php" that will help to
find and extract specific parts from the log.
"useragent.php" will extract the details of os and browser from the user-agent information in the log.

This video is also show you how to install and an example of the project.
http://youtu.be/bzWIi1W3rkY

This is the post about the "How to install Mod Security on Apache Step by Step for Beginners"
This is the post about the "How to implement Reverse Proxy & Mod Security"

How to Implement Reverse Proxy With Mod Security

This post is related to the project that i did with Mod_Security & Reverse Proxy , you can refer to this post that i already describe the details of "How To Install Mod_Security On Apache(Ubuntu 12.10) Step By Step Tutorial For Beginners".
In this post i will give the example configuration for the "reverse proxy" of the same project that i mention above:

First you need to run following command to install and enable the Reverse Proxy.
sudo a2enmod proxy proxy_http

Now you have to go to the following path for changing the configuration of the reverse proxy.
/etc/apache2/sites-available.

Change the content of file with following lines:

<VirtualHost *:80>
        ServerAdmin administrator@myexample.net
        ServerAlias www.myexample.net
        ServerName myexample.net

        ErrorLog /var/log/apache2/example-error.log

        LogLevel info
        CustomLog /var/log/apache2/example-access.log combined
         
        ProxyPreserveHost On
        ProxyRequests off
        # Allow from everywhere
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
       # Send all requests to port 1122
ProxyPass /audit !
        ProxyPass / http://10.10.150.4:80/
        ProxyPassReverse / http://10.10.150.4:80/
</VirtualHost>

This configuration will get any request on port 80 and forward them on http://10.10.150.4:80. And as  we had a php script inside this machine and we need to open that from this machine not the destination machine so we need to make a exception for that directory. "ProxyPass /audit !" will stop reverse proxy to forward requests related to /audit/ directory to the destination machine and will run it from the current machine!

Now by running the following command restart the Apache to changes take effect:
sudo service apache2 restart

And this is the video of this project that i describes the details about how this project works.
http://www.youtube.com/watch?v=o3-KDD7TSrA