Letter Bombs


– You will first have to make a mild version of thermite. Use my
recipe, but substitute iron fillings for rust.

– Mix the iron with aluminum fillings in a ratio of 75% aluminum
to 25% iron. This mixture will burn violently in a closed space
(such as an envelope). This bring us to our next ingredient…

– Go to the post office and buy an insulated (padded) envelope.
You know, the type that is double layered… Seperate the layers
and place the mild thermite in the main section, where the letter
would go. Then place magnesium powder in the outer layer. There is
your bomb!!

– Now to light it… this is the tricky part and hard to explain.
Just keep experimenting until you get something that works. The
fuse is just that touch explosive I have told you about in another
one of my anarchy files. You might want to wrap it like a long
cigarette and then place it at the top of the envelope in the
outer layer (on top of the powdered magnesium). When the touch
explosive is torn or even squeezed hard it will ignite the
powdered magnesium (sort of a flash light) and then it will burn
the mild thermite. If the thermite didn’t blow up, it would at
least burn the fuck out of your enemy (it does wonders on human
flesh!).

How to recover a corrupted registry that prevents Windows XP from starting


When you try to start or restart your Windows XP-based computer,you may receive one of the following error messages:

‘ Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM ‘

All that you need to do is simple..

1st of all,you need to copy files below  n sae it as regcopy1.txt and regcopy2.txt in windows folder..(myb you need to make your hdd as external for a while to copy regcopy1.txt and regcopy2.txt into windows directory).after that, you place back your hdd on your computer..

——————————————————————————————————————————————–

1  : Save diz files below as regcopy1.txt.

md tmp
copy c:\windows\system32\config\software c:\windows\tmp\software.bak
copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak
copy c:\windows\system32\config\security c:\windows\tmp\security.bak
copy c:\windows\system32\config\default c:\windows\tmp\default.bak

delete c:\windows\system32\config\system
delete c:\windows\system32\config\software
delete c:\windows\system32\config\sam
delete c:\windows\system32\config\security
delete c:\windows\system32\config\default

copy c:\windows\repair\system c:\windows\system32\config\system
copy c:\windows\repair\software c:\windows\system32\config\software
copy c:\windows\repair\sam c:\windows\system32\config\sam
copy c:\windows\repair\security c:\windows\system32\config\security
copy c:\windows\repair\default c:\windows\system32\config\default

———————————————————————————————————————————————

2 : Save diz files below as regcopy2.txt.

delete c:\windows\system32\config\software
delete c:\windows\system32\config\sam
delete c:\windows\system32\config\security
delete c:\windows\system32\config\default

copy c:\windows\tmp\software.bak c:\windows\system32\config\software
copy c:\windows\tmp\sam.bak c:\windows\system32\config\sam
copy c:\windows\tmp\security.bak c:\windows\system32\config\security
copy c:\windows\tmp\default.bak c:\windows\system32\config\default

———————————————————————————————————————————————

then,boot from installation cd (xp home/pro)

then select R on the first screen (R for repair)

now you are at command prompt line..

enter number 1 ,then push enter.

then type :  batch regcopy1.txt,push enter..

after dat,type : batch regcopy2.txt,push enter..

after all has done,type exit..now your computer should reboot n yor windows should b normal again..i jz do this n i guarantee 100% its successful…

p/s : dont worry,nothing  lost in ur partition C ..your software should run  as before n nothing change!!

Gud luck n feel free to drop any question here..

Recover a Corrupted System File


If an essential Windows file gets whacked by a virus or otherwise corrupted, restore it from the Windows CD. Search the CD for the filename, replacing the last character with an underscore; for example, Notepad.ex_. If it’s found, open a command prompt and enter the command EXPAND, followed by the full pathname of the file and of the desired destination: EXPAND D:\SETUP\NOTEPAD.EX_ C:\Windows\NOTEPAD.EXE. If either pathname contains any spaces, surround it with double quotes.

If the file isn’t found, search on the unmodified filename. It will probably be inside a CAB file, which Win XP treats as a folder. Simply right-drag and copy the file to the desired location. In other Windows platforms, search for a file matching *.cab that contains the filename. When the search is done, open a command prompt and enter EXTRACT /L followed by the desired location, the full pathname of the CAB file, and the desired filename; for example: EXTRACT /L C:\Windows D:\I386\Driver.cab Notepad.exe. Again, if the destination or CAB file pathname contains spaces, surround it with double quotes.

entahh…


SALAM..

hari ni aku ke tmpt kje sprti biasa…sumer yg aku buat hr nih mcm sll..tekadku ingin bizi kn diri aku smpai ak snggup redah hujan lbt ptg td ke merata tempt…aku blk ke rmh lbh krg kul 1am++…sejukk gler..terketar2 aku bawak moto mlm td..huhu…

mlm td lps mghrb,ak dop kt opis sorg2…disebabln xder kje sngt td,aku jz lpk2..tiba2 jew,tnpa diundang,ak rse pilu sngt2…aku cb buat2 bz,tp xdpt..rokok pom aku abes 2bngkus hr nih…sbb xnk rse sedey..aku cb msj DIA,tp xder respon..myb DIA bz kot ngn travel DIA…aku pom xtaw cne aku boleh jd seorg yg emo gler2…haha..ak cb baca komik kt internet tuk gelak..dpt gelak kjp jew,ak da ilang mood…rse cam nk nanges pom adew..

nsb baek bos ak blk cpt..die bg job tuk ak buat..die suh ak study lak sal ipcam yg br…br lah aku rse lega sikit…sbb otak jz dop pk cne nk buat..berjam2 aku buat tu xbenti mkn mnum pom..kul 10pm,aku benti smayang isya’ jap..pastu aku smbng blk..

alhmdlillah,aku tenang blk…aku cma resah sngt2 bl aku xbuat pepe n dop sorg2..ak akn trfkr blk hal tu..kt rumah pom,aku tdow da lps subuh..bngn kul 10.30am,pegi kjew..ni jelah life aku skrg…bl tb jew hr mggu,aku xtaw nk wat pe..tu yg smlm tnpa dirncg,aku leh smpai bukit ampang…huhu…

diri aku pom dah terbiasa ngn buat kjew nih,aku rse cam leh lalui lah idup ak sndirian pasnih…aku xnk ssh kn kwn2 aku sbb aku taw dorg pom adew hal tuk di lakukn gak..aku jz hrpkan,diri aku tabah cam dl…aku cb tuk hepikn diri aku…bc komik,tngk citer2 seram,gelak sorg2,n nanges sorg2..huhu..

xsngka gk,aku sng giler nanges skrg nih…da bnyk tul diri aku brubah…xsama lngsng ngn aku yg dl..ssh tuk nanges..yg sntiasa hepi..adew mslh pom csam xder mslh….tp skrg,ak cb buat cam xder pepe yg brlaku tp,aku msh xdpt gak nk trima keadaan aku skrg nih…dah2,ngah 2 mlm sikit,ngh lyn radio cz nk tdow,dngr lak lagu sang mantan…pastu lagu dr shahir lak…mmg la cam kna cucuk ngn lidi sate jew kt hati nih..huhu…

tekad aku,aku nk kejw sebizi2 nyew..bialah kl aku da xder life,cz aku ader life pom,cam xder life gk..da xsama lg…aku nk kjew gk wlaupon aku sehat atau sakit…impian aku??hmmm…ssh gak tuk aku truskn..aku jz nmpk bayang2 jew skrg nih,aku nk cb gapai blk,tp aku rse cam mkin jauh..myb btul aku nih xder mse dpn yg cerah..kelam jew aku rse…

klah,aku nk cb tuk tidur kjp..subuh nt nk bngn lak..hr nih,b4 msk kje,aku kna gi kt warranty laptop ACER..nk amik laptop customer…aku nk pesan lah,skrg nih,kbnykn laptop xkira la model apew pom,rata2 bnyk yg pakai hdd toshiba..aku xtaw nape toshiba release kn hdd tu cz da bnyk yg aku jmpe hdd rosak..dlm warranty xpew lah..leh highpoint replace blk..tp data ttp hilang..kl nk cr external hdd,ak suggest kn cr lah seagate..koman2 pom,pakai la wd..2 brand nih jew yg aku nmpak msh tahan lasak..aku punye external hdd pom da nk msk 2 tahun,tp xnah lg nk rsk..aku pakai seagate..dl lam laptop,kebnyakn nya seagate,tp skrg da xder dh..ak punya case pom yg mrh jew,nk citer sal jth tu,mls nk citer lah..da bnyak kali jth..bkn rendah,tggi2 lak tuh..huhu

k,slmt pg semua..thnx sngt2 cz snggh di blog aku nih…kl ader problem sal laptop or PC,jgn lupe tuk drop kn soklan kt blog nih,aku akn cb bntu sedaya upaya aku..sekian…jazakumullahu khairan kathiira…assalamualaikum..

A List Of Some OF The Most Useful UNIX : Hacking Commands, and Some Hints On Their Usage


It is fun and often usefull to create a file that is owned
by someone else.  On most systems with slack security ie 99% of
all UNIX systems, this is quite easily done.  The chown command
will change any of your files to make someone else the owner.
Format is as follows:

chown ownername filelist

Where ownername is the new owner, and filelist is the list of
files to change.  You must own the file which your are goin to
change, unless you are a superuser….then u can change ANYTHING!
chgrp is a similar command which will change the group
ownership on a file.  If you are going to do both a chown and a
chgrp on a file, then make sure you do the chgrp first!  Once the
file is owned by someone else, you cant change nything about it!

—————————————————————

Sometimes just seeing who is on the system is a challenge in
itself.  The best way is to write your own version of who in C,
but if you can’t do that then this may be of some help to you:

who   followed by on or more of the following flags:

-b Displays time sys as last booted.
-H Precedes output with header.
-l Lists lines waiting for users to logon.
-q displays number of users logged on.
-t displays time sys clock was last changed.
-T displays the state field (a + indicates it is
possible to send to terminal, a – means u cannot)
-u Give a complete listing of those logged on.

**who -HTu is about the best choice for the average user**

##by the way, the list of users logged on is kept in the file
/etc/utmp.  If you want to write your own personalised version of
who in C, you now know where to look!###

—————————————————————

When a users state field (see -T flag option for who
command) says that a user has their message function on, this
actually means that it is possible to get stuff onto their
screen.
Basically, every terminal on the system has a file
corresponding to it.  These files can be found in the /dev
directory.  You can to anything to these files, so long as you
have access -eg you can read them, and write to them, but you
will notice that they never change in size.  They are called
character specific files, and are really the link between the
system and the terminals.  Whatever you put in these files will
go staright to the terminal it corresponds to.
Unfortunately, on most systems, when the user logs in, the
“mesg n” command is issued which turns off write access to that
terminal, BUT- if you can start cating to that terminal before
system issues the mesg n command, then you will continue to be
able to get stuff up on that terminal! This has many varied uses.

Check out the terminal, or terminal software being used.
Often you will be able to remotely program another users
terminal, simply by ‘cating’ a string to a users screen.  You
might be able to set up a buffer, capturing all that is typed, or
you may be able to send the terminal into a frenzy- (sometimes a
user will walk away without realizing that they are sill
effectively logged on, leaving you with access to their
account!).  Some terminal types also have this great command
called transmit screen. It transmits everything on the screen,
just as if the user had typed it !
So just say I wanted to log off a user, then I would send a
clear screen command (usually ctrl l), followed by “exit”
followed by a carriage return, followed by the transmit screen
code.  Using ths technique you can wipe peoples directories or
anything.  My favourite is to set open access on all their files
and directories so I can peruse them for deletion etc at my own
leisure).

—————————————————————

If you ever briefly get access to another persons account
eg. they leave the room to go to toilet or whatever, then simply
type the following:

chmod 777 $HOME
chmod 777 $MAIL

Then clear the screen so they dont see what you just typed.

Now you can go look at their directory, and their mail, and
you can even put mail in their mail file. (just use the same
format as any mail that is already there!). Next time they log in
the system will automatically inform them they have new mail!

—————————————————————

Another way to send fake mail to people is to use the mail
server.  This method produces mail that is slightly different to
normal, so anyone who uses UNIX a bit may be suspiscious when
they receive it, but it will fool the average  user!

type telnet

the following prompt will appear:

telnet>

now type :

open localhost 25

some crap will come up about the mail server..now type:

mail from: xxxxxx     Put any name you want.

some more bullshit will come up. Now type:

rcpt to: xxxxxx  Put the name of the person to receive mail here.

now type:

data

now you can type the letter…end it with a “.”
type quit to exit once you are done.

————————————————————-

Heres one for any experimenters out there…
It is possible to create files which simply cannot be deleted
from the standard shell.  To do this you will have to physically
CREATE THE FILE USING A C PROGRAM or SCRIPT FILE, and you will
have to use a sequence of control characters which cannot be
typed from the shell.  Try things like Ctrl-h (this is the
code for the delete key).  Just a file with the name Ctrl-h would
not be deleteable from the shell, unless you used wildcards. So,
make it a nice long series of characters, so that to delete the
file, the user has no choice but to individually copy all his
files elsewhere, then delete everything in his directory, and
then copy all his files back…..this is one of my
favourites..gets em every time!

The following script file is an example which will create a
file with the name Ctrl-h.  You MUST tyoe this file in using the
vi editor or similar.
*****If you are not very good with vi, type “man vi” and print the
help file…it even contains stuff that I find useful now and
then.*****

type the following in vi…

echo” > ‘a^h’

***NOTE…to get the ^h (this really means ctrl-h) from vi type:

Ctrl v
Ctrl h

The Ctrl v instrcts vi to take the next character as a ascii
character, and not to interpret it.
change the access on the file you just created and now
execute it.  It will create a file which looks like it is called
a, but try to delete it !..use wildcards if you really want to
delete it.

*> Title:   Tutorial on hacking through a UNIX system

**

In the following file, all references made to the name Unix, may also be
substituted to the Xenix operating system.

Brief history:  Back in the early sixties, during the development of
third generation computers at MIT, a group of programmers studying the
potential of computers, discovered their ability of performing two or
more tasks simultaneously.  Bell Labs, taking notice of this discovery,
provided funds for their developmental scientists to investigate into this
new frontier.  After about 2 years of developmental research, they produced
an operating system they called “Unix”.
Sixties to Current:  During this time Bell Systems installed the Unix system
to provide their computer operators with the ability to multitask so that
they could become more productive, and efficient.  One of the systems they
put on the Unix system was called “Elmos”. Through Elmos many tasks (i.e.
billing,and installation records) could be done by many people using the same
mainframe.

Note: Cosmos is accessed through the Elmos system.

Current:  Today, with the development of micro computers, such multitasking
can be achieved by a scaled down version of Unix (but just as
powerful).  Microsoft,seeing this development, opted to develop their own
Unix like system for the IBM line of PC/XT’s.  Their result they called
Xenix (pronounced zee-nicks).  Both Unix and Xenix can be easily installed
on IBM PC’s and offer the same function (just 2 different vendors).

Note: Due to the many different versions of Unix (Berkley Unix,
Bell System III, and System V the most popular) many commands
following may/may not work. I have written them in System V routines.
Unix/Xenix operating systems will be considered identical systems below.

How to tell if/if not you are on a Unix system:  Unix systems are quite
common systems across the country. Their security appears as such:

Login;     (or login;)
password:

When hacking on a Unix system it is best to use lowercase because the Unix
system commands are all done in lower- case. Login; is a 1-8 character field. It is
usually the name (i.e. joe or fred) of the user, or initials (i.e. j.jones
or f.wilson).  Hints for login names can be found trashing the location of
the dial-up (use your CN/A to find where the computer is). Password: is a 1-8 character password
assigned by the sysop or chosen by the user.

Common default logins
————————–
login;       Password:
root         root,system,etc..
sys          sys,system
daemon       daemon
uucp         uucp
tty          tty
test         test
unix         unix
bin          bin
adm          adm
who          who
learn        learn
uuhost       uuhost
nuucp        nuucp

If you guess a login name and you are not asked for a password, and have
accessed to the system, then you have what is known as a non-gifted account.
If you guess a correct login and pass- word, then you have a user account.
And, if you get the root p/w you have a “super-user” account.
All Unix systems have the following installed to their system:
root, sys, bin, daemon, uucp, adm Once you are in the system, you will
get a prompt. Common prompts are:

$
%
#

But can be just about anything the sysop or user wants it to be.

Things to do when you are in: Some of the commands that you may want to
try follow below:

who is on  (shows who is currently logged on the system.)
write name (name is the person you wish to chat with)
To exit chat mode try ctrl-D.
EOT=End of Transfer.
ls -a      (list all files in current   directory.)
du -a      (checks amount of memory  your files use;disk usage)
cd\name    (name is the name of the sub-directory you choose)
cd\        (brings your home directory  to current use)
cat name   (name is a filename either  a program or documentation  your username has written)
Most Unix programs are written  in the C language or Pascal
since Unix is a programmers’  environment. One of the first things done on the
system is print up or capture (in a buffer) the file containing all user names and accounts.
This can be done by doing the following command:

cat /etc/passwd

If you are successful you will see a list of all accounts on the system.  It
should look like this:
root:hvnsdcf:0:0:root dir:/: joe:majdnfd:1:1:Joe Cool:/bin:/bin/joe hal::1:2:Hal Smith:/bin:/bin/hal

The “root” line tells the following info :
login name=root
hvnsdcf   = encrypted password
0         = user group number
0         = user number
root dir  = name of user
/         = root directory

In the Joe login, the last part “/bin/joe ” tells us which directory
is his home directory (joe) is. In the “hal” example the login name is
followed by 2 colons, that means that there is no password needed to get in
using his name.

Conclusion:  I hope that this file will help other novice Unix hackers
obtain access to the Unix/Xenix systems that they may find.

On the Security of UNIX

=-=-=-=-=-=-=-=-=-=-=-=

Recently there has been much interest in the security aspects of operating

systems and software.At issue is the ability to prevent undesired disclosure of

information, destruction of information,and harm to the functioning of the

system.This paper discusses the degree of security which can be provided under

the system and offers a number of hints on how to improve security.The first

fact to face is that UNIX was not developed with security,in any realistic

sense,in mind;this fact alone guarantees a vast number of holes.(Actually the

same statement can be made with respect to most systems.)

The area of security in which is theoretically weakest is in protecting against

crashing or at least crippling the operation of the system.The problem here is

not mainly in uncritical acceptance of bad parameters to system calls (there

may be bugs in this area, but none are known)but rather in lack of checks for

excessive consumption of resources.

Most notably, there is no limit on the amount of disk storage used, either in

total space allocated or in the number of files or directories.Here is a

particularly ghastly shell sequence guaranteed to stop the system:

while : ; do

mkdir x

cd x

done

Either a panic will occur because all the i-nodes on the device are used up,

or all the disk blocks will be consumed, thus preventing anyone from writing

files on the device.In this version of the system,users are prevented from

creating more than a set number of processes simultaneously,so unless users

are in collusion it is unlikely that any one can stop the system altogether.

However, creation of 20 or so CPU or disk-bound jobs leaves few resources

available for others.Also, if many large jobs are run simultaneously,swap space

may run out, causing a panic.  It should be evident that excessive consumption

of diskspace, files, swap space and processes can easily occur accidentally in

malfunctioning programs as well as at command level.In fact UNIX is essentially

defenseless against this kind of abuse,nor is there any easy fix.The best that

can be said is that it is generally fairly easy to detect what has happened

when disaster strikes ,to identify the user responsible, and take appropriate

action.In practice,we have found that difficulties in this area are rather

rare,but we have not been faced with malicious users,and enjoy a fairly

generous supply of resources which have served to cushion us against accidental

overconsumption.

The picture is considerably brighter in the area of protection of information

from unauthorized perusal and destruction.Here the degree of security seems

(almost) adequate theoretically, and the problems lie more in the necessity for

care in the actual use of the system.Each UNIX file has associated with it

eleven bits of protection information together with a user identification

number and a user-group identification number (UID and GID).

Nine of the protection bits are used to specify independently permission to

read, to write, and to execute the file to the user himself, to members of the

user’s group, and to all other users.Each process generated by or for a user

has associated with it an effective UID and a real UID, and an effective and

real GID.When an attempt is made to access the file for reading, writing, or

executing UID for the process is changed to the UID associated with the file;

the change persists until the process terminates or until the UID changed again

by another execution of a set-UID file.Similarly the effective group ID of a

process is changed to the GID associated with a file when that file is executed

and has the set-GID bit set.The real UID and GID of a process do not change

when any file is executed,but only as the result of a privileged system

call.The basic notion of the set-UID and set-GID bits is that one may write a

program which is executableby others and which maintains files accessible to

others only by that program.

The classical example is the game-playing program which maintains records of

the scores of its players.The program itself has to read and write the score

file,but no one but the game’s sponsor can be allowed unrestricted access to

the file lest they manipulate the game to their own advantage.

The solution is to turn on the set-UID bit of the game program.  When, and only

when,it is invoked by players of the game,it may update the score file but

ordinary programs executed by others cannot access the score.  There are a

number of special cases involved in determining access permissions.  Since

executing a directory as a program is a meaningless operation,the

execute-permission bit, for directories, is taken instead to mean permission to

search the directory for a given file during the scanning of a path name; thus

if a directory has execute permission but no read permission for a given user,

he may access files with known names in the directory,but may not read (list)

the entire contents of the directory.

Write permission on a directory is interpreted to mean that the user may create

and delete files in that directory;it is impossible for any user to write

directly into any directory..Another, and from the point of view of security,

much more serious special case is that there is a “super user” who is able to

read any file and write any non-directory.The super-user is also able to change

the protection mode and the owner UID and GID of any file and to invoke

privileged system calls.It must be recognized that the mere notion of a

super-user is a theoretical, and usually practical, blemish on any protection

scheme.

The first necessity for a secure system is of course arranging that all files

and directories have the proper protection modes.Traditionally, UNIX software

has been exceedingly permissive in this regard;essentially all commands create

files readable and writable by everyone.In the current version,this policy may

be easily adjusted to suit the needs ofthe installation or the individual user.

Associated with each process and its descendants is a mask, which is in effect

anded with the mode of every file and directory created by that process.  In

this way, users can arrange that, by default,all their files are no more

accessible than they wish.The standard mask, set by login,allows all permiss-

ions to the user himself and to his group,but disallows writing by others.

To maintain both data privacy and data integrity,it is necessary, and largely

sufficient,to make one’s files inaccessible to others.  The lack of sufficiency

could follow from the existence of set-UID programs created by the user and the

possibility of total breach of system security in one of the ways discussed

below(or one of the ways not discussed below).

For greater protection,an encryption scheme is available.Since the editor is

able to create encrypted documents, and the crypt command can be used to pipe

such documents into the other text-processing programs,the length of time

during which clear text versions need be available is strictly limited.The

encryption scheme used is not one of the strongest known, but it is judged

adequate, in the sense that cryptanalysisis likely to require considerably more

effort than more direct methods of reading the encrypted files.For example, a

user who stores data that he regards as truly secret should be aware that he is

implicitly trusting the system administrator not to install a version of the

crypt command that stores every typed password in a file.  Needless to say, the

system administrators must be at least as careful as their most demanding user

to place the correct protection mode on the files under their control.

In particular,it is necessary that special files be protected from writing, and

probably reading, by ordinary users when they store sensitive files belonging

to otherusers.It is easy to write programs that examine and change files by

accessing the device on which the files live.

On the issue of password security,UNIX is probably better than most systems.

Passwords are stored in an encrypted form which, in the absence of serious

attention from specialists in the field,appears reasonably secure, provided its

limitations are understood.In the current version, it is based on a slightl y

defective version of the Federal DES;it is purposely defective so that

easily-available hardware is useless for attempts at exhaustive

key-search.Since both the encryption algorithm and the encrypted passwords are

available,exhaustive enumeration of potential passwords is still feasible up to

a point.We have observed that users choose passwords that are easy to

guess:they are short, or from a limited alphabet, or in a dictionary.

Passwords should be at least six characters long and randomly chosen from an

alphabet which includes digits and special characters.

Of course there also exist feasible non-cryptanalytic ways of finding out

passwords.For example:    write a program which types out “login:”on the

typewriter and copies whatever is typed to a file of your own.    Then invoke the

command and go away until the victim arrives..The set-UID (set-GID)notion must

be used carefully if any security is to be maintained.    The first thing to keep

in mind is that a writable set-UID file can have another program copied onto

it.

For example, if the super-user command is writable,anyone can copy the shell

onto it and get a password-free version of Shell Unix.A more subtle problem can

come from set-UID programs which are not sufficiently careful of what is fed

into them.To take an obsolete example,the previous version of the mail command

was set-UID and owned by the super-user.This version sent mail to the r

ecipient’s own directory.The notion was that one should be able to send mail to

anyone even if they want to protecttheir directories from writing.  The trouble

was that mailwas rather dumb:anyone could mail someone else’s priva te file to

himself.Much more seriousis the following scenario:  make a file with a line

like one in the password filewhich allows one to log in as the super-user.Then

make a link named “.mail” to the password file in some writable directory on

the same device as the password file (say /tmp).  Finally mail the bogus login

line to /tmp/.mail;You can then login as the superuser,clean up the

incriminating evidence,and have your will.

The fact that users can mount their own disks and tapes as file systems can be

another way of gaining super-user status.Once a disk pack is mounted, the

system believes what is on it.Thus one can take a blank disk pack,put on it

anything desired,and mount it.There are obvious and unfortunate consequences.

For example:a mounted disk with garbage on it will crash the system;one of the

files on the mounted disk can easily be a password-free version of Shell Unix;

other files can be unprotected entries for special files.  The only easy fix

for this problem is to forbid the use of mount to unpriv- ileged users.A

partial solution, not so restrictive,would be to have the mount command examine

the special file for bad data,set-UID programs owned by others ,and accessible

special files,and balk at unprivileged invokers.

Extended Googling


Google offers several services that give you a head start in focusing your search. Google Groups

(http://groups.google.com)

indexes literally millions of messages from decades of discussion on Usenet. Google even helps you with your shopping via two tools: Froogle
CODE
(http://froogle.google.com),

which indexes products from online stores, and Google Catalogs
CODE
(http://catalogs.google.com),

which features products from more 6,000 paper catalogs in a searchable index. And this only scratches the surface. You can get a complete list of Google’s tools and services at

http://www.google.com/options/index.html

You’re probably used to using Google in your browser. But have you ever thought of using Google outside your browser?

Google Alert

(www.googlealert.com)

monitors your search terms and e-mails you information about new additions to Google’s Web index. (Google Alert is not affiliated with Google; it uses Google’s Web services API to perform its searches.) If you’re more interested in news stories than general Web content, check out the beta version of Google News Alerts

(www.google.com/newsalerts).

This service (which is affiliated with Google) will monitor up to 50 news queries per e-mail address and send you information about news stories that match your query. (Hint: Use the intitle: and source: syntax elements with Google News to limit the number of alerts you get.)

Google on the telephone? Yup. This service is brought to you by the folks at Google Labs

(http://labs.google.com),

a place for experimental Google ideas and features (which may come and go, so what’s there at this writing might not be there when you decide to check it out). With Google Voice Search

(http://labs1.google.com/gvs.html),

you dial the Voice Search phone number, speak your keywords, and then click on the indicated link. Every time you say a new search term, the results page will refresh with your new query (you must have JavaScript enabled for this to work). Remember, this service is still in an experimental phase, so don’t expect 100 percent success.

In 2002, Google released the Google API (application programming interface), a way for programmers to access Google’s search engine results without violating the Google Terms of Service. A lot of people have created useful (and occasionally not-so-useful but interesting) applications not available from Google itself, such as Google Alert. For many applications, you’ll need an API key, which is available free from
CODE
http://www.google.com/apis

. See the figures for two more examples, and visit

http://www.pcmag.com/solutions

for more.

Thanks to its many different search properties, Google goes far beyond a regular search engine. Give the tricks in this article a try. You’ll be amazed at how many different ways Google can improve your Internet searching.

Kini…


Saalm…

Td gi lpk kt bukit ampang..mmg da dkt sngt ngn umah aku kn..huhu..bez gak..dkt 3 jam gak ‘melara’ kn diri aku kt sana..b4 tu,hntr avr kt arep..(thnx arep,bg ak pinjm b4 nih..lebiyu!!) pastuh lpk ngn heck n nadd(sedey gk yg laen2 xjoin,cam xcukup korum jew)huhu..

Pejam celik, da msk hr ke-5 skrg.. n ak xdpt khabar langsung dr DIA… rndu gak kt DIA…walaupun org laen tngk aku ceria jew, tp di sebalik keceriaan aku neyh, aku msh terkejut…n kepala aku pom masih hiruk pikuk lg…alhamdulillah…aku syukur ngn ALLAH sbb ak adew teman2 yang mampu buat aku gelak sakan…

Aku hrp hr nih,aku kjew cam sll gak…bz cam sll…bialh cam xder life pom,jnj ak xrse trtekan sngt…da lmew aku xsygkn org giler2 cmnih..dl aku da rse brsemngt sbb lbh sr 3 bln aku ngn DIA..tp xlamew gak…kini aku sedar yg aku bknlah seorg yg leh bahagialn org,bkn seorg yg baek tuk jd teman yg intim…

Semalam aku gi lpk ngn khalid da dkt t/mlm dh..huhuaku gi ngn dome n sudin..haha..kuat gk kpla msuk air smlm..sekarg pom aku rse cam darah aku yg naek ke kepala sbb trkejut pg tu,msh xturun ngn sempurna lg…rse skt sngt kepala aku nih..berdenyut2..demam pom xkebah2 lg..nk amik MC, kesian lak kt bos aku..dia sengsorg,mmg xbukak la opis..huhu..trpksa tahan lah sikit skt kpala n dmm nih..xnk sshkn bos aku..lgpom aku pom dlm perhatian lg tuk 3 bln..kna la usaha krs sikit…huhu

Mlm nih,smpai cni jelah dl coretan ak..xleh pnjg2 sngt…nk tdow..huhu…siang nt nk kna gi kje lak..aku xnak lmbt…sebelum aku lupe,pasal service yg aku post kn dlm blog aku terdahulu,ak mmg 2riyes..buat mse skrg nih,aku cover are KL jew..xsmpat nk pegi jauh2..biasalah,kje pom sll t/mlm br blk..k,salam ukuwwah kepada semua..wassalam..