Passed the Linux+ exam yesterday. To prepare for it I bought and studied the Mike Meyers Linux+ Passport. The book was so-so; the biggest thing I got from it is that if you are a Debian/Ubuntu guy (like me) you had better start playing with Red Hat/Fedora Core before taking the exam. Fedora Core 9 is now running surprisingly well on my crappy-ass HP/Compaq $500 laptop.

Pretty logos for my certs...






I also have the Certified Reverse Engineering Analyst certification, but apparently no logos exist for that...

Yes, this could be HUGE: Google Chrome

Or it could be a prank. Me thinks not though....

If you are looking for the www.googlechromebeta.com page click here.

Ok,

So I just wasted several hours of my life trying to track down why Cain & Abel didn't like a set of NTLM rainbow tables I downloaded from mirror3.fpux.com . C&A kept throwing a "Verifying the file... (rainbow chain length verify fail, skipping) " error.

Turns out the file charset.txt in the Cain directory had an entry that didn't agree with the rainbow table description (loweralpha-numeric-all-space). After much mucking around and research (thanks Rajat!) I finally got it working by replacing the line

loweralpha-numeric-all-space= [abcdefghijklmnopqrstuvwxyzäöüß0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]

with

loweralpha-numeric-all-space= [abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_+=~`[]{}|\:;"'<>,.?/ ]

The only diff was the stupid German(?) letters ä ö ü and ß. Hopefully this post will save someone else out there a headache....

Also, here is a fairly comprehensive password cracking guide by bofh28 I found posted on the remote-exploit.org forums.

Wow. It seems the less I study Korean the higher scores I get on the DLPT. I'm not complaining though - that's more FLPP for me!

In other news I started studying Japanese. The grammar has a lot of similarities to Korean, so making the jump isn't that hard. Easier to pronounce too.

Very good link for learning kana if you already know Korean:
Shewas

So...yeah, I haven't updated in awhile. Most of my free time has been dedicated recently to studying or working on a project involving databasing historical data on malicious domain name resolutions. I also just attended a reverse engineering course by the InfoSec Institute that was fairly enlightening. Got to play with IDAPro and OllyDbg - you can view a keygen for the original TDC KeyGenMe (CrackMe #8) I did in class here.

javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.images; DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=Math.sin(R*x1+i*x2+x3)*x4+x5; DIS.top=Math.cos(R*y1+i*y2+y3)*y4+y5}R++ }setInterval('A()',5); void(0);

...or click here to see it in action...

While going through some old hard drives I found an old copy of a Korean mock DLPT originally compiled by CTI1(ret) Frank Murphy. I just posted it here.

Its not the prettiest thing in the world, but it did help me score my first 2+/2+ back when I wasn't even working with Korean. Maybe one day I'll clean it up, but probably not. If any KORLINGs out there want a copy shoot me an email.

I had originally put this collection up on the 'net back in 2003 or 2004 during my first attempt at being a webmaster. The domain was koreanlistening.net and it ran on an old Pentium box hooked up to a VDSL connection out of my apartment in Seoul. Everything worked well until I decided to turn it into a Linux box and crashed the harddrive. Maybe I'll register the domain again and do something with it (probably not).

Penny Arcade made mention of a "Sad Animal Crossing Comic" so I took a gander. Turned out the one they are talking about is an English translation of a Korean gamer comic by onesound. I'm linking both the English and Korean versions for those interested.

Yeah, this is a few months old, but I just found it...

Well, ToorCon was fun. Made some new friends and learned some new tricks. Some randomness:

- Who was that drunk dude who went headfirst down the escalator Friday night?
- Default log-in on the seminar wireless AP = SSID of "penis"
- Ninja party at the Hyatt > M$'s party (where the only women seemed to be with the DJ)
- Smoky haze over the San Diego Bay Sunday from the wildfires
- Unpleasantly sobering moment when our plane flew directly over the wildfires early Monday morning

On a sidenote, I was introduced to a particularly quick (and loud - as in setting up and tearing down an entire TCP connection for each port loud) class C scanner called propecia (thanks j0e!).

Unfortunately, as originally implemented it only scans for one port at a time. I took the liberty of modifying it to scan multiple ports. Grab the code here if you are interested.