favicon

Kakkoi

web development, software, windows tips and trick

  • Home
  • About Kakkoi
    • info
    • Kakkoi Maps
    • WCAG Compliance and Section 508 Validator Form (WebXACT)
    • Kakkoi Trafffic Statistic
    • Kaizeku Crawler Maps
    • Banned Lists
    • Cookies Policy
    • Banned
    • Banned Web Proxy
  • Archives
    • Acronym
  • Welcome, You are on Kakkoi 'Frontpage'
  • Frontpage
  • Log in
  • Registration Closed
  • Increase Font
  • Change Theme
  • Toggle Sidebar
    • url
      • Feb
      • 16

      How to Remove Win32 AutoRun Worm - Funny UST Scandal - XMSS.exe

      • By
        Nick B
      • . Filed under Security¸ Windows & Worm.
      • 3

      xmss-exe-funny-ust-scandal.png image by chaoskaizerYesterday I got a new type of “Stupid Worm” hidding in background as xmss.exe. It copied itself on Local disk and Windows Directory (%Windir%). Terminated “Windows Task Manager”, Windows Command Prompt (DOS-Prompt) & crashed System Internal Process Explorer (procxp.exe).

      Its not a funny video

      According to McAfee, this worm is known as W32/Autorun.worm.g.

      It can propagate itself over removable media and network drives and cause execution of malicious code via an autorun.inf file.

      Read the rest of this entry »

      • Last Update: March 3, 2008 at 5:36 pm
      • Tags: autorun.abt, autorun.fj, autorun.m, prank, Virus, win32, Windows, Worm, xmss
    • « Older Entries 
    •  

    • Syndication

      We make it easy for you to get what YOU want to read. Subscribe to our RSS feed get the latest updates without visiting the site.

      RSS Format
      EntriesRSS 2RSS 0.9AtomRDF 1.0
      CommentsRSS 2RSS 0.9AtomRDF 1.0

    • Stamps

      • flcl istalker stamps

  • Recent Posts

    • How to Remove Win32 AutoRun Worm - Funny UST Scandal - XMSS.exe
    • Blackhat SEO Spammer targeting High PR WordPress Blog
    • Google Toolbar 5 βeta
    • Firefox 2.0.0.12 Information Leak Vulnerability
    • Adobe Acrobat, Acrobat 3D & Reader Multiple Vulnerabilities

  • Colophone

    Kakkoi nhnoahHi, my name is Noah, I'm from MY Malaysia. HR executive at intel (Malaysia) & Rhel KOD/VOD Engineer (Taiwan). Most of the topics in this blog is related to my recent hobbies on web development, windows tips, soap & bubbles.
    postmaster+abuse (at) kakkoi.net
    Noah Kakkoi Personal Email
    Geo : 1.515776,103.720272
    KML hCard

  • Recent Comments

    • Los 9 mejores trucos para aumentar el rendimiento de Firefox sin usar extensiones on How to Setup Firefox 3 (beta) AutoComplete
    • zinzin on How to remove Adobe Version Cue CS3 - Apple Bonjour Services
    • zyro on Fixes for files infected with Win32/virut.Virtob and Variants
    • Avice De'veréux on How to Remove Wordpress.net.in Spam Injection
    • url
      • Feb
      • 14

      Blackhat SEO Spammer targeting High PR WordPress Blog

      • By
        chaoskaizer.myopenid.com
      • . Filed under Security¸ WordPress¸ injection & owned.
      • 3

      wordpress-blackhat-seo-spam.png image by chaoskaizerI’ve been monitoring mattheaton.com “wordpress.net.in goro spam injections” for this past few months. Noticeably, the blackhat spamming method is changing dramatically. For those who are still unaware of Wordpress Goro Spam please read my earlier post → Wordpress.net.in Spam injection& Gaming Bluehost & Hostmonster CEO’s Blog.

      thinkingphp.org (PR6) & jensfrake.com (PR7) has been hijacked by “Wordpress Blackhat SEO Spammer” for this month. Both sites were running on WordPress 2.3.2.

      By now the <div id=”goro”> signature has been replaced with “Inline CSS” wrapper.

      Cloacking Check on Mattheaton.com

      Normal Browser
      32,246 characters - mattheaton-com-source.txt
      Google bot
      34,646 characters - mattheaton-com-googlebot-source.txt
      Difference
      2,400 characters

      Read the rest of this entry »

      • Last Update: March 4, 2008 at 5:40 pm
      • Tags: Blackhat, Bluehost, css cloacking, HostMonster, localrank, networm, script injection, spamdexing, sybil+attack, xmlrpc
    • url
      • Feb
      • 11

      Google Toolbar 5 βeta

      • By
        Nick B
      • . Filed under Google & Web Browsers.
      • 3

      google-pin-preview-by-chaoskaizer.pngGoogle Toolbar 5 (βeta) is out. You can download it at toolbar.google.com/T5/.

      Whats New

      • Custom Button and new Google Gadgets Support
      • Smart suggestion for navigation error (ie: 400 - 500 error)
      • Google Notebook Integration - save notes and image
      • Improved Autofill

      Check out the Google Toolbar 5 (beta) youtube videos ↓
      Read the rest of this entry »

      • Last Update: March 28, 2008 at 4:19 pm
      • Tags: addons, google+toolbar, pr, toolbar, webmaster, YouTube
    • url
      • Feb
      • 10

      Firefox 2.0.0.12 Information Leak Vulnerability

      • By
        Nick B
      • . Filed under Exploit¸ Mozilla Firefox & Security.
      • 3

      Marvin Apbot costume by chaoskaizerWe are going to see Firefox 2.0.0.13 probably by end of this week. Check out this directory transversal code using view-sources: & resource: scheme
      view-source:resource:///
      translate to file:///C:/Program%20Files/Mozilla%20Firefox/

      You can read/include firefox pref settings with this code. <script src=”view-source:resource:///greprefs/all.js”></script>

      Workaround

      Install No-script Add-ons.

      Read the rest of this entry »

      • Last Update: February 13, 2008 at 7:54 am
      • Tags: Mozilla Firefox, remote+exploit, vulnerability, xss
    • url
      • Feb
      • 09

      Adobe Acrobat, Acrobat 3D & Reader Multiple Vulnerabilities

      • By
        Noah Ark
      • . Filed under Acrobat Reader¸ Exploit & vulnerability.
      • 3

      adobe readerA JavaScript Buffer Overflow in Adobe Acrobat, Acrobat 3D & Reader allowed remote attacker to execute arbitrary code. The code will run with the privileges of the target user opening the PDF document.

      Excerpt from iDefense Public Advisory;

      Adobe Reader and Acrobat implement a version of JavaScript in the EScript.api plug-in which is based on the reference implementation used in Mozilla products. One of the methods exposed allows direct control over low level features of the object, which in turn allows execution of arbitrary code.

      Workaround

      Disabled Adobe Reader & Acrobat JavaScript. Perform Update ↓

      Update -Adobe Acrobat & Reader version 8.1.2

      Adobe released version 8.1.2 of Adobe Reader, Acrobat & Acrobat 3D to address
      these vulnerabilities.

      • Adobe Reader 7 and 8 users update to Adobe Reader 8.1.2
      • Acrobat 8 users on Windows update to Acrobat 8.1.2
      • Acrobat 8 users on Macintosh update to Acrobat 8.1.2
      • Acrobat 3D version 8 users on Windows update to Acrobat 3D version 8.1.2

      These vulnerabilities were discovered by Greg MacManus of VeriSign iDefense Labs.

      Read the rest of this entry »

      • Last Update: March 4, 2008 at 6:00 pm
      • Tags: acrobat, acrobat3d, adobe+reader, buffer+overflow, Exploit, reader, remote+exploit, Security, vulnerability
    • « Older Entries 
    •  

    • Topics

      • Adobe (5)
        • Acrobat Reader (2)
        • Photoshop (2)
          • Resources (1)
      • Apple (2)
        • Bonjour (1)
        • mac (1)
        • QuickTime (1)
      • Google (15)
        • Gmail (3)
        • Google Alerts (1)
        • Google Proxy (1)
        • Google Trends (1)
        • Google Zeitgeist (1)
        • Google-mobile (1)
        • GWT (1)
      • Linux (2)
        • Debian (1)
        • Ubuntu (1)
      • Mozilla Firefox (5)
        • about:config hack (1)
        • Firefox Add-ons (1)
      • MS Internet Explorer (2)
      • Network Utilities (1)
      • News (5)
      • owned (2)
      • ranting (4)
      • Search Engine (2)
        • Search Engine Optimization (2)
      • Security (26)
        • Blackhat (2)
        • Exploit (4)
        • injection (3)
        • script injection (2)
        • Virus (3)
        • vulnerability (11)
        • Worm (3)
      • Tips (7)
      • Tutorials (1)
      • Web Browsers (3)
      • Web Hosting (2)
        • Bluehost (1)
        • Dreamhost (1)
        • HostMonster (1)
      • Web Services (5)
        • Gravatar (1)
        • Sclipo (1)
        • YouTube (3)
      • Windows (14)
        • Live Writer (1)
      • WordPress (10)
        • Plugins (1)

    • Popular Articles

      • Fixes for files infected with Win32 Virtob
      • How to disabled Adobe Photoshop CS3 Apple Version Cue (Bonjour Services)
      • How to Fixes Wordpress.net.in Goro Spam
      • Mass Remote Code Injection as Googlebot - Packet Spoofing
      • Firebug Firefox 3

    • deviantART

  • Taxonomy

    Adobe Apple Blackhat Bluehost BotNet buffer+overflow cloacking css Exploit Gmail Google goro+spam HostMonster IE8 Linux localrank Malware matt+cutts matt+heaton mefir meta microsoft Mozilla Firefox networm owned pagerank Photoshop php plugins remote+exploit remote+injection RSTP script+injection Security seo sybil+attack Tips Trojan vulnerability w3c Windows WordPress Worm xmlrpc xss

  • Blogroll

    • Avice De’vereux
    • Chris Hutchinson
    • css based
    • IncrediBILL
    • Krzysztof Kowalczyk
    • Stalker Club

Some rights reserved 2007 - 2008 Kakkoi. Designed by Avice De'veréux ChaosKaizer. WordPress · Paper People · Microformat · jQuery · CCPL Who's Among Us · Top