Sunday, May 15, 2016

***SPAM*** Invoice #34069680 [Malware]

Iam always more interested in SPAM emails rather than my Inbox. Today, I stumbled upon an email in my Spam box with subject Invoice #34069680. It had a spam-my named attachment along with it saying they have sent some of my shipment lol! and this is the invoice to the same.

I then de-activated my Anti-Virus software, downloaded the zip archive, extracted & it had a lonely file in it named invoice_copy_Bqa6Ci.js. It was in fact, no invoice document but a JavaScript file with following contents.

It seemed like it was obfuscated, so I went in to dig the thing deeper and de-obsfuscate it line-to-line by hand. The result I got is as below:

This clearly shows what it does. It downloads a file from either http://wherareyoufromff.com/25.exe or http://arendroukysdqq.com/25.exe (most probably the second URL is there as a fallback in case the first one fails), and saves it as 4194304.exe in your %TEMP% folder, and finally executes it upon successful download. Thenafter, you cannot tell how much the unknown executable saved in your %TEMP% folder will be able to exploit your system.

So beware! If you receive any email similar or exactly as this one, make sure don't download anything there in it.

Just Found This! 3-years Old, Resting In Peace :D

Been recursing in multi-level folders in my eHDD, cleaning up not needed anymore stuff, moving things from here 'n there today morning. Fortunately, just found something I thought I can show-off here :D. I used to convert cars from various games to Grand Theft Auto Vice City and Need For Speed Hot Pursuit 2 in my childhood. I only had these 2 games running at playable FPS with lowest graphics settings on my 128MB RAM desktop, out of which 32 MB was shared with the onboard GPU. Lol! When I built my new gaming desktop in 2013, back then I again wanted to make one more card for Grand Theft Auto. Just for the love with the game.

The model was actually Ryo Watanabe's (Showdown King) from Need For Speed ProStreet, converted to Need For Speed Hot Pursuit 2 by MKIII-Twin-Turbo of nfscars.net. I took the model, create new vinyl texture with Adobe Photoshop, re-textured the chassis, create damage models & finally ported to both games.

Flickr Gallery

However, I could not find the exported vehicle for neither Grand Theft Auto 3 or Grand Theft Auto Vice City, but you can atleast enjoy the screenshots below of the final work.

YMCMB Evo X

Friday, November 13, 2015

New APK Studio Version (d49d3de), Native Installers For Windows & Linux

[EDITED]

I have been trying real hard to keep the APK Studio project active. Solving issues, adding missing features as soon I notice.

I am excited to announce new beta release, i.e., d49d3de available for download.

With this release, now you get a couple Toolbars, one at bottom & one at left. These toolbars have icons which allow you toggle visible/invisible views (Project, Console etc.). Also as an enhancement to build process, APK Studio's versioning now uses Git tags.

In result to which APK Studio now looks more like a professional IDE (which it may become someday).

One more of the few good things that have happened in the while is I have been able to get a free license for InstallBuilder donated by BitRock. Tried & tested, it is way too powerful program for creating native, cross platform installers for any kind of application and barely adds anything noticeable to final package size. Thanks to the software, I am able to produce all-in-one installers for APK Studio to be run on Linux x86/x86_64 & Windows.

These installers automatically install APK Studio along with vendor binaries, add Desktop/Start Menu shortcuts, create Uninstaller & more.

You can download the Linux (x86 & x86_64) installer from this and this link, Windows installer from this link. Source code for this release is available here.

Sunday, November 1, 2015

eToolkit - Open-source Client-side Password Generation, Hash & More

eToolkit is an online toolkit to perform common confidential tasks I use to do on a regular basis including Generating Random Passwords, Base64 decoding & encoding, Text Hashing using MD5/SHA-1/SHA-224/SHA-256/SHA-512 algorithms, Character Counting and things.
I admit there are various tools available online for the purpose and undoubtedly I have been using them. Even more, major functions of eToolkit are inspired if not powered by them. But I did not like the idea of submitting confidential content to a website or application which is not open for review.
For most random websites those they appear in google search, following concerns arise in my mind whenever I am using their services:
  • The password I am generating might be stored on their server
  • The text I am hashing might be saved in rainbow tables for reverse-lookups
  • I do not want to reload a page just to Base64 encode or decode a word. That feels creepy
For addressing all those concerns and try to solve the most, I made this tiny-little angular powered web-app that does all of those in your browser (doesn't send a thing to server) and open-sourced it here on Github because this how things I wanted these tools to be. Open!
To become useful, eToolkit is grateful to below open-source projects which power it: