Sunday, January 12, 2014

Proposal Final Project Perancangan Web & Internet: Sistem Informasi Rumah Sakit

Friday, October 25, 2013

Hack Blackberry Easily

     If we observe that the development of a mobile phone that we often refer to as BLACKBERRY, turns superiorly behind this one device can also be attacked (attack) by using a wireless network that has been pinned on the latest generation of Blackberry. And the general attack is an attack carried out via TCP / IP using the "arpspoof and dnsspoof".
 
      Because according to some experts that one of the weaknesses as well as strengths Blackberry is the feature "proxying" which exist in almost every device from RIM, which is almost the whole service was excellent Blackberry e-mail (push email), both from and toward browsing Blackberry devices us through Blackberry servers (for the region ASIA PACIFIC) server is ap.blackberry.com
 
Here is a network diagram using the service blacckberry blackberry internet service (BIS):
 
 
Here are some methods that can lead us in the "Attack".
 
1 . ARP Spoofing 

To be able to capture data through network switches , slah one way to do this is with a " poison / clicking - inject " the ARP table on the Blackberry device known as ARP spoofing can also be called the method of ARP poisoning or ARP poison routing . ARP table is used Blackberry devices netwok us to communicate with other devices or kira2 like this explanation [ i ] [ i ] " The principle of ARP spoofing is to send fake , or " spoofed " , ARP messages to an Ethernet LAN . Generally , the aim is to associate the " attacker 's " MAC address with the IP address of another node ( such as the default gateway ) . Any traffic meant for that IP sent to the attacker instead . The attacker could the choose to forward the traffic to the actual default gateway ( passive sniffing ) or modify the the data before forwarding it ( man-in - the-middle - attack) . The attacker could also launch a denial- of- service attack againts a victim by associating a nonexistent MAC address to the IP address ofthe victim 's default gateway .
For example , when someone tries to connect to one of his Blackberry wireless access point ( WAP ) to connect to the network , and then using serangn ARP spoofing techniques to poison the ARP table ( internal ) owned by Blackberry , Blackberry which has so poisoned following the server will send all data to and from a poisoned past Blackberry Blackberry " attacker " first.If the guess is illustrated as follows :
      Then the attacker can capture network traffic for further analysis, in addition to the usual attackers also use the program "Whiteshark" to accommodate the data to be in the dump using another app called ssldump (process decrypt SSL traffic), this method is used to transform the data becomes "cleartext" by using false certificates of course, following false certificate (fake certificate).
 
2. DNS Spoofing:

The second method is done by exploiting the topology (map / mapping) network model "proxying" who used the Blackberry to rcp.ap.blackberry.com. By the way all Blackberry devices that use the network servers regional (Asia Pacific) will assume that the server (WAP = wireless access point) that has been set by the attacker as a regional server BIS "DNS Spoofing is the art of making a DNS to point to an another IP that it would be supposed to point to ".
 
  
There are several steps that must be done by the first attacker spoofing DNS entries from the DNS server (using WAP, then the attacker will be entered into the server and add the following entry rcp.ap.blackberry.com which will then be configured by the computer has been previously set to perform "the data capture, editing, and manipulation of data".
 
After successfully adding rcp.ap.blackberry.com so in other words the whole blackberry is connected to the access point and the DNS will voluntarily enter into the computer the attacker and the attacker would configure the server using SSL blackbery. But if we look deeper then if we do browsing while we are on the blackberry "hack" actually blackberry we will give you a warning like this:
 

    Here the attacker also must use "Stunnel" to connect the computer to the user attcker rcp.ap.blackberry.com blackberry and server is intended for activities in blackberry "hack" still takes place by using the SSL course by using fake certificates that have been made ​​previously. Attacker usually also use Blackbag blackberry users to connect to a real server that has been converted into "plaintext" goes something like this:



And in the end PIN sent plaintext sender and receiver and allows the attacker to obtain information either in the form of e-mail, browsing, chat and also time aktifikas blackberrypun user can be known by the attacker. PIN is "irreversible" lead owner PIN aslidapat easily attacked as "denial of service and abuse" of the attacker or something like this "Blackberry PIN is an eight character hexadecimal identification number assigned to each BlackBerry device. PINS can not be changed and are locked to each handset. Blackberrys can message each other using the PIN directly or by using the BlackBerry Messenger application ".


   

Sunday, October 13, 2013

introduction XAMPP




What was Xampp? XAMPP or X (Cross Platform) Apache MySQL PHP Perl is a software (software) that is made by a team from Apache Friends (www.apachefriends.org) whose function is to run the program PHP, MySQL and Perl in the same time.
       XAMPP makes it easy for web developers to develop and create a website on local PC / Laptop, so the process of making a website to be more secure and faster than the process of making a website through an online server.


in xampp there's no such thing
- Web server -> Apache
- DB server -> Mysql
- File server -> file zilla
- Mail server -> mercury
- Java server -> Tomcat

as for how to check the version of xampp which in use is the way ...?
Browser type -> localhost .. for data security in the browser then type in -> https://localhost.
Xampp look like the one above when already installed in the operating system. From the above we can check the version of xampp, and also the other like Apache, PHP, MySql and Php MyAdmin.

In addition to the above, there is one thing that we need to check the directory on xampp, we try to save the file that is located in the appropriate directory.

way. Log in xampp folder -> apache -> conf -> httpd.conf. Once the file is open press ctrl + f on your keyboard to help us find a document that is checked, then typing DocumentRoot, then look at the one in the file, whether it is appropriate storage directory not suppose it to be adjusted.

On the introduction of PHP Programming

In the lab explained about php and how their usage. Let's look at a brief history of PHP. PHP stands for "PHP: Hypertext Prepocessor", which is the programming language that is widely used for handling the manufacture and development of a website and can be used in conjunction with HTML. PHP was created by Rasmus Lerdorf in 1994 first time. At first PHP stands for "Personal Home Page Tools". Subsequently changed to FI ("Forms Interpreter"). Since version 3.0, the name of the language was changed to "PHP: Hypertext Prepocessor" with the acronym "PHP". PHP version is the latest version of the 5th. Based on the Netcraft survey in December 1999, more than a million sites using PHP, among them NASA, Mitsubishi, and RedHat.

Introduction of writing PHP

1. <? php scrip that is often used
                ?>

2. <? The next scrip can not be used in the latest php
              ?>

3. <% Asp
            %>

4.

 
Free Web Hosting | Top Hosting