Showing posts with label part. Show all posts
Showing posts with label part. Show all posts

Tuesday, September 26, 2017

TinyCore A Mighty Platform Part 2

TinyCore A Mighty Platform Part 2


TinyCore Linux is an ideal platform for building a light weight forensics distribution with the purposes I have in mind (See Part 1 of this post).  It is only a 10mb download for the base distribution and boots to a simple GUI desktop.  It boots and loads entirely into a ram disk as small as 48mb, but allocates as much ram as possible.  The ram disk makes TinyCore very fast because the entire operating system resides in ram and there are no drive seek time delays.

TinyCore uses a modern kernel with good hardware support and an xvesa video driver which all but insures a working GUI.  Applications are installed as modules (called extensions) that can be run at boot time or on demand.  The root file system and the applications are read-only and are renewed on every boot eliminating file corruption that can creep into installed software.

The Basic Structure

At its most rudimentary level, TinyCore consists of two files, the kernel (bzimage) and a compressed file system (tinycore.gz).  Add to that a means to boot the operating system, such as isolinux, and your full file tree is a simple:

./boot
./boot/isolinux
./boot/isolinux/isolinux.cfg
./boot/isolinux/isolinux.bin
./boot/isolinux/f4
./boot/isolinux/f2
./boot/isolinux/boot.msg
./boot/isolinux/f3
./boot/isolinux/boot.cat
./boot/bzImage
./boot/tinycore.gz

Making the Read-Only Environment

Attached storage devices detected by the kernel are identified by the udev daemon. Udev applies rules to the devices based on their type.  In the case of TinyCore, udev calls the /usr/sbin/rebuildfstab script to build the /etc/fstab file which contains the mounting options for the attached devices.  When the device is subsequently mounted (devices are not automatically mounted in TinyCore when attached), the mount options in the fstab file are applied.  One need only modify rebuildfstab mounting options to make the system mount devices read-only.

I have been able to modify the rebuildfstab file to mount devices read only and address other forensic mounting issues, like mounting ext3/4 devices as ext2 to avoid any possible journal changes and mounting physical devices as loopback devices to avoid attempted repairs of corrupted file systems on mount.

The process of modifying, adding, or removing files in the core file system is well documented here.  It involves decompressing the tinycore.gz file extracted from a TinyCore iso, making the desired changes, and zipping it back up.  The new tinycore.gz can then be remastered into a new iso.

Making Application Modules (Extensions)

Though new applications can be remastered into the core file system, I favor the modular approach implemented by the TinyCore developers.  Applications are compiled and the stored in a read-only squashfs file system.  The application, when installed, is mounted into the core file system.  Applications can be triggered to mount at boot time, or on demand.  On demand ensures quicker boot times and frees more space in the ram disk if the application is not needed in the session.  Though there is not gui method for this, installed applications can be "uninstalled" in the middle of the session by simply unmounting them and thus freeing ram allocated to them.

Though TinyCore has some suitable modules for forensics, like foremost for example, it lacks libraries and application such as libewf (Expert Witness imaging format), afflib (Advanced Forensics imaging Format), and sleuthkit (disk investigation tool) that a forensics practitioner would desire.  If you are familiar with building application from source, however, then building TinyCore application modules is a snap.  I have already built libewf, afflib, aimage, and sleuthkit modules and will submit them to the repository once I complete testing.  You can take a look at the building method here.

Persistence

Everything Ive mentioned about TinyCore so far mentions "read-only."  The rebuildfstab script can be modified to ensure devices are mounted read-only, a must for live forensic examinations.  The core file system and application modules are mounted read-only ensuring a "clean" operating system and software environment with each boot.  But how does a user save evidence from examinations?

TinyCore allows the home directory to be saved to a storage device.  On shutdown, user data is written to the storage device designated by the user.  A boot option allows the device to be specified on the next boot to restore the user data, or it can be loaded after boot.

Putting it All Together

If you read Part 1 of this post, you know that my goal is the creation of a bootable disc/USB that an investigator with average computer skills (not a computer forensics practitioner) could use to search for and seize evidence from digital storage devices.  TinyCore, in my estimation, has it all:

  1. Small size, loads entirely into ram, and fast with a simple GUI
  2. Easily modified and remastered as a read-only environment
  3. Easily add and created application modules with minimal ram impact
  4. Means for easy creation and restoration of persistent storage
If one adds to the base a decent file browser, like ROX (Ill explain why I think this file browser is great option for forensic examination another time), a word processor (Abiword) with decent file format support, an audio/video player (VLC), and maybe a few other applications, and you have a light-weight, fast, and safe operating system that an investigator with basic computer skills can use to advance his case.

I have a basic version of this concept in place and am currently testing and refining.  I plan to host it on Google Code to get community feedback and to publish the changes I make to the core operating system.  Ill also host the modules I build there (at least until they are accepted into the TinyCore repository).  As always, I welcome any feedback.


download file now

Read more »
Posted by at
Labels: , , , , ,

Friday, September 22, 2017

Download Film Korea Part Time Spy Subtitle Indonesia

Download Film Korea Part Time Spy Subtitle Indonesia


Download Film Korea Part Time Spy 2017 Subtitle Indonesia

Download Film Korea Part Time Spy Subtitle Indonesia

Movie: Part Time Spy
Revised romanization: Bijeongkyujik Teuksuyowon
Hangul: ???? ????
Director: Kim Deok-Soo
Writer:
Producer:
Cinematographer:
Release Date: March 16, 2017
Runtime:
Genre: Action-Comedy
Production Company: Storm Pictures
Distributor: Storm Pictures, ISU C&E
Language: Korean
Country: South Korea

Plot

Jang Young-Sil (Gang Ye-Won) barely lands a job at the NSA (National Security Agency). She is hired as a contract worker to write positive comments for the NSA. Na Jung-An (Han Chae-Ah) is a detective who often uses foul language. They carry out an infiltration operation to recover money that was stolen from her boss in a voice phishing scheme.

Cast

  • Gang Ye-Won - Jang Young-Sil
  • Han Chae-Ah - Na Jung-An
  • Namgung Min - Min-Suk
  • Jo Jae-Yun - Deputy Department Head Park
  • Kim Min-Kyo - Department Head Yang
  • Dong Hyun-Bae - Jae-Yong
  • Kim Sung-Eun
  • Shin Se-Hwui

  Link Film Korea Part Time Spy Sub Indo

Trailers


download file now

Read more »
Posted by at
Labels: , , , , , , ,

TinyCore A Mighty Platform Part 1

TinyCore A Mighty Platform Part 1


Last week I rediscovered TinyCore Linux.  I had taken a look at it about 6 months ago and was intrigued, but didnt have the time to explore it further.  However, I have been seeking a small Linux distribution on which to build a specialized forensics distro, and last week I gave TinyCore another look.

Background

I believe there is a need in computer forensics for an investigator with limited training to be able to search for and seized digital evidence from storage devices.  Some of the reasons I believe this are:

  1. There are not enough trained forensic computer examiners to keep pace with the number of cases involving digital evidence.
  2. The backlog created by a lack of examiners means cases dont get filed for month or even years after the discovery of the crime.  Meanwhile, the perpetrator is free to commit more crimes.
  3. Prosecutors are less likely to pursue older cases, in part because witness recall becomes unreliable.
  4. The majority of charges filed against perpetrators are settled out of court through plea bargaining.  

Therefore, in most circumstances digital storage devices are taken to computer forensics laboratories to search for evidence to support a filing of criminal charges.  But the labs are too busy to get to the examinations very quickly, and by the time they do, Prosecutors are reluctant to file charges because of the delayed filing and/or the perpetrators have been committing additional crimes.  I know this doesnt describe all situations, but it should ring true with most people in some manner.

Solution

The obvious solution is to increase the number of forensic computer examiners and computer forensics laboratories.  However, that isnt going to happen, at least not in the near and not-so-near futures.  And, since Im a "work with what Ive got" kind of guy, Ive been working on another solution:

Criminal investigators need simple but effective tools to search for and seize evidence from digital storage devices.  The tools need to be forensically sound, i.e., they do not alter the original media in any way, but easy enough to use that a basic computer user can feel comfortable and conduct effective examinations.

Think about it this way: If a criminal investigator could retrieve his own digital evidence, he could file charges immediately, and most of the cases filed would be settled without the need of further forensic computer examination.  In cases that do not settle because the digital evidence is disputed, the storage devices could be sent to the computer forensics labs for more traditional analysis.

More cases filed, more perpetrators convicted, less workload at the lab!

But how do we create such tools?  Forensic boot discs like CAInE are great for experience investigators, and the latest version contains nautilus scripts to make live examinations like Im contemplating here possible.  But the operating system is resource heavy, slow to boot from CD, and still to complicated for basic criminal investigators (for example, it is confusing and difficult for most basic users to mount a storage device read-write to collect evidence because the CAInE mounting policies rightly auto-mount devices read-only).  In other words, CAInE and other existing boot discs are not the right tool for users with limited computer forensics training.

TinyCore

I believe the best tool for criminal investigators with basic computer skills will:

  1. Boot quickly (Criminal investigators may be in the field without the luxury of time.
  2. Work in nearly any machine (basic video drivers, e.g., xvesa)
  3. Not alter the media being examined (i.e., mount devices read-only)
  4. Create an writeable storage location automatically (no command line or confusing the evidence device for the storage device)
  5. Contain programs or scripts that are easily accessible to find evidence files (e.g., nautilus-scripts)
  6. Create reports about files saved as evidence containing file metadata (so evidence can be commented upon by trained investigators, if needed)
  7. Allow for the creation of forensic images (in the event the device cannot be seized).
TinyCore linux appears to be an ideal platform from which to build this tool.  And, Ill explain why in Part 2...


download file now

Read more »
Posted by at
Labels: , , , , ,

Wednesday, September 20, 2017

Download One Piece Dressrosa arc Part 3 Arc Batch Subtitles Indonesia Episode 703 725 END

Download One Piece Dressrosa arc Part 3 Arc Batch Subtitles Indonesia Episode 703 725 END


 


G600H_E_ALPSICS2MPV1.5_V5.2_S20130717

G600H_E_ALPSICS2MPV15_V51_S20130528



download file now

Read more »
Posted by at
Labels: , , , , , , , , , , , , ,

Sunday, September 17, 2017

Download One Piece Dressrosa Arc Part 4 Batch Subtitles Indonesia Episode 726 746 END

Download One Piece Dressrosa Arc Part 4 Batch Subtitles Indonesia Episode 726 746 END


http://www.adrive.com/public/overlimit/p/1/9nQngh.html


download file now

Read more »
Posted by at
Labels: , , , , , , , , , , , , ,

Friday, September 15, 2017

Top 5 Best Anime Ecchi Spring 2017 part 1

Top 5 Best Anime Ecchi Spring 2017 part 1


Adobe Premiere Pro CS6 Crack .DLL Files

Brought to you by MastermindTTA (tashfin64 or tta64)

1. Install After Effects Normally
2. After install close after effects
3. Now go in the patch folder
4. Copy and paste the amtlib.dll in the 32bit folder for 32bit systems or the 64bit folder for 64bit systems in your C:Program FilesAdobeAdobe After Effects CS6Support Files
directory
5. Now run after effects and your good to go

Thanks for downloading Enjoy and Make Some Sweet Intros or Promos!

Special Thanks goes to Crusisx
Now Download Adobe Premiere Pro CS6 Crack .DLL Files 2017 New Update link Hare

DOWNLOAD 
http://www.globalmaza.com/feeds/posts/default


download file now

Read more »
Posted by at
Labels: , , , , , , , ,

Saturday, September 9, 2017

SUPER USER PART 4 রুট করুন আপনার Xiaomi Redmi Note 3 Pro ফোনকে।

SUPER USER PART 4 রুট করুন আপনার Xiaomi Redmi Note 3 Pro ফোনকে।


Xiaomi Redmi Note 3 Pro ????? ??????? ????? ???? ????  ???? ???? ?????? ????? ???? ?? ????? ?? ?????????? ????? ???? ???? ??? ?? ????? ???? ???? ?????? ??? ?????, ?????? ??? ???? ??????? ???? ??? ???? ??????? ????????????? ???? ??? ????? ??? ?? ????????
??, ???? ??? ??? ?????? Note 3 Pro ?? ??? ??? ????
???? ? ?????? ???????? ????? ??? ????? ????
????? ???? ???? ???? ??????? ??? ????

?? Root file for kenzo?
?? TWRP Recovery for Kenzo?

Step 1:
?? ?? Download ??? ???? Extract ??? ???? ??? Extract ??? ??????? ????? ???? ?????, Beta-supersu ??? lazyflasher  ???? ?? ???? ???? ????? ????? Internal Storage  ? ?????????? ???? ????
???? ?? ???? ?? Extract ??????? Extract ??? ???? ???? Adb, fastboot & Recovery ???? ??????
Step 2:
???? ????? ????? ????? ???? USB ?????? ???? ????? ??????? ??? ????? ???? Setting  ? ???? Additional Setting  ????? Developer Option ?? On ??? USB debugging  ??? ???? (Setting>additional setting>Developer Option> USB debugging)?
Step 3:
�TWRP Recovery for Kenzo�  ?????? ?????? Extract ???????? ?? ???????  ???? Keyboard ?? �Shift key� ???? ??? ???? ?? Right button ? ????? ???? �Open command window here�  ????? ?????, ????? ????? ?? ??? �command prompt� open ????

????? command prompt ? ????? ???? command ???? ????
Command No 1: adb devices
?? command ?? ???? ????? ???? ???? ??????? ????? ???? ?????? ????? ???? ???? ???? ?? ??? ???? Allow ?????? ????? ????? ?? ????? ???????? command prompt show  ?????

Command No 2: adb reboot bootloader
?? command ?? ???? ????? ???????? ????? ???? Fastboot Mode ? ???? ????
Command No 3: fastboot  flash recovery twrp-3.0.2-2-kenzo.img
???? Twrp recovery ?? flash ??? ?????
Step 3:
????? usb disconnect ??? ??? ?? Power button + volume button ?????? Long press ??? ????? ??? mi logo ?? ???? ?? ??? Power button ?? ???? ???? ?????? ?????? Twrp open ??? ???? ??? ???? ??? ?? window ???? ???? ???? ?????? ??? ???? ????? ??? ???? ???? ??????
Step 4:
???? Twrp recovery ???? �Install�  option ???? Press ???? ????? Internal Storage ?? ???? ??? ??????? ???? ????? ???????????? ???? ????? Internal Storage ? ???? Beta-supersu  ???? ?? ????? ??? �Add more Zips� ???? ????? ??? ???? lazyflasher ?????? ???? ????? ?????
????? �Swipe to confirm Flash� ??? ???? ????? ??? ???? ???? ???? ???????? ??? ???? install complete ??? ???? Reboot option ?????? reboot ????? ?? ?????? ????? ???? Super Su ???? ???? App ??? ?????? ????? ??? ??? ???? ???? ??? ???? ??????


download file now

Read more »
Posted by at
Labels: , , , , , , , , , , , ,

Friday, September 8, 2017

Thinking to Prepare CVs Resumes Profile E Book Part 02

Thinking to Prepare CVs Resumes Profile E Book Part 02
















download file now

Read more »
Posted by at
Labels: , , , , , , , , ,

Wednesday, September 6, 2017

Thinking to Prepare CVs Resumes Profile E Book Part 01

Thinking to Prepare CVs Resumes Profile E Book Part 01


































download file now

Read more »
Posted by at
Labels: , , , , , , , , ,

Tuesday, April 7, 2015

Missed Classic 6 Wonderland Part The First – In Which Alice Stumbles Blindly As Is Her Wont

By Mad Welshman

What a strange day today has been!, Alice declared. I had only thought to follow that strange white rabbit, and now I am stuck in some other world, of marmalade jars and pear lanterns!

The Reviewer tutted. Oh, Alice, what a terrible memory you have! The pears were in your world, so is this world so strange?

Alice frowned. You may have a point, but I am entirely uncertain what it is.

The Reviewer smiled, and took another puff of his hookah As it should be.

This first section is mostly to do with what exploration we can do before we get to Wonderland, and to highlight the design of this first, introductory segment of the game. Be warned, Ill be copy pasting some of the text, to give you an idea of the writing here. Lets start with our somewhat wordy introduction. There is a splash screen (Based on the box art), and a short musical sting, but apart from that, I havent yet heard any sound or music. Considering this was the first port of the game to the Magnetic Scrolls engine, Im pretty sure thats almost all we get.

Alice was beginning to get very tired of sitting by her sister on the bank, and having nothing to do. It would have been bad enough having to watch Emily read her book all afternoon without the additional bother of trying to stay awake in this terrible heat.

Anyway, what kind of book has no pictures or conversation, you wonder to yourself. All of your books are far more interesting, being crammed full of pictures and conversation, which is just as well,really, as theres never enough room left for boring old words.

Why couldnt Dinah have come with us today, you wonder drowsily to yourself. Shes far more fun than Emily even though shes only a cat. Anyway, Emilys too old and sensible to be any fun.

Why is it, you muse, that cats while away the entire winter sitting by the fire and yet guard their chosen spot of shade with an equal degree of ferocious fanaticism in mid-summer? Strange animals, cats.

My my, we are a little... BRAT. Still, theres nothing amazing going on, lets try and raise hell! We begin on a riverbank, also next to our sister, Emily, who, in the grand traditions of Victorian upbringing, is completely ignoring us. Funny, that. Weve got no obvious goals right now (Although I have a feeling well be seeing a White Rabbit sooner or later) , so we try some things...




Our inventory, items in the room, and the landscape.
90% of it we cannot meaningfully interact with. THOU MUST FOLLOW THE RABBIT.

We cant hit Emily, because were sanctimoniously told: “Now, youll only turn people against you if you do things like that and quite frankly you need all the help you can get.” Okay, Id already figured this wasnt a violent game. Sleeping just acts like waiting, except it says “Zzzzz...” instead of the good old “Time passes.” … Emily wont let us read the book, or take our clothes off for a swim, and, come to think of it... We cant swim. Southwest of us is a lane, Emilys not stopping us from going anywhere, so lets go there...

There is nothing interesting beyond the description and graphics here. Wow, this is pretty empty. Okay, fine, West to the Field.


Almost unique, in that the graphics and text windows can be placed
so as not to interfere with each other.

Again, nothing, because theres a bramble hedge. But, just on a hunch, lets wait... Five actions later, the rabbit appears. The next, hes past us and into the hole.

...Wait, what hole? I get the distinct feeling we arent getting the whole story. I also get the feeling we have timed events going on... Well, sod it, lets follow him... Whereupon we smack our head on the roof of the rabbit hole (Because its dark), get woken up by a beech nut dropping on our head from the tree (Because we were dreaming, didnt you read Wonderland?), and we get treated to a witch-hazel flavoured game over. Confirmed, this game has deaths. Although it does warn us that we shouldnt go any further, so its an avoidable one, in this case.

Lets start again, and this time, lets try the other way. Before we do, however, the map so far. The missing portions are the dark rabbit hole (West), a country lane that not only seems to extend endlessly, it does extend endlessly (South), and a Pear Grove (East).



Okay, fine, this time well go east first. And Ill gif this, because its important to see how big of a spoiler the graphics can sometimes be. If you come into this room in the first turn... Its just pears. But the gif will play once every time you enter the room. Whoops. Either way, theres only one pear-lantern we can get, and we can either pick it up now (And it miraculously turns into a lantern), or we can wait until it changes.


I was incredibly tempted to slap a Spoiler Warning over this image.
On the fifth turn, two things happen at the same time: The rabbit turns up, complaining about how savagely hes going to get treated by the Duchess for being late, and the pears turn into lanterns. We know where the rabbits going, we know what he looks like, so we might as well pick up the pear. Which is a lantern. Which already hurts my brain. And nets us a whole 4 points. Out of what turns out to be...


Part of this statement is a lie.

So theres another thing confirmed: Were playing an old adventure game (with all that implies)... And its using dream rules as well. This... Doesnt bode well. Oh well, time to catch the rabbit!

Entering the rabbit hole, we find that the thing that caused our first game over was... The tunnel tightening up a bit. Also a sharp bend that means we turn south now to follow thaAAAAAHHHHHHhhhhhhhhh...

I fell into a rather long tunnel, with busts, and owls, and windows... All manner of things! I wish I could have saved a screenshot that does it justice, because its actually a long, looping animation, pretty smooth too... But GIF capture has its limits, and every attempt at capturing it has led to failure.

Right, falling past all manner of things, I know this from the Disney movie. I dont remember seeing a marmalade jar mid fall, however, so, just to be safe, I grab it before we fall onto some soft leaves. Better safe than sorry, after all...

So, after the first twenty minutes of playing, saving, loading and writing, weve found ourselves in Wonderland, and... Already theres death. No need for help yet, folks, but before I head off, lets take a look at the hints, and how it impacts our score...

Help → Game → Rabbit Hole

  1. The rabbit hole looks like an interesting place to explore. 
  2. It would help if you could see where you were going. 
  3. A lantern would light the way.

You have used the Help facility 3 times. No score change, and our first puzzle solution can be potentially missed on your first try, or even your second. If youre impetuous.

Alice is carrying a jar, wearing shoes, and a white dress. We have 4 points, and the game is already looking pretty arbitrary, just as I remember! (Things will hurry up from this point on)

Time played: 20 minutes (Would have been 30 if I hadnt played this part before)
Read more »
Posted by at
Labels: , , , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)