Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Satan911

Pages: [1]
1
This is my latest weekend project. It's a Ruby gem that lets you access some stats about your hardware. At the moment you can get the CPU temperature and fan speed. Only works on OS X. The source code is interesting if you wonder how to integrate C code in a Ruby gem.

Github: https://github.com/Chris911/iStats

Screenshots:



2

Imgurr is my first Ruby project. It's a simple command-line utility to quickly upload or delete images from Imgur or get information about an image.


Features:
* Image link copied to clipboard when upload finished.
* Save the delete hash locally so you can delete the image later if needed.
* Get information such as bandwidth and number of views quickly.
* Set the image title and description from the command line.
* Markdown syntax also available.


Install:
Code: [Select]
gem install imgurr

Usage:
Code: [Select]
    imgurr upload image.jpg
    Copied http://i.imgur.com/PLWGJlc.gif to clipboard
   
    imgurr upload image.jpg --markdown
    Copied ![Screenshot](http://i.imgur.com/PLWGJlc.gif) to clipboard
   
    imgurr info 2KxrTAK
        Image ID   : 2KxrTAK
        Views      : 14717
        Bandwidth  : 2.296 GiB
        Title      : None
        Desc       : None
        Animated   : false
        Width      : 960 px
        Height     : 540 px
        Link       : http://i.imgur.com/2KxrTAK.jpg
   
    imgurr delete http://i.imgur.com/2KxrTAK.jpg
    Successfully deleted image from Imgur
   
    ./imgurr --help for more.
   
   
Source Code:[MIT License]
https://github.com/Chris911/imgurr


Contribute:
As I mentioned earlier this is my first Ruby gem and I'm sure I did a lot of things wrong. Check the code and make pull request if you think something should be improved. Also please report any bug on the Github page via issues.
   

3
Hacking and Security / How to Launch a 65Gbps DDoS, and How to Stop One
« on: September 18, 2012, 08:07:50 am »
http://blog.cloudflare.com/65gbps-ddos-no-problem

Good read. Feel a bit ashamed I never heard of the reflection technique.. It is quite interesting.

4
Hey,

I'm doing a perl script and I need to get multiple values from the command line. Example:
Code: [Select]
perl script.pl --arg1 op1 op2 op3
I'm using Getopt::Long and I can get this to work:
Code: [Select]
perl script.pl --arg1 op1 --arg1 op2 --arg1 op3
But I really need (want) the first option.

I checked in their documentation and this is supposed to do what I want:

Code: [Select]
GetOptions('arg1=f{3}' => \@myArray);

http://search.cpan.org/~jv/Getopt-Long-2.38/lib/Getopt/Long.pm#Options_with_multiple_values

But I'm getting this error:
Code: [Select]
Error in option spec: "arg1=f{3}"
Any ideas / solutions?

5
Simple demonstration of inline ASM efficiency
Comparing decryption time in C versus ASM

Introduction

So I was doing a little assignment for school not so long ago. It was a simple exercise to practice inline ASM by translating a C function into ASM. Took a few minutes and I moved on.. Today I was doing something a lot bigger in ASM and was wondering if programming directly in ASM is more efficient performance wise compared to a high level language like C. I decided to use the code I had from that old exercise to make a small demonstration.

The Code

The code is really simple. The program will decrypt a string encrypted using a Caesar cipher with a shift of 4.  So basically to get a 'b' in clear text you'll see 'f' in the encrypted string.

C version: (decrypt_c.c)
Code: [Select]
/*************************************************
 * Author: Satan911
 * Description: Simple demonstration of inline ASM efficiency
 * Date: April 2011
 **************************************************/


#include <stdio.h>

char encrypted_message[25]="Wexer=55$D$Izmp~sri2svk";
char decrypted_message[25];


void decrypt() {
/* decrypted_message[i] = encrypted_message[i] - 4; */
    int i = 0;
    while(encrypted_message[i] != '\0')
    {
      decrypted_message[i] = encrypted_message[i] - 4;
      i++;
    }
}

int main(void) {

    /* To test performance */
    int j = 0;
    while(j < 100000000)
    {
      decrypt();
      j++;
    }

    printf("Encrypted message: \t%s\nDecrypted message: \t%s\n",encrypted_message, decrypted_message);

    return 0;
}

Pastebin (with syntax highlighting): http://pastebin.com/9Up2DrN6

With inline ASM: (decrypt_asm.c) - Might wanna check the Pastebin below for proper indenting
Code: [Select]
/*************************************************
 * Author: Satan911
 * Description: Simple demonstration of inline ASM efficiency
 * Date: April 2011
 **************************************************/

#include <stdio.h>


char encrypted_message[25]="Wexer=55$D$Izmp~sri2svk";
char decrypted_message[25];


void decrypt() {
/* decrypted_message[i] = encrypted_message[i] - 4; */
    asm(
    "xor %ecx, %ecx\n\t"              /* %ecx = 0 (Used as i here) */
    "xor %eax, %eax\n\t"            /* %eax = 0 */
   
    "bouclefor:\n\t"            /*for loop */
    "movb encrypted_message(%ecx), %dl\n\t" /* move encrypted_message[i] in %dl register */
    "cmp %dl, %al\n\t"            /* Compare %dl and %al */
    "je fin\n\t"                /* Jump to fin: if %dl == 0 (end of string) */
    "sub  $4, %dl\n\t"            /* encrypted_message[i] = encrypted_message[i] - 4 */
    "movb %dl, decrypted_message(%ecx)\n\t"    /* decrypted_message[i] = encrypted_message[i] - 4 */
    "incl %ecx\n\t"                /* %ecx += 1 (i++) */
    "jmp bouclefor\n\t"            /* Jump to bouclefor: (while loop in C) */
   
    "fin:\n\t"
    "movb %dl, decrypted_message(%ecx)\n\t" /* This will be used for the last char to move \0 at the end of the string */
    );
}

int main(void) {

    /* To test performance */
    int j = 0;
    while(j < 100000000)
    {
      decrypt();
      j++;
    }

    printf("Encrypted message: \t%s\nDecrypted message: \t%s\n",encrypted_message, decrypted_message);

    return 0;
}

Pastebin (with syntax highlighting): http://pastebin.com/AFAD8AzP

Note: The ASM syntax used here is the AT&T syntax. It works great with GCC and that's also the kind of ASM GCC produces when it compiles a program (Will be used later). Also, the C code could be different but I tried to make it as similar as I could to the ASM code. I think they are pretty identical now.

If you read the code you are probably wondering why I would decrypt() the message 100000000 times. Well it's because this is a really simple decrypting and if you only run it once you won't notice any difference between the C and ASM versions. That's a technique we actually use in software development to check the efficiency of a function over time.

Decryption Time



The time command is used to time a command / program or give resource usage.

So I compiled both versions using the same command and then ran both with time. The results are pretty clear here.. The C version took almost 3x more time to decrypt 100000000 times the message than the ASM version. But why?

I'll try to explain the 'why' a little bit here. First, here's the ASM code generated by GCC for the C version of the program.

# gcc -S -O decrypt_c.c
-S generates the ASM code and -O is for optimized

This is a short version only showing the decrypt() function - See the Pastebin link for the whole code
Code: [Select]
    .file    "decrypt_c.c"
    .text
.globl decrypt
    .type    decrypt, @function
decrypt:
    pushl    %ebp
    movl    %esp, %ebp
    pushl    %ebx
    movzbl    encrypted_message, %edx
    testb    %dl, %dl
    je    .L4
    movl    $0, %eax
    movl    $decrypted_message, %ebx
    movl    $encrypted_message, %ecx
.L3:
    subl    $4, %edx
    movb    %dl, (%ebx,%eax)
    addl    $1, %eax
    movzbl    (%ecx,%eax), %edx
    testb    %dl, %dl
    jne    .L3
.L4:
    popl    %ebx
    popl    %ebp
    ret
    .size    decrypt, .-decrypt
    .section    .rodata.str1.4,"aMS",@progbits,1
    .align 4
.LC0:
    .string    "Encrypted message: \t%s\nDecrypted message: \t%s\n"
    .text
Pastebin: http://pastebin.com/kr9WgnKi

Basically a compiler works this way:
Source code -> ASM code -> Machine code -> Executable

(Of course there are more steps than that but you get the idea)

I won't go through the whole ASM code because it would take a little while but the code generated by GCC (even optimized) is still bigger and a bit more complicated than the code I wrote. Also consider that my ASM code could be even shorter than that but the one you saw is a bit easier to understand.

Conclusion

Even if the compilers we use now are way more efficient than what we had a few years ago, they are still not perfect and a human brain is still more capable of writing short and efficient ASM. Don't get me wrong, there's just no way anyone would code big programs in  ASM just for to save a few seconds.. But this whole thread is just a proof of concept to show that indeed it can be interesting to use inline ASM for some functions like the one I showed you. 

That's about it. If you have any questions I'll try my best to answer. I tried to make this as clear as I could for anyone to read and understand and I hope you enjoyed it.

6
Hacking and Security / Samsung installs keylogger on its laptops
« on: March 31, 2011, 02:57:42 am »
A user discovered a keylogger pre-installed on two brand-new Samsung laptops that the company admitted was there to "monitor the performance of the machine and to find out how it is being used."

[...]

http://www.networkworld.com/community/blog/samsung-installs-keylogger-its-laptops

7
Hacking and Security / MySQL.com hacked via... SQL injection vuln
« on: March 28, 2011, 08:48:57 pm »
MySQL.com was hacked over the weekend via an attack which used a blind SQL injection exploit to pull off the pawnage.
Hackers extracted usernames and password hashes from the site, which were subsequently posted to pastebin.com. Any easy to guess login credentials could be easily extracted from this data using rainbow tables to match dictionary passwords to their hash values.

[...]

Article: http://www.theregister.co.uk/2011/03/28/mysql_hack/

8
General Galactica / General Galactica Guidelines
« on: March 27, 2011, 08:12:09 pm »
General Galactica :: Rules

1) You must use great grammar in this board.
Avoid using 'txt speech' and broken English consisting of u and ur, for example.

2) Do not flame or attack other users.
You are welcome to disagree with the points raised by other forum members. However, we will not tolerate anyone attacking the beliefs or ideas or intellect of another member. Everybody has a right to use this forum.

3) Check your content.

We will not tolerate fake articles or fake info posting. If you are posting stats please link to your source.

4) Try to not duplicate threads.
Use the search function before starting a new debate.

5) No "this" or "that" posts.
1 or 2 words posts won't be tolerated here. Remember that this specific board is for serious discussions and you MUST elaborate.

If you fail to respect any of these rules we will remove your access to this board or ban you from the entire forum. By posting in this board you are agreeing to these rules.

9
Hacking and Security / vbSEO – From XSS to Reverse PHP Shell
« on: January 31, 2011, 07:56:53 pm »
Author: MaXe from intern0t.net

Enjoy this great article!

http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/

10
inj3ct0r was rooted.
The hackers got shells on the other boxes.
They claim ettercap has been backdoored for a while now.

Here's the zine: http://www.exploit-db.com/papers/15823
Released on christmas day.

11
Tutorials / IRC lecture - Rootkits
« on: December 17, 2010, 12:05:24 am »
Subject: Rootkits

Who: Polynomial

When: December 17th 2010
Time: 15:00 GMT - 9:00AM EST

Where: IRC
Server: irc.evilzone.org (6697 for SSL)
Channel: #xrlecture

More info:
I'll be covering the basics model of Windows' privilege ring system, memory protection, stealth methodology, IAT hooks in user mode and DKOM / SSDT hooks in kernel mode. Some programming knowledge will be necessary to follow a lot of it. If you know C, you'll be fine. If you know another C-style language (C++, C#, Java, PHP, etc) you should be ok. If you can code but don't know any C-style languages, go learn one! It's going to be a very interesting talk and it encompasses everything from systems security to undocumented Windows internals.

12
Hacking and Security / OpenBSD IPSEC Backdoored (Allegations)
« on: December 15, 2010, 05:24:18 am »
Theo de Raadt has received a mail stating that the IPSEC stack in OpenBSD may have been backdoored since the year 2000 thanks to the FBI.

Allegations emails: http://marc.info/?m=129236621626462&l=openbsd-tech&w=2

Alternative link: http://packetstormsecurity.org/files/view/96712/openbsd-backdoored.txt

If this is true, I think this is something we should worry about. Open source projects are the reason why there are still thousands of awesome apps on the Internet that are completely free.. and now the Feds might be using them to backdoor computers? I won't go further into this because these are still allegations but I think this is something we should discuss.

Discuss this post on IRC or on the right here.

13
Feedback / What would you like to see?
« on: November 24, 2010, 10:46:23 pm »
Yes, this is a cliché thread but I think we need it.

Evilzone has been through a lot of modifications this past year (For those who were there in 2009 try to remember how it was in November last year) and during that time we tried to re-open forums a few times. More than ever we want the community to get involved with the decisions we take about the new board and the IRC.

So, what would you like to see on the boards and IRC? Go ahead and suggest anything you want! Features, ideas, concepts, etc.. Of course we probably won't be able to make everything come true but we'll try our best.

Please go ahead and shoot ideas.. and don't complain about missing features if you didn't take the time to suggest it first.

Pages: [1]


Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Bluechill or Kulverstukas on the forum or at IRC.