tag:blogger.com,1999:blog-66351660410873976372024-03-05T09:47:41.063-08:00Malware research and developmentShield against threats !Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.comBlogger23125tag:blogger.com,1999:blog-6635166041087397637.post-72719340878524626142010-02-03T22:33:00.000-08:002010-02-03T22:49:55.035-08:00Debian APT issue, how to resolve it ...Today when I had some work on my Debian Box, I've been encountered to an almost unknown issue .<br />There's an issue in APT package manager which is typically origins from /etc/fstab configuration file, it's almost sikt for such a big project like debian !<br />well, whenever you want to use your source lists, whether cdrom or http sources, there's an issue that would be nasty to you.<br />the prompt is always show you to add /cdrom .<br />well, in this point I've seen the /etc/fstab configuration file which has the following content:<br /><br /><blockquote># /etc/fstab: static file system information.<br />#<br /># <file system> <mount point> <type> <options> <dump> <pass><br />proc /proc proc defaults 0 0<br />/dev/mapper/dhcppc0-root / ext3 errors=remount-ro 0 1<br />/dev/sda1 /boot ext2 defaults 0 2<br />/dev/mapper/dhcppc0-home /home ext3 defaults 0 2<br />/dev/mapper/dhcppc0-tmp /tmp ext3 defaults 0 2<br />/dev/mapper/dhcppc0-usr /usr ext3 defaults 0 2<br />/dev/mapper/dhcppc0-var /var ext3 defaults 0 2<br />/dev/mapper/dhcppc0-swap_1 none swap sw 0 0<br />/dev/scd0 /media/cdrom0 udf,iso9660 user,noauto 0 0<br />/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0</blockquote><br /><br />from this point of view I realized that the cdrom mount point would be at <span style="font-weight:bold;">/dev/scd0</span>, then I issued the umount /dev/scd0 ... with no success .<br />after that time I issued the mount command :<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://kimag.es/share/59661569.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 300px; height: 170px;" src="http://kimag.es/share/59661569.png" border="0" alt="" /></a><br />well, with this command I found the mounting point in the last, for the most effective part I've been used these commands :<br /><br /><span style="font-weight:bold;">umount /dev/hdb<br />mount /dev/hdb /media/cdrom</span><br />with these two commands APT will realize that the mount point is the /cdrom/ and do not prompt you at the time , this is because debian will mount the cdrom at /media/[LABLE OF THE CD] .<br />I don't know how this problem is solved permanently but I think it should be an update for debian.<br /><br />goodluck<br /><br />- GeniusGeniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-84324336946956650412010-01-22T12:54:00.000-08:002010-01-24T00:14:28.698-08:002 important privilege vulnerabilities !While surfing through new vulnerabilities I saw two important privilege escalation vulnerabilities, fist in the windows (even 7) user mode to ring0 escalation vulnerability, while other security advisory is about Panda security privilege escalation vulnerability .<br />well, I'll refer them to the security reason.<br /><br /><span style="font-weight:bold;">Microsoft Windows 7 and prior user mode to ring 0 escalation</span><br /><br />"<span style="font-style:italic;">Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack<br />-------------------------------------------------------------------------<br /><br />CVE-2010-0232<br /><br /><blockquote>In order to support BIOS service routines in legacy 16bit applications,<br />the<br />Windows NT Kernel supports the concept of BIOS calls in the Virtual-8086<br />mode<br />monitor code. These are implemented in two stages, the kernel transitions<br />to<br />the second stage when the #GP trap handler (nt!KiTrap0D) detects that the<br />faulting cs:eip matches specific magic values.<br /></blockquote><br />Transitioning to the second stage involves restoring execution context and<br />call stack (which had been previously saved) from the faulting trap frame<br />once<br />authenticity has been verified.<br /><br />This verification relies on the following incorrect assumptions:<br /><br />- Setting up a VDM context requires SeTcbPrivilege.<br />- ring3 code cannot install arbitrary code segment selectors.<br />- ring3 code cannot forge a trap frame.<br /><br />This is believed to affect every release of the Windows NT kernel, from<br />Windows NT 3.1 (1993) up to and including Windows 7 (2009).<br /><br />Working out the details of the attack is left as an exercise for the<br />reader.<br /><br />Just kidding, that was an homage to Derek Soeder :-)<br /><br />- Assumption 0: Setting up a VDM context requires SeTcbPrivilege.<br /><br />Creating a VDM context requires EPROCESS->Flags.VdmAllowed to be set in<br />order<br />to access the authenticated system service, NtVdmControl(). VdmAllowed can<br />only be set using NtSetInformationProcess(), which verifies the caller has<br />SeTcbPrivilege. If this is true, the caller is very privileged and can<br />certainly be trusted.<br /><br />This restriction can be subverted by requesting the NTVDM subsystem, and<br />then<br />using CreateRemoteThread() to execute in the context of the subsystem<br />process,<br />which will already have this flag set.<br /><br />- Assumption 1: ring3 code cannot install arbitrary code segment<br />selectors.<br /><br />Cpl is usually equal to the two least significant bits of cs and ss, and<br />is<br />a simple way to calculate the privilege of a task. However, there is an<br />exception, Virtual-8086 mode.<br /><br />Real mode uses a segmented addressing scheme in order to allow 16-bit<br />addresses to access the 20-bit address space. This is achieved by forming<br />physical addresses from a calculation like (cs << 4) + (eip &<br />0xffff). The<br />same calculation is used to map the segmented real address space onto the<br />protected linear address space in Virtual-8086 mode. Therefore, I must be<br />permitted to set cs to any value, and checks for disallowed or privileged<br />selectors can be bypassed (PsSetLdtEnties will reject any selector where<br />any<br />of the three lower bits are unset, as is the case with the required cs<br />pair).<br /><br />- Assumption 2: ring3 code cannot forge a trap frame.<br /><br />Returning to usermode with iret is a complicated operation, the pseudocode<br />for<br />the iret instruction alone spans several pages of Intel's Software<br />Developers<br />Manual. The operation occurs in two stages, a pre-commit stage and a<br />post-commit stage. Using the VdmContext installed using NtVdmControl(), an<br />invalid context can be created that causes iret to fail pre-commit, thus<br />forging a trap frame.<br /><br />The final requirement involves predicting the address of the second-stage<br />BIOS<br />call handler. The address is static in Windows 2003, XP and earlier<br />operating<br />systems, however, Microsoft introduced kernel base randomisation in<br />Windows<br />Vista. Unfortunately, this potentially useful exploit mitigation is<br />trivial<br />to defeat locally as unprivileged users can simply query the loaded module<br />list<br />via NtQuerySystemInformation().<br /><br />--------------------<br />Affected Software<br />------------------------<br /><br />All 32bit x86 versions of Windows NT released since 27-Jul-1993 are<br />believed to<br />be affected, including but not limited to the following actively supported<br />versions:<br /><br />- Windows 2000<br />- Windows XP<br />- Windows Server 2003<br />- Windows Vista<br />- Windows Server 2008<br />- Windows 7<br /><br />--------------------<br />Consequences<br />-----------------------<br /><br />Upon successful exploitation, the kernel stack is switched to an attacker<br />specified address.<br /><br />An attacker would trigger the vulnerability by setting up a specially<br />formed VDM_TIB in their TEB, using a code sequence like this:<br /><br />/* ... */<br />// Magic CS required for exploitation<br />Tib.VdmContext.SegCs = 0x0B;<br />// Pointer to fake kernel stack<br />Tib.VdmContext.Esi = &KernelStack;<br />// Magic IP required for exploitation<br />Tib.VdmContext.Eip = Ki386BiosCallReturnAddress;<br /><br />NtCurrentTeb()->Reserved4[0] = &Tib;<br />/* ... */<br /><br />Followed by<br /><br />/* ... */<br />NtVdmControl(VdmStartExecution, NULL);<br />/* ... */<br /><br />Which will reach the following code sequence via the #GP trap handler,<br />nt!KiTrap0D. Please note how the stack pointer is restored from the saved<br />(untrusted) trap frame at 43C3E6, undoubtedly resulting in the condition<br />described above.<br /><br />/* ... */<br />.text:0043C3CE Ki386BiosCallReturnAddress proc near<br />.text:0043C3CE mov eax, large fs:KPCR.SelfPcr<br />.text:0043C3D4 mov edi, [ebp+KTRAP_FRAME.Esi]<br />.text:0043C3D7 mov edi, [edi]<br />.text:0043C3D9 mov esi, [eax+KPCR.NtTib.StackBase]<br />.text:0043C3DC mov ecx, 84h<br />.text:0043C3E1 mov [eax+KPCR.NtTib.StackBase], edi<br />.text:0043C3E4 rep movsd<br />.text:0043C3E6 mov esp, [ebp+KTRAP_FRAME.Esi]<br />.text:0043C3E9 add esp, 4<br />.text:0043C3EC mov ecx, [eax+KPCR.PrcbData.CurrentThread]<br />.text:0043C3F2 mov [ecx+KTHREAD.InitialStack], edi<br />.text:0043C3F5 mov eax, [eax+KPCR.TSS]<br />.text:0043C3F8 sub edi, 220h<br />.text:0043C3FE mov [eax+KTSS.Esp0], edi<br />.text:0043C401 pop edx<br />.text:0043C402 mov [ecx+KTHREAD.Teb], edx<br />.text:0043C405 pop edx<br />.text:0043C406 mov large fs:KPCR.NtTib.Self, edx<br />.text:0043C40D mov ebx, large fs:KPCR.GDT<br />.text:0043C414 mov [ebx+3Ah], dx<br />.text:0043C418 shr edx, 10h<br />.text:0043C41B mov byte ptr [ebx+3Ch], dl<br />.text:0043C41E mov [ebx+3Fh], dh<br />.text:0043C421 sti<br />.text:0043C422 pop edi<br />.text:0043C423 pop esi<br />.text:0043C424 pop ebx<br />.text:0043C425 pop ebp<br />.text:0043C426 retn 4<br />/* ... */<br /><br />Possibly naive example code for triggering this condition is availble from<br />the<br />link below.<br /><br />http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip<br /><br />The code has been tested on Windows XP, Windows Server 2003/2008, Windows<br />Vista<br />and Windows 7. Support for other affected operating systems is left as an<br />exercise for the interested reader.<br /><br />-------------------<br />Mitigation<br />-----------------------<br /><br />If you believe you may be affected, you should consider applying the<br />workaround<br />described below.<br /><br />Temporarily disabling the MSDOS and WOWEXEC subsystems will prevent the<br />attack<br />from functioning, as without a process with VdmAllowed, it is not possible<br />to<br />access NtVdmControl() (without SeTcbPrivilege, of course).<br /><br />The policy template "Windows ComponentsApplication<br />CompatibilityPrevent<br />access to 16-bit applications" may be used within the group policy<br />editor to<br />prevent unprivileged users from executing 16-bit applications. I'm<br />informed<br />this is an officially supported machine configuration.<br /><br />Administrators unfamiliar with group policy may find the videos below<br />instructive. Further information is available from the Windows Server<br />Group Policy Home<br /><br />http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx.<br /><br />To watch a demonstration of this policy being applied to a Windows Server<br />2003<br />domain controller, see the link below.<br /><br />http://www.youtube.com/watch?v=XRVI4iQ2Nug<br /><br />To watch a demonstration of this policy being applied to a Windows Server<br />2008<br />domain controller, see the link below.<br /><br />http://www.youtube.com/watch?v=u8pfXW7crEQ<br /><br />To watch a demonstration of this policy being applied to a shared but<br />unjoined Windows XP Professional machine, see the link below.<br /><br />http://www.youtube.com/watch?v=u7Y6d-BVwxk<br /><br />On Windows NT4, the following knowledgebase article explains how to disable<br />the<br />NTVDM and WOWEXEC subsystems.<br /><br />http://support.microsoft.com/kb/220159<br /><br />Applying these configuration changes will temporarily prevent users from<br />accessing legacy 16-bit MS-DOS and Windows 3.1 applications, however, few<br />users<br />require this functionality.<br /><br />If you do not require this feature and depend on NT security, consider<br />permanently disabling it in order to reduce kernel attack surface.<br /><br />-------------------<br />Solution<br />-----------------------<br /><br />Microsoft was informed about this vulnerability on 12-Jun-2009, and they<br />confirmed receipt of my report on 22-Jun-2009.<br /><br />Regrettably, no official patch is currently available. As an effective and<br />easy<br />to deploy workaround is available, I have concluded that it is in the best<br />interest of users to go ahead with the publication of this document without<br />an<br />official patch. It should be noted that very few users rely on NT security,<br />the<br />primary audience of this advisory is expected to be domain administrators<br />and<br />security professionals.<br /><br />-------------------<br />Credit<br />-----------------------<br /><br />This bug was discovered by Tavis Ormandy.<br /><br />-------------------<br />Greetz<br />-----------------------<br /><br />Greetz to Julien, Neel, Redpig, Lcamtuf, Spoonm, Skylined, asiraP,<br />LiquidK,<br />ScaryBeasts, spender and all my other elite colleagues.<br /><br />Check out some photography while at ring0 @ http://flickr.com/meder.<br /><br />-------------------<br />References<br />-----------------------<br /><br />Derek Soeder has previously reported some legendary NT bugs, including<br />multiple<br />vdm bugs that, while unrelated to this issue, make fascinating reading.<br /><br />- http://seclists.org/fulldisclosure/2004/Oct/404, Windows VDM #UD<br />LocalPrivilege Escalation<br />- http://seclists.org/fulldisclosure/2004/Apr/477, Windows VDM TIB Local<br />Privilege Escalation<br />- http://seclists.org/fulldisclosure/2007/Apr/357, Zero Page Race Condition<br />Privilege Escalation</span> "<br /><br /><span style="font-weight:bold;">Panda Security local privilege escalation vulnerability</span><br /><br />"<span style="font-style:italic;">security Advisory NSOADV-2010-001 (Version 2)<br />______________________________________________<br />______________________________________________<br /><br /><br />Title: Panda Security Local Privilege Escalation<br />Severity: Medium<br />Advisory ID: NSOADV-2010-001<br />Found Date: 02.2008<br />Date Reported: 30.11.2009<br />Release Date: 09.01.2010<br />Update Date: 20.01.2010<br />Author: Nikolas Sotiriu (lofi)<br />Website: http://sotiriu.de<br />Mail: nso-research at sotiriu.de<br />URL: http://sotiriu.de/adv/NSOADV-2010-001.txt<br />Vendor: Panda Security (http://www.pandasecurity.com/)<br />Affected Products: (Self tested)<br />-Panda Security for Business 4.04.10<br />-Panda Security for Business with Exchange<br />4.04.10<br />-Panda Security for Enterprise 4.04.10<br />-Panda Internet Security 2010 (15.01.00)<br />-Panda Global Protection 2010 (3.01.00)<br />-Panda Antivirus Pro 2010 (9.01.00)<br />-Panda Antivirus for Netbooks (9.01.00)<br /><br />(Provided by Panda)<br />-Panda Global Protection 2009<br />-Panda Internet Security 2009<br />-Panda Antivirus Pro 2009<br />-Panda Internet Security 2008<br />-Panda Antivirus + Firewall 2008<br />-Panda Platinum 2007 Internet Security<br />-Panda Platinum 2006 Internet Security<br /><br />Affected Component: Corporate Products:<br />-Panda Security for Desktops 4.05.10<br />-Panda Security for File Servers 8.04.10<br /><br />Remote Exploitable: No<br />Local Exploitable: Yes<br />Patch Status: Vendor released a patch (See Solution)<br />Discovered by: Nikolas Sotiriu<br />Disclosure Policy: http://sotiriu.de/policy.html<br />Thanks to: Thierry Zoller: For the permission to use his<br />Policy<br /><br /><br /><br />Background:<br />===========<br /><br />Panda Security for <Product> is the security solution for companies<br />that<br />need to protect their networks, mainly workstations and file servers.<br />Panda Security for Business is centrally managed thanks to the<br />AdminSecure Console, which allows monitoring the entire network,<br />protecting your critical assets against all types of threats and<br />optimizing productivity.<br /><br />(Product description from Panda Website)<br /><br />This vulnerability is similar to the following vulnerabilities in Panda<br />products, which where discovered earlier:<br /><br />Sep 07 2006 3APA3A: http://www.securityfocus.com/bid/19891<br />Aug 02 2007 tarkus: http://www.securityfocus.com/bid/25186<br />Oct 31 2009 Protek: http://www.securityfocus.com/archive/1/507615<br />Nov 02 2009 Maxim: http://www.securityfocus.com/bid/36897<br /><br />The earlier reported vulnerabilities only affected the Home user<br />products. But the business products had the same bug.<br /><br />More interesting is, that Panda failed since 2006 each year by<br />releasing the new version with the same old bug.<br /><br /><br /><br />Description:<br />============<br /><br />1. 32Bit Version of Panda Security for Desktops/File Servers<br />+-----------------------------------------------------------<br /><br />During installation of Panda Security for Desktops/File Servers the<br />permissions for installation folder<br /><br />%ProgramFiles%Panda SoftwareAVTC<br /><br />by default are set to Everyone:Full Control. Few services<br />(e.g. PAVSRV51.EXE) are started from this folder. Services are started<br />under LocalSystem account.<br /><br />The 32bit Version of Panda Security for Desktops/File Servers<br />installs the TruePrevent package by default, which protects the files<br />in the installation directory from manipulation.<br /><br />If the TruePrevent Service (Panda TPSrv) is not running the files are<br />completely unprotected.<br /><br />A normal user is not able to stop the service, but normally he can boot<br />his workstation in SafeBoot mode, in which the TPSrv is not started and<br />all services files can be manipulated.<br /><br />This can be exploited by:<br /><br />a. Boot the PC in SafeBoot mode, by pressing F8 during the boot<br />process<br />b. Rename PAVSRV51.exe to PAVSRV51.old in Panda folder<br />c. Copy any application to PAVSRV51.exe<br />d. Reboot<br /><br />Upon reboot trojaned application will be executed with LocalSystem<br />account.<br /><br />Executable started as services:<br />+------------------------------<br />%ProgramFiles%PANDA SOFTWAREAVTCPSKMsSvc.exe (Desktop only)<br />%ProgramFiles%PANDA SOFTWAREAVTCPavSrv51.exe<br />%ProgramFiles%PANDA SOFTWAREAVTCPavFnSvr.exe<br />%ProgramFiles%PANDA SOFTWAREAVTCPSHost.exe<br />%ProgramFiles%PANDA SOFTWAREAVTCPsImSvc.exe<br />%ProgramFiles%PANDA SOFTWAREAVTCPsCtrlS.exe<br />%ProgramFiles%PANDA SOFTWAREAVTCTPSrv.exe<br /><br /><br />2. 64Bit Version of Panda Security for Desktops/File Servers<br />+-----------------------------------------------------------<br /><br />During installation of Panda Security for Desktops/File Servers the<br />permissions for installation folder<br /><br />%ProgramFiles%Panda SoftwareAVTC<br /><br />by default are set to Everyone:Full Control. Few services<br />(e.g. PavSrvx86.EXE) are started from this folder. Services are started<br />under LocalSystem account.<br /><br />In the 64bit Version of Panda Security for Desktops/File Servers is no<br />TruePrevent package available, which protects the files in the<br />installation directory from manipulation.<br /><br />There is no protection of service files. It's possible for unprivileged<br />user to replace service executable with the file of his choice to get<br />full access with LocalSystem privileges.<br /><br />This can be exploited by:<br /><br />a. Rename PavSrvX86.exe to PavSrvX86.old in Panda folder<br />b. Copy any application to PavSrvX86.exe<br />c. Reboot<br /><br />Upon reboot trojaned application will be executed with LocalSystem<br />account.<br /><br />Executable started as services:<br />+------------------------------<br />C:Program Files (x86)PANDA SOFTWAREAVNTPavSrvX86.exe<br />C:Program Files (x86)PANDA SOFTWAREAVNTPsImSvc.exe<br />C:Program Files (x86)PANDA SOFTWAREAVNTPskSvc.exe<br />C:Program Files (x86)PANDA SOFTWAREAVNTPsCtrlS.exe<br /><br /><br />3. Panda Internet Security/Global Protection/Antivirus Pro 20XX<br />+-----------------------------------------------------------------------<br /><br />During installation of the Panda Security 20XX Products the<br />permissions for installation folder<br /><br />%ProgramFiles%panda securitypanda <product><br /><br />by default are set to Everyone:Full Control. Few services<br />(e.g. PAVSRV51.EXE) are started from this folder. Services are started<br />under LocalSystem account.<br /><br />This products installs the TruePrevent package by default, which<br />protects the files in the installation directory from manipulation.<br /><br />If the TruePrevent Service (Panda TPSrv) is not running the files are<br />completely unprotected.<br /><br />A normal user is not able to stop the service, but normally he can boot<br />his workstation in SafeBoot mode, in which the TPSrv is not started and<br />all services files can be manipulated.<br /><br />This can be exploited by:<br /><br />a. Boot the PC in SafeBoot mode, by pressing F8 during the boot<br />process<br />b. Rename PAVSRV51.exe to PAVSRV51.old in Panda folder<br />c. Copy any application to PAVSRV51.exe<br />d. Reboot<br /><br />Upon reboot trojaned application will be executed with LocalSystem<br />account.<br /><br />Executable started as services:<br />+------------------------------<br />%ProgramFiles%panda securitypanda <product>firewallPSHOST.EXE<br />%ProgramFiles%Panda SecurityPanda <product>PavFnSvr.exe<br />%ProgramFiles%Panda SecurityPanda <product>PsImSvc.exe<br />%ProgramFiles%Panda SecurityPanda <product>pavsrv51.exe<br />%ProgramFiles%Panda SecurityPanda <product>PskSvc.exe<br />%ProgramFiles%Panda SecurityPanda <product>PsCtrls.exe<br />%ProgramFiles%Panda SecurityPanda <product>TPSrv.exe<br /><br /><br />4. Panda Antivirus for Netbooks<br />+------------------------------<br /><br />During installation of the Panda Antivirus for Netbooks the<br />permissions for installation folder<br /><br />%ProgramFiles%panda securityPanda Antivirus for Netbooks<br /><br />by default are set to Everyone:Full Control. Few services<br />(e.g. PAVSRV51.EXE) are started from this folder. Services are started<br />under LocalSystem account.<br /><br />This product installs the TruePrevent package by default, which protects<br />the files in the installation directory from manipulation.<br /><br />If the TruePrevent Service (Panda TPSrv) is not running the files are<br />completely unprotected.<br /><br />A normal user is not able to stop the service, but normally he can boot<br />his workstation in SafeBoot mode, in which the TPSrv is not started and<br />all services files can be manipulated.<br /><br />This can be exploited by:<br /><br />a. Boot the PC in SafeBoot mode, by pressing F8 during the boot<br />process<br />b. Rename PAVSRV51.exe to PAVSRV51.old in Panda folder<br />c. Copy any application to PAVSRV51.exe<br />d. Reboot<br /><br />Upon reboot trojaned application will be executed with LocalSystem<br />account.<br /><br />This product was not patched like the other 2010 products, so the<br />the following vulnerability already exists:<br /><br />http://www.securityfocus.com/bid/36897<br /><br />TruePrevent bypass: It can be bypassed using "Open" dialog in<br />"Quarantine" -> Add file" functionality.<br /><br />Executable started as services:<br />+------------------------------<br />%ProgramFiles%Panda SecurityPanda Antivirus for NetbooksPavFnSvr.exe<br />%ProgramFiles%Panda SecurityPanda Antivirus for NetbooksPsImSvc.exe<br />%ProgramFiles%Panda SecurityPanda Antivirus for Netbookspavsrv51.exe<br />%ProgramFiles%Panda SecurityPanda Antivirus for NetbooksPskSvc.exe<br />%ProgramFiles%Panda SecurityPanda Antivirus for NetbooksPsCtrls.exe<br />%ProgramFiles%Panda SecurityPanda Antivirus for NetbooksTPSrv.exe<br /><br /><br /><br />Proof of Concept :<br />==================<br /><br />#include <windows.h><br />#include <stdio.h><br /><br />INT main( VOID )<br />{<br />CHAR szWinDir[ _MAX_PATH ];<br />CHAR szCmdLine[ _MAX_PATH ];<br /><br />GetEnvironmentVariable( "WINDIR", szWinDir, _MAX_PATH );<br /><br />printf( "Creating user "owner" with password<br />"PandaOWner123"...n" );<br /><br />wsprintf( szCmdLine, "%s\system32\net.exe user owner PandaOWner123<br />/add", szWinDir );<br /><br />system( szCmdLine );<br /><br />printf( "Adding user "owner" to the local Administrators<br />group...n" );<br /><br />wsprintf( szCmdLine, "%s\system32\net.exe localgroup Administrators<br />owner /add", szWinDir );<br /><br />system( szCmdLine );<br /><br />return 0;<br />}<br /><br /><br /><br />Solution:<br />=========<br /><br />Home User Products:<br />+------------------<br /><br />Panda Advisory<br />http://www.pandasecurity.com/homeusers/support/card?id=80173&idIdioma=2<br /><br /><br />Panda Global Protection 2010 Hotfix<br />http://www.pandasecurity.com/resources/sop/PGP10/hfgp30906s22_r4.exe<br /><br />Panda Internet Security 2010 Hotfix<br />http://www.pandasecurity.com/resources/sop/PIS10/hfp150906s25_r1.exe<br /><br />Panda Antivirus Pro 2010 Hotfix<br />http://www.pandasecurity.com/resources/sop/PAVPro10/hft90906s21_r1.exe<br /><br /><br />Business Products:<br />+-----------------<br /><br />Panda Advisory<br />http://www.pandasecurity.com/enterprise/support/card?id=40061&idIdioma=<br />2<br /><br />32Bit Version of Panda Security for Desktops/File Servers Hotfix<br />http://www.pandasecurity.com/resources/sop/AS0404/CSS_x86_SecurityFix.exe<br /><br />64Bit Version of Panda Security for Desktops/File Servers Hotfix<br />http://www.pandasecurity.com/resources/sop/AS0404/CSS_x64_SecurityFix.exe</span>"Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-5026096646184897822010-01-18T13:51:00.000-08:002010-01-18T13:52:39.984-08:00How atrivo and Co.. System works ...<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://hostexploit.com/images/stories/exploitationmap.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 630px; height: 456px;" src="http://hostexploit.com/images/stories/exploitationmap.jpg" border="0" alt="" /></a>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-48334699710148571982010-01-17T14:34:00.000-08:002010-01-17T14:58:28.072-08:00Unwelcome Attack from Maskan-BankUnfortunately, the (in)secure iranian government and criticial websites are still highly vulnerablle to malware attacks .<br />I'm not still sure about this one, 'cuze of the time I've been spended.<br />it's a link to the maskan-bank, you can click <a href="http://www.bank-maskan.ir/HomePage.aspx?site=DouranPortal&lang=fa-IR&tabid=4620">here</a> to see what I mean .<br />you would like to do such a thing like calculation of something related to your payment.<br />well, it's really <a href="http://bank-maskan.asia/_douranportal/jsforms/sepordeh1.htm">this</a> one and when you go to the above link in fact you're talking to this <a href="http://bank-maskan.asia/_douranportal/jsforms/sepordeh1.htm">link</a> .<br />well, you maybe heared about the some dangerous attacks from various places which is known to the people which is affected before this report .<br />some website / pages and other web based places is vulnerable to known web application attacks such as Xss (Cross site scripting) and SQL Injection (the most known vulnerability) .<br />iFrame pages, is a well-known javaScript pages which can load a whole page in a little piece of page .<br />as you may expect, yes, it's exactly what I want to say, another malicious pages can be loaded into your vulnerable website pages, consider your website PHP pages maybe vulnerable to SQL Injection attacks, if there's an automated tool which scans for malicious pages and affect them then it's possible to infect other web pages .<br />so, Is there any kind of web based worms which can do such a thing?<br />the answer is yes, nowadays this attack is common and can affect any page even secure web pages !<br />well, when you go to the link and want do some calculations, then you will be redirected to a page which is malicious .<br />there's various kinds of malwares which can affect the Client browser, exploits / viruses are just a few of them and it seems this one is a web based virus .<br />well finally all the attacks are from <a href="http://b.rtbn2.cn/E/J.JS">this</a> jScript page.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://kimag.es/share/83229504.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 1045px; height: 342px;" src="http://kimag.es/share/83229504.jpg" border="0" alt="" /></a><br /><br />further analysis will be post here as soon as possible about this attack .<br /><br />any feedback !?<br /><br />__Genius__Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-27568262619239664782010-01-15T02:04:00.000-08:002010-01-15T02:08:32.522-08:00Back-Track 4.0 final releaseNow it's time to announce the final release of backTrack 4.0 linux, a distro for penetration testers and hackers .<br />The primary change of this release is the base of the os, olden releases of this distro was based on slax and now it's a debian based .<br />for more information and download you can follow <a href="http://www.backtrack-linux.org/downloads/">this</a> link .Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-47439412696134739822009-12-15T03:44:00.000-08:002009-12-15T03:47:47.454-08:00PostgreSQL 8.4.2, 8.3.9, 8.2.15, 8.1.19, 8.0.23 and 7.4.27 have security fixes ....<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://images.inc.com/inctechnology/security/20080428_feature.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 234px; height: 153px;" src="http://images.inc.com/inctechnology/security/20080428_feature.jpg" alt="" border="0" /></a><br /><span style="font-family:courier new;"><br />There's some available security patches for the postGreSQL versions : 8.4.2, 8.3.9, 8.2.15, 8.1.19, 8.0.23 and 7.4.27 .</span> <span style="font-family:courier new;">These updates are available through </span><a style="font-family: courier new;" href="http://www.postgresql.org/docs/current/static/release.html">this link</a><span style="font-family:courier new;">, check and update .</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-77915681536912605132009-09-30T23:32:00.001-07:002009-09-30T23:32:57.720-07:00The Perfect Antivirus!<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://research.pandasecurity.com/blogs/images/cartoon/antivirus.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 534px; height: 400px;" src="http://research.pandasecurity.com/blogs/images/cartoon/antivirus.jpg" alt="" border="0" /></a>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com1tag:blogger.com,1999:blog-6635166041087397637.post-25917551690329481222009-09-19T13:18:00.000-07:002009-09-19T13:28:28.998-07:00Third book of Rootkits<span style="font-family:courier new;">If you are one of the guys who is interested in Rootkits ( Dark Guys ;) )(I have insanity about rootkits) like me , then you love and know eveything about them, </span> <span style="font-family:courier new;">remember the old days that the book rootkits : subverting the windows kernel was published by Greg huglond and James Butler, and the second book on rootkits was Professional rootkits from wrox press (great publisher) and now the third publication on Rootkit subject is the rootkit arsenal.</span> <span style="font-family:courier new;">I didn't see it and don't reading this till now, but tonight, I saw this great book that Open-RCE guys announced, and I've been prepared for downloading .</span> <span style="font-family:courier new;">here's the properties, check it out, and put your feedback here .</span><br /><br /><br /><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://nagareshwar.securityxploded.com/images/bookofthemonth_aug2009_rootktit_arsenal.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 350px; height: 450px;" src="http://nagareshwar.securityxploded.com/images/bookofthemonth_aug2009_rootktit_arsenal.jpg" alt="" border="0" /></a><br /><br /><div style="text-align: left;"><span style="font-family: courier new;font-size:85%;" >and the table of contents :</span><br /><br /><span style="font-size: x-small; font-family: Verdana,Helvetica,sans-serif;"><span style="color: rgb(255, 0, 0);">Part 1 Foundations</span><br />Chapter 1 Setting the Stage<br />Chapter 2 Into the Catacombs: IA-32<br />Chapter 3 Windows System Architecture<br />Chapter 4 Rootkit Basics<br /><span style="color: rgb(255, 0, 0);">Part 2 System Modification</span><br />Chapter 5 Hooking Call Tables<br />Chapter 6 Patching System Routines<br />Chapter 7 Altering Kernel Objects<br />Chapter 8 Deploying Filter Drivers<br /><span style="color: rgb(255, 0, 0);">Part 3 Anti-Forensics</span><br />Chapter 9 Defeating Live Response<br />Chapter 10 Defeating File System Analysis<br />Chapter 11 Defeating Network Analysis<br />Chapter 12 Countermeasure Summary<br /><span style="color: rgb(255, 0, 0);">Part 4 End Material</span><br />Chapter 13 The Tao of Rootkits<br />Chapter 14 Closing Thoughts </span><br /><br /><span style="font-family: courier new;">then a good announcement is you can download this great book as ebook ;)</span><br /><a style="font-family: courier new;" href="http://rapidshare.com/files/277943710/1598220616.rar.html">here's</a><span style="font-family: courier new;"> the download link .</span><br /></div></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com1tag:blogger.com,1999:blog-6635166041087397637.post-69906400592054430762009-09-12T16:25:00.000-07:002009-09-12T16:31:20.503-07:00Reverse me #1<span style="font-family: courier new;">Hey there, here's I've been written a simple / simple / simple program, you must reverse it, it will show you a simple message box and say : Win32 Assembly is great !.</span><br /><span style="font-family: courier new;">It has just one button , "Ok", you must reverse this program and patch it for showing another button "cancel" after the patch process you must upload the patched file here, and the file must have two button, first "Ok" and other "cancel" .</span><br /><span style="font-family: courier new;">here's the link :</span><br />http://rapidshare.com/files/279257573/ReverseMe_1.exe.html<br /><span style="font-family: courier new;">this is a simple reverse me for newbies, not pros !</span> so leave the newbies alone !<br />thnx .Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com5tag:blogger.com,1999:blog-6635166041087397637.post-28647815889057786152009-08-21T09:38:00.000-07:002009-08-21T09:56:32.588-07:00Conficker Eye Chart<span style="font-family:courier new;">if you are interested in malware analysis it may be great for see and read this interesting post, if you remembered the old Storm worm and nowdays "Conficker" worms are known as the dangerous worms in all the times, unhappily the Conficker worm block the access to almost 100 websites dedicated to security and threat analysis and also official antivirus websites.</span><br /><span style="font-family:courier new;">a malware analyser named "Joe Stewart" is </span><a style="font-family: courier new;" href="http://www.joestewart.org/">here</a><span style="font-family:courier new;"> and now you can see his interesting tool which can recognize if a system infected to conficker worm or not .</span><br /><span style="font-family:courier new;">it has been done just by simply visiting a web page that is placed </span><a style="font-family: courier new;" href="http://www.joestewart.org/cfeyechart.html">here</a><span style="font-family:courier new;"> .</span><br /><span style="font-family:courier new;">this tool is named "</span><span style="color: rgb(204, 0, 0); font-weight: bold;font-family:courier new;" >Conficker Eye Chart</span><span style="font-family:courier new;">" . when you visit this web page you saw some images , in the header if you saw this image then possibly you may not infected with conficker .</span><br /><br /><div style="text-align: center;"><div style="text-align: left;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.joestewart.org/chartnormal.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 109px;" src="http://www.joestewart.org/chartnormal.jpg" alt="" border="0" /></a><br /><span style="font-family:courier new;">if you saw the following image possibly you may be infected with the conficker C variant or greater .</span><br /><br /><div style="text-align: center;"><br /></div><br /><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.joestewart.org/chartinfected.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 109px;" src="http://www.joestewart.org/chartinfected.jpg" alt="" border="0" /></a><br /><br /><div style="text-align: left;"><span style="font-family:courier new;">if you saw the following image then possibly you may be infected with B variant :</span><br /><br /><div style="text-align: center;"><br /></div></div></div><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.joestewart.org/chartinfected-ab.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 109px;" src="http://www.joestewart.org/chartinfected-ab.jpg" alt="" border="0" /></a><br /><br /><div style="text-align: left;"><span style="font-family:courier new;">if you saw something like that then must turn on image loading in your own Internet Browser .</span><br /><br /><div style="text-align: center;"><br /></div></div></div></div><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.joestewart.org/chartdisabled.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 109px;" src="http://www.joestewart.org/chartdisabled.jpg" alt="" border="0" /></a><br /><br /><div style="text-align: left;"><span style="font-family:courier new;">let's check it out and put your comment here .</span><br /><br /><br /></div></div></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-10007946763855428092009-07-31T12:00:00.000-07:002009-07-31T12:21:44.159-07:00Build a .NET Application on the Oracle Database with Visual Studio 2005 or 2008With the popularity of Microsoft's .NET Framework, many developers are hungry for information about the best means of integrating .NET applications with Oracle—not only in terms of basic connectivity, but also in relationship to effective and efficient application development using Visual Studio 2005 or 2008. <p>In this article, I'll explain the basic yet essential processes involved in building a .NET application that uses an Oracle database, including: </p> <ul type="square"><li>How to add project references to support Oracle class libraries in your .NET project</li><li>How to create Oracle Database connection strings </li><li>How to work with Connection, Command, and DataReader objects</li></ul> <p>You will have the opportunity to apply what you have learned in three <a class="bodylink" href="http://www.oracle.com/technology/pub/articles/cook-vs08.html#lab1">practice labs</a>, ranging in difficulty from the relatively simple to the more complex. The article's screenshots are taken from Visual Studio 2008, but the experience is very similar in Visual Studio 2005.</p> <p>For information and labs about how to secure your application, see my article "<a class="bodylink" href="http://www.oracle.com/technology/pub/articles/mastering_dotnet_oracle/cook_masteringdotnet.html">Securing a .NET Application on the Oracle Database</a>". (Also, see the OTN <a class="bodylink" href="http://www.oracle.com/technology/tech/dotnet/index.html">.NET Developer Center</a> for technical articles covering a range of Oracle.NET application lifecycle issues.)</p> <p>Note that the free <a class="bodylink" href="http://www.oracle.com/technology/tech/dotnet/tools/index.html">Oracle Developer Tools for Visual Studio</a>, available for <a class="bodylink" href="http://www.oracle.com/technology/tech/dotnet/tools/index.html">download</a> from OTN, provides a Visual Studio add-in that makes the development of .NET apps on Oracle much easier and more intuitive. That subject is beyond our scope here, however.</p> <h2>.NET Data Provider </h2> <p>In addition to basic Oracle client connectivity software, .NET applications require the use of what is known as a <em>managed data provider</em> (where "managed" refers to code managed by the .NET framework). The data provider is the layer between the .NET application code and the Oracle client connectivity software. In almost every case, the best performance is achieved by using a provider optimized for a specific database platform instead of the generic .NET OLE DB data provider. </p> <p>Oracle, Microsoft, and third-party vendors all offer .NET data providers optimized for Oracle. Oracle and Microsoft make their Oracle data providers available for free. (Microsoft's provider for the .NET Framework 2.0 is included in the framework, but it still requires Oracle client software installation.) In this article, we will use of the Oracle Data Provider for .NET (ODP.NET), which is included with the Oracle Database or as a separate <a class="bodylink" href="http://www.oracle.com/technology/software/tech/windows/odpnet/index.html">download</a>. </p> <p>ODP.NET provides standard ADO.NET data access, while exposing Oracle database-specific features, such as XML DB, data access performance optimizations, and Real Application Clusters connection pooling.</p> <p>When ODP.NET and Oracle client software are installed, application development using Visual Studio can begin. It's a good idea to confirm client connectivity before starting development. If you can connect to Oracle using Oracle client software such as SQL*Plus on the same machine as Visual Studio, then you know that your Oracle client-side software is properly installed and configured.</p> <p>If you are new to Oracle, see the section "Installing .NET Products" in the <a class="bodylink" href="http://download.oracle.com/docs/cd/B28359_01/appdev.111/b28843/toc.htm"><em>Oracle Database 2 Day Developer's Guide</em></a> for background information regarding installing and configuring ODP.NET specifically, or to the <a class="bodylink" href="http://www.oracle.com/technology/documentation/database.html">Oracle Database Documentation Library</a> for general information about Oracle Database.</p> <h2>Creating a Project in Visual Studio 2005 or 2008 </h2> <p>Let's create an ODP.NET application that retrieves data from an Oracle database. Later, we'll see how to perform error handling with ODP.NET and handle an additional data retrieval scenario.</p> <p>After starting Visual Studio, the first task is to create a project. You can either select <strong>File | New | Project</strong> as shown below or click the <strong>New Project</strong> button located directly under <strong>File</strong>.<br /></p><p><br /></p><p style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f1.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 650px; height: 562px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f1.gif" alt="" border="0" /></a></p><p style="text-align: left;"><br /></p><p style="text-align: left;">A <strong>New Project</strong> dialog box appears. On the left side of the dialog box under <strong>Project Types</strong>, select the programming language of your choice. In our example, "Visual Basic" was chosen. On the right side under <strong>Visual Studio installed templates</strong>, choose a project template. To keep things simple, a "Windows Forms Application" is selected.<br /></p><p style="text-align: left;"><br /></p><p style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f2.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 650px; height: 520px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f2.gif" alt="" border="0" /></a></p><p style="text-align: center;"><br /></p><p style="text-align: left;">You'll want to specify meaningful names for the project name (we used OraWinApp) and the solution name (we used OraWinApp). A solution contains one or more projects. When a solution contains only one project, many people use the same name for both. </p><h2>Adding a Reference </h2> <p>Because our project must connect to an Oracle database, it is necessary to add a reference to the ODP.NET DLL containing the data provider of our choice. Within the Solution Explorer, select the project name, right click and select <strong>Add Reference</strong>. Alternatively, you can go to the menu bar and select <strong>Project</strong> and then select <strong>Add Reference</strong>.<br /></p><p><br /></p><p style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f3.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 650px; height: 562px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f3.gif" alt="" border="0" /></a></p><p style="text-align: center;"><br /></p><p style="text-align: left;"> The <strong>Add Reference</strong> dialog box appears.<br /></p><p style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f4.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 482px; height: 406px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f4.gif" alt="" border="0" /></a></p><p style="text-align: center;"><br /></p><p style="text-align: left;">ODP.NET is found under the Oracle.DataAccess component name. Select <strong>Oracle.DataAccess</strong> from the list, then click <strong>OK</strong> to make the ODP.NET data provider known to your project. </p><h2>Visual Basic/C# Statements</h2> <p>After adding references, it is standard practice to add Visual Basic Imports statements or C# using statements. Technically, these statements are not required but they do allow you to refer to database objects without using lengthy, fully qualified names. </p> <p>By convention, these statements appear at or near the top of a code file, before the namespace or class declaration. </p> <pre>Imports Oracle.DataAccess.Client ' Visual Basic ODP.NET Oracle managed provider<br /><br /></pre><div style="text-align: center;"><br /></div><pre><br /><br />using Oracle.DataAccess.Client; // C# ODP.NET Oracle managed provider<br /></pre> If you added the reference, Intellisense will help you complete the addition of an Imports or using statement as shown in Figure 5.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f5.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 650px; height: 498px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f5.gif" alt="" border="0" /></a><br /><h2>Connection Strings and Objects</h2> <p>An Oracle connection string is inseparable from Oracle names resolution. Suppose you had a database alias of OraDb defined in a tnsnames.ora file as follows: </p> <pre>OraDb=<br />(DESCRIPTION=<br />(ADDRESS_LIST=<br /> (ADDRESS=(PROTOCOL=TCP)(HOST=ORASRVR)(PORT=1521))<br />)<br />(CONNECT_DATA=<br /> (SERVER=DEDICATED)<br /> (SERVICE_NAME=ORCL)<br />)<br />)<br /></pre> The OraDb alias defines the database address connection information for the client. To use the OraDb alias defined in the tnsnames.ora file shown above, you would use the following syntax: <pre>Dim oradb As String = "Data Source=OraDb;User Id=scott;Password=tiger;" ' Visual Basic<br /><br />string oradb = "Data Source=OraDb;User Id=scott;Password=tiger;"; // C#<br /></pre> You can modify the connection string to obviate the need for the tnsnames.ora file, however. Simply replace the name of the alias with how it would be defined in a tnsnames.ora file. <pre>' Visual Basic<br />Dim oradb As String = "Data Source=(DESCRIPTION=" _<br /> + "(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=ORASRVR)(PORT=1521)))" _<br /> + "(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=ORCL)));" _<br /> + "User Id=scott;Password=tiger;"<br /><br />// C#<br />string oradb = "Data Source=(DESCRIPTION="<br /> + "(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=ORASRVR)(PORT=1521)))"<br /> + "(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=ORCL)));"<br /> + "User Id=scott;Password=tiger;";<br /></pre> As you can see above, the username and password are embedded in the connection string in clear text. This is the simplest approach to creating a connection string. However, the clear text approach is undesirable from a security perspective. In particular, you must understand that compiled .NET application code is only marginally more secure than the clear text source code files. It is very easy to decompile .NET DLL and EXE files and view the original clear text contents. (Encryption is in fact the appropriate solution, but that subject would be a quite lengthy digression from our discussion here.) <p>Next, you must instantiate a connection object from the connection class. The connection string must be associated with the connection object.</p> <pre>Dim conn As New OracleConnection(oradb) ' Visual Basic<br /><br />OracleConnection conn = new OracleConnection(oradb); // C#<br /></pre> Notice that the connection string is associated with the connection object by being passed through the object's constructor, which is overloaded. The constructor's other overload allows the following alternative syntax: <pre>Dim conn As New OracleConnection() ' Visual Basic<br />conn.ConnectionString = oradb<br /><br />OracleConnection conn = new OracleConnection(); // C#<br />conn.ConnectionString = oradb;<br /></pre> After associating a connection string with a connection object, use the Open method to make the actual connection. <pre>conn.Open() ' Visual Basic<br /><br />conn.Open(); // C#<br /></pre> We'll cover error handling later. <h2>Command Object </h2> <p>The Command object is used to specify the SQL command text that is executed, either a SQL string or a stored procedure. Similar to the Connection object, it must be instantiated from its class and it has an overloaded constructor. In this sample, ODP.NET will perform a SQL query to return the department name (DNAME) from the departments table (DEPT) where the department number (DEPTNO) is 10. </p><pre>Dim sql As String = "select dname from dept where deptno = 10" ' Visual Basic<br />Dim cmd As New OracleCommand(sql, conn)<br />cmd.CommandType = CommandType.Text<br /><br />string sql = "select dname from dept where deptno = 10"; // C#<br />OracleCommand cmd = new OracleCommand(sql, conn);<br />cmd.CommandType = CommandType.Text;<br /></pre>Using different overloads, the syntax can be structured slightly differently. The Command object has methods for executing the command text, which will be seen in the next section. Different methods are appropriate for different types of SQL commands. <h2>Retrieving a Scalar Value </h2> <p>Retrieving data from the database can be accomplished by instantiating an OracleDataReader object and using the ExecuteReader method, which returns an OracleDataReader object. Returned data is accessible by passing either the column name or zero-based column ordinal to the OracleDataReader. </p><pre>Dim dr As OracleDataReader = cmd.ExecuteReader() ' Visual Basic<br />dr.Read()<br /><br />Label1.Text = dr.Item("dname") ' retrieve by column name<br />Label1.Text = dr.Item(0) ' retrieve the first column in the select list<br />Label1.Text = dr.GetString(0) ' return a .NET data type<br />Label1.Text = dr.GetOracleString(0) ' return an Oracle data type<br /></pre>There are typed accessors for returning .NET native data types and others for returning native Oracle data types, all of which are available in C#, Visual Basic, or any other .NET language. Zero-based ordinals are passed to the accessors to specify which column to return. <pre>OracleDataReader dr = cmd.ExecuteReader(); // C#<br />dr.Read();<br /><br />label1.Text = dr["dname"].ToString(); // C# retrieve by column name<br />label1.Text = dr.GetString(0).ToString(); // return a .NET data type<br />label1.Text = dr.GetOracleString(0).ToString(); // return an Oracle data type<br /></pre> In this simplified example, the returned value of DNAME is a string and is used to set the value of the label control's text property, which is also a string. But if DEPTNO, which is not a string, had been retrieved instead, there would be a data type mismatch. The .NET runtime attempts to implicitly convert from one data type to another when the source and destination data types don't match. Sometimes the data types are incompatible and the implicit conversion fails, throwing an exception. But even when it works, it's still better to use explicit data type conversions instead of implicit data type conversion. <p>An explicit cast to integer is shown below: </p> <pre>Label1.Text = CStr(dr.Item("deptno")) ' Visual Basic integer to string cast<br /><br />C# is not as forgiving as Visual Basic on implicit conversions. You'll find yourself doing explicit conversions:<br /><br />label1.Text = dr.GetInt16("deptno").ToString(); // C#<br /></pre> You can explicitly cast scalar values as well as arrays. <h2>Close and Dispose </h2> <p>Either the connection object's <tt>Close</tt> or the <tt>Dispose</tt> method should be called to close the connection to the database. The <tt>Dispose</tt> method calls the <tt>Close</tt> method. </p><pre>conn.Close() ' Visual Basic<br />conn.Dispose() ' Visual Basic<br /><br />conn.Close(); // C#<br />conn.Dispose(); // C#<br /></pre> You don't have to explicitly call <tt>Close</tt> or <tt>Dispose</tt> if you use VB's <tt>Using</tt> keyword or C#'s <tt>using</tt> keyword. <pre>using (OracleConnection conn = new OracleConnection(oradb)) // C#<br />{<br />conn.Open();<br /><br />OracleCommand cmd = new OracleCommand();<br />cmd.Connection = conn;<br />cmd.CommandText = "select dname from dept where deptno = 10";<br />cmd.CommandType = CommandType.Text;<br /> <br />OracleDataReader dr = cmd.ExecuteReader();<br />dr.Read();<br /><br />label1.Text = dr.GetString(0);<br />}<br /></pre> In addition, OracleCommand includes a Dispose method; OracleDataReader includes a <tt>Close</tt> and <tt>Dispose</tt> method. Closing and disposing .NET objects free up system resources, ensuring more efficient application performance, which is especially important under high load conditions. You can experiment with some of the concepts we've learned here in <a class="bodylink" href="http://www.oracle.com/technology/pub/articles/cook-vs08.html#lab1">Lab 1</a> (Retrieving Data from the Database) and <a class="bodylink" href="http://www.oracle.com/technology/pub/articles/cook-vs08.html#lab2">Lab 2</a> (Adding Interactivity). <h2>Error Handling </h2> <p>When an error occurs, .NET applications should gracefully handle the error and inform the user with a meaningful message. Try-Catch-Finally structured error handling is a part of .NET languages; here is a relatively minimalist example of using the Try-Catch-Finally syntax: </p><pre>' Visual Basic<br />Try<br />conn.Open()<br /><br />Dim cmd As New OracleCommand<br />cmd.Connection = conn<br />cmd.CommandText = "select dname from dept where deptno = " + TextBox1.Text<br />cmd.CommandType = CommandType.Text<br /><br />If dr.Read() Then<br /> Label1.Text = dr.Item("dname") ' or use dr.Item(0)<br />End If<br />Catch ex As Exception ' catches any error<br />MessageBox.Show(ex.Message.ToString())<br />Finally<br />' In a real application, put cleanup code here.<br />End Try<br /><br />// C#<br />try<br />{<br />conn.Open();<br /><br />OracleCommand cmd = new OracleCommand();<br />cmd.Connection = conn;<br />cmd.CommandText = "select dname from dept where deptno = " + textBox1.Text;<br />cmd.CommandType = CommandType.Text;<br /><br />if (dr.Read()) // C#<br />{<br /> label1.Text = dr["dname"].ToString();<br /> // or use dr.GetOracleString(0).ToString()<br />}<br />}<br />catch (Exception ex) // catches any error<br />{<br />MessageBox.Show(ex.Message.ToString());<br />}<br />finally<br />{<br />// In a real application, put cleanup code here.<br /><br /></pre><div style="text-align: center;"><br /></div><pre><br />}<br /></pre> Although this approach will gracefully capture any errors in attempting to get data from the database, it is not user friendly. For example, look at the following message displayed when the database is unavailable:<br /><br /><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f6.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 496px; height: 167px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f6.gif" alt="" border="0" /></a><br /><div style="text-align: left;">An ORA-12545 is quite meaningful for an Oracle DBA or developer, but not for an end user. A better solution is to add an additional <tt>Catch</tt> statement to trap for the most common database errors and provide user-friendly messages. <pre>Catch ex As OracleException ' catches only Oracle errors<br /> Select Case ex.Number<br /> Case 1<br /> MessageBox.Show("Error attempting to insert duplicate data.")<br /> Case 12545<br /> MessageBox.Show("The database is unavailable.")<br /> Case Else<br /> MessageBox.Show("Database error: " + ex.Message.ToString())<br /> End Select<br />Catch ex As Exception ' catches any error<br /> MessageBox.Show(ex.Message.ToString())<br /><br />catch (OracleException ex) // catches only Oracle errors<br />{<br /> switch (ex.Number)<br /> {<br /> case 1:<br /> MessageBox.Show("Error attempting to insert duplicate data.");<br /> break;<br /> case 12545:<br /> MessageBox.Show("The database is unavailable.");<br /> break;<br /> default:<br /> MessageBox.Show("Database error: " + ex.Message.ToString());<br /> break;<br /> }<br />}<br />catch (Exception ex) // catches any error not previously caught<br />{<br /> MessageBox.Show(ex.Message.ToString());<br /><br /></pre><div style="text-align: center;"><br /></div><pre><br />}<br /></pre> Notice the two <tt>Catch</tt> statements in the code sample above. If there aren't any Oracle errors to catch, the first statement branch is skipped, leaving any other non-Oracle error to be caught by the second statement. <tt>Catch</tt> statements must be ordered in the code from most specific to most general. After implementing the user-friendly exception handling code, the ORA-12545 error message appears as follows:<br /><br /><div style="text-align: center;"><br /><div style="text-align: left;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f7.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 214px; height: 152px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f7.gif" alt="" border="0" /></a>The <tt>Finally</tt> code block is always executed regardless of whether or not an error occurred. It is where cleanup code belongs. If you don't use <tt>Using</tt> or <tt>using</tt>, you should dispose your connection and other objects in the <tt>Finally</tt> code block. <h2>Retrieving Multiple Values Using a DataReader</h2> <p> So far our examples have only showed how to retrieve a single value. An OracleDataReader can retrieve values for multiple columns and multiple rows. First consider a multiple column, single row query: </p><pre>select deptno, dname, loc from dept where deptno = 10<br /></pre> To obtain the values of the columns, either zero-based ordinals or column names can be used. Ordinals are relative to the order in the query. Thus, the LOC column's value can be retrieved in Visual Basic by using either dr.Item(2) or dr.Item("loc"). <p>Here is a code snippet that concatenates the DNAME and LOC columns from the previous query: </p> <pre>Label1.Text = "The " + dr.Item("dname") + " department is in " + dr.Item("loc") ' VB<br /><br />label1.Text = "The " + dr["dname"].ToString() + " department is in " +<br /> dr["loc"].ToString(); // C#<br /></pre> Now consider a query that returns multiple rows: <pre>select deptno, dname, loc from dept<br /></pre> To process multiple rows returned from an OracleDataReader, some type of looping construct is needed. Furthermore, a control that can display multiple rows is desirable. An OracleDataReader is a forward-only, read-only cursor, so it can't be bound to an updateable or fully scrollable control such as a Windows Forms DataGrid control. An OracleDataReader is compatible with a ListBox control, as the following code snippet illustrates: <pre>While dr.Read() ' Visual Basic<br /> ListBox1.Items.Add("The " + dr.Item("dname") + " department is in " + dr.Item("loc"))<br />End While<br /><br />while (dr.Read()) // C#<br />{<br /> listBox1.Items.Add("The " + dr["dname"].ToString() + " department is in " +<br /> dr["loc"].ToString());<br /><br /></pre><div style="text-align: center;"><br /></div><pre><br />}<br /></pre> <a class="bodylink" href="http://www.oracle.com/technology/pub/articles/cook-vs08.html#lab3">Lab 3</a> (Retrieve Multiple Columns and Rows with an OracleDataReader) highlights some of these concepts. <h2>Building and Running on x64 </h2> <p>When running Visual Studio 2008 on an x64 operating system, the <strong>Active solution platform</strong> defaults to <strong>Any CPU</strong>. Change that to x86 before building your project.<br /></p><p><br /></p><p style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.oracle.com/technology/pub/images/cook-vs08-f8.gif"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 650px; height: 258px;" src="http://www.oracle.com/technology/pub/images/cook-vs08-f8.gif" alt="" border="0" /></a></p><p style="text-align: center;"><br /></p><h2>Conclusion</h2> <p> This article has introduced you to the process of accessing Oracle databases using .NET programming languages. You should now have the capability to connect to the database and retrieve multiple columns and rows.<br /></p><p><br /></p><p>the next post is about the lab section of our post .</p><p>you can find the original source at Oracle's website .</p><p><br /></p></div></div></div></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-38731567930058193122009-07-23T16:21:00.000-07:002009-07-23T16:22:51.934-07:00Arp Cache poisoning revealed<span style="font-family: courier new;">Anatomy of an ARP Poisoning Attack</span><br /><span style="font-size:78%;"><span style="font-family: courier new;">by Corey Nachreiner, WatchGuard Network Security Analyst</span></span><br /><br /><span style="font-family: courier new;">Hackers lie. Skillful hackers lie well. And well-rounded hackers can lie both to people and to machines.</span><br /><br /><span style="font-family: courier new;">Lying to people, known as "social engineering," involves tactics (detailed at length by convicted hacker Kevin Mitnick) such as posing as a company's employee so the company's real employees will blab secrets freely. Lying to machines involves lots of different techniques, and a commonly used one -- ARP Cache Poisoning -- is the focus of this article. ARP poisoning enables local hackers to cause general networking mayhem. Because it's mostly "incurable," every administrator should be aware of how this attack works.</span><br /><span style="font-family: courier new;">ARP Refresher</span><br /><br /><span style="font-family: courier new;">In Foundations: What Are NIC, MAC, and ARP?, we explained that Address Resolution Protocol (ARP) is how network devices associate MAC addresses with IP Addresses so that devices on the local network can find each other. ARP is basically a form of networking roll call.</span><br /><br /><span style="font-family: courier new;">ARP, a very simple protocol, consists of merely four basic message types:</span><br /><br /><span style="font-family: courier new;">1.</span><br /><br /><span style="font-family: courier new;">An ARP Request. Computer A asks the network, "Who has this IP address?"</span><br /><span style="font-family: courier new;">2.</span><br /><br /><span style="font-family: courier new;">An ARP Reply. Computer B tells Computer A, "I have that IP. My MAC address is [whatever it is]."</span><br /><span style="font-family: courier new;">3.</span><br /><br /><span style="font-family: courier new;">A Reverse ARP Request (RARP). Same concept as ARP Request, but Computer A asks, "Who has this MAC address?"</span><br /><span style="font-family: courier new;">4.</span><br /><br /><span style="font-family: courier new;">A RARP Reply. Computer B tells Computer A, "I have that MAC. My IP address is [whatever it is]"</span><br /><br /><span style="font-family: courier new;">All network devices have an ARP table, a short-term memory of all the IP addresses and MAC addresses the device has already matched together. The ARP table ensures that the device doesn't have to repeat ARP Requests for devices it has already communicated with.</span><br /><br /><span style="font-family: courier new;">Here's an example of a normal ARP communication. Jessica, the receptionist, tells Word to print the latest company contact list. This is her first print job today. Her computer (IP address 192.168.0.16) wants to send the print job to the office's HP LaserJet printer (IP address 192.168.0.45). So Jessica's computer broadcasts an ARP Request to the entire local network asking, "Who has the IP address, 192.168.0.45?" as seen in Diagram 1.</span><br /><br /><span style="font-family: courier new;">All the devices on the network ignore this ARP Request, except for the HP LaserJet printer. The printer recognizes its own IP in the request and sends an ARP Reply: "Hey, my IP address is 192.168.0.45. Here is my MAC address: 00:90:7F:12:DE:7F," as in Diagram 2.</span><br /><br /><span style="font-family: courier new;">Now Jessica's computer knows the printer's MAC address. It sends the print job to the correct device, and it also associates the printer's MAC address of 00:90:7F:12:DE:7F with the printer's IP address of 192.168.0.45 in its ARP table.</span><br /><span style="font-family: courier new;">Hey ARP, Did You Know Gullible Is Not in the Dictionary?</span><br /><br /><span style="font-family: courier new;">The founders of networking probably simplified the communication process for ARP so that it would function efficiently. Unfortunately, this simplicity also leads to major insecurity. Know why my short description of ARP doesn't mention any sort of authentication method? Because in ARP, there is none.</span><br /><br /><span style="font-family: courier new;">ARP is very trusting, as in, gullible. When a networked device sends an ARP request, it simply trusts that when the ARP reply comes in, it really does come from the correct device. ARP provides no way to verify that the responding device is really who it says it is. In fact, many operating systems implement ARP so trustingly that devices that have not made an ARP request still accept ARP replies from other devices.</span><br /><br /><span style="font-family: courier new;">OK, so think like a malicious hacker. You just learned that the ARP protocol has no way of verifying ARP replies. You've learned many devices accept ARP replies before even requesting them. Hmmm. Well, why don't I craft a perfectly valid, yet malicious, ARP reply containing any arbitrary IP and MAC address I choose? Since my victim's computer will blindly accept the ARP entry into its ARP table, I can force my victim's gullible computer into thinking any IP is related to any MAC address I want. Better yet, I can broadcast my faked ARP reply to my victim's entire network and fool all his computers. Muahahahahaa!</span><br /><br /><span style="font-family: courier new;">Back to reality. Now you probably understand why this common technique is called ARP Cache Poisoning (or just ARP Poisoning): the attacker lies to a device on your network, corrupting or "poisoning" its understanding of where other devices are. This frighteningly simple procedure enables the hacker to cause a variety of networking woes, described next.</span><br /><span style="font-family: courier new;">All Your ARP Are Belong To Us!</span><br /><br /><span style="font-family: courier new;">The ability to associate any IP address with any MAC address provides hackers with many attack vectors, including Denial of Service, Man in the Middle, and MAC Flooding.</span><br /><span style="font-family: courier new;">Denial of Service</span><br /><br /><span style="font-family: courier new;">A hacker can easily associate an operationally significant IP address to a false MAC address. For instance, a hacker can send an ARP reply associating your network router's IP address with a MAC address that doesn't exist. Your computers believe they know where your default gateway is, but in reality they're sending any packet whose destination is not on the local segment, into the Great Bit Bucket in the Sky. In one move, the hacker has cut off your network from the Internet.</span><br /><span style="font-family: courier new;">Man in the Middle</span><br /><br /><span style="font-family: courier new;">A hacker can exploit ARP Cache Poisoning to intercept network traffic between two devices in your network. For instance, let's say the hacker wants to see all the traffic between your computer, 192.168.0.12, and your Internet router, 192.168.0.1. The hacker begins by sending a malicious ARP "reply" (for which there was no previous request) to your router, associating his computer's MAC address with 192.168.0.12 (see Diagram 3).</span><br /><br /><span style="font-family: courier new;">Now your router thinks the hacker's computer is your computer.</span><br /><br /><span style="font-family: courier new;">Next, the hacker sends a malicious ARP reply to your computer, associating his MAC Address with 192.168.0.1 (see Diagram 4).</span><br /><br /><span style="font-family: courier new;">Now your machine thinks the hacker's computer is your router.</span><br /><br /><span style="font-family: courier new;">Finally, the hacker turns on an operating system feature called IP forwarding. This feature enables the hacker's machine to forward any network traffic it receives from your computer to the router (shown in Diagram 5).</span><br /><br /><span style="font-family: courier new;">Now, whenever you try to go to the Internet, your computer sends the network traffic to the hacker's machine, which it then forwards to the real router. Since the hacker is still forwarding your traffic to the Internet router, you remain unaware that he is intercepting all your network traffic and perhaps also sniffing your clear text passwords or hijacking your secured Internet sessions.</span><br /><span style="font-family: courier new;">MAC Flooding</span><br /><br /><span style="font-family: courier new;">MAC Flooding is an ARP Cache Poisoning technique aimed at network switches. (If you need a reminder about the difference between a hub and a switch, see this sidebar.) When certain switches are overloaded they often drop into a "hub" mode. In "hub" mode, the switch is too busy to enforce its port security features and just broadcasts all network traffic to every computer in your network. By flooding a switch's ARP table with a ton of spoofed ARP replies, a hacker can overload many vendor's switches and then packet sniff your network while the switch is in "hub" mode.</span><br /><span style="font-family: courier new;">Scared? Good, Now Calm Down!</span><br /><br /><span style="font-family: courier new;">This is scary stuff. ARP Cache Poisoning is trivial to exploit yet it can result in very significant network compromise. However, before you jump to Defcon-7, notice the major mitigating factor: only local attackers can exploit ARP's insecurities. A hacker would need either physical access to your network, or control of a machine on your local network, in order to deliver an ARP Cache Poisoning attack. ARP's insecurities can't be exploited remotely.</span><br /><br /><span style="font-family: courier new;">That said, hackers have been known to gain local access to networks. Good network administrators should be aware of ARP Cache Poisoning techniques.</span><br /><br /><span style="font-family: courier new;">Since ARP Cache Poisoning results from a lack of security in a protocol that is required for TCP/IP networking to function, you can't fix it. But you can help prevent ARP attacks using the following techniques.</span><br /><span style="font-family: courier new;">For Small Networks</span><br /><br /><span style="font-family: courier new;">If you manage a small network, you might try using static IP addresses and static ARP tables. Using CLI commands, such as "ipconfig /all" in Windows or "ifconfig" in 'NIX, you can learn the IP address and MAC address of every device in your network. Then using the "arp -s" command, you can add static ARP entries for all your known devices. "Static" means unchanging; this prevents hackers from adding spoofed ARP entries for devices in your network. You can even create a login script that would add these static entries to your PCs as they boot.</span><br /><br /><span style="font-family: courier new;">However, static ARP entries are hard to maintain; impossible in large networks. That's because every device you add to your network has to be manually added to your ARP script or entered into each machine's ARP table. But if you manage fewer than two dozen devices, this technique might work for you.</span><br /><span style="font-family: courier new;">For Large Networks</span><br /><br /><span style="font-family: courier new;">If you manage a large network, research your network switch's "Port Security" features. One "Port Security" feature lets you force your switch to allow only one MAC address for each physical port on the switch. This feature prevents hackers from changing the MAC address of their machine or from trying to map more than one MAC address to their machine. It can often help prevent ARP-based Man-in-the-Middle attacks.</span><br /><span style="font-family: courier new;">For All Networks</span><br /><br /><span style="font-family: courier new;">Your best defense is understanding ARP Poisoning and monitoring for it. I'd highly recommend deploying an ARP monitoring tool, such as ARPwatch, to alert you when unusual ARP communication occurs. This kind of vigilance is still the greatest weapon against all kinds of attack -- for, as Robert Louis Stevenson wrote, "The cruelest lies are often told in silence."</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-82076940909615668172009-07-14T15:18:00.000-07:002009-07-14T16:05:34.102-07:00Which Programming language !?<span style="font-family:courier new;">A general question "which programming language I must choose !?"<br />this is a question that can say everyone questioned for become a programmer .<br />well, there are 2 factors that must be considered as well, first is interest and second is the purpose .<br />the most important part is first section, interest .<br />when you are interested in a programming language then you will try as you can for learning and working with it and if you don't interested in your programming language that you work on it, it's a bit crucial ...<br />the second factor is your purpose, all the works in the world have a purpose that is in the background of it .<br />simply ask this question of yourself, " what thing I want from a programming language !? ", when you ask it of yourself and answer it truthful then you got the purpose .<br />for example a person wants a Programming language for only database programming and writing automation softwares, then the best choice is Delphi .<br />another person wants to write System programs, the the best is C++, another one wants to write applications that can be shown in the web, ASP.net / PHP is one of these choice and etc ...<br />every programming language have Good parts and bad parts, and none of them is unqualified .<br />you can choose the language that you want with considering and investigating these 2 factors,<br />and in my opinion here is a Good selection list :<br />DataBase Programmming : Delphi with .net support .<br />Network Programming : C#.net<br />Web Programming : ASP.Net / PHP<br />simple applications like simple automation softwares : Visual basic with .Net support or VB.Net<br />Secure web applications : Java<br />System Programs : C++<br />Ring0 and Driver Programming : Pure C<br /><br />there's Good resource about the list that I mentioned out there,<br />one of the best place you can find great books for free is <a href="http://flazx.com/">Flazx</a> and <a href="http://pdfchm.com/">PdfChm</a> .<br />try that now, nJoy ;)<br /><br />feedback !?<br /><br /></span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-65250963800393789732009-06-30T14:55:00.000-07:002009-07-01T03:42:41.087-07:00C# Network Programming<span style="font-family:courier new;">I've been back to normal life without any university, this is a good book, download and enjoy.</span><br /><a style="font-family: courier new;" href="http://www.paid4share.com/file/268/0782141765-rar.html">here's</a><span style="font-family: courier new;"> the link location ...</span><br /><span style="font-family: courier new;">feedback !?</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com1tag:blogger.com,1999:blog-6635166041087397637.post-87982860890835389282009-06-14T01:36:00.000-07:002009-06-14T01:54:23.362-07:00busy with universitie's Examinations<span style="font-family: courier new;">I must say excuse me cuze i'm busy with my universitie's Examinations .</span><br /><span style="font-family: courier new;">I'll be back after my exams, I promise ...</span><br /><br /><span style="font-family: courier new;">have a nice day,</span><br /><br /><span style="font-family: courier new;">- Genius</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-82406271775510308472009-06-12T10:41:00.000-07:002009-06-12T11:28:24.465-07:00Gns Lookup, a tool for Looking up a specific Name Server<span style="font-family:courier new;">Gns Lookup is stands for genius name server lookup, a tool for doing a zone transfer from your dns server,you may know many tools for this kind of action, but it's developed under .Net Framework and it's really fast and also just 10 KBs (!).<br />for getting respond, first when you want acting a Name Server Transfer, you will enter your domain name and then click Resolve button, i'll promise you will get your respond less than 4 seconds ;)</span><br /><div style="text-align: center;"><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjc0_B6wS8Vi37Qh43CKYn4qJQM_c5gOoALxiVbRs-9ELZU6UdRaQpMDvwN50qjtjKyZC839GVKV5nTA-8nE6jqoF8-WNwAXPF624w_vISfZ7dVFVAK5x1MHkob-ircLsrfKtfFiI9czOdQ/s1600-h/Gns+Lookup.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 125px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjc0_B6wS8Vi37Qh43CKYn4qJQM_c5gOoALxiVbRs-9ELZU6UdRaQpMDvwN50qjtjKyZC839GVKV5nTA-8nE6jqoF8-WNwAXPF624w_vISfZ7dVFVAK5x1MHkob-ircLsrfKtfFiI9czOdQ/s200/Gns+Lookup.jpg" alt="" id="BLOGGER_PHOTO_ID_5346501030565223106" border="0" /></a><br /><span style="font-family: courier new;font-size:85%;" >#developed under C#.Net 2008</span><span style="font-size:85%;">#</span><br /><br /><div style="text-align: left;"><span style="font-family: courier new;">I developed it for Free and you can use it without givving any payment</span>.<br /><span style="font-family: courier new;">hope you like it</span>.<br /><br /><a href="http://rapidshare.com/files/243821035/GNS_Lookup.exe.html"><span style="font-family: courier new;">Download</span></a><br /></div></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-70212746625881243182009-06-11T17:58:00.000-07:002009-06-11T18:31:20.073-07:00Conficker worm binary !<span style="font-family: courier new;">hey, all of them surely heard about the robust worm named Conficker, here's an example of this worm, you can download it and run it under an Isolated environment and start analysing this.</span><br /><span style="font-family: courier new;">if you have any good report and result on analysing feel free to submit by comment and I will post it with your copyright ;)</span><br /><br /><a style="font-family: courier new;" href="http://offensivecomputing.net/download.php?id=2399141269&auth=acd8f4c99a5fb51a56d90dae9c9e1101">Download </a>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-4863871620014723922009-06-10T08:00:00.000-07:002009-06-11T18:36:14.293-07:00when you got infected with a robust malware !<span style="font-family: courier new;">when you got infected with a robust malware which use ring0 kernel drivers something like that may be happned,</span><br /><br /><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig_TvcETl3bdsJlNoPRYaQgRdg1z01BBqRS_iLjQudFjfc8pulibIq4VRZevYxIKZ-j9Rabs3YegVldKIhtCj97GKggFx-_Gt19-elqxc_zejqVW8p82rIp3bgSFnmYLEJSRUmlmpZzor5/s1600-h/infected2.JPG"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 160px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig_TvcETl3bdsJlNoPRYaQgRdg1z01BBqRS_iLjQudFjfc8pulibIq4VRZevYxIKZ-j9Rabs3YegVldKIhtCj97GKggFx-_Gt19-elqxc_zejqVW8p82rIp3bgSFnmYLEJSRUmlmpZzor5/s200/infected2.JPG" alt="" id="BLOGGER_PHOTO_ID_5345715013997985138" border="0" /></a></div><br /><div style="text-align: left;"><span style="font-family: courier new;">well done, I've been killed this shit and hunt it's device section :)</span><br /><span style="font-family: courier new;">any feedback about the picture !?</span><br /></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-84553836296791875202009-06-10T06:03:00.000-07:002009-06-10T06:48:35.057-07:00Develop your Drivers under Visual Studio !<span style="font-family:courier new;">sounds like new things in driver development hom ?!<br />yes, that's it, you read right, once again a new change in the driver development world .</span><br /><span style="font-family:courier new;">before, when you want develop a driver under your windows NT based box, you have many problems like Compiling, preparing for MAKEFILE and also SOURCES files, after all you must go to DDK checked/Free envirenment and enter in the your driver's project directory then issue the "Build" command and may see lots of errors some of them related to syntax, something related </span><span style="font-family:courier new;">to directory naming and such things like that and it may be confuse you for times.<br />you may know, there was no specific IDE (integrated Development Environment) for developing windows drivers and every time and many times you launch notepad and start to writing your own driver, but now things changed, now there's a new IDE dedicated to Driver development under DDK architecture, you can use it for many driver development purposes . ok let's explore some of it's features,<br />first you can Download it free with source code include (an open source project) from <a href="http://visualddk.sysprogs.org/">here</a>, it's very tiny and if you one of guys or even girls that have no access to DSL connection you can download it easily.</span><br /><span style="font-family:courier new;">after downloading it, you must have Visual Studio 2008/2005 not old Visual Studio 6.0, when you launch the setup you will see some options that need to configure them out .<br />when you install and configure it out correctly you can launch your visual studio and then select your driver project which added to projects section,<br /></span><div style="text-align: center;"><br /></div><span style="font-family:courier new;">then you can specify a name for your project<br /><br /><br /></span><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGZ11h7lVjtLJirwOXk3hbfdr46XE5EYJyNsgaWP3wlq-MEdOVMRbZYuNxirMcPXpagMhrH4-_PeJpKDdLUdsqD-Yeh7jayaSkdf5YaKHQYrc-4f1KHcSHduwJ7L43CMtwPGX68H84Fn4O/s1600-h/Visual+DDK2.JPG"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 160px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGZ11h7lVjtLJirwOXk3hbfdr46XE5EYJyNsgaWP3wlq-MEdOVMRbZYuNxirMcPXpagMhrH4-_PeJpKDdLUdsqD-Yeh7jayaSkdf5YaKHQYrc-4f1KHcSHduwJ7L43CMtwPGX68H84Fn4O/s200/Visual+DDK2.JPG" alt="" id="BLOGGER_PHOTO_ID_5345687945185376626" border="0" /></a><br /><br /><div style="text-align: left;">we suppose the driver's project name is HelloWorld . then we start to create the project,<br /><br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvL4QEZRwYDgInzdgaw4PN9ILzdh9FHZc-URbKiwqOPygAZYh5ZWdxdKAR5Pg2o4iwUtTYkdld8c7Orm1UtLMTG4XbTIF2qRawSpcyfWYdEwFs17c1tbxUwJVAvaqb_J92ncjJf1IhKhax/s1600-h/Visual+DDK1.JPG"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 160px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvL4QEZRwYDgInzdgaw4PN9ILzdh9FHZc-URbKiwqOPygAZYh5ZWdxdKAR5Pg2o4iwUtTYkdld8c7Orm1UtLMTG4XbTIF2qRawSpcyfWYdEwFs17c1tbxUwJVAvaqb_J92ncjJf1IhKhax/s200/Visual+DDK1.JPG" alt="" id="BLOGGER_PHOTO_ID_5345690072049781714" border="0" /></a><br />you can see what's the easy means ! it was generate all the source code for a hello world application automatically, the source file can appear such thing.<br />if you remind, in DDK console complilation when we want to compile the source code we must do 2 thing, first write the MAKEFILE which points to MAKEFILE.def in the DDK directory, and then add a SOURCES file which include our source's files .<br />after this two long work, we must simply issue the BUILD command from checked/free environment .<br />now these steps just need two key Ctrl+F5 keys, when you press them, if your application has no error then you see a Dialog Box which say it's not possible to execute your .Sys file and it's right !<br />it's a good news which tell you, your driver was made !<br />after this simply step you'll follow the driver's path, give it to Huglond's InstDrv and then you can see the driver's output with DebugView ( a kernel level Debug Viewer ) .<br /><br /><div style="text-align: center;"><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0uxLaN4SzyfJSp8aJQn5nAzGwgNeJUkpFeWvZ37uBwbH_GFBO-brIP6fsfLpD0os4wdl4IKQqz_yVZg9IuZZSxIbgVYBdH7AXOzuoNkJUN_UrWJawBhNpe43BZ4oZ1KpsGS7rEAHXX24v/s1600-h/DebugView.JPG"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 160px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0uxLaN4SzyfJSp8aJQn5nAzGwgNeJUkpFeWvZ37uBwbH_GFBO-brIP6fsfLpD0os4wdl4IKQqz_yVZg9IuZZSxIbgVYBdH7AXOzuoNkJUN_UrWJawBhNpe43BZ4oZ1KpsGS7rEAHXX24v/s200/DebugView.JPG" alt="" id="BLOGGER_PHOTO_ID_5345694102145156882" border="0" /></a><br /><div style="text-align: left;">if you are a driver developer you can understand how much this work is worthy .<br />thanks to it's developer basiz :)<br /></div></div></div></div>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-48348524868711129702009-06-05T01:44:00.000-07:002009-06-05T02:09:08.754-07:00good or bad idea ?!<span style="font-family: courier new;">hey, after almost long time, once again ...</span><br /><span style="font-family: courier new;">I've been so busy with my Universities's Exams, works and my personal researchs in the area of security .</span><br /><span style="font-family: courier new;">I'm apologizing ...</span><br /><span style="font-family: courier new;">the last week, I've 9 student's for network materials, all of them were girls of computer's major ...</span><br /><span style="font-family: courier new;">they want to learn some basic networking for their network exam on university .</span><br /><span style="font-family: courier new;">and the importance part was about subnnetting and supernetting, a material of CCNA Certified .</span><br /><span style="font-family: courier new;">unluckily, 'cuze of difficulty of this subject, I've some problem with this material which I think I can solve it as soon as possible.</span><br /><span style="font-family: courier new;">the class was about 3 hours .</span><br /><span style="font-family: courier new;">after that, now I'm working and studing Object Oriented Data Structures in C++ for my tommorrow's Exam .</span><br /><span style="font-family: courier new;">in this term we had the subject of Data Structures using classes and objects for Implementing them, Now I'm studing how to delete a node from a linked list with OOP aspect which I think this is very easiest than implementing it using structures (I mean data types).</span><br /><span style="font-family: courier new;">ohhhhhh, a good news ..., I've been in a Conference with the subject of information security, I've present it with good materials about network security and it's related materials. </span><br /><span style="font-family: courier new;">I've teached Firewalls, how firewall systems work, how to design them, the rule of a standard firewall and other materials about firewalling which include in Implementing windows based and Unix based firewalls .</span><br /><span style="font-family: courier new;">after that, I've present Attack vectors, Vectors for attacking systems, include social engineering, the art of deception, how to poisoning a switched network and intercept it's traffic, how to exploit windows and linux systems and others ...</span><br /><span style="font-family: courier new;">be patience for uploading it's PPT, and then you can see and download and read it, it's in persian ! :)</span><br /><span style="font-family: courier new;">and the final words are, I want to write a great paper for Data Structures, using oop aspect . it's a great idea, hom !?</span><br /><span style="font-family: courier new;">I'll trying to make it understandable and pretty with Adobe Flash with Full of codes.</span><br /><span style="font-family: courier new;">any feedback !?</span><br /><span style="font-family: courier new;">if you want to become my partner in this project, let me know .</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com1tag:blogger.com,1999:blog-6635166041087397637.post-9394816144288747022009-05-16T12:33:00.000-07:002009-05-18T13:33:08.431-07:00winner !<span style="font-family: courier new;">hey, after a log time challenge I have good news .</span><br /><span style="font-family: courier new;">I think before I mentined that I have a Programming challenge through some states around our city, the materials were about C++ Data Structures and DataBase Programming with C#, also not whole materials were about Programming, we had a part that was dedicated to networking and even it was the hardest and critical part of our challenge .</span><br /><span style="font-family: courier new;">fortunately I must annouce that I could locate in the highest score mearning in the first place from about 13 others ...</span><br /><span style="font-family: courier new;">the exams were so hard and the first exam was Data Structures .</span><br /><span style="font-family: courier new;">this exam had about 4 hours long and the exam was almost hard but Me and my friend could write it .</span><br /><span style="font-family: courier new;">after a long time coding data structures in C++ we have a break for about 1 hour .</span><br /><span style="font-family: courier new;">after it, the next exam was DataBase Programming and Analysing using C# ...</span><br /><span style="font-family: courier new;">it was the great part and me and my friend started to Code and Analyz the program .</span><br /><span style="font-family: courier new;">after about 3 hours we wrote the program and completed the mission, it was the greatest part and we knew, we got to a good score and we got the point 97/100 !</span><br /><span style="font-family: courier new;">after that, the last exam was about netwroking stuff, it was almost hard .</span><br /><span style="font-family: courier new;">we should calculate the IP addresses for both our client and server, and lastly we must compute the subnet mask of our network .</span><br /><span style="font-family: courier new;">the next section we must complete that was about cabling , a non standard cable we sould made that no one ever seen ..., this section was bad and we got no chance !</span><br /><span style="font-family: courier new;">for that section we decided to make one standard cross over cable and of our bad chance we could arrive to 15 score of whole 30 score (15/30 || 1/2) .</span><br /><span style="font-family: courier new;">the next section was the interesting part , there was to machine, one of them had Windows Server 2003 enterprise edition that should inact as the server and should had active directory installed as our domain controller also, an IIS must be install for intracting as web server and the domain must had the name alireza.com ...</span><br /><span style="font-family: courier new;">after about 2 hours patience I could complete this mission and can surf the web by our client to the address www.alireza.com on our server machine .</span><br /><span style="font-family: courier new;">after that all, leaders decided to calculate our scores and announce them all .</span><br /><span style="font-family: courier new;">Me and my friend (Mohsen) got the first place with 230 score of whole 300 scores !</span><br /><span style="font-family: courier new;">this was a great challenge between guys and girls whom interested in both Programming and Networking stuff, and now Me and mohsen are waiting for challenges in the country level .</span><br /><span style="font-family: courier new;">it was a good news which I think is good for annoucing in this place.</span><br /><br /><br /><span style="font-family: courier new;">- Genius</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0tag:blogger.com,1999:blog-6635166041087397637.post-73751159107847053372009-05-09T23:45:00.000-07:002009-05-10T00:23:14.441-07:00Tehran International Book Exhibition<div style="text-align: center;"><div style="text-align: left;"><span style="font-family: courier new;">as you know every year in tehran there's an international exhibition which is dedicated to internaltional books of many publishers ..., luckily in this exhibition I was one of guys who bought lots of computer related books, unluckily some of my books that was in my mind can't be found and the chance didn't allow me to buy my full books.</span><br /><span style="font-family: courier new;">there was famous and pupolar publishers out there like John Wiley, Mac-Graw Hill , for dummies, O'Reilly and many others .</span><br /><span style="font-family: courier new;">about 6 hours I was in exhibition and I can't find my own book "Shellcoder's Hanbook Second Edition" and "MCTS .net Application development" ...</span><br /><span style="font-family: courier new;">but, I bought some of my owns which you can see them here :</span><br /><br /></div><br /><div style="text-align: left;"><a style="font-weight: bold; font-style: italic;" onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgETzY3A4DlYBZej6h2XCVVxitqDc5EMEY4pd-hZz11H62BnobdeciuEM2dCRKA07Q_KPAoF3JWCmUf6EjfWgUD0IaZRfCn985ZYQkdYuoBjwEVMn9paM-QlOghGcemUFAl4QCSVWO0TUJ/s1600-h/CIMG0915.JPG"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 411px; height: 307px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgETzY3A4DlYBZej6h2XCVVxitqDc5EMEY4pd-hZz11H62BnobdeciuEM2dCRKA07Q_KPAoF3JWCmUf6EjfWgUD0IaZRfCn985ZYQkdYuoBjwEVMn9paM-QlOghGcemUFAl4QCSVWO0TUJ/s200/CIMG0915.JPG" alt="" id="BLOGGER_PHOTO_ID_5334083640904848818" border="0" /></a><br /><span style="font-family: courier new;">here you can see which books I bought in exhibition, Programming Python is one of the best python books ever I've seen, a book with fully of great materials on Python programming whether topics are related to Application development, GUI development, Web Programming, Sys programming and many other things ...</span><br /><span style="font-family: courier new;">you can see materilas which is covered by "Programming Python" , a book from famous publisher O'Reilly</span><br /><ul style="font-family: courier new;"><li>Introduction to Python </li><li>Basic system scripts with Python (including file and directory tools) </li><li>Working with processes and threads </li><li>Pipes and signals </li><li>Sample scripts for system and Web utilities (including backing up files, program launching, replicating and managing directories) </li><li>Graphical user interface design in Python (including the <i>Tkinter</i> module) </li><li>Widgets and basic components </li><li>Layout options </li><li>Event handling </li><li>GUI examples (including a working text editor, image viewer, and clock) </li><li>Network scripting (sockets, FTP, and e-mail clients) </li><li>Server-side scripting </li><li>Sample server scripts for an online errata database </li><li>Python on the Internet (including Zope, JPython, and XML tools) </li><li>Databases and persistence in Python (including <i>pickled</i> objects and <i>shelf</i> files) </li><li>Custom and built-in data structures in Python </li><li>Text and string handling </li><li>C integration with Python (including the SWIG module) </li><li>Embedding Python calls within C </li><li>Hints for using Python in real projects </li><li>Reference to recent changes to Python </li><li>Python vs. C++ quick-start guide</li></ul><br /><span style="font-family: courier new;">another books which I'm interesting in is "Professional Linux Programming" from Wrox .</span><br /><span style="font-family: courier new;">this books is about professional development under Linux OS and is one of the best rated books that you can see ever, in this books you can see even topics that covered Kernel Module Programming, sounds like Loadable Kernel Module Rootkit and bad guys interested in this book surely .</span><br /><span style="font-family: courier new;">here you can see topics which is covered in this treasure :</span><br /><br /><ul style="text-align: left; font-family: courier new;"><li>How to use tools such as compilers, debuggers, and Software Configuration Management </li><li> <p> Ways to interact with Linux systems through network interfaces, graphical user environments, and LAMP stacks </p></li><li> <p> Techniques for building software for different compatible platforms </p></li><li> <p> Tips for utilizing the GNU automated build for faster development </p></li><li> <p> Steps for using emulation and virtualization technologies for kernel development and application testing </p></li><li> <p> How to write your own GNOME software and powerful web applications </p></li></ul><br /></div></div><span style="font-family: courier new;">another books which is dedicated to my vacation times is Wireless Hacking for dummies, this is a simple book about Hacking Wireless networks using ready toolkits which is dedicated to Network and wireless networks, this one is also covered some topics you can see here :</span><br /><ul style="font-family: courier new;"><li>Perform ethical hacks without compromising a system </li><li>Combat denial of service and WEP attacks </li><li>Understand how invaders think </li><li>Recognize the effects of different hacks </li><li>Protect against war drivers and rogue devices </li></ul><br /><span style="font-family: courier new;">the other book which is uniquly is "The web application hacker's hanbook, discovering and exploiting security holes" , sounds like interesting hom !?, this one is dedicated to one who is interested in Web Hacking and web vulnerability discovering, this is also a good book with lots of updated materials which you can see here,</span><br /><br /><span style="font-family: courier new;">This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. </span><p style="font-family: courier new;"> The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results. </p><span style="font-family: courier new;"> The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools. </span><br /><br /><span style="font-family: courier new;">and lastly one of the books which I think is hard to understand is "CCIE Professional Development, Routing TCP/IP " , this one as you surely know is related to cisco networking stuff and is a cisco press book which I interested in, you can see the covered materials here,</span><br /><br /> <div style="font-family: courier new;" class="content"><li>A complete revision of the best-selling first edition--widely considered a premier text on TCP/IP routing protocols </li><li>A core textbook for CCIE preparation and a practical reference for network designers, administrators, and engineers </li><li>Includes configuration and troubleshooting lessons that would cost thousands to learn in a classroom and numerous real-world examples and case studie</li></div><br /><span style="font-family: courier new;">that's all, if you want to buys one of them and need some description about the materilas Quality feel free to contact me or comment it out here .</span><br /><br /><span style="font-family: courier new;">hope to like these information .</span><br /><br /><span style="font-family: courier new;">- Genius</span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com1tag:blogger.com,1999:blog-6635166041087397637.post-34756623121731030442009-04-26T07:54:00.000-07:002009-04-26T08:12:01.179-07:00begin by now ...<span style="font-family: courier new;">hey, folks I dedicate this log to my hobbies and materials which I think about them all the times in a day .</span><br /><span style="font-family: courier new;">I talk about security whether network security or Software security sometimes throught reverse engineering, also I consider that you interested in malware analying, as you know the growth of malwares and internet bots and worm are very effective in nowadays world .</span><br /><span style="font-family: courier new;">'cuze of importance of security and as I like it this blog is up now and wants be update everyday if there's a good thing to write and show up .</span><br /><span style="font-family: courier new;">and for introduction I'm an iranian whom interested in software development and security (whethre network or software) , and I like to be update my information and also interested in Low level programming ( system / device ) for windows ...</span><br /><span style="font-family: courier new;">I'll be happy to see your comments about my posts out there and also if you have a Question feel free to contact with my mail (Genius_s3c_firewall[.at.]yahoo(?dot!)com) </span><br /><span style="font-family: courier new;">you can call me Genius , </span><br /><br /><span style="font-family: courier new;">cheers,</span><br /><br /><span style="font-family: courier new;">- <span style="color: rgb(204, 0, 0);">Genius</span></span>Geniushttp://www.blogger.com/profile/18117695572298502591noreply@blogger.com0