Archive

Author Archive

Syscall Hijacking: Kernel 2.6.* systems

December 3, 2010 34 comments

In this guide I will explain how to hijack the syscall in kernel 2.6.*: in particular how to bypass the kernel write protection and the “protected mode” bit of the CR0 CPUs register.
I don’t explain what is a syscall or syscall table: I assume you know what it is.
Read more…

GNU C: Extensions to the C Language Family

November 6, 2010 2 comments

Hi. Today I’ll talk about the extensions to the C language family introduced by the GNU C.
The GNU C provides several language features not found in ANSI standard C. These extensions are available both in C and C++. The `-pedantic’ option directs GNU CC to print a warning message if any of these features is used.
The list of these features is very long: often we use them implicitly. I will show to you only those I consider most useful and “strange”: Read more…

Port-knocking Backdoor

October 21, 2010 5 comments

Hi.
In this post I’ll explain to you how to make a *unix backdoor using a “port knocking” scheme. That is, if we’ll “knock” to some TCP ports that we have initially decided, our program will open a backdoor for us (but only for us :) ).
How does the “port knocking” scheme work? The attacker decides a particular sequence of packets that will be sent to a compromised server where the backdoor is running. When the backdoor program will receive this particular sequence then it will give to the attacker the server’s shell.
Read more…

Bash http_proxy: from a user environment to sudo one

October 14, 2010 9 comments

Hi. Sometimes you can’t connect directly to internet, because you have to go through a proxy (i.e. working environment).
Did you ever have to set up an http proxy on linux shell in order to (i.e) download a new package or manually update your distribution with a packet manager?
If so, you need to be a superuser. If you use the “sudo” command, you will probably stumbled across the inability to export variables from the user environment to the “sudo” one.
Read more…

Categories: Bash, GNU/Linux Tags: , , ,

Win32 API: Passing Socket with IPC method

October 13, 2010 1 comment

Hi. In this post I talk to you how to correctly pass a socket created in a parent process to a child process in Microsoft 9x systems.
If you have ever written a multi-process concurrent server in a Unix environment, you may have noticed that the passage of the socket between parent and son processes takes place directly. That is, the child inherits the variables of his parent, also including the file descriptor associated with the socket.

Read more…

Hello World! – Brain mode

October 12, 2010 5 comments

Hi. How can we write an “hello world!” in brain-mode?
When we want to greet someone, the brain is activated and set as a greeting a phrase known to us: in our case, “hello world!”.
Read more…

Categories: Bullshit, C/C++ Tags: ,

Debian Release Name

October 9, 2010 Leave a comment

Hi. Today Today I leardned about the relationship between the name of the Debian’ releases and the names of the characters of “toy Story”. So I want to explain it to you.
The names of the Debian’ releases come from “Toy Story”, the famous Pixar’s film (link). This is true since the release 1.1, released in the 1996. By this time, Bruce Perens had taken over leadership of the Project from Ian Murdock and Bruce was working as system programmer at Pixar.
Read more…

Categories: Bullshit, GNU/Linux Tags: , ,
Follow

Get every new post delivered to your Inbox.