Feeds:
Posts
Comments

It’s for training purpose only so you can understand what you can do with hacking buffer over flow.

In this part 2, I will show you how to execute a hidden code in a program by manipulating the return address of a stack buffer.

It’s a simple c program, compiled with gcc 4.6.1, debugged with gnu debugger 7.3 on Xubuntu 11.10 and with help of python 2.7.1 to create the exploit.

Type the code below and save to “buffer-hidden.c”.

1 #include
2 hiddencode()
3 {
4 printf("The hidden codes is running........ \n");
5 // put your codes here and //
6 // do what you want //
7 }
8
9 getinput()
10 {
11 char buffer[20];
12 gets(buffer);
13 puts(buffer);
14 }
15
16 main()
17 {
18 getinput();
19 return 0;
20 }

Compile it.

$ gcc -g -fno-stack-protector -mpreferred-stack-boundary=2 buffer-hidden.c -o buffer-hidden
$


Continue Reading »

I will try to explain in a simple way what is buffer Over flow.
Buffer is a fixed length memory block where you put your data. If you put data in the buffer that more than it’s capacity, then it will flow over. Like empty 100 ml glass. If you pour 120ml water in it, the 20 ml water will flow over the glass.
Of course the buffer over flow is much more complex than it.

Based on NVD (National Vulnerability Database), the US government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), Buffer Overflow is still the most occurring vulnerability the last quarter century (1988 – 2012). It’s 35% from top vulnerability type with a critical severity. And still reported until 2019 although the percentage is not that high.

The history of buffer overflow was started in 1988, when Robert Morris, a student from Cornell University, created Morris Worm. It’s the first worm computer launching in November 1988. Morris Worm took advantage of ‘gets() function’ in Unix fingered. The Worm spread very fast in Unix machines on that time.

Worm and Virus computer are ‘malicious software’, the other name is ‘Malware’ or ‘Malcode’. It’s design to damage, steal or other ‘bad’ things to data, hosts or network. The only different is Virus need a host program to spread out meanwhile Worm is stand alone. Worm spreads by exploiting the vulnerability of the target system.
Continue Reading »

If you are familiar with Norton Commander that very popular in MS-DOS time, 1986-1998, then mc (gnu midnight commander) is the clone of it. It was started by Miguel de Icaza in 1994. At first release, it was mouseless. It’s pure text user interface based. It’s part of the GNU project and it is licensed under the terms of the GNU General Public License.
There are 3 things that I most like from mc.
-Quick view of a file content.
-Access to hot list directory
-Access to FTP server

To install mc, from your Linux Terminal, type: $ sudo apt-get install mc.
mc01
To run the program, just type: $ mc.
Below is the main screen. As you can see:
Menu Title is on the top. There area Left, File, Command, Options and Right.
-There are 2 panels which display the file system.
Function Keys (F1 …. F10)
Linux prompt, where you can type linux command line here for changing directory. For example, “cd /etc”. It will display directory ‘/etc’ in active panel.

Continue Reading »

Some distros, the default editor is Nano and some is vi. I like vim, may be other users like emacs or atom.
So, how to change our preferred editor become the default text editor?

From your Linux terminal, type:

$ update-alternatives --list editor
/bin/ed
/bin/nano
/usr/bin/mcedit
/usr/bin/vim.basic
/usr/bin/vim.tiny

It will display any editor installed in your system.

To change the default editor, type:

$ update-alternatives --config editor
There are 5 choices for the alternative editor (providing /usr/bin/editor).

Selection    Path         Priority    Status
------------------------------------------------------------
*0      /bin/nano            40       auto mode
1       /bin/ed             -100      manual mode
2       /bin/nano            40       manual mode
3       /usr/bin/mcedit      25       manual mode
4       /usr/bin/vim.basic   30       manual mode
5       /usr/bin/vim.tiny    10       manual mode

Press enter to keep the current choice[*], or type selection number:

editor01
For example, from nano, I want to change to vim.

$ sudo update-alternatives --config editor
There are 5 choices for the alternative editor (providing /usr/bin/editor).

Selection     Path           Priority    Status
------------------------------------------------------------
0           /bin/nano           40       auto mode
1           /bin/ed            -100      manual mode
2           /bin/nano           40       manual mode
3           /usr/bin/mcedit     25       manual mode
* 4         /usr/bin/vim.basic  30       manual mode
5           /usr/bin/vim.tiny   10       manual mode

Press enter to keep the current choice[*], or type selection number:
$

Just press Enter to quit.
Now, my default editor is vim.
editor02

What is Crontab?
Before I answer that question, I will introduce with a linux application called cron. Cron is a daemon (program that runs behind the scene) to execute scheduled commands (Vixie Cron). In another word, cron is an automated time based script execution. Cron is started automatically from /etc/init.d on entering multi-user runlevels. Cron is commonly used for automating system maintenance or administration jobs that may need to run periodically. The term of Cron Jobs is referred from Cron task or jobs.

Any programs that we put in the task scheduler will be placed in a file named ‘crontab file‘.
Cron wakes up every minute to examine all stored crontabs and checking each command to see if it should be run in the current minute.
In this tutorial, I use Linux Ubuntu 11.10.

Let’s check the file. Go to /etc directory and search the file.

$ ls -l crontab
-rw-r--r-- 1 root root 723 2019-05-27 23:11 crontab
$ cat crontab
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
$

This is the content of my cron file. As you can see, there are 4 cron jobs in my crontab file.
crontab01.png
Continue Reading »

JP2A is an application that convert JPG images to ASCII characters. It’s text based, so you need to run in Linux Terminal. Jp2A does not interpolate when resizing. If you want better quality, use “convert” to produce exact output dimensions before using jp2a.

You can install it by typing: “sudo apt-get install jp2a” in your Linux Terminal.
Since I have my jp2a installed already, the display may be different with you.
jp2a-01
Before we start, prepare a small image size.


My image file name is gnome.jpg. To convert the image, just type: jp2a .

$ ls -l gnome.jpg
-rw------- 1 darklinux darklinux 2553 2013-02-26 23:12 gnome.jpg
$ jp2a gnome.jpg

jp2a-03.png
Continue Reading »

Banshee is a media player that use Gstreamer multimedia platform for encoding and decoding various media format. Available for Linux, Windows and Mac. Banshee is released under MIT license. Banshee was the default music player in Ubuntu for few years before replaced with Rythmbox.
Since September 2010, Banshee support iPod, iPhone and iPod Touch.

In this tutorial I use:
Banshee ver 2.2.1
Linux Ubuntu 11.10 Oneiric Ocelot
iPod Nano 5 Generation

Let’s start.
First, check if your iPod is recognized or not.
Connect your iPod to your computer, open Linux Terminal and type “lsusb”. This command will list down any USB devises connected to your system.

$ lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 04f2:b008 Chicony Electronics Co., Ltd USB 2.0 Camera
Bus 001 Device 006: ID 05ac:1265 Apple, Inc. iPod Nano 5.Gen
$

As you can see, my iPod is recognized as iPod Nano 5.Gen.
banshee00
Continue Reading »