22 November 2012

CSR Certificate Signing Request

Permohonan utk Sign Certificate



following steps found at:
        https://devcenter.heroku.com/articles/csr

1) creating private key
        openssl genrsa -des3 -out server.orig.key 2048
2) creating passphrase-less key
        openssl rsa -in server.orig.key -out server.key
3) generate csr(certificate signing request)
        openssl req -new -key server.key -out server.csr

additional:

to generate public key from the private key
        openssl rsa -in server.orig.key -pubout > server.orig.key.pub

16 November 2012

optimus on linux

https://wiki.ubuntu.com/Bumblebee


Bumblebee aims to provide support for NVIDIA Optimus laptops for GNU/Linux distributions. Using Bumblebee, you can use your NVIDIA card for renderinggraphics which will be displayed using the Intel card.

08 November 2012

compile assembly 32 bit atas platform 64 bit

Atas ubuntu 64 bit.

Utk kompile binary 64 bit:
nasm -f elf64 -g -F stabs a-eatclib.asm
gcc a-eatclib.o -o a-eatclib



Utk kompile binary 32 bit:
nasm -f elf -g -F stabs a-eatclib.asm
gcc a-eatclib.o -o a-eatclib -m32


assembly panggil libc

cara assembly  panggil libc:  [printf]

; cara nak kompil

;    nasm -f elf -g -F stabs a-eatclib.asm
;    gcc a-eatclib.o -o a-eatclib -m32


EatMsg: db "Saya makan Nasi 0x%x pinggan/n",0
EatMsg2: db "Saya makan Nasi 0x%x pinggan/n",10, 0  ; yg ni baru ada new line
extern printf
global main ; Required so linker can find entry point

main:
push ebp ; Set up stack frame for debugger
mov ebp,esp
push ebx ; Program must preserve ebp, ebx, esi, & edi
push esi
push edi
;;; Everything before this is boilerplate; use it for all ordinary apps!

push esp
push EatMsg
call printf
add esp, 4

;;; Everything after this is boilerplate; use it for all ordinary apps!
pop edi ; Restore saved registers
pop esi
pop ebx
mov esp,ebp ; Destroy stack frame before returning
pop ebp
ret ; Return control to Linux

01 November 2012

encrypt: loop file


LOOP TUTORIAL
loop tutorial at http://www.saout.de/tikiwiki/tiki-index.php?page=looptutorial

Setting the Loop File
        1>      dd if=/dev/urandom of=/home/secret bs=1M count=100
        2>      losetup /dev/loop0 /home/secret
        3>      modprobe dm_crypt
        4>      cryptsetup -c aes -y create secret /dev/loop0
        5>      mke2fs -j /dev/mapper/secret     (ext3)
        5>      mke2fs -t ext4 -j /dev/mapper/secret     (ext3)
        6>      mount /dev/mapper/secret /mnt/secret

getPC

GetPC:


Kaedah 1.
$+0:    E8 00000000 CALL    $+5         ; PUSH $+5 onto the stack
$+5:    59          POP     ECX         ; ECX = $+5
$+6:    ...shellcode...

Oleh kerana argument kepada CALL (E8) adalah relatif(offset) kepada kod CALL, maka value-nya ialah 0. Tapi nullbyte ni tak boleh guna dalam shell code.


Kaedah 2)
$+0     EB XX       JMP     SHORT $+N   ; Jump to the call instruction
$+5:    59          POP     ECX         ; ECX = $+N+5
$+6:    ...shellcode...
$+N:    E8 FFFFFFXX CALL    $+5         ; PUSH $+N+5 onto the stack and jump back to $+5
Kaedah ni limitationnya adalah pada saiz shellcode. Saiz maksimum adalah 126 bytes. Kalau nak lebih besar, kena buat jump pada lokasi $+N-2, jump kepada $+N+5.
Flow eip seperti berikut:
  1. $+0
  2. $+N
  3. $+5   ;  ecx  dapat lokasi $+N+5
  4. $+6   ;  execute shellcode


Kaedah 3)
$+0  EB FFFFFFFF CALL    $+4         ; PUSH $+5 onto the stack and jump to $+4
$+5: C8 59XX XX  ENTER   XX59,XX     ; Does not get executed like this; see below.
Kaedah guna trik yg menarik. Bila [call $+4 ] di larikan, EIP akan jadi $+4, bukan $+5. Jadi instruction yg akan dijalankan adalah spt berikut:
$+4:  FFC8     DEC     ECX   ; Does nothing useful; can be considered a NOP.
$+6:  59       POP     ECX   ; ECX = $+5
$+7:    ...shellcode...