Hello. It's a just small example of hello world from SLAE course
; HelloWorld.asm
; Author: Andriy Brukhovetskyy
global _start
section .text
_start:
;print hello world on the screen
mov eax, 0x4
mov ebx, 0x1
mov ecx, message
mov edx, mlen
int 0x80
;exit the program gracefully
mov eax, 0x1
mov ebx, 0x5
int 0x80
section .data
message: db "Hello World!"
mlen equ $-message
;int 0x80 invoke a system call
For creating object from this .asm you need (install if missed nasn, sudo apt-get install nasm in Ubuntu)
sudo nasm -f elf32 -o helloworld.o hw.asm
and then
ld -o HelloWorld helloworld.o
more information about syscalls in Ubuntu you can find in: /usr/include/i386-linux-gnu/asm/unistd_32.h
Nice article : Sysenter Based System Call Mechanism in Linux 2.6
Best regards
viernes, 29 de noviembre de 2013
lunes, 25 de noviembre de 2013
[Cheat sheet] Assembly language x86
Hello, today I searching for a good cheat sheet for Intel Assembly x32, I found one here pdf
Best regards
domingo, 24 de noviembre de 2013
Jailbreak PS3 12Gb Super Slim OFW 4.50
This weekend I searching information about how to jailbreak PS3 12Gb Super Slim with OFW (firmware official) 4.50, this version is published in October-November 2013.
In many forums/blogs/pages people offer .PUP for downgrade PS3 to version 3.55, this version needed to can install CFW (custom firmware), all what I found it's a scam, what offers to you download .PUP for free from page X with putting your phone number and with a small letter at the end of a page they say what you will pay > 30 euros and you will subscribed to X services.
So at the moment the unique solution is flashing with E3 Flasher or with the Cobra ODE.
Here you can see how to install Cobra ODE on PS3 serie 4000 (SuperSlim).
This information published just for education purpose and protect you from scams, if you do jailbreak the author is not responsible for any damages, you do it at your own risk. In many countries jailbreak is illegal.
Best regards
domingo, 10 de noviembre de 2013
[Script] VirusTotal public and private API v2 with all features
Few days ago I finish to improve previous script and add private API support, so very big thank to VirusTotal team for this :)
I will show a few options with examples, for all options see usage
Important! Some functions as behaviour have many options, if you want active all of them, just use -v/--verbose. For get more details from report use verbose mode.
You can use options --dump for dump json to file, and after analyse it, you can combine this, so you will can see a report and dump him to file, and after pass file as the parameter instead of hash/scan-id/url/etc...
File scan:
Important, if file has been scanned before, you will get a report, file will not be uploaded
Files with size bigger then 32mb will be ignored and you will see warning with file name
You can use name/path wildcard as: /home/user/malware*/*Zeus*
vt.py -f path_to_file
vt.py -f path_to_file -v #with verbose mode you will see the same more detection by AV's
Url scan and report:
Depend of API, if you have public API you can scan up to 4 urls. With private api up to 25 urls.
Example for scanning 2 urls/domains
python vt.py -ur google.com virustotal.com
When you trying to get report and url/domain is not scanned before, and you will upload it to scan you can execute it with option:
python vt.py -ur -u google.com virustotal.com
If you directly want add it to scan/rescan just execute it as:
python vt.py -u google.com virustotal.com
Report search
Here you can use md5/sha1/sha256 hash or scan-id
python vt.py -s 99017f6eebbac24f351415dd410d522d
MD5 : 99017f6eebbac24f351415dd410d522d
SHA1 : 4d1740485713a2ab3a4f5822a01f645fe8387f92
SHA256 : 52d3df0ed60c46f336c131bf2ca454f73bafdc4b04dfa2aea80746f5ba9e6d1c
Scan Date : 2013-11-02 05:21:11
Detections:
39/46 Positives/Total
output is very long, so it's just a part of him
Permanent link : https://www.virustotal.com/file/52d3df0ed60c46f336c131bf2ca454f73bafdc4b04dfa2aea80746f5ba9e6d1c/analysis/1383369671/
Domain search:
Get resolver Ip and date of the domain
python vt.py -d http://027.ru --dump -v #public api
Domain search:
Get resolver Ip and date of the domain
python vt.py -d http://027.ru --dump -v #public api
Get domain info with all info: # the same execution but with private api
You can get all info with verbose mode or just activate options what you want to see, see usage
You can get all info with verbose mode or just activate options what you want to see, see usage
Get IP info:
python vt.py -i ip/json_dump #public api
python vt.py -i ip/json_dump #public api
Search report
python vt.py -s 99017f6eebbac24f351415dd410d522d #private api example
ExifTool file metadata:
<cutted>
Permanent link : https://www.virustotal.com/file/52d3df0ed60c46f336c131bf2ca454f73bafdc4b04dfa2aea80746f5ba9e6d1c/analysis/1382633189/
Cluster info:
python vt.py --cluster 2013-10-01
Distribucion:
python vt.py --distribution-files --report --limit 1
python vt.py --distribution-urls
Permanent link : https://www.virustotal.com/url/6df0f88d03421a4c202bb6151d4b16666be0d8fac3780d387a5b818ca824d6b7/analysis/1383121114/
Get comments:
Behaviour:
it's very cutted output of behaviour, because is very very long
And much more!
Process Tree
pid:484
name:82a4d0467f93e3ddec3b51a66dbd55cfce3f6c5725d2759850fb4b3b37c28304
children:[]
You need to see usage for all options
python vt.py -h
Enjoy it!
sábado, 9 de noviembre de 2013
[How-to] Backdoor + DDNS + VM as server
This day I played with ¿Backdoor?, As I notices a principal module for creating a secure channel for communication between server<>client is outdated and don't work with lates version of python Crypto library (missed Iniciacion Vector in AES implementation), so I work for the update full this script to python 2.7.x and updated parts with AES encryption, so soon I hope I will send updated source to author and he will update it, and small bug fixes :)
But return to the initial theme, as I see many of the people have the problem with connections between DDNS(example: no-ip.com) with forwarding traffic from the router to the virtual machine.
After a bit of research I get the solution.
For start by parts:
1) How to Create a Free Redirect Domain With No IP
2) IMPORTANT: Set your virtual machine static ip address and put this machine in DMZ, and configure network card in bridge mode, for get the same ip range what and the rest of machines on your lan.
3) Set Up Port Forwarding on a Router
Finally as you can see everything work perfect :)
Best regards :)
domingo, 3 de noviembre de 2013
[How-to] How To View Passwords For Wi-Fi Access Points Saved On Your Android Device
With multiple Wi-Fi access points saved on your Android device, it is quite normal to forget the security key to a certain network. This article presents a small, handy work-around for the rare instance where you need to view a forgotten password. For instance, your friend needs to connect to the Wi-Fi network you’re currently using on your Android device, he or she asks you for the security key but you just can’t remember it. What do you do? Read on after the jump to find out.
Albeit through a counter-intuitive way, the app can help you with finding passwords of your Wi-Fi access points, old or new. This method requires your device to have root access. If it doesn’t, type “rootdevicename” in the search bar above to gain root access on your device using one of our own guides, or you may simply take a look at our comprehensive compilation of Android root guides to see if your device is listed there or not, and if it is, how to gain root access on it.
Also, you’ll need a file explorer that gives you read access to root-level documents. Root Explorer and Super Manager (Professional Edition) includes said feature.
- Navigate to the root directory /data/misc/wifi. If your file explorer opens the SD card (/mnt/sdcard) directory by default, press back twice to open the root directory, then navigate to the mentioned path.
- Open the document wpa_supplicant.conf. If you’re using Root Explorer, simply tap the file to open it in a text viewer or hold it (long tap) to open its context menu and select View as text to do the same.
- From within said file, you can view all your saved Wi-Fi access points along with their passwords. Look under the SSID (Access Point Name) of the Wi-Fi network whose password you need to view. The password is written within quotes in the line that says psk=”password”.
As evident by the screenshot above, once you open said conf file, you’ll be able to sneak peek into almost every access point that ever got registered with your Android. All you need to do is lookup for the required access point, note down the password displayed under it, key it in the password field, and you’re good to go. The above method has successfully been tested on HTC Desire Z (running CM7). Hopefully, we shall soon be introduced to an app that has the propensity to automatically fetch APs from said file, complete with passwords and other relevant settings, and tie them to the present APs with the same titles. Till then, manual route is the best route!
Suscribirse a:
Entradas (Atom)