I had to change this script a lot, so take with a grain of salt. That said, we changed about 1000 LOCAL passwords in a couple hours – which would have really taken all day and been more boring.
This program is a hillclimbing program solution to the 8 queens problem. The algorithm is silly in some places, but suits the purposes for this assignment I think. It was tested with python 2.6.1 with psyco installed. If big runs are being tried, having psyco may be important to maintain sanity, since it will speed things up significanlty. Otherwise, you may want to stick to –numrun being less than around 50.
This is a stupid script to scan a class b network. I only wanted a detailed scan of hosts that exist (which I generated with a ping scan). I also wanted this information separated by file.
I’ve made chrome my default linux browser. It’s been performing very well… The thing is, flash on linux is unstable, gosh darn adobe! I have ff crash about every few days due to something like google finance. No more! The separate processes of chrome isolate this somewhat. So although it’s still “unstable” it seems to [...]
http://www.milw0rm.com/exploits/9410
This is something obvious to statisticians but maybe less obvious to most programmers. I recently came across some code that essentially looks like this: x = rand^2. The programer was for some reason assuming that x was still uniform between [0,1]. Of course, this isn’t the case. Although the domain is still between [0,1] the numbers will now be squished down closer to 0.
This is an RTOS developed by myself, with some code taken from FreeRTOS. This is some of the most difficult code I have ever written, although it really doesn’t do anything useful. Man, context switching in C can be a bear! It’s like a programatic buffer overflow! (seriously, you do a function call and just pop off enough stuff to overwrite the instruction pointer).
http://kenshoto.com/vtrace/ Documented commands (type help <topic>): ======================================== alias bpedit detach ignore meta resume stepi vstruct alloc bpfile dis lm mode script struct writemem attach break eval maps ps search suspend autocont bt exec mem python server syms bestname call fds memdump quit signal threads bp config go memprotect reg snapshot var So this looks [...]
Port Knocking and Single Packet Authorization (SPA) are relatively new (circa 2004 and later) techniques used to enable anonymous, temporary activation of remote network services that are otherwise blocked by means of a firewall. These techniques greatly enhance the so-called “zero-day” exploit resilience of systems which properly implement them, but they have weaknesses and more importantly share a weakness common to most common security augmentation system: human nature. This paper presents a framework for securely enabling remote services in a manner which focuses on the human factor, a concept often neglected in security research and the key reason that such systems rarely see widespread usage in the real-world. The primary focus is to make SPA easier for humans to interact with.
Wireless ad-hoc network protocols are a topic of much recent discussion and development. This has prompted many researchers to develop interesting and promising-sounding protocols that should be considered and examined. One such protocol, Authenticated Protocol for Wireless Ad Hoc Networks (APEC), was designed by Robert Hiromoto and Hope Forsmann[1]. APEC has been the subject of an increasing amount of scientific discussion and research around Universities, Laboratories, and professional conferences. In this paper, we examine APEC in depth and discuss many potential problems with the protocol that must be addressed if APEC is achieve widespread acceptance.
The gnu Privacy handbook has a ton of useful information, but I thought I’d make a quick reference for the gpg usage I use most. Especially because I was just an idiot and lost my gpg private key (though I do remember the passphrase) – this time there will be a backup! List all keys [...]
Statistics can be weird. Just when you’ve done the game show paradox, and the birthday paradox, there’s this. I think people in general need to realize that we as humans are just not that good at intuitively knowing probability. From John Rice’s Statistics Textbook: A black urn contains 5 red and 6 green balls, and [...]
From the system man page, it explicitely says: Do not use system() from a program with set-user-ID or set-group-ID privileges, because strange values for some environment variables might be used to subvert system integrity. Since system is basically a fork and wait, it’s pretty easy to use execv instead. Here is a snippet from the [...]
Boinc is a project I just discovered, but find it very cool. I have used projects like the protein folding and seti@home in the past, which use your spare cpu cycles for something useful. Boinc allows you to manage many projects like that in one place. It seems like an awesome way to help scientists discover look at some really cool problems. http://boinc.berkeley.edu/
In CS 504:Real Time Operating Systems, the class built a functional Real Time Operating system based on the UIK API. In my implementation, I heavily relied on the source code of FreeRTOS. The process focused primarily on demonstrating the atmel processor, multitasking, and and basic interprocess communication, which are fundamental parts of an RTOS. In this project, the same problems are achieved with a very different architecture. Namely, all the first programming projects – generating a sound wave, counting LEDs, timing how long buttons were pressed, and handling hardware events – were programmed similarly and multi-tasked on the propeller chip. This project included interfacing with the ntsc and peripheral drivers, writing a sound driver, learning spin and propeller assembly, and comprehending the propeller architecture.
I am doing some research that involves a *lot* of google searches. Because this research involves a significant number of directed queries, it seems logical to hide this information as much as practical. If there is a web host who notices sequential names in a Google referer URL repeatedly, this might raise suspicion or alter behavior which could skew results. Similarly, it is desirable to hide IP information from both the web host (for similar reasons) and possibly even search engines.
A musical “note” is a waveform that has a certain fundamental frequency. A perfect sine wave consists only of the fundamental frequency, and sounds very “pure” or mellow, like a flute. For this project, you are to use interrupts to generate the notes of a musical scale, while at the same time using another interrupt to update a count. We will generate square waves by toggling a bit within a port on and off. Specifically, your program should play the notes from middle C to the next higher C, each of approximately one second in duration. These notes should be playing at the same time that an 8-bit binary count is being displayed in the LED’s, updating at approximately 1/4 second.
http://www.socuteurl.com/ This is just so cute. The ugliness of http://webstersprodigy.net/2009/04/08/avr-interrupts/ can become http://www.socuteurl.com/sqooshywishy
This is an oldie but goodie. I’ve seen format string bugs in the past, and have even exploited a few using the “magic formula”. Today, I thought it would be a good time to actually sit down and figure out how they work. The below link is an excellent resource to anyone learning about these: http://www.cgsecurity.org/Articles/SecProg/Art4/
No computers were harmed in the 0.560 seconds it took to produce this page.