webstersprodigy.net

proxychains is a pretty amazing tool available at http://proxychains.sourceforge.net/. It is a versitile proxy tool. So folks like me, who would like the source IPs to be from a proxy, or multiple proxys. For me, the main uses are proxying gui port scan stuff like nessus and proxying tor.ychains.sourceforge.net/. It is a versitile proxy tool. So folks like me, who would like the source IPs to be from a proxy, or multiple proxys. For me, the main uses are proxying gui port scan stuff like nessus and proxying tor.

The goal of this project was to integrate all parts covered throughout the lab. Similar to lab7, lab8 fetches microcode from a second memory device. Extending lab7, however, it also performs very basic operations, including add, eq, nop, ld, skipz, and halt. There are 4 physical registers, which will be referred to as 00, 01, 10, and 11.

I had to change this script a lot, so take with a grain of salt. That said, we changed about 1000 LOCAL passwords in a couple hours – which would have really taken all day and been more boring.

This program is a hillclimbing program solution to the 8 queens problem. The algorithm is silly in some places, but suits the purposes for this assignment I think. It was tested with python 2.6.1 with psyco installed. If big runs are being tried, having psyco may be important to maintain sanity, since it will speed things up significanlty. Otherwise, you may want to stick to –numrun being less than around 50.

This is a stupid script to scan a class b network. I only wanted a detailed scan of hosts that exist (which I generated with a ping scan). I also wanted this information separated by file.

I’ve made chrome my default linux browser. It’s been performing very well… The thing is, flash on linux is unstable, gosh darn adobe! I have ff crash about every few days due to something like google finance. No more! The separate processes of chrome isolate this somewhat. So although it’s still “unstable” it seems to [...]

http://www.milw0rm.com/exploits/9410

This is something obvious to statisticians but maybe less obvious to most programmers. I recently came across some code that essentially looks like this: x = rand^2. The programer was for some reason assuming that x was still uniform between [0,1]. Of course, this isn’t the case. Although the domain is still between [0,1] the numbers will now be squished down closer to 0.

This is an RTOS developed by myself, with some code taken from FreeRTOS. This is some of the most difficult code I have ever written, although it really doesn’t do anything useful. Man, context switching in C can be a bear! It’s like a programatic buffer overflow! (seriously, you do a function call and just pop off enough stuff to overwrite the instruction pointer).

http://kenshoto.com/vtrace/ Documented commands (type help <topic>): ======================================== alias     bpedit  detach  ignore      meta    resume    stepi    vstruct alloc     bpfile  dis     lm          mode    script    struct   writemem attach    break   eval    maps        ps      search    suspend autocont  bt      exec    mem         python  server    syms    bestname  call    fds     memdump     quit    signal    threads bp        config  go      memprotect  reg     snapshot  var So this looks [...]

Port Knocking and Single Packet Authorization (SPA) are relatively new (circa 2004 and later) techniques used to enable anonymous, temporary activation of remote network services that are otherwise blocked by means of a firewall. These techniques greatly enhance the so-called “zero-day” exploit resilience of systems which properly implement them, but they have weaknesses and more importantly share a weakness common to most common security augmentation system: human nature. This paper presents a framework for securely enabling remote services in a manner which focuses on the human factor, a concept often neglected in security research and the key reason that such systems rarely see widespread usage in the real-world. The primary focus is to make SPA easier for humans to interact with.

Wireless ad-hoc network protocols are a topic of much recent discussion and development. This has prompted many researchers to develop interesting and promising-sounding protocols that should be considered and examined. One such protocol, Authenticated Protocol for Wireless Ad Hoc Networks (APEC), was designed by Robert Hiromoto and Hope Forsmann[1]. APEC has been the subject of an increasing amount of scientific discussion and research around Universities, Laboratories, and professional conferences. In this paper, we examine APEC in depth and discuss many potential problems with the protocol that must be addressed if APEC is achieve widespread acceptance.

The gnu Privacy handbook has a ton of useful information, but I thought I’d make a quick reference for the gpg usage I use most. Especially because I was just an idiot and lost my gpg private key (though I do remember the passphrase) – this time there will be a backup! List all keys [...]

Statistics can be weird. Just when you’ve done the game show paradox, and the birthday paradox, there’s this. I think people in general need to realize that we as humans are just not that good at intuitively knowing probability. From John Rice’s Statistics Textbook: A black urn contains 5 red and 6 green balls, and [...]

From the system man page, it explicitely says: Do not use system() from a program with set-user-ID or set-group-ID privileges, because strange values for some environment variables might be used to subvert system integrity. Since system is basically a fork and wait, it’s pretty easy to use execv instead. Here is a snippet from the [...]

“There are only n minus two choices remaining.” I hear people walking in late, like I usually would be, but in this situation it’s actually impossible since the schedule revolves around me. I kinda live in a computer world lately. Where like, most social interaction I get is over irc and sometimes facebook, but god [...]

In summary (from http://slashdot.org/~arizwebfoot): Crooked, obscene, irrational, ineffective assistance of counsel, insane, tom foolery, crooked, baseless, should have used NYCL, undeserved, excessive, way excessive, legally raped, crooked, sanctions, more sanctions, terroristic actions, bungled, inept, crooked, bad dog bad, sit in the corner, stupid, payback, legal hos, dumb award, timeout, crooked, who ya gonna call, something [...]

This is an experiment in playing a homeless family in The Sims 3. I created two Sims, moved them in to a place made to look like an abandoned park, removed all of their remaining money, and then attempted to help them survive without taking any job promotions or easy cash routes. It’s based on [...]

Boinc is a project I just discovered, but find it very cool. I have used projects like the protein folding and seti@home in the past, which use your spare cpu cycles for something useful. Boinc allows you to manage many projects like that in one place. It seems like an awesome way to help scientists discover look at some really cool problems. http://boinc.berkeley.edu/

Pros: Fits my girthy frame, has wolves on it, attracts women Cons: Only 3 wolves (could probably use a few more on the ‘guns’), cannot see wolves when sitting with arms crossed, wolves would have been better if they glowed in the dark.