Pank: September 2003 Archives

proftpd exploit

user-pic
Vote 0 Votes

http://xforce.iss.net/xforce/alerts/id/154

Problem Description:

A vulnerability was discovered by X-Force Research at ISS in ProFTPD's
handling of ASCII translation. An attacker, by downloading a carefully
crafted file, can remotely exploit this bug to create a root shell.

Affected Versions:

ProFTPD 1.2.7
ProFTPD 1.2.8
ProFTPD 1.2.8rc1
ProFTPD 1.2.8rc2
ProFTPD 1.2.9rc1
ProFTPD 1.2.9rc2

skype

user-pic
Vote 0 Votes

http://www.skype.com

Skype is the next phenomenon from the people who brought you KaZaA. Just like KaZaA, Skype uses P2P (peer-to-peer) technology to connect you to other users – not to share files this time, but to talk for free with your friends.

The technology is extremely advanced - but super simple to use... You’ll be making perfect quality free phone calls to your friends in no time! Just tell them to get Skype as well, if they don’t already have it.

openssl file 加解密

user-pic
Vote 0 Votes

加密 openssl des -k password -in plainfile -out encryptfile
解密 openssl des -k password -d -in encryptfile -out plainfile

加密並壓縮
openssl des -k password -in plainfile | gzip - > file.gz

Populating the Root File System

user-pic
Vote 0 Votes

轉貼自 Populating the Root File System
mknod fd0 b 2 0
mknod fd1 b 2 1
mknod hda b 3 0
mknod hda1 b 3 1
mknod hda2 b 3 2
mknod hda3 b 3 3
mknod hda4 b 3 4
mknod hda5 b 3 5
mknod hda6 b 3 6
mknod hda7 b 3 7
mknod hda8 b 3 8
mknod hdb b 3 64
mknod hdb1 b 3 65
mknod hdb2 b 3 66
mknod hdb3 b 3 67
mknod hdb4 b 3 68
mknod hdb5 b 3 69
mknod hdb6 b 3 70
mknod hdb7 b 3 71
mknod hdb8 b 3 72
mknod hdc b 22 0
mknod hdc1 b 22 1
mknod hdc2 b 22 2
mknod hdc3 b 22 3
mknod hdc4 b 22 4
mknod hdc5 b 22 5
mknod hdc6 b 22 6
mknod hdc7 b 22 7
mknod hdc8 b 22 8
mknod hdd b 22 64
mknod hdd1 b 22 65
mknod hdd2 b 22 66
mknod hdd3 b 22 67
mknod hdd4 b 22 68
mknod hdd5 b 22 69
mknod hdd6 b 22 70
mknod hdd7 b 22 71
mknod hdd8 b 22 72
mknod sda b 8 0
mknod sda1 b 8 1
mknod sda2 b 8 2
mknod sda3 b 8 3
mknod sda4 b 8 4
mknod sda5 b 8 5
mknod sda6 b 8 6
mknod sda7 b 8 7
mknod sda8 b 8 8
mknod sdb b 8 16
mknod sdb1 b 8 17
mknod sdb2 b 8 18
mknod sdb3 b 8 19
mknod sdb4 b 8 20
mknod sdb5 b 8 21
mknod sdb6 b 8 22
mknod sdb7 b 8 23
mknod sdb8 b 8 24
mknod sr0 b 11 0
mknod sr1 b 11 1
mknod tty c 5 0
mknod console c 5 1
mknod tty1 c 4 1
mknod tty2 c 4 2
mknod tty3 c 4 3
mknod tty4 c 4 4
mknod ram b 1 1
mknod mem c 1 1
mknod kmem c 1 2
mknod null c 1 3
mknod zero c 1 5
for i in 0 1 2 3 4
do
mknod -m 600 tty$i c 4 $i
mknod -m 660 ttyp$i c 3 $i
mknod -m 666 ttyS$i c 4 $[64+i]
done

mke2fs -i -b -J 參數關係

user-pic
Vote 0 Votes

test script

#!/bin/sh
for b in 1024 2048 4096
do
for i in 1024 2048 4096
do
mke2fs -m0 -b $b -i $i -j /dev/hda1 > /dev/null 2>&1
mount /dev/hda1 /mnt
cp -a /devel/flash/conf /mnt
cp -a /boot /mnt
cp system.gz /mnt
echo b=$b i=$i
df -k | grep mnt
df -i | grep mnt
umount /mnt >/dev/null 2>&1
sync
done
done


b=1024 i=1024
/dev/hda1 109363 45137 64226 42% /mnt
/dev/hda1 125056 146 124910 1% /mnt
b=1024 i=2048
/dev/hda1 117171 45137 72034 39% /mnt
/dev/hda1 62592 146 62446 1% /mnt
b=1024 i=4096
/dev/hda1 121075 45137 75938 38% /mnt
/dev/hda1 31360 146 31214 1% /mnt
b=2048 i=1024
/dev/hda1 116820 45184 71636 39% /mnt
/dev/hda1 65536 146 65390 1% /mnt
b=2048 i=2048
/dev/hda1 117196 45184 72012 39% /mnt
/dev/hda1 62528 146 62382 1% /mnt
b=2048 i=4096
/dev/hda1 121100 45184 75916 38% /mnt
/dev/hda1 31296 146 31150 1% /mnt
b=4096 i=1024
/dev/hda1 120928 45336 75592 38% /mnt
/dev/hda1 32768 146 32622 1% /mnt
b=4096 i=2048
/dev/hda1 120928 45336 75592 38% /mnt
/dev/hda1 32768 146 32622 1% /mnt
b=4096 i=4096
/dev/hda1 121116 45336 75780 38% /mnt
/dev/hda1 31264 146 31118 1% /mnt

加了 -j, 預設多了 4MB 的日誌
b=1024 i=1024
/dev/hda1 109363 49251 60112 46% /mnt
/dev/hda1 125056 146 124910 1% /mnt

-J size=1 是最小, 日誌最小為 1024 blocks, 即 -J size=1

結論: 要空間佔最小, mkfs 後空間最大(但是 inode 較少), 日誌最小用
mke2fs -b 1024 -i 8192 -J size=1

Gallery 1.4

user-pic
Vote 0 Votes

Gallery is now internationalized, and can be displayed in over 20 languages! In addition, we've completely overhauled the documentation and made it more accessible and more informative. Other changes include ownership of individual album items, not just of albums, and a slew of minor improvements and bugfixes.

download

My Gallery

MSN 6.1 beta

user-pic
Vote 0 Votes

NoAd fix download

Find 74 13 6A 04
Edit EB -- -- --

Find 74 0A 8B 4E 4C
Edit EB -- -- -- --

Find 74 0A FF 76 04 E8 80
Edit EB -- -- -- -- -- -- --

" 開始 -> 執行 , 鍵入 gpedit.msc ",出現群組原則物件編輯器
在視窗左欄進入" 電腦設定 -> 系統管理範本 -> 系統 "
將視窗右欄的" 顯示關機事件追蹤器 "改成" 已停用 "

initrd 做法

user-pic
Vote 0 Votes

範例環境
欲製作的 system root directory 在 /systemroot
size 大小為 32mb 的 initrd
CF 在 /dev/hdc, 已格式化, 只有一個 partition /dev/hdc1
boot loader 使用 grub

Step 1: 製作 initrd loop device
dd if=/dev/zero of=initrd bs=1024k count=32
mke2fs -F -m0 -i 2048 initrd
mount -o loop initrd /mnt

Step 2: 複製系統至 initrd, 不含 kernel
cp -a /systemroot/* /mnt
umount /mnt

Step 3: 壓縮 initrd, 產生 initrd.gz
gzip -9 initrd

Step 4: 將 kernel 及 initrd.gz 複製到目標(CF, DOM...etc.)
mount /dev/hdc1 /mnt
cp kernel initrd.gz /mnt

Step 5: 安裝 boot loader
cp -a /boot/grub /mnt
printf "root (hd0,0)\nsetup (hd1)\nquit\n" | grub --no-floppy --batch

Step 6: 設定開機設定(menu.lst)
編輯 /mnt/grub/menu.lst 內容如下
timeout 0
default 0
title linux
root (hd0,0)
kernel /kernel ramdisk_size=32768 root=/dev/ram0 quite
initrd /initrd.gz

Oh! happy day

user-pic
Vote 0 Votes

昨天假日看了三部電影
海底總動員 沒有預期中好看, 平平
Oh! happy day 韓片, 張娜拉主演, 她很可愛又爆笑, 滿不錯的片子, 有點我的野蠻女友
的味道, 這裡有一些她的照片
http://www.zhongshan.gd.cn/star/japen/Jang%20Nara/Jang%20Nara.htm
重裝任務 武打滿炫的, 劇情還可以

freebsd fastforward

user-pic
Vote 0 Votes

不要設 net.inet.ip.fastforwarding=1
設了網路不太正常

gallery size

user-pic
Vote 0 Votes

976x732 best fit width for 1024x768 in gallery
一般 page
984x738 best fit width for 1024x768
超過這個 size 就有水平 scroll bar

About this Archive

This page is an archive of recent entries written by Pank in September 2003.

Pank: August 2003 is the previous archive.

Pank: October 2003 is the next archive.

Find recent content on the main index or look in the archives to find all content.