putting the hack back in data
Everyone’s abandoning the sinking ship of Xen (as of RHEL 6 focuses on KVM) and so should you, follow these step to the wonderful world of VMware (fanboyish) :)
Power off and export your Xen machine to a xva file (right click in the left menu), down to a Linux/BSD machine and run
# tar -xf example.xva # xvatool -p disk-export Ref\:3656/ example-disk.raw # qemu-img convert -f raw -O vmdk example-disk.raw example-disk.vmdk
xvatool is a free tool (\w sourcecode)
Everyone programming in C/C++ should consider using static code analysis, in short static code analysis is a concept where the source code is analysed pre-compilation to find possible errors or bad coding styles. I have not yet had the privilege to work with a commercial product like Coverity or Klocwork. But among the freely available projects like Oink and cppcheck for C++. I have been using cppcheck regularly for over a year and it is by far the best one I’ve tried. It has found numerous of bugs, some more critical and unnecessary than others.
This weekend I did look into cppchecks internal structure (great code btw), and also make a custom patch, that will add a “possible style” error when using substr before find on a stl string. This may result in huge performance losses since substr(offset) copies the string before using find, which is very unnecessary since find have a offset parameter intended for this use.
:)
So if you ever wondered how to implement an LRU cache like a stl container with stl containers, this is how I did it. Released to public domain.
#ifndef _LRUCACHE_HPP_
#define _LRUCACHE_HPP_
#include <list>
#include <map>
template<typename Key, typename Value>
class LRUCache
{
public:
/* Shortcuts */
typedef std::list< std::pair< Key, Value> > List;
typedef typename List::iterator ListIter;
typedef typename List::const_iterator ListIterConst;
typedef std::map< Key, ListIter > Index;
typedef typename Index::iterator IndexIter;
/* Constructor */
LRUCache() : m_size(0) {
}
~LRUCache() {
}
/* Iterators */
ListIterConst begin() const {
return m_list.begin();
}
ListIterConst rbegin() const {
return m_list.rbegin();
}
ListIterConst end() const {
return m_list.end();
}
ListIterConst rend() const {
return m_list.rend();
}
/* Capacity */
bool empty() const {
return m_list.empty();
}
size_t size() const {
return m_list.size();
}
void set_max_size(size_t size) {
m_size = size;
}
size_t max_size() const {
return m_size;
}
/* Modifiers */
void insert(const Key& k, const Value& v) {
IndexIter _i = m_index.find(k);
// update current item
if (_i != m_index.end()) {
(*_i->second).second = v;
_touch(_i);
return;
}
// insert new item
m_index.insert(
std::make_pair(
k,
m_list.insert(
m_list.begin(),
std::make_pair(k, v)
)
)
);
// truncate if the list is too big
if (m_size && m_list.size() > m_size) {
ListIter _l = m_list.end();
--_l;
remove(_l->first);
}
}
void remove(const Key& k) {
IndexIter _i = m_index.find(k);
if (_i != m_index.end()) {
m_list.erase(_i->second);
m_index.erase(_i);
}
}
void clear() {
m_index.clear();
m_list.clear();
}
/* Operations */
bool find(const Key& k, Value& v, bool touch = true) {
IndexIter _i = m_index.find(k);
if (_i != m_index.end()) {
v = (*_i->second).second;
if (touch) _touch(_i);
return true;
}
return false;
}
protected:
size_t m_size;
List m_list;
Index m_index;
// move item to head
void _touch(IndexIter& _i) {
m_list.splice(m_list.begin(), m_list, _i->second);
_i->second = m_list.begin();
}
};
#endif
It should be implemented like this..
#include "lru.hpp"
#include <string>
#include <stdio.h>
int main()
{
LRUCache<std::string, int> lru;
lru.set_max_size(2);
lru.insert("foo", 1);
lru.insert("bar", 2);
lru.insert("foo", 3);
lru.insert("moo", 4);
int f;
if (lru.find("foo", f))
printf("found foo %d\n", f);
if (lru.find("bar", f, false))
printf("found bar %d\n", f);
if (lru.find("moo", f, false))
printf("found moo %d\n", f);
for(LRUCache<std::string, int>::ListIterConst l = lru.begin();
l != lru.end(); l++)
{
printf("item %d\n", l->second);
}
return 0;
}
A very annoying bug in synergy (for Linux) that I guess many people struggle with is the “auto-repeat” bug, whenever you re-enters a client desktop, synergy keeps turning of auto-repeat in X (for reason unknown?). Today I got to the point that I had to do something, then I remembered that I fixed it last year and created a patch (and since synergy haven’t been updated since then, it’s still working).
For you to apply the same patch:
1. Verify that you have the latest (as of today) synergyc version 1.3.1.
$ synergyc --version synergyc 1.3.1, protocol version 1.3 Copyright (C) 2002 Chris Schoeneman
1. or download the synergy from sourceforge.net.
2. Download synergy-1.3.1-autorepeat.patch.
3. Unpack, patch and build.
$ tar -xzf synergy-1.3.1.tar.gz $ patch -p0 < synergy-1.3.1-autorepeat.patch patching file synergy-1.3.1/lib/platform/CXWindowsScreen.cpp $ cd synergy-1.3.1 $ ./configure && make
Ubuntu users (and others) may need to apply this synergy-1.3.1-ubuntu-9.10 as well.
$ patch -p0 < synergy-1.3.1-ubuntu-9.10.patch
…and try to recompile.
4. Install
If you’re like me, already have synergyc install, you may only want to replace the synergyc binary and restart synergyc.
$ whereis synergyc synergyc: /usr/bin/synergyc ... $ sudo cp ./cmd/synergyc/synergyc /usr/bin/synergyc $ xset r
or install synergy…
$ sudo make install $ xset r
And we’re done!
The other day, I was searching for a PHP “encrypter”. In short anything that doesn’t yell something about “compiled byte code” is highly reversible to the original source code (with more or less effort) but even so… It won’t be anything more than annoying rather than secure. As of today the most secure engine is probably Zend Guard (they if anyone should know how to do it the best way).
Zend Guard costs about € 600.00, which may seems like a whole lot when compared to “cheaper” solutions like… hmm let’s say SourceCop or PHP LockIt (these are just two of many many more) The only problem is that…
They only rip people of by telling them they are, stupid statements like “How strong is the encryption ? Is it 128/256/384 bit? The encryption is none of these. It is our own encryption algorithm.” and “By encrypting your code, you are placing a hurdle and making it almost impossible for a human mind to understand.” so today we will go beyond the possible and learn how this program works…
SourceCop will replace the content of all your PHP files to what seems to be a secure version. There will also be a folder named scopbin. The scopebin/911006.php is their “decoder”.
“Protection” against decoding these files consist of plain-text checking if print, echo, sprint and sprintf -calls exists in the current script (haha you guys missed functions like file_put_contents and a whole lot of others thou :P) or we could simple disable this checking all together…
The decode engine’s all functions and variable named are annoyingly obfuscated, but it’s no problem for the human mind to understand (mainly because 99% of the code does nothing, just a number of function that is never called).
For this article I created a source file called hello.php (<?php echo “hello world”; ?>). Run SourcCop; then if you open hello.php, at the very end you will see
$REXISTHEDOG4FBI='E113107EF94AF041 F391849E9104A2E68E6 E48F557338ABB E3BBFA0EFB981F570';
$REXISTHECAT4FBI='94CD76CD371C5A7BC70C186E779C293B9B49BACA5A781A6';
eval(y0666f0acdeed38d4cd9084ade1739498('2A2D B A A4EB5D86B',$REXISTHEDOG4FBI));
?>
If you replace
eval(
with
file_put_contents("php://stdout",
you will have your source code back just as it was before you run SourceCop, because their security model is based on that you should not modify the code at all, you should just look at it and say, “oh this isn’t what I expected it seems encrypted, so it must be secure” :P
But let’s look inside their y0666f0acdeed38d4cd9084ade1739498($data, $key) function which is supposed to protect the code (and return it in plain-text) :P
<?php
// this is a cleaned up version
$data = '2A2D B A A4EB5D86B';
$key = 'E113107EF94AF041 F391849E9104A2E68E6 E48F557338ABB E3BBFA0EFB981F570';
function decode($data, $key)
{
$ret='';
$t=0;
$y=hexdec('&H'.substr($key,0,2));
foreach(str_split(substr($key,2), 2) as $k)
{
$k = hexdec($k);
$x=$k ^ ord($data[$t++%strlen($data)]);
if($x<=$y)
$x=255+$x-$y;
else
$x=$x-$y;
$ret=$ret.chr($x);
$y=$k;
}
return $ret;
}
echo decode($data, $key);
?>
Question: why did you put so much effort into it? your target customers for SourceCop would probably buy it even if it did a rot13 rotation or base64 decoding.
They are just as bad, maybe a little bit more annoying. But once figured out it’s just as simple; put this on top of every PHP LockIt protected file and the source code is yours again…
<?php
$script = file_get_contents(__FILE__);
if (!preg_match("/OO00O0000=(\d*);/", $script, $scriptlen))
die("failed :( do by hand...");
$scriptlen = $scriptlen[1];
if (!preg_match("/OOO0000O0\('(.*?)'/", $script, $script2))
die("failed :( do by hand...");
$script2 = base64_decode($script2[1]);
if (!preg_match("/\),'(.*?)','(.*?)'\)\);eval/", $script2, $script3))
die("failed :( do by hand...");
echo base64_decode(strtr(substr($script, $scriptlen * -1), $script3[1], $script3[2]));
die();
?>
I don’t understand how anyone can take some of these companies seriously, but some do or else they wouldn’t exist!
Spread the word :)
So, I finally decided to get this blogging thing started. No, it’s not my first attempt, so what’s the difference this time? What will make it stay alive? Well for starter I won’t build my own blogging/site tool, this time I’m using wordpress. And what a good first experience!
I started out with a fresh ubuntu server installation (LAMP); sitting in the terminal having no idea what to do next, I fired up Firefox, googled for “ubuntu wordpress” and found the “official documentation“.
sudo apt-get install wordpress php5-gd
Couldn’t be easier…right? Well I had one problem. When trying to install a new theme it kept asking me for FTP credentials (Connection Information), everywhere I looked people just suggested more and more stupid thing about running chmod, chown and what not.
..30 minutes later I turned back to the ubuntu documentation and…
Yeah, I kind of stopped reading after it told me to “Now, browse to…” I though I could do the rest on my own so I missed a little important part about file permissions!
chown -R www-data /usr/share/wordpress
Why didn’t the apt-get installation do this for me?