fidzu : ubuntu

This isn't an intro to metasploit, but more a reminder to myself of things that are useful to know, but maybe not used all the time (or relatively new).

Meterpreter

• Reliable communications are now a thing in meterpreter.
• Transports are useful for maintaining persistent connections: if your connection is lost, it will retry.

17 Jul 2018 3:52am GMT

I recently had an opportunity to handcraft shellcode with unusual restrictions, and appreciated that there's a number of ways to accomplish any goal in an ISA as flexible as x86. (Most of these techniques will apply to x86-64 as well, but the work I was doing happened to be 32 bit, so that's what I will use as an example.) Obviously, this won't be comprehensive, but it's just a reminder of different ways you can do something. If you ever think it's impossible, remember to try harder.

Most of my examples will use eax, unless a special circumstance applies (i.e., dealing with esp, eip, etc.). They're not all going to be strictly synonyms, because many of them will have varying side effects (flags, etc.). I will try to note any that have potentially undesirable side effects like clobbering other registers, leaving the stack modified, etc.

Zero Out a Register

1

mov eax, 0

Straight out zero: has the disadvantage of sticking a bunch of NULL bytes in your output, which is a problem for many use cases.

1

xor eax, eax

Because a^a=0, xoring a register with itself clears it. Nice and short (2 bytes) and no NULL bytes.

1

shl eax, 32

This works by zero-filling of shifts.

1
2

mov eax, -1
not eax

This sets eax to 0xFFFFFFFF, then inverts it.

1
2

mov eax, -1
inc eax

Similarly to above, but it increments rather than inverts eax.

17 Jul 2018 3:52am GMT

Welcome to the Ubuntu Weekly Newsletter, Issue 536 for the week of July 8 - 14, 2018. The full version of this issue is available here.

In this issue we cover:

• Ubuntu Stats
• Hot in Support
• Ubuntu Fest in Daejeon/Korea
• LoCo Events
• This Week in Mir (13th July, 2018)
• KDE Plasma bugfix release 5.12.6 is now available for Kubuntu 18.04 LTS
• Canonical News
• In the Blogosphere
• In Other News
• Featured Audio and Video
• Upcoming Meetings and Events
• Updates and Security for 14.04, 16.04, 17.10, and 18.04
• And much more!

The Ubuntu Weekly Newsletter is brought to you by:

• Krytarik Raido
• Bashing-om
• Chris Guiver
• And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

16 Jul 2018 8:58pm GMT

I know I'm very late, but I really wanted to talk about this year Google Summer of Code.

For the third year in a row, I was a mentor. And this year I have a huge deception to share. I'm really sad. This week, I'v received the GSoC 2011 t-shirt. They sent me the wrong size. XXXL. I can use it as a sleeping bag with my girlfriend. I'm really disappointed.

Hopefully, GSoC is not only about receiving a t-shirt. It is also about mentoring a student.

Nearly two years ago, I started working on a complete refactoring of GTG. The code was a mess, with a lot of duplicate everywhere, with two bugs appearing while you were trying to solve one, etc.

I abstracted the structure we were using in several places and started to write a library to handle those "Acyclical Directed Graphs". As usual, it appeared that development was taking longer than expected. Weeks turned into months. Then, when it started to look good, I discovered that I forgot one critical point: thread-awareness. I felt hopeless.

Because I didn't had the motivation to do that heavy work, I proposed it as a Summer of Code project to a very motivated student: Izidor Matušov^[1].

Words doesn't do any justice to the excellent work that Izidor did this summer. He's simply awesome. Some students are goods because they have previous experience. Izidor kicks asses. He learns so quickly, he's so assertive. The work was even harder than what we anticipated. But he managed to achieve everything, including feeding me with cookies at the Desktop Summit, where we met and had an awesome hacking week.

As much as I'm deceipted about the t-shirt, I'm delighted about the work achieved this summer. Izidor now knows GTG nearly as much as I do. He's taking initiatives, like organizing an online GTG hackfest on November 26th^[2] and he's a bug-answering machine.

Dear Google, GNOME foundation and Lanedo^[3], I would like to thank you. Thanks to your support:

1. I received a worthless piece of clothes that travelled half of the world in order to clean my cat's dirtiness.
2. GTG 0.2.9 should be released before the end of the year
3. GTG gained a new co-maintainer
4. I gained a new friend. And it probably worth everything else.

Congratulations, co-maintainer Izidor. And welcome to the community!

06 Nov 2011 6:23pm GMT

Part 1 : Introduction
Part 2 : Home is Desktop
Part 3 : There's no tray icon in GNOME !
Part 4 : Kill The Double Click

When I started installing the best desktop possible for Marie and Jean, we were still in the GNOME 2.X era. GNOME 3 solved my previous concerns. No in the way I envisioned it, but solved them anyway. No more desktop icons, no more tray icons.

But now that I'm introducing Marie and Jean to GNOME 3, I still have some concerns. And one of that main concern is the infamous double-click!

Do you remember? Jean is a very brilliant mind, even though he never used a computer during his whole life. As a reasoning scientist, he was trying to find the logic behind my teaching.

During one of our first lesson, "Using the mouse", the conversation went like this:
- How do I know if I have to click or double click?
- Well, you double-click on icon and simple click on links and buttons.
- How do I know what is a button or an icon?
- …

Since that time, I've tried many times to find a logic behind single or double clicking. There is not. You have to learn it by experience. And it is totally, utterly pointless.

I also realized that a single click was something really hard for Jean. Achieving to click on a given point without moving the mouse is really hard for older people. Then, ask them to click twice, with a completely arbitrary speed, without moving the mouse, not to quickly, not to slowly. Impossible.

Marie, on her side, was double-clicking everywhere. And, surprisingly, it works most of the time.

So, why do we have double-click in some places? Because we want to be able to select an item without "activating" it. How often does it happen? Never for Jean. Very rarely for Marie.

To summarize, we are making the most frequent action very hard to nearly impossible in order to allow a very rare action?

I tried to disable completely the double-clicking in Nautilus.

Do you know what?

It works. Even for me. I had chronic pain in my hand and disabling double-click was a relief. I explained to Marie to never double-click anymore. She's still double-clicking from time to time but everything works even better than before. Jean was eventually able to launch a file from within Nautilus.

Selection of one or multiple file with single mouse click

What about selection of files? I explained to Marie to draw a square with the mouse. And, yes, she found that absolutely intuitive. The only drawback I found so far was the inconsistency with lists, where double-clicking is still required. Marie called me one day because she tried to play a specific song in Rhythmbox. It wasn't working. I realize that she had to double-click on the song. "But you told me to never double click anymore!". Sorry Marie.

I'm myself incredibly frustrated by any system that requires double-click. Why do we still have double-click by default in GNOME3?


Part 1 : Introduction
Part 2 : Home is Desktop
Part 3 : There's no tray icon in GNOME !
Part 4 : Kill The Double Click


Picture by Dave Dugdale

05 Nov 2011 12:17pm GMT

Si vous deviez me décrire en deux mots, nul doute que fourbe et profiteur vous viendraient spontanément à la bouche. Paresseux, parasite et inutile suivraient de près. Et j'en suis fier. J'en ai même fait mon mode de vie.

Ma technique est simple mais éprouvée. Je croise un inconnu dans la rue à l'air affable. Tenez, prenez ce jeune homme à l'allure dynamique. Il s'appelle Jean, c'est ma prochaine victime. Il ne se doute encore de rien mais j'irai dormir dans le lit de sa femme tout en vidant son frigo.

Au premier abord, je fais le numéro du sympa-sociable, les circonstances m'ont conduit dans la rue, où j'ère sans but précis, mais je ne me plains pas, je ne quémande rien, au contraire, je refuse tout geste de pitié trop ostentatoire. J'ai ma fierté.

Lorsque Jean se propose de m'emmener manger à la maison, juste pour la soirée, je fais d'abord mine de ne pas être intéressé. Mais mes yeux acquiescent et Jean, en rigolant, insiste, me forçant presqu'à le suivre. Inutile de vous dire que c'est ce que j'attendais mais la victime doit croire qu'elle a l'initiative, c'est primordial.

Martine, la femme de Jean, n'est que moyennement contente de cet imprévu. Qu'à cela ne tienne, je fais mon charmeur, je séduis tout en ayant l'air de ne pas vouloir déranger. Je fais également un peu le pitre pour la dérider.

Et ça marche. Avant la fin de la soirée, elle discutera avec moi plus qu'avec Jean lui-même, ce dernier étant parfaitement inconscient du destin de proie que je lui réserve. De manière indirecte, je fais comprendre que je n'ai nul part où aller. Jean et Martine n'ont pas le cœur de me renvoyer seul dans le froid de la nuit. Ils se proposent donc de m'héberger, juste pour une nuit. Tandis que je m'installe confortablement sur le sofa, j'entends Martine descendre l'escalier. Elle est en déshabillé, prête à aller au lit.

- « Bonne nuit ! » me lance-t-elle avec un sourire innocent avant de remonter dare-dare dans sa chambre.

Je ricane. Je n'ai même pas eu besoin de répondre. Une seule soirée me suffit. Homme ou femme, nul ne me résiste. Je suis comme ça moi.

Bien entendu, le « seulement pour une nuit » se prolongera. Je commencerai doucement à faire comprendre mes goûts précis, envoyant Jean au supermarché afin de m'acheter ce que je souhaite. Lorsqu'elle rentre du travail, Martine a à peine un regard pour Jean. Elle se rue à l'intérieur pour voir comment je vais. Pendant ce temps-là, je me prélasse sur le canapé, je me balade un peu. Avec mon air faussement négligent, j'ai pris soin de casser quelques bibelots auxquels ils tenaient beaucoup, par pure cruauté.

Lorsque Jean partit quelques jours dans sa famille à l'étranger, je n'hésitai pas: je me glissai une nuit dans le lit de Martine, sans même lui demander, sans même m'annoncer. Elle prit un air faussement surpris mais je sais qu'elle n'attendait que cela. Elles sont toutes les mêmes. Jean nous a surpris en rentrant plus tôt. Cela ne lui a pas plu. Il m'a dit qu'il m'avait sorti de la rue, qu'il n'acceptait pas cela.

Par méchanceté, j'ai répondu en déféquant sur la moquette du salon. Il a pu tout nettoyer. Il n'était vraiment pas content mais Martine a fini par le convaincre de me garder et d'exercer le moindre de mes désirs.

Il faut dire qu'ils sont vraiment bien mes deux esclaves. Je dors dans leur lit, ils me nourrissent, nettoient sans que je n'aie besoin de faire attention à rien. Quoi que je fasse, ils me regardent avec un air attendri et me trouvent adorable. Même au milieu de la nuit, il suffit que je me mette à miauler pour qu'ils s'enquièrent immédiatement de mes besoins.

Des esclaves aussi dociles, c'est rare. Je vais les garder encore quelques temps.

28 Oct 2011 4:59pm GMT