summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFreeArtMan <dos21h@gmail.com>2021-05-27 09:01:12 +0100
committerFreeArtMan <dos21h@gmail.com>2021-05-27 09:01:12 +0100
commit9b9586b559edb387af804c52d2b593b711ce98be (patch)
treeafff99aea85e450c7824192f38be74bfd9e8f567
parente8de8442cecce54fc4f372dc2dacecc7abca23ae (diff)
downloadmd-content-9b9586b559edb387af804c52d2b593b711ce98be.tar.gz
md-content-9b9586b559edb387af804c52d2b593b711ce98be.zip
Updated 6 more articles from html to md
Diffstat
-rw-r--r--md/writeup.md15
-rw-r--r--md/writeup/kconfig2h_utility.md25
-rw-r--r--md/writeup/linux_antidebug_1.md35
-rw-r--r--md/writeup/linux_antidebug_2.md84
-rw-r--r--md/writeup/linux_antidebug_3.md205
-rw-r--r--md/writeup/linux_antidebug_4.md118
-rw-r--r--md/writeup/linux_antidebug_5.md56
-rw-r--r--md/writeup/x11_prototype_gui.md41
8 files changed, 571 insertions, 8 deletions
diff --git a/md/writeup.md b/md/writeup.md
index f079f83..fa9b397 100644
--- a/md/writeup.md
+++ b/md/writeup.md
@@ -61,15 +61,14 @@ title: Writeup page
[GDB helper functions](writeup/gdb_helper_functions.md)
[MicroBBS minimalistic BBS system](writeup/microbbs_minimalistic_bbs_system.md)
[Serial GPS data reading utility](writeup/serial_gps_data_reading_utility.md)
+[X11 prototype GUI](writeup/x11_prototype_gui.md)
+[kconfig2h utility](writeup/kconfig2h_utility.md)
+[Linux antidebug 1](writeup/linux_antidebug_1.md)
+[Linux antidebug 2](writeup/linux_antidebug_2.md)
+[Linux antidebug 3](writeup/linux_antidebug_3.md)
+[Linux antidebug 4](writeup/linux_antidebug_4.md)
+[Linux antidebug 5](writeup/linux_antidebug_5.md)
-
-[X11 prototype GUI](http://archive.main.lv/writeup/x11_prototype_gui.html)
-[kconfig2h utility](http://archive.main.lv/writeup/kconfig2h_utility.html)
-[Linux antidebug 1](http://archive.main.lv/writeup/linux_antidebug_1.html)
-[Linux antidebug 2](http://archive.main.lv/writeup/linux_antidebug_2.html)
-[Linux antidebug 3](http://archive.main.lv/writeup/linux_antidebug_3.html)
-[Linux antidebug 4](http://archive.main.lv/writeup/linux_antidebug_4.html)
-[Linux antidebug 5](http://archive.main.lv/writeup/linux_antidebug_5.html)
[C C11 standart _Generic keyword](http://archive.main.lv/writeup/c_c11_standart__generic_keyword.html)
[C inline assembler](http://archive.main.lv/writeup/c_inline_assembler.html)
[Wrapping C++ exceptions, templated and classes in C](http://archive.main.lv/writeup/wrapping_c___exceptions,_templated_and_classes_in_c.html)
diff --git a/md/writeup/kconfig2h_utility.md b/md/writeup/kconfig2h_utility.md
new file mode 100644
index 0000000..11db1fe
--- /dev/null
+++ b/md/writeup/kconfig2h_utility.md
@@ -0,0 +1,25 @@
+title:kconfig2h utility
+keywords:kconfig,linux
+
+# kconfig2h utility
+
+Kconfig converts linux kernel config files to C headers. Intended to use
+with kconfig utility mconf. Developed to use "make menuconfig" with home
+projects. Using ragel to generate parser of Kconfig file.
+
+## USE:
+```
+./kconfig .config config.h
+```
+
+## TODO:
+if there is need add converters to ruby,c++,python,java
+
+
+## Links
+http://www.complang.org/ragel/
+https://github.com/FreeArtMan/kconfig2h
+
+## Downloads
+http://archive.main.lv/files/writeup/kconfig2h_utility/kconfig2h.tar.gz
+
diff --git a/md/writeup/linux_antidebug_1.md b/md/writeup/linux_antidebug_1.md
new file mode 100644
index 0000000..2f17195
--- /dev/null
+++ b/md/writeup/linux_antidebug_1.md
@@ -0,0 +1,35 @@
+title:Linux antidebug 1
+keywords:linux,debug,antidebug
+
+# Linux antidebug 1
+
+
+
+Content: When ptrace is used for programm debugin then only
+one ptrace can be attached to programmwhen we trying run ptrace
+with PTRACE_TRACEME then we get -1. I tested with gdb,ald.
+Also this method should work with IDApro
+
+```c
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/ptrace.h>
+
+long int ptraced()
+{
+ return (ptrace(PTRACE_TRACEME, 0, 0, 0) == -1);
+}
+
+int main()
+{
+ if ( ptraced() )
+ {
+ printf("Ptraced!\n");
+ }
+ return 0;
+}
+```
+
+## Downloads
+http://archive.main.lv/files/writeup/linux_antidebug_1/antidebug1.tar.gz
+
diff --git a/md/writeup/linux_antidebug_2.md b/md/writeup/linux_antidebug_2.md
new file mode 100644
index 0000000..b4c60e1
--- /dev/null
+++ b/md/writeup/linux_antidebug_2.md
@@ -0,0 +1,84 @@
+title:Linux antidebug 2
+keywords:linux,debug,antidebug
+
+# Linux antidebug 2
+Content: This is dirty solution it checks programms argv[0] name
+with your defined namewhen running debuger such as gdb or ald name is
+chaned to fullpath nameuser defined name from terminal is './main'.
+
+```c
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+
+int main( int argc , char **argv )
+{
+ pid_t pid,ppid;
+ FILE *f;
+ char str[128];
+ char spid[10];
+
+ //openfile and write ppid
+ f = fopen( "pid.txt" , "w" );
+ pid = getpid();
+ fprintf(f,"%d ",pid);
+ fclose( f );
+ f = fopen( "pid.txt" , "r" );
+ fscanf( f , "%s" , spid );
+ fclose( f );
+
+ strcpy( str , "cat /proc/" );
+ strcat( str , &spid[0] );
+ strcat( str , "/cmdline");
+ printf( "[%s]\n", spid );
+ system( str );
+
+ printf("\n");
+}
+```
+
+Dirty function that makes dirty solution at one place
+
+```c
+int badppid( const char *real_name )
+{
+ pid_t pid,ppid;
+ FILE *f;
+ char str[128];
+ char spid[10];
+ f = fopen( "pid.txt" , "w" );
+ pid = getpid();
+ fprintf(f,"%d ",pid);
+ fclose( f );
+
+
+ f = fopen( "pid.txt" , "r" );
+ fscanf( f , "%s" , spid );
+ fclose( f );
+
+
+ strcpy( str , "cat /proc/" );
+ strcat( str , &spid[0] );
+ strcat( str , "/cmdline > name.txt");
+ system( str );
+
+ f = fopen( "name.txt" , "r" );
+ fscanf( f , "%s" , str );
+ fclose( f );
+ if ( strncmp(str,real_name,strlen(real_name)) != 0 )
+ {
+ return -1;
+ }
+
+ return 0;
+}
+```
+
+## Downloads
+
+http://archive.main.lv/files/writeup/linux_antidebug_2/antidebug2.tar.gz
+
+
+
+
diff --git a/md/writeup/linux_antidebug_3.md b/md/writeup/linux_antidebug_3.md
new file mode 100644
index 0000000..b93b5d9
--- /dev/null
+++ b/md/writeup/linux_antidebug_3.md
@@ -0,0 +1,205 @@
+title:Linux antidebug 3
+keywords:linux,debug,antidebug
+
+# Linux antidebug 3
+Content: Now we will try to make disasm output very unclear.
+We make jump with eax register
+
+## Program 1
+
+```asm
+main:
+ push lbl+1
+ pop eax
+ jmp eax
+lbl:
+ db 0xe8
+ mov eax, 4
+ mov ebx, 1
+ mov ecx, msg1
+ mov edx, msg1_size
+ int 80h
+
+ mov eax, 1
+ mov ebx, 0
+ int 80h
+```
+
+Output is same as source. Nothing changes
+Disassembler output 1
+```
+? ....... ! main: ;xref o80482d7
+? ....... ! push offset_804837d
+? 8048379 ! pop eax
+? 804837a ! jmp eax
+? 804837c db 0e8h
+? 804837d !
+? ....... ! offset_804837d: ;xref o8048374
+? ....... ! mov eax, 4
+? 8048382 ! mov ebx, 1
+? 8048387 ! mov ecx, strz_I_am_running__8049568
+? 804838c ! mov edx, 0eh
+? 8048391 ! int 80h
+? 8048393 ! mov eax, 1
+? 8048398 ! mov ebx, 0
+? 804839d ! int 80h
+```
+
+Here we add only one instruction. We get jump adress and add 1.
+Disasm cannot calculate adress of jmp.
+
+## Program 2
+Like in first programm disasm think that we push correct adress and
+disasm it. And our byte 0xe9 is used for disasm output. That nice.
+
+```asm
+main:
+ push lbl
+ pop eax
+ inc eax
+ jmp eax
+lbl:
+ db 0xe9
+ mov eax, 4
+ mov ebx, 1
+ mov ecx, msg1
+ mov edx, msg1_size
+ int 80h
+
+ mov eax, 1
+ mov ebx, 0
+ int 80h
+```
+
+Disassembler output 2
+
+```
+? ....... ! main: ;xref o80482d7
+? ....... ! push offset_804837d
+? 8048379 ! pop eax
+? 804837a ! inc eax
+? 804837b ! jmp eax
+? 804837d !
+? ....... ! offset_804837d: ;xref o8048374
+? ....... ! jmp 804883ah
+? 8048382 add [ebx+1], bh
+? 8048388 mov ecx, 8049568h
+? 804838d mov edx, 0eh
+? 8048392 int 80h
+? 8048394 mov eax, 1
+? 8048399 mov ebx, 0
+? 804839e int 80h
+```
+
+Now we add nop instruction after every line of our code. It doesnt have
+any impact on program work.
+## Program 3
+
+```asm
+main:
+ push lbl
+ pop eax
+ inc eax
+ jmp eax
+lbl:
+ db 0xe9
+ mov eax, 4
+ nop
+ mov ebx, 1
+ nop
+ mov ecx, msg1
+ nop
+ mov edx, msg1_size
+ int 80h
+
+ mov eax, 1
+ mov ebx, 0
+ jmp lbl2+1
+lbl2:
+ db 0xe9
+ int 80h
+```
+
+Disasm output now is very nice. Output isnt very good. For first time
+when you view this output it is very unclear about what exactly is done
+by this code.
+
+Disassembler output 3
+
+```
+? ....... ! main: ;xref o80482d7
+? ....... ! push offset_804837d
+? 8048379 ! pop eax
+? 804837a ! inc eax
+? 804837b ! jmp eax
+? 804837d !
+? ....... ! offset_804837d: ;xref o8048374
+? ....... ! jmp 804883ah
+? 8048382 add [eax+1bbh], dl
+? 8048388 add [eax+49578b9h], dl
+? 804838e or [eax+0ebah], dl
+? 8048394 add ch, cl
+? 8048396 cmp byte ptr [eax+1], 0bbh
+? 804839d add [eax], al
+? 804839f add [eax], al
+? 80483a1 jmp 80483a4h
+? 80483a3 jmp 98950475h
+```
+
+Here is one more way how to make unclear jump to other place. We using
+function and inside function we change return address by 1.
+
+## Program 4
+Thats also works fine. Disasm dont know real return address ans and
+use 0xe8 as he think is better.
+
+```asm
+main:
+ call fun
+ db 0xe8
+ mov eax, 4
+ mov ebx, 1
+ mov ecx, msg1
+ mov edx, msg1_size
+ int 80h
+
+ mov eax, 1
+ mov ebx, 0
+ int 80h
+
+fun:
+ pop ebp
+ inc ebp
+ push ebp
+ ret
+```
+
+Disassembler output 4
+
+```
+? ....... ! main: ;xref o80482d7
+? ....... ! call sub_804839c
+? 8048379 ! call 8048836h
+? 804837e ! add [ebx+1], bh
+? 8048384 ! mov ecx, strz_I_am_running__8049568
+? 8048389 ! mov edx, 0eh
+? 804838e ! int 80h
+? 8048390 ! mov eax, 1
+? 8048395 ! mov ebx, 0
+? 804839a ! int 80h
+? 804839c !
+? ....... ! ;-----------------------
+? ....... ! ; S U B R O U T I N E
+? ....... ! ;-----------------------
+? ....... ! sub_804839c: ;xref c8048374
+? ....... ! pop ebp
+? 804839d ! inc ebp
+? 804839e ! push ebp
+? 804839f ! ret
+```
+
+## Download
+
+http://archive.main.lv/files/writeup/linux_antidebug_3/antidebug3.tar.gz
+
+
diff --git a/md/writeup/linux_antidebug_4.md b/md/writeup/linux_antidebug_4.md
new file mode 100644
index 0000000..63325cc
--- /dev/null
+++ b/md/writeup/linux_antidebug_4.md
@@ -0,0 +1,118 @@
+title:Linux antidebug 4
+keywords:linux,debug,antidebug
+
+# Linux antidebug 4
+Content: Here is one more method how to check if your
+application is debugged. Need to set signal handler with handles
+interrupt number 3 with is used for step by step debugging
+
+Compile:
+
+```
+gcc main.c -o main
+```
+
+```c
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define FALSE 0
+#define TRUE 1
+
+void sig_handler( int );
+
+int debuging;
+
+int main()
+{
+ debuging = FALSE;
+ signal(SIGTRAP, sig_handler);
+ __asm__("int3");
+ if (debuging == FALSE)
+ {
+ printf("Nothing special\n");
+ } else
+ {
+ printf("Playing seek and hide\n");
+ }
+ exit(1);
+}
+
+void sig_handler( int sig)
+{
+ debuging = TRUE;
+}
+```
+
+
+Run:
+```bash
+./main
+```
+
+Example with asm
+
+Compile:
+
+```bash
+fasm ad4.asm ad4.o
+
+gcc ad4.o -o ad4
+```
+
+```asm
+format ELF
+
+include 'ccall.inc'
+
+SYS_EXIT equ 1
+SIGTRAP equ 5
+TRUE equ 1
+FALSE equ 0
+section '.text' executable
+
+public main
+
+extrn printf
+extrn exit
+extrn signal
+
+main:
+ ccall signal, SIGTRAP, sig_handler
+ int 3h
+
+ cmp [debug],FALSE
+ jne no_dbg
+ ccall printf,str1
+ jmp exit
+
+no_dbg:
+ ccall printf,str2
+
+to_exit:
+ mov eax, SYS_EXIT
+ mov ebx, 0
+ int 80h
+
+sig_handler:
+ param1 equ dword [ebp+8]
+ mov [debug], TRUE
+ ret
+
+section '.data' writable
+
+debug db FALSE
+str1 db "Under debug",0xA,0
+str2 db "No debug",0xA,0
+```
+
+Tested and works for gdb and ald.
+
+
+## Links
+http://blog.binarycell.org/2011/04/simple-antidebugging-methods-part-2.html
+
+## Downloads
+http://archive.main.lv/files/writeup/linux_antidebug_4/antidebug4.zip
+
diff --git a/md/writeup/linux_antidebug_5.md b/md/writeup/linux_antidebug_5.md
new file mode 100644
index 0000000..fc71e6e
--- /dev/null
+++ b/md/writeup/linux_antidebug_5.md
@@ -0,0 +1,56 @@
+title:Linux antidebug 5
+keywords:math,statistics
+
+# Linux antidebug 5
+
+Content: When debugging program line by line or when running it
+in some debugger then there can be some time delays when you
+pressing buttons. We can measure them with asm command
+
+```asm
+rdtsc
+```
+
+this instruction read time-stamp counter into edx:eax in our
+program will be enough values from
+eax
+
+function for c that uses rdtsc is
+
+```c
+extern int get_timer()
+```
+
+in fasm it looks like
+
+```asm
+get_timer:
+ rdtsc
+ ret
+```
+
+there is written code
+
+```c
+s = get_timer();
+for (i=0;i<10000;i++)
+{
+}
+e = get_timer();
+d = e - s;
+```
+
+average time to execute 10000 is 70069 ticks for value
+on with we detecting how fast working code i have choose
+twice of average 120000 if execution time is larger then
+probably it is debuged.
+
+## Compile
+```
+make
+```
+
+## Download
+
+http://archive.main.lv/files/writeup/linux_antidebug_5/antidebug5.zip
+
diff --git a/md/writeup/x11_prototype_gui.md b/md/writeup/x11_prototype_gui.md
new file mode 100644
index 0000000..8576ce1
--- /dev/null
+++ b/md/writeup/x11_prototype_gui.md
@@ -0,0 +1,41 @@
+title:X11 prototype GUI
+keywords:x11,gui
+
+# X11 prototype GUI
+I always whanged to write some GUI to try how its is.
+This is X11 based GUI based on Xlib it has not "modern" but
+in object oriented style. Planning to use it for small
+projects. Successfully compiled it on Linux,OpenBSD,FreeBSD and MacOS.
+Should work also on AIX.
+
+## COMPILE:
+```bash
+make
+```
+
+or try:
+```bash
+./compile.sh
+```
+
+## TODO:
+fix flickering
+support other compilers not only gcc
+add some non-compilable configuration
+try to port on SDL,OpenGL,curses
+use some cool Wayland stuff
+try to make some fancy/modern style
+
+
+## Links
+http://www.x.org/wiki/ProgrammingDocumentation/
+
+## Downloads
+
+http://archive.main.lv/files/writeup/x11_prototype_gui/xlib_proto_gui.tar.gz
+
+
+![GUI](/img/x11_gui/gui.png)
+
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 21:53:59 +0000