weblog d’un abbe

20070730

Back in .S world

Filed under: Hacking — abbe @ 1743

After staying away from assembly language for one year, I’m back :). And my first piece of code is a partial touch for Linux AMD64 architecture to debug 2 bugs (249878, 250066), I recently filed in Fedora 7 Bugzilla. Anyways, following is the gas code, I hacked:

/* touchs.S */
.globl _start

.section .text

#define SCR    %rax
#define RETVAL %rax
#define ARG0   %rdi
#define ARG1   %rsi
#define ARG2   %rdx
#define ARG3   %r10
#define ARG4   %r8
#define ARG5   %r9

.p2align 4
_write:
	mov $1, SCR
	syscall
	ret

.p2align 4
_exit:
	mov $60, SCR
	syscall
	ret

.p2align 4
_open:
	mov $2, SCR
	syscall
	ret

.p2align 4
_close:
	mov $3, SCR
	syscall
	ret

.p2align 4
strlen:
	xorb %al, %al
	xorq %rcx, %rcx
	decq %rcx
	repne scasb
	notq %rcx
	decq %rcx
	ret

.p2align 4
_start:
	leaq 8(%rsp), %rbp

	mov  (%rsp), %r12           /* load argc into r12 */
	cmp  $2, %r12
	jne  2f                     /* if(argc != 2) goto 3 */

	mov  8(%rbp), ARG0          /* filename */
	mov  $(01|0100|01000), ARG1 /* O_WRONLY | O_CREAT | O_TRUNC */
	mov  $(0600), ARG2          /* File mode */
	call _open                  /* fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600) */
	cmpq $(~1), RETVAL           
	jle  1f                     /* if (fd <= -1) goto 1 */

	mov  RETVAL, ARG0           /* fd */
	call _close                 /* close(fd) */

	xorq ARG0, ARG0             /* 0 */
	call _exit                  /* exit(0) */

1:	notq RETVAL                 /* undo */
	incq RETVAL                 /* 2's complement */
	mov  RETVAL, ARG0           /* -fd */
	call _exit                  /* exit(-fd) */

2:	leaq usage, %rdi
	call strlen
	mov  %rcx, ARG2
	mov  $1, ARG0
	leaq usage, ARG1
	call _write
	xorq ARG0,ARG0
	call _exit

.p2align 4
usage:
      .ascii "Usage: touchs [file-name-to-be-touched]"
      .byte  10
      .ascii "Touches the file in sameway as sudo. "
      .ascii "Error if any, will be reported in exit code."
      .word  10

Following is the command line to compile the code:

[wahjava@chatteau ~]$ gcc -g -o touchs -nostdinc -nostdlib touchs.S

And to run it:

[wahjava@chatteau ~]$ ./touchs "/tmp/_dc7u4C" && ls -l "/tmp/_dc7u4C"

So, happy hacking in .S world :-D

20070720

dd if=/dev/sdb of=/dev/sda bs=64943040

Filed under: Experiences — abbe @ 0300

Just finished, dding my ST3160812AS (160 GB/SATA/Seagate) onto ST3160812AV (160 GB/PATA/Seagate):

sh-3.2# dd if=/dev/sdb of=/dev/sda bs=64943040
8+0 records in
8+0 records out
519544320 bytes (520 MB) copied, 9.68668 s, 53.6 MB/s
13+0 records in
13+0 records out
844259520 bytes (844 MB) copied, 17.9687 s, 47.0 MB/s
19+0 records in
19+0 records out
1233917760 bytes (1.2 GB) copied, 27.9116 s, 44.2 MB/s
217+0 records in
217+0 records out
14092639680 bytes (14 GB) copied, 400.011 s, 35.2 MB/s
454+0 records in
453+0 records out
29419197120 bytes (29 GB) copied, 847.458 s, 34.7 MB/s
529+0 records in
528+0 records out
34289925120 bytes (34 GB) copied, 991.407 s, 34.6 MB/s
670+0 records in
669+0 records out
43446893760 bytes (43 GB) copied, 1260.98 s, 34.5 MB/s
673+0 records in
672+0 records out
43641722880 bytes (44 GB) copied, 1266.12 s, 34.5 MB/s
763+0 records in
763+0 records out
49551539520 bytes (50 GB) copied, 1443.54 s, 34.3 MB/s
820+0 records in
819+0 records out
53188349760 bytes (53 GB) copied, 1552.44 s, 34.3 MB/s
1099+0 records in
1099+0 records out
71372400960 bytes (71 GB) copied, 2103.98 s, 33.9 MB/s
1144+0 records in
1144+0 records out
74294837760 bytes (74 GB) copied, 2194.04 s, 33.9 MB/s
1329+0 records in
1328+0 records out
86244357120 bytes (86 GB) copied, 2568.23 s, 33.6 MB/s
1356+0 records in
1356+0 records out
88062762240 bytes (88 GB) copied, 2623.02 s, 33.6 MB/s
1440+0 records in
1440+0 records out
93517977600 bytes (94 GB) copied, 2795 s, 33.5 MB/s
1638+0 records in
1637+0 records out
106311756480 bytes (106 GB) copied, 3211.79 s, 33.1 MB/s
1782+0 records in
1781+0 records out
115663554240 bytes (116 GB) copied, 3521.31 s, 32.8 MB/s
2033+0 records in
2033+0 records out
132029200320 bytes (132 GB) copied, 4085.72 s, 32.3 MB/s
2144+0 records in
2143+0 records out
139172934720 bytes (139 GB) copied, 4344.01 s, 32.0 MB/s
2300+0 records in
2299+0 records out
149304048960 bytes (149 GB) copied, 4724.12 s, 31.6 MB/s
2388+0 records in
2388+0 records out
155083979520 bytes (155 GB) copied, 4950.18 s, 31.3 MB/s
2447+0 records in
2446+0 records out
158850675840 bytes (159 GB) copied, 5106.49 s, 31.1 MB/s
2464+1 records in
2464+1 records out
160041885696 bytes (160 GB) copied, 5171.74 s, 30.9 MB/s

20070711

traceroute 192.168.1.210

Filed under: Fun — abbe @ 1129

What do you expect, what will be the output of above command, when your network is directly connected to internet (via ISP), and you don’t have 192.168.1.210 (a RFC 1918 address) in your network ? I tried above command from a 192.168.1.0/27 network, connected to internet via VSNL and following is the output:

 1  srv (192.168.1.4)  0.199 ms  0.142 ms  0.118 ms
 2  210.211.168.1.bb-static.vsnl.net.in (210.211.168.1)  34.089 ms  27.044 ms  25.864 ms
 3  delhi-203.200.108-213.vsnl.net.in (203.200.108.213)  27.076 ms  26.558 ms  27.144 ms
 4  59.163.16.22.static.vsnl.net.in (59.163.16.22)  48.966 ms  47.305 ms  46.306 ms
 5  172.31.2.14 (172.31.2.14)  57.817 ms  47.897 ms  46.552 ms
 6  172.31.1.210 (172.31.1.210)  76.607 ms  75.845 ms  77.830 ms
 7  172.31.2.73 (172.31.2.73)  87.274 ms  72.082 ms  70.454 ms
 8  172.31.8.138 (172.31.8.138)  76.369 ms  76.806 ms  76.114 ms
 9  172.31.162.10 (172.31.162.10)  77.409 ms  77.298 ms  78.824 ms
10  192.168.1.210 (192.168.1.210)  80.552 ms  79.547 ms  76.395 ms

srv is the gateway of my network. And I’ve executed another interesting command:

user@box $ sudo nmap -sS -A -sV 192.168.2.0/24
Password:

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-07-10 18:45 IST

….

Nmap finished: 256 IP addresses (77 hosts up) scanned in 2822.292 seconds

LoL on VSNL :-D

20070701

Say no to binary blobs

Filed under: Thoughts — abbe @ 1504

While going through OpenBSD website, I found their Release Songs page, and found this interesting song titled Blob!. The lyrics of this song describe how binary blobs, can takeover control from user, and how they look cute, but are actually an evil. The song is available as an Ogg Vorbis file. The music and voice is cool.

Also found, this interesting slide from the presentation given by Theo de Raadt. Right now, I didn’t have any Wi-Fi card. But when I have, it’ll be a Wi-Fi card with no binary blobs attached. Or to be more precise, a hardware with no binary blobs attached.

Theme: Shocking Blue Green. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.