2010-10-03:

Random #1

press
Some time ago I've considered publishing brief posts with links to interesting (from my PoV) stuff, useful (again, from my PoV) tips&tricks, and other short stuff that doesn't really fill a fully-sized post. Finally, a week ago I've decided to test the idea in practice and made a test run on the Polish side of the mirror. Since it worked out quite well, so I decided to propagate the idea to this side of the mirror, and so, here it is ;>

-=*) Electronics
http://hackaday.com/2010/09/26/portable-password-vault/
A simple custom made device for storing (and entering) password - you plug it into USB and select the password, and the device enters the password imitating a USB-keyboard. Cool stuff, especially the keyboard imitation :)

-=*) Code
By accident I've stumbled a few days ago on the text UI in GDB. I admit I didn't know that GDB has something more advance than a CLI.
gdb -tui or gdbtui
http://sourceware.org/gdb/current/onlinedocs/gdb/TUI.html

-=*) Code
Writing a random app in C++ (g++) I've needed to statically (at compilation time) fill a certain constant array of chars (let's call it asdf) with the content of a file (asdf.txt).
I've came up with three ideas:
- convert the asdf.txt into a C-data string ("\xHE\xXA\xDE\xCI\xMA\xL0") and #include at the proper place (u on the Polish side of the mirror suggested to use xxd -i file in this case)
- add asdf.txt to resources and use LoadResource (alas, it's Windows-only)
- convert asdf.txt to an object file (and bind the data with some symbol of course)
In the last case Tavis mentioned that it can be done using a standard GNU tool objcopy from the binutils package:
objcopy -I binary -O elf32-i386 asdf.txt asdf.o \
--alt-machine-code=3 --redefine-sym=_binary_asdf_txt_start=content_of_asdf

extern const char content_of_asdf[];

-=*) Research
http://dcs.ics.forth.gr/Activities/papers/gpumalware.malware10.pdf
A paper about using CUDA in a PE packer's loader (the background goes like this: the unpacking modules of AV/etc doesn't support CUDA, so it can be used to deceive them).
To tell you the truth I didn't find the paper very innovative, but I feel a chroniclers need to acknowledge the existence of a PoC packer using CUDA in the loader. Also, the 'future attacks' section seems to me a little stretched, maybe except botnets using GPU to break password (find collisions).

And that's that.

Comments:

2010-10-03 06:37:58 = asf
{
Raymond Chen does this from time to time (once per year?) and we all know, sharing is caring ;)
}
2010-10-04 09:09:58 = mirabilos
{
Czesc!

When you know you have GNU as, the following would also work:

.data
.incbin "asdf.txt"

For example, we use https://www.mirbsd.org/cvs.cgi/src/sys/conf/config_gz.S?rev=HEAD to embed the kernel configuration into the binary in MirBSD.
}

Add a comment:

Nick:
URL (optional):
Math captcha: 5 ∗ 4 + 3 =