Leaderboard

Python #!/usr/bin/python # joccruce.ro Cheat # by totti93 import dpkt, pcap from Tkinter import * from http_parser.pyparser import HttpParser # Cu cartile pe fata def show_cards(cards, p_num): root = Tk() root.geometry("900x600+100+100") b = [None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None] cd_img = [None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None, None] r = 0 j = 0 for i in range(0, len(cards)): cd_img[i] = PhotoImage(file="i/" + cards[i] + ".gif").subsample(3, 3) b[i] = Button(image=cd_img[i]) b[i].pack() b[i].place(x = 1 + r * 70, y = 1 + j * 160) r += 1 if (i + 1) % (len(cards) / p_num) == 0: j = j + 1 r = 0 root.mainloop() # Main def main(): pc = pcap.pcap() pc.setfilter("src host joccruce.ro") for ts, pkt in pc: data = dpkt.ethernet.Ethernet(pkt).data.data.data p = HttpParser() recved = len(data) p.execute(data, recved) body = p.recv_body() if body.count("|carti|") > 0: pos = body.find("|carti|") + 7 cards_s = body[pos: 79 + pos] cards = cards_s.split(",") show_cards(cards, int(sys.argv[1])) ###### main() Scriptul afiseaza cartile din mana tuturor jucatorilor. Codul este scris la bascalie, deci nu veniti cu idei de optimizare a ei. Vulnerabilitatea consta in faptul ca serverul trimite cartile amestecate la clienti, iar flash-ul este cel care face treaba mai departe. Librarii necesare: pypcap, dpkt, http_parser Credite: totti93

* Articolul original a fost scris de mine, Bogdan Condurache, pentru Wolrdit* Introducere În primul rând vreau s? îmi cer scuze c? nu am apucat s? scriu articolul de data trecut?. Doresc ?i s? men?ionez c?, în mod normal, acest articol ar fi trebuit s? constituie o continuare a seriei Structuri de date ?i, de aceea, nu am dat o tem? data trecut?. Voi da un la sfâr?itul acestui articol, care este atât pentru seria Structuri de date, cât ?i pentru articolul postat ast?zi. Am mai men?ionat stringurile pân? acum, dar vom trece la lucruri mai avansate, totu?i nu înainte de a prezenta ?i lucruri basic. Opera?ii de baz? Toate opera?iile înv??ate pân? acum (verificare lungimii, indexing, slicing, multiplicare, minim, maxim, apartenen??) sunt compatibile ?i cu tipul de date string, diferen?a major? fiind c? un string nu poate fi modificat a?a ca o list?. Totu?i Python ofer? o metod? foarte util? de a modifica un string. V? voi prezenta aceast? metod? printr-un mic exemplu. >>> text = 'Salut, %s! Esti cumva cititor %s?' >>> value = 'Bogdan' >>> print text % value Traceback (most recent call last): File "<pyshell#2>", line 1, in <module> print text % value TypeError: not enough arguments for format string >>> values = ('Bogdan', 'WorldIT') >>> print text % values Salut, Bogdan! Esti cumva cititor WorldIT? Ce observ?m: În primul rând, am folosit %s, iar acolo unde aceste caractere au fost prezente, s-a f?cut înlocuirea lor cu cele din tuple (adic? din values). Este obligatoriu s? folosim acel %, iar s reprezint? tipul de date string (v? voi prezenta ?i celelalte tipuri de date mai încolo). Dac? avem mai multe din „marcatoare ale conversiei” (din englez? „conversion specifiers”), atunci va trebui ca în tuple s? avem acela?i num?r de stringuri. De aceea nu a func?ionat atunci când am dorit s? înlocuim %s cu un string. Totu?i, ce s-ar întâmpla dac? am dori s? folosim o list? în loc de un tuple? >>> values = ['Bogdan', 'WorldIT'] >>> print text % values Traceback (most recent call last): File "<pyshell#8>", line 1, in <module> print text % values TypeError: not enough arguments for format string Ce s-a întâmplat? Problema apare pentru c? o list? (spre deosebire de tuple sau dic?ionar) este considerat? un singur element ?i deci, nu vom putea înlocui dou? elemente cu unul singur (aceea?i eroare ca la înlocuirea cu un string). Tot nu sunte?i convin?i? S? vedem ce se întâmpl? dac? p?str?m un singur marcator al conversiei: >>> text = '%s e cel mai bun blog de programare si stiri IT din Romania!' >>> text '%s e cel mai bun blog de programare si stiri IT din Romania!' >>> print text % values ['Bogdan', 'WorldIT'] e cel mai bun blog de programare si stiri IT din Romania! >>> values = ['WorldIT'] >>> print text % values ['WorldIT'] e cel mai bun blog de programare si stiri IT din Romania! >>> values = 'WorldIT' >>> print text % values WorldIT e cel mai bun blog de programare si stiri IT din Romania! >>> values = ('WorldIT') >>> print text % values WorldIT e cel mai bun blog de programare si stiri IT din Romania! Exemplele de mai sus prezint? înlocuirea cu liste (de 1 sau mai multe stringuri), cu un string ?i cu un tuple (prezentat ?i la început). >>> text = 'TVA-ul a crescut la %s%%' >>> print text % '24' TVA-ul a crescut la 24% Lista cu caracterele folosite pentru marcarea conversiei Despre Precision Nu am de gând s? intru prea adânc în acest subiect (mai sunt multe de zis), deci m? voi rezuma la lucrurile importante. Unul dintre aceste lucruri ar fi precision, care se folose?te la tipul float. Tot ce trebuie f?cut este ca dup? % s? se introduc? un punct ?i num?rul de zecimale dorit: >>> format = "Pi with three decimals: %.3f" >>> from math import pi >>> print format % pi Pi with three decimals: 3.142 Încheiere Nu am s? mai lungesc articolul de ast?zi. Totu?i mai sunt lucruri de spus despre formatting, iar apoi trecem la string methods. *Am folosit exemple de cod din cartea Beginning Python: From Novice to Professional de Magnus Lie Hetland, ISBN: 159059519X * Tem? 1. Crea?i o aplica?ie care cite?te 3 numere. Verifica?i dac? numerele pot reprezenta o not? (s? fie între 1 ?i 10, s? fie naturale) ?i, la sfâr?it afi?a?i media aritmetic? dintre ele, cu exact dou? zecimale. 2. Se citesc de la tastatur? dou? cuvinte ?i se creeaz? o list? (sau un tuple) cu ele. Apoi se mai cite?te un cuvânt de la tastatur? ?i, dac? acest al treilea cuvânt este identic cu unul dintre primele dou?, atunci se va afi?a cel?lalt. În caz contrar se va afi?a „Away from Bran” (cei ce au fost la Defcamp vor în?elege aluzia). Rezolv?rile se vor trimite doar prin email.

We'll get you past the daunting configuration issues so you can use OpenVPN to provide no-cost, secure networking for your Windows, Mac or Unix/Linux systems. OpenVPN is famously difficult to get up and running, but the truth is that it needn’t be. In this second and concluding OpenVPN article I am going to go through what it takes to get an OpenVPN Ethernet tunnel set up between a laptop computer and an office or home machine acting as an OpenVPN server. Downloading and Installing OpenVPN Before you can get OpenVPN running on any computer you need to download and install it: Windows: Download the OpenVPN GUI installation package from OpenVPN GUI for Windows Red Hat, Fedora, CentOS: Download RPM packages from Index of /openvpn Ubuntu: Download and install OpenVPN using Synaptic Package Manager Mac OS X: Download and install Tunnelblick OpenVPN GUI client installation package from tunnelblick - OpenVPN GUI for Mac OS X - Google Project Hosting Source code: Download source code from Downloads, compile and install it. Creating a Public Key Infrastructure Once you’ve got OpenVPN successfully installed, it’s time to build the public key infrastructure needed for certificate-based authentication. If you don’t know what this means, don’t worry: just follow the instructions. A fuller explanation can be found at HOWTO To get started, you’ll need to use the Easy-RSA PKI suite. On Windows machines you’ll find it at: C:Program FilesOpenVPNeasy-rsa On Linux machines this will probably be installed in an easy-rsa directory machines at /usr/share/doc/packages/opevpn or /usr/share/doc/openvpn-2.0, but it’s a good idea to move this to /etc/openvpn to prevent it getting overwritten by future updates. Generating the Master Certificate Authority (CA) Certificate & Key Windows: From the Start button select cmd, and in the command window type: cd "C:Program FilesOpenVPNeasy-rsa Linux/BSD/UNIX: Open a terminal window and type: cd /etc/openvpn/easy-rsa (assuming you have moved the easy-rsa directory to this location) Then type the following commands, followed by return: Windows: init-config vars clean-all build-ca Linux/BSD/UNIX: ./init-config ./vars ./clean-all ./build-ca The last command will invoke a window which will ask for a series of values. You can press the return key to enter the default values for all of these except the value for Common Name. For this, type: TestVPN Generating the Server and Client Certificates and Keys Then next step is to generate a server certificate and key, again using the Easy-RSA suite. The command for this is: Windows: build-key-server server Linux/BSD/UNIX: ./build-key-server server In the interactive session that follows, simply press Enter to provide the default value each time, until you are asked for a Common Name. For Common Name enter “server” , then continue entering the default values until prompted to sign the certificate. Answer “y” to this question and to the following one to finish. Then generate the certificate and key for your client machine. The process is similar to the one for building the server certificate and key, but this time enter client1 as the common name. If you think you may want to access the OpenVPN server from more than one laptop, repeat the process, replacing client2 or client3 for client1 each time. Windows: build-key client1 Linux/BSD/UNIX: ./build-key client1 Generating Diffie-Hellman Parameters The final step is to generate Diffie-Hellman parameters for key exchange: Windows: build-dh Linux/BSD/UNIX: ./build-dh You’ll find the results of all this work in a subfolder called keys in the easy-rsa folder, and the final task is to move the client key and certificate to your client device. The files in question are client1.key and client1.crt. (If you have created more than one client certificate key and certificate, move the client2.key and client2.crt files to the second machine, and so on.) Windows: place the files in C:WindowsProgram FilesOpenVPNeasy-rsakeys Linux/BSD/Unix: place the files in /etc/openvpn/ Your public key infrastructure is now set up. Creating the OpenVPN Configuration Files When OpenVPN runs it reads a configuration file at c:Program FilesOpenVPNconfig (Windows) or in /etc/openvpn (Linux/BSD/Unix). This text file contains all the information OpenVPN needs to know to make or receive a connection, so it’s crucial that these files are correct. The easiest way to get OpenVPN working in the way we want is to edit the highlighted lines in the following config files to match your network setup, save them as a text file and copy them to the appropriate location. Server configuration file: #server config file start local 192.168.1.15 # Change this address to the IP address of the network card attached to your router. To ensure this does not change you need either to have a static local IP address, or to configure your router to always assign this local IP address to your server. port 1194 # This is the port OpenVPN will run on. Change it to a different port if you prefer proto udp mssfix 1400 push "dhcp-option DNS XXX.XXX.XXX.XXX" # Replace the Xs with the IP address of the DNS server for your network push "dhcp-option DNS YYY.YYY.YYY.YYY" # Replace the Xs with the IP address of the secondary DNS server for your network dev tap ca "C:\Program Files\OpenVPN\easy-rsa\keys\ca.crt" #change this location to /etc/openvpn (without quotation marks) for Linux/BSD/Unix systems cert "C:\Program Files\OpenVPN\easy-rsa\keys\server.crt" #change this location to /etc/openvpn for Linux/BSD/Unix systems key "C:\Program Files\OpenVPN\easy-rsa\keys\server.key" #change this location to /etc/openvpn for Linux/BSD/Unix systems dh "C:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem" #change this location to /etc/openvpn for Linux/BSD/Unix systems server 192.168.10.0 255.255.255.128 # This will be the virtual IP address and subnet of the server’s OpenVPN connection. Change it to something similar like 192.168.11.0 if this subnet is already in use ifconfig-pool-persist ipp.txt push "redirect-gateway def1" keepalive 10 120 cipher BF-CBC # Blowfish (default)If you prefer, you can use one of the two ciphers listed below (which must be the same as the client) #cipher AES-128-CBC # AES #cipher DES-EDE3-CBC # Triple-DES comp-lzo max-clients 3 # Change the 3 to the number of client keys you have created persist-key persist-tun status openvpn-status.log # user nobody # remove the # at the start of the line for Linux/BSD/Unix systems # group nobody # remove the first # at the start of the line for Linux/BSD/Unix systems verb 1 #config file ends Save this file as server.ovpn, and move it to c:Program FilesOpenVPNconfig (Windows) or /etc/openvpn (Linux/BSD/Unix) What to Do If You Don’t Have a Static Public IP Address OpenVPN clients connect to the OpenVPN server using a public IP address or host name that needs to be entered into the client config file. If your ISP provides your business or home network with a dynamic IP address that changes each time an Internet connection is reset then your client config will no longer work after a reconnection. To get round this you can get a free hostname from DynDNS which automatically points to your dynamic IP address, even when it changes. To get a dynamic host name (such as myhost.dyndns.org) visit Managed DNS | Outsourced DNS | Anycast DNS. Client Configuration File #client config file start client dev tap proto udp remote XXX.XXX.X.XXX 1194 #Change the Xs to the static public IP address of your home or office network. If you do not have a static IP enter you dyndns name (like yourhost.dyndns.org) here. If you changed the port from 1194 to another port number in the server config change the 1194 here to the appropriate port number route 192.168.1.0 255.255.255.0 vpn_gateway 3 #Change this to the IP address scheme and subnet of the local network your server is on. resolv-retry infinite nobind persist-key persist-tun ca "C:\Program Files\OpenVPN\easy-rsa\keys\ca.crt" #change this to “/etc/openvpn/ca.crt” on Linux/BSD/Unix systems cert "C:\Program Files\OpenVPN\easy-rsa\keys\client1.crt" # change this to “/etc/openvpn/client1.crt” on Linux/BSD/Unix systems key key "C:\Program Files\OpenVPN\easy-rsa\keys\client1.key" # change this to “/etc/openvpn/client1.key” on Linux/BSD/Unix systems. This key file should be kept secret ns-cert-type server cipher BF-CBC # Blowfish (default)If you prefer, you can use one of the two ciphers listed below #cipher AES-128-CBC # AES #cipher DES-EDE3-CBC # Triple-DES comp-lzo verb 1 # user nobody # remove the first # at the start of the line for Linux/BSD/Unix systems # group nobody # remove the first # at the start of the line for Linux/BSD/Unix systems # end of client config file Save this configuration file as a text file called client1.ovpn, and save it to c:Program FilesOpenVPNconfig (Windows) or /etc/openvpn (Linux/BSD/Unix) on your client device Setting Up the Router There are a couple of configuration changes that need to be made to the router connected to your server in order for OpenVPN to work properly. Port Forwarding Port forwarding ensures that any traffic sent to your router from the Internet on port 1194 (or the port that OpenVPN is configured to use in the configuration files) is forwarded to the local IP address of your server machine. To ensure this does not change you need either to configure the server machine to have a static local IP address, or to configure the DHCP server in your router to always assign the same local IP address to your server. To configure port forwarding, log on to your router’s configuration page, find the option for port forwarding, and enter the following information: Name: OpenVPN Protocol: UDP Starting Port: 1194 (change this as necessary) End Port: 1194 (change this as necessary) Forward to: 192.168.1.15 (change this to the local IP address of your OpenVPN server) You’ll also the following routing information on your router’s “routing” or “advanced routing” page, to ensure that data can travel between the OpenVPN link and other devices on your home or office network: Route name: OpenVPN Destination LAN IP: 192.168.10.1 (change this to the virtual IP address specified in the server configuration file) Subnet Mask: 255.255.255.252 Default Gateway: 192.168.1.15 (change this to the IP address of your home computer) Running OpenVPN To run OpenVPN, you need to start OpenVPN first on the server, and then on the client. Remember that the client machine needs to be connected to a different network. Starting the server using Windows: Start OpenVPN GUI, then right click on the program’s icon in the system tray, select “server” and then “connect”. Starting the server using OS X: From the Tunnelblick OpenVPN GUI select Connect “server” Starting the server using Linux/BSD/Unix: Start a terminal window, then as root (or using sudo) type: openvpn –-config /etc/openvpn/server.ovpn Repeat the process on the client machine, replacing “client1” for “server” Testing OpenVPN To confirm OpenVPN is working, try pinging another device connected to your LAN using its LAN IP address. You can also open a browser on your client machine, and check your IP address by visiting a site like What's My IP Address? Networking Tools & More If OpenVPN is working correctly the IP address of your server, not your client machine, will be shown. Sursa