Archive

Archive for the ‘Programming’ Category

Bitwise operations with Python

September 14, 2015 Leave a comment

http://blog.didierstevens.com/programs/translate/

Translate.py is a Python script to perform bitwise operations on files (like XOR, ROL/ROR, …). You

specify the bitwise operation to perform as a Python expression, and pass it as a command-line argument.

translate.py malware malware.decoded ‘byte ^ 0x10’


Direct download: https://didierstevens.com/files/software/translate_v2_0_0.zip
Categories: Python

Python pip and vcvarsall on Windows

April 9, 2015 Leave a comment

Linking to this SO answer and re-posting it here, as I seem to search for it every few weeks or so:

For Windows installations:

While running setup.py for package installations, Python 2.7 searches for an installed Visual Studio 2008. You can trick Python to use a newer Visual Studio by setting the correct path in VS90COMNTOOLSenvironment variable before calling setup.py.

Execute the following command based on the version of Visual Studio installed:

  • Visual Studio 2010 (VS10): SET VS90COMNTOOLS=%VS100COMNTOOLS%
  • Visual Studio 2012 (VS11): SET VS90COMNTOOLS=%VS110COMNTOOLS%
  • Visual Studio 2013 (VS12): SET VS90COMNTOOLS=%VS120COMNTOOLS%
Categories: Programming, Python, Tech, Windows

Visualizing Garbage Collection

February 16, 2015 Leave a comment

Visual guide to understanding garbage collection algorithms!

Categories: Programming, Tech

Data::Dumper formatting

October 8, 2014 Leave a comment

I look this up about every couple weeks, so I’m posting it here for posterity. In order to nicely format Data::Dumper output…

I almost always set

$Data::Dumper::Indent = 1;
$Data::Dumper::Sortkeys = 1;

with Data::Dumper. The first statement makes the output more compact and much more readable when your data structure is several levels deep. The second statement makes it easier to scan the output and quickly find the keys you are most interested in.

If the data structure contains binary data or embedded tabs/newlines, also consider

$Data::Dumper::Useqq = 1;

which will output a suitable readable representation for that data.

Much more in the perldoc.

Categories: Perl, Tech

Free Online CTF and Penetration Testing Course

June 14, 2014 1 comment

From Trail of Bits, they are offering a free online CTF and penetration testing course. Lots of great material from a well respected organization.

 

Avoid unsafe functions with Microsoft’s ‘banned.h’

March 27, 2014 Leave a comment

banned.h is an import header file to include in your Windows C++ projects to help avoid introducing security flaws into your application.

The banned.h header file is a sanitizing resource that is designed to help developers avoid using and help identify and remove banned functions from code that may lead to vulnerabilities. Banned functions are those calls in code that have been deemed dangerous by making it relatively easy to introduce vulnerabilities into code during development.  For example, if a developer decided to use the strcpy function in his/her code, using banned.h in the same application will generate error(s) when its recompiled telling the developer that strcpy has been deprecated.  When the developer investigates why the error is being generated, they will likely figure out that strcpy has been replaced with a more secure version called strcpy_s, that makes it more difficult to make mistakes that lead to simple buffer overflows.

 

Categories: C/C++, Programming, Tech

Debugger Detection in Windows

March 15, 2014 Leave a comment

Some thorough documentation on anti-debugging techniques in Windows:

Categories: Disassembly, Programming, Tech

Data alignment and performance

October 21, 2013 Leave a comment

I read an informative IBM article about data alignment and its importance when developing native code.

Data alignment is an important issue for all programmers who directly use memory. Data alignment affects how well your software performs, and even if your software runs at all. As this article illustrates, understanding the nature of alignment can also explain some of the “weird” behaviors of some processors.

Delphi (my preferred native Windows programming language) supports the $CODEALIGN compiler directive , as well as another interesting custom alignment method. The Delphi code below sets 128 byte boundaries:

procedure TForm1.Button1Click(Sender: TObject);
type
  TFFTData = array[0..63535] of double;
  PFFTData = ^TFFTData;
var
  Buffer: pointer;
  FFTDataPtr: PFFTData;
  i: integer;
const
  Alignment = 128; // needs to be power of 2
begin
  GetMem(Buffer, SizeOf(TFFTData) + Alignment);
  try
    FFTDataPtr := PFFTData((LongWord(Buffer) + Alignment - 1)
                           and not (Alignment - 1));

    // use data...
    for i := Low(TFFTData) to High(TFFTData) do
      FFTDataPtr[i] := i * pi;

  finally
    FreeMem(Buffer);
  end;
end;

source: http://stackoverflow.com/a/847044/12458

Categories: OS Internals, Programming, Tech

[link] Introduction to Unix signals programming

October 4, 2013 Leave a comment

http://users.actcom.co.il/~choo/lupg/tutorials/signals/signals-programming.html

If you’re mystified by *nix signals programming, have a look at this short guide.

Signals, to be short, are various notifications sent to a process in order to notify it of various “important” events. By their nature, they interrupt whatever the process is doing at this minute, and force it to handle them immediately. Each signal has an integer number that represents it (1, 2 and so on), as well as a symbolic name that is usually defined in the file /usr/include/signal.h or one of the files included by it directly or indirectly (HUPINT and so on. Use the command 'kill -l' to see a list of signals supported by your system).

Each signal may have a signal handler, which is a function that gets called when the process receives that signal. The function is called in “asynchronous mode”, meaning that no where in your program you have code that calls this function directly. Instead, when the signal is sent to the process, the operating system stops the execution of the process, and “forces” it to call the signal handler function. When that signal handler function returns, the process continues execution from wherever it happened to be before the signal was received, as if this interruption never occurred.

 

Categories: Linux, Programming

Secure Coding Guide from Apple

September 13, 2013 Leave a comment

[PDF] Secure Coding Guide

Secure coding is the practice of writing programs that are resistant to attack by malicious or mischievous people or programs. Secure coding helps protect a user’s data from theft or corruption. In addition, an insecure program can provide access for an attacker to take control of a server or a user’s computer, resulting in anything from a denial of service to a single user to the compromise of secrets, loss of service, or damage to the systems of thousands of users.

Secure coding is important for all software; if you write any code that runs on Macintosh computers or on iOS devices, from scripts for your own use to commercial software applications, you should be familiar with the information in this document.

Categories: Apple, Linux, Programming, Tech