Sunday, December 31, 2017
Naivecoin: a tutorial for building a cryptocurrency
The project that we will build in this tutorial is called “Naivecoin”. The programming language is Typescript. The Naivecoin is in some terms an extension to the Naivechain - blockchain in 200 lines of code.
https://lhartikk.github.io/
https://lhartikk.github.io/
Monday, December 25, 2017
suricata Error: datalink type 65535 not yet supported in module DecodeAFP solution
<Error> - [ERRCODE: SC_ERR_DATALINK_UNIMPLEMENTED(38)] - Error: datalink type 65535 not yet supported in module DecodeAFP
Solution:
Edit suricata-4.0.3/src/source-af-packet.c. I changed default datalink type to raw. That solved my problem.
Solution:
Edit suricata-4.0.3/src/source-af-packet.c. I changed default datalink type to raw. That solved my problem.
suricata-4.0.3/src/source-af-packet.c:
2295 TmEcode DecodeAFP(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, PacketQueue *postpq)
2296 {
2297 SCEnter();
2298 DecodeThreadVars *dtv = (DecodeThreadVars *)data;
2299
2300 /* XXX HACK: flow timeout can call us for injected pseudo packets
2301 * see bug: https://redmine.openinfosecfoundation.org/issues/1107 */
2302 if (p->flags & PKT_PSEUDO_STREAM_END)
2303 return TM_ECODE_OK;
2304
2305 /* update counters */
2306 DecodeUpdatePacketCounters(tv, dtv, p);
2307
2308 /* If suri has set vlan during reading, we increase vlan counter */
2309 if (p->vlan_idx) {
2310 StatsIncr(tv, dtv->counter_vlan);
2311 }
2312
2313 /* call the decoder */
2314 switch (p->datalink) {
2315 case LINKTYPE_ETHERNET:
2316 DecodeEthernet(tv, dtv, p,GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2317 break;
2318 case LINKTYPE_LINUX_SLL:
2319 DecodeSll(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2320 break;
2321 case LINKTYPE_PPP:
2322 DecodePPP(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2323 break;
2324 case LINKTYPE_RAW:
2325 DecodeRaw(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2326 break;
2327 case LINKTYPE_NULL:
2328 DecodeNull(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2329 break;
2330 default:
2331 // SCLogError(SC_ERR_DATALINK_UNIMPLEMENTED, "Error: datalink type %" PRId32 " not yet supported in module DecodeAFP", p->datalink);
2332 // DecodePPP(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2333 DecodeRaw(tv, dtv, p, GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2334 // DecodeEthernet(tv, dtv, p,GET_PKT_DATA(p), GET_PKT_LEN(p), pq);
2335 break;
2336 }
Monday, December 4, 2017
Stack overflows: possible return addresses
English Windows XP SP 2 User32.dll:
JMP ESP 0x77db41bc
JMP ESP 0x77db41bc
English Windows XP SP 1 User32.dll:
JMP ESP 0x77d718fc
JMP ESP 0x77d718fc
English Windows 2003 SP0 and SP1 User32.dll:
JMP ESP 0x77d74adc
JMP ESP 0x77d74adc
English Windows 2000 SP 4 User32.dll:
JMP ESP 0x77e3c256
JMP ESP 0x77e3c256
French Windows XP Pro SP2:
JMP ESP 0x77d8519f
JMP ESP 0x77d8519f
German/Italian/Dutch/Polish Windows XP SP2:
JMP ESP 0x77d873a0
JMP ESP 0x77d873a0
Spainish Windows XP Pro SP2:
JMP ESP 0x77d9932f
JMP ESP 0x77d9932f
French/Italian/German/Polish/Dutch Windows 2000 Pro SP4:
JMP ESP 0x77e04c29
JMP ESP 0x77e04c29
French/Italian/Chineese Windows 2000 Server SP4:
JMP ESP 0x77df4c29
JMP ESP 0x77df4c29
Subscribe to:
Posts (Atom)