[!] =-= !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0! =-= [!] [ The Resurrection of Vice ] [ B 4 B 0 ] oooooooooooooooooo. .8888888' `8888888. 8888888 8888888 8888888 8888888 88888888 88888888 .oooooooo. . .oooooooo. .ooooooo. d88' `88b .8 db d88' `88b d88' .888b S$$$$$Ss. 888 .88p .d8 88 888 .88p 888 .8'888 `'$$s. 888 888 .d8' 88 888 888 888 .8' 888 $$$ 888 `88b .d8888888 888 `88b 888.8' 888 .$$$' 888. .88P 88 888 .88P 8888' 888 .s$$$' `Y8bood88P 88 `Y8bood88P `Y8bod8Y' `s. sS$$$' `$$$$$' 88888888 88888888 .s$$$'`$s. 8888888 8888888 .s$$$$$' `$$s. 8888888 8888888 .s$$$$$$' `$$$s. `8888888. .8888888' .$$$$$$' `$$$s. `ooooooooooooooooooo' $$$$$$' B 4 B 0 `$$$$. [ eight is great ] `$$$$$s. .s$$$$$ `$$$$s. .sS$$$$$' "I believe the only positive recourse `$$$$$$$$$$$$$$$' is through the means of justice, the `$$$$$$$$$$' means of liberation; the means of B4B0." - Noam Chompsky www.b4b0.org [ yes, the "HEH" in all caps was started by B4B0 ] (c) 1999, B4B0 Worldwide Enterprises, LLC B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 A long time ago, in a galaxy far, far away... 8-=-=-=-=-=-=-=-=-=-=-=-=-8 | B 4 B 0 Eight: | | Th3 Qu3st f0r N3w K0d3Z | 8-=-=-=-=-=-=-=-=-=-=-=-=-8 "She's dead, j1mmy." - m1st4h cl34n .$@$@$@$. - B 4 B 0 - =-= $@ Cast: @$ =-= - B 4 B 0 - '$@$@$@$' tEEp .......................................................... as El Juevo c0mp4ct ..................................................... as Fast Benny phFh4Ck3r ................................................ as Henry Winkler phEEckZ .................................... as the California Dreamin' kid gRE-0p ................................................. as Honcho Overload thE MiLk ........................................... as Five Finger Freddie kuR4cK .................................................. as Nathan Johnson aH-lEHck ............................................ as Destruction Oliver sEEgn4l .................................................... as Udo Jergens jEEmEE ...................................................... as 'the Fist' g4rEE-n00 ...................................................... as himself smIEleH .................................................. as Onion Greenie pAH-bEhL .................................................... as Mace Windu hIE-bRIhD ............................................. as Ringo Castranoga m1st4h cl34n ......................................... 4s 31337 u3b3rm3nsch .$@$@$@$@$@$. - B 4 B 0 - =-= $@ Written by: @$ =-= - B 4 B 0 - '$@$@$@$@$@$' B4B0 Staff Likk3r fluffy coffee bunny pr0phet elaich cain fred_ schemerz nawk tGb various .$@$@$@$@$@$@$@$. - B 4 B 0 - =-= $@ Directed by: @$ =-= - B 4 B 0 - '$@$@$@$@$@$@$@$' mistah clean, th3 B4B0 fuX1n supr3m3 [ on the cover: logo by kkr and fuzebox, assembled by m1st4h cl34n ] [ other artwork done by: kkr, MiLk-MaN, and m1st4h cl34n ] B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 - B - 4 - B - 0 ~!@#~!@#~!@#~!@#~!@#! ! Table of Elements ! 8 B4B0 Eight 8 ~!#@~!@#~!@#~!@#~!@#! [ 1] B Introduction ............................................ m1st4h cl34n [ 2] 4 The Liberation of Normalcy .............................. m1st4h cl34n [ 3] B Bitslice DES .................................................. smiler [ 4] 0 LibTCL Stuff .................................................. Likk3r [ 5] B Introduction to MC/ServiceGuard (Part One)........................ tip [ 6] 4 The Daily Task at Hand ........................... fluffy coffee bunny [ 7] B Internet Explorer / Realm ....................................... nawk [ 8] 0 Operating Companies of the US ................................. hybrid [ 9] B Rolling Deep ..................................................... tgb [10] 4 The Physics of Handrails ....................................... jorge [11] B An Introduction to Smartlink(tm) 3175 APSS .................... elaich [12] 0 Programming with Files and Directories .......................... ph1x [13] B Gaining Access to the Virgin Baptist System .................. pr0phet [14] 4 To Foil Spoofing ............................................ schemerz [15] B 5ESS-2OOO Compact Exchange Units .............................. hybrid [16] 0 Parallel Port Hardware Interfacing .............................. alec [17] B NT General Overview ......................................... MiLk-MaN [18] 4 Conclusion .............................................. m1st4h cl34n ~!@#~!@#~!@#~!@#~!@ ! Attached Juarez ! 'juarez' directory ~!@#~!@#~!@#~!@#~!@ [ 1] B Arabian Name Translator (fn.c) ............................... comp4ct [ 2] 4 B4B0-Craq (b4b0-craq.tgz) ........................................ rsh [ 3] B LKM Stuff (lkm.tgz) ........................................... smiler [ 4] 0 Messaging System (hhp-ms.c) ...................................... tGb [ 5] B HEH File Fucker (wraith.c) ..................................... fred_ [ 6] 4 FreeBSD 3.0 Character Driver (fbsdchar.tgz) ..................... cain [ 7] B B4B0 Chiq of the Month Photo Spread (jennicide.zip) ........ jennicide [ 8] 0 Secret 0-day mp3 (0-day.mp3) ............................ k0d3 r3l4y3r x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x "For one cannot possibly understand the task at hand, without the full flavor of B4B0." - Phillip K. Dick x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@# ! Introduction ! m1st4h cl34n ~!@#~!@#~!@#~!@# ^^^^^^^^^ $$$$$$$$$ /--------------------------------\ $$$$$$$$$ | g1b00r m3 d4t B4B0 sh1zz!@#!@# | | ^ ^ | 0-d4y3 \--------------------\ /--------/ ( -0-^-0- ) <-- k0d3 \ | u | k1d ` | <=> | \_____/ normalcy. the everyday lullness of life never seems to have had its way with the most of the lot; yet most seem content with it. the end of the ways of the truth are burdened upon the ordinary soul. how does one overcome this? how can one look to the sky and exclaim, 'free me from my burdened life! i want to taste the impeccable taste of liberation! i want to live life to its fullest!' however, these cries of help remain unanswered. it is with the implementation of 'Ultimate B4B0' that one can attain a higher spiritual sense of being. Ultimate B4B0 is the way. freedoms gathered from the broad regions of the earth come forward to kiss the poor man's feet. and yet there is a whirling dervish of implication that freedoms lie unburied within the soul. the simple answer is to let these out. it is with Ultimate B4B0, that this is acheived. your fucking editor, m1st4h cl34n - B4B0: Where you always save more money. - Move over bacon, now there's something B4B0ier! - Blue bars, white stars, it's the Dukes of B4B0 inside that car... - Five eight eight, two three hundred ... bah b0h! - Can anything stop ... the B4B0-mal! - Domo arigato, mister bah-bah-b0h... - With your amazing B4B0-kit, you could be raking in tens of thousands of dollars every week! - B4B0: Enjoy the ride. - There's nuthin nuthing, like a B4B0-muffin... - Monster B4B0's ... this Sunday, Sunday, Sunday, Sunday ... - B4B0 spark plugz ... what a rush! - B4B0: What luxury should be. - B4B0: I hope your speed over the rival. - B4B0: Always fresh, never frozen. - Pray to the gods of B4B0 for your victory. - B4B0 Joe: He's a real American hero. Greets (no particular order): ----------------------------- steve albini, the jesus lizard, hybrid, everyone at 9x, everyone at dope.org and Apocalypse 2000 BBS (ie, fringe, silo, lineman, trainrek, angrinon, et al), everyone in chicago, jennicide, chiXy, patpoker, miah, the whole uddf crew, everyone at rhino9, samjay, assem, qytpo, ohday, st0ner, fuzebox, phlypside, module, #tamarac, mr. and mrs. harney, headflux, rash, guidob, gob, elaich, gb, dap, elaich, airport man, csoft, semloh eitak, touch and go records, the fireside bowl, the chicago indie rock scene, Phrack, BoW, H4G1S, Persiadic, vect0rx, rach, pr0phet, fred, schemerz, NoU, Radiohead, Burning Airlines and pr0p4h-m3th0d for editting issue four. Fuck Yous (no particular order): -------------------------------- Andre Klophus (eggdrop kiddie) MTV - for putting out the Ostre, GA N-2621 and shittiest shit in +47 950 48606 'original' programming The Usual (no particular order): -------------------------------- B4B0's Official Spokesperson for Issue 8: Paul Reubens B4B0's Correction for Issue 6: so1o is now known as fzx or forenzix, or Chris McNab; he runs ns2.co.uk; he's also known for the recent www.senate.gov stuff; I'm sure you know this stuff already. B4B0's Cool Website of the Month: http://www.dope.org B4B0's Chiq of the Month: jennicide (she gibb0rz m1st4h cl43n m4d st1ff13z) B4B0's Drink of the Month: Crown and Coke B4B0's Official Car of the Month: 4th Generation Z: 300zx Twin Turbo (90-96) B4B0's Movie of the Month: Blue Velvet (directed by David Lynch) B4B0's Official Songs of the Month: ANYTHING by Xerobot (fucked up Wisconsin band) ANYTHING by Zeni Geva (fucked up Japanese band) Mr. Roboto by Styx B4B0's Albums of the Month: Six Finger Satellite - Severe Exposure (Sub Pop) Brainiac - Bonsai Superstar (Grass Records) The Jesus Lizard - Goat (Touch and Go) B4B0 Comment of the Month: Our nads are not only toasty warm and dangle perilessly from the cold, but they are also quite mallable. Would your eager hands feel? B4B0 Stupid Shit of the Month: Snowboarding and snowboarding-referencing TV commercials. Official Idiot of the Month: Neo (from uddf.net) Email us: lettersb4b0.org x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x !B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0 !B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0 !B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B4B0!B x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! ! The Liberation of Normalcy ! m1st4h cl34n ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! Article Six: Liberation of Normalcy The dead ringers of stalled time reign supreme in the ears of the countless masses hushed in soothing solitude. How does it end like this ... life with- out the fervor of embellishment? If you do refer to Article One: Ultimate B4B0, you will find stated, "The liberation of the fallacy known as normalcy is not only limited to one cause ... comprised of many individuals designed to help the resurrection of vice." It is with this Resurrection of Vice that all is possible. It is not merely another term for the all-endearing, "Ultimate B4B0," rather the appraisal of the senses into depths never before explored. The Resurrection of Vice is the freedom that will surround you and free you of your shackles. It is with the Essence of B4B0, the "Golden Calf" which makes the im- possible possible. A sight to behold, the "Golden Calf" not only holds the entrails of the residual embellishment of life, but represents the fine line between religion and empowerment. The power of the Essence of B4B0 truly is a force to be reckoned with; teenage girls quiver with bent knees merely at the mention of its name. Grown men have been known to cause "disco dump" overhearing its name. And it is with the devout study of B4B0's theology that makes everything in life easier to understand. Ultimate B4B0 makes this possible. The Resurrection of Vice makes this possible. The Essence of B4B0 (the "Golden Calf") makes this possible. It is up to the practitioner of B4B0, on how far does the liberation of normalcy goes. - m1st4h cl43n x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x _____________________________ | I dr1nk M1Lk s0 sh0u1d you | __________ |---------------------------- \ MiLk / / ------------- / (.) (.) / O / ( ) / \ / /\ 0 /\ / --- \ |__ b4b0_| | || || | | || || | @ ----- @ | | | | | | | | | | | | @@@@@@@ Slide 1 x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@# ! Bitslice DES ! smiler ~!@#~!@#~!@#~!@# The Data Encryption Standard (DES) has been a worldwide standard for 20 years. Although it is showing signs of old age, it has held up remarkably well against years of cryptanalysis. Recently two cryptanalysis techniques - Differential and Linear Cryptanalysis - have emerged that can greatly lower the complexity of an attack on DES. However they are generally regarded to be impractical against full 16-round DES, requiring 2^47 chosen plaintexts or 2^55 known plaintexts. Most of the time you will only know one plaintext block (and the cyphertext block it corresponds to). So at the moment the best way to discover the key is by brute force. The keyspace is sufficiently small (2^56) for a brute force attack to be viable. This of course means you will need at least one block of plaintext. The NSA is believed to have hardware implementations of DES that can brute force the entire key-space in as little as a day. Probably less. However because of the huge expense, most people will most probably only be able to get hold of a software implementation of DES. These are of course much slower. Nearly every single operation in DES involves swapping individual bits between 64-bit words - your average 32-bits microprocessor is not particularly good at this. A simple minded implementation would take ~200 cycles to complete just one expansion permutation, where as in hardware it would take something closer to 5 clock cycles. And even with amazingly cunning optimisations (see Eric Young's DES lib) a software implementation is always going to be a fair bit slower. Until recently Eric Young's DES implementation was the fastest around, until somebody came up with Bitslice DES. But everybody still uses Eric Young's library because Bitslice is only suitable for a brute force key search. Before I dive straight in to bitslice DES, I'll explain very briefly the workings of DES. In DES, a block is 64 bits long. The right half of the plaintext block is combined with a 48-bit subkey extracted from the actual key to give a 48-bit output. This passes through an "S-box substitution", consisting of 8 S-boxes, each of which take a 6-bit input and give a 4-bit output. Hence a 48-bit input block goes to a 32-bit output block. Traditionally each of these S-boxes are thought of as table lookup operations. Each entry in the box is a 4-bit number. 2 of the input bits determine the row, the other 4 determine the column. This, with a few other operations constitutes one round of DES. In full DES there are 16 rounds. If you want more information on DES and cryptography in general, I would suggest buying Bruce Schneier's "Applied Cryptography", although there a few cryptography pages scattered around the web. If you just want a simple, fast(ish) implementation of DES, then Eric Young's SSLeay is probably your best bet, it can be found at ftp.psy.uq.oz.au/pub/Crypto/SSL. In software it is the S-Boxes that are the bottleneck in terms of speed. So most software implementations simply represent each S-box as a table of 64 values (referenced by the 6 input bits). Software implementations also make optimisations to speed up the other operations like the Expansion, Key, Initial and Final permutations. But however fast these are, they are still just souped up versions of the original DES implementation. Bitslice takes a new approach. Instead of encrypting one block at a time, Bitslice DES can encrypt 32 blocks in parallel (or 64 blocks, depending on the size of the processor word). This isn't quite as fast as it sounds, as each operation is done one bit at a time. Various tradeoffs mean that on a 64-bit processor, the bitslice implementation is from 1.5 to 3 times faster than the fastest DES libraries. Bitslice on a 32-bit processor is usually marginally slower than the fastest normal DES encryption program. It is kind of difficult to explain in words how the plaintext blocks are arranged, so I've come up with a couple of diagrams to illustrate it. Think of a processor word as going across. So normally, each block is stored in its own word. But in bitslice, each block goes vertically downwards, with corresponding bits from different blocks being stored in the same word. Note this is how both the plaintext blocks, and the key blocks are arranged. -----[ Ordinary Software Implementations: ------------ | 0 --- 63 | Block 0 ------------ . . ------------ | 0 --- 63 | Block 63 ------------ -----[ Bitslice Implementation: ------- |00|00| ... ------- |01|01| ... ------- . . . . ------- |63|63| ... ------- The advantage with the bitslice implementation is that each individual bit(for all blocks at the same time) can be accessed quickly in software, so all the expansion,p-box and compression permutations are considerably faster, not least because they are done 64 times in parallel. If for instance you XOR 2 words together, then you effectively are performing XOR 64 times in parallel, albeit 1 bit at a time. So with this method everything becomes much simpler and faster. The main bottleneck again is the S-boxes. The lookup tables needed to perform an S-box substitution would be enormous(2^376 bytes) and would make bitslice unviable. So instead of thinking of S-Boxes as lookup tables, they are thought of as digital circuits, such that given the 6 input bits, they will give the 4 output bits specified by the S-Box. This digital circuit can be composed solely of AND, OR and NOT gates (its a law of boolean algebra). Optimisations can be made so that it is composed of NAND, NOR, XOR and XNOR gates. Note that in x86 assembly there aren't any distinct instructions for NAND, NOR, XNOR, so you have to chain an ordinary gate with a NOT gate. However, other less crappy architectures do have these gates, and bitslice can be optimised for these. People have suggested using Karnaugh Maps (a method for constructing a digital circuit from a table of values) for this but, for a 6 bit input, Karnaugh Maps are quite difficult to do. So I prefer to use normal boolean algebra. I won't go too deeply into this but I'll just show you how you can make a digital circuit if you only have 3 input bits and 1 output bit. Ph33r the ascii notation. A.B = A AND B A + B = A OR B A^B = A XOR B _ A = NOT A Here are some useful identities, check the truth tables if you want... _ _ _______ A.B = (A + B) _ _ _____ A + B = (A.B) _ _ A.B + A.B = A ^ B _ _ _______ A.B + A.B = (A ^ B) _______ _______ A.B + (A + B) = (A ^ B) A.B + B = B _ A + A = 1 Take as an example this table of values: A | B | C | Q | --------------- 0 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 1 | 0 | 1 | 1 | 1 | 1 | 0 | 0 | 1 | 1 | 0 | 1 | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 1 | 1 | One way (and I must stress this is only one way) to make a digital circuit, is to take all the combinations that give an output of 1 and form AND gates for each combination: _ _ _ _ _ _ _ _ A.B.C + A.B.C + A.B.C + A.B.C + A.B.C = Q _ _ _ _ _ _ B.C(A + A) + B.C(A + A) + B.(A.C) = Q _ _ _______ B.C + B.C + B.(A + C) = Q _______ _______ (B ^ C) + B.(A + C) = Q Note that if I had used a Karnaugh Map I would have ended up with more gates, because there is no method for using XOR gates with a Karnaugh Map. This has never really been a problem, I guess, because XOR gates are more expensive in simple digital circuits, but in software all the gates have an equal weighting. So that gives a final equation with only 6 gates (count them) even if we aren't allowed NOR or XNOR gates. Of course in this case there were 5 True output bits, so it would probably have been best to make an equation that represented the False output bits, and NOT the whole thing. If you want that represents 6 input bits, you can simple chain them together. For instance if D, E and F represented the last 3 bits you could say that: _ _ _ _ _ _ _ D.E.F(Q1) + D.E.F(Q2) + D.E.F(Q3) + .... + D.E.F(Q8) Where Qn is the gate circuit you've calculated based on that particular subset of values. You can then simplify as you wish. Remember that if you have many repeated expressions, you can store the results in memory and use them again. To get a four bit output, the best way that I know of is to just do the process four times over, although there will be plenty of redundancy between the four circuits. And then once you've got one S-box, there's still another 7 to go, HEH, so its a lot of work. The aim as you might have guessed is to get the gate count as low as possible, as this would obviously make bitslice even faster. A simple(ish) gate circuit will still contain 150 gates, but it can lowered to somewhere between 50 and 60 (a record held by a Matthew Kwan). The topic is still, as far as I know, wide open - nobody knows for sure what the fastest combination of gates is (and I doubt nobody will). Also if you do find a combination with less gates, there are still issues to deal with like the fact that x86 logic instructions only take 2 operands (unlike sparc and alpha asm). Meaning that the output is put into one of the input registers, so we can not naively transpose a digital circuit onto assembly code. And there is also the fact that there are a limited number of registers, so which values do we hold in the registers, and which values do we hold in the stack ? Bear in mind that in 486 asm it takes from 2 to 3 times longer to perform a logic operation if one of the operands is a pointer to memory, depending on which is the first operand. And in 386 asm it is even worse, taking 3 to 4 times longer. So there is always room for improvement, over even the smallest gate circuit. If you want a real live implementation of bitslice DES, there is one at www.darkside.com.au/bitslice, or you can always check out John the Ripper which also has a bitslice implementation (derived from Matthew Kwan's code I believe). Thanks to Matthew Kwan for helping me with this concept. -smiler@tasam.com -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQBNAzdMEXQAAAECAOtu5IXHjmAHETRPYdt+pjUxE/F7W0VPTW7e9cehjzdKPI8d EHbl1Tct7rgIRganQQFGDHAapg0YuK9fHpZIcf0ABRG0GXNtaWxlciA8c21pbGVy QHRhc2FtLmNvbT6JAFUDBRA3TBF0uK9fHpZIcf0BAa/hAgCJWL0nSLN6H9//Ok3Y n57F5oPDO42b+J13+Qds/hqori3CD0kSn8nRIkYBJ8ONcQ8t1M12zuFsaapLbFhv zOD1 =IEeP -----END PGP PUBLIC KEY BLOCK----- x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x "The simple vision could not have been more simpler. How could I have gone so far in life without B4B0?" - William S. Burroughs x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@# ! LibTCL Stuff ! Likk3r ~!@#~!@#~!@#~!@# When Dr. Ousterhout wrote the Tcl language, he built the interpreter as a library. This means that you can use Tcl to script your programs really fucking easily! The Library: struct Tcl_Interp - This is the data structure used by the library to represent an interpreter. All functions will use it in some way. Tcl_Interp *Tcl_CreateInterp() - This function sets an interpreter up so that it is ready for evaluation. int Tcl_EvalFile(Tcl_Interp *X, char *NAME) - Uses X as the interpreter in which to run the commands found in the file whose address is contained in NAME, runs the commands and returns either TCL_OK, or TCL_ERROR. int Tcl_VarEval(Tcl_Interp *X, char *INST1, char *INST2..(char*)0) - Creates a script comprised of the commands found in INST1,2,3,etc. until it reaches the null pointer, runs the script, and again, returns either TCL_OK or TCL_ERROR. interp->result - This member of the structure holds a message regarding the result of running the script, it will give you the details o any errors if TCL_ERROR is returned by one of the int functions. void Tcl_CreateCommand(Tcl_Interp *X, char *NAME, Tcl_CmdProc *CMD, ClientData ARGS, Tcl_CmdDeleteProc *DEL) -This function, while inside of X, allows you to call the C function named in CMD through scripts using the new tcl command NAME, ARGS will be the arguments to the function, and DEL will be called if you delete the function from X. int Tcl_DeleteCommand(Tcl_Interp *X, char *NAME) - deletes command NAME from interpreter X Incase none of that made sense, here is a bit of code that uses all but interp->result and Tcl_VarEval. ghay.c: #include #include /* ghay.c by Likk3r */ int ghay(ClientData poop, Tcl_Interp *ghay, int argc, char *argv[]){ if(argc==2){ printf(argv[1]); } return TCL_OK; } int main(int argc, char *argv[]){ int rumncoke; Tcl_Interp *b4b0; if(argc>=2){ b4b0=Tcl_CreateInterp(); Tcl_CreateCommand(b4b0,"ghay",ghay,(ClientData)0,(Tcl_CmdDeleteProg*)0); rumncoke=Tcl_EvalFile(b4b0, argv[1]); } return 0; } A little bit of Tcl testing it out: #!/root/ghay foreach thing {b4b0 is the shit} { ghay $thing ghay "\n" } If everything is compiled, and the script is executable, you should see this: #./test.tcl b4b0 is the shit # x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ^^^^^^ !!!!!! 3y3 th1nk th3r3'z ju5t t00 mUcH sh1zzz!!! ' @ @) 3y3'm g01nG t0 l00z my m1nd!@#$!@#$! ({ >) \ O) <------ th3 n3w w4v3 0f r3dl1n3 k1dz ` ' Slide 2 x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@~!@#~!@#~!@ ! Introduction to MC/Serviceguard (Part One) ! tip ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@~!@#$!@#$!@ With the advent of "high availibility," uptime is the critical word. How can one maintain uptime with a network interface goes bad? How about disk failure? How about CPU failure? How about software failure? Enter MC/Serviceguard, for HP9000/s800's. What MC/Serviceguard does is cluster a networked group of HPs (called nodes) running applications/volume groups (called packages). These nodes will detect if one of them fails (networking, CPU, etc). Of course you can do simply NIC failover on a single box as well. Typically, the nodes are on two or more networks, in case of failure on one network. A "heartbeat" signal is sent on one (or more) of these networks to insure that connectivity is operational. A backup heartbeat may be configured on an RS232 serial line as well (and can also be used to reduce load on your network). Here is a visual on the network configuration: -------------- --------------- | node A | | node B | | | | | | 1 H S F | | F S H 1 | -------------- --------------- | | | |---- failover ---| | | | | | --------- serial -------- | | | -------- heartbeat lan -------- | ------------ primary lan ------------ Note: primary lan fails over to failover, in case of failure on any of the network cards on primary lan. You may also have an additional card for additional networks (and have a failure card associated with each one). The heartbeat lan is a private vlan associated with the nodes for the heartbeat only, although you may have this on your primary lan (or serial). You may use 10/100BT or FDDI. The heartbeat detects connectivity between the machines. In terms of disk failure, nodes may be connected to disks (packages) via SCSI (single ended or fast/wide) (max: 4 nodes) or fiber-channel (ie, on an EMC frame) (max: 16 nodes, which is the maximum for MC/Serviceguard). Typically packages are setup so that the nodes share them. Here is a visual layout on the package configuration: --------------- --------------- | node A | | node B | | | | | | root disk |-- pkg A --- pkg B mirror --| root disk | | root mirror | | root mirror | | |-- pkg A mirror --- pkg B --| | --------------- --------------- Now in the above example, nodes A and B contain their own root disks and root mirrors. Package A and B and their mirrors are on both nodes. Package A is run normally on node A and package B is run normally on node B. In the event of a failure on node A, node B assumes the responsibilities of both packages A and B. Obviously in the event of a hardware or software failure of package A, MC/Serviceguard may switch to the mirror. Of course with the above examples, you are not limited to two nodes. As said before, maximum node availability is limited by use of SCSI or fiberchannel. An ideal setup would involve use of a private vlan and serial line for heartbeat, with a primary and failover NIC for each network. That's it for Part One. It's rather short, but is groundwork for Part Two, which will go into software components and monitors. x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x "There are things known and unknown; however what lies distinctly true is the way of B4B0." - Henry Rollins x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~! ! The Daily Task at Hand ! fluffy coffee bunny ~!@#~!@#~!@#~!@#~!@#~!@#~! ^ ^ /-------------------------------------\ : : : : / !B4B0! is my reason to live!@#!@#!@# | : : : : /_________________________________________/ ' ^ ` / : @ @ : =-=-= o =-=-= <---- d4t c0d3 k1d, fluffy coffee bunny `\__0__/' / \ i went to the coffee shop the other day, and ordered a vanilla hazelnut latte. there's nothing like a particular breeze in the sunny afternoon, how the wind ruffles your fur and sparkles in the rippling water. this particul- ar afternoon was a perculiar one, if any. basically two furry kids came into the shop, smoking their cigarettes and laughing. there were talking about how there was nothing in common between rabbits and squirrels. suddenly, this huge squirrel walked in. he ordered a amaretto cappucino and sat beside me. "hear the story about wood owl?" he asked me. "no," i replied, as i sipped my latte. he smiled grimly, and shook my hand. "i'm fluffy squirrel," he exclaimed. "what a coincidence. i'm fluffy c. bunny," i answered back. in a twitch of the eye, he started banging his head on the counter. "i want to have a pissy fit about the whole world, wrapped in onion skins, with a twist of lemon!" he screamed at the top of his lungs. i smiled bitterly and cried Mozart. the two kids observed us, and started hopping up and down as fast as they could, eventually hitting their heads on the ceiling. wood owl came into the shop, busting in with air of importance. "i've got belgathytic news!" he screamed. two the kids started bouncing into each other. "psychopathic duty!" screamed fluffy squirrel as he started jumping up and down. i couldn't help but to laugh madly; uncontrollably as i coughed up last night's carrot stew dinner. the room heaved with an old, tired screak. the clerk shouted, "there's no more time for meal time! i can't help it! help the proxy sucker one less hurt left but hurt less indeed!" i didn't look back. i left the store feeling a little better and knowledgable. oh golly. x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x MM!: XMMMMX!X!" ?M!X?MMSX!M?~ !!!!!X!MM?X!tXMXMMM5$$XXM$5 ?!!!\WRMM!!HM~: ~!MMXMMM!X!!!!!!!!X!XXMMM!MX! `t?MMRB$M$$$ H!!:MRM!XMMM!" XXMMMMM!!!H!!~!!!!!!M!MMMMM?X ' 8XMMR$MR$$ !~XMM!HM8MMMX.:!XNMMMMMM!!!@XX.!!X!XXMMMMMMMMM:'kMMXMMMBXM$ :!!!8$$$RMM!!!!$$$$MMMMMXM!X!!XX!!!MX!XMMMM8M$M:M$@M!!?MMXM ~!t$$$$$MM!!!t$$$$$RMMMMMMX!X!!!!!X?MMMMMM$$$$BMR$$$MX!MMMX XMMM$RMMM!\!?#"$$$$$$$$BMMMMB4B0!!!XM@MMMM8$R #8MRB$$MMX!MM MMXMMMM!~:!'. `!RB$$$$B$WMMMMMMMMMMMM@R8M$$$E<.`HMM$$$$$X!! XXX!X!~xMX!` . .ad888888888888bo. .ad8888' `8888bo. .a888'. 8 .a b o. 8 `888o. .a88' . \8 988 4 88B 8 \. `88o. r0cK m3 l1k3 4y -g8' `-\ 8 988 b 88B 8-'. / `8n- hurr1c4n3!!!! 'Y88. '`- 8 `88 0 88' 8 \ \-.88P' `Y888.-/ 8 `' ! '' 8 '.888P' `Y88888. .88888P' `YB8888888888888P' Slide 5 x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!#@~!@#~!@#~!@#~!@#~! ! An introduction to Smartlink(tm) 3175 APSS ! elaich ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! This text is an introduction to the smartlink(tm) 3175 automatic protection switching system by westell technologies. Introduction: SmartLink(tm)! The Westell 3175 Automatic Protection switching system(APSS), also know as SmartLink(tm), is a fully automatic protection switching system for up to 20 DS1 circuits per shelf. If any one of the circuits become defective, the system will automatically switch the defective customer's T1/DS1 (hi-Cap) circuit to something called a "hot spare" protected circuit (T1/DS1-Hi-Cap) to provide the gimp uninterrupted service. The SmartLink(tm) system is designed for use with traditional repeatered T1, HDSL, fiber circuits, and digital radio applications. The Local Loop: The local loop is missing two things the rest of the Network has which are: 1) Redundancy, and 2) NMA Access. Which looks something like this... (dont flame my pic.)... ) )) NMA ())))) .. . / )) . . . / \ ) . . . / \ . . . CELL / . . . . SITE----><---X^X---><----CO-----//-----CO | '. | | . | |. . |. //------CO-----// ' ' ------------------------------------------------------------ Features: A fully automatic protection system that will bring reundancy and NMA accesibility to the local loop. Perfect for unmanned location. Will protect from 1 to 8 lines with a signal protection span. E2A/X.25 NMA interfaces. Switch the costomer to a "good" facility before he knows there is a problem. Constantly monitors each line for the following troubles: >Loss of T1 signal. >Error rate by calculating its own CRC. Will switch to protection in less than 10ms. Self healing: >When the problem is cleared, the switch will revert back to the original span. >Will not oscillate, 2 hour lock and 2/24 hour lock. Intelligent: >Will provide alarming. >Will report thru NMA. ------------------------------------------------------------ Configuration front view: Central office shelf: ___________________________________________________ __| |L|L|L|L|P|L|L|L|L|P|L|L|L|L|P|L|L|L|L|P|L|L|L|L| |__ |()| |I|I|I|I|CII|I|I|I|C|I|I|I|I|C|I|I|I|I|C|I|I|I|I|O|()| | | |N|N|N|N|U|N|N|N|N|U|N|N|N|N|U|N|N|N|N|U|N|N|N|N|S| | | |P|E|E|E|E| |E|E|E|E| |E|E|E|E| |E|E|E|E| |E|E|E|E| | | | |C| | | | |/| | | | |/| | | | |/| | | | |/| | | | |C| | | |U|C|C|C|C| |C|C|C|C| |C|C|C|C| |C|C|C|C| |C|C|C|C|A| | | | |A|A|A|A|E|A|A|A|A|E|A|A|A|A|E|A|A|A|A|E|A|A|A|A|R| | |()| |R|R|R|R|X|R|R|R|R|X|R|R|R|R|X|R|R|R|R|X|R|R|R|R|D|()| '--| |D|D|D|D|P|D|D|D|D|P|D|D|D|D|P|D|D|D|D|P|D|D|D|D| |--' '---------------------------------------------------' ------------------------------------------------------------ System configuration: Model/Description/CLEI-CODE: _Model_ _Description_ _CLEI-CODE_ A90-3175-01 Alarm interface card...................T1LIX001AA A90-3175-10 Test access Card.......................T1LAESEBAA A90-3175-40 Protection control Unit................T1LIYY01AA A90-3175-41 Line interface Card....................T1LI1Z01AA A90-3175-42 Line enterface card w/PRE-EQ...........T1LIZZ01AA A90-3175-43 Protection control unit w/PRE-EQ.......T1LI54B1AA A90-3175-45 Expansion Card.........................T1LI2001AA A90-31AP23 Central office shelf...................T1MSGN07MA A90-31AP404 Four position remote mounting shelf....T1MSHL07MA A90-31AP408 Eight position remote mounting shelf...T1MSHN07MA ------------------------------------------------------------ That's it for the introduction of the Smartlink(tm) 3175 APSS... Next will be a more advanced text including some of the few topics: Central office installation. Remote installation. Circuit turn-up and testing procedure. Alarm indication. Remote site wiring diagram. ------------------------------------------------------------ http://hhp.hemp.net x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x My left nad is twirling at a slightly higher rate than the other. This is all for you, the reader. x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! ! Programming with Files and Directories ! ph1x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! This article, is going to cover the basics in coding with files and directories. We are going to learn about how to obtain the stats/attributes on files, who the files are owned by, the permission bits etc etc. After I go through some basic stuff, we will write our own version of "ls" with much room for improvement.. Every single bit of information about a file, except the name of it is found inside a structure called an i-node. There are several ways to go about getting this information. You can use the three following system calls: stat() | prototype-> int stat(const char *path, struct stat *st); lstat() | prototype-> int lstat(const char *path, struct stat *st); fstat() | prototype-> int fstat(int fd, struct stat *st); I would have to say that "stat" is the most commonly used syscall of the three. It basically just gets info about a file whose name is given by path and it places the data into a variable pointed to by st, which is of type struct stat. There is only one difference between lstat and stat, and that is when the pathname is to a symbolic link. stat would return information about the file to wherever the link happens to point to. lstat actually returns info about the link itself. Then we have fstat. It takes a fd to an open file and reads info about the file. All of these syscalls, require "sys/types.h" and "sys/stat.h". THE FOLLOWING: ------------------------------ st_dev st_gid st_ino st_ctime st_mode st_mtime st_nlink st_atime st_uid st_size st_rdev st_blksize st_blocks; -------------------------------- Are all members of type struct stat. I have taken the time to define all of these elements, as many of them are important to know. st_uid: The user ID of the user owning the file. st_gid: The group ID of the group owning the file. st_dev: This is the major and minor device numbers of a device on which the i-node associated with this file (and therefore the file iteself) are stored. st_ino: The i-node number of a file. st_mode: A set of bits encoding the files type and access permissions. Im sure we all know how to read these bits. st_nlink: The number of linkes associated with a file. If a file has just been created, it has the value of '1'. This value is is incremented by 1 for ever hard link that is made to da file. st_rdev: If the file is a character-special or block-special device then this field contains the major and the minor dev numbers of the file. Unlike st_dev which has the major and minor dev numbers of the device on which the file is stored.) st_size: The size of the file, in bytes. st_atime: The last time the file was accessed for reading, or if the file is an executable. The last time that it was executed. st_mtime: The last time a file was written to (modified). st_ctime: The last time the i-node was changed. st_blksize: A hint to programs about the best buffer size to use for i/o operations on this file. st_blocks: The total number of physical blocks that are actually allocated on the disk for this file. Lets go back to the st_mode member of struct stat. This is very important, because it encodes both the files type AND its permission bits. These file statistics can be read by using quite a few different constants that have been defined in our friendly header file S_IFMT: This constant extracts the file type bits from the st_mode word. S_IFREG: Regular file S_IFDIR: Directory S_IFCHR: Character-special device file S_IFBLK: Block-special device file S_IFLNK: Symbolic link S_IFIFO: FIFO file S_IFSOCK: unix domain socket Now,there have also been a newier defined set of macros on posix-compliant systems, that you can ALSO use to determine the type of a file..... S_ISREG: If true, the file is a regular file. S_ISDIR: If true, the file is a directory. S_ISCHR: If true, the file is a character special device file. S_ISBLK: If true, the file is a block special device file. S_ISLNK: If true, the file is a symbolic link. S_ISFIFO: If true, the file is a FIFO type file. S_ISSOCK: If true, the file is a unix domain socket. The following constants, will give you information about a files ownership, permission values etc. When you AND the constants with st_mode and the value is non-zero. S_ISUID: The file has the set-user-id-on-execution bit set. S_ISGUID: The file has the set-group-id-on-execution bit set. S_ISVTX: The file has the "sticky bit" set. S_IREAD: This will determine if the owner of a file has read perms. S_IRUSR: The owner has read perms for the file. S_IRGRP: The group owner has read perms for the file. S_IROTH: Everyone has read perms for the file. S_IWRITE: You can determine if the owner of the file has write perms. S_IWUSR: The owner has write perms for the file. S_IWGRP: The group owner has write perms for the file. S_IWOTH: Everyone has write perms for the file. S_IEXEC: The owner has execute perms for the file. S_IXUSR: The owner has execute perms for the file. S_IXGRP: The group owner has exec perms for the file. S_IXOTH: Everyone has execute perms for the file. OK!@#$ THIS ABSOLUTELY HUGE LIST OF CONSTANTS MIGHT HAVE YOU BOGGLED. What exactly am I suppose to do with them? YOU ASK! Well we are going to write a little program that uses "lstat" to obtain and print info about each file that is named on the command line. In this particular program, we are going to use the older defined constants, and not the newer ones for posix compliant systems. ---------------------------example1.c------------------------------ /* gcc example1.c -o example1 usage: example1 */ #include #include #include #include char *typeoffile(mode_t); /* need mode_t to use st_mode */ char *permoffile(mode_t); void outputstatinfo(char *, struct stat *); int main(argc, char **argv) { char *filename; struct stat st; // for all of the files on the command line... while(--argc) { filename = *++argv; // get infoz about the file if(lstat(filename, &st) < 0) { perror(filename); printf("\n"); continue; } // print out the information we gathered from file outputstatinfo(filename, &st); printf("\n"); } exit(0); } void outputstatinfo(char *filename, struct stat *st) { printf("File Name: %s\n", filename); printf("File Type: %s\n", typeoffile(st->st_mode)); // if the file is NOT a device, print its size and best i/o unit. // other wise print its major and minor device numbers. if(((st->st_mode & S_IFMT) != S_IFCHR) && ((st_.st_mode & S_IFMT) != S_IFBLK)) { printf("File Size: %d bytes, %d blocks\n", st->st_size, st->st_blocks); printf("Optimum I/O Unit: %d bytes\n", st->st_blksize); } else { printf("Device Numbers: Major: %u Minor: %u\n", major(st->st_rdev), minor(st->st_rdev)); } // print the perm bits in "ls" style format, and in octal. printf("Permission Bits: %s(%04o)\n", permoffile(st->st_mode), st->st_mode & 07777); printf("Inode Number: %u\n", st->st_ino); printf("Owner Userid: %d\n", st->st_uid); printf("Owner Group-id: %d\n", st->st_gid); printf("Link count: %d\n", st->st_nlink); // Now were gonna use st_dev to print the major and minor // device numbers of the file system that contains the // file were viewing. printf("File system device: Major: %u Minor: %u\n", major(st->st_dev), minor(st->st_dev)); /* * Were now going to print the access, modiciation, and * change times. The ctime() function converts the time * to a human readable format just so you know. */ printf("Last access: %s", ctime(&st->st_atime)); printf("Last mod: %s", ctime(&st->st_mtime)); printf("Last i-node change: %s", ctime(&st->st_ctime)); } // the typeoffile function returns the letter that indicates // the file type. char * typeoffile(mode_t mode) { switch(mode & S_IFMT) { case S_IFREG: return("regular file"); case S_IFDIR: return("directory"); case S_IFCHR: return("character-special device"); case S_IFBLK: return("block-special device); case S_IFLNK: return("symbolic link"); case S_IFIFO: return("fifo"); case S_IFSOCK: return("unix domain socket"); } return("HEH ?"); } /* OK LAST BUT NOT LEAST OUR "permoffile()" function. */ char * permoffile(mode_t mode) { int i; char *p; static char perms[10]; p = perms; strcpy(perms, "---------"); /* * Being the bits are three sets of three bits: * User - read/write/exec, group - read/write/exec * other - read/write/exec. Will deal with each set * of three bits in a pass through the loop. */ for(i=0;i<3;i++) { if(mode &(S_IREAD>>i*3)) *p='r'; p++; if(mode &(S_IWRITE>>i*3)) *p='w'; p++; if(mode &(S_IEXEC>>i*3)) *p='x' p++; } // now if((mode & S_ISUID) != 0) perms[2] = 's'; if((mode & S_ISGID) != 0) perms[5] = 's'; if((mode & S_ISVTX) != 0) perms[8] = 't'; return(perms); } ---------------------------END---------------------------------------- WORKING WITH DIRECTORIES.... Getting the current working directory.... Use the getcwd() function. Synopsis - #include char *getcwd(char *buf, size_t size); This gets the pathname of the current working directory, and places it into the character string that is pointed to by *buf. Who's size os given by "size". Changing the Current Working Directory Use the chdir() function. Synopsis - #include int chdir(const char *path); As you probably know, many different proggies need to be able to read directories. 'ls' for example, needs this so that it can get the contents of a dir. Check out the following.... Functions. #include // need diz DIR *opendir(const char *path); struct dirent *readdir(DIR *dp); long telldir(DIR *dp); void seekdir(DIR *dp, long pos); void rewinddir(DIR *dp); int closedir(DIR *dp); The opendir() opens a directory named in 'path' for reading... it then returns a directory stream pointer called DIR *. closedir() will close the directory stream that is reffered to by *dp. readdir() returns the next directory entry from the stream dp. The info is returned as a pointer to type struct dirent. struct dirent { ino_t d_ino; off_t d_off; unsigned short d_reclen; char *d_name; }; The d_ino member of the structure contains i-node number of the entry, d_off has the offset of the record in the directory file. d_reclen has the length of the directory entry record, and d_name contains the name of the entry. When readdir() gets the end of the directory file, it returns NULL. telldir() returns the current file offset in the dir file. seekdir() sets the current offset to the value specified by "pos" Ok, your obviously going to have trouble comprehending all of these functions and there purposes without working with them and knowing exactly how to use them. Lets write our own version of "ls". The following is an EXTREMELY simple version ls, that prints no file attributes/stats and prints all files in one color. ----------------------------ls-1.c----------------------------------- #include #include #include #include #include #include #include #include #ifndef PATHMAX #define PATHMAX 255 #endif #define MAX 18 /*global*/ char cwd[PATHMAX + 1]; char color[MAX + 1]; char green[] = "\e[0;1;32;40m"; void list(char *dir); void gcwd(void); void arglist(char *dir); void main(int argc, char *argv[]) { DIR *dirp; struct dirent *direntp; if(argc !=2) { gcwd(); } else if(argc == 2) { printf("Listing contents of %s\n", argv[1]); strcpy(color, green); sleep(1); arglist(argv[1]); } } void list(char *dir) { DIR *dirp; struct dirent *direntp; if((dirp=opendir(cwd)) == NULL) { fprintf(stderr, "Could not open %s directory: %s\n", cwd, strerror(errno)); exit(1); } while((direntp=readdir(dirp)) != NULL) printf("%s %s ", direntp->d_name, color); printf("\n"); closedir(dirp); exit(0); } void gcwd(void) { if(getcwd(cwd, PATHMAX) == NULL) { perror("Couldnt get directory"); exit(1); } printf("Listing contents of %s\n", cwd); sleep(1); list(cwd); } void arglist(char *dir) { DIR *dirp; struct dirent *direntp; if((dirp=opendir(dir)) == NULL) { fprintf(stderr, "Could not open %s directory: %s\n", dir, strerror(errno)); exit(1); } while((direntp=readdir(dirp)) != NULL) printf("%s %s ", direntp->d_name, color); printf("\n"); closedir(dirp); exit(0); } --------------------------------END------------------------------------------- Get the idea of some of these functions now? There is obviously much room to improve on this stupid little version Of ls. So I'm going to let you improve it by yourself. Use what you Learned to make it get file attributes. That's it. I hope you got something from this article. ph1x@b4b0.org x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x eightisgreateightisgreateightisgreateightisgreateightisgreateightisgreateight isgreateightisgreateightisgreateightisgreateightisgreateightisgreateightisgre ateightisgreateightisgreateightisgreateightisgreateightisgreateightisgreateig htisgreateightisgreateightisgreateightisgreateightisgreateightisgreateightisg x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! ! Gaining Access to the Virgin Baptist Female System ! pr0phet ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- Gaining access to the Virgin Baptist Female System by pr0phet -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- -/- #include "baptistfucking.h" //hi Ho0ke! Tell mom Im on b4b0! void main() { peemp *pr0phet; pr0phet.sees(stuck_up_baptist_hoe); pr0phet.movesin(stealth) pr0phet.tempts(narcotics); babptisthoe.givesin = TRUE; pr0phet.shares(WEED | bo0ze); baptisthoe.setState(dazed | drunk | confused) pr0phet.setState(abo0sing | hump0ring | sc0ring) pr0phet.exit(baptist_hoes_dorm); pr0phet.wins = TRUE; } Overview. In this text we'll discuss the vulnerabilities in the Virgin Baptist Female System, (VBFM for short). After spending 2 years within a Baptist Compound (they call it college) with plenty of console access to VBFM's, I've gained the experience and learned the many exploits possible in the VBMF. Gaining Access. The easier of the tasks, gaining entry to the VBFM can be obtained within a week or less with the proper patience and tools. The typical VBFM has an invisible defense mechanism installed (A "Snob" Firewall" if you will) by their Mother/Father units. This defense isn't at all unsimiliar to the Death Star's force field, except rather than holding back the rebellion, it holds back common net trash like yourself. It used to be believed wanna_be_pimp.c would exploit this wall, but with the newer VBFM's you'll need charm.c, narcotics.c and alkyhol.c. charm.c can be run remotely (say from accross the lunchroom) but you'll need a trusted connection before you can use the latter 2. 99% of the time, because of the naivety of the VBFM, one of these 3, or a combination will get you console to the VBFM. (if not j0o need skillz lewser) Interior Sekurity. Once you've taken down the "Snob" Firewall" and obtained console, you will need to get your way into /usr/panties. Generally narcotics.c and alkyhol.c have worn the system down enough to gain access to this dir, but with some of the heavily guarded system's peempTekneeks.c will be needed do the trick. Now that you've gotten into /usr/panties, the system is yours to abuse. Remember, be generous and let your friends use the backdoor in the system. Dont forget to clean up. export HIST_FILE > /dev/null (hide JIZZ_REMAINS on /virgins/chin). No you fucking moron, I'm not serious, it's 2 am, I'm drinking and doing tabs, the only thing dumber than me writing this is you spending the time reading it. - pr0phet x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x () || || || __________|| |___________|\ Need a pimp? Don't hesitate to call. |1800SEXB4B0| | |___________| | | 1 2 3 | | We assure 99% success for young budding | 4 5 6 | | whores. | 7 8 9 | | | * 0 # | | | | | Discreet training available. | B4B0 TELE | | |___________|_/ / / / . . . / / . . . / Discount rates for qualifying individuals. / . . . / /___________/ Slide 6 x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@# ! To Foil Spoofing ! schemerz ~!@#~!@#~!@#~!@#~!@# A few ideas to implement means to disway spoofing of most types. DISCLAIMER: Hi, I thought most of this up during cigarette breaks or that brief 30 minute come down from smoking grass. These ideas are my own as far as I know, but if I infringed on anyone else's intellectual property please let me know. I am more than happy to admit that I am not the first person to come up with ideas as such. The ideas shown here are all vaporware as of right now. Jorge and tip have been reaming me up the ass for articles, so I wrote one. Don't have time to code, ain't all that great a coder anywayz (will remedy). But hey, if anyone wants to code them, lemme know and I'll see how I can help. Of course I won't mind my name on your warez, but hey, I'm doing this for karma's sake anyway. Spoofing is the broad term given to the act of disguising one self on a network. Most types of spoofing are well known, ip-spoofing or blind spoofing, reverse and forward dns spoofing, and of course MAC address spoofing are among the most common. This paper is not about how to implement these means of forging oneself to aid in acts of system penetration. Rather, it is a discussion pertaining to diswaying the acts of spoofing, so as a system administrator one would be allowed to sleep soundly at night. A brief description on the problem(s) at hand. Ip-spoofing stems from the problem that a person given sufficient priviledges on any box can create a raw packet, and fill in the specific headers of at his/her discretion. The packet will be forwarded from hop to hop towards its final destination and do whatever the author of the packet wants it to do, limited only by the services used on the target box. What can one do with ip-spoofing: One of the most common usages of ip-spoofing is Denial of Serivce attacks. Although trivial to construct raw ip packets, there remains little one can do if one is surmounted with this attack. A report to cert and one's service provider (more than likely they will be the ones calling you), then getting the juristication to read router logs hop by hop to decipher where the packet is coming from, is simply unacceptably inefficient and time consuming. (yeah yeah write a fucking perl script right? When this attack spans several ASs, you write the fucking perl script and decipher all these logs bitch). Aside from DoS attempts, ip-spoofing can be used for a number of other attacks. Reverse DNS spoofing mandates that one forges a packet that is entered into the victim's dns server's cache. This allows then for attacks such as rsh/rcp and etc compromises. (Some sysadmins still use .rhost. Why? I dunno. Maybe they believe in their firewalls, which does not defrag packets before analyzing packets and forwarding them. Who knows >:) ). Another example is tcp hijacking. There are many papers into this topic, so I will not divulge another 20 odd pages explaining how it works. The idea, however, remains constant. Most IP routing schemes have no authentication mechanism implemented widely that checks the authenticity of a packet before forwarding it. IP is not sessioned, hence it cannot check the true source of the packet either. Relying on higher layers of the protocol however can remedy this to a certain degree. How does one then stop an ip spoofing attack from ever materializing? Curing the problem from the source (where it should be anywayz): Before a box forwards a packet, ie in the state of a gateway, there should be some mechanism that allows a check for the integrity of the packet itself. If one is running a gateway on a lan, a simple check on a packet filter will suffice. It is neither of great cost nor consequence to implement. If the gateway is a linux/*bsd box, a simple ipchains/ipfw rule appended to the forward section will suffice. If the gateway is not a box that allows this configuration, an additional box placed in between the gateway and its next router will also suffice. The only ramification to that is the increase on hop count, which if one has to use rip. RIP has a limit of 15 hops, and will run into problems if one's lan is over 15 hops from any point A to point B. (if it gets that big, you shouldn't be running rip anyway) This means stops just about any form of ip spoofing, if the gateway is secure. Curing the problem from the victim's end. If the problem is stemming from one's own AS, using the TTL field in the ip packet is a reliable means to check for the validity of the packet. If one has GOT to use rsh and etc services, a daemon that incorporates the functions of tcpd should also check the number of hops a packet has travelled. (If you are about to rag on me about dynamic ip routing, stfu. I'll get to that in a minute.) Simply put, if one controls an AS, one is entitled to the entire network layout of that AS. One should realise that there is a FINITE amount of permutations of which a packet can go through before reaching its destinations. In other words, one can map the TTL value with a different number of allowed values. The chances of the attacker getting past that is slim, unless he knows the allowed hop count already. As a protection mechanism that only protects a certain PORT on ONE box, there is no reason one should ever allow other people to see these boxes in the first place. Packet filtering should be used for that, as this is a means to foil the spoofer only after the packet filter has failed to do it's bidding. (ie, if someone scans you, rsh etc ports should not show up on their logs. If they don't know it's there, generally they aren't gonna bother with this means of attack). Foiling this means of protection, however, is generally quite simple. A traceroute with loose source routing turned on with the soon-to-be spoofed address will tell the attacker the number of hops from spoofed address to victim. Hence, this is not a sure fire way of foiling a spoofer, since it can be foiled quite easily. Using this means to foil reverse dns spoofing however, is even harder. With the volatile nature of the internet, routers go down on a per minute basis. Hence, inter-AS and intra-AS hop count changes dramatically, and as a system administrator on a little class C there is very little information for him/her to authenticate reverse dns replies. Using a static value for the above measure simply will not fly. Using a dynamic authentication however, will. By pinging the supposed dns server when it replies to a reverse request from the victim's dns server, one will get a sufficiently new value to authenticate. If the real dns server does not reply to pings, simply refuse to add the entries to the dns cache. It is sufficient to presume that the spoofed dns server is under a denial of service attack. Foiling MAC address spoofing. MAC addy spoofing is harder than ip spoofing, since it needs a network card driver that allows one to change the mac address of the network card. Linux polls the MAC address from the ethernet card when initalized. Once it is polled it is stored in a kernel buffer, which does not normally allow changing unless one rolls his own lkm for the network card. It is however possible to write to the eeprom of the network card and change the MAC address there. The sequence of events should follow suit as such: a) root box. b) write to crontab to do the following. 1) ifconfig eth1 down 2) rmmod ethernetmodule 3) write to the ethernet card eeprom address using raw memory polling from the bus. You're root, so you can pull this off. Change kernel source if needed, but you can do it. Whatever you can make a dos box do, you can do it with linux by weakening the kernel source and compiling a new one. Just add the lilo and reboot sequence somewhere in your crontab. 4) insmod ethernetmodule 5) ifconfig eth1 newipofspoofedbox If the perpetrator is planning to attack a router, on the same subnet as the controlling terminal (why sysadmins do not have a permanent connection to the serial port of the router remains a mystery, but the fact is, relying on packet integrity is foolish) will get him/her around the MAC address authentication procedures. Once that step is done, one can essentially update/change/flush router tables, such as bgp. If this is on the same subnet, using any part of the packet to authenticate is impossible. One cannot ask the "real" box if it sent this packet either, because tcp/ip has features that will not allow a connection to initiate if there is not a socket bound to a port on the destination machine. Since the spoofed box has the same mac address as the real box, one will never be able to establish any form of connection, much less poll information. (This is of course if everything on that subnet is running on the same piece of wire.) Now how would one get around that? No one said anything about not talking in non-tcp/ip protocols to query the real box :) Ipx/appletalk both run on ethernet, and can be used to query sniffer logs on the real box and see if it sent that packet. Since the other boxes do not support these network protocols, it will simply not respond. Once the box that had it's mac address spoofed realises that it's subnet has been attacked, it can then shut down the compromised box. The steps follow: 1) write to the firewall rules to deny all tcp packets to ssh/rsh/rlogin 2) turn on a sniffer to catch sequence numbers 3) send mail to admin, shut down compromised box using ssh/rsh/rlogin. 4) resume full service 5) turn off all remote administration capabilites for the evening on all boxes on it's subnet for the evening. The admin of course will have great fun peering over the logs of the attacked box, realizing the point of attack because the attacker has had no warning of a shutdown. Hence all his activity is readily intact for next morning. In conclusion, TCP/IPv4 has no means of authentication at the 3/4 layer. Most of this has to be done on the application layer where it is much more difficult, and a heck of a lot slower. However, there are ways around this problem. All suggestions welcomed. schemerz@usa.net x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x "My intentions were always one of the innocence of life; from my times as a boy scout. But all that has been lost. Now I have found B4B0." - David Lynch x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@# ! 5ESS-2000 Compact Exchange Units ! hybrid ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@# o Introduction o Types of compact exchanges o CDX exchange o VCDX exchange o Conclusion Introduction ------------ This is a very compact file, designed to be an intorduction, or primer to 5ESS local compact digital exchange units. I am wrtting this off the top of my head, so don't expect it to be very complex in technical nature. For starters I'll explain a little about the new 5ESS switches and there functions. We've all heard of the millenium bug, and it's supposid ability to take out massive networks etc. Well Lucent technologys, Bellcore (now telecord communications or somthing), aswell as lata exchange carrier providers such as MCI, AT&T, Sprint, and all the RBOC's such as SWBell, etc, all got a bit paranoid and decided to enhance to current 5ESS switching configurations to a new architecture they feel would be compatable with the millenium software and network problems. The new 5ESS-2OOO switches are all basically the same as conventional 5ESS switches, except the software parts, such as the administration control software platforms, and global title translation software etc, have been upgraded to be Y2K compatable. As well as this, the new 5ESS switches have been modified (based upon conventional 5ESS) to be easily upgraded in the future with new modules for future telecommunications developments. In other words, the new digital switches are very very very souped-up versions of 5ESS, infact, I would concider them to be one of the most versatile switches around. Now the deal with these new digital switching systems is that they can handle more and more lines, more network traffic, aswell as a very upgraded ability for general system capacity. They have also been upgraded with new security features to stop people like me from gaining access to the local administration part which is accessable via x25, the PSTN, and the net (on a 'secret' IP range).. I'm not going to go into that at the moment, thats another file.. Anyways, as I was saying, the new 5ESS-2OOO digital exchanges are like souped up 5ESS switches. Before there where people bitching about how they can get 'traced' messing around on the phone network because 5ESS logs shit. Well, I got news for you, 99.9% of all worldwide switching mechanisms, electro-mechanical, or digital derived, ALL log stuff, and always have done. It's just with these new 5ESS-2OOO digital exchanges, its more obvious if you are messing around. Lets say for example you where scanning over 400 numbers a night via your land line.. Normaly a 5ESS, DMS, TXE etc would just log your line usuage, calling patterns etc into a subscriber log in one of the switches sub-system parts. You would only usually get discovered if one of the field technitions, glanced at the data for you line usuage. Thats ok, because we all no that exchange field operators are lame and lazy, but what about this new 5ESS- 2OOO line loging equipment? - welp, I have bad news for you. If you scan in continuous, or repetitive cycles over your subscriber loop, the chances are, you're gonna get your haxoring ass taken to court by your RBOC, or whatever provider you are with. The reason for this is that 5ESS-2OOO digital switches continously monitor the activity, and network usuage of over 100,000 lines similtaniously. Instead of loging line status etc into a dormant log file in a sub-system, if one of the local switches notices that somthings up, a field adminstrator is notified imediatly, probably by the means of a status bar on an uplinked terminal. The new switches have been modified to be very stringent on system capacity and usuage patterns, and will notify any field office engineer of the slightest problem. The new 5ESS- 2OOO switches are basically like UK monologs, in other words, they record everything about your line, all digits dialed, even after terminating destination point, they even log the time intervals between each tone you dial/emit. Basically they are the big-bro of the phone system so start getting paranoid. (I know for a fact, that it is possible to log onto one of the local exchange units and turn line logging OFF, and even make your line appear to be non-existant). Anhow, I think I've probably made a few people a little paranoid now, on with the rest of the file. Types of local compact digital exchanges ---------------------------------------- Werd, well now its time for the focus of the file. I'm not writting a mad big file on the entire 5ESS-2OOO network because it would take _ages_, so I'm going to focus on local compact excahnges designed for the rurual community such as college campuses and areas with not many subscribers, like suberban areas of towns. There are 2 main types of compact 5ESS-2OOO local switch, the CDX (Compact Digital eXchange), and the VCDX (Very Compact Digital eXchange). Both these new units are designed to be very echonimacal for the money raking telcos. The idea is that these switches are being placed in new suberban housing developments, and are being integrated into the PSTN as we speak. The CDX digital exchange for example is designed to be very snall, handeling small local phone networks, it can however be upgraed with the implementation of modules, kind of like plug'n'play, until the switch becomes a fully fledged 5ESS-2OOO unit if required in the future. Lets take a look at these local networks in more detail. The CDX digital exchange ------------------------ The CDX (Compact Digital eXchange) is a small sized siwtch configuration, which is capable of providing the same services to subscribers the same as a conventional 5ESS switch would. Unlike the older rural exchange units, these new switches are capable of handeling more advanced telecommunications services like wideband data transmission, and video data etc. The switch is housed in a cabinet that is 6 foot high, 29.9 inches wide, and 23.6 inches deep. The switch is desinged to be a stand alone unit and as I said before, very capable of handeling current/future telecommunications developments and serverices such as POTS lines (Plain Old Telephone Service), equal access services, ISDN (Integrated Services Digital Network), CENTREX services such as call waiting, hold, etc etc. The system is also designed to be fully compatable with the Signaling System 7 telephony protocol which has been implemented over the majourity of the international PSTN. The switch can handle from 100 subscriber loops, upto 15,000 local access lines or 15,000 remote access lines. CDX operates on the same software as the conventional 5ESS-2OOO switch, and also has the same call routing architecture (physical). ______________________ Admin Console AM: Adminstration Module | | ______ CM2: Communications Module | | | | CM2C: " Compact | 3B21D |-------| | MSDT: SLC-2OOO Multi - | | |______| Services Remote |______________________| Module | | | _________________ | | | _______|_______ | SM or |--| | | | SM-2OOO |--| | CM2C |-----------| |--| (upto 6 RSM |_______________| | |--| outputs) | | |--| / |_________________| / | / | _______|_______ ______|______ _________ | | | | | | | ORM | | |--------| local | |_______________| |_____________| |_________| | | | | ORM: Remote Module RSM: Remote Switching Module SLC: Subscriber Loop Carrier SM: Switching Module The VCDX digital exchange ------------------------- VCDX stands for (VERY Compact Digital eXchange), and when I say compact, I mean compact. It is the smallest of all 5ESS-2OOO switch configurations but is still very capable of providing the same services as its bigger bro, the CDX switch. This switch is used by CATV, CAPS, small towns, and government facilitys. The switch is also capable of providing Central Office services such as the usual call waiting, and ISDN. The intersting thing about this switch is that it supports Carrier Identification Code (CIC) expansion and is compatable with changing NPA's in the Interchangable Numbering Plan Area, as required by reglatory bodys such as the FCC. The VCDX switch can support various configurations using a single 5ESS Switching Module (SM) to handle the call processing. The SM is controlled by a sophisticated UNIX software-based workstation which provides administrative and maintenance capabilities. A mimimum configuration of 2 cabinets that are 6 foot high x 29.9 inches wide x 23.6 inches deep in size is necessary and thus it fits in a small space. If left in standard mode, the VCDX can handle upto 1,500 lines. If the SM-2OOO unit is impemented as a module, the switch can handle as many as 14,000 lines. _____________ _______ | | | | | workstation |----------------| modem | |_____________| |_______| | | | __________|___________ _____________ | |--| | | | |--| | local dist |-------------| SM or SM-2OOO |--| |_____________| | |--| | | | | | |______________________|--| (to local distrobution plant. then to subscriber loops.) Conclusion ---------- Welp, thats it for this short file/article. Hope you enjoyed it. As you can see the 5ESS lcoal unit range is very complex, and is a massive improvement on previous local switching networks. Just be carefull about the subscriber loop monitoring modules. If you'd like more info on 5ESS-2OOO switching, I have put some decent information up on my website for your enjoyment and viewing pleasure. Goto http://www.dtmf.org/hybrid and check it out, you'll also be able to find the other 30+ files I've written in the past on there aswell, so go there now@! thats an order, heh. Anyways, thats it, peace. [http://darkcyde.system7.org] [http://dtmf.org/hybrid] [http://system7.org] [http://phunc.com] [http://ninex.com] [http://b4b0.org] shouts to [9x] [b4b0] [D4RKCYDE] [subz] [gr1p] [t1p] [ph1x] [downt1me] [euk] [lowtek] [digiphreq] [zomba] [force] [psyclone] [pbxphreak] [gb] [ch1ckie] [knight] [siezer] [oeb] [barby] [jasun] [pvbbs] [nino] what file would be complete without fuckyouz? [rich] [bosplaya] [skimmy] hybrid@dtmf.org #darkcyde efnet x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x "B4B0 made my penis grow by 60%!" - The suburban youth of America x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! ! Parallel Port Hardware Interfacing ! alec ~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~!@#~! by alec [alecIB@hotmail.com] This article is going to attempt to explain the methods necessary to control and to read from specific pins on a PC parallel port. It is assumed that the reader has knowledge of the linux operating system, the C programming language, and basic electronic concepts. The advantages to being able to control and read external devices via a relatively simple device such as the parallel port are numerous. Any circuit that needs a fairly complex control interface, without the overhead of custom hardware such as an FPGA (Field Programmable Gate Array), stands to benefit from such an arrangement. For instance, oscillation can easily be controlled by the output pin of a parallel port connected to the base lead of a switching transistor. To generate this in a stand-alone environment, without the help of a computer, a capacitor and resistor as well as a driving IC like the 555 timer would be needed. Other than hardware development, practical applications for the security-minded person are very numerous. A simple example would be the connection of an external sensor, such as a reed switch, to a computer. Software is also run to monitor the status of the reed switch. If it becomes triggered, (i.e. if a door is opened), than the program monitoring can take certain action, such as encryption of critical files, or even the erasure of sensitive data. A conventional SPST switch is also very plausible, mounted in a convenient place in case of emergency. The PC parallel port consists of 25 pins, only 16 of which are used in these examples. Bi-directional communication and unconventional modes are not covered (SPP, EPP, etc.), as many older motherboards/BIOS's do not support them. If one was to look at the end of the cable that hooked in to a printer, the pins would be arranged in the following format... 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 25 24 23 22 21 20 1: Input 7 (NOT Strobe) 10: Input 1 (Acknowledge) 2: Data 0 11: Input 0 (Not Busy) 3: Data 1 12: Input 2 (Paper End) 4: Data 2 13: Input 3 (Select) 5: Data 3 14: Input 6 (Auto Feed) 6: Data 4 15: Error 7: Data 5 16: Input 4 (NOT Init) 8: Data 6 17: Input 5 (Select Input) 9: Data 7 18-25: Unused Note: Most printer cables will not use a DB25 connector, so an adapter or DB25 cable is needed. Pins 'Data 0' through 'Data 7' are used for output to the external circuit. (They *can* be used for input, but this isn't recommended. :] ) The other pins, (Acknowledge, Select, etc.) are normally used for printer feedback, but we will be using them for sending input from the external circuit. There are some obstacles, however. First of all, the input pins are all normally high. This needs be fixed in software with inversion, but the problem also needs to be dealt with in hardware. For instance, even if the programmer inverts the inputs, he still needs to consider the fact that in reality the input pins are still all high. This means for the circuit to set a pin to high, as visible to the software in question, the pin needs to be grounded out. This is accomplished through the use of NPN switching transistors with their emitter connected to their respective input pin, and the collector connected to ground. The base of the transistor becomes the new point of input, and we no longer need to worry about the confusing inversion, as that no longer will be an issue to the design of the external circuit. For our example circuit, we will simply add a SPST switch to the base of one the input inversion transistors. If enough light shines on it, the resistance is lowered to a point where the transistor reaches breakdown voltage. When the occurs, current flows into the parallel port grounding out the specific pin, which appears to the software as the pin becoming 'high'. Input pin__ \ / NPN|-----/ --------- +5V / SPST Ground(-) - Note: Ground is not a specific pin on the DB25 connector...it is the metal surrounding the connector. If you are stripping the wire into a solderless breadboard, ground is the only wire uninsulated in the printer cable. Also, if you are connecting a 5 volt power supply for prototyping, remember to connect the power supply's ground (-) terminal to the parallel port ground. Obviously, the software is also easy to modify. A suggested application would be setting up an SPST switch to automatically encrypt anything sensitive on your hard drive, just in case you wake in the morning with some feds in your room. If one was really daring, one could try to read data off a Brinks alarm system master control panel. There are screw terminals that are high or low depending on the status of the various zones in the alarm system. The Brinks terminals are well labeled, and I myself have written some basic software to monitor the various zones in my home. However, it would be quite elite to perhaps construct such a monitor with a JDK or GTK X interface, with a window showing the various zones of the location being monitored. Incidentally, this software will probably be released in b4b0-9 if someone else doesn't write it first. The source code included is only intended to demonstrate the basics...complicated applications suggested are intended to be built on the framework laid out in this article. The included code uses the ioperm(), outb(), and inb() functions to read and set pins on the parallel port. The I/O is through the base address of the port, which is usually 0x378 or 0x278, depending on whether you use lpt1 or lpt2. Output pins are accessed through BASE, or simply 0x378. Input pins are accessed through BASE+1 and BASE+2, or 0x379 and 0x37a. It should be noted that BASE+1 denotes the first 5 pins of the parallel port input, and BASE+2 denotes the last 3 pins. The I/O through BASE is much simpler, because all 8 output pins are directly accessible. There is also no inversion to deal with through output, while software inversion is vital when dealing with input pins. I realize that this is a confusing topic, and questions are welcome to be addressed to alecIB@hotmail.com. I'll try to answer them in a more straightforward format if this article is too puzzling. Props to b4b0 for being so 'leet, smiler for 0wning me at coding, rc for 0wning me at just about everything, and anyone else who 0wns me. -alec /*cut-here----------------input.c----------------cut-here*/ /* parallel port input demonstration program * by alec [alecIB@hotmail.com] * * Shows the 8 bit status of the parallel port input pins. * gcc -O2 -o input input.c */ #include #include #include #define BASE 0x378 void print_binary(int b) { printf("\n"); if(b & 0x80) printf("1"); else printf("0"); if(b & 0x40) printf("1"); else printf("0"); if(b & 0x20) printf("1"); else printf("0"); if(b & 0x10) printf("1"); else printf("0"); if(b & 0x08) printf("1"); else printf("0"); if(b & 0x04) printf("1"); else printf("0"); if(b & 0x02) printf("1"); else printf("0"); if(b & 0x01) printf("1"); else printf("0"); } int main() { int input1 = 0; int input2 = 0; int result = 0; /* check permissions */ if( ioperm(BASE,3,1)) { printf("Error! (permissions)\n"); } /* set the output pins to 0 */ outb(0,BASE); while(1) { input1 = inb(BASE+1); /* pins 0 - 4 */ input2 = inb(BASE+2); /* pins 5 - 7 */ result = 0; /* needs to be 0 every loop */ /* now because of the retarded design of the parallel port, some pins will already be hardware inverted. They all need to be uniform, so we fix that here. We obtain the xor value (ie 0x78, 0x0c) by checking what input1 or input2's value is when nothing is attached to the parallel port. */ input1 ^= 0x78; input2 ^= 0x0c; /* now both input1 and input2 are correctly zero'ed. We still kept the value of any connected pins. Now we combine input1 and input2 into result by bitwise adding (ORing) them together. */ result |= input1; result |= input2; /* result now contains the proper 8 bit representation of the status of the pins at input0 - input7 */ print_binary(result); } } /*end-cutting----------------input.c----------------end-cutting*/ /*cut-here----------------output.c----------------cut-here*/ /* parallel port output demonstration program * by alec [alecIB@hotmail.com] * * Changes the output pins of the parallel port. * gcc -O2 -o output output.c */ #include #include #include #define BASE 0x378 unsigned char bits[] = { 0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80 }; void print_binary(int b) { printf("\n"); if(b & 0x80) printf("1"); else printf("0"); if(b & 0x40) printf("1"); else printf("0"); if(b & 0x20) printf("1"); else printf("0"); if(b & 0x10) printf("1"); else printf("0"); if(b & 0x08) printf("1"); else printf("0"); if(b & 0x04) printf("1"); else printf("0"); if(b & 0x02) printf("1"); else printf("0"); if(b & 0x01) printf("1"); else printf("0"); } int main(int argc, char **argv) { unsigned int pin; unsigned int value; unsigned int status = 0; if(argc!=3) { printf("\nUsage: ./output "); printf("\n\t: 0 - 7"); printf("\n\t: 0 or 1"); printf("\n"); exit(-1); } pin = atoi(argv[1]); value = atoi(argv[2]); printf("\nvalue: %d",value); /* permissions */ if( ioperm(BASE,3,1)) { printf("Error! (permissions)\n"); } /* read the current output status */ status = inb(BASE); /* set the output pins to what the user wants */ if(value==1) status |= bits[pin]; if(value==0) if(status & bits[pin]) /* if the selected pin is high... */ status ^= bits[pin]; /* set it to low. */ outb(status, BASE); /* send the output to the port */ return 0; } /*end-cutting----------------output.c----------------end-cutting*/ x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x i'm gonna invite some random female sluts here. gotta reckon w/the hoez. christy: No such nick/channel katie: No such nick/channel >>> Inviting Nikki to #channel >>> Inviting Nikki to #channel HEH! >>> Inviting LiSa to #channel >>> Inviting LiSa to #channel >>> Inviting Girly to #channel uiu mell0n [unknown@tmodem43.network-one.com] has joined #channel heh! HEH! whoa i didn't even invite that hoe mell0n will you fuck kzbpc? hEH. yes sir ahah kzbpc: HEH! u siq fuq. x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~!@#~!@#~!@ ! NT General Overview ! MiLk-MaN ~!@#~!@#~!@#~!@#~!@#~!@ Windows NT Architecture Overview Window NT was designed to be modular operating system. Each part independent of the other, by still working together to accomplish specific system task. Windows NT uses objects which is a combination of data and functions used to represent a service that can be shared by other processes. These objects can be of different types, and attributes. The NT environment is divided up into two sections User mode, and Kernel mode as shown in the appendix. User mode also called the nonprivileged mode is where the user applications and environmental subsystems are executed. To access system resources the user mode applications must make a call to the executive services. User mode also houses some important sub systems. Environmental Subsystems ------------------------ NT has a limited ability to run applications for other operating systems. such as OS/2, and POSIX. Win32 subsystem: --------------- Supports Windows NT/95/98 applications. Win 3.x subsystem: ----------------- Supports the 16 bit windows system applications. DOS subsystem: ------------- Supports DOS applications with the Virtual Dos Machine (VDM). POSIX subsystem: --------------- Supports POSIX.1 with limited functionality. OS/2 subsystems: --------------- Supports OS/2 but as with POSIX subsystem is limited. Security Subsystem ------------------ This system handles the logon process and in conjunction with security reference monitor (SRM), monitors, and verifies users on the system. KERNEL MODE ----------- Kernel Mode also called the privileged processor mode, has execution priority over user mode processes. The kernel mode is mad up of there parts know as Executive Services. NT Executive ------------ All services that are part of NT Executive provide an interface between the kernel and the environmental subsystems in user mode. Object Manager: -------------- The Object Manager provides retention, naming, security, tracking allocating, and removing of objects. Security Reference Monitor: ------------------------- The Security Reference Monitor as stated earlier in this article handles the logon process and security protected subsystem in users mode. Process Manager: _______________ The Process Manager creates, and deletes processes also tracks process and thread objects. Local Procedure Call Facility: ----------------------------- The Local Procedure Call Facility provides a relationship between applications and environmental subsystems. Virtual Memory Manager: ---------------------- The Virtual Memory Manager maps virtual addresses to physical pages in memory and checks efficiency. I/O Manager: ----------- The I/O Manager handles the input and output of the system upon request and determines which driver should be used and sends a request to it. Kernel ------ The Kernel is the brains of operating system. The kernel is responsible for scheduling all systems activities or threads for optimal performance. Hardware Abstraction Layer: -------------------------- The Hardware Abstraction Layer (HAL) is used to mask the differences between the different types of hardware in the machine and make the hardware more transparent to the operating system. Appendix: -------------------------------------------------------------------- | USER MODE | | | | Logon Process (Environmental Subsystems) | | | OS/2-----Win32---POSIX | | Security Subsystem | | | | | | | | | Win 3.x | DOS | | | | | | | | | | | | | | | | | | | | | | | | | | ----------------|--------------------------|----|----|---|---|------- ----------------|--------------------------|----|----|---|---|------- | KERNEL MODE | | | | | | | | ------------------------------------------------------------------ | | | I/O | | Object| |Security | | Local | |Virtual ||Process || | | Manager | |Manager| |Reference| | Procedure | |Memory ||Manager || | | | ------- |Monitor | | Call | |Manager | --------|| | | | --------- | Facility | -------- || | |_________|________________________________________________________|| | | ____________________|___________________________________ | | | | || | | | Kernel || | | -------------------------------------------------------- | | ____|_________________________|___________________________________ | | | || | | Hardware Abstraction Layer || | ------------------------------------------------------------------ | |_____________________________________________________________________| | Hardware Platform I hope you found this article some what informative and educational. If you have any comments about the article please send them to milkman@b4b0.org. Until next time, Moo. Shoutouts: B4b0, Darkcyde, tip, jorge, samj, chrak, hybrid, XrainX, Fuzz, ^PaNd0rA^, doc20, dap, JD`, eckis, socketd, falon, NOP, nawk, Jennifer Lopez(damn she's fine), and all the hotties wit bodies MiLk-MaN www.b4b0.org/~milkman milkman@b4b0.org bOw to my TEET-FU! x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x t00t!! ~~~~~~~~~ _ "1'v3 c0m3 t0 bR1nG d4 ju3r3z!" ____________| |____ | 0-d4y | | O | <----- 0-d4y3 k0d3z dr1v3r, kuR4cK | | |_|__|___@ _| __B4B0 __ | |# |__ |_ <---- th3 b4b0 0-d4y tRuq, |__/ \___/ \_|_|____/ \__| bR1nG1nG 0-d4y t0 th3 \__/ \__/ \__/ m4ss3s!!@#!@# Slide 7 x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x ~!@#~!@#~!@#~! ! Conclusion ! m1st4h cl34n ~!@#~!@#~!@#~! Article One: Ultimate B4B0 Ultimate B4B0 is defined as the solution, rather forerunner, to the pre-existing notion of each facet of everyday life. Whereas the mundane individual would cry out, "B4B0 is ultimate!"; the request is left unanswered, powerless and angst-felt. Words that people can live by run throughout the outlets of culture, seemingly lost in the drechery of the lost cause for liberation. The cries of teenage girls, "Help me B4B0, I need the power to overcome the lechery; to become at one with the B4B0 Asthetic!" remain unanswered. Opponents of B4B0 foolishly avoid the issue of ultimacy, rather trying to attack B4B0 with empty accusations. "Sexual improperty," and "scandalous dervishness" rage throughout their voices. B4B0 chooses to gesticulate the middle finger and pantomime masterbation, speaking harshly, "Irreverency runs supreme in the idiot lots of the likes as yours. Rather than packaging the essence of ordinary life, we live the asthetics that is defined as, 'Ultimate B4B0.' We shall not be discounted." To understand "Ultimate B4B0," one must delve into the sinful sounds only the the inner ear may hear. The liberation from normalcy starts with the proclamation of the destruction of overbearing drama that weighs heavily upon the soul, dangling like brass tassles on the swollen nipple. How far are you willing to go? Is the banality of life transcendant upon the viscerals of day to day duties? To better understand the intent and asthetic of "Ultimate B4B0," one must study the writings and philosophy of its membership. Ultimate B4B0 preaches the doctrine, "The substandard presence of the ordinary, the supine, the meager portions of what makes up anything substantial in the world today is nothing. Our method is simple; it is no more difficult than its epoch, yet empowering the essence of the syntax and ideological implications of splendor and asthetics." The asthetic of B4B0 lies within its brotherhood. Death to liberals.. In so-called "individuality," the youth of America are only following a trend. They are being led like CATTLES TO WATER. No bit of thought placed within their virtue. Yes, here you have it. The NEW YOUTH OF AMERICA: 1) Biologically speaking, less than 01% of the population SHOULD be homo- sexual, yet recent surveys show this rate has high as one in ten. The surpising high jump is in younger people. With the fashionably 'hip' gay 90's, a large portion of the youth of America are finding it to be 'cool' to declare homosexuality. Some guy is taking it up the ass right now willingly, yet he isn't even gay. Real smart youth. 2) The Manson youth of America wears make up and proclaims against the vir- tues bestowed upon them by their loving parents. Of course, the claim "I'm doing this because I want to express my individuality" is made. However, this is furthest from the truth; if it wasn't the media and/or his dim-witted trend-following friends, would he be following the trend as well? No. Real smart youth. 3) It's fashionably 'hip' to declare 'I'll only vote Democrat.' Of course the mindset is that 'Democrats are liberals,' and 'Republications are conservative.' The furthest thing from the truth. KNOW WHAT REPUBLICAN MEANS. KNOW WHAT DEMOCRAT MEANS. The STUPID youth of America doesn't realize that the current Administration promotes loss of freedoms, giving them to the hands of the Government. The STUPID youth of America doesn't realize the Democrats PROMOTE higher taxes. Both of these aforementioned issues go AGAINST what this country was founded on. And that's just the tip of the iceberg. Real smart youth. 4) With the fucking STUPID youth of America today, where does our future lie? Obviously morals and respect have been lost over the past 50 years, now to a new low. Where does the future lie? WAKE UP. A Resurrection of Virtues must be done. A Resurrection of the VALUES that our country was founded upon. With the current laws, taking away our freedoms, with the current government, taking away ONE THIRD OR MORE OF OUR INCOME, what is an individual left to do? America in the 1700's didn't have it THIS BAD. What was reason of the Boston Tea Party? A tax increase that is absolutely NOTHING compared to today's standards. The only solution is another revolt. The only solution is to destroy our current government and establish new ideals. New ideals that refer back to WHAT OUR GOVERNMENT WAS FOUNDED UPON IN THE FIRST PLACE. Thus, the gospel sound of the men of B4B0 bring you: The 13 Point Program to Destroy America. Coming in issue 09. x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x - x $&#bs. .d$#' `^$#. #$'` $#. #$ $# #$ .%$ I%. .s%s.#$P Db. I `%' `$#b. `,. * b 4 b 0 O `$s. `$#@s. .s%. $ .s$P`'&. % .s#$' `$#%' .s$P' `$b. `. .s#$' .$$P' .d$' `s. `$#s. .s#`. .s$P' .d$' /`~"^ `$#s' I$ `. $$$$: .d$$b. /' .$# \ $$$$ `$$$$@s.: ^s. I `$$$b. `'~ .S$'s: | `$$$$s. `$s. ` : `$$$$$s. .aP' `%. `. `$$$$$Ss.M7P ^I % .s$' s $s. $s .' %s. `.. .' .s$' B4B0: The coolest ezine in the world. You can pick up B4B0 ezine at these finer places: http://www.b4b0.org http://www.morehouse.org/hin/uberzines.htm http://www.genocide2600.com/~tattooman/b4b0 http://telehack.net/pub/zines/b4b0 http://archives.projectgamma.com/zines http://www.hackpalace.com/e-zines/general/b4b0 Apocalypse 2000 BBS (private) (28.8k bps) Be a part of the Resurrection of Vice! Submit articles to: submissionsb4b0.org Our boys will shine tonight. [!] =-= !b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0!b4b0! =-= [!]