The Tao of .Net and Powershell Malware Analysis Pontiroli & Martinez
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Building Openjfx
Building OpenJFX Building a UI toolkit for many different platforms is a complex and challenging endeavor. It requires platform specific tools such as C compilers as well as portable tools like Gradle and the JDK. Which tools must be installed differs from platform to platform. While the OpenJFX build system was designed to remove as many build hurdles as possible, it is necessary to build native code and have the requisite compilers and toolchains installed. On Mac and Linux this is fairly easy, but setting up Windows is more difficult. If you are looking for instructions to build FX for JDK 8uNNN, they have been archived here. Before you start Platform Prerequisites Windows Missing paths issue Mac Linux Ubuntu 18.04 Ubuntu 20.04 Oracle Enterprise Linux 7 and Fedora 21 CentOS 8 Common Prerequisites OpenJDK Git Gradle Ant Environment Variables Getting the Sources Using Gradle on The Command Line Build and Test Platform Builds NOTE: cross-build support is currently untested in the mainline jfx-dev/rt repo Customizing the Build Testing Running system tests with Robot Testing with JDK 9 or JDK 10 Integration with OpenJDK Understanding a JDK Modular world in our developer build Adding new packages in a modular world First Step - development Second Step - cleanup Before you start Do you really want to build OpenJFX? We would like you to, but the latest stable build is already available on the JavaFX website, and JavaFX 8 is bundled by default in Oracle JDK 8 (9 and 10 also included JavaFX, but were superseded by 11, which does not). -
Ironpython in Action
IronPytho IN ACTION Michael J. Foord Christian Muirhead FOREWORD BY JIM HUGUNIN MANNING IronPython in Action Download at Boykma.Com Licensed to Deborah Christiansen <[email protected]> Download at Boykma.Com Licensed to Deborah Christiansen <[email protected]> IronPython in Action MICHAEL J. FOORD CHRISTIAN MUIRHEAD MANNING Greenwich (74° w. long.) Download at Boykma.Com Licensed to Deborah Christiansen <[email protected]> For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. Sound View Court 3B fax: (609) 877-8256 Greenwich, CT 06830 email: [email protected] ©2009 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15% recycled and processed without the use of elemental chlorine. -
Opening Presentation
Mono Meeting. Miguel de Icaza [email protected] October 24, 2006 Mono, Novell and the Community. Mono would not exist without the community: • Individual contributors. • Companies using Mono. • Organizations using Mono. • Companies using parts of Mono. • Google Summer of Code. Introductions. 2 Goals of the Meeting. A chance to meet. • Most of the Novell/Mono team is here. • Many contributors are here. • Various breaks to talk. Talk to others! • Introduce yourself, ask questions. Talk to us! • Frank Rego, Mono's Product Manager is here. • Tell us what you need in Mono. • Tell us about how you use Mono. 3 Project Status Goals Originally: • Improve our development platform on Linux. As the community grew: • Expand to support Microsoft APIs. As Mono got more complete: • Provide a complete cross platform runtime. • Allow Windows developers to port to Linux. 5 Mono Stacks and Goals. MySMQySQLL//PPosstgtrgesrsess EvEovolluutitioonn# # ASP.NET Novell APIs: MMoozzillala Novell iFolder iFolder, LDAP, Identity ADO.NET ApAapchachee MMonoono DesktoGpTK#: GTK# OpNoevenlOl LfDfAiPce GCneomceil# Windows.Forms JavaJa vCa oCommpaatitbilbitiylity Google APIs Microsoft Compatibility Libraries Mono Libraries Mono Runtime (Implementation of ECMA #335) 6 Platforms, CIL, Code Generation. 7 API space Mono 1.0: July 2004 “T-Bone” Mono 1.2: November 2006 “Rump steak” Mono 1.2 bits. Reliability and C# 2.0, .NET 2.0 scalability: • Complete. • With VM support. • ZenWorks and iFolder • Some 2.0 API support. pushed Mono on the server. • IronPython works. • xsp 1.0: 8 request/second. • xsp 1.2: 250 Debugger: request/second. • x86 and x86-64 debugger. GUI • CLI-only, limited in scenarios (no xsp). -
SME: a High Productivity FPGA Tool for Software Programmers
1 SME: A High Productivity FPGA Tool for Software Programmers Carl-Johannes Johnsen∗, Alberte Thegler∗, Kenneth Skovhede∗, and Brian Vinter† {∗Niels Bohr Institute, University of Copenhagen, † Faculty of Technical Sciences, Aarhus University} Abstract—For several decades, the CPU has been the standard model to use in the majority of computing. While the CPU does excel in some areas, heterogeneous computing, such as reconfigurable hardware, is showing increasing potential in areas like parallelization, performance, and power usage. This is especially prominent in problems favoring deep pipelining or tight latency requirements. However, due to the nature of these problems, they can be hard to program, at least for software developers. Synchronous Message Exchange (SME) is a runtime environment that allows development, testing and verification of hardware designs for FPGA devices in C#, with access to modern debugging and code features. The goal is to create a framework for software developers to easily implement systems for FPGA devices without having to obtain heavy hardware programming knowledge. This article presents a short introduction to the SME model as well as new updates to SME. Lastly, a selection of student projects and examples will be presented in order to show how it is possible to create quite complex structures in SME, even by students with no hardware experience. Index Terms—Reconfigurable hardware, Modeling techniques, Simulation, Verification, Hardware description languages, Computers and Education ✦ 1 INTRODUCTION The use of CPUs for programming is an incredibly flexi- simpler than other methods [4] and initial results also show ble approach that allows the same hardware to be deployed that the SME model allows students familiar with sequential in many different scenarios, and also enables seamless up- programming to pick up the parallelism [5]. -
Tor and Circumvention: Lessons Learned
Tor and circumvention: Lessons learned Nick Mathewson The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) open source software, 2) network, 3) protocol Community of researchers, developers, users, and relay operators Funding from US DoD, Electronic Frontier Foundation, Voice of America, Google, NLnet, Human Rights Watch, NSF, US State Dept, SIDA, ... 2 The Tor Project, Inc. 501(c)(3) non-profit organization dedicated to the research and development of tools for online anonymity and privacy Not secretly evil. 3 Estimated ~250,000? daily Tor users 4 Anonymity in what sense? “Attacker can’t learn who is talking to whom.” Bob Alice Alice Anonymity network Bob Alice Bob 5 Threat model: what can the attacker do? Alice Anonymity network Bob watch Alice! watch (or be!) Bob! Control part of the network! 6 Anonymity isn't cryptography: Cryptography just protects contents. “Hi, Bob!” “Hi, Bob!” Alice <gibberish> attacker Bob 7 Anonymity isn't just wishful thinking... “You can't prove it was me!” “Promise you won't look!” “Promise you won't remember!” “Promise you won't tell!” “I didn't write my name on it!” “Isn't the Internet already anonymous?” 8 Anonymity serves different interests for different user groups. Anonymity “It's privacy!” Private citizens 9 Anonymity serves different interests for different user groups. Anonymity Businesses “It's network security!” “It's privacy!” Private citizens 10 Anonymity serves different interests for different user groups. “It's traffic-analysis resistance!” Governments Anonymity Businesses “It's network security!” “It's privacy!” Private citizens 11 Anonymity serves different interests for different user groups. -
ATTACKING RDP How to Eavesdrop on Poorly Secured RDP Connections
IT SECURITY KNOW-HOW Adrian Vollmer ATTACKING RDP How to Eavesdrop on Poorly Secured RDP Connections March 2017 © SySS GmbH, March 2017 Wohlboldstraße 8, 72072 Tübingen, Germany +49 (0)7071 - 40 78 56-0 [email protected] www.syss.de Vollmer | Attacking RDP 1 Introduction The Remote Desktop Protocol (RDP) is used by system administrators everyday to log onto remote Windows machines. Perhaps most commonly, it is used to perform administrative tasks on critical servers such as the domain controller with highly privileged accounts, whose credentials are transmitted via RDP. It is thus vital to use a secure RDP configuration. We at SySS regularly observe that due to misconfigurations, system administrators in an Active Directory environment are routinely presented with (and ignore) certificate warnings like this: Figure 1: An SSL certificate warning If warnings like these are a common occurrence in your environment, you will not be able to recognize a real man-in-the-middle (MitM) attack. This article was written to raise awareness of how important it is to take certificate warnings seriously and how to securely configure your Windows landscape. The intended audience is system administrators, penetration testers and security enthusiasts. While not necessary, it is recommended that you have a firm understanding of the following subjects: – Public key cryptography as well as symmetric cryptography (RSA and RC4) – SSL – x509 certificates – TCP 2 Vollmer | Attacking RDP – Python – Hexadecimal numbers and binary code We will demonstrate how a MitM can sniff your credentials if you aren’t careful. None of this is particularly new – it even has been done before, for example by Cain [2]. -
Wireless Mesh Networks 10 Steps to Speedup Your Mesh-Network by Factor 5
Overview CPU/Architecture Airtime Compression Cache QoS future wireless mesh networks 10 steps to speedup your mesh-network by factor 5 Bastian Bittorf http://www.bittorf-wireless.com berlin, c-base, 4. june 2011 B.Bittorf bittorf wireless )) mesh networking Overview CPU/Architecture Airtime Compression Cache QoS future 1 Agenda 2 CPU/Architecture efficient use of CPU rate-selection 3 Airtime avoid slow rates separate channels 4 Compression like modem: V.42bis iproute2/policy-routing compress data to inet-gateway slow DSL-lines? 5 Cache local HTTP-Proxy Gateway HTTP-Proxy B.Bittorf DNS-Cache bittorf wireless )) mesh networking synchronise everything compress to zero 6 QoS Layer8 7 future ideas ressources Overview CPU/Architecture Airtime Compression Cache QoS future 1 Agenda 2 CPU/Architecture efficient use of CPU rate-selection 3 Airtime avoid slow rates separate channels 4 Compression like modem: V.42bis iproute2/policy-routing compress data to inet-gateway slow DSL-lines? 5 Cache local HTTP-Proxy Gateway HTTP-Proxy B.Bittorf DNS-Cache bittorf wireless )) mesh networking synchronise everything compress to zero 6 QoS Layer8 7 future ideas ressources Overview CPU/Architecture Airtime Compression Cache QoS future 1 Agenda 2 CPU/Architecture efficient use of CPU rate-selection 3 Airtime avoid slow rates separate channels 4 Compression like modem: V.42bis iproute2/policy-routing compress data to inet-gateway slow DSL-lines? 5 Cache local HTTP-Proxy Gateway HTTP-Proxy B.Bittorf DNS-Cache bittorf wireless )) mesh networking synchronise everything -
ASP.NET 5, .NET 4.6, and Visual Studio 2015
ASP.NET 5, .NET 4.6, and Visual Studio 2015 Nate McMaster @natemcmaster Overview Application! ! Framework! Tooling Runtime! Overview Application! ! Framework! Tooling Runtime! What is .NET? • Introduced in 2002 • It provides – Core class libraries – Complier – Runtime (execution layer) – Support for CLI languages (C#, VB, plus more) Application! ! Framework! Tooling Runtime! Application! Entity Framework! ! Identity! SignalR! Tooling MVC / WebAPI! Roslyn! Runtime! Frameworks Roslyn What is Roslyn? • Code Analysis APIs • .NET Core What is Roslyn? • Code Analysis APIs • .NET Core • “Introduction to Roslyn” at 2:40pm today Entity Framework Entity Framework • Data access framework db.Animals.Where(i=>i.Name == “penguin”).Take(4) SELECT * FROM animals WHERE name=“penguin” LIMIT 4 Entity Framework 6 • MSSQL and MySQL • Primarily ASP.NET What’s New in EF 7 • Azure Table Storage, Redis • SQLite • Complete rewrite • New APIs (similar to v6) • CLI tools What’s new in v7 • Cloud optimized • Runs on .NET Core MVC MVC • The .NET web framework What’s new in v6 MVC 5 WebAPI Web Forms MVC 6 • Host agnostic • Built-in dependency injection • config.json What’s new in v6 • Cloud optimized • Runs on .NET Core Identity Identity • User authentication framework • OAuth providers and two- factor auth What’s new in v6 • Cloud optimized • Runs on .NET Core SignalR SignalR • Real-time web functionality • Server and client components Not yet • Not cloud optimized • Does not run on .NET Core What is .NET Core? What is “cloud optimized”? Application! ! Framework! Tooling -
Freelab: a Free Experimentation Platform
FreeLab: A Free Experimentation Platform Matteo Varvello|; Diego Perino? |AT&T Labs – Research, ?Telefónica Research ABSTRACT In this work, we set out to build a free experimentation As researchers, we are aware of how hard it is to obtain access platform which can also be reliable and up-to-date. In classic to vantage points in the Internet. Experimentation platforms experimentation platforms applications run directly at vantage are useful tools, but they are also: 1) paid, either via a mem- points; we revert this rationale by proposing to use vantage bership fee or by resource sharing, 2) unreliable, nodes come points as traffic relays while running the application at theex- and go, 3) outdated, often still run on their original hardware perimenter’s machine(s). By leveraging free Internet relays as and OS. While one could build yet-another platform with vantage points, we can make such experimentation platform up-to-date and reliable hardware and software, it is hard to free. The drawback of this approach is the introduction of imagine one which is free. This is the goal of this paper: we extra errors (path inflation, header manipulation, bandwidth set out to build FreeLab, a free experimentation platform shrinkage) which need to be carefully corrected. which also aims to be reliable and up-to-date. The key idea This paper presents FreeLab, a free experimentation plat- behind FreeLab is that experiments run directly at its user form built atop of thousand of free HTTP(S) and SOCKS(5) machines, while traffic is relayed by free vantage points inthe Internet proxies [38]—to enable experiments based on TCP, Internet (web and SOCKS proxies, and DNS resolvers). -
C++/CLI Tutorial
CC++++//CCLLII TTuuttoorriiaall Author: Adam Sawicki, [email protected], www.asawicki.info Version 1.0, December 2011 Table of Contents Table of Contents .............................................................................................................................................................. 1 Introduction ...................................................................................................................................................................... 2 What is C++/CLI? ............................................................................................................................................................... 2 Why Use C++/CLI? ......................................................................................................................................................... 2 What C++/CLI is Not? .................................................................................................................................................... 2 Hello World Example ........................................................................................................................................................ 3 Project Properties ............................................................................................................................................................. 3 Namespaces ..................................................................................................................................................................... -
The Future Computer the Future Computer
Anyone MICROSOFT TECHNOLOGY who knows DEPLOYMENT ISSUE 6 OCTOBER 2003 this much TECHNOLOGY about our software .NET: CHANGING THE FACE OF DEVELOPING is probably SQL SERVER: WAITING FOR YUKON TERMINAL SERVICES: certifiable. AT YOUR FINGERTIPS The Affinity Homes Group chose Phoenix Software, a Microsoft Certified Partner, to migrate 250 users and their 20 servers to It takes a special company to be a Microsoft Gold Certified Open here Windows 2000, Microsoft Exchange 5.5 and Partner, one that’s demonstrated an exceptional level of You naturally want your IT service provider to have proven Microsoft Exchange 2000 Server. Richard Swift, specialist expertise in a particular Microsoft solution. And expertise across the full range of Microsoft products for the ultimate Head of Information Systems at Affinity you will reap the rewards for all their hard work, as you get commented: “We had been working with and solutions. Every Microsoft Certified Partner has met the assurance of the highest possible levels of service. Microsoft resource guide Phoenix for a number of years and they are a rigorous technical criteria set by Microsoft, so you can be THETHE FUTUREFUTURE Whatever challenges you’re facing, a Microsoft Gold Certified Microsoft Certified Partner, that gave us the confident that they can give you the high level of service Partner is perfectly qualified to make your IT systems for IT Professionals and added comfort of knowing that they had the you expect, together with trustworthy, independent advice. Developers right level of expertise that we were looking for”. workFor moreharder details, for you. visit Visit www.microsoft.com/uk/certified www.microsoft.com/uk/certified COMPUTERCOMPUTER PUSHINGPUSHING THETHE BOUNDARIESBOUNDARIES ATAT < ©Microsoft©Microsoft Corporation. -
Download Deploying Windows 7, Essential Guidance
FROM THE Windows® 7 Resource Kit Mitch Tulloch, Tony Northrup, Jerry Honeycutt, Ed Wilson, and the Windows 7 Team at Microsoft I Chapter 3 Deployment Platform .............................................. 85 I Chapter 4 Planning Deployment ............................................ 113 I Chapter 5 Testing Application Compatability ........................... 139 I Chapter 6 Developing Disk Images ......................................... 179 I Chapter 7 Migrating User State Data ...................................... 223 I Chapter 8 Deploying Applications .......................................... 247 I Chapter 9 Preparing Windows PE ........................................... 273 I Chapter 10 Confi guring Windows Deployment Services .............. 293 I Chapter 11 Using Volume Activation ........................................ 335 I Chapter 12 Deploying with Microsoft Deployment Toolkit ........... 355 DEPLOYING WINDOWS 7 83 Chapter 3 Deployment Platform n Tools Introduction 85 n Windows 7 Deployment Terminology 87 n Platform Components 89 n Deployment Scenarios 99 n Understanding Setup 101 n Basic Deployment Process 105 n Microsoft Deployment Toolkit Process 107 n Summary 110 n Additional Resources 111 uilding on technology that the Windows Vista operating system introduced, Windows 7 Bdeployment technology has evolved significantly since Windows XP Professional . For example, it supports file-based disk imaging to make high-volume deployments quicker, more efficient, and more cost effective . The Windows 7 operating system also provides