WTF *Nix

Just another *nix Blog

Athlon 64 Processors

Feb-4-2010 By WTF *Nix

For a long time Intel has been leading the market in processor sales and popularity but AMD is finally putting a stop to that. With the release of their Athlon 64 processor, with 64 bit computing capabilities, they have been slowly but surely regaining the market back from Intel.

The Athlon 64 processors have been around for a while now and they have proven themselves the market leaders in processing power. As we know AMD processor run at a lot slower speeds than Intel processors making them cooler to run. This has eliminated the need for expensive cooling equipment and opened the doorway for overclocking.

Although AMD hit the target by releasing their 64 bit processor long before Intel did, they are not standing still. They have been constantly upgrading their line up to increase speed and efficiency. This is apparent with their fx series processors and their dual core processors.

The fx series processor are the king of the hill at AMD. They are the most powerful processor that is available. They show blistering speeds for CPU intensive functions such video encoding and gaming. They also show great performance in database driven work and most other aspects of computing.

The dual-core line of processor are the ultimate in multi-tasking. They provide the power of two processor running in unison while still being able to fit in a single processor motherboard. Although these processors are essentially two processors in one, they are rather pricy and may not be everyones cup of tea.

Intel is trying to fight back by forming an alliance with Apple. All macs are now available with Intel processors. Whether this will be profitable for Intel only time will tell.

With competition growing stronger from AMD this can only mean increased benefits for the consumer. As the war between Intel and AMD intensifies, the consumer will benefit from lowered prices, and increased quality in their processors.

So WTF do you have for a processor? I want to hear everyone else’s input!

Share and Enjoy:
  • Google Bookmarks
  • MySpace
  • Facebook
  • StumbleUpon
  • Print
  • email
  • Digg
Posted in: Hardware
ADD COMMENTS

Calculating Offsets

Dec-30-2009 By WTF *Nix

OK, back from a tiny little break… :)

This quickie tutorial is more of a tip than a tutorial. It just explains how to calculate offsets for jumps and calls within the program you are patching. (I didn’t say cracking)

Types of Jumps/Calls

Here I will just describe the different types of jumps and calls which you will come across:

Short Jumps

Short jumps be they conditional or unconditional jumps are 2 bytes long (or 1 nibble if your Californian ;-) . These are relative jumps taken from the first byte after the two bytes of the jump. Using short jumps you can jump a maximum of 127 bytes forward and 128 bytes backwards.

Long Jumps

Long jumps if they are relative are 6 bytes long for conditional jumps and are 5 bytes long for unconditional jumps. For conditional jumps 2 bytes are used to identify that it is a long jump and what type of jump (je, jg, jns etc) it is. The other 4 bytes are used to show how far away the target location is relative to the first byte after the jump. In an unconditional jump only 1 byte is used to identify it as a long unconditional jump and the other 4 are used to show it’s target’s relative position, as with the conditional jumps.

Calls

There are two different types of calls which we will use. The normal type of call works the same as the long jumps in that it is relative to it’s current position. The other type gives a reference to a memory location, register or stack position which holds the memory location it will call. The position held by the later is direct e.g. the memory location referenced may contain 401036h which would be the exact position that you would call, not relative to the position of the call. The size of these types of calls depends on any calculations involved in the call i.e. you could do: ‘call dword ptr [eax * edx + 2]‘. Long jumps can also be made using this method, but I didn’t say that earlier as to avoid repetition.

Tables

Here is a brief list of all the different types of jumps/calls and their appropriate op-codes. Where different jumps have the same Op-Codes I have grouped them:

(I’m making this as pretty as possible for you below, because wordpress tables suck in this theme)

Jump Description Short Op-Code Long Op-Code

call procedure call E8xxxxxxxx N/A

jmp u nconditional jump EBxx E9xxxxxxxx

ja/jnbe jump if above 77xx 0F87xxxxxxxx

jae/jnb/jnc jump if above or equal 73xx 0F83xxxxxxxx

jb/jc/jnae jump if below 72xx 0F82xxxxxxxx

jbe/jna jump if below or equal 76xx 0F86xxxxxxxx

jcxz/jecxz jump if cx/ecx equals zero E3xx N/A

je/jz jump if equal/zero 74xx 0F84xxxxxxxx

jne/jnz jump if not equal/zero 75xx 0F85xxxxxxxx

jg/jnle jump if greater 7Fxx 0F8Fxxxxxxxx

jge/jnl jump if greater or equal 7Dxx 0F8Dxxxxxxxx

jl/jnge jump if less 7Cxx 0F8Cxxxxxxxx

jle/jng jump if less or equal 7Exx 0F8Exxxxxxxx

jno jump if not overflow 71xx 0F81xxxxxxxx

jnp/jpo jump if no parity/parity odd 7Bxx 0F8Bxxxxxxxx

jns jump if not signed 79xx 0F89xxxxxxxx

jo jump if overflow 70xx 0F80xxxxxxxx

jp/jpe jump if parity/parity even 7Axx 0F8Axxxxxxxx

js jump if sign 78xx 0F88xxxxxxxx

Calculating Offsets (finding in the xx’s in table)

You will need to be able to calculate offsets when you add jumps and make calls within and to the code you have added. If you choose to do this by hand instead of using a tool then here are the basics:

For jumps and calls further on in memory from your current position you take the address where you want to jump/call and subtract from it the memory location of the next instruction after your call/jump i.e.:

(target mem address) – (mem location of next instruction after call/jump)

Example

If we wanted to jump to 4020d0 and the next instruction *after* the jump is at location 401093 then we would use the following calculation:

4020d0 – 401093 = 103d

We then write the jump instruction in hex as e93d100000 where e9 is the hex op-code for a long relative jump and 3d100000 is the result of our calculation expanded to dword size and reversed.

For jumps and calls to locations *before* the current location in memory you take the address you want to call/jump to and subtract it from the memory location of the next instruction after your call/jump, then subtract 1 and finally perform a logical NOT on the result i.e.

NOT(mem address of next instruction – target mem address – 1)

Example

If we wanted to call location 401184 and the address of the next instruction after the call is 402190 then we do the following calculation:

NOT(402190 – 401184 – 1 ) = ffffeff4

We can then write our call instruction in hex as e8f4efffff where e8 is the hex op-code for relative call and f4efffff is the result of the calculation in reverse order.

If you want to practice with different examples then the best way to do this is to use a disassembler like WDASM/OlyDbg which shows you the op-codes and try and work out the results yourself. Also as an end note you don’t have to perform these calculations if you have enough room to make your jump or call instruction into an absolute jump call by doing the following as represented in assembler:

mov eax, 4020d0

call eax (or jmp eax)

Final Note

WTF Get’r Done, and make life easier and use a program to do this hence OlyDbg ;-)

Share and Enjoy:
  • Google Bookmarks
  • MySpace
  • Facebook
  • StumbleUpon
  • Print
  • email
  • Digg
Posted in: Microsoft, Not Linux Related, Programming Language
ADD COMMENTS

TinyURL… How about BigURL!

Dec-30-2009 By WTF *Nix

As women say bigger the better and more filling… Well some of us don’t have that problem, however in this aspect this guy that’s using my Base62 algo and put it to GOOD use…

Sort of like Viagra on Steriods…

Check it out for yourself: http://ohidunnoitsoneofthosereallylongandhardtofriggintypedomainnames.com/

This has to be the bomb, I’m going to start using this site for the fact of “Bigger is better”

So I had to go test it out for http://www.wtfnix.com/ and this is what I get:

http://www.ohidunnoitsoneofthosereallylongandhardtofriggintypedomainnames.com/something/whatever/dot/whothehellknows/1d/youwillnotbelievethis

Gotta love it huh? So… WTF Get’r Done! Go get yourself an extension done properly on your domain name ;-)

Share and Enjoy:
  • Google Bookmarks
  • MySpace
  • Facebook
  • StumbleUpon
  • Print
  • email
  • Digg
Posted in: PHP, Programming Language, Web Servers, service
1 COMMENT

Your IT Career :: Time to Go Beyond!

Dec-18-2009 By WTF *Nix

I’ve seen it happen time and again to programmers, network engineers and administrators, and other IT personnel. They get a solid IT position, a good-paying job, and they get comfortable. They stop keeping up with the latest technologies, they stop studying, they no longer keep their CCNA, MCSE, and other industry certifications up-to-date…. and then one day, their comfortable job is gone.

Maybe they get laid off, maybe the company moves and they don’t want to move with it… but for one reason or another, they’re in the worst position possible. They have no job, and they have allowed their IT skills to deteriorate to the point where they are no longer employable.

If you’re in IT, you must be constantly learning. You must continually take the long view, and ask yourself three important questions. First, where do you want to be in three years? Second, what are you doing now in order to reach this goal? And finally, if you were laid off today, are your current skills sharp enough to quickly get another job?

That third question can be the hardest of all to answer honestly. I’m reminded of Microsoft announcing years ago that they would no longer be recognizing the MSCE 4.0 certification, since the network operating systems that certification was based upon would no longer be supported by MS. (Keep in mind that this change was announced months in advance, giving those holding the MCSE 4.0 plenty of time to earn the latest MS certification.)

Some MCSE 4.0s just went nuts. Microsoft’s certification magazine printed letter after letter from angry MCSEs saying that their company would always run NT 4.0, and that there was no reason for them to ever upgrade their certification.

This wasn’t just denial. This was career suicide. Let’s say that their network never moved from NT 4.0. Let’s also say that they got laid off yesterday. Would you want to go out into the current IT workplace and have your most recent network operating system experience be on NT 4.0 ? I sure wouldn’t.

The fact is that you’ve got to continue studying, continue growing, and continue learning new things if you want to have a successful long-term IT career. If you plan on studying only one topic, getting into IT, and then never cracking a book again, you’re entering the wrong field. And for those of us who have been in it for a while – again, ask yourself this question, “Am I prepared for what would happen if I were laid off today?” And if you’re not, do something about it!

WTF Get’r Done Already… I’m not upping no Certification, only makes me look more geekish… I sport the Vin Diesel look alike, so I don’t need the paper because I only have 14+ years experience in what I do best in for work. :)

Share and Enjoy:
  • Google Bookmarks
  • MySpace
  • Facebook
  • StumbleUpon
  • Print
  • email
  • Digg
Posted in: General Linux Blogging, General Networking, Networking, Not Linux Related, security, service
4 COMMENTS

Mafia Wars Moscow: Vory or Mafiya is the Question?

Dec-18-2009 By WTF *Nix

Well I had a heck of a time figuring out which ones I wanted to lock down but after a bit of research which one Vory / Mafiya  has what, here’s the choice I made to make myself a mental note, since below is a breakdown on which side to choose when you are on Level 3 of each Episode, this is totally up to you, because I’m listing all of the stats of each item :) :

Episode 1 – Baklany

Collection: Tattoos

Mastery Item: Burzuk SUV (Vehicle) (36 Attack, 52 Defense)

Vory

Chapter 1:

Concealable Camera (Consumable)

Untraceable Cell Phone (Consumable)

Chapter 2:

Cherepakha Compact (Vehicle) (18 Attack, 25 Defense)

Dossier on Dmitri (Consumable)

Chapter 3:

RU-7 .45 Pistol (Weapon) (25 Attack, 23 Defense)

Mafiya

Chapter 1:

Concealable Camera (Consumable)

Untraceable Cell Phone (Consumable)

Chapter 2:

Molotok Pistol (Weapon) (22 Attack, 26 Defense)

Dossier on Dmitri (Consumable)

Chapter 3:

RU-7 .45 Pistol (Weapon) (25 Attack, 23 Defense)

Episode 2 – Boets

Collection: Dolls

Mastery Item:  Boss Karpov’s Pistol (Weapon) (50 Attack, 38 Defense)

Vory

Chapter 1:

Ballistic Knife (Weapon) (20 Attack, 28 Defense)

Chapter 2:

Set of Photos of Karpov (Consumable)

Severnyy Olen Snowbike (Vehicle) (32 Attack, 20 Defense)

Chapter 3:

PNV (Armor) (21 Attack, 31 Defense)

Mafiya

Chapter 1:

Ballistic Knife (Weapon) (20 Attack, 28 Defense)

Chapter 2:

Set of Photos of Karpov (Consumable)

RAS-15 (30 Attack, 18 Defense)

Chapter 3:

PNV (Armor) (21 Attack, 31 Defense)

Episode 3 – Brigadir

Collection: Russian Leaders

Mastery Item: Ex-KGB Bodyguard (Armor) (48 Attack, 30 Defense)

Vory

Chapter 1:

Armored Briefcase (Armor) (25 Attack, 36 Defense)

Chapter 2:

Bank Guard Uniform (Consumable)

Taiga Combat Shotgun (Weapon) (32 Attack, 20 Defense)

Chapter 3:

Shchuka Speed Boat (Vehicle) (36 Attack, 22 Defense)

Mafiya

Chapter 1:

Armored Briefcase (Armor) (25 Attack, 36 Defense)

Chapter 2:

Bank Guard Uniform (Consumable)

Volk Luxury Sedan (Vehicle) (24 Attack, 36 Defense)

Chapter 3:

Shchuka Speed Boat (Vehicle) (36 Attack, 22 Defense)

Episode 4 – Avtoritet

Collection: Drinks

Mastery Item: Cossack Armored Vest (Armor) (18 Attack, 48 Defense)

Vory

Chapter 1:

Ru-78 Heavy Machine Gun (Weapon) (36 Attack, 12 Defense)

Chapter 2:

Officer Corps Paycheck (Consumable)

Shturmovik (Armor) (45 Attack, 28 Defense)

Chapter 3:

Razoritel Grenade Launcher (Weapon) (34 Attack, 15 Defense)

Mafiya

Chapter 1:

Ru-78 Heavy Machine Gun (Weapon) (36 Attack, 12 Defense)

Chapter 2:

Officer Corps Paycheck (Consumable)

The Orel Armored Helicopter (Vehicle) (24 Attack, 40 Defense)

Chapter 3:

Razoritel Grenade Launcher (Weapon) (34 Attack, 15 Defense)

Episode 5 – Vor

Collection: Soviet Memorabilia

Mastery Item: ZPR Pulemut (Weapon) (28 Attack, 65 Defense)

Vory

Chapter 1:

Arkticheskij Gus’ (Vehicle) (22 Attack, 42 Defense)

Chapter 2:

Ubijca Assault Rifle (Weapon) (43 Attack,18 Defense)

Stick of Dynamite (Consumable)

Chapter 3:

Osa 17 Snowmobile (Vehicle) (38 Attack, 24 Defense)

Mafiya

Chapter 1:

Arkticheskij Gus’ (Vehicle) (22 Attack, 42 Defense)

Chapter 2:

Klyk-9 Machine Pistol (Weapon) (21 Attack, 43 Defense)

Stick of Dynamite (Consumable)

Chapter 3:

Osa 17 Snowmobile (vehicle) (38 Attack, 24 Defense)

Episode 6 – Pakhan

Collection: Faberge Egg

Mastery Item: The Drakon (Vehicle) (54 Attack, 22 Defense)

Vory

Chapter 1:

Executive Overcoat (22 Attack, 45 Defense)

Chapter 2:

Konstantin Cargo Carrier (Vehicle) (18 Attack, 44 Defense)

Mansion Details (Consumable)

Chapter 3:

Zoloto Sports Car (Vehicle) (43 Attack, 22 Defense)

Mafiya

Chapter 1:

Executive Overcoat (Armor) (22 Attack, 45 Defense)

Chapter 2:

Zmeya Carbon Blade (Weapon) (28 Attack, 44 Defense)

Mansion Details (Consumable)

Chapter 3:

Zoloto Sports Car (Vehicle) (43 Attack, 22 Defense)

Episode 1 & 2 wasn’t such a big choice, because you can get better lOOt items in Cuba than these, so I choose:

Episode 3 – 5: Vory

Episode 6: Mafiya

Hope this helps some out on figuring which way to go, this blog will remain here to leave comments or if you have questions, or simply bookmark it for later reference! :)

WTF Get’r Done!

Share and Enjoy:
  • Google Bookmarks
  • MySpace
  • Facebook
  • StumbleUpon
  • Print
  • email
  • Digg
Posted in: Not Linux Related, Online Gaming
ADD COMMENTS
« Previous Entries