How to reinstall linux 3 times in less than two days

Thursday, 1/10/09, I woke up and said “Enough Windows! I can’t handle it anymore! From now I’m going to use Linux as day-day use and windows only when I need it!”, A voice on my head said “Dejavu my friend”… Seems like I said the same year ago, two years ago, and still came back to windows! Oh Bill why are you doing it?! ;( Anyway this time I’m serious about it (voice in my head: “yea right…”)..

So I found an Arch Linux Install CD that I used a year ago. I actually was able to install it without using the beginners guide they provide on their CD. Everything was fine, and hop! I fucked the home partition… I said “Ok install Linux is fun, lets reinstall!” (and I’m serious now, it real fun!). I reinstall, system up and running. I decided to configure MPD (music player daemon), this bitch needs access to my home directory, so I needed to set permission on my home directory that others and group can read the directory, and I fucked up things, that even I can’t read/write to my OWN home directory… Reinstall.

So now my Arch is running (tfu tfu tfu) and I’m enjoying it!

I had an awesome weekend, and now my PC is running Linux (with windows partition, but windows got only 80GB, and Linux 160GB :p).

A Security bug in Linux kernel

My morning started as usual, woke up at 7:30, turned the PC one, went to kitchen to bring some food and make coffee, then back to the PC to check emails, facebook, forums, and RSS. So one of the news reports was a Linux kernel bug that existed for about eight years! Can you imagine it?

So in short:

Linux kernel implements different sockets. Each socket have a struct assigned to it called proto_ops. The only thing this struct hold is pointers to implementation of different functions like bind, accept, and so on. Some might not implement one of the functions, in this case they should send a pointer to stub function. But even if the pointer left NULL, most of the times the kernel will validate that it is null.

So where is the bug? In function sock_sendpage(). This function does not validate the pointer and therefore can call for a NULL pointer. In this case an attacker can place a code at page 0 and the kernel will execute this code in SUPERVISOR mode!

I haven’t heard about any patch yet, but I’m sure that there will be one soon.

Mount VDI file

Hey!

Well as a part of my studies we learn assembly under Dos (crap >.<). Anyway to ged rid of Windows I decided to install a Virtual Machine with FreeDOS. The problem was that its pretty hard to transfer files between Linux and the virtual drive, and I couldn’t setup network transfer (I wonder if its possible at all with FreeDOS). So I decided to mount my VDI file and be able to read/write to it as it was a directory on my filesystem. I googled for “mount vdi” and found this link

http://forums.virtualbox.org/viewtopic.php?t=52&start=0&postdays=0&postorder=asc&highlight=

So lets start 🙂

Tools:

1. Linux :p

2. VDI file – Create new partition with Virtual Box, I used fixed size of 90MB and Installed FreeDOS on it.

3. khexedit – sudo apt-get install khexedit

The moves:

khexedit .VirtualBox/VDI/FreeDOS.vdi

Note: You should use decimal instead of hex, View->Offest as decimal

Now is the hard part: you should look for the beginning of the partition

Mine looks like this:

0000033216 ……………………………………………………….
0000033280 �<.FRDOS4.1……….��.?…?…a�..�.)..p$FREEDOS    FAT16
0000033344 1�.ؽ.|��..�.�.��..���^|�…`..�.�.f��.~$�u..V$�F�..�F�…^��FĠ
0000033408 c.v..~..v..�..v�.~�.F..�f..�.�.v�.~�.^.�.��.F.1���P.�.�..v�.~�.F
0000033472 �.V�_�^Z�..�~Z�..��}W��_&.E.t..� &.=.u�reP�^Z.~..F�.V��g.X…^\�

As you can see before offset 33216 there are almost nothing, and the partition starts at offset 33280.

So now we know the start offset of the partiton lets mount it:

sudo mkdir /mnt/vdifs

sudo mount -o loop,offset=33280,umask=000 .VirtualBox/VDI/FreeDOS.vdi /mnt/vdifs

And we done 🙂

To understand what loop, offset and umask stands for read this

http://forums.virtualbox.org/viewtopic.php?t=52&start=0&postdays=0&postorder=asc&highlight=

Better then I can explain 🙂

Now you can read/write files from your partition like it was part of your system 🙂

To un mount it use:

sudo umount /mnt/vdifs

Enjoy 🙂