GTK... GIMP Toolkit (developing graphical user interface)

GTK is library for creating graphical user interface using c, c++ and python. We can use any programming language to create graphical interface. Actually it is developed to write program for GNU Image Manipulation Program(GIMP).

You can easily install it using synaptic package manager:
package : libgtkada2.14.2-dev

Here is a simple program that create a window of 200 * 200 pixel

base.c

#include <gtk/gtk.h>

int main( int   argc,
          char *argv[] )
{
    GtkWidget *window;
    
    gtk_init (&argc, &argv);
    
    window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
 

gtk_widget_show  (window);
    
    gtk_main ();
    
    return 0;
}

compiling this code: 

gcc base.c -o base `pkg-config --cflags --libs gtk+-2.0`

note: keep in mind that ` is different than ' otherwise it will create problem.

running this code:

./base

For more help 

A simple TCP echo server and client

This is simple example of tcp server and client. Here client write something on server socket and server write same message back to client.

Few observation:
- What happen if client tries to write 40 byte of date on server socket and reads   40 byte while server writes 20 and reads 20.
- fork process share its parent file descriptor. 
- In the forked server socket try to print on terminal some message without use of '\n' it will not print
 e.g.
 void str_echo(int sockfd)
    {
      char buff[20];
      ssize_t n;
      while(1)
          {
           if((n=read(sockfd,buff,20))>=0)
              write(sockfd,buff,20);
           else
              write(sockfd,"blank",20);
           //else
             printf("%s\n",buff);        // if i replace it with printf("%s",buff) then it wont work
             // write(sockfd,buff,20);
              //return;
           //else
             // writen(sockfd,buff,n);
           }
     }
echo server:
#include<stdio.h>
#include<sys/socket.h>
#include<sys/types.h>
#include<netinet/in.h>
#include<stdlib.h>
#include<string.h>
#include"str_echo.c"

    

int main()
  {
   int sockfd,connfd,childpid,clilen;
   struct sockaddr_in cliaddr,servaddr;

   sockfd=socket(AF_INET,SOCK_STREAM,0);
 
   bzero(&servaddr,sizeof(servaddr));
   servaddr.sin_family=AF_INET;
   servaddr.sin_addr.s_addr=htonl(INADDR_ANY);
   servaddr.sin_port=htons(6060);
   bind(sockfd,(struct sockaddr*) &servaddr,sizeof(servaddr));
   
   listen(sockfd,5);

   while(1)
     {
      clilen=sizeof(cliaddr);
      connfd=accept(sockfd,(struct sockaddr*)&cliaddr,&clilen);
      printf("connection accepted\n");
       if((childpid=fork())==0)
          {
            close(sockfd);
            printf("child process\n");
            str_echo(connfd);
           // str_echo(connfd);
            exit(0);
          }
     printf("connection established\n");
     close(connfd);
     }
}

echo client:
#include<stdio.h>
#include<sys/socket.h>
#include<sys/types.h>
#include<netinet/in.h>
#include<stdlib.h>
#include<string.h>
#include"str_cli.c"
int main()
   {
   int sockfd;
   char buff[20];
    ssize_t n;
   struct sockaddr_in servaddr;
    printf("before socket");
   sockfd=socket(AF_INET,SOCK_STREAM,0);
   printf("socket created");
   bzero(&servaddr,sizeof(servaddr));
   servaddr.sin_family=AF_INET;
   inet_pton(AF_INET,"127.0.0.1",&servaddr.sin_addr);
   servaddr.sin_port=htons(6060);
   //bind(sockfd,(struct sockaddr*)&cliaddr,sizeof(cliaddr));
   printf("before connection");
   if(connect(sockfd,(struct sockaddr*)&servaddr,sizeof(servaddr))==0)
      {
         printf("inside loop");
         str_cli(sockfd); 
         /*write(sockfd,"sdfhsdkf",20);
          printf("request send");
         n=read(sockfd,buff,20);
         printf("%s",buff);*/
       }
   printf("after connection");
   close(sockfd);
   }

installing arp-sk

arp-sk is basically an ARP Traffic Generation Tool. It’s quite old but still very useful! There are 2 basics mode:
– who-has: build a request ARP message.
– reply: build a reply ARP message (default)

download arp-sk from
http://sid.rstack.org/arp-sk/

it works on libnet 1.1. you can download it from:
http://linux.softpedia.com/get/Programming/Libraries/Libnet-10275.shtml

to install libnet 1.1.2.1
1. $tar xvzf libnet-1.1.2.1.tar.gz
2. $./configure
3. $make & make install

to install arp-sk
1. $tar xzvf arp-sk-0.0.16.tgz
2. $cd arp-sk
3. $./configure
4. $make & make install

use arp-sk
$arp-sk <mode> <option>

for more help

Can we believe our eyes? ----(ref. http://blogs.technet.com/b/mmpc/archive/2011/08/10/can-we-believe-our-eyes.aspx)

Several days ago, one of our customers submitted a sample (SHA1: fbe71968d4c5399c2906b56d9feadf19a35beb97, detected as TrojanDropper:Win32/Vundo.L). This trojan hijacks  the hosts “vk.com” and “vkontakte.ru” (both social networking sites in Russia)and redirects them to 92.38.209.252, but achieves this in an unusual way.
A common  method used to hijack a website and redirect it to a site of the attacker’s choice is to add an entry in the Windows hosts file located in the %SystemRoot%\system32\drivers\etc directory. However, when we open this file on an affected computer, it doesn’t contain any entries related to “vk.com” and “vkontakte.ru”, as you can see in the following example:
 
But when we show hidden files, we can see another “hosts” file. It is hidden, as in the following example:

There are two files with exactly the same name, “hosts”, in the etc directory! How can this happen?
As we know, it is not possible for a directory to contain two files with the same name. When we copy the file names to notepad, save them as a Unicode text file and open them with a hex editor we see the following (the upper is for the first “hosts” file, the lower is for the second “hosts” file):

For Unicode (UTF-16), the 0x006F is the same as 0x6F in ASCII, which is the character “o”. But what’s the 0x043E in Unicode? We can find it in Unicode chart table (Range: 0400-04FF). The following is part of this table.

We can see that Unicode 0x043E is a Cyrillic character, and it looks very much like the English character “o”.
So the hidden “hosts” file is the real hosts file in fact. When we open this file, we can see that two entries have been added to the end of the file:

Mystery solved!
This is not the first time we’ve seen a hacker using Unicode characters to mislead people. In Aug 2010, a Chinese hacker disclosed a trick with a Unicode control character used to mislead people into running an executable file. Hackers use Unicode control characters 0x202E (RLO) to reverse parts of a special file name, which changes the look of the file name in Windows Explorer.
For example, there is a file named as “picgpj.exe”, as the following:

The “gpj.exe” part of this name is specially crafted. When inserting an RLO character before “gpj.exe” in this name, the whole name appears as the following:

Hackers also usually use a picture as the file icon. Unwary people treat this file as a picture, and blindly double-click to open it, thus running the executable. Obviously, this type of trick is useless for Unicode aware programs, but it is not easy for the eyes of people to identify the problem.
Can we believe our eyes? The answer is... not always.
Zhitao Zhou

Telnet server

Telnet offers users the capability of running programs remotely and facilitates remote administration. Telnet is available for practically all operating systems and eases integration in heterogeneous networking environments.

 so to start it you must have telnetd  deamon (ubuntu user)
#apt-egt install telnetd

 (fedora user)
# yum install telnet-server telnet

we can find its configuration file at
    /etc/inetd.conf

remove comment from this file and make following line look like this:
 /usr/libexec/telnetd telnetd

enable inetd service so that telnet get loaded
#vi /etc/rc.conf

add
inetd_enable="YES"

Restart telnet
#/etc/init.d/xinetd restart

to check configuration of telnet
# chkconfig telnet on

for more help