Author Archives: David

Designing mini virtual machine for web development

Leave a reply

Motivation
I spent a lot of time on setting web-server for developing webpages in past. Every time I bought a new computer or simple reinstall the operating system I had to set the environment again and again. Solving same or slightly different issues and wasting the time. I also tried a developing inside VM and under a native Unix system. In first case I was confused by the performance. In the second one I don't like the synchronization. I often hibernate my Windows and writing on the partition with hibernated one is not a good idea.

So I decided to design a minimal unix machine with installed services for my development. That should be easily backup-able. No more wasting time with setting a new web development environment.

Realization
At first I had done a check-list with functions that I want to use. Apache web server, php, mysql  database server, ftp deamon, version control system. I also do not want any graphic user interface. Choice of the operating system was very fast and clear I had a good experience with CentOS and there is minimal install ISO image to download.

Installing the CentOS  under VM is really simple but there are several issues with installing and running services listed above.

Network
For the installation of the services is necessary functional network with access to the Internet. I recommend to write own shell script for setting up interface. For example my script for my mobile connectivity with bridged networking:

#!/bin/bash
ifconfig eth0 192.168.1.200 netmask 255.255.255.0
ifconfig eth0 up
route add default gw 192.168.1.1 eth0
echo nameserver 192.168.1.1 >/etc/resolv.conf

After setting up connection it is time for service installation well I started with Midnight Commander which is my favourite tool on unix systems that has little bit friendlier text editor than vi. 🙂 Installing packages on CentOS is really simple the packager's name is yum. So only thing you have to do is enter these commands into a command line.

yum install mc
yum install httpd
yum install mysql-server
yum install php*
yum install subversion
yum install vsftpd

Issues
There are not hard to beat but it can take some time to solve it. The first one is with vsftp deamon. I have trouble with permissions to list/read/write to the directory after loging into ftp server the reason is SELinux. There are two options a) disable it b) set two "se" variables. I tried the second one and it works. After setting these variables ftp started working properly. The commands are:

setsebool ftp_home_dir=1
setsebool allow_ftpd_full_access=1

Firewall is a good thing but if you think about this minimal web server available only from our native machine (host-only network) it is nonsense. So instead of configuring exceptions for services I turned it off by entering this command.

/etc/init.d/iptables stop

Subversion, well this is not really a issue but you have to set up repository which is easy and there is a one problem of accessing to it. One way is access it by HTTPS protocol and the another one is by the SSH.  I choose SSH because it is easier to set up but I have one annoying issue with Tortoise SVN client's input box that wants to know your password with each svn command. I figure out that it can be solved by public key authentication. Well you need to generate a key pair on CentOS and then transfer it to the host machine (viva ftp).  Then load with a Puttygen a save it into putty key format. Then download and run Pageant with that key enter the pass phrase and enjoy the freedom without annoying dialog :).

Start script
It is a good idea to write own start up script which prepare our mini virtual server to run because restart of VM will cause that some settings should lost. For inspiration there is my start up script.

ifconfig eth0 192.168.56.2 netmask 255.255.255.0
ifconfig eth0 up
/etc/init.d/httpd start
/etc/init.d/vsftpd start
/etc/init.d/mysqld start
/etc/init.d/iptables stop
setsebool ftp_home_dir=1
setsebool allow_ftpd_full_access=1

I didn't describe everything in details in purpose. I think that some missing information can be found on Google. If you are interested look on these pages where you can found more.

http://tortoisesvn.net/ssh_howto.html
https://security.appspot.com/vsftpd/vsftpd_conf.html
http://wiht.link/subversion-resources
http://www.cyberciti.biz/tips/ssh-public-key-based-authentication-how-to.html

Malware analysis in practise

Leave a reply

When you are analysing a malware it is common thing that you have to defeat some layers of obfuscation and anti-debugging. I have decided to describe one part of analyzing interesting sample from past.

Unpacking
A lot of malware samples are encrypted so the first step is find the decrypted part of program. It is possible that there are some anti-debugging tricks. So running in the debugger will cause a crash. Continue reading

Android ADB with Prestigio MultiPad and Win7

11 Replies

When I want to setup USB debugging on my tablet I have to solve several issues. I have decided to write this step by step tutorial which shows how to make ADB working with Prestigio PMP5080CPRO tablet. This tutorial worked for me and analogical it should work with other android devices.

1. First of all you have to Enable the USB Debugging in the Developer settings.

2. Connect your tablet to the computer USB port.

3. Select MTP connection instead of Mass Storage (you can find it at Storage -> USB computer connection)

4. Right Click on Computer->Manage->Device Manager,  search for PMP5080C and update driver with Google USB Driver.

5. Download USBDeview. In program search "PMP5080 C PRO USB Device" and remember the Vendor ID for me it was 0x2207.

6. Open %UserDir%\.android\adb_usb.ini a write there the Vendor ID (0x2207).

7. Open command line at %android_sdk%\platform-tools\

8. adb kill-server

9. adb start-server

10. adb devices

And then you should view your tablet ID in the list.