Thursday, July 26, 2012

How to compile the glibc-2.14.1 on Slackware 13.37

Note: This article is nothing about build a cross-compiler toolchains. The only reason I need to rebuild the glibc is for hacking the glibc itself, which mean to providing a debugging platform. If you need to build a cross-compiler toolchains( for Play Station III?) , go to openWRT community.

1, download the glibc-2.14.1.

2, Preparation before compiling:

root@sl13:/home/libs/2.14-build# mkdir -p /home/root_shawn/etc
root@sl13:/home/libs/2.14-build# cp /etc/ld.so.conf /home/root_shawn/etc/

3, Decompressing the source code and compiling:

root@sl13:/home/libs# tar jxvf glibc-2.14.1.tar.bz2
root@sl13:/home/libs/2.14-build# ../glibc-2.14.1/configure --prefix=/home/root_shawn --with-tls --enable-add-ons=nptl
root@sl13:/home/libs/2.14-build# make -j 2 && make install

4, Edit some config files:

add "export LIBRARY_PATH=/home/root_shawn/lib:/lib:/usr/lib" to the file /etc/profile

edit the file "/usr/lib/gcc/i486-slackware-linux/4.5.2/specs", and replace "/lib/ld-linux.so.2" with "/home/root_shawn/lib/ld-linux.so.2"

add "/home/root_shawn/lib" to the file /etc/ld.so.conf

root@sl13:/home/libs/2.14-build# ldconfig
root@sl13:/home/libs/2.14-build# source /etc/profile

5, Testing the current version of glibc

hello.c:
------------------------------------------------
#include <stdio.h>
#include <gnu/libc-version.h>
int main ()
{
        printf("%s\n", gnu_get_libc_version ());
        return 0;
}


root@sl13:~# gcc hello.c
root@sl13:~# ./a.out
2.14.1

Bingo, it's already upgrade!

6, Check the linking path

root@sl13:~# readelf -l a.out

Elf file type is EXEC (Executable file)
Entry point 0x8048340
There are 7 program headers, starting at offset 52

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  PHDR           0x000034 0x08048034 0x08048034 0x000e0 0x000e0 R E 0x4
  INTERP         0x000114 0x08048114 0x08048114 0x00023 0x00023 R   0x1
      [Requesting program interpreter: /home/root_shawn/lib/ld-linux.so.2]
  LOAD           0x000000 0x08048000 0x08048000 0x00504 0x00504 R E 0x1000
  LOAD           0x000504 0x08049504 0x08049504 0x00104 0x0010c RW  0x1000
  DYNAMIC        0x000518 0x08049518 0x08049518 0x000c8 0x000c8 RW  0x4
  NOTE           0x000138 0x08048138 0x08048138 0x00020 0x00020 R   0x4
  GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RW  0x4

 Section to Segment mapping:
  Segment Sections...
   00   
   01     .interp
   02     .interp .note.ABI-tag .hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame
   03     .ctors .dtors .jcr .dynamic .got .got.plt .data .bss
   04     .dynamic
   05     .note.ABI-tag
   06   

[Requesting program interpreter: /home/root_shawn/lib/ld-linux.so.2] --- that's what I want. Shit~ I can debug the fucking glibc now. I'll keep reading the Phrack paper( avoid the stack canary to remote exploit for profit and fun? ) this week. 29% is too far away from my goal/gold.....hmm...maybe emacs's lines counter has some problem @_@

btw: The Architecture wants the Matrix running by the paradigms of  closed system/linear/mechanic/engineering/controlled. The Oracle wants the Matrix becoming a diversity world with infinitely possibility, by following the paradigms of open system/non-linear/biological/evolving/out of control. The matters is depend on your "choice".

Sunday, July 22, 2012

Great minds think alike

I came to BJ on May 8th 2012 and I went to a hostel as my temporary live. I was very busy on job interviews in the 1st week. The result was not really good. Some very famous companies in the industry are not pretty as I thought. Almost of them are caring about hiring cheap labors but nothing concerns truely hacking spirit. It's ok. I will not disclosure you montherfuckers here-_- I began to vist friends/communities in the 2nd week. There were so much interesting stuffs I've been experience in the next 2 months. Of course, I'm going to share these disclosure-able part.

Firstly, I was start the io-wargame, which is a learning platform that you can learn and practice your security skills on GNU/Linux. In the 1st 10 days, I was get used to playing with io-wargame on the daylight. When I passed the lvl5, it was beings a little bit of harder. So I need help from irc and I have to follow these experienced hacker's daily online schedule. The midnight( in BJ) is a good start for them. Then I changed my hacking time. Finally, I spent 1 month to passed the lvl10. I will keep on it if I have time in the future. If you ask me about pw( please go asking in irc channel), I will give you my mid-finger. The spoiler is intolerable in smashthestack community.

I went to Open Party Beijing in May. A bunch of speakers gave us wide topics in the seminar, including history, math, startup ideas and other stuff. After the seminar, I went with a other-stuff's speaker for dinner. His name is Philip McMaster. He was a speaker on TEDx Beijing 2011. We discussed a few very serious issues that normal people seems don't care about. How are the banksters robing people's wealth? How is the Protestant ethic evolving to Hacker ethic in the background of information age? How can a normal people find their really needs( correct value) today? How can a young man/woman spend a whole afternoon for shopping the stuff they never really need? How can you say looking for the truth/pupose of ur life is important and you are still willing to spend more than 10 years salary to buy a apartment? Aha, our society is fucking sick. After I introduced the relationship between hacker ethic and information age, Philip was start to using my terminology to keep the conversation continue. Well, I just wanna say, as a old man, He has a open mind and he definitely is a fucking hacker.

I went to BLUG's meeting in June. Jose gave us a free speech about a open hardware project: open-drone. It's very like a quadricopter. I was picturing in my mind( when Jose was talking), add a camera and a wifi device onto the drone. It can fly close to a highrise building and taking photo, or flying around your home and cracking every wifi you searched. And, I met a female security hobbyist who are using BT5, which is the main OS on my laptop. She's name is Kendra. She is a web designer and a artist hacker. It was my honor to met the Lady Back-Track-_-

Another interesting experience was to hangout with a friend. He worked for Qi-hardware. He has been very busy on digging the bitcoins and keeping find the better ways if possible. Bitcoins is the creation of people who are holding the Anarchist-like philosophical ideas. I like the concept of decentralization. Bitcoin is the electronical cash that you can exchange it with others by peer-to-peer ways. How to get bitcoins? You can ask google about it. My answer is simple: Machine's calculations. At the period of beginning of the bitcoin's digging, hacker/people were using CPU. Then they figured out some kind of technique issues to make CPU inefficiency on digging work. Use GPU instead of CPU is a better choice. The matter right now is GPU cost the power too much and FPGA is the way that can fit their needs. See my list below then you will understand:

1000USD's PC with CPU mining: 5Mhash/s
1000USD's PC with GPU mining: 300--400Mhash/s, GPU-part: 100-200W
500USD's FPGA device: 400Mhash/s, only 20-30W

Do the math-_- The qi-hardware shared everything about their experience. If you have interest to be a miner of information version, hack it for urself! I went out with friends/backpackers for watching the soccer match at 11:00 PM. We saw lights from a few highrise buildings when we walked back on the street at 4:20 PM. A guy told us a story: "If you can see there are still lights in the office building after midnight, which mean the monkey coders are OT there. They actually don't work. They are just sitting on their butt until the manager go get to the bitches. They will watch the Japanses pornie movie and begin masturbating...you know the monkey coder's dick is so small that they even can't find their dick very preciesly. The question is why their dick is so small? Becuase they don't write low-level code, which could be healthy for programmer's soul.". Well, this is a fascinating story from underground. Please, keep the secret for me and don't tell it to others-_- I think that differs hacker and monkey coder. I need to transform myself from the monkey-coder to the hacker. It would be a kind of paradigm shift, big ones!

 I got my new job. It's my honor to work for a community-based company. I'll be busting my ass on new hacking in the future. I've already shared the disclosure-able part of my experience of the past 2 months above. I think the 2-month is my vaction for the 7-year hacking of Theo/Philo/Math/Engi models. Praise the L0rd!

May L0rd's hacking spirit guide us!

 btw: Neo didn't kill agent Smith. He just decompiled him and split the code into the fucking random area. That's the point!

before I left home:


Lady Back-Track:
 

Backpackers left their photos on the wall:


LongQuan Buddhism temple in BJ:
 

what a delicious food made by friends
 

I like NetEase. Because they provided servers for Open Course and TED.

 

 EURO CUP 2012. When England VS French began, a french guy sung the national song:

 

 AMD and Intel are so "close"...WTH
 
Don't look at that girl. Keep your eyes on the GNU logo, please...


TsingHua University. This is the only place I like.
 

I bet the combination of cheap x86 hardware and GNU/Linux will beat the other platform in networking device field. Atom 4/5xx with 1.8Ghz dual core machine only cost about 1, 400 RMB:


We went out to bar to watch German VS Greece:
 

Remeber that monkey-coder's story?


By the community, and for the community!