Friday, September 18, 2009

How to access other VMs and Internet on VirtualBox

VirtualBox supports NAT, host-only, Internal network and Bridged network options.
When Network card of VirtualBox VM is configured with "NAT" option then VM can access host machine and can access Internet, but cannot access other VMs. When I looked at IP address of VM's, I found that they all have same IP address.

VirtualBox assigns same IP to all virtual machine (for example, 10.0.2.15) when NAT is configured.  That is, it treats all VM as they on different physical network.

When Network Card of VirtualBox VM is configured with "Internal Network" option then VM can access other VMs but cannot access Internet.  In this case, all VM are on same physical network.

If you want to access other VMs as well as Internet, then the simplest solution is install two network cards in VM and assign one to NAT and another to internal network.  Then login to all VMs and assign unique address to internal network card of each VM. Note that, you have to assign address to network card which is configured for "Internal Network"  in VirtualBox.

That's it. Done. Now you can access Internet as well as other VMs.

Object Oriented Programming

Struct is use to define data types and group them into one object. Struct does not contain methods or functions, and its data members are all public. Struct are useful when we want sets of element with different data types.  Struct is a group of data elements grouped under one name. Those data elements are know as members and can have differnet type and different lengths.  Struct creates a new type. Once a struct is created a new type with the name of struct is created. It can be used later on in the program to create objects of struct.

A Class have both data members and functions/methods associated with it. A class can contain sever variables and functions/methods, those are called members of class. Bydefault all its members are private.

Class can define its member as private, protected, public.  Protected has a special meaning to inheritance. Protected members are accessible in the class that defines them as well as in the classes that inherit from that base class or friend of it.
 Class can contain special member functions called as constructors or destructors. Constructors cannot be explicitly called like regular member functions. They are automatically executed when new object of class is created. 

In principal, private and protected members of a class cannot be accessed from outside the scope of the same class in which they are declared.  However this rule does not affect friends. Friendship is no transitive and it is not bidirectional.

Inheritance is a key feature of C++ class. It allows to create a class which is derived from other classes, so it can automatically include/inherit members of base class.  When class inhertis from another class the members of derived class can access only the public/protected members of  base class, but cannot access private members of base class.
In principal, a derived class inherits every member of base class except its constructor, destructor, and its friends.

Virtual function/member: A member of class can be redefined in its derived classes is know as a virtual member.
When the type of pointer is pointer to base class but it is pointing to an object of th derived class, virtual keyword in-front of member functions allows a member function of a derived class with the same name as one in base class to be called from base class pointer to derived class object.

A class that declares or inherits a virtual function/member  is called a polymorphic class.

Abstract base class is a class that lacks implementation of atleast one member. Therefore, we cannot create object of that class (cannot create object of ABC - Abstract Base Class). These are the main differences between abstract class and a regular polymorphic class.   The function which lacks implementation is called as pure virtual function. for example, virtual int function_name() = 0; However, pointers of ABC (Abstract Base Class) can be used to point to objects of derived classes.

 Templates are special types that can operate with generic types. Templates allows us to create a function template whose functionality can be adapted to more than one type without repeating the entire code. That is, we don't need to write the same functionality code for different types such as int, float, char, etc. This allows generic programming, bocz it access any type object.

Vector better than Array and works as Array

Vector is a template class and it allows programmers to create a dynamic array of elements of one type per instance.
  Vector is conceptually same as arrays in C. However, vector size can expand to hold more elements and can shrink when fewer will suffice.

Note: Accessing members of vector or appending elements does not depend on vector size and takes fixed amount of time, however, locating a specific value element or inserting value element into vector takes the amount of time directly proportional to its location in vector.

//////////////////////////////////////////////////////////////////////
// Standard Template Library  (STL)
//
// Vector Functions:
//
// vector::push_back - Appends (inserts) an element to the end of a
// vector, allocating memory for it if necessary.
//
// vector::pop_back -  Erases the last element of the vector.
//
// vector::size - Returns number of elements in the vector.
//
//////////////////////////////////////////////////////////////////////


#include <iostream>
#include <vector >

using namespace std ;

int main()
{
    // Dynamically allocated vector begins with 0 elements.
    vector<int> theVector;


    // Add one element to the end of the vector, an int with the value 1.
    // Allocate memory if necessary.
    theVector.push_back(1) ;

    // Add two more elements to the end of the vector.
    // theVector will contain [ 1, 2, 3 ].
    theVector.push_back(2) ;
    theVector.push_back(3) ;

    int tmp;

    cout << "\n Enter new element on new line. press Ctrl +D to terminate " <
    while (cin >> tmp)
      theVector.push_back(tmp);

    // Erase last element in the vector.
    theVector.pop_back();
    theVector.pop_back();

    // Print contents of theVector. 

    cout << "theVector [" ;
    for (int k =0; k < theVector.size(); k++)
      cout <<" " << theVector[k];
   
    cout << " ]" << endl ;
}

Friday, September 11, 2009

Who calls main() function in C

The run-time environment calls the main function to begin program execution.
On Linux operating system, C runtime file can be found in either /usr/lib directory or /lib directory. 
crt0 (or crt0.o, gcrt0.o, mcrt0.o) is a set of execution startup routines  that are platform-dependent, and is required in order to compile using the GCC and other GNU tools.
crt stands for 'C runtime'.
Let me explain you the life cycle of c program:
1. Create a C program
2. Compile C program to generate object file.
3. Link object files (s)
4. execute the program
During compilation, compiler generates the object code for the program and for standard  C library functions used in program such as printf(), scanf (), etc, it puts the  entry in object file saying that "unresolved reference". 

Linking can be static or dynamic.  During static linking,
the static linker (ld) sees the unresolved reference to printf(), scanf(), and searches the available libraries for an implementation for printf(), scanf(), etc. In general this will be found in the C library (for example, libC ). Now, the linker has two options:

  1. Linker can take the printf(), scanf(), implementation from the library and copy it into the final executable accordingly. The linker then  searches the printf(), scanf() implementation for other unresolved references, and again consult the libraries for resolution. This  process will be performed iteratively until all references to the symbols were resolved. This is known as static linking.
     

  2. If the C library is realized as a `shared library', the linker can simply put a reference to the C library into the final  executable. This is known as dynamic linking.
     
      
    A statically linked executable is self contained. It is loaded into memory. The entry point, whose designation is system  dependent (for eg, the `__main' symbol) is found and called.
    In a dynamically linked executable, after loading the executable binary into memory, the dynamic linker (ld.so.1) takes control first. It reads the library references to dynamic libraries produced by the static linker, and loads them into memory. It then performs symbol resolution and updates all references to symbols in the shared library to point to their actual location, which can only be determined at runtime, because the shared libraries might be loaded to different memory locations each time the executable binary gets executed.
     
    
 

Thursday, September 10, 2009

C++ pointer

Pointers
Reference Operator (&)
The address that locates a variable within memory is what we call a reference to that variable.
A variable which stores a reference to another variable is called a pointer.
& is the reference operator and can be read as "address of"
* is the dereference operator and can be read as "value pointed by"
The declaration of pointers follows this format:
type * name;
 where type is the data type of the value that the pointer is intended to point to. This type is not the type of the pointer itself! but the type of the data the pointer points to.
For example:
int * number;
char * character;
float * realnumber;
These are three declarations of pointers. Each one is intended to point to a different data type, but in fact all of them are pointers and all of them will occupy the same amount of space in memory. Nevertheless, the data to which they point to do not occupy the same amount of space nor are of the same type: the first one points to an int, the second one to a char and the last one to a float.
Void Pointer
The void type of pointer is a special type of pointer. In C++, void represents the absence of type, so void pointers are pointers that point to a value that has no type.

Thursday, September 3, 2009

Makefile

Compiling the source code of your program/project on Linux/UNIX system is tedious, specially when program/project has several source files and you have to type command every time you want to compile it.

There is a utility called make to build the applications.   Make looks for a text file in the current directory called "makefile" or "Makefile" to execute.  Makefile is a file that instructs the program make how to compile and link a program. In this post I will explain, how to use GNU make utility with Makefiles. 

How to write comments in the makefile:
The comment in the Makefile is indicated by the comment character “#”. All text from the comment character to the end of the line is ignored.
Example:
# This is the comment in the Makefile
# Comment

How to define Variable in the Makefile:
You can define variable in the makefile.  Variable definition format is as follows:
VARNAME = Value
For example, Lets define a variable and set it to the compiler which I want to use to compile my program code.
CC = g++
CC is the variable name and g++ is the compiler I want to use to compile my program. 
 
How to use the variable:
We have define the variable CC above, now let me explain you, how to use it.
To use the variable syntax is as follows:
$(VARNAME)
In our example, we define CC variable, we can access the variable as follows:
$(CC) 
 
How to compile program using command line:
Suppose my program name is myprog.cpp. To compile it, I have to type following command:
g++ -o myexe myprog.cpp
 
Whereas myexe is an executable file name and myprog.cpp is the source file of my program.
If I want to compile my program multiple times then I have to issue this command multiple times.
Things become more complicated when I need to give some parameter to compile my program such as 
optimization parameters, library paths, etc.
 
Makefile comes for rescue here.  Create a new text file and named it as Makefile. Do not give any extension to it. 
Simply put the command (g++ -o myexe myprog.cpp) in the makefile, save the file, and at command
prompt type make
#Makefile
     g++ -o myexe myprog.cpp

Now suppose we have three source files namely mainprog.cpp, file1.cpp and file2.cpp.

Then you can create a makefile as follows:
g++ -c -o file1.o file1.cpp
g++ -c -o file2.o file2.cpp
g++ -o myexe mainprog.cpp file1.o file2.o
 
You can now make use of variables and can make the Makefile much simpler as shown below:
 
COMPILER=g++
OBJS=mainprog.o file1.o file2.o
default: myapp
myapp: $(OBJS)
 $(COMPILER) -o myexe $(OBJS)
 
You only need to issue only the make command everytime you want to compile you program, that's it.
If the source file in your project increses then you only have to add filename.o to 
OBJS variable list, that's it. Very simple. 

Wednesday, September 2, 2009

JavaScript Scramblers / Obfuscators Softwares and Techniques they used

There are many JavaScript Scrambling softwares/tools available on Internet.
All of them aims to scramble the JavaScript source code to prevent the theft of JavaScript Code.
Obfuscated code is a source code that is very hard to read and understand. 
Macro preprocessors are often used to create hard to read code by masking the standard language syntax and grammar from the main code.

How to create hard to read code (Obfuscated code)?
Take a JavaScript code in .JS files or in HTML files as a input  and replace descriptive variable and function names like Customer, Salary, FirstName... with meaningless names like x0de234f, III111000, oo00ooo... 
Also removes comments and unnecessary whitespace characters (space, tab, carriage return, line feed). The functionality of the code remains the same while source code changes dramatically. This process is called obfuscation, and the tool is called obfuscator.

I tried to find and collect under one roof information about JavaScript Obfuscators.

1. Stunnix JavaScript Obfuscator
 Stunnix JavaScript Obfuscator converts scripts in input files into highly mangled and obfuscated form, while fully retaining  functionality of the original code.
 It provides different encoding techniques such as MD5 (Message Digest version 5), set of o and 0, and set of I and 1 for identifiers/variables/function names. Similarly it provides different encoding technique such as Hex escapes, List of codes for strings. It uses regular expression to replace numbers. It gives freedom to the programmer to select encoding technique of there choice to make JavaScript code difficult to study and analyze. It is also possible to encode the code using one set of encoding techniques and again encode the encoded code using different set of encoding techniques supported by the tool. For example, first encode using a set {MD5, Hex escapes, regular expression} and then encode the encoded code using same or another set of supported techniques by the tool such as {set of o and 0, List of codes, regular expressions}.   
 Examples of Encoding techniques of Stunnix tool are given below:
 Encoding for Identifiers/variables/function name:
  1. MD5: Message Digest version 5, 
   It generates hash value for identifier/variable_name or function_name and replaces the occurrence of identifier/variable with its hash value. (for example every occurrence of FACTORIAL function name in the script is replaced with it hash value Z001C775808)
  2. set of I and 1
   It generates a unique set of I's and 1's for each identifier/variable_name ( for example every occurrence of      SHOW_TOP_RECORDS function name in the script is replaced by IlIlIIIllI)
  3. set of o and 0 
   It generates a unique set of o's and 0's for each identifier/variable_name ( for example every occurrence of      SHOW_TOP_RECORDS function name in the script is replaced by o0o0ooo00o)
 Encoding for strings in the script:
  1. Hex escapes
   It uses Hex encoding for strings (for example no entries is replaced with  \x3c\x62\x3e\x6e\x6f\x20\x65\x6e\x74\x72\x69\x65\x73\x3c\x2f\x62\x3e)
  2. List of Codes
   Adds some constant prefix such as ReplacementFor_ to every occurance of string. (for example  strcomputer variable is replaced with ReplacementFor_strcomputer)
 Encoding for numbers/digits
  It uses regular expression to encode numbers in the script. (For example every occurrence of number 232 is get replaced with 0x14b6+2119-0x1c15 in the script)

2. TagsLock Pro. 
 Replaces string characters (ASCII) with hexadecimal equivalent value and each preceded by a percent symbol. (For example, space character is hexadecimal 20, so the encoded version of a space character is %20)
 It uses JavaScript inbuilt function escape() to generate encoded version of string and uses inbuilt JavaScript function unescape() to decode it.

 For example:
   Original JavaScript:
      document.write("Hello, world!");    

    Scrambled JavaScript:

          document.write(unescape('%3cs%63ript%3e%3c%21%2d-%0d%0ado%63ument.write("%48%65llo%2c %77orld%21"); %0d%0a%2f%2f %2d%2d%3e%0d%0a%3c/s%63%72i'+'pt%3e %0d%0a%0d%0a'))      


3. iWeb Tool. 
 Similar to TagsLock Pro, iWeb tool uses escape() function to convert string (ASCII) into hex encoding.  But to make it more confusing it perform encoding on hex encoded string and converts hex encoded string into unicode. 
 To decrept it uses a inbuilt JavaScript function String fromCharCode() to convert it from Unicode to hex codes and then using unescape () function converts hex codes into a string (ASCII). 
 It keeps the Javascript inbuilt function name as it is, such as document.write in original source code will as it is appear in encoded code.
 For example:
 Original Code:
   document.write("Hello") 
 
Encrypted Code:
  var enkripsi="'1Aqapkrv'1Gfmawoglv,upkvg'0:'00Jgnnm'00'0;'1A-qapkrv'1G"; teks=""; teksasli="";var    panjang;panjang=enkripsi.length;for (i=0;i2) }teksasli=unescape(teks);document.write(teksasli);


4. Javascript Obfuscator v2.53. 
 It reads files with JavaScript code and replaces each occurance of descriptive
variable and function names like CHILDNODE, FIRSTNAME, LASTNAME... with meaningless names like Ia, g, m... 
It also removes comments and unnecessary whitespace characters (such as space, tab, carriage return, line feed).

5. Ajaxian JavaScript Obfucator. 
 It is same as JavaScript Obfuscator v2.53. 
 And Like a iWeb tool, it does not replace document.write() function name, that is the rule is not to replace the function name or vaiable name if it has ".". 

6. JavaScript Scrambler v1.11. 
 It is the simplest JavaScript Obfuscator, which removes comments and unnecessary whitespace characters. It keeps the variable names and Javascript code as it is; except only changes function names in the original code. (for example,  every occurance of function name "doTICKER" is get replaced with "x0822631")


References
1. Stunnix JavaScript Obfuscator. http://www.stunnix.com/prod/jo/
2. TagsLock Pro. http://www.aerotags.com/faq/tips-js-protection.php
3. iWeb Tool. http://www.virtualpromote.com/tools/javascript-encrypt/
4. Javascript Obfuscator v2.53. http://javascript-source.com/javascript-obfuscator.html
5. Ajaxian JavaScript Obfucator. http://ajaxian.com/archives/utility-javascript-obfuscator
6. JavaScript Scrambler v1.11. http://www.quadhead.de/jss.html

Obfuscated code examples

In this post I will give to some examples of JavaScript Obfuscation.
Example 1:
This following code is obfuscated using online JavaScript Obfuscator on http://www.javascriptobfuscator.com/
Plain text Code:
var a="Hello World!";
function MsgBox(msg)
{
    alert(msg+"\n"+a);
}
MsgBox("OK");
Obfuscated code:
var _0x8e48=["\x48\x65\x6C\x6C\x6F\x20\x57\x6F\x72\x6C\x64\x21","\x0A","\x4F\x4B"];var a=_0x8e48[0];function MsgBox(_0xab5dx3){alert(_0xab5dx3+_0x8e48[1]+a);} ;MsgBox(_0x8e48[2]);
 
You can apply multiple level of obfuscation by repeatedly obfuscating the obfuscated code.
Following obfuscated code is 2 level obfuscation of plain text code given above.  That is, obfuscation of obfuscated code.
Obfuscated code of the Obfuscated code given above:
var _0x1c08=["\x48\x65\x6C\x6C\x6F\x20\x57\x6F\x72\x6C\x64\x21","\x0A","\x4F\x4B"];var _0x1bae=[_0x1c08[0],_0x1c08[1],_0x1c08[2]];var a=_0x1bae[0];function MsgBox(_0xc9d7x4){alert(_0xc9d7x4+_0x1bae[1]+a);} ;MsgBox(_0x1bae[2]);

Example 2:
The following code is obfuscated using  online JavaScript Obfuscator. http://www.virtualpromote.com/tools/javascript-encrypt/
Plain text code:
document.write("hello, world");
 
Obfuscated code:
var enkripsi="'1Aqapkrv'1G'2Cfmawoglv,upkvg'0:'00jgnnm'0A'02umpnf'00'0;'1@'2C'1A-qapkrv'1G";
teks="";
teksasli="";
var panjang;
panjang=enkripsi.length;
for (i=0;i
  teks+=String.fromCharCode(enkripsi.charCodeAt(i)^2)
}
teksasli=unescape(teks);
document.write(teksasli);

In the second example, document.write is used. So during parsing of the code in the browser (for example, Firefox), DOM nodes will be get created for obfuscated code and for each level of  de-obfuscated code.