I think that the majority of local inhabitants are familiar with concept of a sniffer. In spite of the fact that an ultimate goal at them same (interception of the packets corresponding to certain criteria), they reach it in absolutely different way. Some software listens to the specified network interface (for example, Wireshark where it is implemented by means of Pcap library), and some — intercepts challenges responsible for interaction with a network of WinAPI-functions. Both that, and at other method has pluses and minuses, however if on a task interception of packets from specific in advance famous application is necessary, then the second option it is, as a rule, banal more conveniently. In this case there is no need to learn IP addresses and ports which are used by this program (especially considering the fact that them can be very much), and it is possible just to tell "I want to intercept all packets of this application". Conveniently, isn't that so?
Perhaps, the sniffer most popular today working by the principle of call intercept of certain WinAPI-functions is WPE Pro. Perhaps, many of you heard about it at the different forums devoted to online games for receipt of benefits in different games this sniffer in most cases and is used. It carries out the task perfectly, however it has one unpleasant shortcoming — he is not able to work with 64-bit applications. So left that on one of the arisen tasks I just needed to intercept packets from the 64-bit application, and I looked towards Wireshark. Unfortunately, it was not really convenient to use it in this situation — the studied application sent data to different IP addresses, every time opening new port. Pogugliv it is a little, I found out that there are no ready analogs of WPE Pro with support of x64 (if all of them are, I will be grateful for links in comments — pay attention that it is about Windows). The author of WPE Pro did not leave any contact information on the official site and in the sniffer so I made a decision to understand this question independently.
As process proceeded and that from this left, read under a cat.
2 years, 5 months ago For quite some time now the Segger firm offers the Real Time Terminal (RTT) technology for the JTAG J-Link adapters. Its essence that the program on the microcontroller can display and accept the debug information from JTAG/SWJ-DP of port as it usually becomes through UART. And then we do not need any more real debug UART. Further is slightly more detailed about opportunities of this technology.
2 years, 6 months agoYou sometime thought, what there are games which in itself are programming language? Not necessarily Turing-full, but nevertheless language. I have excellent example. Game process of Neyroshimy-6 is terribly similar on debag. Outside, of course, looks as strategy, but inside? it, debugging, native.
Look here at this picture from life of fighters of Heathlands.
Counters with 20/20? these are the command centers which have remained two? these are counters of fighters with near attack in the direction of triangles at the edges. So far everything is simple? the blue robot with knives beats the yellow cowboy, and the cowboy beats on blue komtsentr. Let's complicate stack and we will start compilation.
2 years, 6 months ago
The framework of Qt provides quite good development tools? IDE Qt Creator entering it includes the designer, debugger, profayler and other convenient things. Unfortunately, even with all this it is sometimes not really clear why application in data the moment looks as looks: something it is not visible, something looks not as it was expected, somewhere the improper type size or the incorrect picture.
And such tool in the world of Qt has appeared! Meet? GammaRay, means of introspektion of applications on Qt. GammaRay understands that such Qt of what your Qt-application as in it I interact components as they look consists as events, etc. are generated and processed. Let's look that GammaRay is able.
2 years, 6 months ago
We continue cycle of articles about the terminal / sniffere by IO Ninja and we pass to consideration of one of the most advantageous parties of the new version of our product? programmability. It opens new use of such, apparently, ordinary tool as the terminal or sniffer.
Overview of architecture of plug-ins
As well as in the previous, second version of product, executable files of the third IO Ninja version contain only framework of necessary components (including UI widgets, the engine for logging and classes for work with IO, such as io.Socket, io.Serial, io.PCap, etc.). The logic of work with specific transports contains in the plug-ins written in the Jancy language. These plug-ins lie in the selected folder? scripts? in the form of source codes are also available both to acquaintance, and to editing by users.
In the previous part have sorted and have removed the first layer of defense of malware. Have made process dump after interpretation of the master code, having saved it in separate executable file. Time has come to deal with logic and semantic loading of Downloader'a.
In the previous article we have sorted as the reverse engineering can help with obtaining any advantages before other users. Today we will talk even about one application of the return development? correction of bugs in absence of source codes of application. The reasons to be engaged in similar things there can be the whole sea? development of the program is very long time ago thrown, and its sorets the author has not provided public / development is conducted absolutely in other bed, and authors do not have any business to bug / etc which has arisen at you, but they are integrated by common goal? to correct the broken functionality which constantly annoys you.
Well, keep to the point. There is such program, widely known in narrow circles, under the name? Govorilka?. How the author, it anything other, how explains it? program for reading texts by voice?. In fact, so it also is. By means of it the set popular and not really by video, raprostranivshikhsya on all network has been sounded. The program has the console version under the name? Govorilka_cp?, which is convenient for causing from own applications that, actually, I also have made in one of the projects.
Unfortunately, in the course of distribution of my software quite strange moment has been found? by some machines the govorilka falls absolutely on any phrases, and falling has been caused not by my interaction with this program and most govorilky. In attempts to find out as much as possible parts about the occurring error I have found out, what on two, apparently, absolutely identical systems the govorilka behaves exactly the opposite? at one it steadily works without any errors, and for another? falls on each phrase transferred to it as argument. This situation to me has fairly cloyed, and I have decided to deal with this problem by all means.
Considering, what the govorilka was not updated some years, and the author left here such? message? on the site
, I have understood that to hope to me there is nobody, and it is necessary to solve problem most.
As process proceeded, and that from this left, read under cat (carefully, there are a lot of screenshots).
In the previous article I have told about the first acquaintance to DMA. In it we did linking of DMA + to SysTick. Article has turned out very specific and difficult, in view of inexperienced curve approach. Having accumulated experience, in this article I will tell about simpler and clear mode of work with DMA.
Wolfram Cloud shortly will leave beta testing stage, at present I spend a lot of time for making this system as it is possible better (and, it is worth noticing, it turns out really fine!). Generally I am engaged in high-level functions and strategy. But I like to control process at all levels, after all as CEO, I completely answer for all that occurs in my company. And here at the beginning of March I was submerged in what could not guess earlier in any way.
Actually, here about what the speech. As serious production system which many people will use including for business, Wolfram Cloud has to work as soon as possible. Indicators said that speed is rather good, but was purely subjectively felt that something not so. Sometimes everything was really quickly, but sometimes it seemed that all works too slowly.
In our team there are excellent programmers, however went the months and any of changes was not felt. And meanwhile we have managed to let out Wolfram Data Drop (see article on Habrakhabr? Wolfram Data Drop? new Wolfram Research service?). So I have thought why don't I carry out some tests, perhaps and to collect a little information in our new Wolfram Data Drop?