Tagged: programming Toggle Comment Threads | Keyboard Shortcuts

  • Kartik 12:29 AM on February 27, 2013 Permalink
    Tags: , , programming,   

    The programmers of tomorrow are the wizards of the future. You’re going to look like you have magic powers compared to everybody else.

    Gabe Newell, Founder and President, Valve (Source: https://www.youtube.com/watch?v=dU1xS07N-FA courtesy of code.org)
     
  • Kartik 4:09 PM on December 28, 2012 Permalink
    Tags: CSEA, , , juniors, , programming,   

    Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. Code for readability.

    John F Woods. Source: https://groups.google.com/d/msg/comp.lang.c++/rYCO5yn4lXw/oITtSkZOtoUJ (With special attribution to two juniors who posted this on homepage of CSEA’s upcoming website.)
     
  • Kartik 1:09 AM on June 23, 2012 Permalink
    Tags: , , Capture the flag, , ethical hacking, , Hacking, , KaNiJe, Meetup, programming, Security,   

    A Fun Security Weekend with null and sCTF 

    I know it’s quite late to post about the last weekend when another weekend is around the corner, but couldn’t control myself as the last one was so eventful. 🙂

    It was almost 2 weeks back that I got to know about sCTF 2012. I have always wanted to learn about computer security (and the darker side of hacking), but haven’t been able to give time it to it. What followed was a quick search for team members from among my batch via FB – Nithin immediately showed interest, we pulled Jerrin in too. We quickly registered ourselves as Team KaNiJe (sounds Manga-ish right?) after calling Vinod Pathari Sir and convincing him to become our mentor.

    We were handed over the first set of questions for Round 1 via email. What I liked most about sCTF and its organizers was that they focused on being newbie friendly and were maintaining a decent level of quality with the contest. This was demonstrated in the Round 1 (christened – Learning Round by them) questions. They ranged from basics like installing VirtualBox, learning basics of PHP and SQL, and going up to buffer overflow exploits and reverse engineering. The sets of tasks were many and very few days with us – June 16 was the deadline. During this period I enjoyed hacking the basic missions at hackthissite.org, learnt a lot about iptables – default linux kernel firewall, buffer overflows, etc. I also went through my study report prepared for my Networks course assignment on common networking tools like ping, ssh, traceroute, ifconfig, netstat, wireshark, etc. to recall useful stuff and then tried to familiarize myself with the ethical hacking parlance using the suggested flashcards.

    I also happened to attend null Bangalore’s monthly meetup on Saturday (16th) and, need I mention, this was THE best community meetup I have ever attended! I got to learn basic SQL injection, some JavaScript obfuscation techniques and some memory forensics basics, the last one was arguably the best session in the meetup. Through the meetup I got in touch with an MCA alumnus from my college – Shruti (who apparently knew me by name already) and then enjoyed a buffet at a nearby restaurant with her friends (a gang of 6 white-hat hackers!). I was astonished to discover a whole new (for me) world of security professionals in India and how deeply they enjoy their work. This will definitely keep me interested in security area for a while, more so because I will be taking Vinod Pathari Sir’s elective on Computer Security in the coming sem. Sadly, I was unable to attend BangPypers June Meetup due to approaching deadline of sCTF’s first round.

    Earlier, on 15th night, we had divided the tasks among ourselves with 2 sections for each. On 16th afternoon, Jerrin and me met at CIS to finish up our submission for the first round, Nithin was collaborating from his home at Trivandrum. We had about 3 hours remaining for the deadline and I was yet to start on my sections (the lazy procrastinator that I am; and there had been a confusion about extension of deadline to add to my procrastination). My sections were Part 2 (mysql, apache, hardening, log file, php log file etc) and Part 4 (secure coding, attacks). Given my experience sysadmining for about past three years, it didn’t take me more than an hour to finish up the first section (of course, there were new things to learn as well). The other section was more of a problem with the time constraint but I managed to do most of it. Just near the deadline of 7 pm we submitted our partial solutions (the poor reverse engineering section was left blank completely!) and parted for the day.

    The next day was the second round (also online), scheduled from 10am to 4pm and which along with round 1 would decide our qualification for the finals. I reached CIS at 10 and logged in to the contest portal, Jerrin joined in soon and Nithin too remotely. There were questions divided into multiple sections – Crypto, Web, Binary, and Trivia. We got a good lead in the beginning when Nithin solved the first two in Binary section. I started with Trivia and found it fairly easy (Google was our assistant for that section 😉 ) in the beginning, but really got stuck at two questions in that section. Jerrin was solving Crypto questions one by one. The fun part was that all the teams and organizers were connected together with irc. We could ask doubts from them and they kept us entertained with their irc bot, live announcements of score board, and poking fun at each other and us. So, after a while I discovered that organizers had done a minor mistake which led to our advantage (I managed to finish those nasty 2 remaining Trivia questions) and put us on top for a while on the rankings. The next 2-3 hours were spent struggling on remaining questions with little progress and we ended up at rank 5 among the total 18 teams that were present.

    Two days later, we were informed via mail that we had qualified for the finals! And that we were fully sponsored to attend the first International Conference on Security of Internet of Things to be held from August 16 to 19 at Amritapuri campus. The final round of the contest will be held on Aug 20 after the conference. I was overly excited because I was not aware that we were eligible to attend the conference just by qualifying for the finals. According to Vinod Sir it will be great to listen to Ross Anderson who is speaking at the conference. Looking forward for a great experience at our first academic conference (and lots of learning in the field of security to prepare for the finals). 🙂

     
    • bithin 10:04 PM on June 23, 2012 Permalink | Reply

      Nice to hear that you enjoyed the contest 🙂 Thanks a lot 🙂

    • pprahul 11:56 PM on June 23, 2012 Permalink | Reply

      Great experience ah man!! Awesome!!

  • Kartik 10:12 PM on June 13, 2012 Permalink
    Tags: , , , , , , hardware hacker, , Open Hardware, programming, ,   

    (Bangalore) Summer of ’12… with BeagleBone 

    BeagleBone

    This post will be slightly long. Lots of exciting things happening over a Bangalore summer this year for me. 😀

    Somehow I always wanted to learn more about hardware and with a mentor like Khasim the road seems a lot more exciting. I first met him when he came to conduct a workshop on BeagleBoard during Tathva 2009 at my college – NIT Calicut. I was just a fresher then and have since regretted that I could not attend that workshop completely (due to my participation in various CS related competitions).

    Well, life took strange turns and I along with friend Jerrin landed up in Bangalore and got to hack together on a BeagleBone (a low-cost, high-expansion hardware-hacker focused BeagleBoard). We initially learnt the very basics of working with a board like this using the serial output on UART console (and discovered that we couldn’t proceed further until R219 was plucked out, thanks to another mentor Mr. Satish Patel from Khasim’s team; fiola on #beagle channel on freenode was a great help in troubleshooting as well), then there was Starterware which enabled us to experiment with blinking LEDs and other small programs for Bone.

    I then learnt how to read a schematic using the great book by Barr & Massa which Amarjit Singh suggested (now I will recommend this book, Programming Embedded Systems, as a TO-READ if you want to learn basics of embedded systems programming) and tried to understand the schematics of BeagleBone (rev. A4). I was able to identify how various components on the board connect to the processor and the direction of data flow among them and to understand how simple things like power reset, user LEDs, SDRAM, USB host & connector, microSD and expansion slots interact with the CPU.

    Exploration of the design specifications of the board with some details about each external peripheral present on the board from the BeagleBone System Reference Manual followed. I even tried to read ARM335x datasheet and Technical Reference Manual to extract useful information (like memory locations of on-chip peripherals, handling of interrupts at CPU level, etc.) – datasheets are HUGE documents! Using this data, referring the book by Barr & Massa and taking help from Starterware example programs I was able to write my (own) code from scratch for blinking an LED on BeagleBone as a pure learning exercise – believe me it was total fun (no matter however it may sound in this post)!

    Just today, I got my hands on Microchip’s Accessory Development Starter Kit for Android (pictured below). I will be using this to understand the ins and outs of Android’s Open Accessory Protocol and try to port the firmware on BeagleBone such that it could be used as an ADK platform as well. Lots of learning, fiddling with USB APIs, Android hacking, and of course embedded C programming to follow next (and I am up for the game!).

    Here are some pics of the awesome things I am playing with these days (click on image for larger view):

    I will try to regularly post about my progress here and yes, there is a lot more I have to say about this Bangalore Summer, but some other post, some other time. 🙂

    Ciao

    k4rtik

     
    • appu sajeev 10:30 PM on June 13, 2012 Permalink | Reply

      from where did u buy the beaglebone?

    • Sajjad Anwar (@geohacker) 12:16 AM on June 14, 2012 Permalink | Reply

      Yay! Super excited to know that you are enjoying your time in Bangalore! Good luck 🙂

      • Kartik 12:45 AM on June 14, 2012 Permalink | Reply

        Thanks. And it’s because of you and so many other people I am meeting here in Bangalore. 🙂

    • Pranav 9:50 AM on June 14, 2012 Permalink | Reply

      Awesomeness 😀

    • Pramode 10:02 PM on June 15, 2012 Permalink | Reply

      Have fun hacking the BeagleBone (and other stuff)!!

      • Kartik 10:06 PM on June 15, 2012 Permalink | Reply

        Yes, loving it.
        And this time I would really love if you could visit our campus for a workshop on hardware hacking. We two would be able to assist too. 🙂

  • Kartik 8:40 AM on February 12, 2012 Permalink
    Tags: , , , , , , , , , programming, ,   

    Control All Computers in a Lab from a Single System 

    Quoting Dhandeep, our super-cool lab-admin:

    now , all 70 systems in the lab can be switched on and switched off by single commands from the hostel…

    Yes, that and a lot more is possible in our Software Systems Lab now. How? Read on…

    The Setup

    We have over 70 systems with Ubuntu 10.04 LTS installed on them. There is an administrative account (let’s call it admin for this post) and a guest (limited privilege) account on each. Needless to say, admin password is known only to admins and guest password is known to all who use the lab. All these systems are configured to be able to controlled remotely (read: OpenSSH server is installed on each).

    Basic Idea

    1. Log in via SSH without a password
    2. Write your desired command and run it in background
    3. Run the above in a loop for the lab’s subnet.

    Detailed Steps

    See Tips for Remote Unix Work (SSH, screen, and VNC) for the first step (and for more immensely useful tips on remote usage of *NIX systems).

    For Step 2, here is one example command:

    ssh -t admin@labsystem "echo  | sudo -S shutdown -h now" &

    In the above command labsystem is usually replaced with an IP address like 192.168.xxx.xxx and the <pass> with the password of the admin account.

    WARNING: it’s not suggested to use the above command out in the open to save the password from prying eyes; also note that for additional security, you need to take a measure to make sure this is not saved in bash history or if the command is in a script, it’s not accessible to others.

    The requirement of ampersand at the end depends on particular usage (if you want to run, let’s say,  uptime command over ssh, you would not want the output to go to background, or you can redirect the output to some file). Putting the process in background, in this case, will help in the next step.

    The -S switch for sudo makes it possible to supply the password via stdin (we had discovered this switch from sudo’s man page, but didn’t manage to conclude “echo pass |” will do the trick until we discovered it at StackOverflow)

    Step 3: use your favorite scripting language (bash, python, etc.) and run the above command for all the systems of your lab subnet. An example in bash:

    for ip in {101..180}
    do
    	ssh -t admin@192.168.xxx.$ip "echo  | sudo -S shutdown -h now" &
    done
    

    The above code snippet will run the desired command for all systems in subnet within the IP range 192.168.xxx.101 to 192.168.xxx.180. Now, you can clearly see how putting the process in the background will help – the next iteration of the loop need not wait for the command in previous iteration to finish!

    In the passing, here’s a small video I shot featuring Dhandeep when he got all excited to see this working:

    That’s it. Try this out, share your tricks and have some *NIX fun in your lab. 🙂

    PS: I have not covered how systems can be switched on with this setup. It basically involves broadcasting a magic packet to the subnet. Hope Dhandeep comes up with a blog post on that soon. 😉 Here it is: On the push of a button..

    Ciao

    Kartik

     
    • firesofmay 8:53 AM on February 12, 2012 Permalink | Reply

      Sweet! I love it! 😉

    • Amarnath 8:54 AM on February 12, 2012 Permalink | Reply

      Interesting. But, I think you forgot to mention the important prerequisite for doing this task. Don’t you need to generate public keys for all machines to be controlled and pass it to the central control node? I believe only this would help in password-less remote login via SSH.

      Indeed Dhandeep seems to be pretty excited about it. 🙂

      Cheers

      Amarnath

      • Kartik 10:03 AM on February 12, 2012 Permalink | Reply

        Thanks for your comment Amarnath.

        Indeed, that is necessary and is mentioned as the first step. But instead of describing the whole process myself I chose to point to a good resource (Tips for Remote UNIX Work…) for that kind of setup. You missed out perhaps. 😉

    • Lokesh Walase 5:41 PM on February 12, 2012 Permalink | Reply

      Awesome !! 🙂

    • Imran 11:04 PM on February 13, 2012 Permalink | Reply

      You can use puppet to design more efficient system which gives you more flexibility in automation

      • Kartik 12:56 AM on February 14, 2012 Permalink | Reply

        Yeah, that’s right. I have that in my to do list to learn soon. 🙂 Though, I am not aware if it works for normal desktop systems too.

  • Kartik 10:31 PM on February 28, 2011 Permalink
    Tags: , , , , , programming,   

    Building a Modern Computer in 12 Steps – A Perfect Elective Course for Sem 3 of CSE 

    Just watched this Google Tech Talk on From Nand to Tetris in 12 steps by Shimon Schocken introducing a course he developed along with Noam Nisan:

    A must watch for all CS faculty of hardware, algorithms and systems.

    The course covers 12 projects to be done over a single semester covering building everything from basic logic gates to computer architecture, and from machine language to an operating system starting from a False and a NAND using a custom HDL. This led me to think over how wonderful it would have been if we had this course in our curriculum in the last sem. Here are my observations over some of the projects:

    • Elementary Logic Gates, Combinatorial Chips and Sequential Chips – perfect alternative for our Hardware Lab course, which never led to any real learning (only frustration in trying to get all that mess of little wires and chips on a bread board to work correctly). We even get to built an ALU in the 2nd project and memory in 3rd project.
    • Machine Language and Computer Architecture – ideal introduction to our Computer Organization course of this semester. Learning to create a simple assembly language (before diving into MIPS assembly) and a simple enough architecture using our own ALU created in 2nd project (before trying to by heart more complex MIPS architecture) would have added motivation for the 4th semester CO course.
    • Assembler, Virtual Machine, Programming Language, Compiler, Operating System – taught in still higher semesters here (5th and 6th) but it would have been so good to get an initial idea about all these before actually getting into the depth of these core areas of Computer Science making them more interesting to learn in the process.

    I always used to wonder how logic gates could be the basic elements of a computer, or how flip flops could form memory, or those 1’s and 0’s connect the hardware and software together. The whole course provides a deep insight on the functioning of a computer, letting one connect all those dots together and learn how they work together to form a wonderful machine. The course emphasizes on how abstraction (which many may call the core idea of engineering especially in circuit branches) can do wonders.

    I have already placed an order for my copy of The Elements of Computing book 3-days back, expecting to receive it on this Thursday and have plans to spend some time of the summer vacations doing projects from this course.

    Few links:

    EDIT (2011-03-08): Told about this course to Paleri Sir, got another perspective about this: it may lead students to underestimate the complexity of these sophisticated machines called computers. My take is that it will depend on the instructor and how she carries the course to make pupils understand and appreciate the sophistications involved in designing a real system.

    EDIT (2013-04-12): Updated link to course website.

     
    • Ershad K 10:45 PM on February 28, 2011 Permalink | Reply

      Wonderful 🙂 Thanks for sharing the info.

    • pramode 8:57 PM on March 9, 2011 Permalink | Reply

      Happy to know that more people are getting to know about this very interesting course!

      • Kartik 9:28 PM on March 9, 2011 Permalink | Reply

        Yeah, me and Ershad even bought the book to do these projects.

  • Kartik 3:48 PM on February 10, 2011 Permalink
    Tags: , , , programming,   

    Input/Output using Text Files Without Diving into File Handling 

    It’s quite easy to use text files as input source or to redirect the output of programs to files if you happen to do programming on a unix/linux terminal.

    Let’s take an example of a usual random number generator:

    // random.c
    #include <stdio.h>
    #include <stdlib.h>
    int main ()
    {
            int i, count=99999999;
            for (i = 0; i < count; i += 1)
                    printf("%d\n", (int)random());
    
            return 0;
    }
    

    Let’s generate an executable by the name random.out for this program:

    gcc random.c -o random.out

    Then, to redirect it’s output we can use output redirection offered by the bash shell (tip: reduce the value of count in the code above if you don’t want to generate a 1 GiB file and waste both time and disk space):

    ./random.out > randout.txt

    The > (greater than symbol) redirects the standard output to the file named randout.txt.

    To use a file as input source, the < (less than symbol) is used, e.g.:
    ./quicksort.out < randout.txt

    You can also combine both redirections:
    ./quicksort.out < randout.txt > sortedfile.txt

    Another nifty concept is pipelining (or piping), which can be used to redirect output from a program as input of another, for example, to generate random numbers on fly and feed them to my quicksort program I can do:
    ./random.out | ./quicksort.out > sortedfile.txt

    In the above, input source files is not specified as required number of inputs are taken directly from random program. | (vertical pipeline symbol) enables this functionality.

    The program which you create for using these text files should just be able to receive the input and return the output separated by newline characters. Using a for loop for taking definite number of inputs is preferred.

    See also: Redirection on Wikipedia

    Don’t hesitate to leave a comment if this post helped you.

    EDIT (2011-02-24): Got into trouble while using this method for taking input in my DSA lab last week. Apparently this works only if the for loop for taking input does just that – input iteratively in an array – and nothing else. While calling insert function in a binary search tree implementation along with the scanf inside the input loop lead to weird input to the program. File handling seems to be the only solution in this situation. Though if you find any explanation for this behavior of bash shell, please do share in the comments.

     
    • K Dinesh 7:08 AM on February 17, 2011 Permalink | Reply

      Hi there !

      You can as well do this without writing a C program. There is a variable called RANDOM defined in bash enviornment that gives you random numbers between 0 and 32767. This variable keeps changing.

      So just a shell script that for loop doing echo $RANDOM can be used instead of the C program.

      Enjoying your posts. Keep posting. 🙂

    • Kartik 6:50 PM on February 19, 2011 Permalink | Reply

      Thanks a lot for posting your comment Dinesh. 🙂

      I will surely give a try to the method you suggested. However, it is limited to a small range of numbers, and in my case I was trying to play with over a million numbers.

      • K Dinesh 7:16 AM on February 27, 2011 Permalink | Reply

        Once you have a random source you can create any range of random numbers. For eg: you can do
        expr $RANDOM \* $RANDOM.

        • Kartik 8:38 AM on February 27, 2011 Permalink

          Wow! That’s nifty. Thanks for the tip. 🙂

  • Kartik 8:37 PM on January 20, 2011 Permalink
    Tags: , , programming   

    Discovered today the only two subjects I am really liking in my 4th sem of BTech:
    1. Data Structures and Algorithms – no attendance, low strength, more discussion possible in Sudeep Sir’s class
    2. Computer Organization – I think I was always more inclined towards hardware and internals of computer system, assembly language programming comes as a bonus part with this course

     
  • Kartik 10:04 AM on January 14, 2011 Permalink
    Tags: , programming   

    Just installed QtSpim – the latest version of SPIM MIPS Simulator, hope to do start with some assembly coding soon.

     
  • Kartik 9:46 AM on October 25, 2010 Permalink
    Tags: , , , programming, ,   

    First Hands-on with Assembly Language Programming 

    I always wanted to learn assembly language programming. I had never tried do it myself and was disappointed to know that it was not there in our Logic Design course this semester (this because it was mentioned in the syllabus and I had taken pains to find good books on assembly from the library and get them issued, just to return them after learning that the syllabus for the course was too less compared to what was given on the department’s website).

    But today Murali Sir gave a lecture on Compilation of Expressions in Program Design course, which somehow, to my astonishment, reached assembly language programming. I was delighted. In the class, a simple input n, input n integers and print their sum program was done which was enough to demonstrate most of the features of the instruction set of the Simple Integer Machine we were following.

    As soon as the classes were over, I read the Description of the Target Machine (SIM) and downloaded the simulator. The tar file seemed to contain some source files and I had no idea what to do with them. Then, thankfully, I found a makefile among the files. The next steps seemed clear to me. Here are the steps I followed to run my first assembly code:

    Please note, I am using an Ubuntu 10.04 32-bit machine.

    • As a first step to compile the simulator, I installed build-essential, bison and flex packages using apt-get.
    • It gave some crude warnings but an executable named sim was generated.
    • Then after trying out some simple commands, I wrote the full fledged program we did in class earlier today. Here’s the code:
      START
      IN R0
      MOV R1, 0
      L1: JZ R0, L2
      IN R3
      ADD R1, R3
      DCR R0
      JMP L1
      L2: OUT R1
      HALT
    • I saved this file as first.asm
    • Then the only step remaining was running the code, for which I did a ./sim first.asm

    And I am a proud assembly programming newbie now.

    Resources:

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel