Image of Advanced Programming in the UNIX Environment, Second Edition (Addison-Wesley Professional Computing Series)
Image of Android Wireless Application Development
Image of Modern Operating Systems (3rd Edition)
Image of XSLT 2.0 and XPath 2.0 Programmer's Reference (Programmer to Programmer)

Decrypt PROLiNK ADSL Modem Configuration File To Reveal Backdoor

I was recently asked by a friend to examine the settings on a PROLiNK ADSL2 router modem, model PRS1241B, to see if the performance of the modem could be improved as he was having trouble using it for video conferencing. PROLiNK is a brand of Fida International (S) Pte Ltd, a Singapore-based company founded in 1991, that produces a wide range of consumer technology products including a range of ADSL modems and routers. As usual, I wished to make a backup of the current user-configurable settings before modifying any user configurable settings. PROLiNK makes this an easy task to accomplish

Use 010 Editor to Obtain Header Fields From Intel Microcode Binary Files

In my last blog post, I used the well-known 010 text and hex editor (010 Editor) to examine both the documented and the undocumented header of individual Intel microcode binary blobs which I extracted from a Lenovo T450 firmware update file. I decided to see how easy or difficult it was to use the 010 Editor to output a single of header information for a group of Intel microcode blobs, i.e. all five binary blobs extracted from the Lenovo firmware update using UEFItool. This post describes my experience. Originally I hoped to be able to just write a simple 010

Examining Intel Microcode in Lenovo Firmware Updates

Recently, I decided to examine the contents of a Lenovo T450 firmware update before installing the firmware update and noticed that it included a number of Intel processor microcode updates. This blog post explores what information you can glean from these microcode updates and confirms the existence of an additional undocumented header in Intel microcode updates which was initially described by Chen and Ahn in their December 2014 paper Security Analysis of x86 Processor Microcode. Here is the contents of the latest firmware update (as of November 2016) for the Lenovo T450 laptop. It is a self extracting executable named

Nesting RHEL7 KVM on VMware Workstation 12

Recently I wished to build a Red Hat Enterprise Linux 7 (RHEL7) appliance with 2 KVM-virtualized guests. Essentially a type 2 hypervisor (VMM) on top of another type 2 hypervisor. I installed RHEL7 on VMware Workstation 12 and configured it as a Virtualization Server. It was a smooth install without any issues. However I was surprised to find that KVM (Kernel-based Virtual Machine) simply did not work at all and lsmod did not even list the KVM kernel modules. It turns out that you need to do two changes to your RHEL7 guest configuration file in order for KVM support

How to Determine Hardware Mode of Intel CPU

Consider the following output: # grep flags /proc/cpuinfo flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc pni monitor ssse3 lahf_lm How can you the maximum size of a long that can be used with this CPU? The answer is 64-bit because of the presence of the lm flag. The following flags can be used to determine the maximum size of a long for a CPU: lm – Long Mode (64 bits) tm – Protected mode (32-bit) rm – Real Mode