Zombie process cleaning script

Takes the zombie parent process id as parameter and uses GDB to waitpid them surely it'll need root.

#!/usr/bin/env bash
# Kills zombie process spawning from a parent PID

# check parameter number
if [ -z "$1" ];then
    echo "$0 <zombie parent pid>"
    exit 0
fi

# assign reasonable names to variables
ppid=$1
fname=`tempfile`

# GDB instructions
(for zpid in `ps h --ppid=$ppid|grep -P '^\s*\d+\s+[^ ]+\s+Z'|awk '{print $1;}'`;do
    echo "print waitpid($zpid, 0, 0)" # wait for each zombie
 done
 # and detach
 echo "detach") > $fname

# launch GDB
gdb -batch -p $ppid /proc/$ppid/exe -x $fname

# and cleanup
rm $fname

Getting the uploads safe

Note: ironically, the multi­u­pload service has been taken down as well.

Yesterday megaupload falled and it's not likely that it'll recover, leaving apart the ethical im­pli­ca­tions this had the anonymous response and things like that there's something clear: it's not fun to lose your uploaded files.

And yes, there was people who actually used this services to share files without copyright over the internet!, for example as a way to replace the dropbox (which uses a privative daemon), so while the megaupload issue is not specially big, it's a good alert to take pre­cau­tions. From now on, I'll opload everything to multiple continue.

Obtaining the spanish town concilor database

I found out via javibc that there's a treasury department portal with data about all spanish town concilors [ http://ssweb.mpt.es/portalEELL/con­sul­ta_al­caldes ] (you have to enter twice, first to get the cookie and get redirected to the homepage and a second to access the form :P), and after several headcaches here it is the parser and the database. [ cargos.zip ]

Note: There's a ton of in­for­ma­tion at #Freesoft­ware­an­do, in fact at the beggining the parsers used his mu­nic­i­pal­i­ties database but now they generate another one to avoid use something outside the standard python libraries.

To parse it again, first we have to continue.

All your buckets are belong to us: DOSsing PHP through associative arrays

Some hours ago I was reading /r/pro­gram­ming when I found a post about the posibility and con­se­cuences of externally forcing colisions inside the as­so­cia­tive arrays in PHP, it's something so... ¿over­whelm­ing? you have to try it to see the danger it represents, let's go.

Note: The day 28 of this month took a place a_lecture which has a lot, everything! in relation with this in 28C3, it's very in­ter­est­ing.

The danger gets worse because a com­bi­na­tion of factors which PHP groups:

  • The hash of an integer can be trivially guessed, the number itself.

  • There are some arrays the user can create at will: $_GET, $_POST y $_COOKIE.

Now imagine continue.

Link compilation

Now I'm too busy to work on the blog, here you have some links that could be in­ter­est­ing, just looking at the link it's possible to expect what awaits behind it.

Writting a brainf*ck parser with BLK

At last! at this time BLK can compile a reasonable C subset... well, ok, it needs pointers and structures in order to have something decent, but the former are picky to simulate in a in­ter­preter, and the structures are in the way. The important thing is that the general structure is more or less stable, even inside the pro­to­typ­ing branch, a con­se­cuence is that is open to any par­tic­i­pa­tion :), so let's see an example of how to write a little brainf*ck parser.

The first thing we'll do is to import the bytecode manager and prepare a constant to hold the memory size, in this case it will continue.

« Next