Salzburg Austria

Yesterday I brought my friend to Salzburg. My friend comes to Germany for working in 3 weeks then he’ll come back to Vietnam. So I decide to spend my free time to travel with him at weekend. I would like to choose Salzburg as our destination. This is my first time to Salzburg too. I just know how to travel from Munich, Germany to Salzburg, Austria but  I really do not know where the Salzburgs Highlights are.

So I decided to search for some information in Internet. Thanks to this global net I found the homepage of Salzburg . This website is very well constructed and very informative. Through this website I chose 5 sighseeings to visit. They are:

  • Mozart  Wohnhaus
  • Mozart Geburthaus
  • Mozart Plazt
  • Rathaus
  • Festung Hohensalzburg

So now is the most difficult part of tour “How can I go to these sigh seeings without any city-map and GPS system?”. I do not intend to buy a city-map because I know it more difficult to use city-map than to use a mini-map which displays the route from point to point. And I am not an explorer as Indiana Jones so I make a hard search (not with Google) but at the site above and find a very helpful site . With the help of this site I can go to any sigh seeings with a small mini-map. So it’s now enough for traveling.

We have a group of 6 persons, so a Bayern Ticket Group + Bayern Ticket Single ( both costs 48 Euro) for traveling with bahn is a resonable choice.  It takes about 2 hour from Munich, Germany to Salzburg. And thanks God the weather is very very beautiful (at least in comparing with the weather in Munich). We have a sunny day. And we are very happy with the tour. What makes me a little ‘unhappy’ is that the ticket for the train running from the foot of the castle to the top of the castle is little expensive. 10.50 Euro for a return ticket. That means 5 Euro for one way. And it takes only 30 seconds to fly from the foot to the top. 5 Euro for 30 seconds. :). And here are some pictures I took.

SSH – Password vs. Public Key

Some days ago I’ve written a documentation to instruct how to use SSH with Bluehost. In that article, I told about 2 methods to login into SSH Server and promised that I would write a next article to compare the security between using password and using public key in aspect of security. However I found a good book about SSH. It discussed very clearly about this problem and SSH Protocol. So I decide just to extract some main idea from that book below.

Continue reading SSH – Password vs. Public Key

How to use SSH of Bluehost with Putty

Yesterday when I read a post of HVA asking about which is better when using password or public key to authorize to SSH Server. When I read this post, I remembered that I already activated SSH on my Bluehost account, but I never used it. So I decided to try to open a SSH connection in Bluehost and saw what happened when I used password/public key to authorize myself.  When I understand the communicate process, I can find out my own answer for the question above.

Continue reading How to use SSH of Bluehost with Putty

CodeVeil 3.x breaks my brain

In last days I try to break the protect theme of Codeveil 3.x. It really makes my brain break into many pieces. Although I have loaded symbol file of mscorwks and applied it to OllyDbg but I still can not find where Codeveil hooks the function and starts to decrypt IL to normal form.  I tried to set breakpoint at some interesting function such as

  • AssemblyNative::LoadImage
  • ExecuteEXE
  • LoadAssembly

But they did not help me so much. I am thinking of hooking JIT Compiler to get the original code. However I do not like this way because it is so common. And the fact that I still do not the way Codeveil protects the assembly. I just try to unpack it and do not understand how it works.

I posted my new sample crackme on Reteam to get more help from another guys around the world. This crackme was also packed with Codeveil but it can be viewed with Reflector. There are some interesting functions, for example, the two functions below.

.field compilercontrolled static uint32 $$method0x600000E-0 = ((EB 2D 00 00))
.field compilercontrolled static uint32 $$method0x600000F-0 = ((EB 04 34 1C))

These two functions just implement 2 Jump functions. But I do not where it jump to. As I guess, it will jump to a native code cave. These code cave will install a hook so that IL code can be decrypted during execute time. But when I look at this function…

private static unsafe bool $$method0x600000D-0(int ‎, int ‎)
    return (bool) *&$$method0x600000E-0(, , &$$method0x600000F-0);

In above function , the two functions combine to a call-function which makes me really crazy.  What is this function? I am now stuck with this chaos. I think I should wait for some good news from another guys. They may be successful with unpacking it.