Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - kanen

Pages 1 2 3 4
#41
newLISP in the real world / C XML parser to newLisp
December 02, 2010, 11:39:24 AM
NewLispers,



I have a documented C XML parser which reads a Simple XML file and writes out some files for network interfaces on BSD systems. It's for the network security product I am creating.



The C code works perfectly, but I'd like to port the C code to newLisp.



I do not have the time to personally do this and I am having trouble finding someone who can do this properly.



I thought I'd reach out to the experts (you guys) and see if anyone wanted to tackle this short project.



Contact me if you are interested. It does not pay, but it could lead to more (paying) work in the future and you would be seriously helping my project.



Also, in the future, the source will be made public, so you'd get credit for some real-world newLisp code implemented in a running system. Good for the resume, at least. ;)
#42
newLISP in the real world / Make LISP faster than Python, etc
August 30, 2010, 10:14:16 AM
Interesting...



http://postabon.posterous.com/make-lisp-15x-faster-than-python-or-4x-faster">http://postabon.posterous.com/make-lisp ... -4x-faster">http://postabon.posterous.com/make-lisp-15x-faster-than-python-or-4x-faster
#43
Dragonfly / Dragonfly and Lighttpd?
July 27, 2010, 08:04:37 AM
Anyone have a suggestion for getting web pages working with Lighttpd and Dragonfly?



In the case of PHP, it's pretty easy.
Code Select
fastcgi.server = ( ".php" => ((
                     "bin-path" => "/usr/bin/php-cgi",
                     "socket" => "/tmp/php.socket"
                 )))

But, Dragonfly has me wondering what the best approach would be to make this happen.



I've read through the parts of Dragonfly which talk about setting up Apache, but -- obviously -- Lighttpd is a bit different.



Put another way -- Does anyone have an example lighttpd.conf file that works with Dragonfly.
#44
newLISP in the real world / SBCL to newLISP
June 28, 2010, 08:46:00 PM
Can someone help me translate the following SBCL (or Common Lisp) script to newLISP?



I'm presenting at a conference and interested in showing benchmarks between a bunch of different languages (including some Lisp, Scheme, Python, C, etc).
Code Select
; sbcl lisp version by mandeep singh

(declaim (optimize (speed 3)))

(defconstant +BAILOUT+ 16)
(defconstant +MAX-ITERATIONS+ 1000)

(defun mandelbrot (x y)
  (declare (type single-float x y))
  (let ((cr (- y 0.5))
        (ci x)
        (zi 0.0)
        (zr 0.0))
    (declare (type single-float cr ci zi zr))
    (do ((i 0 (incf i)))
        (nil)
      (let* ((temp (the single-float (* zr zi)))
             (zr2 (the single-float (* zr zr)))
             (zi2 (the single-float (* zi zi))))
        (declare (type single-float temp zr2 zi2)
                 (type fixnum i))
        (setq zr (the single-float (+ (- zr2 zi2) cr)))
        (setq zi (the single-float (+ temp temp ci)))
        (if (> (the single-float (+ zi2 zr2)) +BAILOUT+)
            (return-from mandelbrot i))
        (if (> i +MAX-ITERATIONS+)
            (return-from mandelbrot 0))))))
(defun main ()
   (let ((tstart)
   (tfinish))
     (setq tstart (get-internal-real-time))
     (do ((y -39 (incf y)))
    ((= (the fixnum y) 39))
       (format t "~%")
       (do ((x -39 (incf x)))
      ((= (the fixnum x) 39))
    (let ((i (mandelbrot (the single-float (/ x 40.0))
               (the single-float (/ y 40.0)))))
      (declare (type fixnum i x y))
        (if (zerop i)
            (format t "*")
            (format t " ")))))
     (format t "~%")
     (setq tfinish (get-internal-real-time))
     (format t "SBCL Elapsed ~,2F~%"
      (coerce (/ (- tfinish tstart) internal-time-units-per-second) 'float))))

(progn
 (main)
 (quit))
#45
newLISP in the real world / Big XML Mess (help)
June 22, 2010, 11:16:31 AM
newLISP experts,



I'm having real problems finding data in the CAPEC XML document. ( http://capec.mitre.org/data/xml/capec_v1.5.xml">http://capec.mitre.org/data/xml/capec_v1.5.xml )



I've read through everything on the forums and I've tried a bunch of things, but I seem to only be able to dig into the XML if I know what field I'm looking for... and, even then, it's a nightmare to parse.



I feel like I'm missing some obvious way to do a lookup, but I just can't get there...



My code:
Code Select
(context 'Xml)
(define (Parse xml-string)
  (xml-type-tags nil nil nil nil)
  (set 'rtn-xml (xml-parse xml-string (+ 1 2 4) 'CAPEC)) )

(set 'capec-file (read-file "http://capec.mitre.org/data/xml/capec_v1.5.xml"))
(set 'capec-xml (read-file capec-file))
(set 'capec (Xml:Parse capec-xml))


I can run:
Code Select
(println (lookup "Attack_Pattern_Catalog" capec))

... and I get the whole XML structure as a big fat list.



Now, If I run:
Code Select
(set 'capec-categories (lookup "Attack_Pattern_Catalog" capec 2))
(println capec-categories)

I get some XML that seems to make sense, but I still need to be able to reference everything properly. The CAPEC XML structure is just a nested freaking nightmare (as you can see above).



Is there any way to grab one of the items using (lookup <item-name> capec) or is there something else I need to start thinking about? Is there a better way to structure the XML into an assoc or list so I can walk through it or do a lookup in a meaningful way?



Lutz commented to me and said,
Quote from: "Lutz"'lookup' is for one-dimensional flat association lists. Use 'ref' or 'ref-all' they search through deeper nested lists and return and index vector of the element found.



You can then 'chop' off the last index or two to get the bigger enclosing association list.



Start with a smaller example to see how it works.


So, my question is, "Has anyone dealt with XML this complicated (and nested) and do you have an example of how to interact with that XML in newLISP?"



I'd love to see some examples that work better than what I'm dealing with right now... :)
#46
newLISP in the real world / newLISP web server with SSL
June 16, 2010, 12:08:03 PM
Is it possible to run newLISP as a web server and have SSL working? So far, I've only been able to figure out http requests (easy!), but https eludes me.



DragonFly? Crypto? Something else?



Any suggestions, or am I stuck running Apache or Lighttpd or similar to make this happen?
#47
newLISP newS / Hacker Halted 2010 Conference
June 12, 2010, 01:07:02 AM
If anyone cares about such things; I was invited to speak at Hacker Halted 2010 ( http://www.hackerhalted.com">http://www.hackerhalted.com ). I'll be giving a talk called "Weaponizing LISP" where I specifically go through about 10 examples of using newLISP to do port scanning, OS detection, sniffing, scanning and a bit more.



This is one of six conferences I'm speaking at this year. At the other conferences, I'll be discussing kane|box. Obviously, I'll be pimping newLISP like a madman as well. :)



Anyway, just sharing...
#48
newLISP newS / カネ|BOX WHITE PAPER & DOCUMENTATION
May 15, 2010, 06:59:04 PM
A pre-release of the カネ|BOX WHITE PAPER & DOCUMENTATION is available at http://www.kane-box.com">http://www.kane-box.com or at http://www.lifezero.org">http://www.lifezero.org (always the latest pre-release version).



I am sharing this because:



a) It's fun

b) I want feedback

c) カネ|box was written entirely in newLISP



Feel free to send me your comments or to simply ignore this post. :)



Thanks.



P.S. Cormullion has already provided feedback on a previous version. Thanks for that!
#49
newLISP in the real world / Show all contexts?
May 06, 2010, 11:42:41 PM
I am certain this has already been answered somewhere, but... I cannot find the answer.



How would one go about listing all the contexts one has created?
#50
newLISP in the real world / Fast find, between two numbers, in a list
May 02, 2010, 07:57:13 PM
I have a very large list, over 100,000 entries.



It's in the form: ("name" number1 number2)



I'd like to take a value and find the "name" that occurs between the two numbers.



For example;



("kanen" 100 200)



Such that, the number 150 would fall within the above range and return "kanen"



I've tried several different approaches, but non of them are fast enough.



Any ideas?



[edited to add helpful example]
#51
newLISP in the real world / (save) is SLOW
April 25, 2010, 01:13:19 PM
Using (save) is very, very slow for some reason. (load) on the other hand, is quite fast.



I understand (save) is doing slightly more work in the following example, but the speed difference is staggering. And, for large lists... the speed difference makes me want to use (write-file) and do conversions, because (save) is unbearable.



Take the following example:
Code Select
(println (date) "-Creating sequence with 1000000 entries")
(set 'seqx (sequence 1 1000000))

(println (date) "-Pushing sequence to list")
(dolist (x seqx)
   (push x foo -1)
)

(println (date) "-Saving list as foo.lst")
(save "foo.lst" 'foo)

(println (date) "-Writing the list as foo.txt")
(write-file "foo.txt" (string foo) )

(println (date) "-Finished")
When run, it produces this output:
QuoteSun Apr 25 15:07:15 2010-Creating sequence with 1000000 entries

Sun Apr 25 15:07:15 2010-Pushing sequence to list

Sun Apr 25 15:07:16 2010-Saving list as foo.lst

Sun Apr 25 15:07:43 2010-Writing the list as foo.txt

Sun Apr 25 15:07:46 2010-Finished


  • Creating the sequence - 1 seconds

    Pushing the sequence to a list - 1 seconds

    Saving the list (save) - 27 seconds

    Writing the list (write-file) - 3 seconds


And, this gets exponentially longer the greater the size and depth of the list I am saving.
#52
newLISP in the real world / append demands a string
April 21, 2010, 01:25:22 PM
Most of newLISP is forgiving, not so with append.
Code Select
newLISP v.10.2.4 on Linux IPv4 UTF-8, execute 'newlisp -h' for more info.

> (set 'foo 4)
4
> (println "foo is: " foo)
foo is: 4
4
> (println (append "foo is: " foo))

ERR: string expected in function append : foo
> (println (append "foo is: " (string foo)))
foo is: 4
"foo is: 4"
>
>

I consider this behavior to be inconsistent with the rest of newLISP's variable handling. Is it just me?
#53
newLISP in the real world / (parse) oddness
April 20, 2010, 01:39:54 PM
I have a problem, where parse is returning an extra item.



I have attached code for this problem, with comments.
Code Select
;; sites-sm.txt
[text]
;; copy below to sites-sm.txt
1  google.com
2  facebook.com
3  yahoo.com
4  youtube.com
5  live.com
6  wikipedia.org
7  blogger.com
8  baidu.com
9  msn.com
10 yahoo.co.jp
[/text]

(set 'sites (parse (read-file "sites-sm.txt") "n"))
;; ("1tgoogle.com" "2tfacebook.com" "3tyahoo.com" "4tyoutube.com" i
;; "5tlive.com" "6twikipedia.org" "7tblogger.com" "8tbaidu.com"
;; "9tmsn.com" "10tyahoo.co.jp" "")

(println "Sites has " (length sites) " entries") ; ->
;; Sites has 11 entries

(println (slice (sites 0) (+ 1 (find "t" (sites 0))) ) )
;; google.com

(dolist (x sites)
   (println (slice x (+ 1 (find "t" x)) ) ) )
;; prints: google.com ... yahoo.co.jp
;;
;; ERR: value expected : (find "t" x)

(exit)
As you can see, parse returns everything in the file, plus an extra "" item in the list.



This causes everything from the parse to start failing, for various reasons.



* 11 items, when there are only 10 in the list (or, should only be 10)

* The dolist fails on the "" item, because there is no "t" character to find



Obviously, I can correct this with something like:
Code Select
(dolist (x sites)
   (if (> (length x) 0) (push x newsites))
)  
(set 'sites newsites)


I feel like I am missing something fundamental here, but in my mind, adding this extra list item, with a blank list, seems like a bug or a failure. Can someone help me understand this issue clearly?
#54
newLISP in the real world / More sniff.lsp woes...
April 19, 2010, 01:52:11 PM
Without sounding like I am complaining about it... sniff.lsp has given me nothing but trouble. I suspect I will have a complete rewrite of this code by the time kane|box is released.



As you know, I added pcap_open_offline so I could open pcap files instead of sniff traffic, which allows me to better control testing with known packets and files.



Today's problem;
Code Select
$ newlisp src/sniff.lsp captures/tcp-scan.pcap
device: captures/tcp-scan.pcap

--- 1---  from ether addr: 00:30:0f:33:40:00 to: 02:00:00:00:45:00

ERR: value expected in function * : TH_OFF
called from user defined function report-packet

Yet, tcpdump handles this perfectly (or, as perfectly as tcpdump can);


Code Select
$ tcpdump -ttttnnr captures/tcp-scan.pcap

2007-09-25 15:42:04.819943 IP 10.0.23.109.3574 > 80.237.98.132.2675: Flags [S],
seq 1439989931, win 65535, options [mss 1356,nop,nop,sackOK], length 0
2007-09-25 15:42:04.819979 IP 10.0.23.109.3547 > 80.237.98.132.1319: Flags [S],
seq 1043408690, win 65535, options [mss 1356,nop,nop,sackOK], length 0
...


The file in question is here: https://www.openpacket.org/uploads/0000/0029/tcp-scan.pcap">//https://www.openpacket.org/uploads/0000/0029/tcp-scan.pcap



Also, Wireshark has no problems reading this capture.
#55
newLISP and the O.S. / sniff.lsp "Core Dump" on 10.2.4-dev
April 19, 2010, 10:37:51 AM
Yep.


Code Select
$ newlisp sniff.lsp wlan0
Segmentation fault (core dumped)

I ran another program (sniffex.c) which I compiled after this happened and it runs just fine.



Something is broken in newLISP 10.2.4. Anything you need from me to help find and fix this issue?



Thanks.


QuoteLinux openkane 2.6.32-21-generic #32-Ubuntu SMP Fri Apr 16 08:10:02 UTC 2010 i686 GNU/Linux

[54933.260075] wlan1: associate with AP 00:23:69:66:e7:d6 (try 1)

[54933.263904] wlan1: RX AssocResp from 00:23:69:66:e7:d6 (capab=0x401 status=0 aid=5)

[54933.263918] wlan1: associated
#56
newLISP in the real world / Web Crawler
April 15, 2010, 01:57:20 PM
Has anyone written a web crawler in newLISP?



I have looked, but cannot find such a beast.



Any pointers would be greatly appreciated.
#57
newLISP in the real world / util/link.lsp (and modules)
April 15, 2010, 01:41:44 PM
I love the ability to create a binary using link.lsp


Code Select
(load "util/link.lsp")
(link "/usr/bin/newlisp" "my-app" "my-app.lsp")

However, I want to be able to link all my sources (i.e. the modules I have written) into the same binary, so   the binary doesn't have to load them from source files.



Inside my-app.lsp


Code Select
(load "modules/foo.lsp")
(load "modules/bar.lsp")

Aside from appending all my source code together, so the modules (and contexts) get crammed into the same link'd binary, is there a way to do this that I am overlooking?
#58
newLISP newS / カネ|box
April 13, 2010, 11:45:28 PM
Or:
Code Select

(set 'promotion (append "self" "ish"))


If you do not keep up with my blog http://www.lifezero.org">//http://www.LifeZero.org (and, why would you), I just wanted to mention that I am putting together a network security tool in newLISP called カネ|box (or kane|box).



The web site is at http://www.kane-box.com">//http://www.kane-box.com.



I know many of you have strongly supported the work I did at kozoru in the past. We used (and loved) newLISP and I had a great time with Lutz and many other people, while using and implementing a newLISP product that a) actually worked and b) got a lot of press for all of us.



I am back to my "roots" -- which means hacking and network security -- and plan to release カネ|box at Black Hat / Defcon this year.



I have also applied for several other conferences to talk about the tool. I will be sure to mention newLISP along the way and hope to continue contributing to this wonderful community.



I spent a bit of time today reading through the forums and see that many of you kept up with kozoru and the newLISP work we did from 2005-2007. You were kind, generous and always helpful. I also see that quite a bit of our code made it back into either the main program or as modules. This is great and I hope to continue this trend in the future.



Thanks again for being such a great group of smart and talented people.
#59
newLISP in the real world / invoking options inside newLISP
April 10, 2010, 04:14:54 PM
I would like to be able to programmaticly change certain options, without passing them on the command-line. Am I forced to spawn a new version of newLISP to do this?



For example;



I want to check the amount of memory available for my program, then invoke:


Code Select
-s <stacksize>
-m <max-mem-megabyte>

I am also assuming, for a web server, I should simply fork a new instance of newLISP with -http <port> if I want to invoke an http server from within my code?
#60
newLISP in the real world / net-service port not service?
April 02, 2010, 04:23:36 PM
I like net-service:
Code Select
net-service
syntax: (net-service str-service str-protocol)
Makes a lookup in the services database and returns the standard port number for this service.
Returns nil on failure.
 (net-service "ftp" "tcp") --> 21


But, I would like to be able to specify a port, not a service name, and get the name back. Right now, I have code that parses the "services" file and does this.


Code Select

(net-service "" "tcp" 21)  --> ftp
syntax: (net-service str-service str-protocol port-number)
Returns nil on failure or the name of the service.


Thoughts?
Pages 1 2 3 4