How to speed up your android simulator for Intel PC's by using Intel HAXM

Developing android applications on emulator is a bit painful because of slowness. There are some external solutions like using a virtualization software (VirtualBox for example) and installing x86 build of android on to it and connecting ADB to virtual machine but there if you are using intel processor and your processor has Intel Virtualization Technology (VT-X) support, you can use emulator much more (sometimes 10X) faster by the help of Hardware Accelerated Execution Manager (Intel HAXM).

Checking Requirements and Preparation

• You can check if your processor supports Intel VT-X from here (http://rk.intel.com/products/virtualizationtechnology)
• Check and enable VT-X if it is not from bios of your PC.
• From Android SDK Manager
• Download x86 atom image
• Download and install Intel x86 Emulator Accelerator (HAXM installer)

Downloading Intel x86 Atom Image

There is an android emulator image which was compiled for x86 processors which can be downloaded by Android SDK manager. Standard emulator images are compiled for ARM processors and emulator needs to convert ARM instruction codes to x86 which causes computation overhead. You can use Intel x86 Atom Image to overcome instruction convertion overhead. Starting from Android 2.3.3 (API 10) you can download corresponding image from SDK Manager.

Intel x86 Atom System Image

Downloading and Installing Intel x86 Emulator Accelerator (HAXM)

Intel has developed an installation and management software for HAXM. It can be downloaded from Intel or within SDK manager. To download from SDK manager, scroll down to the end of packages and select " Intel x86 Emulator Accelerator (HAXM)". 

Do not forget installing " Intel x86 Emulator Accelerator (HAXM)" package DOES NOT INSTALL haxm. It only download setup files for Intel HAXM. You need to install HAXM from setup file which is located under "ANDROID SDK ROOT\extras\intel\Hardware_Accelerated_Execution_Manager" folder. You can also search for"intelhaxm.exe" file under android SDK root folder.

When you start setup you should see a welcome screen like

Then configure how much memory you want to give for HAXM. 2 GB is recommended.

After installation a new service is created. You can check status, run or stop the service from command prompt by sc.exe commands:

Check service: sc query intelhaxm

Stop service: sc stop intelhaxm

Start service: sc start intelhaxm

Creating an Android Virtual Machine Using HAXM

After installing Intel x86 Atom Image and Intel HAXM you can create a much more faster android virtual machine for your development. Open Android Virtual Device Manager from Tools|Manage AVDs... under SDK Manager menu and select New 

Now select Intel Atom (x86) for CPU/ABI. If you can not find it although you have downloaded, check Target API level.

I also recommend "Use Host GPU" option to improve display performance. Now start the virtual device you created. If everything is ok you should see a message like this:

If HAXM is not working you can see from emulator start messages:

If you get these error logs, you can check status and try to start HAXM service with commands  sc query intelhaxm and sc start intelhaxm commands as mentioned before.

Happy coding..

Consuming OData services from Node applications

For one of my AngularJS SPA (single page application) projects, I decided to use OData protocol for data exchange. There are two main libraries JayData and Breeze.js as OData client and bothworks with AngularJS. After inspecting them and creating some small demo projects I have decided to work with Breeze.js. To strengthen the structure and reduce development time and bug probability, I have decided to use TypeScript for data access layer in my application. Normally JayData has a generator exe utility which generates DAL (data access layer) for angularjs using typescript

In breeze you need to code DAL yourself and it is repetitive and error-prone process which I hate. So I have decided to code a generator which will create DAL with typescript support for angularjs. Also to challenge myself, I decided to write the OData javascript DAL generator on node.js which let me publish it for public in the future.

Accessing To Metadata

Selecting the library (datajs)

To access metadata information from OData server, I searched libraries for node.js. Although there are some client libraries like https://github.com/machadogj/node-odata-cli, I could not found a complete one. The most complete OData client is datajs which is also used by JayData and Breeze in the background. There are one module to use datajs in node like https://www.npmjs.org/package/datajs but it is too old (not support V3). So I decided to create a new module to encapsulate latest version of datajs.

Problems of using datajs from node

There are some challenges about using datajs library in node.js. 

• It is designed to work on browsers.
• It does not use CommonJs api standarts.

Datajs library uses two browser services. They are:

• XMLHttpRequest for ajax requests
• DOMParser for XML operations

Fortunately node has two libraries for replacement. They are

• xmldom
• xmlhttprequest

To use them in node way, we can simply require them and access from assigned variable but datajs library uses them from window object. so we need to inject these libraries to datajs library.

datajs creates to objects to interact with OData service. These are:

• OData
• datajs

objects which are also injected to window object of the browser. So we need to find a way to provide browser services to datajs and consume OData and datajs objects from nodejs in node way.

Encapsulating datajs library as nodejs module

Datajs uses 

(function (window, undefined) {

// library content

})(this);

pattern which let us provide a custom context for the library. Now we need to support browser services to library and get its services to nodejs application.

There are two ways to bridge services between node and library.

Using require()

First way is using classic require module from node. Require creates a new module.exports contexts as root context so we can inject browser service replacements into it.

    var DOMParser = require('xmldom').DOMParser;

    var XMLHttpRequest = require("xmlhttprequest").XMLHttpRequest;

    

    var datajsExports = require('./lib/datajs-1.1.2.js');

    datajsExports.XMLHttpRequest = XMLHttpRequest;

    datajsExports.DOMParser = DOMParser;

    

    module.exports.OData = datajsExports.OData;

    module.exports.datajs= datajsExports.datajs;

Note the last two line where we bridge services created by library to our module.exports scope.

Problem is we inject XMLHttpRequest and DOMParser services after library executes. If library makes existence checks in the first run as configuration control instead of creating service objects when library is being used, our code will fail. Luckily datajs uses second aproach.

var createXmlHttpRequest = function () {

        /// 

Creates a XmlHttpRequest object.

        /// XmlHttpRequest object.

        if (window.XMLHttpRequest) {

            return new window.XMLHttpRequest();

        }

        var exception;

        if (window.ActiveXObject) {

            try {

                return new window.ActiveXObject("Msxml2.XMLHTTP.6.0");

            } catch (_) {

                try {

                    return new window.ActiveXObject("Msxml2.XMLHTTP.3.0");

                } catch (e) {

                    exception = e;

                }

            }

        } else {

            exception = { message: "XMLHttpRequest not supported" };

        }

        throw exception;

    };

Using eval()

What can we do if a library checks existence of services at configuration phase? To solve this problem, we can emulate require() in our way. There is an excellent post on stackoverflow to load custom libraries by using eval(). Problem is eval() method has no parameter to provide execution context. But with a little trick we can provide a custom context for this in library.
// Read and eval library

 var fs = require('fs');

    var DOMParser = require('xmldom').DOMParser;

    var XMLHttpRequest = require("xmlhttprequest").XMLHttpRequest;

    var scope ={

        XMLHttpRequest:XMLHttpRequest,

        DOMParser : DOMParser,

        execute:function(fileName) {

            filedata = fs.readFileSync(fileName,'utf8');

            eval(filedata);

        }

    };

    scope.execute(__dirname+'/lib/datajs-1.1.2.js');

    // access to generated services from our custom scope

    module.exports.OData = scope.OData;

    module.exports.datajs = scope.datajs;

Here we wrap eval() call in another function and call the function over a custom object. The custom object becomes the execution scope of execute function which will also be used by eval() call. Also new services created by library are attached to our custom object used as execution context. In this way we are able to inject our services before library function executes.

We can now use our new module with pleasure.

Oracle VirtualBox üzerine 64 bit Windows 7 / Windows XP kurulumu sorunu

Pentest çalışmaları ve eğitim videoları için ufak bir laboratuvar ortamı hazırlıyorum. Bu amaçla sunucu ve masaüstü olarak çeşitli sanal makinalar kuruyorum. Sıra Windows 7 x64 kurulumuna geldiğinde garip bir sorunla karşılaştım. Sağlam olduğuna emin olduğum bir windows iso'su ile sanal makinayı boot ettiğimde aşağıdaki hata oluştu.

Oracle VirtualBox'a 64 bit Windows XP kurulumu esnasında sistemin verdiği bir uyarı aslında hatanın kaynağını daha doğru söylemekte.

Sorunun çözünü sanal makina ayarlarında IO APIC özelliğini devreye almakta.

Kullanılan işletim sistemi çekirdeğine göre genelde tüm 64 bit işletim sistemlerinde APIC özelliğinin devreye alınması gerekiyor. APIC hakkında bilgi aşağıdaki linklerden öğrenilebilir.

http://msdn.microsoft.com/en-us/library/windows/hardware/gg487516.aspx#E4C
http://serverfault.com/questions/74672/why-should-i-enable-io-apic-in-virtualbox

Windows 2008 Telnet İstemcisi Açma

Windows 2008'de kurulum sonrası telnet istemcisi açık olmuyor. Özellikle bağlantıları test etmek için telnet kullanımı oldukça yararlı. Mesela Microsoft Sql Server kurdunuz ama bir türlü diğer bilgisayarlardaki istemciler bağlanmıyor. Sunucuda

telnet 127.0.01 1433



komutu çalıştırılarak ile Sql Server servisinin 1433 portunda çalışıp çalışmadığı kolaylıkla tespit edilebilir. Eğer boş siyah bir ekran açılıyorsa Sql Server çalışıyor ve TCP 1433'den bağlantı alıyor demektir. Diğer programların bağlanamaması muhtemelen güvenlik duvarından kaynaklanıyor olabilir.

Gelelim konumuza. Eğer sunucuda telnet istemcisi bulunamıyorsa

'telnet' is not recognized as an internal or external command, operable program or batch file.

hatası verecektir. Bu durumda komut satırından:


start /wait pkgmgr /iu:"TelnetClient"


komutu ile telnet istemcisi kolaylıkla yüklenebilir. Özellikle windows'un program ve özellik yükleme ekranlarıyla uğraşmak istemeyenler için faydalı olmasını umuyorum.

Pentest Cheat Sheet

Yazılabilir okunabilir dizin mount: 

smbmount //winpc/shared /mnt/share -o username=user,password=pass,rw

net use /USER:Administrator o: \\ip\share parola

SQL Server SA User

CREATE LOGIN [backup] WITH PASSWORD=N'Backup2012', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
EXEC master..sp_addsrvrolemember @loginame = N'backup', @rolename = N'sysadmin'


portfwd add -l 3389 -p 3389 -r 1.1.1.111