Posted by Bolster on Mar 12, 2010 in
uni I had been looking at this years Google Summer Of Code google group and saw the list of organisations that are getting involved. While i was alooking at it, I knew i didn’t want to even consider the big boys (I’m looking at you, Debian, Drupal, KDE, Apache, X.Org, etc), they’re too big to get my teeth into, and I’m currently in the throws of ‘WHAT THE HELL AM I GOING TO DO MY FINAL YEAR PROJECT ON!!! ‘ (For any Americans, that means ‘dissertation’).
My university is big into networking etc, so I had a look at the NS-3 Network Simulator, which currently sits at slightly less that 2 million lines of code, and is vaguinly within my realm of interest so I’m going to see a) if i can get it to work and play with it for a bit and b) if i can contribute anything to the project and parlay that into a final year project, and I’ll be documenting whatever progress I get on this blog.
I doubt that I’ll apply to GSOC as I don’t think I’d be able to give the required time committment over the summer. 
Anyway, Next blog post will be a start into the installation and configuration of NS-3 on my virtualised Ubuntu setup.
Tags: gsoc, linux, networking, ns, oss, programming
Posted by Bolster on Mar 10, 2010 in
uni So I have a piece of coursework for a CS module I’m taking at Queen’s University Belfast and one of the focal points of it is the recent RockYou! SQL-injection breach that released 32million passwords into the internet, and I thought I’d have a closer look at that list.
I ‘acquired’ the password list from your regular neighbourhood tracker, and thought I could walk through the process of getting a probability-sorted password dictionary.
(The ‘-S 2048K’ memory restriction on the ’sort’ program is to avoid Dreamhost locking out my process for being over-memory)
tar -xvzf UserAccount-passwords.tgz
Having a look at the head of the resultant ‘UserAccount-passwords.txt’ file shows:
$ head UserAccount-passwords.txt
password
mekster11
mekster11
mekster11
progr4sm
khas8950
emilio1
holiday2
caitlin1
purblanca
32million entries in arbitrary order arn’t really that useful, so I sorted them alphabetically first (-d)
sort -d -S 2048K UserAccount-passwords.txt -o UserAccount-passwords.sorted.txt
And getting a head again gave a whole pile of blank lines, so to get rid of them use this handy sed expression
$ sed ‘/^$/d’ UserAccount-passwords.sorted.txt > UserAccount-passwords.sorted.unblanked.txt
So our first ten passwords are now:
$ head UserAccount-passwords.sorted.unblanked.txt
!
!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
!!!!!
Loooots of duplicates, so we’ll get rid of them
uniq -cd UserAccount-passwords.sorted.unblanked.txt UserAccount-passwords.uniq.txt
The -d flag means that we only want to know about entries that appear at least twice, and the -c means we only want one line for each password and a count for how often it appears (This reduced the number of lines in the list from 32,603,048 non-blank entries to 2,459,759), giving a first ten of:
$head UserAccount-passwords.uniq.txt
12 !!!!!
67 !!!!!!
3 !!!!!!!
3 !!!!!!!!
8 !!!!!!!!!!
2 !!!”"”£££
2 !!!$$$
2 !!!???
2 !!!@@@
2 !!”"££
Still sorted alphabetically, so sort reverse-numerically to get most popular entries at the top.
sort -nr -S 2048K UserAccount-passwords.uniq.txt -o UserAccount-passwords.uniq.sorted.txt
Giving our top 20 most popular passwords (sorry guys, but this is really depressing)
$ head -20 UserAccount-passwords.uniq.sorted.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou
33291 princess
21725 1234567
20901 rockyou
20553 12345678
16648 abc123
16227 nicole
15308 daniel
15163 babygirl
14726 monkey
14331 lovely
14103 jessica
13984 654321
13981 michael
13488 ashley
13456 qwerty
There really is no hope for us…
More analysis to come when I can be bothered, and potentially some attempts at breaking into a VM with simulated user accounts.
Tags: eee, linux, networking, qub, security
Posted by Bolster on May 13, 2008 in
uni If anyone is interested in Erlang B Calculations, very relevent to any communications or engineering students, I’ve written a little quick piece of code to calculate them.
There are several levels of functionality in the code.
Erlang B itself only has 2 variables, System load in Erlangs, and the number of “trunks” (read: servers/call center operators/phone lines), and its output is a blocking probability from 0 to 1
All three of these variables or none atall can be defined at runtime;
- The desired blocking probability can be input to stop the calculation at that point. (default 0)
- The Load can be defined (See Erlang A) (default 1)
- The maximum trunks to be calculated (default 100)
The code uses the unistd.h library for argument parsing so is more or less unix only (or cygwin alternativly) and long doubles for more or less everything inside the code.
Having tested the limits, it kinda conks out then calculating large (read 1000 erlangs) on large trunks (got as far as 1234 trunks, then died)
When i get a bit of time i might optimise the factorial part so it doesnt run thru the entire factorial sequence for each number.
Anyway, the code is here. I’m not wasting my time laying out code on blogger.
Tags: C, code, programming, telecomms
