QEMU with KVM, issue with Windows recognizing the virtual environment - virtualization

I'm running Gentoo right now, I'm using QEMU with KVM support to run a Windows VM, I need to because they're forcing us to use a proprietary CAD software at university (sadly enough). They gave us a license for a year, however when I activate it, it clearly says the license can't be used in a virtual environment. This leads me to the conclusion that somehow the system recognizes it is being emulated and I know there's a way to avoid this, but I actually have no idea what to do. I've read someone had the same problem and apparently solved it, however his solution doesn't seem to work for me. I'll leave you the URL of the question on Stack. https://serverfault.com/questions/727347/solidworks-activation-license-mode-is-not-supported-in-this-virtual-environment
This command:
qemu-system-x86_
64 -enable-kvm -hda windows.qcow2 -cpu host,kvm=off -smbios type=0,vendor=LENOVO,version=FBKTB4AUS,date=07/01/2015,release=1.180 -smbios type=1,manufacturer=LENOVO,product=30AH001GPB,version=ThinkStation P300,serial=S4M88119,uuid=cecf333d-6603-e511-97d5-6c0b843f98ba,sku=LENOVO_MT_30AH,family=P300 -m 8G
gives the output:
qemu-system-x86_64: -smbios type=1,manufacturer=LENOVO,product=30AH001GPB,version=ThinkStation: drive with bus=0, unit=0 (index=0) exists
I have no idea what to do, I also checked with ruby that the command I pasted from the post I've linked is actually ASCII, it is correct apparently.
I really need this to work, doesn't even work with a cracked license.
Thank you.

Related

What's the point of Position-independent executables (PIE) when we have execstack?

I'm reading Hacking: The art of exploitation, which is apparently full of outdated information (doesn't take into account canaries, non executable stack, ASLR). I am trying to understand whether (and how) stack overflow attacks are possible even on modern systems. The best paper I have found so far is Stack smashing on a modern Linux system, which is at least from 2012.
It seems like the real thing that hinders stack overflow attacks from executing arbitrary code is both canaries and Position Independent Executable (to disable which, in gcc, flags -fno-stack-protector and -fPIE). PIE makes the stack non-executable, so that even if one managed to overwrite a return address with a stack address, the program would crash because code on the stack would not be allowed to be executed.
Apparently, the Linux terminal command readelf -l <filename> allows to know whether an executable was compiled with PIE on or not. The GNU_STACK header is the one we should look at: if it is RWE then execution is allowed, if the E is missing, then it isn't. So it's simple to check whether the stack is executable or not. (It's worth pointing out that it't not to easy to check whether the file was compiled with canaries protection on without disassembling or crashing the software)
However, as far as I have understood, the GNU_STACK header can easily be tweaked to be RWE through a small tool called execstack. It's as easy as execstack -s <filename>. It doesn't even require root privileges (as long as the owner of the file isn't root, of course).
Now, my question is: what's the point of PIE, if we can so easily alter its setting? Disabling canaries would require recompiling the whole file, because the canary checks are built into the assembly code, but the GNU_STACK header seems so fallible... What am I missing?
UPDATE: "If the attacker can modify the header, then that means the attacker has already achieved code injection."
I'm not sure this is true. If the attacker wants to exploit a flaw in an executable, he is likely to need another executable. For example, in the book Hacking: the art of exploitation, the flaw in notesearch is exploit through notesearch_exploit. Even if notesearch has non-executable stack, one could easily make it executable through an apt call to execstack in notesearch_exploit (given the fact that no root privileges), thus bypassing the PIE limitation. Isn't this correct?

Python IDLE GUI not starting

I feel like I have been coming the internet for days with absolutely no result.
I have taken some web programming classes, and would like to learn some python, just because programming is wicked interesting altogether, and have run into a fairly large hurdle given my experience.
the problem is this: Python.exe (or is is more properly pythonw.exe?) v3.3.3, running on windows 8.1 used to launch fine. Typed up a simple program to roll various sided die, worked out well. Then I changed the key bindings for 'Run Module' from 'ctrl+f5' to 'crtl+alt+spacebar.'
As soon as I did this IDLE crashed and so did the shell. Now the process will not run AT ALL. I cannot access it through the desktop icon to go back and revert the settings. I also attempted to look at the .def files and change it from there but could not find the 'run module' command. It looked like all the key bindings in the .def files were for the shell.
When I double click, nothing, when I run as admin, nothing. run from the start menu, nothing. I uninstalled and re-installed, rebooted, everything low tech I can think of. Now i'm out of my element and could use one of you brilliant social programmers!!
I've found information about checking with some tool called 'Windows Process Manager' some stuff about what to do with the CMD prompt (something about a path problem ...it intuitivly sounds like I very well could have created a 'path problem' but I'm not 100% I know what that is exactly).
I'm sorry for the lack of links, the pages were farther back in my browsing history than I expected. Hopefully i'm not asking an instant many down vote question here, most of the resources online are for either an older version of windows, Lunix, or an older version of python (which is actually where the path problem hint came from)
Thanks any and all greatly for any time spend reading/answering.
Immensely appreciated.
Find file HOME/.idlerc/config-keys.cfg, where on Win7 HOME would be 'C:/Users/yourloginname', and delete the key binding or, if there is nothing else in the file or nothing you want to keep, the whole file.
If you were to run Idle from a console with python -m idlelib, you would probably see an error message. (Yes, you were probably running with pythonw, as when using the start menu or icon. This works better in 3.4.2 and I am working or more improvements.)
I do not know the specific reason for your crash. I set Zoom-height to --space, restarted, and it works, no problem.

Patch plupload on W7 64 bit

Some of you may have already read my unanswerd question "Node Gallery won't show images with Plupload" AND this query is a follow on, because I think if I solve this issue, I will have found the solution to my previous one, as I missed out a step!
I am trying to patch the Plupload module with the plupload_url.patch, on my laptop running a 64 bit version of Windows 7, but every method I try fails; I think it says the file format isn't supported! So far I have tried GnuWin32 (but I think the clues in the name there), and also the JDiff Plugin for jEdit! So, has anyone been in this situation, or do of a working solution? Any advice would be greatly appreciated!
I do have a VirtualBox installation of Ubuntu if there are no other alternitives, but I'd prefer not to use that because transfering files from the Guest OS is a pain in the ass!
If I understand correctly, the problem is that you can't apply the patch and want to know how to do so.
Here's an explanation of path files which may help: http://drupal.org/node/367392
Also see if http://drupal.org/node/14231#comment-22770 and http://drupal.org/node/100527#comment-176252 helps.

Program compiled with glibc can run on Linux with uClibc?

I have a program compiled using glibc and I need it runs on a MIPS target with Openwrt firmware using uClibc. Is this possible? I put the program in Openwrt and when I try to run it the result is: not found.
What is the problem?
Thank you.
uClibc is only API-compatible, not ABI-compatible with glibc.
You should re-compile the application. To do so (at least until you know the details going on behind the scenes) I recommend to use the openwrt buildroot (mostly because differences between the libraries lead to several incompatibilities). All you need is the toolchain.
BTW, the documentation may be severely outdated, if you feel something is wrong, go with the uClibc buildroot documentation.
More specificaly, the first place this will likely fail and cause the error you are seeing, is that the intepreter path specified in the executable (use readelf) does not exist

Cygwin/vim Windows 7 file access issue

It appears that on Windows 7 Cygwin/vim thinks all files are read only. You can edit the files fine in Textpad/Notepad but vim thinks they are read only. There are number of reported occurrences but I can't see a solution. ??
Update: Per accepted answer, created the file C:\cygwin\etc\fstab.d\myname with the entry below.
none /cygdrive cygdrive binary,posix=0,user 0 0,acl
Per the comment you'll see in C:\cygwin\etc\fstab, this statement is the default Cygwin mount, save for the acl which I added.
Cygwin tries to impose a POSIX compatibility layer over the windows access control lists, which often leads to many problems.
In older versions of Cygwin a cheap solution was to disable this POSIX compatibility layer by setting the environment variable "CYGWIN=ntsec". Nowadays it seems as one must set the "acl" option for your drive(s).
http://www.cygwin.com/cygwin-ug-net/using.html#mount-table
This has some drawbacks. If you try to run a secured cygwin installation for multiple users, then better use a real linux, this will save so much hassle.
I guess another solution would be to use the native version of Vim instead of the cygwin one.

Resources