crazylazy.info

txt

A hardcore setup for hackers. This isn't very easy. Has some odd situations. Face it. It's Pai Mei - he fights hard with the 5-finger-heart-explosion-technique.
Be harder!

taken from Charlie Miller's (author of Pai Mei) white-paper

A complete chaos

First of all there's to say: Charlie created a complete chaos. Someone has to tidy this up ;):
If you go to Pai Mei's Google Code page and check out the svn repro:

svn checkout http://paimei.googlecode.com/svn/trunk/ paimei-read-only

you can navigate into the "MacOS" specific subfolder. And if you start to read "__install_requirements.py" you still see:

...

 get_it("http://superb-east.dl.sourceforge.net/sourceforge/ctypes/ctypes-0.9.9.6.win32-py2.4.exe", "installers/ctypes-0.9.9.6.win32-py2.4.exe")
...

So no useable script for us. This is odd. Windows setup scripts in a MacOS ported version tree... If you think this is hard. Wait. This is just the beginning. ;)

Install MySQL x86

No, not 64 bit. This is very important due compatibility issues with py-mysql. Get it from here as a handy prebuilt MacOS X package. There's a convenient PrefPane that lets you start and stop the MySQL server.
If you like GeekTool, here's a script reminding you to shut it down after a hard fight with Pai Mei:

#!/bin/bash

if [ \"TeX Embedding failed!sqlServ"; 

But no further distractions... this is complicated enough. After you installed the package and the PrefPane, start the MySQL server for now.

The reason for 32 bit: odd py-mysql

This sucks, yes: Get MySQL Python from here. Unpack but WAIT!!!
First of all edit _mysql.c

Comment out the following preprocessor statements:

And change every "uint" now to "unsigned int". I know this is very awkward. But that's it. As a C programmer you want to cry without knowing what the hell this is supposed to mean.
- Stay calm: edit site.cfg.

threadsafe = False

note: I can't say whether this is a good idea if you intend to use py-msql productively for Django or so. I simply don't know. I just play around with stuff.

Export MySQL's bin folder to your paths in your shell of choice. Here's an example for zsh:

# mysql due pai mei
export PATH="/usr/local/mysql/bin":$PATH

That's the standard path for the installation.

Furthermore create a valid softlink:

cd /usr/local/mysql/lib/ 
sudo ln -s /usr/local/mysq/lib/ mysql

I always prefer having two commands... but that's me. Know what you do... it's sudo. Alternatively you can add this path directly info site.cfg.

And now install the py-setuptools, by checking out the svn repro:

svn co http://svn.python.org/projects/sandbox/trunk/setuptools

Install it for python2.5 - which you btw. easily get through MacPorts. We will call pydbg through python2.4 (which I guess no one uses for real tasks any more) and the Pai Mei framework through python2.5 (huge dependencies).
To go on:
Now you can manually install py-mysql. The direct port in MacPorts is broken. You can't use it as far as I can say for x86 machines. Run setup.py. If it fails once due something you forgot, run setup.py clean and remove the build folder manually.

More python modules? Hurray!

The REAME file says it in a similar way, but we have to modify the setup a little nowadays: Install ctypes for python2.5. Install wxPython for Python2.5 through MacPorts. Install libdasm for python2.4 (MacPorts):

cd python
python2.x setup.py build_ext
sudo python2.x setup.py install

note: it just works like that.

Procmod group - the old friend returns

Now change:

sudo chgrp procmod opt/local/bin/python2.4
sudo chmod 2755 opt/local/bin/python2.4

This is important because of the Mach process for PID function. task_for_pid() has a kernel security setting which is kern.tfp.policy=2 by default.
Setting it to 0 theoretically would enable you to do the same (0=no policy, 1=process itself and rooted processes and "real" same user, 2=root and procmod). Well... here's the point where I say... this may be a very bad idea. I simply don't know. In the end it is a restriction you disable. Decide. I don't use python2.4. So I changed this for python2.4 on my hacking machine. I maintain multiple versions of python ;).

Install pydbg

Install pydbg from the MacOS X subfolder and run to verify:

cd pydbg
python2.4
>>> import pydbg
>>>>>

Change pydbg's shebang to call python2.4. Because python2.4 belongs to procmod. You will call 2.4 for debugging issues and 2.5 for the framework. These modifications are trivial. Just edit the first lines.

Start console/PAIMEIconsole.pyw. It tells you if you're missing something. If that works: welcome to the world of binary code coverage. You mastered it.

Of course Pai Mei can do more... it's a reverse engineering framework and I'll give it a try. As far as it seems it has got some interesting features and capabilities to offer.

In your face!!!

Have fun,
wishi