POEM: To This Day by Shane Koyczan

 To This Day by Shane Koyczan

 To This Day
When I was a kid
I used to think that pork chops and karate chops
were the same thing
I thought they were both pork chops
and because my grandmother thought it was cute
and because they were my favourite
she let me keep doing it

not really a big deal

one day
before I realized fat kids are not designed to climb trees
I fell out of a tree
and bruised the right side of my body

I didn’t want to tell my grandmother about it
because I was afraid I’d get in trouble
for playing somewhere that I shouldn’t have been

Entreprenuership: chapter 1 to 5

CHAPTER-1

Entrepreneur:

Economists has defined entrepreneur as a person who bring resources and generate wealth. He is a person who introduces changes, innovations and new order. Psychologist has viewed entrepreneur as a person who is typically driven by certain forces, like the need to attain or obtain something, to experiment, to accomplish or to escape the authority of others.

The person or group of person who creates new idea, innovate or invent new thing, bear risk, manage resources and turn into successful business is called Entrepreneur. Economists usually treat their service as separate factor of production called Entrepreneurship. Entrepreneur is the only factor of production whose role is to combine and organize other factors of production. The entrepreneur sees the value of a new idea and is able to organize and carry out the job of turning it into cash. They are the persons who shift economic resources out of an area of lower into an area of higher productivity and greater yield. The term entrepreneur may be properly applied to those who incubate (Develop) new ideas, start enterprises based on those ideas and provide added value to society based on their independent initiative. Entrepreneur as a risk-Bearer, entrepreneur as an organizer, and entrepreneur as a innovator. In conclusion we can say that Entrepreneur is the one who organizes and manages a business undertaking, assuming the risk for the sake of profit. He is the risk and uncertainty bearer, innovator, organizer of factors of production and effortful for creating something new.

Windows 8 Kernel Memory Protections Bypass

Windows 8 Kernel Memory Protections Bypass

Recently, MWR intern Jérémy Fetiveau (@__x86) conducted a research project into the kernel protections introduced in Microsoft Windows 8 and newer. This blog post details his findings, and presents a generic technique for exploiting kernel vulnerabilities, bypassing SMEP and DEP. Proof-of-concept code is provided which reliably gains SYSTEM privileges, and requires only a single vulnerability that provides an attacker with a write-what-where primitive. We demonstrate this issue by providing a custom kernel driver, which simulates the presence of such a kernel vulnerability.

Introduction

Before diving into the details of the bypass technique, we will quickly run through some of the technologies we will be breaking, and what they do. If you want to grab the code and follow along as we go, you can get the zip of the files here.

SMEP

SMEP (Supervisor Mode Execution Prevention) is a mitigation that aims to prevent the CPU from running code from user-mode while in kernel-mode. SMEP is implemented at the page level, and works by setting flags on a page table entry, marking it as either U (user) or S (supervisor). When accessing this page of memory, the MMU can check this flag to make sure the memory is suitable for use in the current CPU mode.

DEP

DEP (Data Execution Prevention) operates much the same as it does in user-mode, and is also implemented at the page level by setting flags on a page table entry. The basic principle of DEP is that no page of memory should be both writeable and executable, which aims to prevent the CPU executing instructions provided as data from the user.

KASLR

KASLR (Kernel Address Space Layout Randomization) is a mitigation that aims to prevent an attacker from successfully predicting the address of a given piece of memory. This is significant, as many exploitation techniques rely on an attacker being able to locate the addresses of important data such as shellcode, function pointers, etc.

Paging 101

With the use of virtual memory, the CPU needs a way to translate virtual addresses to physical addresses. There are several paging structures involved in this process. Let’s first consider a toy example where we only have page tables in order to perform the translation.
For each running process, the processor will use a different page table. Each entry of this page table will contain the information “virtual page X references physical frame Y”. Of course, these frames are unique, whereas pages are relative to their page table. Thus we can have a process A with a page table PA containing an entry “page 42 references frame 13” and a process B with a page table PB containing an entry “page 42 references frame 37”.
If we consider a format for virtual addresses that consists of a page table field followed by an offset referencing a byte within this page, the same address 4210 would correspond to two different physical locations according to which process is currently running (and which page table is currently active). For a 64-bit x86_64 processor, the virtual address translation is roughly the same.
However, in practice the processor is not only using page tables, but uses four different structures. In the previous example, we had physical frames referenced by PTEs (page table entries) within PTs (page tables). In the reality, the actual format for virtual addresses looks more like the illustration below:

The cr3 register contains the physical address of the PML4. The PML4 field of a virtual address is used to select an entry within this PML4. The selected PML4 entry contains (with a few additional flags) the physical address of a PDPT (Page Directory Pointer Table). The PDPT field of a virtual address therefore references an entry within this PDPT. As expected this PDPT entry contains the physical address of the PD. Again, this entry contains the physical address of a PD. We can therefore use the PD field of the virtual address to reference an entry within the PD and so on and so forth. This is well summarized by Intel’s schema:

It should be now be clearer how the hardware actually translates virtual addresses to physical addresses. An interested reader who is not familiar with the inner working of x64 paging can refer to the section 4.5 of the volume 3A of the Intel manuals for more in-depth explanations.

Previous Exploitation Techniques

In the past, kernel exploits commonly redirected execution to memory allocated in user-land. Due to the presence of SMEP, this is now no longer possible. Therefore, an attacker would have to inject code into the kernel memory, or convince the kernel to allocate memory with attacker-controlled content.
This was commonly achieved by allocating executable kernel objects containing attacker controlled data. However, due to DEP, most objects are now non executable (for example, the “NonPagedPoolNx” pool type has replaced “NonPagedPool”). An attacker would now have to find a way to use a kernel payload which uses return-oriented programming (ROP), which re-uses existing executable kernel code.
In order to construct such a payload, an attacker would need to know the location of certain “ROP gadgets”, which contain the instructions that will be executed. However, due to the presence of KASLR, these gadgets will be at different addresses on each run of the system, so locating these gadgets would likely require additional vulnerabilities.

Business law: chapter 2

Law of contract
meaning
a contract is an exchange of promises by wot or more persons, resulting in an legal obligation to do or not to do, which is recognized and enforced by law.
valid contract = and agreement + enforceable of an agreement by state.
Essential elements of valid contract.

1. offer and acceptance = a person must have offer by one party and acceptance of same offer by another party. such offer and acceptance must be valid.
2. legal relationship = contract cannot be enforceable by law if there is lack of legal relationship. eg invitation for birthday party.
3. free consent = consent means that the parties must have agree upon the same thing in same sense. The contract must not be enforced by mistake, undue influence, coercion, fraud or misrepresentation.
4. competent parties = parties to the contract must be capable in the eye of law. a minor person, lunatic person, insolvent person, are disqualified in the eye of law.
5. lawful considerations =  the objective contracted between two parties must be legal an done to oppose the public policy.
6. two parties = there are at least two parties in which one offers and other accepts in the same sense.
7. possibility of performance =  agreement should be made that is possible to do. eg  promise to pay rs 1000 if hari can fly.
8. certainty = both the parties in a contract must clearly know about all the terms and conditions mentioned or implied in it.

Classification of contract
On the basis of the mode of creating the contract
1. Express and Implied contract
        An express contract is that contract where the parties have made an oral and written declaration of their intention.
        An implied contract is one in which the evidence of the agreement is not show by words, written or spoken but by acts or conduct of parties.
2. Simple and formal contract
        If a contract is made in a written form, duly sealed, properly signed and transferred to other party, it is formal.
        When a contract is created in the absence of any of the above four element it is simple.
On the basis of performance of contract
1. Executed and Executory contract
        When the contract is completely performed or nothing remains to be done by either party is executed contract.
        Executory contract is composed of undertaking in which one or both parties are under an obligation to do or no to do certain things mentioned in the contract.
On the basis of nature of contract
1. Unilateral and bilateral contract
        Unilateral contract is a contract, which creates legal obligation to only one party. he cannot compel other party to perform the contract. eg. donation
        When a contract comes into existence by the exchange of promises with each other party, it is bilateral. it is two sided and creates obligation to both.
On the basis of Enforceability of Contract
1. A valid contract =  It is an agreement which is binding and enforceable by law and has satisfied all the essentials elements of valid contract.
2. A voidable contract = missing some essential elements of valid contract.
3. A void contract =  An agreement without legal effect. It is not void from its inception and that it is valid and binding on the parties when originally entered but subsequent it becomes invalid of legal effect because of certain reasons.
4. Unenforceable contract = It though perfectly valid contract in all other respects but if it lack some technical requirements needed to make it enforceable (eg signature, stamp, ticked, etc), the law cannot enforce it.
5. Illegal contract =an agreement is illegal an void if its object or consideration is forbidden by law. e.g.. contract for murder, blackmailing.
On the basis of Origin of liability of parties
1. general contract = formal contract where liabilities of both the parties arise from the beginning of the agreement.
2. Contingent contract = contract where liabilities of one party arise when some even happens in future. eg. contract to sell statue if found in market.

Considerations
It results only when one promise is made in exchange for something in returns. this something in return is what we mean by consideration. Consideration means a promise made by a person to do or not to do something for the acts done or undone by the other according to that mentioned in the offer. It refers to promises of a party for the promises of another to the contract.
Types of consideration
1. Executory consideration
2. Executed
3. past

1. Executory Consideration : It is when one promise is made in return for another or a promise in return of promise.
Example: -M promised to sell his mobile phone to K for RM550/- and K promised to pay the price upon delivery by M. Here, the promise to sell is in return to promise to buy.

M agreed to sell his house to N. An agreement was written on a scrap paper and says as follows: -

I agree to sell my house No. (address) held under…. to Mr. N, the present tenant of the house at $26,000/- within three months from the date. M later refused to sell the house and a specific performance was ordered at the trial and the appellant took the matter to Federal Court. The appeal was dismissed, gave effect to Illustration of Section 24. Chang Min Tat F.J held:“The agreement must be seen to be a case of Executory consideration. A promisee is made by one party in return for a promise made by the other; in such a case each promise is the consideration for the other”

Example : A agrees to sell his car for RM20,000/- to B. B promise to pay the sum of RM 20,000/- in consideration for A’s promise to sell the car, and A’s promise to sell the car is the consideration for B’s promise to pay the RM20,000/-. These are lawful considerations.

2. Executed Consideration
It is when a promise is made in return for the performance of an act.
Example : M lost his pen and offered RM 200/- to anyone who finds and returns the documents to him. K found M’s pen in response to the offer and returns them to M. By returning the pen, K has given consideration to M’s promise to pay. Should M refuse to pay, K may take an legal action against him.

3. Past Consideration

Where a promise is made subsequent to and in return for an act that has already been performed, the promise is made on account of a past consideration.
Example : If K finds and returns M’s pen and in gratitude, M promise to pay K RM200/- the promise is made in return for a prior act.

Requirement of consideration

1. Desire or request of promisor is essential. ( doing something without desire/request is voluntary service and is not treated as consideration)
2. Consideration need not necessarily be adequate
3. It must be real and competent ( should not create dual meaning, uncertain or illusionary. eg.if hari completes the work in time he will be awarded by something)
4. consideration must be lawful
5. contract whether oral or writing must be supported by consideration
6. mere request of the promisor is not enough
7. considerations may be either tangible or intangible

Termination of Contract
    It means termination of contractual relation between the patties. It means getting relief from contractual laibilities.
Methods of terminaton of contact

1. By perfromance of contract ( when both parties fulfill their respective promises in time)
2. Impossibility of performance ( if it is impossible to perform though when made was possible due to some unavoidable reasons like, change in law, deductio of subject matter)
3. Termination of mutual areement (making agreement between the parties with their mutual consent terminates the contract)
4. by operation of law ( by death of parties, by insolvency of parties, by emerging one contract with another)
5. Termination by breach of contract ( if one party fails or denies performing his/her contractual laibilities created by contract, it is breach of contract. when one party breach the contract, other party will also get relief from his contractual liabilities.)
6. termination of contract by material alternation (material alternation means a change made in the material mentioned in the contract. If one party changes material in the contract without obtaining the consent of other party, contract terminates)
7. By recession of contract ( Recession means cancellation of the contact by  the party.)
8. termination by lapse of time ( if contract is not performed within specified time mentioned in contract)

Breach of Contract
    If one party fails / denies perfoming his contractual liabilities created by contract, it is said to be breach of contract. A contract may be breached in two ways: 1.anticipatory (breach before the date of performance by giving notice or by conduct) and 2. actual breach ( breach at the time when he is supposed to perform)
Remedies for breach of contract

1. Right to withdraw the contract
2. right to claim compensation
3. right to get usual performance
4. right to sue for injunctions
5. right to claim for quantum meruit

Business law: Chapter 1

Meaning of law
It is the rule of conduct recognized and enforced by the conduct of people with view to securing justice and social security. It operates and regulates the actions of persons in respect to one another and in respect to the entire social group or society. The concept of law depends legally on the social values, accepted norms of a particular society. law of ignorance is no excuse
-Law is a rule of conduct of a person and it regulates the external activities of a person.
- It is enforced by the country for the rule of conduct of person
-It is enforced for maintaining peace, security and justice in the country.
- law without justice and justice without law is meaningless.
- law is made for all and followed by every people of state.
- law always treats all equally.
nature of law
- justice is the ultimate aim of law
- law intends peaceful and harmonious relation between the members of society
- law is pervasive. it is generally known and accepted that every person is presumed to know the law. ignorance of law is no excuse.
- law regulates human activities in 3 ways. 1.prohibitory (no murder, no steal), 2.mandatory (tax), 3.permission (purchase of land)
source of law
the source of law where the rules of law originate is wider.
1. legislation ( prime source, law made by parliament is legislation, it is the process of making law by parliament)
2. precedent ( it means the earlier decisions of the court that is taken as a rule for the case of similar nature that comes later. so precedent laid down by the court is another source of law)
3. custom ( it is particular way of behavior among member of group/society that is accepted by the particular society. this kind of source is the pattern of behavior accepted by the particular society.
4 agreements ( agreements made buy persons to act in certain way also are equally enforceable in the court)
5. English mercantile law ( primary source, it constitutes the foundation on which the supreme structure of the India mercantile law has been built. English laws are based on custom and usage of merchants in England)
Classification of law
1. Substantive law
    It defines legal rights and obligations of people in certain circumstances. 2 types = 1.Public law ( deals with govt. rights and powers in its relation to individuals or groups) 2. private law ( governs individual or groups in their relation with one another, e.g. sales, agreements)
2. procedural law
    the method by which one may obtain remedy in court..
meaning of legal environment in business
Environment created by law to  regulate the economic, social, religious and political aspects of human life in the country is called legal environment. It is the legal framework that affects business as a whole. It is concerned with the study of legal insititutions and process that affects the business activities and they are enforced by state no only to exploit people and to make their life hard in their business activities but also to provide them different facilities like peace and security in their day to day business activities.
Importance of legal environment
- business law create conducive environment for the overall development of business and industries in the country
- it protect custome from unfair business practices.
- It protect businessman fro unfair custorme practices if any.
- law is rule for all, it establish good relationship among the members of society.