The Hitchhiker's World Issue 6: Shellcode : The assembly cocktail, Interview - Dan Verton, Applying steganography.
44ca03ac7c42be247785655fd267025aa6dc41cc553ed8ee8b21b1eb53504f38<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="keywords" content="hitchhiker, security magazine, security holes, exploit, buffer overflow, vulnerability, security writers, malware, virus, trojan, security writers">
<meta name="description" content="The HH's World features mostly network-security articles/programs along with a touch of personal expression. Entries & comments are welcomed.">
<META NAME="AUTHOR" CONTENT="Arun Koshy">
<title>Infosecwriters.com - Hitchhiker's World - Zine #6</title>
<link rel="stylesheet" type="text/css" href="libstyle.css">
<script language="JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
// -->
</script>
</head>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="100">
<tr>
<td width="100%" height="43" align="center" class="bluelink">
<p class="title">The Hitchhiker's World <br>
Issue #6</p>
</td>
</tr>
<tr>
<td width="100%" height="14">
<div align="center">
<p><b>Soli Deo gloria - To God alone be glory</b></p>
</div>
</td>
</tr>
<tr>
<td width="100%" height="19">
<p>Released : April 20th' 2003 - Happy Easter!!</p>
</td>
</tr>
</table>
<p><B><font face="Arial, Helvetica, sans-serif" size="2">DISCLAIMER :</font></B><font face="Arial, Helvetica, sans-serif" size="2">
[Insert the biggest, most comprehensive lawyerspeak here]. <B>Basically, the
author(s) are NOT RESPONSIBLE for anything</B> arising out of the information
presented below. Enjoy.</font></P>
<p><font face="Arial, Helvetica, sans-serif" size="2"><br>
<b class="emph">Contents</b><BR>
</font></P>
<UL>
<li><a href="shellcode.txt">Shellcode : The assembly cocktail</a><br>
{ A superb introduction to the subject by Samy Bahra }<br>
{ Contact : samy at kerneled.com }<br>
<a href="#ART2"><br>
</a></li>
<li><a href="#ART2">Interview Excerpt : Dan Verton</a><br>
{ by Von Spangler }<br>
{ Contact : vonspangler at infosecwriters.com }</li>
</UL>
<UL>
<li><font face="Arial, Helvetica, sans-serif" size="2"><a
href="#ART3">The RMIT Journal</a><br>
{ A regularly updated section detailing stuff that I do at uni }</font><br>
</li>
</UL>
<UL>
<li><a href="#CONTRIB"><font face="Arial, Helvetica, sans-serif" size="2">How
can you contribute ?</font></a><font face="Arial, Helvetica, sans-serif" size="2"><br>
{ Procedure for sending submissions for the zine }</font></li>
</UL>
<p class="emph">Learn</p>
<p><i>Don't you know that in a race,<br>
everyone runs,<br>
but only one runner gets the prize,<br>
When you run, run for the prize .. (I Corinthians 9:24)</i></p>
<p><span class="emph">Music</span><font face="Arial, Helvetica, sans-serif" size="2">
: U2, Toploader, Matchbox Twenty, Sting<BR>
</font></p>
<hr>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="emph"><span class="title"><a name=ART2></a></span></span><span class="title">r00ting
the hacker - the Dan Verton interview<br>
</span><a href="http://www.infosecwriters.com" target="_blank">By Von Spangler</a></font></p>
<p> <font face="Arial, Helvetica, sans-serif" size="2">Recently I interviewed
Dan Verton - the author of <a href="http://www.amazon.com/exec/obidos/tg/detail/-/0072223642/qid=1050815000/sr=8-1/ref=sr_8_1/103-5085650-7780604?v=glance&s=books&n=507846" target="_blank">The
Hacker Diaries: Confessions of Teenage Hackers</a>. He is a former intelligence
officer in the U.S. Marine Corps who currently writes for Computerworld and
CNN.com, covering national cyber-security issues and critical infrastructure
protection. (see: <a href="http://www.danverton.com" target="_blank">DanVerton.com</a>)</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">The interview covered a
range of issues, (some of which are discussed in The Hacker Diaries: Confessions
of Teenage Hackers) including: Why the continuous rise in cybercrime; hackers
- the ones behind this - who are they; what do we know about<br>
them beyond the shallow media reports; why do they do what they do; a look at
the changing hacker culture,<br>
i.e. the hacking scene today; a look at the contradictions and perhaps ironies
within this culture; an examination of ethics and the<br>
sensitivities still involved; and how do the security/law enforcement world
regard such ethics…</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">This interview will be published
in full in the upcoming <a href="http://www.infosecwriters.com" target="_blank">Recommended
Reading</a> section. But I give to you an excerpt; a question I threw at Dan.
He gave me a truly interesting response. Something for you to think about…<br>
</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2" class="text_head2"><span class="text_head2">Q:
Evidently hackers play a major role in the nurturing of script kiddies. Hackers
find and publish exploit-scripts and tools along with step-by-step instructions
which these kiddies take advantage of. Hackers probably would not admit they
are the arms dealers and a cause for the script kiddie population explosion.
In fact many categorically express their disdain and denounce script kiddies,
for it is their actions that consequently do most of the staining on hackers'
reputation. </span></font></p>
<p class="text_head2"><font face="Arial, Helvetica, sans-serif" size="2">What
does this say about the hacking culture and their fervent belief that information
and resources should not be censored from anyone? Can it be said that this particular
belief seems to oddly bite back at them?</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="text_head2">A:</span>
Well, my view is that freedom of research is a good and necessary thing. We
may not always like what we discover, but better that it is discovered and published
in a responsible manner so that people and companies can take steps to protect
themselves than for those discoveries to only be known by those who would do
us harm.</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">That said, the old argument
that all human knowledge should be free and that hackers who hack into corporate
systems to let that information out is utterly ridiculous and it demonstrates
the limitations of the hacker mind. That's right, I said it, the limitations
of the hacker mind. Most people like to believe that those who are talented
enough to breath life into silicon are just great thinkers in general. Well,
that is by far not the case for every hacker. What many hackers have in technical
prowess and genuis, they lack in a wider understanding of the unintended consequences
of their actions. It's sort of like the Mutually Assured Destruction (MAD) concept
of nuclear war. Nobody wins. The same is true for the traditional hacker argument
that all information should be free and non-proprietary. Well, try to make a
living in such an environment and feed your family. Chaos does not make for
a stable society where good ideas and a little bit of entrepreneurial spirit
are rewarded.</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">The recent flap over the
Adobe e-book encryption is a good example. Why would anybody want to break through
that encryption protection unless they were trying somehow to beat the system
in a dishonest way? I'm a writer, so it strikes close to home for me. I have
a right to my own ideas and to make a living based on those ideas and to feed
my family based on my ability to put those ideas down on paper (real paper or
digital paper) and to sell those ideas to those who are willing to buy it. Hackers
do not have a right to make those ideas that I created available to everybody
at no charge. They are mine and mine only to distribute and sell. This is where
the notion of information being inherently free is absurd.</font></p>
<hr>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="title"><a name=ART3></a>The
RMIT Journal</span><br>
<a href="http://acksyn.kerneled.com" target="_blank">By Arun Darlie Koshy</a><br>
</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">This issue has taken a long
time ... due to a lot of factors (shifting , lack of focus and contributions).
Neways, Its been quite an experience... and with the help of my lord Jesus Christ,
I'm facing each day with confidence.</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">Currently, I'm enrolled
as an M.S Student (Information Security) at <a href="http://www.rmit.edu.au/mathstats" target="_blank"><span class="bluelink">RMIT
(Department of Mathematics)</span></a> .. here's the first essay I had to write
as an assignment (Case Studies in Infosec)<br>
</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="emph">Eve,
Let's play hide and seek<br>
<br>
</span> I assume that this is being read by people who can google OR are lurkers/participants
on groups like sci.crypt. Let's look at the factors presented :</font></p>
<ul>
<li><font face="Arial, Helvetica, sans-serif" size="2"> relevance of containers<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2"> change in comm. patterns<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2"> all points having the
word "image(s)"</font></li>
</ul>
<p><font face="Arial, Helvetica, sans-serif" size="2">Assuming a giant Eve (say
the millitary/govt). What would I do ? Steg is just ONE of the blocks we get
to play with. </font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2">Why should'nt you use your
Legos ? Evaluating only the technological aspects (cut out real-world possibilities
like tempest attacks, torture etc) :</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="emph"><br>
Level One - Building your Steg chain</span><br>
</font></p>
<ol>
<li><font face="Arial, Helvetica, sans-serif" size="2"> Use diverse (muiltiple)
container options (leave out popular ones that are found out on a simple google
eg. images)<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2"> Create your own steg
tools as a part of the chain<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2">Use an open-source information
base (less chance of being rigged by the Govt) for other tools and ideas.<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2"> TTL for the containers
itself should be limited. Explained later.</font></li>
</ol>
<p><font face="Arial, Helvetica, sans-serif" size="2"><span class="emph">Level
Two - Applied Cryptography</span><br>
</font></p>
<ol>
<li><font face="Arial, Helvetica, sans-serif" size="2"> Use a good algo with
a known work factor to break (Asymmetric options : DSA-Elgamal-AES combo @
2048 bits, AES here can stand for ur favorite block cipher) <br>
<br>
We assume here that using magic, Eve cracks it in time T<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2">Set TTL < T (by hosting
the containers on some P2P networks, and other controllable mediums)<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2">Step 1 is used to send
the initial plans, if required in combination with real-world methods<br>
<br>
</font></li>
<li><font face="Arial, Helvetica, sans-serif" size="2">Repeat 1 - 3 as long
as required to complicate before introducing actual data-ciphertext.<br>
</font></li>
</ol>
<p><font face="Arial, Helvetica, sans-serif" size="2">The basic idea is to keep
up the time difference. The whole scheme is very expandable.</font></p>
<p class="emph"><font face="Arial, Helvetica, sans-serif" size="2"><br>
Useful Resources</font></p>
<p><font face="Arial, Helvetica, sans-serif" size="2"><a href="http://www.gnupg.org" target="_blank"><span class="bluelink">http://www.gnupg.org</span></a><span class="bluelink"><br>
<a href="http://www.pgpi.org" class="bluelink" target="_blank"><br>
http://www.pgpi.org</a><br>
<a href="http://www.cl.cam.ac.uk/%7Efapp2/steganography/stego_soft.html" class="bluelink" target="_blank"><br>
http://www.cl.cam.ac.uk/~fapp2/steganography/stego_soft.html</a></span></font></p>
<hr>
<font face="Arial, Helvetica, sans-serif" size="2"><span class="emph"></span></font><font face="Arial, Helvetica, sans-serif"><span class="text_head1"><br>
<a name="CONTRIB"></a>Contribute! Learn! Discuss!</span><br>
<br>
<span class="text_head2">Contact:</span><br>
You're invited to send in your entries, comments et.al for publication to <a
href="mailto:hwcol@arunkoshy.cjb.net">hwcol@arunkoshy.cjb.net</a> </font>
<p><font face="Arial, Helvetica, sans-serif"><span class="text_head2"> Topics
(but definitely not restricted to):</span><br>
algorithms, stuff related to systems programming and applied network security.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><span class="text_head2">Style:</span><br>
The zine advocates a "hands-on" approach when it comes to tech.. Get to the
code or point. Provide references and links if necessary (especially if you're
presenting a fresh perspective on something already known). </font>
<p>
<p>
</td>
</tr>
<tr>
<td colspan="2">
<div align="center" class="unnamed1"><span class="footer"><a href="http://www.Infosecwriters.com"><font size="1" face="Arial, Helvetica, sans-serif">Home</font></a><font size="1" face="Arial, Helvetica, sans-serif">
|<a href="http://www.Infosecwriters.com/about.php"> About Us</a> |<a href="http://www.Infosecwriters.com/contact.php">
Contact Us</a> |<a href="http://www.Infosecwriters.com/privacy.php"> Privacy
Policy</a> | <a href="http://www.Infosecwriters.com/map.php">Site Map</a>
</font></span></div>
<p align="center"><font size="1" face="Arial, Helvetica, sans-serif"><span class="footer">All
images, content & text (unless other ownership applies) are © copyrighted
2003, Infosecwriters.com. All rights reserved. Comments are property of
the respective posters.</span></font></p>
</td>
</tr>
</table>
</body>
</html>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed