Beng Hacks: January 2005

Tuesday, January 25, 2005

NeverEverNoSanity

I read with interest that a local website was hit by an exploit called Bloodhound.Exploit. They had to shut their website down. Well, being the curious boy that I am I dug abit deeper.

It seems that the website (thevoiddeck.org) could have been hit by either the above, the Santy worm or a combo of both. I dunno how they arrived at the Bloodhound conclusion but I read with interest that there was a Santy worm that spread in late December hitting all php-based forums that were running older versions of php (and by extension any BB-system using php). Apparently all running versions lower than 4.3.10 were vulnerable.

So what this worm did was use Google to look for sites running phpBB, by searching for viewtopic.php and use a perl script to gain access (I assume buffer-overflow) to webroot then search for text-based files like .php, .htm and insert some h4X0r l33t text into the files.

Since then there have been (and will be) various new strains of Santy; n00b hackers need only edit abit of the perl code to recreate the activity since not every board admin monitors phpBB forums for updates. I suppose that's how thevoiddeck.org got hit so late in the worm's lifecycle: many STILL aren't patched.

Reminds me of the n00bs at forums.hardwarezone.com; don't they run vBulletin which is php-based? HAHAHAHAH!!! Thank goodness I deigned to comment in that n00b-farm of late.

Tuesday, January 18, 2005

Starhub, Private Eye

I read with interest that Starhub has a new service which can locate mobile phones within a particular distance from the nearest mobile cell. Digital Life even gave a nice example of a mother checking to see if her daughter was safe. So funny!

What's more important here is that now Starhub can replace all the private investigators in Singapore! Want to know where ur dirty husband is screwing around? Check with Starhub!

"20m from Hotel 81, Geylang"

I guess the shit in Enemy of the State (movie starring Will Smith my fav actor) is actually becoming reality! Friends, no one is safe. Better start living in copper cages...

Sunday, January 16, 2005

Singapore Lions win Tiger Cup 2004!

GO LIONS!

Lions win the 2nd leg 2-1, and total score 5-2. Atmosphere was awesome! Got a free red tshirt (even tho I already wearing red) too!!

Hope for more great things from them! They deserve to win!

Friday, January 14, 2005

Don't beat a dead horse

Finally the issue is closed. The main challenger at the previous thread I posted below saw my point, after a dozen posts, diagrams and maths formulas. I guess some people can get so into and of themselves that they are gurus just coz someone said they were, they can't see the light of any argument except their own.

Pity really, since that person seemed to know something, but he had to resort to big words terms and diagrams to scare me. My stand was from the beginning, about BitTorrent, nothing else.

Let's hope the issue rests from here onwards.

Wednesday, January 12, 2005

Why BitTorrent and anonymous proxies won't help you "escape"

There's a lively discussion going on here, where someone asked if it's possible to escape detection from agencies if he were to use BT with anonymous proxies.

The short answer is NO, you cannot escape detection.

Why? My answer needs to be broken up into several parts. The first part, we need to talk about BT. What is the appeal of BT? One word, speed. It is able to exchange files in a very fast way, even and especially for big files like 1GB. BT was designed and written by Bram Cohen and it was designed and written with speed in mind. With that I believe he didn't and never will add in anything to compromise this. What can compromise this? For one, encryption.

2nd, what if a BT proxy were available for use tomorrow? Ok, since none exists, we use HTTP as a model. To understand how a HTTP proxy works please read elsewhere, but basically we all know about anonymous proxies. However, what anonymous proxies do is to hide your identity from the website. It does not hide your actual act of visiting the website, because your actual request (eg type http://ihatebush.com on your browser) is inside the request to the proxy inside the message headers. This can be seen by something like TCPDump. So while your visit to the website is safe from the view of the website, your actual visit isn't safe from the ISP or any agency.

Someone in the thread then came up with a nice diagram to explain his position that proxies can work, using SSL as a model. I suggested that his idea is flawed, lacking one detail. That detail is the word BitTorrent in his diagram. His diagram is HIS IDEA of a encrypted P2P system. It is NOT and never will be BitTorrent, for the reasons I explained above.

Ok, even if BT is somehow modified by a modder (like say BitComet) to include say SSL and SSL proxying to the design, will it help? To answer that we must understand how SSL and SSL proxying work. SSL is basically PKI between the PC and website. When you add a proxy, what happens?? Actually what happens is that there IS an open connection request from your PC to the proxy to request an SSL connection to the website. For example, this can be seen in the clear:

CONNECT www.dbsbanking.com:443 HTTP/1.1

Once the connection is successfully made, the 2 connections are stuck together and the proxy takes no part in the PKI exchange between the website and your PC. The connection to the proxy is clear and not secure, just like my previous paragraph of using anonymous proxies.

Yes, all this means you only see your request but not the files. However, it doesn't take a genius to do the same thing you're doing and download the same files you downloaded. Afterall, the files are free-access. With the destination discovered I can connect and download. How do you think ppl know what u share on Kazaa? Use Kazaa yourself lah!

Also, if you transplant proxy/SSL to BT and a BT proxy, the entire design of BT is changed. It no longer becomes a P2P tit-for-tat multi-node network. It becomes something similar to say Napster, a client-server model, because your proxy will actually contain all the file chunks (and by extension the files) ppl torrent at one time or another.

Yes, encrypting the data will hide your file contents, but making BT support encryption will cause your PC and BT to slow to a crawl as it is constantly encrypting torrents to upload and decrypting torrents you download. Your PC is 100% all the time, compared to BT's current about 10%. SSL can work on a browser coz it's not constant but per visit. BT is constant. Even web servers and SSL proxies struggle to do SSL. It can't do many, compared to normal HTTP. Dun say a PC.

Encryption and BT do not exist together. If you want encrypted data, I suggest two ideas. One, use Virtual Private Networks, or two, use another P2P software. If you check p2pforums.com there are at least 5-6 other P2P softwares tat support encryption.

But it won't be BitTorrent.

Tuesday, January 11, 2005

BT

Hahah my first day's foray into the internet forum at Hardwarezone and I already got a challenge. Someone was worried that now the police will be able to find out who is using BT to exchange copyright files and get fined.

Then someone else suggested that using a BT proxy can escape detection. I said it's not possible to escape even if u use a proxy, but that person didn't believe me.

I will post about this, as in why you can't escape, tomorrow. Stay tuned!

Well, I've stepped into a forum for the first time!

I've always held onto the notion that participating in online forums is a waste of time. However, as of 2005 I decided on a new resolution: to be more open to new concepts. So this year I shall attempt to participate in them. Who knows I might learn a few things from these so-called experts who post all day long but hardly know anything really.

Those who are interested, can look out for me in the Hardware Zone forums at forums.hardwarezone.com. My nick is benghacks.

I'll stick around, as long as someone doesn't call me a clone. That's the lame-ass term some so-called experts or self-labelled long-timers call people who are new to the HWZ forums. I'll definitely give them some grief.

Wednesday, January 05, 2005

Amazing Race

Now abit sian to read and hear about all the tsunami disaster news. Worse still is the news of countries trying to get "top honours" by being the top money donor. Sigh, even liddat oso need to show off and compete. At least the japanese are quite humble by being low-key.

Anyway, on the webfront, have any of you noticed that even up till now, in 2005, still got ppl scanning your PC? Seems like there are still ppl out there infected by trojans, viruses and worms. How come still got ppl in SG dun have firewall and anti-virus?

Also, my block alone got almost 20 unprotected wireless APs that I can connect to!! Meaning I can use their internet connection to surf web! And in one case, play CS!! LOL! So many dumb users out there, no wonder got cases of DBS bank customers kenna robbed online...