Did You Know This About Facebook?
Good [+1]Toggle ReplyLink» neoform replied on Sun Feb 15, 2009 @ 9:08am |
Battle of the mind vs moron.
Once again he pastes documentation for something completely irrelevant. I'm taking about AES-256, he's quoting me garbage password crackers for windows password files. Idiot. | |
I'm feeling pompous right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Sun Feb 15, 2009 @ 1:43pm |
Good [+1]Toggle ReplyLink» neoform replied on Sun Feb 15, 2009 @ 2:32pm |
DES was invented more than 30 years ago when computers were the size of rooms and could barely compute numbers.
AES was invented in 1998, and is entirely different and far more advanced than DES. PGP has not been "smashed" as you claim. [ en.wikipedia.org ] "In 2003, an incident involving seized Psion PDAs belonging to members of the Red Brigade indicated that neither the Italian police nor the FBI were able to decode PGP-encrypted files stored on them." PGP is very strong, but proprietary encryption. AES is not proprietary and is an open standard. Anyone can review it and no flaws have been found with it. PS. You're an idiot. | |
I'm feeling pompous right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Sun Feb 15, 2009 @ 5:30pm |
Hack NASA and crash a shuttle
* Track this topic * Print story Now that's what we call a systems crash By Andrew Thomas • Get more from this author Posted in Music and Media, 3rd July 2000 09:11 GMT Free research: Application platforms, the state of play The BBC's flagship news show, Panorama, is running yet another 'shock! Horror! We're all gonna die' expose of evil computer hackers. Tonight (Monday) at 2200GMT, the Beeb will reveal how the lives of space shuttle astronauts were put at risk by a hacker who zapped NASA's communications back in 1997. A British astronaut was on board at the time. [Ah! The news hook - Ed] A NASA spokeperson said: "We had an activity at a Nasa centre where a hacker was overloading our systems... to such an extent that it interfered with communications between the NASA centre, some medical communications and the astronaut aboard the shuttle." As the NASA shuttle orbiting the Earth docked with the Mir space station, the hacker disrupted the computer systems monitoring the medical conditions of the crew. In the past year, NASA has suffered over 500,000 hack attacks. ® 500k... Update » cutterhead wrote on Sun Feb 15, 2009 @ 5:33pm this is nothing secure about PGP , exploits have prooven its weeknesses Update » cutterhead wrote on Sun Feb 15, 2009 @ 5:42pm nasa never gets hackd , shure :
Hacker hopes hit internet song will help to beat extradition rap Click on thumbnail to view image Click on thumbnail to view image Click on thumbnail to view image Click on thumbnail to view image Click on thumbnail to view image « Previous « Previous Next » Next » View Gallery Published Date: 09 November 2008 By Marc Horne HE IS the self-confessed computer nerd who faces 60 years in an American jail after hacking into the Pentagon's computer system. But now Gary McKinnon has become this year's most unlikely pop star. McKinnon's online recording 'Only A Fool' has stormed into the MySpace charts, hitting the top five of most-watched videos alongside Christina Aguilera, the Pussycat Dolls and Ri ADVERTISEMENT hanna. Campaigners hope the popularity of the song will help in their bid to halt the Scot's extradition. The 44-year-old Glaswegian, who suffers from a form of autism, faces life in a US prison for using his dial-up modem to hack into military computer systems at the Pentagon and Nasa between 2001 and 2003. The amateur songwriter managed to gain entry to the most heavily protected data systems in the world while sitting in the bedroom of his north London flat. He became America's most wanted 'cyber-terrorist', was arrested by specialist UK police and faces being handed over to the US authorities. McKinnon has always insisted he had no malicious intent and claimed he was motivated by his interest in conspiracy theories and a desire to find classified information about UFOs and aliens. He did, however, leave messages on US government computers that taunted it for its warmongering foreign policy. Despite struggling from depression, McKinnon posted his self-penned track on MySpace and within 48 hours it had been viewed by more than 100,000 people – taking it to No.5 in the video charts. McKinnon's melancholy ballad is a tale of survival in the face of great adversity. The chorus features the lyrics: "Don't stop, don't say it don't matter/If it ain't easy try harder/Only a fool would let it go/Don't stop, don't sit and do nothing/If it ain't easy say something/Only a fool would let it show." The equally downbeat video features youngsters trudging around a bleak inner-city location. McKinnon was first arrested six years ago, but the Law Lords rejected his appeal against extradition in August. The UK Government has fully backed America's attempt to bring the hacker across the Atlantic for trial. The programmer, who wants to be tried in Britain, says he will be treated as a terrorist, with one US attorney stating authorities want him to "fry". Update » cutterhead wrote on Sun Feb 15, 2009 @ 5:46pm you can stop lecturing me the whitepapers , i know crypto. Update » cutterhead wrote on Sun Feb 15, 2009 @ 5:55pm Teens arrested for hacking NASA
* This message: [ Message body ] [ More options ] * Related messages: [ Next message ] [ Previous message ] From: InfoSec News [ ] Date: Thu, 13 Jul 2000 15:42:40 -0500 Forwarded By: Bronc Buster [ ] [ www.cnn.com ] July 13, 2000 Web posted at: 6:35 AM EDT (1035 GMT) NEW YORK (AP) -- Two New Yorkers, one of them a 15-year-old high school student on Long Island, have been arrested and accused of hacking into NASA computers. It was unknown whether the cases were linked. The teen surrendered to police Tuesday for allegedly hacking into two NASA computers in Hampton, Virginia, and a third computer in Bethpage, New York. Raymond Torricelli, 20, of New Rochelle was arrested Wednesday at his home and charged with using his personal computer to break into two computers belonging to NASA's Jet Propulsion Laboratory in Pasadena, California. The lab is the lead center for exploration of space with robotic spacecraft, have launched missions to every planet in the solar system except Pluto. The teen-ager allegedly broke into the NASA computers in November. The youth, charged with computer tampering, was released into his father's custody. His name was not released by Suffolk County police. The Rocky Point teen allegedly defaced the NASA Web site by adding the message "SSH is coming." Suffolk police said he used the hacker acronym "Sesame Street Haxorz." Police said the youth replaced system files with various images they termed computer graffiti, including an image of Elmo, a character on the "Sesame Street" television program. Though he did not gain access to sensitive or classified information, the teen caused about $5,000 in damage, said Special Agent James Jackson, of the NASA Office of the Inspector General. Police said they were investigating whether the teen, who said he was being tutored by another hacker online, committed any other crimes, Newsday reported Thursday. In the Torricelli case, investigators said they found 76,000 passwords on Torricelli's computer, including usernames from computers owned by San Jose State University and Georgia Southern University. Prosecutors said in court papers that Torricelli installed a program on a computer used by NASA to perform satellite design and mission analysis concerning future space missions. He then allegedly used the program in chat-room discussions with other hackers. Mary Beth Murrill, a spokeswoman for the Pasadena lab, declined to comment on the case but said security has since been improved. "We have a computer security system like any other large organization but we don't discuss it," she said. Torricelli was released on $50,000 bail. If convicted of the most serious charge, he faces up to 10 years in prison and a $250,000 fine. ISN is hosted by [ SecurityFocus.com ] --- To unsubscribe email [ ocus.com ] with a message body of "SIGNOFF ISN". Update » cutterhead wrote on Sun Feb 15, 2009 @ 6:09pm "A chain is only as strong as its weakest link" as the saying goes, and the same holds true for PGP. If the user chooses a 40-bit RSA key to encrypt his session keys and never validates any users, then PGP will not be very secure. If however a 2048-bit RSA key is chosen and the user is reasonably vigilant, then PGP is the closest thing to military-grade encryption the public can hope to get their hands on (Ref. 3).
The Deputy Director of the NSA was quoted as saying: "If all the personal computers in the world, an estimated 260 million, were put to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message." Update » cutterhead wrote on Sun Feb 15, 2009 @ 6:13pm 5.0 - Conclusions:
There is a place for both symmetric and public-key algorithms in modern cryptography. Hybrid cryptosystems successfully combine aspects of both and seem to be secure and fast. While PGP and its complex protocols are designed with the Internet community in mind, it should be obvious that the encryption behind it is very strong and could be adapted to suit many applications. There may well still be instances when a simple algorithm is necessary, and with the security provided by algorithms like IDEA, there is absolutely no reason think of these as significantly less secure. An article posted on the Internet I once read, on the subject of picking locks, stated: "The most effective door opening tool in any burglars toolkit remains the crowbar". This also applies to cryptanalysis - direct action is often the most effective. It is all very well transmitting your messages with 128-bit IDEA encryption, but if all that is necessary to obtain that key is to walk up to one of the computers involved with a floppy disk then the whole point of encryption is negated. In other words, an incredibly strong algorithm is not sufficient. For a system to be effective there must be effective management protocols involved. References and Bibliography: 1. Johnson, N., Steganography, [ patriot.net ] 2. Heath, J.. Survey: Corporate uses of Cryptography, [ www.iinet.net.au ] /crypto.html 3. Schneier, B., Applied Cryptography Second Edition: protocols, algorithms, and source code in C, John Wiley & Sons, 1996, pp758. 4. Mayo, S., How PGP works and the maths behind RSA, [ rschp2.anu.edu.au ] owpgp.html 5. Mayo, S., The IDEA Algorithm, [ rschp2.anu.edu.au ] a.html 6. Sullivan, C., Makmur, M., RSA Algorithm Javascript, [ www.engr.orst.edu ] mur/HCproject/ 7. Dunlap, C., Programmers Crack RSA Encryption Code, [ www.techweb. ] com/wire/news/1997/10/1025rsa.html 8. Rivest, R.L., The MD5 Message Digest Algorithm, RFC 1320, April 1992. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» neoform replied on Sun Feb 15, 2009 @ 9:30pm |
Dude, you're too fucking stupid to even understand the difference between hacking a network and cracking heavy encryption.
I'm done wasting my time with your retarded arguments, you have no clue what you're talking about and should learn to shut up and listen instead of lecturing others when you don't know what you're talking about. Have fun thinking AES-256 is easily crackable you clod. | |
I'm feeling pompous right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Sun Feb 15, 2009 @ 9:33pm |
STOP CALLING PEOPLE STUPID YOU GFAT SHIT
hope you had fun imposing / silencing the thread monster wannabe , now go code html on your mac you limbizkit sky's the limit 1970 Jimi Hendrix: "Machine Gun" Machine gun Tearing my body all apart Machine gun, yeah Tearing my body all apart Evil man make me kill ya Evil man make you kill me Evil man make me kill you Even though were only families apart Well I pick up my axe and fight like a bomber (you know what I mean) Hey! and your bullets keep knocking me down Hey, I pick up my axe and fight like a bomber now Yeah, but you still blast me down to the ground The same way you shoot me down, baby Youll be going just the same Three times the pain, And your own self to blame Hey, machine gun I aint afraid of your mess no more, babe I aint afraid no more After a while, your, your cheap talk dont even cause me pain, So let your bullets fly like rain cause I know all the time youre wrong baby And youll be going just the same Yeah, machine gun Tearing my family apart Yeah, yeah, alright Tearing my family apart Update » cutterhead wrote on Sun Feb 15, 2009 @ 9:36pm not my problem you cant interconnect machine to duplicate effectiveness, meanwhile seti is scoring eraflops over lousy connection, better management would shut your yapper on the matter. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» neoform replied on Sun Feb 15, 2009 @ 9:59pm |
OMG! Evidence you're a moron! Here, I'll quote wikipedia which holds the evidence. Read all of it to see my point!
A hot dog is a type of fully cooked, cured and/or smoked moist sausage of soft, even texture and flavor. It is usually placed hot in a soft, sliced hot dog bun of approximately the same length as the sausage, and optionally garnished with condiments and toppings. In the United Kingdom and Australia, hot dog refers more commonly to the combination of sausage and bun, with the sausage called a frankfurter. The flavor of hot dog sausages varies widely by region and by personal preference, as do the accompaniments. The flavor of the sausage can resemble a range of similar meat products from bologna on the bland side to the German bockwurst in the spicier varieties. Kosher hot dogs may be made from beef, chicken or turkey. Vegetarian hot dogs and sausages, made from meat analogue, are also widely available in most areas where hot dogs are popular. Unlike many other sausages (which may be sold cooked or uncooked), hot dogs are always cooked before being offered commercially. Unless they have spoiled, hot dogs can usually be eaten safely without further cooking, although they are usually warmed before serving. Many doctors recommend that pregnant women heat hot dogs (and other pre-cooked, pre-packaged foods) to 160-170 degrees Fahrenheit (70-77 degrees Celsius) for at least two minutes before consuming to reduce the chance of contracting Listeriosis, which is caused by a rare bacteria that can thrive at low temperatures (such as in a refrigerator) but can affect unborn children and even cause miscarriage or still birth.[1] Hot dogs are also called frankfurters, or franks for short, named for the city of Frankfurt, Germany where sausages in a bun originated, similar to hot dogs, but made exclusively of pork. Another term for hot dogs is wieners or weenies, referring to the city of Vienna, Austria, whose German name is "Wien", home to a sausage made of a mixture of pork and beef. In the German speaking countries, except Austria, hot dog sausages are generally called Wiener or Wiener Würstchen (Würstchen means "little sausage"). In Swiss German, it is called Wienerli, while in Austria the terms Frankfurter or Frankfurter Würstel are used. In the United Kingdom hot dogs are sometimes made with British sausages, typically cooked by grilling or frying. When prepared using a frankfurter they may be sold and marketed as "German" or "American-style" hot dogs.[citation needed] Contents [hide] * 1 History * 2 Etymology * 3 General description o 3.1 Ingredients + 3.1.1 Condiments o 3.2 Commercial Preparation + 3.2.1 Natural casing hot dogs + 3.2.2 Skinless hot dogs o 3.3 Final preparation * 4 Hot dogs in the United States * 5 Hot dog kinds and variations * 6 Competitions * 7 Festivals * 8 See also * 9 Notes * 10 References * 11 External links History A "home-cooked" hot dog with mayonnaise, onion, and pickle-relish. Claims about the invention of the hot dog are difficult to assess because various stories assert the creation of the sausage, the placing of the sausage (or another kind of sausage) on bread or a bun as finger food, the popularization of the existing dish, or the application of the name "hot dog" to a sausage and bun combination. The city of Vienna traces the lineage of the hot dog to the Wienerwurst or Viennese sausage, the city of Frankfurt to the Frankfurter Wurst, which it claims was invented in the 1480s and given to the people on the event of imperial coronations, starting with the coronation of Maximilian II, Holy Roman Emperor as King; the hot dog has also been attributed to Johann Georg Lahner, a 18th/19th century butcher from the Bavarian city of Coburg who is said to have invented the "dachshund" or "little-dog" sausage and brought it from Frankfurt to Vienna.[2] Around 1870, on Coney Island, a German immigrant named Charles Feltman began selling sausages in rolls.[3][4][5] Others also have been acknowledged for supposedly having invented the hot dog. The idea of putting a hot dog on a bun has been ascribed to the wife of a German named Antonoine Feuchtwanger, who sold hot dogs on the streets of St. Louis, Missouri in 1880, because his customers kept walking off with the white gloves handed to them for eating the hot sausages without burning their hands[6] Anton Ludwig Feuchtwanger, a Bavarian sausage seller, is said to have started serving sausages in rolls at the World's Fair – either the 1893 World's Columbian Exposition in Chicago or the 1904 Louisiana Purchase Exposition in St Louis[7] – again allegedly because the white gloves he gave to customers so that they could eat his hot sausages in comfort began to disappear as souvenirs.[8] The association between hot dogs and baseball may have begun as early as 1893 with Chris von der Ahe, a German immigrant who owned not only the St. Louis Browns, but also an amusement park, beer garden and brewery near Sportsman's Park, where he sold his beer.[9] Harry M Stevens Inc. which was founded by Stevens in 1889 continued successfully servicing major sports venues with hot dogs and other refreshments, making him widely known as the 'King of Sports Concessions' in the United States of America. [10] In 1916, an employee of Feltman's named Nathan Handwerker was encouraged by celebrity clients Eddie Cantor and Jimmy Durante to go into business in competition with his former employer.[11] Handwerker undercut Feltman's by charging five cents for a hot dog when his former employer was charging ten.[11] At a time when food regulation was in its infancy, and the pedigree of the hot dog particularly suspect, Handwerker made sure that men wearing surgeon's smocks were seen eating at Nathan's Famous to reassure potential customers.[8] Etymology Hot dog vendor in Amsterdam The term "dog" has been used as a synonym for sausage since at least 1884 and accusations that sausage makers used dog meat date to at least 1845.[12] According to a popular myth, the use of the complete phrase "hot dog" in reference to sausage was coined by the newspaper cartoonist Thomas Aloysius "TAD" Dorgan around 1900 in a cartoon recording the sale of hot dogs during a New York Giants baseball game at the Polo Grounds.[12] However, TAD's earliest usage of "hot dog" was not in reference to a baseball game at the Polo Grounds, but to a bicycle race at Madison Square Garden, in the The New York Evening Journal [December 12, 1906], by which time the term "hot dog" in reference to sausage was already in use.[13][12] In addition, no copy of the apocryphal cartoon has ever been found.[14] The earliest usage of "hot dog" in clear reference to sausage found by Barry Popik appeared in the 28 September 1893 edition of The Knoxville Journal.[13] It was so cool last night that the appearance of overcoats was common, and stoves and grates were again brought into comfortable use. Even the weinerwurst men began preparing to get the "hot dogs" ready for sale Saturday night. —28 September 1893, Knoxville (TN) Journal, "The [sic] Wore Overcoats," pg. 5 Another early use of the complete phrase "hot dog" in reference to sausage appeared on page 4 of the October 19, 1895 issue of The Yale Record: "they contentedly munched hot dogs during the whole service."[13] General description Grilled hot dogs A hot dog is typically distinguishable from other sausages by its smaller size and relative lack of spicing. A regular hot dog of the kind popular at sporting events, and readily available in supermarkets, is roughly 6-in (15-cm) long, although thickness and length can vary. There are many nationally distributed brands that provide similar products to all geographical areas. Ingredients The basic ingredients in hot dogs are: * Meat and fat * Flavorings, such as salt, garlic, and paprika * Preservatives and colorants - typically sodium erythorbate and sodium nitrite In the US, if variety meats, cereal or soy fillers are used, the product name must be changed to "links" or the presence must be declared as a qualifier. Pork and beef are the traditional meats which are still widely used. Less expensive hot dogs are primarily chicken or turkey, due to the low cost of mechanically separated poultry. Hot dogs have high sodium, fat and nitrite content, which have been linked to health problems in some consumers. In recent years, due to changing dietary preferences, manufacturers have turned to turkey, chicken, or vegetarian meat substitutes, and have begun lowering salt content. In general, if a manufacturer produces two types of hot dog sausages, "wieners" tend to contain pork and are the blander of the two, while "franks" tend to be all beef and more-strongly seasoned.[citation needed] Condiments This wall painting shows some of the more common hot dog condiments: mustard, ketchup and relish. A Detroit Coney Island hot dog with chili, onion and mustard. Throughout the world, there are numerous variations in hot dog condiments. Some of these are mustard, ketchup, pickle relish, saurkraut, onion, mayonnaise, lettuce, tomato, cheese, and chili peppers. They are usually served in a bun.[citation needed] In the United States, the National Sausage and Hot Dog Council conducted a poll in 2005, which found mustard to be the most popular condiment (32 percent). "Twenty-three percent of Americans said they preferred ketchup. [...] Chili came in third at 17 percent, followed by relish (9 percent) and onions (7 percent). Southerners showed the strongest preference for chili, while Midwesterners showed the greatest affinity for ketchup. Nationwide, however, mustard prevailed."[15] Some Americans believe that a properly made hot dog should never be topped with ketchup, since it overpowers and destroys the taste of the hot dog instead of complementing it.[16]. The Coney Island hot dog, which is topped with a special "Coney sauce" (generally a beanless chili), also is a favorite in the US Midwest. Several restaurants in Michigan claim to have invented the Coney dog, which is virtually unknown in Coney Island, New York. It is known in parts of Upstate New York and Québec simply as a "Michigan," and the name stuck to many fast-food meals (namely poutine) that were served with the sauce (although it evolved in Québec more into a meat spaghetti sauce than a chili).[citation needed] Commercial Preparation Hot dogs are typically prepared commercially by mixing all of the ingredients (meats, spices, binders and fillers, if any) in large vats where rapidly moving blades grind and mix the ingredients in the same operation, ensuring a homogeneous product. This mixture is then forced through tubes into casings for cooking. Most hot dogs sold in the US are called "skinless" as opposed to more expensive "natural casing" hot dogs. Natural casing hot dogs As with virtually all sausages, hot dogs must be in a casing to be cooked. Traditionally, this casing is made from the thoroughly cleaned small intestines of sheep, and the products are known as "natural casing" hot dogs or frankfurters.[17] These kinds of hot dogs are preferred by some for their firmer texture and the "snap" that releases juices and flavor when the product is bitten.[17] Kosher natural casings are difficult to obtain in commercial quantities in the USA, and therefore kosher hot dogs are usually either skinless or made with reconstituted collagen casings.[17] Skinless hot dogs One of the more recent developments in hot dog preparation: The hot dog toaster. "Skinless" hot dogs also must use a casing in the cooking process when the product is manufactured, but here the casing is usually a long tube of thin cellulose that is completely removed between cooking and packaging. Skinless hot dogs vary in the texture of the product surface but have a softer "bite" than natural casing hot dogs. Skinless hot dogs are more uniform in shape and size than natural casing hot dogs and less expensive to produce. Final preparation For a full list of regional differences in hot dog preparation and condiments, see Hot dog variations. Hot dogs may be grilled, steamed, boiled, barbecued, pan fried, deep fried, broiled, or microwaved. Some cooks prefer to boil their hot dogs in beer.[18] While hot dogs are always cooked before packaging, they should not be eaten cold from the package. Hot dogs and their packaging fluid are sometimes contaminated with the bacterium Listeria monocytogenes, which causes listeriosis, a serious foodborne illness.[19] Hot dogs in the United States A roadside hot dog stand located near Huntington, West Virginia. 7-Eleven is North America's number-one retailer of fresh-grilled hot dogs, selling approximately 100 million each year.[20][21] Other chains in the U.S. that offer hot dogs include Sonic Drive-In and Dog n Suds, who call it a coney; Hardee's (but not their counterpart Carl's Jr. on the west coast of the United States, which is ironic due to founder Carl Karcher having started the Carl's Jr. empire with a hot dog stand); Dairy Queen; Wienerschnitzel (originally Der Wienerschnitzel), whose menu focuses on hot dogs; The Frankfurter in Seattle, Washington; Woody's Chicago Style; Five Guys; Nathan's Famous, which sponsors the annual Nathan's Hot Dog Eating Contest; A&W; and Spike's Junkyard Dogs located in Rhode Island and Boston. Additionally, Rhode Island is home to the New York System restaurants, specializing in wieners with mustard, chili sauce, chopped onions and celery salt. Krystal restaurants in the southeast offer a small hot dog called a Krystal Pup, and Fatburger, located mostly on the west coast of the U.S., offers hot dogs and chili dogs. In Cincinnati, Ohio Skyline Chili and Gold Star Chili sell hot dogs and spaghetti with their signature Cincinnati-style chili. They are also commonly served at Sam's Club and Costco with a soda. Yocco's Hot Dogs, founded in 1922, maintains six restaurants in the Lehigh Valley region of Pennsylvania and is known for its long-standing specialty of hot dogs with various toppings. Given Yocco's strong global popularity, the restaurant also has a mail-order business, providing bags of frozen hot dogs to customers around the U.S. and the world. A map of the world displayed in each of the company's six restaurants marks the thousands of locations that have ordered Yocco's hot dogs. They also serve wine, meaning that they serve wieners and wine. Casual dining restaurants often have hot dogs on their children's menu, but not on the regular menu. Hot dog stands and trucks sell hot dogs and accompaniments, as well as similar products, at street and highway locations. At convenience stores such as 7-Eleven, hot dogs are usually kept heated on rotating grills; a selection of flavors and sizes is sometimes offered. * Nathan's is a famous hot dog chain. The famous original stand is located in Coney Island, New York. * Pink's Hot Dogs is another famous independent stand and is located in Hollywood, California. * Casper's is a hot dog chain that originally started in Oakland, California, who opted to use a recipe similar to the German frankfurter, and said to have a signature "snap" when you bite into them. [22] * The Varsity in Atlanta, Georgia is a famous venue for hot dogs. * Superdawg in Chicago, Illinois is a local tourist attraction which still features carhops. * Walter's Hot Dog in Mamaroneck, New York, is one of the nation's oldest independent roadside stands. * Tony Packo's Cafe in Toledo, Ohio made famous worldwide by Cpl. Klinger (Jamie Farr) of the TV show M*A*S*H. Hot dogs sold by vendors who wander through the stands are a tradition at baseball parks. Several ballparks have signature hot dogs, such as Fenway Franks at Fenway Park in Boston, Massachusetts and Dodger Dogs at Dodger Stadium in Los Angeles, California. The Fenway signature is that the hot dog is boiled and grilled Fenway-style, and then served on a New England-style bun, covered with mustard and relish. Often during Red Sox games, vendors traverse the stadium selling the hot dogs plain, giving customers the choice of adding the condiments. Hot dog kinds and variations Main articles: Hot dog variations and Vegetarian Competitions The World's longest hot dog at the Akasaka Prince Hotel. Hot dogs are used in many competitions, including eating competitions and attempts to create world record sized hot dogs. On July 4, 2007, Joey Chestnut set a new record when he ate 66 hotdogs in 12 minutes at Nathan's Hot Dog Eating Contest 2007 event at Coney Island, breaking the previous record that he set on June 2, 2007 when he ate 59½ hotdogs in 12 minutes at a Nathan's qualifier event in Tempe, AZ. In Arizona, Chestnut had broken the record at the time of 53¾ by Takeru Kobayashi. [23] The World's Longest Hot Dog created was 60m (196.85 ft), and rested within a 60.3 m bun. The hot dog was prepared by Shizuoka Meat Producers for the All-Japan Bread Association, which baked the bun and coordinated the event, including official measurement for the world record. The hot dog and bun were the center of a media event in celebration of the Association's 50th anniversary on August 4, 2006, at the Akasaka Prince Hotel, Tokyo, Japan. Festivals The city of Huntington, West Virginia, hosts the annual West Virginia Hot Dog Festival.[24] Each year, at Suffolk Downs in Boston, Massachusetts, thousands of people come to the Hot Dog Safari to contribute money to help people with cystic fibrosis.[25] A future festival possibility comes from a meat market owner in DuBois, Pennsylvania, who created a peanut butter hot dog recipe at the suggestion of the mother of a seven-year-old customer. The popularity of this invention spread via the Internet, and the town of DuBois is now discussing a "peanut butter hot dog" festival. See also * Advanced meat recovery * Cheese dog * Chicago-style hot dog * Corn dog * Coney Island hot dog * Dodger Dog * Hot dog variations * Mechanically separated meat * Sausage bun * Sausage sandwich Notes 1. ^ Food Safety During Pregnancy 2. ^ Schmidt 2003:241 3. ^ Immerso 2002:23 4. ^ Sterngass 2001:239 5. ^ "History of the Hot Dog" page of [ ePopcorn.com ] 6. ^ Hot Dog History. 7. ^ McCullough 2000:240 8. ^ a b Jakle & Sculle 1999:163–164 9. ^ McCollough 2006:Frankfurter, she wrote: Hot dog shrouded in mystery 10. ^ [ www.harrystevens.co.uk ] 11. ^ a b Immerso 2002:131 12. ^ a b c Wilton 2004:58–59 13. ^ a b c Popik 2004:"Hot Dog (Polo Grounds myth & original monograph)" 14. ^ "Hot Dog". Snopes. July 13, 2007. [ www.snopes.com ] Retrieved on 2007-12-13. 15. ^ [ www.hot-dog.org ] 16. ^ The Straight Dope: Why is there no ketchup on a properly made hot dog? 17. ^ a b c Levine 2005:It's All in How the Dog Is Served 18. ^ Hot Dogs, Get Your Hot Dogs: all about hot dogs, wieners, franks and sausages 19. ^ Health Canada: Listeria and food safety 20. ^ 7-Eleven News Room: Fun Facts and Trivia. 21. ^ Hot Dog Heaven at 7-Eleven 22. ^ Casper's Famous Hot Dogs: What's The Snap 23. ^ [ sportsillustrated.cnn.com ] 24. ^ [ wvhotdogfestival.com ] West Virginia Hot Dog Festival 25. ^ Eddie Andelman's Hot Dog Safari 26. ^ Peanut butter hot dog craze sweeping Du Bois References * Immerso, Michael (2002), Coney Island: The People's Playground, New Brunswick, New Jersey: Rutgers University Press, ISBN 0813531381 * Jakle, John A.; Sculle, Keith A. (1999), Fast Food, Baltimore: The Johns Hopkins University Press, ISBN 0-8018-6109-8 * Levine, Ed (2005-05-25), "It's All in How the Dog Is Served", The New York Times, [ www.nytimes.com ] * McCollough, J. Brady (2006-04-02), "Frankfurter, she wrote: Hot dog shrouded in mystery", The Kansas City Star, [ www.coveringsports.com ] * McCullough, Edo (2000) . Good Old Coney Island: A Sentimental Journey into the Past. New York: Fordham University Press. ISBN 0823219976. * Popik, Barry (2004-07-15). "Hot Dog (Polo Grounds myth & original monograph)". The Big Apple. [ www.barrypopik.com ] Retrieved on 2007-05-27. * Schmidt, Gretchen (2003), German Pride: 101 Reasons to Be Proud You're German, New York: Citadel Press, ISBN 0806524812 * Sterngass, Jon (2001), First Resorts: Pursuing Pleasure at Saratoga Springs, Newport & Coney Island, Baltimore: The Johns Hopkins | |
I'm feeling pompous right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Sun Feb 15, 2009 @ 10:38pm |
bravo Update » cutterhead wrote on Sun Feb 15, 2009 @ 10:43pm continue a traiter le monde de moron, sti agrais, creve ta race.
dis moi cest la politique de [ rave.ca ] de se faire traiter de moron par ses admin. wow chapeau , fait toi regarder le cerveau esie de zero skill social de tache de pintch en poile de poche. Update » cutterhead wrote on Sun Feb 15, 2009 @ 11:45pm >>>> >>>> >>>> USB stick with hardware AES encryption has been cracked - heise
[ www.heise-online.co.uk ] Screwing up security Philippe Oechslin USB stick with hardware AES encryption Stealth MXP USB memory stick ZoomStealth MXP USB memory stick Whether you are talking about certification or 256-bit AES, even the best encryption provides no protection if an additional function accidentally renders the password vulnerable. In a test conducted by Objectif Sécurité, the product being tested was not a USB drive with just run-of-the-mill security features. Rather, the MXI Security Stealth MXP USB memory sticks are FIPS-140-2 certified. That means that after thorough testing, the US National Institute of Standards and Technology (NIST) declared them safe for use by federal US authorities [1]. Advertisement On examination it is evident that the Stealth MXP is a serious security product. Stealth MXP sticks have their own processor and a Field Programmable Gate Array (FPGA) chip – Actel ProASIC 3 A3P250 – that implements AES encryption in hardware and prevents the memory contents from being read. The markings on the processor and memory chips are scratched off to hamper reverse engineering. The Stealth MXP stick includes a fingerprint scanner that can be used as a key for data access and is one of a family of four USB security devices. These products allow for 2 factor authentication– fingerprint plus password, for protection of data stored on the stick. When used to secure information on a computer they can also provide 3 factor authentication requiring possession of the USB device itself, plus a fingerprint and password. Originally the security hardware and its managing software – now called MXI ACCESS Enterprise – were designed as a managed product with the intention that security policies would be set up and controlled by a companies IT department. A later version of the management software – called MXI ACCESS – allows for individual users to control security settings. The required security policies must be established before the Stealth MXP can be put to use. On first insertion the autorun feature should launch the ACCESS set up software from a small unsecured partition. The first menu choice is to – Personalise Device. When selected this offers two choices; Typical (Biometric user) or Custom, with the biometric choice as the default. Choosing Typical (Biometric user) leads to a request to enter an Administrator password. With an admin password entered an Adminstrators account is opened allowing multiple user accounts to be set up and associated fingerprints to be logged. With Encrypted When you insert the stick, you see an initial partition that you can read and even write onto. This partition is reset to its original status every time the stick is inserted, in order to prevent trojan based attacks. The program you see, called Start.exe, displays a login dialog where you can enter your username and password. Once you have logged in, you then see a second partition – with content encrypted and decrypted by the stick in accordance with the FIPS test protocol with AES-256. Optionally, for authentication via a fingerprint, you simply drag your finger across the scanner window on the side of the stick– no program is needed. This process even works under Linux, but if you want to change the stick's settings, you will need to use the Windows software. Under the bonnet ZoomActel's FGPA chip handles hardware encryption Our analysis in a debugger showed that communication between the software and the processor on the stick via the USB port is also encrypted. For instance, the function SSD_AuthenticatePassword prepares a query to the stick starting with SSD_MSG_Encode, followed by CipherSession::encrypt with encryption before finishing with Stealth_DeviceCom::SendRequest. The password or fingerprint is therefore apparently confirmed within the certification profile on the stick rather than on the PC, where it would be vulnerable. At this point, we were so impressed with the security and official certifications that we almost stopped testing. But then, something caught our eye… Cracked When we took a look at the data on the heap, we found a plain text string of "PwdHashes". Following this there was 40 bytes of data – right where you would expect two SHA-1 hashes to be found. A quick test with the password "test1234" revealed that the data structure had indeed grown by an additional 20 bytes to accommodate for our test password's SHA-1 hash. Memory dump with hash ZoomChecking with "echo -n heise1234 | sha1sum" reveals an unsalted SHA-1 hash of the password in memory. Apparently, the developers added a password history function to the software to prevent passwords from being used twice. This action is often called for in corporate environments, though the benefits are not proven. When asked about the software features by heise-online UK, MXI Security told us that the password history feature is something that had been requested by their customers. It is a later addition, not part of the original product design. Password history is not enabled by default, but is an option that must be turned on using the MXI ACCESS security management software. Unfortunately it seems the developers made a number of mistakes when they implemented this function. As a result we were able to obtain the plaintext password and access the encrpyted partiton. The first mistake is that the comparison of the current with the previous password takes place on the PC and not on the stick, as the lack of specific USB communication proves. The software gets the list of hashes from a part of the memory on the stick. When we then inserted the stick into a second PC that we had not yet included in the test, launched the login program and sure enough the hashes were again visible. So the second mistake is that the memory containing the hashes is readable even if you haven't logged on. In fact, the login software even helps you by loading the password hashes on launching. Then, all you need to do is sic a debugger on the active process to extract them. Which brings us to the third, final – and fatal – mistake: these hashes are a piece of cake to resolve – unsalted cake, that is. You can use rainbow tables to crack them fairly quickly. For instance It would only take you around 15 minutes to crack an eight-character password consisting both of numbers and letters. It would not have taken much salt to have ruled out this type of attack entirely. As already mentioned, MXI Security confirmed that this function was developed as an add-on for the enterprise version. As originally implemented, in return for a questionable gain in security, this add-on function undermined the USB stick's sophisticated security concept. MXI Security said it was able to reproduce the attack based on our description. Within a week, the firm released a security advisory and updated its software to Access Enterprise 3.1 [2]. A brief test revealed that the hashes now have at least a grain of salt. (ju) Literature [1] Policy For Stealth MXP, FIPS-Policy tests – PDF [2] Security Bulletin: MXI06-001, Security bulletin from MXI Security Update » cutterhead wrote on Sun Feb 15, 2009 @ 11:48pm [ www.phrack.com ]
..[ Phrack Magazine ].. .:: PHRACK ISSUES ::. Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] Get tar.gz Current issue : #63 | Release date : 01/08/2005 | Editor : Phrack Staff Introduction Phrack Staff Loopback Phrack Staff Linenoise Phrack Staff Phrack Prophile on Tiago Phrack Staff OSX heap exploitation techniques Nemo Hacking Windows CE (pocketpcs & others) San Games with kernel Memory...FreeBSD Style jkong Raising The Bar For Windows Rootkit Detection sherri sparks & jamie butler Embedded ELF Debugging ELFsh crew Hacking Grub for Fun & Profit coolq Advanced antiforensics : SELF ripe & pluf Process Dump and Binary Reconstruction ilo Next-Gen. Runtime Binary Encryption zvrba Shifting the Stack Pointer andrewg NT Shellcode Prevention Demystified piotr PowerPC Cracking on OSX with GDB curious Hacking with Embedded Systems cawan Process Hiding & The Linux Scheduler ubra Breaking Through a Firewall kotkrye Phrack World News Phrack Staff Commentsbottom Title : Hacking with Embedded Systems Text mode text Author : cawan ==Phrack Inc.== Volume 0x0b, Issue 0x3f, Phile #0x11 of 0x14 |=------------[ Security Review Of Embedded Systems And Its ]------------=| |=------------[ Applications To Hacking Methodology ]------------=| |=-----------------------------------------------------------------------=| |=----[ Cawan: [ ] or [ ] ]----=| --=[ Contents 1. - Introduction 2. - Architectures Classification 3. - Hacking with Embedded System 4. - Hacking with Embedded Linux 5. - "Hacking Machine" Implementation In FPGA 6. - What The Advantages Of Using FPGA In Hacking ? 7. - What Else Of Magic That Embedded Linux Can Do ? 8. - Conclusion --[ 1. - Introduction Embedded systems have been penetrated the daily human life. In residential home, the deployment of "smart" systems have brought out the term of "smart-home". It is dealing with the home security, electronic appliances control and monitoring, audio/video based entertainment, home networking, and etc. In building automation, embedded system provides the ability of network enabled (Lonwork, Bacnet or X10) for extra convenient control and monitoring purposes. For intra-building communication, the physical network media including power-line, RS485, optical fiber, RJ45, IrDA, RF, and etc. In this case, media gateway is playing the roll to provide inter-media interfacing for the system. For personal handheld systems, mobile devices such as handphone/smartphone and PDA/XDA are going to be the necessity in human life. However, the growing of 3G is not as good as what is planning initially. The slow adoption in 3G is because it is lacking of direct compatibility to TCP/IP. As a result, 4G with Wimax technology is more likely to look forward by communication industry regarding to its wireless broadband with OFDM. Obviously, the development trend of embedded systems application is going to be convergence - by applying TCP/IP as "protocol glue" for inter-media interfacing purpose. Since the deployment of IPv6 will cause an unreasonable overshooting cost, so the widespread of IPv6 products still needs some extra times to be negotiated. As a result, IPv4 will continue to dominate the world of networking, especially in embedded applications. As what we know, the brand-old IPv4 is being challenged by its native security problems in terms of confidentiality, integrity, and authentication. Extra value added modules such as SSL and SSH would be the best solution to protect most of the attacks such as Denial of Service, hijacking, spooling, sniffing, and etc. However, the implementation of such value added module in embedded system is optional because it is lacking of available hardware resources. For example, it is not reasonable to implement SSL in SitePlayer[1] for a complicated web-based control and monitoring system by considering the available flash and memory that can be utilized. By the time of IPv4 is going to conquer the embedded system's world, the native characteristic of IPv4 and the reduced structure of embedded system would be problems in security consideration. These would probably a hidden timer-bomb that is waiting to be exploited. As an example, by simply performing port scan with pattern recognition to a range of IP address, any of the running SC12 IPC@CHIP[2] can be identified and exposed. Once the IP address of a running SC12 is confirmed, by applying a sequence of five ping packet with the length of 65500 is sufficient to crash it until reset. --[ 2. - Architectures Classification With the advent of commodity electronics in the 1980s, digital utility began to proliferate beyond the world of technology and industry. By its nature digital signal can be represented exactly and easily, which gives it much more utility. In term of digital system design, programmable logic has a primary advantage over custom gate arrays and standard cells by enabling faster time-to-complete and shorter design cycles. By using software, digital design can be programmed directly into programmable logic and allowing making revisions to the design relatively quickly. The two major types of programmable logic devices are Field Programmable Logic Arrays (FPGAs) and Complex Programmable Logic Devices (CPLDs). FPGAs offer the highest amount of logic density, the most features, and the highest performance. These advanced devices also offer features such as built-in hardwired processors (such as the IBM Power PC), substantial amounts of memory, clock management systems, and support for many of the latest very fast device-to-device signaling technologies. FPGAs are used in a wide variety of applications ranging from data processing and storage, instrumentation, telecommunications, and digital signal processing. Instead, CPLDs offer much smaller amounts of logic (approximately 10,000 gates). But CPLDs offer very predictable timing characteristics and are therefore ideal for critical control applications. Besides, CPLDs also require extremely low amounts of power and are very inexpensive. Well, it is the time to discuss about Hardware Description Language (HDL). HDL is a software programming language used to model the intended operation of a piece of hardware. There are two aspects to the description of hardware that an HDL facilitates: true abstract behavior modeling and hardware structure modeling. The behavior of hardware may be modeled and represented at various levels of abstraction during the design process. Higher level models describe the operation of hardware abstractly, while lower level models include more detail, such as inferred hardware structure. There are two types of HDL: VHDL and Verilog-HDL. The history of VHDL started from 1980 when the USA Department of Defence (DoD) wanted to make circuit design self documenting, follow a common design methodology and be reusable with new technologies. It became clear there was a need for a standard programming language for describing the function and structure of digital circuits for the design of integrated circuits (ICs). The DoD funded a project under the Very High Speed Integrated Circuit (VHSIC) program to create a standard hardware description language. The result was the creation of the VHSIC hardware description language or VHDL as it is now commonly known. The history of Verilog-HDL started from 1981, when a CAE software company called Gateway Design Automation that was founded by Prabhu Goel. One of the Gateway's first employees was Phil Moorby, who was an original author of GenRad's Hardware Description Language (GHDL) and HILO simulator. On 1983, Gateway released the Verilog Hardware Description Language known as Verilog-HDL or simply Verilog together with a Verilog simulator. Both VHDL and Verilog-HDL are reviewed and adopted by IEEE as IEEE standard 1076 and 1364, respectively. Modern hardware implementation of embedded systems can be classified into two categories: hardcore processing and softcore processing. Hardcore processing is a method of applying hard processor(s) such as ARM, MIPS, x86, and etc as processing unit with integrated protocol stack. For example, SC12 with x86, IP2022 with Scenix RISC, eZ80, SitePlayer and Rabbit are dropped in the category of hardcore processing.Instead, softcore processing is applying a synthesizable core that can be targeted into different semiconductor fabrics. The semiconductor fabrics should be programmable as what FPGA and CPLD do. Altera[3] and Xilinx[4] are the only FPGA/CPLD manufacturers in the market that supporting softcore processor. Altera provides NIOS processor that can be implemented in SOPC Builder that is targeted to its Cyclone and Stratix FPGAs. Xilinx provides two types of softcore: Picoblaze, that is targeted to its CoolRunner-2 CPLD; and Microblaze, that is targeted to its Spartan and Virtex FPGAs. For the case of FPGAs with embedded hardcore, for example ARM-core in Stratix, and MIPS-core in Virtex are classified as embedded hardcore processing. On the other hand, FPGAs with embedded softcore such as NIOS-core in Cyclone or Stratix, and Microblaze-core in Spartan or Virtex are classified as softcore processing. Besides, the embedded softcore can be associated with others synthesizable peripherals such as DMA controller for advanced processing purpose. In general, the classical point of view regarding to the hardcore processing might assuming it is always running faster than softcore processing. However, it is not the fact. Processor performance is often limited by how fast the instruction and data can be pipelined from external memory into execution unit. As a result, hardcore processing is more suitable for general application purpose but softcore processing is more liable to be used in customized application purpose with parallel processing and DSP. It is targeted to flexible implementation in adaptive platform. --[ 3. - Hacking with Embedded System When the advantages of softcore processing are applied in hacking, it brings out more creative methods of attack, the only limitation is the imagination. Richard Clayton had shown the method of extracting a 3DES key from an IBM 4758 that is running Common Cryptographic Architecture (CCA)[5]. The IBM 4758 with its CCA software is widely used in the banking industry to hold encryption keys securely. The device is extremely tamper-resistant and no physical attack is known that will allow keys to be accessed. According to Richard, about 20 minutes of uninterrupted access to the IBM 4758 with Combine_Key_Parts permission is sufficient to export the DES and 3DES keys. For convenience purpose, it is more likely to implement an embedded system with customized application to get the keys within the 20 minutes of accessing to the device. An evaluation board from Altera was selected by Richard Clayton for the purpose of keys exporting and additional two days of offline key cracking. In practice, by using multiple NIOS-core with customized peripherals would provide better performance in offline key cracking. In fact, customized parallel processing is very suitable to exploit both symmetrical and asymmetrical encrypted keys. --[ 4. - Hacking with Embedded Linux For application based hacking, such as buffer overflow and SQL injection, it is more preferred to have RTOS installed in the embedded system. For code reusability purpose, embedded linux would be the best choice of embedded hacking platform. The following examples have clearly shown the possible attacks under an embedded platform. The condition of the embedded platform is come with a Nios-core in Stratix and uClinux being installed. By recompiling the source code of netcat and make it run in uClinux, a swiss army knife is created and ready to perform penetration as listed below: - a) Port Scan With Pattern Recognition A list of subnet can be defined initially in the embedded system and bring it into a commercial building. Plug the embedded system into any RJ45 socket in the building, press a button to perform port scan with pattern recognition and identify any vulnerable network embedded system in the building. Press another button to launch attack (Denial of Service) to the target network embedded system(s). This is a serious problem when the target network embedded system(s) is/are related to the building evacuation system, surveillance system or security system. b) Automatic Brute-Force Attack Defines server(s) address, dictionary, and brute-force pattern in the embedded system. Again, plug the embedded system into any RJ45 socket in the building, press a button to start the password guessing process. While this small box of embedded system is located in a hidden corner of any RJ45 socket, it can perform the task of cracking over days, powered by battery. c) LAN Hacking By pre-identify the server(s) address, version of patch, type of service(s), a structured attack can be launched within the area of the building. For example, by defining: [ 192.168.1.1 ] 8,7,load_file(char(47,101,116,99,47,112,97,115,115,119,100)),5,4, 3,2,1 **char(47,101,116,99,47,112,97,115,115,119,100) = /etc/passwd in the embedded system initially. Again, plug the embedded system into any RJ45 socket in the building (within the LAN), press a button to start SQL injection attack to grab the password file of the Unix machine (in the LAN). The password file is then store in the flash memory and ready to be loaded out for offline cracking. Instead of performing SQL injection, exploits can be used for the same purpose. d) Virus/Worm Spreading The virus/worm can be pre-loaded in the embedded system. Again, plug the embedded system into any RJ45 socket in the building, press a button to run an exploit to any vulnerable target machine, and load the virus/worm into the LAN. e) Embedded Sniffer Switch the network interface from normal mode into promiscuous mode and define the sniffing conditions. Again, plug the embedded system into any RJ45 socket in the building, press a button to start the sniffer. To make sure the sniffing process can be proceed in switch LAN, ARP sniffer is recommended for this purpose. --[ 5. - "Hacking Machine" Implementation In FPGA The implementation of embedded "hacking machine" will be demonstrated in Altera's NIOS development board with Stratix EP1S10 FPGA. The board provides a 10/100-base-T ethernet and a compact-flash connector. Two RS-232 ports are also provided for serial interfacing and system configuration purposes, respectively. Besides, the onboard 1MB of SRAM, 16MB of SDRAM, and 8MB of flash memory are ready for embedded linux installation[6]. The version of embedded linux that is going to be applied is uClinux from microtronix[7]. Ok, that is the specification of the board. Now, we start our journey of "hacking machine" design. We use three tools provided by Altera to implement our "hardware" design. In this case, the term of "hardware" means it is synthesizable and to be designed in Verilog-HDL. The three tools being used are: QuartusII ( as synthesis tool), SOPC Builder (as Nios-core design tool), and C compiler. Others synthesis tools such as leonardo-spectrum from mentor graphic, and synplify from synplicity are optional to be used for special purpose. In this case, the synthesized design in edif format is defined as external module. It is needed to import the module from QuartusII to perform place-and-route (PAR). The outcome of PAR is defined as hardware-core. For advanced user, Modelsim from mentor graphic is highly recommended to perform behavioral simulation and Post-PAR simulation. Behavioral simulation is a type of functional verification to the digital hardware design. Timing issues are not put into the consideration in this state. Instead, Post-PAR simulation is a type of real-case verification. In this state, all the real-case factors such as power-consumption and timing conditions (in sdf format) are put into the consideration. [8,9,10,11,12] A reference design is provided by microtronix and it is highly recommended to be the design framework for any others custom design with appropriate modifications [13]. Well, for our "hacking machine" design purpose, the only modification that we need to do is to assign the interrupts of four onboard push-buttons [14]. So, once the design framework is loaded into QuartusII, SOPC Builder is ready to start the design of Nios-core, Boot-ROM, SRAM and SDRAM inteface, Ethernet interface, compact-flash interface and so on. Before starting to generate synthesizable codes from the design, it is crucial to ensure the check-box of "Microtronix uClinux" under Software Components is selected (it is in the "More CPU Settings" tab of the main configuration windows in SOPC Builder). By selecting this option, it is enabling to build a uClinux kernel, uClibc library, and some uClinux's general purpose applications by the time of generating synthesizable codes. Once ready, generate the design as synthesizable codes in SOPC Builder following by performing PAR in QuartusII to get a hardware core. In general, there are two formats of hardware core:- a) .sof core: To be downloaded into the EP1S10 directly by JTAG and will require a re-load if the board is power cycled **(Think as volatile) b) .pof core: To be downloaded into EPC16 (enhanced configuration device) and will automatically be loaded into the FPGA every time the board is power cycled **(Think as non-volatile) The raw format of .sof and .pof hardware core is .hexout. As hacker, we would prefer to work in command line, so we use the hexout2flash tool to convert the hardware core from .hexout into .flash and relocate the base address of the core to 0x600000 in flash. The 0x600000 is the startup core loading address of EP1S10. So, once the .flash file is created, we use nios-run or nr command to download the hardware core into flash memory as following: [Linux Developer] ...uClinux/: nios-run hackcore.hexout.flash After nios-run indicates that the download has completed successfully, restart the board. The downloaded core will now start as the default core whenever the board is restarted. Fine, the "hardware" part is completed. Now, we look into the "software" implementation. We start from uClinux. As what is stated, the SOPC Builder had generated a framework of uClinux kernel, uClibc library, and some uClinux general purpose applications such as cat, mv, rm, and etc. We start to reconfigure the kernel by using "make xconfig". [Linux Developer] ...uClinux/: cd linux [Linux Developer] ...uClinux/: make xconfig In xconfig, perform appropriate tuning to the kernel, then use "make clean" to clean the source tree of any object files. [Linux Developer] ...linux/: make clean To start building a new kernel use "make dep" following by "make". [Linux Developer] ...linux/: make dep [Linux Developer] ...linux/: make To build the linux.flash file for uploading, use "make linux.flash". [Linux Developer] ...uClinux/: make linux.flash The linux.flash file is defined as the operating system image. As what we know, an operating system must run with a file system. So, we need to create a file system image too. First, edit the config file in userland/.config to select which application packages get built. For example: #TITLE agetty CONFIG_AGETTY=y If an application package's corresponding variable is set to 'n' (for example, CONFIG_AGETTY=n), then it will not be built and copied over to the target/ directory. Then, build all application packages specified in the userland/.config as following: [Linux Developer] [ ...us ] make Now, we copy the pre-compiled netcat into target/ directory. After that, use "make romfs" to start generating the file system or romdisk image. [Linux Developer] ...uClinux/: make romfs Once completed, the resulting romdisk.flash file is ready to be downloaded to the target board. First, download the file system image following by the operating system image into the flash memory. [Linux Developer] ...uClinux/: nios-run -x romdisk.flash [Linux Developer] ...uClinux/: nios-run linux.flash Well, our FPGA-based "hacking machine" is ready now. Lets try to make use of it to a linux machine with /etc/passwd enabled. We assume the ip of the target linux machine is 192.168.1.1 as web server in the LAN that utilize MySQL database. Besides, we know that its show.php is vulnerable to be SQL injected. We also assume it has some security protections to filter out some dangerous symbols, so we decided to use char() method of injection. We assume the total columns in the table that access by show.php is 8. Now, we define: char [ 192.168.1.1 ] %20select%208,7,load_file(char(47,101,116,99,47,112,97,115,115,119, 100)),5,4,3,2,1"; as attacking string, and we store the respond data (content of /etc/passwd) in a file name of password.dat. By creating a pipe to the netcat, and at the same time to make sure the attacking string is always triggered by the push-button, well, our "hacking machine" is ready. Plug the "hacking machine" into any of the RJ45 socket in the LAN, following by pressing a button to trigger the attacking string against 192.168.1.1. After that, unplug the "hacking machine" and connect to a pc, download the password.dat from the "hacking machine", and start the cracking process. By utilizing the advantages of FPGA architecture, a hardware cracker can be appended for embedded based cracking process. Any optional module can be designed in Verilog-HDL and attach to the FPGA for all-in-one hacking purpose. The advantages of FPGA implementation over the conventional hardcore processors will be deepened in the following section, with a lot of case-studies, comparisons and wonderful examples. Tips: **FTP server is recommended to be installed in "hacking machine" because of two reasons: 1) Any new or value-added updates (trojans, exploits, worms,...) to the "hacking machine" can be done through FTP (online update). 2) The grabbed information (password files, configuration files,...) can be retrieved easily. Notes: **Installation of FTP server in uClinux is done by editing userland/.config file to enable the ftpd service. **This is just a demostration, it is nearly impossible to get a unix/linux machine that do not utilize file-permission and shadow to protect the password file. This article is purposely to show the migration of hacking methodology from PC-based into embedded system based. --[ 6. - What The Advantages Of Using FPGA In Hacking ? Well, this is a good question while someone will ask by using a $50 Rabbit module, a 9V battery and 20 lines of Dynamic C, a simple "hacking machine" can be implemented, instead of using a $300 FPGA development board and a proprietary embedded processor with another $495. The answer is, FPGA provides a very unique feature based on its architecture that is able to be hardware re-programmable. As what we know, FPGA is a well known platform for algorithm verification in hardware implementation, especially in DSP applications. The demand for higher bit rates by the wired and wireless communications industry has led to the development of higher bit rate and low cost serial link interface chips. Based on such considerations, some demands of programmable channel and band scanning are needed to be digitized and re-programmable. A new term has been created for this type of framework as "software defined radio" or SDR. However, the slow adoption of SDR is due to the limitation in Analog-to-Digital Converter(ADC) to digitize the analog demodulation unit in transceiver module. Although the sampling rate of the most advanced ADC is not yet to meet the specification of SDR, but it will come true soon. In this case, the application of conventional DSP chips such as TMS320C6200 (for fixed-point processing) and TMS320C6700 (for floating-point processing) are a little bit harder to handle such extremely high bit rates. Of course, someone may claim its parallel processing technique could solve the problem by using the following symbols in linear assembly language[15]. Inst1 || Inst2 || Inst3 || Inst4 || Inst5 || Inst6 Inst7 The double-pipe symbols (||) indicate instructions that are in parallel with a previous instruction. Inst2 to Inst6, these five instructions run in parallel with the first instruction, Inst1. In TMS320, up to eight instructions can be running in parallel. However, this is not a true parallel method, but perform pipelining in different time-slot within a single clock cycle. Instead, the true parallel processing can only be implemented with different sets of hardware module. So, FPGA should be the only solution to implement a true parallel processing architecture. For the case of SDR that is mentioned, it is just a an example to show the limitation of data processing in the structure of resource sharing. Meanwhile, when we consider to implement an encryption module, it is the same case as what data processing do. The method of parallel processing is extremely worth to enhance the time of key cracking process. Besides, it is significant to know that the implementation of encryption module in FPGA is hardware-driven. It is totally free from the limitation of any hardcore processor structure that is using a single instruction pointer (or program counter) to performing push and pop operations interactively over the stack memory. So, both of the mentioned advantages: true-parallel processing, and hardware-driven, are nicely clarified the uniqueness of FPGA's architecture for advanced applications. While we go further with the uniqueness of FPGA's architecture, more and more interesting issues can come into the discussion. For hacking purpose, we focus and stick to the discussion of utilizing the ability of hardware re-programmable in a FPGA-based "hacking machine". We ignore the ability of "software re-programmable" here because it can be done by any of the hardcore processor in the lowest cost. By applying the characterictic of hardware re-programmable, a segment of space in flash memory is reserved for hardware image. In Nios, it is started from 0x600000. This segment is available to be updated from remote through the network interface. In advanced mobile communication, this type of feature is started to be used for hardware bug-fix as well as module update [16] purpose. It is usually known as Over-The-Air (OTA) technology. For hacking purpose, the characteristic of hardware re-programmable had made our "hacking machine" to be general purpose. It can come with a hardware-driven DES cracker, and easily be changed to MD5 cracker or any other types of hardware-driven module. Besides, it can also be changed from an online cracker to be a proxy, in a second of time. In this state, the uniqueness of FPGA's architecture is clear now. So, it is the time to start the discussion of black magic with the characteristic of hardware re-programmable in further detail. By using Nios-core, we explore from two points: custom instruction and user peripheral. A custom instruction is hardware-driven and implemented by custom logic as shown below: |---->|------------| | |Custom Logic|-| | |-->|------------| | | | | | | |----------------|| A ---->| |-| | | Nios-ALU | |----> OUT B ---->| |-| |-----------------| By defining a custom logic that is parallel connected with Nios-ALU inputs, a new custom instruction is successfully created. With SOPC Builder, custom logic can be easily add-on and take-out from Nios-ALU, and so is the case of custom instruction. Now, we create a new custom instruction, let say nm_fpmult(). We apply the following codes: float a, b, result_slow, result_fast; result_slow = a * b; //Takes 2874 clock cycles result_fast = nm_fpmult(a, b); //Takes 19 clock cycles From the running result, the operation of hardware-based multiplication as custom instruction is so fast that is even faster than a DSP chip. For cracking purpose, custom instructions set can be build up in respective to the frequency of operations being used. The instructions set is easily to be plugged and unplugged for different types of encryption being adopted. The user peripheral is the second black magic of hardware re-programmable. As we know Nios-core is a soft processor, so a bus specification is needed for the communication of soft processor with other peripherals, such as RAM, ROM, UART, and timer. Nios-core is using a proprietary bus specification, known as Avalon-bus for peripheral-to-peripheral and Nios-core-to-peripheral communication purpose. So, user peripherals such as IDE and USB modules are usually be designed to expand the usability of embedded system. For hacking purpose, we ignore the IDE and USB peripherals because we are more interested to design user peripheral for custom communication channel synchronization. When we consider to hack a customize system such as building automation, public addressing, evacuation, security, and so on, the main obstacle is its proprietary communication protocol [17, 18, 19, 20, 21, 22]. In such case, a typical network interface is almost impossible to synchronize into the communication channel of a customize system. For example, a system that is running at 50Mbps, neither a 10Based-T nor 100Based-T network interface card can communicate with any module within the system. However, by knowing the technical specification of such system, a custom communication peripheral can be created in FPGA. So, it is able to synchronize our "hacking machine" into the communication channel of the customize system. By going through the Avalon-bus, Nios-core is available to manipulate the data-flow of the customize system. So, the custom communication peripheral is going to be the customize media gateway of our "hacking machine". The theoretical basis of custom communication peripheral is come from the mechanism of clock data recovery (CDR). CDR is a method to ensure the data regeneration is done with a decision circuit that samples the data signal at the optimal instant indicated by a clock. The clock must be synchronized as exactly the same frequency as the data rate, and be aligned in phase with respect to the data. The production of such a clock at the receiver is the goal of CDR. In general, the task of CDR is divided into two: frequency acquisition and timing alignment. Frequency acquisition is the process that locks the receiver clock frequency to the transmitted data frequency. Timing alignment is the phase alignment of the clock so the decision circuit samples the data at the optimal instant. Sometime, it is also named as bit synchronization or phase locking. Most timing alignment circuits can perform a limited degree of frequency acquisition, but additional acquisition aids may be needed. Data oversampling method is being used to create the CDR for our "hacking machine". By using the method of data oversampling, frequency acquisition is no longer be put into the design consideration. By ensuring the sampling frequency is always N times over than data rate, the CDR is able to work as normal. To synchronize multiple of customize systems, a frequency synthesis unit such as PLL is recommended to be used to make sure the sampling frequency is always N times over than data rate. A framework of CDR based-on the data oversampling method with N=4 is shown as following in Verilog-HDL. **The sampling frequency is 48MHz (mclk), which is 4 times of data rate (12MHz). //define input and output input data_in; input mclk; input rst; output data_buf; //asynchronous edge detector wire reset = (rst & ~(data_in ^ capture_buf)); //data oversampling module reg capture_buf; always @ (posedge mclk or negedge rst) if (rst == 0) capture_buf <= 0; else capture_buf <= data_in; //edge detection module reg [1:0] mclk_divd; always @ (posedge mclk or negedge reset or posedge reset) if (reset == 0) mclk_divd <= 2'b00; else mclk_divd <= mclk_divd + 1; //capture at data eye and put into a 16-bit buffer reg [15:0] data_buf; always @ (posedge mclk_divd[1] or negedge rst) if (rst == 0) data_buf <= 0; else data_buf <= {data_buf[14:0],capture_buf}; Once the channel is synchronized, the data can be transferred to Nios-core through the Avalon-Bus for further processing and interaction. The framework of CDR is plenty worth for channel synchronization in various types of custom communication channels. Jean P. Nicolle had shown another type of CDR for 10Base-T bit synchronization [23]. As someone might query for the most common approach of performing CDR channel synchronization in Phase-Locked Loop (PLL). Yes, this is a type of well known analog approach, by we are more interested to the digital approach, with the reason of hardware re-programmable - our black magic of FPGA. For those who interested to know more advantages of digital CDR approach over the analog CDR approach can refer to [24]. Anyway, the analog CDR approach is the only option for a hardcore-based (Scenix, Rabbit, SC12 ,...) "hacking machine" design, and it is sufferred to: 1. Longer design time for different data rate of the communication link. The PLL lock-time to preamble length, charge-pump circuit design, Voltage Controlled Oscillator (VCO), are very critical points. 2. Fixed-structure design. Any changes of "hacking application" need to re-design the circuit itself, and it is quite cumbersome. As a result, by getting a detail technical specification of a customized system, the possibility to hack into the system has always existed, especially to launch the Denial of Service attack. By disabling an evacuation system, or a fire alarm system at emergency, it is a very serious problem than ever. Try to imagine, when different types of CDRs are implemented in a single FPGA, and it is able to perform automatic switching to select a right CDR for channel synchronization. On the other hand, any custom defined module is able to plug into the system itself and freely communicate through Avalon-bus. Besides, the generated hardware image is able to be downloaded into flash memory through tftp. By following with a soft-reset to re-configure the FPGA, the "hacking machine" is successfully updated. So, it is ready to hack multiple of custom systems at the same time. case study: **The development of OPC technology is slowly become popular. According to The OPC Foundation, OPC technology can eliminate expensive custom interfaces and drivers tranditionally required for moving information easily around the enterprise. It promotes interoperability, including amongst different computing solutions and platforms both horizontally and vertically in the emterprise [25]. --[ 7. - What Else Of Magic That Embedded Linux Can Do ? So, we know the weakness of embedded system now, and we also know how to utilize the advantages of embedded system for hacking purpose. Then, what else of magic that we can do with embedded system? This is a good question. By referring to the development of network applications, ubiquitous and pervasive computing would be the latest issues. Embedded system would probably to be the future framework as embedded firewall, ubiquitous gateway/router, embedded IDS, mobile device security server, and so on. While existing systems are looking for network-enabled, embedded system had established its unique position for such purpose. A good example is migrating MySQL into embedded linux to provide online database-on-chip service (in FPGA) for a building access system with RFID tags. Again, the usage and development of embedded system has no limitation, the only limitation is the imagination. Tips: **If an embedded system works as a server (http, ftp, ...), it is going to provide services such as web control, web monitoring,... **If an embedded system works as a client (http, ftp, telnet, ..), then it is more likely to be a programmable "hacking machine" --[ 8. - Conclusion Embedded system is an extremely useful technology, because we can't expect every processing unit in the world as a personal computer. While we are begining to exploit the usefullness of embedded system, we need to consider all the cases properly, where we should use it and where we shouldn't use it. Embedded security might be too new to discuss seriously now but it always exist, and sometime naive. Besides, the abuse of embedded system would cause more mysterious cases in the hacking world. --=[ References [1] [ www.siteplayer.com ] [2] [ www.beck-ipc.com ] [3] [ www.altera.com ] [4] [ www.xilinx.com ] [5] [ www.cl.cam.ac.uk ] [6] Nios Development Kit, Stratix Edition: Getting Started User Guide (Version 1.2) - July 2003 [ www.altera.com ] [7] [ www.microtronix.com ] [8] Nios Hardware Development Tutorial (Version 1.1) - July 2003 [ www.altera.com ] [9] Nios Software Development Tutorial (Version 1.3) - July 2003 [ www.altera.com ] [10] Designing With The Nios (Part 1) - Second-Order, Closed-Loop Servo Control Circuit Cellar, #167, June 2004 [11] Designing With The Nios (Part 2) - System Enhancement Circuit Cellar, #168, July 2004 [12] Nios Tutorial (Version 1.1) February 2004 [ www.altera.com ] [13] Microtronix Embedded Linux Development - Getting Started Guide: Document Revision 1.2 [ www.pldworld.com ] getting_started_guide.pdf [14] Stratix EP1S10 Device: Pin Information February 2004 [ www.fulcrum.ru ] [15] TMS320C6000 Assembly Language Tools User's Guide [ www.tij.co.jp ] toolspdf6000/spru186i.pdf [16] Dynamic Spectrum Allocation In Composite Reconfigurable Wireless Networks IEEE Communications Magazine, May 2004. [ ieeexplore.ieee.org ] 1299346&isnumber=28868 [17] TOA - VX-2000 (Digital Matrix System) [ www.toa-corp.co.uk ] [18] Klotz Digital - Vadis (Audio Matrix), VariZone (Complex Digital PA System For Emergency Evacuation Applications) [ www.klotz-digital.de ] [19] Peavey - MediaMatrix System [ mediamatrix.peavey.com ] [20] Optimus - Optimus (Audio & Communication), Improve (Distributed Audio) [ www.optimus.es ] [21] Simplex - TrueAlarm (Fire Alarm Systems) [ www.simplexgrinnell.com ] [22] Tyco - Fire Detection and Alarm, Integrated Security Systems, Health Care Communication Systems [ www.tycosafetyproducts-us.com ] [23] 10Base-T FPGA Interface - Ethernet Packets: Sending and Receiving [ www.fpga4fun.com ] [24] Ethernet Receiver [ www.holmea.demon.co.uk ] [25] The OPC Foundation [ www.opcfoundation.org ] [ www.ubicom.com ] (IP2022) [ www.zilog.com ] (eZ80) [ www.fpga4fun.com ] [ www.elektroda.pl ] |=[ EOF ]=---------------------------------------------------------------=| Toptop - Articlearticle - New commentnewcomment Comments : « Back - 1 - Next » RobotGymnast, on May 28th 2007 at 8:51 am : Hey Cawan, I am looking for some help on basic hacking, because I can't find any good helpers.. I'm barely 15 and have been programming since I was 10. If you could help me, could you email me at RobotGymnast@hotmail.com? Thanks Toptop - Articlearticle - Commentscomments Add a new comment : (require validation) Username : (required) Email : (will not be published) (required) Antispam : (required) Text in English only : (required) [ News ] [ Issues ] [ Authors ] [ Comments ] [ Search ] [ Stats ] [ Contact ] © Copyleft 1985-2007, Phrack Magazine. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» Trey replied on Mon Feb 16, 2009 @ 9:44am |
My friend can't have a Facebook account because he works for a law enforcement agency.
' said that he might go undercover and they won't let him have one. |
Good [+1]Toggle ReplyLink» Emyko replied on Mon Feb 16, 2009 @ 10:36am |
Originally Posted By LAURENT
Facebook is the devil incarnate. Seriously, i dont understand how can somebody would like that all the people he knows network together. You can litteraly follow every step a person take with his facebook. Next thing you know, your boss knows that you rave on weekends and that the last time you called in sick was because you were totally hungover from a night of total excess involving cocaine,underage girls and running around balls naked with a KFC bucket on your head. Conspiracys, social insurrance number trafficking and whatnot dont concern me at this point. Ok Laurent....here something for you and everyone who wants to protect their information [ www.readwriteweb.com ] [ www.allfacebook.com ] On fessebook you can block whatever you want to everybody if you want...just gat to know how!!!!! :D | |
I'm feeling hype right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Mon Feb 16, 2009 @ 1:04pm |
there are other possible exploits, imagine someone breaking the server withou the admin aware of whats going on. Update » cutterhead wrote on Mon Feb 16, 2009 @ 1:09pm the problem is still something we talked about : if you give them info, its still located somewhere .
and crossing many services with little info you can retreive everytime , in the end its possible to even social engineer people with that little info and all. and i failed to see that a 128 bit encryption isnt fool proof but a 256 is... Update » cutterhead wrote on Mon Feb 16, 2009 @ 1:10pm like you never got a spyware that keylogged your keyboard and transmitted the info over internet tru an custom port or a standard one.... Update » cutterhead wrote on Mon Feb 16, 2009 @ 1:12pm centralising can be the worse security feature in manycases. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» v.2-1 replied on Mon Feb 16, 2009 @ 6:35pm |
What is this ?
Battle of the Wall of Texts ? | |
I'm feeling like nico bellic right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Mon Feb 16, 2009 @ 6:37pm |
10$ troll is going to write moron somewhere in the explication.
he get condecending because he has a small pipi. Update » cutterhead wrote on Mon Feb 16, 2009 @ 6:41pm now im still trying to figure out if its just attention he wants or just feel i was talking to him only the whole time.
what an idiot anyways. can say something like : no i thing your wrong because of this and that. has to share us the feel he gets when he get anal with his boyfirend... Update » cutterhead wrote on Mon Feb 16, 2009 @ 6:42pm closed mind anyways , could only be opened with an axe to release the trapped void. Update » cutterhead wrote on Mon Feb 16, 2009 @ 6:43pm errata > above said " he cant say something like : no i think this is wrong because of this and that. " has to act condecending. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» Samwise replied on Mon Feb 16, 2009 @ 6:42pm |
RE: Initial Post
its nothing new, but i dont quite get why ppl are so scandalized over this... anyone whos posting stuff online hoping for some kind privacy is retarded, imo. | |
I'm feeling poutinecore!! right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Mon Feb 16, 2009 @ 6:44pm |
so this is saying something back to troll. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» gfk- replied on Thu Feb 19, 2009 @ 6:38pm |
Did You Know This About Facebook?
[ Top Of Page ] |
Post A Reply |
You must be logged in to post a reply.
[ Top Of Page ] |