Follow us on Twitter!
Don't judge the unknown - Grindordie
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 39
Guests Online: 37
Members Online: 2

Registered Members: 82847
Newest Member: Zanjux
Latest Articles
View Thread

HellBound Hackers | General | Introductions

Author

suid

suid
Member



Posts: 33
Location: /
Joined: 12.11.10
Rank:
Newbie
Posted on 31-05-11 15:26
Hello, I am suid. I am 21 years old and getting my CS degree. I have been throwing my skills at the challenges for a while now, but after reading a couple other members' intros I decided I guess I should post my own. I normally remain a floater on sites, sampling the challenges every once and a while but rarely posting much. I hardly ever create my own threads with questions. I feel finding answers on my own is a much better and more creative way of learning.

1) What languages do you speak?
Regarding spoken languages, English is the only one I consider myself able to speak. As for programming, I have written several complex programs in C and some lesser complex programs in PHP and Javascript. Every now and then I get a kick out of messing around with ASM and shellcoding. I just recently starting playing with Brainfuck for fun.

2) How did you find the site?
I believe it was a long time ago maybe I had a friend, epoch_qwert, mention this site [or it may have been someone else (it was a long time ago)] to me.

3) What made you want to learn how to hack?
Originally I wanted to learn how to program and eventually I found out you could do things to the code that made it blow up. It was love at first segfault.

4) What do you want to learn?
I am getting more and more interested in secure web development and I hope to learn better ways of looking at PHP code as it goes from my head to my fingers.

5) How long have you been interested in computers? What keeps you interested in them?
It's been 5 or 6 years now I've been programming. About 2 or 3 years I've been into computer security. It's like food for my brain, so I stay interested.

I've been using Linux for a couple years now as well and I plan on continuing to do so.
Author

RE: suid

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 31-05-11 16:17
suid wrote:
I normally remain a floater on sites, sampling the challenges every once and a while but rarely posting much.

I was like this too until a few months ago.

That's a nice selection of languages you know there, but why learn Brainfuck when you spend your time learning Python? Grin

Anyway, welcome to HBH!


Try a new search engine
Author

RE: suid

suid
Member



Posts: 33
Location: /
Joined: 12.11.10
Rank:
Newbie
Posted on 31-05-11 16:27
starofale wrote:

That's a nice selection of languages you know there, but why learn Brainfuck when you spend your time learning Python? Grin

Anyway, welcome to HBH!


I had looked into Python for a little while at one time. It's nice with all the modules that can help do a lot of the work. It never really stuck with me though.
Author

RE: suid

dragon647
Member



Posts: 20
Location: /home/bin
Joined: 04.04.08
Rank:
Newbie
Posted on 31-05-11 17:47
Welcome =]

Python is not boring, and it can do a lot of things. I like this language! But to understand computer, C is a key language...


i26.servimg.com/u/f26/11/36/79/25/darksi10.gif
Author

RE: suid


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 31-05-11 18:20
dragon647 wrote:
Welcome =]

Python is not boring, and it can do a lot of things. I like this language! But to understand computer, C is a key language...


I love how everyone on this forum talks about ASM/C/C++ and I bet most of them don't even understand an easy AutoIt (considered as one of the most simple languages) script I made.

Heres one of mine, and I would love to hear what it does and what it is supposed to achieve. It is even commented so you shouldn't have to think too hard. Durrrrrrrr.
If you can answer that, without Googling for hours, you can talk about low-level languages such as C or ASM. Otherwise please learn how to program yourself first before recommending things.
Code
#RequireAdmin

Dim $sTitle = ''
Dim $iPID = WinGetProcess($sTitle)
Dim $sPath = _ProcessGetLocation($iPID)


#cs
   Waarschijnlijke Base 8B0D(.{8})898D40F1FFFF6A01
   
   Registers EAX,EBX,ECX,EDX,ESI,EDI,EBP,ESP,EIP
   ESI Register bevat pointers
   
   89 86 - mov [esi+00000000],eax
   89 9E - mov [esi+00000000],ebx
   89 8E - mov [esi+00000000],ecx
   89 96 - mov [esi+00000000],edx
   89 B6 - mov [esi+00000000],esi
   89 BE - mov [esi+00000000],edi
   89 AE - mov [esi+00000000],ebp
   89 A6 - mov [esi+00000000],esp
   
#ce

; 00455811 - 89 8E C0040000             - mov [esi+000004C0],ecx
; 00455817 - 8B 57 10                   - mov edx,[edi+10]
MsgBox(0, '',  _FindPattern($sPath, '898E(.{8})8B5710'))
; 0045581A - 89 96 C4040000             - mov [esi+000004C4],edx
; 00455820 - 8B 47 20                   - mov eax,[edi+20]
MsgBox(0, '', _FindPattern($sPath, '8996(.{8})8B4720'))
; 004557F6 - 89 8E 80040000             - mov [esi+00000480],ecx
; 004557FC - 8B 57 0C                   - mov edx,[edi+0C]
MsgBox(0, '', _FindPattern($sPath, '898E(.{8})8B570C'))
; 004557FF - 89 96 84040000             - mov [esi+00000484],edx
; 00455805 - 8B 47 1C                   - mov eax,[edi+1C]
MsgBox(0, '', _FindPattern($sPath, '8996(.{8})8B471C'))
; 00455823 - 89 86 40050000             - mov [esi+00000540],eax
; 00455829 - 8A 47 02                   - mov al,[edi+02]
MsgBox(0, '', _FindPattern($sPath, '8986(.{8})8A4702'))
; 0041E56F - 89 86 3C050000             - mov [esi+0000053C],eax
; 0041E575 - 8B 4F 08                   - mov ecx,[edi+08]
MsgBox(0, '', _FindPattern($sPath, '8986(.{8})8B4F08'))
; 004557D2 - 89 86 78040000             - mov [esi+00000478],eax
; 004557D8 - 8A 4F 03                   - mov cl,[edi+03]
MsgBox(0, '', _FindPattern($sPath, '8986(.{8})8A4F03'))
; 004557E4 - 89 96 88040000             - mov [esi+00000488],edx
; 004557EA - 8B 47 18                   - mov eax,[edi+18]
MsgBox(0, '', _FindPattern($sPath, '8996(.{8})8B4718'))
; 004557ED - 89 86 8C040000             - mov [esi+0000048C],eax
; 004557F3 - 8B 4F 04                   - mov ecx,[edi+04]
MsgBox(0, '', _FindPattern($sPath, '8986(.{8})8B4F04'))


Func _Ci($ID)
   Local $ALLOCMEM, $OPCODE, $buffer, $BYTES, $THREAD, $RET
   Local $RBASE_ADDRESS = 0x00AE44C4, $FCALL_ADDRESS = 0x006460F0
   #cs
      00464EAD - A1 C444AE00                - mov eax,[00AE44C4] : [00AE4B68]
      00464EB2 - 57                         - push edi
      00464EB3 - 8B 48 20                   - mov ecx,[eax+20]
      00464EB6 - 81 C1 EC000000             - add ecx,000000EC
      00464EBC - E8 2F121E00                - call 006460F0
   #ce
   ; Geheugen toewijzen
   $ALLOCMEM = DllCall($KERNEL32, 'int', 'VirtualAllocEx', 'int', $MEM_HANDLE[1], 'ptr', 0, 'int', 0x46, 'int', 0x1000, 'int', 0x40)
   $OPCODE &= '60' ; PUSHAD
   $OPCODE &= 'A1' & _DecToBytes($RBASE_ADDRESS) ; mov eax, [00AE44C4]
   $OPCODE &= '68' & _DecToBytes($ID) ; push id
   $OPCODE &= '8B4820' ; mov ecx, [eax+0x20]
   $OPCODE &= '81C1' & _DecToBytes(0xEC) ; add ecx,000000EC
   $OPCODE &= 'E8' & _DecToBytes(0x00646360) ; call 00646360
   $OPCODE &= '61C3' ; POPAD, RET
   ; Zet ASM code in een DLL struct, DLL struct is nodig voor WriteProcessMemory
   $buffer = DllStructCreate('byte[' & (StringLen($OPCODE) / 2) & ']')
   For $BYTES = 1 To DllStructGetSize($buffer)
      DllStructSetData($buffer, 1, Dec(StringMid($OPCODE, ($BYTES - 1) * 2 + 1, 2)), $BYTES)
   Next
   ; Schrijf het DLL struct in het toegewezen geheugen
   DllCall($KERNEL32, 'int', 'WriteProcessMemory', 'int', $MEM_HANDLE[1], 'int', $ALLOCMEM[0], 'int', _
         DllStructGetPtr($buffer), 'int', DllStructGetSize($buffer), 'int', 0)
   ; Ten uitvoer leggen van onze ASM code
   $THREAD = DllCall($KERNEL32, 'int', 'CreateRemoteThread', 'int', $MEM_HANDLE[1], 'int', 0, 'int', 0, _
         'int', $ALLOCMEM[0], 'ptr', 0, 'int', 0, 'int', 0)
   ; Wacht tot code klaar is met uitvoeren en sluit thread
   Do
      $RET = DllCall($KERNEL32, 'int', 'WaitForSingleObject', 'int', $THREAD[0], 'int', 50)
      Sleep(250) ; We willen niet dat dit fout gaat, zie onderstaande
   Until $RET[0] <> 258
   ; Vrij toegewezen geheugen, we willen geen geheugen lekken, toch?
   DllCall($KERNEL32, 'int', 'CloseHandle', 'int', $THREAD[0])
   DllCall($KERNEL32, 'ptr', 'VirtualFreeEx', 'hwnd', $MEM_HANDLE[1], 'int', $ALLOCMEM[0], 'int', 0, 'int', 0x8000)
EndFunc   ;==>_Target


Func _FindPattern($sPath, $dBytes)
   Local $aBytes, $dRet
   $aBytes = StringRegExp(_GetBinary($sPath), '(' & $dBytes & ')', 1)
   $dRet = '0x' & _ReverseBytes($aBytes[1])
   Return $dRet
EndFunc   ;==>_FindPattern

Func _ReverseBytes($dBytes)
   Local $dOut, $i
   For $i = (StringLen($dBytes) + 1) To 0 Step -2
      $dOut &= StringMid($dBytes, $i, 2)
   Next
   Return $dOut
EndFunc   ;==>_ReverseBytes

Func _GetBinary($sPath)
   Local $hFile = FileOpen($sPath, 16), $dData
   $dData = FileRead($hFile, FileGetSize($sPath))
   FileClose($hFile)
   Return $dData
EndFunc   ;==>_GetBinary

Func _ProcessGetLocation($iPID)
   Local $aProc = DllCall('kernel32.dll', 'hwnd', 'OpenProcess', 'int', BitOR(0x0400, 0x0010), 'int', 0, 'int', $iPID)
   If $aProc[0] = 0 Then Return SetError(1, 0, '')
   Local $vStruct = DllStructCreate('int[1024]')
   DllCall('psapi.dll', 'int', 'EnumProcessModules', 'hwnd', $aProc[0], 'ptr', DllStructGetPtr($vStruct), 'int', DllStructGetSize($vStruct), 'int_ptr', 0)
   Local $aReturn = DllCall('psapi.dll', 'int', 'GetModuleFileNameEx', 'hwnd', $aProc[0], 'int', DllStructGetData($vStruct, 1), 'str', '', 'int', 2048)
   If StringLen($aReturn[3]) = 0 Then Return SetError(2, 0, '')
   Return $aReturn[3]
EndFunc   ;==>_ProcessGetLocation







Edited by on 31-05-11 18:25
Author

RE: suid

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 31-05-11 18:51
MolesteD_ wrote:
I love how everyone on this forum talks about ASM/C/C++ and I bet most of them don't even understand an easy AutoIt (considered as one of the most simple languages) script I made.

Just because someone doesn't know one language (AutoIt) doesn't mean they can't recommend other languages (C).

MolesteD_ wrote:
an easy AutoIt ... script I made.

You can't say it's an easy script to understand if it's dealing with the opcodes directly. I'm sure lots of that script is using some Windows APIs as well, so you can't expect people to know that without looking it up unless they program specifically for Windows all the time.

MolesteD_ wrote:
It is even commented so you shouldn't have to think too hard.

... but the comments aren't in English


Finally, I recommend learning C for anyone who doesn't already know it.


Try a new search engine
Author

RE: suid


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-06-11 00:19
MolesteD_ wrote:
I love how everyone on this forum talks about ASM/C/C++ and I bet most of them don't even understand an easy AutoIt (considered as one of the most simple languages) script I made.

Heres one of mine, and I would love to hear what it does and what it is supposed to achieve. It is even commented so you shouldn't have to think too hard. Durrrrrrrr.
If you can answer that, without Googling for hours, you can talk about low-level languages such as C or ASM. Otherwise please learn how to program yourself first before recommending things.

Yeah, everyone who talks about C or ASM should have completely memorized AutoIt syntax and functions. And they should know what function is at address 0x00646360 of some program they don't have, obviously. And they must know Dutch (this is essential). And they must use 32-bit Windows. And they don't have to know any C. If all these fucktarded conditions are met, only then can an individual talk about C or ASM.

Apparently MolesteD_ likes to play Perfect World: http://www.elitep. . .ost6229462 (look for the SelectMob function). The code seems to be part of a bot made for the game. It searches in a running process for assembly instructions using regular expressions to find the right byte sequences and then displays the found bytes. The _Ci function (which isn't called at all in the sample code) would be used to manipulate a value associated with a certain in-game mob using a call to a function that we do not have access to. It's a bit jerkish to give sample code meant to test people when it's clearly incomplete and is meant to be used with a particular application that most people don't have. That's essentially like showing a PCB with a microcontroller to an electrical/computer engineer and asking them what it does, without showing them any code.

I guess some people like to think that making bots for MMORPGs makes them special but they need some extra convincing from external parties so they post their code for others to see, hoping to get the attention they need so that they can keep feeling special.
Author

RE: suid

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 01-06-11 04:15
suid wrote:
Hello, I am suid. I am 21 years old and getting my CS degree. I have been throwing my skills at the challenges for a while now, but after reading a couple other members' intros I decided I guess I should post my own. I normally remain a floater on sites, sampling the challenges every once and a while but rarely posting much. I hardly ever create my own threads with questions. I feel finding answers on my own is a much better and more creative way of learning.


That sounds like a great way of learning, but the forums are nice in moderation because they can offer more specialized and direct assistance. There are definitely more people that need to learn your method though Wink

Nice intro, and welcome to HBH. :happy:

@SlimTim10: Lol, I love reading shit like that.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 01-06-11 04:17
http://www.stealth-x.com
Author

RE: suid


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-06-11 04:50
SlimTim10 wrote: It searches in a running process for assembly instructions using regular expressions to find the right byte sequences and then displays the found bytes. The _Ci function (which isn't called at all in the sample code)


Any good programmer would simply understand this piece of code whether you like it or not.
Yes, you might have to be familiar with the Windows API, but how can you possibly think you're remotely good with security when you don't even know the API of the most common operating system on this planet.

Like you said, the _Ci function is not called in that script, therefore it is not nessecary to know whats at 0x00646360.

I'm unsure why you would require Dutch to read comments such as;
; 004557D2 - 89 86 78040000 - mov [esi+00000478],eax
; 004557D8 - 8A 4F 03 - mov cl,[edi+03]

It's a bit jerkish to give sample code meant to test people when it's clearly incomplete and is meant to be used with a particular application that most people don't have.

It does what it has to do, it looks for new offsets, and it finds them, returns them. How is it incomplete?
Because i'm not calling a function that would be fully implenmented in the next version?

And you would look for offsets like this, in any application (if you want them automatically updated, after patches).
Therefore, it is not required to have any knowledge of this specific application, whatsoever.

Your comment is hilarious, especially the part where you complain about the syntax.
I mastered 8 languages, and i'm familiar with over 15, and i'm pretty sure every good programmer would know about the same, or more.
They shouldn't have problems with the syntax of any language.




Edited by on 01-06-11 05:18
Author

RE: suid

stranac
Member



Posts: 149
Location:
Joined: 15.11.08
Rank:
God
Posted on 01-06-11 08:41
@OP: Welcome to HBH!

@SlimTim10: Why do I not know you? You make most beautiful posts I have ever seen. b29;

@MolesteD_: I don't like you. Nothing personal.
Author

RE: suid

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 01-06-11 16:04
stranac wrote:
@MolesteD_: I don't like you. Nothing personal.


Lol, I don't understand how that can ever be not personal.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: suid


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-06-11 17:20
stranac wrote:
@MolesteD_: I don't like you. Nothing personal


Whats new? No one likes me.




Edited by on 01-06-11 17:20
Author

RE: suid

stranac
Member



Posts: 149
Location:
Joined: 15.11.08
Rank:
God
Posted on 01-06-11 17:52
I wasn't trying to teach you anything.
I was just in the middle of saying stuff, and this was something I had to say, so I did. As simple as that.