Your Ad Here

Tuesday, May 26, 2009

Make ur own security Tool

Make ur own security Tool



So you have read tons of tutorials , guides , FAQ's and you have some kind of image of what computer security is ... The next logical step that you should make is to start learning a programming language . I'm not going to describe each language ( its advantages and disadvantages ) because there are tons of paper that cover that ... Instead i will focus on just one language : Perl ( Practical Extraction and Reporting Language ) .
This language was written for manipulating text , but it has become one of the best languages available to programmers . You can write games , web applications , about everything you can think of . I wanna show you just how easy it is to write some security tools using Perl .

I'm going to start with a port scanner ... for those of you that don't know what a port scanner is , here is a little definition : a port scanner is a program that checks if a certain port is open ( by connecting to it ).

I.The port scanner

# scanner.pl
use strict;
use warnings;
use IO::Socket;
$|++;
my($host,$a,$b)=@ARGV;
map { my $s=IO::Socket::INET->new(PeerAddr=>$host,PeerPort=>$_);
print "$_ - open\n" if $s } ($a..$b);

That my friends is a very simple port scanner ! You can run it from your command line ( command prompt in windows or konsole in linux ) like this :

perl scanner.pl host_to_scan starting_port ending_port

II.The brute forcer

Perhaps you gained access to some computers , or you're just testing a password to see how strong it is . One of the most used encryption method is the md5 algorithm ( it's also the one used by the Linux/Unix/BSD Operating System ).
The md5 hash ( that's the name a password gets after it's being encrypted ) cannot be transformed back to its corresponding word . Let me give you an example : the word "security" after its md5 encryption will become the hash e91e6348157868de9dd8b25c81aebfb9 . Let's say you have the hash and you find out what word it is ... you would have to find a way to decrypt it , which isn't possible because md5 cannot be decrypted ... So that leaves you with the question : so how can i find out what word does a hash represent ? Well , since you can't decrypt it , why not try encrypting words and see if the resulting hash matches the hash we're trying to crack ?
Here's the perl code that does that :

# brute.pl
use strict;
use warnings;
use Digest::MD5 qw(md5_hex);
my $hash=shift || die "Give me a hash to crack\n";
my $file=shift || die "Give me a dictionary file\n";
open(F,$file) || die "can't open the file\n";
while()
{
print "Processing $_";
chomp($_);
my $t=md5_hex($_);
print " $t\n";
die "Found it -> $_\n" if($t eq $hash);
}

Here's how you run it :

perl brute.pl md5_hash_to_crack text_file

So you would have to supply it with an md5 hash and a dictionary file ( that has words in it , one per line ) . The script will read each of the words , encrypt it and check if the hash matches the hash we're trying to crack . If it does , we found the word !

This concludes the first part of building your own security tools . Next time we'll talk about creating a bot and keeping track of your filesystem.

No comments:

Post a Comment