Ping 4Q: LinuxLad Burned to death. :)
Dustin Cook
Message ID, neat stuff.
:)
Read as much of the thread as you'd like guys. Hehehehe. Enjoy that crow!
And please 4Q, keep the kman review hosted for awhile longer; I haven't had
time to rip it apart as nicely as I did to linuxlad, but I will. :)
--
Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2e
Email.: bughunte...@gmail.com
Web...: http://bughunter.it-mate.co.uk
Pad...: http://bughunter.it-mate.co.uk/pad.xml
PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt
Dustin Cook
news:Xns9A18D32589E...@69.28.186.121:
> rnmum39idbr590s3c...@4ax.com
>
> Message ID, neat stuff.
>
>:)
> Read as much of the thread as you'd like guys. Hehehehe. Enjoy that
> crow!
>
> And please 4Q, keep the kman review hosted for awhile longer; I
> haven't had time to rip it apart as nicely as I did to linuxlad, but I
> will. :)
>
>
The full post with headers. And let me know which tastes better with
Crow, ketchup or Mustard. :)
Path: be11.lga!hwmnpeer02.lga!hwmnpeer01.lga!hwmnpeer01.ams!
news.highwinds-media.com!news.astraweb.com!newsrouter-eu.astraweb.com!
tiscali!newsfeed2.ip.tiscali.net!nx01.iad01.newshosting.com!
newshosting.com!216.196.98.140.MISMATCH!border1.nntp.dca.giganews.com!
nntp.giganews.com!local01.nntp.dca.giganews.com!news.giganews.com.POSTED!
not-for-mail
NNTP-Posting-Date: Mon, 24 Dec 2007 01:23:36 -0600
From: -linux_lad <jo...@linuxlad.nospam.org>
Newsgroups: alt.binaries.warez.ibm-pc.d
Subject: Re: Sharkpost hits Softpedia and CNET's Version Tracker
Date: Sun, 23 Dec 2007 23:23:40 -0800
Message-ID: <rnmum39idbr590s3c...@4ax.com>
References: <DaqdnahM5ff0DPHa...@giganews.com>
<Xns9A0E6E8825C...@69.28.186.121>
<sdqtm31mg0sk5s92j...@4ax.com>
<Xns9A0FD282F45...@69.28.186.121>
X-Newsreader: Forte Agent 4.2/32.1118
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 701
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-
gWCvuXYTil5pECJME4aUQzzpAEl5FRL1ihmOvVFYkPOLSYOOgc6HB5RHhoGlqvY4eWWOLEBe2
BkkLrx!
sxTj8uruNhMzccA7erF47s39ctDjsp52olVWEHXQsiuJkTD0SYesDM/I00cBvWFUXtqIFg==
X-Complaints-To: ab...@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
complaint properly
X-Postfilter: 1.3.37
Bytes: 30819
Xref: Hurricane-Charley alt.binaries.warez.ibm-pc.d:153854
X-Received-Date: Mon, 24 Dec 2007 00:23:38 MST (be11.lga)
On Mon, 24 Dec 2007 01:32:16 GMT, Dustin Cook
<bughunte...@gmail.com> wrote:
>-linux_lad <jo...@linuxlad.nospam.org> wrote in
>news:sdqtm31mg0sk5s92j...@4ax.com:
>
>>> -linux_lad wrote in
>>> news:DaqdnahM5ff0DPHa...@giganews.com:
>>>
>>> > ------------------------- begin message -------------------------
>>> >>
>>> >> > That's why you would have missed a copied post if it existed.
>>> >> > All it would take is a single small post. Just one. That's the
>>> >> > entire point of this conversation. It could have done something
>>> >> > without your
>>> >>
>>> >> If it had made any unauthorized communications to the outside
>>> >> world, My snort package on a box here would have picked up on it.
>>> >> Sorry John, but I covered all the bases when I examined the
>>> >> program. I gave it every chance to try something, anything that
>>> >> would justify it's inclusion into BugHunter. No such luck.
>>> >
>>> > A single extra post to usenet would not have been picked up, since
>>> > you say you ignored the intended communications. The only way you
>>> > would have caught it is with a packet filter. You would have had to
>>> > be looking for it.
>>>
>>> Please lookup snort for yourself before we go further on filtering
>>> and monitoring, ok? The program didn't do anything that you seem to
>>> think it might have done.
>> It's going to be a long lecture, get out your notepad. I'm no good at
>> Basic variants but I'll do what I can to help the group out and
>> advance your skill set.
>
>This should be amusing.
>
>> First, you have not seeded your random number generation. It will
>> return the same value on each identical call making it useless for
>> what you're trying to do. Second you just set "a" to 0. The reason I
>> know this is that any modulo(1) of a whole number is zero. Simply put,
>> modulus returns the division remaninder, so 6/1 = 6. You burned cycles
>> and accomplished nothing. You could have simply have set "a" to 0 ,
>> but I think your intention was to improve the randomness. There is no
>> programmatical reason for choosing to mod 23, it's a completely
>> arbitrary value in this case.
>> Fyi, if you wanted to seed rand, it should have been "randomize timer"
>> or whataver timer is in asic.
>
>From the asic manual:
>
>Format: RANDOMIZE
>
> Description:
>
> This statement will cause the seed for the random number generator
>to be
> reseeded using the system timer. This statement should always
>precede the
> first RND statement in your program, unless you want the same
>sequence of
> random numbers generated.
>
> Example:
>
> RANDOMIZE
>
> The above statement would insure that each time your program runs,
>any
> subsequent RND numbers generated would be different.
>
> See also:
>
> RND
>
> Format: number1 = RND (number2)
>
> Description:
>
> This statement will return an integer number in the range of 0
>through
> 32767 for normal integers, and in the range of 0 to 2,147,483,647
>for long
> integers. This random number will be stored in number1. Number2 is
>a dummy
> argument and can be any valid integer value. If number1 is a
>decimal
> variable, the random number returned will be an integer in the
range
>of 0
> to 2,147,483,647.
>
> Example 1:
>
> A& = RND(0)
>
> After execution of this statement "A" will contain a number between
>0 and
> 2,147,483,647 inclusive.
>
> Example 2:
>
> RANDOMIZE
>
> DIEROLL=RND(0)
> DIEROLL=DIEROLL MOD 6
> DIEROLL=DIEROLL+1
> PRINT "YOU ROLLED A";DIEROLL
>
> The above example demonstrates how to generate a number in a given
>range.
> In this case, the range will be 1-6, which would be suitable for
>simulating
> the roll of a die. The above example will generate the simulated
>die roll,
> and print the result.
Ok, I stand corrected. As it turns out, asic has no random seeding
ability controlloable by the user. The only way it's seeded is with
the timer on instantiation, is that correct?
>
>
>
>> randomize
Seeded the rng and instantiated
>> a=rnd(0)
random number assigned to a
>> a=a mod 1
a is now 0
>> b=rnd(0)
random number assinged to b (lets's say 32767)
>> b=b mod 23
b is now 15
>> death=b
death is now 15
>> b=rnd(0)
random number assigned to b (let's say 19543)
>> b=b mod 23
b is now 16
>> runy=b
runy is now 16
>> b=rnd(0)
random number assigned to b(let's say 11)
>> b=b mod 23
b is now 11
>>
>> if death=runy then
if 15 = 16
>> a=rnd(0)
random number assigned to b (let's say 9973)
>> a=a mod 23
a is now 14
>> runy=a
runy is now 14
>> endif
>>
>> There is no reason to mod anything in this application. Again, the
>> purpose of mod is to obtain the remainder of a division operation. You
>> could have just seeded rand and set your vars as needed. That would
>> give you the same effect in a quarter of the cycles (less than that,
>> actually).
>
>See above, sir.
That doesn't change the fact that a is zero does it?
I'll change my position. You are correct Dustin, you have no option
but to mod the numbers because asic has no other mechanism for
generating a determinate range. You are correct Dustin, and I'm wrong
because I made the assumption that asic had more capability than it
apparently has. This is another reason to learn new language.
There are all kinds of random number classes for all kinds of
languages, and most of the better ones have the ability to define the
random number range.
Standard C++, should work in any compiler:
#include <iostream>
#include <unistd.h>
using namespace std;
int main() {
int procid = getpid();
srand((unsigned)time(NULL)+procid);
int a = rand() / ( RAND_MAX / 23 + 1 );
int b = rand() / ( RAND_MAX / 23 + 1 );
return 0;
}
All in six k or so. You could also set RAND_MAX in the compiler if you
wanted to avoid the floating point math. You can cut out a few more
lines by using the yarrow or mersenne classes at the expense of a few
thousand more bytes. All done, very, very fast.
>
>>
>>
>>
>>>
>>> This is the section of the file kman tried to correct. That code is
>>> legal the way it's written. Kman's revisioned code, which would work
>>> in a more advanced compiler (agreed; as I have several which would
>>> have no issue with the revision) doesn't work in asic. rnd(0) is for
>>> support with gwbasic (hehehe), it doesn't actually do anything in so
>>> far as asic is concerned except to state that I want a random number,
>>> and I want it in the value between 0 and whatever I mod it by.
>>>
>>> Before you go too far along in your questioning of what little source
>>> code of mine you do have access too, I'd strongly suggest you grab a
>>> copy of the asic language and browse thru it's manual. You'll find
>>> why I did some things in the way I did isn't my fault or lack of
>>> skill, but a necessary evil when programming in asic. *hehehe*.
>>
>> If you are unable to observe the most basic principles in software
>> development due to specific limitations of the language, are you using
>> the right one?
>
>I write in various languages, John. As apparently do you. You use each
>one because it suits you for the task you have at hand, right?
I strongly recommend abandoning asic. I apologize for slamming you on
that code, I made too many assumptions about its capabilities. You had
no choice there, it simply isn't possible to do what should be done in
that language. That's another reason to move to a language that has
more range.
>
>>>
>>> I'm not ashamed of programming in the language either, sir. I still
>>> write some code in it today. BugHunter is mostly programmed in asic,
>>> although I have resorted to using some pure assembler for a few
>>> things to speed up scan times.
>>>
>>> Asic is a very old compiler made for a very different audience of
>>> programmers than what I typically run across today, John.
>>>
>>> >> Indeed, it is, and I agree completely.
>>> >
>>> > Finally, we agree on something!
>>>
>>> I'm sure you'd find we agree on many things, if you'd get your head
>>> out of your ass and stop viewing me as competition of some sort. I'm
>>> really not trying to compete with you. :)
>>
>> My head isn't in my ass Dustin. If you think I'm wrong you have a lot
>> of learning to do young man.
>
>Would you like a copy of asic John? I'd be happy to provide a copy,
>intact the way it was originally distributed by it's author.
Actually, out of academic curiosity, I would like a copy.
>
>>
>>> >
>>> > Perhaps in ASIC and Assembly. I'm no expert in either, but all the
>>> > credible people who see your asic laugh at it. I'm inclined to
>>> > agree.
>>>
>>> Have you asked anyone who actually has written code in the language
>>> sir? No? Hehehe. Well, ask someone who has. An individual known as me
>>> from alt.comp.virus (Me is all the information I have on the
>>> individual) stated he wrote some small things in it at one point. I
>>> Bet if you look around on the net you can find many program source
>>> files, and you can compare what you find with my work, if you'd like.
>>
>> There aren't a lot of asic programmers floating around, I agree with
>> you. There is a reason for that. I don't need to compare any old
>> source files floating around on the net to code you posted as evidence
>> of your skill. I can just read it, like anyone else would. Just about
>> anyone who ever wrote any code at all learned that optimization is
>> among the most fundamental tenets of good software design. It what
>> separates a professional programmer from a hobbyist.
>
>But you don't seem to understand what the code is doing in Asic, and
your
>trying to correct/critize code that you don't understand; re: your no
>reason to mod; based on your understanding.
>
>You realize why I find this funny, huh?
I know what it's doing, see my inline comments in the code. What I was
unclear on is why. That's why there are new languages. The old ones
have deficiencies and are not extensible.
>
>> 4q has nothing to do with this. The analysis was done by Kman. 4q
>> simply archived it so it didn't disappear.
>
>Kman did the same thing as you, naturally assumed asic was like any
other
>language; It's not. :) I do understand boolean math statements, but Asic
>will not let you do many of the corrections kman suggested; And he based
>his entire assault on correcting my code and assuming the code was
>written as it was due to lack of understanding on my part, when in fact,
>he code was legal specifically for the asic programming language.
It's a subset of basic and lacks some things that are considered
primitive by modern standards.
>
>>> A reference to what sir? It's easy. I'll give you my source code, you
>>> can copy kman's revised code. You'll find that the asic compiler,
>>> asicc will not accept his code and will not compile. Mine however
>>> will, into a very small exe or com or obj file (your choice). Anybody
>>> who has written code in asic knows full well you can't have mulitple
>>> commands per line *grin*.
>>
>> By reference I mean a published technical document which states that
>> it is not possible to follow the global standard of optimization. I
>> don't care how small the exe is. The physical size of the exe does not
>> have a proportional relationship to its performance. Some exes are
>> small and fast, some exes are large and fast, some are small and slow,
>> some are large and slow. If you knew that is was possible to stack,
>> why have you wasted so many cycles? What have you accomplished? From
>> my point of view, it looks as if you're tring to tying to make the
>> code look more complicated than it really is. I have already covered
>> the wasted cycles. I often waste cycles too, but then I'm not
>> screaming "non-coder" at anyone who does not bow down.
>
>Again sir, you don't understand how asic executables are finally built.
I
>don't waste nearly as many cycles as you or kman seems to think. In
>refernce to the for/next loop and my string; He seemed to think the
>string is destroyed and recreated in memory every time you access it; In
>Asic, this doesn't occur. Once a string is keyed, it's automatically
>80bytes in length and at a fixed location in the default segment for the
>entire time your application is running. You can access it via asic
>commands or directly if you so desire, and you can make modifications to
>damn near any memory point without asic's permission.
>
>> I'm just saying you cannot post that code as any proof of your skills.
>> It did just the opposite of what you intended.
>
>No sir, it didn't. It did however show various individuals that I've
been
>writing software in a language that isn't like most others. :) The
>language as I said is suitable for what I use it for. Your lack of
>understanding the language itself and trying to one up me on my level of
>programming knowledge is hillarious, to say the least.
If you're happy with it, who am I to criticize. You have superior asic
skills. I haven't seen a lot of demand for asic, it's not taught
anywhere, and has limited range. It can't do some things that are
standard everywhere else. It's like a car I guess. If your car gets
you from point a to point b and you can live without second gear or
headlights, I guess all that matters is that you get to work on time.
>
>>
>>>
>>> >
>>> > I doubt about ninety percent of that. If you were a tinkerer you
>>> > would have moved past asic. You never did.
>>>
>>> Funny, even 4Q knows of my love for electronics and tinkering as you
>>> put it. I do help out with a small tv repair shop sometimes on the
>>> weekends because it's owner isn't in good health anymore...
>>
>> I approve of your civic-mindedness, but what does your love of
>> electronics have to do with anything? It's no indication of your skill
>> as a programmer. I have had no contact whatsover with your nemesis, I
>> merely googled to get a code sample attributable to you.
>
>A poor one, come to think of it. I have tons of source code in asic if
I agree.
>you want to view anything...
>
>Incidently, that code does work; If the number chosen is the same number
>the executable has keyed to it, the program will run as normal. It's not
>a great chance the user will land on the right box, but it's possible.
>
>2nd note, The reason I clear the cursor (I don't really, I just relocate
>it off screen so it's not visible) is because asic will leave a flashing
>cursor on the screen all the time, and it doesnt look right if i want
you
>moving around a high ascii little game. Cosmetics. :)
>
>>>
>>> You know, come to think of it, my fondness for cb/ham radios is also
>>> well known. Damn dude, you need more reliable sources of information
>>> if your going to play my dick is bigger than your dick games.
>>> Somebody is leaving you out to dry.
>>
>> What is unreliable? Do you deny you posted that code as proof of your
>> skill? No one is challenging what your hobbies are and no one here
>> cares anyway. The discussion here is about whether or not you are
>> qualified to be calling me or anyone else names like "script kiddy" or
>> "pissant".
>
>I don't deny I posted the code someplace. It wasn't posted to prove any
>skill. I was asked to share code specifically written in asic by some
>friends of mine, so I did.
>
>>> John, I haven't disputed that any of those instances can occur; so I
>>> really don't see how I can miss this attack vector you speak of. I
>>> have no issues understanding it, tho. I just don't find any
>>> supporting executable code in SharkPost, specifically to support this
>>> theory either.
>> Ok, so you agree that this is possible and can slip past you? Can we
>> agree on that? I agree that your analysis found nothing suspicious in
>> the exe you examined, based on what you have reported here.
>
>I do agree. I didn't say I was perfect. :)
Neither of us are except for me ;)
>
>>>
>>> I have never, not once claimed, that you or anyone else couldn't
>>> write something to do this, and I challenge you to find a post where
>>> I've said otherwise.
>>
>> Your constant use of "non-coder", "script kiddy" and condescenion are
>> evidence to the contrary.
>
>John, Again, I have not said what you attribute me to saying; obviously.
>Your reading more than what's actually being written. Various
individuals
>here are not programmers, and have stated as much. I don't think you can
>defend the remark non-coder in that case :) As for script kiddy, well, I
>call them as I see them. It's a personal opinion of mine, I believe that
>if you know more html than you do a real programming language than your
a
>script kiddy. If you don't fit that bill, then I take it back.
I don't know any html.
>
>>
>>>
>>> > You would have missed it beacause you didn't even look for it.
>>>
>>> Your wrong. His program has been examined by several hundred
>>> individuals by now, some with certifications of various sorts and
>>> some without (I actually do have a couple of certs tho. lol), and
>>> nobody has found anything malicious to date. It's just highly
>>> unlikely that it contains the malicious code or can do the malicious
>>> things various individuals have claimed it'll do.
>>
>> Besides, you have insisted that all you need for complete analysis is
>> the exe. That's something else I disagree with, but I think I've made
>> my point.
>
>That's true, actually. You only need the executable. You don't actually
>need the source code, and in fact, the executable will show you more of
>what's actually happening inside than reading the source code. Unless
>it's pure assembler or something, and SharkPost isn't.
I completely disagree with this. You might be able to get some idea of
what if going on and you may catch naughty things but you are going to
have an extremely difficult time getting enough information to make a
precise determination on the inner workings. For example, do you think
you could successfully trace all the stuff that goes on inside a
kernel? Or maybe PGP's math engine? As I explained before, there would
be no software industry. Cisco and Juniper would not be able to exist,
ditto for our friends in Redmond.
>
>John, you and I come from very different backgrounds; I spent alot of
>time reverse engineering software published by the other side (the
>avers). That means, I took things like kaspersky antivirus, f-prot, etc
>apart to see how I could continue evading them with each succession of
>whatever virus family I was working on at the time.
>
>You see software from a different angel than I do. I see it all as
>useful, modifiable code.
I see software as a way for me to do more work with less energy. More
time to play golf and throw lead.
>
>>>
>>> It's high time various individuals either produce this malicious
>>> code, or just shut up about it. It's getting old, people with more
>>> experience than you or I will ever have have examined it too, and
>>> they didn't find anything either. I trust their opinions of my work
>>> far more than I do yours, John.
>>
>> Good, then encourage everyone to use it because it passed your
>> scrutiny. Just don't take any positions on what I can or cannot do and
>> don't attempt to baffle us with bullshit. If you can't prove it with
>> working code, then move on to the next thread. Follow my example.
>
>I haven't taken any real positions on what you can or can't do. I don't
>know you, and I've only seen very small snippits of code from you. I
also
>have no intentions and no need to baffle anyone here with bullshit. I've
>told you who I am, freely.
>
>As I said before John, it's not bragging if you can back it up.
I find terms like "non-coder" in the context it was used to be
offensive. When you used "script-kiddy to describe me, that really
pissed me off. Instead of say you're wrong, I wanted to demonstrate
that you cannot defeat any protection I place on any executable. I say
you can't crack me, I can back it up. I say all the scanning and
awards scruting in the world amount to nothing if you don't know what
to look for. I say that malware is not just what matches a signature,
and I can back that up.
>
>>
>>> >
>>> > It's not intended to be circulated Dustin, it's intended to show
>>> > the readers that my claim that it can escape detection is true. It
>>> > did
>>>
>>> John, nobody is disputing your claim. Nobody has disagreed with what
>>> you say can be done. Your POC wasn't actually necessary. :)
>>
>> According to you. Recall that the POC was to show that AV and malware
>> scanning is worthless. Utterly and completely worthless. Your opinion
>> is now that proof of that was not neccessary? Did Leslie Paulin not
>> just post a link to SoftPedia as evidence of it's safety?
>
>*hahahahahahaahahahahaa*. Okay, so your one of those crazy people who
>thinks the AV companies are a sham and out to get you, right? You do
>realize, with the exception of BugHunter some scanners do have the
>ability to do a limited analysis of the suspect file; and depending on
>the programming language used, are able to flag it as suspicious or
>potentially related to some other nasty.
No, I don't subscribe to that belief.
>
>You haven't proven anything with your high and mighty POC John. All
>you've done is demonstrate your total misunderstanding of what the hell
>has been going on in the threads.
I'm not talking about the what you say in the threads Dustin. I'm
talking about how it could be done.
>
>> Do you or do you not agree that those awards are worthless in every
>> way? Am I not entitled to prove my point if you disagree? If you do
>> agree, why haven't you said, "shareware site awards are worth less
>> than zero"?
>
>Some of the awards are worthless and generated automatically. However, I
>wasn't even talking about the awards. What I said was that nobody was
>disputing or even trying to dispute the fact you can sneak something
past
>a scanner.
>
> I said it could be done, and then showed how. That's how you make a
>> point. You don't say "I can do it but I won't show you how" because
>> then people like me will say "Oh yeah? Prove it". Take for instance
>> your claim that you could crack an application I protected. Am I not
>> entitled to challenge your assertion?
>
>John, I didn't say I could/would crack any application your protected.
>Unless; it is of commercial value, then I might spend the time. However,
>I said that withen the last couple of days, prior I hadn't.
You implied that a crackme written by me would be trivial to crack. I
disagree, and will prove it if you still think you can.
>
>>>
>>> >> Then why are you mislabeling your challenge as an executable
>>> >> cracking challenge, when in fact, it's a challenge to see if I can
>>> >> break your crypto or not?
>>>
>>> > Please Dustin, for God's sake, learn the difference. Also,
>>> > familiarize
>>>
>>> You really should quit with the condesending tone, I'm not acting
>>> like an intentional jerk towards you. I know how to crack software
>>> sir, I know how to reverse engineer all kinds of executables. I know,
>>> understand, read/write in assembler sir. Until you learn assembler,
>>> it is you who doesn't know the difference and couldn't actually do
>>> either one.
>>
>> I'm doing you a huge favor Dustin, no one of any substance would
>> disagree. You got years of education in a few posts and you appear not
>> to recognize it.
>
>John, Would you like a copy of the asic manual before you try to educate
>me any further on it? *grin*
I have already conceded the point that you are limited in what you can
do with asic. I still educated you on how to do it much faster and
better, and it still does not change the fact that your algorithm was
clumsy. It's just not your fault. I apologize for blaming you for your
languages shortcomings.
>
>
>>>
>>> I haven't said your work would be easy or hard to crack, either
>>> linuxlad; I've said that I wasn't interested in wasting my time on
>>> it, as it will prove nothing either way. If what I've already spent
>>> days trying to explain hasn't sunk into your skull yet, cracking your
>>> executable certainly won't do any better.
>>
>> You said you could crack it and implied it would be trivial. Did you
>> not write that in this message to infidel, where you also called me a
>> little kid?
>
>Would you mind providing the message ID please?
<Xns99F6D1EB26F...@69.28.186.121>
You were not writing to me, but it came up in a grep of that day's
traffic for "linuxlad".
>
>>
>>> >
>>> > Everyone: Google for Dustin's street cred.
>>> > I did, and that's how I found your horrible code.
>>>
>>> hahahaha. Lemme save you some time.
>>>
>>> Google for happy hacker industries or bughunter or raid/slam virus
>>> writer. something like that, if you want to see what I'm about. And
>>> don't take everything you read by 4Q as the gospel, for he will lead
>>> you astray. *grin*
>>>
>>> How would you know what's horrible vs what isn't anyhow? I personally
>>> think your perl code you shared was a script kiddy joke, but maybe
>>> it's decent for perl? Do you code in asic, John?
>>
>> No, I don't code in asic, but I know bad work when I see it. You have
>> some comments on my perl? What exactly? What do you claim is wrong
>> with it? What makes it a script kiddy joke? Do you dispute that I use
>> it how I said I do, or that is doesn't do what I said it does? Do you
>> even know what Perl is?
>
>You know bad work when you see it? Hehe, John. I know a horse's ass when
>I'm writing to one, too. :)
It's bad work, in a bad language. You also printed out some insult to
someone at an av company in the same code. Are you kidding me?
>
>Would you like a copy of the asic manual to spruce up your, ahem,
>educational attempts on me, sir?
See my code. I dont need a manual to spot bad code. I just made the
assumption it was capable of more. It does not change the fact that it
can be done better and faster in many other languages.
>
>I didn't say anything was wrong with your perl code you posted. Only
that
>I found it script kiddy like in nature. If it helps John, I find vbs
>scripts to be script kiddy. That's the only reference if any I implied
>when I said it. I unlike you, realize I don't know perl, and so am not
>going to talk out of turn and make an ass of myself. :)
You already did :)
>
>And btw, I had a fellow script kiddy vxer friend of mine write me a
>script for a virus of mine once, so don't take my script kiddy comment
>too personally; They are useful coders too.
When you want it done fast, use C. When you want it done right, use
Perl. Words to live by, my friend.
>
>>>
>>> >> > Again Dustin, you obviously have never cracked anything in your
>>> >> > life, so I'll school you.
>>> >>
>>> >> No? I did a rainbow six cd crack (and I would expect you to be
>>> >> able to tell me the bytes that require changing, since your
>>> >> superior than myself), a campaign editor, various saved game
>>> >> editors (all require reverse engineering skills) and some other
>>> >> cracks for descent, and unreal tournament (it didn't require the
>>> >> cd to run, changing the ini file to point to local drive would
>>> >> do). lets see, some keygens, even one for mycd (which was a win3.x
>>> >> shareware cd player; it was neat, it would mark the database with
>>> >> a counter based on the date and year. I was able to write a
>>> >> program to predict the next counter and insert it into your
>>> >> datafile, rendering the 30day shareware thing completely
>>> >> worthless.
>>> >
>>> > So what? Are you saying you can crack a time limited trial written
>>> > by me? Is that what I'm to understand? If so, let's negotiate it.
>>>
>>> Did you see anything having to do with cracking anything of yours in
>>> that entire paragraph? Granted, I do wear glasses, but damn, I didn't
>>> think my eyes were that bad. :)
>>
>> It's not your eyesight that's bad Dustin, it's your ego that needs to
>> be corrected.
>
>John,
>
>Just what is your real issue with me?
>And, would you like a copy of asic, so you can atleast pretend to have a
>clue when your, ehm, correcting/commenting on code that's 10+ years old?
>:)
See my code and compare. I made it clear I'm not a basic guy, but what
the hell. Write your full intention in pseudocode for that app, and
let's see how long it will take me to replicate it in C++. Obviously,
I won't do anything destructive, but I will simulate it. Also, yes,
please, post a copy of asic so I can wallow in morbid curiosity.
--
-linux_lad
http://www.spoofproof.org/verify.php?sig=9e67dd1481775daf36a22a5c997e1f82
Dustin Cook
> rnmum39idbr590s3c...@4ax.com
>
> Message ID, neat stuff.
>
>:)
> Read as much of the thread as you'd like guys. Hehehehe. Enjoy that
> crow!
>
> And please 4Q, keep the kman review hosted for awhile longer; I
> haven't had time to rip it apart as nicely as I did to linuxlad, but I
> will. :)
>
>
And here is my reply to that post. As if one actually needed to be done.
And btw, 4Q, I have several supporters in that newsgroup; if you read the
thread. HEHEHEHEHEHE.
Path: be02.lga!hwmnpeer02.lga!hw-filter.lga!newsfe06.lga.POSTED!53ab2750!
not-for-mail
Newsgroups: alt.binaries.warez.ibm-pc.d
Subject: Re: Sharkpost hits Softpedia and CNET's Version Tracker
From: Dustin Cook <bughunte...@gmail.com>
References: <DaqdnahM5ff0DPHa...@giganews.com>
<Xns9A0E6E8825C...@69.28.186.121>
<sdqtm31mg0sk5s92j...@4ax.com>
<Xns9A0FD282F45...@69.28.186.121>
<rnmum39idbr590s3c...@4ax.com>
Organization: Core Technologies
Message-ID: <Xns9A11C6A2C9A...@69.28.186.121>
User-Agent: Xnews/5.04.25
Lines: 337
NNTP-Posting-Host: jkdellbihnollkbkjbicmkgnjnhfgnog
X-Trace:
emlnjhpjaknjmmohlbdnpiohcfhaihogpolnpiliogjhmcibjkdellbihnollkbkcpdmbbkdj
jjpcnfgcoahbhgmpbjoompcehdmleealgneghbpnaakffinnpagffdlfelfojnjbfokking
NNTP-Posting-Date: Tue, 25 Dec 2007 17:22:10 MST
Date: Wed, 26 Dec 2007 00:22:10 GMT
Xref: Hurricane-Charley alt.binaries.warez.ibm-pc.d:153877
X-Received-Date: Tue, 25 Dec 2007 17:22:10 MST (be02.lga)
-linux_lad <jo...@linuxlad.nospam.org> wrote in
news:rnmum39idbr590s3c...@4ax.com:
You stand corrected? Hehehe... No doubt, John, no Doubt.
And yes, you can only seed via the timer, unless you write your own
routines to do it for you.
>>See above, sir.
>
> That doesn't change the fact that a is zero does it?
a is a random number between 0 and whatever, sir. The (0) argument is for
compatability with gwbasic/basica, it does nothing in asic.
> I'll change my position. You are correct Dustin, you have no option
> but to mod the numbers because asic has no other mechanism for
> generating a determinate range. You are correct Dustin, and I'm wrong
> because I made the assumption that asic had more capability than it
> apparently has. This is another reason to learn new language.
This is pointless John, I knew coming into this I wasn't going to be the
one getting an education, but giving one. :)
You have made quiet a few assumptions about asic and myself, it's just
easier to debunk the ones concerning asic because I have the manual
available. I don't have to do any researching this way. :)
As I told you from the beginning, I know several different programming
langauges John, and I'll continue to program in the ones I enjoy using.
And asic is one of those languages. I like it, it doesn't matter to me if
you do or not. :)
>>>> Before you go too far along in your questioning of what little
>>>> source code of mine you do have access too, I'd strongly suggest
>>>> you grab a copy of the asic language and browse thru it's manual.
>>>> You'll find why I did some things in the way I did isn't my fault
>>>> or lack of skill, but a necessary evil when programming in asic.
>>>> *hehehe*.
>>>
>>> If you are unable to observe the most basic principles in software
>>> development due to specific limitations of the language, are you
>>> using the right one?
>>
>>I write in various languages, John. As apparently do you. You use each
>>one because it suits you for the task you have at hand, right?
>
> I strongly recommend abandoning asic. I apologize for slamming you on
> that code, I made too many assumptions about its capabilities. You had
> no choice there, it simply isn't possible to do what should be done in
> that language. That's another reason to move to a language that has
> more range.
I thank you John, and I accept your apology. And while I appreciate your
comments concerning Asic, I have heard similar before. Personally, I like
writing in it and I'll probably continue to do so; But at the same time,
I do periodically dabble in other languages.
>>
>>>>
>>>> I'm not ashamed of programming in the language either, sir. I still
>>>> write some code in it today. BugHunter is mostly programmed in
>>>> asic, although I have resorted to using some pure assembler for a
>>>> few things to speed up scan times.
>>>>
>>>> Asic is a very old compiler made for a very different audience of
>>>> programmers than what I typically run across today, John.
>>>>
>>>> >> Indeed, it is, and I agree completely.
>>>> >
>>>> > Finally, we agree on something!
>>>>
>>>> I'm sure you'd find we agree on many things, if you'd get your head
>>>> out of your ass and stop viewing me as competition of some sort.
>>>> I'm really not trying to compete with you. :)
>>>
>>> My head isn't in my ass Dustin. If you think I'm wrong you have a
>>> lot of learning to do young man.
>>
>>Would you like a copy of asic John? I'd be happy to provide a copy,
>>intact the way it was originally distributed by it's author.
>
> Actually, out of academic curiosity, I would like a copy.
Here ya go John:
http://bughunter.it-mate.co.uk/asic500.zip
I have several libraries written for it, many examples of source code
from various authors including myself. If you'd like, I'll be happy to
send that material along to you as well.
> It's a subset of basic and lacks some things that are considered
> primitive by modern standards.
It's actually a cross between basic and assembler. if you examined the
"commands" built into assembler, you'd find it lacking too I suspect. :)
> Neither of us are except for me ;)
LOL! :)
>>
>>>>
>>>> I have never, not once claimed, that you or anyone else couldn't
>>>> write something to do this, and I challenge you to find a post
>>>> where I've said otherwise.
>>>
>>> Your constant use of "non-coder", "script kiddy" and condescenion
>>> are evidence to the contrary.
>>
>>John, Again, I have not said what you attribute me to saying;
>>obviously. Your reading more than what's actually being written.
>>Various individuals here are not programmers, and have stated as much.
>>I don't think you can defend the remark non-coder in that case :) As
>>for script kiddy, well, I call them as I see them. It's a personal
>>opinion of mine, I believe that if you know more html than you do a
>>real programming language than your a script kiddy. If you don't fit
>>that bill, then I take it back.
>
> I don't know any html.
How would I have known this? heheh.
>>That's true, actually. You only need the executable. You don't
>>actually need the source code, and in fact, the executable will show
>>you more of what's actually happening inside than reading the source
>>code. Unless it's pure assembler or something, and SharkPost isn't.
>
> I completely disagree with this. You might be able to get some idea of
> what if going on and you may catch naughty things but you are going to
> have an extremely difficult time getting enough information to make a
> precise determination on the inner workings. For example, do you think
> you could successfully trace all the stuff that goes on inside a
> kernel? Or maybe PGP's math engine? As I explained before, there would
> be no software industry. Cisco and Juniper would not be able to exist,
> ditto for our friends in Redmond.
You can get a complete and total understanding of what the executable is
actually doing; which might not be what the author assumes it to be
doing, from the source code viewpoint.
Certainly having the source code makes life easier, but it's not
absolutely required, is all I've said.
>>You see software from a different angel than I do. I see it all as
>>useful, modifiable code.
>
> I see software as a way for me to do more work with less energy. More
> time to play golf and throw lead.
Well, I don't golf. :)
> I find terms like "non-coder" in the context it was used to be
> offensive. When you used "script-kiddy to describe me, that really
> pissed me off. Instead of say you're wrong, I wanted to demonstrate
> that you cannot defeat any protection I place on any executable. I say
> you can't crack me, I can back it up. I say all the scanning and
> awards scruting in the world amount to nothing if you don't know what
> to look for. I say that malware is not just what matches a signature,
> and I can back that up.
Agreed with all of it, just that. well, nobody disputed your original
claims to begin with. :)
> I have already conceded the point that you are limited in what you can
> do with asic. I still educated you on how to do it much faster and
> better, and it still does not change the fact that your algorithm was
> clumsy. It's just not your fault. I apologize for blaming you for your
> languages shortcomings.
hehehe.. You know what John, in an effort to end this silly and pointless
competition we seem to have going, I will accept this apology of sorts of
yours.
>
> <Xns99F6D1EB26F...@69.28.186.121>
>
> You were not writing to me, but it came up in a grep of that day's
> traffic for "linuxlad".
I think your taking it a littlebit out of context, there. I was speaking
in a wide angel if you will; I wasn't getting into specifics. Depending
on what you do/don't do could make cracking a difficult task indeed or an
easy one. I don't believe your lack of understanding any assembler tho in
this case helps.
>>You know bad work when you see it? Hehe, John. I know a horse's ass
>>when I'm writing to one, too. :)
>
> It's bad work, in a bad language. You also printed out some insult to
> someone at an av company in the same code. Are you kidding me?
Oh c'mon John, it's a 10 year old payload for a virus I never finished.
It was supposed to be a little console video game. Guess the block that
runs your program, take a chance on hitting one that kills it. LoL.
Have a sense of humour, won't you?
> When you want it done fast, use C. When you want it done right, use
> Perl. Words to live by, my friend.
language wars, I have no real interest in getting into. I use what I like
and what works for me. You continue to do the same, and I'm sure we will
both do well.
4Q
> Dustin Cook <bughunte...@gmail.com> wrote in
> news:Xns9A18D32589E...@69.28.186.121:
>
> > rnmum39idbr590s3c...@4ax.com
> >
> > Message ID, neat stuff.
> >
> >:)
> > Read as much of the thread as you'd like guys. Hehehehe. Enjoy that
> > crow!
> >
> > And please 4Q, keep the kman review hosted for awhile longer; I
> > haven't had time to rip it apart as nicely as I did to linuxlad, but I
> > will. :)
> >
> >
Really? I've never seen any of Kadaitcha
Mans code, I've seen plenty of your crap
but somehow I think KM will quite easily
tear you a new asshole if your plan is
to make some form of code competance
challenge. I'm looking forward to
seeing him squeeze the pips out of you,
good luck, hope you manage to save some
face, picking yourself up off the floor. ;]]
>
> The full post with headers. And let me know which tastes better with
> Crow, ketchup or Mustard. :)
>
What, are you smoking banana skins again?
This thread below is going to put a lot
of people off reading... If you want
people to read it properly then you
should break it up a bit and add pointers
But basically the guy is telling you
he made a mistake with his assumption
regarding shittyness of B'ASIC. And he
concludes that you should stop using
the B'ASIC crap and use a proper
programming language, i.e. "C" and just
incase you didn't know fucknut, B'ASIC
is written in "C", Borland's Turbo-C.
Now there are many reasons why a B'ASIC
beginner should change to a superior
language like C after an initial dabble
with the beginners toy. However the
explantion would be wasted on someone
like yourself, that has never coded
anything substantial or requiring more
than one cobble-coder to whackup some
crappy unstructured monolith.
However there is something you might
appreciate (from afar without
understanding) and that is to do ASM
code within C.
e.g.
int row, col;
{
regs.h.ah = 2;
regs.h.bh = 0;
regs.h.dh = row;
regs.h.dl = col;
int86(0x10, ®s, ®s);
}
very similar to how ASIC calls DOS
interupts.
Or in a more grown up way you could
even do some proper ASM in C for B'ASIC
void far func1(void)
asm{
mov ax,[bp+0x08] ;
mov es,ax ;
mov [bp+0x0a],bx ;
mov dx,0x09 ;
add ax,dx ;
mov bx,[bp+0x06] ;
mov es:[bx],ax ;
pop bp ;
retf ;
}
Hope your clueless arse isn't too confused, Dustfuck. ;]]
4Q
=======================