Episode 4x02
From Hak5
Contents |
[edit] Spicy Reverse Engineering
[edit] Synopsis
Chris Gerling begins the reverse engineering series
Shannon tells us about openDNS
Matt talks to us about SpiceWorks
Christine gives us a cheap way to calibrate our dual (or more monitors).
[edit] Segment One - Reverse Engineering
Reverse engineering refers to working back through a program / model / any other form to figure out how everything actually occurs. This is a technique commonly applied by people who hack console based systems.
Chris statest the first way to reverse engineer software is to figure out how the program is structured, what you want to change in it, then get a text editor to modify values to allow things to happen. Chris gives the example of the Game Genie which hex edits the memory of old games. Darren gives another example of the games Gorilla and Nibbles that can be edited in QBASIC, although access to the source code for Gorilla and Nibbles is much more accessible than other programs. Get your DOS disks out and have a blast from the past.
Chris shows us that using IDA Pro and Notepad++ and strings it is possible to find and edit program values. Strings is a microsoft program, however IDA Pro does have support for determining strings within executables. The example Chris gives is that Notepad++ has a string that is the alphabet. Essentially it means the alphabet could be remapped, if the strings are edited.
Chris also shows off OllyDBG which is a debugging program. OllyDBG shows individual segments of codes, showing how each segment works.
The last program Chris shows off is URSoft W32 Dasm which is actually capable of figuring out how general computing code is put together, it is useful if you are unaware of which compiler was used for an executable - very similar to .NET reflector in the way it operates.
For more information on IDA Pro goto[ http://hex-rays.com/idapro/] For more information on Notepad++ goto [1] For more information on Strings goto [2] For more information on OllyDBG goto [3] For more information on URSoft W32 Dasm use google, there does not seem to be an official site
[edit] Segment Two - Spiceworks
Matt and Chris speak to us about Spiceworks, which is a Free IT Management software. It allows you to make an inventory of your systems, including what software they have, their IP addresses and other features.
The main feature Matt focuses on is network discovery for all devices instead of just windows machines.
Spiceworks is currently only available for windows. It may require port forwarding to work (for noobs: this means check your firewall settings and allow the program in the safe list).
Spiceworks has a web interface and as Matt shows he is able to find out a lot of data about machines within the network, including workgroup name, IP address, serial numbers, software and a lot of other things. Spiceworks will also monitor changes on devices in the network, the example Matt shows is the reduction in hard drive space being recognised.
One of the limitations Matt lists is that to get a full set of information about a machine you will need Administrator rights or root access to get the full set of information. If you are using a domain, this should not be too hard to achieve.
A great feature Spiceworks has is an inbuilt IT ticketing system. If anyone has ever worked in support, they will know how annoying these things can be. Since this is integrated into SpiceWorks it makes the process a whole heap easier.
For more information goto [4]
[edit] Segment Three - Calibrize
Christine speaks to us about getting our dual monitors Calibrized. What does this mean? There is a colour difference between your monitors unless the colours have been calibrized. However, there is a utility that gets rid of this problem. All you have to do is goto the Calibrize website.
This is useful as the Cast talks about for design work, I do web design every now and then and its surprising the difference between what you see on your screen and what the end users see. Using Calibrize, and linking to it on websites can ensure that you are actually seeing what you are seeing.
How does it work? - The show doesnt go too much into this, which is fair enough it isnt too complex. On Operating Systems default profiles are stored for different color settings, Calibrize's web interface calibrates your monitor to display the correct colors and then saves the changes to the profile.
This is also heaps useful because monitor calibrators are quite expensive, so its great that someone has made a free tool for this purpose.
Check out [5] for more info.
[edit] Segment Four - OpenDNS
Shannon talks to us about openDNS. For those who do not know DNS stands for Domain Name Server. What does this mean? It means that you can type www.hak5.org to get to the hak5 website instead of http://75.126.127.87.
There are a few people who I have spoke to who have actually made Caching Domain servers - openDNS works off the same principle, but they have taken it one step further giving people free access to there DNS servers.
Some people might be asking why this may be of use - well if you are like me and on the internet a fair bit you would have noticed sometimes that you can not connect to websites using there site name, however if you luckily had a ping open that was pinging some site, you can access the web using an IP address.
OpenDNS allows you to rely on a DNS server not provided by your ISP, therefore if your ISP's DNS crashes, you still have OpenDNS and access to the tubes.
OpenDNS is more than just DNS however, as Shannon shows us OpenDNS allows us to customize the way DNS works, allowing automatic typing correction, branded google search, name linking (example given is banana links to disney.com). The word/phrase linking to a site can be done on Firefox however, if you set it up on OpenDNS it will work for ALL clients, pretty cool or at least I think so.
How do you set it up? You can either specify the DNS through your network connections on your operating system but I suggest a better way to do it, is to login to your modem/router and set the Primary and DNS servers to the server IP addresses provided by openDNS.
OpenDNS also has great instruction sets for doing this, so go check it out.
OpenDNS: [6]