!Dustin Cook to do some olympic level ducking and diving! Re: (OT)Asic Source example

[4Q]

-linux_lad wrote:
> On Wed, 16 Jan 2008 16:56:48 GMT, Dustin Cook

The following has been reposted for a
wider audience. Watch Dustin Cook
(Kook of the Year candidate #19) do
some olympic standard ducking and diving
trying to avoid LinuxLad's questions.

Todays events include the mens 100 meter
dash in the opposite direction of
anything asked. The triple jump weaving
around any points made. And the discus
throwing temper tantrum when challenged
to prove it.

Expect good showing from the k00k team
baton relay race. This years lineup
Dimbulb, Dickhead, Dustbin and Apisshole.


here it is:
<repost>


<bughunter.dustin@gmail.com> wrote:

>-linux_lad <john@linuxlad.nospam.org> wrote in
>news:6bvqo31d5rvlo40oas2cdhv1edc9kbm8em@4ax.com :
>
>> I agree, the discussion here is about Asic.
>
>Okay then.
>
>>>Not true, I had to quote for you from the asic manual regarding mod
>>>command. the last time you tried to ehm, educate me concerning
>>>programming in it.
>>
>> If you had known, you would not have done it.
>
>*laughing*. Alright then. I'm not going to do a he/she said thing. We'll
>let this exchange portion stand as is.
>
>>>
>>>> Any benefit you gained by setting "a" to a random number was lost
>when
>>>> you mod 1 it because the value is now zero.
>>>
>>>Not true, again. If I simply set a=0 instead of what I did, the result
>>>is the same, but the code generated is not the same. IE: More junk
>code,
>>>more aggrivation for hueristic scanners. Another topic, you likely
>don't
>>>know jack **** about.
>>
>> From the point of view of the compiler, it does not matter what the
>> value of "a" was before you set it to zero by dividing it by 1.
>
>Actually, it does.
>
>The compiler will generate two seperate executables depending on whether
>or not you do
>a=1
>
>or
>
>a=6433
>a=a mod 1
>
>
>
>> you said
>> let a = 6433
>> let a = 6433 mod 1
>> so now "a" is zero. You made a trip to rand and then did some math for
>> an end result that added nothing to the functionality of the program.
>
>We are discussing Asic, specifically; when presenting source code, please
>use compilable source. Yours isn't to Asic syntax specification. *shrug*

It's your code dustin, I just used an arbitrary random number to
explain how it works.

Wrong:
a=rnd(0)
a=a mod 1

Right:
a=0

You say a=0 isn't correct syntax? You might want to take a look at
that manual you're fond of quoting.

>
>The source agreed, added nothing of any sort of functionality to the
>program. It did however generate do nothing code for a hueristic scanner
>to muddle thru; making the chances of not catching me even higher.

You don't know how hueristics work. Hueristic scanning looks for
certain passages that might be evidence of malware. An example of that
might be some code that connects to an IRC server then pulls and
extracts a file. Another example might be the instantiation of an smtp
server. In layman's terms hueristic scanning looks for telltale signs
of malware, not just a signature match. Hueristic engines are to AV
software what Spamassassin is to email. They look for stuff, score it
make a decision based on the final score.


>>
>> You are a well known troll, but you are an obscure virus writer. And
>> not a very good one either, I'll add.
>
>Oh, I'm known mainly for virus writing and back in the BBS days, for..
>ehm, well, other things. I intend to on changing those nasty aspects tho,
>with BugHunter. Regarding how well my viruses were written. *shrug*, the
>last one is 8 years old now, I have no real interest in continuing them,
>or providing functional code which could be abused.

Anyone can write a program which has undesirable effects. It takes
only tiny bit of skill for that. You were never a big security threat,
and are now just a footnote.

>
>As you have no knowledge of low level programming whatsoever, I'd be
>surprised if you could actually write a virus from scratch using a
>language that nobody else wrote one in, entirely on your own, without the
>benefit of any tutorials to guide you along the way. Heh. Then we could
>fairly compare on that aspect, without putting anyone's data at risk.

That implies I would have to write my own language, because I use
languages that are in wide global use. Anyone can embed shell commands
in an innocent looking application and destroy data. It's done by
accident all the time. You have the benefit of ten years in Asic and
are still unable to see why we mock you for refusing to move forward.
>
>Until then...
>>>Did I say any application could be reversed easily? No, I did not. I
>>>said it's entirely possible to reverse engineer damn near anything, and
>>>the warez/crack scene tends to support that claim.
>>
>> You have consistently claimed that you can make an accurate
>> determination of what goes on. While you may be able to form some
>> general ideas, you simply cannot form an accurate analysis on any
>> complex operations. If this were possible, it would be easy to turn
>> compiled binaries into source code.
>
>Source code for what language specifically john? You do understand, the
>computer doesn't actually (or even care) know visual c++ or perl, right?

Ok, one more time. Dustin, you continue to claim that you can make an
accurate determination on what happens in an executable file. You
might be able to get some general idea, but if you could read and
understand the inner workings of a compiled application (machine
code), you could reverse engineer any application.

Again, one more time:
You cannot make a complete and accurate assessment of a program's
behavior merely by disassembling it. In the case of a protected app,
you won't even see the whole thing. Reverse-engineering a large
commercial application is simply beyond the limits of technology at
this time. Just because you can find where the check for a working key
is and force it to return zero does not mean you can accurately
enumerate all of the functions. This is why no one has replicated
Cisco's or Microsoft's products and published the source code. It is
not technologically feasible at this time. If it were, why has no one
released a golden kernel for windows that completely bypasses all
license checks?

This fact is easily provable by asking you to disassemble a well known
file like a dll and then ask you to enumerate all of the functions and
classes, accurately.


>> Cracking a protected software package and making an accurate
>> determination on everything that's happening are two vastly different
>> things.
>
>Not always.
>
>>>
>>>You have no idea how virus writers/antivirus writers work, clearly.
>>>We've been doing this for a very long time, reversing each others work,
>>>for years. It's an ongoing battle.
>>
>> I have explained to you how it's done Dustin.
>
>No John. I'm sorry, but you've explained nothing of the sort.
>
>>>Name 3 commercial applications which have executable code uniquely
>>>protected by this key method you speak of, Please.
>>
>> SAS
>> DB2
>> Hyperion
>> QRM
>> NetApp
>> EMC
>> CiscoOS
>> SonicOS
>> HPOV
>
>*shrug* I'm not familiar with any of them.
>Thanks for the information. I'll check it out.

Ok, I'll help you out once again.

SAS is a very expensive business intelligence tool. It slices and
analyzes data from cubes for all kinds or reporting and forecasting. A
typical use of SAS would be for a retailer to analyze sales and
predict future sales performance. Many law enforcement agencies use
SAS to analyze and share data. Ditto for Hyperion.

QRM is a risk analysis application. It's most commonly found in the
finance an insurance industries. A typical use would be to source and
analyze market data cubes for pricing engines.

NetApp and EMC are the two most popular enterprise storage platforms.
If you ever work in mid-sized IT operations you will encounter at
least one of them. They both ship with a fully functional OS (linux)
which uses keys protected with the system ID to turn on various
functions like snap. The IBM family of enterprise storage DS servers
also use a public key mechanism to for module license management

Cisco is a network hardware provider which is perhaps the among the
most prominent networking hardware manufacturers in the world. The
enhanced features on their products (Cisco OS, AKA IOS) like netflows
are licensed via a public key infrastructure. Juniper licenses their
products in the same way.

HPOV is Hewlett Packard's "OpenView" product. It's family of network
monitoring and management tools that is ubiquitous in commercial
network operations. Very, very expensive. If you walk into just about
any data center in the world you will probably seen HPOV projected in
the control room.


>
>> Many digital cable and satellite systems are also protected with
>> public keys.
>>
>> Ok Dustin, class is in session again.
>>
>> Here's how apps are protected with public key technology.
>> Developer creates app with certain functions encrypted to the
>> project's public key. Those functions are encrypted and the function
>> simply returns null until decrypted in the protected memory block
>>
>> In general terms (and very limited detail):
>> user downloads and installs software
>> software generates unique machine ID
>> request license from vendor with unique machine ID
>> key is generated by vendor (part of the private key)
>> key encrypted with machine key supplied by user and sent back (usually
>> two or more levels)
>> key recieved and installed by user
>> key decrypted with unique machine ID
>> protected functions decrypted into protected memory
>>
>> unless the key is decrypted, those protected functions aren't ever
>> decrypted. You can disassemble until the cows come home. There is no
>> password to guess, you need the private key to get those functions
>> decrypted. No private key, no worky.
>
>Alright. Fine, from the time taken to crack crypto aspect; say I have to
>get a valid key. Once I do, tho, your ehm, in protected memory ready for
>the taking?

You do not understand the magnitude of the task. To make it easy, I
will post the public key and the ciphertext if you would like to give
it a try. That will remove all the other difficulties so you can focus
on obtaining the key. Want to give it a shot?


>> Please see above. Nothing is ever perfectly secure, but as far as
>> people like you are concerned, it is functionally secure.
>
>Sir, if software was crack proof as you claim to think, almost everyone
>would write crackproof software by now.

You seem to ignore everything that is not what you want to believe. I
just wrote four sentences above that nothing is ever perfectly secure.
In otherwords, probably anything can be cracked with enough resources.
One of the contributing factors in the popularity of many products is
the ease in which they could be pirated and and redistributed. How may
copies of SAS or Cisco floating around do you see? Do you see anyone
asking for a working SnapMirror key?

>
>> You will be reversing a licensing protection scheme, like it were some
>> piece of shareware that needed a license to activate all of its
>
>Crypto then...

Yes, and once again, I'll ask you to do some research on how software
copy protection is accomplished. Start with RSA.

>
>> features. The only value to you is that you will have proven you are a
>> cracker. In reality you will not accept the challenge and invent some
>> silly pretext because you may finally understand why this is not the
>> same as returning zero on a license check.
>
>Proven I'm a cracker? Wow. proven this to who exactly?

To yourself. None of us will buy it without proof.

>
>> You will have to be able to break a large RSA key. I don't think you
>> or anyone you know can.
>
>I don't think I or anyone I know or even don't know ever claimed they
>could. *laughing*.

You implied it would be trivial to crack my application. Would you
like a message ID to help refresh your memory?


>
>John, that's not true obviously. Another individual (Black Dragon I
>think?) mentioned how I did it, after you explained one of the programs
>mentioned that I used didn't exist for Windows; of course it does and
>someone (not me this time) laughingly had to point that out for you, but
>alas...

That does not change the fact that you didn't do it and in fact didn't
even know how.

>
>You asked in more specific terms how I analyzed the software, I stopped
>when you said a particular program didn't exist for windows. I mean,
>****... If the software's own website wouldn't convince you, how the hell
>am I going to be able too? heh heh.

A very minor oversight. Shows what I use windows for. Again, does not
change the fact that you did not do it.

>
>Ping 4Q: Are you paying attention bro? You sure picked a dense one this
>time.

If I'm dense, you're a black hole.

>
>
>
>As far as insulting people goes, hey, if you don't like what I say or how
>I say it, you can killfile me, or respond and just say so. Their is no
>need to talk **** and act like some billy badass is going to school
>little ol Dustin. Heh.

You have been schooled. It's up to you to decide how you use your
newfound knowlege.

>>>
>>>AHAHAHAHAHAHAAAHAHAHAHAHA.
>>
>> Not really funny, it's sad in my view, but if you want to bust out a
>> maniacal laugh, you have my permission.
>
>Oh, but it's very funny. You claim to have a more advanced skillset, but
>you don't know what is going on with the binary that is generated from
>your source code. You just don't see the irony.

I know it's talking to the API Dustin, the point I was trying to make
is that I was not doing the work, it was being done for me.


>
>>>I'm not sure it matters greatly to our discussion whether or not
>>>commercial applications have ever been written in asic.
>>
>> It matters because you have suggested it's the best language for the
>> projects you undertake. It matters because you want us to believe that
>> you have voluntarily chosen Asic over all the other superior languages
>> in the world. It matters because you use the term "non-coders" as an
>> insult.
>
>I have? Hmm, I think I said this once before; I use Asic because *I* like
>using it. It served me well in my virus writing career; and it's done
>good work for other things I use it for.

Fine, keep using it, but when you criticize anyone for using something
better, don't be surprised when you get what you deserve.


>
>Hmm. Are you just skimming my responses John? I already told you that
>Asic was never even a player, let alone contender in anything then;
>certainly not now. It's just a nifty language I picked up years ago, and
>have made good use of since. I've got several other obscure by your
>standards languages too, I suppose.
>
>By the way, you said that Asic only supports 4 math commands; that's only
>partially true. Asic allows direct communication at the hardware level;

So do most modern compliled languages.

>in english John, you can get the cpu to do other math functions such as
>xor, for you. For example:

What I said is that it supports a few math functions and the four
basic operations: add, subtract, multiply and divide. There are only
for operations in math, everthing else is a combination of one or more
of those operations. So what if you can talk at a low level? How is
this better than having a function that has already been vetted and
optimized?


>
>>>
>>>> I have only seen what you have posted. You can't even write your own
>>>> engine to recurse a folder. The app that you constantly ***** around
>>>> has no automatic update ability, new definitions are released
>>>> manually. What you should have done is pull the updates with a simple
>>>> http request, but I bet you didn't because you can't.
>>>
>>>BugHunter has no networking support of any kind. It doesn't talk to any
>>
>> I know. It can't.
>
>Not really true, it could; I choose for it not too.

Ok, post some working code to make an http request. You can't, and
what's worse, you, the low level coding guru have been caught in the
act of using other gnu software despite your criticisms of me for my
higher level software development skills.

>
>>>tcpip stack. How do you propose it should pull a simple http request
>>>from DOS? I chose to use locate.com for it's user flexability, not
>>
>> Not a lot of dos workstations around, but the you can talk to tcpip
>> from dos. Ever hear of BartPE? Modern languages also support system
>> calls so you can use the operating system to do some of your if your
>> language can't.
>>
>>>because I couldn't emulate what it does. See any ini file for details.
>>>Their's a reason bughunter uses it.
>>
>> I know. Another reason why you shouldn't be slamming me for using
>> modern languages.
>
>Nice, partial quoting. Here's what I actually said:
>"I chose to use locate.com for it's user flexability, not
>because I couldn't emulate what it does. See any ini file for details.
>Their's a reason bughunter uses it."

Your menu, by the way only offers four possible choices, and at least
two of those choices are exclusive of what locate.com does or does not
do, assuming you are telling the truth about the extent of your own
code.

Could it be that you are also using locate.com for the file deletion
too ("/K")? You have been spraying your low level skills about like
water in a burning house and it turns out that someone else's library
is doing 3/4 of that work?

I got curious and went to you home page, only to find that you were
also offering an online update tool (BHUPDATE), so I downloaded and
looked at it. Imagine my surprise when I found out that you are just
wrapping the windows port of wget with your own script.

After you called me a scrptkiddy for using perl, you have been caught
red-handed wrapping the GNU port of wget with a batch file.

Your work, Mr low level:

@echo off
echo Updating BugHunter...........wait
wget -N -o bugupdate.log http://bughunter.it-mate.co.uk/BUGHUN22.ZIP
find /i /n "not retrieving" bugupdate.log
if errorlevel 1 unzip -o bughun22.zip
echo.
echo Updating has been finished....Bye

You, Dustin Cook, the guy who has been bragging about being a low
level coder is using other people's work as a third party library
(three different executables in one application) and you dare to call
yourself a low level coder?


Busted.

>
>I'll make it easier for you, I can do what locate.com does, and remove
>the program entirely, if I wanted; I choose not too. Is that rewording
>easier for you, John?

I don't care what you do Dustin, I'm just pointing out that you
prattle on and on about the evils of HLL, and then choose to use
someone else's executable for something as simple as building a map to
the files you want to scan. You are also using the windows port of
wget to handle the updating. This is huge. You are pretending to be
low level coder and you are using an HLL strategy. In other words
Dustin, you are using a modern software development model -- exactly
what you criticize me for.


--
-linux_lad
http://www.spoofproof.org/verify.php...1f56f596804cd0


</repost>