1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

Making your own security tools

Discussion in 'Ethical hacking Tips' started by vishal sharma, Jan 14, 2007.

  1. vishal sharma

    vishal sharma New Member


    So you have read tons of tutorials , guides , FAQ's and you have some kind of image of what computer security is ... The next logical step that you should make is to start learning a programming language . I'm not going to describe each language ( its advantages and disadvantages ) because there are tons of paper that cover that ... Instead i will focus on just one language : Perl ( Practical Extraction and Reporting Language ) .

    This language was written for manipulating text , but it has become one of the best languages available to programmers . You can write games , web applications , about everything you can think of . I wanna show you just how easy it is to write some security tools using Perl .

    I'm going to start with a port scanner ... for those of you that don't know what a port scanner is , here is a little definition : a port scanner is a program that checks if a certain port is open ( by connecting to it ).

    1.The port scanner

    # scanner.pl
    use strict;
    use warnings;
    use IO::Socket;
    map { my $s=IO::Socket::INET->new(PeerAddr=>$host,PeerPort=>$_);
    print "$_ - open\n" if $s } ($a..$b);
    That my friends is a very simple port scanner ! You can run it from your command line ( command prompt in windows or konsole in linux ) like this :

    perl scanner.pl host_to_scan starting_port ending_port

    2.The brute forcer

    Perhaps you gained access to some computers , or you're just testing a password to see how strong it is . One of the most used encryption method is the md5 algorithm ( it's also the one used by the Linux/Unix/BSD Operating System ).

    The md5 hash ( that's the name a password gets after it's being encrypted ) cannot be transformed back to its corresponding word . Let me give you an example : the word "security" after its md5 encryption will become the hash e91e6348157868de9dd8b25c81aebfb9 . Let's say you have the hash and you find out what word it is ... you would have to find a way to decrypt it , which isn't possible because md5 cannot be decrypted ... So that leaves you with the question : so how can i find out what word does a hash represent ? Well , since you can't decrypt it , why not try encrypting words and see if the resulting hash matches the hash we're trying to crack ?

    Here's the perl code that does that :

    # brute.pl
    use strict;
    use warnings; 
    use Digest::MD5 qw(md5_hex); 
    my $hash=shift || die "Give me a hash to crack\n";
    my $file=shift || die "Give me a dictionary file\n";
    open(F,$file) || die "can't open the file\n";
    	print "Processing $_";
    	my $t=md5_hex($_);
    	print " $t\n";
    	die "Found it -> $_\n" if($t eq $hash);
    Here's how you run it :

    perl brute.pl md5_hash_to_crack text_file

    So you would have to supply it with an md5 hash and a dictionary file ( that has words in it , one per line ) . The script will read each of the words , encrypt it and check if the hash matches the hash we're trying to crack . If it does , we found the word :) !
  2. ReekenX

    ReekenX New Member

    Nice tutorial!
    Last edited by a moderator: Jan 25, 2007
  3. shabbir

    shabbir Administrator Staff Member

    Confine links to signature only
  4. hanleyhansen

    hanleyhansen New Member

    Good tutorial!! I want to learn more about Perl. Do you have any book recommendations? Can you write regular Windows programs in Perl like you can in in VB or C#? Is it cross-platform?
  5. shabbir

    shabbir Administrator Staff Member

    Refer to the sticky thread in the PERL forum

Share This Page