Hacking

having fun with

sh, perl, and python scripts
budi rahardjo @rahard

hacking
Hacking is the gaining of access (wanted or unwanted) to a
computer and viewing, copying, or crea:ng data (leaving a trace)
without the inten:on of destroying data or maliciously harming
the computer.
This represents the Good Guys most of the :me for they are the
ones who search for these exploits to prevent crackers use a
method called cracking(opposite of hacking).
Hacking and hackers are commonly mistaken to be the bad guys
most of the :me. Crackers are the ones who screw things over as
far as crea:ng virus, cracks, spyware, and destroying data.

18-Feb-2016

BR - hacking (2016)

hacker (hkr)
n. informal
1.

2.

a. One who is procient at using or programming a computer; a

computer bu
b. One who uses programming skills to gain illegal access to a
computer network or le.
Onewho demonstrates poor or mediocre ability, especially in a
sport: a weekend tennis hacker.

Word History: Computer programmers started using the word hacker in the
1960s as a posi:ve term for a person of skillful programming ability. The usage
probably derives from hack meaning "to chop," or from hacker, "an amateurish
player, as at golf." As :me went on, hacker became less posi:ve, however.
Already in the 1960s, engineering students at such universi:es as Cal Tech used
the related noun hack to mean "an ingenious prank." Among the pranks that
some computer programmers would engage in, of course, were break-ins into
other computer systems. As such break-ins aVracted na:onal aVen:on, the
media seized upon the word hacker as the label for the perpetratorsa usage
that many programmers object to because they know it used to be a term of
praise.
18-Feb-2016

BR - hacking (2016)

sh, bash,

SHELL SCRIPT

18-Feb-2016

BR - hacking (2016)

the history of sh
What is shell?
The history of UNIX
UNIX vs. *nix-like (*BSD, Minix, Linux, Hurd,)
sh, csh, ksh, bash, tcsh, zsh,

Shell programming
Orchestra:ng UNIX tools/u:li:es (which are
good at doing their stu)

18-Feb-2016

BR - hacking (2016)

Web-site/HTML (pre)processor
How to create a sta:c web site (for the
paranoids)?
Lots of pages/les
Need consistent look and feel/UI
Modify theme when needed
(Oine CMS)

18-Feb-2016

BR - hacking (2016)

Disec:ng a web page

HEAD (before :tle)
TITLE
HEAD (aner :tle)
BODY (naviga:on bar)
Content
BODY (end)
Core Javascript
18-Feb-2016

BR - hacking (2016)

process.sh

#! /bin/bash

cwd="/Users/Budi/Public/budi-insan2/src"
template="/Users/Budi/Public/budi-insan2/src"
output="/Users/Budi/Public/budi-insan2/out"
filename=$1
outfile=$output/$filename.html
echo "$outfile"
cat $template/1-head-before-title.html > $outfile
cat $cwd/$filename.title >> $outfile
cat $template/2-head-after-title.html >> $outfile
cat $template/3-body-nav-bar.html >> $outfile
cat $cwd/$filename.txt >> $outfile
cat $template/4-body-end.html >> $outfile
cat $template/5-core-javascript.html >> $outfile
18-Feb-2016

BR - hacking (2016)

Source directory
$ ls
1-head-before-title.html
2-head-after-title.html
3-body-nav-bar.html
4-body-end.html
5-core-javascript.html
about.title
about.txt
academics.title
academics.txt
articles.title
articles.txt
index.title
18-Feb-2016

index.txt
makalah-security.title
makalah-security.txt
new.title
new.txt
personal.title
personal.txt
struktur.txt
students.title
students.txt
template.html

BR - hacking (2016)

$ cat run.sh
#! /bin/bash
./process.sh index
./process.sh about
./process.sh academics
./process.sh articles
./process.sh new
./process.sh personal
./process.sh students
./process.sh makalah-security
18-Feb-2016

BR - hacking (2016)

10

PERL

18-Feb-2016

BR - hacking (2016)

11

What is perl?
Combina:on of sh, unix u:li:es, basic, C,
(kitchen sink)
Available for all kinds of plarorms
I was the maintainer for DOS port of perl
I had to use perl at that :me because I had
mul:ple plarorms (various UNIXes; SunOS,
AIX, HPUX, [Linux was not even born], and
DOS at home)
Only C and Perl were available
18-Feb-2016

BR - hacking (2016)

12

18-Feb-2016

BR - hacking (2016)

13

#! /usr/bin/perl

topic-generator.pl

$topicDB='topics.txt';
open(my $DB, '<', $topicDB) or die $!;
$count=0;
while (<$DB>) { if ($_ =~ "^--") { $count++; }
else { $topic{$count} = $topic{$count} . $_;} }
close($DB);
$luckyone = int(rand($count-1));
print $topic{$luckyone};
exit;
18-Feb-2016

BR - hacking (2016)

14

More perl scripts

TwiVer crawler
TwiVer analysis
Session hog (create
mul:ple connec:ons
to internet services,
DoS aVack)
Mailbomb
Perl poetry
[too many]
18-Feb-2016

BR - hacking (2016)

15

PYTHON

18-Feb-2016

BR - hacking (2016)

16

(Hologram) Client-Server App

An applica:on to determine users
character (by asking ques:ons) and display
the imaginary character of the person
Character is displayed as hologram
(video)
Server:
wait for command to display a par:cular video

Client:
ask user (ques:onaire), send result to server
18-Feb-2016

BR - hacking (2016)

17

Server
[see source code. A bit too long if pasted here.]

Basically, its a telnet-based server

Wait for a (telnet) connec:on in a certain
port and respond to the commands
Commands
play videoname.mp4 (play that video)
kill (kill the previous play)
quit (exit the telnet sever)
18-Feb-2016

BR - hacking (2016)

18

Client
[see source code on screen. Too long if typed here.]

Ask user based on ques:ons in ques:ons.txt le

Display the ques:ons using Tkinter
Based on user selec:on, calculate the point.
Based on this point, select the appropriate video
Telnet to the server with command play
videoname.mp4
When done, send quit command
Back into the loop

18-Feb-2016

BR - hacking (2016)

19

Future Applica:ons
Interac:ve video (adver:sing) display
Interac:ve games
Server can run in a cheap single board
computer (aVached to a TV screen)
Too many

18-Feb-2016

BR - hacking (2016)

20

Concluding Remarks
Hacking is fun. (No cracking please)

18-Feb-2016

BR - hacking (2016)

21