You are not logged in.

#1 2005-06-13 20:40:05

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

underhanded C

from slashdolt:
http://www.brainhz.com/underhanded/

I wish I was sneaky enough to do this... maybe tossing digraphs around... and using iosb and things... hmmm

Offline

#2 2005-06-17 04:44:01

iBertus
Member
From: Greenville, NC
Registered: 2004-11-04
Posts: 2,228

Re: underhanded C

looks interesting... i always enjoyed trying out stuff like this... just for fun, of course.

Offline

#3 2005-06-17 04:56:39

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

Re: underhanded C

does someone has some simple image-processing sources in c (other than the one on the link), just to have something to fiddle with?

i never thought about this concept - putting malicious code in OPEN-SOURCE codes... this might be intresting enough, even on the human-level, just by defining malicious code with "#DEFINE innocent_statement malicious_stuff".
regarding the mentioned challenge, since the program is already dealing with unknown/unreadable data, adding some stuff to it (one might enlarge the buffer by 1 count, adding his fingerprint there...) should be fairly stright forward imho while not looking "malicious" at all smile

Offline

#4 2005-06-17 05:29:53

iBertus
Member
From: Greenville, NC
Registered: 2004-11-04
Posts: 2,228

Re: underhanded C

but extra points are awarded for being original and having something cool. also, it would be extra evil if personal info could be exported.

Offline

#5 2005-06-17 17:09:55

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: underhanded C

you could get creepy mathematical...

bust out the glibc sources... figure out what machine values they use for their rand seed generator, and perform some computation to get the original seed (it can be done, random numbers are *not* safe)

then, in the code, use a random number generator as part of a hash checking algorithm... that is, maybe convert the image twice and compare a custom "hash" which will then tag the image saying it passed validation (this will be your machine info)

Offline

#6 2005-06-17 20:05:32

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

Re: underhanded C

i was thinking about stenographics - its always nice to use, and might be nice to think of a way for concealing the info (color tables less than 128, to use their sign bit, etc).

Offline

Board footer

Powered by FluxBB