February 10, 2010
Projects
Wow, to quiet here. No updates since nov 23. This blog is dead... hey wait... this is MY blog... WTF!! ^_^
Well let´s share my projects. Currently in working on a bunch of projects, most of them related to malware or anon networks.
In my top priorities is my Darknet project. A P2P, decentralized and anonymous botnet. It´s in a very early development state but it´s being updated and most of all it´s core is being reviewed and thinked as much as I can so no vaporware in here ;) This network will be up and running and I´ll get some fun with it until it get bored and them I´ve to move on.... :P
Let´s see the two main features of this Darknet:
Second project that captures all my attention is my ´Advanced virus programming´ series of tutorials- I´d only released a single tutorial about all forms of injections I know. It was pretty small in terms of words. But to compensate there were lot and lots of code. All in assembly and pretty straight forward IMHO. And it was my intention that people GET in the CODE! Not just in the theory... I think it´s the best way to learn: Practice.
Well when I can get some time to write next tutorials for this series I´ll try to put some more words and theory but no to much XD. There will come:
And well those are the two main projects I´ve in my to-do list since I´m really currently working on a Apache, PHP web project (that you don´t want to know :P).
Well let´s share my projects. Currently in working on a bunch of projects, most of them related to malware or anon networks.
In my top priorities is my Darknet project. A P2P, decentralized and anonymous botnet. It´s in a very early development state but it´s being updated and most of all it´s core is being reviewed and thinked as much as I can so no vaporware in here ;) This network will be up and running and I´ll get some fun with it until it get bored and them I´ve to move on.... :P
Let´s see the two main features of this Darknet:
- Secure communication between peers. This is done establishing a secure, encrypted, way for data exchange. This will be transparent to the peers; relaying on the network layer of the protocol. As a short description peers will:
- Generate a pair of pub/private keys. This is my main problem ´till now because I´ve to build a good bignum library to work with to generate valid and secure pub/priv key pairs.
- Establish a ephemeral key for symmetric encryption following Diffie-Hellman Key Exchange Agreement. I´d already coded a keygenme to uses Diffie-hellman protocol so I only have to use that library and update it with appropriate, secure keys.
- Encrypt and send the ephemeral keys. With the ephemeral keys now available for symmetric encryption we can exchange data unreadable by third parties. Of course MIM attacks can be achieved since the protocol it´s by it´s nature insecure (all of them). But, of course, it only can affect individual nodes in the network.
- Anonymous routing. This is send and receive data with no hints of who is requesting or who is send such data. Similar to Freenet routing idea (in fact it comes from that). This way botnet owners can be tracked down when sends orders or updates to nodes.
- Node A sends a request for a file to Node B.
- Node B check that request and if it doesn´t have that file It re-routes the request.
- Node B sends a request for a file to Node C.
- Node C owns that file and returns the query to Node B
- Node B knows that query had came from Node A so it re-routes the send to Node A
Second project that captures all my attention is my ´Advanced virus programming´ series of tutorials- I´d only released a single tutorial about all forms of injections I know. It was pretty small in terms of words. But to compensate there were lot and lots of code. All in assembly and pretty straight forward IMHO. And it was my intention that people GET in the CODE! Not just in the theory... I think it´s the best way to learn: Practice.
Well when I can get some time to write next tutorials for this series I´ll try to put some more words and theory but no to much XD. There will come:
- Entry Point Obscuring. Various forms I know about EPO. A good and interesting technique to avoid AVs detection.
- Self-mailing worms. I´d still need to work with MX servers to get something working. But anyways It´s pretty interesting to see.
- IRC-based botnets. I´d already coded a simple, understandable plug-ing based IRC botnet for the tutorial. I just need to WRITE it.
And well those are the two main projects I´ve in my to-do list since I´m really currently working on a Apache, PHP web project (that you don´t want to know :P).
0 comments:
Post a Comment