IWS - The Information Warfare Site
News Watch Make a donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

    
_________________________________________________________



Guide to (mostly) Harmless Hacking



Vol. 5 Programmers' Series



No. 4: How to Program in C, part 1

_________________________________________________________



New hackers have been going by the droves to the top two places to get

computer break-in programs: http://www.rootshell.com and

http://www.netspace.org/lsv-archive/bugtraq.html.  Then they try to stick

these things into the windows of their Web browsers, throw them at their

would-be victim computers via telnet and ftp, print them out and burn them

at altars.  OK, I'm exaggerating, but only a tiny bit. Their problem is that

they don't know how to use these exploit programs.

The reason for this cluelessness is that they don't know how to program.

To be specific, they don't know how to program in C on a Unix type computer!

The problem is that there are so many super easy ways to break into

computers, and so many hackers who never learned to program, that lots of

people assume it is all easy. But if you are serious about breaking into

well-defended computers, and especially if you are serious about learning

how to defend Unix type computers, you must learn how to write, patch and

compile C code into working programs.  

If you aspire to become an Uberhacker against Unix systems, you absolutely

MUST become a C programmer.  One heck of a good C programmer!

If you want to escape us playing practical jokes on you when you play

Hacker Wargames, you absolutely MUST become a C programmer.



**********************************************************

In this Chapter you will:



* Learn why you must be able to compile C programs if you want to patch

  security holes

* Learn how to link and compile C programs

* Write your first C program

* Discover that C can be fun and easy

* See a C exploit program explained

* Learn basics of porting C exploit programs so they will compile and run

successfully on your particular computer.

**********************************************************





In order to do this lesson, you must have a shell account, whether at an

ISP or by running some kind of Unix on your home computer.  DO NOT email us

asking how to get a shell account!  The answer is in the chapter "How to Get

a Good Shell Account."

Why is C the single most important programming language for a hacker to

learn? C is the language in which the Unix class of operating systems is for

the most part written.  It also is the language of almost all applications

that run on Unix.

As one of my hacker friends who insists on anonymity explains, both Unix

and C "were developed by the same team at Bell labs, and compliment each

other nicely.  Unix was not originally written in C, but was re-written in C

to make it easier to understand/maintain/debug and a lot of other reasons.

This was not without controversy, but it was Ritchie's decision (the

inventor of C), and I believe he was proven right."

Not surprisingly, then, most exploits are also written in C.  True, you

don't even need to learn to compile a C program to use these exploits -- if

you can get someone else to give you a version of that exploit compiled to

run on the type of operating system and shell you are planning to use for

the break-in. 



**********************************************************

Newbie note:  Wonder why there are all those "Free Kevin Mitnick" Web sites

in the haxor scene?  Many people think it is ludicrous to keep that man

behind bars because he was such a lame hacker that he apparently didn't even

know how to program.  In fact, there is evidence that he didn't even compile

his own C programs!  There are transcripts of him on IRC begging his friends

to compile programs for him.

**********************************************************



C is especially important for White Hat hackers because you don't have a

prayer of a chance to patch security holes in your computer unless you can

compile and run C programs to fix the problem parts of your operating system. 

Meino Christian Cramer adds, "And: using precompiled binaries/executables

is always a risk. Think of the ... viruses introduced to computers by simply

executing 'I-believe-it-has-no-virus'-programs. Using the source code

instead... you can check the code for "back doors" and 'traps' -- which

means you have to learn 'the one and only' C..." 

C also is good for hacking because it is able to run "low level" code as

part of its language.  In programming, "low level" means that you can play

with the most basic things on your computer, for example opening and closing

sockets or linking to the information on what sockets are open at any given

instant.



**********************************************************

Newbie note:  A socket is a round-trip or two-way network connection.  For

example, when you telnet into another computer's login sequence, you connect

to port 23 on that computer.  It completes a round-trip connection by

assigning some high number port, for example port 3587, to complete the

socket.  If you have a shell account on a good ISP, you can see everyone's

sockets by giving the "last" or "netstat" commands.

**********************************************************



Another important thing about C being a high level language that easily

incorporates low level (assembly language) commands is that you can write it

to run super fast. 





How to Turn C code into a Working Program



One of the great character flaws -- or is it strengths? -- of most hackers

is a burning desire to make something work RIGHT NOW, DARN IT!  Are you

ready to become a C programmer?  How about becoming one NOW!

The first thing you need is a C compiler.  While in your shell account,

give the command "cc".  If you get the message "command not found," try the

command "gcc" If these don't work, try "whereis cc" , "whereis gcc", "which

cc" (in Linux), "locate cc" or "locate gcc".  If none of those work,

complain to tech support at your ISP.  Don't email us, because we can't help

you with this problem!  If you have a free shell account, and it doesn't

offer a C compiler, maybe you should consider paying for a good shell account.

If these commands tell you where the C compiler is, try either changing to

that directory or including a path statement to that directory in your login

script.

So, are you ready to write your first C program?

At the prompt in your shell account, type "pico hello.c".  The command

"pico" brings up a super easy editing program.  All the commands are listed

at the bottom of the screen.  Even I could learn how to use pico in a few

minutes without help. 



********************************************************

Newbie note: Don't worry if you make mistakes with pico.  There is nothing

you can do to seriously hurt your computer unless you are root.  How do you

know if you are root?  If you have to ask this question -- you aren't:)

******************************************************** 



If you can't find pico, or if you are one of the rare people who hasn't

learned yet to program in C, yet who knows how to use a more advanced

editor, try "man vi" or "man emacs" to learn how to use a more powerful, but

harder to understand, editor.

At the prompt in your editor, type in these lines exactly the way they are

here.



#include



void main()

{

    printf( "Hello, hackers!\n" );

}



Next, save this program with the command "control-X". 

Now give the command "ls".  This will reveal that you now have a file named

"hello.c".  The "c" at the end of this file name identifies this as a file

containing C commands.  Congratulations, you are already halfway to making

your own C program.

However, at this point, if you type in the command "hello" or even

"hello.c", just like you would to run a shell script (program), nothing will

happen.  That is because this file is still just "source code," a listing of

commands that your computer doesn't understand.  This is different from

shell programs which only have commands that your computer already

understands without having to compile them first.  Shell programs are called

"interpreted" languages, meaning your computer can automatically interpret

the shell commands you give it. By contrast, C is a language that must be

compiled before you computer understands what you are asking it to do.

So our next step must be to compile hello.c.  Give the command:



cc hello.c



Or, if this doesn't work, give the command "gcc hello.c".  Throughout the

rest of this chapter we will assume "cc" is the correct command, so if you

need to give the command "gcc", please replace cc with gcc in everything below.



********************************

Wizard tip: Your system may offer a choice of C compilers.  On some systems

"cc" will run a compiler written by the company that also wrote the

operating system for your computer, while "gcc" will run the GNU C compiler.

Every C programmer I know says the GNU compiler is best.

*******************************



What this does is 

1) start your C compiler running with the "cc" command

2) with the  'hello.c" part of the command you tell the compiler where to

find the source code you just wrote.

3) the compiled program is, in most cases, automatically stored as a.out.

(If it wasn't stored as a.out in your case, you will get the solution to

your problem in a few more paragraphs.)



Now -- the big event.  Let's run your first program.  Simply give the

command "a.out".  Your computer should say back to you, "Hello, hackers!"

Congratulations!  You are now a C programmer.

Did your program not run?  Let's do some trouble shooting.  First, say over

and over again, "I love Unix.  I swear I do!  Honest!  I love C, too!"  Now

try to compile and run this program another way.  You start with the same

code as before, which is saved in the file "hello.c".  However, this time,

give the command:



cc -o hello hello.c



What this does is: 

1) start your C compiler running with the "cc" command using the -o switch.

A quick use of the command "man cc" tells us that the switch "-o" after the

"cc" tells your compiler to output the compiled version as a file with the

name of your choice.

2) the "hello" part of the command tells the compiler that this is what you

want to name your compiled program

3) with the  'hello.c" part of the command you tell the compiler where to

find the source code you just wrote which you input into the compiler.

Now -- simply give the command "hello".  Your computer should say back to

you, "Hello, hackers!"  Congratulations!  You are now a C programmer.

Still doesn't work?  Try giving the command "chmod 700 hello".  

STILL doesn't work?  This is a long shot, but maybe it will solve your

problem.  If your shell account is set up like mine, no program can execute

from the home directory.  It's a precaution I take against Trojans.

(Imagine this, sometimes meanies put surprises in my account.) However, I

have a directory named "bin" in my account.  Normally on Unix systems we

name directories that hold programs "bin".  On my account, that's where I

put the programs I write.  So look for a directory "bin" under the home

directory in your shell account.  If it doesn't exist, create it with the

command "mkdir bin".  Don't forget to give the command "chmod 700 ~/bin"

afterwards!  Move "hello" into it with the command "mv hello bin/hello".

STILL DOESN'T WORK???  Here's the bad news.  There are so many kinds of

Unix, and so many shells to interpret your commands, and so many ways to

configure Unixes -- I may not be able to solve your problem.  As the C bible

that we like to call simply "K&R" (The C Programming Language by Kernighan

and Ritchie) warns, "Just how to run this program depends on the system you

are using."  

So don't phone or email me for help.  Call tech support at your ISP!

That's what you are paying them for, right?  They WILL get your C program

working -- if they allow users to compile C programs.  You may even make

friends with the tech support guy you call, as it is really rare and usually

makes tech support guys happy when a customer asks a programming question

instead of the usual lame stuff.

However, before calling tech support, maybe you had better rewrite your

program first to say "Hello, world" instead of "Hello, hackers!" just in

case the tech guy you talk to is paranoid enough to kick you off for trying

to be a hacker.



"Hello, hackers!" Program Explained



So how did this program work?  Let's look it over line by line.  The first

line is "#include".  This simply tells the computer how to accept

input and make output ("stdio" is short for "standard input and output.")

If you were to leave this line out, the computer wouldn't know how to output

the message "Hello, hackers!."

The second line is "void main()".  It tells the computer this is the main

function under which all other C functions will run.  "Main"  might use many

other functions (programs) while it is running, in this case the stdio

program.  The "void" tells the program that it doesn't have to pass a value

to any other program when it is done running.  You don't have to write

"void" in front of "main()," but it's good programming practice.

The third line is just one character: "{".  This tells your computer to

expect the beginning of the main function.

The fourth line is "printf( "Hello, hackers!\n" );".  The "printf" command

tells the computer to use the stdio program to figure out how to print

something to your monitor screen.   "( "Hello, hackers!\n")" tells it what

to print: the words "Hello, hackers!" followed by  \n, which means "enter"

(or "new line").  You have to have a new line command so your program will

give a prompt back to you after it has run. 

The ";" tells the C compiler that this is the end of this command, that

whatever it sees next is the start of a new command.

The last character is "}" which simply means it is the end of the main

function.



Why C Exploit Programs Might not Work



Now comes the big question.  You download a bunch of exploit programs and

try to compile them and they don't work.  Aha, you have just discovered why

hacker gangs are so popular.  There are many groups of criminal hackers out

there who help each other out by figuring out how to compile exploits.  That

is how Kevin Mitnick got as far as he did -- he had his buddies compile

programs for him.

However, I presume you are reading this not to become a criminal, but

because you are willing to do a little work, and learn enough to not only

break into computers -- but learn how to defend them, too.  For this you

must become good at C programming.

Here's how to get good.



1) Buy the book The C Programming Language by Brian W. Kernighan and Dennis

M. Ritchie (Prentice Hall, second edition, 1988).  This is the Bible of C

programming.  Real hackers simply call it "K&R." You can get eliteness

points by responding to guys who talk reverently about "K&R" by saying, "Oh,

yes, Kernighan and Ritchie.  Brilliant book."  The reason this book is so

good is that one of the authors, Dennis Ritchie, is the creator of the C

language.  Valerie Henson adds, "K&R is almost magical in the way it

explains C.  I have strong feelings about this book. :)" You can buy it from

anywhere in the world at http://www.amazon.com.



2) You will quickly discover that no one book on C will tell you all the

possible commands.  If you want to learn as much as possible about C, you

need to study the source code of C programs you admire.  With each line, use

the "man 2" command while in your shell account to learn about it, for

example, "man 2 write". (This presumes your sysadmin has installed the man

pages for C.)  Then try writing some small programs to test each command to

make sure you understand what it does.  For examples of elegant C program

source code complete with explanations, get Internetworking with TCP/IP

Volumes 1,2 and 3, by Douglas Comer and David L. Stevens (Prentice Hall,

1995).  Volumes 2 and 3 are almost all C source code.



3) You will absolutely hate this.  Just as there are many kinds of Unix and

many different Unix shells, there is more than one version of C out there.

But help is on the way.  There is a version of C called ANSI C (for the ANSI

standards board) which is coming to be widely accepted.  All we have to do

now is persuade the people who write programs to break into computers to

adopt the ANSI C standard!



4) You might need to find some new friends who will help you figure out what

to do to successfully compile and run some obstreperous C program.  Try

enrolling in a course on C at a GOOD college or university.  However, talk

to the other students or the professors before you spend money signing up

for a course.  I swear this is true, one college teaches C using C for

Dummies as a textbook.  While that book may be helpful for home study --

surely a college professor can show his or her students enough respect to

teach from K&R!  However, if you can get a good college course, don't expect

to learn how to compile exploits from it!   What you can do is hang out with

students and teaching assistants and professors and meet people who can give

you help on how to modify programs so they will compile on your computer.

If you can't find a good college nearby, another possibility is to join a

Linux Users Group (LUG).  To find one in your neighborhood, see

(http://sunsite.unc.edu/LDP/).

Cramer suggests, "try to post question to newsgroups and mailing lists

(that discuss C programming). But ...   

Posting a question like "My hello.c prints 'Hello, good bye' instead of

'hello hackers -- what should I do?' to a mailing list -- say -- the Linux

kernel developers list, will give you -- hrmmm -- some interesting results..." 

Or get a job doing tech support at a local Internet Service Provider.

Usually there will be some talented C programmers working there.

Whatever you do, don't join a gang of computer criminals!  They usually

know much less about C programming than do computer science students, Linux

User Group members, and employees of ISPs.



5) Read Meino Christian Cramer's Guide to C programming at the Wargames page

on http://www.happyhacker.org.  Try emailing questions to him at the address

on that Web page. He gives a great overview of the most important concepts

in C programming, with some example programs for you to write.



_______________________________________________________________________

Where are those back issues of GTMHHs and Happy Hacker Digests? Check out

the official Happy Hacker Web page at http://www.happyhacker.org.

We are against computer crime. We support good, old-fashioned hacking of the

kind that led to the creation of the Internet and a new era of freedom of

information. But we hate computer crime.  So don't email us about any crimes

you have committed!  

To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless

Hacking, please email hacker@techbroker.com with message "subscribe

happy-hacker" in the body of your message. 

Copyright 1998 Carolyn Meinel.  You may forward, print out or post this

GUIDE TO (mostly) HARMLESS HACKING on your Web site as long as you leave

this notice at the end.

_________________________________________________________

Carolyn Meinel

M/B Research -- The Technology Brokers

http://techbroker.com